aa050f7dc5
build(deps): bump nodemailer from 8.0.4 to 8.0.5 in /backend
...
Bump nodemailer from 8.0.4 to 8.0.5 in /backend
2026-04-08 19:39:51 +02:00
25483c12f0
fix(security): mitigate backend drizzle-kit audit chain
2026-04-08 19:21:05 +02:00
2a340855fb
build(deps): bump vite from 8.0.3 to 8.0.5 in /backend
...
Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite ) from 8.0.3 to 8.0.5.
- [Release notes](https://github.com/vitejs/vite/releases )
- [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md )
- [Commits](https://github.com/vitejs/vite/commits/v8.0.5/packages/vite )
---
updated-dependencies:
- dependency-name: vite
dependency-version: 8.0.5
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Daniel Volz <mail@danielvolz.org >
2026-04-07 07:01:11 +02:00
1cb4a44cef
build(deps-dev): bump @types/nodemailer from 7.0.11 to 8.0.0 in /backend
...
Bumps [@types/nodemailer](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/nodemailer ) from 7.0.11 to 8.0.0.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases )
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/nodemailer )
---
updated-dependencies:
- dependency-name: "@types/nodemailer"
dependency-version: 8.0.0
dependency-type: direct:development
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Daniel Volz <mail@danielvolz.org >
2026-04-06 11:00:55 +02:00
51b09dc563
build(deps): bump the minor-and-patch group in /backend with 3 updates
...
Bumps the minor-and-patch group in /backend with 3 updates: [dotenv](https://github.com/motdotla/dotenv ), [@biomejs/biome](https://github.com/biomejs/biome/tree/HEAD/packages/@biomejs/biome ) and [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node ).
Updates `dotenv` from 17.3.1 to 17.4.1
- [Changelog](https://github.com/motdotla/dotenv/blob/master/CHANGELOG.md )
- [Commits](https://github.com/motdotla/dotenv/compare/v17.3.1...v17.4.1 )
Updates `@biomejs/biome` from 2.4.9 to 2.4.10
- [Release notes](https://github.com/biomejs/biome/releases )
- [Changelog](https://github.com/biomejs/biome/blob/main/packages/@biomejs/biome/CHANGELOG.md )
- [Commits](https://github.com/biomejs/biome/commits/@biomejs/biome@2.4.10/packages/@biomejs/biome )
Updates `@types/node` from 25.5.0 to 25.5.2
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases )
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node )
---
updated-dependencies:
- dependency-name: dotenv
dependency-version: 17.4.1
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: minor-and-patch
- dependency-name: "@biomejs/biome"
dependency-version: 2.4.10
dependency-type: direct:development
update-type: version-update:semver-patch
dependency-group: minor-and-patch
- dependency-name: "@types/node"
dependency-version: 25.5.2
dependency-type: direct:development
update-type: version-update:semver-patch
dependency-group: minor-and-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Daniel Volz <mail@danielvolz.org >
2026-04-06 10:54:02 +02:00
eec1653ff4
fix(security): ship isolated JWT decorator hotfix
...
* fix(security): isolate dependency hotfix from github main
* fix(security): expose hotfix jwt decorators across routes
* test(e2e): restore stable app header selectors
* test(e2e): align planner and app shell checks
* test(e2e): add legacy settings page selectors
* test(e2e): align settings page contracts
2026-04-05 14:49:50 +02:00
98062358be
build(deps): bump the minor-and-patch group in /backend with 5 updates ( #501 )
...
* build(deps): bump the minor-and-patch group in /backend with 5 updates
Bumps the minor-and-patch group in /backend with 5 updates:
| Package | From | To |
| --- | --- | --- |
| [drizzle-orm](https://github.com/drizzle-team/drizzle-orm ) | `0.45.1` | `0.45.2` |
| [fastify](https://github.com/fastify/fastify ) | `5.8.3` | `5.8.4` |
| [@biomejs/biome](https://github.com/biomejs/biome/tree/HEAD/packages/@biomejs/biome ) | `2.4.8` | `2.4.9` |
| [@vitest/coverage-v8](https://github.com/vitest-dev/vitest/tree/HEAD/packages/coverage-v8 ) | `4.1.0` | `4.1.2` |
| [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest ) | `4.1.0` | `4.1.2` |
Updates `drizzle-orm` from 0.45.1 to 0.45.2
- [Release notes](https://github.com/drizzle-team/drizzle-orm/releases )
- [Commits](https://github.com/drizzle-team/drizzle-orm/compare/0.45.1...0.45.2 )
Updates `fastify` from 5.8.3 to 5.8.4
- [Release notes](https://github.com/fastify/fastify/releases )
- [Commits](https://github.com/fastify/fastify/compare/v5.8.3...v5.8.4 )
Updates `@biomejs/biome` from 2.4.8 to 2.4.9
- [Release notes](https://github.com/biomejs/biome/releases )
- [Changelog](https://github.com/biomejs/biome/blob/main/packages/@biomejs/biome/CHANGELOG.md )
- [Commits](https://github.com/biomejs/biome/commits/@biomejs/biome@2.4.9/packages/@biomejs/biome )
Updates `@vitest/coverage-v8` from 4.1.0 to 4.1.2
- [Release notes](https://github.com/vitest-dev/vitest/releases )
- [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.2/packages/coverage-v8 )
Updates `vitest` from 4.1.0 to 4.1.2
- [Release notes](https://github.com/vitest-dev/vitest/releases )
- [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.2/packages/vitest )
---
updated-dependencies:
- dependency-name: drizzle-orm
dependency-version: 0.45.2
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: minor-and-patch
- dependency-name: fastify
dependency-version: 5.8.4
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: minor-and-patch
- dependency-name: "@biomejs/biome"
dependency-version: 2.4.9
dependency-type: direct:development
update-type: version-update:semver-patch
dependency-group: minor-and-patch
- dependency-name: "@vitest/coverage-v8"
dependency-version: 4.1.2
dependency-type: direct:development
update-type: version-update:semver-patch
dependency-group: minor-and-patch
- dependency-name: vitest
dependency-version: 4.1.2
dependency-type: direct:development
update-type: version-update:semver-patch
dependency-group: minor-and-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
* test(e2e): wait for login submit button before click
* test(e2e): prefer API login in setup with UI fallback
* test(e2e): align selectors with current ui testids
* chore: rerun ci after merge resolution
* chore: trim stale e2e diff from dependency branch
---------
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Daniel Volz <mail@danielvolz.org >
2026-03-30 20:35:19 +02:00
bd2bfe6972
fix: unblock PR 502 checks
...
* build(deps-dev): bump typescript from 5.9.3 to 6.0.2 in /backend
Bumps [typescript](https://github.com/microsoft/TypeScript ) from 5.9.3 to 6.0.2.
- [Release notes](https://github.com/microsoft/TypeScript/releases )
- [Commits](https://github.com/microsoft/TypeScript/compare/v5.9.3...v6.0.2 )
---
updated-dependencies:
- dependency-name: typescript
dependency-version: 6.0.2
dependency-type: direct:development
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
* fix: unblock PR 502 checks
---------
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Daniel Volz <mail@danielvolz.org >
2026-03-30 20:14:29 +02:00
026091c5ca
build(deps): bump brace-expansion from 5.0.2 to 5.0.5 in /backend
...
Bumps [brace-expansion](https://github.com/juliangruber/brace-expansion ) from 5.0.2 to 5.0.5.
- [Release notes](https://github.com/juliangruber/brace-expansion/releases )
- [Commits](https://github.com/juliangruber/brace-expansion/compare/v5.0.2...v5.0.5 )
---
updated-dependencies:
- dependency-name: brace-expansion
dependency-version: 5.0.5
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-27 08:46:22 +01:00
08f75e44ff
build(deps): bump nodemailer from 8.0.3 to 8.0.4 in /backend
...
* build(deps): bump nodemailer from 8.0.3 to 8.0.4 in /backend
Bumps [nodemailer](https://github.com/nodemailer/nodemailer ) from 8.0.3 to 8.0.4.
- [Release notes](https://github.com/nodemailer/nodemailer/releases )
- [Changelog](https://github.com/nodemailer/nodemailer/blob/master/CHANGELOG.md )
- [Commits](https://github.com/nodemailer/nodemailer/compare/v8.0.3...v8.0.4 )
---
updated-dependencies:
- dependency-name: nodemailer
dependency-version: 8.0.4
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com >
* chore: retrigger ci for dependabot pr 492
---------
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Daniel Volz <mail@danielvolz.org >
2026-03-27 08:43:23 +01:00
73a235dd83
build(deps): bump yaml from 2.8.2 to 2.8.3 in /backend ( #485 )
...
Bumps [yaml](https://github.com/eemeli/yaml ) from 2.8.2 to 2.8.3.
- [Release notes](https://github.com/eemeli/yaml/releases )
- [Commits](https://github.com/eemeli/yaml/compare/v2.8.2...v2.8.3 )
---
updated-dependencies:
- dependency-name: yaml
dependency-version: 2.8.3
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Daniel Volz <mail@danielvolz.org >
2026-03-26 07:56:06 +01:00
675cb88f3e
build(deps): bump picomatch from 4.0.3 to 4.0.4 in /backend
...
Bumps [picomatch](https://github.com/micromatch/picomatch ) from 4.0.3 to 4.0.4.
- [Release notes](https://github.com/micromatch/picomatch/releases )
- [Changelog](https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md )
- [Commits](https://github.com/micromatch/picomatch/compare/4.0.3...4.0.4 )
---
updated-dependencies:
- dependency-name: picomatch
dependency-version: 4.0.4
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-26 07:36:55 +01:00
c39b5c9501
build(deps): bump fastify from 5.8.2 to 5.8.3 in /backend ( #479 )
...
Bumps [fastify](https://github.com/fastify/fastify ) from 5.8.2 to 5.8.3.
- [Release notes](https://github.com/fastify/fastify/releases )
- [Commits](https://github.com/fastify/fastify/compare/v5.8.2...v5.8.3 )
---
updated-dependencies:
- dependency-name: fastify
dependency-version: 5.8.3
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Daniel Volz <mail@danielvolz.org >
2026-03-26 07:24:47 +01:00
39c19ab2fe
build(deps): bump the minor-and-patch group in /backend with 4 updates
...
Squash merge PR #470
2026-03-25 07:11:44 +01:00
68ab79c713
feat: enable weekday-based medication scheduling
...
Closes #463
2026-03-20 14:58:25 +01:00
9180783c42
build(deps): bump the minor-and-patch group in /backend with 5 updates
...
Squash merge Dependabot backend minor-and-patch dependency updates from PR #443 .
2026-03-16 07:51:28 +01:00
c0507c4c4b
feat: backend API key auth context and settings hardening ( #406 )
...
* feat: add backend api-key auth context and settings hardening
* fix: harden api key token hashing
2026-03-10 06:26:20 +01:00
0e4d7f71e4
build(deps): bump the minor-and-patch group in /backend with 3 updates
...
Bumps the minor-and-patch group in /backend with 3 updates: [fastify](https://github.com/fastify/fastify ), [@biomejs/biome](https://github.com/biomejs/biome/tree/HEAD/packages/@biomejs/biome ) and [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node ).
Updates `fastify` from 5.8.1 to 5.8.2
- [Release notes](https://github.com/fastify/fastify/releases )
- [Commits](https://github.com/fastify/fastify/compare/v5.8.1...v5.8.2 )
Updates `@biomejs/biome` from 2.4.4 to 2.4.6
- [Release notes](https://github.com/biomejs/biome/releases )
- [Changelog](https://github.com/biomejs/biome/blob/main/packages/@biomejs/biome/CHANGELOG.md )
- [Commits](https://github.com/biomejs/biome/commits/@biomejs/biome@2.4.6/packages/@biomejs/biome )
Updates `@types/node` from 25.3.3 to 25.3.5
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases )
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node )
---
updated-dependencies:
- dependency-name: fastify
dependency-version: 5.8.2
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: minor-and-patch
- dependency-name: "@biomejs/biome"
dependency-version: 2.4.6
dependency-type: direct:development
update-type: version-update:semver-patch
dependency-group: minor-and-patch
- dependency-name: "@types/node"
dependency-version: 25.3.5
dependency-type: direct:development
update-type: version-update:semver-patch
dependency-group: minor-and-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-09 22:08:13 +01:00
36d50c0736
build(deps): bump fastify from 5.7.4 to 5.8.1 in /backend ( #387 )
...
Bumps [fastify](https://github.com/fastify/fastify ) from 5.7.4 to 5.8.1.
- [Release notes](https://github.com/fastify/fastify/releases )
- [Commits](https://github.com/fastify/fastify/compare/v5.7.4...v5.8.1 )
---
updated-dependencies:
- dependency-name: fastify
dependency-version: 5.8.1
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-06 20:02:08 +01:00
30c97e2f0d
fix: use per-intake reminder setting as single source of truth ( #384 )
...
- Filter intakes by per-intake intakeRemindersEnabled instead of falling
back to medication-level setting (fixes #383 )
- Add SMTP delivery validation with accepted/rejected recipient checks
- Enhance email success logging with recipient, messageId, SMTP response
- Simplify MedDetailModal reminder icon logic to match backend behavior
- Sync lockfile versions to 1.18.2
2026-03-06 19:50:45 +01:00
067a8c166b
build(deps-dev): bump @types/node ( #371 )
...
Bumps the minor-and-patch group in /backend with 1 update: [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node ).
Updates `@types/node` from 25.3.2 to 25.3.3
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases )
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node )
---
updated-dependencies:
- dependency-name: "@types/node"
dependency-version: 25.3.3
dependency-type: direct:development
update-type: version-update:semver-patch
dependency-group: minor-and-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-02 12:56:23 +01:00
508bc764d5
fix: align backend amount stock and reminder semantics ( #362 )
...
* fix: align backend amount stock and reminder semantics
* test: align settings email route success mock with SMTP delivery checks
2026-03-02 00:02:26 +01:00
8e4cb5dcd4
build(deps): bump minimatch from 10.2.2 to 10.2.4 in /backend ( #338 )
...
Bumps [minimatch](https://github.com/isaacs/minimatch ) from 10.2.2 to 10.2.4.
- [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md )
- [Commits](https://github.com/isaacs/minimatch/compare/v10.2.2...v10.2.4 )
---
updated-dependencies:
- dependency-name: minimatch
dependency-version: 10.2.4
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-27 01:29:04 +01:00
7f26dca7a7
build(deps-dev): bump @types/node ( #343 )
...
Bumps the minor-and-patch group in /backend with 1 update: [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node ).
Updates `@types/node` from 25.3.0 to 25.3.2
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases )
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node )
---
updated-dependencies:
- dependency-name: "@types/node"
dependency-version: 25.3.2
dependency-type: direct:development
update-type: version-update:semver-patch
dependency-group: minor-and-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-27 01:29:00 +01:00
1668eb935c
build(deps-dev): bump @types/supertest from 6.0.3 to 7.2.0 in /backend ( #346 )
...
Bumps [@types/supertest](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/supertest ) from 6.0.3 to 7.2.0.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases )
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/supertest )
---
updated-dependencies:
- dependency-name: "@types/supertest"
dependency-version: 7.2.0
dependency-type: direct:development
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-27 01:28:47 +01:00
6b27d234d9
chore: reduce polling log noise across backend and nginx ( #336 )
2026-02-27 00:54:21 +01:00
fd7cc56bb7
build(deps): bump rollup from 4.57.1 to 4.59.0 in /backend ( #332 )
...
Bumps [rollup](https://github.com/rollup/rollup ) from 4.57.1 to 4.59.0.
- [Release notes](https://github.com/rollup/rollup/releases )
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rollup/rollup/compare/v4.57.1...v4.59.0 )
---
updated-dependencies:
- dependency-name: rollup
dependency-version: 4.59.0
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-26 06:28:51 +01:00
8420c74a55
build(deps): bump bn.js from 4.12.2 to 4.12.3 in /backend ( #330 )
...
Bumps [bn.js](https://github.com/indutny/bn.js ) from 4.12.2 to 4.12.3.
- [Release notes](https://github.com/indutny/bn.js/releases )
- [Changelog](https://github.com/indutny/bn.js/blob/master/CHANGELOG.md )
- [Commits](https://github.com/indutny/bn.js/compare/v4.12.2...v4.12.3 )
---
updated-dependencies:
- dependency-name: bn.js
dependency-version: 4.12.3
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-26 00:14:46 +01:00
a47bde0956
chore: sync lockfile package versions to 1.16.0 ( #325 )
...
* chore: sync lockfile package versions to 1.16.0
* fix(ci): align medications route formatting with biome
2026-02-25 22:15:43 +01:00
2a9ca39c24
Allow medications with only a generic name (no commercial name required) ( #311 )
...
* Initial plan
* feat: allow generic name only for medications (frontend changes)
- Add getMedDisplayName() helper for consistent name display
- Update validation to require either commercial or generic name
- Update all display locations to use display name fallback
- Add i18n keys for nameOrGenericRequired in en.json and de.json
- Remove required attribute from commercial name field
- Update FIELD_LIMITS.name.min from 1 to 0
Co-authored-by: DanielVolz <3275994+DanielVolz@users.noreply.github.com >
* feat: allow generic name only for medications (backend changes)
- Update Zod schema to allow empty name with cross-field refinement
- Update reminder scheduler to use name || genericName for display
- Update planner routes to match medications by display name
- Update existing tests to match new validation behavior
Co-authored-by: DanielVolz <3275994+DanielVolz@users.noreply.github.com >
* fix: update placeholder text and fix FIELD_LIMITS test
- Remove "(optional)" from generic name placeholder in en/de
- Update types.test.ts to expect FIELD_LIMITS.name.min = 0
Co-authored-by: DanielVolz <3275994+DanielVolz@users.noreply.github.com >
---------
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com >
Co-authored-by: DanielVolz <3275994+DanielVolz@users.noreply.github.com >
2026-02-25 21:29:25 +01:00
691550fb33
build(deps): bump bn.js from 4.12.2 to 4.12.3 in /backend ( #305 )
...
Bumps [bn.js](https://github.com/indutny/bn.js ) from 4.12.2 to 4.12.3.
- [Release notes](https://github.com/indutny/bn.js/releases )
- [Changelog](https://github.com/indutny/bn.js/blob/master/CHANGELOG.md )
- [Commits](https://github.com/indutny/bn.js/compare/v4.12.2...v4.12.3 )
---
updated-dependencies:
- dependency-name: bn.js
dependency-version: 4.12.3
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-25 21:29:13 +01:00
96b2a0c96f
feat: image upload optimization with sharp, thumbnails, and structured error codes ( #304 )
...
- Add sharp for server-side image processing (WebP conversion + thumbnails)
- New shared backend utility for image upload, optimization, and cleanup
- Return structured error codes from upload endpoints (IMAGE_TOO_LARGE, INVALID_TYPE, etc.)
- Frontend error code mapping with i18n support (EN + DE)
- MedicationAvatar tries thumbnail first, falls back to full image
- Error display in MedicationsPage, MobileEditModal, and Auth avatar upload
Closes #302
2026-02-24 23:52:59 +01:00
3e4f1440a9
build(deps-dev): bump the minor-and-patch group ( #290 )
...
Bumps the minor-and-patch group in /backend with 3 updates: [@biomejs/biome](https://github.com/biomejs/biome/tree/HEAD/packages/@biomejs/biome ), [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node ) and [@types/nodemailer](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/nodemailer ).
Updates `@biomejs/biome` from 2.4.1 to 2.4.4
- [Release notes](https://github.com/biomejs/biome/releases )
- [Changelog](https://github.com/biomejs/biome/blob/main/packages/@biomejs/biome/CHANGELOG.md )
- [Commits](https://github.com/biomejs/biome/commits/@biomejs/biome@2.4.4/packages/@biomejs/biome )
Updates `@types/node` from 25.2.3 to 25.3.0
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases )
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node )
Updates `@types/nodemailer` from 7.0.10 to 7.0.11
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases )
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/nodemailer )
---
updated-dependencies:
- dependency-name: "@biomejs/biome"
dependency-version: 2.4.4
dependency-type: direct:development
update-type: version-update:semver-patch
dependency-group: minor-and-patch
- dependency-name: "@types/node"
dependency-version: 25.3.0
dependency-type: direct:development
update-type: version-update:semver-minor
dependency-group: minor-and-patch
- dependency-name: "@types/nodemailer"
dependency-version: 7.0.11
dependency-type: direct:development
update-type: version-update:semver-patch
dependency-group: minor-and-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-23 19:25:24 +01:00
8f57aa8bc9
build(deps): bump ajv from 8.17.1 to 8.18.0 in /backend ( #238 )
...
Bumps [ajv](https://github.com/ajv-validator/ajv ) from 8.17.1 to 8.18.0.
- [Release notes](https://github.com/ajv-validator/ajv/releases )
- [Commits](https://github.com/ajv-validator/ajv/compare/v8.17.1...v8.18.0 )
---
updated-dependencies:
- dependency-name: ajv
dependency-version: 8.18.0
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-20 19:51:41 +01:00
f42ed87d94
build(deps): bump minimatch from 10.2.0 to 10.2.2 in /backend ( #237 )
...
Bumps [minimatch](https://github.com/isaacs/minimatch ) from 10.2.0 to 10.2.2.
- [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md )
- [Commits](https://github.com/isaacs/minimatch/compare/v10.2.0...v10.2.2 )
---
updated-dependencies:
- dependency-name: minimatch
dependency-version: 10.2.2
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-20 19:51:37 +01:00
ff100dfea5
build(deps-dev): bump @types/nodemailer in /backend ( #223 )
...
Bumps [@types/nodemailer](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/nodemailer ) from 6.4.21 to 7.0.10.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases )
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/nodemailer )
---
updated-dependencies:
- dependency-name: "@types/nodemailer"
dependency-version: 7.0.10
dependency-type: direct:development
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-16 19:06:28 +01:00
47581ca7ad
build(deps-dev): bump @biomejs/biome ( #222 )
...
Bumps the minor-and-patch group in /backend with 1 update: [@biomejs/biome](https://github.com/biomejs/biome/tree/HEAD/packages/@biomejs/biome ).
Updates `@biomejs/biome` from 2.3.15 to 2.4.1
- [Release notes](https://github.com/biomejs/biome/releases )
- [Changelog](https://github.com/biomejs/biome/blob/main/packages/@biomejs/biome/CHANGELOG.md )
- [Commits](https://github.com/biomejs/biome/commits/@biomejs/biome@2.4.1/packages/@biomejs/biome )
---
updated-dependencies:
- dependency-name: "@biomejs/biome"
dependency-version: 2.4.1
dependency-type: direct:development
update-type: version-update:semver-minor
dependency-group: minor-and-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-16 19:06:18 +01:00
874babe1d8
build(deps-dev): bump @types/node from 22.19.3 to 25.2.3 in /backend ( #191 )
...
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node ) from 22.19.3 to 25.2.3.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases )
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node )
---
updated-dependencies:
- dependency-name: "@types/node"
dependency-version: 25.2.3
dependency-type: direct:development
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-13 20:20:40 +01:00
c9039b6e87
build(deps): bump dotenv from 16.6.1 to 17.3.1 in /backend ( #190 )
...
Bumps [dotenv](https://github.com/motdotla/dotenv ) from 16.6.1 to 17.3.1.
- [Changelog](https://github.com/motdotla/dotenv/blob/master/CHANGELOG.md )
- [Commits](https://github.com/motdotla/dotenv/compare/v16.6.1...v17.3.1 )
---
updated-dependencies:
- dependency-name: dotenv
dependency-version: 17.3.1
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-13 20:20:37 +01:00
5918eb5aae
build(deps): bump nodemailer from 7.0.11 to 8.0.1 in /backend ( #189 )
...
Bumps [nodemailer](https://github.com/nodemailer/nodemailer ) from 7.0.11 to 8.0.1.
- [Release notes](https://github.com/nodemailer/nodemailer/releases )
- [Changelog](https://github.com/nodemailer/nodemailer/blob/master/CHANGELOG.md )
- [Commits](https://github.com/nodemailer/nodemailer/compare/v7.0.11...v8.0.1 )
---
updated-dependencies:
- dependency-name: nodemailer
dependency-version: 8.0.1
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-13 20:20:33 +01:00
19d3f83aef
build(deps): bump @fastify/static from 8.3.0 to 9.0.0 in /backend ( #187 )
...
Bumps [@fastify/static](https://github.com/fastify/fastify-static ) from 8.3.0 to 9.0.0.
- [Release notes](https://github.com/fastify/fastify-static/releases )
- [Commits](https://github.com/fastify/fastify-static/compare/v8.3.0...v9.0.0 )
---
updated-dependencies:
- dependency-name: "@fastify/static"
dependency-version: 9.0.0
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-13 20:20:30 +01:00
6922a856c0
build(deps): bump @fastify/cors from 10.1.0 to 11.2.0 in /backend ( #186 )
...
Bumps [@fastify/cors](https://github.com/fastify/fastify-cors ) from 10.1.0 to 11.2.0.
- [Release notes](https://github.com/fastify/fastify-cors/releases )
- [Commits](https://github.com/fastify/fastify-cors/compare/v10.1.0...v11.2.0 )
---
updated-dependencies:
- dependency-name: "@fastify/cors"
dependency-version: 11.2.0
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-13 20:20:26 +01:00
45a319dc06
build(deps): bump @fastify/cookie from 10.0.1 to 11.0.2 in /backend ( #184 )
...
Bumps [@fastify/cookie](https://github.com/fastify/fastify-cookie ) from 10.0.1 to 11.0.2.
- [Release notes](https://github.com/fastify/fastify-cookie/releases )
- [Commits](https://github.com/fastify/fastify-cookie/compare/v10.0.1...v11.0.2 )
---
updated-dependencies:
- dependency-name: "@fastify/cookie"
dependency-version: 11.0.2
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-13 20:11:18 +01:00
6c10f9af0c
build(deps): bump the minor-and-patch group in /backend with 10 updates ( #182 )
...
Bumps the minor-and-patch group in /backend with 10 updates:
| Package | From | To |
| --- | --- | --- |
| [@fastify/multipart](https://github.com/fastify/fastify-multipart ) | `9.3.0` | `9.4.0` |
| [@libsql/client](https://github.com/tursodatabase/libsql-client-ts/tree/HEAD/packages/libsql-client ) | `0.10.0` | `0.17.0` |
| [argon2](https://github.com/ranisalt/node-argon2 ) | `0.40.3` | `0.44.0` |
| [fastify](https://github.com/fastify/fastify ) | `5.7.3` | `5.7.4` |
| [openid-client](https://github.com/panva/openid-client ) | `6.8.1` | `6.8.2` |
| [@biomejs/biome](https://github.com/biomejs/biome/tree/HEAD/packages/@biomejs/biome ) | `2.3.12` | `2.3.15` |
| [@vitest/coverage-v8](https://github.com/vitest-dev/vitest/tree/HEAD/packages/coverage-v8 ) | `4.0.16` | `4.0.18` |
| [drizzle-kit](https://github.com/drizzle-team/drizzle-orm ) | `0.31.8` | `0.31.9` |
| [supertest](https://github.com/ladjs/supertest ) | `7.1.4` | `7.2.2` |
| [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest ) | `4.0.16` | `4.0.18` |
Updates `@fastify/multipart` from 9.3.0 to 9.4.0
- [Release notes](https://github.com/fastify/fastify-multipart/releases )
- [Commits](https://github.com/fastify/fastify-multipart/compare/v9.3.0...v9.4.0 )
Updates `@libsql/client` from 0.10.0 to 0.17.0
- [Release notes](https://github.com/tursodatabase/libsql-client-ts/releases )
- [Changelog](https://github.com/tursodatabase/libsql-client-ts/blob/main/CHANGELOG.md )
- [Commits](https://github.com/tursodatabase/libsql-client-ts/commits/v0.17.0/packages/libsql-client )
Updates `argon2` from 0.40.3 to 0.44.0
- [Release notes](https://github.com/ranisalt/node-argon2/releases )
- [Commits](https://github.com/ranisalt/node-argon2/commits/v0.44.0 )
Updates `fastify` from 5.7.3 to 5.7.4
- [Release notes](https://github.com/fastify/fastify/releases )
- [Commits](https://github.com/fastify/fastify/compare/v5.7.3...v5.7.4 )
Updates `openid-client` from 6.8.1 to 6.8.2
- [Release notes](https://github.com/panva/openid-client/releases )
- [Changelog](https://github.com/panva/openid-client/blob/main/CHANGELOG.md )
- [Commits](https://github.com/panva/openid-client/compare/v6.8.1...v6.8.2 )
Updates `@biomejs/biome` from 2.3.12 to 2.3.15
- [Release notes](https://github.com/biomejs/biome/releases )
- [Changelog](https://github.com/biomejs/biome/blob/main/packages/@biomejs/biome/CHANGELOG.md )
- [Commits](https://github.com/biomejs/biome/commits/@biomejs/biome@2.3.15/packages/@biomejs/biome )
Updates `@vitest/coverage-v8` from 4.0.16 to 4.0.18
- [Release notes](https://github.com/vitest-dev/vitest/releases )
- [Commits](https://github.com/vitest-dev/vitest/commits/v4.0.18/packages/coverage-v8 )
Updates `drizzle-kit` from 0.31.8 to 0.31.9
- [Release notes](https://github.com/drizzle-team/drizzle-orm/releases )
- [Commits](https://github.com/drizzle-team/drizzle-orm/compare/drizzle-kit@0.31.8...drizzle-kit@0.31.9 )
Updates `supertest` from 7.1.4 to 7.2.2
- [Release notes](https://github.com/ladjs/supertest/releases )
- [Commits](https://github.com/ladjs/supertest/compare/v7.1.4...v7.2.2 )
Updates `vitest` from 4.0.16 to 4.0.18
- [Release notes](https://github.com/vitest-dev/vitest/releases )
- [Commits](https://github.com/vitest-dev/vitest/commits/v4.0.18/packages/vitest )
---
updated-dependencies:
- dependency-name: "@fastify/multipart"
dependency-version: 9.4.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: minor-and-patch
- dependency-name: "@libsql/client"
dependency-version: 0.17.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: minor-and-patch
- dependency-name: argon2
dependency-version: 0.44.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: minor-and-patch
- dependency-name: fastify
dependency-version: 5.7.4
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: minor-and-patch
- dependency-name: openid-client
dependency-version: 6.8.2
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: minor-and-patch
- dependency-name: "@biomejs/biome"
dependency-version: 2.3.15
dependency-type: direct:development
update-type: version-update:semver-patch
dependency-group: minor-and-patch
- dependency-name: "@vitest/coverage-v8"
dependency-version: 4.0.18
dependency-type: direct:development
update-type: version-update:semver-patch
dependency-group: minor-and-patch
- dependency-name: drizzle-kit
dependency-version: 0.31.9
dependency-type: direct:development
update-type: version-update:semver-patch
dependency-group: minor-and-patch
- dependency-name: supertest
dependency-version: 7.2.2
dependency-type: direct:development
update-type: version-update:semver-minor
dependency-group: minor-and-patch
- dependency-name: vitest
dependency-version: 4.0.18
dependency-type: direct:development
update-type: version-update:semver-patch
dependency-group: minor-and-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-13 20:10:51 +01:00
0b0472f2f5
Fix OIDC token exchange behind HTTPS reverse proxy ( #162 )
...
* Initial plan
* Fix OIDC callback URL construction for HTTPS reverse proxy
- Replace hardcoded http:// URL with OIDC_REDIRECT_URI from environment
- Build complete callback URL with query parameters for proper validation
- Fixes token exchange 401 errors when running behind HTTPS reverse proxy
Co-authored-by: DanielVolz <3275994+DanielVolz@users.noreply.github.com >
* Update OIDC_REDIRECT_URI documentation to clarify full URL requirement
Co-authored-by: DanielVolz <3275994+DanielVolz@users.noreply.github.com >
* fix: format oidc.ts to pass biome check
---------
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com >
Co-authored-by: DanielVolz <3275994+DanielVolz@users.noreply.github.com >
Co-authored-by: Daniel Volz <mail@danielvolz.org >
2026-02-13 18:29:33 +01:00
38f3533dd9
build(deps-dev): bump qs from 6.14.1 to 6.14.2 in /backend ( #158 )
...
Bumps [qs](https://github.com/ljharb/qs ) from 6.14.1 to 6.14.2.
- [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md )
- [Commits](https://github.com/ljharb/qs/compare/v6.14.1...v6.14.2 )
---
updated-dependencies:
- dependency-name: qs
dependency-version: 6.14.2
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-12 21:43:41 +01:00
463c756447
build(deps): bump fast-xml-parser and @aws-sdk/client-ses in /backend ( #157 )
...
Bumps [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser ) and [@aws-sdk/client-ses](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-ses ). These dependencies needed to be updated together.
Updates `fast-xml-parser` from 5.2.5 to 5.3.4
- [Release notes](https://github.com/NaturalIntelligence/fast-xml-parser/releases )
- [Changelog](https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md )
- [Commits](https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.2.5...v5.3.4 )
Updates `@aws-sdk/client-ses` from 3.956.0 to 3.988.0
- [Release notes](https://github.com/aws/aws-sdk-js-v3/releases )
- [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-ses/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.988.0/clients/client-ses )
---
updated-dependencies:
- dependency-name: fast-xml-parser
dependency-version: 5.3.4
dependency-type: indirect
- dependency-name: "@aws-sdk/client-ses"
dependency-version: 3.988.0
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-12 21:43:35 +01:00
4275dca838
fix: improve modal scroll lock and e2e script workflow ( #156 )
2026-02-12 21:43:28 +01:00
f56f2b7c88
feat: backend improvements - reminder tracking, share stock status, planner notifications ( #145 )
...
- Separate stock/intake reminder tracking in DB with dedicated columns
- Add shareStockStatus setting to control stock visibility on shared links
- Rewrite planner notification to support both email and Shoutrrr push
- Add push notification footer text for intake and stock reminders
- New DB migrations: stock_reminder_tracking (0006), share_stock_status (0007)
- Update backend i18n with demandCalculator section and critically low text
- Add 514 passing backend tests including new coverage for all changes
2026-02-09 19:32:32 +01:00
8c5deed4c2
feat: theme dropdown with system preference and comprehensive bottle-type fixes ( #138 )
...
- Replace dark/light toggle with Light/Dark/System dropdown menu
- System theme follows OS prefers-color-scheme setting
- Apply theme dropdown to shared schedule page
- Fix 7 packageType (bottle) bugs across stock calc, share, refills, export/import
- Fix planner bottle-type stock calculation and display
- Fix dailyRate double-counting with per-intake takenBy
- Fix About modal update check stale caching
- Fix intake reminder past-intake seeding and push title
- Fix phantom DB path in drizzle.config.ts
- Fix mobile dose field visibility
- Make medication name clickable in dashboard reminder bar
- Improve planner checkbox UX with inline tooltip
- Add 20+ new tests covering all fixes
2026-02-08 20:32:40 +01:00
dependabot[bot]
Daniel Volz
Copilot