chadebebe

7 Commits 1 Branch 0 Tags

Author	SHA1	Message	Date
Adriano Belisario	52f75f0b3d	refactor: update UI components and page layouts Some checks failed Build and Push Docker Image / build-and-push (push) Has been cancelled Details Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-05-03 18:18:31 +00:00
Michael T	ee884ccdf2	fix(api): use synchronous transaction for wishlist reorder better-sqlite3 doesn't support async transactions. Removed async/await and used synchronous .run() and .all() methods instead. Fixes #38	2026-01-23 15:29:16 -05:00
Michael T	30c661a364	fix(auth): resolve cookie authentication failure over HTTP Cookies were set with secure flag based solely on NODE_ENV, causing 401 errors when accessing over HTTP with NODE_ENV=production. - Add COOKIE_SECURE env var for explicit control - Auto-detect HTTPS via X-Forwarded-Proto header in production - Extract isSecureCookie() utility to lib/auth/utils.ts - Document COOKIE_SECURE in README and .env.example Fixes #39	2026-01-23 15:26:24 -05:00
Michael T	be49b91188	chore: remove unused middleware placeholder The middleware only passed requests through without modification. Password lock protection is handled client-side via PasswordLockGuard.	2026-01-12 15:57:25 -05:00
Michael T	ae81206de7	fix(security): sanitize HTML content to prevent XSS attacks Add DOMPurify to sanitize user-generated HTML in the preferences section before rendering with dangerouslySetInnerHTML.	2026-01-12 11:21:27 -05:00
Michael T	aec68daec0	chore(deps): update dependencies to latest versions - Upgrade @lexical/* packages from 0.38.2 to 0.39.0 - Upgrade drizzle-orm from 0.44.7 to 0.45.1 - Upgrade react and react-dom from 19.2.0 to 19.2.3 - Upgrade sharp from 0.33.5 to 0.34.5 - Sync eslint-config-next with next@16.1.1	2026-01-12 11:16:45 -05:00
michaeltieso	3480888eaa	Initial commit	2025-12-01 14:49:17 +00:00