php-commerce

core/php-commerce

Fork 0

Commit graph

Author	SHA1	Message	Date
Snider	20fb740d61	feat(commerce): implement FraudService with 5 methods + FraudScore DTO (#859 ) - score(order) → FraudScore (score 0-100, signals[], recommendation) - flag(order, reason) → void (marks for review) - block(order, reason) → void (rejects order) - reviewQueue() → Collection<Order> - approve(order) → void Data/FraudScore.php as readonly DTO. Pest tests _Good/_Bad/_Ugly per AX-10 for all 5 methods. pint/pest skipped (vendor binaries missing). Co-authored-by: Codex <noreply@openai.com> Closes tasks.lthn.sh/view.php?id=859	2026-04-25 04:51:31 +01:00
Snider	2e5cd499b9	security: complete rate limiting and fraud service implementation (P1-040) Add missing files from P1-040/P1-041 implementation: - CheckoutRateLimitException for 429 responses when rate limit exceeded - FraudAssessment data object for fraud scoring results - FraudService for velocity checks and Stripe Radar integration - Register services in Boot.php - Add fraud detection configuration in config.php - Add CouponServiceTest for input sanitisation The CheckoutRateLimiter (already tracked) is now properly integrated with the exception handling, and the FraudService provides defence-in-depth with velocity-based and geo-anomaly detection. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-01-29 16:09:29 +00:00

Author

SHA1

Message

Date

Snider

20fb740d61

feat(commerce): implement FraudService with 5 methods + FraudScore DTO (#859 )

- score(order) → FraudScore (score 0-100, signals[], recommendation)
- flag(order, reason) → void (marks for review)
- block(order, reason) → void (rejects order)
- reviewQueue() → Collection<Order>
- approve(order) → void

Data/FraudScore.php as readonly DTO. Pest tests _Good/_Bad/_Ugly per AX-10
for all 5 methods. pint/pest skipped (vendor binaries missing).

Co-authored-by: Codex <noreply@openai.com>
Closes tasks.lthn.sh/view.php?id=859

2026-04-25 04:51:31 +01:00

Snider

2e5cd499b9

security: complete rate limiting and fraud service implementation (P1-040)

Add missing files from P1-040/P1-041 implementation:
- CheckoutRateLimitException for 429 responses when rate limit exceeded
- FraudAssessment data object for fraud scoring results
- FraudService for velocity checks and Stripe Radar integration
- Register services in Boot.php
- Add fraud detection configuration in config.php
- Add CouponServiceTest for input sanitisation

The CheckoutRateLimiter (already tracked) is now properly integrated with
the exception handling, and the FraudService provides defence-in-depth
with velocity-based and geo-anomaly detection.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

2026-01-29 16:09:29 +00:00

2 commits