senke/veza
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
2211 commits 37 branches 94 tags 1.5 GiB
Commit graph

211 commits

Author SHA1 Message Date
senke
4e14215d5f fix(backend): add password change endpoint and 2FA migration 
- Add PUT /users/me/password inline handler in routes_users.go
  (the existing handler in internal/api/user/ was never registered)
- Create migration 975 adding two_factor_enabled, two_factor_secret,
  and backup_codes columns to users table (fixes 500 on 2FA endpoints)

Fixes: Settings bugs #1 (password 404), #2/#4 (2FA 500)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-25 23:39:28 +01:00
senke
7b2f873736 feat: backend, stream server & infra improvements 
Backend (Go):
- Config: CORS, RabbitMQ, rate limit, main config updates
- Routes: core, distribution, tracks routing changes
- Middleware: rate limiter, endpoint limiter, response cache hardening
- Handlers: distribution, search handler fixes
- Workers: job worker improvements
- Upload validator and logging config additions
- New migrations: products, orders, performance indexes
- Seed tooling and data

Stream Server (Rust):
- Audio processing, config, routes, simple stream server updates
- Dockerfile improvements

Infrastructure:
- docker-compose.yml updates
- nginx-rtmp config changes
- Makefile improvements (config, dev, high, infra)
- Root package.json and lock file updates
- .env.example updates

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-18 11:36:06 +01:00
senke
249fd99730 fix(v0.12.6): apply all pentest remediations — 36 findings across 36 files 
CRITICAL fixes:
- Race condition (TOCTOU) in payout/refund with SELECT FOR UPDATE (CRITICAL-001/002)
- IDOR on analytics endpoint — ownership check enforced (CRITICAL-003)
- CSWSH on all WebSocket endpoints — origin whitelist (CRITICAL-004)
- Mass assignment on user self-update — strip privileged fields (CRITICAL-005)

HIGH fixes:
- Path traversal in marketplace upload — UUID filenames (HIGH-001)
- IP spoofing — use Gin trusted proxy c.ClientIP() (HIGH-002)
- Popularity metrics (followers, likes) set to json:"-" (HIGH-003)
- bcrypt cost hardened to 12 everywhere (HIGH-004)
- Refresh token lock made mandatory (HIGH-005)
- Stream token replay prevention with access_count (HIGH-006)
- Subscription trial race condition fixed (HIGH-007)
- License download expiration check (HIGH-008)
- Webhook amount validation (HIGH-009)
- pprof endpoint removed from production (HIGH-010)

MEDIUM fixes:
- WebSocket message size limit 64KB (MEDIUM-010)
- HSTS header in nginx production (MEDIUM-001)
- CORS origin restricted in nginx-rtmp (MEDIUM-002)
- Docker alpine pinned to 3.21 (MEDIUM-003/004)
- Redis authentication enforced (MEDIUM-005)
- GDPR account deletion expanded (MEDIUM-006)
- .gitignore hardened (MEDIUM-007)

LOW/INFO fixes:
- GitHub Actions SHA pinning on all workflows (LOW-001)
- .env.example security documentation (INFO-001)
- Production CORS set to HTTPS (LOW-002)

All tests pass. Go and Rust compile clean.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-14 00:44:46 +01:00
senke
1ccaa03737 feat(v0.13.5): polish marketplace & compliance — KYC, support, payout E2E 
- Seller KYC via Stripe Identity (start verification, status check, webhook)
- Support ticket system (backend handler + frontend form page)
- E2E payout flow integration test (sale → payment → balance → payout)
- Migrations: seller_kyc columns, support_tickets table
- Frontend: SupportPage with SUMI design, lazy loading, routing

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-13 14:57:19 +01:00
senke
55cc159f67 Merge branch 'feat/v0.13.3-polish-securite-avancee' 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-13 13:39:38 +01:00
senke
95682e3029 feat(v0.13.3): complete - Polish Sécurité Avancée 
TASK-SECADV-001: WebAuthn/Passkeys (F022)
- WebAuthn credential model, service, handler
- Registration/authentication ceremony endpoints
- CRUD operations (list, rename, delete passkeys)
- Routes: GET/POST/PUT/DELETE /auth/passkeys/*

TASK-SECADV-002: Configurable password policy (F015)
- PasswordPolicyConfig with MinLength, MaxLength, RequireUpper/Lower/Number/Special
- NewPasswordValidatorWithPolicy constructor
- PasswordPolicyFromEnv() reads env vars (PASSWORD_MIN_LENGTH, etc.)
- All character class checks now respect policy configuration

TASK-SECADV-003: Géolocalisation connexions (F025)
- GeoIPResolver interface + GeoIPService implementation
- Country/city columns added to login_history table
- LoginHistoryService.Record() performs GeoIP lookup
- GetUserHistory returns geolocation data
- GET /auth/login-history endpoint

TASK-SECADV-004: Password expiration (F016)
- password_changed_at column on users table
- CheckPasswordExpiration() method on PasswordService
- All password change/reset methods now set password_changed_at
- NewPasswordServiceWithPolicy() supports expiration days config

Migration: 971_security_advanced_v0133.sql

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-13 10:09:01 +01:00
senke
99d609bfae feat(v0.12.8): documentation & API publique — rate limiting, scopes, OpenAPI 
- API key rate limiting middleware (1000 reads/h, 200 writes/h par clé)
  — tracking séparé read/write, par API key ID (pas par IP)
  — headers X-RateLimit-Limit/Remaining/Reset sur chaque réponse
- API key scope enforcement middleware (read → GET, write → POST/PUT/DELETE)
  — admin scope permet tout, CSRF skip pour API key auth
- OpenAPI spec: ajout securityDefinition ApiKeyAuth (X-API-Key header)
- Swagger annotations: ajout ApiKeyAuth dans cmd/api/main.go
- Wiring dans router.go: middlewares appliqués sur tout le groupe /api/v1
- Tests: 10 tests (5 rate limiter + 5 scope enforcement), tous PASS

Backend existant déjà en place (pré-v0.12.8):
- Swagger UI (gin-swagger + frontend SwaggerUIDoc component)
- API key CRUD (create/list/delete + X-API-Key auth dans AuthMiddleware)
- Developer Dashboard frontend (API keys, webhooks, playground)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-12 18:44:09 +01:00
senke
6e8f3f26cb feat(v0.12.6.3): remove ghost modules — gamification, A/B testing, GraphQL stubs
Some checks failed
Backend API CI / test-unit (push) Failing after 0s
Details
Backend API CI / test-integration (push) Failing after 0s
Details 
Deleted 8 dead code modules identified by audit diagnostic:
- api/contest/, sound_design_contest/, production_challenge/, voting_system/
  (gamification stubs — violate CLAUDE.md Rule 3: no XP/streaks/leaderboards/badges)
- models/contest.go (314 lines: ContestBadge with rarity, ContestPrize, ContestVote)
- models/user.go: removed orphan JuryMember struct (contest reference)
- services/playback_abtest_service.go + test (476+579 lines: A/B testing on playback
  metrics — violates ORIGIN_UI_UX_SYSTEM.md §13 anti-dark-patterns)
- api/graphql/ (REST-only per ORIGIN spec)

Kept: listing/, offer/ (marketplace stubs, ORIGIN-approved), grpc/ (ORIGIN §9 approved).
Verified: go build passes, grep confirms 0 forbidden terms remaining.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-12 07:29:56 +01:00
senke
b0a46040f1 feat(v0.12.6.2): enforce MFA for admin/moderator + align refresh token TTL to 7 days
Some checks failed
Backend API CI / test-unit (push) Failing after 0s
Details
Backend API CI / test-integration (push) Failing after 0s
Details 
TASK-SFIX-001: MFA enforcement for privileged roles
- Add RequireMFA() middleware, TwoFactorChecker interface, SetTwoFactorChecker()
- Apply to all 3 admin route groups (platform, moderation, core)
- Returns 403 "mfa_setup_required" if admin/moderator without 2FA
- Regular users bypass the check
- Ref: ORIGIN_SECURITY_FRAMEWORK.md Rule 5

TASK-SFIX-002: Refresh token TTL alignment
- jwt_service.go: RefreshTokenTTL 14d→7d, RememberMeRefreshTokenTTL 30d→7d
- handlers/auth.go: Cookie max-age and session expiresIn → 7d across
  Login, LoginWith2FA, Register, Refresh handlers
- middleware/auth.go: Session auto-refresh default 30d→7d
- Ref: ORIGIN_SECURITY_FRAMEWORK.md Rule 4

TASK-SFIX-003: 5 unit tests — all PASS
- TestRequireMFA_AdminWithoutMFA, TestRequireMFA_AdminWithMFA
- TestRequireMFA_RegularUserNotAffected
- TestRefreshTokenTTL_Is7Days, TestAccessTokenTTL_Is5Minutes

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-12 06:53:27 +01:00
senke
49fb14e6aa Merge branch 'feat/v0.12.4-performance-scalabilite' 
# Conflicts:
#	VEZA_VERSIONS_ROADMAP.md
 2026-03-11 23:04:31 +01:00
senke
46362581ba feat(v0.12.3): F276-F305 video upload, HLS transcoding, education tests
Some checks failed
Backend API CI / test-unit (push) Failing after 2s
Details
Frontend CI / test (push) Failing after 2s
Details
Backend API CI / test-integration (push) Failing after 4s
Details
Storybook Audit / Build & audit Storybook (push) Failing after 9s
Details 
- Add video upload endpoint POST /courses/:id/lessons/:lesson_id/video
- Add VideoTranscodeService for multi-bitrate HLS (720p/480p/360p)
- Add VideoTranscodeWorker for async lesson video processing
- Add SetLessonVideoPath and UpdateLessonTranscoding to education service
- Add uploadLessonVideo to frontend educationService with progress
- Add comprehensive handler tests (video upload, auth, validation)
- Add service-level tests (models, slugs, clamping, errors, UUIDs)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-11 19:20:48 +01:00
senke
f402f3ff0b feat(v0.12.4): Redis response cache and CDN cache headers middleware 
- ResponseCache: Redis-backed HTTP response caching for public GET endpoints
  with configurable TTLs per endpoint prefix (tracks 15m, search 5m, etc.)
- CacheHeaders: CDN-optimized Cache-Control headers per asset type
  (static 1yr immutable, audio 7d, HLS 60s, images 30d, API no-cache)
- Integrated both middlewares into the router middleware stack
- Unit tests for cache key generation, header rules, and config

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-11 09:57:06 +01:00
senke
9cd0a43f7e feat(v0.12.3): F276-F305 education backend service, handler, and routes 
- Course CRUD with slug generation, publish/archive lifecycle
- Lesson management with ordering and transcoding status
- Enrollment system with duplicate prevention
- Progress tracking with auto-completion at 90%
- Certificate issuance requiring full course completion
- Course reviews with rating aggregation
- Unit tests for service and handler layers

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-11 09:45:26 +01:00
senke
a15bdb965d feat(v0.12.2): F501-F510 distribution service, handler, and routes 
- Distribution module: submit tracks to Spotify, Apple Music, Deezer
- Subscription eligibility check (Creator/Premium only)
- Distribution status tracking with platform-specific statuses
- Status history audit trail
- External streaming royalties import and aggregation
- Distributor provider interface for DistroKid/TuneCore integration
- Handler and service unit tests

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-10 19:54:26 +01:00
senke
517af3a68f feat(v0.12.1): subscription plans service, handler, and routes 
- Add subscription module (models, service, tests)
- Plans: Free, Creator ($9.99/mo), Premium ($19.99/mo)
- Features: subscribe, cancel, reactivate, change billing cycle
- 14-day trial for Premium plan
- Upgrade immediate, downgrade at period end
- Invoice tracking and history
- Handler tests for auth and validation

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-10 19:36:57 +01:00
senke
1d31c4065a feat(v0.12.0): F252-F254 marketplace service enhancements 
- F252: Enable download count decrement on GetDownloadURL
- F253: Differentiated commission rates (creator 15%, premium 10%)
- F254: Seller balance tracking, payout scheduling, manual payout request
- Enforce 14-day refund window on RefundOrder
- Credit seller balance on completed sales
- New payout handler with balance/payouts/request endpoints
- 15 new tests (payout, refund window, commission)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-10 18:52:06 +01:00
senke
f68405a52e feat(v0.11.3): F421-F424 admin platform handler and routes 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-10 18:19:45 +01:00
senke
5b76eb7fb4 feat(v0.11.2): F411-F420 moderation handler and routes 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-10 17:49:51 +01:00
senke
29586b59da feat(v0.11.1): F396-F399 advanced analytics service, handler and routes 
- F396: Track listening heatmap (segment-level aggregated data)
- F397: Period comparison (week/month/quarter with % changes)
- F398: Marketplace analytics (product views, conversion rates, revenue)
- F399: Metric alerts (opt-in thresholds, preferences, CRUD)
- Unit tests for service (percent change calculations) and handler (auth, validation)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-10 17:12:26 +01:00
senke
256781f00d feat(v0.11.0): F381-F385 creator analytics handler and routes 
Add CreatorAnalyticsHandler with endpoints:
- GET /api/v1/creator/analytics/dashboard (F381)
- GET /api/v1/creator/analytics/plays (F382)
- GET /api/v1/creator/analytics/sales (F383)
- GET /api/v1/creator/analytics/discovery (F381)
- GET /api/v1/creator/analytics/geographic (F381)
- GET /api/v1/creator/analytics/audience (F384)
- GET /api/v1/creator/analytics/live/:streamId (F385)
- GET /api/v1/creator/analytics/tracks (F381)
- GET /api/v1/creator/analytics/export (F383)

All endpoints require authentication and only return data for the authenticated creator.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-10 16:28:22 +01:00
senke
f2881ad865 feat(gdpr): v0.10.8 portabilité données - export ZIP async, suppression compte, hard delete cron
Some checks failed
Backend API CI / test-unit (push) Failing after 1s
Details
Frontend CI / test (push) Failing after 3s
Details
Storybook Audit / Build & audit Storybook (push) Failing after 2s
Details
Backend API CI / test-integration (push) Failing after 6s
Details 
- Export: table data_exports, POST /me/export (202), GET /me/exports, messages+playback_history
- Notification email quand ZIP prêt, rate limit 3/jour
- Suppression: keep_public_tracks, anonymisation PII complète (users, user_profiles)
- HardDeleteWorker: final anonymization après 30 jours
- Frontend: POST export, checkbox keep_public_tracks
- MSW handlers pour Storybook
 2026-03-10 13:57:04 +01:00
senke
2292ecd56b feat(v0.10.7): Collaboration Temps Réel F481-F483
Some checks failed
Backend API CI / test-unit (push) Failing after 2s
Details
Frontend CI / test (push) Failing after 3s
Details
Backend API CI / test-integration (push) Failing after 5s
Details
Storybook Audit / Build & audit Storybook (push) Failing after 2s
Details 
- F481: Co-listening sessions (WebSocket sync, ListenTogether page)
- F482: Stem sharing (upload/list/download wav,aiff,flac)
- F483: Collaborative rooms (type collaborative, max 10, invite-only)
- Roadmap: v0.10.7 → DONE
 2026-03-10 13:34:16 +01:00
senke
3c01fa742f feat(v0.10.6): Livestreaming basique F471-F476
Some checks failed
Backend API CI / test-unit (push) Failing after 4s
Details
Frontend CI / test (push) Failing after 2s
Details
Storybook Audit / Build & audit Storybook (push) Failing after 3s
Details
Backend API CI / test-integration (push) Failing after 4s
Details 
- Backend: callbacks on_publish/on_publish_done, UpdateStreamURL, GetByStreamKey
- Nginx-RTMP: config infra, docker-compose service (profil live)
- Frontend: stream_url dans LiveStream, HLS.js dans LiveViewPlayer, état Stream terminé
- Chat: rate limit send_live_message 1 msg/3s pour rooms live_streams
- Env: RTMP_CALLBACK_SECRET, STREAM_HLS_BASE_URL, NGINX_RTMP_HOST
- Roadmap v0.10.6 marquée DONE
 2026-03-10 10:21:57 +01:00
senke
16a338da62 stabilisation commit: while implementing v0.10.5 2026-03-09 19:36:33 +01:00
senke
7259526d43 feat(v0.10.4): Playlists collaboratives - F136, F140, F141, F143, F145
Some checks failed
Backend API CI / test-unit (push) Failing after 2s
Details
Backend API CI / test-integration (push) Failing after 6s
Details
Frontend CI / test (push) Failing after 4s
Details
Storybook Audit / Build & audit Storybook (push) Failing after 3s
Details 
Backend:
- F141: GET /discover/playlists/editorial for editorial playlists
- F143: GET /playlists/shared/:token (public, no auth)
- F145: POST /playlists/import (JSON), GET /playlists/:id/export/m3u
- F136: GET /playlists/favoris (creates Favoris playlist if needed)
- Repo: GetFavorisByUserID, service GetOrCreateFavorisPlaylist

Frontend:
- SharedPlaylistPage at /playlists/shared/:token (public route)
- Editorial playlists section in DiscoverPage
- Export M3U in ExportPlaylistButton dropdown
- Import JSON via ImportPlaylistButton (PlaylistListPage)
- Favoris sidebar link, FavorisRedirectPage, AddToFavorisButton on tracks

Roadmap: v0.10.4 marked DONE
 2026-03-09 16:49:05 +01:00
senke
ef1ca1a908 feat(v0.10.3): Commentaires & Interactions Sociales - F201-F215 
- F201: Commentaires avec timestamp cliquable, modération mots-clés
- F202: Likes privés (compteur visible créateur uniquement)
- F203: Reposts de tracks sur le profil, bouton Repost, onglet Reposts
- F204: Notifications (commentaire, repost), pas de gamification

Backend: migrations 127/128, comment_moderation_service, track_repost_service,
  GetTrackLikes/GetTrack masquent like_count pour non-créateurs
Frontend: LikeButton isCreator, RepostButton, Reposts tab profil, timestamp seek
 2026-03-09 10:30:47 +01:00
senke
ba88086f20 feat(v0.10.2): Recherche fulltext Elasticsearch - F361-F365 
- Elasticsearch 8.x dans docker-compose.dev
- Package internal/elasticsearch: client, config, mappings, indices
- Sync PG→ES: reindex tracks/users/playlists, IndexTrack/DeleteTrack
- SearchService ES: multi_match + fuzziness (typo tolerance), highlighting
- Fallback gracieux: PostgreSQL si ELASTICSEARCH_URL absent
- Routes: GET /search, GET /search/suggestions, POST /admin/search/reindex
- Frontend: searchApi cursor/limit params (extensibilité)
- docs/ENV_VARIABLES: ELASTICSEARCH_URL, ELASTICSEARCH_INDEX, ELASTICSEARCH_AUTO_INDEX
- Roadmap v0.10.2 → DONE
 2026-03-09 10:13:18 +01:00
senke
6690e334a1 feat(v0.10.1): Tags & Genres discover - F351-F355 
- Tags déclaratifs (max 10, 30 chars) via track_tags + tags
- Genres normalisés (max 3) via track_genres + taxonomy
- GET /api/v1/discover/genre/:genre, tag/:tag (browse chrono)
- POST/DELETE follow genre/tag
- Section feed "Nouvelles sorties dans vos genres"
- Track update: SyncTrackTags, SyncTrackGenres via discover service
- Frontend: discoverService, FeedPage by_genres, DiscoverPage
- Migration 126_tags_genres_discover
- MSW handlers for discover
 2026-03-09 01:52:56 +01:00
senke
7df866cd3f v0.9.7 beta 2026-03-06 18:58:37 +01:00
senke
99136948cb v0.9.7 2026-03-06 18:52:08 +01:00
senke
05446064ea v0.9.6 2026-03-06 10:29:30 +01:00
senke
cd974172cb v0.9.4 2026-03-05 23:03:43 +01:00
senke
2956b12645 v0.9.2 2026-03-05 19:27:34 +01:00
senke
9a93068a9b v0.9.1 2026-03-05 19:22:31 +01:00
senke
9f91c99547 feat(security): add global and per-IP DDoS rate limiting (1000/s, 100/s) 
SEC1-04: Redis sliding window 1s, excluded paths (health, swagger, auth)
 2026-03-03 09:25:08 +01:00
senke
8138723eca chore(release): v0.971 — Phantom (gamification removal, WebRTC Beta, limits doc) 2026-03-02 19:25:37 +01:00
senke
1b239d13ab chore(release): v0.941 — Cleanup (dead code, migrations dedup, deprecated routes) 2026-03-02 19:04:30 +01:00
senke
e02031044c feat(v0.912): Cashflow - payment E2E integration tests 
- Add MarketplaceServiceOverride and AuthMiddlewareOverride to config for tests
- Wire overrides in routes_webhooks and routes_marketplace (authForMarketplaceInterface)
- payment_flow_test: cart -> checkout -> webhook -> order completed, license, transfer
- webhook_idempotency_test: 3 identical webhooks -> 1 order, 1 license
- webhook_security_test: empty secret 500, invalid sig 401, valid sig 200
- refund_flow_test: completed order -> refund -> order refunded, license revoked
- Shared computeWebhookSignature helper in webhook_test_helpers.go
- SetMaxOpenConns(1) for sqlite :memory: in idempotency test to avoid flakiness

Ref: docs/ROADMAP_V09XX_TO_V1.md v0.912 Cashflow
 2026-02-27 20:00:51 +01:00
senke
515494007f release(v0.903): Vault - ORDER BY whitelist, rate limiter, VERSION sync, chat-server cleanup, Go 1.24 
- ORDER BY dynamiques : whitelist explicite, fallback created_at DESC
- Login/register soumis au rate limiter global
- VERSION sync + check CI
- Nettoyage références veza-chat-server
- Go 1.24 partout (Dockerfile, workflows)
- TODO/FIXME/HACK convertis en issues ou résolus
 2026-02-27 09:43:25 +01:00
senke
4c0be12465 release(v0.902): Sentinel - PKCE OAuth, token encryption, redirect validation, CHAT_JWT_SECRET 
- PKCE (S256) in OAuth flow: code_verifier in oauth_states, code_challenge in auth URL
- CryptoService: AES-256-GCM encryption for OAuth provider tokens at rest
- OAuth redirect URL validated against OAUTH_ALLOWED_REDIRECT_DOMAINS
- CHAT_JWT_SECRET must differ from JWT_SECRET in production
- Migration script: cmd/tools/encrypt_oauth_tokens for existing tokens
- Fixes: VEZA-SEC-003, VEZA-SEC-004, VEZA-SEC-009, VEZA-SEC-010
 2026-02-26 19:49:15 +01:00
senke
6e204cc98a feat(security): v0.901 Ironclad - fix 5 critical/high vulnerabilities 
- OAuth: use JWTService+SessionService, httpOnly cookies (VEZA-SEC-001)
- Remove PasswordService.GenerateJWT (VEZA-SEC-002)
- Hyperswitch webhook: mandatory verification, 500 if secret empty (VEZA-SEC-005)
- Auth middleware: TokenBlacklist.IsBlacklisted check (VEZA-SEC-006)
- Waveform: ValidateExecPath before exec (VEZA-SEC-007)
 2026-02-26 19:34:45 +01:00
senke
3edb10b567 feat(admin): feature flags CRUD with DB persistence 2026-02-25 19:56:24 +01:00
senke
d684c69439 feat(admin): global announcements CRUD and public banner endpoint 2026-02-25 19:55:21 +01:00
senke
2a9ca68763 feat(admin): maintenance mode middleware with 503 responses 2026-02-25 19:54:22 +01:00
senke
0d092466f1 feat(admin): moderation queue with reports CRUD 2026-02-25 19:53:04 +01:00
senke
29c1688786 feat(users): account deletion hardening with anonymization, S3 cleanup, session revocation 2026-02-25 19:51:21 +01:00
senke
cb0f70022e feat(compliance): CCPA Do Not Sell middleware and opt-out endpoint 2026-02-25 19:49:25 +01:00
senke
abdf3979f7 feat(audit): HTTP audit middleware for auto-logging POST/PUT/DELETE 2026-02-25 19:48:03 +01:00
senke
a3624ce4b3 feat(v0.802): frontend Cloud/Gear, MSW, docs, scope v0.803, archive 
- Cloud: CloudFileVersions, CloudShareModal, versions/share in CloudView
- Gear: GearDocumentsTab, GearRepairsTab, warranty badge, initialTab
- MSW: cloud versions/share, gear documents/repairs, tags suggest
- Stories: CloudFileVersions, CloudShareModal, GearDetailModal variants
- gearService: listDocuments, uploadDocument, deleteDocument, listRepairs, createRepair, deleteRepair
- cloudService: listVersions, restoreVersion, shareFile, getSharedFile
- gear_warranty_notifier: 24h ticker, notifications for expiring warranty
- tag_handler_test: unit tests
- docs: API_REFERENCE, CHANGELOG, PROJECT_STATE, FEATURE_STATUS v0.802
- SCOPE_CONTROL, .cursorrules: scope v0.803
- archive: V0_802_RELEASE_SCOPE, RETROSPECTIVE_V0802
 2026-02-25 14:00:58 +01:00
senke
b885392304 feat(upload): tags auto-suggest endpoint and additional audio formats 2026-02-25 13:39:59 +01:00