2025-11-13 - 2026-05-13
Overview
86 Pull requests merged by 1 user
Merged
#100 🔒 fix(ci): add tofu_module_reader SSH key to vault.yaml secrets (mirrors erp pattern)
Merged
#99 ✨ feat(deploy): iac/ Vault provisioning + workflow (uses app_roles module from tools)
Merged
#98 🔒 fix(deploy): use websecure entrypoint + letsencrypt TLS for .lab ingress
Merged
#97 ✨ feat(deploy): chart Vault CRDs gated by vault.enabled (default false)
Merged
#96 📝 docs: 2026-05-06 autonomous morning session recap
Merged
#95 📝 docs(changelog): record PRs #87-94 (2026-05-06 morning batch)
Merged
#94 🤖 ci(docker): auto-build on push to main + fix root Dockerfile swag step
Merged
#93 📝 docs: refresh AGENTS.md + README.md (auth endpoints + ADR pointer + new packages)
Merged
#92 🧪 test(server): unit tests for AuthMiddleware Optional/Required handlers
Merged
#91 ♻️ refactor(server): split AuthMiddleware into Optional/Required (RFC 6750 + ISP narrow interface)
Merged
#90 ♻️ refactor(auth): move UserContextKey from pkg/greet to pkg/auth
Merged
#89 ✨ feat(deploy): Dockerfile + Helm chart for k3s homelab deployment
Merged
#88 🔒 fix(security): redact JWT tokens and HMAC secrets in trace logs (auth_service.go)
Merged
#87 📝 docs: cherry-pick 6 focused guides from PR #17 (option c)
Merged
#86 📝 docs(changelog): record PR #85
Merged
#85 📝 docs: STATUS.md project snapshot 2026-05-05
Merged
#84 📝 docs(changelog): record PR #83
Merged
#83 📝 docs(readme): link to Mistral autonomous pattern doc
Merged
#82 📝 docs(changelog): record PRs #80, #81
Merged
#81 📝 docs: 2026-05-05 autonomous session recap
Merged
#80 📝 docs: PHASE_B_ROADMAP — mark B.3 + B.4 done
Merged
#79 📝 docs(changelog): record PRs #73, #78
Merged
#78 📝 docs: Mistral autonomous pattern guide for contributors
Merged
#77 📝 docs(changelog): record PRs #74, #75, #76
Merged
#76 🧪 test(auth): OIDC handler unit tests (ADR-0028 Phase B.4 follow-up)
Merged
#75 ✨ feat(auth): OIDC HTTP handlers /start + /callback (ADR-0028 Phase B.4)
Merged
#74 ✨ feat(auth): implement OIDC client methods (ADR-0028 Phase B.3)
Merged
#73 📝 docs: AUTH.md synthesis (Phase A complete, Phase B partial)
Merged
#72 📝 docs(changelog): record PRs #67-#71
Merged
#71 📝 docs: ADR-0028 Phase B roadmap (B.3 / B.4 / B.5 outline)
Merged
#69 ✨ feat(auth): pkg/auth skeleton for OpenID Connect (ADR-0028 Phase B prep)
Merged
#68 📝 docs: mkcert local HTTPS setup + Makefile cert target (ADR-0028 Phase B prep)
Merged
#67 ✨ feat(server): add GET /api/v1/uptime endpoint
Merged
#66 📝 docs: add top-level CHANGELOG.md (keepachangelog format)
Merged
#65 ✨ feat(user): magic-link expired-token cleanup loop (ADR-0028 Phase A consequence)
Merged
#64 feat(config): OIDC provider config skeleton (ADR-0028 Phase B.1 prep)
Merged
#63 ✨ feat(bdd): magic-link BDD scenarios + bcrypt overflow fix (ADR-0028 Phase A.5)
Merged
#62 ✨ feat(auth): magic-link request + consume HTTP handlers (ADR-0028 Phase A.4)
Merged
#61 ✨ feat(user): magic_link_tokens table + repository (ADR-0028 Phase A.3)
Merged
#60 ✨ feat(bdd): pkg/bdd/mailpit/ HTTP client + integration tests (ADR-0030 Phase A.2)
Merged
#59 ✨ feat(email): pkg/email + Mailpit docker-compose service (ADR-0029 Phase A.1)
Merged
#58 📝 docs(adr): ADR-0028/0029/0030 — passwordless auth + Mailpit + BDD email strategy
Merged
#57 🐛 fix(bdd): shouldEnableV2 wrongly matched ~@v2 as @v2 substring + new gate regression scenario
Merged
#56 ✨ feat(server): api.v2_enabled hot-reload via middleware gate (ADR-0023 Phase 4)
Merged
#55 📝 docs(adr): ADR-0027 Ollama Tier 1 onboarding + README index reconciliation
Merged
#54 feat(server): add go_version to /api/info response
Merged
#53 🧪 test(user): SHA-256 fingerprint stays non-empty and != secret value (Mistral autonomous)
Merged
#52 🧪 test(bdd): admin metadata endpoint security property — no secret leak
Merged
#51 ✨ feat(admin): GET /api/v1/admin/jwt/secrets — metadata-only introspection
Merged
#50 🔧 chore(config): defense-in-depth for WatchAndApply test race (Q-038)
Merged
#49 ✨ feat(server): wire sampler hot-reload callback (ADR-0023 Phase 3, sub-phase 3.3)
Merged
#48 🐛 fix(config): remove racy log.Info in WatchAndApply cancel goroutine
Merged
#47 🐛 fix(ci): remove dollar-double-brace expression from comment that still gets interpolated
Merged
#45 ✨ feat(telemetry): ReconfigureTracerProvider for sampler hot-reload (ADR-0023 Phase 3, sub-phase 3.1)
Merged
#44 ✨ feat(auth): JWT TTL hot-reload + fix hardcoded 24h bug (ADR-0023 Phase 2)
Merged
#43 🐛 fix(frontend): apply server:false + route.fulfill to health spec
Merged
#42 ✨ feat(config): hot-reload Phase 1 — logging.level (ADR-0023)
Merged
#41 ✨ feat(auth): JWT secret retention policy + automatic cleanup loop (ADR-0021)
Merged
#40 ✨ feat(server): /api/info aggregator + frontend version footer
Merged
#39 📝 docs(adr): close 5 partial ADRs with code-confirmed status updates
Merged
#38 🐛 fix(ci): replace head_commit.message expression with git log (shell injection)
Merged
#37 🎨 chore(server): apply swag fmt alignment to swagger annotations
Merged
#36 📝 docs: homogenize API + BDD env docs (verifier skill audit)
Merged
#35 ✨ feat(bdd): parallel-safe schema-per-package isolation (T12 stage 2/2) — 2.85x speedup
Merged
#34 ✨ feat(user): foundation for parallel-safe BDD isolation (T12 stage 1/2)
Merged
#33 ♻️ refactor(frontend): split HealthDashboard into smart wrapper + dumb View for state-based stories
Merged
#32 🐛 fix(frontend): Playwright now detects health endpoint failures (was silently passing)
Merged
#31 🐛 fix(ci): version-bump fallback for workflow_dispatch trigger
Merged
#30 ✨ feat(frontend): Storybook + auto-generated Playwright e2e docs with screenshots
Merged
#29 ✨ feat(server): cache /api/v1/greet responses + admin cache flush endpoint
Merged
#28 🐛 fix(bdd): revert PR #26 schema isolation + add cache flush + sequential CI tests
Merged
#27 🐛 fix(bdd): exclude @v2 scenarios from default BDD test runs
Merged
#26 🐛 fix(ci): enable BDD_SCHEMA_ISOLATION to prevent flaky AuthBDD failures
Merged
#25 ✨ feat(frontend): scaffold minimal Nuxt 3 frontend with healthz dashboard
Merged
#24 📝 docs(adr): audit and update Status for 5 implemented ADRs
Merged
#23 ✨ feat(cache): add in-memory cache service (ADR-0022 Phase 1 part 2)
Merged
#22 ✨ feat(server): add per-IP rate limit middleware on /api/v1/greet
Merged
#21 🐛 fix(bdd): align healthz scenario step text with registered regex
Merged
#20 ✨ feat(server): add /api/healthz endpoint with rich health info
Merged
#19 🐛 fix(readme): restore badges removed by c17fb4f
Merged
#18 📝 docs(adr): homogenize 23 ADRs + rewrite README (Tâche 7 migration)
Merged
#16 🐛 fix: emit all config-loading logs in correct JSON format from the start
Merged
#12 🧪 test: add JWT secret rotation BDD scenarios and step implementations
Merged
#11 Move Docker push steps to separate job
Merged
#9 feature/user-authentication-bdd
Merged
#1 ci/trunk-based-development
1 Pull request proposed by 1 user
Proposed
#17 📝 docs(restructure): split AGENTS.md (1296 → 130 lines) + 9 focused guides
11 Issues closed from 1 user
Closed
#13 feat: Implement Rate Limiting and Caching Strategy
Closed
#15 fix: first log message not in JSON format when JSON logging is configured
Closed
#14 Enhancement: Complete BDD Scenario Isolation with 2-Layer Approach
Closed
#7 User Story: Admin Password Reset Workflow
Closed
#8 Implement JWT Secret Rotation
Closed
#10 Move Docker push steps to separate job
Closed
#6 User Story: User Profile Management
Closed
#5 User Story: User Login with JWT Authentication
Closed
#3 User Management & Authentication System
Closed
#4 User Story: User Registration with Persistence
Closed
#2 Optimize Gitea Workflow for Main Branch
11 Issues created by 0 users
Opened
#2 Optimize Gitea Workflow for Main Branch
Opened
#3 User Management & Authentication System
Opened
#4 User Story: User Registration with Persistence
Opened
#5 User Story: User Login with JWT Authentication
Opened
#7 User Story: Admin Password Reset Workflow
Opened
#6 User Story: User Profile Management
Opened
#8 Implement JWT Secret Rotation
Opened
#10 Move Docker push steps to separate job
Opened
#13 feat: Implement Rate Limiting and Caching Strategy
Opened
#14 Enhancement: Complete BDD Scenario Isolation with 2-Layer Approach
Opened
#15 fix: first log message not in JSON format when JSON logging is configured