robin/music-hub
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
e642e63fdc958489b003bf634609213def4e9c33
music-hub/apps/api
History
Robin Choice c949d6b829 fix: security hardening and stem multi-select 
- Remove public /migrate endpoint (startup migration handles it)
- Add membership + canUpload check to POST /versions/track/:trackId
- Add membership check to stream-url, download-url, waveform endpoints
- Scope member PATCH/DELETE to projectId to prevent cross-project mutation
- Add auth + membership check to POST /comments/:id/resolve
- Add secure: true to session cookie in production
- Hash magic link tokens before storing (was plaintext)
- Return generic error message instead of err.message
- Fix stem multi-file-select: replace hidden attr with CSS offscreen
  (Safari/WebKit drops multiple selection on display:none file inputs)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-16 21:04:22 +02:00
..
src
fix: security hardening and stem multi-select
2026-04-16 21:04:22 +02:00
package.json
feat: add STEM file support per track
2026-04-13 18:13:01 +02:00
tsconfig.json
Initial commit: Music Hub collaboration platform
2026-04-02 13:23:10 +02:00