diff --git a/CLAUDE.md b/CLAUDE.md index 1b32250..1d5506d 100644 --- a/CLAUDE.md +++ b/CLAUDE.md @@ -5,7 +5,7 @@ Multi-tenant biometric auth platform | Marmara University CSE4297 | Hexagonal Architecture **Status**: Production deployed. Phases 0-8 complete. ~1,900+ tests. All services healthy. -**Last verified**: 2026-05-11 (Session shipped 11 PRs across 5 repos + Flyway repair on prod. Prod containers rebuilt: api image `179d34a5`, bio `75347c98`, both healthy. **V59 + V60 applied successfully** (audit_logs.tenant_id NULL count 140→0 via backfill + sentinel; `refresh_tokens.token` plaintext column dropped; only `token_secret_hash` remains). **Flyway repair on prod completed** — 7 NULL-checksum + description-mismatch rows fixed (V24, V40-V43, V49, V50); `SPRING_FLYWAY_VALIDATE_ON_MIGRATE=true` now enforced; Task #80 emergency override retired. **Branch protection live** on FIVUCSAS main+master, identity-core-api, biometric-processor, web-app, client-apps (1-review + admin bypass + force-push/deletion blocked). master+main parent branches reconciled and byte-identical. INVESTIGATION 2026-05-07 P1 residue closed: NFC MRZ wired (api→bio), real occlusion detector, anti-spoof verdict policy verified, dev-gate handlers confirmed, soft-delete purge default-on. Docs: tenant onboarding playbook + 8 ADRs + hierarchy consolidation. spoof-detector blink cache + EAR recalibration (paper P0). Operator-only items handed off in `infra/OPERATOR_HANDOFF_2026-05-11.md`.) +**Last verified**: 2026-05-12 (Carry-forward from 2026-05-11: 11 PRs shipped across 5 repos + Flyway repair on prod, V59/V60 applied, branch protection on 6 branches, master/main reconciled, INVESTIGATION 2026-05-07 P1 residue closed, tenant onboarding playbook + 8 ADRs + docs/ hierarchy consolidated, spoof-detector blink cache + EAR recalibration paper-P0. **Added today**: parent PR #57 (poster suite: A0 default + 4 style variants compliant with CSE4198 §5.1) + parent PR #58 (archived 18 dated 2026-04/2026-05-04 docs into `archive/2026-05/{audits,plans,reviews,roadmaps,sessions}/`, tidied `.gitignore`); bio PR #99 (closed issue #91: 32 stale unit tests + 3 asyncio-fixture leaks fixed, no production code touched, module-scoped TestClient pattern documented for follow-ups); bio Dependabot #97/#98 in flight (rebased post-#99). Submodule pointer for biometric-processor bumped to post-#99 main.) ## Architecture diff --git a/README.md b/README.md index a44178d..e44b45d 100644 --- a/README.md +++ b/README.md @@ -173,9 +173,9 @@ cd client-apps && ./gradlew :shared:test - [Multi-Modal Auth Architecture](./docs/09-auth-flows/README.md) - [Active Plans](./docs/plans/) — SMS activation, client-side ML split, BYOD, OAuth2 audit, multi-method 2FA -## Project Status (April 2026) +## Project Status (May 2026) -Production-deployed. 99% complete. ~1,820+ tests across backend/web/mobile (633 backend + 619 web-app Vitest + 425 Kotlin + 27 Playwright specs). +Production-deployed. ~1,900+ tests across backend/web/mobile/spoof-detector (633 api + 619 web-app Vitest + 425 Kotlin + 114 spoof-detector + 27 Playwright specs). ### What's shipped diff --git a/biometric-processor b/biometric-processor index 750492c..bd030e4 160000 --- a/biometric-processor +++ b/biometric-processor @@ -1 +1 @@ -Subproject commit 750492c5f27acf557adda407430d5c740755366c +Subproject commit bd030e4b119730e0961a08e6804e44610291d43f