Changelog

Mises à jour produit, correctifs sécurité et nouvelles fonctionnalités.

vUnreleased

Aucune mise à jour documentée pour l'instant.

v1.0.02026-02-15

V1 go-live checklist with measurable GO/NO-GO gates.
Runbooks for auth, DB, queue/redis, and release rollback.
E2E smoke suite for core authenticated routes.
Shared Playwright auth helpers.
Dashboard store regression tests for payload shape compatibility.
CI release gate now includes coverage and e2e smoke.
SSRF firewall + redirect-safe fetch integrated into scanner/crawlers.
Email verification flow (register + verify endpoint + UI), with sign-in blocked in production until verified.
GDPR account deletion endpoint (password confirmation, safe anonymization).
Encryption key rotation support (`ENCRYPTION_KEY_PREVIOUS`) + rotation script.
API key authentication support for guard proxy/evaluate.
Plan quota enforcement for assets, webhooks, API keys, scheduled scans, guard calls/day, and exports/month.
MFA recovery codes (hashed storage, one-time use, regeneration endpoint).
Release evidence artifacts for audits, dry-run, and real scan proof.

Dashboard store now accepts direct and wrapped API payloads.
Health endpoint now reports queue status in addition to DB/Redis/Memory.
Prisma safe migration script now enforces command timeout via `PRISMA_COMMAND_TIMEOUT_MS`.
Deploy workflow now runs release gate before build/push.
Cron routes now enforce `CRON_SECRET` consistently (with dev warnings).
Stripe webhook signature verification is required in production.
Stripe webhook processing is idempotent by `event.id` with Redis/in-memory fallback.
RBAC enforced for webhooks, scheduled scans, and billing routes.
Sidebar includes Sign Out.

`tests/security/fuzzer.test.ts` regression caused by missing exports.
Middleware now allows `/api/billing/webhook` without auth interception.
Same-origin validation for billing checkout/portal redirect URLs (open redirect mitigation).

2026-02-07: Resolved `next` production DoS advisory exposure by upgrading to `^15.5.10` and enforcing `npm audit --omit=dev --audit-level=high` in release gate.
2026-02-07: Hardened deploy gate to fail fast when deployment webhooks are missing, avoiding false-positive release states.
2026-02-07: Reduced operational information exposure by returning sanitized DB health errors (`Database unavailable`) instead of internal exception details.

Mises à jour produit, correctifs sécurité et nouvelles fonctionnalités.

vUnreleased

Aucune mise à jour documentée pour l'instant.

v1.0.02026-02-15

V1 go-live checklist with measurable GO/NO-GO gates.
Runbooks for auth, DB, queue/redis, and release rollback.
E2E smoke suite for core authenticated routes.
Shared Playwright auth helpers.
Dashboard store regression tests for payload shape compatibility.
CI release gate now includes coverage and e2e smoke.
SSRF firewall + redirect-safe fetch integrated into scanner/crawlers.
Email verification flow (register + verify endpoint + UI), with sign-in blocked in production until verified.
GDPR account deletion endpoint (password confirmation, safe anonymization).
Encryption key rotation support (`ENCRYPTION_KEY_PREVIOUS`) + rotation script.
API key authentication support for guard proxy/evaluate.
Plan quota enforcement for assets, webhooks, API keys, scheduled scans, guard calls/day, and exports/month.
MFA recovery codes (hashed storage, one-time use, regeneration endpoint).
Release evidence artifacts for audits, dry-run, and real scan proof.

Dashboard store now accepts direct and wrapped API payloads.
Health endpoint now reports queue status in addition to DB/Redis/Memory.
Prisma safe migration script now enforces command timeout via `PRISMA_COMMAND_TIMEOUT_MS`.
Deploy workflow now runs release gate before build/push.
Cron routes now enforce `CRON_SECRET` consistently (with dev warnings).
Stripe webhook signature verification is required in production.
Stripe webhook processing is idempotent by `event.id` with Redis/in-memory fallback.
RBAC enforced for webhooks, scheduled scans, and billing routes.
Sidebar includes Sign Out.

`tests/security/fuzzer.test.ts` regression caused by missing exports.
Middleware now allows `/api/billing/webhook` without auth interception.
Same-origin validation for billing checkout/portal redirect URLs (open redirect mitigation).

2026-02-07: Resolved `next` production DoS advisory exposure by upgrading to `^15.5.10` and enforcing `npm audit --omit=dev --audit-level=high` in release gate.
2026-02-07: Hardened deploy gate to fail fast when deployment webhooks are missing, avoiding false-positive release states.
2026-02-07: Reduced operational information exposure by returning sanitized DB health errors (`Database unavailable`) instead of internal exception details.