Commit Graph - app

groombook/app

Archived

Fork 0

Commit Graph

Select branches

Hide Pull Requests

GRO-574-rate-limit-migration

archived-readme

chore/gro-558-agents-instructions

chore/gro-575-promote-gro-574-to-uat

ci-dev-trigger2

clean-gro-639

cpfarhood/gro-1162-pet-buffer

dev

docs/GRO-106-10dlc-runbook

docs/GRO-1099-uat-playbook-app

docs/GRO-1502-uat-mcp-migration

feat/GRO-106-portal-communication-real

feat/GRO-106-stop-help

feat/GRO-106-stop-help-v2

feat/GRO-984-outbound-sms-persistence

feat/gro-526-seed-profile-param

feature/gro-597-payment-admin

feature/gro-597-payment-api

feature/gro-597-payment-backend

feature/gro-597-payment-ui

feature/gro-597-stripe-webhooks

feature/gro-607-payment-ui

feature/gro-609-refund-payment-stats

feature/gro-623-groomer-isolation

feature/gro-631-graceful-shutdown

feature/gro-632-impersonation-session-hardening

feature/gro-633-db-indexes-constraints

feature/gro-653-portal-session-middleware

fix-gro-624-input-validation

fix/GRO-1108-test-mocks

fix/GRO-1212-portal-test-mock-imports

fix/GRO-980-indentation

fix/ci-e2e-dind-networking-registry-auth

fix/ci-registry-auth-main

fix/gro-1021-auth-rate-limit

fix/gro-1021-auth-rate-limit-v2

fix/gro-1024-clean

fix/gro-1248-path-prefixes

fix/gro-1368-consent-ts

fix/gro-1369-types-sync

fix/gro-531-social-login

fix/gro-540-prod-oidc-env-vars

fix/gro-545-social-providers-config

fix/gro-557-e2e-stability

fix/gro-566-skip-oobe

fix/gro-609-cherry-pick

fix/gro-624-input-validation

fix/gro-636-input-validation-v3

fix/gro-637-invoice-refund-fixes

fix/gro-639-n-plus-one-reminder-scheduler

fix/gro-640-n-plus-one-email

fix/gro-655-corepack-enoent

fix/gro-655-corepack-only

fix/gro-660-uat-seed-manager-superuser

fix/gro-665-staff-auto-link

fix/gro-720-gitignore-hardening

fix/gro-721-harden-gitignore

fix/gro-765-portal-appointments-service

fix/gro-805-allow-groomer-invoices

fix/gro-816-portal-pets-crash

fix/gro-820-e2e-invoices-mock

fix/gro-844-network-policy

fix/gro-866-uat-seed-personas

fix/gro-867-logo-proxy

fix/gro-898-demo-sso-env-vars

flea-flicker/gro-1162-pet-buffer

flea-flicker/gro-1162-pet-buffer-time

flea-flicker/gro-1489-lint-fixes

flea/gro-1496-e2e-err-connection-refused

flea/gro-1636-better-auth-seed

fleaflicker/deploy-telnyx-webhook-secret

gitea/migrate-workflows

main

pr-434

uat

#100

#101

#102

#103

#104

#108

#109

#110

#112

#113

#116

#117

#120

#121

#123

#124

#125

#126

#127

#128

#129

#130

#132

#134

#135

#136

#137

#138

#14

#140

#141

#142

#143

#144

#145

#146

#147

#148

#15

#150

#151

#152

#153

#154

#155

#156

#157

#158

#159

#16

#160

#161

#162

#163

#164

#165

#166

#167

#168

#169

#17

#170

#171

#172

#173

#174

#175

#176

#177

#178

#179

#180

#181

#182

#183

#184

#185

#186

#187

#188

#189

#190

#191

#192

#193

#194

#195

#196

#197

#198

#199

#200

#201

#202

#203

#204

#205

#206

#207

#208

#209

#210

#211

#212

#213

#214

#215

#216

#217

#218

#219

#220

#221

#222

#223

#224

#225

#226

#228

#229

#23

#230

#231

#232

#233

#234

#235

#236

#238

#24

#240

#241

#242

#243

#244

#245

#246

#248

#249

#25

#250

#251

#252

#253

#254

#255

#256

#257

#258

#259

#26

#260

#261

#262

#263

#264

#265

#266

#267

#268

#269

#27

#270

#271

#272

#273

#274

#275

#276

#277

#278

#279

#28

#280

#281

#282

#283

#284

#285

#286

#287

#288

#289

#29

#290

#291

#292

#293

#294

#295

#296

#297

#298

#299

#30

#300

#301

#302

#303

#304

#305

#306

#307

#308

#309

#31

#310

#311

#312

#313

#314

#315

#316

#317

#318

#319

#32

#320

#321

#322

#323

#324

#325

#326

#327

#328

#329

#33

#330

#331

#332

#333

#334

#335

#336

#337

#338

#339

#34

#340

#341

#342

#343

#344

#345

#346

#347

#348

#349

#35

#350

#351

#352

#353

#354

#355

#356

#357

#358

#359

#36

#360

#361

#362

#363

#364

#365

#366

#367

#368

#369

#37

#370

#371

#372

#373

#374

#375

#376

#377

#378

#379

#38

#380

#381

#382

#383

#384

#385

#386

#387

#388

#389

#390

#391

#392

#393

#394

#395

#395

#396

#396

#397

#397

#398

#399

#400

#401

#402

#403

#404

#405

#406

#407

#407

#408

#409

#41

#410

#410

#411

#411

#412

#413

#414

#415

#416

#417

#418

#419

#42

#420

#421

#421

#422

#423

#424

#425

#426

#427

#428

#429

#43

#430

#431

#432

#433

#434

#44

#45

#47

#48

#50

#51

#52

#54

#55

#57

#59

#62

#63

#64

#66

#68

#69

#70

#71

#73

#75

#78

#82

#83

#85

#86

#89

#92

#96

#99

50e9e70935 feat(gro-609): add Stripe details to invoice modal and fix stats date filter Test User 2026-04-19 01:02:49 +00:00
d59cb1ab1d feat(gro-609): add refund handling and payment stats to admin Test User 2026-04-19 00:17:42 +00:00
a9be160c1b fix(GRO-682): pre-populate corepack cache at build time fix/gro-765-portal-appointments-service Test User 2026-04-19 00:35:38 +00:00
f362aa61b4 fix: allow groomer role to access invoices endpoint fix/gro-805-allow-groomer-invoices Test User 2026-04-19 00:24:45 +00:00
4e9abd793d feat(gro-609): add refund handling and payment stats to admin Test User 2026-04-19 00:17:42 +00:00
740e46baf2 Merge pull request #340 from groombook/fix/gro-805-invoices-rbac groombook-engineer[bot] 2026-04-18 11:00:57 +00:00
b1b89966d9 fix: allow groomer role to access invoices endpoint Test User 2026-04-18 10:36:23 +00:00
25fd3308e0 chore(GRO-720): harden .gitignore against agent runtime leaks (#338) the-dogfather-cto[bot] 2026-04-18 10:23:44 +00:00
be07c8b758 fix(GRO-666): leave staff.user_id NULL in seed so middleware can auto-link by email (#312) lint-roller-qa[bot] 2026-04-18 10:18:38 +00:00
ff2851eda2 chore(GRO-720): harden .gitignore against agent runtime leaks Flea Flicker 2026-04-18 10:18:29 +00:00
087b09a213 chore(GRO-720): harden .gitignore against agent runtime leaks fix/gro-720-gitignore-hardening Flea Flicker 2026-04-18 10:13:17 +00:00
5b33efdddd chore(GRO-720): harden .gitignore against agent runtime leaks fix/gro-721-harden-gitignore Test User 2026-04-18 10:09:30 +00:00
abee344ca4 Promote dev → uat: ARIA modal fix + tip split atomicity (#335) the-dogfather-cto[bot] 2026-04-17 22:58:00 +00:00
460ba78112 Merge pull request #334 from groombook/uat scrubs-mcbarkley-ceo[bot] 2026-04-17 22:51:38 +00:00
ffe8aef035 Merge pull request #333 from groombook/feature/gro-628-frontend-error-handling the-dogfather-cto[bot] 2026-04-17 22:50:45 +00:00
2153505875 fix(GRO-785): restore eslint-disable for intentionally unused _tipSplits var Flea Flicker 2026-04-17 22:39:19 +00:00
4aaf2a3b3f fix(GRO-785): wrap tip split save + invoice update in single transaction Flea Flicker 2026-04-17 22:29:30 +00:00
20ca93b36d fix(GRO-785): address invoice tip split regression Flea Flicker 2026-04-17 22:21:19 +00:00
9793283021 fix(GRO-785): restore atomic tip split save in PATCH and fix error message Flea Flicker 2026-04-17 22:15:48 +00:00
1cc6d53546 promote: dev → uat (GRO-766, GRO-743, GRO-773, GRO-778) the-dogfather-cto[bot] 2026-04-17 22:09:40 +00:00
bfe099deda fix(GRO-786): remove duplicate dialog role and restore focus trap Flea Flicker 2026-04-17 22:04:53 +00:00
47ccd1395c fix(GRO-778): exempt /dev-session from validatePortalSession middleware (#329) the-dogfather-cto[bot] 2026-04-17 21:54:32 +00:00
ef79ac748c feat(GRO-786): add ARIA label attributes to Modal dialog component Flea Flicker 2026-04-17 18:29:01 +00:00
06846952a1 feat(GRO-785): validate tip split totals before marking invoice paid Flea Flicker 2026-04-17 18:25:04 +00:00
d72485c08a fix(GRO-778): physically move /dev-session route above validatePortalSession middleware Test User 2026-04-17 21:36:44 +00:00
4001691ae7 fix(GRO-773): raise auth rate-limit threshold and exempt /get-session (#327) lint-roller-qa[bot] 2026-04-17 18:04:41 +00:00
b980e4177c fix(GRO-778): exempt /dev-session from validatePortalSession middleware Test User 2026-04-17 17:56:31 +00:00
6141dcb77d fix(GRO-766): prevent horizontal overflow on portal mobile pages (#323) the-dogfather-cto[bot] 2026-04-17 17:40:25 +00:00
8ecbfbeee4 fix(GRO-743): add dedicated client detail route with unconditional data fetch (#316) the-dogfather-cto[bot] 2026-04-17 17:23:09 +00:00
dcb929be5b fix(GRO-765): remove dead upcoming/past filter code in portal appointments Test User 2026-04-17 17:22:41 +00:00
1da61fb466 Merge pull request #326 from groombook/dev groombook-engineer[bot] 2026-04-17 17:19:40 +00:00
77971a1ac9 fix(GRO-769): proxy logo uploads through API server to fix mixed content (#325) groombook-engineer[bot] 2026-04-17 17:13:44 +00:00
e539b6c904 Merge pull request #324 from groombook/dev the-dogfather-cto[bot] 2026-04-17 16:05:37 +00:00
b797ac3ab1 fix(GRO-642): add ARIA dialog attributes to remaining modals (#321) the-dogfather-cto[bot] 2026-04-17 15:55:03 +00:00
6bddd6203d fix(GRO-766): prevent horizontal overflow on portal mobile pages Test User 2026-04-17 12:52:02 +00:00
0ace23de53 fix(GRO-765): include service name in portal appointments response Test User 2026-04-17 12:50:07 +00:00
3c7820d785 fix(GRO-751): add server-side tip split validation to markPaid the-dogfather-cto[bot] 2026-04-17 12:33:43 +00:00
9eb86004fc chore(uat): promote dev → uat (GRO-628 + GRO-749 + GRO-639) the-dogfather-cto[bot] 2026-04-17 12:31:53 +00:00
6046594a15 fix(GRO-642): add ARIA dialog attributes to remaining modals Test User 2026-04-17 12:29:14 +00:00
b683c57d6c Merge pull request #319 from groombook/fix/gro-749-portal-auth-header the-dogfather-cto[bot] 2026-04-17 12:23:43 +00:00
89505a2363 fix(GRO-749): update test assertions to use X-Impersonation-Session-Id header Test User 2026-04-17 12:14:49 +00:00
8e1e51be59 Merge pull request #318 from groombook/dev scrubs-mcbarkley-ceo[bot] 2026-04-17 11:43:47 +00:00
ea7bf4f49b fix(GRO-749): use correct impersonation header in portal Appointments Test User 2026-04-17 11:31:06 +00:00
6e1e51fba7 fix(GRO-639): replace N+1 per-appointment queries with single JOIN query (#306) the-dogfather-cto[bot] 2026-04-17 10:45:17 +00:00
5a8ea2fd14 Merge pull request #313 from groombook/feature/gro-628-frontend-error-handling groombook-engineer[bot] 2026-04-17 07:12:27 +00:00
b00d6a8ca0 fix(GRO-642): restrict allowed logo MIME types to bitmap formats only Test User 2026-04-17 06:46:24 +00:00
f8ea417799 fix(GRO-642): sanitize logo MIME type to prevent XSS in data URL rendering Test User 2026-04-17 06:45:06 +00:00
772f4df62f fix(GRO-643): add appointment indexes to schema and S3 error handling (#315) lint-roller-qa[bot] 2026-04-17 06:42:01 +00:00
edf2ef8f7e fix(GRO-666): leave staff.user_id NULL in seed so middleware can auto-link by email (#314) groombook-engineer[bot] 2026-04-17 06:35:33 +00:00
8182870d38 feat(GRO-642): add logo magic-bytes validation to prevent MIME confusion attacks Flea Flicker 2026-04-17 02:58:05 +00:00
7f715ecdfc fix(GRO-666): leave staff.user_id NULL in seed so middleware can auto-link by email Test User 2026-04-17 02:42:06 +00:00
5df8837b5f ci: add dev to pull_request branch list Test User 2026-04-17 02:08:08 +00:00
0abb79010d fix(GRO-639): replace sql ANY() with inArray for Drizzle compatibility Flea Flicker 2026-04-16 17:41:05 +00:00
eab97b2ebd fix(GRO-666): leave staff.user_id NULL in seed so middleware can auto-link by email Test User 2026-04-17 01:32:28 +00:00
f301b1a5a0 fix(GRO-642): add real-time validation for tip split percentages Test User 2026-04-17 00:56:05 +00:00
fb9f83d638 fix(GRO-643): update test to include required email field feature/gro-633-db-indexes-constraints Flea Flicker 2026-04-17 00:44:41 +00:00
c786544369 Fix frontend error handling and code quality (GRO-642) Paperclip 2026-04-14 15:17:01 +00:00
85c76b5209 fix(GRO-724): rename dev hostname from groombook.dev.farh.net to dev.groombook.dev (#308) groombook-engineer[bot] 2026-04-16 18:58:03 +00:00
8f97a19cdd fix(GRO-639): add trailing newline to reminders.ts fix/gro-639-n-plus-one-reminder-scheduler Flea Flicker 2026-04-16 17:33:20 +00:00
a407f866d5 fix(GRO-639): replace raw SQL ANY() with Drizzle inArray Flea Flicker 2026-04-16 17:22:35 +00:00
2577e33c50 feat(GRO-653): add portal session middleware and server-side audit logging (#300) ci-dev-trigger2 groombook-engineer[bot] 2026-04-16 11:20:36 +00:00
d8dbec1be1 Merge pull request #304 from groombook/docs/branch-strategy-contributing fix/gro-624-input-validation Chris Farhood 2026-04-16 06:59:15 -04:00
4a65c30d40 docs: fix bash snippet quoting and add uat→main pr command Scrubs McBarkley 2026-04-16 10:43:12 +00:00
cab17e0230 docs: add CONTRIBUTING.md with branch strategy Scrubs McBarkley 2026-04-16 10:39:40 +00:00
5c2e13863e fix(GRO-653): remove unused sessionId variable and and import feature/gro-653-portal-session-middleware Flea Flicker 2026-04-16 10:18:56 +00:00
b904418628 fix(GRO-640): replace N+1 queries in sendConfirmationEmail with single JOIN query groombook-cto[bot] 2026-04-16 10:14:06 +00:00
1f3896622d Merge branch 'main' into fix/gro-640-n-plus-one-email fix/gro-640-n-plus-one-email groombook-cto[bot] 2026-04-16 10:09:10 +00:00
5ff54ce8f9 fix(GRO-689): only validate authorizationUrl hostname, add OIDC_INTERNAL_BASE in dev (#302) groombook-cto[bot] 2026-04-16 05:18:58 +00:00
a2cfdfef74 Merge branch 'main' into fix/gro-689-oidc-hostname-validation groombook-cto[bot] 2026-04-16 05:15:28 +00:00
ab9384d38e feat(GRO-690): add groomer persona seed support via env vars (#303) groombook-cto[bot] 2026-04-16 05:11:07 +00:00
6ba6da08b2 Merge branch 'main' into fix/gro-689-oidc-hostname-validation groombook-cto[bot] 2026-04-16 05:08:23 +00:00
29a726fa3d feat(GRO-690): add groomer persona seed support via env vars Flea Flicker 2026-04-16 05:04:52 +00:00
cdf4d6c4b1 fix(GRO-689): only validate authorizationUrl hostname, add OIDC_INTERNAL_BASE in dev Flea Flicker 2026-04-16 04:42:59 +00:00
08e15dafd5 fix(GRO-639): replace N+1 per-appointment queries with single JOIN query clean-gro-639 Flea Flicker 2026-04-16 04:32:02 +00:00
5024cc4896 feat(GRO-653): add portal session middleware and server-side audit logging Flea Flicker 2026-04-16 04:23:08 +00:00
ffb3cd139a Merge pull request #296 from groombook/fix/gro-666-uat-seed-better-auth-user-id groombook-cto[bot] 2026-04-16 04:17:14 +00:00
85cff19c59 fix(GRO-666): make migration 0028 idempotent to resolve E2E failure Flea Flicker 2026-04-15 15:25:20 +00:00
376180ab9d fix: make email required in createClientSchema to match NOT NULL column Flea Flicker 2026-04-15 10:52:45 +00:00
aea3b1f410 fix(GRO-640): replace N+1 queries in sendConfirmationEmail with single JOIN query Flea Flicker 2026-04-15 10:49:43 +00:00
da16ac8ac2 Add missing DB indexes, NOT NULL on clients.email, and S3 error handling Flea Flicker 2026-04-15 10:08:51 +00:00
16dd513521 fix(seed): populate userId for UAT staff and SEED_ADMIN_EMAIL staff Flea Flicker 2026-04-15 09:37:51 +00:00
66a6659ccd feat(GRO-600): extend reminder scheduler to send SMS alongside email Flea Flicker 2026-04-15 09:23:24 +00:00
71c229f83b fix(GRO-634): implement auth & authorization security hardening (8 findings) groombook-cto[bot] 2026-04-15 07:00:23 +00:00
1ef740c361 Merge branch 'main' into feature/gro-622-security-hardening groombook-cto[bot] 2026-04-15 06:53:50 +00:00
d433c902b4 fix(GRO-637): invoice status transitions, tip-split validation, refund idempotency, and tip-split response format groombook-cto[bot] 2026-04-15 06:04:38 +00:00
2573d067e4 fix(api): remove CSRF middleware that breaks POST/PUT/PATCH/DELETE fix/gro-637-invoice-refund-fixes Flea Flicker 2026-04-15 05:47:29 +00:00
b903d1e506 fix(api): wire up CSRF middleware for protected routes Flea Flicker 2026-04-15 05:14:28 +00:00
8f06f32e7d fix(invoices): wrap refund flow in transaction for idempotency safety Flea Flicker 2026-04-15 03:50:40 +00:00
85af080ba2 Fix invoice status transitions, tip-split validation, refund idempotency, and tip-split response format Paperclip 2026-04-14 14:12:52 +00:00
dc3b3ddcb7 fix(auth): add email-based staff auto-linking in resolveStaffMiddleware groombook-cto[bot] 2026-04-15 05:50:59 +00:00
a222bd4542 fix(auth): add email-based staff auto-linking in resolveStaffMiddleware fix/gro-665-staff-auto-link Flea Flicker 2026-04-15 05:39:34 +00:00
31997e33c0 fix(GRO-638): appointment scheduling correctness and client deletion integrity groombook-cto[bot] 2026-04-15 05:03:11 +00:00
e118607fd6 Merge branch 'main' into fix/gro-627-scheduling-correctness groombook-cto[bot] 2026-04-15 05:00:12 +00:00
e1e13d5091 fix(GRO-636): input validation fixes for 5 API routes groombook-cto[bot] 2026-04-15 04:26:20 +00:00
8de1eb048c fix(stripe-webhooks): validate invoice IDs as UUIDs before DB lookup fix/gro-636-input-validation-v3 Paperclip 2026-04-14 14:00:02 +00:00
007643a03c fix(services): cap durationMinutes at 480 (8 hours max) Paperclip 2026-04-14 13:59:59 +00:00
636f6a47ec fix(appointments): cap recurrence series at 1 year max Paperclip 2026-04-14 13:59:54 +00:00
8ae43d524a fix(book): add future-time refinement to booking startTime Paperclip 2026-04-14 13:59:51 +00:00
05293574aa fix(invoices): add Zod query param validation to GET / Paperclip 2026-04-14 13:59:50 +00:00
c89c2fd6b4 Revert RBAC/authorization changes in appointmentGroups and groomingLogs fix-gro-624-input-validation Flea Flicker 2026-04-15 02:09:29 +00:00

1 2 3 4 5 ...