jennie/ghostguild-org
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
321 commits 9 branches 0 tags 28 MiB
Commit graph

10 commits

Author SHA1 Message Date
Jennie Robinson Faber
4da0265935 docs(launch): check off manual tests verified 2026-04-19 
Guest signup, mobile responsive, WCAG contrast, and in-app payment
history all verified via tunnel. Payment history's per-row receipt
link requirement accepted as satisfied by the 'Advanced billing in
Helcim' escape hatch (Helcim's card-transactions API doesn't expose
per-row receipt URLs). Also corrects the mobile breakpoint note —
chrome sidebar hides at 768px, in-page columns collapse at 1024px.
 2026-04-19 17:24:05 +01:00
Jennie Robinson Faber
b6f5ae8c5e docs(launch): P1 — in-app billing management, demote Helcim portal 2026-04-19 13:13:45 +01:00
Jennie Robinson Faber
faa5bcbb3c docs(launch): remove /join UX polish from P1 list 2026-04-19 12:24:22 +01:00
Jennie Robinson Faber
67cc488c6a docs(launch): consolidate launch readiness; archive completed P0/P1 2026-04-19 12:14:18 +01:00
Jennie Robinson Faber
36829eb1ef docs(launch): check off Helcim cadence manual tests (4, 5, 6; 3 covered by annual swap) 2026-04-18 22:06:48 +01:00
Jennie Robinson Faber
f8e0cf36ba docs(launch): add annual cadence tests + plan-consolidation runbook step 2026-04-18 18:16:23 +01:00
Jennie Robinson Faber
707447fc88 spec: board classifieds redesign 
Replace passive tag-matching with active classifieds posts.
Corkboard/zine card UI, Slack topic channel integration,
admin channel mapping, simplified profile board section.
 2026-04-14 15:09:40 +01:00
Jennie Robinson Faber
025c1a180f Add Zod validation to all API endpoints and remove debug test route 
Adds schema-based input validation across helcim, events, members,
series, admin, and updates API endpoints. Removes the peer-support
debug test endpoint. Adds validation test coverage.
 2026-03-01 17:04:26 +00:00
Jennie Robinson Faber
29c96a207e Add Vitest security test suite and update security evaluation doc 
Set up Vitest with server (node) and client (jsdom) test projects.
79 tests across 8 files verify all Phase 0-1 security controls:
escapeHtml sanitization, DOMPurify markdown XSS prevention, CSRF
enforcement, security headers, rate limiting, auth guards, profile
field allowlist, and login anti-enumeration. Updated SECURITY_EVALUATION.md
with remediation status, implementation summary, and automated test
coverage details.
 2026-03-01 12:30:06 +00:00
Jennie Robinson Faber
bce86ee840 Add landing page 2025-11-03 11:17:51 +00:00