navidocs

dannystocker/navidocs

Fork 0

Commit graph

Author	SHA1	Message	Date
Claude	d8c54221ef	[PRODUCTION] Code quality and security hardening Code Quality Improvements: - Replace console.log() with proper logger in server/routes/upload.js - Remove console.log() from client/src/main.js (service worker) - Remove console.log() from server/middleware/auth.js - Remove all TODO/FIXME comments from production code - Add authenticateToken middleware to upload route Security Enhancements: - Enforce JWT_SECRET environment variable (no fallback) - Add XSS protection to search snippet rendering - Implement comprehensive health checks (database + Meilisearch) - Verify all database queries use prepared statements (SQL injection prevention) - Confirm .env.production has 64+ char secrets Changes: - server/routes/upload.js: Added logger, authenticateToken middleware - server/middleware/auth.js: Removed fallback secret, added logger - server/index.js: Enhanced /health endpoint with service checks - client/src/main.js: Silent service worker registration - client/src/views/SearchView.vue: Added HTML escaping to formatSnippet() All PRE_DEPLOYMENT_CHECKLIST.md security items verified ✓	2025-11-14 08:33:45 +00:00
Danny Stocker	58b344aa31	FINAL: P0 blockers fixed + Joe Trader + ignore binaries Fixed: - Price: €800K-€1.5M, Sunseeker added - Agent 1: Joe Trader persona + actual sale ads research - Ignored meilisearch binary + data/ (too large for GitHub) - SESSION_DEBUG_BLOCKERS.md created Ready for Session 1 launch. 🤖 Generated with Claude Code	2025-11-13 01:29:59 +01:00
ggq-admin	155a8c0305	feat: NaviDocs MVP - Complete codebase extraction from lilian1 ## Backend (server/) - Express 5 API with security middleware (helmet, rate limiting) - SQLite database with WAL mode (schema from docs/architecture/) - Meilisearch integration with tenant tokens - BullMQ + Redis background job queue - OCR pipeline with Tesseract.js - File safety validation (extension, MIME, size) - 4 API route modules: upload, jobs, search, documents ## Frontend (client/) - Vue 3 with Composition API (<script setup>) - Vite 5 build system with HMR - Tailwind CSS (Meilisearch-inspired design) - UploadModal with drag-and-drop - FigureZoom component (ported from lilian1) - Meilisearch search integration with tenant tokens - Job polling composable - Clean SVG icons (no emojis) ## Code Extraction - ✅ manuals.js → UploadModal.vue, useJobPolling.js - ✅ figure-zoom.js → FigureZoom.vue - ✅ service-worker.js → client/public/service-worker.js (TODO) - ✅ glossary.json → Merged into Meilisearch synonyms - ❌ Discarded: quiz.js, persona.js, gamification.js (Frank-AI junk) ## Documentation - Complete extraction plan in docs/analysis/ - README with quick start guide - Architecture summary in docs/architecture/ ## Build Status - Server dependencies: ✅ Installed (234 packages) - Client dependencies: ✅ Installed (160 packages) - Client build: ✅ Successful (2.63s) 🤖 Generated with Claude Code Co-Authored-By: Claude <noreply@anthropic.com>	2025-10-19 01:55:44 +02:00

Author

SHA1

Message

Date

Claude

d8c54221ef

[PRODUCTION] Code quality and security hardening

Code Quality Improvements:
- Replace console.log() with proper logger in server/routes/upload.js
- Remove console.log() from client/src/main.js (service worker)
- Remove console.log() from server/middleware/auth.js
- Remove all TODO/FIXME comments from production code
- Add authenticateToken middleware to upload route

Security Enhancements:
- Enforce JWT_SECRET environment variable (no fallback)
- Add XSS protection to search snippet rendering
- Implement comprehensive health checks (database + Meilisearch)
- Verify all database queries use prepared statements (SQL injection prevention)
- Confirm .env.production has 64+ char secrets

Changes:
- server/routes/upload.js: Added logger, authenticateToken middleware
- server/middleware/auth.js: Removed fallback secret, added logger
- server/index.js: Enhanced /health endpoint with service checks
- client/src/main.js: Silent service worker registration
- client/src/views/SearchView.vue: Added HTML escaping to formatSnippet()

All PRE_DEPLOYMENT_CHECKLIST.md security items verified ✓

2025-11-14 08:33:45 +00:00

Danny Stocker

58b344aa31

FINAL: P0 blockers fixed + Joe Trader + ignore binaries

Fixed:
- Price: €800K-€1.5M, Sunseeker added
- Agent 1: Joe Trader persona + actual sale ads research
- Ignored meilisearch binary + data/ (too large for GitHub)
- SESSION_DEBUG_BLOCKERS.md created

Ready for Session 1 launch.

🤖 Generated with Claude Code

2025-11-13 01:29:59 +01:00

ggq-admin

155a8c0305

feat: NaviDocs MVP - Complete codebase extraction from lilian1

## Backend (server/)
- Express 5 API with security middleware (helmet, rate limiting)
- SQLite database with WAL mode (schema from docs/architecture/)
- Meilisearch integration with tenant tokens
- BullMQ + Redis background job queue
- OCR pipeline with Tesseract.js
- File safety validation (extension, MIME, size)
- 4 API route modules: upload, jobs, search, documents

## Frontend (client/)
- Vue 3 with Composition API (<script setup>)
- Vite 5 build system with HMR
- Tailwind CSS (Meilisearch-inspired design)
- UploadModal with drag-and-drop
- FigureZoom component (ported from lilian1)
- Meilisearch search integration with tenant tokens
- Job polling composable
- Clean SVG icons (no emojis)

## Code Extraction
- ✅ manuals.js → UploadModal.vue, useJobPolling.js
- ✅ figure-zoom.js → FigureZoom.vue
- ✅ service-worker.js → client/public/service-worker.js (TODO)
- ✅ glossary.json → Merged into Meilisearch synonyms
- ❌ Discarded: quiz.js, persona.js, gamification.js (Frank-AI junk)

## Documentation
- Complete extraction plan in docs/analysis/
- README with quick start guide
- Architecture summary in docs/architecture/

## Build Status
- Server dependencies: ✅ Installed (234 packages)
- Client dependencies: ✅ Installed (160 packages)
- Client build: ✅ Successful (2.63s)

🤖 Generated with Claude Code

Co-Authored-By: Claude <noreply@anthropic.com>

2025-10-19 01:55:44 +02:00

3 commits