letsbe/pn-new-crm
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
847 Commits 8 Branches 0 Tags
1882bcb2e434980fd0afe48ac585ae1b63c2718c
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Matt 1882bcb2e4 fix(audit): H11 — gate cross-port coverBrandPortId in report runs 
Layer 1: createReportRun rejects a user-triggered run whose coverBrandPortId
is a port the triggering user can't access (userCanAccessPort: super-admin or
userPortRoles membership). Layer 2: renderReportRun only honors the override
when it equals run.portId or the run's user is a member, else falls back to
the source port's branding — so a forged/scheduled config can't leak another
tenant's logo/name.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-02 12:18:11 +02:00
.gitea/workflows
Remove deploy job from CI - build and push only
2026-03-26 12:19:36 +01:00
.husky
Fix Docker build and production server infrastructure
2026-04-08 15:31:33 -04:00
assets
fix(audit): comprehensive 2026-05-15 audit fix wave + Documenso v2 polish
2026-05-18 13:28:50 +02:00
competing-plans/blessed
Initial commit: Port Nimara CRM (Layers 0-4)
2026-03-26 11:52:51 +01:00
docker/postgres
Initial commit: Port Nimara CRM (Layers 0-4)
2026-03-26 11:52:51 +01:00
docs
docs(audit): complete unified master — all 17 lanes, 85 findings (4 CRIT/17 HIGH/29 MED/35 LOW)
2026-06-02 11:38:44 +02:00
nginx
fix(security): tier-0 audit blockers (next CVE, role gate, perm traps, key validation, rate limits)
2026-05-05 18:33:13 +02:00
public
chore(assets): branded auth-shell logo + email-bg fallback images
2026-05-21 19:18:15 +02:00
scripts
feat(migration): old-LOI EOI recovery, folded berth-links, contactless flag
2026-06-01 22:18:28 +02:00
src
fix(audit): H11 — gate cross-port coverBrandPortId in report runs
2026-06-02 12:18:11 +02:00
tests
feat(reports): parseOperationalFilters pure parser (Area scope)
2026-06-02 10:08:16 +02:00
.dockerignore
audit: Tier 1/3/6/7 batch — PII redaction, mobile safe-area, perf, build hardening
2026-05-12 17:18:35 +02:00
.env.dev.template
chore(dev): Cloudflare tunnel helper + env-to-admin migration in .env templates
2026-05-21 19:18:08 +02:00
.env.example
chore(dev): Cloudflare tunnel helper + env-to-admin migration in .env templates
2026-05-21 19:18:08 +02:00
.env.prod.template
chore(dev): Cloudflare tunnel helper + env-to-admin migration in .env templates
2026-05-21 19:18:08 +02:00
.gitattributes
chore: add .gitattributes to normalize line endings to LF
2026-04-22 02:02:46 +02:00
.gitignore
chore: gitignore tmp/ + remove accidentally-committed audit screenshots
2026-05-22 13:49:18 +02:00
.lintstagedrc.json
feat(deps): pre-commit type-check on staged TS files
2026-05-12 22:00:43 +02:00
.prettierrc
Initial commit: Port Nimara CRM (Layers 0-4)
2026-03-26 11:52:51 +01:00
01-CONSOLIDATED-SYSTEM-SPEC.md
Initial commit: Port Nimara CRM (Layers 0-4)
2026-03-26 11:52:51 +01:00
02-FEATURE-INVENTORY.md
Initial commit: Port Nimara CRM (Layers 0-4)
2026-03-26 11:52:51 +01:00
03-ARCHITECTURE-DECISIONS.md
Initial commit: Port Nimara CRM (Layers 0-4)
2026-03-26 11:52:51 +01:00
04-ARCHITECTURE-COMPARISON.md
Initial commit: Port Nimara CRM (Layers 0-4)
2026-03-26 11:52:51 +01:00
05-FINAL-ARCHITECTURE-DECISIONS.md
Initial commit: Port Nimara CRM (Layers 0-4)
2026-03-26 11:52:51 +01:00
06-MASTER-FEATURE-SPEC.md
Initial commit: Port Nimara CRM (Layers 0-4)
2026-03-26 11:52:51 +01:00
07-DATABASE-SCHEMA.md
docs: reflect data-model refactor in CLAUDE.md + DB schema overview
2026-04-26 14:14:34 +02:00
08-API-ENDPOINT-CATALOG.md
Initial commit: Port Nimara CRM (Layers 0-4)
2026-03-26 11:52:51 +01:00
09-BUSINESS-RULES.md
Initial commit: Port Nimara CRM (Layers 0-4)
2026-03-26 11:52:51 +01:00
10-AUTH-AND-PERMISSIONS.md
Initial commit: Port Nimara CRM (Layers 0-4)
2026-03-26 11:52:51 +01:00
11-REALTIME-AND-BACKGROUND-JOBS.md
Initial commit: Port Nimara CRM (Layers 0-4)
2026-03-26 11:52:51 +01:00
12-IMPLEMENTATION-SEQUENCE.md
Initial commit: Port Nimara CRM (Layers 0-4)
2026-03-26 11:52:51 +01:00
13-UI-PAGE-MAP.md
Initial commit: Port Nimara CRM (Layers 0-4)
2026-03-26 11:52:51 +01:00
14-TECHNICAL-DECISIONS.md
Initial commit: Port Nimara CRM (Layers 0-4)
2026-03-26 11:52:51 +01:00
15-DESIGN-TOKENS.md
Initial commit: Port Nimara CRM (Layers 0-4)
2026-03-26 11:52:51 +01:00
CLAUDE.md
feat(launch-readiness-batch): UAT drains, navigation refactor, launch infra, trackers
2026-05-27 22:42:37 +02:00
components.json
Initial commit: Port Nimara CRM (Layers 0-4)
2026-03-26 11:52:51 +01:00
design-system-preview.html
Initial commit: Port Nimara CRM (Layers 0-4)
2026-03-26 11:52:51 +01:00
docker-compose.dev.yml
Initial commit: Port Nimara CRM (Layers 0-4)
2026-03-26 11:52:51 +01:00
docker-compose.prod.yml
fix(P1): GDPR export + Redis eviction policy
2026-05-14 22:39:16 +02:00
docker-compose.yml
fix(P1): GDPR export + Redis eviction policy
2026-05-14 22:39:16 +02:00
Dockerfile
fix(audit-wave-10): build-auditor fixes — CSP, server externals, healthcheck
2026-05-13 12:30:22 +02:00
Dockerfile.dev
audit: Tier 1/3/6/7 batch — PII redaction, mobile safe-area, perf, build hardening
2026-05-12 17:18:35 +02:00
Dockerfile.worker
fix(build): make prepare tolerant of missing husky + bump deps (Phase 1a)
2026-05-08 16:15:34 +02:00
drizzle.config.ts
Initial commit: Port Nimara CRM (Layers 0-4)
2026-03-26 11:52:51 +01:00
eslint.config.mjs
chore(audit-drain): rip out next-intl, RTL lint, sweeps, polish
2026-05-26 18:48:46 +02:00
instrumentation.ts
feat(deps): @sentry/nextjs error tracking (DSN-gated, dormant by default)
2026-05-12 22:38:18 +02:00
mockup-A-sidebar-dark.html
Initial commit: Port Nimara CRM (Layers 0-4)
2026-03-26 11:52:51 +01:00
mockup-B-light-theme.html
Initial commit: Port Nimara CRM (Layers 0-4)
2026-03-26 11:52:51 +01:00
mockup-C-bold-modern.html
Initial commit: Port Nimara CRM (Layers 0-4)
2026-03-26 11:52:51 +01:00
next-env.d.ts
fix(dev-lan): unblock phone-on-LAN testing of the dev server
2026-05-22 12:28:34 +02:00
next.config.ts
chore(audit-drain): rip out next-intl, RTL lint, sweeps, polish
2026-05-26 18:48:46 +02:00
NOCODB-MIGRATION-MAPPING.md
Initial commit: Port Nimara CRM (Layers 0-4)
2026-03-26 11:52:51 +01:00
package.json
feat(launch-readiness-batch): UAT drains, navigation refactor, launch infra, trackers
2026-05-27 22:42:37 +02:00
playwright.config.ts
fix(test): raise mobile-audit timeout to 30min for 4-viewport runs
2026-04-29 15:15:26 +02:00
pnpm-lock.yaml
feat(launch-readiness-batch): UAT drains, navigation refactor, launch infra, trackers
2026-05-27 22:42:37 +02:00
postcss.config.mjs
feat(deps): Tailwind 3 → 4 + swap tailwindcss-animate for tw-animate-css
2026-05-12 22:14:38 +02:00
PROGRESS.md
docs: update PROGRESS.md with 2026-03-26 → 2026-04-22 changelog
2026-04-22 02:37:43 +02:00
SECURITY-GUIDELINES.md
Initial commit: Port Nimara CRM (Layers 0-4)
2026-03-26 11:52:51 +01:00
sentry.client.config.ts
feat(deps): @sentry/nextjs error tracking (DSN-gated, dormant by default)
2026-05-12 22:38:18 +02:00
sentry.edge.config.ts
feat(deps): @sentry/nextjs error tracking (DSN-gated, dormant by default)
2026-05-12 22:38:18 +02:00
sentry.server.config.ts
feat(deps): @sentry/nextjs error tracking (DSN-gated, dormant by default)
2026-05-12 22:38:18 +02:00
tsconfig.json
feat(deps): Next 15 → 16 (proxy.ts rename + native flat ESLint config)
2026-05-12 22:24:51 +02:00
tsconfig.server.json
Fix Docker build and production server infrastructure
2026-04-08 15:31:33 -04:00
vitest.config.ts
feat(pdf): brand kit foundation for @react-pdf/renderer
2026-05-12 20:45:28 +02:00
Description
No description provided
25 MiB
Languages
TypeScript 98.7%
HTML 1%
CSS 0.1%
Shell 0.1%