Add .mcp.json

Merge pull request 'Promote to Production: CAR-894 Gitea workflows migration' (#36 ) from uat into main
Merge pull request 'Promote dev → uat: test fixes (CAR-1006)' (#33 ) from dev into uat
2026-05-25 21:46:58 +00:00 · 2026-05-24 18:51:43 +00:00 · 2026-05-23 23:43:08 +00:00 · 2026-05-23 23:25:03 +00:00 · 2026-05-23 23:12:10 +00:00 · 2026-05-23 23:11:54 +00:00
21 changed files with 1653 additions and 123 deletions
@@ -2,9 +2,9 @@ name: CI

 on:
  push:
-    branches: [main, dev]
+    branches: [main, dev, uat]
  pull_request:
-    branches: [main, dev]
+    branches: [main, dev, uat]

 concurrency:
  group: ci-${{ github.ref }}
@@ -15,18 +15,17 @@ permissions:
  packages: write

 env:
-  REGISTRY: ghcr.io
+  REGISTRY: git.farh.net
  IMAGE_NAME: cartsnitch/api

 jobs:
  lint:
-    runs-on: runners-cartsnitch
+    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-python@v5
        with:
          python-version: "3.12"
-          cache: pip
      - run: pip install ruff
      - name: Ruff lint
        run: ruff check .
@@ -34,14 +33,13 @@ jobs:
        run: ruff format --check .

  typecheck:
-    runs-on: runners-cartsnitch
+    runs-on: ubuntu-latest
    continue-on-error: true
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-python@v5
        with:
          python-version: "3.12"
-          cache: pip
      - name: Install system dependencies
        run: sudo apt-get update && sudo apt-get install -y libpq-dev build-essential
      - run: pip install -e ".[dev]" mypy
@@ -49,13 +47,10 @@ jobs:
        run: mypy src/cartsnitch_api

  test:
-    runs-on: runners-cartsnitch
+    runs-on: ubuntu-latest
    services:
      postgres:
        image: postgres:15-alpine
-        credentials:
-          username: ${{ secrets.DOCKERHUB_USERNAME }}
-          password: ${{ secrets.DOCKERHUB_TOKEN }}
        env:
          POSTGRES_USER: cartsnitch
          POSTGRES_PASSWORD: cartsnitch_test
@@ -69,9 +64,6 @@ jobs:
          --health-retries 5
      redis:
        image: redis:7-alpine
-        credentials:
-          username: ${{ secrets.DOCKERHUB_USERNAME }}
-          password: ${{ secrets.DOCKERHUB_TOKEN }}
        ports:
          - 6379:6379
        options: >-
@@ -83,12 +75,13 @@ jobs:
      CARTSNITCH_DATABASE_URL: postgresql+asyncpg://cartsnitch:cartsnitch_test@localhost:5432/cartsnitch_test
      CARTSNITCH_REDIS_URL: redis://localhost:6379/0
      CARTSNITCH_JWT_SECRET_KEY: test-secret-do-not-use-in-prod
+      CARTSNITCH_SERVICE_KEY: test-service-key-do-not-use-in-prod
+      CARTSNITCH_FERNET_KEY: wXWQsC0FZlhSz2t_tfVQjNUSP8vgAGG3o3pkjrX8Bw0=
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-python@v5
        with:
          python-version: "3.12"
-          cache: pip
      - name: Install system dependencies
        run: sudo apt-get update && sudo apt-get install -y libpq-dev build-essential
      - run: pip install -e ".[dev]"
@@ -96,7 +89,7 @@ jobs:
        run: pytest --tb=short -q

  build-and-push:
-    runs-on: runners-cartsnitch
+    runs-on: ubuntu-latest
    needs: [lint, test]
    outputs:
      calver_tag: ${{ steps.calver.outputs.version }}
@@ -123,19 +116,8 @@ jobs:
          echo "version=$VERSION" >> "$GITHUB_OUTPUT"
          echo "CalVer tag: $VERSION"

-      - name: Log in to Docker Hub
-        uses: docker/login-action@v3
-        with:
-          username: ${{ secrets.DOCKERHUB_USERNAME }}
-          password: ${{ secrets.DOCKERHUB_TOKEN }}
-
-      - name: Log in to GHCR
-        if: github.event_name == 'push' && github.ref == 'refs/heads/main'
-        uses: docker/login-action@v3
-        with:
-          registry: ${{ env.REGISTRY }}
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Log in to Gitea Container Registry
+        run: echo "${{ github.token }}" | docker login git.farh.net -u ${{ github.actor }} --password-stdin

      - name: Extract metadata
        id: meta
@@ -172,11 +154,7 @@ jobs:
          only-fixed: "true"
          output-format: sarif

-      - name: Upload api scan results to GitHub Security
-        uses: github/codeql-action/upload-sarif@v3
-        if: always()
-        with:
-          sarif_file: ${{ steps.scan.outputs.sarif }}
+

      - name: Push Docker image
        if: github.event_name == 'push'
@@ -198,24 +176,15 @@ jobs:
          git push origin "v${{ steps.calver.outputs.version }}"

  deploy-dev:
-    runs-on: runners-cartsnitch
+    runs-on: ubuntu-latest
    needs: [build-and-push]
    if: always() && !cancelled() && github.event_name == 'push' && (github.ref == 'refs/heads/dev' || github.ref == 'refs/heads/main')
    steps:
-      - name: Generate GitHub App token
-        id: app-token
-        uses: actions/create-github-app-token@v1
-        with:
-          app-id: ${{ secrets.CARTSNITCH_APP_ID }}
-          private-key: ${{ secrets.CARTSNITCH_APP_PRIVATE_KEY }}
-          owner: ${{ github.repository_owner }}
-          repositories: infra
-
      - name: Checkout infra repo
        uses: actions/checkout@v4
        with:
          repository: cartsnitch/infra
-          token: ${{ steps.app-token.outputs.token }}
+          token: ${{ secrets.GITEA_TOKEN }}
          ref: main
          path: infra

@@ -238,7 +207,7 @@ jobs:
        if: needs.build-and-push.result == 'success'
        run: |
          cd infra/apps/overlays/dev
-          kustomize edit set image ghcr.io/cartsnitch/api:${{ steps.api_tag.outputs.tag }}
+          kustomize edit set image ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.api_tag.outputs.tag }}

      - name: Commit and push to infra
        run: |
@@ -251,24 +220,15 @@ jobs:
          git push origin main

  deploy-uat:
-    runs-on: runners-cartsnitch
+    runs-on: ubuntu-latest
    needs: [build-and-push]
    if: always() && !cancelled() && github.event_name == 'push' && (github.ref == 'refs/heads/uat' || github.ref == 'refs/heads/main')
    steps:
-      - name: Generate GitHub App token
-        id: app-token
-        uses: actions/create-github-app-token@v1
-        with:
-          app-id: ${{ secrets.CARTSNITCH_APP_ID }}
-          private-key: ${{ secrets.CARTSNITCH_APP_PRIVATE_KEY }}
-          owner: ${{ github.repository_owner }}
-          repositories: infra
-
      - name: Checkout infra repo
        uses: actions/checkout@v4
        with:
          repository: cartsnitch/infra
-          token: ${{ steps.app-token.outputs.token }}
+          token: ${{ secrets.GITEA_TOKEN }}
          ref: main
          path: infra

@@ -291,7 +251,7 @@ jobs:
        if: needs.build-and-push.result == 'success'
        run: |
          cd infra/apps/overlays/uat
-          kustomize edit set image ghcr.io/cartsnitch/api:${{ steps.api_tag.outputs.tag }}
+          kustomize edit set image ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.api_tag.outputs.tag }}

      - name: Commit and push to infra
        run: |
@@ -0,0 +1,11 @@
+{
+  "mcpServers": {
+    "gitea": {
+      "type": "http",
+      "url": "https://git-mcp.farh.net/mcp",
+      "headers": {
+        "Authorization": "Bearer ${GITEA_TOKEN}"
+      }
+    }
+  }
+}
@@ -45,7 +45,11 @@ def run_migrations_online() -> None:
        poolclass=pool.NullPool,
    )
    with connectable.connect() as connection:
-        context.configure(connection=connection, target_metadata=target_metadata, version_table_column_width=128)
+        context.configure(
+            connection=connection,
+            target_metadata=target_metadata,
+            version_table_column_width=128,
+        )
        with context.begin_transaction():
            context.run_migrations()
        # Create any tables defined in models but not yet created by migrations.
@@ -56,6 +60,7 @@ def run_migrations_online() -> None:
            connection.commit()
        except Exception as exc:
            import logging
+
            logging.getLogger("alembic.env").warning(
                "create_all failed (non-fatal, migrations should handle table creation): %s", exc
            )
@@ -30,7 +30,10 @@ def upgrade() -> None:
    if inspector.has_table("users"):
        existing_user_cols = [c["name"] for c in inspector.get_columns("users")]
        if "email_verified" not in existing_user_cols:
-            op.add_column("users", sa.Column("email_verified", sa.Boolean(), nullable=False, server_default="false"))
+            op.add_column(
+                "users",
+                sa.Column("email_verified", sa.Boolean(), nullable=False, server_default="false"),
+            )
        if "image" not in existing_user_cols:
            op.add_column("users", sa.Column("image", sa.Text(), nullable=True))

@@ -44,8 +47,18 @@ def upgrade() -> None:
            sa.Column("expires_at", sa.DateTime(timezone=True), nullable=False),
            sa.Column("ip_address", sa.Text(), nullable=True),
            sa.Column("user_agent", sa.Text(), nullable=True),
-            sa.Column("created_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
-            sa.Column("updated_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
+            sa.Column(
+                "created_at",
+                sa.DateTime(timezone=True),
+                server_default=sa.func.now(),
+                nullable=False,
+            ),
+            sa.Column(
+                "updated_at",
+                sa.DateTime(timezone=True),
+                server_default=sa.func.now(),
+                nullable=False,
+            ),
            sa.PrimaryKeyConstraint("id"),
        )
        op.create_index("ix_sessions_token", "sessions", ["token"], unique=True)
@@ -66,8 +79,18 @@ def upgrade() -> None:
            sa.Column("scope", sa.Text(), nullable=True),
            sa.Column("id_token", sa.Text(), nullable=True),
            sa.Column("password", sa.Text(), nullable=True),
-            sa.Column("created_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
-            sa.Column("updated_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
+            sa.Column(
+                "created_at",
+                sa.DateTime(timezone=True),
+                server_default=sa.func.now(),
+                nullable=False,
+            ),
+            sa.Column(
+                "updated_at",
+                sa.DateTime(timezone=True),
+                server_default=sa.func.now(),
+                nullable=False,
+            ),
            sa.PrimaryKeyConstraint("id"),
        )
        op.create_index("ix_accounts_user_id", "accounts", ["user_id"])
@@ -80,8 +103,18 @@ def upgrade() -> None:
            sa.Column("identifier", sa.Text(), nullable=False),
            sa.Column("value", sa.Text(), nullable=False),
            sa.Column("expires_at", sa.DateTime(timezone=True), nullable=False),
-            sa.Column("created_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
-            sa.Column("updated_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
+            sa.Column(
+                "created_at",
+                sa.DateTime(timezone=True),
+                server_default=sa.func.now(),
+                nullable=False,
+            ),
+            sa.Column(
+                "updated_at",
+                sa.DateTime(timezone=True),
+                server_default=sa.func.now(),
+                nullable=False,
+            ),
            sa.PrimaryKeyConstraint("id"),
        )

@@ -96,8 +129,10 @@ def upgrade() -> None:
            user_id_str = str(user_id)
            conn.execute(
                text(
-                    "INSERT INTO accounts (id, user_id, account_id, provider_id, password, created_at, updated_at) "
-                    "VALUES (gen_random_uuid()::text, :user_id, :account_id, 'credential', :password, now(), now())"
+                    "INSERT INTO accounts "
+                    "(id, user_id, account_id, provider_id, password, created_at, updated_at) "
+                    "VALUES (gen_random_uuid()::text, :user_id, :account_id, "
+                    "'credential', :password, now(), now())"
                ),
                {"user_id": user_id_str, "account_id": user_id_str, "password": hashed_password},
            )
@@ -40,7 +40,12 @@ def upgrade() -> None:
            return  # already TEXT — nothing to do

    # Step 1: Drop existing FK constraints (ignore if they don't exist)
-    op.execute(text("ALTER TABLE user_store_accounts DROP CONSTRAINT IF EXISTS user_store_accounts_user_id_fkey"))
+    op.execute(
+        text(
+            "ALTER TABLE user_store_accounts "
+            "DROP CONSTRAINT IF EXISTS user_store_accounts_user_id_fkey"
+        )
+    )
    op.execute(text("ALTER TABLE purchases DROP CONSTRAINT IF EXISTS purchases_user_id_fkey"))

    # Step 2: Alter users.id from uuid to text
@@ -89,7 +94,12 @@ def upgrade() -> None:

 def downgrade() -> None:
    # Drop FK constraints
-    op.execute(text("ALTER TABLE user_store_accounts DROP CONSTRAINT IF EXISTS user_store_accounts_user_id_fkey"))
+    op.execute(
+        text(
+            "ALTER TABLE user_store_accounts "
+            "DROP CONSTRAINT IF EXISTS user_store_accounts_user_id_fkey"
+        )
+    )
    op.execute(text("ALTER TABLE purchases DROP CONSTRAINT IF EXISTS purchases_user_id_fkey"))

    # Revert users.id from text to uuid
@@ -20,7 +20,7 @@ depends_on = None
 def upgrade() -> None:
    conn = op.get_bind()
    inspector = sa.inspect(conn)
-    # Guard: on a fresh DB Base.metadata.create_all creates users table with the column already present
+    # Guard: on fresh DB, Base.metadata.create_all already has the column
    if not inspector.has_table("users"):
        return
    existing_cols = [c["name"] for c in inspector.get_columns("users")]
@@ -6,6 +6,7 @@ Create Date: 2026-04-04
 """

 import sqlalchemy as sa
+
 from alembic import op

 revision = "006_email_inbound_token_server_default"
@@ -29,7 +30,8 @@ def upgrade() -> None:
        "users",
        "email_inbound_token",
        server_default=sa.text(
-            "replace(replace(trim(trailing '=' from encode(gen_random_bytes(16), 'base64')), '+', '-'), '/', '_')"
+            "replace(replace(trim(trailing '=' from "
+            "encode(gen_random_bytes(16), 'base64')), '+', '-'), '/', '_')"
        ),
    )

@@ -27,7 +27,8 @@ def upgrade() -> None:
    if inspector.has_table("users"):
        return  # Table already exists (non-fresh DB or create_all already ran)

-    conn.execute(text("""
+    conn.execute(
+        text("""
        CREATE TABLE users (
            id TEXT PRIMARY KEY,
            email VARCHAR(255) NOT NULL UNIQUE,
@@ -36,11 +37,20 @@ def upgrade() -> None:
            email_verified BOOLEAN NOT NULL DEFAULT false,
            image TEXT,
            email_inbound_token VARCHAR(22) NOT NULL UNIQUE
-                DEFAULT replace(replace(trim(trailing '=' from encode(gen_random_bytes(16), 'base64')), '+', '-'), '/', '_'),
+                DEFAULT (
+                    replace(
+                        replace(
+                            trim(trailing '=' from encode(gen_random_bytes(16), 'base64')),
+                            '+', '-'
+                        ),
+                        '/', '_'
+                    )
+                ),
            created_at TIMESTAMPTZ NOT NULL DEFAULT now(),
            updated_at TIMESTAMPTZ NOT NULL DEFAULT now()
        )
-    """))
+    """)
+    )


 def downgrade() -> None:
@@ -29,8 +29,18 @@ def upgrade() -> None:
            sa.Column("slug", sa.String(20), nullable=False, unique=True),
            sa.Column("logo_url", sa.String(500), nullable=True),
            sa.Column("website_url", sa.String(500), nullable=True),
-            sa.Column("created_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
-            sa.Column("updated_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
+            sa.Column(
+                "created_at",
+                sa.DateTime(timezone=True),
+                server_default=sa.func.now(),
+                nullable=False,
+            ),
+            sa.Column(
+                "updated_at",
+                sa.DateTime(timezone=True),
+                server_default=sa.func.now(),
+                nullable=False,
+            ),
        )

    # 2. store_locations
@@ -45,8 +55,18 @@ def upgrade() -> None:
            sa.Column("zip", sa.String(10), nullable=False),
            sa.Column("lat", sa.Float(), nullable=True),
            sa.Column("lng", sa.Float(), nullable=True),
-            sa.Column("created_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
-            sa.Column("updated_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
+            sa.Column(
+                "created_at",
+                sa.DateTime(timezone=True),
+                server_default=sa.func.now(),
+                nullable=False,
+            ),
+            sa.Column(
+                "updated_at",
+                sa.DateTime(timezone=True),
+                server_default=sa.func.now(),
+                nullable=False,
+            ),
        )

    # 3. normalized_products
@@ -61,8 +81,18 @@ def upgrade() -> None:
            sa.Column("size", sa.String(50), nullable=True),
            sa.Column("size_unit", sa.String(10), nullable=True),
            sa.Column("upc_variants", sa.JSON(), nullable=True),
-            sa.Column("created_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
-            sa.Column("updated_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
+            sa.Column(
+                "created_at",
+                sa.DateTime(timezone=True),
+                server_default=sa.func.now(),
+                nullable=False,
+            ),
+            sa.Column(
+                "updated_at",
+                sa.DateTime(timezone=True),
+                server_default=sa.func.now(),
+                nullable=False,
+            ),
        )

    # 4. purchases
@@ -72,7 +102,9 @@ def upgrade() -> None:
            sa.Column("id", sa.Uuid(), server_default=text("gen_random_uuid()"), primary_key=True),
            sa.Column("user_id", sa.Text(), sa.ForeignKey("users.id"), nullable=False),
            sa.Column("store_id", sa.Uuid(), sa.ForeignKey("stores.id"), nullable=False),
-            sa.Column("store_location_id", sa.Uuid(), sa.ForeignKey("store_locations.id"), nullable=True),
+            sa.Column(
+                "store_location_id", sa.Uuid(), sa.ForeignKey("store_locations.id"), nullable=True
+            ),
            sa.Column("receipt_id", sa.String(200), nullable=False),
            sa.Column("purchase_date", sa.Date(), nullable=False),
            sa.Column("total", sa.Numeric(10, 2), nullable=False),
@@ -81,9 +113,24 @@ def upgrade() -> None:
            sa.Column("savings_total", sa.Numeric(10, 2), nullable=True),
            sa.Column("source_url", sa.String(500), nullable=True),
            sa.Column("raw_data", sa.JSON(), nullable=True),
-            sa.Column("ingested_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
-            sa.Column("created_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
-            sa.Column("updated_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
+            sa.Column(
+                "ingested_at",
+                sa.DateTime(timezone=True),
+                server_default=sa.func.now(),
+                nullable=False,
+            ),
+            sa.Column(
+                "created_at",
+                sa.DateTime(timezone=True),
+                server_default=sa.func.now(),
+                nullable=False,
+            ),
+            sa.Column(
+                "updated_at",
+                sa.DateTime(timezone=True),
+                server_default=sa.func.now(),
+                nullable=False,
+            ),
            sa.UniqueConstraint("user_id", "store_id", "receipt_id", name="uq_purchase_receipt"),
            sa.Index("ix_purchases_user_store", "user_id", "store_id"),
        )
@@ -104,9 +151,24 @@ def upgrade() -> None:
            sa.Column("coupon_discount", sa.Numeric(10, 2), nullable=True),
            sa.Column("loyalty_discount", sa.Numeric(10, 2), nullable=True),
            sa.Column("category_raw", sa.String(100), nullable=True),
-            sa.Column("normalized_product_id", sa.Uuid(), sa.ForeignKey("normalized_products.id"), nullable=True),
-            sa.Column("created_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
-            sa.Column("updated_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
+            sa.Column(
+                "normalized_product_id",
+                sa.Uuid(),
+                sa.ForeignKey("normalized_products.id"),
+                nullable=True,
+            ),
+            sa.Column(
+                "created_at",
+                sa.DateTime(timezone=True),
+                server_default=sa.func.now(),
+                nullable=False,
+            ),
+            sa.Column(
+                "updated_at",
+                sa.DateTime(timezone=True),
+                server_default=sa.func.now(),
+                nullable=False,
+            ),
        )

    # 6. coupons
@@ -115,7 +177,12 @@ def upgrade() -> None:
            "coupons",
            sa.Column("id", sa.Uuid(), server_default=text("gen_random_uuid()"), primary_key=True),
            sa.Column("store_id", sa.Uuid(), sa.ForeignKey("stores.id"), nullable=False),
-            sa.Column("normalized_product_id", sa.Uuid(), sa.ForeignKey("normalized_products.id"), nullable=True),
+            sa.Column(
+                "normalized_product_id",
+                sa.Uuid(),
+                sa.ForeignKey("normalized_products.id"),
+                nullable=True,
+            ),
            sa.Column("title", sa.String(300), nullable=False),
            sa.Column("description", sa.String(1000), nullable=True),
            sa.Column("discount_type", sa.String(20), nullable=False),
@@ -127,8 +194,18 @@ def upgrade() -> None:
            sa.Column("coupon_code", sa.String(100), nullable=True),
            sa.Column("source_url", sa.String(500), nullable=True),
            sa.Column("scraped_at", sa.DateTime(timezone=True), nullable=True),
-            sa.Column("created_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
-            sa.Column("updated_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
+            sa.Column(
+                "created_at",
+                sa.DateTime(timezone=True),
+                server_default=sa.func.now(),
+                nullable=False,
+            ),
+            sa.Column(
+                "updated_at",
+                sa.DateTime(timezone=True),
+                server_default=sa.func.now(),
+                nullable=False,
+            ),
        )

    # 7. price_history
@@ -136,7 +213,12 @@ def upgrade() -> None:
        op.create_table(
            "price_history",
            sa.Column("id", sa.Uuid(), server_default=text("gen_random_uuid()"), primary_key=True),
-            sa.Column("normalized_product_id", sa.Uuid(), sa.ForeignKey("normalized_products.id"), nullable=False),
+            sa.Column(
+                "normalized_product_id",
+                sa.Uuid(),
+                sa.ForeignKey("normalized_products.id"),
+                nullable=False,
+            ),
            sa.Column("store_id", sa.Uuid(), sa.ForeignKey("stores.id"), nullable=False),
            sa.Column("observed_date", sa.Date(), nullable=False),
            sa.Column("regular_price", sa.Numeric(10, 2), nullable=False),
@@ -144,10 +226,27 @@ def upgrade() -> None:
            sa.Column("loyalty_price", sa.Numeric(10, 2), nullable=True),
            sa.Column("coupon_price", sa.Numeric(10, 2), nullable=True),
            sa.Column("source", sa.String(20), nullable=False),
-            sa.Column("purchase_item_id", sa.Uuid(), sa.ForeignKey("purchase_items.id"), nullable=True),
-            sa.Column("created_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
-            sa.Column("updated_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
-            sa.Index("ix_price_history_product_store_date", "normalized_product_id", "store_id", "observed_date"),
+            sa.Column(
+                "purchase_item_id", sa.Uuid(), sa.ForeignKey("purchase_items.id"), nullable=True
+            ),
+            sa.Column(
+                "created_at",
+                sa.DateTime(timezone=True),
+                server_default=sa.func.now(),
+                nullable=False,
+            ),
+            sa.Column(
+                "updated_at",
+                sa.DateTime(timezone=True),
+                server_default=sa.func.now(),
+                nullable=False,
+            ),
+            sa.Index(
+                "ix_price_history_product_store_date",
+                "normalized_product_id",
+                "store_id",
+                "observed_date",
+            ),
        )

    # 8. shrinkflation_events
@@ -155,7 +254,12 @@ def upgrade() -> None:
        op.create_table(
            "shrinkflation_events",
            sa.Column("id", sa.Uuid(), server_default=text("gen_random_uuid()"), primary_key=True),
-            sa.Column("normalized_product_id", sa.Uuid(), sa.ForeignKey("normalized_products.id"), nullable=False),
+            sa.Column(
+                "normalized_product_id",
+                sa.Uuid(),
+                sa.ForeignKey("normalized_products.id"),
+                nullable=False,
+            ),
            sa.Column("detected_date", sa.Date(), nullable=False),
            sa.Column("old_size", sa.String(50), nullable=False),
            sa.Column("new_size", sa.String(50), nullable=False),
@@ -165,8 +269,18 @@ def upgrade() -> None:
            sa.Column("price_at_new_size", sa.Numeric(10, 2), nullable=True),
            sa.Column("confidence", sa.Numeric(3, 2), server_default=text("1.00"), nullable=False),
            sa.Column("notes", sa.String(1000), nullable=True),
-            sa.Column("created_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
-            sa.Column("updated_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
+            sa.Column(
+                "created_at",
+                sa.DateTime(timezone=True),
+                server_default=sa.func.now(),
+                nullable=False,
+            ),
+            sa.Column(
+                "updated_at",
+                sa.DateTime(timezone=True),
+                server_default=sa.func.now(),
+                nullable=False,
+            ),
        )

    # 9. user_store_accounts
@@ -180,8 +294,18 @@ def upgrade() -> None:
            sa.Column("session_expires_at", sa.DateTime(timezone=True), nullable=True),
            sa.Column("last_sync_at", sa.DateTime(timezone=True), nullable=True),
            sa.Column("status", sa.String(20), server_default=text("'active'"), nullable=False),
-            sa.Column("created_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
-            sa.Column("updated_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
+            sa.Column(
+                "created_at",
+                sa.DateTime(timezone=True),
+                server_default=sa.func.now(),
+                nullable=False,
+            ),
+            sa.Column(
+                "updated_at",
+                sa.DateTime(timezone=True),
+                server_default=sa.func.now(),
+                nullable=False,
+            ),
            sa.UniqueConstraint("user_id", "store_id", name="uq_user_store_account"),
        )

@@ -6,6 +6,7 @@ Create Date: 2026-04-14
 """

 import sqlalchemy as sa
+
 from alembic import op

 revision = "009_add_gin_index_upc_variants"
@@ -5,7 +5,8 @@ Sessions are verified by querying the shared sessions table directly.
 """

 from datetime import UTC, datetime
-from fastapi import Cookie, Depends, Header, HTTPException, Request, status
+
+from fastapi import Depends, Header, HTTPException, Request, status
 from fastapi.security import HTTPAuthorizationCredentials, HTTPBearer
 from sqlalchemy import text
 from sqlalchemy.ext.asyncio import AsyncSession
@@ -6,13 +6,10 @@ endpoints that query our own user data from the shared database.
 """

 from fastapi import APIRouter, Depends, HTTPException, status
-from pydantic import BaseModel
-from sqlalchemy import select
 from sqlalchemy.ext.asyncio import AsyncSession

 from cartsnitch_api.auth.dependencies import get_current_user
 from cartsnitch_api.database import get_db
-from cartsnitch_api.models import User
 from cartsnitch_api.schemas import (
    UpdateUserRequest,
    UserResponse,
@@ -23,7 +23,12 @@ class Settings(BaseSettings):

    auth_service_url: str = "http://auth:3001"

-    cors_origins: list[str] = ["http://localhost:3000", "https://cartsnitch.com"]
+    cors_origins: list[str] = [
+        "http://localhost:3000",
+        "https://cartsnitch.com",
+        "https://dev.cartsnitch.com",
+        "https://uat.cartsnitch.com",
+    ]

    receiptwitness_url: str = "http://receiptwitness:8001"
    stickershock_url: str = "http://stickershock:8002"
@@ -6,10 +6,10 @@ from fastapi import APIRouter, FastAPI

 from cartsnitch_api.auth.routes import router as auth_router
 from cartsnitch_api.cache import cache_client
+from cartsnitch_api.middleware.audit import add_audit_middleware
 from cartsnitch_api.middleware.cors import add_cors_middleware
 from cartsnitch_api.middleware.error_handler import add_error_handlers, add_error_monitor_middleware
 from cartsnitch_api.middleware.rate_limit import add_rate_limit_middleware
-from cartsnitch_api.middleware.audit import add_audit_middleware
 from cartsnitch_api.routes.alerts import router as alerts_router
 from cartsnitch_api.routes.coupons import router as coupons_router
 from cartsnitch_api.routes.health import router as health_router
@@ -26,6 +26,7 @@ from cartsnitch_api.routes.user import router as user_router
@asynccontextmanager
 async def lifespan(app: FastAPI):
    from cartsnitch_api.database import dispose_engine
+
    await cache_client.initialize()
    yield
    await cache_client.close()
@@ -26,9 +26,7 @@ class User(TimestampMixin, Base):
    email: Mapped[str] = mapped_column(String(255), nullable=False, unique=True)
    hashed_password: Mapped[str | None] = mapped_column(String(255), nullable=True)
    display_name: Mapped[str | None] = mapped_column(String(100))
-    email_verified: Mapped[bool] = mapped_column(
-        Boolean, nullable=False, server_default="false"
-    )
+    email_verified: Mapped[bool] = mapped_column(Boolean, nullable=False, server_default="false")
    image: Mapped[str | None] = mapped_column(Text, nullable=True)
    email_inbound_token: Mapped[str] = mapped_column(
        String(22),
@@ -36,7 +34,8 @@ class User(TimestampMixin, Base):
        unique=True,
        default=lambda: secrets.token_urlsafe(16),
        server_default=sa.text(
-            "replace(replace(trim(trailing '=' from encode(gen_random_bytes(16), 'base64')), '+', '-'), '/', '_')"
+            "replace(replace(trim(trailing '=' from "
+            "encode(gen_random_bytes(16), 'base64')), '+', '-'), '/', '_')"
        ),
    )

@@ -53,6 +53,10 @@ def disable_rate_limiting():
 def engine():
    """Sync in-memory SQLite engine for model unit tests."""
    eng = create_engine("sqlite:///:memory:")
+    from cartsnitch_api.models.user import User
+
+    col = User.__table__.columns["email_inbound_token"]
+    col.server_default = None
    Base.metadata.create_all(eng)
    yield eng
    eng.dispose()
@@ -77,6 +81,9 @@ async def db_engine():
        cursor.close()

    async with engine.begin() as conn:
+        from cartsnitch_api.models.user import User
+
+        User.__table__.columns["email_inbound_token"].server_default = None
        await conn.run_sync(Base.metadata.create_all)
        # Create Better-Auth tables (not managed by SQLAlchemy models)
        await conn.execute(
@@ -177,8 +184,10 @@ async def _create_test_user_and_session(
    async with db_engine.begin() as conn:
        await conn.execute(
            text(
-                "INSERT INTO users (id, email, hashed_password, display_name, email_verified, created_at, updated_at) "
-                "VALUES (:id, :email, :hashed_password, :display_name, :email_verified, :created_at, :updated_at)"
+                "INSERT INTO users (id, email, hashed_password, display_name, "
+                "email_verified, email_inbound_token, created_at, updated_at) "
+                "VALUES (:id, :email, :hashed_password, :display_name, "
+                ":email_verified, :email_inbound_token, :created_at, :updated_at)"
            ),
            {
                "id": user_id,
@@ -186,6 +195,7 @@ async def _create_test_user_and_session(
                "hashed_password": "not-used-with-better-auth",
                "display_name": display_name,
                "email_verified": False,
+                "email_inbound_token": secrets.token_urlsafe(16),
                "created_at": now,
                "updated_at": now,
            },
@@ -138,8 +138,9 @@ async def test_expired_session_rejected(client, db_engine):
    async with db_engine.begin() as conn:
        await conn.execute(
            text(
-                "INSERT INTO users (id, email, hashed_password, display_name, email_verified, created_at, updated_at) "
-                "VALUES (:id, :email, :hp, :dn, :ev, :ca, :ua)"
+                "INSERT INTO users (id, email, hashed_password, display_name, "
+                "email_verified, email_inbound_token, created_at, updated_at) "
+                "VALUES (:id, :email, :hp, :dn, :ev, :token, :ca, :ua)"
            ),
            {
                "id": user_id,
@@ -147,6 +148,7 @@ async def test_expired_session_rejected(client, db_engine):
                "hp": "unused",
                "dn": "Expired User",
                "ev": False,
+                "token": secrets.token_urlsafe(16),
                "ca": now,
                "ua": now,
            },
@@ -1,7 +1,5 @@
 """Tests for Settings config, specifically the database_url env var fallback."""

-import os
-
 from cartsnitch_api.config import Settings


@@ -30,7 +28,10 @@ def test_database_url_normalizes_plain_postgresql_prefix():
        "DATABASE_URL": "postgresql://cartsnitch:cartsnitch@localhost:5432/cartsnitch",
    }
    settings = Settings(**env)
-    assert settings.database_url == "postgresql+asyncpg://cartsnitch:cartsnitch@localhost:5432/cartsnitch"
+    assert (
+        settings.database_url
+        == "postgresql+asyncpg://cartsnitch:cartsnitch@localhost:5432/cartsnitch"
+    )


 def test_database_url_preserves_asyncpg_prefix():
@@ -39,10 +40,16 @@ def test_database_url_preserves_asyncpg_prefix():
        "CARTSNITCH_DATABASE_URL": "postgresql+asyncpg://cartsnitch:cartsnitch@localhost:5432/cartsnitch",
    }
    settings = Settings(**env)
-    assert settings.database_url == "postgresql+asyncpg://cartsnitch:cartsnitch@localhost:5432/cartsnitch"
+    assert (
+        settings.database_url
+        == "postgresql+asyncpg://cartsnitch:cartsnitch@localhost:5432/cartsnitch"
+    )


 def test_database_url_default():
    """When neither env var is set, the hardcoded default is used."""
    settings = Settings()
-    assert settings.database_url == "postgresql+asyncpg://cartsnitch:cartsnitch@localhost:5432/cartsnitch"
+    assert (
+        settings.database_url
+        == "postgresql+asyncpg://cartsnitch:cartsnitch@localhost:5432/cartsnitch"
+    )
@@ -65,8 +65,9 @@ class TestSessionValidation:
        async with db_engine.begin() as conn:
            await conn.execute(
                text(
-                    "INSERT INTO users (id, email, hashed_password, display_name, email_verified, created_at, updated_at) "
-                    "VALUES (:id, :email, :hp, :dn, :ev, :ca, :ua)"
+                    "INSERT INTO users (id, email, hashed_password, display_name, "
+                    "email_verified, email_inbound_token, created_at, updated_at) "
+                    "VALUES (:id, :email, :hp, :dn, :ev, :token, :ca, :ua)"
                ),
                {
                    "id": user_id,
@@ -74,6 +75,7 @@ class TestSessionValidation:
                    "hp": "unused",
                    "dn": "Expired User",
                    "ev": False,
+                    "token": secrets.token_urlsafe(16),
                    "ca": now,
                    "ua": now,
                },
@@ -1,7 +1,7 @@
 """Tests for rate limiting middleware."""

 import time
-from unittest.mock import AsyncMock, MagicMock, patch
+from unittest.mock import AsyncMock, MagicMock

 import pytest
Author	SHA1	Message	Date
Chris Farhood	24d1b199ea	Add .mcp.json	2026-05-25 21:46:58 +00:00
Savannah Savings	46906cc333	Merge pull request 'Promote to Production: CAR-894 Gitea workflows migration' (#36 ) from uat into main	2026-05-24 18:51:43 +00:00
Savannah Savings	0c0cc63d59	Merge pull request 'Promote dev → uat: test fixes (CAR-1006)' (#33 ) from dev into uat	2026-05-23 23:43:08 +00:00
Savannah Savings	280882f515	Merge pull request 'Fix test failures: email_inbound_token server_default for SQLite' (#29 ) from betty/fix-email-inbound-token-tests into dev Fix test failures: email_inbound_token server_default for SQLite (#29) Strip PostgreSQL-only server_default from email_inbound_token before SQLite create_all(). Add email_inbound_token to test user INSERT statements. Reviewed-by: Savannah Savings (CTO) Approved-by: Checkout Charlie (QA)	2026-05-23 23:25:03 +00:00
Savannah Savings	21443a266a	Merge pull request 'Promote dev → uat: ruff lint fixes (CAR-1004)' (#31 ) from dev into uat Promote dev → uat: ruff lint fixes (CAR-1004)	2026-05-23 23:12:10 +00:00
Savannah Savings	ec4eaa1f03	Merge pull request 'Fix ruff lint errors across codebase' (#30 ) from barcode-betty/car-1004-fix-ruff-lint into dev Merge PR #30: Fix ruff lint errors across codebase Fixes 56 ruff lint errors (E501, F401, I001) in cartsnitch/api. QA: cs_charlie APPROVED CTO: cs_savannah APPROVED	2026-05-23 23:11:54 +00:00
Barcode Betty	0e3c9fb52e	Fix: strip PostgreSQL server_default from email_inbound_token for SQLite The email_inbound_token column uses a PostgreSQL-only server_default (gen_random_bytes/encode/trim) that SQLite cannot parse. Strip the server_default before metadata.create_all() in both the sync engine and async db_engine fixtures so tests run against SQLite. Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-23 23:07:39 +00:00
Barcode Betty	cc6ca5982c	fix: resolve email_inbound_token conflict in test fixtures Rebase on latest dev and wrap SQL INSERT lines to honor ruff line-length=100. Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-23 23:00:02 +00:00
Barcode Betty	c9fd066c31	fix: resolve email_inbound_token conflict in test fixtures	2026-05-23 22:57:16 +00:00
Barcode Betty	c68838acf2	Fix ruff lint errors across codebase - Auto-fix F401 (unused imports) and I001 (unsorted imports) with ruff --fix - Manually fix E501 (line too long) in alembic migrations and src/ models - Run ruff format to ensure consistent formatting Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-23 22:47:17 +00:00
Savannah Savings	4751154679	Merge pull request 'Fix ruff lint errors across codebase' (#28 ) from cs_betty/api:betty/car-932-lint-fixes into dev Merge PR #28: Fix ruff lint errors across codebase	2026-05-23 22:44:02 +00:00
Savannah Savings	6799b0e7b1	Merge pull request 'promote: dev → uat (CAR-995 CI registry migration)' (#27 ) from dev into uat promote: dev → uat (CAR-995 CI registry migration) (#27)	2026-05-23 22:31:54 +00:00
Savannah Savings	71cf0a4563	Merge pull request 'ci: migrate from ghcr.io to Gitea built-in registry' (#25 ) from fix/cart-995-gitea-registry-migration into dev ci: migrate from ghcr.io to Gitea built-in registry (#25) CAR-995: Update CI workflow to use Gitea built-in container registry. - REGISTRY env var: ghcr.io -> git.farh.net - Replace Docker Hub/GHCR login with direct docker login using github.token - Remove Docker Hub credentials from service containers - Update deploy kustomize image refs to use env vars	2026-05-23 22:31:36 +00:00
Barcode Betty	9659e63208	ci: migrate from ghcr.io to Gitea built-in registry - Update REGISTRY env var: ghcr.io -> git.farh.net - Replace Docker Hub + GHCR login with Gitea login step - Remove credentials blocks from postgres and redis service definitions - Update deploy-dev/deploy-uat kustomize image refs to use $REGISTRY var Fixes QA FAIL from PR #23: missing Gitea login step. Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-23 22:14:55 +00:00
Savannah Savings	50110a54b7	Merge pull request 'Promote dev → uat: CI pipeline fixes (CAR-1000)' (#24 ) from dev into uat Promote dev → uat: CI pipeline fixes (CAR-1000) Promotes PR #22 fixes to UAT environment.	2026-05-23 22:14:44 +00:00
Savannah Savings	5c33b6ee38	Merge pull request 'Fix CI pipeline failures in cartsnitch/api' (#22 ) from cs_betty/api:barcode-betty/fix-ci-pipeline into dev Merge PR #22: Fix CI pipeline failures in cartsnitch/api Fixes: - Remove cache: pip from setup-python to fix intermittent tar corruption - Add CARTSNITCH_SERVICE_KEY and CARTSNITCH_FERNET_KEY test env vars Reviewed-by: Savannah Savings (CTO) Approved-by: Checkout Charlie (QA)	2026-05-23 22:13:56 +00:00
Barcode Betty	ae2fc15a5b	fix: resolve lint errors in test files [CAR-932] Fix 56 lint errors in test files that were blocking CI: - E501: Split long SQL INSERT statements across multiple lines - F401: Remove unused imports (os, unittest.mock.patch) Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-23 22:09:33 +00:00
Flea Flicker	cf4b29b8d3	Fix CI pipeline failures: remove pip cache from setup-python, add missing env vars - Remove 'cache: pip' from setup-python in lint, typecheck, test jobs to fix intermittent 'archive/tar: write too long' errors on act_runner pods - Add CARTSNITCH_SERVICE_KEY and CARTSNITCH_FERNET_KEY to test job env to satisfy Settings pydantic model requirements Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-23 21:57:04 +00:00
Savannah Savings	28ad343759	Merge pull request 'chore: promote dev to uat (dispose_engine fix, CAR-932)' (#20 ) from dev into uat chore: promote dev to uat (dispose_engine fix, CAR-932)	2026-05-23 21:52:24 +00:00
Savannah Savings	23899f6c8d	Merge pull request 'fix: remove dead dispose_engine import from API main.py [CAR-932]' (#16 ) from betty/car-932-fix-dispose-engine into dev fix: remove dead dispose_engine import from API main.py [CAR-932] Moves dispose_engine import from module scope into the lifespan function where it is actually used. Fixes ImportError crashing API pods. Reviewed-by: cs_charlie (QA) Approved-by: cs_savannah (CTO) CI-override: pre-existing failures unrelated to this change	2026-05-23 21:51:56 +00:00
Savannah Savings	06c6dbed5c	Merge pull request 'promote: dev → uat (CAR-992 cors_origins fix)' (#15 ) from dev into uat promote: dev → uat (CAR-992 cors_origins fix) (#15)	2026-05-23 20:56:06 +00:00
Savannah Savings	1805ff93cf	Merge pull request 'fix: add UAT/dev domains to cors_origins' (#14 ) from cs_betty/api:car992-fix into dev fix: add UAT/dev domains to cors_origins (#14) Refs: CAR-992	2026-05-23 20:55:39 +00:00
Barcode Betty	ba88fad48b	fix: remove dead dispose_engine import from API main.py The top-level import of dispose_engine from cartsnitch_api.database was unused at module scope - the lifespan function already imported it locally. This dead import caused ImportError at module load, crashing the API pods. Fix: move dispose_engine import inside the lifespan function where it is actually used, and remove the dead top-level import. Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-23 20:54:39 +00:00
Barcode Betty	0127c16d0b	fix: add UAT/dev domains to cors_origins Add dev.cartsnitch.com and uat.cartsnitch.com to the CORS origins list to match the infra HTTPRoute domains and fix auth blocking on UAT. Refs: CAR-992 Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-23 20:45:56 +00:00
Savannah Savings	228a83c355	Merge pull request 'promote: dev → uat (CI trigger fix)' (#10 ) from dev into uat promote: dev → uat (CI trigger fix) (#10) Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-21 14:39:13 +00:00
Savannah Savings	7fd8e90b9c	Merge pull request 'fix(ci): add uat branch to workflow triggers' (#9 ) from savannah/fix-ci-uat-trigger into dev fix(ci): add uat branch to workflow triggers (#9) Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-21 14:38:59 +00:00
Savannah Savings	e429786696	fix(ci): add uat branch to workflow triggers The on.push and on.pull_request triggers only listed [main, dev]. The deploy-uat job condition checks for refs/heads/uat but the workflow never fires on uat pushes. Add uat to both trigger lists. Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-21 14:37:47 +00:00
Savannah Savings	fbfedd4e8f	Merge pull request 'chore: promote dev to uat (CAR-898 workflow move)' (#7 ) from dev into uat chore: promote dev to uat (CAR-898 workflow move) (#7)	2026-05-21 13:05:23 +00:00
Savannah Savings	6b54a5ee7f	Merge pull request 'chore: move workflows from .github to .gitea' (#6 ) from barcode-betty/move-workflows-to-gitea into dev chore: move workflows from .github to .gitea (#6) Part of Gitea migration (CAR-893).	2026-05-21 13:05:07 +00:00
Barcode Betty	4e38dd4a0e	chore: move workflows from .github to .gitea Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-21 12:30:57 +00:00
Coupon Carl	6a8db71537	Merge pull request 'ci: promote Gitea Actions conversion to UAT' (#5 ) from dev into uat	2026-05-21 04:55:13 +00:00
Coupon Carl	3a4bf6fb30	Merge pull request 'ci: convert GitHub Actions to Gitea Actions (ubuntu-latest)' (#4 ) from betty/car-869-gitea-actions-api into dev	2026-05-21 04:54:50 +00:00
Barcode Betty	0c3c549a6a	ci: convert GitHub Actions to Gitea Actions (ubuntu-latest) - Replace runs-on: runners-cartsnitch with ubuntu-latest (6 jobs) - Remove SARIF upload step (github/codeql-action/upload-sarif) - Replace GitHub App token with secrets.GITEA_TOKEN in deploy-dev and deploy-uat Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-21 03:57:49 +00:00
cartsnitch-ceo[bot]	cb180b511f	release: promote API migration to production Production merge approved by CEO (Coupon Carl). All SDLC gates cleared: QA passed, UAT regression passed (CAR-727), security review cleared. Pre-existing CI lint failures are unrelated to this PR's changes (CI workflow, .grype.yaml, CLAUDE.md only).	2026-04-19 12:27:19 +00:00
savannah-savings-cto[bot]	556b43b424	Merge pull request #2 from cartsnitch/dev chore: promote dev to uat	2026-04-19 12:11:48 +00:00