senke/veza
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1
2172 commits 37 branches 94 tags 1.5 GiB
Commit graph

95 commits

Author SHA1 Message Date
senke
f9120c322b release(v0.903): Vault - ORDER BY whitelist, rate limiter, VERSION sync, chat-server cleanup, Go 1.24
Some checks failed
Backend API CI / test-unit (push) Failing after 0s
Details
Backend API CI / test-integration (push) Failing after 0s
Details
Frontend CI / test (push) Failing after 0s
Details
Storybook Audit / Build & audit Storybook (push) Failing after 0s
Details
Stream Server CI / test (push) Failing after 0s
Details 
- ORDER BY dynamiques : whitelist explicite, fallback created_at DESC
- Login/register soumis au rate limiter global
- VERSION sync + check CI
- Nettoyage références veza-chat-server
- Go 1.24 partout (Dockerfile, workflows)
- TODO/FIXME/HACK convertis en issues ou résolus
 2026-02-27 09:43:25 +01:00
senke
fa7fc7031e fix(auth): restore login and logout flow 
- Clear React Query user cache on logout (auth.ts + logoutLocal in authStore)
  to prevent stale user data in Header/useUser after disconnect
- Fix LoginPage redirect: user was removed from persist (Action 4.1.1.5),
  so parsed.state?.user was always undefined and redirect never triggered.
  Use isAuthenticated directly as source of truth.
- Close Header user menu on logout for cleaner UX
 2026-02-23 09:54:05 +01:00
senke
d626e9c533 feat(auth): enrich sessions page with history and revoke (A4) 2026-02-20 14:52:20 +01:00
senke
6bac68b679 feat(auth): add OAuth Spotify provider (A1) 2026-02-20 14:48:08 +01:00
senke
b103a09a25 chore: consolidate CI, E2E, backend and frontend updates 
- CI: workflows updates (cd, ci), remove playwright.yml
- E2E: global-setup, auth/playlists/profile specs
- Remove playwright-report and test-results artifacts from tracking
- Backend: auth, handlers, services, workers, migrations
- Frontend: components, features, vite config
- Add e2e-results.json to gitignore
- Docs: REMEDIATION_PROGRESS, audit archive
- Rust: chat-server, stream-server updates
 2026-02-17 16:43:21 +01:00
senke
1b25013c6f refactor(frontend): simplify TokenStorage usage for httpOnly cookie auth 2026-02-15 16:04:42 +01:00
senke
f4c78fdf69 fix(auth): correct 2FA login flow and documentation 
- Fix misleading comment in TwoFactorVerify (authApi.verify2FA is for setup, not login)
- Add MSW handler for POST /auth/login/2fa
- Improve error display in AuthViewContent when 2FA verification fails
- Add integration test for 2FA login flow
- Update AUDIT_TECHNIQUE_INTEGRAL

Refs: AUDIT_TECHNIQUE_INTEGRAL_2026_02_15.md item 1.2 (P0)
 2026-02-15 12:42:48 +01:00
senke
75c027c5bd feat(web): add Zustand store migration strategy 
- Document migration approach in ZUSTAND_MIGRATION_STRATEGY.md
- Add persistWithMigration utility for future stores
- Add version and migrate to authStore, library, ui, cartStore, playerStore
 2026-02-14 22:43:06 +01:00
senke
791eedccae feat(web): propagate AbortSignal in TanStack Query hooks 
- Add useAbortSignal hook for component lifecycle cancellation
- Pass signal to apiClient in useLibraryItems, useUser, useDashboard,
  useMyTracks, useNotificationMenu
- Prevents memory leaks when navigating away during fetch
 2026-02-14 22:41:46 +01:00
senke
ae586f6134 Phase 2 stabilisation: code mort, Modal→Dialog, feature flags, tests, router split, Rust legacy 
Bloc A - Code mort:
- Suppression Studio (components, views, features)
- Suppression gamification + services mock (projectService, storageService, gamificationService)
- Mise à jour Sidebar, Navbar, locales

Bloc B - Frontend:
- Suppression modal.tsx deprecated, Modal.stories (doublon Dialog)
- Feature flags: PLAYLIST_SEARCH, PLAYLIST_RECOMMENDATIONS, ROLE_MANAGEMENT = true
- Suppression 19 tests orphelins, retrait exclusions vitest.config

Bloc C - Backend:
- Extraction routes_auth.go depuis router.go

Bloc D - Rust:
- Suppression security_legacy.rs (code mort, patterns déjà dans security/)
 2026-02-14 17:23:32 +01:00
senke
794270597a fix(web): stabilize Vitest suite (auth integration: wrap with QueryClientProvider) 2026-02-14 14:21:17 +01:00
senke
37981c2c17 chore(refactor/sumi-migration): commit pending changes — tests, stream server, dist_verification 
- apps/web: test updates (Vitest/setup), playbackAnalyticsService, TrackGrid, serviceErrorHandler
- veza-common: logging, metrics, traits, validation, random
- veza-stream-server: audio pipeline, codecs, cache, monitoring, routes
- apps/web/dist_verification: refresh build assets (content-hashed filenames)

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-13 19:39:18 +01:00
senke
de12f5036c fix(web): resolve all 568 TypeScript errors — tsc --noEmit now passes with zero errors 
Major categories fixed:
- TS6133 (188): Remove unused imports (React, icons, types) and variables
- TS2322 (222): Fix type mismatches in stories (satisfies Meta -> const meta: Meta),
  add nullish coalescing for optional values, fix component prop types
- TS2345 (43): Fix argument type mismatches with proper null checks and type narrowing
- TS2741 (21): Add missing required properties to mock/story data
- TS2339 (19): Fix property access on incorrect types, add type guards
- TS2353 (13): Remove extra properties from object literals or extend interfaces
- TS2352 (11): Fix type conversion chains
- TS2307 (9): Fix import paths and module references
- Other (42): Fix implicit any, possibly undefined, export declarations

Vite build and tsc --noEmit both pass cleanly.

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-13 00:32:08 +01:00
senke
09bb663659 chore: enable noUncheckedIndexedAccess, isolate ghost MSW handlers, document go-clamd tech debt 
- Enable TypeScript noUncheckedIndexedAccess and fix 133 resulting errors
  across 46 files with proper null guards, optional chaining, and fallbacks
- Extract education/gamification ghost feature MSW handlers into handlers-ghost.ts
- Add Storybook test plugin documentation in vitest.config.ts
- Document abandoned go-clamd dependency (2017) as tech debt in upload_validator.go

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 23:12:35 +01:00
senke
0faa20d644 fix: resolve ts-ignore directives and unsafe type casts 
Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 22:21:55 +01:00
senke
df85544a8f refactor: unify loading components -- consolidate Spinner into LoadingSpinner 
Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 22:04:45 +01:00
senke
d919f8c7c9 fix: critical bugs -- ChatInput var, authService types, dep placement 
Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 21:53:39 +01:00
senke
73e8372b0e refactor: Phase 7 — Clean up legacy components and remove dead tokens 
- Bulk replace text-white → text-foreground across 116 component files
  (preserving text-white/ opacity variants)
- Remove hover-glow-cyan, shadow-card-glow-cyan, shadow-button-primary-glow
  classes from all components
- Replace --duration-normal/--duration-immersive/--duration-slow with
  --sumi-duration-normal/--sumi-duration-slow across 130+ files
- Replace --ease-out/--ease-in-out with --sumi-ease-out/--sumi-ease-in-out
- Replace focus:ring-blue-500 → focus:ring-primary (4 files)
- Remove hover:scale-105/110 and hover:-translate-y-1/0.5 transforms
  (SUMI anti-pattern: no scale on hover)
- Clean up stale kodo- references in comments

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 02:09:29 +01:00
senke
69e40e3c04 refactor: Phase 6 — Migrate feature modules to SUMI tokens 
- auth: Replace gray-* with muted/border tokens, text-foreground
- settings: TwoFactorSettings + NotificationSettings text-foreground
- chat: ChatInput, ConversationItem, ChatPage — text-foreground,
  remove kodo references
- player: PlayerExpanded, PlayerQueue, PlayerControls — text-foreground,
  remove cyan/magenta gradients
- playlists: All components — text-foreground for badges/headings
- tracks: TrackCard, TrackListRow — text-foreground, remove glow effects
- studio: FileGridCard — text-foreground
- library: LibraryPageGrid — remove hover-glow-cyan, shadow-card-glow-cyan
- profile: UserProfilePageHeader — text-foreground

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 02:06:28 +01:00
senke
9f108e2430 feat(ui): premium auth pages polish 
AuthLayout:
- Full-screen gradient background with animated pulse blobs
- Glass-morphism card (bg-card/80, backdrop-blur-md, shadow-2xl)
- New animate-auth-enter animation (fade + scale + translateY)

OAuth buttons: real provider icons (Google SVG, GitHub, Discord)
Password strength: 4-segment bar, color-coded labels, checklist icons
Login: Checkbox component for Remember Me, animated error alerts
Register: migrated to AuthInput, username check with spinner/icons
Verification notice: Mail icon, success-tinted circle, AuthButton

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-10 00:33:35 +01:00
senke
2fd7935957 feat(ui): remaining polish — DnD feedback, typography headings, lightbox, share dialog 
Includes changes from previous session that weren't fully staged:
- PlaylistDetailView + QueueView: drag-over visual feedback
- PlaylistTrackListSortableItem: DnD opacity + shadow + insertion line
- ImageViewerModal: zoom toggle, keyboard nav, image counter, loading skeleton
- Badge: dismissible, pulse, dot-only enhancements
- ShareDialog: useCopyToClipboard integration
- SessionsPage, NotificationsPage, SettingsPage, DashboardPage: typography utility classes
- index.css: like-bounce, shake, empty-state-in, marquee, typography utilities

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-09 23:54:39 +01:00
senke
cb9a8a85f7 feat(ui): form polish + micro-interactions for premium feel 
Forms quality:
- Password visibility toggle (Eye/EyeOff) on FloatingInput, AuthInput
- Applied to LoginForm and RegisterForm password fields
- Focus glow effect on all inputs (primary color shadow ring)
- Error shake animation (0.4s spring shake on validation errors)

Micro-interactions:
- Like button bounce animation (scale 1→1.3→0.9→1.1→1)
- useCopyToClipboard hook — reusable copy with visual feedback
- Applied to CreateAPIKeyModal, ShareDialog, SharePostModal (Check icon swap)
- Universal button press effect: active:scale-[0.98] on all variants

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-09 23:31:52 +01:00
senke
bfdc785ccc refactor(tokens): complete design token migration to semantic system 
Sprint 3.1 — Default colors → semantic (~15 files, ~99 replacements):
- lime-500 → success, red-500 → destructive, cyan-500 → primary

Sprint 3.2 — Hardcoded colors → semantic (~13 files, ~99 replacements):
- text-white → text-foreground, bg-black → bg-background, bg-white → bg-card

Sprint 3.3 — Legacy kodo-* → semantic (~27 files, ~122 replacements):
- bg-kodo-ink → bg-card, bg-kodo-void → bg-background, text-kodo-steel → text-muted-foreground
- Preserved kodo-cyan/magenta/lime/gold palette accents and gradients

Sprint 3.4 — Arbitrary values → Tailwind scale (5 replacements):
- min-h-[600px] → min-h-layout-page, min-h-[400px] → min-h-layout-page-sm
- left-[50%] → left-1/2, min-h-[80px] → min-h-20, min-h-[40px] → min-h-10

Sprint 3.5 — Border-radius standardization (4 replacements):
- Modal/dialog skeletons: rounded-lg → rounded-xl (convention)

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-09 23:05:09 +01:00
senke
50f41beec5 ui(tokens): migrate kodo-gold to warning (43 files, 84 instances) 
Replace legacy text-kodo-gold/border-kodo-gold/bg-kodo-gold with semantic
text-warning/border-warning/bg-warning across 43 components.

Warning states now use the design system token for theme adaptability.

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-09 00:20:32 +01:00
senke
dd6333d540 ui(tokens): migrate kodo-cyan to primary (51 files, 88 instances) 
Replace legacy text-kodo-cyan/border-kodo-cyan/bg-kodo-cyan with semantic
text-primary/border-primary/bg-primary across 51 components.

The brand primary color now uses the design system token, enabling proper
theme adaptation. Covers UI primitives, search, dashboard, chat, playlists,
settings, social, marketplace, and auth components.

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-09 00:19:12 +01:00
senke
7e4bcbdb65 ui(tokens): migrate text-kodo-red → text-destructive, text-kodo-lime → text-success (56 files) 
Replace remaining legacy semantic color tokens:
- text-kodo-red → text-destructive (36 files, 50 instances): errors,
  deletions, validation, destructive actions
- text-kodo-lime → text-success (36 files, 48 instances): success states,
  confirmations, positive indicators

These tokens now adapt to theme changes instead of being hardcoded.

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-09 00:14:40 +01:00
senke
7113d35a4a ui(tokens): complete text-kodo-content-dim → text-muted-foreground migration (52 files) 
Eliminate all remaining text-kodo-content-dim from user-facing source files.
This legacy token (hardcoded Gray-400) is now fully replaced by the
theme-aware text-muted-foreground token across UI primitives, settings,
social features, playlists, modals, inventory, and admin views.

Only story files (.stories.tsx) retain the old token for reference.
Total migration: ~345 instances across 87 files (this + previous commit).

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-09 00:04:51 +01:00
senke
47164e5f3c ui(components): migrate remaining 27 skeleton files to Skeleton shimmer 
Complete the migration of all inline `animate-pulse bg-muted` patterns
to the shared `<Skeleton>` component with premium shimmer animation.

Covers: UserProfilePage, SearchPage, CourseDetailView, ProductDetailView,
NotificationsPage, ChatMessages, SessionsPage, RegisterPage, AudioPlayer,
DataList, AccountSettings, Dialog, CourseLearningView, TwoFactorSetup,
ProjectsManager, GoLiveView, ConnectivityView, AIToolsView,
CloudSettingsView, EquipmentDetailView, NotificationMenu, PlaybackHeatmap,
ProjectDetailView, AvatarUpload, ShareLinkManager, OptimizedImage, BlurPlaceholder.

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-08 23:21:33 +01:00
senke
39b2b642d2 feat(web): UI premium Discord/Spotify-like — tokens, shadows, focus, layout 
Plan UI premium 6–8 semaines (design system, shell, Storybook, a11y):

- Design system: DESIGN_TOKENS.md, APP_SHELL.md, FULL_LAYOUT_PAGE.md. Single source
  for layout/shell (index.css), shadows (design-system.css), durations/easing.
- Tokens: shadow-cover-depth, shadow-gold-glow, shadow-fab-glow; layout max-height
  (max-h-layout-drawer, max-h-layout-panel, max-h-layout-list). All duration-200/300/500
  replaced by --duration-fast/normal/slow. Arbitrary shadows replaced by token classes.
- Shell & player: Sidebar, Header, GlobalPlayer, MiniPlayer, PlayerQueue, PlayerControls,
  AudioPlayer use tokens; focus-visible on Sidebar, PlayerQueue, DropdownMenuTrigger/Item,
  TabsTrigger. Typography: text-[10px]/[9px] → text-xs where applicable.
- ESLint: no-restricted-syntax (warn) for w-/h-/rounded-/shadow-/text-/spacing arbitrary.
- Scripts: report-arbitrary-values.mjs, capture/compare/generate visual; visual-complete.spec.ts.
- Stories full layout: Dashboard, Playlists, Library, Settings, Profile in DashboardLayout.stories.
- .cursorrules + README: DESIGN_TOKENS, APP_SHELL, visual commands, no arbitrary without justification.
- apps/web/.gitignore: e2e test artifacts (test-results-visual, playwright-report-visual).

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-08 17:15:58 +01:00
senke
b1ed46b142 small fixes : cors + login loop 2026-02-07 20:36:48 +01:00
senke
09f954951e feat(ui): login immersive — tokens, rounded-xl, surface card, primary CTA 
- AuthInput: bg-card border-border focus:border-primary rounded-xl, 200ms transition
- AuthLayout: Card variant surface, logo bg-primary + glow
- AuthButton: rounded-xl, primary glow shadow, 200ms ease-in-out
- fix-login-form: inputs/button/checkbox rounded-xl, checkbox accent primary

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-07 19:52:12 +01:00
senke
8eac80ffb2 style(settings,auth): elevate Security and Auth to SaaS Premium 
Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-07 16:02:52 +01:00
senke
e293cc9366 style(stories): replace kodo decorators with design tokens in all story files 
Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-07 15:10:32 +01:00
senke
3a991d85b6 refactor(auth): split SessionsPage into module (Header, Content, Skeleton, stories) 
Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-05 23:19:06 +01:00
senke
f622fad9fc refactor(auth): extract RegisterPage into register-page module 
- Add register-page/ with useRegisterPage, RegisterPageForm,
  RegisterPageVerificationNotice, RegisterPageSkeleton
- Layout primitives (min-h-layout-page-sm), tokens (success, destructive)
- Stories: Default, Loading, WithError; re-export from pages/RegisterPage

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-05 21:50:17 +01:00
senke
c8b640263d chore(dx): add .cursorrules and design system audit documentation 2026-02-05 14:20:06 +01:00
senke
97c77a1925 refactor(storybook): remove duplicate providers from stories (Phase 2) 
Stories no longer wrap with QueryClientProvider, ToastProvider,
ThemeProvider, or MemoryRouter; global StorybookDecorator provides them.
- Route-specific pages use parameters.router.initialEntries
  (ResetPasswordPage, VerifyEmailPage) or minimal MemoryRouter+Route
  where useParams is needed (TrackDetailPage, PlaylistDetailPage).
- Stories that seeded query cache use useQueryClient() from global
  decorator (FollowButton, CollaboratorManagement, CommentSection).
- Navbar, AuthLayout, DashboardLayout, Header, and 25+ story files
  simplified to layout divs only.

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-05 13:08:17 +01:00
senke
d2ae91ac25 chore(storybook): improve configuration and cleanup 2026-02-04 00:44:40 +01:00
senke
a2576c4eae stabilisation: fix commit 2026-02-03 09:56:11 +01:00
senke
e810d67788 feat(storybook): complete comprehensive ui coverage for auth, player, tracks, and groups 2026-02-02 20:55:57 +01:00
senke
962aff677f feat(storybook): add stories for Auth, Player, Tracks, Dashboard (Batches 22-25) 
- Batch 22 (Auth/Settings): OAuthButtons, PasswordStrengthIndicator, ThemeSwitcher, TwoFactorSettings
- Batch 23 (Player): TimeDisplay, RepeatShuffleButtons, NextPreviousButtons, QualitySelector
- Batch 24 (Tracks): LikeButton, TrackFilters, TrackStatsDisplay
- Batch 25 (Dashboard): StatCard
- Fixed build issues with sonner dependencies.
 2026-02-02 20:42:51 +01:00
senke
fd0d7b3128 feat(storybook): expanded coverage for feature components (batches 10-12) 
- Batch 10 (Auth): AuthButton, AuthInput, LoginForm, RegisterForm
- Batch 11 (Chat): ChatMessage, ChatInput, TypingIndicator
- Batch 12 (Player/Tracks): PlayPauseButton, VolumeControl, ProgressBar, TrackCard
- Achieved extensive functional component coverage.
 2026-02-02 20:19:10 +01:00
senke
f61c0c3dcc improving UI: adding API doc to Developer Page 2026-01-26 14:12:17 +01:00
senke
8803070c2e feat(frontend): complete design system migration and cleanup old pages 2026-01-25 12:33:46 +01:00
senke
06b12daabd refactor of veza frontend ui- batch 1 2026-01-22 17:23:11 +01:00
senke
1a5c81282c refactor(frontend): improve ui using design system 
- Refactor Navbar, ChatInput, RegisterPage, and CreatePlaylistDialog to use @veza/design-system components
- Shim local UI components (Button, Input, Card) to align with Design System API and styles
- Fix hundreds of type errors by exporting missing components (SearchInput, FileUpload) and adding missing props (icon, variant)
 2026-01-18 22:27:53 +01:00
senke
f167696a4d stabilized but still broken MVP VERSION 2026-01-18 16:28:22 +01:00
senke
023b8a89c6 fix: Corriger URL Swagger et finaliser implémentation DeveloperPage 
- Ajouter fallback pour Swagger UI si doc.json ne fonctionne pas
- Améliorer message d'erreur avec bouton pour ouvrir Swagger UI directement
- Les fonctionnalités API Keys et Usage Stats sont maintenant complètes et fonctionnelles
- Tous les onglets de DeveloperPage sont maintenant implémentés
 2026-01-18 13:55:28 +01:00
senke
c64cf7aea4 cleanup: address simple TODO comments (Cleanup 14) 
- Fixed ChatRoom.tsx: Implemented current user ID check for isMe
  - Added useUser hook to get current user
  - Replaced hardcoded isMe=false with proper user ID comparison
- Improved TwoFactorVerify.tsx: Enhanced TODO comment with specific action items
  - Clarified that verify() is for setup, not login
  - Added FIXME with clear explanation of the issue
  - Documented that parent should handle verification
- Cleanup 14: In progress - addressing simple, safe TODOs
 2026-01-16 12:31:40 +01:00
senke
6974c12a25 aesthetic-improvements: align spacing to 8px grid (Action 11.2.1.3) 
- Created automated script (scripts/align-8px-grid.py) to align all spacing to 8px grid
- Replaced non-8px-aligned spacing: gap-3/p-3/m-3 (12px) → gap-4/p-4/m-4 (16px), gap-5/p-5/m-5 (20px) → gap-6/p-6/m-6 (24px), gap-10/p-10/m-10 (40px) → gap-12/p-12/m-12 (48px), gap-20/p-20/m-20 (80px) → gap-24/p-24/m-24 (96px)
- Preserved: 4px values (gap-1, p-1, m-1) as they may be intentional fine-tuning, responsive breakpoints (sm:, md:, lg:), test files, documentation
- Modified files across all components to ensure consistent 8px grid alignment
- Action 11.2.1.3: Align all elements to 8px grid - COMPLETE
 2026-01-16 11:50:46 +01:00