johan
/
inou
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
inou/docs
History
James 93643d285b Code review 2026-02-28: fix critical/high findings + full review report 
Critical fixes:
- CR-001: Remove auth backdoor code 250365 (lib/dbcore.go)

High fixes:
- HI-001: Fix CORS wildcard to use origin allowlist (portal/api_mobile.go, portal/mcp_http.go)
- HI-002: Fix LOINC skip logic - skip only if BOTH SearchKey2 AND LOINC are set (lib/normalize.go)

Also added:
- Full code review report at docs/CODE-REVIEW-2026-02-28.md

14 issues found: 2 critical, 4 high, 5 medium, 3 low
3 fixes applied, remaining are documented for follow-up
 		2026-02-28 07:20:38 -05:00
..
examples Portal: upload handler, dossier rework, dashboard updates, normalize fixes 2026-02-25 20:01:11 -05:00
soc2 fix: genome query RBAC - use system context for data access 2026-02-07 16:31:17 -05:00
._.DS_Store Initial commit from dev 2026-02-01 08:03:12 +00:00
CODE-REVIEW-2026-02-28.md Code review 2026-02-28: fix critical/high findings + full review report 2026-02-28 07:20:38 -05:00
INTAKE_SYSTEM_SPEC.md Initial commit from dev 2026-02-01 08:03:12 +00:00
SCHEMA.sql Initial commit 2026-02-01 02:43:27 -05:00
SCHEMA_OLD.sql Initial commit from dev 2026-02-01 08:03:12 +00:00
TODO.md Refactor: Remove legacy v2, data, roles modules; update auth, queries, translations, portal MCP tools 2026-02-13 15:30:22 -05:00
anthropic-submission.md Refactor: Remove legacy v2, data, roles modules; update auth, queries, translations, portal MCP tools 2026-02-13 15:30:22 -05:00
api-design-2026-01.md Initial commit from dev 2026-02-01 08:03:12 +00:00
entry-layout.md Lab reference charts, import tracking, DossierFromEntry consolidation 2026-02-24 05:15:03 -05:00
journal-system-2026-02.md feat: fix year interpretation, new schedule format, exclude today from backfill 2026-02-09 02:00:18 -05:00
mcp-server-setup.md Refactor: Remove legacy v2, data, roles modules; update auth, queries, translations, portal MCP tools 2026-02-13 15:30:22 -05:00
mcp-usage-examples.md Initial commit from dev 2026-02-01 08:03:12 +00:00
prompts-ai-setup.md feat: add Terms of Service page and legal page updates 2026-02-08 04:59:59 -05:00
rbac-design-2026-01.md Initial commit from dev 2026-02-01 08:03:12 +00:00
rbac-redesign-2026-02.md refactor: complete RBAC redesign with hierarchical permissions 2026-02-11 00:06:02 -05:00
reference-mccalip-style.css Initial commit from dev 2026-02-01 08:03:12 +00:00
roadmap-context-aware-health-scheduling.md Refactor: Remove legacy v2, data, roles modules; update auth, queries, translations, portal MCP tools 2026-02-13 15:30:22 -05:00
schema-auth.sql Initial commit from dev 2026-02-01 08:03:12 +00:00
schema.sql Refactor: Remove legacy v2, data, roles modules; update auth, queries, translations, portal MCP tools 2026-02-13 15:30:22 -05:00
security-audit-2026-02-15.md Lab reference charts, import tracking, DossierFromEntry consolidation 2026-02-24 05:15:03 -05:00
store-consolidation-plan.md Initial commit from dev 2026-02-01 08:03:12 +00:00
study-access-in-entries.md Refactor: Remove legacy v2, data, roles modules; update auth, queries, translations, portal MCP tools 2026-02-13 15:30:22 -05:00
update-2026-01-19-portal-cleanup.md Initial commit from dev 2026-02-01 08:03:12 +00:00
viewport-plan.md Lab reference charts, import tracking, DossierFromEntry consolidation 2026-02-24 05:15:03 -05:00