senke/veza
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1715 commits 37 branches 94 tags 1.5 GiB
Commit graph

5 commits

Author SHA1 Message Date
senke
ab85dd793f docs: update REMEDIATION_PROGRESS with Phase 2 completion 2026-02-16 10:53:29 +01:00
senke
7c981c1ec8 docs(security): document Lot 9 (2FA) and Lot 10 (OAuth) verification (A07) 
Both flows verified correct - no code changes required.
 2026-02-16 10:23:33 +01:00
senke
fae4588d70 fix(security): update or remove vulnerable npm devDependencies (A06) 
- Remove @lhci/cli, newman, pa11y-ci (used only by obsolete Makefile.old)
- Redirect qa:postman, qa:lh, qa:a11y scripts to explanatory message
- npm audit fix for remaining lodash vulnerability
- Document Lot 6 (bypass flags verified) and Lot 8 in REMEDIATION_PROGRESS
 2026-02-16 10:20:10 +01:00
senke
b05d7a04e3 fix(security): remove or protect education routes (A01) 
Education packages internal/api/education and internal/core/education were
empty directories with no routes registered. Removed empty dirs and
documented in REMEDIATION_PROGRESS.md.
 2026-02-16 10:18:43 +01:00
senke
ae586f6134 Phase 2 stabilisation: code mort, Modal→Dialog, feature flags, tests, router split, Rust legacy 
Bloc A - Code mort:
- Suppression Studio (components, views, features)
- Suppression gamification + services mock (projectService, storageService, gamificationService)
- Mise à jour Sidebar, Navbar, locales

Bloc B - Frontend:
- Suppression modal.tsx deprecated, Modal.stories (doublon Dialog)
- Feature flags: PLAYLIST_SEARCH, PLAYLIST_RECOMMENDATIONS, ROLE_MANAGEMENT = true
- Suppression 19 tests orphelins, retrait exclusions vitest.config

Bloc C - Backend:
- Extraction routes_auth.go depuis router.go

Bloc D - Rust:
- Suppression security_legacy.rs (code mort, patterns déjà dans security/)
 2026-02-14 17:23:32 +01:00