senke/veza
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1680 commits 37 branches 94 tags 1.5 GiB
Commit graph

1067 commits

Author SHA1 Message Date
senke
f85e0f14ec fix(security): add JWT auth to HLS endpoints (audit 1.3, P0) 
- Add hls_auth_middleware in stream server (Bearer + ?token=)
- Apply auth to /hls/:track_id/* routes
- Update frontend hlsService to use stream server URL + pass JWT via xhrSetup
- Add getHLSXhrSetup() and getHLSURLWithToken() for hls.js integration
- Add VITE_HLS_BASE_URL config (derived from VITE_STREAM_URL when unset)
- Add unit tests for token extraction and HLS helpers
- Mark audit item 1.3 as done
 2026-02-15 12:48:58 +01:00
senke
cf81fc12f3 fix(auth): correct 2FA login flow and documentation 
- Fix misleading comment in TwoFactorVerify (authApi.verify2FA is for setup, not login)
- Add MSW handler for POST /auth/login/2fa
- Improve error display in AuthViewContent when 2FA verification fails
- Add integration test for 2FA login flow
- Update AUDIT_TECHNIQUE_INTEGRAL

Refs: AUDIT_TECHNIQUE_INTEGRAL_2026_02_15.md item 1.2 (P0)
 2026-02-15 12:42:48 +01:00
senke
203b45852a docs: update TODO audit docs after Phase 3 2026-02-14 22:45:48 +01:00
senke
542e4750a9 test(e2e): add post-deploy smoke tests 
- Add smoke-post-deploy.spec.ts for health checks
- Add playwright.config.smoke.ts (no webServer)
- Add smoke-post-deploy job to cd.yml (runs when STAGING_URL set)
- Document procedure in e2e/README.md
 2026-02-14 22:45:10 +01:00
senke
0343feab34 feat(web): add CDN support for assets and audio 
- Add VITE_CDN_URL, VITE_CDN_ENABLED to .env.example
- Create getAssetURL, getAudioURL in utils/cdn.ts
- Use getAudioURL in hlsService for HLS stream URLs
 2026-02-14 22:44:06 +01:00
senke
3298540000 feat(web): add Zustand store migration strategy 
- Document migration approach in ZUSTAND_MIGRATION_STRATEGY.md
- Add persistWithMigration utility for future stores
- Add version and migrate to authStore, library, ui, cartStore, playerStore
 2026-02-14 22:43:06 +01:00
senke
44bcaa5b8e feat(web): propagate AbortSignal in TanStack Query hooks 
- Add useAbortSignal hook for component lifecycle cancellation
- Pass signal to apiClient in useLibraryItems, useUser, useDashboard,
  useMyTracks, useNotificationMenu
- Prevents memory leaks when navigating away during fetch
 2026-02-14 22:41:46 +01:00
senke
0c7afc55ff chore(web): remove ghost features Education, Gamification, Studio 
- Remove LazyEducation, education-view, components/education
- Delete educationService, handlers-ghost
- Remove EDUCATION, GAMIFICATION, STUDIO flags from features.ts
- Update FEATURE_STATUS.md
 2026-02-14 22:40:12 +01:00
senke
587f1cc30a refactor(auth): consolidate AuthContext to authStore, update Storybook 2026-02-14 22:06:22 +01:00
senke
7f7b6547bc chore: consolidate pending changes (Hyperswitch, PostCard, dashboard, stream server, etc.) 2026-02-14 21:45:15 +01:00
senke
eca1a23a21 fix(web): disable ghost feature routes (Education, Gamification, Studio) 2026-02-14 20:19:23 +01:00
senke
9a43e62915 docs(audit): add progress tracking section, mark 1.1 and 1.2 as done 2026-02-14 20:18:38 +01:00
senke
ecadc2119c refactor(frontend): split MarketplaceHome skeleton into separate component 2026-02-14 18:33:52 +01:00
senke
cf9c91e26f fix(tests): resolve playlistService skipped tests, document requestDeduplication flag 2026-02-14 18:13:01 +01:00
senke
04c25aa24f Phase 2 stabilisation: code mort, Modal→Dialog, feature flags, tests, router split, Rust legacy 
Bloc A - Code mort:
- Suppression Studio (components, views, features)
- Suppression gamification + services mock (projectService, storageService, gamificationService)
- Mise à jour Sidebar, Navbar, locales

Bloc B - Frontend:
- Suppression modal.tsx deprecated, Modal.stories (doublon Dialog)
- Feature flags: PLAYLIST_SEARCH, PLAYLIST_RECOMMENDATIONS, ROLE_MANAGEMENT = true
- Suppression 19 tests orphelins, retrait exclusions vitest.config

Bloc C - Backend:
- Extraction routes_auth.go depuis router.go

Bloc D - Rust:
- Suppression security_legacy.rs (code mort, patterns déjà dans security/)
 2026-02-14 17:23:32 +01:00
senke
e4e5b00b36 fix(web): stabilize Vitest suite (auth integration: wrap with QueryClientProvider) 2026-02-14 14:21:17 +01:00
senke
a8b083932a chore(e2e): run 2FA test when E2E_2FA_CODE (and optional creds) are set, document in README 2026-02-14 14:06:46 +01:00
senke
5f692ae919 feat(e2e): add play flow test (library/search -> track page or player) 2026-02-14 14:04:36 +01:00
senke
955b503d09 feat(web): add validate:storybook script (build, serve 6007, audit) 2026-02-14 14:02:57 +01:00
senke
a746026c56 fix(e2e): stabilize auth, smoke, search, playlists specs 
- Global setup no longer throws when API is unavailable; writes empty
  auth state so Playwright can start; specs that need auth use their
  own login or storageState override.
- Ensure e2e/.auth dir exists before writing empty state.
 2026-02-14 14:02:13 +01:00
senke
670282989b chore(refactor/sumi-migration): commit pending changes — tests, stream server, dist_verification 
- apps/web: test updates (Vitest/setup), playbackAnalyticsService, TrackGrid, serviceErrorHandler
- veza-common: logging, metrics, traits, validation, random
- veza-stream-server: audio pipeline, codecs, cache, monitoring, routes
- apps/web/dist_verification: refresh build assets (content-hashed filenames)

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-13 19:39:18 +01:00
senke
0a29c544af fix(web): resolve all 568 TypeScript errors — tsc --noEmit now passes with zero errors 
Major categories fixed:
- TS6133 (188): Remove unused imports (React, icons, types) and variables
- TS2322 (222): Fix type mismatches in stories (satisfies Meta -> const meta: Meta),
  add nullish coalescing for optional values, fix component prop types
- TS2345 (43): Fix argument type mismatches with proper null checks and type narrowing
- TS2741 (21): Add missing required properties to mock/story data
- TS2339 (19): Fix property access on incorrect types, add type guards
- TS2353 (13): Remove extra properties from object literals or extend interfaces
- TS2352 (11): Fix type conversion chains
- TS2307 (9): Fix import paths and module references
- Other (42): Fix implicit any, possibly undefined, export declarations

Vite build and tsc --noEmit both pass cleanly.

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-13 00:32:08 +01:00
senke
caa23312fe chore: enable noUncheckedIndexedAccess, isolate ghost MSW handlers, document go-clamd tech debt 
- Enable TypeScript noUncheckedIndexedAccess and fix 133 resulting errors
  across 46 files with proper null guards, optional chaining, and fallbacks
- Extract education/gamification ghost feature MSW handlers into handlers-ghost.ts
- Add Storybook test plugin documentation in vitest.config.ts
- Document abandoned go-clamd dependency (2017) as tech debt in upload_validator.go

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 23:12:35 +01:00
senke
76210ab7aa refactor(ui): remove unused design-system package and create STORYBOOK_CONTRACT 
- Remove packages/design-system/ directory (superseded by SUMI tokens
  in apps/web/src/index.css, confirmed no imports exist)
- Update package.json keywords from kodo-design-system to sumi-design-system
- Create docs/STORYBOOK_CONTRACT.md defining mandatory story structure:
  Default, Loading, Error, Empty states for feature components
- Typography audit: SUMI utility classes defined in index.css, codebase
  correctly uses Tailwind classes with SUMI tokens via @theme — no
  migration needed

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 23:00:26 +01:00
senke
b97c2757ca fix(tests): add missing component tests and fix failing tests 
- Fix setTimeout memory leak in ChatRoom.tsx by storing timeout in
  useRef and cleaning up on unmount
- Add tests for Accordion, Collapsible, FloatingInput, AnimatedNumber,
  and FAB components (5 new test files, all passing)
- Fix socialService methods (deleteComment, markRead, markAllRead) to
  return values matching test expectations
- Fix MSW handlers for chat/token and notification endpoints to use
  proper { success: true, data: ... } envelope format
- Fix invalid CSS selector in TrackList.test.tsx that caused JSDOM crash
- Document excluded test files with TODO tickets in vitest.config.ts

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 22:59:09 +01:00
senke
ecac9c3b03 feat(backend): add social groups, wishlist, cart, and playlist export endpoints 
- Add Group and GroupMember models with CRUD service methods
- Implement social group endpoints: create, list, get, join, leave
- Add WishlistItem model with get/add/remove service methods
- Add CartItem model with get/add/remove/checkout service methods
- Create handlers for marketplace wishlist and cart operations
- Register playlist export (JSON/CSV) and duplicate routes
- Enable PLAYLIST_SHARE and NOTIFICATIONS feature flags

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 22:48:50 +01:00
senke
a7ccd06042 refactor: LoadingState delegates all spinner rendering to LoadingSpinner 
Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 22:23:16 +01:00
senke
4b68b2704f fix: resolve ts-ignore directives and unsafe type casts 
Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 22:21:55 +01:00
senke
c74ed8ae8a test: add tests for ErrorDisplay, LoadingState, ComingSoon 
Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 22:19:54 +01:00
senke
5251c5984d a11y: enhance global prefers-reduced-motion support 
Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 22:18:36 +01:00
senke
d493050dd3 fix: remove as any casts from application components 
Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 22:17:55 +01:00
senke
e0a4fb979c fix: type authService.login, replace remaining console.error with logger 
Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 22:15:10 +01:00
senke
06640d7515 perf: improve bundle splitting -- separate framer-motion, axios, dompurify, i18n chunks 
Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 22:04:56 +01:00
senke
9898d0438c refactor: unify loading components -- consolidate Spinner into LoadingSpinner 
Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 22:04:45 +01:00
senke
d7562ba51f refactor: complete Modal to Dialog migration for 6 modals 
Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 22:01:05 +01:00
senke
03aad8eefa refactor: replace console.log with logger, fix TrackCard type, memoize DashboardPage 
Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 21:57:02 +01:00
senke
8dfebb9dd0 a11y: skip link exists in App, ChatInput aria-label, sidebar focus trap, MiniPlayer aria-live 
Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 21:55:25 +01:00
senke
960e0d255e fix: memory leaks -- add setTimeout cleanup in ChatInput, SocialViewFeedItem, PostCard 
Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 21:54:06 +01:00
senke
0a6772602c fix: critical bugs -- ChatInput var, authService types, dep placement 
Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 21:53:39 +01:00
senke
db0489d322 fix(a11y): Sprint 7 — semantic HTML and accessibility deep-dive 
S7.1: Replace div onClick with semantic button in DialogTrigger.tsx
S7.2: Replace role="button" divs with native <button> elements in 12 files
      (PlaylistCard, TrackCard, ConversationItem, NotificationMenuItem,
       AudioPlayerTrackInfo, SearchPageResults, ProjectsManagerAddCard,
       ProjectsManagerCard, GearInventoryGrid, UploadModal, dropdown.tsx,
       LibraryPageGrid)
S7.3: Add focus-visible:ring-2 to 14 form inputs with outline-none across
      9 modal files (CreateGroupModal, DataExportModal, EditPlaylistModal,
      AddToPlaylistModal, BanUserModal, RefundRequestModal, FlashSaleModal,
      TipStreamerModal, CreatePostModal)
S7.4: Add semantic landmarks — <section> in DashboardPage, <article> in
      PostCard and CourseCard

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 10:34:39 +01:00
senke
038b637a3f fix: UI remediation Phase 1 (S0-S5) + Phase 2 Sprint 6 shadow system 
Phase 1:
- S0: Fix open redirect (safeNavigate), delete AuthContext/legacy auth, encrypt API keys, gitignore .env files
- S1: Split client.ts god object into 5 modules, unify toast system, delete unused Sidebar
- S2: Add glass button variant, migrate 32 z-index to SUMI tokens, fix card dark mode
- S3: Skip nav link, aria-hidden on icons, focus-visible ring fixes, alt attrs, aria-live regions
- S4: React.memo on list items, fix key={index}, loading=lazy on images
- S5: Branded loading screen, page transitions respect reduced-motion, LikeButton micro-interaction, i18n sidebar/header

Phase 2 Sprint 6:
- Wire Tailwind shadow utilities to SUMI tokens in @theme block (fixes 50+ files)
- Define shadow-card/shadow-card-hover tokens
- Remove dark:shadow-none workarounds from card.tsx (SUMI handles per-theme shadows)

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 10:13:44 +01:00
senke
203cb5d5e5 refactor: Phase 8 — Update docs, ESLint, Storybook config for SUMI 
- DESIGN_TOKENS.md: Complete rewrite to document --sumi-* token system
- APP_SHELL.md: Update layout shell docs (glass bg, backdrop-blur, z-index)
- DESIGN_DIRECTION.md: Update aesthetic direction to SUMI philosophy
- .storybook/preview.tsx: Remove deleted CSS imports, update bg colors
- eslint.config.js: Update color rule message from Kodo to SUMI tokens
- tailwind.config.ts: Fix comment referencing deleted design-tokens.css

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 02:15:11 +01:00
senke
8cbd4f7558 refactor: Phase 7 — Clean up legacy components and remove dead tokens 
- Bulk replace text-white → text-foreground across 116 component files
  (preserving text-white/ opacity variants)
- Remove hover-glow-cyan, shadow-card-glow-cyan, shadow-button-primary-glow
  classes from all components
- Replace --duration-normal/--duration-immersive/--duration-slow with
  --sumi-duration-normal/--sumi-duration-slow across 130+ files
- Replace --ease-out/--ease-in-out with --sumi-ease-out/--sumi-ease-in-out
- Replace focus:ring-blue-500 → focus:ring-primary (4 files)
- Remove hover:scale-105/110 and hover:-translate-y-1/0.5 transforms
  (SUMI anti-pattern: no scale on hover)
- Clean up stale kodo- references in comments

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 02:09:29 +01:00
senke
382b125c84 refactor: Phase 6 — Migrate feature modules to SUMI tokens 
- auth: Replace gray-* with muted/border tokens, text-foreground
- settings: TwoFactorSettings + NotificationSettings text-foreground
- chat: ChatInput, ConversationItem, ChatPage — text-foreground,
  remove kodo references
- player: PlayerExpanded, PlayerQueue, PlayerControls — text-foreground,
  remove cyan/magenta gradients
- playlists: All components — text-foreground for badges/headings
- tracks: TrackCard, TrackListRow — text-foreground, remove glow effects
- studio: FileGridCard — text-foreground
- library: LibraryPageGrid — remove hover-glow-cyan, shadow-card-glow-cyan
- profile: UserProfilePageHeader — text-foreground

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 02:06:28 +01:00
senke
60225ed5ec refactor: Phase 5 — Migrate layout shell to SUMI tokens 
- Sidebar: bg-raised, border-faint tokens
- Header: glass bg + backdrop-blur-12px, z-200 sticky, SUMI durations
- PlayerBarGlass: glass-bg + blur-16px, accent colors, remove glow
- PlayerBarProgress: solid accent fill, SUMI border tokens
- PlayerBarRight/TrackInfo: text-foreground, SUMI border tokens
- MiniPlayer: glass-bg, border-faint, z-200, SUMI shadows
- GlobalPlayer: SUMI z-index and duration tokens
- DashboardLayout: SUMI z-raised, duration tokens

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 02:01:39 +01:00
senke
0dcc9a4f14 refactor: Phase 4 — Update UI primitives to SUMI design system 
- button.tsx: Remove gaming/terminal/nature/glass variants, add link variant,
  add focus-visible glow, remove scale transforms and neon shadows
- card.tsx: Remove glass/glow/glowMagenta variants, update radius to rounded-lg,
  remove hover translate transforms
- modal.tsx: Update backdrop to bg-black/60 + blur(4px), bg-popover,
  SUMI easing curves and durations
- badge.tsx: Terminal variant aliased to success, doc updates
- avatar.tsx: Already migrated, doc updates
- progress.tsx: Fix gradient colors to SUMI semantics
- input.tsx: bg-background, border-border, SUMI focus glow
- textarea.tsx: Add SUMI focus glow

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 01:58:15 +01:00
senke
dce0654720 refactor: Phase 3 — Semantic color + hex + z-index migration 
Phase 3b: Replace hardcoded hex colors with SUMI palette values
- #66FCF1 (neon cyan) → #7c9dd6 (sumi-accent) across all files
- #3b82f6 (blue-500) → #7c9dd6 in chart components
- #36E5D1 → #7a9e6c (sage), #E4B314 → #c9a84c (gold)
- #E63946 → #d4634a (vermillion)
- Update ThemeSwitcher, AppearanceSettings, SwaggerUI, chart components

Phase 3c: Normalize z-index to SUMI scale
- z-[100] (modals) → z-[400] (--sumi-z-modal)
- z-[110] (player expanded, search) → z-[500] (--sumi-z-popover)
- z-[200] (image viewer) → z-[500]
- z-[35] (navbar overlay) → z-[300] (--sumi-z-overlay)

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 01:54:47 +01:00
senke
5cc720be8f refactor: Phase 3a — Global color class migration to SUMI semantics 
- Replace all kodo-* color classes across ~100 TSX files:
  kodo-void → background, kodo-ink → card, kodo-graphite → muted,
  kodo-steel → muted-foreground, kodo-cyan → primary, kodo-magenta → destructive,
  kodo-lime → success, kodo-red → destructive, kodo-gold → warning
- Replace cyan-500, magenta-500, lime-500 default Tailwind colors with
  semantic equivalents (primary, destructive, success)
- Fix WaveformVisualizer hardcoded hex colors to SUMI values
- Delete global-effects.css (conflicting, redundant with index.css)

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 01:51:49 +01:00
senke
309ba5bc8a refactor: Phase 2 — Font migration to SUMI stack 
- Update Google Fonts: Inter + Space Grotesk + JetBrains Mono + Noto Serif JP
- Remove: Orbitron, Barlow, Source Serif 4, IBM Plex Mono, Noto Sans JP
- Replace all font-display (Orbitron) references with font-heading (Space Grotesk)
  across ~70 TSX files

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 01:49:07 +01:00
senke
230286e073 refactor: Phase 1 — SUMI token foundation 
- Rewrite index.css with complete SUMI token system (dark + light themes)
- All --sumi-* variables: backgrounds, surfaces, borders, text, pigments,
  spacing, radius, shadows, glass, scrollbar, motion, z-index, layout
- shadcn/Radix semantic mapping (--background, --foreground, etc.)
- Tailwind @theme mapping with new fonts (Inter, Space Grotesk, JetBrains Mono)
- SUMI keyframe animations (sumi-fade-in, sumi-slide-up, sumi-scale-in, etc.)
- Delete 11 redundant CSS files (design-system.css, design-tokens.css,
  button.css, card.css, input.css, badge-avatar.css, header.css,
  fix-input-focus.css, fix-login-form.css, visual-enhancements.css,
  premium-utilities.css)
- Update main.tsx: single CSS import (index.css only)
- Update ThemeProvider: data-theme attribute instead of .dark class toggle
- Update index.html FOUC script: data-theme attribute

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 01:48:01 +01:00