senke/veza
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
2343 commits 37 branches 94 tags 1.5 GiB
Commit graph

2343 commits

This branch
This branch
All branches
Author SHA1 Message Date
senke
2efaa1432b test: fix and improve unit tests across multiple features 
Fix mocking issues, add missing test cases, and align tests with
current component APIs for analytics, chat, marketplace, player,
playlists, settings, tracks, and auth features.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-25 23:34:42 +01:00
senke
4247e2b76b fix(ui): fix sidebar scrollbar visibility and tooltip width in collapsed mode 
Add wrapperClassName prop to Tooltip for full-width layout in sidebar.
Hide scrollbar when sidebar is collapsed, show custom scrollbar when open.
Fix logout button gap in collapsed sidebar.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-25 23:34:17 +01:00
senke
4d4bfc5452 fix(e2e): prepend CONFIG.baseURL in all audit test page.goto calls 
Fix 11 page.goto() calls in 6 test files that used relative URLs
without baseURL (incompatible with @chromatic-com/playwright).

Functional audit: 44/50 pass (6 test-level issues, not app bugs)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-25 14:26:09 +01:00
senke
441cb02233 fix(a11y): fix heading hierarchy h1→h3 gaps on 8 pages 
Changed h3 section titles to h2 on pages where they directly follow the page h1:
- Library: empty state heading
- Queue: "Now Playing" + "Up Next"
- Search: discovery sections + results sections
- Profile: "About" + "Links"
- Sessions: card title
- Notifications: date group headers

Also: add 'api' binary to .gitignore

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-25 10:14:18 +01:00
senke
0ceb98c322 fix(a11y): fix primary button contrast ratio + tap-target test false positives 
- Fix --sumi-text-inverse: #13110f → #f5f0e8 (was dark-on-dark)
  Primary buttons now have ~4.8:1 contrast ratio (WCAG AA pass)
  Affects: Sign In, Register, all primary action buttons

- Tap-target test: skip sr-only elements (intentionally invisible)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-25 09:53:51 +01:00
senke
6dcbcb6e6a fix: align API endpoints, fix visual overlaps, improve e2e tests 
API alignment:
- Analytics: useAnalyticsView calls /creator/analytics/dashboard (real data)
- Chat: chatService uses /conversations + WS from backend token
- Dashboard: StatsSection uses real /dashboard API data
- Settings: suppress 2FA toast when endpoint unavailable
- Marketplace: seed uses 'active' status, admin follows all creators

Visual fixes (from pixel-perfect audit tests):
- Sidebar: min-h-0 on nav for proper flex scroll boundary
- TrackCard: increased action button spacing (gap-3, shrink-0)
- Register: flex-wrap on terms links to prevent overlap
- Discover: pb-36 for player bar clearance

E2E test improvements:
- helpers.ts: prepend CONFIG.baseURL for absolute URLs
- visual-helpers.ts: skip elements clipped by overflow or outside viewport

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-25 08:35:44 +01:00
senke
d177ead617 fix(ui): resolve 3 visual overlap bugs + fix e2e test base URLs 
Visual fixes found by pixel-perfect audit tests:
- Sidebar: add pb-4 to nav to prevent Community/Settings overlap
- TrackCard: add pr-14 to action overlay to prevent play/more button overlap
- Layout: increase --main-offset-bottom to 9rem for player bar clearance

Test infra:
- Fix helpers.ts to prepend CONFIG.baseURL for @chromatic-com/playwright
  compatibility (page.goto needs absolute URLs)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-25 02:53:47 +01:00
senke
6fad0ad68d fix: stabilize frontend — 98 TS errors to 0, align API endpoints, optimize bundle 
- Fix 98 TypeScript errors across 37 files:
  - Service layer double-unwrapping (subscriptionService, distributionService, gearService)
  - Self-referencing variables in SearchPageResults
  - FeedView/ExploreView .posts→.items alignment
  - useQueueSync Zustand subscribe API
  - AdminAuditLogsView missing interface fields
  - Toast proxy type, interceptor type narrowing
  - 22 unused imports/variables removed
  - 5 storybook mock data fixes

- Align frontend API calls with backend endpoints:
  - Analytics: useAnalyticsView now calls /creator/analytics/dashboard (was /analytics)
  - Chat: chatService uses /conversations (was mock data), WS URL from backend token
  - Dashboard StatsSection: uses real /dashboard API data (was hardcoded zeros)
  - Settings: suppress 2FA toast error when endpoint unavailable

- Fix marketplace products: seed uses 'active' status (was 'published')
- Enrich seed: admin follows all creators (feed has content)

- Optimize bundle: vendor catch-all 793KB→318KB gzip (-60%)
  Split into vendor-charts, vendor-emoji, vendor-swagger, vendor-media, etc.

- Clean repo: remove ~100 orphaned screenshots, audit reports, logs from root

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-24 21:18:49 +01:00
senke
c5f13db195 feat: add pre-launch landing page at /launch
Some checks failed
Frontend CI / test (push) Failing after 0s
Details
Storybook Audit / Build & audit Storybook (push) Failing after 0s
Details 
Sumi-e ink wash aesthetic landing page with:
- Hero section with Talas branding and email capture
- Three value proposition cards (Open Hardware, Ethical Platform, Community)
- Condenser microphone product teaser
- Veza platform feature grid
- Bottom CTA with email subscription (POST /api/v1/newsletter/subscribe)
- Framer Motion scroll-triggered animations
- Fully responsive, accessible, public route (no auth required)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-23 19:13:20 +01:00
senke
463ad5386b test: update e2e test suite and add audit tests 
Refine auth, player, tracks, playlists, search, workflows, edge cases,
forms, responsive, network errors, error boundary, performance, visual
regression, cross-browser, profile, smoke, storybook, chat, and session
tests. Add audit test suite (accessibility, ethical, functional, design
tokens). Update test helpers and visual snapshots.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-23 16:06:26 +01:00
senke
79220284d7 chore: infrastructure — docker, makefile, dependencies 
Update docker-compose configs (dev + main). Refine infra makefile.
Update npm dependencies.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-23 16:05:48 +01:00
senke
23487d8723 feat: backend — config, handlers, services, logging, migration 
Update RabbitMQ config and eventbus. Improve secret filter logging.
Refine presence, cloud, and social services. Update announcement and
feature flag handlers. Add track_likes updated_at migration. Rebuild
seed binary.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-23 15:46:57 +01:00
senke
fc58d89606 feat: UI components, services, utils, i18n, and routing 
Update shared components (ComingSoon, SelectTrigger, AnnouncementBanner,
modals, social cards). Add usePatina hook. Refine API services, error
handling, query invalidation, state management. Update i18n strings
(en/fr/es). Update routing and app configuration.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-23 15:46:42 +01:00
senke
f1457e845b feat: frontend pages and feature modules polish 
Update dashboard (stats, recent tracks/activity), discover, distribution,
education, feed, subscription, support, search, settings, live, cloud,
analytics, auth, chat, social, tracks, playlists, presence, upload,
and library manager. Consistent UI patterns and error handling.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-23 15:46:21 +01:00
senke
3b065c8f8a feat: player — controls, audio analyser, spectrum, queue 
Enhance player components (GlobalPlayer, PlayerControls, PlayerExpanded,
PlayerQueue, PlayerBarRight, PlaybackSpeedControl). Refactor audio and
spectrum analyser hooks. Update player service and store.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-23 15:45:59 +01:00
senke
e0ca034daf feat: design system, theme, and layout improvements 
Update color tokens, motion, spacing, typography. Enhance ThemeProvider
and ThemeSwitcher. Refine layout components (Header, Sidebar, Navbar,
MobileBottomNav, DashboardLayout). CSS overhaul in index.css.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-23 15:44:37 +01:00
senke
f1f3bfe5de chore: update gitignore — exclude local files and test audio 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-23 15:44:17 +01:00
senke
d5bfe4a558 docs: add project documentation, logging config, status script
Some checks failed
Backend API CI / test-unit (push) Failing after 0s
Details
Backend API CI / test-integration (push) Failing after 0s
Details
Frontend CI / test (push) Failing after 0s
Details
Storybook Audit / Build & audit Storybook (push) Failing after 0s
Details 
- docs/VEZA_PROJECT_DOCUMENTATION.md
- config/logging.toml
- status.sh utility script

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-18 11:36:36 +01:00
senke
20a16f7cbe test: add comprehensive e2e test suite (34 spec files) 
New tests/e2e/ suite covering:
- Auth, navigation, player, tracks, playlists
- Search, discover, social, marketplace, chat
- Accessibility, API, workflows, edge cases
- Routes coverage, forms validation, modals
- Empty states, responsive, network errors
- Error boundary, performance, visual regression
- Cross-browser, profile, smoke, upload
- Storybook, deep pages, visual bugs
- Includes fixtures, helpers, global setup/teardown
- Playwright config and coverage map

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-18 11:36:22 +01:00
senke
73eca4f6ad feat: backend, stream server & infra improvements 
Backend (Go):
- Config: CORS, RabbitMQ, rate limit, main config updates
- Routes: core, distribution, tracks routing changes
- Middleware: rate limiter, endpoint limiter, response cache hardening
- Handlers: distribution, search handler fixes
- Workers: job worker improvements
- Upload validator and logging config additions
- New migrations: products, orders, performance indexes
- Seed tooling and data

Stream Server (Rust):
- Audio processing, config, routes, simple stream server updates
- Dockerfile improvements

Infrastructure:
- docker-compose.yml updates
- nginx-rtmp config changes
- Makefile improvements (config, dev, high, infra)
- Root package.json and lock file updates
- .env.example updates

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-18 11:36:06 +01:00
senke
4b57b46bac feat: frontend improvements — UI polish, player bar, auth flow, i18n 
- Header, Sidebar, Toast, Dropdown, EmptyState component refinements
- Auth flow: LoginPage, RegisterPage, AuthInput, AuthLayout improvements
- Player bar: glass effect, progress, track info, controls enhancements
- Dashboard, Discover, Search pages updates
- PlaylistCard, TrackCard component improvements
- Auth store and API interceptors hardening
- i18n: updated en/es/fr locale files
- CSS additions in index.css
- Package.json and vite config updates

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-18 11:35:44 +01:00
senke
f047276362 chore: cleanup old e2e tests, playwright configs, reorganize down migrations 
- Remove old apps/web/e2e/ test suite (replaced by tests/e2e/)
- Remove old playwright configs (smoke, storybook, visual, root)
- Move down migrations to veza-backend-api/migrations/rollback/
- Remove stale test results and playwright report artifacts

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-18 11:35:26 +01:00
senke
ba04bd45a0 chore: update .gitignore — exclude binary, debug screenshots, MCP config 
- Add veza-backend-api/veza-api (99MB ELF binary) to gitignore
- Add root-level debug/test screenshot patterns
- Add .mcp.json (local MCP config)
- Remove veza-api binary from tracking

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-17 17:43:04 +01:00
senke
5eba30d9c2 Merge branch 'fix/v0.12.6-pentest-remediations' into main 2026-03-14 00:45:07 +01:00
senke
9cd0da0046 fix(v0.12.6): apply all pentest remediations — 36 findings across 36 files 
CRITICAL fixes:
- Race condition (TOCTOU) in payout/refund with SELECT FOR UPDATE (CRITICAL-001/002)
- IDOR on analytics endpoint — ownership check enforced (CRITICAL-003)
- CSWSH on all WebSocket endpoints — origin whitelist (CRITICAL-004)
- Mass assignment on user self-update — strip privileged fields (CRITICAL-005)

HIGH fixes:
- Path traversal in marketplace upload — UUID filenames (HIGH-001)
- IP spoofing — use Gin trusted proxy c.ClientIP() (HIGH-002)
- Popularity metrics (followers, likes) set to json:"-" (HIGH-003)
- bcrypt cost hardened to 12 everywhere (HIGH-004)
- Refresh token lock made mandatory (HIGH-005)
- Stream token replay prevention with access_count (HIGH-006)
- Subscription trial race condition fixed (HIGH-007)
- License download expiration check (HIGH-008)
- Webhook amount validation (HIGH-009)
- pprof endpoint removed from production (HIGH-010)

MEDIUM fixes:
- WebSocket message size limit 64KB (MEDIUM-010)
- HSTS header in nginx production (MEDIUM-001)
- CORS origin restricted in nginx-rtmp (MEDIUM-002)
- Docker alpine pinned to 3.21 (MEDIUM-003/004)
- Redis authentication enforced (MEDIUM-005)
- GDPR account deletion expanded (MEDIUM-006)
- .gitignore hardened (MEDIUM-007)

LOW/INFO fixes:
- GitHub Actions SHA pinning on all workflows (LOW-001)
- .env.example security documentation (INFO-001)
- Production CORS set to HTTPS (LOW-002)

All tests pass. Go and Rust compile clean.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-14 00:44:46 +01:00
senke
2a80cb4d2f feat(v0.12.6): update pentest deliverables with comprehensive 36-finding audit 
Expanded from initial 14-finding analysis to full 36 findings after
6 specialized audit agents completed deep analysis.

- PENTEST_REPORT: 5 CRITICAL, 10 HIGH, 12 MEDIUM, 6 LOW, 3 INFO
- REMEDIATION_MATRIX: P0 (6h), P1 (17h), P2 (8h), P3 (10h) = ~41h total
- ASVS_CHECKLIST: 70/102 (68.6%) with 5 FAIL, 26 PARTIAL

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-13 16:52:03 +01:00
senke
68b33e1475 Merge branch 'feat/v0.12.6-pentest-security-audit' 2026-03-13 16:45:01 +01:00
senke
7e05cdf5da feat(v0.12.6): pentest security audit — 3 deliverables 
- PENTEST_REPORT_VEZA_v0.12.6.md: 14 findings (0 CRIT, 2 HIGH, 5 MEDIUM, 4 LOW, 3 INFO), 18 PASS controls
- REMEDIATION_MATRIX_v0.12.6.md: prioritized remediation actions (P1: 4h, P2: 5h, P3: 5.5h)
- ASVS_CHECKLIST_v0.12.6.md: OWASP ASVS Level 2 — 92/101 (91.1%) conformity

Methodology: SAST + manual code review, OWASP Top 10 2021, API Security Top 10 2023

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-13 16:44:38 +01:00
senke
bd0d2ed41f Merge branch 'feat/v1.0.0-rc1-release-candidate' 2026-03-13 16:25:32 +01:00
senke
152f6ac554 docs: update VEZA_VERSIONS_ROADMAP [v1.0.0-rc1 DONE] 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-13 16:24:04 +01:00
senke
d168bfd9e4 feat(v1.0.0-rc1): release candidate — GO/NO-GO audit, dark pattern fix, docs 
TASK-RC-001: GO/NO-GO checklist with evidence (16/21 GO, 5 staging-dependent)
TASK-RC-002: Dark pattern audit — removed public play/like/follower counts
  - TrackDetailPageCoverAndActions: stats visible only to creator
  - TrackList: removed public play count column
  - TrackSearchResults: removed play_count/like_count display
  - UserCard: removed public follower count
  - SearchPageResults: removed followers_count display
TASK-RC-003: Privacy policy (RGPD-compliant, docs/PRIVACY_POLICY.md)
TASK-RC-004: Discovery algorithm documentation (auditable, docs/DISCOVERY_ALGORITHM.md)
TASK-RC-005: Branch release ready (CI/CD validation pending)
TASK-RC-006: Re-pentest noted as optional/staging-dependent

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-13 16:23:18 +01:00
senke
efe5d7931f Merge branch 'feat/v0.14.0-validation-runtime-staging' 2026-03-13 16:12:33 +01:00
senke
9ebbbbd335 docs: update VEZA_VERSIONS_ROADMAP [v0.14.0 DONE] 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-13 16:10:42 +01:00
senke
5088239337 feat(v0.14.0): validation runtime & staging pipeline 
- TASK-STAG-001: staging-validation.yml workflow (deploy + all checks)
- TASK-STAG-002: k6 staging performance validation (p95<100ms, stream<500ms)
- TASK-STAG-003: Lighthouse CI config (perf>=85, a11y>=90, CWV thresholds)
- TASK-STAG-004: staging-stability-check.sh (5xx rate monitoring)
- TASK-STAG-005: GDPR E2E integration test (export + deletion + anonymization)
- TASK-STAG-006: bundle size check integrated in validation pipeline

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-13 16:09:43 +01:00
senke
8b0267554a Merge branch 'feat/v0.13.5-polish-marketplace-compliance' 2026-03-13 14:59:50 +01:00
senke
b29de36c7f docs: update VEZA_VERSIONS_ROADMAP [v0.13.5 DONE] 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-13 14:58:03 +01:00
senke
2281c91e8b feat(v0.13.5): polish marketplace & compliance — KYC, support, payout E2E 
- Seller KYC via Stripe Identity (start verification, status check, webhook)
- Support ticket system (backend handler + frontend form page)
- E2E payout flow integration test (sale → payment → balance → payout)
- Migrations: seller_kyc columns, support_tickets table
- Frontend: SupportPage with SUMI design, lazy loading, routing

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-13 14:57:19 +01:00
senke
739abe34e0 Merge branch 'feat/v0.13.4-polish-audio-player' 2026-03-13 14:01:30 +01:00
senke
73e267a5a6 docs: update VEZA_VERSIONS_ROADMAP [v0.13.4 DONE] 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-13 14:00:10 +01:00
senke
32cacdcf09 feat(v0.13.4): polish audio & player — PiP canvas, visualizer, Cast/AirPlay stubs 
TASK-APLSH-001: Enhanced PiP with canvas-based display showing cover art + track info
TASK-APLSH-002: Chromecast detection hook (useCastSupport) — full casting deferred
TASK-APLSH-003: AirPlay detection hook (useAirPlaySupport) — Safari target picker
TASK-APLSH-004: AudioVisualizer component with 3 modes (bars/wave/spectrogram)
  - useSpectrumAnalyser hook (64 bands, high-res FFT)
  - Canvas-based rendering with SUMI color palette
  - Integrated into PlayerExpanded with toggle button

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-13 13:59:30 +01:00
senke
26aa51a2ab Merge branch 'feat/v0.13.3-polish-securite-avancee' 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-13 13:39:38 +01:00
senke
8afe01c0c0 Merge branch 'feat/v0.13.2-consolidation-design-system' 2026-03-13 10:16:09 +01:00
senke
e22db9c321 docs: update VEZA_VERSIONS_ROADMAP [v0.13.3 DONE] 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-13 10:09:46 +01:00
senke
6a675565e1 feat(v0.13.3): complete - Polish Sécurité Avancée 
TASK-SECADV-001: WebAuthn/Passkeys (F022)
- WebAuthn credential model, service, handler
- Registration/authentication ceremony endpoints
- CRUD operations (list, rename, delete passkeys)
- Routes: GET/POST/PUT/DELETE /auth/passkeys/*

TASK-SECADV-002: Configurable password policy (F015)
- PasswordPolicyConfig with MinLength, MaxLength, RequireUpper/Lower/Number/Special
- NewPasswordValidatorWithPolicy constructor
- PasswordPolicyFromEnv() reads env vars (PASSWORD_MIN_LENGTH, etc.)
- All character class checks now respect policy configuration

TASK-SECADV-003: Géolocalisation connexions (F025)
- GeoIPResolver interface + GeoIPService implementation
- Country/city columns added to login_history table
- LoginHistoryService.Record() performs GeoIP lookup
- GetUserHistory returns geolocation data
- GET /auth/login-history endpoint

TASK-SECADV-004: Password expiration (F016)
- password_changed_at column on users table
- CheckPasswordExpiration() method on PasswordService
- All password change/reset methods now set password_changed_at
- NewPasswordServiceWithPolicy() supports expiration days config

Migration: 971_security_advanced_v0133.sql

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-13 10:09:01 +01:00
senke
d61842879d docs: update VEZA_VERSIONS_ROADMAP [v0.13.2 DONE] 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-13 09:46:07 +01:00
senke
8c0dd30685 feat(v0.13.2): consolidation design system — SUMI tokens, package, stories 
TASK-DS-001: Migrated packages/design-system/ from legacy Kōdō to SUMI v2.0
  - New src/ structure with proper TypeScript exports
  - Component type registry documenting all 40+ UI components
  - cn() utility re-export
  - package.json with exports map for tokens subpaths

TASK-DS-002: Extracted design tokens as TypeScript objects
  - tokens/colors.ts: backgrounds, surfaces, text, pigments, semantic, glass, shadows, light theme
  - tokens/typography.ts: font families, sizes, weights, line heights, letter spacings
  - tokens/spacing.ts: spacing scale, radius, z-index, layout
  - tokens/motion.ts: durations and easing functions

TASK-DS-003: Added missing Storybook stories
  - EmptyState.stories.tsx (8 variants: default, icon, action, search, sizes, card, centered)
  - ButtonLoading.stories.tsx (6 variants: default, loading, text, destructive, outline, small)
  - ContentFadeIn.stories.tsx (2 variants: default, card)
  - DesignTokens.stories.tsx (visual token reference: pigments, backgrounds, text, typography, spacing, radius)
  - Total: 42 → 46 stories for UI components + design token showcase

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-13 09:45:09 +01:00
senke
565a37f7fe docs: update VEZA_VERSIONS_ROADMAP [v0.13.1 DONE] 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-12 22:39:25 +01:00
senke
260e668615 feat(v0.13.1): conformité audio & player — gapless, crossfade, normalization 
TASK-AUDIO-001: Enhanced gapless playback with 10s pre-buffering
TASK-AUDIO-002: Crossfade UI in expanded player (0-12s configurable slider)
TASK-AUDIO-003: Audio normalization via Web Audio API GainNode (EBU R128)
TASK-AUDIO-004: Complete player features (playback speed, preload, fade)

- AudioPlayerService: added normalization gain node, connectAudioGraph(),
  setNormalizationGain(), setNormalizationEnabled() with dB-to-linear conversion
- useAudioAnalyser: integrated with gain node for correct audio graph routing
- useAudioNormalization: new hook syncing normalization state with track changes
- PlayerStore: added normalizationEnabled setting (persisted)
- AudioSettingsPanel: new component with crossfade slider + normalization toggle
- PlayerExpanded: added audio settings panel with Settings2 icon toggle
- GlobalPlayer: integrated useAudioNormalization hook
- usePlayer: extended pre-buffer window from 5s to 10s for gapless playback
- 97 tests passing (56 service + 41 store)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-12 22:38:44 +01:00
senke
d0ae65bd88 docs: update VEZA_VERSIONS_ROADMAP [v0.12.8 DONE] 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-12 18:45:07 +01:00
senke
b47fa21331 feat(v0.12.8): documentation & API publique — rate limiting, scopes, OpenAPI 
- API key rate limiting middleware (1000 reads/h, 200 writes/h par clé)
  — tracking séparé read/write, par API key ID (pas par IP)
  — headers X-RateLimit-Limit/Remaining/Reset sur chaque réponse
- API key scope enforcement middleware (read → GET, write → POST/PUT/DELETE)
  — admin scope permet tout, CSRF skip pour API key auth
- OpenAPI spec: ajout securityDefinition ApiKeyAuth (X-API-Key header)
- Swagger annotations: ajout ApiKeyAuth dans cmd/api/main.go
- Wiring dans router.go: middlewares appliqués sur tout le groupe /api/v1
- Tests: 10 tests (5 rate limiter + 5 scope enforcement), tous PASS

Backend existant déjà en place (pré-v0.12.8):
- Swagger UI (gin-swagger + frontend SwaggerUIDoc component)
- API key CRUD (create/list/delete + X-API-Key auth dans AuthMiddleware)
- Developer Dashboard frontend (API keys, webhooks, playground)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-12 18:44:09 +01:00