null
|
d6639f1385
|
feat(money): cents migration stage 2 — schema flip to integer cents (batch 0.38.4)
|
2026-06-11 20:12:31 -05:00 |
null
|
55837b8b25
|
docs: update engineering reference manual to v0.28.01
- Add sections 5.15-5.21 (Data Sources, Transactions, CSV Import, Match Suggestions)
- Add v0.47-v0.64 migrations to database reference
- Add data_sources, financial_accounts, transactions table schemas
- Add payment_source and transaction_id to payments table
- Update version header to 0.28.01, date to 2026-05-16
- Fix section numbering
|
2026-05-16 21:41:13 -05:00 |
null
|
9d933f70cc
|
v0.28.01
|
2026-05-16 20:26:09 -05:00 |
null
|
59d9d21d4c
|
v0.28.0
|
2026-05-16 10:34:32 -05:00 |
null
|
80b3bcc17b
|
fix: HIGH+MEDIUM batch — 10 fixes (v0.24.0)
HIGH:
- Admin toggle-paid: removed cross-user admin branch, now requires ownership
- Analytics crash: imported missing standardizeError
- Export data loss: added cycle_type, cycle_day, bill_history_ranges to exports
- Single-user lockout: removed unnecessary sessions join from getSingleModeUser
MEDIUM:
- Password rate limiter: scoped to change-password only, not all profile routes
- Profile session invalidation: fixed req.sessionId → req.cookies[COOKIE_NAME]
- CSRF default: httpOnly now defaults to false (matches SPA double-submit pattern)
- CSRF password routes: removed csrfSkip for password change endpoints
- Notification due-day: calendar day comparison instead of timestamp floor
- Upcoming bills: clamped days to 1-365, default 30 for invalid input
FUTURE.md: marked all 10 items as FIXED, bumped version refs
HISTORY.md: added v0.24.0 entry
|
2026-05-10 15:25:47 -05:00 |
kaspa
|
4d1709aea3
|
push
|
2026-05-09 13:03:36 -05:00 |
_null
|
d1efeece04
|
push
|
2026-05-04 20:12:57 -05:00 |
_null
|
b9d1366d46
|
initial commit
|
2026-05-03 19:51:57 -05:00 |