senke/veza
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
veza/.gitignore
senke 778c85508b
Some checks failed
Veza CI / Backend (Go) (push) Failing after 0s
Details
Veza CI / Frontend (Web) (push) Failing after 0s
Details
Veza CI / Rust (Stream Server) (push) Failing after 0s
Details
Frontend CI / test (push) Failing after 0s
Details
Security Scan / Secret Scanning (gitleaks) (push) Failing after 0s
Details
Veza CI / Notify on failure (push) Failing after 0s
Details
docs(audit): reconcile top-15 priorities with tier 1-3 + BFG pass 
Updates AUDIT_REPORT §9/§9.bis/§9.3/§10 and FUNCTIONAL_AUDIT §7 to
reflect the 2026-04-23 cleanup session + git-filter-repo history rewrite.

Top-15 outcome:
- 10 items DONE with commit refs (b5281bec transactions, ebf3276d rate
  limiter, 4310dbb7 MinIO pin, 172581ff orphan removal, 18eed3c4
  deprecated handlers, d12b901d debris untrack, BFG for #1/#2/#7).
- 3 items flagged FALSE-POSITIVE after direct code inspection (§9.bis):
    #4 context.Background: 26/31 in _test.go, 5 legit (WS pumps, health)
    #5 CSP/XFO: already complete in middleware/security_headers.go
    #10 RespondWithAppError: intentional thin wrapper (handlers pkg)
- 2 deferred to v1.0.8 (#8 OpenAPI typegen, #14 E2E CI).
- 1 remaining before v1.0.7 final: #15 docs/ENV_VARIABLES.md sync.

Repo hygiene: .git 2.3 GB → 66 MB (−97%) after BFG pass, force-push
stages 1+2 OK, fingerprint match on Forgejo CA cert.

Annexe: diff table expanded v1 ↔ v2 ↔ v3.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-23 14:20:28 +02:00

263 lines
5.2 KiB
Text
Raw Blame History

# ============================================================
# Veza/Talas — Global .gitignore
# Stack: Go, Rust, TypeScript/React, Docker, Scripts
# ============================================================
### Node / JS
node_modules/
dist/
build/
.next/
pnpm-lock.yaml
npm-debug.log*
yarn-debug.log*
yarn-error.log*
### Rust
target/
Cargo.lock
*.rs.bk
### Go
*.exe
*.exe~
*.dll
*.so
*.dylib
### Python (scripts/tools)
__pycache__/
*.pyc
### Logs / Dumps
*.log
logs/
*.pid
*.seed
*.gz
### Database dumps — SECURITY(REM-034): Never commit database artifacts
**/veza_back_api_db/
*.sql.dump
*.pgdump
### Editors / IDE
.vscode/
.idea/
.cursor/
*.swp
*.swo
### System trash
.DS_Store
Thumbs.db
### Temp / Cache
tmp/
temp/
.cache/
.turbo/
coverage/
coverage-final.json
typecheck*.txt
output*.txt
design_system*.html
*_design_system*.html
MODULE.bazel.lock
### Test artifacts
*.test
*.coverage
*.out
test-results/
playwright-report/
### Build / Bundles
*.wasm
*.bundle.js
*.map
apps/web/dist_verification/
**/dist_verification/
### Environment / Secrets (NE JAMAIS COMMIT)
.env
.env.*
!.env.example
!.env.staging.example
**/.env
**/.env.local
**/.env.*
!.env.example
!.env.staging.example
veza-backend-api/.env
veza-chat-server/.env
veza-stream-server/.env
apps/web/.env.local
.secrets/
### Docker
docker-data/
*.tar
# HAProxy SSL certs (never commit private keys or full-chain certs)
docker/haproxy/certs/*.key
docker/haproxy/certs/*.pem
docker/haproxy/certs/*.crt
# JWT RSA keys (v0.9.1 RS256 migration — NEVER commit)
jwt-private.pem
jwt-public.pem
veza-backend-api/main
veza-backend-api/api
veza-backend-api/veza-api
veza-backend-api/migrate_tool
chat_exports/
# Debug/test screenshots (root level)
screenshot-*.png
sidebar-*.png
player-*.png
login-*.png
search-*.png
track-*.png
test-*.png
dashboard-*.png
report-*.html
# MCP config (local)
.mcp.json
# Environment / Secrets — config templates only, never commit real .env
config/incus/env/*.env
!config/incus/env/env.example
# Playwright
/test-results/
/playwright-report/
tests/e2e/test-results/
tests/e2e/VEZA_AUDIT_REPORT.html
tests/e2e/VEZA_AUDIT_REPORT.json
apps/web/e2e-results.json
e2e-results.json
/blob-report/
/playwright/.cache/
/playwright/.auth/
*storybook.log
storybook-static
# v0.941: Swagger docs.go generated by CI (swag init)
veza-backend-api/docs/docs.go
# Claude Code local memory
.claude/
# Test audio files (large binaries)
veza-backend-api/audio/
# SELinux policy (local)
qemu-fusefs.*
api
# ============================================================
# Post-audit J1 (2026-04-14) — never recommit this debris
# ============================================================
# Go binaries accidentally committed (v1.0.3 → v1.0.4 cleanup)
veza-backend-api/server
veza-backend-api/modern-server
veza-backend-api/seed
veza-backend-api/seed-v2
veza-backend-api/encrypt_oauth_tokens
# Coverage reports (generated, never tracked)
veza-backend-api/coverage*.out
veza-backend-api/coverage_groups/
# Frontend build/lint/test artifacts
apps/web/lint_report*.json
apps/web/tsc*.log
apps/web/tsc*.txt
apps/web/ts_*.log
apps/web/storybook_*.json
apps/web/debug-storybook.log
apps/web/build_errors*.txt
apps/web/build_output.txt
apps/web/final_errors.txt
apps/web/*.log
apps/web/diagnostic-*.log
apps/web/frontend.log
apps/web/audit.log
# Backend local logs
veza-backend-api/backend*.log
# Root audit screenshots (belong in docs/assets/ if needed)
/audit-*.png
# AI tooling session state (not code)
.cursor/
# ============================================================
# Post-audit J2 (2026-04-20) — branch chore/v1.0.7-cleanup
# ============================================================
# Tracked audio fixtures — use git-lfs or fixtures repo, never commit raw audio
veza-backend-api/uploads/
# TLS/SSL certificates committed pre-2026-04 (regen with scripts/generate-ssl-cert.sh)
config/ssl/*.pem
config/ssl/*.key
config/ssl/*.crt
# Playwright MCP session debris
.playwright-mcp/
# AI session artefacts / context dumps
CLAUDE_CONTEXT.txt
UI_CONTEXT_SUMMARY.md
*.context.txt
*.ai-session.txt
# One-off generated tooling scripts (should live in scripts/ if kept)
/generate_page_fix_prompts.sh
/build-archive.log
# Apps/web stale audit reports (generated, never tracked)
apps/web/AUDIT_ISSUES.json
apps/web/audit_remediation.json
apps/web/lint_comprehensive.json
apps/web/storybook-roadmap.json
apps/web/storybook-*.json
# Root PNG screenshots — move to docs/screenshots/ if historical value
/design-system-*.png
/forgot-password-*.png
/register-*.png
/reset-password-*.png
/settings-*.png
/storybook-*.png
# ============================================================
# Post-audit J3 (2026-04-23) — history rewrite (BFG pass, 1.5G → 66M)
# ============================================================
# Additional Go build artifacts found in BFG scan
veza-backend-api/bin/
veza-backend-api/veza-backend-api
veza-backend-api/migrate
# Vendored binaries mistakenly committed
dev-environment/scripts/kubectl
# Incus build outputs (generated per release cut)
.build/
# E2E report outputs (Playwright)
tests/e2e/audit/results/
tests/e2e/playwright-report/
# Session-scratch screenshots
frontend_screenshots/
# Audit_remediation glob (supersedes J2's exact-match json)
apps/web/audit_remediation*
Reference in a new issue View git blame Copy permalink