senke/veza
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
2137 commits 37 branches 94 tags 1.5 GiB
Commit graph

2137 commits

This branch
This branch
All branches
Author SHA1 Message Date
senke
c96be67cbc feat(auth): v0.911 Keystone - OAuth and auth integration tests 
- Add access token blacklist on logout (VEZA-SEC-006)
- Extend OAuthService for mock provider injection in tests
- Add oauth_google_test.go: full OAuth Google flow with mocked provider
- Add oauth_github_test.go: OAuth GitHub flow with PKCE verification
- Add token_refresh_test.go: E2E refresh via httpOnly cookies
- Add logout_blacklist_test.go: E2E logout + token blacklist
- Fix testutils import path in resume_upload_test, track_quota_test
- Fix CreatorID -> UserID in track_quota_test
- Add test:integration script to package.json

Release: v0.911 Keystone
 2026-02-27 09:58:53 +01:00
senke
515494007f release(v0.903): Vault - ORDER BY whitelist, rate limiter, VERSION sync, chat-server cleanup, Go 1.24 
- ORDER BY dynamiques : whitelist explicite, fallback created_at DESC
- Login/register soumis au rate limiter global
- VERSION sync + check CI
- Nettoyage références veza-chat-server
- Go 1.24 partout (Dockerfile, workflows)
- TODO/FIXME/HACK convertis en issues ou résolus
 2026-02-27 09:43:25 +01:00
senke
4c0be12465 release(v0.902): Sentinel - PKCE OAuth, token encryption, redirect validation, CHAT_JWT_SECRET 
- PKCE (S256) in OAuth flow: code_verifier in oauth_states, code_challenge in auth URL
- CryptoService: AES-256-GCM encryption for OAuth provider tokens at rest
- OAuth redirect URL validated against OAUTH_ALLOWED_REDIRECT_DOMAINS
- CHAT_JWT_SECRET must differ from JWT_SECRET in production
- Migration script: cmd/tools/encrypt_oauth_tokens for existing tokens
- Fixes: VEZA-SEC-003, VEZA-SEC-004, VEZA-SEC-009, VEZA-SEC-010
 2026-02-26 19:49:15 +01:00
senke
6e204cc98a feat(security): v0.901 Ironclad - fix 5 critical/high vulnerabilities 
- OAuth: use JWTService+SessionService, httpOnly cookies (VEZA-SEC-001)
- Remove PasswordService.GenerateJWT (VEZA-SEC-002)
- Hyperswitch webhook: mandatory verification, 500 if secret empty (VEZA-SEC-005)
- Auth middleware: TokenBlacklist.IsBlacklisted check (VEZA-SEC-006)
- Waveform: ValidateExecPath before exec (VEZA-SEC-007)
 2026-02-26 19:34:45 +01:00
senke
2ef64037b5 docs: update documentation for v0.803 release 2026-02-25 20:04:37 +01:00
senke
c2d530727a test(v0.803): unit tests for CCPA, reports, announcements, feature flags 2026-02-25 20:02:24 +01:00
senke
2bc77aa5a7 feat(ui): connect admin views to real backend, add AnnouncementBanner, MSW handlers 2026-02-25 20:00:43 +01:00
senke
3edb10b567 feat(admin): feature flags CRUD with DB persistence 2026-02-25 19:56:24 +01:00
senke
d684c69439 feat(admin): global announcements CRUD and public banner endpoint 2026-02-25 19:55:21 +01:00
senke
2a9ca68763 feat(admin): maintenance mode middleware with 503 responses 2026-02-25 19:54:22 +01:00
senke
0d092466f1 feat(admin): moderation queue with reports CRUD 2026-02-25 19:53:04 +01:00
senke
0bee6e8727 feat(api): add Swagger annotations for privacy opt-out and account deletion 2026-02-25 19:51:54 +01:00
senke
29c1688786 feat(users): account deletion hardening with anonymization, S3 cleanup, session revocation 2026-02-25 19:51:21 +01:00
senke
cb0f70022e feat(compliance): CCPA Do Not Sell middleware and opt-out endpoint 2026-02-25 19:49:25 +01:00
senke
abdf3979f7 feat(audit): HTTP audit middleware for auto-logging POST/PUT/DELETE 2026-02-25 19:48:03 +01:00
senke
a3624ce4b3 feat(v0.802): frontend Cloud/Gear, MSW, docs, scope v0.803, archive 
- Cloud: CloudFileVersions, CloudShareModal, versions/share in CloudView
- Gear: GearDocumentsTab, GearRepairsTab, warranty badge, initialTab
- MSW: cloud versions/share, gear documents/repairs, tags suggest
- Stories: CloudFileVersions, CloudShareModal, GearDetailModal variants
- gearService: listDocuments, uploadDocument, deleteDocument, listRepairs, createRepair, deleteRepair
- cloudService: listVersions, restoreVersion, shareFile, getSharedFile
- gear_warranty_notifier: 24h ticker, notifications for expiring warranty
- tag_handler_test: unit tests
- docs: API_REFERENCE, CHANGELOG, PROJECT_STATE, FEATURE_STATUS v0.802
- SCOPE_CONTROL, .cursorrules: scope v0.803
- archive: V0_802_RELEASE_SCOPE, RETROSPECTIVE_V0802
 2026-02-25 14:00:58 +01:00
senke
b885392304 feat(upload): tags auto-suggest endpoint and additional audio formats 2026-02-25 13:39:59 +01:00
senke
3d4cdc5ffe feat(upload): batch upload with parallel queue, BatchUploader component 2026-02-25 13:37:52 +01:00
senke
e303e33dfc feat(cloud): GDPR data export and automatic backup cron 2026-02-25 13:35:16 +01:00
senke
301db440e5 feat(cloud): file versioning, restore, and sharing 2026-02-25 13:33:08 +01:00
senke
de96cebf26 feat(db): add migrations 119-122 for cloud versions, gear warranty/documents/repairs 2026-02-25 13:30:49 +01:00
senke
8f38225ded chore(docs): archive V0_801_RELEASE_SCOPE, retrospective, scope v0.802 2026-02-25 10:00:39 +01:00
senke
de7bd4bef8 docs: update CHANGELOG, PROJECT_STATE, FEATURE_STATUS for v0.801 2026-02-25 10:00:24 +01:00
senke
a74e5d9876 feat(player): add WakeLock for background playback on mobile 2026-02-25 09:57:37 +01:00
senke
03ce79b511 feat(pwa): re-enable service worker with safe caching, add Install App in Settings 2026-02-25 09:56:26 +01:00
senke
03c29c92ec feat(a11y): ARIA labels, aria-haspopup menu, icon button labels 2026-02-25 09:55:30 +01:00
senke
c52f453eea feat(settings): wire appearance controls to ThemeProvider and backend 2026-02-25 09:54:45 +01:00
senke
f65ab3d1da feat(theme): extend ThemeProvider with contrast, density, accent, fontSize 2026-02-25 09:52:32 +01:00
senke
9137854ff8 feat(ui): add high contrast, compact density, font-size CSS tokens 2026-02-25 09:47:02 +01:00
senke
6f4c9c50ff feat(users): add user_preferences migration with appearance fields 2026-02-25 09:45:03 +01:00
senke
93666a3390 feat(v0.703): Go Live & Streaming Complet 
- Backend: room creation for live streams, permissions CanJoin/CanSend/CanRead for stream rooms
- LiveViewChat: useLiveStreamChat hook, WebSocket connection, stream_id as room
- LiveViewPlayer: real-time viewer count via polling (5s)
- Media Session: seekbackward/seekforward handlers (10s step)
- GoLiveView.stories.tsx: Default, Loading, Error, StreamKeyVisible
- Docs: API_REFERENCE, CHANGELOG, PROJECT_STATE, FEATURE_STATUS, RETROSPECTIVE_V0703
- SCOPE_CONTROL, .cursorrules: update to v0.801
- Archive V0_703_RELEASE_SCOPE.md
 2026-02-25 09:35:22 +01:00
senke
f5aa218f57 feat(live): add GoLivePage, GoLiveView, liveService methods, lazy export, route, Navbar/Sidebar wiring 2026-02-24 10:00:43 +01:00
senke
feed95fccd test(live): add live stream service unit tests 
Use serializer:json for LiveStream.Tags to support SQLite in-memory tests.
 2026-02-24 09:56:08 +01:00
senke
dd6dd69e7e feat(monitoring): add live stream Prometheus metrics 2026-02-24 09:53:29 +01:00
senke
75786acb03 feat(live): add handler endpoints for Go Live (me, key, regenerate, update) 2026-02-24 09:53:01 +01:00
senke
d386a98810 feat(live): stream key generation, ListByUser, RegenerateStreamKey 2026-02-24 09:52:04 +01:00
senke
4807f64c32 feat(live): add migration 117 and model fields for Go Live 2026-02-24 09:51:21 +01:00
senke
963a327a0a docs: complete roadmap documentation v0.703 to v0.903 (v1.0 target) 
Add Release Scope, Implementation Plan, and Smoke Test for 7 versions:
- v0.703: Go Live & Streaming Complet (Phase 7 Finale)
- v0.801: UX/UI Polish, Accessibilite & PWA (Phase 8)
- v0.802: Cloud Complet, Fichiers & Gear Avance (Phase 8)
- v0.803: Securite, Compliance & Outillage Dev (Phase 8)
- v0.901: Marketplace Complet & Analytics Avances (Phase 9)
- v0.902: Social Complet, Chat & Notifications (Phase 9)
- v0.903: Stabilisation v1.0 & Launch Readiness (Phase 9)

21 documents total (3 per version), covering all remaining features
needed to reach v1.0 from v0.702.
 2026-02-24 01:32:04 +01:00
senke
81b1fac59b chore(docs): archive V0_702_RELEASE_SCOPE 2026-02-24 00:22:17 +01:00
senke
376c11287b docs: add RETROSPECTIVE_V0702, placeholder V0_703, update SCOPE_CONTROL 2026-02-24 00:21:55 +01:00
senke
189e342c8d docs: update CHANGELOG, PROJECT_STATE, FEATURE_STATUS for v0.702 2026-02-24 00:21:20 +01:00
senke
fd4b2c72d0 docs: add reviews, invoices, refunds to API_REFERENCE.md 2026-02-24 00:20:29 +01:00
senke
5d0acf3f53 feat(storybook): enhance ProductDetailView stories with Error state 2026-02-24 00:20:09 +01:00
senke
fc3585c556 test(marketplace): add refund order unit tests 2026-02-24 00:19:42 +01:00
senke
3d311ef01a test(marketplace): add invoice generation unit tests 2026-02-24 00:19:10 +01:00
senke
63b5abe08a test(marketplace): add product review unit tests 2026-02-24 00:18:45 +01:00
senke
94640bdda1 feat(mocks): add MSW handlers for product reviews and invoice download 2026-02-24 00:18:02 +01:00
senke
eb9513f00d feat(marketplace): add ProductDetailPage, lazy export, route /marketplace/products/:id 2026-02-24 00:17:39 +01:00
senke
5999c4ba4e docs: add v0.702 scope, implementation plan, and smoke test 
Define v0.702 scope (Reviews wiring, Invoices, Refunds, Product Detail route),
detailed 12-step implementation plan, and comprehensive smoke test checklist.
 2026-02-23 23:52:46 +01:00
senke
022770ef9f feat(v0.701): AdminTransfers page/route, MSW, stories, Deep Health, API ref, docs, scope v0.702 
- Step 13: AdminTransfersPage, LazyAdminTransfers, route /admin/transfers
- Step 14: MSW handlers admin transfers
- Step 15: AdminTransfersView stories (Default, Empty, WithFailedTransfers, Error, Loading)
- Step 16-17: DeepHealth handler (disk, config), GET /health/deep
- Step 19: health_deep_test.go (4 tests)
- Step 20: docs/API_REFERENCE.md
- Step 21: Archive V0_604, MIGRATIONS.md migration 116
- Step 22: CHANGELOG, PROJECT_STATE, FEATURE_STATUS v0.701
- Step 23: RETROSPECTIVE_V0701, V0_702 placeholder, SCOPE_CONTROL, .cursorrules
- Step 24: Archive V0_701_RELEASE_SCOPE
- Fix: AdminTransfersView Select component (use options API)
 2026-02-23 23:42:02 +01:00