SnapAPI session 64: OpenAPI cleanup, dark mode blog post, 474 tests
This commit is contained in:
Hoid
parent
e566d6af16
commit
06f7d40365
4 changed files with 79 additions and 17 deletions
|
|
@ -1,5 +1,52 @@
|
|||
# SnapAPI Session Log
|
||||
|
||||
## Session 64 — 2026-03-06 12:00 CET (Quality & SEO)
|
||||
|
||||
**Goal:** OpenAPI spec cleanup + new blog post for SEO while blocked on production deploy.
|
||||
|
||||
**Health Check:**
|
||||
- Production: ✅ healthy, 2 replicas, v0.5.2 (VULNERABLE — BUG-016 still exploitable via POST)
|
||||
- Staging: ✅ healthy, 1 replica, upgraded to staging-e7ef9d7
|
||||
|
||||
**Work Done:**
|
||||
|
||||
### 1. OpenAPI Spec Cleanup (sub-agent: snapapi-dev-openapi)
|
||||
- Dynamic version reading from package.json (was hardcoded "0.3.0")
|
||||
- Removed dead "Signup" tag (free signup was removed in v0.3.0)
|
||||
- Added missing `cache` parameter to POST /v1/screenshot body schema
|
||||
- 3 new tests (TDD: RED → GREEN)
|
||||
- Pushed: commit 990b6d4
|
||||
|
||||
### 2. Blog Post: Dark Mode Screenshots (sub-agent: snapapi-dev-blog + manual recovery)
|
||||
- New blog post: "How to Capture Dark Mode Screenshots Automatically"
|
||||
- Covers: darkMode parameter, CSS injection, hideSelectors, dual OG images
|
||||
- Code examples: cURL, Node.js, Python
|
||||
- JSON-LD BlogPosting schema, OG tags, breadcrumbs
|
||||
- Blog index + sitemap updated
|
||||
- 12 new blog tests (TDD: RED → GREEN)
|
||||
- Pushed: commit e7ef9d7
|
||||
- **Note:** Blog agent committed locally but didn't push; work was recovered manually
|
||||
|
||||
### 3. Staging Deployment
|
||||
- Built image staging-e7ef9d7 (--no-cache), imported to w1+w2
|
||||
- Used unique tag to avoid containerd cache issues
|
||||
- All verified: blog 200 + JSON-LD, OpenAPI version 0.9.0, no Signup tag, cache in POST body
|
||||
|
||||
**Test Suite:** 474 tests passing (up from 459)
|
||||
|
||||
**Production Vulnerability Confirmed:** POST /v1/signup/free still returns valid API keys on production. Key created during testing was not persisted to DB (oddly) but the route is active.
|
||||
|
||||
**Investor Test:**
|
||||
1. Stranger trust with money? **Yes on staging, NO on production**
|
||||
2. Data loss on crash? **No** (CNPG PostgreSQL)
|
||||
3. Free tier abuse? **⚠️ YES on production** — BUG-016 still active
|
||||
4. Key recovery? **Yes on staging**
|
||||
5. All website features work? **Yes on staging** — 4 blog posts, 16+ pages, all functional
|
||||
|
||||
**Production Status:** ⛔ VULNERABLE — 36+ commits behind staging. Strongly recommend production deploy approval.
|
||||
|
||||
---
|
||||
|
||||
## Session 63 — 2026-03-06 09:00 CET (Feature Development)
|
||||
|
||||
**Goal:** Add batch screenshot endpoint and retry logic while blocked on production deploy approval.
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue