chore(autonomous-session): consolidate uncommitted work from prior session
Bundles the prior autonomous-session output that was sitting unstaged: - Em-dash sweep across src/ + tests/ (en-dash/em-dash to hyphen, ~2280 instances) - country-flag-icons rollout (CountryFlag component, replaces emoji glyphs that never rendered on Windows; lazy-loads the 3x2 SVG index as a single chunk after the per-subpath dynamic-import approach silently failed in webpack) - Admin IA Phase 1+2: 7-domain regroup, 41 to 38 pages, /admin/berths index, redirects (ocr to ai, reports to dashboard, invitations to users), docs/admin-ia-proposal.md - Per-template email tester (registry + endpoint + UI on Email admin page) - Cancel-document mode picker (delete-from-Documenso vs keep-for-audit) - Dashboard PDF report: 25 widgets, SVG charts, date-range picker, 11 resolvers - Customize-widgets per-region sortables at xl+ (charts/rails/feed); single flat sortable below xl when the layout stacks; per-viewport saved orders - Audit doc updates capturing each shipped item - Lint fixes: react-compiler immutability in DonutChart (reduce instead of let-reassign), set-state-in-effect disables in CountryFlag and UploadForSigning preview-bytes effect, unused 'confirm' destructures in interest contract + reservation tabs, unescaped apostrophe in test-template card copy
This commit is contained in:
@@ -58,7 +58,7 @@ export type AuditAction =
|
||||
// and the FTS GENERATED index missed entirely.
|
||||
| 'outcome_set'
|
||||
| 'outcome_cleared'
|
||||
// Phase 3 — EOI override / contact promote / yacht spawn from EOI.
|
||||
// Phase 3 - EOI override / contact promote / yacht spawn from EOI.
|
||||
// The DB column is free-text per migration 0073; these strings just
|
||||
// formalise the catalogue so the audit-log filter dropdown can surface
|
||||
// them as their own buckets.
|
||||
@@ -165,13 +165,13 @@ function maskValue(value: unknown, depth: number): unknown {
|
||||
if (typeof value === 'string') return maskString(value);
|
||||
if (Array.isArray(value)) return value.map((v) => maskValue(v, depth + 1));
|
||||
if (typeof value === 'object') {
|
||||
// Recurse into nested object — only mask keys that themselves look
|
||||
// Recurse into nested object - only mask keys that themselves look
|
||||
// sensitive. Parents stay traversable.
|
||||
return maskObject(value as Record<string, unknown>, depth + 1);
|
||||
}
|
||||
// Non-string primitives (number/boolean/bigint/symbol) at sensitive keys
|
||||
// are passed through unchanged. The original contract was "only mask
|
||||
// strings" — a number at an `email` key is a type error upstream and
|
||||
// strings" - a number at an `email` key is a type error upstream and
|
||||
// shouldn't be silently replaced with `***`.
|
||||
return value;
|
||||
}
|
||||
@@ -275,7 +275,7 @@ export async function createAuditLog(params: AuditLogParams): Promise<void> {
|
||||
fieldChanged: params.fieldChanged ?? null,
|
||||
oldValue: maskSensitiveFields(params.oldValue) ?? null,
|
||||
newValue: maskSensitiveFields(params.newValue) ?? null,
|
||||
// Mask metadata too — the audit found portal-auth, crm-invite,
|
||||
// Mask metadata too - the audit found portal-auth, crm-invite,
|
||||
// hard-delete, and email-accounts services were writing raw emails
|
||||
// into this column.
|
||||
metadata: maskSensitiveFields(params.metadata) ?? null,
|
||||
|
||||
Reference in New Issue
Block a user