null
|
6811eb8be5
|
feat: payment accounting service, SQL schema + migration, backend route refactor, test updates
|
2026-06-07 01:05:48 -05:00 |
null
|
b4779c9eda
|
feat: auto-match review panel with undo — last 7d provider_sync payments
|
2026-06-06 17:34:09 -05:00 |
null
|
840620efe2
|
feat: v0.93 — stable provider keys, per-payment interest tracking with once-per-month gating
|
2026-06-06 16:34:20 -05:00 |
null
|
da4642dbd0
|
feat: late-attribution prompt for bank payments that crossed month boundary
|
2026-06-04 00:06:16 -05:00 |
null
|
b81b41d302
|
security: rename LIVE constant to SQL_NOT_DELETED with injection safety documentation
|
2026-06-03 22:28:46 -05:00 |
null
|
31bafb0e55
|
0.34.3
|
2026-05-31 15:06:10 -05:00 |
null
|
060c8dc2f4
|
chore: version bump to 0.28.01 and update HISTORY format
|
2026-05-16 21:36:04 -05:00 |
null
|
9d933f70cc
|
v0.28.01
|
2026-05-16 20:26:09 -05:00 |
null
|
b124e48ebc
|
v0.28.0
|
2026-05-16 15:38:28 -05:00 |
null
|
59d9d21d4c
|
v0.28.0
|
2026-05-16 10:34:32 -05:00 |
null
|
0ba315bd32
|
v0.28.0
|
2026-05-15 22:45:38 -05:00 |
null
|
7d2d0bf45e
|
0.28.0 snowball release
|
2026-05-14 02:11:54 -05:00 |
null
|
8e7f977fef
|
v0.20.5: Bulk payment input validation
- Request body must contain `payments` array (breaking change from raw array)
- Max 50 items per bulk request
- Per-item validation: bill_id (integer regex + parseInt), paid_date (YYYY-MM-DD), amount (finite number >= 0)
- Duplicate detection using bill_id + paid_date + amount composite key — skipped, not rejected
- Response format: { created, skipped, errors }
- Security fix: bill_id type coercion attack (parseInt('1abc') bypass) blocked via regex check
- Security fix: Infinity amount bypass blocked via isFinite() check
- Hudson audit: 5/7 PASS, 2 FAIL fixed (type coercion + Infinity)
|
2026-05-09 23:41:28 -05:00 |
kaspa
|
4d1709aea3
|
push
|
2026-05-09 13:03:36 -05:00 |
_null
|
b9d1366d46
|
initial commit
|
2026-05-03 19:51:57 -05:00 |