4d5edb7c76
build(deps): bump docker/setup-buildx-action from 3 to 4 ( #398 )
...
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) from 3 to 4.
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](https://github.com/docker/setup-buildx-action/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
dependency-version: '4'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Daniel Volz <mail@danielvolz.org >
2026-03-10 13:24:29 +01:00
07bfa78386
build(deps): bump docker/login-action from 3 to 4 ( #399 )
...
Bumps [docker/login-action](https://github.com/docker/login-action ) from 3 to 4.
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](https://github.com/docker/login-action/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: docker/login-action
dependency-version: '4'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-10 13:23:19 +01:00
8d37fd0cb5
build(deps): bump docker/build-push-action from 6 to 7 ( #400 )
...
Bumps [docker/build-push-action](https://github.com/docker/build-push-action ) from 6 to 7.
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](https://github.com/docker/build-push-action/compare/v6...v7 )
---
updated-dependencies:
- dependency-name: docker/build-push-action
dependency-version: '7'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-10 12:16:49 +01:00
192e611668
build(deps): bump actions/stale from 9 to 10 ( #397 )
...
Bumps [actions/stale](https://github.com/actions/stale ) from 9 to 10.
- [Release notes](https://github.com/actions/stale/releases )
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/stale/compare/v9...v10 )
---
updated-dependencies:
- dependency-name: actions/stale
dependency-version: '10'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-10 12:15:29 +01:00
4de3b80aba
build(deps): bump docker/metadata-action from 5 to 6 ( #401 )
...
Bumps [docker/metadata-action](https://github.com/docker/metadata-action ) from 5 to 6.
- [Release notes](https://github.com/docker/metadata-action/releases )
- [Commits](https://github.com/docker/metadata-action/compare/v5...v6 )
---
updated-dependencies:
- dependency-name: docker/metadata-action
dependency-version: '6'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-10 12:15:08 +01:00
fd17288109
chore: gate Playwright E2E to app-relevant changes ( #410 )
...
* ci: gate Playwright E2E to app-relevant changes
* ci: skip app e2e for workflow-only PRs
2026-03-10 11:52:54 +01:00
8594e175f1
feat: improve CI and project automation workflows ( #390 )
...
- Harden docker/release workflow with manual release guardrails and concurrency
- Add stale issue cleanup workflow (issues only)
- Add project field sync workflow from issue labels
- Add weekly triage report workflow
- Add CODEOWNERS for automatic review routing
2026-03-08 00:49:08 +01:00
8e29219cd1
chore: refine issue template chooser and metadata\n\n- simplify issue chooser to template-focused structure\n- add default bug assignee\n- add [Bug]/[Feature] title prefixes ( #392 )
2026-03-08 00:49:04 +01:00
d7d4bf39a0
docs: require explicit issue comment when closing issues via PR
2026-03-06 19:59:59 +01:00
c62b6d7893
build(deps): bump actions/upload-artifact from 6 to 7 ( #345 )
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 6 to 7.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](https://github.com/actions/upload-artifact/compare/v6...v7 )
---
updated-dependencies:
- dependency-name: actions/upload-artifact
dependency-version: '7'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-27 01:28:51 +01:00
57c998ba09
chore: update dependabot automation and agent governance ( #341 )
...
* chore: update dependabot automation and agent governance
* chore: trigger required CI checks for governance PR
2026-02-27 01:11:05 +01:00
aabe58d05f
ci: add path filters to Docker build workflow
...
Only build Docker images when backend/, frontend/, docker-compose,
or the workflow itself changes. Prevents unnecessary image builds
for docs-only or config-only changes on main.
Note: paths filter is not evaluated for tag pushes (GitHub Actions
behavior), so release tags always trigger a full build.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com >
2026-02-26 00:22:08 +01:00
872b63f665
docs: add explicit scope rule to release-manager agent
...
Prevent release-manager from chaining unrequested steps.
If user asks for PR+merge only, do not also start a release.
If user asks for release only, do not also create PRs.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com >
2026-02-26 00:03:07 +01:00
d02f16af3a
fix: stabilize e2e CI and local playwright workers ( #321 )
...
* fix: stabilize e2e CI and local playwright workers
* fix(ci): apply biome formatting and import order for frontend build
2026-02-25 22:15:38 +01:00
aa29d1c699
docs: align agent instructions and README guidance ( #323 )
2026-02-25 21:35:35 +01:00
b0c5d48095
chore: update bug template guidance and include app test changes ( #293 )
2026-02-23 19:54:18 +01:00
ba36f67371
fix: smooth mobile edit transition and align modal validation behavior ( #286 )
...
* fix: reliable Escape key close for all modals via useEscapeKey hook
- Add useEscapeKey hook (document-level keydown listener)
- Retrofit all 12 modal/overlay components to use it
- Remove redundant overlay onKeyDown Escape handlers
- Simplify modal-content onKeyDown to plain stopPropagation
- Replace MedDetailModal's capture-phase useEffect with 3 useEscapeKey calls
- Replace SharedSchedule's inline useEffect with useEscapeKey
- Add mandatory modal rules to UI Consistency skill
- All 777 frontend + 569 backend tests pass
* fix: smooth mobile edit transition and align modal validation behavior
* fix: keep overlay keydown non-closing for Enter key
* fix: show mobile name error when validation already exists
* fix: restore app-level escape priority handling
* fix: prioritize schedule lightbox on Escape
2026-02-23 06:42:06 +01:00
2eec415af6
docs: enforce hard PR scope and size splitting rule in copilot instructions
2026-02-20 18:56:55 +01:00
052751b2ba
feat: reports, timeline toggles, and stock correction improvements ( #236 )
...
* refactor(frontend): modularize styles and polish modal/ui interactions
* feat: add report workflow and timeline/settings improvements
* fix: resolve CI failures for backend typing, lint, and playwright config
2026-02-20 18:52:59 +01:00
41b20bb4e6
build(deps): bump actions/github-script from 7 to 8 ( #220 )
...
Bumps [actions/github-script](https://github.com/actions/github-script ) from 7 to 8.
- [Release notes](https://github.com/actions/github-script/releases )
- [Commits](https://github.com/actions/github-script/compare/v7...v8 )
---
updated-dependencies:
- dependency-name: actions/github-script
dependency-version: '8'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-16 19:05:55 +01:00
543b42b540
docs: add mandatory PR metadata fields to release-manager agent ( #218 )
...
- Add PR Metadata section with assignee, label, and project requirements
- Update gh pr create command template to include --assignee, --label, --project flags
- Add label mapping table for branch prefix to label type
- Update workflow summary to mention metadata fields
2026-02-15 23:52:15 +01:00
732a28dcc5
chore: sync copilot guidance and docker dev proxy defaults ( #199 )
2026-02-14 18:43:49 +01:00
bb693243c1
build(deps): bump github/codeql-action from 3 to 4 ( #176 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3 to 4.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-version: '4'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-13 20:28:14 +01:00
fcc84e2d0b
build(deps): bump actions/upload-artifact from 4 to 6 ( #174 )
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 4 to 6.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](https://github.com/actions/upload-artifact/compare/v4...v6 )
---
updated-dependencies:
- dependency-name: actions/upload-artifact
dependency-version: '6'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-13 20:28:10 +01:00
91c55f8cc3
build(deps): bump docker/build-push-action from 5 to 6 ( #172 )
...
Bumps [docker/build-push-action](https://github.com/docker/build-push-action ) from 5 to 6.
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](https://github.com/docker/build-push-action/compare/v5...v6 )
---
updated-dependencies:
- dependency-name: docker/build-push-action
dependency-version: '6'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-13 20:27:58 +01:00
92ea6d5f8b
build(deps): bump actions/setup-node from 4 to 6 ( #171 )
...
Bumps [actions/setup-node](https://github.com/actions/setup-node ) from 4 to 6.
- [Release notes](https://github.com/actions/setup-node/releases )
- [Commits](https://github.com/actions/setup-node/compare/v4...v6 )
---
updated-dependencies:
- dependency-name: actions/setup-node
dependency-version: '6'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-13 20:10:05 +01:00
0c83648a56
build(deps): bump actions/checkout from 4 to 6 ( #170 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4 to 6.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v4...v6 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-version: '6'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-13 20:08:56 +01:00
77b0f3a0f9
chore: improve dev tooling (CI tests, dependabot, coverage) ( #169 )
...
- Add frontend unit tests with coverage to CI test workflow
- Add dependabot.yml for automated dependency updates (npm + GitHub Actions)
- Add backend coverage thresholds (60/65/50/60) to vitest.config.ts
- Exclude services/ and logger from coverage (untestable schedulers)
2026-02-13 19:52:33 +01:00
36ee80b554
chore: add workflow to auto-move project items to Done on close/merge ( #165 )
...
- New workflow project-auto-done.yml triggers on issue close and PR merge
- Uses GraphQL to find the project item and update Status to Done
- Handles both issues and pull requests with proper type detection
- Skips gracefully if item is not on the board or already Done
- Update release-manager.agent.md to reflect automation (manual is now fallback)
2026-02-13 18:45:51 +01:00
33342e7e25
docs: add mandatory project board update steps to release-manager ( #164 )
...
- Add critical safety rule: always verify project board status after merge
- Correct misleading claim that Closes #N auto-moves project status (it doesn't)
- Add concrete GraphQL mutation commands for moving items to Done
- Include known project field IDs for Status column
2026-02-13 18:42:08 +01:00
6072d8eb2e
docs: consolidate copilot governance and add medassist skills ( #160 )
2026-02-12 21:18:50 +01:00
98939877db
feat: expand Playwright E2E coverage ( #155 )
...
* feat: comprehensive Playwright E2E test rewrite
Rewrite all E2E tests with correct CSS selectors, add new spec files,
and implement robust auth handling to work within backend rate limits.
Changes:
- Rewrite fixtures/index.ts with JWT-based /auth/me mock to avoid
10 req/min rate limit on /auth/me during test runs
- Rewrite auth.setup.ts with offline JWT validity check to reuse
existing auth state across runs (saves login rate-limit budget)
- Rewrite auth.spec.ts (6 tests) - login page, fields, submit,
redirect guard, invalid credentials, login/register toggle
- Rewrite dashboard.spec.ts (8 tests) - header, nav tabs,
navigation, overview/schedules sections, days selector, redirect
- Rewrite medications.spec.ts (8 tests) - form fields, stock
inventory, package type toggle, intake schedule, save/cancel,
unsaved changes guard
- Rewrite settings.spec.ts (12 tests) - language, notification
matrix, thresholds, calculation mode, toggle switch, export/import,
user menu navigation
- Create planner.spec.ts (9 tests) - form, date inputs, calculate,
reset, checkbox, submit, tab state, eyebrow heading
- Create schedule.spec.ts (12 tests) - timeline, days selector,
past/future toggles, day blocks, today highlight, collapse/expand,
overview table, share button
- Update playwright.config.ts: remove mobile projects, enable
webServer section for CI
- Add .github/workflows/e2e.yml CI workflow for Playwright tests
Total: 57 E2E tests across 6 spec files, all passing consistently
across 5+ consecutive runs without backend restart.
Closes #154
* feat: add comprehensive E2E data tests with medication CRUD, dashboard, planner, schedule
Add 48 new Playwright E2E tests covering real medication data scenarios:
- medication-crud: 14 tests for create/edit/delete/list via UI form
- dashboard-data: 13 tests for overview table, timeline, dose tracking
- planner-data: 9 tests for demand calculator with results/status chips
- schedule-data: 11 tests for timeline, collapse/expand, dose mark/undo
Infrastructure improvements:
- Add API helpers (createMedicationViaAPI, deleteMedicationViaAPI,
deleteAllMedicationsViaAPI) with retry logic for rate-limit resilience
- Configure chromium-data project for serial execution with retry:1
- Add /auth/me mock to avoid rate-limit exhaustion on auth endpoint
- Increase navigateTo reliability with networkidle waits
- Increase auth token validity threshold from 2 to 10 minutes
- Make backend rate limit configurable via RATE_LIMIT_MAX env var
- Set RATE_LIMIT_MAX=300 in dev docker-compose for E2E test support
Total suite: 57 empty-state + 48 data tests = 105 tests (chromium)
* test: add E2E tests for medication editing, stock status, and share schedule
- medication-edit.spec.ts: 10 tests covering generic name, notes,
taken-by add/remove, expiry date, refill, intake schedule editing,
adding intake rows, reminder toggle, and package type changes
- stock-status.spec.ts: 12 tests verifying dashboard shows correct
status chips (High/Normal/Warning/Danger) for different stock levels,
overview table, reorder card, detail modal, and planner integration
- share-schedule.spec.ts: 10 tests for taken-by badges, share button,
share dialog, link generation, shared schedule page navigation,
dose tracking on shared page, and notes display
- fixtures/index.ts: add createShareTokenViaAPI, updateSettingsViaAPI
helpers; expand createMedicationViaAPI with takenBy, notes, expiryDate
- playwright.config.ts: update testMatch/testIgnore for new test files
- docker-compose.dev.yml: increase RATE_LIMIT_MAX to 1000 for E2E tests
* docs: refine release-manager instructions for CLI safety and commit-linked release notes
* fix: resolve PR155 CI failures for frontend lint and e2e proxy
* fix: stabilize auth-related e2e checks in CI
2026-02-12 20:06:11 +01:00
0f6a580ceb
feat: add GitHub Project automation for feature request tracking ( #114 )
...
* Initial plan
* feat: add GitHub Project automation for feature request tracking
Co-authored-by: DanielVolz <3275994+DanielVolz@users.noreply.github.com >
---------
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com >
Co-authored-by: DanielVolz <3275994+DanielVolz@users.noreply.github.com >
2026-02-10 17:50:58 +01:00
e335729399
fix: prevent badge workflow push rejection on concurrent runs ( #151 )
...
Add git pull --rebase before push to handle cases where main moved
between checkout and push (e.g., two Docker builds triggering badge
updates simultaneously). Also add concurrency group to cancel
duplicate runs.
2026-02-09 21:09:45 +01:00
6d6f906a9a
chore: update CI workflow and agent configuration ( #143 )
...
- docker-build.yml: build on tags + main, set latest only on tags
- release-manager.agent.md: add one-PR-per-feature/fix rule
2026-02-08 22:17:03 +01:00
8c5deed4c2
feat: theme dropdown with system preference and comprehensive bottle-type fixes ( #138 )
...
- Replace dark/light toggle with Light/Dark/System dropdown menu
- System theme follows OS prefers-color-scheme setting
- Apply theme dropdown to shared schedule page
- Fix 7 packageType (bottle) bugs across stock calc, share, refills, export/import
- Fix planner bottle-type stock calculation and display
- Fix dailyRate double-counting with per-intake takenBy
- Fix About modal update check stale caching
- Fix intake reminder past-intake seeding and push title
- Fix phantom DB path in drizzle.config.ts
- Fix mobile dose field visibility
- Make medication name clickable in dashboard reminder bar
- Improve planner checkbox UX with inline tooltip
- Add 20+ new tests covering all fixes
2026-02-08 20:32:40 +01:00
61b8812808
ci: fix release workflow ordering and remove redundant workflows ( #135 )
...
- Tag builds now also set 'latest' Docker tag (fixes race condition where
main-push build could overwrite latest with older version)
- Remove duplicate release.yml (create-release job in docker-build.yml
already handles GitHub releases)
- Remove redundant version-bump.yml (release.sh already bumps versions
in the release PR)
- Change update-test-badges.yml trigger to workflow_run after successful
docker-build (prevents parallel execution and ensures correct ordering)
- Update agent instructions and CI documentation to reflect changes
2026-02-08 16:57:40 +01:00
b91717fc19
fix: stock correction not working for bottle type and manual calculation mode ( #133 )
...
- Fix bottle type: submitStockCorrection used blister formula for baseTotal
but getMedTotal uses only looseTablets for bottles. Now uses getPackageSize()
which handles both types correctly.
- Fix manual mode: same-day taken doses were counted as consumed after a stock
correction (>= comparison with date-only timestamps). Changed to > so doses
on the correction day are excluded.
- Add agent instruction: only release-manager may create PRs/push/merge.
2026-02-08 15:12:17 +01:00
a065adcd82
ci: remove redundant test jobs from docker-build workflow ( #132 )
...
Tests are already guaranteed by branch protection (test.yml must pass
before PR can be merged to main). Running them again in docker-build.yml
was redundant and slowed down image builds.
This reduces test runs from 3x to 2x per code change:
- test.yml on PR (required by branch protection)
- update-test-badges.yml on main push (needed for badge counts)
Docker image builds now start immediately after merge.
2026-02-08 15:05:33 +01:00
6edf2fa341
docs: add rule to keep README.md up to date after code changes ( #131 )
2026-02-08 14:45:30 +01:00
9e3d548536
chore: make release script non-interactive with CI retry logic ( #130 )
...
- Remove y/N confirmation prompt for automation
- Add wait_for_ci() with retry logic (polls until checks appear)
- Auto-detect git remote (origin or github)
- Remove unused /etc/nginx/conf.d tmpfs from compose
- Update release-manager agent docs to match
2026-02-08 14:13:11 +01:00
8f9b65147b
fix: use PAT for badge workflow to bypass branch protection ( #127 )
2026-02-08 13:53:19 +01:00
e0c5eb4bf3
feat: simplify About modal with single version link to GitHub release ( #123 )
...
- Replace separate Frontend/Backend versions with single app version
- Version is now a clickable link to the GitHub release page
- Replace stopwatch SVG with actual app logo (favicon.svg)
- Fix update check UX: previous result stays visible during re-check
- Add 1s minimum delay for update check spinner visibility
- Reserve space for update result to prevent modal jumping
- Remove unused i18n keys (frontend/backend)
- Update release-manager docs with version link info
2026-02-08 13:09:33 +01:00
1798a608bc
fix: badge workflow commits directly instead of creating PRs ( #121 )
...
* fix: badge workflow commits directly instead of creating PRs
Replace peter-evans/create-pull-request with direct git push.
Removes need for pull-requests:write permission and the repo setting
'Allow GitHub Actions to create pull requests'.
Uses [skip ci] in commit message to avoid triggering itself.
* chore: trigger CI
2026-02-08 12:25:33 +01:00
042f0cfb29
docs: add version files reminder to release manager agent ( #119 )
...
Document that both backend/package.json and frontend/package.json
must be updated before tagging a release, since the About modal
reads versions from these files.
2026-02-08 12:06:20 +01:00
2d9cd0ad1a
ci: add path filtering to skip unnecessary CI runs ( #111 )
...
test.yml: Use dorny/paths-filter to detect changed paths. Backend
tests only run when backend/**, biome.json, or the workflow itself
changes. Frontend build only runs when frontend/**, biome.json, or
the workflow changes. Jobs skipped via job-level 'if:' are treated
as passed by GitHub required checks.
codeql.yml: Only run on push/PR when JS/TS source files, package
files, or CodeQL config changes. Weekly schedule and manual dispatch
remain unfiltered.
2026-02-07 13:37:13 +01:00
098a7655a5
chore: add release-manager agent and move release docs ( #110 )
...
Create dedicated GitHub Copilot agent for release management with
4 tasks: branch/PR workflow, version determination, release execution,
and release notes writing.
Move release-specific instructions (workflow, release notes format,
breaking changes) from copilot-instructions.md to the agent file
to keep concerns separated.
2026-02-07 13:32:50 +01:00
06943f5831
fix: add pull-requests write permission to badge workflow ( #108 )
...
peter-evans/create-pull-request requires pull-requests: write permission
to create PRs via the GITHUB_TOKEN.
2026-02-07 12:41:26 +01:00
a4313afc34
fix: use PR instead of direct push for badge updates ( #106 )
...
Branch protection prevents direct pushes to main.
Use peter-evans/create-pull-request action instead.
2026-02-07 00:15:05 +01:00
43c5402592
fix: add workflow_dispatch trigger to test badge workflow ( #102 )
...
Allows manual triggering of the badge update workflow, useful when
the ANSI fix or other workflow-only changes need to take effect
without waiting for source code changes.
2026-02-06 22:27:01 +01:00
dependabot[bot]
Daniel Volz
Copilot