refactor(kyc): harden liveness/review workflows and secure webhook callbacks (!3) · Requêtes de fusion · marketing confort / darvest / darvest-investor-profile-kyc-service · GitLab

Benabbes Walid a demandé de fusionner feat/kyc-hardening-review-liveness vers develop avr. 06, 2026

refactor(kyc): harden liveness/review workflows and secure webhook callbacks

applied lead review feedback for liveness and review state handling
added null-safe idempotence checks and stricter validation rules
moved reviewerId into request body and returned review DTOs
added dedicated webhook security filter (HMAC + IP allowlist)
extended unit/web tests and updated changelog