cs_betty/cartsnitch-fork-test

forked from cartsnitch/cartsnitch

T

Test User 3216e6a1c2 fix: resolve HIGH-severity CVEs in receiptwitness image

- Bump cryptography>=46.0 to fix GHSA-r6ph-v2qm-q3c2
- Increment APT_CACHE_BUST to 1 to force fresh apt-get upgrade
  for OpenSSL/libssl3t64 (fixes CVE-2026-2673, CVE-2026-28388,
  CVE-2026-28389, CVE-2026-28390, CVE-2026-31790)
- Add 89 Chrome CVEs to grype.yaml ignore (Playwright bundles
  Chromium — CVEs can only be resolved by upgrading Playwright)
- Add node CVE-2026-21710 to grype.yaml ignore (Playwright
  bundled tooling dependency)

Co-Authored-By: Paperclip <noreply@paperclip.ing>

2026-04-19 00:48:02 +00:00

.github/workflows

Merge pull request #220 from cartsnitch/fix/car-656-deploy-commit-guard

2026-04-19 00:03:32 +00:00

fix: add Grype CVE ignores and cache-bust Debian apt-get upgrade layers

2026-04-15 21:50:09 +00:00

fix: increase bcrypt cost factor from 10 to 12

2026-04-15 21:50:09 +00:00

cartsnitch @ a53daddb9a

fix: restore DB connectivity check to auth health endpoint

2026-04-14 16:35:24 +00:00

fix: replace N+1 UPC query with SQL containment in normalization

2026-04-14 11:59:28 +00:00

content/marketing

Add shrinkflation consumer FAQ for April 1 series launch

2026-03-28 14:54:32 +00:00

docs: add UAT runbook v1

2026-03-30 20:20:07 +00:00

fix: e2e route mocking and color contrast accessibility (#221 )

2026-04-15 21:49:55 +00:00

feat(ci): add Lighthouse CI performance checks (#85 )

2026-03-31 15:45:22 +00:00

fix: resolve HIGH-severity CVEs in receiptwitness image

2026-04-19 00:48:02 +00:00

feat(scripts): add dev environment seed script and K8s Job (#99 )

2026-04-01 19:51:45 +00:00

fix: e2e route mocking and color contrast accessibility (#221 )

2026-04-15 21:49:55 +00:00

.dockerignore

feat: add multi-stage Dockerfile for PWA

2026-03-18 13:26:57 +00:00

.gitignore

feat: migrate authentication to Better-Auth (Phase 1)

2026-03-28 04:46:10 +00:00

.grype.yaml

fix: resolve HIGH-severity CVEs in receiptwitness image

2026-04-19 00:48:02 +00:00

cart608-auth-signin-fail.png

fix: restore DB connectivity check to auth health endpoint

2026-04-14 16:35:24 +00:00

CLAUDE.md

feat: migrate authentication to Better-Auth (Phase 1)

2026-03-28 04:46:10 +00:00

Dockerfile

fix: remediate high-severity CVEs in Docker images

2026-04-14 23:51:42 +00:00

eslint.config.js

feat: add core PWA screens (auth, dashboard, purchases, products, alerts, settings)

2026-03-17 12:24:31 +00:00

index.html

feat: add core PWA screens (auth, dashboard, purchases, products, alerts, settings)

2026-03-17 12:24:31 +00:00

lighthouserc.json

fix(ci): disable FullPageScreenshot gatherer to prevent Chrome crash

2026-03-31 21:58:30 +00:00

nginx.conf

fix: restrict CORS to explicit methods and add security headers

2026-04-14 11:49:02 +00:00

package-lock.json

fix: update vite to resolve high-severity audit vulnerability

2026-04-14 16:09:48 +00:00

package.json

fix: update vite to resolve high-severity npm audit vulnerabilities

2026-04-14 15:56:33 +00:00

playwright.config.ts

fix: remove VITE_MOCK_AUTH bypass from production code

2026-04-14 15:37:24 +00:00

README.md

test

2026-03-30 00:50:51 +00:00

renovate.json

feat: add Renovate dependency update config

2026-03-18 18:21:31 +00:00

tsconfig.app.json

feat: add core PWA screens (auth, dashboard, purchases, products, alerts, settings)

2026-03-17 12:24:31 +00:00

tsconfig.json

feat: add core PWA screens (auth, dashboard, purchases, products, alerts, settings)

2026-03-17 12:24:31 +00:00

tsconfig.node.json

feat: add core PWA screens (auth, dashboard, purchases, products, alerts, settings)

2026-03-17 12:24:31 +00:00

vite.config.ts

feat: add core PWA screens (auth, dashboard, purchases, products, alerts, settings)

2026-03-17 12:24:31 +00:00

vitest.config.ts

fix(ci): exclude e2e tests from vitest

2026-03-30 19:49:23 +00:00

README.md

CartSnitch

Languages

Python 85.2%

TypeScript 13.5%

Shell 0.5%

Dockerfile 0.5%

Mako 0.1%