April 5, 2026
Hardening pass, test coverage, cursor audit, and landing page reset
This session focused on making GitProof more reliable, more defensible, and less rough around the edges, then replacing the homepage with a calmer product-first version built around the real app.
Security and data integrity
Fixed GitHub account relinking so OAuth accounts stay attached when a GitHub email changes.
Made sync reconcile deletions and private-repo removals instead of keeping stale repositories visible forever.
Paginated GitHub repository ingestion beyond the first 100 public repos.
Updated sync to follow live GitHub username changes instead of trusting stale session state.
Moved the featured-project limit to the server so public output cannot drift from editor state.
Reduced public/client payload exposure and validated external URLs before rendering outbound links.
Testing and verification
Added a Vitest setup and covered utilities, permissions, sanitization, rate limits, stats, and project-visibility logic.
Ran lint and production builds after each hardening pass to keep changes grounded in actual verification.
UX polish
Audited interactive controls across the app and standardized pointer behavior for buttons, dialogs, tabs, menus, switches, and the editor visibility toggle.
Marketing and information architecture
Reworked the homepage to use the real dashboard, repository archive, and editor screenshots from `/public/static`.
Added this changelog page and surfaced it from the hero so product updates have a stable home.