This repository has been archived on 2026-05-24. You can view files and clone it. You cannot open issues or pull requests or push a commit.

Flea Flicker 8182870d38 feat(GRO-642): add logo magic-bytes validation to prevent MIME confusion attacks ...

Defensive validation in /api/branding ensures base64-encoded logo content
matches its declared MIME type by checking image magic bytes (PNG, JPEG,
GIF, WebP). If the content doesn't match, the legacy base64 fields are
nulled out before returning to prevent MIME type confusion attacks.

Co-Authored-By: Paperclip <noreply@paperclip.ing>

2026-04-17 02:58:15 +00:00

..

src

feat(GRO-642): add logo magic-bytes validation to prevent MIME confusion attacks

2026-04-17 02:58:15 +00:00

Dockerfile

fix: add corepack cache dir to Dockerfile (GRO-655)

2026-04-14 23:02:37 +00:00

eslint.config.js

feat: appointment scheduling, client/pet/service/staff CRUD UI

2026-03-17 18:45:28 +00:00

package.json

feat(GRO-600): extend reminder scheduler to send SMS alongside email

2026-04-15 09:23:24 +00:00

tsconfig.json

Bootstrap monorepo: Hono API, React PWA, Drizzle DB, CI/CD

2026-03-17 16:11:04 +00:00

vitest.config.ts

feat: deterministic seed, impersonation migration, test factories (GRO-110)

2026-03-21 19:34:52 +00:00