Hartmut/CapaKraken
1
0
Fork 0
Code Issues 10 Pull Requests 1 Actions Packages Projects Releases Wiki Activity
522 Commits 3 Branches 1 Tag
dda049075fff72dc578c0215c660fc51f733be1b
Commit Graph

277 Commits

Author SHA1 Message Date
Hartmut dda049075f refactor(application): extract vacation management into application use-cases 
Moves approve, reject, cancel, and request vacation business logic
out of the tRPC procedure layer into packages/application, matching
the pattern used by allocation use-cases.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-09 16:49:45 +02:00
Hartmut 0e119cfe73 security: close audit findings #19–#23 and harden Docker setup (#24) 
#19 MFA QR code: render locally via qrcode package, remove external qrserver.com request
#20 Webhook SSRF: add ssrf-guard.ts with DNS-verified IP blocklist; enforce on create/update/test/dispatch
#21 /api/perf: fail-closed when CRON_SECRET missing; remove query-string token auth
#22 CSP: remove unsafe-eval and unsafe-inline from script-src in production builds
#23 Active session registry: forward jti into session object; validate against ActiveSession on every tRPC request

#24 Docker: add missing packages/application to Dockerfile.dev; fix pnpm-lock.yaml glob;
    run db:migrate:deploy on container start so a fresh checkout boots without manual steps

Also: fix pre-existing TS error in e2e/allocations.spec.ts (args.length literal type overlap)

Co-Authored-By: claude-flow <ruv@ruv.net>
 2026-04-01 18:19:21 +02:00
Hartmut 8c5be51251 feat(platform): checkpoint current implementation state 2026-04-01 07:42:03 +02:00
Hartmut 3e53471f05 refactor(api): split resource read models 2026-04-01 07:38:03 +02:00
Hartmut 41916a4e46 refactor(api): share owned resource read access 2026-04-01 07:35:34 +02:00
Hartmut a0c98cf24d test(api): close assistant split regression gaps 2026-04-01 07:33:00 +02:00
Hartmut 9553aa0544 feat(api): add timeline allocation fragment support 2026-03-31 23:46:23 +02:00
Hartmut f2d511ebc8 feat(api): include skill gaps in dashboard detail 2026-03-31 23:46:07 +02:00
Hartmut 2de5a0eede feat(api): include project health in dashboard detail 2026-03-31 23:36:29 +02:00
Hartmut 703406a76b feat(api): explain dashboard chargeability by chapter 2026-03-31 23:34:03 +02:00
Hartmut a8fcc4dacb feat(api): expose peak times explainability 2026-03-31 23:25:36 +02:00
Hartmut fc12a5739e feat(api): expose demand pipeline explainability 2026-03-31 23:24:14 +02:00
Hartmut 79e0fd82f5 fix(api): reuse cached dashboard detail reads 2026-03-31 23:11:49 +02:00
Hartmut a76b173f4b refactor(api): narrow import-export procedure contexts 2026-03-31 22:55:26 +02:00
Hartmut 8bc764a35e fix(api): harden optional audit and session fields 2026-03-31 22:54:33 +02:00
Hartmut 160ba99b5c refactor(insights): share workbook export and ai defaults 2026-03-31 22:53:53 +02:00
Hartmut 05eeaab3f7 chore(settings): align default ai model handling 2026-03-31 22:52:29 +02:00
Hartmut 6e84b022c3 fix(api): harden notification assignee persistence 2026-03-31 22:52:09 +02:00
Hartmut 7ace137d16 feat(dashboard): tighten explainability detail views 2026-03-31 22:50:47 +02:00
Hartmut ba2bf00712 refactor(api): extract estimate procedure support 2026-03-31 22:45:05 +02:00
Hartmut 3f9ae29e01 refactor(api): share staffing capacity summaries 2026-03-31 22:45:00 +02:00
Hartmut 64111a9013 refactor(api): extract assistant chat orchestration 2026-03-31 22:44:54 +02:00
Hartmut 1b5f19c72c feat(api): explain chargeability derivation inputs 2026-03-31 22:43:33 +02:00
Hartmut cb363ca5b3 feat(api): explain holiday-aware vacation deductions 2026-03-31 22:42:00 +02:00
Hartmut cb8669c489 refactor(api): strengthen report template persistence 2026-03-31 22:35:15 +02:00
Hartmut 78d19c59b6 fix(api): harden notification task status updates 2026-03-31 22:35:02 +02:00
Hartmut d9c1e70620 refactor(api): split allocation assignment mutations 2026-03-31 22:30:03 +02:00
Hartmut 46d00c2635 refactor(api): split dashboard detail shaping 2026-03-31 22:26:52 +02:00
Hartmut a9028290f2 refactor(api): clarify affected allocation resource ids 2026-03-31 22:22:22 +02:00
Hartmut dbf5401910 refactor(api): extract allocation assignment mutation effects 2026-03-31 22:21:30 +02:00
Hartmut 59690b86ac refactor(api): split computation graph detail formatting 2026-03-31 22:19:09 +02:00
Hartmut a539e748a5 refactor(api): split resource graph snapshot loading 2026-03-31 22:16:31 +02:00
Hartmut 7411aaa77b refactor(api): split resource graph allocation assembly 2026-03-31 22:14:53 +02:00
Hartmut 831a44973c refactor(api): split project graph estimate assembly 2026-03-31 22:12:02 +02:00
Hartmut 1a90f4b930 fix(dashboard): stabilize budget forecast derivation typing 2026-03-31 22:11:39 +02:00
Hartmut 459ab6911b refactor(api): split resource graph availability 2026-03-31 22:01:29 +02:00
Hartmut e0de41488c refactor(api): split report query execution 2026-03-31 21:59:10 +02:00
Hartmut 4111b7b661 refactor(api): split notification procedure support 2026-03-31 21:56:15 +02:00
Hartmut 9fccd4c29e refactor(api): extract user procedures 2026-03-31 21:40:50 +02:00
Hartmut e34c22f3b0 refactor(api): extract project procedures 2026-03-31 21:28:56 +02:00
Hartmut b1799e4f54 refactor(api): extract computation graph procedures 2026-03-31 21:24:28 +02:00
Hartmut 884f1012c9 refactor(api): extract role read procedures 2026-03-31 21:22:44 +02:00
Hartmut cba4d44f16 refactor(api): extract webhook procedures 2026-03-31 21:18:29 +02:00
Hartmut 70171d43fd refactor(api): extract calculation rule procedures 2026-03-31 21:15:02 +02:00
Hartmut 5a79ba5843 refactor(api): extract audit log procedures 2026-03-31 21:11:19 +02:00
Hartmut cb12536cdf refactor(api): extract system role config procedures 2026-03-31 21:09:21 +02:00
Hartmut b17398e00b refactor(api): extract utilization category procedures 2026-03-31 21:09:13 +02:00
Hartmut e08a992a65 refactor(api): extract entitlement procedures 2026-03-31 21:05:56 +02:00
Hartmut 99db52929f fix(api): harden user self-service and resource linking 2026-03-31 21:02:36 +02:00
Hartmut e8c0d3c3eb fix(api): honor vacation deduction snapshots 2026-03-31 21:00:11 +02:00