28 lines
1.0 KiB
Markdown
28 lines
1.0 KiB
Markdown
# Current session
|
|
|
|
- Active feature: `F-002` — `Remove secrets and externalize config`
|
|
- Start: `2026-05-25`
|
|
- Orchestrator: `leader`
|
|
|
|
## Plan
|
|
- Write SDD, ADR, and BDD trace for config externalization.
|
|
- Add one config loader for legacy PHP module.
|
|
- Remove hard-coded DB and OpenAI secrets from versioned PHP files.
|
|
- Centralize URLs and external endpoints in local config.
|
|
- Run `./scripts/verify.sh` and security scan.
|
|
|
|
## Log
|
|
- Feature `F-001` is blocked by security gate because secrets remain in repo.
|
|
- Created follow-up ticket `F-002`.
|
|
- Switched active work item to `F-002`.
|
|
- Wrote SDD, ADR, and BDD trace for config externalization.
|
|
- Added shared config loader and local config template for legacy PHP module.
|
|
- Removed hard-coded DB and OpenAI secrets from tracked PHP files.
|
|
- Replaced inline production URLs in tracked PHP files with config lookups.
|
|
- Ran verify and security scans.
|
|
- Reviewer, security, QA, and documenter artifacts for `F-002` are on disk.
|
|
|
|
## Next step
|
|
- Publish `F-002`.
|
|
- Create follow-up ticket for SQL dump sanitization.
|