Skip to content
This repository was archived by the owner on Jul 6, 2026. It is now read-only.

feat: prod hardening, security + bug fixes, runtime config, summary-s…#93

Merged
Enes1998 merged 1 commit into
mainfrom
fix/ci-quality
Jun 11, 2026
Merged

feat: prod hardening, security + bug fixes, runtime config, summary-s…#93
Enes1998 merged 1 commit into
mainfrom
fix/ci-quality

Conversation

@Enes1998

Copy link
Copy Markdown
Collaborator

…tatus, cleanup

security: gate Swagger/OpenAPI + dev pages to non-prod; add owner/member guard on standup analytics (IDOR); stop returning email from user search; fix project moderation takedown

auth: request offline_access so sessions survive browser restart

realtime: deliver new-conversation messages via per-user SignalR group

frontend: runtime env injection via window.__ENV (image now env-agnostic); responsive profile/project headers; fix archive + submit-standup cache invalidation

feat(summary): ProjectSummary status pipeline, job enqueuer, orphan cleanup, GitHub webhook secret, pgvector HNSW index

devops: Next.js standalone image + non-root runtime entrypoint; Trivy gate raised to CRITICAL,HIGH

chore: remove dead code (FE: FilterPanel/SortDropdown, unused exports, clsx/tailwind-merge; BE: MyConcreteJob, SeedData)

fix: ExecuteDeleteAsync ambiguity, GitHubSyncJob summary enqueue, migration [Migration] attributes

test: standup-analytics authorization test; unit 29/29 + integration 26/26 green

…tatus, cleanup

security: gate Swagger/OpenAPI + dev pages to non-prod; add owner/member guard on standup analytics (IDOR); stop returning email from user search; fix project moderation takedown

auth: request offline_access so sessions survive browser restart

realtime: deliver new-conversation messages via per-user SignalR group

frontend: runtime env injection via window.__ENV (image now env-agnostic); responsive profile/project headers; fix archive + submit-standup cache invalidation

feat(summary): ProjectSummary status pipeline, job enqueuer, orphan cleanup, GitHub webhook secret, pgvector HNSW index

devops: Next.js standalone image + non-root runtime entrypoint; Trivy gate raised to CRITICAL,HIGH

chore: remove dead code (FE: FilterPanel/SortDropdown, unused exports, clsx/tailwind-merge; BE: MyConcreteJob, SeedData)

fix: ExecuteDeleteAsync ambiguity, GitHubSyncJob summary enqueue, migration [Migration] attributes

test: standup-analytics authorization test; unit 29/29 + integration 26/26 green

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
@Enes1998 Enes1998 merged commit 7e07722 into main Jun 11, 2026
1 of 2 checks passed
@Enes1998 Enes1998 deleted the fix/ci-quality branch June 11, 2026 09:40
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant