soeren/fotospiel-app
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

bd sync: 2026-01-01 17:04:36

Browse Source
This commit is contained in:
Codex Agent
2026-01-01 17:04:38 +01:00
parent 405a4b7340
commit 22f600bf44
4 changed files with 127 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
.beads/.gitignore vendored
View File

@@ -10,6 +10,7 @@ daemon.lock
daemon.log
daemon.pid
bd.sock
sync-state.json
# Local version tracking (prevents upgrade notification spam after git ops)
.local_version
@@ -18,6 +19,10 @@ bd.sock
db.sqlite
bd.db
# Worktree redirect file (contains relative path to main repo's .beads/)
# Must not be committed as paths would be wrong in other clones
redirect
# Merge artifacts (temporary files from 3-way merge)
beads.base.jsonl
beads.base.meta.json
@@ -26,7 +31,8 @@ beads.left.meta.json
beads.right.jsonl
beads.right.meta.json
# Keep JSONL exports and config (source of truth for git)
!issues.jsonl
!metadata.json
!config.json
# NOTE: Do NOT add negation patterns (e.g., !issues.jsonl) here.
# They would override fork protection in .git/info/exclude, allowing
# contributors to accidentally commit upstream issue databases.
# The JSONL files (issues.jsonl, interactions.jsonl) and config files
# are tracked by git by default since no pattern above ignores them.

114
.beads/issues.jsonl Normal file
View File

@@ -0,0 +1,114 @@
{"id":"--stealth-d39","title":"Superadmin control surface spec and access matrix","description":"Define the minimal superadmin control surface, permissions, and mapping to tenant/guest responsibilities. Document scope and non-goals.","status":"closed","priority":2,"issue_type":"task","created_at":"2026-01-01T14:16:06.994379577+01:00","updated_at":"2026-01-01T14:20:43.080701114+01:00","closed_at":"2026-01-01T14:20:43.080701114+01:00","close_reason":"Duplicate of fotospiel-app-ihd after beads re-init"}
{"id":"fotospiel-app-097","title":"Tenant announcements / release notes","description":"Broadcast announcements to tenants/admins with targeting and scheduling.","status":"open","priority":3,"issue_type":"feature","created_at":"2026-01-01T14:20:21.68206312+01:00","updated_at":"2026-01-01T14:20:21.68206312+01:00"}
{"id":"fotospiel-app-0h0","title":"SEC-BILL-02 Signature freshness + retry policies for Paddle webhooks","status":"open","priority":2,"issue_type":"task","created_at":"2026-01-01T15:53:37.618780852+01:00","created_by":"soeren","updated_at":"2026-01-01T15:53:37.618780852+01:00"}
{"id":"fotospiel-app-0rb","title":"Tenant admin onboarding: inline checkout integration in welcome flow","status":"closed","priority":2,"issue_type":"task","created_at":"2026-01-01T16:08:22.434997456+01:00","created_by":"soeren","updated_at":"2026-01-01T16:08:28.026795975+01:00","closed_at":"2026-01-01T16:08:28.026795975+01:00","close_reason":"Completed in codebase (verified)"}
{"id":"fotospiel-app-0u0","title":"Paddle migration: design Paddle data mappings for packages/products/prices","status":"closed","priority":2,"issue_type":"task","created_at":"2026-01-01T15:57:15.991704177+01:00","created_by":"soeren","updated_at":"2026-01-01T15:57:21.629616074+01:00","closed_at":"2026-01-01T15:57:21.629616074+01:00","close_reason":"Completed in codebase (verified)"}
{"id":"fotospiel-app-1hh","title":"Coupon ops: expand fraud tooling with IP/device reputation","status":"open","priority":2,"issue_type":"task","created_at":"2026-01-01T16:09:33.355825022+01:00","created_by":"soeren","updated_at":"2026-01-01T16:09:33.355825022+01:00"}
{"id":"fotospiel-app-1md","title":"Paddle catalog sync: SyncPackageToPaddle job create/update","status":"closed","priority":2,"issue_type":"task","created_at":"2026-01-01T16:00:36.196972205+01:00","created_by":"soeren","updated_at":"2026-01-01T16:00:41.854731591+01:00","closed_at":"2026-01-01T16:00:41.854731591+01:00","close_reason":"Completed in codebase (verified)"}
{"id":"fotospiel-app-233","title":"SEC-IO-01 Document PAT revocation/rotation playbook","status":"closed","priority":2,"issue_type":"task","created_at":"2026-01-01T15:51:09.026566422+01:00","created_by":"soeren","updated_at":"2026-01-01T15:54:16.707672711+01:00","closed_at":"2026-01-01T15:54:16.707672711+01:00","close_reason":"Duplicate of fotospiel-app-bep"}
{"id":"fotospiel-app-25q","title":"Security review: payments/webhooks code audit (signatures, idempotency, linkage)","status":"open","priority":2,"issue_type":"task","created_at":"2026-01-01T16:05:25.747336642+01:00","created_by":"soeren","updated_at":"2026-01-01T16:05:25.747336642+01:00"}
{"id":"fotospiel-app-29o","title":"Paddle catalog sync: PackageResource sync status badges + timestamp","status":"closed","priority":2,"issue_type":"task","created_at":"2026-01-01T16:01:10.009385187+01:00","created_by":"soeren","updated_at":"2026-01-01T16:01:15.639525807+01:00","closed_at":"2026-01-01T16:01:15.639525807+01:00","close_reason":"Completed in codebase (verified)"}
{"id":"fotospiel-app-2hq","title":"Security review: marketing/API controller+validation review","status":"open","priority":2,"issue_type":"task","created_at":"2026-01-01T16:05:08.862737923+01:00","created_by":"soeren","updated_at":"2026-01-01T16:05:08.862737923+01:00"}
{"id":"fotospiel-app-33m","title":"Security review checklist: Guest PWA dynamic tests","status":"open","priority":2,"issue_type":"task","created_at":"2026-01-01T16:04:40.730459361+01:00","created_by":"soeren","updated_at":"2026-01-01T16:04:40.730459361+01:00"}
{"id":"fotospiel-app-38f","title":"Paddle catalog sync: surface last sync error/log context in admin","status":"open","priority":2,"issue_type":"task","created_at":"2026-01-01T15:59:14.865414785+01:00","created_by":"soeren","updated_at":"2026-01-01T15:59:14.865414785+01:00"}
{"id":"fotospiel-app-3ut","title":"SEC-API-03 Synthetic monitoring + alert config","status":"open","priority":2,"issue_type":"task","created_at":"2026-01-01T15:52:46.793875724+01:00","created_by":"soeren","updated_at":"2026-01-01T15:52:46.793875724+01:00"}
{"id":"fotospiel-app-3xa","title":"Security review: event admin code audit (policies, PKCE, file handling)","status":"open","priority":2,"issue_type":"task","created_at":"2026-01-01T16:05:20.115675149+01:00","created_by":"soeren","updated_at":"2026-01-01T16:05:20.115675149+01:00"}
{"id":"fotospiel-app-4ar","title":"SEC-BILL-03 Failed capture notifications + ledger hook","status":"open","priority":2,"issue_type":"task","created_at":"2026-01-01T15:54:33.266516715+01:00","created_by":"soeren","updated_at":"2026-01-01T15:54:33.266516715+01:00"}
{"id":"fotospiel-app-4i4","title":"Security review: map roles/data","status":"closed","priority":2,"issue_type":"task","created_at":"2026-01-01T16:02:58.370301875+01:00","created_by":"soeren","updated_at":"2026-01-01T16:03:03.997327414+01:00","closed_at":"2026-01-01T16:03:03.997327414+01:00","close_reason":"Completed in codebase (verified)"}
{"id":"fotospiel-app-4zu","title":"SEC-IO-02 Refresh-token management UI + audit logs","status":"open","priority":2,"issue_type":"task","created_at":"2026-01-01T15:51:50.24186222+01:00","created_by":"soeren","updated_at":"2026-01-01T15:51:50.24186222+01:00"}
{"id":"fotospiel-app-55n","title":"Tenant admin onboarding: add Paddle error UX + test coverage","status":"open","priority":2,"issue_type":"task","created_at":"2026-01-01T16:08:40.463283816+01:00","created_by":"soeren","updated_at":"2026-01-01T16:08:40.463283816+01:00"}
{"id":"fotospiel-app-574","title":"Paddle catalog sync: extend PaddleClient tests/mocks for catalog endpoints","status":"open","priority":2,"issue_type":"task","created_at":"2026-01-01T15:59:03.486301225+01:00","created_by":"soeren","updated_at":"2026-01-01T15:59:03.486301225+01:00"}
{"id":"fotospiel-app-576","title":"Tenant admin onboarding: legacy asset audit + component inventory","status":"closed","priority":2,"issue_type":"task","created_at":"2026-01-01T16:07:59.996563146+01:00","created_by":"soeren","updated_at":"2026-01-01T16:08:05.599274641+01:00","closed_at":"2026-01-01T16:08:05.599274641+01:00","close_reason":"Completed in codebase (verified)"}
{"id":"fotospiel-app-5dl","title":"Paddle catalog sync: PaddleCatalogService scaffold","status":"closed","priority":2,"issue_type":"task","created_at":"2026-01-01T16:00:24.916655836+01:00","created_by":"soeren","updated_at":"2026-01-01T16:00:30.566084195+01:00","closed_at":"2026-01-01T16:00:30.566084195+01:00","close_reason":"Completed in codebase (verified)"}
{"id":"fotospiel-app-5iy","title":"Security review: confirm env/header defaults","status":"closed","priority":2,"issue_type":"task","created_at":"2026-01-01T16:03:20.808188183+01:00","created_by":"soeren","updated_at":"2026-01-01T16:03:26.388002115+01:00","closed_at":"2026-01-01T16:03:26.388002115+01:00","close_reason":"Completed in codebase (verified)"}
{"id":"fotospiel-app-5s3","title":"Localized SEO: canonical/hreflang tags + localized navigation","status":"closed","priority":2,"issue_type":"task","created_at":"2026-01-01T16:02:03.909947355+01:00","created_by":"soeren","updated_at":"2026-01-01T16:02:09.550647107+01:00","closed_at":"2026-01-01T16:02:09.550647107+01:00","close_reason":"Completed in codebase (verified)"}
{"id":"fotospiel-app-64l","title":"SEC-FE-01 CSP nonce/hashing rollout","status":"closed","priority":2,"issue_type":"task","created_at":"2026-01-01T15:54:47.607047443+01:00","created_by":"soeren","updated_at":"2026-01-01T15:55:56.477104351+01:00","closed_at":"2026-01-01T15:55:56.477104351+01:00","close_reason":"Completed in codebase (verified) - duplicate of fotospiel-app-zli"}
{"id":"fotospiel-app-6dp","title":"Coupon ops enhancements (redemption service, preview endpoint, widget, export)","status":"closed","priority":2,"issue_type":"task","created_at":"2026-01-01T16:09:09.275919717+01:00","created_by":"soeren","updated_at":"2026-01-01T16:09:14.882264149+01:00","closed_at":"2026-01-01T16:09:14.882264149+01:00","close_reason":"Completed in codebase (verified)"}
{"id":"fotospiel-app-6oj","title":"Security review: media pipeline code audit (AV/EXIF, signed URLs, storage separation)","status":"open","priority":2,"issue_type":"task","created_at":"2026-01-01T16:05:31.390878341+01:00","created_by":"soeren","updated_at":"2026-01-01T16:05:31.390878341+01:00"}
{"id":"fotospiel-app-6yt","title":"Paddle migration: register sandbox webhooks + document events consumed","status":"open","priority":2,"issue_type":"task","created_at":"2026-01-01T15:56:34.333714988+01:00","created_by":"soeren","updated_at":"2026-01-01T15:56:34.333714988+01:00"}
{"id":"fotospiel-app-7bu","title":"Paddle migration: extend config/env handling for Paddle keys/webhook secrets","status":"closed","priority":2,"issue_type":"task","created_at":"2026-01-01T15:57:27.242854801+01:00","created_by":"soeren","updated_at":"2026-01-01T15:57:32.890355888+01:00","closed_at":"2026-01-01T15:57:32.890355888+01:00","close_reason":"Completed in codebase (verified)"}
{"id":"fotospiel-app-7u1","title":"Paddle catalog sync: PaddlePackagePull job","status":"closed","priority":2,"issue_type":"task","created_at":"2026-01-01T16:00:47.468892178+01:00","created_by":"soeren","updated_at":"2026-01-01T16:00:53.126602817+01:00","closed_at":"2026-01-01T16:00:53.126602817+01:00","close_reason":"Completed in codebase (verified)"}
{"id":"fotospiel-app-95m","title":"Paddle migration: admin catalog sync UI for packages","status":"closed","priority":2,"issue_type":"task","created_at":"2026-01-01T15:57:49.790409261+01:00","created_by":"soeren","updated_at":"2026-01-01T15:57:55.418180246+01:00","closed_at":"2026-01-01T15:57:55.418180246+01:00","close_reason":"Completed in codebase (verified)"}
{"id":"fotospiel-app-99d","title":"Paddle migration: marketing checkout uses Paddle-hosted checkout","status":"closed","priority":2,"issue_type":"task","created_at":"2026-01-01T15:58:12.298063897+01:00","created_by":"soeren","updated_at":"2026-01-01T15:58:17.968032021+01:00","closed_at":"2026-01-01T15:58:17.968032021+01:00","close_reason":"Completed in codebase (verified)"}
{"id":"fotospiel-app-9al","title":"Security review checklist: Marketing/API dynamic tests","status":"open","priority":2,"issue_type":"task","created_at":"2026-01-01T16:04:35.116728385+01:00","created_by":"soeren","updated_at":"2026-01-01T16:04:35.116728385+01:00"}
{"id":"fotospiel-app-9gc","title":"Paddle migration: review current billing implementation","status":"closed","priority":2,"issue_type":"task","created_at":"2026-01-01T15:57:04.715058376+01:00","created_by":"soeren","updated_at":"2026-01-01T15:57:10.363528452+01:00","closed_at":"2026-01-01T15:57:10.363528452+01:00","close_reason":"Completed in codebase (verified)"}
{"id":"fotospiel-app-9ls","title":"SEC-API-02 Public API incident response playbook","status":"closed","priority":2,"issue_type":"task","created_at":"2026-01-01T15:52:35.519759351+01:00","created_by":"soeren","updated_at":"2026-01-01T15:52:41.160768858+01:00","closed_at":"2026-01-01T15:52:41.160768858+01:00","close_reason":"Completed in codebase (verified)"}
{"id":"fotospiel-app-9mc","title":"SEC-FE-02 Consent-gated analytics loader","status":"closed","priority":2,"issue_type":"task","created_at":"2026-01-01T15:55:14.916352908+01:00","created_by":"soeren","updated_at":"2026-01-01T15:55:20.566910025+01:00","closed_at":"2026-01-01T15:55:20.566910025+01:00","close_reason":"Completed in codebase (verified)"}
{"id":"fotospiel-app-9mj","title":"Ops mail default + withdrawal legal routes","status":"closed","priority":2,"issue_type":"task","created_at":"2026-01-01T16:10:02.167387589+01:00","created_by":"soeren","updated_at":"2026-01-01T16:10:07.783737036+01:00","closed_at":"2026-01-01T16:10:07.783737036+01:00","close_reason":"Completed in codebase (verified)"}
{"id":"fotospiel-app-a1n","title":"Paddle migration: define mobile/native billing strategy (RevenueCat vs Paddle)","status":"open","priority":2,"issue_type":"task","created_at":"2026-01-01T15:56:40.030226023+01:00","created_by":"soeren","updated_at":"2026-01-01T15:56:40.030226023+01:00"}
{"id":"fotospiel-app-agz","title":"Tenant admin onboarding: update PRP/docs + handoff notes","status":"open","priority":2,"issue_type":"task","created_at":"2026-01-01T16:08:51.748367378+01:00","created_by":"soeren","updated_at":"2026-01-01T16:08:51.748367378+01:00"}
{"id":"fotospiel-app-arp","title":"Guest policy settings (toggles, rate limits, retention defaults)","description":"Global guest feature toggles, rate limits, and retention defaults. Settings page + persistence.","status":"open","priority":2,"issue_type":"feature","created_at":"2026-01-01T14:18:52.931017783+01:00","updated_at":"2026-01-01T14:18:52.931017783+01:00"}
{"id":"fotospiel-app-auq","title":"Security review checklist: Media pipeline/storage dynamic tests","status":"open","priority":2,"issue_type":"task","created_at":"2026-01-01T16:04:57.616770583+01:00","created_by":"soeren","updated_at":"2026-01-01T16:04:57.616770583+01:00"}
{"id":"fotospiel-app-b0h","title":"Security review: trust boundaries/entrypoints mapped","status":"closed","priority":2,"issue_type":"task","created_at":"2026-01-01T16:03:43.175087637+01:00","created_by":"soeren","updated_at":"2026-01-01T16:03:48.799343248+01:00","closed_at":"2026-01-01T16:03:48.799343248+01:00","close_reason":"Completed in codebase (verified)"}
{"id":"fotospiel-app-bep","title":"SEC-IO-01 Document PAT revocation/rotation playbook","status":"open","priority":2,"issue_type":"task","created_at":"2026-01-01T15:51:44.568780967+01:00","created_by":"soeren","updated_at":"2026-01-01T15:51:44.568780967+01:00"}
{"id":"fotospiel-app-bit","title":"Superadmin control surface roadmap","description":"Roadmap to implement practical superadmin control over tenant admin + guest experience. Tracks lifecycle, moderation, policies, ops health, compliance, audit, announcements, integrations.","status":"open","priority":1,"issue_type":"epic","created_at":"2026-01-01T14:21:01.852988935+01:00","updated_at":"2026-01-01T14:21:01.852988935+01:00","dependencies":[{"issue_id":"fotospiel-app-bit","depends_on_id":"fotospiel-app-ihd","type":"blocks","created_at":"2026-01-01T14:21:14.445938122+01:00","created_by":"soeren"},{"issue_id":"fotospiel-app-bit","depends_on_id":"fotospiel-app-wde","type":"blocks","created_at":"2026-01-01T14:21:16.788922347+01:00","created_by":"soeren"},{"issue_id":"fotospiel-app-bit","depends_on_id":"fotospiel-app-hbt","type":"blocks","created_at":"2026-01-01T14:21:18.300493488+01:00","created_by":"soeren"},{"issue_id":"fotospiel-app-bit","depends_on_id":"fotospiel-app-arp","type":"blocks","created_at":"2026-01-01T14:21:20.731646568+01:00","created_by":"soeren"},{"issue_id":"fotospiel-app-bit","depends_on_id":"fotospiel-app-tym","type":"blocks","created_at":"2026-01-01T14:21:23.219093242+01:00","created_by":"soeren"},{"issue_id":"fotospiel-app-bit","depends_on_id":"fotospiel-app-sbs","type":"blocks","created_at":"2026-01-01T14:21:24.67996941+01:00","created_by":"soeren"},{"issue_id":"fotospiel-app-bit","depends_on_id":"fotospiel-app-iyc","type":"blocks","created_at":"2026-01-01T14:21:27.027185624+01:00","created_by":"soeren"},{"issue_id":"fotospiel-app-bit","depends_on_id":"fotospiel-app-097","type":"blocks","created_at":"2026-01-01T14:21:29.668197239+01:00","created_by":"soeren"},{"issue_id":"fotospiel-app-bit","depends_on_id":"fotospiel-app-lqp","type":"blocks","created_at":"2026-01-01T14:21:31.238481004+01:00","created_by":"soeren"}]}
{"id":"fotospiel-app-bjd","title":"Checkout refactor: auth/login/register flow alignment","status":"closed","priority":2,"issue_type":"task","created_at":"2026-01-01T16:06:09.920731675+01:00","created_by":"soeren","updated_at":"2026-01-01T16:06:15.500724195+01:00","closed_at":"2026-01-01T16:06:15.500724195+01:00","close_reason":"Completed in codebase (verified)"}
{"id":"fotospiel-app-bqm","title":"Paddle catalog sync: unit tests for service + jobs","status":"closed","priority":2,"issue_type":"task","created_at":"2026-01-01T16:01:22.090498843+01:00","created_by":"soeren","updated_at":"2026-01-01T16:01:27.71412122+01:00","closed_at":"2026-01-01T16:01:27.71412122+01:00","close_reason":"Completed in codebase (verified)"}
{"id":"fotospiel-app-bxu","title":"Checkout refactor: Stripe/Paddle payment integration + webhooks","status":"closed","priority":2,"issue_type":"task","created_at":"2026-01-01T16:06:32.279485614+01:00","created_by":"soeren","updated_at":"2026-01-01T16:06:37.876950599+01:00","closed_at":"2026-01-01T16:06:37.876950599+01:00","close_reason":"Completed in codebase (verified)"}
{"id":"fotospiel-app-bzb","title":"Paddle catalog sync: migration for paddle sync columns","status":"closed","priority":2,"issue_type":"task","created_at":"2026-01-01T16:00:02.362257158+01:00","created_by":"soeren","updated_at":"2026-01-01T16:00:08.018770606+01:00","closed_at":"2026-01-01T16:00:08.018770606+01:00","close_reason":"Completed in codebase (verified)"}
{"id":"fotospiel-app-ci5","title":"Paddle catalog sync: configure log channel/Slack hook for sync outcomes","status":"open","priority":2,"issue_type":"task","created_at":"2026-01-01T15:59:20.543083527+01:00","created_by":"soeren","updated_at":"2026-01-01T15:59:20.543083527+01:00"}
{"id":"fotospiel-app-dl5","title":"SEC-API-01 Signed URL middleware + asset migration","status":"closed","priority":2,"issue_type":"task","created_at":"2026-01-01T15:52:24.24098702+01:00","created_by":"soeren","updated_at":"2026-01-01T15:52:29.8793891+01:00","closed_at":"2026-01-01T15:52:29.8793891+01:00","close_reason":"Completed in codebase (verified)"}
{"id":"fotospiel-app-dm4","title":"SEC-BILL-01 Checkout session linkage + idempotency locks","status":"closed","priority":2,"issue_type":"task","created_at":"2026-01-01T15:53:26.350238207+01:00","created_by":"soeren","updated_at":"2026-01-01T15:53:31.997737421+01:00","closed_at":"2026-01-01T15:53:31.997737421+01:00","close_reason":"Completed in codebase (verified)"}
{"id":"fotospiel-app-dmb","title":"Security review checklist: Event Admin dynamic tests","status":"open","priority":2,"issue_type":"task","created_at":"2026-01-01T16:04:46.359468828+01:00","created_by":"soeren","updated_at":"2026-01-01T16:04:46.359468828+01:00"}
{"id":"fotospiel-app-dn3","title":"SEC-IO-03 Subnet/device matching config + tests","status":"open","priority":2,"issue_type":"task","created_at":"2026-01-01T15:51:55.917743667+01:00","created_by":"soeren","updated_at":"2026-01-01T15:51:55.917743667+01:00"}
{"id":"fotospiel-app-e05","title":"SEC-MS-03 Checksum validation + alert thresholds","status":"open","priority":2,"issue_type":"task","created_at":"2026-01-01T15:53:09.416197447+01:00","created_by":"soeren","updated_at":"2026-01-01T15:53:09.416197447+01:00"}
{"id":"fotospiel-app-egu","title":"Tenant admin onboarding: welcome flow + routing guard + UI steps","status":"closed","priority":2,"issue_type":"task","created_at":"2026-01-01T16:07:48.767482545+01:00","created_by":"soeren","updated_at":"2026-01-01T16:07:54.375737724+01:00","closed_at":"2026-01-01T16:07:54.375737724+01:00","close_reason":"Completed in codebase (verified)"}
{"id":"fotospiel-app-fp3","title":"Security review: guest PWA code audit (join tokens, uploads, SW cache)","status":"open","priority":2,"issue_type":"task","created_at":"2026-01-01T16:05:14.493336661+01:00","created_by":"soeren","updated_at":"2026-01-01T16:05:14.493336661+01:00"}
{"id":"fotospiel-app-g5o","title":"SEC-MS-04 Storage health widget in Super Admin","status":"closed","priority":2,"issue_type":"task","created_at":"2026-01-01T15:53:15.088501536+01:00","created_by":"soeren","updated_at":"2026-01-01T15:53:20.739996548+01:00","closed_at":"2026-01-01T15:53:20.739996548+01:00","close_reason":"Completed in codebase (verified)"}
{"id":"fotospiel-app-g74","title":"Paddle migration: automated tests for checkout/webhooks/sync","status":"closed","priority":2,"issue_type":"task","created_at":"2026-01-01T15:58:34.795423009+01:00","created_by":"soeren","updated_at":"2026-01-01T15:58:40.467997776+01:00","closed_at":"2026-01-01T15:58:40.467997776+01:00","close_reason":"Completed in codebase (verified)"}
{"id":"fotospiel-app-gsv","title":"Localized SEO: validate hreflang via Search Console/Lighthouse","status":"open","priority":2,"issue_type":"task","created_at":"2026-01-01T16:02:36.4821072+01:00","created_by":"soeren","updated_at":"2026-01-01T16:02:36.4821072+01:00"}
{"id":"fotospiel-app-hbt","title":"Moderation queue for guest content","description":"Queue for flagged guest content (photos, feedback). Bulk actions to hide/delete/resolve with audit.","status":"open","priority":1,"issue_type":"feature","created_at":"2026-01-01T14:18:37.777772819+01:00","updated_at":"2026-01-01T14:18:37.777772819+01:00"}
{"id":"fotospiel-app-ihd","title":"Superadmin control surface spec and access matrix","description":"Define the minimal superadmin control surface, permissions, and mapping to tenant/guest responsibilities. Document scope and non-goals.","notes":"Spec v1: Superadmin control surface\\n\\nGoals\\n- Practical controls over tenant admin + guest experience (safety, limits, visibility).\\n- Fast response to abuse/outages without deploys.\\n- GDPR-safe: no new PII logging; audit log stores action metadata only.\\n\\nNon-goals\\n- New tracking beyond anonymous guest session_id.\\n- Deep analytics beyond operational KPIs.\\n\\nAccess matrix (high-level)\\n- Guest: upload/like/join per event only, no admin privileges.\\n- Tenant Admin: manage their events/photos/tasks; no cross-tenant access.\\n- Superadmin: global visibility + override controls + audit trail.\\n\\nProposed control areas\\nDaily Ops\\n- Tenant Lifecycle: status (active/suspended/grace), limits (uploads/storage/events), manual overrides.\\n- Moderation Queue: flagged photos/feedback; hide/delete/resolve/bulk actions.\\n- Support: Tenant feedback triage view.\\n\\nWeekly Ops\\n- Guest Policy: feature toggles + rate limits + retention defaults.\\n- Event Access: join token TTL, max uses, invalidate/regenerate.\\n- Commercial: packages/addons/coupons/tenant packages.\\n\\nRare/Admin\\n- Ops Health: queues, failed jobs, storage thresholds.\\n- Compliance: data export requests + retention overrides.\\n- Audit Log: superadmin actions (no PII payloads).\\n- Integrations health: Paddle/RevenueCat/webhooks status.\\n\\nData model considerations\\n- Existing JSON fields: tenants.settings/features; events.settings; tenant_feedback.metadata; photos.security_meta.\\n- Prefer new tables for auditability: moderation_items, super_admin_audit_logs, data_export_requests, retention_overrides, guest_policy_settings.\\n- Tenant lifecycle limits can be a new table (tenant_overrides) or fields on tenants (status, grace_until, limits JSON).\\n\\nSuccess criteria\\n- Each resource renders in superadmin panel without errors.\\n- Actions are logged (audit log).\\n- Policies enforce tenant isolation + superadmin override.","status":"in_progress","priority":2,"issue_type":"task","created_at":"2026-01-01T14:18:10.789147344+01:00","updated_at":"2026-01-01T14:32:31.455392845+01:00"}
{"id":"fotospiel-app-iyc","title":"Superadmin audit log for admin actions","description":"Audit trail for superadmin actions without PII payloads.","status":"open","priority":2,"issue_type":"feature","created_at":"2026-01-01T14:20:19.043695952+01:00","updated_at":"2026-01-01T14:20:19.043695952+01:00"}
{"id":"fotospiel-app-iyh","title":"Security review follow-ups: signed URL TTLs, guest asset throttles, CORS allowlist, logging hygiene","status":"open","priority":2,"issue_type":"task","created_at":"2026-01-01T16:05:42.642109576+01:00","created_by":"soeren","updated_at":"2026-01-01T16:05:42.642109576+01:00"}
{"id":"fotospiel-app-jk4","title":"Checkout refactor: CheckoutController + marketing route alignment","status":"closed","priority":2,"issue_type":"task","created_at":"2026-01-01T16:06:21.088319132+01:00","created_by":"soeren","updated_at":"2026-01-01T16:06:26.663419594+01:00","closed_at":"2026-01-01T16:06:26.663419594+01:00","close_reason":"Completed in codebase (verified)"}
{"id":"fotospiel-app-jqy","title":"Tenant admin onboarding: Playwright skeleton for welcome flow","status":"closed","priority":2,"issue_type":"task","created_at":"2026-01-01T16:08:11.226297707+01:00","created_by":"soeren","updated_at":"2026-01-01T16:08:16.827679424+01:00","closed_at":"2026-01-01T16:08:16.827679424+01:00","close_reason":"Completed in codebase (verified)"}
{"id":"fotospiel-app-ko0","title":"Security review checklist: Webhooks/Billing dynamic tests","status":"open","priority":2,"issue_type":"task","created_at":"2026-01-01T16:04:51.987093237+01:00","created_by":"soeren","updated_at":"2026-01-01T16:04:51.987093237+01:00"}
{"id":"fotospiel-app-kry","title":"Paddle catalog sync: add DTO helpers for Paddle product/price responses","status":"open","priority":2,"issue_type":"task","created_at":"2026-01-01T15:58:57.817750548+01:00","created_by":"soeren","updated_at":"2026-01-01T15:58:57.817750548+01:00"}
{"id":"fotospiel-app-kso","title":"SEC-MS-02 Streaming upload refactor + tests","status":"open","priority":2,"issue_type":"task","created_at":"2026-01-01T15:53:03.729137616+01:00","created_by":"soeren","updated_at":"2026-01-01T15:53:03.729137616+01:00"}
{"id":"fotospiel-app-kxe","title":"Paddle customer success metrics (tenant ↔ Paddle sync, sandbox seeding, rollout/rollback)","status":"open","priority":2,"issue_type":"task","created_at":"2026-01-01T16:10:34.454400334+01:00","created_by":"soeren","updated_at":"2026-01-01T16:10:34.454400334+01:00"}
{"id":"fotospiel-app-l3n","title":"Session changes 2025-09-08 (PRP split, PWA scaffolding, Filament resources, API)","status":"closed","priority":2,"issue_type":"task","created_at":"2026-01-01T16:10:18.204088457+01:00","created_by":"soeren","updated_at":"2026-01-01T16:10:23.815135505+01:00","closed_at":"2026-01-01T16:10:23.815135505+01:00","close_reason":"Completed in codebase (verified)"}
{"id":"fotospiel-app-l6a","title":"Registration flow fixes: JSON redirect, error clearing, role handling","status":"closed","priority":2,"issue_type":"task","created_at":"2026-01-01T16:07:16.253760139+01:00","created_by":"soeren","updated_at":"2026-01-01T16:07:21.964843904+01:00","closed_at":"2026-01-01T16:07:21.964843904+01:00","close_reason":"Completed in codebase (verified)"}
{"id":"fotospiel-app-l8q","title":"SEC-GT-02 Join-token analytics dashboard (Grafana)","description":"Logging + Filament summaries exist; Grafana dashboard still missing.","status":"open","priority":2,"issue_type":"task","created_at":"2026-01-01T15:52:12.920875329+01:00","created_by":"soeren","updated_at":"2026-01-01T15:52:12.920875329+01:00"}
{"id":"fotospiel-app-ln3","title":"Paddle catalog sync: announce workflow change to admin users","status":"open","priority":2,"issue_type":"task","created_at":"2026-01-01T15:59:49.021233635+01:00","created_by":"soeren","updated_at":"2026-01-01T15:59:49.021233635+01:00"}
{"id":"fotospiel-app-lnb","title":"SEC-GT-01 Hash join tokens + data migration","status":"closed","priority":2,"issue_type":"task","created_at":"2026-01-01T15:52:01.658868778+01:00","created_by":"soeren","updated_at":"2026-01-01T15:52:07.314317124+01:00","closed_at":"2026-01-01T15:52:07.314317124+01:00","close_reason":"Completed in codebase (verified)"}
{"id":"fotospiel-app-lqp","title":"Integrations health (Paddle/RevenueCat/webhooks)","description":"Health/status dashboard for payment and webhook integrations.","status":"open","priority":3,"issue_type":"feature","created_at":"2026-01-01T14:20:25.197673148+01:00","updated_at":"2026-01-01T14:20:25.197673148+01:00"}
{"id":"fotospiel-app-ml7","title":"SEC-GT-03 Tighten gallery/photo rate limits + alerting","status":"open","priority":2,"issue_type":"task","created_at":"2026-01-01T15:52:18.593415508+01:00","created_by":"soeren","updated_at":"2026-01-01T15:52:18.593415508+01:00"}
{"id":"fotospiel-app-mol","title":"Coupon ops: wire analytics into Matomo dashboard","status":"open","priority":2,"issue_type":"task","created_at":"2026-01-01T16:09:27.722458747+01:00","created_by":"soeren","updated_at":"2026-01-01T16:09:27.722458747+01:00"}
{"id":"fotospiel-app-mpu","title":"Checkout refactor: test coverage + rollout notes","status":"closed","priority":2,"issue_type":"task","created_at":"2026-01-01T16:06:43.488302531+01:00","created_by":"soeren","updated_at":"2026-01-01T16:06:49.13645691+01:00","closed_at":"2026-01-01T16:06:49.13645691+01:00","close_reason":"Completed in codebase (verified)"}
{"id":"fotospiel-app-mx5","title":"Localized SEO: sitemap updated with locale alternates","status":"closed","priority":2,"issue_type":"task","created_at":"2026-01-01T16:02:15.177013722+01:00","created_by":"soeren","updated_at":"2026-01-01T16:02:20.812287917+01:00","closed_at":"2026-01-01T16:02:20.812287917+01:00","close_reason":"Completed in codebase (verified)"}
{"id":"fotospiel-app-mxw","title":"Security review: configure env assumptions for dynamic testing","status":"open","priority":2,"issue_type":"task","created_at":"2026-01-01T16:04:29.498402235+01:00","created_by":"soeren","updated_at":"2026-01-01T16:04:29.498402235+01:00"}
{"id":"fotospiel-app-n8q","title":"Paddle migration: draft production cutover procedure","status":"open","priority":2,"issue_type":"task","created_at":"2026-01-01T15:56:51.427425262+01:00","created_by":"soeren","updated_at":"2026-01-01T15:56:51.427425262+01:00"}
{"id":"fotospiel-app-nfi","title":"Paddle catalog sync: add Link existing Paddle entity action in admin","status":"open","priority":2,"issue_type":"task","created_at":"2026-01-01T15:59:09.164334657+01:00","created_by":"soeren","updated_at":"2026-01-01T15:59:09.164334657+01:00"}
{"id":"fotospiel-app-niv","title":"Paddle catalog sync: Package model casts/fillable + factory","status":"closed","priority":2,"issue_type":"task","created_at":"2026-01-01T16:00:13.646318173+01:00","created_by":"soeren","updated_at":"2026-01-01T16:00:19.296543136+01:00","closed_at":"2026-01-01T16:00:19.296543136+01:00","close_reason":"Completed in codebase (verified)"}
{"id":"fotospiel-app-o4n","title":"Audit PayPal SDK migration doc vs code (PayPal integration missing)","status":"open","priority":2,"issue_type":"task","created_at":"2026-01-01T16:07:34.316575518+01:00","created_by":"soeren","updated_at":"2026-01-01T16:07:34.316575518+01:00"}
{"id":"fotospiel-app-o96","title":"Paddle catalog sync: seed sandbox catalog via MCP","status":"open","priority":2,"issue_type":"task","created_at":"2026-01-01T15:59:37.63819424+01:00","created_by":"soeren","updated_at":"2026-01-01T15:59:37.63819424+01:00"}
{"id":"fotospiel-app-oix","title":"Paddle catalog sync: Playwright smoke for admin sync action","status":"open","priority":2,"issue_type":"task","created_at":"2026-01-01T15:59:31.939471627+01:00","created_by":"soeren","updated_at":"2026-01-01T15:59:31.939471627+01:00"}
{"id":"fotospiel-app-oof","title":"Paddle migration: tenant admin billing pages (Paddle transactions/portal)","status":"closed","priority":2,"issue_type":"task","created_at":"2026-01-01T15:58:23.581152289+01:00","created_by":"soeren","updated_at":"2026-01-01T15:58:29.178846317+01:00","closed_at":"2026-01-01T15:58:29.178846317+01:00","close_reason":"Completed in codebase (verified)"}
{"id":"fotospiel-app-p2k","title":"Security review: seed test identities/fixtures","status":"closed","priority":2,"issue_type":"task","created_at":"2026-01-01T16:03:31.980868874+01:00","created_by":"soeren","updated_at":"2026-01-01T16:03:37.575153506+01:00","closed_at":"2026-01-01T16:03:37.575153506+01:00","close_reason":"Completed in codebase (verified)"}
{"id":"fotospiel-app-pcz","title":"Security review: route/middleware inventory for marketing/API","status":"closed","priority":2,"issue_type":"task","created_at":"2026-01-01T16:03:54.409559375+01:00","created_by":"soeren","updated_at":"2026-01-01T16:04:00.000669934+01:00","closed_at":"2026-01-01T16:04:00.000669934+01:00","close_reason":"Completed in codebase (verified)"}
{"id":"fotospiel-app-poe","title":"Security review checklist: Cross-cutting headers/CSRF/rate limits","status":"open","priority":2,"issue_type":"task","created_at":"2026-01-01T16:05:03.2320643+01:00","created_by":"soeren","updated_at":"2026-01-01T16:05:03.2320643+01:00"}
{"id":"fotospiel-app-q2n","title":"Checkout refactor: wizard foundations + updated steps","status":"closed","priority":2,"issue_type":"task","created_at":"2026-01-01T16:05:58.701443698+01:00","created_by":"soeren","updated_at":"2026-01-01T16:06:04.313207281+01:00","closed_at":"2026-01-01T16:06:04.313207281+01:00","close_reason":"Completed in codebase (verified)"}
{"id":"fotospiel-app-qlj","title":"Paddle catalog sync: verify legacy packages mapped before auto-sync","status":"open","priority":2,"issue_type":"task","created_at":"2026-01-01T15:59:43.333792314+01:00","created_by":"soeren","updated_at":"2026-01-01T15:59:43.333792314+01:00"}
{"id":"fotospiel-app-qtn","title":"Security review kickoff mitigations (CORS allowlist, headers, upload hardening, signed URLs)","status":"closed","priority":2,"issue_type":"task","created_at":"2026-01-01T16:09:46.310873311+01:00","created_by":"soeren","updated_at":"2026-01-01T16:09:51.914359487+01:00","closed_at":"2026-01-01T16:09:51.914359487+01:00","close_reason":"Completed in codebase (verified)"}
{"id":"fotospiel-app-sbs","title":"Compliance tools: data export + retention overrides","description":"GDPR-compliant export requests and retention override workflows for tenants/events.","status":"open","priority":3,"issue_type":"feature","created_at":"2026-01-01T14:20:16.530289009+01:00","updated_at":"2026-01-01T14:20:16.530289009+01:00"}
{"id":"fotospiel-app-swb","title":"Security review: replace public asset URLs with signed routes","status":"closed","priority":2,"issue_type":"task","created_at":"2026-01-01T16:04:05.610098299+01:00","created_by":"soeren","updated_at":"2026-01-01T16:04:11.215921463+01:00","closed_at":"2026-01-01T16:04:11.215921463+01:00","close_reason":"Completed in codebase (verified)"}
{"id":"fotospiel-app-tqg","title":"Tenant admin onboarding: staging E2E validation","status":"open","priority":2,"issue_type":"task","created_at":"2026-01-01T16:08:57.448899354+01:00","created_by":"soeren","updated_at":"2026-01-01T16:08:57.448899354+01:00"}
{"id":"fotospiel-app-ty9","title":"Security review: data classes \u0026 retention baseline","status":"closed","priority":2,"issue_type":"task","created_at":"2026-01-01T16:03:09.595870306+01:00","created_by":"soeren","updated_at":"2026-01-01T16:03:15.211042718+01:00","closed_at":"2026-01-01T16:03:15.211042718+01:00","close_reason":"Completed in codebase (verified)"}
{"id":"fotospiel-app-tym","title":"Ops health dashboard (queues, storage, upload pipeline)","description":"Superadmin ops dashboard showing queue backlog, failed jobs, storage thresholds, and upload pipeline health.","status":"open","priority":2,"issue_type":"feature","created_at":"2026-01-01T14:20:04.991351193+01:00","updated_at":"2026-01-01T14:20:04.991351193+01:00"}
{"id":"fotospiel-app-ugk","title":"Paddle catalog sync: feature test for artisan command","status":"closed","priority":2,"issue_type":"task","created_at":"2026-01-01T16:01:33.309716868+01:00","created_by":"soeren","updated_at":"2026-01-01T16:01:38.940407157+01:00","closed_at":"2026-01-01T16:01:38.940407157+01:00","close_reason":"Completed in codebase (verified)"}
{"id":"fotospiel-app-umr","title":"Paddle migration: build Paddle API service layer","status":"closed","priority":2,"issue_type":"task","created_at":"2026-01-01T15:57:38.529187953+01:00","created_by":"soeren","updated_at":"2026-01-01T15:57:44.178675076+01:00","closed_at":"2026-01-01T15:57:44.178675076+01:00","close_reason":"Completed in codebase (verified)"}
{"id":"fotospiel-app-v31","title":"SEC-MS-01 AV + EXIF scrubber worker integration","status":"closed","priority":2,"issue_type":"task","created_at":"2026-01-01T15:52:52.476048623+01:00","created_by":"soeren","updated_at":"2026-01-01T15:52:58.118336529+01:00","closed_at":"2026-01-01T15:52:58.118336529+01:00","close_reason":"Completed in codebase (verified)"}
{"id":"fotospiel-app-v4g","title":"Localized SEO: locale-prefixed routing + redirects","status":"closed","priority":2,"issue_type":"task","created_at":"2026-01-01T16:01:52.666356454+01:00","created_by":"soeren","updated_at":"2026-01-01T16:01:58.299584583+01:00","closed_at":"2026-01-01T16:01:58.299584583+01:00","close_reason":"Completed in codebase (verified)"}
{"id":"fotospiel-app-v84","title":"Paddle migration: seed sandbox catalog via MCP + validate activation flow","status":"open","priority":2,"issue_type":"task","created_at":"2026-01-01T15:56:45.739701297+01:00","created_by":"soeren","updated_at":"2026-01-01T15:56:45.739701297+01:00"}
{"id":"fotospiel-app-vc3","title":"Localized SEO: add tests for hreflang/canonical tags","status":"open","priority":2,"issue_type":"task","created_at":"2026-01-01T16:02:30.822184391+01:00","created_by":"soeren","updated_at":"2026-01-01T16:02:30.822184391+01:00"}
{"id":"fotospiel-app-vel","title":"Localized SEO: update PRP/marketing playbooks for hreflang strategy","status":"open","priority":2,"issue_type":"task","created_at":"2026-01-01T16:02:42.156443813+01:00","created_by":"soeren","updated_at":"2026-01-01T16:02:42.156443813+01:00"}
{"id":"fotospiel-app-vk4","title":"Registration flow fixes: JSON redirect, error clearing, role handling","status":"closed","priority":2,"issue_type":"task","created_at":"2026-01-01T16:07:01.574904029+01:00","created_by":"soeren","updated_at":"2026-01-01T16:11:18.65499639+01:00","closed_at":"2026-01-01T16:11:18.65499639+01:00","close_reason":"Duplicate of fotospiel-app-l6a"}
{"id":"fotospiel-app-w2x","title":"SEC-FE-03 Cookie banner UX + localisation","status":"closed","priority":2,"issue_type":"task","created_at":"2026-01-01T15:55:26.182193434+01:00","created_by":"soeren","updated_at":"2026-01-01T15:55:31.84344419+01:00","closed_at":"2026-01-01T15:55:31.84344419+01:00","close_reason":"Completed in codebase (verified)"}
{"id":"fotospiel-app-w7g","title":"Paddle catalog sync: document failure recovery playbook","status":"open","priority":2,"issue_type":"task","created_at":"2026-01-01T15:59:26.255623751+01:00","created_by":"soeren","updated_at":"2026-01-01T15:59:26.255623751+01:00"}
{"id":"fotospiel-app-wde","title":"Tenant lifecycle controls (status, limits, suspend/grace)","description":"Superadmin controls for tenant status, grace periods, and hard limits (uploads/storage/events). Includes UI, policy checks, and audit events.","notes":"Implemented superadmin tenant lifecycle controls: activate/deactivate, suspend/unsuspend, schedule/cancel deletion (optional warning email), anonymize now; added tenant view infolist with lifecycle + audit timeline (retention milestones + recent notification logs) and tests for lifecycle actions + view timeline. Remaining: grace-period logic + hard limits (uploads/storage/events) wiring, policy checks, and audit-event storage.","status":"in_progress","priority":1,"issue_type":"feature","created_at":"2026-01-01T14:18:23.062036821+01:00","updated_at":"2026-01-01T15:17:07.752938631+01:00"}
{"id":"fotospiel-app-wkl","title":"Paddle catalog sync: paddle:sync-packages command (dry-run/pull)","status":"closed","priority":2,"issue_type":"task","created_at":"2026-01-01T16:00:58.753792575+01:00","created_by":"soeren","updated_at":"2026-01-01T16:01:04.39629062+01:00","closed_at":"2026-01-01T16:01:04.39629062+01:00","close_reason":"Completed in codebase (verified)"}
{"id":"fotospiel-app-wku","title":"Security review: run dynamic testing harness (identities, DAST, fuzz uploads)","status":"open","priority":2,"issue_type":"task","created_at":"2026-01-01T16:05:37.008239379+01:00","created_by":"soeren","updated_at":"2026-01-01T16:05:37.008239379+01:00"}
{"id":"fotospiel-app-xht","title":"Paddle migration: tenant ↔ Paddle customer sync + webhook handlers","status":"closed","priority":2,"issue_type":"task","created_at":"2026-01-01T15:58:01.028435913+01:00","created_by":"soeren","updated_at":"2026-01-01T15:58:06.685122343+01:00","closed_at":"2026-01-01T15:58:06.685122343+01:00","close_reason":"Completed in codebase (verified)"}
{"id":"fotospiel-app-z5g","title":"Tenant admin onboarding: PWA/Capacitor/TWA packaging prep","status":"open","priority":2,"issue_type":"task","created_at":"2026-01-01T16:08:46.126417696+01:00","created_by":"soeren","updated_at":"2026-01-01T16:08:46.126417696+01:00"}
{"id":"fotospiel-app-zli","title":"SEC-FE-01 CSP nonce/hashing rollout","status":"closed","priority":2,"issue_type":"task","created_at":"2026-01-01T15:55:03.625388684+01:00","created_by":"soeren","updated_at":"2026-01-01T15:55:09.286391766+01:00","closed_at":"2026-01-01T15:55:09.286391766+01:00","close_reason":"Completed in codebase (verified)"}

1
.beads/last-touched Normal file
View File

@@ -0,0 +1 @@
fotospiel-app-kxe

2
.beads/metadata.json
View File

@@ -1,4 +1,4 @@
{
"database": "beads.db",
"jsonl_export": "interactions.jsonl"
"jsonl_export": "issues.jsonl"
}