CartSnitch Engineer Bot aa9fddd084 fix: remove hardcoded default secrets from API config ...

Remove dangerous default values for jwt_secret_key, service_key, and
fernet_key. Add startup validation that raises RuntimeError if these
secrets are not set via environment variables or contain placeholder
values.

Add test fixture to provide explicit test values for these secrets,
ensuring existing tests continue to pass.

Co-Authored-By: Paperclip <noreply@paperclip.ing>

2026-04-14 11:11:23 +00:00

..

test_auth

fix(auth): parse compound Better-Auth cookie/bearer token to extract token part

2026-04-04 20:32:43 +00:00

test_e2e

fix: correct email-in-address format, remove dead code, update tests (#110)

2026-04-03 13:34:21 +00:00

test_middleware

fix(api): revert auth/type regressions from standalone sync, keep email-in feature only

2026-04-03 09:40:39 +00:00

test_routes

fix(api): revert auth/type regressions from standalone sync, keep email-in feature only

2026-04-03 09:40:39 +00:00

test_services

feat: merge cartsnitch/api into api/ subdirectory

2026-03-28 02:24:02 +00:00

__init__.py

feat: merge cartsnitch/api into api/ subdirectory

2026-03-28 02:24:02 +00:00

conftest.py

fix: remove hardcoded default secrets from API config

2026-04-14 11:11:23 +00:00

test_config.py

fix(api): accept DATABASE_URL as fallback for shared DB with auth service

2026-04-04 19:52:24 +00:00

test_encrypted_json.py

feat: merge cartsnitch/api into api/ subdirectory

2026-03-28 02:24:02 +00:00

test_models.py

feat: merge cartsnitch/api into api/ subdirectory

2026-03-28 02:24:02 +00:00

test_openapi.py

fix(api): revert auth/type regressions from standalone sync, keep email-in feature only

2026-04-03 09:40:39 +00:00