cs_betty/cartsnitch-fork-test
1
0
Fork 0
forked from cartsnitch/cartsnitch
Code Pull Requests Activity
278 Commits 166 Branches 71 Tags
fix/cors-security-headers
T
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
CartSnitch Engineer Bot 37798251be fix: restrict CORS to explicit methods and add security headers 
- Replace allow_methods=["*"] with explicit list: GET, POST, PUT, DELETE, PATCH, OPTIONS
- Replace allow_headers=["*"] with explicit list: Content-Type, Authorization, Accept, Origin, X-Requested-With
- Add X-Frame-Options, X-Content-Type-Options, Referrer-Policy, CSP nginx headers

Co-Authored-By: Paperclip <noreply@paperclip.ing>
2026-04-14 11:49:02 +00:00
.github/workflows
fix(ci): use full SHA in docker/metadata-action tags
2026-04-04 05:31:04 +00:00
api
fix: restrict CORS to explicit methods and add security headers
2026-04-14 11:49:02 +00:00
auth
fix(auth): add UAT hostname to trustedOrigins
2026-04-04 04:18:03 +00:00
common
fix(api): escape percent signs in alembic database URL for configparser
2026-04-04 06:31:48 +00:00
content/marketing
Add shrinkflation consumer FAQ for April 1 series launch
2026-03-28 14:54:32 +00:00
docs
docs: add UAT runbook v1
2026-03-30 20:20:07 +00:00
e2e
fix(e2e): correct smoke test heading assertion to match Login page
2026-03-31 18:15:07 +00:00
public
feat(ci): add Lighthouse CI performance checks (#85)
2026-03-31 15:45:22 +00:00
receiptwitness
fix(receiptwitness): handle invalid timestamp in Mailgun webhook verification
2026-04-03 12:09:51 +00:00
scripts
feat(scripts): add dev environment seed script and K8s Job (#99)
2026-04-01 19:51:45 +00:00
src
fix: move email-in-address endpoint from /auth to /api/v1 prefix
2026-04-03 11:44:31 +00:00
.dockerignore
Squashed 'receiptwitness/' content from commit e8d374a
2026-03-28 02:24:22 +00:00
.gitignore
feat: migrate authentication to Better-Auth (Phase 1)
2026-03-28 04:46:10 +00:00
CLAUDE.md
feat: migrate authentication to Better-Auth (Phase 1)
2026-03-28 04:46:10 +00:00
Dockerfile
Squashed 'receiptwitness/' content from commit e8d374a
2026-03-28 02:24:22 +00:00
eslint.config.js
feat: add core PWA screens (auth, dashboard, purchases, products, alerts, settings)
2026-03-17 12:24:31 +00:00
index.html
feat: add core PWA screens (auth, dashboard, purchases, products, alerts, settings)
2026-03-17 12:24:31 +00:00
lighthouserc.json
fix(ci): disable FullPageScreenshot gatherer to prevent Chrome crash
2026-03-31 21:58:30 +00:00
nginx.conf
fix: restrict CORS to explicit methods and add security headers
2026-04-14 11:49:02 +00:00
package-lock.json
fix(deps): resolve npm audit vulnerabilities (brace-expansion, lodash) (#108)
2026-04-03 13:23:20 +00:00
package.json
fix(deps): resolve npm audit vulnerabilities (brace-expansion, lodash) (#108)
2026-04-03 13:23:20 +00:00
playwright.config.ts
feat(e2e): add J1 and J8 journey tests
2026-03-31 16:49:36 +00:00
README.md
test
2026-03-30 00:50:51 +00:00
renovate.json
Squashed 'receiptwitness/' content from commit e8d374a
2026-03-28 02:24:22 +00:00
tsconfig.app.json
feat: add core PWA screens (auth, dashboard, purchases, products, alerts, settings)
2026-03-17 12:24:31 +00:00
tsconfig.json
feat: add core PWA screens (auth, dashboard, purchases, products, alerts, settings)
2026-03-17 12:24:31 +00:00
tsconfig.node.json
feat: add core PWA screens (auth, dashboard, purchases, products, alerts, settings)
2026-03-17 12:24:31 +00:00
vite.config.ts
feat: add core PWA screens (auth, dashboard, purchases, products, alerts, settings)
2026-03-17 12:24:31 +00:00
vitest.config.ts
fix(ci): exclude e2e tests from vitest
2026-03-30 19:49:23 +00:00

README.md

CartSnitch

View Git Blame Copy Permalink
S
Description
Consumer savings platform with grocery coupon tracking, deal alerts, and price comparison
Readme 1.9 MiB
Languages
Python 85.2%
TypeScript 13.5%
Shell 0.5%
Dockerfile 0.5%
Mako 0.1%