diff --git a/docs/tasks.md b/docs/tasks.md index a81c28a..53165f1 100644 --- a/docs/tasks.md +++ b/docs/tasks.md @@ -169,14 +169,14 @@ ### Phase 1: Critical Backend Fixes (#412) -| id | status | description | issue | repo | branch | depends_on | blocks | agent | started_at | completed_at | estimate | used | -| -------- | ----------- | ----------------------------------------------------------------- | ----- | ------ | ----------------------------- | -------------------------------------------- | -------- | ----- | ---------- | ------------ | -------- | ---- | -| AUTH-001 | not-started | 1.1: Add OIDC_REDIRECT_URI to validation with URL + path checks | #412 | api | fix/auth-frontend-remediation | | AUTH-002 | | | | 10K | | -| AUTH-002 | not-started | 1.2: Wrap BetterAuth handler in try/catch with error logging | #412 | api | fix/auth-frontend-remediation | AUTH-001 | | | | | 10K | | -| AUTH-003 | not-started | 1.3: Fix docker-compose OIDC_REDIRECT_URI default | #412 | devops | fix/auth-frontend-remediation | | | | | | 3K | | -| AUTH-004 | not-started | 1.4: Enable PKCE in genericOAuth config | #412 | api | fix/auth-frontend-remediation | | | | | | 5K | | -| AUTH-005 | not-started | 1.5: Add @SkipCsrf() documentation with BetterAuth CSRF rationale | #412 | api | fix/auth-frontend-remediation | | | | | | 3K | | -| AUTH-V01 | not-started | Phase 1 verification: quality gates pass | #412 | all | fix/auth-frontend-remediation | AUTH-001,AUTH-002,AUTH-003,AUTH-004,AUTH-005 | AUTH-006 | | | | 5K | | +| id | status | description | issue | repo | branch | depends_on | blocks | agent | started_at | completed_at | estimate | used | +| -------- | ------ | ----------------------------------------------------------------- | ----- | ------ | ----------------------------- | -------------------------------------------- | -------- | ----- | ----------------- | ----------------- | -------- | ---- | +| AUTH-001 | done | 1.1: Add OIDC_REDIRECT_URI to validation with URL + path checks | #412 | api | fix/auth-frontend-remediation | | AUTH-002 | w-1 | 2026-02-16T11:00Z | 2026-02-16T11:04Z | 10K | 12K | +| AUTH-002 | done | 1.2: Wrap BetterAuth handler in try/catch with error logging | #412 | api | fix/auth-frontend-remediation | AUTH-001 | | w-3 | 2026-02-16T11:05Z | 2026-02-16T11:09Z | 10K | 15K | +| AUTH-003 | done | 1.3: Fix docker-compose OIDC_REDIRECT_URI default | #412 | devops | fix/auth-frontend-remediation | | | w-2 | 2026-02-16T11:00Z | 2026-02-16T11:05Z | 3K | 5K | +| AUTH-004 | done | 1.4: Enable PKCE in genericOAuth config | #412 | api | fix/auth-frontend-remediation | | | w-2 | 2026-02-16T11:00Z | 2026-02-16T11:05Z | 5K | 5K | +| AUTH-005 | done | 1.5: Add @SkipCsrf() documentation with BetterAuth CSRF rationale | #412 | api | fix/auth-frontend-remediation | | | w-2 | 2026-02-16T11:00Z | 2026-02-16T11:05Z | 3K | 5K | +| AUTH-V01 | done | Phase 1 verification: quality gates pass | #412 | all | fix/auth-frontend-remediation | AUTH-001,AUTH-002,AUTH-003,AUTH-004,AUTH-005 | AUTH-006 | orch | 2026-02-16T11:10Z | 2026-02-16T11:10Z | 5K | 2K | ### Phase 2: Auth Config Discovery (#413)