ghostguild-org

jennie/ghostguild-org

Fork 0

Commit graph

Author	SHA1	Message	Date
Jennie Robinson Faber	025c1a180f	Add Zod validation to all API endpoints and remove debug test route Adds schema-based input validation across helcim, events, members, series, admin, and updates API endpoints. Removes the peer-support debug test endpoint. Adds validation test coverage.	2026-03-01 17:04:26 +00:00
Jennie Robinson Faber	29c96a207e	Add Vitest security test suite and update security evaluation doc Set up Vitest with server (node) and client (jsdom) test projects. 79 tests across 8 files verify all Phase 0-1 security controls: escapeHtml sanitization, DOMPurify markdown XSS prevention, CSRF enforcement, security headers, rate limiting, auth guards, profile field allowlist, and login anti-enumeration. Updated SECURITY_EVALUATION.md with remediation status, implementation summary, and automated test coverage details.	2026-03-01 12:30:06 +00:00
Jennie Robinson Faber	bce86ee840	Add landing page	2025-11-03 11:17:51 +00:00

Author

SHA1

Message

Date

Jennie Robinson Faber

025c1a180f

Add Zod validation to all API endpoints and remove debug test route

Adds schema-based input validation across helcim, events, members,
series, admin, and updates API endpoints. Removes the peer-support
debug test endpoint. Adds validation test coverage.

2026-03-01 17:04:26 +00:00

Jennie Robinson Faber

29c96a207e

Add Vitest security test suite and update security evaluation doc

Set up Vitest with server (node) and client (jsdom) test projects.
79 tests across 8 files verify all Phase 0-1 security controls:
escapeHtml sanitization, DOMPurify markdown XSS prevention, CSRF
enforcement, security headers, rate limiting, auth guards, profile
field allowlist, and login anti-enumeration. Updated SECURITY_EVALUATION.md
with remediation status, implementation summary, and automated test
coverage details.

2026-03-01 12:30:06 +00:00

Jennie Robinson Faber

bce86ee840

Add landing page

2025-11-03 11:17:51 +00:00

3 commits