letsbe/pn-new-crm
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
932 Commits 8 Branches 0 Tags
3f6f845c02ed3ace57102f61cbd1c0278d2f4fbb
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Matt 3f6f845c02
All checks were successful
Build & Push Docker Images / lint (push) Successful in 2m55s
Details
Build & Push Docker Images / build-and-push (push) Successful in 8m22s
Details
fix(csp): add frame-src so signed-PDF previews + embedded signing load 
The CSP set default-src 'self' with no frame-src, so it fell back to
'self' for frames. Inline signed-EOI previews iframe a presigned
s3.portnimara.com URL and the admin embedded-signing card iframes the
Documenso host — both were blocked, rendering a broken-file placeholder
("Framing 'https://s3.portnimara.com/' violates ... default-src 'self'").

Add `frame-src 'self' blob: https:` to both CSP definitions (proxy.ts
middleware + next.config.ts), matching the existing https: posture of
img-src/connect-src. frame-ancestors 'none' is unchanged, so we still
can't be embedded by third parties.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-25 14:26:38 +02:00
.gitea/workflows
Remove deploy job from CI - build and push only
2026-03-26 12:19:36 +01:00
.husky
Fix Docker build and production server infrastructure
2026-04-08 15:31:33 -04:00
assets
fix(audit): comprehensive 2026-05-15 audit fix wave + Documenso v2 polish
2026-05-18 13:28:50 +02:00
competing-plans/blessed
Initial commit: Port Nimara CRM (Layers 0-4)
2026-03-26 11:52:51 +01:00
docker/postgres
Initial commit: Port Nimara CRM (Layers 0-4)
2026-03-26 11:52:51 +01:00
nginx
fix(security): tier-0 audit blockers (next CVE, role gate, perm traps, key validation, rate limits)
2026-05-05 18:33:13 +02:00
public
chore(assets): branded auth-shell logo + email-bg fallback images
2026-05-21 19:18:15 +02:00
scripts
feat(inquiries): one-off NocoDB historical contact-form import (idempotent, dry-run default)
2026-06-17 18:28:01 +02:00
src
fix(csp): add frame-src so signed-PDF previews + embedded signing load
2026-06-25 14:26:38 +02:00
tests
fix(eoi): silence Documenso's own lifecycle emails on createDocument
2026-06-25 13:20:55 +02:00
.dockerignore
audit: Tier 1/3/6/7 batch — PII redaction, mobile safe-area, perf, build hardening
2026-05-12 17:18:35 +02:00
.env.dev.template
chore(dev): Cloudflare tunnel helper + env-to-admin migration in .env templates
2026-05-21 19:18:08 +02:00
.env.example
chore(dev): Cloudflare tunnel helper + env-to-admin migration in .env templates
2026-05-21 19:18:08 +02:00
.env.prod.template
chore(dev): Cloudflare tunnel helper + env-to-admin migration in .env templates
2026-05-21 19:18:08 +02:00
.gitattributes
chore: add .gitattributes to normalize line endings to LF
2026-04-22 02:02:46 +02:00
.gitignore
feat(backup): full DR bundle export + admin-configurable offsite destinations
2026-06-04 11:23:42 +02:00
.lintstagedrc.json
feat(deps): pre-commit type-check on staged TS files
2026-05-12 22:00:43 +02:00
.prettierrc
Initial commit: Port Nimara CRM (Layers 0-4)
2026-03-26 11:52:51 +01:00
01-CONSOLIDATED-SYSTEM-SPEC.md
Initial commit: Port Nimara CRM (Layers 0-4)
2026-03-26 11:52:51 +01:00
02-FEATURE-INVENTORY.md
Initial commit: Port Nimara CRM (Layers 0-4)
2026-03-26 11:52:51 +01:00
03-ARCHITECTURE-DECISIONS.md
Initial commit: Port Nimara CRM (Layers 0-4)
2026-03-26 11:52:51 +01:00
04-ARCHITECTURE-COMPARISON.md
Initial commit: Port Nimara CRM (Layers 0-4)
2026-03-26 11:52:51 +01:00
05-FINAL-ARCHITECTURE-DECISIONS.md
Initial commit: Port Nimara CRM (Layers 0-4)
2026-03-26 11:52:51 +01:00
06-MASTER-FEATURE-SPEC.md
Initial commit: Port Nimara CRM (Layers 0-4)
2026-03-26 11:52:51 +01:00
07-DATABASE-SCHEMA.md
docs: reflect data-model refactor in CLAUDE.md + DB schema overview
2026-04-26 14:14:34 +02:00
08-API-ENDPOINT-CATALOG.md
Initial commit: Port Nimara CRM (Layers 0-4)
2026-03-26 11:52:51 +01:00
09-BUSINESS-RULES.md
Initial commit: Port Nimara CRM (Layers 0-4)
2026-03-26 11:52:51 +01:00
10-AUTH-AND-PERMISSIONS.md
Initial commit: Port Nimara CRM (Layers 0-4)
2026-03-26 11:52:51 +01:00
11-REALTIME-AND-BACKGROUND-JOBS.md
Initial commit: Port Nimara CRM (Layers 0-4)
2026-03-26 11:52:51 +01:00
12-IMPLEMENTATION-SEQUENCE.md
Initial commit: Port Nimara CRM (Layers 0-4)
2026-03-26 11:52:51 +01:00
13-UI-PAGE-MAP.md
Initial commit: Port Nimara CRM (Layers 0-4)
2026-03-26 11:52:51 +01:00
14-TECHNICAL-DECISIONS.md
Initial commit: Port Nimara CRM (Layers 0-4)
2026-03-26 11:52:51 +01:00
15-DESIGN-TOKENS.md
Initial commit: Port Nimara CRM (Layers 0-4)
2026-03-26 11:52:51 +01:00
components.json
Initial commit: Port Nimara CRM (Layers 0-4)
2026-03-26 11:52:51 +01:00
design-system-preview.html
Initial commit: Port Nimara CRM (Layers 0-4)
2026-03-26 11:52:51 +01:00
docker-compose.dev.yml
Initial commit: Port Nimara CRM (Layers 0-4)
2026-03-26 11:52:51 +01:00
docker-compose.prod.yml
fix(P1): GDPR export + Redis eviction policy
2026-05-14 22:39:16 +02:00
docker-compose.yml
fix(P1): GDPR export + Redis eviction policy
2026-05-14 22:39:16 +02:00
Dockerfile
fix(backup): install pg_dump (postgresql16-client) in app + worker images
2026-06-04 11:58:14 +02:00
Dockerfile.dev
audit: Tier 1/3/6/7 batch — PII redaction, mobile safe-area, perf, build hardening
2026-05-12 17:18:35 +02:00
Dockerfile.worker
fix(backup): install pg_dump (postgresql16-client) in app + worker images
2026-06-04 11:58:14 +02:00
drizzle.config.ts
Initial commit: Port Nimara CRM (Layers 0-4)
2026-03-26 11:52:51 +01:00
eslint.config.mjs
chore(audit-drain): rip out next-intl, RTL lint, sweeps, polish
2026-05-26 18:48:46 +02:00
instrumentation.ts
feat(deps): @sentry/nextjs error tracking (DSN-gated, dormant by default)
2026-05-12 22:38:18 +02:00
mockup-A-sidebar-dark.html
Initial commit: Port Nimara CRM (Layers 0-4)
2026-03-26 11:52:51 +01:00
mockup-B-light-theme.html
Initial commit: Port Nimara CRM (Layers 0-4)
2026-03-26 11:52:51 +01:00
mockup-C-bold-modern.html
Initial commit: Port Nimara CRM (Layers 0-4)
2026-03-26 11:52:51 +01:00
next-env.d.ts
fix(dev-lan): unblock phone-on-LAN testing of the dev server
2026-05-22 12:28:34 +02:00
next.config.ts
fix(csp): add frame-src so signed-PDF previews + embedded signing load
2026-06-25 14:26:38 +02:00
NOCODB-MIGRATION-MAPPING.md
Initial commit: Port Nimara CRM (Layers 0-4)
2026-03-26 11:52:51 +01:00
package.json
feat(backup): full DR bundle export + admin-configurable offsite destinations
2026-06-04 11:23:42 +02:00
playwright.config.ts
feat(rbac): residential-partner route lockdown + role-aware mobile nav
2026-06-22 15:53:22 +02:00
pnpm-lock.yaml
feat(backup): full DR bundle export + admin-configurable offsite destinations
2026-06-04 11:23:42 +02:00
postcss.config.mjs
feat(deps): Tailwind 3 → 4 + swap tailwindcss-animate for tw-animate-css
2026-05-12 22:14:38 +02:00
PROGRESS.md
docs: update PROGRESS.md with 2026-03-26 → 2026-04-22 changelog
2026-04-22 02:37:43 +02:00
SECURITY-GUIDELINES.md
Initial commit: Port Nimara CRM (Layers 0-4)
2026-03-26 11:52:51 +01:00
sentry.client.config.ts
feat(deps): @sentry/nextjs error tracking (DSN-gated, dormant by default)
2026-05-12 22:38:18 +02:00
sentry.edge.config.ts
feat(deps): @sentry/nextjs error tracking (DSN-gated, dormant by default)
2026-05-12 22:38:18 +02:00
sentry.server.config.ts
feat(deps): @sentry/nextjs error tracking (DSN-gated, dormant by default)
2026-05-12 22:38:18 +02:00
tsconfig.json
feat(deps): Next 15 → 16 (proxy.ts rename + native flat ESLint config)
2026-05-12 22:24:51 +02:00
tsconfig.server.json
Fix Docker build and production server infrastructure
2026-04-08 15:31:33 -04:00
vitest.config.ts
feat(pdf): brand kit foundation for @react-pdf/renderer
2026-05-12 20:45:28 +02:00
Description
No description provided
26 MiB
Languages
TypeScript 98.7%
HTML 1%
CSS 0.1%
Shell 0.1%