pn-new-crm

letsbe/pn-new-crm

Fork 0

Commit Graph

Author	SHA1	Message	Date
Matt	e469b2b6a6	fix(P1): GDPR export + Redis eviction policy F3: BullMQ 5.x rejects custom job IDs containing `:` (collides with internal Redis-key namespacing). GDPR export crashed with "Custom Id cannot contain :". Switched to dash separator. GDPR Article 15 right-to-access now functional. F4: Redis was configured with `allkeys-lru` eviction in both docker-compose.yml and docker-compose.prod.yml. BullMQ explicitly requires `noeviction` — otherwise queue keys can be evicted under memory pressure and jobs vanish silently. Switched to noeviction with comment pointing at the audit finding. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-14 22:39:16 +02:00
Matt	0ea8d94d26	fix(audit-wave-10): build-auditor fixes — CSP, server externals, healthcheck Address the highest-leverage CRITICAL/HIGH/MEDIUM items from the build-auditor that weren't already covered by Wave 1 (EMAIL_REDIRECT_TO production guard) or the existing `.dockerignore`. C3 — socket.io in standalone trace - Add socket.io + @socket.io/redis-adapter to serverExternalPackages in next.config so the build system sees the dependency (the custom server is the only importer, no Next route touches it). - Belt-and-braces: COPY both from the deps stage into the runner stage of Dockerfile, mirroring the audit's suggested fix. H1 — CSP `'unsafe-inline'` in prod - Audit recommends nonce-based scripts. Implementing nonces requires middleware that emits a per-request nonce + threading it through Next's RSC bootstrap + Server Actions. Out of scope for this wave; documented the rationale at the CSP definition so the next pass knows where to start, and noted that the in-the-wild XSS surfaces are already closed via escapeHtml/escapeUrl in the email + webhook pipelines. H2 — NEXT_PUBLIC_APP_URL validation - Add `NEXT_PUBLIC_APP_URL: z.string().url()` to the env schema so a missing build-time value fails validation instead of silently inlining the empty string into the client bundle and breaking multi-origin deploys. M3 — serverExternalPackages completeness - Add imapflow, mailparser, pdf-lib, sharp, tesseract.js, @react-pdf/renderer, unpdf — all heavy native/CJS-leaning server-only deps that should not be route-traced. H5 — healthcheck PORT templatization - docker-compose.{,prod.}yml: replace hardcoded `http://localhost:3000/api/health` with `${PORT:-3000}` so overriding PORT via .env doesn't put the container into a restart loop. M9 — NODE_ENV=production in builder - Dockerfile builder stage now sets NODE_ENV=production above `RUN pnpm build` so the prod-only branches in next.config (CSP, etc.) compile deterministically. M7 — HEALTHCHECK directive in image - Add image-level HEALTHCHECK to the app Dockerfile (mirrors the one in Dockerfile.worker for Redis) so the image is self-describing for non-compose orchestrators. Items already addressed prior to this wave: - C1 (.dockerignore exists, comprehensive) - C2 (EMAIL_REDIRECT_TO production refusal — Wave 1) - H4 (compose resource + log limits — already in prod compose) Tests 1315/1315 throughout. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-13 12:30:22 +02:00
Matt	67d7e6e3d5	Initial commit: Port Nimara CRM (Layers 0-4) Some checks failed Build & Push Docker Images / build-and-push (push) Has been cancelled Details Build & Push Docker Images / deploy (push) Has been cancelled Details Build & Push Docker Images / lint (push) Has been cancelled Details Full CRM rebuild with Next.js 15, TypeScript, Tailwind, Drizzle ORM, PostgreSQL, Redis, BullMQ, MinIO, and Socket.io. Includes 461 source files covering clients, berths, interests/pipeline, documents/EOI, expenses/invoices, email, notifications, dashboard, admin, and client portal. CI/CD via Gitea Actions with Docker builds. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-26 11:52:51 +01:00

Author

SHA1

Message

Date

Matt

e469b2b6a6

fix(P1): GDPR export + Redis eviction policy

F3: BullMQ 5.x rejects custom job IDs containing `:` (collides with internal
Redis-key namespacing). GDPR export crashed with "Custom Id cannot contain :".
Switched to dash separator. GDPR Article 15 right-to-access now functional.

F4: Redis was configured with `allkeys-lru` eviction in both docker-compose.yml
and docker-compose.prod.yml. BullMQ explicitly requires `noeviction` —
otherwise queue keys can be evicted under memory pressure and jobs vanish
silently. Switched to noeviction with comment pointing at the audit finding.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-05-14 22:39:16 +02:00

Matt

0ea8d94d26

fix(audit-wave-10): build-auditor fixes — CSP, server externals, healthcheck

Address the highest-leverage CRITICAL/HIGH/MEDIUM items from the
build-auditor that weren't already covered by Wave 1 (EMAIL_REDIRECT_TO
production guard) or the existing `.dockerignore`.

**C3 — socket.io in standalone trace**
- Add socket.io + @socket.io/redis-adapter to serverExternalPackages
  in next.config so the build system sees the dependency (the custom
  server is the only importer, no Next route touches it).
- Belt-and-braces: COPY both from the deps stage into the runner stage
  of Dockerfile, mirroring the audit's suggested fix.

**H1 — CSP `'unsafe-inline'` in prod**
- Audit recommends nonce-based scripts. Implementing nonces requires
  middleware that emits a per-request nonce + threading it through
  Next's RSC bootstrap + Server Actions. Out of scope for this wave;
  documented the rationale at the CSP definition so the next pass
  knows where to start, and noted that the in-the-wild XSS surfaces
  are already closed via escapeHtml/escapeUrl in the email + webhook
  pipelines.

**H2 — NEXT_PUBLIC_APP_URL validation**
- Add `NEXT_PUBLIC_APP_URL: z.string().url()` to the env schema so a
  missing build-time value fails validation instead of silently
  inlining the empty string into the client bundle and breaking
  multi-origin deploys.

**M3 — serverExternalPackages completeness**
- Add imapflow, mailparser, pdf-lib, sharp, tesseract.js,
  @react-pdf/renderer, unpdf — all heavy native/CJS-leaning
  server-only deps that should not be route-traced.

**H5 — healthcheck PORT templatization**
- docker-compose.{,prod.}yml: replace hardcoded
  `http://localhost:3000/api/health` with `${PORT:-3000}` so
  overriding PORT via .env doesn't put the container into a
  restart loop.

**M9 — NODE_ENV=production in builder**
- Dockerfile builder stage now sets NODE_ENV=production above
  `RUN pnpm build` so the prod-only branches in next.config
  (CSP, etc.) compile deterministically.

**M7 — HEALTHCHECK directive in image**
- Add image-level HEALTHCHECK to the app Dockerfile (mirrors the
  one in Dockerfile.worker for Redis) so the image is
  self-describing for non-compose orchestrators.

Items already addressed prior to this wave:
- C1 (.dockerignore exists, comprehensive)
- C2 (EMAIL_REDIRECT_TO production refusal — Wave 1)
- H4 (compose resource + log limits — already in prod compose)

Tests 1315/1315 throughout.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-05-13 12:30:22 +02:00

Matt

67d7e6e3d5

Initial commit: Port Nimara CRM (Layers 0-4)

Build & Push Docker Images / build-and-push (push) Has been cancelled

Details

Build & Push Docker Images / deploy (push) Has been cancelled

Details

Build & Push Docker Images / lint (push) Has been cancelled

Details

Full CRM rebuild with Next.js 15, TypeScript, Tailwind, Drizzle ORM,
PostgreSQL, Redis, BullMQ, MinIO, and Socket.io. Includes 461 source
files covering clients, berths, interests/pipeline, documents/EOI,
expenses/invoices, email, notifications, dashboard, admin, and
client portal. CI/CD via Gitea Actions with Docker builds.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-03-26 11:52:51 +01:00

3 Commits