fix: codebase audit — security, data integrity, blog, and framework fixes #12
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…ixes Address ~38 issues found during 6-agent codebase audit: Security: add missing requireAdmin() guards, fix IDOR on checkout prefill by deriving userId from session, add Zod runtime validation to 7 actions, reject invoice payment method in B2C orders. Data integrity: harden order creation (active product/store checks, empty items guard), add pickup date server-side validation, invoice number retry loop, double-claim prevention, status transition guards on invoices, atomic B2B application approval, fix COALESCE on invoice dates. Blog: prevent negative like counts with GREATEST(), handle duplicate key on likes, conditional WHERE on comment approve/reject, replace N+1 getAllTags with JOIN query, escape ILIKE patterns, fix pagination and pluralization. Framework: add error boundaries (public, admin, checkout), fix caching durations, remove unnecessary "use client", add Image sizes props, replace sql.raw() with parameterized SQL, optimize user/category queries, document auth architecture in CLAUDE.md. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
Fully decouple B2B from B2C so B2B can be toggled via feature flag, moved to a subdomain, or extracted to a separate app. - Separate B2B cart system (own cookie, actions, queries) - Tabbed cart drawer for B2B members (E-shop + B2B tabs) - Dedicated B2B checkout at /b2b/pokladna with org info, delivery address, invoice payment - B2B order confirmation page at /b2b/pokladna/[orderId] - Add deliveryAddress column to orders table - Remove all isB2B branching from B2C checkout Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Architecture plan for future store-as-B2B-client system with daily replenishment orders, payment balance tracking, and monthly reporting. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
…ured logging P0 fixes: - Add ownership checks to B2C and B2B order confirmation pages - Re-throw Next.js redirect errors in order creation catch blocks P1 fixes: - Add duplicate order protection (5-min window dedup by user+total+date) - Make email notifications fire-and-forget with Promise.allSettled - Add cart quantity upper bound (max 999) in schema and actions - Add try-catch in client checkout hooks for network errors Logging: - Replace all console.error with structured pino logger (log.orders, log.email) - Document logger usage in CLAUDE.md Also includes deliveryAddress DB migration from prior commit. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
…submission - Wrap getDetailedCart/getDetailedB2bCart in React cache() for request-level dedup - Parallelize getUserDetails + getDetailedCart fetches in cart drawer - Remove dead _calendarStartDate useMemo from both checkout forms - Fix B2bOrgEditSheet phone field not being submitted to user profile - Deduplicate B2B cart components using shared QuantitySetter and RemoveItemButton - Replace console.error with structured pino logger in B2B client actions Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Replace nested try/catch with runPipeline + unwrap + guard pattern for clearer control flow and typed error handling in both B2C and B2B order creation actions. - Add guard() assertion helper to pipeline.ts, remove unused pipeline() - Convert internal validators to StepResult<T> (validateCart, validateStoreExists, etc.) - Add validatePickupDate and validateGuestInfo with email regex - Use guard() in buildOrderItems and persistOrder instead of raw throw - Move cart clearing outside pipeline — only after confirmed success - Add B2C payment method allowlist with type guard (no as-casts) - Extract DUPLICATE_WINDOW_MS constant, add duplicate detection logging Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
…g, security hardening
- Fix "use cache" placement: move from file-level to per-function in admin-dashboard and user-management queries
- Upgrade cacheLife("days") to cacheLife("max") for products and categories (invalidated on-demand via updateTag)
- Fix category cache tag conflict: "products" → "featured-categories"
- Add missing updateTag("orders") in markInvoiceAsPaid
- Fix invoice generation race condition: UPDATE uses inArray + isNull(invoiceId) guard
- Inspect Promise.allSettled results and log rejected emails
- Replace all console.error/console.log with structured pino logging (0 remaining)
- Add CHECK constraints on all price/amount fields (products, orderItems, orders, invoices, promoCodes, prices)
- Add UNIQUE constraint on reviews (userId, productId)
- Add query LIMIT to getAllOrders(500), getAdminProducts(500), getAdminPosts(200), getAdminTags(100)
- Add MIME type validation and 10MB size limit to media upload
- Log cart cookie corruption instead of silently returning empty array
- Remove unused categories.parentId column, self-referencing FK, and parent category UI
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
…ints - Add .claude config to .gitignore - Create new migration file 0005_quiet_marvex.sql to drop unnecessary constraints and add new CHECK and UNIQUE constraints for data integrity - Update migration journal to include new migration version 0005 - Add snapshot file 0005_snapshot.json for database schema tracking
…integrity
- Add site-config key whitelist (orders_enabled, registration_enabled, promo_banner)
- Reduce last order cookie expiry from 1 year to 30 days
- Add logging to silent catch blocks in contact form and B2B request
- Add orders.companyId index for B2B query performance
- Remove `as string` slug casts in posts, products, categories actions
- Wrap invoice actions in try-catch with { success, error } return pattern
- Add error.tsx boundaries for /b2b/shop and /profil routes
- Parallelize getCategories + getProducts in getCategoriesByCatalog
- Fix post like toggle race condition with onConflictDoNothing
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
…from "use server" file Next.js "use server" files can only export async functions. The constant was exported from internal.ts and imported by both order creation files, causing a runtime error. Inlined into each consumer. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
… detection - Remove "use server" from internal.ts — it's a helper file, not a server action. Only the actual action files (create-b2c-order, create-b2b-order) need the directive. - Remove duplicate order detection entirely — the cart is cleared after successful order creation, so architecturally a user cannot submit a second order with the same cart. The check was redundant complexity with a weak heuristic (same total + date could be legitimately different). Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
…dules Dynamic `await import()` calls were used unnecessarily for modules already available at the top level. Moved all internal imports to static top-level imports and added a CLAUDE.md rule to prevent this pattern going forward. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
…tems - Reformatted import statements for clarity and consistency. - Added console logs to track found and missing product IDs during order item building for better debugging.
…tion
- Remove console.log statements from buildOrderItems
- Add category isActive check in buildOrderItems to prevent ordering from inactive categories
- Add updateTag("orders") after B2C and B2B order creation for proper cache invalidation
- Disable game feature flag
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
Addresses ~38 issues found during a comprehensive 6-agent codebase audit across 4 work streams:
requireAdmin()guards on 3 actions, fixed IDOR on checkout prefill (derive userId from session), added Zod runtime validation to 7 server actions, reject"invoice"payment in B2C.returning(), status transition guards on invoices, atomic B2B application approval, fixedCOALESCEon invoice date columnsGREATEST), duplicate key handling on likes, conditional WHERE on comment approve/reject, replaced N+1getAllTagswith single JOIN query, escaped ILIKE search patterns, fixed pagination validation and Slovak pluralization"use client", addedsizesto<Image fill>, replacedsql.raw()with parameterized SQL, optimized user/category queries, documented auth architecture in CLAUDE.mdTest plan
pnpm typecheckpassespnpm buildpasses (97 pages)🤖 Generated with Claude Code