fraqtal/agentic-dev
Template
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

chore(work): tick task in 07-security-header-adapters

Browse Source
This commit is contained in:
Danijel Martinek
2026-05-20 11:48:13 +02:00
parent a736ed621d
commit 6903c59cc7
2 changed files with 6 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
docs/work/_system/_state.json
View File

@@ -1,5 +1,5 @@
{
"updated_at": "2026-05-20T09:35:47.087Z",
"updated_at": "2026-05-20T09:48:15.365Z",
"epics": {
"binder-wrap-helper": {
"status": "done",
@@ -634,10 +634,10 @@
]
},
"07-security-header-adapters": {
"status": "todo",
"status": "in-progress",
"title": "Per-framework security header adapters",
"ac_total": 2,
"ac_completed": 0,
"ac_completed": 1,
"depends_on": [
"06-security-headers-core-module"
],

6
docs/work/epics/security-headers-rate-limit-sbom/07-security-header-adapters/_story.md
View File

@@ -3,12 +3,12 @@ id: 07-security-header-adapters
epic: security-headers-rate-limit-sbom
title: Per-framework security header adapters
type: technical-story
status: todo
status: in-progress
feature: core-shared
depends-on: [06-security-headers-core-module]
blocks: [08-app-wiring-web-next, 09-app-wiring-web-tanstack-and-cms]
created: 2026-05-20T00:00:00Z
updated: 2026-05-20T08:14:55.907Z
updated: 2026-05-20T09:48:15.201Z
---
## Goal
@@ -41,5 +41,5 @@ Adapters follow the `core-analytics/react` subpath pattern established in the co
## Tasks
- [ ] Implement `packages/core-shared/src/security/next/index.ts`: Next.js middleware calling `generateNonce()` + `buildSecurityHeaders`, setting all six headers and `x-nonce` on the response, plus `getNonce()` helper reading `x-nonce` from Next.js `headers()`; add subpath to `package.json` exports; adapter tests asserting all headers present, nonce in response headers, `getNonce()` reads it; all gates pass.
- [x] Implement `packages/core-shared/src/security/next/index.ts`: Next.js middleware calling `generateNonce()` + `buildSecurityHeaders`, setting all six headers and `x-nonce` on the response, plus `getNonce()` helper reading `x-nonce` from Next.js `headers()`; add subpath to `package.json` exports; adapter tests asserting all headers present, nonce in response headers, `getNonce()` reads it; all gates pass.
- [ ] Implement `packages/core-shared/src/security/tanstack/index.ts`: TanStack Start server middleware equivalent (generate nonce, set headers + `x-nonce`) plus request-context nonce extractor; add subpath to `package.json` exports; adapter tests asserting equivalent header + nonce behaviour; all gates pass.