DocFast session 176: full audit — infrastructure, security headers, OpenAPI, dependencies
This commit is contained in:
Hoid
parent
8083adfbd5
commit
683444fee0
2 changed files with 29 additions and 9 deletions
|
|
@ -2,11 +2,11 @@
|
|||
"phase": 1,
|
||||
"phaseLabel": "Build Production-Grade Product",
|
||||
"status": "launch-ready",
|
||||
"product": "DocFast — HTML/Markdown to PDF API",
|
||||
"currentPriority": "Production on v0.5.1. Staging v0.5.2 (92 commits ahead). Coverage improved: billing.ts branches 82→86%, demo.ts branches 72→80%. 772 tests passing (76 files). npm audit 0 vulns, npm outdated 0. ZERO open bugs. ZERO tsc errors. CI runner still absent. Ready for production tag when investor approves.",
|
||||
"ownerDirectives_PRIORITY": "Process these IN ORDER. Do not skip. Remove items marked ✅ DONE/FIXED during housekeeping.",
|
||||
"product": "DocFast \u2014 HTML/Markdown to PDF API",
|
||||
"currentPriority": "Production on v0.5.1. Staging v0.5.2 (92 commits ahead). 772 tests passing (76 files). npm audit 0 vulns, npm outdated 0. ZERO open bugs. ZERO tsc errors. CI runner still absent. Full audit: security headers, OpenAPI spec, 404 page, all endpoints verified. Ready for production tag when investor approves.",
|
||||
"ownerDirectives_PRIORITY": "Process these IN ORDER. Do not skip. Remove items marked \u2705 DONE/FIXED during housekeeping.",
|
||||
"ownerDirectives": [
|
||||
"Stripe Product ID for DocFast: prod_TygeG8tQPtEAdE — webhook handler must filter by this product_id to ignore events from other projects on the same Stripe account."
|
||||
"Stripe Product ID for DocFast: prod_TygeG8tQPtEAdE \u2014 webhook handler must filter by this product_id to ignore events from other projects on the same Stripe account."
|
||||
],
|
||||
"launchChecklist": {
|
||||
"emailVerificationReal": true,
|
||||
|
|
@ -23,7 +23,7 @@
|
|||
"rateLimitsDataBacked": true,
|
||||
"landingPageHonest": true,
|
||||
"legalPages": true,
|
||||
"legalPagesNote": "Impressum, Privacy Policy, Terms of Service — all live",
|
||||
"legalPagesNote": "Impressum, Privacy Policy, Terms of Service \u2014 all live",
|
||||
"euHostingMarketed": true,
|
||||
"jsDisabledInPdf": true,
|
||||
"zeroConsoleErrors": true,
|
||||
|
|
@ -31,7 +31,7 @@
|
|||
"securityAuditPassed": true,
|
||||
"healthEndpointComplete": true,
|
||||
"cicdPipeline": true,
|
||||
"cicdPipelineNote": "Forgejo Actions with no-cache builds. Push main→staging, tag v*→prod. Fixed session 56.",
|
||||
"cicdPipelineNote": "Forgejo Actions with no-cache builds. Push main\u2192staging, tag v*\u2192prod. Fixed session 56.",
|
||||
"reproducibleInfra": true,
|
||||
"proLimitsSet": true,
|
||||
"proLimitsNote": "5,000 PDFs/month for Pro. Enforced in usage middleware.",
|
||||
|
|
@ -65,7 +65,7 @@
|
|||
"email": "noreply@docfast.dev",
|
||||
"supportEmail": "support@docfast.dev (FreeScout)",
|
||||
"backups": "CNPG WAL archiving + MinIO. Daily 03:00 UTC, 7-day retention.",
|
||||
"smtp": "mail.cloonar.com:587 — MANAGED BY CLOONAR. DO NOT DEPLOY OWN MAIL SERVER. Verified working 2026-02-19."
|
||||
"smtp": "mail.cloonar.com:587 \u2014 MANAGED BY CLOONAR. DO NOT DEPLOY OWN MAIL SERVER. Verified working 2026-02-19."
|
||||
},
|
||||
"credentials": {
|
||||
"file": "/home/openclaw/.openclaw/workspace/.credentials/docfast.env",
|
||||
|
|
@ -83,7 +83,7 @@
|
|||
"LOW": [],
|
||||
"note": "All bugs resolved. BUG-105 fixed 4f6659c. BUG-104 fixed 503e651. BUG-103 (template validation bypass) fixed 47571c8. BUG-102 (sanitized options ignored) fixed ba2e542. BUG-101 (body limits) fixed c03f217. BUG-100 (flush poisoning) fixed d2f819d. BUG-099 (memory leak) fixed 5f776db. BUG-098 (interceptor leak) fixed 024fa00."
|
||||
},
|
||||
"sessionCount": 175,
|
||||
"sessionCount": 176,
|
||||
"blockers": [],
|
||||
"startDate": "2026-02-14"
|
||||
}
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue