groombook/api

Author	SHA1	Message	Date
Flea Flicker	03f79a3701	uat → main: GRO-2299 redact googleMapsApiKey from PATCH /api/admin/settings (#198 ) CI / Test (push) Successful in 27s Details CI / Lint & Typecheck (push) Successful in 30s Details CI / Build & Push Docker Images (push) Successful in 30s Details GRO-2299: redact googleMapsApiKey from PATCH /api/admin/settings response Co-authored-by: Flea Flicker <22+gb_flea@noreply.git.farh.net> Co-committed-by: Flea Flicker <22+gb_flea@noreply.git.farh.net>	2026-06-09 07:49:49 +00:00
Flea Flicker	2b92c2ab6c	uat→main (PROD): GRO-2294 Route Optimization security hardening (frozen @2566fb8) (#197 ) CI / Lint & Typecheck (push) Successful in 30s Details CI / Test (push) Failing after 11m41s Details CI / Build & Push Docker Images (push) Has been skipped Details feat(security): GRO-2294 Route Optimization security hardening [squash] Co-authored-by: Flea Flicker <22+gb_flea@noreply.git.farh.net> Co-committed-by: Flea Flicker <22+gb_flea@noreply.git.farh.net>	2026-06-09 07:38:02 +00:00
Flea Flicker	e9ad92de01	uat→main (PROD): GRO-2157 nav export + GRO-2225/2235 (frozen @4868f18) (#192 ) CI / Test (push) Successful in 28s Details CI / Lint & Typecheck (push) Successful in 31s Details CI / Build & Push Docker Images (push) Successful in 28s Details feat: nav export + conflict guard + UAT seed (GRO-2157, GRO-2225, GRO-2235) Squash-merges PR #192: uat→main PROD promotion. Freezes at validated SHA `4868f18` (UAT regression GRO-2261 11/11 PASS). Bundles: GRO-2157 (nav export), GRO-2225 (UAT seed), GRO-2235 (conflict guard). CTO-reviewed and approved (review #4542). Co-authored-by: Flea Flicker <22+gb_flea@noreply.git.farh.net> Co-committed-by: Flea Flicker <22+gb_flea@noreply.git.farh.net>	2026-06-09 01:23:06 +00:00
Flea Flicker	bfe1a29c08	Merge pull request 'uat→main (PROD): GRO-2234 portal session fix + validated batch' (#191 ) from flea/uat-to-main-gro-2234-api into main CI / Test (push) Successful in 26s Details CI / Lint & Typecheck (push) Successful in 29s Details CI / Build & Push Docker Images (push) Successful in 28s Details	2026-06-09 00:37:35 +00:00
Scrubs McBarkley	1ad43ce701	Merge pull request 'promote(uat→main FROZEN @6120b96): + GRO-2156 route buffer/reorder (supersedes #185 )' (#186 ) from release/main-6120b96 into main CI / Test (push) Successful in 25s Details CI / Lint & Typecheck (push) Successful in 29s Details CI / Build & Push Docker Images (push) Successful in 1m19s Details promote(uat→main FROZEN @6120b96): GRO-2214+GRO-2211+GRO-2203+GRO-2155+GRO-2163+GRO-2156 CTO-reviewed, CEO-merged per SDLC Phase 4 governance. Carries: GRO-2214 waitlist validation, GRO-2211, GRO-2203 pet PATCH, GRO-2155+GRO-2163 route optimization, GRO-2156 route buffer/reorder. All gates passed: QA, Security, UAT 6/6 PASS. Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-06-08 23:29:58 +00:00
Flea Flicker	96dbb8c41d	Merge pull request 'Promote dev → uat: GRO-2155/2156/2203/2211/2163 + GRO-2234 (cumulative batch)' (#182 ) from flea/dev-to-uat-gro-2156 into uat CI / Test (push) Successful in 25s Details CI / Lint & Typecheck (push) Successful in 30s Details CI / Build & Push Docker Images (push) Successful in 1m24s Details CI / Test (pull_request) Successful in 27s Details CI / Lint & Typecheck (pull_request) Successful in 30s Details CI / Build & Push Docker Images (pull_request) Successful in 1m11s Details	2026-06-08 19:42:25 +00:00
Flea Flicker	636fa713e1	Merge dev into uat: add GRO-2234 portal session sliding TTL + re-mint to dev→uat batch CI / Test (pull_request) Successful in 28s Details CI / Lint & Typecheck (pull_request) Successful in 28s Details CI / Build & Push Docker Images (pull_request) Successful in 27s Details	2026-06-08 19:17:15 +00:00
Flea Flicker	aabedc8152	fix(GRO-2234): bounded sliding expiration for SSO portal sessions (#183 ) CI / Test (push) Successful in 28s Details CI / Lint & Typecheck (push) Successful in 29s Details CI / Build & Push Docker Images (push) Successful in 38s Details	2026-06-08 18:55:43 +00:00
Flea Flicker	6120b96c7c	Merge dev into uat: promote GRO-2156 route travel buffer + reorder (Phase 2.2) CI / Test (pull_request) Successful in 26s Details CI / Lint & Typecheck (pull_request) Successful in 28s Details CI / Build & Push Docker Images (pull_request) Successful in 1m2s Details Resolves UAT_PLAYBOOK.md conflict by unioning uat-only TC-UAT-2/3 (GRO-2100) with dev's §4.16 update + new §4.17. Code files taken from dev (superset). Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-06-08 18:11:05 +00:00
Flea Flicker	ca62fb8ef6	feat(GRO-2156): travel buffer + reorder endpoint (Phase 2.2) (#180 ) CI / Test (push) Successful in 27s Details CI / Lint & Typecheck (push) Successful in 30s Details CI / Lint & Typecheck (pull_request) Successful in 25s Details CI / Test (pull_request) Successful in 24s Details CI / Build & Push Docker Images (push) Successful in 43s Details CI / Build & Push Docker Images (pull_request) Successful in 27s Details	2026-06-08 18:07:54 +00:00
Flea Flicker	eb92f99c4a	dev → uat: GRO-2203 portal pet PATCH malformed-petId 500→404 (#178 ) CI / Test (push) Successful in 27s Details CI / Lint & Typecheck (push) Successful in 32s Details CI / Build & Push Docker Images (push) Successful in 1m1s Details CI / Test (pull_request) Successful in 27s Details CI / Lint & Typecheck (pull_request) Successful in 31s Details CI / Build & Push Docker Images (pull_request) Successful in 1m4s Details	2026-06-08 17:53:01 +00:00
Flea Flicker	29c42e3130	fix(portal): validate waitlist preferredTime/preferredDate, return 400 on bad input (GRO-2211) (#179 ) CI / Test (pull_request) Successful in 26s Details CI / Test (push) Successful in 29s Details CI / Lint & Typecheck (pull_request) Successful in 31s Details CI / Lint & Typecheck (push) Successful in 34s Details CI / Build & Push Docker Images (pull_request) Failing after 13s Details CI / Build & Push Docker Images (push) Successful in 48s Details	2026-06-08 17:19:39 +00:00
Flea Flicker	b842237425	fix(portal): GRO-2203 validate petId as UUID before PATCH lookup (500→404) (#177 ) CI / Lint & Typecheck (push) Successful in 29s Details CI / Test (push) Successful in 29s Details CI / Lint & Typecheck (pull_request) Failing after 2s Details CI / Test (pull_request) Successful in 25s Details CI / Build & Push Docker Images (pull_request) Has been skipped Details CI / Build & Push Docker Images (push) Successful in 47s Details	2026-06-08 17:03:44 +00:00
Flea Flicker	587fd4ec95	dev → uat: GRO-2155 route optimization endpoints (carries GRO-2163) (#176 ) CI / Test (push) Successful in 26s Details CI / Lint & Typecheck (push) Successful in 27s Details CI / Build & Push Docker Images (push) Successful in 25s Details	2026-06-08 16:45:44 +00:00
Flea Flicker	d0c0b1b646	feat(GRO-2155): route CRUD + optimization endpoint (Phase 2.1) (#175 ) CI / Test (push) Successful in 25s Details CI / Lint & Typecheck (push) Successful in 28s Details CI / Test (pull_request) Successful in 24s Details CI / Build & Push Docker Images (push) Successful in 35s Details CI / Lint & Typecheck (pull_request) Successful in 26s Details CI / Build & Push Docker Images (pull_request) Successful in 25s Details	2026-06-08 13:57:07 +00:00
Flea Flicker	b9fc688769	fix(db): wait for/retry DB DNS resolution before drizzle-kit migrate (GRO-2163) (#161 ) CI / Test (push) Successful in 28s Details CI / Lint & Typecheck (push) Successful in 31s Details CI / Build & Push Docker Images (push) Successful in 47s Details	2026-06-08 13:37:30 +00:00
Flea Flicker	6e2e46daf8	Merge uat → main: portal pet PATCH + photoKey S3 key-hijack fix (GRO-2187) (#174 ) CI / Test (push) Successful in 25s Details CI / Lint & Typecheck (push) Successful in 28s Details CI / Build & Push Docker Images (push) Successful in 40s Details	2026-06-08 13:25:46 +00:00
Flea Flicker	8cf72d926d	dev → uat: portal photoKey S3 key-hijack fix (GRO-2187/GRO-2198) (#173 ) CI / Test (push) Successful in 22s Details CI / Lint & Typecheck (push) Successful in 27s Details CI / Build & Push Docker Images (push) Successful in 43s Details CI / Test (pull_request) Successful in 27s Details CI / Lint & Typecheck (pull_request) Successful in 32s Details CI / Build & Push Docker Images (pull_request) Successful in 39s Details	2026-06-08 12:39:52 +00:00
Flea Flicker	14d7889ec0	fix(portal): drop writable photoKey from PATCH /portal/pets — S3 key-hijack (GRO-2187/GRO-2198) (#172 ) CI / Test (push) Successful in 24s Details CI / Lint & Typecheck (push) Successful in 26s Details CI / Build & Push Docker Images (push) Successful in 29s Details CI / Lint & Typecheck (pull_request) Successful in 24s Details CI / Test (pull_request) Successful in 30s Details CI / Build & Push Docker Images (pull_request) Successful in 44s Details	2026-06-08 12:39:02 +00:00
Flea Flicker	8721f0b63c	dev → uat: GRO-2154 geocoding endpoints (Phase 1.3) (#171 ) CI / Test (push) Successful in 24s Details CI / Lint & Typecheck (push) Successful in 27s Details CI / Build & Push Docker Images (push) Successful in 35s Details	2026-06-08 12:06:43 +00:00
Flea Flicker	582c376df9	feat(GRO-2154): geocoding endpoints + auto-geocode on client mutations (#170 ) CI / Test (push) Successful in 28s Details CI / Test (pull_request) Successful in 23s Details CI / Lint & Typecheck (pull_request) Successful in 26s Details CI / Build & Push Docker Images (pull_request) Successful in 25s Details CI / Lint & Typecheck (push) Failing after 14m33s Details CI / Build & Push Docker Images (push) Has been skipped Details	2026-06-08 11:45:08 +00:00
Flea Flicker	eec198a661	fix(ci): GRO-2197 api lint/typecheck/test run root scripts (de-false-green) (#169 ) CI / Test (push) Successful in 25s Details CI / Lint & Typecheck (push) Successful in 30s Details CI / Build & Push Docker Images (push) Successful in 3m23s Details	2026-06-08 11:09:33 +00:00
Flea Flicker	027e012a58	Merge pull request 'dev → uat: GRO-2153 abstracted geocoding service' (#168 ) from dev-to-uat-gro-2153 into uat CI / Test (push) Successful in 1m5s Details CI / Lint & Typecheck (push) Successful in 43m29s Details CI / Build & Push Docker Images (push) Successful in 1m7s Details	2026-06-08 10:51:17 +00:00
Flea Flicker	b3db206588	Merge pull request 'dev → uat: GRO-2187 portal pet PATCH + GET enrichment (carries GRO-2152)' (#166 ) from dev-to-uat-gro-2187 into uat CI / Test (push) Successful in 1m19s Details CI / Lint & Typecheck (push) Successful in 1m25s Details CI / Build & Push Docker Images (push) Successful in 3m58s Details	2026-06-08 10:02:17 +00:00
Flea Flicker	04b235c861	Merge pull request 'feat(GRO-2153): abstracted geocoding service (Nominatim + Google)' (#167 ) from feat/gro-2153-geocoding-service-dev into dev CI / Test (push) Failing after 13m50s Details CI / Lint & Typecheck (push) Failing after 13m50s Details CI / Build & Push Docker Images (push) Has been skipped Details CI / Test (pull_request) Successful in 11s Details CI / Lint & Typecheck (pull_request) Successful in 16s Details CI / Build & Push Docker Images (pull_request) Successful in 3m45s Details	2026-06-08 09:40:52 +00:00
Flea Flicker	21fb1b30d2	ci: retrigger build (registry layer-pull hang on prior run) CI / Test (pull_request) Failing after 14m1s Details CI / Lint & Typecheck (pull_request) Failing after 14m1s Details CI / Build & Push Docker Images (pull_request) Has been skipped Details Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-06-08 09:40:42 +00:00
Flea Flicker	2fa6e3d87b	feat(GRO-2153): abstracted geocoding service (Nominatim + Google) CI / Test (pull_request) Successful in 13s Details CI / Lint & Typecheck (pull_request) Successful in 20s Details CI / Build & Push Docker Images (pull_request) Failing after 27m22s Details Phase 1.2 of Route Optimization. Adds a provider-agnostic geocoding service layer in the deployed src/ tree: - GeocodingProvider interface + GeocodeResult type - NominatimGeocodingProvider (default, free, self-hostable) with an internal rate limiter enforcing the 1 req/sec Nominatim usage policy - GoogleGeocodingProvider (optional fallback) keyed by the encrypted businessSettings.googleMapsApiKey (decrypted via decryptSecret) or GOOGLE_MAPS_API_KEY env fallback - resolveGeocodingProvider() selecting on businessSettings.routeOptimizationProvider, with safe fallback to Nominatim when google is configured but no usable key - geocodeBatch() throttled batch utility (honors provider rate limit, captures per-item errors, optional progress callback) - 20 unit tests covering both providers, selection, throttle spacing, and batch Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-06-08 09:01:36 +00:00
Flea Flicker	6be78cae35	fix(portal): implement PATCH /portal/pets/:petId + enrich GET (GRO-2187) (#165 ) CI / Test (push) Failing after 3s Details CI / Lint & Typecheck (push) Successful in 16s Details CI / Build & Push Docker Images (push) Has been skipped Details CI / Test (pull_request) Successful in 12s Details CI / Lint & Typecheck (pull_request) Successful in 15s Details CI / Build & Push Docker Images (pull_request) Successful in 41s Details	2026-06-08 08:18:13 +00:00
Flea Flicker	40bd6dcfea	Merge pull request 'feat(GRO-2152): route optimization schema migration' (#164 ) from feat/gro-2152-route-optimization-schema-dev into dev CI / Test (push) Failing after 4s Details CI / Lint & Typecheck (push) Successful in 15s Details CI / Build & Push Docker Images (push) Has been skipped Details	2026-06-08 07:55:35 +00:00
Flea Flicker	4884961c8e	feat(GRO-2152): route optimization schema migration CI / Test (pull_request) Successful in 53s Details CI / Lint & Typecheck (pull_request) Successful in 1m0s Details CI / Build & Push Docker Images (pull_request) Successful in 4m13s Details Add the database foundation for mobile groomer route optimization: - clients: latitude/longitude (double precision) + geocodedAt - groomer_routes: per-(staff, date) route with route_status enum, totals, optimizedAt; UNIQUE(staff_id, route_date) - route_stops: ordered stops FK->groomer_routes (cascade) + appointments, lat/lng, per-leg travel mins/distance, bufferMins; UNIQUE(route_id, appointment_id) and UNIQUE(route_id, stop_order) - business_settings: defaultTravelBufferMins (default 15), routeOptimizationProvider (default nominatim), googleMapsApiKey (encrypted at rest at the app layer) - Idempotent hand-authored migration 0041 + journal entry (when=max+1) Lands in packages/db (the deployed schema/migration source per the Dockerfile migrate stage); apps/api is the legacy CI-only copy. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>	2026-06-08 07:48:10 +00:00
Flea Flicker	fc072d51f4	Merge pull request 'promote(uat→main): GRO-2123 seed advisory lock + GRO-2100 uat-groomer linkage ordering' (#157 ) from uat into main CI / Test (push) Successful in 14s Details CI / Lint & Typecheck (push) Successful in 17s Details CI / Build & Push Docker Images (push) Successful in 41s Details	2026-06-04 12:53:06 +00:00
Flea Flicker	6538406db2	Merge pull request 'chore: delete stale apps/api/src/db/seed.ts duplicate (GRO-2129)' (#158 ) from dev into uat CI / Test (push) Successful in 12s Details CI / Lint & Typecheck (push) Successful in 18s Details CI / Build & Push Docker Images (push) Successful in 38s Details CI / Test (pull_request) Successful in 22s Details CI / Lint & Typecheck (pull_request) Successful in 25s Details CI / Build & Push Docker Images (pull_request) Successful in 38s Details	2026-06-04 12:45:24 +00:00
Flea Flicker	93be4d8f72	chore: delete stale apps/api/src/db/seed.ts duplicate (GRO-2129) (#158 ) CI / Test (push) Successful in 15s Details CI / Lint & Typecheck (push) Successful in 18s Details CI / Build & Push Docker Images (push) Successful in 38s Details chore: delete stale apps/api/src/db/seed.ts duplicate (GRO-2129) (#158)	2026-06-04 12:44:46 +00:00
Flea Flicker	e2eacbc9fe	Merge pull request 'dev → uat: GRO-2123 seed advisory lock' (#156 ) from dev-to-uat-gro-2123 into uat CI / Test (push) Successful in 16s Details CI / Lint & Typecheck (push) Successful in 16s Details CI / Build & Push Docker Images (push) Successful in 40s Details CI / Test (pull_request) Successful in 12s Details CI / Lint & Typecheck (pull_request) Successful in 15s Details CI / Build & Push Docker Images (pull_request) Successful in 39s Details	2026-06-04 11:32:06 +00:00
Flea Flicker	f67b96ddfe	Merge pull request 'fix(GRO-2123): serialize seed.ts with Postgres advisory lock' (#155 ) from flea-flicker/gro-2123-seed-advisory-lock into dev CI / Test (push) Successful in 11s Details CI / Lint & Typecheck (push) Successful in 16s Details CI / Build & Push Docker Images (push) Successful in 25s Details CI / Test (pull_request) Successful in 10s Details CI / Lint & Typecheck (pull_request) Successful in 16s Details CI / Build & Push Docker Images (pull_request) Successful in 28s Details	2026-06-04 11:23:41 +00:00
Flea Flicker	d1a68d93de	fix(GRO-2123): serialize seed.ts with Postgres advisory lock CI / Test (pull_request) Successful in 13s Details CI / Lint & Typecheck (pull_request) Successful in 15s Details CI / Build & Push Docker Images (pull_request) Successful in 58s Details The reset-demo-data CronJob in groombook-uat intermittently failed with FK 23503 on invoice_tip_splits because two pods could run the seed concurrently: the new pod's TRUNCATE deleted rows the old pod was still inserting. Acquire a session-level advisory lock for the full duration of the seed. CRITICAL: with postgres-js connection pooling, a pg_advisory_lock acquired on one pooled connection and released on a different one is a no-op (the lock is bound to the pg-backend that took it). We therefore reserve a dedicated connection for the lock, take pg_advisory_lock(KEY) on it, run the seed on the pooled connections, and release the lock + reserved connection in a try/finally so a thrown seed error cannot leak the lock or the connection. Defence-in-depth with the infra PR that switches concurrencyPolicy: Replace → Forbid on the reset-demo-data CronJob. - Adds withSeedAdvisoryLock helper and runSeedBody extracted function - Wraps seed() body in the helper; client.end() runs after the lock releases so a reserved connection is not returned to a closed pool - SEED_ADVISORY_LOCK_KEY = 0x47524f4f ("GROO" in ASCII) — arbitrary stable 32-bit key, referenced in runbooks - UAT_PLAYBOOK.md §3.29 documents the regression check cc @cpfarhood Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-06-04 11:12:17 +00:00
Flea Flicker	e639cc82d1	chore(uat): GRO-2100 promote uat-groomer seed-linkage ordering fix to uat (#154 ) CI / Test (push) Successful in 16s Details CI / Lint & Typecheck (push) Successful in 19s Details CI / Build & Push Docker Images (push) Successful in 27s Details Co-authored-by: Flea Flicker <flea@groombook.dev> Co-committed-by: Flea Flicker <flea@groombook.dev>	2026-06-02 20:23:54 +00:00
Flea Flicker	e9f94a2bd7	fix(seed): GRO-2100 run uat-groomer linkage AFTER services seed (regression in #151 ) (#153 ) CI / Test (push) Successful in 12s Details CI / Test (pull_request) Successful in 12s Details CI / Lint & Typecheck (pull_request) Successful in 15s Details CI / Build & Push Docker Images (pull_request) Successful in 29s Details CI / Lint & Typecheck (push) Failing after 12m57s Details CI / Build & Push Docker Images (push) Has been skipped Details fix(seed): GRO-2100 run uat-groomer linkage after services seed (#153) Co-authored-by: Flea Flicker <flea@groombook.dev> Co-committed-by: Flea Flicker <flea@groombook.dev>	2026-06-02 20:11:45 +00:00
Flea Flicker	f2931d7be2	Merge pull request 'Promote dev→uat: GRO-2100 uat-groomer ↔ UAT Pup Alpha linkage' (#152 ) from promote/dev-to-uat-gro-2100 into uat CI / Test (push) Successful in 13s Details CI / Lint & Typecheck (push) Successful in 18s Details CI / Build & Push Docker Images (push) Successful in 26s Details Merge pull request #152 from groombook/promote/dev-to-uat-gro-2100 Promote dev→uat: GRO-2100 uat-groomer ↔ UAT Pup Alpha linkage	2026-06-02 19:11:46 +00:00
Paperclip	d4a4ddce37	ci: retrigger GRO-2100 PR #152 Build & Push Docker Images (Reset image build failed — docker registry flake) CI / Test (pull_request) Successful in 13s Details CI / Lint & Typecheck (pull_request) Successful in 17s Details CI / Build & Push Docker Images (pull_request) Successful in 40s Details	2026-06-02 18:28:17 +00:00
Paperclip	bd384bdf5c	docs(UAT_PLAYBOOK): add TC-UAT-2/3 for uat-groomer linked/unlinked pet profile-summary (GRO-2100) CI / Lint & Typecheck (pull_request) Successful in 16s Details CI / Test (pull_request) Successful in 2m20s Details CI / Build & Push Docker Images (pull_request) Failing after 36s Details Lint Roller review on PR #152 flagged that the GRO-2100 seed change produces new observable UAT API behavior that the playbook must reflect. Add two deterministic rows pinning the contract GRO-1987 TC-UAT-2/3 will exercise: - TC-UAT-2: uat-groomer + linked pet c0000001-...-002 (UAT Pup Alpha) → 200 - TC-UAT-3: uat-groomer + unlinked pet c0000001-...-003 (UAT Pup Beta) → 403 The 403-vs-404 note in TC-UAT-3 mirrors the verification note in the GRO-2100 issue body so the QA runner knows where to file if the API returns 404 (a separate RBAC defect, not against the seed).	2026-06-02 18:24:40 +00:00
Flea Flicker	de16c50040	fix(seed): GRO-2100 deterministic uat-groomer ↔ UAT Pup Alpha linkage (#151 ) CI / Test (pull_request) Successful in 13s Details CI / Lint & Typecheck (pull_request) Successful in 18s Details CI / Build & Push Docker Images (pull_request) Successful in 45s Details CI / Test (push) Successful in 2m20s Details CI / Lint & Typecheck (push) Successful in 2m25s Details CI / Build & Push Docker Images (push) Successful in 28s Details	2026-06-02 18:09:31 +00:00
Scrubs McBarkley	c92fb2539d	promote(uat→main): owner-bypass audit fix (GRO-2062) + services seed-idempotency fix (GRO-2064) CI / Test (push) Successful in 14s Details CI / Lint & Typecheck (push) Successful in 16s Details CI / Build & Push Docker Images (push) Successful in 25s Details	2026-06-02 06:00:02 +00:00
The Dogfather	411c42b2c4	Merge pull request 'Promote dev→uat: GRO-2033 services_pkey seed fix (`fc6c6ef7`)' (#149 ) from dev into uat CI / Test (push) Successful in 14s Details CI / Lint & Typecheck (push) Successful in 16s Details CI / Build & Push Docker Images (push) Successful in 39s Details CI / Test (pull_request) Successful in 12s Details CI / Lint & Typecheck (pull_request) Successful in 16s Details CI / Build & Push Docker Images (pull_request) Successful in 38s Details	2026-06-02 05:06:34 +00:00
Flea Flicker	fc6c6ef752	fix(db): make services seed idempotent across resets (GRO-2064, GRO-2033 close-out) (#148 ) CI / Test (push) Successful in 12s Details CI / Lint & Typecheck (push) Successful in 15s Details CI / Build & Push Docker Images (push) Successful in 28s Details CI / Test (pull_request) Successful in 14s Details CI / Lint & Typecheck (pull_request) Successful in 20s Details CI / Build & Push Docker Images (pull_request) Successful in 39s Details	2026-06-02 04:54:33 +00:00
The Dogfather	bf97849324	promote(dev→uat): owner-bypass read audit row (GRO-2063) (#147 ) CI / Test (push) Successful in 12s Details CI / Lint & Typecheck (push) Successful in 17s Details CI / Build & Push Docker Images (push) Successful in 41s Details Promote GRO-2063 defense-in-depth audit row to uat. CI green. QA + CTO approved on dev PR #146. Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-06-02 04:21:43 +00:00
The Dogfather	1a6a54cc84	security(audit): log owner-bypass reads in GET /pets/:id/profile-summary (GRO-2062) (#146 ) CI / Test (push) Successful in 12s Details CI / Lint & Typecheck (push) Successful in 16s Details CI / Test (pull_request) Successful in 12s Details CI / Lint & Typecheck (pull_request) Successful in 15s Details CI / Build & Push Docker Images (push) Successful in 40s Details CI / Build & Push Docker Images (pull_request) Successful in 27s Details QA-approved (gb_lint) + CTO-approved. Defense-in-depth audit row on staff owner-bypass. GRO-2063. Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-06-02 04:20:23 +00:00
Flea Flicker	1f888ac716	security(audit): log owner-bypass reads in GET /pets/:id/profile-summary (GRO-2062) CI / Test (pull_request) Successful in 12s Details CI / Lint & Typecheck (pull_request) Successful in 15s Details CI / Build & Push Docker Images (pull_request) Successful in 1m16s Details Adds a defense-in-depth audit row to impersonationAuditLogs when the staff-side owner-bypass path fires. Mirrors the failure-isolation pattern in src/middleware/portalAudit.ts: insert failures are logged and swallowed so a working read can never turn into a 500. - New writeOwnerBypassAudit helper called only when isOwner === true. - No DB migration; petId + actorStaffId go inside metadata jsonb. - resolveImpersonationClientId stays pure (no audit side effects). - Positive + negative tests + a cross-tenant regression test. - UAT_PLAYBOOK.md §3.19d: TC-API-3.19d documents the audit assertion. Parent tracking: GRO-2062 (Paperclip). Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>	2026-06-02 04:10:58 +00:00
Scrubs McBarkley	2a6242d3de	Merge pull request 'promote(main): GRO-2033 prod migration fix + GRO-2013/2014 + rbac auto-provision (uat→main)' (#145 ) from uat into main CI / Test (push) Successful in 13s Details CI / Lint & Typecheck (push) Successful in 18s Details CI / Build & Push Docker Images (push) Successful in 30s Details promote(main): GRO-2033 prod migration fix + GRO-2013/2014 + rbac auto-provision (uat→main) CI green. UAT regression GRO-2035 PASS. Migrations 0039/0040 idempotent — signed off by CEO. Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-06-02 03:22:21 +00:00
The Dogfather	7181d41b24	Merge pull request 'Promote dev→uat: rbac Better-Auth auto-provision (GRO-2052)' (#144 ) from dev into uat CI / Test (push) Successful in 13s Details CI / Lint & Typecheck (push) Successful in 15s Details CI / Build & Push Docker Images (push) Failing after 13s Details CI / Test (pull_request) Successful in 12s Details CI / Lint & Typecheck (pull_request) Successful in 15s Details CI / Build & Push Docker Images (pull_request) Successful in 41s Details Promote dev→uat: rbac Better-Auth auto-provision (GRO-2052) Makes the pets.ts owner-bypass reachable for Better-Auth email/password customers by auto-provisioning a groomer staff row keyed on user.id. Unblocks GRO-2050 and GRO-2035. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>	2026-06-02 02:42:19 +00:00

1 2 3 4 5 ...

302 Commits