Production hardening
Checklist before public launch with real payments and fal.ai.
P0 — ship blockers
| Item | Status |
|---|---|
Generation webhook auth + external_job_id binding | Done |
| SSRF allow-list on provider output URLs | Done |
sync_org_generation_credits_for_plan not callable by users | Done |
update_organization_plan gated (self_serve_billing) | Done |
finalize_generation_job idempotent on credits | Done |
P1 — reliability
| Item | Status |
|---|---|
| Submit failure → finalize failed + refund | Done |
generation-process requires project editor | Done |
credits-monthly-reset / generation-reap-stale cron auth | Done |
Idempotent reserve_generation_credits by job_id | Done |
| Batch partial 402 surfaced in UI | Done |
| Stale job reaper + monthly reset preserves balance | Done |
P2 — product polish
- Metrics from
generation_jobs(replace email metrics) - Hide legacy
/workspace/emailsnav - E2E: board → generate → gallery
- Failed job UX (
errorMessage, refund hint)
Environment checklist
GENERATION_WEBHOOK_SECRET=...
GENERATION_PROVIDER=fal
FAL_API_KEY=...
CREDITS_CRON_SECRET=...
# private.platform_settings.self_serve_billing = falseFull backlog
Canonical list: docs/SECURITY_AND_RELIABILITY_BACKLOG.md in the monorepo.
Last updated on