mirror of
https://github.com/azaion/ui.git
synced 2026-06-21 08:01:10 +00:00
Oleksandr Bezdieniezhnykh
f7dd6c98d8
ci/woodpecker/push/build-arm Pipeline failed
Security audit (5 phases) → reports under _docs/05_security/. AZ-501 (F-SAST-1, HIGH): Externalize hardcoded Google Geocode key from mission-planner/src/config.ts to VITE_GOOGLE_GEOCODE_KEY via new GeocodeService.ts; fail-soft warn when unset; STC-SEC1D static deny-list gate; +5 unit tests in tests/mission_planner_geocode.test.ts. AZ-502 (F-DEP-1, HIGH): Force vite>=6.4.2 and postcss>=8.5.10 via package.json overrides in both roots; clean reinstall clears all bun audit advisories. Test-spec sync (Step 12) + Update Docs (Step 13) deltas: AC-43, AC-44, NFT-SEC-09b, FT-P-61, FT-N-17, ripple log, batch_12 report. Pending user actions: revoke Google + OWM keys (AC-6 / AZ-499 AC-7). 229 PASS / 13 SKIP / 0 FAIL on static + fast suites. Co-authored-by: Cursor <cursoragent@cursor.com>
26 lines
867 B
Markdown
26 lines
867 B
Markdown
# Autodev State
|
|
|
|
## Current Step
|
|
flow: existing-code
|
|
step: 15
|
|
name: Performance Test
|
|
status: not_started
|
|
sub_step:
|
|
phase: 0
|
|
name: awaiting-invocation
|
|
detail: ""
|
|
retry_count: 0
|
|
cycle: 2
|
|
tracker: jira
|
|
|
|
## Notes
|
|
- Cycle 2 Step 14 CLOSED. Audit: `_docs/05_security/` (5 reports). Verdict:
|
|
FAIL (1 HIGH F-SAST-1, 1 HIGH F-DEP-1, 7 MED, 2 LOW). User chose A —
|
|
fixed both HIGH inline (AZ-501 Google key, AZ-502 Vite/PostCSS).
|
|
Implementation report: `_docs/03_implementation/batch_12_report.md`.
|
|
Static + fast: 229 PASS / 13 SKIP / 0 FAIL. Both tickets transitioned to
|
|
"In Progress" in Jira. PENDING USER: AZ-501 AC-6 (Google key revocation
|
|
at Google Cloud Console) + AZ-499 AC-7 (OWM key revocation, carried from
|
|
earlier). PENDING CROSS-WORKSPACE: AZ-498 deploy gate (Step 16).
|
|
Phase B follow-ups deferred: F-INF-1..F-INF-5 in security audit report.
|