a170504784
Some checks failed
Veza CI / Backend (Go) (push) Failing after 0s
Veza CI / Frontend (Web) (push) Failing after 0s
Veza CI / Rust (Stream Server) (push) Failing after 0s
Frontend CI / test (push) Failing after 0s
Security Scan / Secret Scanning (gitleaks) (push) Failing after 0s
Veza CI / Notify on failure (push) Failing after 0s
Phase 1 of the OpenAPI typegen migration. Brings orval@8.8.1 into the monorepo (workspace-hoisted) and wires a custom mutator so generated calls route through the existing Axios instance — interceptors for auth / CSRF / retry / offline-queue / logging keep firing unchanged. 200 .ts files generated from veza-backend-api/openapi.yaml (3441 LOC), covering 13 tags (auth, track, user, playlist, marketplace, chat, dashboard, webhook, validation, logging, audit, comment, users). Changes: - apps/web/orval.config.ts (NEW): generator config, output src/services/generated/, tags-split mode, vezaMutator. - apps/web/src/services/api/orval-mutator.ts (NEW): translates orval's (url, RequestInit) convention into AxiosRequestConfig then apiClient. Forwards AbortSignal for React Query cancellation. - apps/web/scripts/generate-types.sh: runs BOTH generators during the migration (legacy typescript-axios + orval). B9 drops step 1. - apps/web/scripts/check-types-sync.sh: extended to check drift on both output trees. - apps/web/eslint.config.js: ignores src/services/generated/ (orval emits overloaded function declarations that trip no-redeclare). - .gitignore: narrowed the bare `api` SELinux rule to `/api` plus `/veza-backend-api/api`. The old rule silently ignored apps/web/src/services/api/ new files including orval-mutator.ts. - apps/web/package.json + package-lock.json: orval@^8.8.1 added as devDependency, plus @commitlint/cli + @commitlint/config-conventional (referenced by .husky/commit-msg but missing from deps). Out of scope: no hand-written service changes. Pilot developer.ts lands in B2, bulk migration in B3-B8, cleanup in B9. npm run typecheck and npm run lint both green (0 errors). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
267 lines
5.4 KiB
Text
267 lines
5.4 KiB
Text
# ============================================================
|
|
# Veza/Talas — Global .gitignore
|
|
# Stack: Go, Rust, TypeScript/React, Docker, Scripts
|
|
# ============================================================
|
|
|
|
### Node / JS
|
|
node_modules/
|
|
dist/
|
|
build/
|
|
.next/
|
|
pnpm-lock.yaml
|
|
npm-debug.log*
|
|
yarn-debug.log*
|
|
yarn-error.log*
|
|
|
|
### Rust
|
|
target/
|
|
Cargo.lock
|
|
*.rs.bk
|
|
|
|
### Go
|
|
*.exe
|
|
*.exe~
|
|
*.dll
|
|
*.so
|
|
*.dylib
|
|
|
|
### Python (scripts/tools)
|
|
__pycache__/
|
|
*.pyc
|
|
|
|
### Logs / Dumps
|
|
*.log
|
|
logs/
|
|
*.pid
|
|
*.seed
|
|
*.gz
|
|
|
|
### Database dumps — SECURITY(REM-034): Never commit database artifacts
|
|
**/veza_back_api_db/
|
|
*.sql.dump
|
|
*.pgdump
|
|
|
|
### Editors / IDE
|
|
.vscode/
|
|
.idea/
|
|
.cursor/
|
|
*.swp
|
|
*.swo
|
|
|
|
### System trash
|
|
.DS_Store
|
|
Thumbs.db
|
|
|
|
### Temp / Cache
|
|
tmp/
|
|
temp/
|
|
.cache/
|
|
.turbo/
|
|
coverage/
|
|
coverage-final.json
|
|
typecheck*.txt
|
|
output*.txt
|
|
design_system*.html
|
|
*_design_system*.html
|
|
MODULE.bazel.lock
|
|
|
|
### Test artifacts
|
|
*.test
|
|
*.coverage
|
|
*.out
|
|
test-results/
|
|
playwright-report/
|
|
|
|
### Build / Bundles
|
|
*.wasm
|
|
*.bundle.js
|
|
*.map
|
|
apps/web/dist_verification/
|
|
**/dist_verification/
|
|
|
|
### Environment / Secrets (NE JAMAIS COMMIT)
|
|
.env
|
|
.env.*
|
|
!.env.example
|
|
!.env.staging.example
|
|
**/.env
|
|
**/.env.local
|
|
**/.env.*
|
|
!.env.example
|
|
!.env.staging.example
|
|
veza-backend-api/.env
|
|
veza-chat-server/.env
|
|
veza-stream-server/.env
|
|
apps/web/.env.local
|
|
.secrets/
|
|
|
|
### Docker
|
|
docker-data/
|
|
*.tar
|
|
|
|
# HAProxy SSL certs (never commit private keys or full-chain certs)
|
|
docker/haproxy/certs/*.key
|
|
docker/haproxy/certs/*.pem
|
|
docker/haproxy/certs/*.crt
|
|
|
|
# JWT RSA keys (v0.9.1 RS256 migration — NEVER commit)
|
|
jwt-private.pem
|
|
jwt-public.pem
|
|
|
|
veza-backend-api/main
|
|
veza-backend-api/api
|
|
veza-backend-api/veza-api
|
|
veza-backend-api/migrate_tool
|
|
chat_exports/
|
|
|
|
# Debug/test screenshots (root level)
|
|
screenshot-*.png
|
|
sidebar-*.png
|
|
player-*.png
|
|
login-*.png
|
|
search-*.png
|
|
track-*.png
|
|
test-*.png
|
|
dashboard-*.png
|
|
report-*.html
|
|
|
|
# MCP config (local)
|
|
.mcp.json
|
|
|
|
# Environment / Secrets — config templates only, never commit real .env
|
|
config/incus/env/*.env
|
|
!config/incus/env/env.example
|
|
|
|
# Playwright
|
|
/test-results/
|
|
/playwright-report/
|
|
tests/e2e/test-results/
|
|
tests/e2e/VEZA_AUDIT_REPORT.html
|
|
tests/e2e/VEZA_AUDIT_REPORT.json
|
|
apps/web/e2e-results.json
|
|
e2e-results.json
|
|
/blob-report/
|
|
/playwright/.cache/
|
|
/playwright/.auth/
|
|
|
|
*storybook.log
|
|
storybook-static
|
|
|
|
# v0.941: Swagger docs.go generated by CI (swag init)
|
|
veza-backend-api/docs/docs.go
|
|
|
|
# Claude Code local memory
|
|
.claude/
|
|
|
|
# Test audio files (large binaries)
|
|
veza-backend-api/audio/
|
|
|
|
# SELinux policy (local)
|
|
qemu-fusefs.*
|
|
# Root-level 'api' binary produced by `go build` in veza-backend-api/.
|
|
# Narrower than the previous bare `api` rule which matched any file or
|
|
# directory named 'api' anywhere (including apps/web/src/services/api/).
|
|
/api
|
|
/veza-backend-api/api
|
|
|
|
# ============================================================
|
|
# Post-audit J1 (2026-04-14) — never recommit this debris
|
|
# ============================================================
|
|
# Go binaries accidentally committed (v1.0.3 → v1.0.4 cleanup)
|
|
veza-backend-api/server
|
|
veza-backend-api/modern-server
|
|
veza-backend-api/seed
|
|
veza-backend-api/seed-v2
|
|
veza-backend-api/encrypt_oauth_tokens
|
|
|
|
# Coverage reports (generated, never tracked)
|
|
veza-backend-api/coverage*.out
|
|
veza-backend-api/coverage_groups/
|
|
|
|
# Frontend build/lint/test artifacts
|
|
apps/web/lint_report*.json
|
|
apps/web/tsc*.log
|
|
apps/web/tsc*.txt
|
|
apps/web/ts_*.log
|
|
apps/web/storybook_*.json
|
|
apps/web/debug-storybook.log
|
|
apps/web/build_errors*.txt
|
|
apps/web/build_output.txt
|
|
apps/web/final_errors.txt
|
|
apps/web/*.log
|
|
apps/web/diagnostic-*.log
|
|
apps/web/frontend.log
|
|
apps/web/audit.log
|
|
|
|
# Backend local logs
|
|
veza-backend-api/backend*.log
|
|
|
|
# Root audit screenshots (belong in docs/assets/ if needed)
|
|
/audit-*.png
|
|
|
|
# AI tooling session state (not code)
|
|
.cursor/
|
|
|
|
# ============================================================
|
|
# Post-audit J2 (2026-04-20) — branch chore/v1.0.7-cleanup
|
|
# ============================================================
|
|
|
|
# Tracked audio fixtures — use git-lfs or fixtures repo, never commit raw audio
|
|
veza-backend-api/uploads/
|
|
|
|
# TLS/SSL certificates committed pre-2026-04 (regen with scripts/generate-ssl-cert.sh)
|
|
config/ssl/*.pem
|
|
config/ssl/*.key
|
|
config/ssl/*.crt
|
|
|
|
# Playwright MCP session debris
|
|
.playwright-mcp/
|
|
|
|
# AI session artefacts / context dumps
|
|
CLAUDE_CONTEXT.txt
|
|
UI_CONTEXT_SUMMARY.md
|
|
*.context.txt
|
|
*.ai-session.txt
|
|
|
|
# One-off generated tooling scripts (should live in scripts/ if kept)
|
|
/generate_page_fix_prompts.sh
|
|
/build-archive.log
|
|
|
|
# Apps/web stale audit reports (generated, never tracked)
|
|
apps/web/AUDIT_ISSUES.json
|
|
apps/web/audit_remediation.json
|
|
apps/web/lint_comprehensive.json
|
|
apps/web/storybook-roadmap.json
|
|
apps/web/storybook-*.json
|
|
|
|
# Root PNG screenshots — move to docs/screenshots/ if historical value
|
|
/design-system-*.png
|
|
/forgot-password-*.png
|
|
/register-*.png
|
|
/reset-password-*.png
|
|
/settings-*.png
|
|
/storybook-*.png
|
|
|
|
# ============================================================
|
|
# Post-audit J3 (2026-04-23) — history rewrite (BFG pass, 1.5G → 66M)
|
|
# ============================================================
|
|
# Additional Go build artifacts found in BFG scan
|
|
veza-backend-api/bin/
|
|
veza-backend-api/veza-backend-api
|
|
veza-backend-api/migrate
|
|
|
|
# Vendored binaries mistakenly committed
|
|
dev-environment/scripts/kubectl
|
|
|
|
# Incus build outputs (generated per release cut)
|
|
.build/
|
|
|
|
# E2E report outputs (Playwright)
|
|
tests/e2e/audit/results/
|
|
tests/e2e/playwright-report/
|
|
|
|
# Session-scratch screenshots
|
|
frontend_screenshots/
|
|
|
|
# Audit_remediation glob (supersedes J2's exact-match json)
|
|
apps/web/audit_remediation*
|