6 commits

Author	SHA1	Message	Date
senke	113210734c	chore(infra): J6 — mark 3 dormant docker-compose files as deprecated ... Audit cross-checked against active composes shows three dormant compose files that duplicate functionality already covered by the canonical docker-compose.{,dev,prod,staging,test}.yml at the repo root. None are referenced from Make targets, scripts, or CI workflows. They have diverged from the active set (different ports, older Postgres version, no shared volume names, etc.) and are a footgun for new contributors. Files marked DEPRECATED with a header pointing at the canonical compose to use instead: veza-stream-server/docker-compose.yml Standalone stream-server compose. Same service is provided by the root docker-compose.yml under the `docker-dev` profile. infra/docker-compose.lab.yml Lab Postgres on default port 5432. Conflicts with a host Postgres on most setups; root docker-compose.dev.yml uses non-default ports for a reason. config/docker/docker-compose.local.yml Local Postgres 15 variant on port 5433. Redundant with root docker-compose.dev.yml (Postgres 16, project-wide port mapping). Not in this commit (intentionally limited J6 scope, per audit plan "verify, don't refactor"): - No `extends:` consolidation across the active composes — that is a 1-2 day refactor on its own and not a v1.0.4 concern. - The five active composes were syntactically validated locally (docker compose config); production and staging both require operator-injected env vars (DB_PASS, S3_*, RABBITMQ_PASS, etc.) which is the intended behavior, not a bug. - Cross-compose audit confirms zero references to the removed chat-server or any other dead service / image. Only one residual deprecation warning across all active composes: the obsolete `version:` field on docker-compose.{prod,test,test}.yml — cosmetic, not blocking. - Test suite verification (Go / Rust / Vitest) deferred to Forgejo CI rather than re-running locally. The pre-push hook + remote pipeline will gate the next push. Follow-up candidates (not blocking v1.0.4): - Delete the three deprecated files once a 2-month grace period confirms no local dev workflow references them. - Drop the obsolete `version:` field across the active composes. Refs: AUDIT_REPORT.md §6.1, §10 P7	2026-04-15 12:58:39 +02:00
senke	73eca4f6ad	feat: backend, stream server & infra improvements ... Backend (Go): - Config: CORS, RabbitMQ, rate limit, main config updates - Routes: core, distribution, tracks routing changes - Middleware: rate limiter, endpoint limiter, response cache hardening - Handlers: distribution, search handler fixes - Workers: job worker improvements - Upload validator and logging config additions - New migrations: products, orders, performance indexes - Seed tooling and data Stream Server (Rust): - Audio processing, config, routes, simple stream server updates - Dockerfile improvements Infrastructure: - docker-compose.yml updates - nginx-rtmp config changes - Makefile improvements (config, dev, high, infra) - Root package.json and lock file updates - .env.example updates Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-18 11:36:06 +01:00
senke	9cd0da0046	fix(v0.12.6): apply all pentest remediations — 36 findings across 36 files ... CRITICAL fixes: - Race condition (TOCTOU) in payout/refund with SELECT FOR UPDATE (CRITICAL-001/002) - IDOR on analytics endpoint — ownership check enforced (CRITICAL-003) - CSWSH on all WebSocket endpoints — origin whitelist (CRITICAL-004) - Mass assignment on user self-update — strip privileged fields (CRITICAL-005) HIGH fixes: - Path traversal in marketplace upload — UUID filenames (HIGH-001) - IP spoofing — use Gin trusted proxy c.ClientIP() (HIGH-002) - Popularity metrics (followers, likes) set to json:"-" (HIGH-003) - bcrypt cost hardened to 12 everywhere (HIGH-004) - Refresh token lock made mandatory (HIGH-005) - Stream token replay prevention with access_count (HIGH-006) - Subscription trial race condition fixed (HIGH-007) - License download expiration check (HIGH-008) - Webhook amount validation (HIGH-009) - pprof endpoint removed from production (HIGH-010) MEDIUM fixes: - WebSocket message size limit 64KB (MEDIUM-010) - HSTS header in nginx production (MEDIUM-001) - CORS origin restricted in nginx-rtmp (MEDIUM-002) - Docker alpine pinned to 3.21 (MEDIUM-003/004) - Redis authentication enforced (MEDIUM-005) - GDPR account deletion expanded (MEDIUM-006) - .gitignore hardened (MEDIUM-007) LOW/INFO fixes: - GitHub Actions SHA pinning on all workflows (LOW-001) - .env.example security documentation (INFO-001) - Production CORS set to HTTPS (LOW-002) All tests pass. Go and Rust compile clean. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-14 00:44:46 +01:00
senke	eb2862092d	feat(v0.10.6): Livestreaming basique F471-F476 ... - Backend: callbacks on_publish/on_publish_done, UpdateStreamURL, GetByStreamKey - Nginx-RTMP: config infra, docker-compose service (profil live) - Frontend: stream_url dans LiveStream, HLS.js dans LiveViewPlayer, état Stream terminé - Chat: rate limit send_live_message 1 msg/3s pour rooms live_streams - Env: RTMP_CALLBACK_SECRET, STREAM_HLS_BASE_URL, NGINX_RTMP_HOST - Roadmap v0.10.6 marquée DONE	2026-03-10 10:21:57 +01:00
senke	ae586f6134	Phase 2 stabilisation: code mort, Modal→Dialog, feature flags, tests, router split, Rust legacy ... Bloc A - Code mort: - Suppression Studio (components, views, features) - Suppression gamification + services mock (projectService, storageService, gamificationService) - Mise à jour Sidebar, Navbar, locales Bloc B - Frontend: - Suppression modal.tsx deprecated, Modal.stories (doublon Dialog) - Feature flags: PLAYLIST_SEARCH, PLAYLIST_RECOMMENDATIONS, ROLE_MANAGEMENT = true - Suppression 19 tests orphelins, retrait exclusions vitest.config Bloc C - Backend: - Extraction routes_auth.go depuis router.go Bloc D - Rust: - Suppression security_legacy.rs (code mort, patterns déjà dans security/)	2026-02-14 17:23:32 +01:00
okinrev	87c6461900	report generation and future tasks selection	2025-12-08 19:57:54 +01:00