Yuriy
|
1ec7f62a03
|
CI/CD security, architecture doc, monitoring, security audit
- .github/workflows/security.yml: npm audit, pip-audit, gitleaks, dependency-review
- .github/workflows/ci.yml: lint required, ENABLE_DEV_AUTH/DEV_TOKEN for tests
- .gitleaks.toml: secret scan config and allowlist
- docs/ARCHITECTURE.md: high-level design, layers, auth, deployment
- docs/ops/MONITORING.md: Prometheus, health, alerting, Grafana
- docs/SECURITY_AUDIT.md: audit tools and procedures (ZAP, Bandit, Trivy)
- config/prometheus.yml: example scrape config
- README: CI/CD and docs links
Co-authored-by: Cursor <cursoragent@cursor.com>
|
2026-02-14 21:56:02 +03:00 |
|
Yuriy
|
aa052763f6
|
Безопасность и качество: 8 исправлений + обновления
- .env.example: полный шаблон, защита секретов
- .gitignore: явное исключение .env.* и секретов
- layout.tsx: XSS — заменён dangerouslySetInnerHTML на next/script для SW
- ESLint: no-console error (allow warn/error), ignore scripts/
- scripts/remove-console-logs.js: очистка console.log без glob
- backend/routes/modules: README с планом рефакторинга крупных файлов
- SECURITY.md: гид по секретам, XSS, CORS, auth, линту
- .husky/pre-commit: запуск npm run lint
+ прочие правки приложения и бэкенда
Co-authored-by: Cursor <cursoragent@cursor.com>
|
2026-02-14 21:29:16 +03:00 |
|
Yuriy
|
0150aba4f5
|
Consolidation: KLG ASUTK + PAPA integration
- Unify API: lib/api.ts uses /api/v1, inbox uses /api/inbox (rewrites)
- Remove localhost refs: openapi, inbox page
- Add rewrites: /api/inbox|tmc -> inbox-server, /api/v1 -> FastAPI
- Add stub routes: knowledge/insights, recommendations, search, log-error
- Transfer from PAPA: prompts (inspection, tmc), scripts, supabase, data/tmc-requests
- Fix inbox-server: ORDER BY created_at, package.json
- Remove redundant app/api/inbox/files route (rewrites handle it)
- knowledge/ in gitignore (large PDFs)
Co-authored-by: Cursor <cursoragent@cursor.com>
|
2026-02-08 17:18:31 +03:00 |
|