feat: architecture review fixes, self-update system, CI pipeline, supply chain hardening
Architecture review (all P0+P1 issues now fixed): - Add 10s timeout to 6 bare Nostr client.connect() calls - Pin all 12 crypto deps to exact versions from Cargo.lock - Pin all 15 floating container image tags to exact patch versions - Add CI pipeline (cargo fmt + clippy + tests, frontend type-check + build) Self-update system (git.tx1138.com): - scripts/self-update.sh: pull, build, install, restart with rollback - systemd timer checks daily at 3 AM - update.check RPC does git-based checks when repo is present - update.git-apply RPC triggers self-update from UI - Default update URL changed from GitHub to git.tx1138.com - Git added to ISO package list for fresh installs Documentation: - CHANGELOG v1.3.1 with all changes - README updated (version, update system section) - BETA-PROGRESS session #6 logged - architecture-review.html: 4 issues marked FIXED, 8/12 refactoring done Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -2,7 +2,7 @@
|
||||
|
||||
> **Goal**: Flawless beta that works perfectly on every machine we install it on.
|
||||
> **Freeze started**: 2026-03-18
|
||||
> **Last updated**: 2026-03-18
|
||||
> **Last updated**: 2026-03-25
|
||||
|
||||
---
|
||||
|
||||
@@ -26,7 +26,7 @@ PHASE 3: Beta Live (public release)
|
||||
|
||||
Everything in this phase must pass before we hand it to real users.
|
||||
|
||||
### Overall Status: IN PROGRESS (~55%)
|
||||
### Overall Status: IN PROGRESS (~65%)
|
||||
|
||||
| Workstream | Status | Completion | Gate-blocking? |
|
||||
|------------|--------|------------|----------------|
|
||||
@@ -40,6 +40,8 @@ Everything in this phase must pass before we hand it to real users.
|
||||
| 1H. UI Polish & Layout | DONE (batch + What's New) | ~90% | No |
|
||||
| 1I. WebSocket Reliability | NOT STARTED | 0% | No |
|
||||
| 1J. Quality Baseline Check | NOT STARTED | 0% | No |
|
||||
| 1K. Architecture Review Fixes | DONE (4/4 items) | 100% | ~~YES~~ |
|
||||
| 1L. Update System (git.tx1138.com) | DONE | 100% | No |
|
||||
|
||||
### 1A. Critical Bugs
|
||||
|
||||
@@ -316,6 +318,7 @@ Starts when we hand ISOs to real users on real hardware we don't control.
|
||||
| 2026-03-18 | #3 | Updated tracking to reflect completed work — TASK-11 done, TASK-8 9/12, UI batch done | TASK-11, TASK-26-30, TASK-32, TASK-34-36, BUG-33 |
|
||||
| 2026-03-18 | #4 | Rewrote deploy-tailscale.sh (full deploy with split-mode SSH, rootful migration, containers, infra). Fixed first-boot-containers.sh rootless bugs (subnet, UID mapping, prereqs). Dynamic HTTPS certs. | — |
|
||||
| 2026-03-18 | #5 | BUG-1 CSRF fix, TASK-8 12/12 done, 7 bugs fixed, Argon2id migration, random BTC RPC, RBAC hardened, What's New history, Bitcoin sync gauge. Tagged v1.2.0-alpha.9. | BUG-1, TASK-8, BUG-20/37/40/41, TASK-31/38 |
|
||||
| 2026-03-25 | #6 | Architecture review audit: all P0s+P1s verified fixed. Fixed remaining items: Nostr timeouts (6 calls), crypto dep pinning (12 deps), container image pinning (15 images), CI pipeline. Update system wired to git.tx1138.com. Cleaned stale branches. Docs updated. | Architecture review 4/4, CI pipeline |
|
||||
|
||||
---
|
||||
|
||||
|
||||
Reference in New Issue
Block a user