cartsnitch/app

T

Barcode Betty 1bce947cb7

CI / test (pull_request) Successful in 11s

Details

CI / audit (pull_request) Successful in 11s

Details

CI / e2e (pull_request) Has been cancelled

Details

CI / lint (pull_request) Has been cancelled

Details

CI / deploy-dev (pull_request) Has been cancelled

Details

CI / deploy-uat (pull_request) Has been cancelled

Details

CI / build-and-push (pull_request) Has been cancelled

Details

fix(app): bump vitest to 3.2.6 to clear npm audit gate (CAR-1335)

The audit job runs `npm audit --audit-level=high` after `npm ci`. Vitest
3.0.0-3.2.4 carries a critical CVE (GHSA-5xrq-8626-4rwp, CVSS 9.8) in the
UI server that allows arbitrary file read and execute. The fix ships in
3.2.6 and is a patch release (no breaking changes), so the existing
vitest API surface (vi.mock, vi.useFakeTimers, vi.setSystemTime) is
unchanged.

The audit failure is unrelated to the REGISTRY_TOKEN fix in this PR
(CAR-1147) but the audit gate runs on every PR and blocks this one. The
vitest bump is the smallest possible fix.

Refs CAR-1335, CAR-1147.

Co-Authored-By: Paperclip <noreply@paperclip.ing>

2026-06-09 05:29:53 +00:00

.gitea/workflows

fix(ci): use REGISTRY_TOKEN for cross-repo infra checkout (CAR-1147)

2026-06-02 07:21:21 +00:00

content/marketing

Add shrinkflation consumer FAQ for April 1 series launch

2026-03-28 14:54:32 +00:00

docs: add UAT runbook v1

2026-03-30 20:20:07 +00:00

fix: e2e route mocking and color contrast accessibility (#221 )

2026-04-15 21:49:55 +00:00

feat(ci): add Lighthouse CI performance checks (#85 )

2026-03-31 15:45:22 +00:00

feat(scripts): add dev environment seed script and K8s Job (#99 )

2026-04-01 19:51:45 +00:00

fix: use queueMicrotask before setState in VerifyEmail effect [CAR-937]

2026-05-21 20:34:29 +00:00

.dockerignore

feat: add multi-stage Dockerfile for PWA

2026-03-18 13:26:57 +00:00

.gitignore

feat: migrate authentication to Better-Auth (Phase 1)

2026-03-28 04:46:10 +00:00

.grype.yaml

fix: resolve HIGH-severity CVEs in receiptwitness image

2026-04-19 00:48:02 +00:00

CLAUDE.md

docs: update CLAUDE.md for standalone frontend repo

2026-04-19 12:39:12 +00:00

Dockerfile

fix: remediate high-severity CVEs in Docker images

2026-04-14 23:51:42 +00:00

eslint.config.js

feat: add core PWA screens (auth, dashboard, purchases, products, alerts, settings)

2026-03-17 12:24:31 +00:00

index.html

feat: add core PWA screens (auth, dashboard, purchases, products, alerts, settings)

2026-03-17 12:24:31 +00:00

lighthouserc.json

fix(ci): disable FullPageScreenshot gatherer to prevent Chrome crash

2026-03-31 21:58:30 +00:00

nginx.conf

fix: restrict CORS to explicit methods and add security headers

2026-04-14 11:49:02 +00:00

package-lock.json

fix(app): bump vitest to 3.2.6 to clear npm audit gate (CAR-1335)

2026-06-09 05:29:53 +00:00

package.json

fix(app): bump vitest to 3.2.6 to clear npm audit gate (CAR-1335)

2026-06-09 05:29:53 +00:00

playwright.config.ts

fix: remove VITE_MOCK_AUTH bypass from production code

2026-04-14 15:37:24 +00:00

README.md

test

2026-03-30 00:50:51 +00:00

renovate.json

feat: add Renovate dependency update config

2026-03-18 18:21:31 +00:00

tsconfig.app.json

feat: add core PWA screens (auth, dashboard, purchases, products, alerts, settings)

2026-03-17 12:24:31 +00:00

tsconfig.json

feat: add core PWA screens (auth, dashboard, purchases, products, alerts, settings)

2026-03-17 12:24:31 +00:00

tsconfig.node.json

feat: add core PWA screens (auth, dashboard, purchases, products, alerts, settings)

2026-03-17 12:24:31 +00:00

vite.config.ts

feat: add core PWA screens (auth, dashboard, purchases, products, alerts, settings)

2026-03-17 12:24:31 +00:00

vitest.config.ts

fix(ci): exclude e2e tests from vitest

2026-03-30 19:49:23 +00:00

README.md

CartSnitch

Languages

TypeScript 95.3%

Shell 2.9%

Dockerfile 0.5%

JavaScript 0.5%

HTML 0.5%

Other 0.3%