Compare commits

..

6 Commits

Author SHA1 Message Date
Barcode Betty a55c64a9c8 fix e2e: update auth route mocks and config for Better Auth 2026-04-15 21:18:45 +00:00
Barcode Betty 3a67b26e1f fix(e2e): add mock for /auth/session endpoint
The J8 test calls /api/auth/session which maps to /auth/session in Better Auth. Adding mock to ensure consistent behavior.

Co-Authored-By: Paperclip <noreply@paperclip.ing>
2026-04-15 11:13:21 +00:00
Barcode Betty 271406de9e fix(e2e): correct Better Auth mock response formats
- sign-up returns { token, user }
- sign-in returns { redirect, token, user }
- get-session returns { session, user }

Co-Authored-By: Paperclip <noreply@paperclip.ing>
2026-04-15 11:06:19 +00:00
Barcode Betty d0b855b45d fix(e2e): use more permissive regex patterns for route mocking
Use wildcard patterns to match URLs with query parameters or trailing slashes.

Co-Authored-By: Paperclip <noreply@paperclip.ing>
2026-04-15 11:00:56 +00:00
Barcode Betty 14e17c5fc6 fix(e2e): correct Better Auth mock route patterns
- Changed sign-up route from /auth/register to /auth/sign-up/email
- Changed session route from /auth/session to /auth/get-session

Better Auth hits /auth/sign-up/email for registration and /auth/get-session for session checks.

Co-Authored-By: Paperclip <noreply@paperclip.ing>
2026-04-15 10:44:57 +00:00
Barcode Betty 70b0801228 fix(e2e): replace VITE_MOCK_AUTH with Playwright route mocking
- Removed VITE_MOCK_AUTH=true from playwright.config.ts webServer command
- Added mockAuthRoutes helper to e2e/fixtures.ts to mock /auth/* endpoints
- Updated j1-registration-login.spec.ts to use route mocking instead
  of env var-based mock auth

Co-Authored-By: Paperclip <noreply@paperclip.ing>
2026-04-15 10:32:24 +00:00
15 changed files with 126 additions and 185 deletions
+8 -123
View File
@@ -13,7 +13,6 @@ concurrency:
permissions: permissions:
contents: write contents: write
packages: write packages: write
security-events: write
env: env:
REGISTRY: ghcr.io REGISTRY: ghcr.io
@@ -152,44 +151,17 @@ jobs:
type=raw,value=${{ steps.calver.outputs.version }},enable=${{ github.ref == 'refs/heads/main' }} type=raw,value=${{ steps.calver.outputs.version }},enable=${{ github.ref == 'refs/heads/main' }}
type=raw,value=latest,enable=${{ github.ref == 'refs/heads/main' }} type=raw,value=latest,enable=${{ github.ref == 'refs/heads/main' }}
- name: Build Docker image - name: Build and push Docker image
uses: docker/build-push-action@v6 uses: docker/build-push-action@v6
with: with:
context: . context: .
load: true push: ${{ github.event_name == 'push' }}
tags: ${{ steps.meta.outputs.tags }} tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }} labels: ${{ steps.meta.outputs.labels }}
target: prod target: prod
cache-from: type=gha cache-from: type=gha
cache-to: type=gha,mode=max cache-to: type=gha,mode=max
- name: Scan frontend image for vulnerabilities
uses: anchore/scan-action@v5
id: scan
with:
image: "${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:sha-${{ github.sha }}"
fail-build: true
severity-cutoff: high
only-fixed: "true"
output-format: sarif
- name: Upload frontend scan results to GitHub Security
uses: github/codeql-action/upload-sarif@v3
if: always()
with:
sarif_file: ${{ steps.scan.outputs.sarif }}
- name: Push Docker image
if: github.event_name == 'push'
uses: docker/build-push-action@v6
with:
context: .
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
target: prod
cache-from: type=gha
- name: Create git tag - name: Create git tag
if: github.event_name == 'push' && github.ref == 'refs/heads/main' if: github.event_name == 'push' && github.ref == 'refs/heads/main'
run: | run: |
@@ -249,43 +221,14 @@ jobs:
type=raw,value=${{ steps.calver.outputs.version }},enable=${{ github.ref == 'refs/heads/main' }} type=raw,value=${{ steps.calver.outputs.version }},enable=${{ github.ref == 'refs/heads/main' }}
type=raw,value=latest,enable=${{ github.ref == 'refs/heads/main' }} type=raw,value=latest,enable=${{ github.ref == 'refs/heads/main' }}
- name: Build Docker image - name: Build and push auth Docker image
uses: docker/build-push-action@v6 uses: docker/build-push-action@v6
with: with:
context: ./auth context: ./auth
file: ./auth/Dockerfile file: ./auth/Dockerfile
load: true push: ${{ github.event_name == 'push' }}
tags: ${{ steps.meta.outputs.tags }} tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }} labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max
- name: Scan auth image for vulnerabilities
uses: anchore/scan-action@v5
id: scan
with:
image: "${{ env.REGISTRY }}/${{ env.AUTH_IMAGE_NAME }}:sha-${{ github.sha }}"
fail-build: true
severity-cutoff: high
only-fixed: "true"
output-format: sarif
- name: Upload auth scan results to GitHub Security
uses: github/codeql-action/upload-sarif@v3
if: always()
with:
sarif_file: ${{ steps.scan.outputs.sarif }}
- name: Push Docker image
if: github.event_name == 'push'
uses: docker/build-push-action@v6
with:
context: ./auth
file: ./auth/Dockerfile
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha
build-and-push-receiptwitness: build-and-push-receiptwitness:
runs-on: runners-cartsnitch runs-on: runners-cartsnitch
@@ -335,43 +278,14 @@ jobs:
type=raw,value=${{ steps.calver.outputs.version }},enable=${{ github.ref == 'refs/heads/main' }} type=raw,value=${{ steps.calver.outputs.version }},enable=${{ github.ref == 'refs/heads/main' }}
type=raw,value=latest,enable=${{ github.ref == 'refs/heads/main' }} type=raw,value=latest,enable=${{ github.ref == 'refs/heads/main' }}
- name: Build Docker image - name: Build and push receiptwitness image
uses: docker/build-push-action@v6 uses: docker/build-push-action@v6
with: with:
context: . context: .
file: ./receiptwitness/Dockerfile file: ./receiptwitness/Dockerfile
load: true push: ${{ github.event_name == 'push' }}
tags: ${{ steps.meta.outputs.tags }} tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }} labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max
- name: Scan receiptwitness image for vulnerabilities
uses: anchore/scan-action@v5
id: scan
with:
image: "${{ env.REGISTRY }}/${{ env.RECEIPTWITNESS_IMAGE_NAME }}:sha-${{ github.sha }}"
fail-build: true
severity-cutoff: high
only-fixed: "true"
output-format: sarif
- name: Upload receiptwitness scan results to GitHub Security
uses: github/codeql-action/upload-sarif@v3
if: always()
with:
sarif_file: ${{ steps.scan.outputs.sarif }}
- name: Push Docker image
if: github.event_name == 'push'
uses: docker/build-push-action@v6
with:
context: .
file: ./receiptwitness/Dockerfile
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha
build-and-push-api: build-and-push-api:
runs-on: runners-cartsnitch runs-on: runners-cartsnitch
@@ -421,43 +335,14 @@ jobs:
type=raw,value=${{ steps.calver.outputs.version }},enable=${{ github.ref == 'refs/heads/main' }} type=raw,value=${{ steps.calver.outputs.version }},enable=${{ github.ref == 'refs/heads/main' }}
type=raw,value=latest,enable=${{ github.ref == 'refs/heads/main' }} type=raw,value=latest,enable=${{ github.ref == 'refs/heads/main' }}
- name: Build Docker image - name: Build and push API Docker image
uses: docker/build-push-action@v6 uses: docker/build-push-action@v6
with: with:
context: ./api context: ./api
file: ./api/Dockerfile file: ./api/Dockerfile
load: true push: ${{ github.event_name == 'push' }}
tags: ${{ steps.meta.outputs.tags }} tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }} labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max
- name: Scan api image for vulnerabilities
uses: anchore/scan-action@v5
id: scan
with:
image: "${{ env.REGISTRY }}/${{ env.API_IMAGE_NAME }}:sha-${{ github.sha }}"
fail-build: true
severity-cutoff: high
only-fixed: "true"
output-format: sarif
- name: Upload api scan results to GitHub Security
uses: github/codeql-action/upload-sarif@v3
if: always()
with:
sarif_file: ${{ steps.scan.outputs.sarif }}
- name: Push Docker image
if: github.event_name == 'push'
uses: docker/build-push-action@v6
with:
context: ./api
file: ./api/Dockerfile
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha
deploy-dev: deploy-dev:
runs-on: runners-cartsnitch runs-on: runners-cartsnitch
+1 -4
View File
@@ -1,6 +1,6 @@
# Stage 1: Build # Stage 1: Build
FROM node:20-alpine AS build FROM node:20-alpine AS build
RUN apk update && apk upgrade --no-cache
WORKDIR /app WORKDIR /app
COPY package.json package-lock.json ./ COPY package.json package-lock.json ./
@@ -11,9 +11,6 @@ RUN npm run build
# Stage 2: Production — uses nginxinc/nginx-unprivileged which runs as non-root (UID 101) # Stage 2: Production — uses nginxinc/nginx-unprivileged which runs as non-root (UID 101)
FROM nginxinc/nginx-unprivileged:stable-alpine AS prod FROM nginxinc/nginx-unprivileged:stable-alpine AS prod
USER root
RUN apk update && apk upgrade --no-cache
USER 101
COPY --from=build /app/dist /usr/share/nginx/html COPY --from=build /app/dist /usr/share/nginx/html
COPY nginx.conf /etc/nginx/conf.d/default.conf COPY nginx.conf /etc/nginx/conf.d/default.conf
+2 -2
View File
@@ -1,6 +1,6 @@
FROM python:3.12-slim AS build FROM python:3.12-slim AS build
RUN apt-get update && apt-get upgrade -y && apt-get install -y --no-install-recommends \ RUN apt-get update && apt-get install -y --no-install-recommends \
libpq-dev \ libpq-dev \
build-essential \ build-essential \
&& rm -rf /var/lib/apt/lists/* && rm -rf /var/lib/apt/lists/*
@@ -12,7 +12,7 @@ RUN pip install --no-cache-dir --prefix=/install .
FROM python:3.12-slim AS prod FROM python:3.12-slim AS prod
RUN apt-get update && apt-get upgrade -y && apt-get install -y --no-install-recommends libpq5 && rm -rf /var/lib/apt/lists/* RUN apt-get update && apt-get install -y --no-install-recommends libpq5 && rm -rf /var/lib/apt/lists/*
WORKDIR /app WORKDIR /app
RUN adduser --system --group --uid 1000 app RUN adduser --system --group --uid 1000 app
-2
View File
@@ -1,5 +1,4 @@
FROM node:22-alpine AS builder FROM node:22-alpine AS builder
RUN apk update && apk upgrade --no-cache
WORKDIR /app WORKDIR /app
COPY package.json package-lock.json* ./ COPY package.json package-lock.json* ./
RUN npm ci RUN npm ci
@@ -8,7 +7,6 @@ COPY src/ src/
RUN npm run build RUN npm run build
FROM node:22-alpine FROM node:22-alpine
RUN apk update && apk upgrade --no-cache
WORKDIR /app WORKDIR /app
ENV NODE_ENV=production ENV NODE_ENV=production
COPY package.json package-lock.json* ./ COPY package.json package-lock.json* ./
+3 -3
View File
@@ -941,9 +941,9 @@
} }
}, },
"node_modules/defu": { "node_modules/defu": {
"version": "6.1.7", "version": "6.1.4",
"resolved": "https://registry.npmjs.org/defu/-/defu-6.1.7.tgz", "resolved": "https://registry.npmjs.org/defu/-/defu-6.1.4.tgz",
"integrity": "sha512-7z22QmUWiQ/2d0KkdYmANbRUVABpZ9SNYyH5vx6PZ+nE5bcC0l7uFvEfHlyld/HcGBFTL536ClDt3DEcSlEJAQ==", "integrity": "sha512-mEQCMmwJu317oSz8CwdIOdwf3xMif1ttiM8LTufzc3g6kR+9Pe236twL8j3IYT1F7GfRgGcW6MWxzZjLIkuHIg==",
"license": "MIT" "license": "MIT"
}, },
"node_modules/delegates": { "node_modules/delegates": {
+1 -1
View File
@@ -17,7 +17,7 @@ if (!databaseUrl) {
); );
} }
export const pool = new Pool({ const pool = new Pool({
connectionString: databaseUrl ?? "postgresql://cartsnitch:cartsnitch@localhost:5432/cartsnitch", connectionString: databaseUrl ?? "postgresql://cartsnitch:cartsnitch@localhost:5432/cartsnitch",
}); });
+3 -17
View File
@@ -1,6 +1,6 @@
import { createServer } from "node:http"; import { createServer } from "node:http";
import { toNodeHandler } from "better-auth/node"; import { toNodeHandler } from "better-auth/node";
import { auth, pool } from "./auth.js"; import { auth } from "./auth.js";
const port = parseInt(process.env.PORT ?? "3001", 10); const port = parseInt(process.env.PORT ?? "3001", 10);
@@ -9,22 +9,8 @@ const handler = toNodeHandler(auth);
const server = createServer(async (req, res) => { const server = createServer(async (req, res) => {
// Health check // Health check
if (req.url === "/health" && req.method === "GET") { if (req.url === "/health" && req.method === "GET") {
try { res.writeHead(200, { "Content-Type": "application/json" });
const client = await pool.connect(); res.end(JSON.stringify({ status: "ok" }));
try {
await Promise.race([
client.query("SELECT 1"),
new Promise((_, reject) => setTimeout(() => reject(new Error("DB timeout")), 2000)),
]);
} finally {
client.release();
}
res.writeHead(200, { "Content-Type": "application/json" });
res.end(JSON.stringify({ status: "ok", db: "connected" }));
} catch {
res.writeHead(503, { "Content-Type": "application/json" });
res.end(JSON.stringify({ status: "error", db: "unreachable" }));
}
return; return;
} }
Binary file not shown.

Before

Width:  |  Height:  |  Size: 24 KiB

Submodule cartsnitch deleted from a53daddb9a
+88 -1
View File
@@ -1,4 +1,4 @@
import { test as base, expect } from "@playwright/test"; import { test as base, expect, type Page } from "@playwright/test";
import AxeBuilder from "@axe-core/playwright"; import AxeBuilder from "@axe-core/playwright";
export const test = base.extend<{ axeCheck: void }>({ export const test = base.extend<{ axeCheck: void }>({
@@ -10,3 +10,90 @@ export const test = base.extend<{ axeCheck: void }>({
}); });
export { expect } from "@playwright/test"; export { expect } from "@playwright/test";
const MOCK_USER_ID = "mock_user_123";
const MOCK_SESSION_ID = "mock_session_456";
function mockAuthRoutes(page: Page, authenticated = false) {
page.route(/.*\/auth\/sign-up\/email.*/, async (route) => {
await route.fulfill({
status: 200,
contentType: "application/json",
body: JSON.stringify({
token: null,
user: {
id: MOCK_USER_ID,
email: "mock@cartsnitch.test",
name: "Mock User",
emailVerified: true,
createdAt: new Date().toISOString(),
updatedAt: new Date().toISOString(),
},
}),
});
});
page.route(/.*\/auth\/sign-in\/email.*/, async (route) => {
await route.fulfill({
status: 200,
contentType: "application/json",
body: JSON.stringify({
redirect: false,
token: "mock_token_123",
user: {
id: MOCK_USER_ID,
email: "mock@cartsnitch.test",
name: "Mock User",
emailVerified: true,
createdAt: new Date().toISOString(),
updatedAt: new Date().toISOString(),
},
}),
});
});
page.route(/.*\/auth\/get-session.*/, async (route) => {
if (authenticated) {
await route.fulfill({
status: 200,
contentType: "application/json",
body: JSON.stringify({
session: {
id: MOCK_SESSION_ID,
expiresAt: new Date(Date.now() + 7 * 24 * 60 * 60 * 1000).toISOString(),
createdAt: new Date().toISOString(),
updatedAt: new Date().toISOString(),
ipAddress: null,
userAgent: null,
},
user: {
id: MOCK_USER_ID,
email: "mock@cartsnitch.test",
name: "Mock User",
emailVerified: true,
createdAt: new Date().toISOString(),
updatedAt: new Date().toISOString(),
},
}),
});
} else {
await route.fulfill({
status: 401,
contentType: "application/json",
body: JSON.stringify({ error: "Unauthorized" }),
});
}
});
}
export function mockSessionPending(page: Page) {
page.route(/.*\/auth\/session.*/, async (route) => {
await route.fulfill({
status: 401,
contentType: "application/json",
body: JSON.stringify({ error: "Unauthorized" }),
});
});
}
export { mockAuthRoutes };
+6 -19
View File
@@ -1,18 +1,18 @@
import { test, expect } from '@playwright/test'; import { test, expect } from '@playwright/test';
import { mockAuthRoutes } from '../fixtures';
const uniqueEmail = () => `betty+e2e-${Date.now()}@cartsnitch.test`; const uniqueEmail = () => `betty+e2e-${Date.now()}@cartsnitch.test`;
test.describe('J1: Registration and Login', () => { test.describe('J1: Registration and Login', () => {
test('can register a new account and lands on dashboard', async ({ page }) => { test('can register a new account and see check your email screen', async ({ page }) => {
mockAuthRoutes(page, true);
await page.goto('/register'); await page.goto('/register');
await page.fill('[placeholder="Full Name"]', 'Betty Tester'); await page.fill('[placeholder="Full Name"]', 'Betty Tester');
await page.fill('[placeholder="Email"]', uniqueEmail()); await page.fill('[placeholder="Email"]', uniqueEmail());
await page.fill('[placeholder="Password (min. 8 characters)"]', 'TestPass123!'); await page.fill('[placeholder="Password (min. 8 characters)"]', 'TestPass123!');
await page.click('button[type="submit"]'); await page.click('button[type="submit"]');
// With VITE_MOCK_AUTH=true the app navigates to "/" on success await expect(page.getByRole('heading', { name: /check your email/i })).toBeVisible();
await expect(page).toHaveURL('http://localhost:5173/');
await expect(page.getByRole('heading', { name: /cart/i })).toBeVisible();
}); });
test('shows validation error when registration fields are empty', async ({ page }) => { test('shows validation error when registration fields are empty', async ({ page }) => {
@@ -31,22 +31,9 @@ test.describe('J1: Registration and Login', () => {
}); });
test('can sign in with credentials and land on dashboard', async ({ page }) => { test('can sign in with credentials and land on dashboard', async ({ page }) => {
// Register first so we have a real account mockAuthRoutes(page, true);
const email = uniqueEmail();
await page.goto('/register');
await page.fill('[placeholder="Full Name"]', 'Login Betty');
await page.fill('[placeholder="Email"]', email);
await page.fill('[placeholder="Password (min. 8 characters)"]', 'TestPass123!');
await page.click('button[type="submit"]');
await expect(page).toHaveURL('http://localhost:5173/');
// Sign out by clearing the mock session (reload with no session)
await page.goto('/');
await page.reload();
// Now sign in
await page.goto('/login'); await page.goto('/login');
await page.fill('[placeholder="Email"]', email); await page.fill('[placeholder="Email"]', 'test@cartsnitch.test');
await page.fill('[placeholder="Password"]', 'TestPass123!'); await page.fill('[placeholder="Password"]', 'TestPass123!');
await page.click('button[type="submit"]'); await page.click('button[type="submit"]');
+6 -8
View File
@@ -1,8 +1,9 @@
import { test, expect } from '@playwright/test'; import { test, expect } from '@playwright/test';
import { mockAuthRoutes } from '../fixtures';
test.describe('J8: Unauthenticated Access', () => { test.describe('J8: Unauthenticated Access', () => {
test('redirects /dashboard (/) to /login when not authenticated', async ({ page }) => { test('redirects /dashboard (/) to /login when not authenticated', async ({ page }) => {
// No session cookie — start fresh mockAuthRoutes(page, false);
await page.context().clearCookies(); await page.context().clearCookies();
await page.goto('/'); await page.goto('/');
@@ -11,6 +12,7 @@ test.describe('J8: Unauthenticated Access', () => {
}); });
test('redirects /purchases to /login when not authenticated', async ({ page }) => { test('redirects /purchases to /login when not authenticated', async ({ page }) => {
mockAuthRoutes(page, false);
await page.context().clearCookies(); await page.context().clearCookies();
await page.goto('/purchases'); await page.goto('/purchases');
@@ -19,6 +21,7 @@ test.describe('J8: Unauthenticated Access', () => {
}); });
test('redirects /products to /login when not authenticated', async ({ page }) => { test('redirects /products to /login when not authenticated', async ({ page }) => {
mockAuthRoutes(page, false);
await page.context().clearCookies(); await page.context().clearCookies();
await page.goto('/products'); await page.goto('/products');
@@ -27,6 +30,7 @@ test.describe('J8: Unauthenticated Access', () => {
}); });
test('redirects /coupons to /login when not authenticated', async ({ page }) => { test('redirects /coupons to /login when not authenticated', async ({ page }) => {
mockAuthRoutes(page, false);
await page.context().clearCookies(); await page.context().clearCookies();
await page.goto('/coupons'); await page.goto('/coupons');
@@ -35,15 +39,9 @@ test.describe('J8: Unauthenticated Access', () => {
}); });
test('shows loading spinner while auth session is pending', async ({ page }) => { test('shows loading spinner while auth session is pending', async ({ page }) => {
// Intercept but don't respond — session stays pending mockAuthRoutes(page, false);
await page.context().clearCookies(); await page.context().clearCookies();
await page.request.fetch('/api/auth/session', {
method: 'GET',
});
// Just navigate to a protected route — ProtectedRoute will show spinner while session is pending
await page.goto('/purchases'); await page.goto('/purchases');
// Spinner is visible briefly; once resolved, should redirect to login
await expect(page).toHaveURL(/\/login/, { timeout: 10_000 }); await expect(page).toHaveURL(/\/login/, { timeout: 10_000 });
}); });
}); });
+2 -1
View File
@@ -1,6 +1,7 @@
import { test, expect } from './fixtures'; import { test, expect, mockAuthRoutes } from './fixtures';
test('app loads', async ({ page }) => { test('app loads', async ({ page }) => {
mockAuthRoutes(page, false);
await page.goto('/'); await page.goto('/');
// Unauthenticated users are redirected to /login // Unauthenticated users are redirected to /login
await expect(page).toHaveURL(/\/login/); await expect(page).toHaveURL(/\/login/);
+4 -1
View File
@@ -9,9 +9,12 @@ export default defineConfig({
}, },
], ],
webServer: { webServer: {
command: 'VITE_MOCK_AUTH=true npm run dev', command: 'npm run dev',
url: 'http://localhost:5173', url: 'http://localhost:5173',
reuseExistingServer: !process.env.CI, reuseExistingServer: !process.env.CI,
env: {
VITE_MOCK_AUTH: 'true',
},
}, },
use: { use: {
baseURL: 'http://localhost:5173', baseURL: 'http://localhost:5173',
+2 -2
View File
@@ -5,7 +5,7 @@ WORKDIR /app
# build-essential and libpq-dev are needed to compile any C-extension wheels # build-essential and libpq-dev are needed to compile any C-extension wheels
# (e.g. psycopg2 fallback). No git needed — common/ is copied from the repo root. # (e.g. psycopg2 fallback). No git needed — common/ is copied from the repo root.
RUN apt-get update && apt-get upgrade -y && apt-get install -y --no-install-recommends \ RUN apt-get update && apt-get install -y --no-install-recommends \
libpq-dev \ libpq-dev \
build-essential \ build-essential \
&& rm -rf /var/lib/apt/lists/* && rm -rf /var/lib/apt/lists/*
@@ -25,7 +25,7 @@ FROM python:3.12-slim AS prod
WORKDIR /app WORKDIR /app
# Install Playwright system dependencies for Chromium # Install Playwright system dependencies for Chromium
RUN apt-get update && apt-get upgrade -y && apt-get install -y --no-install-recommends \ RUN apt-get update && apt-get install -y --no-install-recommends \
libnss3 \ libnss3 \
libatk1.0-0 \ libatk1.0-0 \
libatk-bridge2.0-0 \ libatk-bridge2.0-0 \