- Added GeoIP integration (Issue #16) with service and access list updates.
- Fixed rate limiting burst field usage and added bypass list support (Issue #19).
- Implemented CrowdSec bouncer integration (Issue #17) with registration and health checks.
- Enhanced WAF integration (Issue #18) with per-host toggle, paranoia levels, and rule exclusions.
- Updated documentation and added new API routes for GeoIP, rate limits, and WAF exclusions.
chore: Add QA report for race and test failures
- Documented findings from race condition tests and WebSocket test flakiness.
- Identified issues with CrowdSec registration tests in non-bash environments.
- Noted security status contract mismatches and missing table errors in handler/service tests.
audit: Conduct full QA audit of security phases
- Verified all security implementation phases with comprehensive testing.
- Resolved linting issues and ensured codebase health.
- Documented test results and issues found during the audit.
- Updated UI components to reflect the renaming of "WAF (Coraza)" to "Coraza".
- Removed WAF controls from the Security page and adjusted related tests.
- Verified that all frontend tests pass after updating assertions to match the new UI.
- Added a test script to package.json for running tests with Vitest.
- Adjusted imports for jest-dom to be compatible with Vitest.
- Updated TypeScript configuration to include Vitest types for testing.
- Implemented ImportSuccessModal to replace alert with a modal displaying import results and guidance.
- Updated ImportCaddy to show the new modal with import summary and navigation options.
- Created CertificateStatusCard to display certificate provisioning status on the dashboard.
- Enhanced API types and hooks to support new features.
- Added unit tests for ImportSuccessModal and CertificateStatusCard components.
- Updated QA report to reflect the status of the new features and tests.
- Implement tests for ImportSuccessModal to verify rendering and functionality.
- Update AuthContext to store authentication token in localStorage and manage token state.
- Modify useImport hook to capture and expose commit results, preventing unnecessary refetches.
- Enhance useCertificates hook to support optional refetch intervals.
- Update Dashboard to conditionally poll certificates based on pending status.
- Integrate ImportSuccessModal into ImportCaddy for user feedback on import completion.
- Adjust Login component to utilize returned token for authentication.
- Refactor CrowdSecConfig tests for improved readability and reliability.
- Add debug_db.py script for inspecting the SQLite database.
- Update integration and test scripts for better configuration and error handling.
- Introduce Trivy scan script for vulnerability assessment of Docker images.
- Created `qa-test-output-after-fix.txt` and `qa-test-output.txt` to log results of certificate page authentication tests.
- Added `build.sh` for deterministic backend builds in CI, utilizing `go list` for efficiency.
- Introduced `codeql_scan.sh` for CodeQL database creation and analysis for Go and JavaScript/TypeScript.
- Implemented `dockerfile_check.sh` to validate Dockerfiles for base image and package manager mismatches.
- Added `sourcery_precommit_wrapper.sh` to facilitate Sourcery CLI usage in pre-commit hooks.
- Added a test case in CrowdSecConfig to show improved error message when preset is not cached.
- Introduced a new test suite for the Dashboard component, verifying counts and health status.
- Updated SMTPSettings tests to utilize a shared render function and added tests for backend validation errors.
- Modified Security.audit tests to improve input handling and removed redundant export failure test.
- Refactored Security tests to remove export functionality and ensure correct rendering of components.
- Enhanced UsersPage tests with new scenarios for updating user permissions and manual invite link flow.
- Created a new utility for rendering components with a QueryClient and MemoryRouter for better test isolation.
- Updated go-test-coverage script to improve error handling and coverage reporting.
- Added a comprehensive plan for history rewrites in `docs/plans/history_rewrite.md`, including backup requirements and a checklist for destructive operations.
- Created a QA report for history-rewrite scripts in `docs/reports/qa_report.md`, summarizing tests, findings, and recommendations.
- Introduced `check_refs.sh` script to list branches and tags, saving a tarball of tag references.
- Updated `clean_history.sh` to include non-interactive mode and improved error handling for backup branch pushes.
- Enhanced `preview_removals.sh` to support JSON output format and added shallow clone detection.
- Added Bats tests for `clean_history.sh` and `validate_after_rewrite.sh` to ensure functionality and error handling.
- Implemented pre-commit hook to block commits to `data/backups/` directory.
- Improved validation script to check for backup branch existence and run pre-commit checks.
- Created temporary test scripts for validating `clean_history.sh` and `validate_after_rewrite.sh` functionality.
- Introduced `crowdsec_integration_test.go` to validate the integration of the CrowdSec preset pull and apply functionality.
- Updated `RealCommandExecutor` to return combined output for command execution.
- Enhanced `CrowdsecHandler` to map errors to appropriate HTTP status codes, including handling timeouts.
- Added tests for timeout scenarios in `crowdsec_presets_handler_test.go`.
- Improved `HubService` to support configurable pull and apply timeouts via environment variables.
- Implemented fallback logic for fetching hub index from a default URL if the primary fails.
- Updated documentation to reflect changes in preset handling and cscli availability.
- Refactored frontend tests to utilize a new test query client for better state management.
- Added a new integration script `crowdsec_integration.sh` for automated testing of the CrowdSec integration.
- Added comprehensive tests for CrowdSec configuration, including preset application and validation error handling.
- Introduced new test cases for importing CrowdSec configurations, ensuring backup creation and successful import.
- Updated existing tests to reflect changes in UI elements and functionality, including toggling CrowdSec mode and exporting configurations.
- Created utility functions for building export filenames and handling downloads, improving code organization and reusability.
- Refactored existing tests to use new test IDs and ensure accurate assertions for UI elements and API calls.
- Removed the Cerberus toggle functionality from the Security page.
- Introduced a new feature flags section in the System Settings page to manage Cerberus and Uptime Monitoring features.
- Updated tests to reflect the changes in the Security and System Settings components.
- Added loading overlays for feature toggling actions.
docs: Modify security documentation to indicate Cerberus is enabled by default
test: Adjust frontend feature flag tests to align with new Cerberus flag
feat: Integrate feature flags into Layout component for conditional rendering
test: Enhance Layout component tests for feature flag visibility
feat: Implement Optional Features section in System Settings page
test: Add tests for Optional Features toggles in System Settings
fix: Remove unused Cerberus state from System Settings component
- Created detailed QA testing report documenting the authentication issues with certificate endpoints, including test results and root cause analysis.
- Added final QA report confirming successful resolution of the authentication issue, with all tests passing and security verifications completed.
- Included test output logs before and after the fix to illustrate the changes in endpoint behavior.
- Documented the necessary code changes made to the route registration in `routes.go` to ensure proper application of authentication middleware.
- Documented certificate management security features in security.md, including backup and recovery processes.
- Implemented CertificateCleanupDialog component for confirming deletion of orphaned certificates when deleting proxy hosts.
- Enhanced ProxyHosts page to check for orphaned certificates and prompt users accordingly during deletion.
- Added tests for certificate cleanup prompts and behaviors in ProxyHosts, ensuring correct handling of unique, shared, and production certificates.
- Added unit tests for CrowdSec handler, including listing, banning, and unbanning IPs.
- Implemented mock command executor for testing command execution.
- Created tests for various scenarios including successful operations, error handling, and invalid inputs.
- Developed CrowdSec configuration tests to ensure proper handler setup and JSON output.
- Documented security features and identified gaps in CrowdSec, WAF, and Rate Limiting implementations.
- Established acceptance criteria for feature completeness and outlined implementation phases for future work.
- Implemented new CSS animations for UI elements including bobbing, pulsing, rotating, and spinning effects.
- Integrated loading overlays in CrowdSecConfig, Login, ProxyHosts, Security, and WafConfig pages to enhance user experience during asynchronous operations.
- Added contextual messages for loading states to inform users about ongoing processes.
- Created tests for Login and Security pages to ensure overlays function correctly during login attempts and security operations.
- Add unit tests for WAF ruleset selection priority and handler validation in config_waf_test.go.
- Enhance manager.go to sanitize ruleset names, preventing path traversal vulnerabilities.
- Introduce debug logging for WAF configuration state in manager.go to aid troubleshooting.
- Create integration tests to verify WAF handler presence and ruleset sanitization in manager_additional_test.go.
- Update coraza_integration.sh to include verification steps for WAF configuration and improved error handling.
- Document the Coraza WAF integration fix plan, detailing root cause analysis and implementation tasks.
