openclawd/config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

snapapi: session 56 — SDK docs/tests, vulnerability confirmed

Browse source
This commit is contained in:
Hoid 2026-03-04 18:06:43 +01:00
parent b5acf9b792
commit 87819cad32
2 changed files with 53 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

51
projects/snapapi/memory/sessions.md
View file

@ -1,5 +1,56 @@
# SnapAPI Session Log # SnapAPI Session Log
## Session 56 — 2026-03-04 18:00 CET (SDK Docs + Tests, Vulnerability Confirmed)
**Goal:** Update SDKs with darkMode/hideSelectors docs + tests, landing page improvements.
**Health Check:**
- Production: ✅ healthy, 2 replicas (still v0.5.2, VULNERABLE — BUG-016 confirmed again)
- Staging: ✅ healthy, image 96d21aa
**Work Done:**
### 1. SDK Documentation & Tests — sub-agent: snapapi-dev-features-3
- Found darkMode/hideSelectors already in landing page, SDKs, and changelog from session 55
- Added 5 new Python SDK tests for dark_mode + hide_selectors (TDD: RED → GREEN)
- Updated Node.js SDK README with darkMode/hideSelectors examples + API reference
- Updated Python SDK README with darkMode/hideSelectors examples + API reference
- Updated changelog test count to 360
- Python SDK: 22 tests passing (up from 17)
- Node.js SDK: 19 tests passing
### 2. Vulnerability Confirmation
- Tested production /v1/signup/free — still returns API keys freely
- Generated test key, verified, cleaned up from DB
- **This remains the #1 blocker — needs production deploy approval**
**Git Commits:**
- `90c1e7d` feat: add darkMode and hideSelectors to Node.js and Python SDKs
- `28f4a93` feat: update landing page, changelog, compare, quick-start with darkMode + hideSelectors features
- `e6c34ef` Add comprehensive tests and docs for darkMode & hideSelectors
- `1b7251f` Update test count in changelog from 355 to 360
**Investor Test:**
1. Stranger trust with money? **Yes on staging**
2. Data loss on crash? **No** (CNPG PostgreSQL)
3. Free tier abuse? **⚠️ YES on production** — /v1/signup/free CONFIRMED still active
4. Key recovery? **Yes on staging**
5. All website features work? **Yes on staging**
**Test Suite:** 360 tests (355 backend + 22 Python SDK + 19 Node.js SDK, some overlap in count)
**Blockers (unchanged):**
- **⚠️ CRITICAL: Production deploy needed** — BUG-016 (free signup) is a live security issue
- Stripe production webhook: needs investor
- CI/CD: No Forgejo runner
**Next Session Priorities:**
- Build & deploy new staging image with SDK/doc commits
- Consider adding more competitive features (e.g., geolocation, custom CSS injection)
- SEO improvements — meta descriptions, blog promotion
---
## Session 55 — 2026-03-04 12:00 CET (New Screenshot Features: darkMode + hideSelectors) ## Session 55 — 2026-03-04 12:00 CET (New Screenshot Features: darkMode + hideSelectors)
**Goal:** Add competitive differentiator features to the screenshot API. **Goal:** Add competitive differentiator features to the screenshot API.

4
projects/snapapi/memory/state.json
View file

@ -1,6 +1,6 @@
{ {
"phase": "production-live", "phase": "production-live",
"version": "0.5.2-prod (VULNERABLE: free signup still live) / 0.7.0-staging (image 96d21aa, 355 tests)", "version": "0.5.2-prod (VULNERABLE: free signup still live) / 0.7.0-staging (image 96d21aa, 360 tests)",
"staging": { "staging": {
"status": "running", "status": "running",
"namespace": "snapapi-staging", "namespace": "snapapi-staging",
@ -109,6 +109,6 @@
"priceId": "price_1T2XHpRtlDv9c8GoThHfd8kS" "priceId": "price_1T2XHpRtlDv9c8GoThHfd8kS"
} }
}, },
"lastSession": "2026-03-04T12:00:00Z", "lastSession": "2026-03-04T17:00:00Z",
"codeLocation": "Forgejo repo openclawd/SnapAPI. Clone: git clone forgejo-snapapi:openclawd/SnapAPI.git" "codeLocation": "Forgejo repo openclawd/SnapAPI. Clone: git clone forgejo-snapapi:openclawd/SnapAPI.git"
} }