cbc1da3c03
SECURITY: Implement hidden information filtering to prevent cheating. - Create VisibleGameState, VisiblePlayerState, VisibleZone models - get_visible_state(game, player_id): filtered view for a player - get_spectator_state(game): filtered view for spectators Hidden Information (NEVER exposed): - Opponent's hand contents (count only) - All deck contents and order - All prize card contents - Energy deck order Public Information (always visible): - Active and benched Pokemon (full details) - Discard piles (full contents) - Energy zone (available energy) - Scores, turn info, phase - Stadium in play - 44 security-critical tests verifying no information leakage - Tests check JSON serialization for hidden card ID leaks - Also adds test for configurable burn damage Completes HIGH-008 and TEST-012 from PROJECT_PLAN.json Updates security checklist: 4/5 items now verified |
||
|---|---|---|
| .. | ||
| core | ||
| __init__.py | ||
| main.py | ||