senke/veza
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1643 commits 37 branches 94 tags 1.5 GiB
Commit graph

1643 commits

This branch
This branch
All branches
Author SHA1 Message Date
senke
ae586f6134 Phase 2 stabilisation: code mort, Modal→Dialog, feature flags, tests, router split, Rust legacy 
Bloc A - Code mort:
- Suppression Studio (components, views, features)
- Suppression gamification + services mock (projectService, storageService, gamificationService)
- Mise à jour Sidebar, Navbar, locales

Bloc B - Frontend:
- Suppression modal.tsx deprecated, Modal.stories (doublon Dialog)
- Feature flags: PLAYLIST_SEARCH, PLAYLIST_RECOMMENDATIONS, ROLE_MANAGEMENT = true
- Suppression 19 tests orphelins, retrait exclusions vitest.config

Bloc C - Backend:
- Extraction routes_auth.go depuis router.go

Bloc D - Rust:
- Suppression security_legacy.rs (code mort, patterns déjà dans security/)
 2026-02-14 17:23:32 +01:00
senke
794270597a fix(web): stabilize Vitest suite (auth integration: wrap with QueryClientProvider) 2026-02-14 14:21:17 +01:00
senke
8582be5982 fix(stream-server): fix partial move in buffer get_next_chunk (fix compilation) 2026-02-14 14:09:07 +01:00
senke
a9009de366 fix(backend): avoid nil user in GetProfile (userToProfile panic in profile handler test) 2026-02-14 14:07:03 +01:00
senke
4be5988f8e chore(e2e): run 2FA test when E2E_2FA_CODE (and optional creds) are set, document in README 2026-02-14 14:06:46 +01:00
senke
fa719e31e5 feat(e2e): add play flow test (library/search -> track page or player) 2026-02-14 14:04:36 +01:00
senke
0d10a5c820 fix(backend): serialize backup_codes as JSON in two_factor_service (fix TestLogin_Requires2FA) 2026-02-14 14:03:43 +01:00
senke
4dcae6ca00 feat(web): add validate:storybook script (build, serve 6007, audit) 2026-02-14 14:02:57 +01:00
senke
2119833779 fix(e2e): stabilize auth, smoke, search, playlists specs 
- Global setup no longer throws when API is unavailable; writes empty
  auth state so Playwright can start; specs that need auth use their
  own login or storageState override.
- Ensure e2e/.auth dir exists before writing empty state.
 2026-02-14 14:02:13 +01:00
senke
37981c2c17 chore(refactor/sumi-migration): commit pending changes — tests, stream server, dist_verification 
- apps/web: test updates (Vitest/setup), playbackAnalyticsService, TrackGrid, serviceErrorHandler
- veza-common: logging, metrics, traits, validation, random
- veza-stream-server: audio pipeline, codecs, cache, monitoring, routes
- apps/web/dist_verification: refresh build assets (content-hashed filenames)

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-13 19:39:18 +01:00
senke
de12f5036c fix(web): resolve all 568 TypeScript errors — tsc --noEmit now passes with zero errors 
Major categories fixed:
- TS6133 (188): Remove unused imports (React, icons, types) and variables
- TS2322 (222): Fix type mismatches in stories (satisfies Meta -> const meta: Meta),
  add nullish coalescing for optional values, fix component prop types
- TS2345 (43): Fix argument type mismatches with proper null checks and type narrowing
- TS2741 (21): Add missing required properties to mock/story data
- TS2339 (19): Fix property access on incorrect types, add type guards
- TS2353 (13): Remove extra properties from object literals or extend interfaces
- TS2352 (11): Fix type conversion chains
- TS2307 (9): Fix import paths and module references
- Other (42): Fix implicit any, possibly undefined, export declarations

Vite build and tsc --noEmit both pass cleanly.

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-13 00:32:08 +01:00
senke
101cbd0f48 chore(stream): remove orphan modules and artifacts 
- Remove src/eventbus/ directory (orphan — event_bus.rs is the active module)
- Remove src/prometheus_metrics.rs (orphan duplicate — monitoring/prometheus_metrics.rs is active)
- Remove src/core/sync.rs_test_snippet (leftover artifact)

Stream server compiles with zero errors.

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 23:33:37 +01:00
senke
9b65e40952 fix(chat): resolve compilation errors and clean all warnings 
- Replace ChatError::AuthError (nonexistent variant) with InvalidToken
  and ServiceUnavailable in jwt_manager.rs
- Remove unused imports: ExchangeDeclareOptions, ExchangeKind (event_bus),
  StatusCode (request_id), warn (typing_indicator), AsyncCommands (rate_limiter)
- Fix unnecessary mut: delivered_status.rs, read_receipts.rs
- Prefix unused struct fields: _config, _connection (event_bus), _secret (csrf)
- Prefix unused variables: _metadata, parent_message_id: _ (handler.rs),
  user_id: _ (permission.rs)
- Allow dead_code on GetMessagesQuery and exchange_kind_from_str

Chat server now compiles with zero errors and zero warnings.

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 23:33:02 +01:00
senke
09bb663659 chore: enable noUncheckedIndexedAccess, isolate ghost MSW handlers, document go-clamd tech debt 
- Enable TypeScript noUncheckedIndexedAccess and fix 133 resulting errors
  across 46 files with proper null guards, optional chaining, and fallbacks
- Extract education/gamification ghost feature MSW handlers into handlers-ghost.ts
- Add Storybook test plugin documentation in vitest.config.ts
- Document abandoned go-clamd dependency (2017) as tech debt in upload_validator.go

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 23:12:35 +01:00
senke
1695606e24 refactor(ui): remove unused design-system package and create STORYBOOK_CONTRACT 
- Remove packages/design-system/ directory (superseded by SUMI tokens
  in apps/web/src/index.css, confirmed no imports exist)
- Update package.json keywords from kodo-design-system to sumi-design-system
- Create docs/STORYBOOK_CONTRACT.md defining mandatory story structure:
  Default, Loading, Error, Empty states for feature components
- Typography audit: SUMI utility classes defined in index.css, codebase
  correctly uses Tailwind classes with SUMI tokens via @theme — no
  migration needed

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 23:00:26 +01:00
senke
34e9d69af3 fix(tests): add missing component tests and fix failing tests 
- Fix setTimeout memory leak in ChatRoom.tsx by storing timeout in
  useRef and cleaning up on unmount
- Add tests for Accordion, Collapsible, FloatingInput, AnimatedNumber,
  and FAB components (5 new test files, all passing)
- Fix socialService methods (deleteComment, markRead, markAllRead) to
  return values matching test expectations
- Fix MSW handlers for chat/token and notification endpoints to use
  proper { success: true, data: ... } envelope format
- Fix invalid CSS selector in TrackList.test.tsx that caused JSDOM crash
- Document excluded test files with TODO tickets in vitest.config.ts

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 22:59:09 +01:00
senke
45bdf060ca feat(backend): add social groups, wishlist, cart, and playlist export endpoints 
- Add Group and GroupMember models with CRUD service methods
- Implement social group endpoints: create, list, get, join, leave
- Add WishlistItem model with get/add/remove service methods
- Add CartItem model with get/add/remove/checkout service methods
- Create handlers for marketplace wishlist and cart operations
- Register playlist export (JSON/CSV) and duplicate routes
- Enable PLAYLIST_SHARE and NOTIFICATIONS feature flags

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 22:48:50 +01:00
senke
8f1ccd8a56 fix(ci): correct Rust service paths and reactivate CD pipeline 
- Fix chat-ci.yml and stream-ci.yml to reference veza-chat-server/
  and veza-stream-server/ instead of non-existent apps/ paths
- Add veza-common/ to CI triggers so shared library changes are tested
- Reactivate CD pipeline with Docker registry push and Kubernetes
  deployment steps (gated on secrets availability)
- Standardize Redis dependency to v0.32 across both Rust services

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 22:44:56 +01:00
senke
2d664f9177 fix(security): add SSRF protection, real track access validation, and pagination bounds 
- Add IsURLSafe() function to webhook service blocking private IPs,
  localhost, and cloud metadata endpoints (SSRF protection)
- Implement real validate_track_access() in stream server querying DB
  for track visibility, ownership, and purchase status
- Remove dangerous JWT fallback user in chat server that allowed
  deleted users to maintain access with forged credentials
- Add upper limit (100) on pagination in profile, track, and room handlers
- Fix Dockerfile.production healthcheck path to /api/v1/health

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 22:44:03 +01:00
senke
8365cbfa6f refactor: LoadingState delegates all spinner rendering to LoadingSpinner 
Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 22:23:16 +01:00
senke
0faa20d644 fix: resolve ts-ignore directives and unsafe type casts 
Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 22:21:55 +01:00
senke
24b2c2fb84 test: add tests for ErrorDisplay, LoadingState, ComingSoon 
Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 22:19:54 +01:00
senke
a68e776797 a11y: enhance global prefers-reduced-motion support 
Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 22:18:36 +01:00
senke
1acfca86b1 fix: remove as any casts from application components 
Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 22:17:55 +01:00
senke
2f46712789 fix: type authService.login, replace remaining console.error with logger 
Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 22:15:10 +01:00
senke
958d40896c perf: improve bundle splitting -- separate framer-motion, axios, dompurify, i18n chunks 
Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 22:04:56 +01:00
senke
df85544a8f refactor: unify loading components -- consolidate Spinner into LoadingSpinner 
Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 22:04:45 +01:00
senke
53c9e42d9c refactor: complete Modal to Dialog migration for 6 modals 
Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 22:01:05 +01:00
senke
ed6d209b92 refactor: replace console.log with logger, fix TrackCard type, memoize DashboardPage 
Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 21:57:02 +01:00
senke
e5fd019edf a11y: skip link exists in App, ChatInput aria-label, sidebar focus trap, MiniPlayer aria-live 
Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 21:55:25 +01:00
senke
9f7a42cdb5 fix: memory leaks -- add setTimeout cleanup in ChatInput, SocialViewFeedItem, PostCard 
Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 21:54:06 +01:00
senke
d919f8c7c9 fix: critical bugs -- ChatInput var, authService types, dep placement 
Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 21:53:39 +01:00
senke
37dae9e646 fix(a11y): Sprint 7 — semantic HTML and accessibility deep-dive 
S7.1: Replace div onClick with semantic button in DialogTrigger.tsx
S7.2: Replace role="button" divs with native <button> elements in 12 files
      (PlaylistCard, TrackCard, ConversationItem, NotificationMenuItem,
       AudioPlayerTrackInfo, SearchPageResults, ProjectsManagerAddCard,
       ProjectsManagerCard, GearInventoryGrid, UploadModal, dropdown.tsx,
       LibraryPageGrid)
S7.3: Add focus-visible:ring-2 to 14 form inputs with outline-none across
      9 modal files (CreateGroupModal, DataExportModal, EditPlaylistModal,
      AddToPlaylistModal, BanUserModal, RefundRequestModal, FlashSaleModal,
      TipStreamerModal, CreatePostModal)
S7.4: Add semantic landmarks — <section> in DashboardPage, <article> in
      PostCard and CourseCard

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 10:34:39 +01:00
senke
5f88c56113 fix: UI remediation Phase 1 (S0-S5) + Phase 2 Sprint 6 shadow system 
Phase 1:
- S0: Fix open redirect (safeNavigate), delete AuthContext/legacy auth, encrypt API keys, gitignore .env files
- S1: Split client.ts god object into 5 modules, unify toast system, delete unused Sidebar
- S2: Add glass button variant, migrate 32 z-index to SUMI tokens, fix card dark mode
- S3: Skip nav link, aria-hidden on icons, focus-visible ring fixes, alt attrs, aria-live regions
- S4: React.memo on list items, fix key={index}, loading=lazy on images
- S5: Branded loading screen, page transitions respect reduced-motion, LikeButton micro-interaction, i18n sidebar/header

Phase 2 Sprint 6:
- Wire Tailwind shadow utilities to SUMI tokens in @theme block (fixes 50+ files)
- Define shadow-card/shadow-card-hover tokens
- Remove dark:shadow-none workarounds from card.tsx (SUMI handles per-theme shadows)

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 10:13:44 +01:00
senke
34e1f41091 refactor: Phase 8 — Update docs, ESLint, Storybook config for SUMI 
- DESIGN_TOKENS.md: Complete rewrite to document --sumi-* token system
- APP_SHELL.md: Update layout shell docs (glass bg, backdrop-blur, z-index)
- DESIGN_DIRECTION.md: Update aesthetic direction to SUMI philosophy
- .storybook/preview.tsx: Remove deleted CSS imports, update bg colors
- eslint.config.js: Update color rule message from Kodo to SUMI tokens
- tailwind.config.ts: Fix comment referencing deleted design-tokens.css

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 02:15:11 +01:00
senke
73e8372b0e refactor: Phase 7 — Clean up legacy components and remove dead tokens 
- Bulk replace text-white → text-foreground across 116 component files
  (preserving text-white/ opacity variants)
- Remove hover-glow-cyan, shadow-card-glow-cyan, shadow-button-primary-glow
  classes from all components
- Replace --duration-normal/--duration-immersive/--duration-slow with
  --sumi-duration-normal/--sumi-duration-slow across 130+ files
- Replace --ease-out/--ease-in-out with --sumi-ease-out/--sumi-ease-in-out
- Replace focus:ring-blue-500 → focus:ring-primary (4 files)
- Remove hover:scale-105/110 and hover:-translate-y-1/0.5 transforms
  (SUMI anti-pattern: no scale on hover)
- Clean up stale kodo- references in comments

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 02:09:29 +01:00
senke
69e40e3c04 refactor: Phase 6 — Migrate feature modules to SUMI tokens 
- auth: Replace gray-* with muted/border tokens, text-foreground
- settings: TwoFactorSettings + NotificationSettings text-foreground
- chat: ChatInput, ConversationItem, ChatPage — text-foreground,
  remove kodo references
- player: PlayerExpanded, PlayerQueue, PlayerControls — text-foreground,
  remove cyan/magenta gradients
- playlists: All components — text-foreground for badges/headings
- tracks: TrackCard, TrackListRow — text-foreground, remove glow effects
- studio: FileGridCard — text-foreground
- library: LibraryPageGrid — remove hover-glow-cyan, shadow-card-glow-cyan
- profile: UserProfilePageHeader — text-foreground

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 02:06:28 +01:00
senke
3c2e3fdf4f refactor: Phase 5 — Migrate layout shell to SUMI tokens 
- Sidebar: bg-raised, border-faint tokens
- Header: glass bg + backdrop-blur-12px, z-200 sticky, SUMI durations
- PlayerBarGlass: glass-bg + blur-16px, accent colors, remove glow
- PlayerBarProgress: solid accent fill, SUMI border tokens
- PlayerBarRight/TrackInfo: text-foreground, SUMI border tokens
- MiniPlayer: glass-bg, border-faint, z-200, SUMI shadows
- GlobalPlayer: SUMI z-index and duration tokens
- DashboardLayout: SUMI z-raised, duration tokens

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 02:01:39 +01:00
senke
39a99168d9 refactor: Phase 4 — Update UI primitives to SUMI design system 
- button.tsx: Remove gaming/terminal/nature/glass variants, add link variant,
  add focus-visible glow, remove scale transforms and neon shadows
- card.tsx: Remove glass/glow/glowMagenta variants, update radius to rounded-lg,
  remove hover translate transforms
- modal.tsx: Update backdrop to bg-black/60 + blur(4px), bg-popover,
  SUMI easing curves and durations
- badge.tsx: Terminal variant aliased to success, doc updates
- avatar.tsx: Already migrated, doc updates
- progress.tsx: Fix gradient colors to SUMI semantics
- input.tsx: bg-background, border-border, SUMI focus glow
- textarea.tsx: Add SUMI focus glow

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 01:58:15 +01:00
senke
fe63c7188e refactor: Phase 3 — Semantic color + hex + z-index migration 
Phase 3b: Replace hardcoded hex colors with SUMI palette values
- #66FCF1 (neon cyan) → #7c9dd6 (sumi-accent) across all files
- #3b82f6 (blue-500) → #7c9dd6 in chart components
- #36E5D1 → #7a9e6c (sage), #E4B314 → #c9a84c (gold)
- #E63946 → #d4634a (vermillion)
- Update ThemeSwitcher, AppearanceSettings, SwaggerUI, chart components

Phase 3c: Normalize z-index to SUMI scale
- z-[100] (modals) → z-[400] (--sumi-z-modal)
- z-[110] (player expanded, search) → z-[500] (--sumi-z-popover)
- z-[200] (image viewer) → z-[500]
- z-[35] (navbar overlay) → z-[300] (--sumi-z-overlay)

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 01:54:47 +01:00
senke
fa56dfa77e refactor: Phase 3a — Global color class migration to SUMI semantics 
- Replace all kodo-* color classes across ~100 TSX files:
  kodo-void → background, kodo-ink → card, kodo-graphite → muted,
  kodo-steel → muted-foreground, kodo-cyan → primary, kodo-magenta → destructive,
  kodo-lime → success, kodo-red → destructive, kodo-gold → warning
- Replace cyan-500, magenta-500, lime-500 default Tailwind colors with
  semantic equivalents (primary, destructive, success)
- Fix WaveformVisualizer hardcoded hex colors to SUMI values
- Delete global-effects.css (conflicting, redundant with index.css)

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 01:51:49 +01:00
senke
24b4cce8ea refactor: Phase 2 — Font migration to SUMI stack 
- Update Google Fonts: Inter + Space Grotesk + JetBrains Mono + Noto Serif JP
- Remove: Orbitron, Barlow, Source Serif 4, IBM Plex Mono, Noto Sans JP
- Replace all font-display (Orbitron) references with font-heading (Space Grotesk)
  across ~70 TSX files

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 01:49:07 +01:00
senke
f64a85414c refactor: Phase 1 — SUMI token foundation 
- Rewrite index.css with complete SUMI token system (dark + light themes)
- All --sumi-* variables: backgrounds, surfaces, borders, text, pigments,
  spacing, radius, shadows, glass, scrollbar, motion, z-index, layout
- shadcn/Radix semantic mapping (--background, --foreground, etc.)
- Tailwind @theme mapping with new fonts (Inter, Space Grotesk, JetBrains Mono)
- SUMI keyframe animations (sumi-fade-in, sumi-slide-up, sumi-scale-in, etc.)
- Delete 11 redundant CSS files (design-system.css, design-tokens.css,
  button.css, card.css, input.css, badge-avatar.css, header.css,
  fix-input-focus.css, fix-login-form.css, visual-enhancements.css,
  premium-utilities.css)
- Update main.tsx: single CSS import (index.css only)
- Update ThemeProvider: data-theme attribute instead of .dark class toggle
- Update index.html FOUC script: data-theme attribute

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 01:48:01 +01:00
senke
576873d319 chore: stub educationService to fix broken build 
Add a minimal educationService stub that returns empty data,
unblocking the build before the SUMI design system migration.

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 01:43:16 +01:00
senke
00bb07b180 fix(chat): replace Regex::new().unwrap() with static Lazy in security_legacy.rs 
Replace 65+ Regex::new().unwrap() calls with three once_cell::sync::Lazy
static collections:

- DANGEROUS_PATTERNS: 60+ XSS/SQL/command injection regexes
- ROOM_NAME_REGEX: room name character validation
- TOXIC_PATTERNS: 5 toxicity detection regexes

All patterns are compiled once at startup with .ok() filter for safety.
ContentFilter, ToxicityDetector now clone from the statics.

Also adds pub mod security_legacy to lib.rs so the module is compiled
and checked during CI builds.

Addresses audit finding D9: .unwrap() on Regex::new() in legacy code.

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-11 23:27:54 +01:00
senke
ff5d6736f8 ci: add Dependabot configuration for automated dependency updates 
Configure weekly automated dependency update PRs for all ecosystems:

- gomod: /veza-backend-api (Go modules)
- cargo: /veza-chat-server, /veza-stream-server (Rust crates)
- npm: /apps/web (frontend packages)
- github-actions: / (CI action versions)

Each ecosystem gets appropriate labels for easy triage.

Addresses audit finding A06: no automated dependency update mechanism.

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-11 23:26:18 +01:00
senke
ba232c2f56 ci: add cargo clippy lint step to chat and stream CI workflows 
Add clippy with -D warnings (deny all warnings) to both Rust CI
pipelines. The production-deploy workflow already had clippy.

This ensures lint issues are caught before merge for both services.

Addresses audit finding D15: clippy not present in all Rust workflows.

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-11 23:25:57 +01:00
senke
c707779273 chore(web): remove ghost frontend services for unimplemented features 
Delete service files and their tests for features with no backend:

- educationService.ts + test (Education feature)
- gamificationService.ts + test (Gamification/XP feature)
- gearService.ts + test (Gear/Equipment feature)

The routes for these features are now gated behind ComingSoon
placeholders (C8), so these service modules are unreachable dead code.

Note: The corresponding UI components (gamification/, inventory/,
education-view/) still exist but are orphaned. They can be removed
in a separate cleanup pass.

Addresses audit finding D14: ghost frontend services.

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-11 23:25:33 +01:00
senke
b926183e62 chore: remove dead projects veza-desktop and veza-mobile 
- veza-desktop/: empty Electron shell (package.json + vite.config only)
- veza-mobile/: abandoned React Native scaffold (App.tsx + README only)

Neither project has functional code, tests, or CI references.
They pollute the monorepo root and confuse contributors.

Addresses audit finding D11: dead projects in monorepo.

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-11 23:25:00 +01:00
senke
0f41ca80ad refactor(chat): deduplicate JwtManager algorithm/key/validation setup 
Extract build_keys_and_validation() private helper that encapsulates
the 20 lines of algorithm parsing, EncodingKey/DecodingKey creation,
and Validation configuration previously duplicated between new() and
with_revocation_store_only().

- Remove with_revocation_store_only() intermediate function
- with_revocation_store() now calls build_keys_and_validation() directly
- with_pool_and_store() delegates to with_revocation_store()

Addresses audit finding D10: code duplication in JwtManager constructors.

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-11 23:24:39 +01:00