web-app-launcher

alexei.dolgolyov/web-app-launcher

Fork 0

Commit Graph

Author	SHA1	Message	Date
alexei.dolgolyov	395ed821b7	fix: address all final review findings for Phase 3 - CRITICAL: Fix command injection in discoveryService (execFile instead of exec, path validation regex) - CRITICAL: Add Zod validation on discover API endpoint - HIGH: Add Zod validation on discover/approve endpoint - HIGH: Add array length limits to import schema (1000/100/100) - HIGH: Fix theme broadcast echo loop (setTimeout vs queueMicrotask) - MEDIUM: Singleton BroadcastChannel instead of create-per-send - MEDIUM: Exclude sensitive APIs from service worker cache - MEDIUM: Fix TypeScript cast errors in exportService tests	2026-03-25 01:28:24 +03:00
alexei.dolgolyov	7d8a8fb0fc	feat(phase3): phase 7 - integration & polish Fix all build/type/lint errors, write 46 new tests (222 total across 20 files), regenerate Prisma client, update seed with user preferences. Fix SvelteSet usage, add {#each} keys, clean unused imports.	2026-03-25 01:12:11 +03:00

Author

SHA1

Message

Date

alexei.dolgolyov

395ed821b7

fix: address all final review findings for Phase 3

- CRITICAL: Fix command injection in discoveryService (execFile instead
  of exec, path validation regex)
- CRITICAL: Add Zod validation on discover API endpoint
- HIGH: Add Zod validation on discover/approve endpoint
- HIGH: Add array length limits to import schema (1000/100/100)
- HIGH: Fix theme broadcast echo loop (setTimeout vs queueMicrotask)
- MEDIUM: Singleton BroadcastChannel instead of create-per-send
- MEDIUM: Exclude sensitive APIs from service worker cache
- MEDIUM: Fix TypeScript cast errors in exportService tests

2026-03-25 01:28:24 +03:00

alexei.dolgolyov

7d8a8fb0fc

feat(phase3): phase 7 - integration & polish

Fix all build/type/lint errors, write 46 new tests (222 total across
20 files), regenerate Prisma client, update seed with user preferences.
Fix SvelteSet usage, add {#each} keys, clean unused imports.

2026-03-25 01:12:11 +03:00

2 Commits