- Verify backend test coverage at 85.2% (threshold: 85%)
- Verify frontend test coverage at 87.8% (threshold: 85%)
- Add Google Cloud DNS setup guide
- Add Azure DNS setup guide
- Pass all security scans (Trivy, govulncheck)
- Pass all pre-commit hooks
- Updated UsersPage tests to check for specific URL formats instead of regex patterns.
- Increased timeout for Go coverage report generation to handle larger repositories.
- Cleaned up generated artifacts before running CodeQL analysis to reduce false positives.
- Removed outdated QA testing report for authentication fixes on the certificates page.
- Added final report confirming successful resolution of authentication issues with certificate endpoints.
- Deleted previous test output files to maintain a clean test results directory.
- Added comprehensive QA report for CodeQL CI alignment implementation, detailing tests, results, and findings.
- Created CodeQL security scanning guide in documentation, outlining usage and common issues.
- Developed pre-commit hooks for CodeQL scans and findings checks, ensuring security issues are identified before commits.
- Implemented scripts for running CodeQL Go and JavaScript scans, aligned with CI configurations.
- Verified all tests passed, including backend and frontend coverage, TypeScript checks, and SARIF file generation.
- Apply URL validation using security.ValidateWebhookURL() to all webhook
HTTP request paths in notification_service.go
- Block private IPs (RFC 1918), cloud metadata endpoints, and loopback
- Add comprehensive SSRF test coverage
- Add CodeQL VS Code tasks for local security scanning
- Update Definition of Done to include CodeQL scans
- Clean up stale SARIF files from repo root
Resolves CI security gate failure for CWE-918.
- Introduced markdown content rules and validation requirements in markdown.instructions.md
- Added React controls and platform libraries guidelines in pcf-react-platform-libraries.instructions.md
- Created extensive performance optimization instructions covering frontend, backend, and database best practices in performance-optimization.instructions.md
- Established Playwright test writing guidelines and structure in playwright-typescript.instructions.md
- Developed secure coding practices based on OWASP Top 10 in security-and-owasp.instructions.md
- Defined directives for managing Copilot interactions and code generation in taming-copilot.instructions.md
- Provided TypeScript 5.x and ES2022 development guidelines in typescript-5-es2022.instructions.md
