Ran the quick B16 checks: encryption-key lifecycle safe (hasKey guard + v2 db-key fallback → graceful, no plaintext), migrations idempotent. Found: the privacy policy calls the update/version check "optional" but there is no opt-out setting, and it hits a hardcoded host on About/Status/version load. Logged S4. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> |
||
|---|---|---|
| .. | ||
| images | ||
| Authentik-Integration.md | ||
| CSRF-SPA-Setup.md | ||
| Engineering_Reference_Manual.md | ||
| Engineering_Reference_promp.md | ||
| QA_PLAN.md | ||
| RATE_LIMITING_ENHANCEMENT.md | ||
| ROADMAP_REDESIGN_PLAN.md | ||
| ROADMAP_UI_AUDIT.md | ||
| UI_IMPROVEMENTS.md | ||
| advisory_non_bill_transaction_filters_us_ms_5000.json | ||
| cents-migration-plan.md | ||
| merchant_store_match_us_nems_online_5k_v0_2.json | ||
| top_200_us_subscriptions.csv | ||
| top_200_us_subscriptions_researched_2026-06-06.json | ||