docs(issues): mark ISSUE-003 through ISSUE-006 resolved, update index
Index: 47 open (8 critical, 39 major), 6 resolved. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
@@ -4,7 +4,9 @@ title: "Route shadowing: POST /api/disputes/:purchaseRequestId/resolve matches d
|
|||||||
severity: critical
|
severity: critical
|
||||||
domain: Dispute
|
domain: Dispute
|
||||||
labels: [bug, backend, critical, escrow]
|
labels: [bug, backend, critical, escrow]
|
||||||
status: open
|
status: resolved
|
||||||
|
resolved: 2026-05-29
|
||||||
|
fix: "Remounted services/dispute router at /api/disputes/pr instead of /api/disputes — eliminates route overlap with dashboard router"
|
||||||
created: 2026-05-29
|
created: 2026-05-29
|
||||||
source: Doc vs Code Audit 2026-05-29
|
source: Doc vs Code Audit 2026-05-29
|
||||||
---
|
---
|
||||||
|
|||||||
@@ -4,7 +4,9 @@ title: "POST /api/disputes/:id/resolve (dashboard) does not trigger escrow relea
|
|||||||
severity: critical
|
severity: critical
|
||||||
domain: Dispute
|
domain: Dispute
|
||||||
labels: [bug, backend, escrow, major]
|
labels: [bug, backend, escrow, major]
|
||||||
status: open
|
status: resolved
|
||||||
|
resolved: 2026-05-29
|
||||||
|
fix: "DisputeService.resolveDispute now calls releaseHoldResolve(purchaseRequestId) after saving, clearing escrow hold and unblocking payment release"
|
||||||
created: 2026-05-29
|
created: 2026-05-29
|
||||||
source: Doc vs Code Audit 2026-05-29
|
source: Doc vs Code Audit 2026-05-29
|
||||||
---
|
---
|
||||||
|
|||||||
@@ -4,7 +4,9 @@ title: "POST /api/payment/payments/:id/fetch-tx, POST /api/payment/payments/auto
|
|||||||
severity: critical
|
severity: critical
|
||||||
domain: Payment
|
domain: Payment
|
||||||
labels: [security, bug, backend, critical, missing-auth]
|
labels: [security, bug, backend, critical, missing-auth]
|
||||||
status: open
|
status: resolved
|
||||||
|
resolved: 2026-05-29
|
||||||
|
fix: "Added authenticateToken + authorizeRoles('admin') to /payments/:id/debug, /payments/:id/fetch-tx, and /payments/auto-fetch-missing in paymentRoutes.ts"
|
||||||
created: 2026-05-29
|
created: 2026-05-29
|
||||||
source: Doc vs Code Audit 2026-05-29
|
source: Doc vs Code Audit 2026-05-29
|
||||||
---
|
---
|
||||||
|
|||||||
@@ -4,7 +4,9 @@ title: "GET /api/admin/scanner/status has no authentication middleware despite /
|
|||||||
severity: critical
|
severity: critical
|
||||||
domain: Admin
|
domain: Admin
|
||||||
labels: [security, bug, backend, critical, missing-auth]
|
labels: [security, bug, backend, critical, missing-auth]
|
||||||
status: open
|
status: resolved
|
||||||
|
resolved: 2026-05-29
|
||||||
|
fix: "Added authenticateToken + authorizeRoles('admin') inline to the scanner status proxy route in app.ts"
|
||||||
created: 2026-05-29
|
created: 2026-05-29
|
||||||
source: Doc vs Code Audit 2026-05-29
|
source: Doc vs Code Audit 2026-05-29
|
||||||
---
|
---
|
||||||
|
|||||||
@@ -1,7 +1,7 @@
|
|||||||
# Issues Index
|
# Issues Index
|
||||||
|
|
||||||
> Generated from Doc vs Code Audit — 2026-05-29 · last reconciled 2026-05-29
|
> Generated from Doc vs Code Audit — 2026-05-29 · last reconciled 2026-05-29
|
||||||
> **51 open issues** | 🔴 12 critical · 🟠 39 major · 🟡 0 minor · ⚪ 1 invalid (stale audit) · ✅ 2 resolved
|
> **47 open issues** | 🔴 8 critical · 🟠 39 major · 🟡 0 minor · ⚪ 1 invalid (stale audit) · ✅ 6 resolved
|
||||||
|
|
||||||
## 🔴 Critical
|
## 🔴 Critical
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user