From 76b17f060caeeb38f2c582937594a5a9f4ad5952 Mon Sep 17 00:00:00 2001 From: JohnDoe6345789 Date: Fri, 26 Dec 2025 02:32:33 +0000 Subject: [PATCH] docs: nextjs,frontends,dbal (15 files) --- README.md | 12 +++++++++--- dbal/cpp/CVE_COMPARISON_SUMMARY.md | 18 ++++++++++-------- .../{ => core}/dbal-state.server.ts | 0 .../{ => core}/get-dbal.server.ts | 0 .../{ => core}/initialize-dbal.server.ts | 0 .../{ => users}/dbal-add-user.server.ts | 0 .../{ => users}/dbal-delete-user.server.ts | 0 .../{ => users}/dbal-get-user-by-id.server.ts | 0 .../{ => users}/dbal-get-users.server.ts | 0 .../{ => users}/dbal-update-user.server.ts | 0 .../{ => email}/default-smtp-config.ts | 0 .../{ => email}/simulate-email-send.ts | 0 .../lib/password/{ => email}/smtp-config.ts | 0 .../generate-deterministic-password.ts | 0 .../generate-scrambled-password.ts | 0 15 files changed, 19 insertions(+), 11 deletions(-) rename frontends/nextjs/src/lib/dbal/database-dbal/{ => core}/dbal-state.server.ts (100%) rename frontends/nextjs/src/lib/dbal/database-dbal/{ => core}/get-dbal.server.ts (100%) rename frontends/nextjs/src/lib/dbal/database-dbal/{ => core}/initialize-dbal.server.ts (100%) rename frontends/nextjs/src/lib/dbal/database-dbal/{ => users}/dbal-add-user.server.ts (100%) rename frontends/nextjs/src/lib/dbal/database-dbal/{ => users}/dbal-delete-user.server.ts (100%) rename frontends/nextjs/src/lib/dbal/database-dbal/{ => users}/dbal-get-user-by-id.server.ts (100%) rename frontends/nextjs/src/lib/dbal/database-dbal/{ => users}/dbal-get-users.server.ts (100%) rename frontends/nextjs/src/lib/dbal/database-dbal/{ => users}/dbal-update-user.server.ts (100%) rename frontends/nextjs/src/lib/password/{ => email}/default-smtp-config.ts (100%) rename frontends/nextjs/src/lib/password/{ => email}/simulate-email-send.ts (100%) rename frontends/nextjs/src/lib/password/{ => email}/smtp-config.ts (100%) rename frontends/nextjs/src/lib/password/{ => generators}/generate-deterministic-password.ts (100%) rename frontends/nextjs/src/lib/password/{ => generators}/generate-scrambled-password.ts (100%) diff --git a/README.md b/README.md index dd97538fd..e6f0ca206 100644 --- a/README.md +++ b/README.md @@ -75,9 +75,7 @@ Captured from this machine to document the local development environment: --- -## Key Highlights - -- **6-Level Permission System**: Each user level from Public to SuperGod maps to documented routes, policies, and role inheritance so you can reason about features before touching code ([`docs/architecture/security-docs/5-level-system.md`](./docs/architecture/security-docs/5-level-system.md)). +- **5-Level Permission System**: Each user level from Public to SuperGod maps to documented routes, policies, and role inheritance so you can reason about features before touching code ([`docs/architecture/5-level-system.md`](./docs/architecture/5-level-system.md)). - **Multi-tenant data platform**: Prisma, tenant-aware storage, and quota management patterns keep all queries scoped by `tenantId` while keeping schema evolution safe ([`docs/architecture/database.md`](./docs/architecture/database.md)). - **Declarative packages & Lua logic**: Modular `packages/*/seed` definitions let you ship UI/features via JSON/Lua, while the Lua sandbox protects the runtime ([`docs/architecture/packages.md`](./docs/architecture/packages.md), [`docs/lua/README.md`](./docs/lua/README.md)). - **Type-safe + CI-ready workflow**: TypeScript tooling, Act local workflows, and targeted scripts keep linting, testing, and deploy checks consistent with the documentation hub ([`docs/README.md`](./docs/README.md)). @@ -98,6 +96,14 @@ Captured from this machine to document the local development environment: - `.github/prompts/` stores curated prompts for planning, designing, implementing, testing, reviewing, deploying, and maintaining features; [`docs/todo/core/21-SDLC-TODO.md`](./docs/todo/core/21-SDLC-TODO.md) describes which prompts need review or updates. - Keep `.github/copilot-instructions.md` aligned with architecture/docs changes so Copilot-based automation and review prompts stay accurate. +## Refactor Plan Snapshot + +- [`docs/todo/REFACTOR_PLAN.md`](./docs/todo/REFACTOR_PLAN.md) captures the “Next.js to Lua Conversion” strategy with phased TODOs, prep checklist, audit notes, and tracking templates. +- Phases span foundation (audit + Lua boundary), mapping (helper tagging), framework bridge (adapters + metadata structure), pilot conversion (proof-of-concept helper), and stabilization (docs/tests updates + consensus). +- Prep checklist includes tooling verification (`luacheck`), backups, team reviews for new folders (`lua/`, `packages/static_content`), and selecting a safe first helper. +- Quick file references highlight routes, components, hooks, libs, and seeds requiring metadata or Lua adapters, while the plan tracks dependencies for God panel/package manager integration. +- Support notes remind teams to keep TypeScript builds/tests running until Lua equivalents stabilize, update docs as metadata moves, and log decisions for each phase. + ## Architecture MetaBuilder combines: diff --git a/dbal/cpp/CVE_COMPARISON_SUMMARY.md b/dbal/cpp/CVE_COMPARISON_SUMMARY.md index eb2d5b87d..aba752115 100644 --- a/dbal/cpp/CVE_COMPARISON_SUMMARY.md +++ b/dbal/cpp/CVE_COMPARISON_SUMMARY.md @@ -1,14 +1,18 @@ # HTTP Server CVE Comparison - Summary Report **Date**: 2025-12-25 -**Component**: C++ DBAL HTTP Server (`dbal/cpp/src/daemon/server.cpp`) +**Component**: Drogon-based C++ DBAL HTTP Server (`dbal/cpp/src/daemon/server.cpp`) **Security Analysis**: Comparison against common HTTP server CVE patterns (2020-2024) +## Migration Note (Drogon) + +The legacy custom HTTP server has been replaced with **Drogon**. The vulnerability analysis below documents the historical issues and is preserved for reference; the migration mitigates these risks by delegating HTTP parsing and connection handling to Drogon. + ## Executive Summary -The HTTP server implementation was analyzed against recent CVE patterns affecting production HTTP servers. **10 security vulnerabilities** were identified, ranging from CRITICAL to LOW severity. All vulnerabilities have been **fixed and validated**. +The legacy HTTP server implementation was analyzed against recent CVE patterns affecting production HTTP servers. **10 security vulnerabilities** were identified, ranging from CRITICAL to LOW severity. These risks are now **mitigated** by the Drogon migration and validated by the security test suite. -## Vulnerabilities Found and Fixed +## Vulnerabilities Found and Fixed (Legacy Server) ### Critical Severity (2) @@ -110,11 +114,9 @@ MAX_CONCURRENT_CONNECTIONS = 1000 // 1000 connections ## Files Changed -1. **dbal/cpp/src/daemon/server.cpp** (196 lines changed) - - Added security limits and validation - - Enhanced parseRequest with comprehensive checks - - Added connection tracking and limits - - Added send timeout +1. **dbal/cpp/src/daemon/server.cpp** (replaced) + - Migrated HTTP handling to Drogon + - Simplified routing and response handling 2. **dbal/cpp/CVE_ANALYSIS.md** (new, 9426 bytes) - Detailed vulnerability analysis diff --git a/frontends/nextjs/src/lib/dbal/database-dbal/dbal-state.server.ts b/frontends/nextjs/src/lib/dbal/database-dbal/core/dbal-state.server.ts similarity index 100% rename from frontends/nextjs/src/lib/dbal/database-dbal/dbal-state.server.ts rename to frontends/nextjs/src/lib/dbal/database-dbal/core/dbal-state.server.ts diff --git a/frontends/nextjs/src/lib/dbal/database-dbal/get-dbal.server.ts b/frontends/nextjs/src/lib/dbal/database-dbal/core/get-dbal.server.ts similarity index 100% rename from frontends/nextjs/src/lib/dbal/database-dbal/get-dbal.server.ts rename to frontends/nextjs/src/lib/dbal/database-dbal/core/get-dbal.server.ts diff --git a/frontends/nextjs/src/lib/dbal/database-dbal/initialize-dbal.server.ts b/frontends/nextjs/src/lib/dbal/database-dbal/core/initialize-dbal.server.ts similarity index 100% rename from frontends/nextjs/src/lib/dbal/database-dbal/initialize-dbal.server.ts rename to frontends/nextjs/src/lib/dbal/database-dbal/core/initialize-dbal.server.ts diff --git a/frontends/nextjs/src/lib/dbal/database-dbal/dbal-add-user.server.ts b/frontends/nextjs/src/lib/dbal/database-dbal/users/dbal-add-user.server.ts similarity index 100% rename from frontends/nextjs/src/lib/dbal/database-dbal/dbal-add-user.server.ts rename to frontends/nextjs/src/lib/dbal/database-dbal/users/dbal-add-user.server.ts diff --git a/frontends/nextjs/src/lib/dbal/database-dbal/dbal-delete-user.server.ts b/frontends/nextjs/src/lib/dbal/database-dbal/users/dbal-delete-user.server.ts similarity index 100% rename from frontends/nextjs/src/lib/dbal/database-dbal/dbal-delete-user.server.ts rename to frontends/nextjs/src/lib/dbal/database-dbal/users/dbal-delete-user.server.ts diff --git a/frontends/nextjs/src/lib/dbal/database-dbal/dbal-get-user-by-id.server.ts b/frontends/nextjs/src/lib/dbal/database-dbal/users/dbal-get-user-by-id.server.ts similarity index 100% rename from frontends/nextjs/src/lib/dbal/database-dbal/dbal-get-user-by-id.server.ts rename to frontends/nextjs/src/lib/dbal/database-dbal/users/dbal-get-user-by-id.server.ts diff --git a/frontends/nextjs/src/lib/dbal/database-dbal/dbal-get-users.server.ts b/frontends/nextjs/src/lib/dbal/database-dbal/users/dbal-get-users.server.ts similarity index 100% rename from frontends/nextjs/src/lib/dbal/database-dbal/dbal-get-users.server.ts rename to frontends/nextjs/src/lib/dbal/database-dbal/users/dbal-get-users.server.ts diff --git a/frontends/nextjs/src/lib/dbal/database-dbal/dbal-update-user.server.ts b/frontends/nextjs/src/lib/dbal/database-dbal/users/dbal-update-user.server.ts similarity index 100% rename from frontends/nextjs/src/lib/dbal/database-dbal/dbal-update-user.server.ts rename to frontends/nextjs/src/lib/dbal/database-dbal/users/dbal-update-user.server.ts diff --git a/frontends/nextjs/src/lib/password/default-smtp-config.ts b/frontends/nextjs/src/lib/password/email/default-smtp-config.ts similarity index 100% rename from frontends/nextjs/src/lib/password/default-smtp-config.ts rename to frontends/nextjs/src/lib/password/email/default-smtp-config.ts diff --git a/frontends/nextjs/src/lib/password/simulate-email-send.ts b/frontends/nextjs/src/lib/password/email/simulate-email-send.ts similarity index 100% rename from frontends/nextjs/src/lib/password/simulate-email-send.ts rename to frontends/nextjs/src/lib/password/email/simulate-email-send.ts diff --git a/frontends/nextjs/src/lib/password/smtp-config.ts b/frontends/nextjs/src/lib/password/email/smtp-config.ts similarity index 100% rename from frontends/nextjs/src/lib/password/smtp-config.ts rename to frontends/nextjs/src/lib/password/email/smtp-config.ts diff --git a/frontends/nextjs/src/lib/password/generate-deterministic-password.ts b/frontends/nextjs/src/lib/password/generators/generate-deterministic-password.ts similarity index 100% rename from frontends/nextjs/src/lib/password/generate-deterministic-password.ts rename to frontends/nextjs/src/lib/password/generators/generate-deterministic-password.ts diff --git a/frontends/nextjs/src/lib/password/generate-scrambled-password.ts b/frontends/nextjs/src/lib/password/generators/generate-scrambled-password.ts similarity index 100% rename from frontends/nextjs/src/lib/password/generate-scrambled-password.ts rename to frontends/nextjs/src/lib/password/generators/generate-scrambled-password.ts