MEDIUM-002: Remove manual X-Forwarded-For parsing in metrics_protection.go,
use c.ClientIP() only (respects SetTrustedProxies)
MEDIUM-003: Pin ClamAV Docker image to 1.4 across all compose files
MEDIUM-004: Add clampLimit(100) to 15+ handlers that parsed limit directly
MEDIUM-006: Remove unsafe-eval from CSP script-src on Swagger routes
MEDIUM-007: Pin all GitHub Actions to SHA in 11 workflow files
MEDIUM-008: Replace rabbitmq:3-management-alpine with rabbitmq:3-alpine in prod
MEDIUM-009: Add trial-already-used check in subscription service
MEDIUM-010: Add 60s periodic token re-validation to WebSocket connections
MEDIUM-011: Mask email in auth handler logs with maskEmail() helper
MEDIUM-012: Add k-anonymity threshold (k=5) to playback analytics stats
LOW-001: Align frontend password policy to 12 chars (matching backend)
LOW-003: Replace deprecated dotenv with dotenvy crate in Rust stream server
LOW-004: Enable xpack.security in Elasticsearch dev/local compose files
LOW-005: Accept context.Context in CleanupExpiredSessions instead of Background()
LOW-002: Noted — Hyperswitch version update deferred (requires payment integration tests)
29/30 findings remediated. 1 noted (LOW-002).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Aligns the in-memory implementation with the updated services.UserRepository
interface for consistency (HIGH-003 context propagation).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Deep audit with 6 parallel analysis passes reveals additional findings:
CRITICAL:
- CRIT-001: IDOR on chat rooms — any user can read private conversations
- CRIT-002: play_count/like_count publicly exposed (violates VEZA ethics)
NEW HIGH:
- HIGH-004/005: Race conditions on promo codes and exclusive licenses
- HIGH-006: Rate limiter bypass via X-Forwarded-For (no TrustedProxies)
- HIGH-007: GDPR hard delete incomplete (Redis, ES, audit_logs)
- HIGH-008: RTMP callback auth fallback to stream_key as secret
- HIGH-009: Co-listening host hijack by non-host participants
- HIGH-010: Moderator can issue strikes without conflict-of-interest check
Total: 2 CRITICAL, 10 HIGH, 12 MEDIUM, 6 LOW, 5 INFO
Estimated remediation: ~39h30
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- ResponseCache: Redis-backed HTTP response caching for public GET endpoints
with configurable TTLs per endpoint prefix (tracks 15m, search 5m, etc.)
- CacheHeaders: CDN-optimized Cache-Control headers per asset type
(static 1yr immutable, audio 7d, HLS 60s, images 30d, API no-cache)
- Integrated both middlewares into the router middleware stack
- Unit tests for cache key generation, header rules, and config
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- EducationPage with 3 tabs: Catalog, My Courses, Certificates
- HLS.js video player integration for course lessons
- Course enrollment, progress tracking, and certificate display
- TypeScript types matching backend models
- API service layer for all education endpoints
- Lazy loading route configuration
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Course CRUD with slug generation, publish/archive lifecycle
- Lesson management with ordering and transcoding status
- Enrollment system with duplicate prevention
- Progress tracking with auto-completion at 90%
- Certificate issuance requiring full course completion
- Course reviews with rating aggregation
- Unit tests for service and handler layers
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Tables: courses, lessons, course_enrollments, lesson_progress,
certificates, course_reviews with proper indexes and constraints.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Distribution types, API service, and page component
- Distributions list with platform-specific status badges
- External streaming revenue table with summary cards
- Platform icons and status colors for Spotify/Apple Music/Deezer
- ARIA labels for accessibility
- Lazy-loaded route at /distribution
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Distribution module: submit tracks to Spotify, Apple Music, Deezer
- Subscription eligibility check (Creator/Premium only)
- Distribution status tracking with platform-specific statuses
- Status history audit trail
- External streaming royalties import and aggregation
- Distributor provider interface for DistroKid/TuneCore integration
- Handler and service unit tests
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add migration 950 with track_distributions, track_distribution_status_history,
and external_streaming_royalties tables for F501-F510.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add subscription types, service, and page component
- Pricing page with Free/Creator/Premium plan cards
- Monthly/yearly billing toggle (17% savings on yearly)
- Current subscription status display
- Cancel/reactivate subscription controls
- Invoice billing history table
- ARIA labels for accessibility
- Lazy-loaded route at /subscription
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add subscription module (models, service, tests)
- Plans: Free, Creator ($9.99/mo), Premium ($19.99/mo)
- Features: subscribe, cancel, reactivate, change billing cycle
- 14-day trial for Premium plan
- Upgrade immediate, downgrade at period end
- Invoice tracking and history
- Handler tests for auth and validation
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add migration 949 with subscription_plans, user_subscriptions,
and subscription_invoices tables. Includes default plan data
(Free, Creator $9.99/mo, Premium $19.99/mo with 14-day trial).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- seller_balances table for balance tracking
- seller_payouts table for payout scheduling
- commission_rate column on seller_transfers
- refund_deadline column on orders (14-day window)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- AnalyticsViewHeatmap: track listening heatmap visualization (F396)
- AnalyticsViewComparison: period comparison with % changes (F397)
- AnalyticsViewMarketplace: product conversion rates and revenue (F398)
- AnalyticsViewAlerts: opt-in metric alerts with CRUD (F399)
- Updated analytics service with new API methods
- Extended tab navigation with 3 new tabs
- All components have ARIA labels and keyboard navigation
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Mark v0.11.0 Analytics Créateur as ✅ DONE (2026-03-10)
- Check all F381-F385 tasks and acceptance criteria
- Fix tracking table: v0.9.8 and v0.10.0 now ✅ DONE (were inconsistent)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add new analytics tabs and components:
- AnalyticsViewSales: revenue, sales history, top selling tracks (F383)
- AnalyticsViewAudience: aggregated audience profile with privacy (F384)
- AnalyticsViewGeographic: geographic play distribution (F381)
- Updated analyticsService with all new API endpoints
- Updated AnalyticsView with tab navigation (overview/sales/audience/geographic)
- Discovery sources integration into Origins component
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add CreatorAnalyticsHandler with endpoints:
- GET /api/v1/creator/analytics/dashboard (F381)
- GET /api/v1/creator/analytics/plays (F382)
- GET /api/v1/creator/analytics/sales (F383)
- GET /api/v1/creator/analytics/discovery (F381)
- GET /api/v1/creator/analytics/geographic (F381)
- GET /api/v1/creator/analytics/audience (F384)
- GET /api/v1/creator/analytics/live/:streamId (F385)
- GET /api/v1/creator/analytics/tracks (F381)
- GET /api/v1/creator/analytics/export (F383)
All endpoints require authentication and only return data for the authenticated creator.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Implement CreatorAnalyticsService with:
- GetCreatorDashboard: aggregated plays, listeners, revenue (F381)
- GetPlayEvolution: temporal data by day/week/month (F382)
- GetSalesSummary: revenue and sales history (F383)
- GetDiscoverySources: how listeners find tracks (F381)
- GetGeographicBreakdown: anonymized geographic data (F381)
- GetAudienceProfile: aggregated audience demographics, min 10 users (F384)
- GetLiveStreamMetrics: real-time viewer count (F385)
- GetPerTrackStats: per-track analytics with pagination
All data is private to the creator, never exposed publicly.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add daily_track_stats, geographic_play_stats, track_discovery_sources tables.
Add source and country_code columns to track_plays.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
