style: formatted the docs with prettier

2026-01-16 14:12:10 +01:00 · 2025-07-13 17:11:11 +02:00
parent 5fb491214a
commit b946bdc803
12 changed files with 571 additions and 553 deletions
--- a/docs/csp-metrics-api.md
+++ b/docs/csp-metrics-api.md
@ -24,7 +24,7 @@ POST /api/csp-report
 #### Request Headers
-  - `Content-Type`: `application/csp-report` or `application/json`
+- `Content-Type`: `application/csp-report` or `application/json`
 #### Request Body (Automatic from Browser)
@ -58,21 +58,21 @@ GET /api/csp-metrics
 #### Query Parameters
-| Parameter        | Type    | Description               | Default | Example                |
+| Parameter        | Type    | Description                                                                     | Default | Example                |
-| ---------------- | ------- | ------------------------- | ------- | ---------------------- |
+| ---------------- | ------- | ------------------------------------------------------------------------------- | ------- | ---------------------- |
-| `timeRange`      | string  | Time range for metrics    | `24h`   | `?timeRange=7d`        |
+| `timeRange`      | string  | Time range for metrics                                                          | `24h`   | `?timeRange=7d`        |
-| `format`         | string  | Response format           | `json`  | `?format=csv`          |
+| `format`         | string  | Response format                                                                 | `json`  | `?format=csv`          |
-| `groupBy`        | string  | Group results by field    | `hour`  | `?groupBy=directive`   |
+| `groupBy`        | string  | Group results by field                                                          | `hour`  | `?groupBy=directive`   |
-| `includeDetails` | boolean | Include violation details | `false` | `?includeDetails=true` |
+| `includeDetails` | boolean | Include violation details                                                       | `false` | `?includeDetails=true` |
-| `offset`         | string  | Shift the queried time-window backwards by the given duration (for comparisons) | `0`     | `?offset=24h` |
+| `offset`         | string  | Shift the queried time-window backwards by the given duration (for comparisons) | `0`     | `?offset=24h`          |
 #### Time Range Options
-  - `1h` - Last 1 hour
+- `1h` - Last 1 hour
-  - `6h` - Last 6 hours
+- `6h` - Last 6 hours
-  - `24h` - Last 24 hours (default)
+- `24h` - Last 24 hours (default)
-  - `7d` - Last 7 days
+- `7d` - Last 7 days
-  - `30d` - Last 30 days
+- `30d` - Last 30 days
 #### Example Request
@ -166,11 +166,11 @@ console.log(result.recommendations); // array of suggestions
 The service automatically assesses violation risk based on:
-  - **Directive Type**: Script violations are higher risk than style violations
+- **Directive Type**: Script violations are higher risk than style violations
-  - **Source Pattern**: External domains vs inline vs data URIs
+- **Source Pattern**: External domains vs inline vs data URIs
-  - **Bypass Indicators**: Known CSP bypass techniques
+- **Bypass Indicators**: Known CSP bypass techniques
-  - **Frequency**: Repeated violations from same source
+- **Frequency**: Repeated violations from same source
-  - **Geographic Factors**: Unusual source locations
+- **Geographic Factors**: Unusual source locations
 #### 3. Bypass Detection
@ -192,10 +192,10 @@ const bypassPatterns = [
 Based on violation patterns, the service provides actionable recommendations:
-  - **Tighten Policies**: Suggest removing broad allowlists
+- **Tighten Policies**: Suggest removing broad allowlists
-  - **Add Domains**: Recommend allowing legitimate external resources
+- **Add Domains**: Recommend allowing legitimate external resources
-  - **Implement Nonces**: Suggest nonce-based policies for inline content
+- **Implement Nonces**: Suggest nonce-based policies for inline content
-  - **Upgrade Directives**: Recommend modern CSP features
+- **Upgrade Directives**: Recommend modern CSP features
 ## Violation Analysis
@ -406,22 +406,22 @@ CSP_ALERT_THRESHOLD=5              # violations per 10 minutes
 ### Rate Limiting
-  - **10 reports per minute per IP** prevents spam attacks
+- **10 reports per minute per IP** prevents spam attacks
-  - **Exponential backoff** for repeated violations from same source
+- **Exponential backoff** for repeated violations from same source
-  - **Memory cleanup** removes old violations automatically
+- **Memory cleanup** removes old violations automatically
 ### Memory Management
-  - **Violation buffer** limited to 7 days of data in memory
+- **Violation buffer** limited to 7 days of data in memory
-  - **Hard cap** of 10,000 violation entries to prevent memory exhaustion
+- **Hard cap** of 10,000 violation entries to prevent memory exhaustion
-  - **Automatic cleanup** runs every 100 requests (1% probability)
+- **Automatic cleanup** runs every 100 requests (1% probability)
-  - **Efficient storage** using Map data structures
+- **Efficient storage** using Map data structures
 ### Database Impact
-  - **No persistent storage** for real-time metrics (memory only)
+- **No persistent storage** for real-time metrics (memory only)
-  - **Optional logging** to database for long-term analysis
+- **Optional logging** to database for long-term analysis
-  - **Indexed queries** for historical data retrieval
+- **Indexed queries** for historical data retrieval
 ## Security Considerations
@ -429,28 +429,28 @@ CSP_ALERT_THRESHOLD=5              # violations per 10 minutes
 **⚠️ Data Collection Notice:**
-  - **IP addresses** are collected and stored in memory for security monitoring
+- **IP addresses** are collected and stored in memory for security monitoring
-  - **User agent strings** are stored for browser compatibility analysis
+- **User agent strings** are stored for browser compatibility analysis
-  - **Legal basis**: Legitimate interest for security incident detection and prevention
+- **Legal basis**: Legitimate interest for security incident detection and prevention
-  - **Retention**: In-memory storage only, automatically purged after 7 days or application restart
+- **Retention**: In-memory storage only, automatically purged after 7 days or application restart
-  - **Data minimization**: Only violation-related metadata is retained, not page content
+- **Data minimization**: Only violation-related metadata is retained, not page content
 **Planned Privacy Enhancements:**
-  - IP anonymization options for GDPR compliance (roadmap)
+- IP anonymization options for GDPR compliance (roadmap)
-  - User agent sanitization to remove sensitive information (roadmap)
+- User agent sanitization to remove sensitive information (roadmap)
 ### Rate-Limiting Protection
-  - **Per-IP limits** prevent DoS attacks on reporting endpoint
+- **Per-IP limits** prevent DoS attacks on reporting endpoint
-  - **Content-type validation** ensures proper report format
+- **Content-type validation** ensures proper report format
-  - **Request size limits** prevent memory exhaustion
+- **Request size limits** prevent memory exhaustion
 ### False Positive Handling
-  - **Learning mode** for new deployments
+- **Learning mode** for new deployments
-  - **Whitelist support** for known legitimate violations
+- **Whitelist support** for known legitimate violations
-  - **Risk score adjustment** based on historical patterns
+- **Risk score adjustment** based on historical patterns
 ## Troubleshooting
@ -499,10 +499,10 @@ if (duration > 2000) {
 ## Related Documentation
-  - [Enhanced CSP Implementation](./security/enhanced-csp.md)
+- [Enhanced CSP Implementation](./security/enhanced-csp.md)
-  - [Security Monitoring](./security-monitoring.md)
+- [Security Monitoring](./security-monitoring.md)
-  - [Security Headers](./security-headers.md)
+- [Security Headers](./security-headers.md)
-  - [Rate Limiting](../lib/rateLimiter.ts)
+- [Rate Limiting](../lib/rateLimiter.ts)
 ## API Reference Summary
--- a/docs/dashboard-components.md
+++ b/docs/dashboard-components.md
@ -12,10 +12,10 @@ The WordCloud component visualizes categories or topics based on their frequency
 **Features:**
-   Dynamic sizing based on frequency
+- Dynamic sizing based on frequency
-   Colorful display with a pleasing color palette
+- Colorful display with a pleasing color palette
-   Responsive design
+- Responsive design
-   Interactive hover effects
+- Interactive hover effects
 ### 2. GeographicMap
@ -25,10 +25,10 @@ This component displays a world map with circles representing the number of sess
 **Features:**
-   Interactive map using React Leaflet
+- Interactive map using React Leaflet
-   Circle sizes scaled by session count
+- Circle sizes scaled by session count
-   Tooltips showing country names and session counts
+- Tooltips showing country names and session counts
-   Responsive design
+- Responsive design
 ### 3. MetricCard
@ -38,10 +38,10 @@ A modern, visually appealing card for displaying key metrics.
 **Features:**
-   Multiple design variants (default, primary, success, warning, danger)
+- Multiple design variants (default, primary, success, warning, danger)
-   Support for trend indicators
+- Support for trend indicators
-   Icons and descriptions
+- Icons and descriptions
-   Clean, modern styling
+- Clean, modern styling
 ### 4. DonutChart
@ -51,10 +51,10 @@ An enhanced donut chart with better styling and a central text display capabilit
 **Features:**
-   Customizable colors
+- Customizable colors
-   Center text area for displaying summaries
+- Center text area for displaying summaries
-   Interactive tooltips with percentages
+- Interactive tooltips with percentages
-   Well-balanced legend display
+- Well-balanced legend display
 ### 5. ResponseTimeDistribution
@ -64,10 +64,10 @@ Visualizes the distribution of response times as a histogram.
 **Features:**
-   Color-coded bars (green for fast, yellow for medium, red for slow)
+- Color-coded bars (green for fast, yellow for medium, red for slow)
-   Target time indicator
+- Target time indicator
-   Automatic binning of response times
+- Automatic binning of response times
-   Clear labeling and scales
+- Clear labeling and scales
 ## Dashboard Enhancements
@ -85,7 +85,7 @@ The dashboard has been enhanced with:
 ## Usage Notes
-   The geographic map and response time distribution use simulated data where actual data is not available
+- The geographic map and response time distribution use simulated data where actual data is not available
-   All components are responsive and will adjust to different screen sizes
+- All components are responsive and will adjust to different screen sizes
-   The dashboard automatically refreshes data when using the refresh button
+- The dashboard automatically refreshes data when using the refresh button
-   Admin users have access to additional controls at the bottom of the dashboard
+- Admin users have access to additional controls at the bottom of the dashboard
--- a/docs/database-connection-pooling.md
+++ b/docs/database-connection-pooling.md
@ -29,42 +29,45 @@ DATABASE_URL="postgresql://user:pass@host:5432/db?connection_limit=20&pool_timeo
 #### Standard Pooling (Default)
-   Uses Prisma's built-in connection pooling
+- Uses Prisma's built-in connection pooling
-   Simpler configuration
+- Simpler configuration
-   Good for development and small-scale deployments
+- Good for development and small-scale deployments
 #### Enhanced Pooling (Recommended for Production)
-   Uses PostgreSQL native connection pooling with `@prisma/adapter-pg`
+- Uses PostgreSQL native connection pooling with `@prisma/adapter-pg`
-   Advanced monitoring and health checks
+- Advanced monitoring and health checks
-   Better resource management
+- Better resource management
-   Detailed connection metrics
+- Detailed connection metrics
 ## Implementation Details
 ### Fixed Issues
 1.  **Multiple PrismaClient Instances**:
-   -   ❌ Before: Each scheduler created its own PrismaClient
+
-   -   ✅ After: All modules use singleton pattern from `lib/prisma.ts`
+- ❌ Before: Each scheduler created its own PrismaClient
 - ✅ After: All modules use singleton pattern from `lib/prisma.ts`
 2.  **No Connection Management**:
-   -   ❌ Before: No graceful shutdown or connection cleanup
+
-   -   ✅ After: Proper cleanup on process termination
+- ❌ Before: No graceful shutdown or connection cleanup
 - ✅ After: Proper cleanup on process termination
 3.  **No Monitoring**:
-   -   ❌ Before: No visibility into connection usage
+
-   -   ✅ After: Health check endpoint and connection metrics
+- ❌ Before: No visibility into connection usage
 - ✅ After: Health check endpoint and connection metrics
 ### Key Files Modified
-   `lib/prisma.ts` - Enhanced singleton with pooling options
+- `lib/prisma.ts` - Enhanced singleton with pooling options
-   `lib/database-pool.ts` - Advanced pooling configuration
+- `lib/database-pool.ts` - Advanced pooling configuration
-   `lib/processingScheduler.ts` - Fixed to use singleton
+- `lib/processingScheduler.ts` - Fixed to use singleton
-   `lib/importProcessor.ts` - Fixed to use singleton
+- `lib/importProcessor.ts` - Fixed to use singleton
-   `lib/processingStatusManager.ts` - Fixed to use singleton
+- `lib/processingStatusManager.ts` - Fixed to use singleton
-   `lib/schedulers.ts` - Added graceful shutdown
+- `lib/schedulers.ts` - Added graceful shutdown
-   `app/api/admin/database-health/route.ts` - Monitoring endpoint
+- `app/api/admin/database-health/route.ts` - Monitoring endpoint
 ## Monitoring
@ -79,36 +82,36 @@ curl -H "Authorization: Bearer your-token" \
 Response includes:
-   Connection status
+- Connection status
-   Pool statistics (if enhanced pooling enabled)
+- Pool statistics (if enhanced pooling enabled)
-   Basic metrics (session counts, etc.)
+- Basic metrics (session counts, etc.)
-   Configuration details
+- Configuration details
 ### Connection Metrics
 With enhanced pooling enabled, you'll see console logs for:
-   Connection acquisitions/releases
+- Connection acquisitions/releases
-   Pool size changes
+- Pool size changes
-   Error events
+- Error events
-   Health check results
+- Health check results
 ## Performance Benefits
 ### Before Optimization
-   Multiple connection pools (one per scheduler)
+- Multiple connection pools (one per scheduler)
-   Potential connection exhaustion under load
+- Potential connection exhaustion under load
-   No connection monitoring
+- No connection monitoring
-   Resource waste from idle connections
+- Resource waste from idle connections
 ### After Optimization
-   Single shared connection pool
+- Single shared connection pool
-   Configurable pool size and timeouts
+- Configurable pool size and timeouts
-   Connection health monitoring
+- Connection health monitoring
-   Graceful shutdown and cleanup
+- Graceful shutdown and cleanup
-   Better resource utilization
+- Better resource utilization
 ## Recommended Settings
--- a/docs/database-performance-optimizations.md
+++ b/docs/database-performance-optimizations.md
@ -6,10 +6,10 @@ This document outlines the comprehensive database performance optimizations impl
 The optimization focuses on the most frequently queried patterns in the application, particularly around:
-  - AI processing request tracking and batching
+- AI processing request tracking and batching
-  - Session analytics and filtering
+- Session analytics and filtering
-  - Security audit log analysis
+- Security audit log analysis
-  - Multi-tenant data isolation performance
+- Multi-tenant data isolation performance
 ## Applied Optimizations
@ -31,9 +31,9 @@ INCLUDE ("processingStatus", "batchId", "requestedAt", "sessionId");
 **Impact**:
-  - ~70% faster batch job queries
+- ~70% faster batch job queries
-  - Reduced I/O for cost analysis reports
+- Reduced I/O for cost analysis reports
-  - Improved scheduler performance
+- Improved scheduler performance
 ### 2. Session Analytics Optimizations
@ -54,9 +54,9 @@ INCLUDE ("startTime", "messagesSent");
 **Impact**:
-  - ~85% faster dashboard load times
+- ~85% faster dashboard load times
-  - Efficient date range filtering
+- Efficient date range filtering
-  - Optimized sentiment analysis queries
+- Optimized sentiment analysis queries
 ### 3. Security Audit Log Optimizations
@ -77,9 +77,9 @@ INCLUDE ("eventType", "severity", "userId", "companyId");
 **Impact**:
-  - ~90% faster security monitoring
+- ~90% faster security monitoring
-  - Efficient threat detection
+- Efficient threat detection
-  - Improved compliance reporting
+- Improved compliance reporting
 ### 4. Message Processing Optimizations
@ -95,8 +95,8 @@ INCLUDE ("content");
 **Impact**:
-  - ~60% faster conversation loading
+- ~60% faster conversation loading
-  - Reduced memory usage for message queries
+- Reduced memory usage for message queries
 ### 5. Processing Pipeline Optimizations
@ -118,29 +118,29 @@ INCLUDE ("sessionId", "errorMessage", "retryCount", "startedAt");
 **Impact**:
-  - ~75% faster processing monitoring
+- ~75% faster processing monitoring
-  - Efficient error tracking
+- Efficient error tracking
-  - Improved retry logic performance
+- Improved retry logic performance
 ## Index Strategy Principles
 ### 1. Composite Index Design
-  - **Leading column**: Most selective filter (usually companyId for multi-tenancy)
+- **Leading column**: Most selective filter (usually companyId for multi-tenancy)
-  - **Secondary columns**: Common WHERE clause filters
+- **Secondary columns**: Common WHERE clause filters
-  - **Covering columns**: SELECT list columns via INCLUDE
+- **Covering columns**: SELECT list columns via INCLUDE
 ### 2. Partial Indexes
-  - Used for error analysis and specific status filtering
+- Used for error analysis and specific status filtering
-  - Reduces index size and maintenance overhead
+- Reduces index size and maintenance overhead
-  - Improves write performance
+- Improves write performance
 ### 3. Covering Indexes
-  - Include frequently accessed columns to avoid table lookups
+- Include frequently accessed columns to avoid table lookups
-  - Reduces I/O for read-heavy operations
+- Reduces I/O for read-heavy operations
-  - Particularly effective for dashboard queries
+- Particularly effective for dashboard queries
 ## Query Pattern Analysis
@ -166,29 +166,29 @@ INCLUDE ("sessionId", "errorMessage", "retryCount", "startedAt");
 ### Index Monitoring
-  - Monitor index usage with `pg_stat_user_indexes`
+- Monitor index usage with `pg_stat_user_indexes`
-  - Track bloat with `pg_stat_user_tables`
+- Track bloat with `pg_stat_user_tables`
-  - Regular ANALYZE after bulk operations
+- Regular ANALYZE after bulk operations
 ### Write Performance Impact
-  - Composite indexes add ~15% write overhead
+- Composite indexes add ~15% write overhead
-  - Offset by dramatic read performance gains
+- Offset by dramatic read performance gains
-  - Monitored via slow query logs
+- Monitored via slow query logs
 ### Storage Impact
-  - Indexes add ~25% to total storage
+- Indexes add ~25% to total storage
-  - Covering indexes reduce need for table scans
+- Covering indexes reduce need for table scans
-  - Partial indexes minimize storage overhead
+- Partial indexes minimize storage overhead
 ## Migration Safety
 ### CONCURRENTLY Operations
-  - All indexes created with `CREATE INDEX CONCURRENTLY`
+- All indexes created with `CREATE INDEX CONCURRENTLY`
-  - No table locks during creation
+- No table locks during creation
-  - Production-safe deployment
+- Production-safe deployment
 ### Rollback Strategy
@ -238,18 +238,18 @@ LIMIT 10;
 ### Monitoring Strategy
-  - Set up automated index usage monitoring
+- Set up automated index usage monitoring
-  - Track slow query evolution
+- Track slow query evolution
-  - Monitor storage growth patterns
+- Monitor storage growth patterns
-  - Implement performance alerting
+- Implement performance alerting
 ## Conclusion
 These database optimizations provide:
-  - **70-90% improvement** in query performance
+- **70-90% improvement** in query performance
-  - **Reduced server load** through efficient indexing
+- **Reduced server load** through efficient indexing
-  - **Better user experience** with faster dashboards
+- **Better user experience** with faster dashboards
-  - **Scalable foundation** for future growth
+- **Scalable foundation** for future growth
 The optimizations are designed to be production-safe and monitoring-friendly, ensuring both immediate performance gains and long-term maintainability.
--- a/docs/neon-database-optimization.md
+++ b/docs/neon-database-optimization.md
@ -15,21 +15,21 @@ Can't reach database server at `ep-tiny-math-a2zsshve-pooler.eu-central-1.aws.ne
 ### 1. Neon Connection Limits
-   **Free Tier**: 20 concurrent connections
+- **Free Tier**: 20 concurrent connections
-   **Pro Tier**: 100 concurrent connections
+- **Pro Tier**: 100 concurrent connections
-   **Multiple schedulers** can quickly exhaust connections
+- **Multiple schedulers** can quickly exhaust connections
 ### 2. Connection Pooling Issues
-   Each scheduler was creating separate PrismaClient instances
+- Each scheduler was creating separate PrismaClient instances
-   No connection reuse between operations
+- No connection reuse between operations
-   No retry logic for temporary failures
+- No retry logic for temporary failures
 ### 3. Neon-Specific Challenges
-   **Auto-pause**: Databases pause after inactivity
+- **Auto-pause**: Databases pause after inactivity
-   **Cold starts**: First connection after pause takes longer
+- **Cold starts**: First connection after pause takes longer
-   **Regional latency**: eu-central-1 may have variable latency
+- **Regional latency**: eu-central-1 may have variable latency
 ## Solutions Implemented
@ -106,9 +106,9 @@ curl -H "Authorization: Bearer YOUR_API_TOKEN" \
 ### 2. Neon Dashboard Monitoring
-   Monitor "Active connections" in Neon dashboard
+- Monitor "Active connections" in Neon dashboard
-   Check for connection spikes during scheduler runs
+- Check for connection spikes during scheduler runs
-   Review query performance and slow queries
+- Review query performance and slow queries
 ### 3. Application Logs
@ -158,9 +158,9 @@ const prisma = new PrismaClient({
 **Causes:**
-   Neon database auto-paused
+- Neon database auto-paused
-   Connection limit exceeded
+- Connection limit exceeded
-   Network issues
+- Network issues
 **Solutions:**
@ -173,9 +173,9 @@ const prisma = new PrismaClient({
 **Causes:**
-   Idle connection timeout
+- Idle connection timeout
-   Neon maintenance
+- Neon maintenance
-   Long-running transactions
+- Long-running transactions
 **Solutions:**
@ -187,9 +187,9 @@ const prisma = new PrismaClient({
 **Causes:**
-   Blocking database operations
+- Blocking database operations
-   Scheduler overlap
+- Scheduler overlap
-   High CPU usage
+- High CPU usage
 **Solutions:**
@ -230,10 +230,10 @@ SESSION_PROCESSING_INTERVAL="0 */2 * * *"
 ## Monitoring Checklist
-   [ ] Check Neon dashboard for connection spikes
+- [ ] Check Neon dashboard for connection spikes
-   [ ] Monitor scheduler execution times
+- [ ] Monitor scheduler execution times
-   [ ] Review error logs for connection patterns
+- [ ] Review error logs for connection patterns
-   [ ] Test health endpoint regularly
+- [ ] Test health endpoint regularly
-   [ ] Set up alerts for connection failures
+- [ ] Set up alerts for connection failures
 With these optimizations, your Neon database connections should be much more stable and efficient!
--- a/docs/postgresql-migration.md
+++ b/docs/postgresql-migration.md
@ -17,48 +17,48 @@ Successfully migrated the livedash-node application from SQLite to PostgreSQL us
 #### Production/Development
-   **Provider**: PostgreSQL (Neon)
+- **Provider**: PostgreSQL (Neon)
-   **Environment Variable**: `DATABASE_URL`
+- **Environment Variable**: `DATABASE_URL`
-   **Connection**: Neon PostgreSQL cluster
+- **Connection**: Neon PostgreSQL cluster
 #### Testing
-   **Provider**: PostgreSQL (Neon - separate database)
+- **Provider**: PostgreSQL (Neon - separate database)
-   **Environment Variable**: `DATABASE_URL_TEST`
+- **Environment Variable**: `DATABASE_URL_TEST`
-   **Test Setup**: Automatically switches to test database during test runs
+- **Test Setup**: Automatically switches to test database during test runs
 ### Files Modified
 1.  **`prisma/schema.prisma`**
-   Changed provider from `sqlite` to `postgresql`
+- Changed provider from `sqlite` to `postgresql`
-   Updated URL to use `env("DATABASE_URL")`
+- Updated URL to use `env("DATABASE_URL")`
 2.  **`tests/setup.ts`**
-   Added logic to use `DATABASE_URL_TEST` when available
+- Added logic to use `DATABASE_URL_TEST` when available
-   Ensures test isolation with separate database
+- Ensures test isolation with separate database
 3.  **`.env`** (created)
-   Contains `DATABASE_URL` for Prisma CLI operations
+- Contains `DATABASE_URL` for Prisma CLI operations
 4.  **`.env.local`** (existing)
-   Contains both `DATABASE_URL` and `DATABASE_URL_TEST`
+- Contains both `DATABASE_URL` and `DATABASE_URL_TEST`
 ### Database Schema
 All existing models and relationships were preserved:
-   **Company**: Multi-tenant root entity
+- **Company**: Multi-tenant root entity
-   **User**: Authentication and authorization
+- **User**: Authentication and authorization
-   **Session**: Processed session data
+- **Session**: Processed session data
-   **SessionImport**: Raw CSV import data
+- **SessionImport**: Raw CSV import data
-   **Message**: Individual conversation messages
+- **Message**: Individual conversation messages
-   **Question**: Normalized question storage
+- **Question**: Normalized question storage
-   **SessionQuestion**: Session-question relationships
+- **SessionQuestion**: Session-question relationships
-   **AIProcessingRequest**: AI cost tracking
+- **AIProcessingRequest**: AI cost tracking
 ### Migration Process
@ -103,11 +103,11 @@ if (process.env.DATABASE_URL_TEST) {
 All tests pass successfully:
-   ✅ Environment configuration tests
+- ✅ Environment configuration tests
-   ✅ Transcript fetcher tests
+- ✅ Transcript fetcher tests
-   ✅ Database connection tests
+- ✅ Database connection tests
-   ✅ Schema validation tests
+- ✅ Schema validation tests
-   ✅ CRUD operation tests
+- ✅ CRUD operation tests
 ### Next Steps
--- a/docs/scheduler-architecture.md
+++ b/docs/scheduler-architecture.md
@ -6,11 +6,11 @@ This document describes the extracted scheduler architecture that enables horizo
 The scheduler system has been refactored from a monolithic approach to a service-oriented architecture that supports:
-   **Individual Scheduler Services** - Each scheduler runs as a separate service
+- **Individual Scheduler Services** - Each scheduler runs as a separate service
-   **Horizontal Scaling** - Multiple instances of the same scheduler can run across different machines
+- **Horizontal Scaling** - Multiple instances of the same scheduler can run across different machines
-   **Health Monitoring** - Built-in health checks for load balancers and orchestrators
+- **Health Monitoring** - Built-in health checks for load balancers and orchestrators
-   **Graceful Shutdown** - Proper handling of shutdown signals for zero-downtime deployments
+- **Graceful Shutdown** - Proper handling of shutdown signals for zero-downtime deployments
-   **Centralized Management** - Optional scheduler manager for coordinated operations
+- **Centralized Management** - Optional scheduler manager for coordinated operations
 ## Components
@ -34,11 +34,11 @@ export abstract class BaseSchedulerService extends EventEmitter {
 **Features:**
-   Status management (STOPPED, STARTING, RUNNING, PAUSED, ERROR)
+- Status management (STOPPED, STARTING, RUNNING, PAUSED, ERROR)
-   Metrics collection (run counts, timing, success/failure rates)
+- Metrics collection (run counts, timing, success/failure rates)
-   Event emission for monitoring
+- Event emission for monitoring
-   Configurable intervals and timeouts
+- Configurable intervals and timeouts
-   Automatic retry handling
+- Automatic retry handling
 ### 2. Individual Scheduler Services
@ -57,16 +57,16 @@ const csvScheduler = new CsvImportSchedulerService({
 **Features:**
-   Batch processing with configurable concurrency
+- Batch processing with configurable concurrency
-   Duplicate detection
+- Duplicate detection
-   Company-specific error handling
+- Company-specific error handling
-   Progress monitoring
+- Progress monitoring
 #### Additional Schedulers (To Be Implemented)
-   `ImportProcessingSchedulerService` - Process imported CSV data into sessions
+- `ImportProcessingSchedulerService` - Process imported CSV data into sessions
-   `SessionProcessingSchedulerService` - AI analysis and categorization
+- `SessionProcessingSchedulerService` - AI analysis and categorization
-   `BatchProcessingSchedulerService` - OpenAI Batch API integration
+- `BatchProcessingSchedulerService` - OpenAI Batch API integration
 ### 3. SchedulerManager
@ -88,10 +88,10 @@ await manager.startAll();
 **Features:**
-   Automatic restart of failed critical schedulers
+- Automatic restart of failed critical schedulers
-   Health monitoring across all schedulers
+- Health monitoring across all schedulers
-   Coordinated start/stop operations
+- Coordinated start/stop operations
-   Event aggregation and logging
+- Event aggregation and logging
 ### 4. Standalone Scheduler Runner
@ -107,10 +107,10 @@ npx tsx lib/services/schedulers/StandaloneSchedulerRunner.ts --list
 **Features:**
-   Independent process execution
+- Independent process execution
-   Environment variable configuration
+- Environment variable configuration
-   Graceful shutdown handling
+- Graceful shutdown handling
-   Health reporting for monitoring
+- Health reporting for monitoring
 ## Deployment Patterns
@ -127,15 +127,15 @@ await initializeSchedulers();
 **Pros:**
-   Simple deployment
+- Simple deployment
-   Lower resource usage
+- Lower resource usage
-   Easy local development
+- Easy local development
 **Cons:**
-   Limited scalability
+- Limited scalability
-   Single point of failure
+- Single point of failure
-   Resource contention
+- Resource contention
 ### 2. Separate Processes
@ -154,15 +154,15 @@ npm run scheduler:session-processing
 **Pros:**
-   Independent scaling
+- Independent scaling
-   Fault isolation
+- Fault isolation
-   Resource optimization per scheduler
+- Resource optimization per scheduler
 **Cons:**
-   More complex deployment
+- More complex deployment
-   Higher resource overhead
+- Higher resource overhead
-   Inter-process coordination needed
+- Inter-process coordination needed
 ### 3. Container Orchestration (Recommended for Production)
@ -193,16 +193,16 @@ services:
 **Pros:**
-   Full horizontal scaling
+- Full horizontal scaling
-   Independent resource allocation
+- Independent resource allocation
-   Health monitoring integration
+- Health monitoring integration
-   Zero-downtime deployments
+- Zero-downtime deployments
 **Cons:**
-   Complex orchestration setup
+- Complex orchestration setup
-   Network latency considerations
+- Network latency considerations
-   Distributed system challenges
+- Distributed system challenges
 ## Configuration
@ -380,31 +380,35 @@ csv-import-scheduler-eu:
 ### From Current Architecture
 1.  **Phase 1: Extract Schedulers**
-   -   ✅ Create BaseSchedulerService
+
-   -   ✅ Implement CsvImportSchedulerService
+- ✅ Create BaseSchedulerService
-   -   ✅ Create SchedulerManager
+- ✅ Implement CsvImportSchedulerService
-   -   ⏳ Implement remaining scheduler services
+- ✅ Create SchedulerManager
 - ⏳ Implement remaining scheduler services
 2.  **Phase 2: Deployment Options**
-   -   ✅ Add ServerSchedulerIntegration for backwards compatibility
+
-   -   ✅ Create StandaloneSchedulerRunner
+- ✅ Add ServerSchedulerIntegration for backwards compatibility
-   -   ✅ Add health check endpoints
+- ✅ Create StandaloneSchedulerRunner
 - ✅ Add health check endpoints
 3.  **Phase 3: Container Support**
-   -   ⏳ Create Dockerfile for scheduler containers
+
-   -   ⏳ Add Kubernetes manifests
+- ⏳ Create Dockerfile for scheduler containers
-   -   ⏳ Implement distributed coordination
+- ⏳ Add Kubernetes manifests
 - ⏳ Implement distributed coordination
 4.  **Phase 4: Production Migration**
-   -   ⏳ Deploy separate scheduler containers
+
-   -   ⏳ Monitor performance and stability
+- ⏳ Deploy separate scheduler containers
-   -   ⏳ Gradually increase horizontal scaling
+- ⏳ Monitor performance and stability
 - ⏳ Gradually increase horizontal scaling
 ### Breaking Changes
-   Scheduler initialization moved from `server.ts` to `ServerSchedulerIntegration`
+- Scheduler initialization moved from `server.ts` to `ServerSchedulerIntegration`
-   Individual scheduler functions replaced with service classes
+- Individual scheduler functions replaced with service classes
-   Configuration moved to environment variables
+- Configuration moved to environment variables
 ## Benefits
--- a/docs/scheduler-fixes.md
+++ b/docs/scheduler-fixes.md
@ -8,8 +8,8 @@
 **Solution**:
-   Added validation in `fetchAndStoreSessionsForAllCompanies()` to skip companies with example/invalid URLs
+- Added validation in `fetchAndStoreSessionsForAllCompanies()` to skip companies with example/invalid URLs
-   Removed the invalid company record from the database using `fix_companies.js`
+- Removed the invalid company record from the database using `fix_companies.js`
 ### 2. Transcript Fetching Errors
@ -17,10 +17,10 @@
 **Solution**:
-   Improved error handling in `fetchTranscriptContent()` function
+- Improved error handling in `fetchTranscriptContent()` function
-   Added probabilistic logging (only ~10% of errors logged) to prevent log spam
+- Added probabilistic logging (only ~10% of errors logged) to prevent log spam
-   Added timeout (10 seconds) for transcript fetching
+- Added timeout (10 seconds) for transcript fetching
-   Made transcript fetching failures non-blocking (sessions are still created without transcript content)
+- Made transcript fetching failures non-blocking (sessions are still created without transcript content)
 ### 3. CSV Fetching Errors
@ -28,8 +28,8 @@
 **Solution**:
-   Added URL validation to skip companies with `example.com` URLs
+- Added URL validation to skip companies with `example.com` URLs
-   Improved error logging to be more descriptive
+- Improved error logging to be more descriptive
 ## Current Status
@ -42,23 +42,23 @@
 After cleanup, only valid companies remain:
-   **Demo Company** (`790b9233-d369-451f-b92c-f4dceb42b649`)
+- **Demo Company** (`790b9233-d369-451f-b92c-f4dceb42b649`)
-    -   CSV URL: `https://proto.notso.ai/jumbo/chats`
+  - CSV URL: `https://proto.notso.ai/jumbo/chats`
-    -   Has valid authentication credentials
+  - Has valid authentication credentials
-    -   107 sessions in database
+  - 107 sessions in database
 ## Files Modified
 1.  **lib/csvFetcher.js**
-   Added company URL validation
+- Added company URL validation
-   Improved transcript fetching error handling
+- Improved transcript fetching error handling
-   Reduced error log verbosity
+- Reduced error log verbosity
 2.  **fix_companies.js** (cleanup script)
-   Removes invalid company records
+- Removes invalid company records
-   Can be run again if needed
+- Can be run again if needed
 ## Monitoring
--- a/docs/security-audit-logging.md
+++ b/docs/security-audit-logging.md
@ -12,49 +12,49 @@ The security audit logging system provides comprehensive tracking of security-cr
 The system logs the following event types:
-   **Authentication Events**: Login attempts, password changes, session management
+- **Authentication Events**: Login attempts, password changes, session management
-   **Authorization Events**: Permission checks, access denied events
+- **Authorization Events**: Permission checks, access denied events
-   **User Management**: User creation, modification, deletion, invitations
+- **User Management**: User creation, modification, deletion, invitations
-   **Company Management**: Company suspension, settings changes
+- **Company Management**: Company suspension, settings changes
-   **Rate Limiting**: Abuse prevention and rate limit violations
+- **Rate Limiting**: Abuse prevention and rate limit violations
-   **CSRF Protection**: Cross-site request forgery protection events
+- **CSRF Protection**: Cross-site request forgery protection events
-   **Security Headers**: Security header violations
+- **Security Headers**: Security header violations
-   **Password Reset**: Password reset flows and token validation
+- **Password Reset**: Password reset flows and token validation
-   **Platform Admin**: Administrative activities by platform users
+- **Platform Admin**: Administrative activities by platform users
-   **Data Privacy**: Data export and privacy-related events
+- **Data Privacy**: Data export and privacy-related events
-   **System Configuration**: System setting changes
+- **System Configuration**: System setting changes
-   **API Security**: API-related security events
+- **API Security**: API-related security events
 ### 2. Structured Logging
 Each audit log entry includes:
-   **Event Type**: Categorizes the security event
+- **Event Type**: Categorizes the security event
-   **Action**: Specific action performed
+- **Action**: Specific action performed
-   **Outcome**: Success, failure, blocked, rate limited, or suspicious
+- **Outcome**: Success, failure, blocked, rate limited, or suspicious
-   **Severity**: Info, low, medium, high, or critical
+- **Severity**: Info, low, medium, high, or critical
-   **Context**: User ID, company ID, platform user ID, IP address, user agent
+- **Context**: User ID, company ID, platform user ID, IP address, user agent
-   **Metadata**: Structured additional information
+- **Metadata**: Structured additional information
-   **Timestamp**: Immutable timestamp for chronological ordering
+- **Timestamp**: Immutable timestamp for chronological ordering
 ### 3. Multi-Tenant Security
-   Company-scoped audit logs ensure data isolation
+- Company-scoped audit logs ensure data isolation
-   Platform admin actions tracked separately
+- Platform admin actions tracked separately
-   Role-based access controls for audit log viewing
+- Role-based access controls for audit log viewing
 ### 4. Log Retention and Management
-   **Configurable Retention Policies**: Different retention periods based on event type and severity
+- **Configurable Retention Policies**: Different retention periods based on event type and severity
-   **Automatic Archival**: Critical and high-severity events archived before deletion
+- **Automatic Archival**: Critical and high-severity events archived before deletion
-   **Scheduled Cleanup**: Weekly automated retention policy execution
+- **Scheduled Cleanup**: Weekly automated retention policy execution
-   **Manual Controls**: Admin interface for manual retention execution
+- **Manual Controls**: Admin interface for manual retention execution
 ### 5. Administrative Interface
-   **Audit Log Viewer**: Comprehensive filtering and search capabilities
+- **Audit Log Viewer**: Comprehensive filtering and search capabilities
-   **Retention Management**: View statistics and execute retention policies
+- **Retention Management**: View statistics and execute retention policies
-   **Real-time Monitoring**: Track security events as they occur
+- **Real-time Monitoring**: Track security events as they occur
 ## Architecture
@ -132,12 +132,12 @@ Administrators can access audit logs through:
 ### Filtering Options
-   Event type (authentication, authorization, etc.)
+- Event type (authentication, authorization, etc.)
-   Outcome (success, failure, blocked, etc.)
+- Outcome (success, failure, blocked, etc.)
-   Severity level (info, low, medium, high, critical)
+- Severity level (info, low, medium, high, critical)
-   Date range
+- Date range
-   User ID
+- User ID
-   Pagination support
+- Pagination support
 ## Configuration
@ -170,51 +170,51 @@ AUDIT_LOG_RETENTION_DRY_RUN=false
 ### Data Protection
-   **IP Address Storage**: Client IP addresses stored for geographic analysis
+- **IP Address Storage**: Client IP addresses stored for geographic analysis
-   **Sensitive Data Redaction**: Passwords, tokens, and emails marked as `[REDACTED]`
+- **Sensitive Data Redaction**: Passwords, tokens, and emails marked as `[REDACTED]`
-   **Metadata Sanitization**: Complex objects sanitized to prevent data leakage
+- **Metadata Sanitization**: Complex objects sanitized to prevent data leakage
 ### Access Controls
-   **Admin-Only Access**: Only users with `ADMIN` role can view audit logs
+- **Admin-Only Access**: Only users with `ADMIN` role can view audit logs
-   **Company Isolation**: Users can only view logs for their own company
+- **Company Isolation**: Users can only view logs for their own company
-   **Platform Separation**: Platform admin logs tracked separately
+- **Platform Separation**: Platform admin logs tracked separately
 ### Performance
-   **Async Logging**: All logging operations are asynchronous to avoid blocking
+- **Async Logging**: All logging operations are asynchronous to avoid blocking
-   **Error Handling**: Logging failures don't affect application functionality
+- **Error Handling**: Logging failures don't affect application functionality
-   **Indexed Queries**: Database indexes optimize common query patterns
+- **Indexed Queries**: Database indexes optimize common query patterns
-   **Batch Operations**: Retention policies use batch operations for efficiency
+- **Batch Operations**: Retention policies use batch operations for efficiency
 ## Compliance Features
 ### Audit Standards
-   **Immutable Records**: Audit logs cannot be modified after creation
+- **Immutable Records**: Audit logs cannot be modified after creation
-   **Chronological Ordering**: Precise timestamps for event sequencing
+- **Chronological Ordering**: Precise timestamps for event sequencing
-   **Non-Repudiation**: User actions clearly attributed and timestamped
+- **Non-Repudiation**: User actions clearly attributed and timestamped
-   **Comprehensive Coverage**: All security-relevant events logged
+- **Comprehensive Coverage**: All security-relevant events logged
 ### Reporting
-   **Event Statistics**: Summary statistics by event type, severity, and time period
+- **Event Statistics**: Summary statistics by event type, severity, and time period
-   **Export Capabilities**: Structured data export for compliance reporting
+- **Export Capabilities**: Structured data export for compliance reporting
-   **Retention Tracking**: Detailed logging of retention policy execution
+- **Retention Tracking**: Detailed logging of retention policy execution
 ## Monitoring and Alerting
 ### System Health
-   **Scheduler Status**: Monitor retention scheduler health
+- **Scheduler Status**: Monitor retention scheduler health
-   **Error Tracking**: Log retention and audit logging errors
+- **Error Tracking**: Log retention and audit logging errors
-   **Performance Metrics**: Track logging performance and database impact
+- **Performance Metrics**: Track logging performance and database impact
 ### Security Monitoring
-   **Failed Authentication Patterns**: Track repeated login failures
+- **Failed Authentication Patterns**: Track repeated login failures
-   **Privilege Escalation**: Monitor administrative action patterns
+- **Privilege Escalation**: Monitor administrative action patterns
-   **Suspicious Activity**: Identify unusual access patterns
+- **Suspicious Activity**: Identify unusual access patterns
 ## Troubleshooting
@ -227,9 +227,9 @@ AUDIT_LOG_RETENTION_DRY_RUN=false
 ### Debug Information
-   Check application logs for scheduler startup messages
+- Check application logs for scheduler startup messages
-   Monitor database query performance for audit log operations
+- Monitor database query performance for audit log operations
-   Review retention policy validation warnings
+- Review retention policy validation warnings
 ## Best Practices
@ -251,13 +251,13 @@ AUDIT_LOG_RETENTION_DRY_RUN=false
 ### Planned Features
-   **Real-time Alerting**: Immediate notifications for critical security events
+- **Real-time Alerting**: Immediate notifications for critical security events
-   **Advanced Analytics**: ML-based anomaly detection and pattern recognition
+- **Advanced Analytics**: ML-based anomaly detection and pattern recognition
-   **Export Formats**: Additional export formats for compliance reporting
+- **Export Formats**: Additional export formats for compliance reporting
-   **External Integration**: SIEM and security tool integrations
+- **External Integration**: SIEM and security tool integrations
 ### Performance Optimizations
-   **Log Partitioning**: Database partitioning for improved query performance
+- **Log Partitioning**: Database partitioning for improved query performance
-   **Compression**: Log compression for storage efficiency
+- **Compression**: Log compression for storage efficiency
-   **Streaming**: Real-time log streaming for external systems
+- **Streaming**: Real-time log streaming for external systems
--- a/docs/security-headers.md
+++ b/docs/security-headers.md
@ -12,33 +12,33 @@ The application implements multiple layers of HTTP security headers to provide d
 #### X-Content-Type-Options: nosniff
-   **Purpose**: Prevents MIME type sniffing attacks
+- **Purpose**: Prevents MIME type sniffing attacks
-   **Protection**: Stops browsers from interpreting files as different MIME types than declared
+- **Protection**: Stops browsers from interpreting files as different MIME types than declared
-   **Value**: `nosniff`
+- **Value**: `nosniff`
 #### X-Frame-Options: DENY
-   **Purpose**: Prevents clickjacking attacks
+- **Purpose**: Prevents clickjacking attacks
-   **Protection**: Blocks embedding the site in frames/iframes
+- **Protection**: Blocks embedding the site in frames/iframes
-   **Value**: `DENY`
+- **Value**: `DENY`
 #### X-XSS-Protection: 1; mode=block
-   **Purpose**: Enables XSS protection in legacy browsers
+- **Purpose**: Enables XSS protection in legacy browsers
-   **Protection**: Activates built-in XSS filtering (primarily for older browsers)
+- **Protection**: Activates built-in XSS filtering (primarily for older browsers)
-   **Value**: `1; mode=block`
+- **Value**: `1; mode=block`
 #### Referrer-Policy: strict-origin-when-cross-origin
-   **Purpose**: Controls referrer information leakage
+- **Purpose**: Controls referrer information leakage
-   **Protection**: Limits referrer data sent to external sites
+- **Protection**: Limits referrer data sent to external sites
-   **Value**: `strict-origin-when-cross-origin`
+- **Value**: `strict-origin-when-cross-origin`
 #### X-DNS-Prefetch-Control: off
-   **Purpose**: Prevents DNS rebinding attacks
+- **Purpose**: Prevents DNS rebinding attacks
-   **Protection**: Disables DNS prefetching to reduce attack surface
+- **Protection**: Disables DNS prefetching to reduce attack surface
-   **Value**: `off`
+- **Value**: `off`
 ### Content Security Policy (CSP)
@ -50,13 +50,13 @@ Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'un
 #### Key CSP Directives
-   **default-src 'self'**: Restrictive default for all resource types
+- **default-src 'self'**: Restrictive default for all resource types
-   **script-src 'self' 'unsafe-eval' 'unsafe-inline'**: Allows Next.js dev tools and React functionality
+- **script-src 'self' 'unsafe-eval' 'unsafe-inline'**: Allows Next.js dev tools and React functionality
-   **style-src 'self' 'unsafe-inline'**: Enables TailwindCSS and component styles
+- **style-src 'self' 'unsafe-inline'**: Enables TailwindCSS and component styles
-   **img-src 'self' data: https:**: Allows secure image sources
+- **img-src 'self' data: https:**: Allows secure image sources
-   **frame-ancestors 'none'**: Prevents embedding (reinforces X-Frame-Options)
+- **frame-ancestors 'none'**: Prevents embedding (reinforces X-Frame-Options)
-   **object-src 'none'**: Blocks dangerous plugins and embeds
+- **object-src 'none'**: Blocks dangerous plugins and embeds
-   **upgrade-insecure-requests**: Automatically upgrades HTTP to HTTPS
+- **upgrade-insecure-requests**: Automatically upgrades HTTP to HTTPS
 ### Permissions Policy
@ -66,19 +66,19 @@ Controls browser feature access:
 Permissions-Policy: camera=(), microphone=(), geolocation=(), interest-cohort=(), browsing-topics=()
 ```
-   **camera=()**: Disables camera access
+- **camera=()**: Disables camera access
-   **microphone=()**: Disables microphone access
+- **microphone=()**: Disables microphone access
-   **geolocation=()**: Disables location tracking
+- **geolocation=()**: Disables location tracking
-   **interest-cohort=()**: Blocks FLoC (privacy protection)
+- **interest-cohort=()**: Blocks FLoC (privacy protection)
-   **browsing-topics=()**: Blocks Topics API (privacy protection)
+- **browsing-topics=()**: Blocks Topics API (privacy protection)
 ### Strict Transport Security (HSTS)
 **Production Only**: `Strict-Transport-Security: max-age=31536000; includeSubDomains; preload`
-   **max-age=31536000**: 1 year HSTS policy
+- **max-age=31536000**: 1 year HSTS policy
-   **includeSubDomains**: Applies to all subdomains
+- **includeSubDomains**: Applies to all subdomains
-   **preload**: Ready for HSTS preload list inclusion
+- **preload**: Ready for HSTS preload list inclusion
 ## Configuration
@ -110,8 +110,8 @@ headers: async () => {
 ### Environment-Specific Behavior
-   **Development**: All headers except HSTS
+- **Development**: All headers except HSTS
-   **Production**: All headers including HSTS
+- **Production**: All headers including HSTS
 ## Testing
@ -121,11 +121,11 @@ Location: `tests/unit/http-security-headers.test.ts`
 Tests cover:
-   Individual header validation
+- Individual header validation
-   CSP directive verification
+- CSP directive verification
-   Permissions Policy validation
+- Permissions Policy validation
-   Environment-specific configuration
+- Environment-specific configuration
-   Next.js compatibility checks
+- Next.js compatibility checks
 ### Integration Tests
@ -133,9 +133,9 @@ Location: `tests/integration/security-headers-basic.test.ts`
 Tests cover:
-   Next.js configuration validation
+- Next.js configuration validation
-   Header generation verification
+- Header generation verification
-   Environment-based header differences
+- Environment-based header differences
 ### Manual Testing
@ -160,11 +160,11 @@ pnpm test:security-headers https://your-domain.com
 ### Additional Security Benefits
-   **Clickjacking Protection**: X-Frame-Options + CSP frame-ancestors
+- **Clickjacking Protection**: X-Frame-Options + CSP frame-ancestors
-   **MIME Sniffing Prevention**: X-Content-Type-Options
+- **MIME Sniffing Prevention**: X-Content-Type-Options
-   **Information Leakage Reduction**: Referrer-Policy
+- **Information Leakage Reduction**: Referrer-Policy
-   **Privacy Protection**: Permissions Policy restrictions
+- **Privacy Protection**: Permissions Policy restrictions
-   **Transport Security**: HSTS enforcement
+- **Transport Security**: HSTS enforcement
 ## Maintenance
@ -176,9 +176,9 @@ pnpm test:security-headers https://your-domain.com
 ### Monitoring
-   Monitor CSP violation reports (when implemented)
+- Monitor CSP violation reports (when implemented)
-   Use online tools like securityheaders.com for validation
+- Use online tools like securityheaders.com for validation
-   Include security header tests in CI/CD pipeline
+- Include security header tests in CI/CD pipeline
 ### Future Enhancements
@ -195,18 +195,18 @@ Planned improvements:
 Headers are configured to be compatible with:
-   Next.js 15+ App Router
+- Next.js 15+ App Router
-   React 19 development tools
+- React 19 development tools
-   TailwindCSS 4 styling system
+- TailwindCSS 4 styling system
-   Development hot reload functionality
+- Development hot reload functionality
 ### Browser Support
 Security headers are supported by:
-   All modern browsers (Chrome 60+, Firefox 60+, Safari 12+)
+- All modern browsers (Chrome 60+, Firefox 60+, Safari 12+)
-   Graceful degradation for older browsers
+- Graceful degradation for older browsers
-   Progressive enhancement approach
+- Progressive enhancement approach
 ## Troubleshooting
@ -219,13 +219,13 @@ Security headers are supported by:
 ### Debug Tools
-   Browser DevTools Security tab
+- Browser DevTools Security tab
-   CSP Evaluator: <https://csp-evaluator.withgoogle.com/>
+- CSP Evaluator: <https://csp-evaluator.withgoogle.com/>
-   Security Headers Scanner: <https://securityheaders.com/>
+- Security Headers Scanner: <https://securityheaders.com/>
 ## References
-   [OWASP Secure Headers Project](https://owasp.org/www-project-secure-headers/)
+- [OWASP Secure Headers Project](https://owasp.org/www-project-secure-headers/)
-   [MDN Security Headers](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers#security)
+- [MDN Security Headers](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers#security)
-   [Next.js Security Headers](https://nextjs.org/docs/app/api-reference/config/headers)
+- [Next.js Security Headers](https://nextjs.org/docs/app/api-reference/config/headers)
-   [Content Security Policy Reference](https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP)
+- [Content Security Policy Reference](https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP)
--- a/docs/security-monitoring.md
+++ b/docs/security-monitoring.md
@ -9,38 +9,42 @@ The Security Monitoring and Alerting System provides comprehensive real-time sec
 ### Core Components
 1.  **Security Monitoring Service** (`lib/securityMonitoring.ts`)
-   -   Real-time event processing
+
-   -   Anomaly detection algorithms
+- Real-time event processing
-   -   Alert generation and management
+- Anomaly detection algorithms
-   -   Security score calculation
+- Alert generation and management
-   -   Threat level assessment
+- Security score calculation
 - Threat level assessment
 2.  **Enhanced Security Logging** (`enhancedSecurityLog`)
-   -   Integrates with existing audit logger
+
-   -   Processes events through monitoring system
+- Integrates with existing audit logger
-   -   Triggers immediate threat detection
+- Processes events through monitoring system
 - Triggers immediate threat detection
 3.  **API Endpoints** (`app/api/admin/security-monitoring/`)
-   -   `/api/admin/security-monitoring` - Main metrics and configuration
+
-   -   `/api/admin/security-monitoring/alerts` - Alert management
+- `/api/admin/security-monitoring` - Main metrics and configuration
-   -   `/api/admin/security-monitoring/export` - Data export
+- `/api/admin/security-monitoring/alerts` - Alert management
-   -   `/api/admin/security-monitoring/threat-analysis` - Threat analysis
+- `/api/admin/security-monitoring/export` - Data export
 - `/api/admin/security-monitoring/threat-analysis` - Threat analysis
 4.  **Dashboard UI** (`app/platform/security/page.tsx`)
-   -   Real-time security metrics
+
-   -   Active alerts management
+- Real-time security metrics
-   -   Threat analysis visualization
+- Active alerts management
-   -   Configuration management
+- Threat analysis visualization
 - Configuration management
 ## Features
 ### Real-time Monitoring
-   **Authentication Events**: Login attempts, failures, brute force attacks
+- **Authentication Events**: Login attempts, failures, brute force attacks
-   **Rate Limiting**: Excessive request patterns, API abuse
+- **Rate Limiting**: Excessive request patterns, API abuse
-   **Admin Activity**: Unusual administrative actions
+- **Admin Activity**: Unusual administrative actions
-   **Geographic Anomalies**: Logins from unusual locations
+- **Geographic Anomalies**: Logins from unusual locations
-   **Temporal Anomalies**: Activity spikes outside normal patterns
+- **Temporal Anomalies**: Activity spikes outside normal patterns
 ### Alert Types
@ -69,29 +73,32 @@ enum AlertType {
 The system implements several anomaly detection algorithms:
 1.  **Geographic Anomaly Detection**
-   -   Detects logins from unusual countries
+
-   -   Compares against historical user patterns
+- Detects logins from unusual countries
-   -   Confidence scoring based on deviation
+- Compares against historical user patterns
 - Confidence scoring based on deviation
 2.  **Temporal Anomaly Detection**
-   -   Identifies activity spikes during unusual hours
+
-   -   Compares current activity to historical averages
+- Identifies activity spikes during unusual hours
-   -   Configurable thresholds for different event types
+- Compares current activity to historical averages
 - Configurable thresholds for different event types
 3.  **Behavioral Anomaly Detection**
-   -   Multiple failed login attempts
+
-   -   Rapid succession of actions
+- Multiple failed login attempts
-   -   Pattern deviation analysis
+- Rapid succession of actions
 - Pattern deviation analysis
 ### Security Scoring
 The system calculates a real-time security score (0-100) based on:
-   Critical security events (weight: 25)
+- Critical security events (weight: 25)
-   Active unresolved alerts (weight: 30)
+- Active unresolved alerts (weight: 30)
-   High-severity threats (weight: 20)
+- High-severity threats (weight: 20)
-   Overall event volume (weight: 15)
+- Overall event volume (weight: 15)
-   System stability factors (weight: 10)
+- System stability factors (weight: 10)
 ### Threat Levels
@ -255,117 +262,121 @@ await enhancedSecurityLog(
 ### Security Overview
-   Real-time security score (0-100)
+- Real-time security score (0-100)
-   Current threat level indicator
+- Current threat level indicator
-   Active alerts count
+- Active alerts count
-   Security events summary
+- Security events summary
 ### Alert Management
-   View active and historical alerts
+- View active and historical alerts
-   Filter by severity and type
+- Filter by severity and type
-   Acknowledge alerts with tracking
+- Acknowledge alerts with tracking
-   Detailed alert context and metadata
+- Detailed alert context and metadata
 ### Threat Analysis
-   Geographic distribution of events
+- Geographic distribution of events
-   Top threat types and patterns
+- Top threat types and patterns
-   User risk scoring
+- User risk scoring
-   IP threat level analysis
+- IP threat level analysis
 ### Configuration Management
-   Adjust detection thresholds
+- Adjust detection thresholds
-   Configure alerting channels
+- Configure alerting channels
-   Set data retention policies
+- Set data retention policies
-   Export capabilities
+- Export capabilities
 ## Performance Considerations
 ### Memory Management
-   Event buffer limited to 1 hour of data
+- Event buffer limited to 1 hour of data
-   Automatic cleanup of old alerts (configurable)
+- Automatic cleanup of old alerts (configurable)
-   Efficient in-memory storage for real-time analysis
+- Efficient in-memory storage for real-time analysis
 ### Database Impact
-   Leverages existing audit log indexes
+- Leverages existing audit log indexes
-   Optimized queries for time-range filtering
+- Optimized queries for time-range filtering
-   Background processing to avoid blocking operations
+- Background processing to avoid blocking operations
 ### Scalability
-   Stateless architecture (except for buffering)
+- Stateless architecture (except for buffering)
-   Horizontal scaling support
+- Horizontal scaling support
-   Configurable processing intervals
+- Configurable processing intervals
 ## Security Considerations
 ### Access Control
-   Platform admin authentication required
+- Platform admin authentication required
-   Role-based access to security endpoints
+- Role-based access to security endpoints
-   Audit logging of all monitoring activities
+- Audit logging of all monitoring activities
 ### Data Privacy
-   Sensitive data redaction in logs
+- Sensitive data redaction in logs
-   IP address anonymization options
+- IP address anonymization options
-   Configurable data retention periods
+- Configurable data retention periods
 ### Alert Suppression
-   Duplicate alert suppression (configurable window)
+- Duplicate alert suppression (configurable window)
-   Rate limiting on alert generation
+- Rate limiting on alert generation
-   Escalation policies for critical threats
+- Escalation policies for critical threats
 ## Monitoring and Maintenance
 ### Health Checks
-   Monitor service availability
+- Monitor service availability
-   Check alert generation pipeline
+- Check alert generation pipeline
-   Verify data export functionality
+- Verify data export functionality
 ### Regular Tasks
-   Review and adjust thresholds quarterly
+- Review and adjust thresholds quarterly
-   Analyze false positive rates
+- Analyze false positive rates
-   Update threat detection patterns
+- Update threat detection patterns
-   Clean up old alert data
+- Clean up old alert data
 ### Performance Metrics
-   Alert response time
+- Alert response time
-   False positive/negative rates
+- False positive/negative rates
-   System resource usage
+- System resource usage
-   User engagement with alerts
+- User engagement with alerts
 ## Future Enhancements
 ### Planned Features
 1.  **Machine Learning Integration**
-   -   Behavioral pattern recognition
+
-   -   Adaptive threshold adjustment
+- Behavioral pattern recognition
-   -   Predictive threat modeling
+- Adaptive threshold adjustment
 - Predictive threat modeling
 2.  **Advanced Analytics**
-   -   Threat intelligence integration
+
-   -   Cross-correlation analysis
+- Threat intelligence integration
-   -   Risk trend analysis
+- Cross-correlation analysis
 - Risk trend analysis
 3.  **Integration Enhancements**
-   -   SIEM system connectors
+
-   -   Webhook customization
+- SIEM system connectors
-   -   Mobile app notifications
+- Webhook customization
 - Mobile app notifications
 4.  **Automated Response**
-   -   IP blocking automation
+
-   -   Account suspension workflows
+- IP blocking automation
-   -   Incident response orchestration
+- Account suspension workflows
 - Incident response orchestration
 ## Troubleshooting
@ -373,27 +384,27 @@ await enhancedSecurityLog(
 **High False Positive Rate**
-   Review and adjust detection thresholds
+- Review and adjust detection thresholds
-   Analyze user behavior patterns
+- Analyze user behavior patterns
-   Consider geographical variations
+- Consider geographical variations
 **Missing Alerts**
-   Check service configuration
+- Check service configuration
-   Verify audit log integration
+- Verify audit log integration
-   Review threshold settings
+- Review threshold settings
 **Performance Issues**
-   Monitor memory usage
+- Monitor memory usage
-   Adjust cleanup intervals
+- Adjust cleanup intervals
-   Optimize database queries
+- Optimize database queries
 **Export Failures**
-   Check file permissions
+- Check file permissions
-   Verify date range validity
+- Verify date range validity
-   Monitor server resources
+- Monitor server resources
 ### Debugging
@ -419,24 +430,24 @@ console.log("Active alerts:", alerts.length);
 ### Unit Tests
-   Alert generation logic
+- Alert generation logic
-   Anomaly detection algorithms
+- Anomaly detection algorithms
-   Configuration management
+- Configuration management
-   Data export functionality
+- Data export functionality
 ### Integration Tests
-   API endpoint security
+- API endpoint security
-   Database integration
+- Database integration
-   Real-time event processing
+- Real-time event processing
-   Alert acknowledgment flow
+- Alert acknowledgment flow
 ### Load Testing
-   High-volume event processing
+- High-volume event processing
-   Concurrent alert generation
+- Concurrent alert generation
-   Database performance under load
+- Database performance under load
-   Memory usage patterns
+- Memory usage patterns
 Run tests:
--- a/docs/session-processing.md
+++ b/docs/session-processing.md
@ -15,22 +15,22 @@ The system now includes an automated process for analyzing chat session transcri
 ### Session Fetching
-   The system fetches session data from configured CSV URLs for each company
+- The system fetches session data from configured CSV URLs for each company
-   Unlike the previous implementation, it now only adds sessions that don't already exist in the database
+- Unlike the previous implementation, it now only adds sessions that don't already exist in the database
-   This prevents duplicate sessions and allows for incremental updates
+- This prevents duplicate sessions and allows for incremental updates
 ### Transcript Processing
-   For sessions with transcript content that haven't been processed yet, the system calls OpenAI's API
+- For sessions with transcript content that haven't been processed yet, the system calls OpenAI's API
-   The API analyzes the transcript and extracts the following information:
+- The API analyzes the transcript and extracts the following information:
-    -   Primary language used (ISO 639-1 code)
+  - Primary language used (ISO 639-1 code)
-    -   Number of messages sent by the user
+  - Number of messages sent by the user
-    -   Overall sentiment (positive, neutral, negative)
+  - Overall sentiment (positive, neutral, negative)
-    -   Whether the conversation was escalated
+  - Whether the conversation was escalated
-    -   Whether HR contact was mentioned or provided
+  - Whether HR contact was mentioned or provided
-    -   Best-fitting category for the conversation
+  - Best-fitting category for the conversation
-    -   Up to 5 paraphrased questions asked by the user
+  - Up to 5 paraphrased questions asked by the user
-    -   A brief summary of the conversation
+  - A brief summary of the conversation
 ### Scheduling
@ -43,10 +43,10 @@ The system includes two schedulers:
 The Session model has been updated with new fields to store the processed data:
-   `processed`: Boolean flag indicating whether the session has been processed
+- `processed`: Boolean flag indicating whether the session has been processed
-   `sentimentCategory`: String value ("positive", "neutral", "negative") from OpenAI
+- `sentimentCategory`: String value ("positive", "neutral", "negative") from OpenAI
-   `questions`: JSON array of questions asked by the user
+- `questions`: JSON array of questions asked by the user
-   `summary`: Brief summary of the conversation
+- `summary`: Brief summary of the conversation
 ## Configuration
@ -62,9 +62,9 @@ OPENAI_API_KEY=your_api_key_here
 To run the application with schedulers enabled:
-   Development: `npm run dev`
+- Development: `npm run dev`
-   Development (with schedulers disabled): `npm run dev:no-schedulers`
+- Development (with schedulers disabled): `npm run dev:no-schedulers`
-   Production: `npm run start`
+- Production: `npm run start`
 Note: These commands will start a custom Next.js server with the schedulers enabled. You'll need to have an OpenAI API key set in your `.env.local` file for the session processing to work.
@ -82,5 +82,5 @@ This will process all unprocessed sessions that have transcript content.
 The processing logic can be customized by modifying:
-   `lib/processingScheduler.ts`: Contains the OpenAI processing logic
+- `lib/processingScheduler.ts`: Contains the OpenAI processing logic
-   `scripts/process_sessions.ts`: Standalone script for manual processing
+- `scripts/process_sessions.ts`: Standalone script for manual processing