senke/veza
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1688 commits 37 branches 94 tags 1.5 GiB
Commit graph

1688 commits

This branch
This branch
All branches
Author SHA1 Message Date
senke
cc2c5123bc fix(rust): ensure chat-server and stream-server compile in release mode 
Add scripts/verify-rust-build.sh to verify all Rust crates (veza-common,
veza-chat-server, veza-stream-server) compile in release mode.
Phase 1 audit - P1.2
 2026-02-15 15:54:03 +01:00
senke
fef7e7fc7c feat(loadtests): audit 3.2 — tests de charge k6 complets 
- loadtests: centraliser scripts (backend, stream, chat)
- backend: health, auth, tracks, uploads, playlists, marketplace
- stream: http health, healthz, readyz
- chat: WebSocket load (register -> login -> chat token -> WS)
- ci: workflow nightly load-test-nightly.yml
- docs: README loadtests
- make: load-test-smoke, load-test-backend, load-test-all
- fix: veza-backend-api Makefile load-test (scripts/load_test_uploads.js -> loadtests)
 2026-02-15 15:22:48 +01:00
senke
b9875c5e92 test(e2e): audit 2.10 — flows critiques Auth, Upload, Purchase, Chat 
- purchase.spec.ts: add to cart, checkout, success
- chat.spec.ts: load UI, send message (when WebSocket available)
- README: document critical flows and prerequisites
 2026-02-15 14:51:29 +01:00
senke
67271c7b34 chore: audit 2.8 et 2.9 — gitignore et Tokio 
2.8: Mise à jour .gitignore
- .turbo/ (cache Turborepo)
- *.out (Go coverage, artefacts)
- test-results/ et playwright-report/ (patterns globaux)

2.9: Alignement Tokio 1.0 → 1.35
- veza-common: dependencies + dev-dependencies
- veza-stream-server/tools
 2026-02-15 14:47:31 +01:00
senke
bbd8ed54de refactor(config): découper config.go par domaine (audit 2.7) 
- env_helpers.go: getEnv*, parseLogAggregationLabels
- db_init.go: initDatabaseWithRetry
- redis_init.go: initRedis, filteredRedisLogger
- rabbitmq.go: getRabbitMQURL
- cors.go: CORS, cookies
- rate_limit.go: rate limit defaults
- services_init.go: initServices
- middlewares_init.go: initMiddlewares, SetupMiddleware
- config.go réduit de ~1487 à ~550 LOC
 2026-02-15 14:44:33 +01:00
senke
22e5e21757 chore(audit 2.4, 2.5): supprimer code mort Education et cmd/modern-server 
- Supprimer routes/handlers/core Education (backend)
- Supprimer handler MSW education, refs Sidebar/locales
- Basculer Makefile, make/dev.mk, scripts vers cmd/api/main.go
- Supprimer veza-backend-api/cmd/modern-server/
 2026-02-15 14:39:40 +01:00
senke
43af35fd93 chore(audit 2.2, 2.3): nettoyer .md et .json à la racine 
- Archiver 131 .md dans docs/archive/root-md/
- Archiver 22 .json dans docs/archive/root-json/
- Conserver 7 .md utiles (README, CONTRIBUTING, CHANGELOG, etc.)
- Conserver package.json, package-lock.json, turbo.json
- Ajouter README d'index dans chaque archive
 2026-02-15 14:35:08 +01:00
senke
8b1644640d refactor(audit-2.1,2.6): unify views and pages to features/*/pages pattern 
- Migrate LiveView, GearView, PurchasesView, SocialView, AnalyticsView into features
- Create features: admin, developer, seller; add QueuePage, WishlistPage
- Migrate pages/marketplace to features/marketplace
- Remove components/views/ and pages/ legacy directories
- Update lazyExports, docs (ARCHITECTURE)
- Mark audit 2.1, 2.6 as done

Refs: AUDIT_TECHNIQUE_INTEGRAL_2026_02_15.md items 2.1, 2.6
 2026-02-15 14:30:40 +01:00
senke
03f626c9e8 fix(audit-1.8,1.9): implement OAuth user lookup, add cargo audit to CI 
- 1.8: Implement GetUserByOAuthID in database.go via federated_identities join
- 1.8: Use OAuth ID lookup first in oauth_service getOrCreateUser
- 1.9: Add cargo audit step to chat-ci.yml and stream-ci.yml

Refs: AUDIT_TECHNIQUE_INTEGRAL_2026_02_15.md items 1.8, 1.9
 2026-02-15 14:22:27 +01:00
senke
2e04d45a14 fix(audit-1.6,1.7): remove hardcoded test secrets, block bypass flags in prod 
- 1.6: Replace hardcoded JWT secrets in chat server tests with runtime-generated
  values (env TEST_JWT_SECRET or uuid-based fallback)
- 1.7: Add validateNoBypassFlagsInProduction() in config; fail startup if
  BYPASS_CONTENT_CREATOR_ROLE or CSRF_DISABLED is set in production

Refs: AUDIT_TECHNIQUE_INTEGRAL_2026_02_15.md items 1.6, 1.7
 2026-02-15 14:18:23 +01:00
senke
a6a9be9ada fix(audit-1.5): replace critical .unwrap() in Rust production paths 
- Add unix_timestamp_secs() helper to avoid SystemTime panics
- Replace SystemTime::now().duration_since(UNIX_EPOCH).unwrap() in stream + chat
- Fix Option::unwrap() in adaptive.rs, encoding_pool, advanced_moderation
- Fix partial_cmp().unwrap() in prometheus_metrics, soundcloud
- Use expect() for lazy_static Regex (compile-time invariant)
- Fix Response::builder().body().unwrap() in simple_stream_server

Refs: AUDIT_TECHNIQUE_INTEGRAL_2026_02_15.md item 1.5
 2026-02-15 14:14:29 +01:00
senke
9b5d2f7c47 fix(backend): replace panic/Fatal with graceful error when Redis down (audit 1.4, P0) 
- Add early validation in Setup() returning error if Redis nil in production
- Remove panic/Fatal from routes_core.go and router.go applyCSRFProtection
- Handle Setup() error in cmd/api/main.go and cmd/modern-server/main.go
- Mark audit item 1.4 as done
 2026-02-15 14:05:20 +01:00
senke
aceba5d991 fix(security): add JWT auth to HLS endpoints (audit 1.3, P0) 
- Add hls_auth_middleware in stream server (Bearer + ?token=)
- Apply auth to /hls/:track_id/* routes
- Update frontend hlsService to use stream server URL + pass JWT via xhrSetup
- Add getHLSXhrSetup() and getHLSURLWithToken() for hls.js integration
- Add VITE_HLS_BASE_URL config (derived from VITE_STREAM_URL when unset)
- Add unit tests for token extraction and HLS helpers
- Mark audit item 1.3 as done
 2026-02-15 12:48:58 +01:00
senke
f4c78fdf69 fix(auth): correct 2FA login flow and documentation 
- Fix misleading comment in TwoFactorVerify (authApi.verify2FA is for setup, not login)
- Add MSW handler for POST /auth/login/2fa
- Improve error display in AuthViewContent when 2FA verification fails
- Add integration test for 2FA login flow
- Update AUDIT_TECHNIQUE_INTEGRAL

Refs: AUDIT_TECHNIQUE_INTEGRAL_2026_02_15.md item 1.2 (P0)
 2026-02-15 12:42:48 +01:00
senke
a7cec19e8f fix(security): correct SQL injection in chat server cleanup_old_messages 
- Verify parameterized query (make_interval + $1) is used
- Add input validation for older_than_days (1-3650)
- Harden bulk_insert COPY escaping for backslash in content, message_type, metadata
- Add security tests for cleanup_old_messages
- Add message_store module to lib.rs
- Update AUDIT_TECHNIQUE_INTEGRAL and AUDIT_2

Refs: AUDIT_TECHNIQUE_INTEGRAL_2026_02_15.md item 1.1 (P0)
 2026-02-15 12:36:59 +01:00
senke
b73387af3c feat(api): add PostgreSQL read replica support (3.7) 
- Add DATABASE_READ_URL config and InitReadReplica in database package
- Add ForRead() helper for read-only handler routing
- Update TrackService and TrackSearchService to use read replica for reads
- Document setup in DEPLOYMENT_GUIDE.md and .env.template
 2026-02-14 22:50:23 +01:00
senke
45ebcb8cad docs: update TODO audit docs after Phase 3 2026-02-14 22:45:48 +01:00
senke
c2296ac1c6 test(e2e): add post-deploy smoke tests 
- Add smoke-post-deploy.spec.ts for health checks
- Add playwright.config.smoke.ts (no webServer)
- Add smoke-post-deploy job to cd.yml (runs when STAGING_URL set)
- Document procedure in e2e/README.md
 2026-02-14 22:45:10 +01:00
senke
d70f67f2fc feat(web): add CDN support for assets and audio 
- Add VITE_CDN_URL, VITE_CDN_ENABLED to .env.example
- Create getAssetURL, getAudioURL in utils/cdn.ts
- Use getAudioURL in hlsService for HLS stream URLs
 2026-02-14 22:44:06 +01:00
senke
75c027c5bd feat(web): add Zustand store migration strategy 
- Document migration approach in ZUSTAND_MIGRATION_STRATEGY.md
- Add persistWithMigration utility for future stores
- Add version and migrate to authStore, library, ui, cartStore, playerStore
 2026-02-14 22:43:06 +01:00
senke
791eedccae feat(web): propagate AbortSignal in TanStack Query hooks 
- Add useAbortSignal hook for component lifecycle cancellation
- Pass signal to apiClient in useLibraryItems, useUser, useDashboard,
  useMyTracks, useNotificationMenu
- Prevents memory leaks when navigating away during fetch
 2026-02-14 22:41:46 +01:00
senke
8ed5b2848c chore(web): remove ghost features Education, Gamification, Studio 
- Remove LazyEducation, education-view, components/education
- Delete educationService, handlers-ghost
- Remove EDUCATION, GAMIFICATION, STUDIO flags from features.ts
- Update FEATURE_STATUS.md
 2026-02-14 22:40:12 +01:00
senke
83a9a3537c chore: add Turborepo for monorepo orchestration 
- Add turbo devDependency and packageManager to root
- Create turbo.json with build, test, lint pipeline
- Add package.json to veza-backend-api, veza-chat-server, veza-stream-server
- Extend workspaces to include Go and Rust services
- Migrate CI to use turbo run for build, test, lint
 2026-02-14 22:38:32 +01:00
senke
7c7580be4d refactor(auth): consolidate AuthContext to authStore, update Storybook 2026-02-14 22:06:22 +01:00
senke
92f432fb9e chore: consolidate pending changes (Hyperswitch, PostCard, dashboard, stream server, etc.) 2026-02-14 21:45:15 +01:00
senke
be810c4236 docs(audit): update Stream Server status to Compile 2026-02-14 20:21:53 +01:00
senke
7b3356eb6b ci(backend): add coverage report generation and upload 2026-02-14 20:21:28 +01:00
senke
0d31772d66 ci: add gitleaks secret scanning 2026-02-14 20:21:19 +01:00
senke
e99447027c ci(backend): run Go tests without -short, add test DB service 2026-02-14 20:20:54 +01:00
senke
eb313e83c5 fix(api): add rate limiting on POST /api/v1/logs/frontend 2026-02-14 20:19:56 +01:00
senke
abb6668205 fix(web): disable ghost feature routes (Education, Gamification, Studio) 2026-02-14 20:19:23 +01:00
senke
1f4053caa3 docs(audit): add progress tracking section, mark 1.1 and 1.2 as done 2026-02-14 20:18:38 +01:00
senke
6e06cb4fd7 refactor(frontend): split MarketplaceHome skeleton into separate component 2026-02-14 18:33:52 +01:00
senke
2d0403ae14 perf(db): add missing indexes for file_id and cover_art_file_id 2026-02-14 18:32:05 +01:00
senke
7de106b2dc perf(analytics): optimize GetTrackStats to single query 2026-02-14 18:31:29 +01:00
senke
759154e660 fix(auth): add Redis lock for concurrent refresh token requests 2026-02-14 18:29:37 +01:00
senke
5ef8b7adcb feat(chat): make timeouts configurable via environment variables 2026-02-14 18:26:02 +01:00
senke
ed7c4b4402 security(webhooks): extract SSRF validation to internal/validators/url_validator 2026-02-14 18:24:39 +01:00
senke
c681b97e1f feat(cd): add cosign image signing and SBOM generation 2026-02-14 18:22:46 +01:00
senke
afea976f57 chore: add go.work and optional monorepo orchestrator 2026-02-14 18:21:39 +01:00
senke
fb8411c6ad feat(stream): implement real encoding pipeline in create_pipeline 2026-02-14 18:15:30 +01:00
senke
3635fae380 fix(tests): resolve playlistService skipped tests, document requestDeduplication flag 2026-02-14 18:13:01 +01:00
senke
f93b194b8c refactor(backend): add track, notification, webhook repositories 2026-02-14 18:07:04 +01:00
senke
33b4565824 feat(migrations): add down migration scripts for rollback 2026-02-14 18:05:11 +01:00
senke
d1bbd23936 refactor(api): extract route setup functions into dedicated files 2026-02-14 18:04:37 +01:00
senke
ae586f6134 Phase 2 stabilisation: code mort, Modal→Dialog, feature flags, tests, router split, Rust legacy 
Bloc A - Code mort:
- Suppression Studio (components, views, features)
- Suppression gamification + services mock (projectService, storageService, gamificationService)
- Mise à jour Sidebar, Navbar, locales

Bloc B - Frontend:
- Suppression modal.tsx deprecated, Modal.stories (doublon Dialog)
- Feature flags: PLAYLIST_SEARCH, PLAYLIST_RECOMMENDATIONS, ROLE_MANAGEMENT = true
- Suppression 19 tests orphelins, retrait exclusions vitest.config

Bloc C - Backend:
- Extraction routes_auth.go depuis router.go

Bloc D - Rust:
- Suppression security_legacy.rs (code mort, patterns déjà dans security/)
 2026-02-14 17:23:32 +01:00
senke
794270597a fix(web): stabilize Vitest suite (auth integration: wrap with QueryClientProvider) 2026-02-14 14:21:17 +01:00
senke
8582be5982 fix(stream-server): fix partial move in buffer get_next_chunk (fix compilation) 2026-02-14 14:09:07 +01:00
senke
a9009de366 fix(backend): avoid nil user in GetProfile (userToProfile panic in profile handler test) 2026-02-14 14:07:03 +01:00
senke
4be5988f8e chore(e2e): run 2FA test when E2E_2FA_CODE (and optional creds) are set, document in README 2026-02-14 14:06:46 +01:00