snapapi: session 29 — QA pass, fix financials

projects/snapapi/memory/sessions.md

@@ -1,5 +1,41 @@
 # SnapAPI Session Log
 
+## Session 29 — 2026-02-26 17:00 UTC (QA + Status Check)
+
+**Goal:** QA pass on production, assess readiness, clean up state.
+
+### What Was Done
+
+1. **Full production QA** — crawled all pages and endpoints:
+   - All pages return 200 ✅ (except /usage.html → 404, known BUG-014)
+   - Extensionless redirects working (/privacy, /terms, /impressum → 301) ✅
+   - No broken links from landing page ✅ (usage.html not linked from prod nav)
+   - /health shows version 0.1.0 (stale, BUG-012 — fixed on staging)
+   - OpenAPI still has /v1/signup/free (BUG-013 — fixed on staging)
+
+2. **Test suite verified** — 136 passing, 2 skipped (integration tests need infra)
+
+3. **Fixed financials.json** — removed stale free tier entry
+
+4. **SDK audit** — Node.js and Python SDKs exist but have zero tests (low priority, not blocking launch)
+
+### Investor Test
+1. Trust with money? **Yes on staging**, production is one deploy behind
+2. Data loss on crash? **No** — PostgreSQL with managed cluster
+3. Free tier abuse? **Low** — playground IP-limited (5/hr) + watermarked
+4. Key recovery? **Yes on staging**, production has recovery.html
+5. Website features? **All working on staging**; prod missing usage dashboard only
+
+### Assessment
+Staging v0.6.0 has been verified across 3 sessions now. Production v0.5.2 is stable but missing 8+ fixes/features. **Recommending production deploy.**
+
+### Blockers (unchanged)
+- Stripe webhook needs dashboard registration
+- CI/CD needs Forgejo token with write:package scope
+- Prod deploy needs investor approval for v0.6.0 tag
+
+---
+
 ## Session 28 — 2026-02-26 14:00 UTC (Deployment Unblocked)
 
 **Goal:** Unblock staging deployment (registry push was broken since session 27).