Your Name
0d81a53b7a
docs: summarize remediation lessons and refresh project standards
2026-04-17 22:37:19 +08:00
Your Name
49738f2119
test(supply-api): disable cache in integration runner
2026-04-17 22:10:34 +08:00
Your Name
f48fca565b
docs(sql): clarify active schema boundaries and status constraints
2026-04-17 20:12:05 +08:00
Your Name
cccb76b72b
feat(supply-api): make withdraw readiness depend on sms wiring
2026-04-17 19:26:20 +08:00
Your Name
9bb1d6ce3e
feat(supply-api): gate and wire iam routes explicitly
2026-04-17 19:19:37 +08:00
Your Name
9279e65cd7
fix(supply-api): make compensation executor fail closed
2026-04-17 19:15:45 +08:00
Your Name
2e0f6e29aa
fix(supply-api): restore uncached build health
2026-04-17 16:20:34 +08:00
Your Name
ad776e4079
fix: P0/P1 security fixes across gateway, token-runtime, and supply-api
...
P0 fixes:
- platform-token-runtime: Add store.Save() after Refresh token update (P0-3)
- platform-token-runtime: Add sync.RWMutex to InMemoryRuntimeStore (P0-4)
- platform-token-runtime: Add bearer token auth to /audit-events endpoint (P0-5)
- gateway: Fail startup in production if PASSWORD_ENCRYPTION_KEY uses default (P0-1)
- gateway: Require explicit CORS_ALLOW_ORIGINS in production (P0-2)
P1 fixes:
- gateway: Add TrustedProxies config field + env var GATEWAY_TRUSTED_PROXIES (P1-5)
- gateway: Sanitize X-Request-ID header to prevent log injection (P1-6)
- gateway: Strip internal error details from error responses to clients (P1-7)
- supply-api: Upgrade deriveDEK from trivial byte-rotation to HKDF-SHA256 (P1-1)
- supply-api: Reject HS256/HS384/HS512 in production, require RSA (P1-2)
Code quality fixes:
- supply-api: Add BruteForceMaxAttempts + BruteForceLockoutDuration to AuthConfig (MED-12)
- supply-api: Add TrustedProxies to token_auth_middleware (IP spoofing protection)
- supply-api: Use shared pathutil.SplitPath instead of duplicate splitPath
- supply-api: Fix query_key_reject_middleware call sites with trustedProxies param
- gateway: Wire TrustedProxies into AuthMiddlewareConfig and extractClientIP
- gateway: Add CORSAllowOrigins to AuthConfig, wire into CORSMiddleware
- gateway: Fix CompletionsHandle to have context and RecordResult like ChatCompletions
- gateway: Add sanitizeRequestID helper for X-Request-ID log injection prevention
- gateway: Add os import for PASSWORD_ENCRYPTION_KEY check
- gateway: Add strings import to handler.go for sanitizeRequestID
Environment issues documented in TEST_ENVIRONMENT_ISSUES.md
2026-04-17 14:36:02 +08:00
Your Name
6f35b3e1ad
refactor(supply-api): slim runtime constructor prelude
2026-04-16 15:38:29 +08:00
Your Name
8eab2a10f7
refactor(supply-api): reduce runtime aggregation density
2026-04-16 12:03:57 +08:00
Your Name
7e945868a5
refactor(supply-api): narrow runtime background surface
2026-04-16 11:38:56 +08:00
Your Name
45029b44d1
refactor(supply-api): narrow runtime http surface
2026-04-16 09:07:28 +08:00
Your Name
44780d1d29
refactor(supply-api): declarify runtime http adapter
2026-04-16 07:45:47 +08:00
Your Name
df8d73b4e3
refactor(supply-api): declarify bootstrap server assembly
2026-04-16 07:24:13 +08:00
Your Name
b9b875ac39
refactor(supply-api): split bootstrap http assembly
2026-04-16 07:11:33 +08:00
Your Name
39c4a11ff9
refactor(supply-api): split runtime store bundle builders
2026-04-15 23:27:11 +08:00
Your Name
22575bdd82
refactor(supply-api): split background startup helpers
2026-04-15 22:58:12 +08:00
Your Name
6e5a36bda1
refactor(supply-api): split runtime assembly helpers
2026-04-15 22:31:50 +08:00
Your Name
56cb40c1f9
refactor(supply-api): normalize app server defaults
2026-04-15 21:54:49 +08:00
Your Name
bec2a7bd1d
refactor(supply-api): precheck main env before config load
2026-04-15 20:14:59 +08:00
Your Name
5ae0861fc3
refactor(supply-api): guard unsupported env values
2026-04-15 19:24:20 +08:00
Your Name
d348d5a2c6
refactor(supply-api): normalize runtime startup defaults
2026-04-15 19:12:27 +08:00
Your Name
6940ff52b6
refactor(supply-api): layer runtime startup flow
2026-04-15 18:42:06 +08:00
Your Name
bdacc4452c
refactor(supply-api): deduplicate bootstrap assembly
2026-04-15 17:30:10 +08:00
Your Name
1776862768
refactor(supply-api): remove panic-only helper paths
...
Return explicit errors from AlertAPI construction instead of panicking inside the library layer, and let main own process-level failure handling.
Also delete the unused config.MustLoad helper and lock the supported config loading paths with tests.
2026-04-15 15:38:57 +08:00
Your Name
0c370e9353
refactor(domain): simplify outbox retry policy
...
Reduce the domain outbox surface to the shared retry/backoff contract that is actually consumed by the runtime layer.
Also make batch compensation processing pick up retrying records explicitly and cover that path with tests.
2026-04-15 10:44:05 +08:00
Your Name
567446bb25
test(repo): cover untested core packages
2026-04-15 10:17:32 +08:00
Your Name
98b1c2a86f
chore(supply-api): refresh idempotency bootstrap comments
...
Update stale main.go comments so they match the current single-path idempotency behavior and no longer describe the removed inline fallback path.
2026-04-14 12:35:01 +08:00
Your Name
88d842648d
chore(repo): align integrity entrypoints with current state
...
Rewrite module READMEs around the current verified run and test paths, tighten repo_integrity_check.sh with fact-source checks, update supply-api migration baseline, and remove the platform-token-runtime audit query placeholder response.
2026-04-14 12:29:13 +08:00
Your Name
ab0b0cc031
fix(supply-api): close sms verify and audit flush gaps
...
Use a shared in-memory code store across mock, Tencent, and Aliyun SMS services so send and verify follow the same contract. Also surface batch flush failures through FlushNow and explicit error tracking hooks for audit buffering.
2026-04-14 12:22:10 +08:00
Your Name
ad8d4bda9e
feat(supply-api): align schema with repository contract
2026-04-14 12:13:36 +08:00
Your Name
55a6e7424a
refactor(supply-api): remove inline idempotency fallback
2026-04-14 12:00:17 +08:00
Your Name
6d7ef661e6
feat(supply-api): persist audit alerts
2026-04-14 11:52:45 +08:00
Your Name
d28f83a6a8
chore(repo): add integrity baseline check
2026-04-14 10:38:24 +08:00
Your Name
fc3c1fe0a8
docs(gates): consolidate legacy tok archives
2026-04-14 07:26:28 +08:00
Your Name
ec62c801d8
docs(gates): admit verified 2026-04 snapshots
2026-04-13 21:47:19 +08:00
Your Name
e54cba9feb
docs(gates): admit local staging evidence
2026-04-13 21:45:35 +08:00
Your Name
af3b9943be
chore(cleanup): resolve pending supply-api files
2026-04-13 21:20:24 +08:00
Your Name
ecdead0a03
docs(plan): define gate archive admission roadmap
2026-04-13 21:15:32 +08:00
Your Name
24e85cab43
docs(gates): backfill archive csv snapshots
2026-04-13 21:07:26 +08:00
Your Name
9ad3980ae2
docs(gates): add root archive index
2026-04-13 21:03:44 +08:00
Your Name
90d71eb4ca
refactor(outbox): remove runner event copy
2026-04-13 20:59:14 +08:00
Your Name
64f99a45e6
refactor(compensation): use handler registry
2026-04-13 20:56:02 +08:00
Your Name
a94de1b32b
refactor(outbox): share domain backoff policy
2026-04-13 20:54:38 +08:00
Your Name
7f8143e3ac
chore(config): separate local override guidance
2026-04-13 20:52:53 +08:00
Your Name
10d79be2c3
docs(cleanup): add committable cleanup plan
2026-04-13 20:31:05 +08:00
Your Name
aecba5ff27
docs(review): add remediation plans and readiness artifacts
...
Add design, review, and production-readiness documents for the April remediation cycle.\nInclude supporting SQL and supply-api operational design notes so review conclusions and implementation guidance stay versioned together.
2026-04-13 18:54:45 +08:00
Your Name
a2f042f1c2
test(supply-api): expand e2e coverage and support unix socket dsn
...
Add broader e2e coverage for account, package, billing, tracing, and reliability scenarios.\nSupport Unix socket DSN formatting in config and cover it with unit tests.\nIgnore local assistant metadata and generated gate artifacts to reduce workspace noise.
2026-04-13 18:53:35 +08:00
Your Name
841d75191e
refactor: 使用结构化日志替代标准 log 包
...
将所有 log.Printf/Println 调用替换为 logging.Logger 结构化日志输出:
- internal/middleware/auth.go: AUTH_WARNING 和 AUTH_ERROR 日志
- internal/middleware/middleware.go: Recovery 中间件 panic 日志
- internal/domain/account.go: emitAudit 审计错误日志
- internal/domain/settlement.go: emitAudit 审计错误日志
- internal/domain/package.go: emitAudit 审计错误日志
- internal/domain/compensation.go: 补偿处理器所有日志
- internal/compensation/compensation.go: 补偿执行器所有日志
- internal/outbox/outbox.go: OutboxProcessor 所有日志
- internal/iam/middleware/scope_auth.go: WILDCARD_SCOPE_ACCESS 审计日志
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-04-13 09:49:58 +08:00
Your Name
bf6fc09b88
refactor(cmd): main.go 使用结构化日志替代标准 log
...
1. 移除标准库 log 导入
2. 使用 jsonLogger 输出结构化 JSON 日志
3. 添加格式化日志方法 (Infof, Errorf, Fatalf)
4. Fatalf 现在会调用 os.Exit(1)
日志格式示例:
{"timestamp":"...","level":"INFO","service":"supply-api","message":"starting supply-api in prod mode"}
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-04-13 07:46:52 +08:00