Siavash Sameni
2308db8074
docs: sync from backend 34f542e — Task #7 B unit tests + C protocol + PRD updates
2026-05-28 19:18:53 +04:00
Siavash Sameni
e00129d40d
docs: sync from backend 1889169, frontend c44ed64 — Task #7 A verification fix: multi-checkout conversion + orphan-payment guard
2026-05-28 17:21:14 +04:00
Siavash Sameni
4017aee800
docs: sync from backend faf2221, frontend 022ecb6 — Task #7 derived destinations sweep autostart, recordSweep fix, multi-seller checkout
2026-05-28 17:15:18 +04:00
moojttaba
04afa95547
docs: add Sync-From-Code rule + Activity Log
...
- AGENTS.md: mandate Activity Log entry + section updates after every code push
- 09 - Audits/Activity Log.md: new append-only log, seeded with this session's
frontend fixes (Docker build unblock, request template debug improvements,
429 storm fix) and the cross-repo rule rollout
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com >
2026-05-28 10:39:57 +03:30
Siavash Sameni
940ad0c655
Add full system audit reports and Telegram Mini App debug handoff
...
- Three-stream audit (security / logic / performance) with 35+ findings
derived from actual source code, each with file:line and remediation
- Audit Index cross-references criticals across streams into prioritized
fix tiers: immediately / before soft launch / before public launch
- Telegram Mini App debug handoff documenting what was implemented and
all remaining work items with exact file lists and test commands
- Updated architecture, data model, auth API, and registration flow docs
to reflect Telegram auth, TON wallet, and email verification additions
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-05-24 17:20:08 +04:00
Siavash Sameni
2533bedb91
Update Telegram auth verification report
2026-05-24 16:15:40 +04:00
Siavash Sameni
fa7234cbe1
Document Telegram first-class auth
2026-05-24 16:12:46 +04:00
Siavash Sameni
7651d69811
Document telegram-native task 5 foundation
2026-05-24 13:19:54 +04:00
Siavash Sameni
6a451040d9
Complete task 4 backend security architecture docs
2026-05-24 11:31:40 +04:00
Siavash Sameni
4cf5c49274
docs(audit): align documentation with post-remediation backend reality
...
- Update data model enums to match backend models
- Update API reference auth requirements
- Add dispute module references and warning blocks
- Add 2026-05-24 audit remediation callout to Overview
- Generate task breakdowns and audit artifacts
- Add doc alignment report (.taskmaster/reports/)
2026-05-24 11:16:29 +04:00
Siavash Sameni
10a6c2fa53
docs: add backend security refactor assessment
2026-05-24 08:43:01 +04:00
Siavash Sameni
5b93b2d23e
docs: add comprehensive logical audit report
...
Adds a full cross-document audit covering:
- Data Models (broken refs, ghost states, missing constraints)
- API Reference (unauthenticated endpoints, field mismatches, missing pagination)
- Architecture (fictitious deps, statelessness claims vs reality)
- Flows (race conditions, missing failure paths, auth bypasses)
- Security (passkey stubs, JWT storage, webhook verification)
32 findings organized by severity with recommended fixes.
2026-05-24 08:03:20 +04:00