Cameroon-Developer-Network · chojuninengu · Apr 4, 2026 · Apr 2, 2026 · Apr 2, 2026 · Apr 4, 2026
diff --git a/.gitignore b/.gitignore
@@ -5,10 +5,10 @@
 
 # Rust
 /target
-Cargo.lock
 
-# Node / Next.js
+# Node / SvelteKit
 node_modules
+.svelte-kit
 .next
 out
 dist

diff --git a/AGENTS.md b/AGENTS.md
@@ -25,6 +25,7 @@ zenvra/
 │   └── web/              # SvelteKit 5 frontend — scanner UI, dashboard, auth, billing
 ├── crates/
 │   ├── scanner/          # Rust core: SAST engine, SCA, secrets detection, CVE lookup, AI provider layer
+│   ├── server/           # Rust API: Axum-based REST server for web integration
 │   └── cli/              # Rust CLI: `zenvra scan`, `zenvra report`, `zenvra auth`
 ├── extensions/
 │   └── vscode/           # VS Code extension: inline diagnostics, hover fixes
@@ -219,9 +220,11 @@ STRIPE_WEBHOOK_SECRET=whsec_...
 
 ## Current Status
 
-This repository is in **active MVP development**. The scan engine foundation, multi-AI provider system, and secrets detection are being built. First milestone: working CLI scanner + web paste UI.
+This repository is in **active MVP development**. 
+- **Phase 1 (Core Foundation)**: COMPLETE. Includes scan engine, AI provider system, and secrets detection.
+- **Phase 2 (Frontend & API Integration)**: COMPLETE. Includes Axum API server and SvelteKit 5 dashboard.
 
-When in doubt about a decision, open a GitHub Discussion rather than assuming. We build deliberately.
+Next milestone: Phase 3 (SSE Streaming & Backend Polish).
 
 ---
 

diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -0,0 +1,22 @@
+# Changelog
+
+All notable changes to this project will be documented in this file.
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+## [0.1.0-mvp] - 2026-04-02
+
+### Added
+- **API Server (`crates/server`)**: A new Axum-based REST API to bridge the scanner with the web.
+- **SvelteKit 5 Frontend (`apps/web`)**: A premium, dark-mode dashboard with glassmorphism aesthetics.
+- **Multi-AI Provider UI**: Support for switching AI providers (Anthropic, OpenAI, Google, Custom) directly from the scan interface.
+- **Interactive Scan Workbench**: A code editor area for real-time vulnerability analysis.
+- **Secrets Detection Engine**: Integrated 17+ regex patterns for cloud/API secrets with redaction.
+- **Expanded SAST Rules**: Initial rules for SQL Injection and OS Command Injection.
+- **Automated Release Workflow**: GitHub Actions to build and release the CLI binary on tag.
+
+### Fixed
+- **Vite 6 / Svelte 5 SSR**: Resolved CSS compilation and SSR "css is not a function" errors by optimizing Tailwind v4 usage and disabling SSR in dev mode.
+- **Security**: Sanitized dummy secrets in test fixtures to comply with GitHub Push Protection.
+- **Project Structure**: Consolidated workspace members and synchronized dependency versions.