pokerface

faral/pokerface

Fork 0

Commit graph

Author	SHA1	Message	Date
Jan Willem Mannaerts	c31161af19	Add Prometheus metrics and Grafana dashboard All checks were successful Build & Push Container Image / build (push) Successful in 9s Details Instrument backend with prom-client: HTTP request count/latency, WebSocket connections, Jira API health, session/vote/room counters, and unique user/tenant tracking. Expose unauthenticated /metrics endpoint. Include pre-built Grafana dashboard JSON. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-01 01:02:36 +01:00
Jan Willem Mannaerts	03ba19042d	Harden security across frontend and backend All checks were successful Build & Push Container Image / build (push) Successful in 11s Details 1. AdfRenderer: validate href starts with https?:// before rendering links 2. Logout route: add requireAuth middleware 3. Jira API params: validate sprintId, boardId, issueIdOrKey are alphanumeric 4. CSP header: add Content-Security-Policy with restrictive defaults 5. OAuth callback: align frontendUrl fallback with index.js 6. Rate limiting: express-rate-limit on API routes + Socket.IO event throttling 7. Session KV keys: prefix with cloudId for tenant isolation defense-in-depth 8. saveScopedEstimate: use withSessionCas for atomic read-update-delete Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-28 16:05:48 +01:00
Jan Willem Mannaerts	fdd9ba8d56	Initial commit: Pokerface sprint planning poker for Jira Full-stack app with Express/Socket.io backend, React frontend, NATS JetStream for state, and Atlassian Jira OAuth integration. Includes security hardening: NATS auth support, KV bucket TTL enforcement, CAS retry for race conditions, error message sanitization, and OAuth state stored in NATS KV. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-26 21:38:37 +01:00

Author

SHA1

Message

Date

Jan Willem Mannaerts

c31161af19

Add Prometheus metrics and Grafana dashboard

Build & Push Container Image / build (push) Successful in 9s

Details

Instrument backend with prom-client: HTTP request count/latency,
WebSocket connections, Jira API health, session/vote/room counters,
and unique user/tenant tracking. Expose unauthenticated /metrics
endpoint. Include pre-built Grafana dashboard JSON.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

2026-03-01 01:02:36 +01:00

Jan Willem Mannaerts

03ba19042d

Harden security across frontend and backend

Build & Push Container Image / build (push) Successful in 11s

Details

1. AdfRenderer: validate href starts with https?:// before rendering links
2. Logout route: add requireAuth middleware
3. Jira API params: validate sprintId, boardId, issueIdOrKey are alphanumeric
4. CSP header: add Content-Security-Policy with restrictive defaults
5. OAuth callback: align frontendUrl fallback with index.js
6. Rate limiting: express-rate-limit on API routes + Socket.IO event throttling
7. Session KV keys: prefix with cloudId for tenant isolation defense-in-depth
8. saveScopedEstimate: use withSessionCas for atomic read-update-delete

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

2026-02-28 16:05:48 +01:00

Jan Willem Mannaerts

fdd9ba8d56

Initial commit: Pokerface sprint planning poker for Jira

Full-stack app with Express/Socket.io backend, React frontend,
NATS JetStream for state, and Atlassian Jira OAuth integration.

Includes security hardening: NATS auth support, KV bucket TTL
enforcement, CAS retry for race conditions, error message
sanitization, and OAuth state stored in NATS KV.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

2026-02-26 21:38:37 +01:00

3 commits