refactorbugfixsecurityrelease
Changelog — April 1, 2026
Major frontend refactoring splitting oversized components into reusable hooks and files, plus a significant auth hardening release upgrading Better Auth to stable with Redis-backed sessions and rate limiting.
🐛 Bug Fixes
- Authentication hardening — Upgraded Better Auth from beta (
1.3.10-beta.6) to stable (1.5.6). Added Redis-backed secondary session storage, rate limiting on auth endpoints, explicit session expiration, cached platform admin check, and RGPD-compliant user deletion. Also removed a brokenThemedTextsnapshot test on mobile (missingui/textimport) and added--passWithNoTeststo Jest to prevent CI failures when no tests remain.#PR-350
♻️ Refactoring & Technical Improvements
- Frontend component split — Large files were broken down significantly:
project-details-content.tsx(-50%),project-media-detail-dialog.tsx(-46%),project-media-gallery.utils.ts(-62%),session-calendar.tsx(-61%). 16 new reusable files were created including hooks (useProjectDownloads,useProjectAssetActions,useEditDialog,useTableSearch), components (ProjectUploadDialog,TransitionConfirmDialog,MediaDetailSidebar,InlineAnnotationView,EntityRow,FormDialogFooter, calendar views), and utility modules. 10 unused component/hook files (2074 LOC) and 12 phantom barrel exports were removed. 10 identical row components were consolidated into a single genericEntityRow, andFormDialogFooterwas unified across 5 create dialogs. Net diff: 66 files changed, +5529 / -7541 lines.#PR-351
📦 Dependencies & Infrastructure
- Release v1.22.1 — Automated semantic release triggered by the auth fix merge. Corresponds to the Better Auth hardening shipped in
#PR-350. - Security policy — Added
SECURITY.mddocumenting supported versions and the vulnerability reporting process.
By theodaguier