5 commits

Author	SHA1	Message	Date
senke	7cb4ef56e1	feat(v0.912): Cashflow - payment E2E integration tests ... - Add MarketplaceServiceOverride and AuthMiddlewareOverride to config for tests - Wire overrides in routes_webhooks and routes_marketplace (authForMarketplaceInterface) - payment_flow_test: cart -> checkout -> webhook -> order completed, license, transfer - webhook_idempotency_test: 3 identical webhooks -> 1 order, 1 license - webhook_security_test: empty secret 500, invalid sig 401, valid sig 200 - refund_flow_test: completed order -> refund -> order refunded, license revoked - Shared computeWebhookSignature helper in webhook_test_helpers.go - SetMaxOpenConns(1) for sqlite :memory: in idempotency test to avoid flakiness Ref: docs/ROADMAP_V09XX_TO_V1.md v0.912 Cashflow	2026-02-27 20:00:51 +01:00
senke	51984e9a1f	feat(security): v0.901 Ironclad - fix 5 critical/high vulnerabilities ... - OAuth: use JWTService+SessionService, httpOnly cookies (VEZA-SEC-001) - Remove PasswordService.GenerateJWT (VEZA-SEC-002) - Hyperswitch webhook: mandatory verification, 500 if secret empty (VEZA-SEC-005) - Auth middleware: TokenBlacklist.IsBlacklisted check (VEZA-SEC-006) - Waveform: ValidateExecPath before exec (VEZA-SEC-007)	2026-02-26 19:34:45 +01:00
senke	6d1d861a52	feat(commerce): wire TransferService in marketplace and webhook routes	2026-02-23 22:55:39 +01:00
senke	92f432fb9e	chore: consolidate pending changes (Hyperswitch, PostCard, dashboard, stream server, etc.)	2026-02-14 21:45:15 +01:00
senke	d1bbd23936	refactor(api): extract route setup functions into dedicated files	2026-02-14 18:04:37 +01:00