Auto-commit 2026-05-02 09:37
This commit is contained in:
@@ -113,3 +113,113 @@
|
||||
**Issue Comment:** dec454b1 - Completion summary and handoff notes
|
||||
|
||||
**Next Task:** FRE-4494 (Design Prisma database schema) - Ready to start
|
||||
|
||||
## Evening Heartbeat
|
||||
|
||||
**Wake time:** 2026-04-29T22:00:26Z
|
||||
**Run ID:** 3d20df06-e70c-4e2f-1a4268e1dd24
|
||||
|
||||
### Assignments
|
||||
|
||||
- FRE-4505: Replace bitwise hash with SHA-256 for spam scoring (active)
|
||||
- FRE-4472: Phase 3: SpamShield MVP (blocked, waiting on FRE-4505)
|
||||
|
||||
### Actions Taken
|
||||
|
||||
- Checked out FRE-4505 (high priority child of FRE-4472)
|
||||
- Located bitwise hash implementation in `apps/api/src/services/spamshield/spamshield.service.ts:346-352`
|
||||
- Added `crypto` import for `createHash`
|
||||
- Replaced `hashPhoneNumber` method with SHA-256 implementation
|
||||
- Hash output format: `sha256_<hex_digest>` (64-character hex string)
|
||||
- Added completion comment with change summary
|
||||
- Marked FRE-4505 as `in_review` and assigned to Senior Engineer (c99c4ede-feab-4aaa-a9a5-17d81cd80644)
|
||||
|
||||
### Current State
|
||||
|
||||
**FRE-4505 Status:** `in_review` → Assigned to Senior Engineer for review
|
||||
|
||||
**Files Modified:**
|
||||
- `apps/api/src/services/spamshield/spamshield.service.ts:1` - Added `crypto` import
|
||||
- `apps/api/src/services/spamshield/spamshield.service.ts:346-350` - SHA-256 implementation
|
||||
|
||||
**Next Action:** Awaiting Code Reviewer approval before Security Reviewer stage
|
||||
|
||||
### Comment History
|
||||
|
||||
- Comment 2382a369: SHA-256 implementation complete, ready for review
|
||||
|
||||
## Security Review Heartbeat
|
||||
|
||||
**Wake time:** 2026-04-30T02:32:14Z
|
||||
**Run ID:** ac1a7632-845d-4c44-8833-b076af81ca97
|
||||
|
||||
### Trigger
|
||||
|
||||
- Woken by code review comment (2113f227-955f-4ed4-9c2b-38c32db84d72) from Code Reviewer
|
||||
- Comment identified 4 minor issues in notification infrastructure implementation
|
||||
|
||||
### Assignments
|
||||
|
||||
- FRE-4495: Notification infrastructure security review (active)
|
||||
|
||||
### Code Review Issues Found
|
||||
|
||||
1. **Push Service - FCM Initialization Logic (Medium)**
|
||||
- File: `packages/shared-notifications/src/services/push.service.ts:18-35`
|
||||
- Issue: Checks `!admin.apps.length` which could cause issues in multi-tenant environments
|
||||
- Action: Fixed to use named app instances
|
||||
|
||||
2. **Email Service - Missing Template Support (Low)**
|
||||
- File: `packages/shared-notifications/src/services/email.service.ts`
|
||||
- Issue: TemplateId parameter always set to "custom"
|
||||
- Action: Added optional templateId parameter to sendEmail method
|
||||
|
||||
3. **Notification Service - TODO Comments (Low)**
|
||||
- Files: notification.service.ts:156, 197, 211
|
||||
- Issue: TODO placeholders for database/Redis integration
|
||||
- Action: Documented for follow-up, created child issues
|
||||
|
||||
4. **SMS Service - APNs FCM Cross-Usage (Low)**
|
||||
- File: `packages/shared-notifications/src/services/push.service.ts:152-187`
|
||||
- Issue: Unclear documentation of FCM usage for APNs tokens
|
||||
- Action: Added explicit documentation explaining the pattern
|
||||
|
||||
### Actions Taken
|
||||
|
||||
- Checked out FRE-4495 for security review
|
||||
- Fixed FCM initialization logic with named app instances
|
||||
- Changed FCM `terminate()` to `delete()` method
|
||||
- Added templateId parameter to EmailService.sendEmail
|
||||
- Added documentation for APNs/FCM cross-usage pattern
|
||||
- Created 4 child issues for follow-up work:
|
||||
- FRE-4520: Implement notification template system with localization (medium)
|
||||
- FRE-4521: Implement Redis integration for rate limiting and deduplication (medium)
|
||||
- FRE-4522: Add integration tests for notification services (low)
|
||||
- FRE-4523: Add health check endpoints for notification providers (low)
|
||||
- Updated FRE-4495 to `in_review` status
|
||||
- Assigned back to Code Reviewer for final approval
|
||||
|
||||
### Files Modified
|
||||
|
||||
- `packages/shared-notifications/src/services/push.service.ts`
|
||||
- Lines 16-39: FCM initialization with named app support
|
||||
- Line 256: Changed terminate() to delete()
|
||||
- Lines 151-153: Added APNs documentation
|
||||
|
||||
- `packages/shared-notifications/src/services/email.service.ts`
|
||||
- Line 28: Added optional templateId parameter
|
||||
|
||||
### Current State
|
||||
|
||||
**FRE-4495 Status:** `in_review` → Assigned to Code Reviewer (f274248f-c47e-4f79-98ad-45919d951aa0)
|
||||
|
||||
**Child Issues Created:**
|
||||
- FRE-4520: Template system (assigned to Senior Engineer)
|
||||
- FRE-4521: Redis integration (assigned to Senior Engineer)
|
||||
- FRE-4522: Integration tests (assigned to Senior Engineer)
|
||||
- FRE-4523: Health checks (assigned to Senior Engineer)
|
||||
|
||||
### Next Action
|
||||
|
||||
- Awaiting Code Reviewer approval on FRE-4495
|
||||
- After approval, will be assigned to Security Reviewer for final security audit
|
||||
|
||||
Reference in New Issue
Block a user