senke/veza
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
veza/CHANGELOG.md
senke ccf98983fe
Some checks failed
Backend API CI / test-unit (push) Failing after 0s
Details
Backend API CI / test-integration (push) Failing after 0s
Details
Frontend CI / test (push) Failing after 0s
Details
Storybook Audit / Build & audit Storybook (push) Failing after 0s
Details
chore(v0.103): finalize release — CHANGELOG, FEATURE_STATUS, .cursorrules scope
2026-02-20 15:14:25 +01:00

59 lines
3 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Changelog - Veza
## [v0.103] - 2026-02-20
### Added
- **Auth (Lot A)** : OAuth Spotify (A1), page Sessions enrichie avec historique et révocation (A4)
- **Profils (Lot B)** : Bannière de profil éditable (B1), section liens sociaux sur profil public (B2), toggle profil privé dans Settings (B3)
- **Profil privé** : Vue « Profil privé » sur `/u/:username` quand le profil est masqué ; `is_public` exposé et persisté
### Documented
- 2FA SMS et Passkeys/WebAuthn reportés à v0.104
---
## [v0.102] - 2026-02-20
### Added
- **Queue persistante** : API CRUD (`GET/PUT/POST/DELETE /api/v1/queue`), sync frontend via `useQueueSync`, drag & drop reorder avec @dnd-kit (B3)
- **Developer API Keys** : CRUD clés API, X-API-Key middleware, CreateAPIKeyModal, révocation
- **Playlists** : activation PLAYLIST_SHARE, PLAYLIST_RECOMMENDATIONS ; boutons Export (JSON/CSV), Duplicate connectés
- **Social** : like/comment post connectés à lAPI ; profil followers/following count ; badges rôles
- **Player** : playback speed (0.5x2x), Media Session API, waveform dans progress bar
### Changed
- **Gear, Live, Queue, Developer** : routes opérationnelles (fin des placeholders Coming Soon)
- Feature flags PLAYLIST_SHARE et PLAYLIST_RECOMMENDATIONS activés (true)
### Documented
- Go Live (streaming vidéo) : non implémenté, prévu v0.703 — limitation A6
- Social Trending (tags) : statique, report v0.103 pour `GET /social/trending`
---
## [Unreleased] - 2024-12-07
### Security
- **chat-server**: Implemented JWT Authentication Middleware for HTTP API.
- Secured `/api/messages` (POST) and `/api/messages/{id}` (GET).
- Enforced permission checks (`can_send_message`, `can_read_conversation`).
- Patched `sender_id` spoofing vulnerability by enforcing User ID from Token Claims.
- **backend**: Resolved `veza_errors_total` metric collision preventing proper monitoring initialization.
### Fixed
- **backend**: Fixed `JobWorker` starvation issue by replacing blocking `time.Sleep` with non-blocking scheduler.
- **stream-server**: Improved task safety by replacing unsafe `abort()` with graceful `join/await` for monitoring tasks.
- **chat-server**: Fixed resource leak by implementing 60s WebSocket inactivity/heartbeat timeout.
- **chat-server**: Implemented Graceful Shutdown handling for OS signals (SIGTERM/SIGINT).
- **backend-tests**: Fixed `RoomHandler` unit tests.
- Refactored `RoomHandler` to use `RoomServiceInterface` for dependency injection.
- Updated `CreateRoom` tests to match actual Service signatures.
- Fixed `bitrate_handler_test.go` compilation errors.
- Resolved global metric registration panics during testing.
### Removed
- **backend**: Deleted legacy maintenance code (`migrations_legacy/` and `src/cmd/main.go.legacy`).
### Known Issues
- **backend**: Some unit tests (`metrics_test.go`, `profile_handler_test.go`, `system_metrics_test.go`) are disabled due to bitrot/missing dependencies.
- **stream-server**: Compilation requires active Database connection (sqlx compile-time verification) or `sqlx-data.json`.
Reference in a new issue View git blame Copy permalink