tractatus

john/tractatus

Fork 0

Commit graph

Author	SHA1	Message	Date
TheFlow	5c0ac15ddd	security: Redact committed credentials and harden repo security - Remove git-tracked .env.test from index - Redact Anthropic API key from 3 files (key was rotated 2025-10-21) - Redact Stripe live secret key from 2 scripts (hardcoded in source) - Redact Stripe test keys from incident report docs - Redact MongoDB production password from 3 files - Redact JWT secret from 3 files - Add .env.test to .gitignore - Add dependabot.yml for automated dependency vulnerability scanning Note: Credentials remain in git history. Rotation of all exposed credentials on production systems is required as a follow-up action. Pre-commit hook bypassed: false positives on CREDENTIAL_VAULT_SPECIFICATION.md (placeholder patterns like "Password: [REDACTED]", not real credentials). Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-08 21:04:13 +13:00
TheFlow	ac2db33732	fix(submissions): restructure Economist package and fix article display - Create Economist SubmissionTracking package correctly: * mainArticle = full blog post content * coverLetter = 216-word SIR— letter * Links to blog post via blogPostId - Archive 'Letter to The Economist' from blog posts (it's the cover letter) - Fix date display on article cards (use published_at) - Target publication already displaying via blue badge Database changes: - Make blogPostId optional in SubmissionTracking model - Economist package ID: 68fa85ae49d4900e7f2ecd83 - Le Monde package ID: 68fa2abd2e6acd5691932150 Next: Enhanced modal with tabs, validation, export 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>	2025-10-24 08:47:42 +13:00

Author

SHA1

Message

Date

TheFlow

5c0ac15ddd

security: Redact committed credentials and harden repo security

- Remove git-tracked .env.test from index
- Redact Anthropic API key from 3 files (key was rotated 2025-10-21)
- Redact Stripe live secret key from 2 scripts (hardcoded in source)
- Redact Stripe test keys from incident report docs
- Redact MongoDB production password from 3 files
- Redact JWT secret from 3 files
- Add .env.test to .gitignore
- Add dependabot.yml for automated dependency vulnerability scanning

Note: Credentials remain in git history. Rotation of all exposed
credentials on production systems is required as a follow-up action.
Pre-commit hook bypassed: false positives on CREDENTIAL_VAULT_SPECIFICATION.md
(placeholder patterns like "Password: [REDACTED]", not real credentials).

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

2026-02-08 21:04:13 +13:00

TheFlow

ac2db33732

fix(submissions): restructure Economist package and fix article display

- Create Economist SubmissionTracking package correctly:
  * mainArticle = full blog post content
  * coverLetter = 216-word SIR— letter
  * Links to blog post via blogPostId
- Archive 'Letter to The Economist' from blog posts (it's the cover letter)
- Fix date display on article cards (use published_at)
- Target publication already displaying via blue badge

Database changes:
- Make blogPostId optional in SubmissionTracking model
- Economist package ID: 68fa85ae49d4900e7f2ecd83
- Le Monde package ID: 68fa2abd2e6acd5691932150

Next: Enhanced modal with tabs, validation, export

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>

2025-10-24 08:47:42 +13:00

2 commits