Adds 4 BDD scenarios covering the passwordless magic-link flow:
- Happy path (request -> email arrives -> consume -> JWT)
- Token cannot be consumed twice (single-use guarantee)
- Missing token returns 400
- Unknown token returns 401
Implementation:
- features/auth/magic_link.feature with the gherkin spec
- pkg/bdd/steps/magic_link_steps.go: per-scenario unique recipient
(`<scenario-key>-<8hex>@bdd.local`, ADR-0030), Mailpit-driven token
extraction, regex parse of the consume URL
- pkg/bdd/steps/scenario_state.go: 2 fields added (MagicLinkEmail,
MagicLinkToken)
- pkg/bdd/steps/steps.go: register 5 new step regexes
Bug fix exposed by the BDD run:
- pkg/user/api/magic_link_handler.go: passwordless-signup random password
was 96 hex chars (48 bytes) which overflowed bcrypt's 72-byte input
limit, breaking first-link signup. Reduced to 64 hex chars (32 bytes,
256 bits entropy).
Test infra fix:
- pkg/bdd/testserver/server.go: createTestConfig() builds the
Config literal directly (no Viper defaults), so add explicit Email +
MagicLink config so the From address is set when the handler sends
via local Mailpit.
Mistral wrote the feature file, magic_link_steps.go, scenario_state.go
edit, and steps.go edit autonomously in a worktree workspace. Claude
fixed the bcrypt overflow + the test-config gap exposed during verification.
Most authoring by Mistral Vibe (mistral-vibe-cli-latest).
Tag 3 untagged v2 scenarios + extend DEFAULT_TAGS to exclude @v2. Companion to PR #26 (BDD_SCHEMA_ISOLATION). Together should produce green CI on default daily runs.
Co-authored-by: Gabriel Radureau <arcodange@gmail.com>
Co-committed-by: Gabriel Radureau <arcodange@gmail.com>
CI workflow #598 was failing with "Found undefined steps" because the healthz BDD scenario used "the response status code should be 200" while the registered step regex matches "the status code should be N" (without "response"). Aligns the feature wording with the existing convention used in features/auth/.
PR #21 généré en autonomie complète par Mistral Vibe (€0.24, 13 steps, 11/13 tool calls success). 3rd autonomous PR du jour. Validation Q-030 workaround : prompt 100% ASCII = pas de hang.
Co-authored-by: Gabriel Radureau <arcodange@gmail.com>
Co-committed-by: Gabriel Radureau <arcodange@gmail.com>
Adds Kubernetes-style /api/healthz endpoint with status/version/uptime_seconds/timestamp.
Non-breaking — /api/health preserved. Includes unit test (passes locally) and BDD scenario (validated by CI).
Généré ~95% en autonomie par Mistral Vibe via workspace ICM ~/Work/Vibe/workspaces/healthz-feature/.
Co-authored-by: Gabriel Radureau <arcodange@gmail.com>
Co-committed-by: Gabriel Radureau <arcodange@gmail.com>
- Add ADR-0012 documenting the decision to format only staged Go files
- Update ADR README.md with new entry
- Document rationale, alternatives, and verification results
- Include future considerations for monitoring and CI/CD integration
Generated by Mistral Vibe.
Co-Authored-By: Mistral Vibe <vibe@mistral.ai>
- Added /api/v2/greet POST endpoint with JSON request/response
- Implemented ServiceV2 with Hello my friend <name>! greeting format
- Added api.v2_enabled feature flag (default: false)
- Extended BDD tests to cover v2 scenarios
- Maintained full backward compatibility with v1 API
- Added DLC_API_V2_ENABLED environment variable support
- Created ADR 0010-api-v2-feature-flag.md
- Updated configuration system to support API versioning
Implement comprehensive BDD testing framework using Godog:
- Added feature files for greet and health endpoints
- Created test server that runs on port 9191
- Implemented step definitions using Godog's exact patterns
- Fixed undefined step warnings by following Godog conventions
- All tests passing with proper response validation
- Maintained black box testing principles
Key files:
- pkg/bdd/steps/steps.go - Step definitions using StepContext struct
- pkg/bdd/testserver/ - Test server implementation
- features/*.feature - BDD feature files
- pkg/bdd/README.md - Documentation for proper step patterns
The implementation follows Godog's exact pattern suggestions to avoid
undefined step warnings and provides comprehensive API testing.
