Files
arnes/work/artifacts/F-002/implementer.md

1.8 KiB

Implementer Artefact — Feature: F-002

Summary

Added one shared config loader for the legacy PHP module. Moved DB, OpenAI, and route values out of tracked PHP source files. Added versioned config template and ignored local config file path. Updated docs and specs for local setup.

Code changes

  • added project/web/index/new/bootstrap.php
  • added project/web/index/new/config/local.example.php
  • added project/web/index/new/config/README.md
  • added project/web/index/new/README.md
  • updated .gitignore to ignore project/web/index/new/config/local.php
  • updated PHP entry points to use legacy_config() and legacy_new_mysqli()
  • removed inline DB and OpenAI secrets from tracked PHP files
  • replaced inline production URLs in tracked PHP files with config keys

Evidence

  • ./scripts/verify.sh -> OK
  • secret scan on tracked PHP files -> no hard-coded DB or OpenAI secrets found
  • route scan on tracked PHP files -> no hard-coded production URLs found
  • ignore check -> project/web/index/new/config/local.php is ignored by git
  • local config docs exist -> project/web/index/new/config/README.md
  • config template exists -> project/web/index/new/config/local.example.php

Checks run

  • ./scripts/verify.sh
  • rg -n "(sk-proj-|admin_natural|oo6478022A)" project/web/index/new --glob '!logs/*' --glob '!config/local.php' --glob '!config/local.example.php' --glob '*.php'
  • rg -n "https://mercadodevida\.es|https://www\.mercadodevida\.es" project/web/index/new --glob '!logs/*' --glob '!config/local.php' --glob '!config/local.example.php' --glob '*.php'
  • git check-ignore -v project/web/index/new/config/local.php

Notes

  • Real local values must be filled in config/local.php.
  • Existing SQL dump remains in repo and should be handled by separate data-security work.