senke/veza
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
2099 commits 37 branches 94 tags 1.5 GiB
Commit graph

14 commits

Author SHA1 Message Date
senke
2ed2bb9dcf v0.9.4 2026-03-05 23:03:43 +01:00
senke
b6c004319c v0.9.2
Some checks failed
Backend API CI / test-unit (push) Failing after 0s
Details
Backend API CI / test-integration (push) Failing after 0s
Details
2026-03-05 19:27:34 +01:00
senke
354c747cce feat(security): add global and per-IP DDoS rate limiting (1000/s, 100/s) 
SEC1-04: Redis sliding window 1s, excluded paths (health, swagger, auth)
 2026-03-03 09:25:08 +01:00
senke
0907446958 test: add 5 cross-service E2E integration tests 
INT-03: Tests for health endpoint, auth flow, track upload auth,
webhook HTTPS-only, and rate limit headers. Build-tagged
'integration' to avoid running in regular test suite.
 2026-02-22 17:52:50 +01:00
senke
66ba082788 fix(backend): use explicit DISABLE_RATE_LIMIT_FOR_TESTS flag instead of env-based bypass 
Replace NODE_ENV/APP_ENV bypass with DISABLE_RATE_LIMIT_FOR_TESTS=true.
Only test runners should set this. Prevents rate limiting bypass when
APP_ENV=development is mistakenly used in production.
Phase 1 audit - P1.6
 2026-02-15 15:56:53 +01:00
senke
eb313e83c5 fix(api): add rate limiting on POST /api/v1/logs/frontend 2026-02-14 20:19:56 +01:00
senke
ae586f6134 Phase 2 stabilisation: code mort, Modal→Dialog, feature flags, tests, router split, Rust legacy 
Bloc A - Code mort:
- Suppression Studio (components, views, features)
- Suppression gamification + services mock (projectService, storageService, gamificationService)
- Mise à jour Sidebar, Navbar, locales

Bloc B - Frontend:
- Suppression modal.tsx deprecated, Modal.stories (doublon Dialog)
- Feature flags: PLAYLIST_SEARCH, PLAYLIST_RECOMMENDATIONS, ROLE_MANAGEMENT = true
- Suppression 19 tests orphelins, retrait exclusions vitest.config

Bloc C - Backend:
- Extraction routes_auth.go depuis router.go

Bloc D - Rust:
- Suppression security_legacy.rs (code mort, patterns déjà dans security/)
 2026-02-14 17:23:32 +01:00
senke
76d95ecfb4 incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 19:47:57 +01:00
senke
dbbbabe76b [FIX] Disable rate limiting completely in development mode 
- Disable rate limiting when APP_ENV=development
- Add development mode check in router.go
- Prevents rate limit errors during development and testing
- Rate limiting still active in production/staging
- Exclude critical routes as backup measure
 2026-01-04 01:44:13 +01:00
senke
08b8412f8a [FIX] Exclude critical routes from rate limiting 
- Exclude auth routes (/register, /login, /refresh) from rate limiting
- Exclude CSRF token endpoint from rate limiting
- Exclude health check endpoints from rate limiting
- Exclude Swagger/docs endpoints from rate limiting
- Prevents rate limit errors during registration and login
- Applied to both SimpleRateLimiter and RateLimiter (Redis)
 2026-01-04 01:44:13 +01:00
senke
469e0f3136 [INT-013] int: Add API rate limiting communication 2025-12-25 15:30:01 +01:00
senke
dc4fd2f3e1 [BE-SVC-002] be-svc: Implement rate limiting per user 2025-12-24 16:04:36 +01:00
senke
41e9a09f25 stabilizing apps/web: THIRD BATCH - FIXED Playwright 2025-12-21 18:55:51 -05:00
okinrev
2425c15b09 adding initial backend API (Go) 2025-12-03 20:29:37 +01:00