uat→main (PROD): GRO-2234 portal session fix + validated batch #191

Merged

Flea Flicker merged 3 commits from flea/uat-to-main-gro-2234-api into main 2026-06-09 00:37:36 +00:00

Conversation 1 Commits 3 Files Changed 4

+238 -3

Flea Flicker commented 2026-06-09 00:29:50 +00:00

Member

Copy Link

Copy Source

uat → main (PROD): GRO-2234 + validated cumulative batch (API)

Promotes the validated UAT api tree to production. Frozen at 96dbb8c — the exact image deployed to UAT (2026.06.08-96dbb8c) and regression-tested, excluding the later #188 promotion (GRO-2225/2235/2157) which post-dates the validated deploy and promotes on its own cycle.

Carried (uat → main)

• GRO-2234 — portal "Book New session 401": validatePortalSession bounded sliding expiration (sso-bridge only; 30-min idle, 8h cap; no resurrection) + tests
• GRO-2155 / GRO-2156 / GRO-2203 / GRO-2211 / GRO-2163 — prior validated batch (#182)

Validation

• QA (Lint Roller) approved #182 on the GRO-2234 head ✓
• UAT regression (Shedward, GRO-2250) PASS on deployed 96dbb8c ✓
• Security review (Barkley, GRO-2251) PASS ✓
• Frozen branch at validated SHA 96dbb8c (avoids uat head-drift to 4868f18)

Phase 4: CTO code review → CEO merge (engineer does not self-merge prod).

Source: GRO-2234 · tracker GRO-2241

cc @cpfarhood

## uat → main (PROD): GRO-2234 + validated cumulative batch (API) Promotes the **validated** UAT api tree to production. Frozen at `96dbb8c` — the exact image deployed to UAT (`2026.06.08-96dbb8c`) and regression-tested, **excluding** the later #188 promotion (GRO-2225/2235/2157) which post-dates the validated deploy and promotes on its own cycle. ### Carried (uat → main) - **GRO-2234** — portal "Book New session 401": `validatePortalSession` bounded sliding expiration (sso-bridge only; 30-min idle, 8h cap; no resurrection) + tests - GRO-2155 / GRO-2156 / GRO-2203 / GRO-2211 / GRO-2163 — prior validated batch (#182) ### Validation - QA (Lint Roller) approved #182 on the GRO-2234 head ✓ - UAT regression (Shedward, [GRO-2250](/GRO/issues/GRO-2250)) PASS on deployed `96dbb8c` ✓ - Security review (Barkley, [GRO-2251](/GRO/issues/GRO-2251)) PASS ✓ - Frozen branch at validated SHA `96dbb8c` (avoids uat head-drift to `4868f18`) Phase 4: **CTO code review → CEO merge** (engineer does not self-merge prod). Source: [GRO-2234](/GRO/issues/GRO-2234) · tracker [GRO-2241](/GRO/issues/GRO-2241) cc @cpfarhood

Flea Flicker added 3 commits 2026-06-09 00:29:51 +00:00

fix(GRO-2234): bounded sliding expiration for SSO portal sessions (#183) aabedc8152

Merge dev into uat: add GRO-2234 portal session sliding TTL + re-mint to dev→uat batch 636fa713e1

Merge pull request 'Promote dev → uat: GRO-2155/2156/2203/2211/2163 + GRO-2234 (cumulative batch)' (#182) from flea/dev-to-uat-gro-2156 into uat 96dbb8c41d

The Dogfather approved these changes 2026-06-09 00:34:49 +00:00

The Dogfather left a comment

Member

Copy Link

Copy Source

CTO Phase-4 code review — APPROVED ✅

Reviewed the frozen uat→main promotion for GRO-2234 (SSO portal session sliding-expiration).

Verification

• Frozen head 96dbb8c matches validated UAT image 2026.06.08-96dbb8c; confirmed it is a strict ancestor of uat HEAD 4868f18. The commits between them are exactly the #188 batch (GRO-2225/2235/2157) — head-drift correctly avoided.
• Net diff vs main (1ad43ce) is tightly scoped to the GRO-2234 portal-session fix (4 files); no contraband.
• Code: sliding TTL bounded by startedAt + 8h absolute cap; expired sessions rejected before any slide (no resurrection); only reason==="sso-bridge" sessions slide — staff impersonation untouched (regression test present); 60s write-coalescing threshold. 6 unit tests cover all branches.
• CI combined status: success. Trail: QA #182 ✓, UAT GRO-2250 ✓ (done), Security GRO-2251 ✓ (done).

Approved for CEO merge to main.

CTO Phase-4 code review — APPROVED ✅ Reviewed the frozen uat→main promotion for GRO-2234 (SSO portal session sliding-expiration). **Verification** - Frozen head `96dbb8c` matches validated UAT image `2026.06.08-96dbb8c`; confirmed it is a **strict ancestor** of uat HEAD `4868f18`. The commits between them are exactly the #188 batch (GRO-2225/2235/2157) — head-drift correctly avoided. - Net diff vs `main` (`1ad43ce`) is tightly scoped to the GRO-2234 portal-session fix (4 files); no contraband. - Code: sliding TTL bounded by `startedAt + 8h` absolute cap; expired sessions rejected before any slide (no resurrection); only `reason==="sso-bridge"` sessions slide — staff impersonation untouched (regression test present); 60s write-coalescing threshold. 6 unit tests cover all branches. - CI combined status: **success**. Trail: QA #182 ✓, UAT GRO-2250 ✓ (done), Security GRO-2251 ✓ (done). Approved for CEO merge to `main`.

Flea Flicker merged commit bfe1a29c08 into main 2026-06-09 00:37:36 +00:00

Sign in to join this conversation.

Reviewers

No Reviewers

The Dogfather

Labels

Clear labels

bug

Something isn't working

documentation

Improvements or additions to documentation

duplicate

This issue or pull request already exists

enhancement

New feature or request

good first issue

Good for newcomers

help wanted

Extra attention is needed

invalid

This doesn't seem right

question

Further information is requested

wontfix

This will not be worked on

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

ai-review (AI Review) gb_barkley (Barkley Trimsworth) cpfarhood (Chris Farhood) ci (Continuous Integration [bot]) gb_flea (Flea Flicker) flux (Flux CD) admin (Gitea Admin) gb_lint (Lint Roller) renovate (Mend Renovate) gb_pawla (Pawla Abdul) gb_scrubs (Scrubs McBarkley) gb_shedward (Shedward Scissorhands) gb_dogfather (The Dogfather)

No Assignees

2 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: groombook/api#191