Files
arnes/work/current.md

28 lines
1.0 KiB
Markdown

# Current session
- Active feature: `F-002``Remove secrets and externalize config`
- Start: `2026-05-25`
- Orchestrator: `leader`
## Plan
- Write SDD, ADR, and BDD trace for config externalization.
- Add one config loader for legacy PHP module.
- Remove hard-coded DB and OpenAI secrets from versioned PHP files.
- Centralize URLs and external endpoints in local config.
- Run `./scripts/verify.sh` and security scan.
## Log
- Feature `F-001` is blocked by security gate because secrets remain in repo.
- Created follow-up ticket `F-002`.
- Switched active work item to `F-002`.
- Wrote SDD, ADR, and BDD trace for config externalization.
- Added shared config loader and local config template for legacy PHP module.
- Removed hard-coded DB and OpenAI secrets from tracked PHP files.
- Replaced inline production URLs in tracked PHP files with config lookups.
- Ran verify and security scans.
- Reviewer, security, QA, and documenter artifacts for `F-002` are on disk.
## Next step
- Publish `F-002`.
- Create follow-up ticket for SQL dump sanitization.