Hartmut
01c45d0344
Client-side validators (reset-password, invite-accept, first-admin setup, user-create modal) previously checked password.length < 8 while every server-side Zod schema required .min(12). External API consumers (or a confused browser UI) could get past the client check but fail at the tRPC boundary — or worse, quietly under-enforce policy compared to what admins expect. Fix: introduce PASSWORD_MIN_LENGTH (12) and PASSWORD_MAX_LENGTH (128) in @capakraken/shared and import them from every pre-submit client validator and every server Zod schema. Single source of truth; drift becomes a compile error rather than a security finding. Also hardens the AUTH_SECRET runtime check: in addition to the existing placeholder-blacklist, production startup now rejects secrets shorter than 32 chars OR with Shannon entropy below 3.5 bits/char. That covers low-entropy-but-long values like "aaaa..." (38 chars, entropy 0) which would have passed the previous checks. Documented the rotation process for AUTH_SECRET + POSTGRES_PASSWORD in docs/security-architecture.md §3. Verified: - pnpm test:unit — 396 files / 1922 tests passed - pnpm --filter @capakraken/web exec tsc --noEmit — clean - pnpm --filter @capakraken/api exec tsc --noEmit — clean Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Documentation Index
Date: 2026-03-12 Purpose: Single entry point for active CapaKraken product and technical documentation.
Canonical Documents
| Topic | File | Use |
|---|---|---|
| AI excellence due diligence | ai-excellence-due-diligence-roadmap.md | Frank quality assessment and cleanup roadmap toward a showcase AI-built project |
| Showcase quality backlog | showcase-quality-backlog.md | Consolidated working backlog for the current quality and maintainability north star |
| Parallel worktree hygiene | parallel-worktree-hygiene.md | Keep parallel worker slices isolated and the worktree reviewable |
| Target CI/CD architecture | cicd-target-architecture.md | Canonical image-based build, deploy, and rollback flow |
| Active roadmap and open gaps | product-roadmap.md | Primary backlog and current delivery order |
| Estimating system design | estimating-extension-design.md | Workbook analysis, field mapping, and implementation plan |
| Dispo import implementation | dispo-import-implementation.md | Clean-slate Dispo v2 import design, mapping rules, staging flow, and commit policy |
| Dispo import ticket pack | dispo-import-implementation-tickets.md | Worker-ready delivery slices, dependencies, and acceptance criteria for the Dispo import |
| Demand/assignment cutover guide | demand-assignment-migration-cutover.md | Go/no-go criteria, staged cutover, and readiness artifact policy |
| Strategic architecture direction | v2-architecture-proposal-2026-03-11.md | Longer-horizon architecture target |
| Implementation history | LEARNINGS.md | Append-only decisions and lessons |
| Agent/project guidance | CLAUDE.md | Working conventions and quality gates |
Archive Policy
Older plan and proposal markdown files stay in the repository only as archive notes when:
- the feature is already implemented enough to leave the active backlog
- the content was merged into a canonical document
- the file still has historical value, but should not drive current work
Archive-note files should point back to the relevant canonical document instead of carrying parallel backlog state.
Current Archive Notes
All archived markdown plan and proposal files now live under docs/old-markdowns/.