This website requires JavaScript.
d5b08aaae2
Wrap deploy script in bash -c to bypass remote fish shell
2026-04-10 18:08:30 +02:00
c6d2c068d3
Pass ansible vault password via env var instead of process substitution
2026-04-10 18:04:50 +02:00
5449ab9d4d
Migrate deploy workflow to appleboy/ssh-action
2026-04-10 18:01:58 +02:00
92548920c2
Migrate SonarQube to sn.e-cosplay.fr, rotate badge token, drop OWASP Dependency-Check, update deploy host
2026-04-10 17:44:37 +02:00
7c848bbdb0
Apply php-cs-fixer: remove trailing blank line in StripeSyncCommand
2026-04-10 17:32:36 +02:00
eb884faea1
Align prod PHP container UID with bot user (1001) and harden restore.sh
2026-04-10 14:04:14 +02:00
238ded3f54
Fix cp recursive flag for config/cert/ in backup.sh and restore.sh
2026-04-10 13:29:45 +02:00
bb082c8368
Add server migration scripts: backup.sh (export) and restore.sh (import)
2026-04-10 13:27:33 +02:00
cda80990c7
Remove pending orders sync from StripeSyncCommand and add pessimistic lock to webhook payment handler
2026-04-04 10:19:40 +02:00
e32a2a2722
Remove unsupported ping_threshold option from mailer config to fix Symfony 8 cache:clear error
2026-04-03 21:52:32 +02:00
240489d330
Add ping_threshold to mailer config to prevent SES SMTP timeout errors
2026-04-03 21:46:15 +02:00
7e2706b04f
Pin Meilisearch image to v1.40.0 to match database version and prevent incompatible auto-upgrades
2026-04-03 14:06:16 +02:00
4b52b72266
Add attestation test with sold tickets to cover buildAttestationStats and buildAttestationTicketDetails
2026-04-03 10:02:33 +02:00
a11535726d
Remove unused CONTENT_TYPE_PDF and PDF_SUFFIX constants from AccountController
2026-04-03 10:01:16 +02:00
0cf1160853
Reduce AccountController to 20 methods, remove unused AdminOrdersController constant
2026-04-03 09:35:26 +02:00
bc31040d81
Run php-cs-fixer: fix line endings and code style
2026-04-02 15:40:15 +02:00
7ec4e95a05
Extract duplicated slug regex into SLUG_PATTERN constant in HomeController
2026-04-02 15:35:46 +02:00
e04d615c6d
Split AccountController (55 methods) and AdminController (30 methods) into smaller controllers
2026-04-02 15:28:47 +02:00
7869e4e7d9
Exclude editor.js from SonarQube analysis
2026-04-02 14:52:26 +02:00
f9aaa45d4b
Add analytics test with real data to cover visitor/pageview chart loops
2026-04-02 14:02:54 +02:00
5f685d9d1f
Cover setIsInvitation loop in createAccreditation test
2026-04-02 14:02:10 +02:00
4f055af3f1
Add <th> headers to API doc tables, ignore css:S4662 for Tailwind @source directive
2026-04-02 14:01:35 +02:00
8eb7d74445
Add <thead>/<th> headers to all email and PDF template tables, fix infra test snapshot data
2026-04-02 13:40:48 +02:00
7b618a700f
Add istanbul ignore comments alongside c8 for analytics.js coverage
2026-04-02 13:13:26 +02:00
83f2f40a91
Add missing test coverage for MeilisearchService, AnalyticsCryptoService, AccountController and AdminController
2026-04-01 20:19:52 +02:00
b1ec125bb9
Achieve 100% coverage on analytics.js
2026-04-01 20:17:21 +02:00
8b18617360
Fix AccountControllerTest: shorten order numbers to fit varchar(20) column
2026-04-01 20:04:21 +02:00
bf0171b352
Fix AccountControllerTest: use uniqid() for order numbers to avoid unique constraint violations
2026-04-01 19:47:43 +02:00
2ffb407323
Fix failing tests: AttestationController payload keys and StripeSyncCommand event mock
2026-04-01 19:34:37 +02:00
534f67dfbe
Fix testPendingOrderFailedWithoutEmail: add missing audit mock expectation
2026-04-01 19:23:34 +02:00
03342e8303
Fix StripeSyncCommandTest: use Stripe\PaymentIntent::constructFrom instead of stdClass
2026-04-01 19:16:32 +02:00
25354f9052
Fix decodeAndVerifyHash to have only 2 returns by merging base64 decode and pipe check guards
2026-04-01 19:02:01 +02:00
1b3371cb7f
Add comprehensive test coverage for AttestationController, LegalController, AdminController, AccountController and AnalyticsEvent entity
2026-04-01 18:41:18 +02:00
a139feef07
init
2026-04-01 17:19:13 +02:00
626510e692
Add force validate button in admin orders + fix Stripe Connect account in sync
2026-04-01 14:22:56 +02:00
02519dcfa8
Add pending orders reconciliation to stripe:sync command
2026-04-01 14:14:29 +02:00
381acd603e
Split Stripe webhooks into 2 endpoints: insta (payments) and leger (Connect)
2026-04-01 14:07:49 +02:00
1c559263a8
Add analytics.js test suite with 100% line/function coverage (16 tests)
2026-04-01 13:54:43 +02:00
97ef920514
Ignore CSP violations from browser userscripts (source-file: user-script)
2026-04-01 11:33:09 +02:00
622e1894ae
aa
2026-03-30 13:43:06 +02:00
918a52415d
add new system for upgrade speed
2026-03-30 11:13:22 +02:00
2f2da97f68
Fix code style: add blank line before constructor in AttestationController
2026-03-30 08:58:07 +02:00
fe91d26163
Add AnalyticsControllerTest with 100% coverage (19 tests, 70 assertions)
2026-03-30 08:48:03 +02:00
3468b1288d
Improve mobile/tablet responsive, fix structured data, update deploy schedule and fix HTML issues
2026-03-30 08:40:28 +02:00
3a40de1ba0
Reduce return counts and fix code smells across controllers and services
2026-03-28 20:23:08 +01:00
0df78f75ae
Fix self-referencing constant NO_SNAPSHOT_MSG in AdminController
2026-03-28 19:06:51 +01:00
ea50f8e740
Add POST /api/account/lookup route for account lookup by email
2026-03-28 19:03:15 +01:00
f2f8b31d6e
Reduce method returns and cognitive complexity across controllers
2026-03-26 22:22:41 +01:00
5062f356f1
Extract DQL_EXCLUDE_INVITATIONS and NO_SNAPSHOT_MSG constants in AdminController
2026-03-26 22:20:36 +01:00
b2c1cee51a
Fix MeilisearchServiceTest: use ArrayAdapter instead of CacheInterface mock
2026-03-26 22:07:24 +01:00
25564e4244
Fix all PHPStan errors: add missing iterable types and fix CacheInterface::clear()
2026-03-26 21:57:21 +01:00
aeb4df8d92
Add Attestation, AnalyticsEvent, AnalyticsUniqId to PHPStan $id ignore list
2026-03-26 21:54:41 +01:00
af6cea00a8
Fix PHPStan errors and SonarQube warnings
2026-03-26 21:53:48 +01:00
d77ee25bcf
Apply PHP CS Fixer code style fixes
2026-03-26 21:40:52 +01:00
e0245afca5
Refactor AccountController: extract constants, reduce returns and cognitive complexity
2026-03-26 21:39:20 +01:00
02cce5608c
Fix MeilisearchConsistencyCommand: remove unused variable, redundant array_values, always-true condition
2026-03-26 21:36:14 +01:00
59cf8dccde
Fix linter warnings in analytics module: codePoint, const, optional chaining, Number.parseInt
2026-03-26 21:34:22 +01:00
20a6be0504
Destructure browser globals from globalThis in analytics module
2026-03-26 21:11:15 +01:00
73adc0a735
Use globalThis for TextEncoder, TextDecoder, and atob browser globals
2026-03-26 21:08:37 +01:00
a71493b87c
Replace charCodeAt with codePointAt in analytics module
2026-03-26 21:07:26 +01:00
b062a5203b
Use globalThis.atob/btoa in analytics module for linter compatibility
2026-03-26 21:06:55 +01:00
176b70650b
Add SRI integrity hashes for CDN scripts and replace md5 with xxh128 for cache keys
2026-03-26 21:06:00 +01:00
1fe2c3a1d3
Fix scanner manifest test: update expected start_url to /scanner/
2026-03-26 18:37:51 +01:00
1796f2d022
Add e_ticket_test database to pgbouncer-dev config for test environment
2026-03-26 18:31:17 +01:00
2d14075d54
Fix infra page: add missing error key for redis/postgres/pgbouncer defaults
2026-03-26 18:27:52 +01:00
e8d2744333
Fix infra page crash when snapshot missing: provide default server values
2026-03-26 18:13:26 +01:00
21aa94c833
Fix cookie-consent tests: remove tests for analytics/cloudflare script loading
2026-03-26 16:21:55 +01:00
58e139e261
Apply PHP CS Fixer code style fixes
2026-03-26 16:19:15 +01:00
4caff2e032
Fix SonarQube warnings: reduce returns, extract constants, fix viewport
2026-03-26 16:16:36 +01:00
d8508f3c96
Refactor MeilisearchConsistencyCommand: reduce cognitive complexity and extract constants
2026-03-26 16:15:41 +01:00
61946f724e
Fix scanner service worker CDN URL and clean up MeilisearchConsistencyCommand
2026-03-26 16:14:33 +01:00
15616167d0
Add attestation system with digital signature, public verification, and detailed ticket listing
2026-03-26 16:13:40 +01:00
822bf8915f
Scanner: SSO login, 2 scan modes (camera/security key), sound feedback, order details, force validation, staff/exposant badges
2026-03-26 15:50:42 +01:00
6ce56c11e0
Clear sessionStorage on 403 and retry with fresh visitor
2026-03-26 13:41:34 +01:00
832387876e
Fix robots.txt: replace /track/ with /t/ for analytics endpoint
2026-03-26 13:01:30 +01:00
19b973ebc0
Allow indexing of legal pages in robots.txt
2026-03-26 13:00:06 +01:00
6062a35d97
Fix WCAG contrast on organizers page: text-gray-400 -> text-gray-600
2026-03-26 12:57:43 +01:00
220ea937dc
Fix WCAG contrast on events page and add width/height to logo
2026-03-26 12:56:54 +01:00
d1fed64d72
Fix WCAG contrast issues: yellow-500->700, indigo-600->800 on links
2026-03-26 12:55:56 +01:00
3b4b51e3f2
Clear Symfony + Redis cache before migrations in deploy
2026-03-26 12:50:35 +01:00
83583e0d3d
Enable Doctrine L2 cache and add Redis cache pools
2026-03-26 12:50:13 +01:00
a0cb564c00
Restore libretranslate in docker-compose dev
2026-03-26 12:35:37 +01:00
da2ee96979
Remove libretranslate from docker-compose dev
2026-03-26 12:35:14 +01:00
300e7f0be9
Add scheduled auto-deploy at 3h, 13h, 19h, 23h daily
2026-03-26 12:27:35 +01:00
98b0b41064
Use SECRET_ANALYTICS env var, regenerated at each deployment
2026-03-26 12:27:05 +01:00
a139f86b90
Make analytics endpoint dynamic: /t/{token} derived from APP_SECRET
2026-03-26 12:22:59 +01:00
0952bc6e17
Fix chart height to 150px on analytics dashboard
2026-03-26 12:15:53 +01:00
d4c897fd89
Fix PostgreSQL SUBSTRING on timestamp: use CAST AS DATE with native SQL
2026-03-26 12:15:06 +01:00
375357ddde
Add charts and bounce rate to admin Analytics, filter self-referrers
2026-03-26 12:14:33 +01:00
efe967389d
Add bounce rate to admin Analytics dashboard
2026-03-26 12:13:08 +01:00
3945fbb0ef
Send email when no RGPD data found, add DPO contact to PDFs
2026-03-26 12:11:25 +01:00
e5110017d9
Fix RGPD email templates: use email/base.html.twig not emails/
2026-03-26 12:09:48 +01:00
c9a040804e
Fix Uuid class not found: use native PHP UUID v4 generation
2026-03-26 12:07:42 +01:00
ce1b153cc1
Fix AES-GCM format mismatch between JS Web Crypto and PHP openssl
2026-03-26 12:07:08 +01:00
d57669b5b9
Enable analytics tracking in dev and prod
2026-03-26 12:06:12 +01:00
2ae28089d5
Add RGPD data access/deletion forms and admin Analytics dashboard
2026-03-26 11:59:34 +01:00
809a1055ec
Restore Cloudflare CSP rules needed for WAF/Turnstile
2026-03-26 11:52:56 +01:00
6438afadbf
Add first-party analytics tracker with encrypted transmissions
2026-03-26 11:52:07 +01:00
3a85b6ef68
Remove all trackers (Umami, Cloudflare, insights-js) from cookie consent
2026-03-26 11:29:22 +01:00
3bb676bfda
Adjust container resource limits for 6 CPU / 30 GB RAM server
2026-03-26 11:25:35 +01:00
Serreau Jovann