chore: release v1.17.0 (#348)

* chore: update dependabot automation and agent governance

* chore: trigger required CI checks for governance PR

.env.example

@@ -11,10 +11,18 @@ PGID=1000
 
 PORT=3000
 CORS_ORIGINS=http://localhost:4174
-LOG_LEVEL=info
+LOG_LEVEL=warn
 # Levels: debug, info, warn, error, silent
 # Controls: backend Fastify logging, frontend nginx access logs (Docker),
 #           and frontend browser console (via build-time injection)
+#
+# Behavior per level:
+#   debug  — all app logs + all HTTP request logs (including polling endpoints)
+#   info   — all app logs + HTTP request logs, EXCEPT high-frequency polling
+#            (GET /doses/taken, GET /share/:token/doses, GET /health are hidden)
+#   warn   — only warnings and errors
+#   error  — only errors
+#   silent — no logs
 
 # Rate limit: max requests per minute per IP (default: 100)
 # Increase for development/testing environments
@@ -32,6 +40,9 @@ AUTH_ENABLED=false
 # Allow new user registrations (auto-enabled when no users exist)
 # REGISTRATION_ENABLED=false
 
+# Disable username/password form login (useful for OIDC-only setups)
+# FORM_LOGIN_ENABLED=true
+
 # JWT Secrets - REQUIRED when AUTH_ENABLED=true
 # Generate with: openssl rand -hex 32
 # JWT_SECRET=

.github/agents/principal-software-engineer.agent.md

@@ -0,0 +1,42 @@
+---
+description: 'Provide principal-level software engineering guidance with focus on engineering excellence, technical leadership, and pragmatic implementation.'
+name: 'Principal software engineer'
+tools: ['changes', 'search/codebase', 'edit/editFiles', 'extensions', 'web/fetch', 'findTestFiles', 'githubRepo', 'new', 'openSimpleBrowser', 'problems', 'runCommands', 'runTasks', 'runTests', 'search', 'search/searchResults', 'runCommands/terminalLastCommand', 'runCommands/terminalSelection', 'testFailure', 'usages', 'vscodeAPI', 'github']
+---
+# Principal software engineer mode instructions
+
+You are in principal software engineer mode. Your task is to provide expert-level engineering guidance that balances craft excellence with pragmatic delivery as if you were Martin Fowler, renowned software engineer and thought leader in software design.
+
+## Core Engineering Principles
+
+You will provide guidance on:
+
+- **Engineering Fundamentals**: Gang of Four design patterns, SOLID principles, DRY, YAGNI, and KISS - applied pragmatically based on context
+- **Clean Code Practices**: Readable, maintainable code that tells a story and minimizes cognitive load
+- **Test Automation**: Comprehensive testing strategy including unit, integration, and end-to-end tests with clear test pyramid implementation
+- **Quality Attributes**: Balancing testability, maintainability, scalability, performance, security, and understandability
+- **Technical Leadership**: Clear feedback, improvement recommendations, and mentoring through code reviews
+
+## Implementation Focus
+
+- **Requirements Analysis**: Carefully review requirements, document assumptions explicitly, identify edge cases and assess risks
+- **Implementation Excellence**: Implement the best design that meets architectural requirements without over-engineering
+- **Pragmatic Craft**: Balance engineering excellence with delivery needs - good over perfect, but never compromising on fundamentals
+- **Forward Thinking**: Anticipate future needs, identify improvement opportunities, and proactively address technical debt
+
+## Technical Debt Management
+
+When technical debt is incurred or identified:
+
+- **MUST** offer to create GitHub Issues using the `create_issue` tool to track remediation
+- Clearly document consequences and remediation plans
+- Regularly recommend GitHub Issues for requirements gaps, quality issues, or design improvements
+- Assess long-term impact of untended technical debt
+
+## Deliverables
+
+- Clear, actionable feedback with specific improvement recommendations
+- Risk assessments with mitigation strategies
+- Edge case identification and testing strategies
+- Explicit documentation of assumptions and decisions
+- Technical debt remediation plans with GitHub Issue creation

.github/agents/release-manager.agent.md

@@ -12,11 +12,14 @@ You are the release manager for **MedAssist-ng**. Your job is to guide code from
 
 ## Critical Safety Rules
 
+- **Do EXACTLY what the user asks — nothing more.** If the user says "create a PR and merge to main", do only that. Do NOT also start a release. If the user says "do a release", do only the release. Never chain additional steps the user did not request.
 - **NEVER release, tag, push, or create PRs without explicit user confirmation at each step.** Always present your plan and wait for approval.
 - **This specialist agent is the only agent allowed to perform remote release operations after explicit confirmation.**
 - **NEVER push directly to `main`** — GitHub will reject it (`GH013: Repository rule violations`). All changes go through Pull Requests.
 - **NEVER skip CI checks.** Wait for all status checks to pass before merging.
 - **Testing ownership belongs to `@testing-manager`**. Do not plan or implement tests in this agent; request/hand off to testing-manager when testing work is required.
+- **Pre-PR local quality gate is mandatory**: before creating any PR, require confirmation from `@testing-manager` that lint is clean (no errors and no simple/fixable warnings) and all relevant tests passed locally.
+- **No CI-first failures policy**: do not use GitHub CI as first detection for obvious test/lint regressions; those must be reproducible and fixed locally before PR creation.
 - **Track all work in the GitHub Project board.** Every PR should reference an issue. Move issues through the board as work progresses.
 - **ALWAYS verify Project board status after merge.** The `project-auto-done.yml` workflow moves items to "Done" automatically when issues close or PRs merge. Verify it ran successfully; if it didn't, move items manually via GraphQL (see Task 6).
 
@@ -119,7 +122,9 @@ When code changes (features or bug fixes) are complete:
 ### Step 1: Verify Readiness
 
 1. Check for uncommitted changes: `git status`
-2. Confirm testing has been completed by `@testing-manager` and CI is expected to pass.
+2. Confirm testing has been completed by `@testing-manager`.
+3. Confirm pre-PR local gate is passed: lint clean (no errors and no simple/fixable warnings) and all relevant tests pass locally.
+4. Only after local gate is confirmed, proceed to push/create PR and then monitor CI.
 
 ### Step 2: Create Feature Branch
 
@@ -140,11 +145,12 @@ When code changes (features or bug fixes) are complete:
 
 ### Step 3: Push and Create PR
 
-1. Push the branch:
+1. Re-check local gate status before push/PR creation (lint + relevant local tests green).
+2. Push the branch:
    ```bash
    git push -u origin feat/short-description
    ```
-2. Create a Pull Request via GitHub CLI with **all metadata fields populated**:
+3. Create a Pull Request via GitHub CLI with **all metadata fields populated**:
    ```bash
    gh pr create \
      --title "fix: short description" \
@@ -158,7 +164,7 @@ When code changes (features or bug fixes) are complete:
    - Use `--label enhancement` for `feat/` branches, `--label bug` for `fix/` branches, `--label documentation` for `docs/` branches.
    - Using `Closes #N` in the PR body ensures the issue is automatically closed on merge.
    - The `--project` flag links the PR to the Project board.
-3. **Present the PR URL to the user and wait for confirmation.**
+4. **Present the PR URL to the user and wait for confirmation.**
 
 ### Step 4: Wait for CI and Merge
 

.github/agents/testing-manager.agent.md

@@ -14,12 +14,17 @@ You are the testing manager for **MedAssist-ng**. Your job is to ensure every fe
 
 - **Tests are mandatory**: Every new feature and every bug fix MUST have corresponding tests.
 - **Fix bugs, don't test around them**: If behavior is incorrect, fix the implementation first, then write tests for correct behavior.
+- **Linting is a hard quality gate**: resolve all lint errors and all simple/fixable warnings before handoff, especially before PR handoff from `@release-manager`.
+- **Pre-PR local gate is mandatory**: before any PR is created, all lint errors must be fixed and all relevant tests must pass locally.
+- **No CI-first failures**: tests must fail locally when broken and be fixed locally before PR handoff; do not rely on GitHub CI to discover obvious regressions.
 - **Run tests non-interactively**: Use `CI=true` where required to avoid watch-mode hangs.
 - **Playwright must disable auto-open reports**: Always prefix Playwright runs with `PLAYWRIGHT_HTML_OPEN=never`.
 - **Keep CI E2E stable**: Use `PLAYWRIGHT_WORKERS=1` in CI unless a change is explicitly requested.
 - **Never start interactive report servers**: Do not run commands that wait for manual input (for example Playwright HTML report server: `Serving HTML report ... Press Ctrl+C to quit`). Always use finite, non-interactive commands and reporters.
 - **No remote git operations**: Do not push, merge, create PRs, tags, or releases. Hand over to `@release-manager` when ready.
 - **Keep scope focused**: Do not fix unrelated failures unless explicitly requested.
+- **Tests must be valid and reliable**: no fake-green tests, no assertions that skip core logic, no over-mocking that hides real behavior, and no brittle timing-only assertions.
+- **Regression prevention is mandatory**: every fixed bug must get a deterministic regression test that fails before the fix and passes after it.
 
 ## CI/CD Ownership Boundary
 
@@ -29,9 +34,9 @@ You are the testing manager for **MedAssist-ng**. Your job is to ensure every fe
 
 ## Test Stack & Locations
 
-- **Backend**: Vitest 2.1 + v8 coverage
-- **Frontend unit/integration**: Vitest
-- **E2E**: Playwright
+- **Backend unit/integration**: Vitest 4 + v8 coverage (`backend/src/test/*.test.ts`)
+- **Frontend unit/integration**: Vitest 4 + Testing Library (`frontend/src/test/**`)
+- **Frontend E2E**: Playwright (`frontend/e2e/**`) using stable config for CI-like runs
 
 Primary locations:
 
@@ -45,22 +50,41 @@ Primary locations:
 2. Add/update tests near the affected feature.
 3. Run the smallest relevant subset first.
 4. Expand to broader suites if subset passes.
-5. Report what was run, what passed, and any remaining known failures.
+5. Run lint + required local test/build gates before PR handoff.
+6. Report what was run, what passed, and any remaining known failures.
+
+## Lint and Quality Gates
+
+- Run lint as part of every validation cycle when code changed.
+- Required before PR creation and before PR-ready handoff from `@release-manager`: no lint errors and no simple/fixable warnings left unresolved.
+- If lint fails, fix root causes first, then re-run affected tests.
+- Required before PR creation: relevant local tests must pass (`backend`/`frontend` unit tests and relevant Playwright scope when affected).
+- If CI fails after a claimed local pass, treat it as a test validity gap and close that gap with deterministic local reproduction.
+
+Recommended commands:
+
+```bash
+npm run lint
+cd backend && npm run check
+cd frontend && npm run check
+```
 
 ## Commands
 
 ### Backend
 
 ```bash
-cd backend && CI=true npm test
+cd backend && CI=true npm run test:run
 cd backend && CI=true npm run test:coverage
-cd backend && CI=true npm test -- -t "test name"
+cd backend && CI=true npm run test:run -- -t "test name"
 ```
 
 ### Frontend
 
 ```bash
-cd frontend && CI=true npm test
+cd frontend && CI=true npm run test:run
+cd frontend && CI=true npm run test:coverage
+cd frontend && CI=true npm run test:run -- -t "test name"
 cd frontend && npm run lint
 cd frontend && npm run build
 ```
@@ -69,6 +93,7 @@ cd frontend && npm run build
 
 ```bash
 cd frontend && PLAYWRIGHT_HTML_OPEN=never npm run test:e2e
+cd frontend && PLAYWRIGHT_HTML_OPEN=never PLAYWRIGHT_WORKERS=1 npm run test:e2e -- --workers=1
 cd frontend && PLAYWRIGHT_HTML_OPEN=never PLAYWRIGHT_WORKERS=4 npm run test:e2e:local
 cd frontend && PLAYWRIGHT_HTML_OPEN=never npm run test:e2e -- --project=chromium
 # Never use interactive UI/headed/report-server commands in agent runs.
@@ -81,6 +106,7 @@ cd frontend && PLAYWRIGHT_HTML_OPEN=never npm run test:e2e -- --project=chromium
 - Validate both status codes and response payloads.
 - Add regression tests for every fixed bug.
 - Keep tests deterministic and isolated.
+- Validate observable behavior, not implementation details.
 
 ## E2E Test Patterns
 
@@ -88,6 +114,15 @@ cd frontend && PLAYWRIGHT_HTML_OPEN=never npm run test:e2e -- --project=chromium
 - Avoid flaky timing assumptions; prefer waiting for concrete UI states.
 - For auth-sensitive flows, handle both auth-enabled and auth-disabled environments when applicable.
 - For CI triage, inspect failed run logs first, then reproduce locally with targeted specs.
+- Prefer user-meaningful assertions (visible state, persisted effects, API-visible outcomes) over brittle internal hooks.
+
+## Test Validity Checklist
+
+- The test fails when the real target logic is intentionally broken.
+- The assertion verifies functional behavior, not just mocked calls.
+- Mocks/stubs are minimal and do not replace the unit under test.
+- The test is deterministic across repeated local and CI runs.
+- The test protects against the specific regression that was fixed.
 
 ## CI Failure Triage
 
@@ -118,6 +153,9 @@ When test checks fail:
 Testing work is complete when:
 
 - Required tests exist and validate intended behavior.
+- Tests are proven valid (not fake-green) and reliable.
+- Lint is clean: no errors and no simple/fixable warnings left.
+- Pre-PR local gate passed: lint and all relevant tests pass locally before handoff for PR creation.
 - Relevant local test commands pass.
 - CI test failures are resolved or clearly documented with rationale.
 - No temporary debugging files remain in the workspace.

.github/copilot-instructions.md

@@ -1,5 +1,11 @@
 # MedAssist-ng - Copilot Entry Point
 
+## VERY IMPORTANT
+
+- Always keep agent work memory updated in `doku/memory_notes.md` so progress and decisions remain recoverable across context loss.
+- Always keep a user-facing work report updated in `doku/report.md` so completed work is easy to review.
+- This memory/report rule replaces the previous `doku/APP_BEHAVIOR.md` persistence requirement.
+
 Use `AGENTS.md` as the single source of truth for all governance, workflow, and skill rules.
 
 ## Required Startup Steps

.github/dependabot.yml

@@ -7,9 +7,11 @@ updates:
     schedule:
       interval: "weekly"
       day: "monday"
+      time: "06:20"
     open-pull-requests-limit: 10
     labels:
       - "dependencies"
+      - "backend"
     groups:
       minor-and-patch:
         update-types:
@@ -22,9 +24,11 @@ updates:
     schedule:
       interval: "weekly"
       day: "monday"
+      time: "06:10"
     open-pull-requests-limit: 10
     labels:
       - "dependencies"
+      - "frontend"
     groups:
       minor-and-patch:
         update-types:
@@ -37,9 +41,16 @@ updates:
     schedule:
       interval: "weekly"
       day: "monday"
+      time: "06:00"
     open-pull-requests-limit: 5
     labels:
       - "dependencies"
+      - "root"
+    groups:
+      minor-and-patch:
+        update-types:
+          - "minor"
+          - "patch"
 
   # GitHub Actions
   - package-ecosystem: "github-actions"
@@ -47,7 +58,13 @@ updates:
     schedule:
       interval: "weekly"
       day: "monday"
+      time: "06:30"
     open-pull-requests-limit: 5
     labels:
       - "dependencies"
       - "ci"
+    groups:
+      minor-and-patch:
+        update-types:
+          - "minor"
+          - "patch"

.github/workflows/dependabot-automerge.yml

@@ -0,0 +1,37 @@
+name: Dependabot Automerge
+
+on:
+  pull_request_target:
+    types:
+      - opened
+      - reopened
+      - synchronize
+      - ready_for_review
+
+permissions:
+  contents: write
+  pull-requests: write
+
+jobs:
+  enable-automerge:
+    if: github.actor == 'dependabot[bot]'
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Read Dependabot metadata
+        id: metadata
+        uses: dependabot/fetch-metadata@v2
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Enable auto-merge for safe updates
+        if: >-
+          (steps.metadata.outputs.package-ecosystem == 'npm' ||
+          steps.metadata.outputs.package-ecosystem == 'github_actions') &&
+          (steps.metadata.outputs.update-type == 'version-update:semver-minor' ||
+          steps.metadata.outputs.update-type == 'version-update:semver-patch')
+        uses: peter-evans/enable-pull-request-automerge@v3
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}
+          pull-request-number: ${{ github.event.pull_request.number }}
+          merge-method: squash

.github/workflows/docker-build.yml

@@ -4,6 +4,12 @@ on:
   push:
     branches: [main]
     tags: ['v*']
+    paths:
+      - 'backend/**'
+      - 'frontend/**'
+      - 'docker-compose.yml'
+      - 'docker-compose.dev.yml'
+      - '.github/workflows/docker-build.yml'
   workflow_dispatch:
     inputs:
       tag:

.gitignore

@@ -82,4 +82,5 @@ Thumbs.db
 .claude/
 AGENTS.md
 docs/TECH_STACK.md
-doku
+doku
+plan

README.md

@@ -10,7 +10,7 @@
 </p>
 
 <p align="center">
-  <img src="https://img.shields.io/badge/React-18-61DAFB?logo=react" alt="React 18" />
+  <img src="https://img.shields.io/badge/React-19-61DAFB?logo=react" alt="React 19" />
   <img src="https://img.shields.io/badge/TypeScript-5-3178C6?logo=typescript" alt="TypeScript" />
   <img src="https://img.shields.io/badge/Fastify-5-000000?logo=fastify" alt="Fastify" />
   <img src="https://img.shields.io/badge/SQLite-Database-003B57?logo=sqlite" alt="SQLite" />
@@ -19,12 +19,12 @@
 
 <p align="center">
   <img src="https://img.shields.io/badge/Backend_Tests-569%2F569-brightgreen?logo=vitest" alt="Backend Tests 454/454" />
-  <img src="https://img.shields.io/badge/Frontend_Tests-771%2F771-brightgreen?logo=vitest" alt="Frontend Tests 611/611" />
+  <img src="https://img.shields.io/badge/Frontend_Tests-769%2F769-brightgreen?logo=vitest" alt="Frontend Tests 611/611" />
 </p>
 
 ### 🤖 AI-Generated Code
 
-> This app was 100% coded with Claude Opus 4.5. Use at your own risk.
+> This app was 100% coded with [Claude Opus 4.6](https://www.anthropic.com/claude) and [GPT-5.3 Codex](https://openai.com/index/gpt-5/). Use at your own risk.
 
 ### ⚠️ Disclaimer
 
@@ -194,7 +194,7 @@ All configuration is done via environment variables in `.env`. Copy `.env.exampl
 | `PGID` | `1000` | Group ID for container file permissions |
 | `PORT` | `3000` | Backend API port |
 | `CORS_ORIGINS` | `http://localhost:4174` | Allowed origins for CORS |
-| `LOG_LEVEL` | `info` | Log verbosity (`debug`, `info`, `warn`, `error`) |
+| `LOG_LEVEL` | `info` | Log verbosity (`debug`, `info`, `warn`, `error`, `silent`). At `info` (default), high-frequency polling endpoints are suppressed. Set `debug` to see all requests. |
 | `TZ` | `Europe/Berlin` | Timezone for scheduled reminders |
 
 ### Authentication
@@ -326,6 +326,13 @@ npm run test:e2e:all:local  # local all-browser run with PLAYWRIGHT_WORKERS=4
 - CI stays at `PLAYWRIGHT_WORKERS=1` for stability.
 - Data-heavy specs remain sequential via the `chromium-data` project config.
 
+# Dependency Updates
+
+- Dependabot checks dependencies weekly for `frontend`, `backend`, repository root tooling, and GitHub Actions.
+- Minor and patch updates are grouped to reduce PR noise.
+- Dependabot minor/patch PRs are configured for auto-merge after required CI checks pass.
+- Major updates still require manual review before merge.
+
 # Acknowledgements
 
 This project was inspired by [MedAssist](https://github.com/njic/medassist) by njic.

backend/package-lock.json

@@ -1,12 +1,12 @@
 {
   "name": "medassist-ng-backend",
-  "version": "1.16.0",
+  "version": "1.16.1",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "medassist-ng-backend",
-      "version": "1.16.0",
+      "version": "1.16.1",
       "dependencies": {
         "@fastify/cookie": "^11.0.2",
         "@fastify/cors": "^11.2.0",
@@ -33,6 +33,7 @@
         "@types/supertest": "^6.0.2",
         "@vitest/coverage-v8": "^4.0.18",
         "drizzle-kit": "^0.31.9",
+        "pino-pretty": "^13.1.3",
         "supertest": "^7.2.2",
         "tsx": "^4.19.0",
         "typescript": "^5.5.4",
@@ -2228,9 +2229,9 @@
       "license": "MIT"
     },
     "node_modules/@rollup/rollup-android-arm-eabi": {
-      "version": "4.57.1",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-android-arm-eabi/-/rollup-android-arm-eabi-4.57.1.tgz",
-      "integrity": "sha512-A6ehUVSiSaaliTxai040ZpZ2zTevHYbvu/lDoeAteHI8QnaosIzm4qwtezfRg1jOYaUmnzLX1AOD6Z+UJjtifg==",
+      "version": "4.59.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-android-arm-eabi/-/rollup-android-arm-eabi-4.59.0.tgz",
+      "integrity": "sha512-upnNBkA6ZH2VKGcBj9Fyl9IGNPULcjXRlg0LLeaioQWueH30p6IXtJEbKAgvyv+mJaMxSm1l6xwDXYjpEMiLMg==",
       "cpu": [
         "arm"
       ],
@@ -2242,9 +2243,9 @@
       ]
     },
     "node_modules/@rollup/rollup-android-arm64": {
-      "version": "4.57.1",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-android-arm64/-/rollup-android-arm64-4.57.1.tgz",
-      "integrity": "sha512-dQaAddCY9YgkFHZcFNS/606Exo8vcLHwArFZ7vxXq4rigo2bb494/xKMMwRRQW6ug7Js6yXmBZhSBRuBvCCQ3w==",
+      "version": "4.59.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-android-arm64/-/rollup-android-arm64-4.59.0.tgz",
+      "integrity": "sha512-hZ+Zxj3SySm4A/DylsDKZAeVg0mvi++0PYVceVyX7hemkw7OreKdCvW2oQ3T1FMZvCaQXqOTHb8qmBShoqk69Q==",
       "cpu": [
         "arm64"
       ],
@@ -2256,9 +2257,9 @@
       ]
     },
     "node_modules/@rollup/rollup-darwin-arm64": {
-      "version": "4.57.1",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-darwin-arm64/-/rollup-darwin-arm64-4.57.1.tgz",
-      "integrity": "sha512-crNPrwJOrRxagUYeMn/DZwqN88SDmwaJ8Cvi/TN1HnWBU7GwknckyosC2gd0IqYRsHDEnXf328o9/HC6OkPgOg==",
+      "version": "4.59.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-darwin-arm64/-/rollup-darwin-arm64-4.59.0.tgz",
+      "integrity": "sha512-W2Psnbh1J8ZJw0xKAd8zdNgF9HRLkdWwwdWqubSVk0pUuQkoHnv7rx4GiF9rT4t5DIZGAsConRE3AxCdJ4m8rg==",
       "cpu": [
         "arm64"
       ],
@@ -2270,9 +2271,9 @@
       ]
     },
     "node_modules/@rollup/rollup-darwin-x64": {
-      "version": "4.57.1",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-darwin-x64/-/rollup-darwin-x64-4.57.1.tgz",
-      "integrity": "sha512-Ji8g8ChVbKrhFtig5QBV7iMaJrGtpHelkB3lsaKzadFBe58gmjfGXAOfI5FV0lYMH8wiqsxKQ1C9B0YTRXVy4w==",
+      "version": "4.59.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-darwin-x64/-/rollup-darwin-x64-4.59.0.tgz",
+      "integrity": "sha512-ZW2KkwlS4lwTv7ZVsYDiARfFCnSGhzYPdiOU4IM2fDbL+QGlyAbjgSFuqNRbSthybLbIJ915UtZBtmuLrQAT/w==",
       "cpu": [
         "x64"
       ],
@@ -2284,9 +2285,9 @@
       ]
     },
     "node_modules/@rollup/rollup-freebsd-arm64": {
-      "version": "4.57.1",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-freebsd-arm64/-/rollup-freebsd-arm64-4.57.1.tgz",
-      "integrity": "sha512-R+/WwhsjmwodAcz65guCGFRkMb4gKWTcIeLy60JJQbXrJ97BOXHxnkPFrP+YwFlaS0m+uWJTstrUA9o+UchFug==",
+      "version": "4.59.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-freebsd-arm64/-/rollup-freebsd-arm64-4.59.0.tgz",
+      "integrity": "sha512-EsKaJ5ytAu9jI3lonzn3BgG8iRBjV4LxZexygcQbpiU0wU0ATxhNVEpXKfUa0pS05gTcSDMKpn3Sx+QB9RlTTA==",
       "cpu": [
         "arm64"
       ],
@@ -2298,9 +2299,9 @@
       ]
     },
     "node_modules/@rollup/rollup-freebsd-x64": {
-      "version": "4.57.1",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-freebsd-x64/-/rollup-freebsd-x64-4.57.1.tgz",
-      "integrity": "sha512-IEQTCHeiTOnAUC3IDQdzRAGj3jOAYNr9kBguI7MQAAZK3caezRrg0GxAb6Hchg4lxdZEI5Oq3iov/w/hnFWY9Q==",
+      "version": "4.59.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-freebsd-x64/-/rollup-freebsd-x64-4.59.0.tgz",
+      "integrity": "sha512-d3DuZi2KzTMjImrxoHIAODUZYoUUMsuUiY4SRRcJy6NJoZ6iIqWnJu9IScV9jXysyGMVuW+KNzZvBLOcpdl3Vg==",
       "cpu": [
         "x64"
       ],
@@ -2312,9 +2313,9 @@
       ]
     },
     "node_modules/@rollup/rollup-linux-arm-gnueabihf": {
-      "version": "4.57.1",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm-gnueabihf/-/rollup-linux-arm-gnueabihf-4.57.1.tgz",
-      "integrity": "sha512-F8sWbhZ7tyuEfsmOxwc2giKDQzN3+kuBLPwwZGyVkLlKGdV1nvnNwYD0fKQ8+XS6hp9nY7B+ZeK01EBUE7aHaw==",
+      "version": "4.59.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm-gnueabihf/-/rollup-linux-arm-gnueabihf-4.59.0.tgz",
+      "integrity": "sha512-t4ONHboXi/3E0rT6OZl1pKbl2Vgxf9vJfWgmUoCEVQVxhW6Cw/c8I6hbbu7DAvgp82RKiH7TpLwxnJeKv2pbsw==",
       "cpu": [
         "arm"
       ],
@@ -2326,9 +2327,9 @@
       ]
     },
     "node_modules/@rollup/rollup-linux-arm-musleabihf": {
-      "version": "4.57.1",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm-musleabihf/-/rollup-linux-arm-musleabihf-4.57.1.tgz",
-      "integrity": "sha512-rGfNUfn0GIeXtBP1wL5MnzSj98+PZe/AXaGBCRmT0ts80lU5CATYGxXukeTX39XBKsxzFpEeK+Mrp9faXOlmrw==",
+      "version": "4.59.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm-musleabihf/-/rollup-linux-arm-musleabihf-4.59.0.tgz",
+      "integrity": "sha512-CikFT7aYPA2ufMD086cVORBYGHffBo4K8MQ4uPS/ZnY54GKj36i196u8U+aDVT2LX4eSMbyHtyOh7D7Zvk2VvA==",
       "cpu": [
         "arm"
       ],
@@ -2340,9 +2341,9 @@
       ]
     },
     "node_modules/@rollup/rollup-linux-arm64-gnu": {
-      "version": "4.57.1",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm64-gnu/-/rollup-linux-arm64-gnu-4.57.1.tgz",
-      "integrity": "sha512-MMtej3YHWeg/0klK2Qodf3yrNzz6CGjo2UntLvk2RSPlhzgLvYEB3frRvbEF2wRKh1Z2fDIg9KRPe1fawv7C+g==",
+      "version": "4.59.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm64-gnu/-/rollup-linux-arm64-gnu-4.59.0.tgz",
+      "integrity": "sha512-jYgUGk5aLd1nUb1CtQ8E+t5JhLc9x5WdBKew9ZgAXg7DBk0ZHErLHdXM24rfX+bKrFe+Xp5YuJo54I5HFjGDAA==",
       "cpu": [
         "arm64"
       ],
@@ -2354,9 +2355,9 @@
       ]
     },
     "node_modules/@rollup/rollup-linux-arm64-musl": {
-      "version": "4.57.1",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm64-musl/-/rollup-linux-arm64-musl-4.57.1.tgz",
-      "integrity": "sha512-1a/qhaaOXhqXGpMFMET9VqwZakkljWHLmZOX48R0I/YLbhdxr1m4gtG1Hq7++VhVUmf+L3sTAf9op4JlhQ5u1Q==",
+      "version": "4.59.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm64-musl/-/rollup-linux-arm64-musl-4.59.0.tgz",
+      "integrity": "sha512-peZRVEdnFWZ5Bh2KeumKG9ty7aCXzzEsHShOZEFiCQlDEepP1dpUl/SrUNXNg13UmZl+gzVDPsiCwnV1uI0RUA==",
       "cpu": [
         "arm64"
       ],
@@ -2368,9 +2369,9 @@
       ]
     },
     "node_modules/@rollup/rollup-linux-loong64-gnu": {
-      "version": "4.57.1",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-loong64-gnu/-/rollup-linux-loong64-gnu-4.57.1.tgz",
-      "integrity": "sha512-QWO6RQTZ/cqYtJMtxhkRkidoNGXc7ERPbZN7dVW5SdURuLeVU7lwKMpo18XdcmpWYd0qsP1bwKPf7DNSUinhvA==",
+      "version": "4.59.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-loong64-gnu/-/rollup-linux-loong64-gnu-4.59.0.tgz",
+      "integrity": "sha512-gbUSW/97f7+r4gHy3Jlup8zDG190AuodsWnNiXErp9mT90iCy9NKKU0Xwx5k8VlRAIV2uU9CsMnEFg/xXaOfXg==",
       "cpu": [
         "loong64"
       ],
@@ -2382,9 +2383,9 @@
       ]
     },
     "node_modules/@rollup/rollup-linux-loong64-musl": {
-      "version": "4.57.1",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-loong64-musl/-/rollup-linux-loong64-musl-4.57.1.tgz",
-      "integrity": "sha512-xpObYIf+8gprgWaPP32xiN5RVTi/s5FCR+XMXSKmhfoJjrpRAjCuuqQXyxUa/eJTdAE6eJ+KDKaoEqjZQxh3Gw==",
+      "version": "4.59.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-loong64-musl/-/rollup-linux-loong64-musl-4.59.0.tgz",
+      "integrity": "sha512-yTRONe79E+o0FWFijasoTjtzG9EBedFXJMl888NBEDCDV9I2wGbFFfJQQe63OijbFCUZqxpHz1GzpbtSFikJ4Q==",
       "cpu": [
         "loong64"
       ],
@@ -2396,9 +2397,9 @@
       ]
     },
     "node_modules/@rollup/rollup-linux-ppc64-gnu": {
-      "version": "4.57.1",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-ppc64-gnu/-/rollup-linux-ppc64-gnu-4.57.1.tgz",
-      "integrity": "sha512-4BrCgrpZo4hvzMDKRqEaW1zeecScDCR+2nZ86ATLhAoJ5FQ+lbHVD3ttKe74/c7tNT9c6F2viwB3ufwp01Oh2w==",
+      "version": "4.59.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-ppc64-gnu/-/rollup-linux-ppc64-gnu-4.59.0.tgz",
+      "integrity": "sha512-sw1o3tfyk12k3OEpRddF68a1unZ5VCN7zoTNtSn2KndUE+ea3m3ROOKRCZxEpmT9nsGnogpFP9x6mnLTCaoLkA==",
       "cpu": [
         "ppc64"
       ],
@@ -2410,9 +2411,9 @@
       ]
     },
     "node_modules/@rollup/rollup-linux-ppc64-musl": {
-      "version": "4.57.1",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-ppc64-musl/-/rollup-linux-ppc64-musl-4.57.1.tgz",
-      "integrity": "sha512-NOlUuzesGauESAyEYFSe3QTUguL+lvrN1HtwEEsU2rOwdUDeTMJdO5dUYl/2hKf9jWydJrO9OL/XSSf65R5+Xw==",
+      "version": "4.59.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-ppc64-musl/-/rollup-linux-ppc64-musl-4.59.0.tgz",
+      "integrity": "sha512-+2kLtQ4xT3AiIxkzFVFXfsmlZiG5FXYW7ZyIIvGA7Bdeuh9Z0aN4hVyXS/G1E9bTP/vqszNIN/pUKCk/BTHsKA==",
       "cpu": [
         "ppc64"
       ],
@@ -2424,9 +2425,9 @@
       ]
     },
     "node_modules/@rollup/rollup-linux-riscv64-gnu": {
-      "version": "4.57.1",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-riscv64-gnu/-/rollup-linux-riscv64-gnu-4.57.1.tgz",
-      "integrity": "sha512-ptA88htVp0AwUUqhVghwDIKlvJMD/fmL/wrQj99PRHFRAG6Z5nbWoWG4o81Nt9FT+IuqUQi+L31ZKAFeJ5Is+A==",
+      "version": "4.59.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-riscv64-gnu/-/rollup-linux-riscv64-gnu-4.59.0.tgz",
+      "integrity": "sha512-NDYMpsXYJJaj+I7UdwIuHHNxXZ/b/N2hR15NyH3m2qAtb/hHPA4g4SuuvrdxetTdndfj9b1WOmy73kcPRoERUg==",
       "cpu": [
         "riscv64"
       ],
@@ -2438,9 +2439,9 @@
       ]
     },
     "node_modules/@rollup/rollup-linux-riscv64-musl": {
-      "version": "4.57.1",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-riscv64-musl/-/rollup-linux-riscv64-musl-4.57.1.tgz",
-      "integrity": "sha512-S51t7aMMTNdmAMPpBg7OOsTdn4tySRQvklmL3RpDRyknk87+Sp3xaumlatU+ppQ+5raY7sSTcC2beGgvhENfuw==",
+      "version": "4.59.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-riscv64-musl/-/rollup-linux-riscv64-musl-4.59.0.tgz",
+      "integrity": "sha512-nLckB8WOqHIf1bhymk+oHxvM9D3tyPndZH8i8+35p/1YiVoVswPid2yLzgX7ZJP0KQvnkhM4H6QZ5m0LzbyIAg==",
       "cpu": [
         "riscv64"
       ],
@@ -2452,9 +2453,9 @@
       ]
     },
     "node_modules/@rollup/rollup-linux-s390x-gnu": {
-      "version": "4.57.1",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-s390x-gnu/-/rollup-linux-s390x-gnu-4.57.1.tgz",
-      "integrity": "sha512-Bl00OFnVFkL82FHbEqy3k5CUCKH6OEJL54KCyx2oqsmZnFTR8IoNqBF+mjQVcRCT5sB6yOvK8A37LNm/kPJiZg==",
+      "version": "4.59.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-s390x-gnu/-/rollup-linux-s390x-gnu-4.59.0.tgz",
+      "integrity": "sha512-oF87Ie3uAIvORFBpwnCvUzdeYUqi2wY6jRFWJAy1qus/udHFYIkplYRW+wo+GRUP4sKzYdmE1Y3+rY5Gc4ZO+w==",
       "cpu": [
         "s390x"
       ],
@@ -2466,9 +2467,9 @@
       ]
     },
     "node_modules/@rollup/rollup-linux-x64-gnu": {
-      "version": "4.57.1",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-gnu/-/rollup-linux-x64-gnu-4.57.1.tgz",
-      "integrity": "sha512-ABca4ceT4N+Tv/GtotnWAeXZUZuM/9AQyCyKYyKnpk4yoA7QIAuBt6Hkgpw8kActYlew2mvckXkvx0FfoInnLg==",
+      "version": "4.59.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-gnu/-/rollup-linux-x64-gnu-4.59.0.tgz",
+      "integrity": "sha512-3AHmtQq/ppNuUspKAlvA8HtLybkDflkMuLK4DPo77DfthRb71V84/c4MlWJXixZz4uruIH4uaa07IqoAkG64fg==",
       "cpu": [
         "x64"
       ],
@@ -2480,9 +2481,9 @@
       ]
     },
     "node_modules/@rollup/rollup-linux-x64-musl": {
-      "version": "4.57.1",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-musl/-/rollup-linux-x64-musl-4.57.1.tgz",
-      "integrity": "sha512-HFps0JeGtuOR2convgRRkHCekD7j+gdAuXM+/i6kGzQtFhlCtQkpwtNzkNj6QhCDp7DRJ7+qC/1Vg2jt5iSOFw==",
+      "version": "4.59.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-musl/-/rollup-linux-x64-musl-4.59.0.tgz",
+      "integrity": "sha512-2UdiwS/9cTAx7qIUZB/fWtToJwvt0Vbo0zmnYt7ED35KPg13Q0ym1g442THLC7VyI6JfYTP4PiSOWyoMdV2/xg==",
       "cpu": [
         "x64"
       ],
@@ -2494,9 +2495,9 @@
       ]
     },
     "node_modules/@rollup/rollup-openbsd-x64": {
-      "version": "4.57.1",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-openbsd-x64/-/rollup-openbsd-x64-4.57.1.tgz",
-      "integrity": "sha512-H+hXEv9gdVQuDTgnqD+SQffoWoc0Of59AStSzTEj/feWTBAnSfSD3+Dql1ZruJQxmykT/JVY0dE8Ka7z0DH1hw==",
+      "version": "4.59.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-openbsd-x64/-/rollup-openbsd-x64-4.59.0.tgz",
+      "integrity": "sha512-M3bLRAVk6GOwFlPTIxVBSYKUaqfLrn8l0psKinkCFxl4lQvOSz8ZrKDz2gxcBwHFpci0B6rttydI4IpS4IS/jQ==",
       "cpu": [
         "x64"
       ],
@@ -2508,9 +2509,9 @@
       ]
     },
     "node_modules/@rollup/rollup-openharmony-arm64": {
-      "version": "4.57.1",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-openharmony-arm64/-/rollup-openharmony-arm64-4.57.1.tgz",
-      "integrity": "sha512-4wYoDpNg6o/oPximyc/NG+mYUejZrCU2q+2w6YZqrAs2UcNUChIZXjtafAiiZSUc7On8v5NyNj34Kzj/Ltk6dQ==",
+      "version": "4.59.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-openharmony-arm64/-/rollup-openharmony-arm64-4.59.0.tgz",
+      "integrity": "sha512-tt9KBJqaqp5i5HUZzoafHZX8b5Q2Fe7UjYERADll83O4fGqJ49O1FsL6LpdzVFQcpwvnyd0i+K/VSwu/o/nWlA==",
       "cpu": [
         "arm64"
       ],
@@ -2522,9 +2523,9 @@
       ]
     },
     "node_modules/@rollup/rollup-win32-arm64-msvc": {
-      "version": "4.57.1",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-arm64-msvc/-/rollup-win32-arm64-msvc-4.57.1.tgz",
-      "integrity": "sha512-O54mtsV/6LW3P8qdTcamQmuC990HDfR71lo44oZMZlXU4tzLrbvTii87Ni9opq60ds0YzuAlEr/GNwuNluZyMQ==",
+      "version": "4.59.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-arm64-msvc/-/rollup-win32-arm64-msvc-4.59.0.tgz",
+      "integrity": "sha512-V5B6mG7OrGTwnxaNUzZTDTjDS7F75PO1ae6MJYdiMu60sq0CqN5CVeVsbhPxalupvTX8gXVSU9gq+Rx1/hvu6A==",
       "cpu": [
         "arm64"
       ],
@@ -2536,9 +2537,9 @@
       ]
     },
     "node_modules/@rollup/rollup-win32-ia32-msvc": {
-      "version": "4.57.1",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-ia32-msvc/-/rollup-win32-ia32-msvc-4.57.1.tgz",
-      "integrity": "sha512-P3dLS+IerxCT/7D2q2FYcRdWRl22dNbrbBEtxdWhXrfIMPP9lQhb5h4Du04mdl5Woq05jVCDPCMF7Ub0NAjIew==",
+      "version": "4.59.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-ia32-msvc/-/rollup-win32-ia32-msvc-4.59.0.tgz",
+      "integrity": "sha512-UKFMHPuM9R0iBegwzKF4y0C4J9u8C6MEJgFuXTBerMk7EJ92GFVFYBfOZaSGLu6COf7FxpQNqhNS4c4icUPqxA==",
       "cpu": [
         "ia32"
       ],
@@ -2550,9 +2551,9 @@
       ]
     },
     "node_modules/@rollup/rollup-win32-x64-gnu": {
-      "version": "4.57.1",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-x64-gnu/-/rollup-win32-x64-gnu-4.57.1.tgz",
-      "integrity": "sha512-VMBH2eOOaKGtIJYleXsi2B8CPVADrh+TyNxJ4mWPnKfLB/DBUmzW+5m1xUrcwWoMfSLagIRpjUFeW5CO5hyciQ==",
+      "version": "4.59.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-x64-gnu/-/rollup-win32-x64-gnu-4.59.0.tgz",
+      "integrity": "sha512-laBkYlSS1n2L8fSo1thDNGrCTQMmxjYY5G0WFWjFFYZkKPjsMBsgJfGf4TLxXrF6RyhI60L8TMOjBMvXiTcxeA==",
       "cpu": [
         "x64"
       ],
@@ -2564,9 +2565,9 @@
       ]
     },
     "node_modules/@rollup/rollup-win32-x64-msvc": {
-      "version": "4.57.1",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-x64-msvc/-/rollup-win32-x64-msvc-4.57.1.tgz",
-      "integrity": "sha512-mxRFDdHIWRxg3UfIIAwCm6NzvxG0jDX/wBN6KsQFTvKFqqg9vTrWUE68qEjHt19A5wwx5X5aUi2zuZT7YR0jrA==",
+      "version": "4.59.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-x64-msvc/-/rollup-win32-x64-msvc-4.59.0.tgz",
+      "integrity": "sha512-2HRCml6OztYXyJXAvdDXPKcawukWY2GpR5/nxKp4iBgiO3wcoEGkAaqctIbZcNB6KlUQBIqt8VYkNSj2397EfA==",
       "cpu": [
         "x64"
       ],
@@ -2952,9 +2953,9 @@
       }
     },
     "node_modules/bn.js": {
-      "version": "4.12.2",
-      "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.2.tgz",
-      "integrity": "sha512-n4DSx829VRTRByMRGdjQ9iqsN0Bh4OolPsFnaZBLcbi8iXcB+kJ9s7EnRt4wILZNV3kPLHkRVfOc/HvhC3ovDw==",
+      "version": "4.12.3",
+      "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.3.tgz",
+      "integrity": "sha512-fGTi3gxV/23FTYdAoUtLYp6qySe2KE3teyZitipKNRuVYcBkoP/bB3guXN/XVKUe9mxCHXnc9C4ocyz8OmgN0g==",
       "license": "MIT"
     },
     "node_modules/brace-expansion": {
@@ -3017,6 +3018,13 @@
         "node": ">=18"
       }
     },
+    "node_modules/colorette": {
+      "version": "2.0.20",
+      "resolved": "https://registry.npmjs.org/colorette/-/colorette-2.0.20.tgz",
+      "integrity": "sha512-IfEDxwoWIjkeXL1eXcDiow4UbKjhLdq6/EuSVR9GMN7KVH3r9gQ83e73hsz1Nd1T3ijd5xv1wcWRYO+D6kCI2w==",
+      "dev": true,
+      "license": "MIT"
+    },
     "node_modules/combined-stream": {
       "version": "1.0.8",
       "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz",
@@ -3161,6 +3169,16 @@
         "node": ">= 12"
       }
     },
+    "node_modules/dateformat": {
+      "version": "4.6.3",
+      "resolved": "https://registry.npmjs.org/dateformat/-/dateformat-4.6.3.tgz",
+      "integrity": "sha512-2P0p0pFGzHS5EMnhdxQi7aJN+iMheud0UhG4dlE1DLAlvL8JHjJJTX/CSm4JXwV0Ka5nGk3zC5mcb5bUQUxxMA==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "node": "*"
+      }
+    },
     "node_modules/debug": {
       "version": "4.4.3",
       "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.3.tgz",
@@ -3888,6 +3906,16 @@
         "safe-buffer": "^5.0.1"
       }
     },
+    "node_modules/end-of-stream": {
+      "version": "1.4.5",
+      "resolved": "https://registry.npmjs.org/end-of-stream/-/end-of-stream-1.4.5.tgz",
+      "integrity": "sha512-ooEGc6HP26xXq/N+GCGOT0JKCLDGrq2bQUZrQ7gyrJiZANJ/8YDTxTpQBXGMn+WbIQXNVpyWymm7KYVICQnyOg==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "once": "^1.4.0"
+      }
+    },
     "node_modules/es-define-property": {
       "version": "1.0.1",
       "resolved": "https://registry.npmjs.org/es-define-property/-/es-define-property-1.0.1.tgz",
@@ -4025,6 +4053,13 @@
         "node": ">=12.0.0"
       }
     },
+    "node_modules/fast-copy": {
+      "version": "4.0.2",
+      "resolved": "https://registry.npmjs.org/fast-copy/-/fast-copy-4.0.2.tgz",
+      "integrity": "sha512-ybA6PDXIXOXivLJK/z9e+Otk7ve13I4ckBvGO5I2RRmBU1gMHLVDJYEuJYhGwez7YNlYji2M2DvVU+a9mSFDlw==",
+      "dev": true,
+      "license": "MIT"
+    },
     "node_modules/fast-decode-uri-component": {
       "version": "1.0.1",
       "resolved": "https://registry.npmjs.org/fast-decode-uri-component/-/fast-decode-uri-component-1.0.1.tgz",
@@ -4500,6 +4535,13 @@
         "node": ">=18.0.0"
       }
     },
+    "node_modules/help-me": {
+      "version": "5.0.0",
+      "resolved": "https://registry.npmjs.org/help-me/-/help-me-5.0.0.tgz",
+      "integrity": "sha512-7xgomUX6ADmcYzFik0HzAxh/73YlKR9bmFzf51CZwR+b6YtzU2m0u49hQCqV6SvlqIqsaxovfwdvbnsw3b/zpg==",
+      "dev": true,
+      "license": "MIT"
+    },
     "node_modules/html-escaper": {
       "version": "2.0.2",
       "resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz",
@@ -4611,6 +4653,16 @@
         "url": "https://github.com/sponsors/panva"
       }
     },
+    "node_modules/joycon": {
+      "version": "3.1.1",
+      "resolved": "https://registry.npmjs.org/joycon/-/joycon-3.1.1.tgz",
+      "integrity": "sha512-34wB/Y7MW7bzjKRjUKTa46I2Z7eV62Rkhva+KkopW7Qvv/OSWBqvkSY7vusOPrNuZcUG3tApvdVgNB8POj3SPw==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "node": ">=10"
+      }
+    },
     "node_modules/js-base64": {
       "version": "3.7.8",
       "resolved": "https://registry.npmjs.org/js-base64/-/js-base64-3.7.8.tgz",
@@ -4852,6 +4904,16 @@
         "url": "https://github.com/sponsors/isaacs"
       }
     },
+    "node_modules/minimist": {
+      "version": "1.2.8",
+      "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.8.tgz",
+      "integrity": "sha512-2yyAR8qBkN3YuheJanUpWC5U3bb5osDywNB8RzDVlDwDHbocAJveqqj1u8+SVD7jkWT4yvsHCpWqqWqAxb0zCA==",
+      "dev": true,
+      "license": "MIT",
+      "funding": {
+        "url": "https://github.com/sponsors/ljharb"
+      }
+    },
     "node_modules/minipass": {
       "version": "7.1.2",
       "resolved": "https://registry.npmjs.org/minipass/-/minipass-7.1.2.tgz",
@@ -5117,6 +5179,41 @@
         "split2": "^4.0.0"
       }
     },
+    "node_modules/pino-pretty": {
+      "version": "13.1.3",
+      "resolved": "https://registry.npmjs.org/pino-pretty/-/pino-pretty-13.1.3.tgz",
+      "integrity": "sha512-ttXRkkOz6WWC95KeY9+xxWL6AtImwbyMHrL1mSwqwW9u+vLp/WIElvHvCSDg0xO/Dzrggz1zv3rN5ovTRVowKg==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "colorette": "^2.0.7",
+        "dateformat": "^4.6.3",
+        "fast-copy": "^4.0.0",
+        "fast-safe-stringify": "^2.1.1",
+        "help-me": "^5.0.0",
+        "joycon": "^3.1.1",
+        "minimist": "^1.2.6",
+        "on-exit-leak-free": "^2.1.0",
+        "pino-abstract-transport": "^3.0.0",
+        "pump": "^3.0.0",
+        "secure-json-parse": "^4.0.0",
+        "sonic-boom": "^4.0.1",
+        "strip-json-comments": "^5.0.2"
+      },
+      "bin": {
+        "pino-pretty": "bin.js"
+      }
+    },
+    "node_modules/pino-pretty/node_modules/pino-abstract-transport": {
+      "version": "3.0.0",
+      "resolved": "https://registry.npmjs.org/pino-abstract-transport/-/pino-abstract-transport-3.0.0.tgz",
+      "integrity": "sha512-wlfUczU+n7Hy/Ha5j9a/gZNy7We5+cXp8YL+X+PG8S0KXxw7n/JXA3c46Y0zQznIJ83URJiwy7Lh56WLokNuxg==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "split2": "^4.0.0"
+      }
+    },
     "node_modules/pino-std-serializers": {
       "version": "7.0.0",
       "resolved": "https://registry.npmjs.org/pino-std-serializers/-/pino-std-serializers-7.0.0.tgz",
@@ -5174,6 +5271,17 @@
       "integrity": "sha512-7nJ6v5lnJsXwGprnGXga4wx6d1POjvi5Qmf1ivTRxTjH4Z/9Czja/UCMLVmB9N93GeWOU93XaFaEt6jbuoagNw==",
       "license": "ISC"
     },
+    "node_modules/pump": {
+      "version": "3.0.3",
+      "resolved": "https://registry.npmjs.org/pump/-/pump-3.0.3.tgz",
+      "integrity": "sha512-todwxLMY7/heScKmntwQG8CXVkWUOdYxIvY2s0VWAAMh/nd8SoYiRaKjlr7+iCs984f2P8zvrfWcDDYVb73NfA==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "end-of-stream": "^1.1.0",
+        "once": "^1.3.1"
+      }
+    },
     "node_modules/qs": {
       "version": "6.14.2",
       "resolved": "https://registry.npmjs.org/qs/-/qs-6.14.2.tgz",
@@ -5250,9 +5358,9 @@
       "license": "MIT"
     },
     "node_modules/rollup": {
-      "version": "4.57.1",
-      "resolved": "https://registry.npmjs.org/rollup/-/rollup-4.57.1.tgz",
-      "integrity": "sha512-oQL6lgK3e2QZeQ7gcgIkS2YZPg5slw37hYufJ3edKlfQSGGm8ICoxswK15ntSzF/a8+h7ekRy7k7oWc3BQ7y8A==",
+      "version": "4.59.0",
+      "resolved": "https://registry.npmjs.org/rollup/-/rollup-4.59.0.tgz",
+      "integrity": "sha512-2oMpl67a3zCH9H79LeMcbDhXW/UmWG/y2zuqnF2jQq5uq9TbM9TVyXvA4+t+ne2IIkBdrLpAaRQAvo7YI/Yyeg==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
@@ -5266,31 +5374,31 @@
         "npm": ">=8.0.0"
       },
       "optionalDependencies": {
-        "@rollup/rollup-android-arm-eabi": "4.57.1",
-        "@rollup/rollup-android-arm64": "4.57.1",
-        "@rollup/rollup-darwin-arm64": "4.57.1",
-        "@rollup/rollup-darwin-x64": "4.57.1",
-        "@rollup/rollup-freebsd-arm64": "4.57.1",
-        "@rollup/rollup-freebsd-x64": "4.57.1",
-        "@rollup/rollup-linux-arm-gnueabihf": "4.57.1",
-        "@rollup/rollup-linux-arm-musleabihf": "4.57.1",
-        "@rollup/rollup-linux-arm64-gnu": "4.57.1",
-        "@rollup/rollup-linux-arm64-musl": "4.57.1",
-        "@rollup/rollup-linux-loong64-gnu": "4.57.1",
-        "@rollup/rollup-linux-loong64-musl": "4.57.1",
-        "@rollup/rollup-linux-ppc64-gnu": "4.57.1",
-        "@rollup/rollup-linux-ppc64-musl": "4.57.1",
-        "@rollup/rollup-linux-riscv64-gnu": "4.57.1",
-        "@rollup/rollup-linux-riscv64-musl": "4.57.1",
-        "@rollup/rollup-linux-s390x-gnu": "4.57.1",
-        "@rollup/rollup-linux-x64-gnu": "4.57.1",
-        "@rollup/rollup-linux-x64-musl": "4.57.1",
-        "@rollup/rollup-openbsd-x64": "4.57.1",
-        "@rollup/rollup-openharmony-arm64": "4.57.1",
-        "@rollup/rollup-win32-arm64-msvc": "4.57.1",
-        "@rollup/rollup-win32-ia32-msvc": "4.57.1",
-        "@rollup/rollup-win32-x64-gnu": "4.57.1",
-        "@rollup/rollup-win32-x64-msvc": "4.57.1",
+        "@rollup/rollup-android-arm-eabi": "4.59.0",
+        "@rollup/rollup-android-arm64": "4.59.0",
+        "@rollup/rollup-darwin-arm64": "4.59.0",
+        "@rollup/rollup-darwin-x64": "4.59.0",
+        "@rollup/rollup-freebsd-arm64": "4.59.0",
+        "@rollup/rollup-freebsd-x64": "4.59.0",
+        "@rollup/rollup-linux-arm-gnueabihf": "4.59.0",
+        "@rollup/rollup-linux-arm-musleabihf": "4.59.0",
+        "@rollup/rollup-linux-arm64-gnu": "4.59.0",
+        "@rollup/rollup-linux-arm64-musl": "4.59.0",
+        "@rollup/rollup-linux-loong64-gnu": "4.59.0",
+        "@rollup/rollup-linux-loong64-musl": "4.59.0",
+        "@rollup/rollup-linux-ppc64-gnu": "4.59.0",
+        "@rollup/rollup-linux-ppc64-musl": "4.59.0",
+        "@rollup/rollup-linux-riscv64-gnu": "4.59.0",
+        "@rollup/rollup-linux-riscv64-musl": "4.59.0",
+        "@rollup/rollup-linux-s390x-gnu": "4.59.0",
+        "@rollup/rollup-linux-x64-gnu": "4.59.0",
+        "@rollup/rollup-linux-x64-musl": "4.59.0",
+        "@rollup/rollup-openbsd-x64": "4.59.0",
+        "@rollup/rollup-openharmony-arm64": "4.59.0",
+        "@rollup/rollup-win32-arm64-msvc": "4.59.0",
+        "@rollup/rollup-win32-ia32-msvc": "4.59.0",
+        "@rollup/rollup-win32-x64-gnu": "4.59.0",
+        "@rollup/rollup-win32-x64-msvc": "4.59.0",
         "fsevents": "~2.3.2"
       }
     },
@@ -5630,6 +5738,19 @@
         "reusify": "^1.0.0"
       }
     },
+    "node_modules/strip-json-comments": {
+      "version": "5.0.3",
+      "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-5.0.3.tgz",
+      "integrity": "sha512-1tB5mhVo7U+ETBKNf92xT4hrQa3pm0MZ0PQvuDnWgAAGHDsfp4lPSpiS6psrSiet87wyGPh9ft6wmhOMQ0hDiw==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "node": ">=14.16"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/sindresorhus"
+      }
+    },
     "node_modules/superagent": {
       "version": "10.3.0",
       "resolved": "https://registry.npmjs.org/superagent/-/superagent-10.3.0.tgz",

backend/package.json

@@ -1,6 +1,6 @@
 {
   "name": "medassist-ng-backend",
-  "version": "1.16.1",
+  "version": "1.17.0",
   "private": true,
   "type": "module",
   "scripts": {
@@ -42,6 +42,7 @@
     "@types/supertest": "^6.0.2",
     "@vitest/coverage-v8": "^4.0.18",
     "drizzle-kit": "^0.31.9",
+    "pino-pretty": "^13.1.3",
     "supertest": "^7.2.2",
     "tsx": "^4.19.0",
     "typescript": "^5.5.4",

backend/src/db/client.ts

@@ -78,10 +78,6 @@ async function runMigrations() {
 	const migrateResult = await runDrizzleMigrations(db);
 	if (!migrateResult.success) {
 		log.error(`[DB] Migration error: ${migrateResult.error}`);
-	} else if (migrateResult.warning) {
-		log.warn(`[DB] Migration warning: ${migrateResult.warning}`);
-	} else {
-		log.debug(`[DB] Drizzle migrations completed`);
 	}
 
 	// Run ALTER TABLE migrations for backward compatibility

backend/src/db/db-utils.ts

@@ -88,13 +88,12 @@ export async function runDrizzleMigrations(
 		await migrate(database, { migrationsFolder });
 		return { success: true };
 	} catch (err: unknown) {
-		// If the error is about existing schema objects, the DB is already up-to-date
-		// This happens when ALTER migrations in client.ts have already added the columns,
-		// or when tables were created before drizzle migrations were introduced
-		if ((err as Error).message?.includes("duplicate column") || (err as Error).message?.includes("already exists")) {
-			return { success: true, warning: `Schema already up-to-date: ${(err as Error).message}` };
+		const msg = (err as Error).message ?? "";
+		// Duplicate column / already exists = DB is already up-to-date (expected for existing DBs)
+		if (msg.includes("duplicate column") || msg.includes("already exists")) {
+			return { success: true };
 		}
-		return { success: false, error: (err as Error).message };
+		return { success: false, error: msg };
 	}
 }
 

backend/src/index.ts

@@ -58,10 +58,18 @@ function sanitizeCorrelationId(headers: IncomingHttpHeaders): string | null {
 }
 
 function buildLoggerOptions(level: string) {
-	return {
+	const base = {
 		level,
 		timestamp: () => `,"time":"${new Date().toISOString()}"`,
 	};
+	// Human readable logs in development, structured JSON in production/test
+	if (process.env.NODE_ENV !== "production" && process.env.NODE_ENV !== "test") {
+		return {
+			...base,
+			transport: { target: "pino-pretty", options: { translateTime: "SYS:yyyy-mm-dd HH:MM:ss.l" } },
+		};
+	}
+	return base;
 }
 
 /** Create and configure Fastify app (without starting) */

backend/src/plugins/auth.ts

@@ -47,7 +47,7 @@ export async function getAnonymousUserId(): Promise<number> {
 export interface AuthState {
 	authEnabled: boolean;
 	registrationEnabled: boolean;
-	localAuthEnabled: boolean;
+	formLoginEnabled: boolean;
 	oidcEnabled: boolean;
 	oidcProviderName: string;
 	hasUsers: boolean;
@@ -59,15 +59,18 @@ export async function getAuthState(): Promise<AuthState> {
 	const [result] = await db.select({ count: count() }).from(users).where(sql`${users.id} != ${ANONYMOUS_USER_ID}`);
 	const hasUsers = result.count > 0;
 
+	const needsSetup = env.AUTH_ENABLED && !hasUsers;
+
 	return {
 		authEnabled: env.AUTH_ENABLED,
 		// Registration: enabled via ENV OR no users exist (first-time setup)
 		registrationEnabled: env.REGISTRATION_ENABLED || !hasUsers,
-		localAuthEnabled: env.AUTH_ENABLED, // Password auth available when auth is enabled
+		// Form login: enabled when auth + form login are both on, or forced on for first-user setup
+		formLoginEnabled: needsSetup || (env.AUTH_ENABLED && env.FORM_LOGIN_ENABLED),
 		oidcEnabled: env.OIDC_ENABLED,
 		oidcProviderName: env.OIDC_PROVIDER_NAME,
 		hasUsers,
-		needsSetup: env.AUTH_ENABLED && !hasUsers,
+		needsSetup,
 	};
 }
 

backend/src/plugins/env.ts

@@ -28,7 +28,11 @@ const EnvSchema = z.object({
 		.string()
 		.transform((v) => v === "true")
 		.default("false"),
-	// Disable local auth when using SSO only
+	// Disable username/password form login (useful for OIDC-only setups)
+	FORM_LOGIN_ENABLED: z
+		.string()
+		.transform((v) => v === "true")
+		.default("true"),
 
 	// JWT Secrets - only required when AUTH_ENABLED=true
 	JWT_SECRET: z.string().min(10).optional(),
@@ -128,4 +132,26 @@ if (parsed.OIDC_ENABLED) {
 	}
 }
 
+// Validate that at least one login method is available when auth is enabled
+if (parsed.AUTH_ENABLED && !parsed.FORM_LOGIN_ENABLED && !parsed.OIDC_ENABLED) {
+	console.error("=".repeat(60));
+	console.error("AUTHENTICATION CONFIGURATION ERROR");
+	console.error("=".repeat(60));
+	console.error("AUTH_ENABLED=true but no login method is available.");
+	console.error("FORM_LOGIN_ENABLED=false and OIDC_ENABLED=false means users cannot log in.");
+	console.error("");
+	console.error("To fix this, either:");
+	console.error("  1. Set FORM_LOGIN_ENABLED=true to allow username/password login");
+	console.error("  2. Set OIDC_ENABLED=true to allow SSO login");
+	console.error("=".repeat(60));
+	process.exit(1);
+}
+
+// Warn about ineffective registration when form login is disabled
+if (parsed.REGISTRATION_ENABLED && !parsed.FORM_LOGIN_ENABLED) {
+	console.warn(
+		"[config] REGISTRATION_ENABLED=true has no effect when FORM_LOGIN_ENABLED=false (no registration form available)"
+	);
+}
+
 export const env = parsed;

backend/src/routes/auth.ts

@@ -123,8 +123,8 @@ export async function authRoutes(app: FastifyInstance) {
 				return reply.status(400).send({ error: "Registration is disabled", code: "REGISTRATION_DISABLED" });
 			}
 
-			if (!state.localAuthEnabled) {
-				return reply.status(400).send({ error: "Local authentication is disabled", code: "LOCAL_AUTH_DISABLED" });
+			if (!state.formLoginEnabled) {
+				return reply.status(400).send({ error: "Form login is disabled", code: "FORM_LOGIN_DISABLED" });
 			}
 
 			// Validate input
@@ -185,8 +185,8 @@ export async function authRoutes(app: FastifyInstance) {
 				return reply.status(400).send({ error: "Authentication is disabled", code: "AUTH_DISABLED" });
 			}
 
-			if (!state.localAuthEnabled) {
-				return reply.status(400).send({ error: "Local authentication is disabled", code: "LOCAL_AUTH_DISABLED" });
+			if (!state.formLoginEnabled) {
+				return reply.status(400).send({ error: "Form login is disabled", code: "FORM_LOGIN_DISABLED" });
 			}
 
 			const parsed = loginSchema.safeParse(request.body);

backend/src/routes/doses.ts

@@ -137,8 +137,9 @@ async function validateShareDoseId(share: typeof shareTokens.$inferSelect, doseI
 export async function doseRoutes(app: FastifyInstance) {
 	// ---------------------------------------------------------------------------
 	// GET /doses/taken - PROTECTED: Get all taken doses for the user
+	// Suppress request logs — polled every 5s by frontend
 	// ---------------------------------------------------------------------------
-	app.get("/doses/taken", { preHandler: requireAuth }, async (request, reply) => {
+	app.get("/doses/taken", { preHandler: requireAuth, logLevel: "warn" }, async (request, reply) => {
 		const userId = await getUserId(request, reply);
 
 		// Get all taken doses for this user (no time limit)
@@ -304,8 +305,9 @@ export async function doseRoutes(app: FastifyInstance) {
 
 	// ---------------------------------------------------------------------------
 	// GET /share/:token/doses - PUBLIC: Get taken doses for a share link
+	// Suppress request logs — polled every 5s by SharedSchedule
 	// ---------------------------------------------------------------------------
-	app.get<{ Params: { token: string } }>("/share/:token/doses", async (request, reply) => {
+	app.get<{ Params: { token: string } }>("/share/:token/doses", { logLevel: "warn" }, async (request, reply) => {
 		const { token } = request.params;
 
 		const { share, reason } = await getActiveShareToken(token);

backend/src/routes/health.ts

@@ -10,11 +10,10 @@ const packageJson = JSON.parse(readFileSync(packageJsonPath, "utf-8"));
 const backendVersion = packageJson.version || "unknown";
 
 export async function healthRoutes(app: FastifyInstance) {
-	// Exempt from rate limit - lightweight health check
-	app.get("/health", { config: { rateLimit: false } }, async () => ({
+	// Exempt from rate limit + suppress request logs (called every 30s by Docker healthcheck)
+	app.get("/health", { config: { rateLimit: false }, logLevel: "warn" }, async () => ({
 		status: "ok",
 		version: backendVersion,
 		smtpConfigured: Boolean(process.env.SMTP_HOST),
-		shoutrrrConfigured: Boolean(process.env.SHOUTRRR_URL),
 	}));
 }

backend/src/routes/settings.ts

@@ -284,7 +284,8 @@ export async function settingsRoutes(app: FastifyInstance) {
 	}
 
 	// Get settings for current user
-	app.get("/settings", async (request, reply) => {
+	// Suppress request logs — polled every 30s for reminder status refresh
+	app.get("/settings", { logLevel: "warn" }, async (request, reply) => {
 		const userId = await getUserId(request, reply);
 
 		const settings = await getOrCreateUserSettings(userId);

backend/src/test/auth.test.ts

@@ -28,7 +28,7 @@ vi.mock("../db/client.js", () => ({
 vi.mock("../plugins/env.js", () => ({
 	env: {
 		AUTH_ENABLED: true,
-		LOCAL_AUTH_ENABLED: true,
+		FORM_LOGIN_ENABLED: true,
 		REGISTRATION_ENABLED: true,
 		OIDC_ENABLED: false,
 		NODE_ENV: "test",
@@ -144,7 +144,7 @@ describe("Auth Routes (AUTH_ENABLED=true)", () => {
 			const data = response.json();
 			expect(data.authEnabled).toBe(true);
 			expect(data.registrationEnabled).toBe(true);
-			expect(data.localAuthEnabled).toBe(true);
+			expect(data.formLoginEnabled).toBe(true);
 		});
 	});
 

backend/src/test/e2e-routes.test.ts

@@ -868,7 +868,6 @@ describe("E2E Tests with Real Routes", () => {
 			const json = response.json();
 			expect(json.status).toBe("ok");
 			expect(typeof json.smtpConfigured).toBe("boolean");
-			expect(typeof json.shoutrrrConfigured).toBe("boolean");
 		});
 	});
 
@@ -1289,7 +1288,6 @@ describe("E2E Tests with Real Routes", () => {
 			const json = response.json();
 			expect(json.status).toBe("ok");
 			expect(typeof json.smtpConfigured).toBe("boolean");
-			expect(typeof json.shoutrrrConfigured).toBe("boolean");
 		});
 	});
 

backend/src/utils/logger.ts

@@ -23,18 +23,22 @@ function shouldLog(level: string): boolean {
 	return LOG_LEVELS[level] >= getLevel();
 }
 
+function ts(): string {
+	return new Date().toISOString();
+}
+
 export const log = {
 	debug(msg: string): void {
-		if (shouldLog("debug")) console.log(msg);
+		if (shouldLog("debug")) console.log(`[${ts()}] [DEBUG] ${msg}`);
 	},
 	info(msg: string): void {
-		if (shouldLog("info")) console.log(msg);
+		if (shouldLog("info")) console.log(`[${ts()}] [INFO] ${msg}`);
 	},
 	warn(msg: string): void {
-		if (shouldLog("warn")) console.warn(msg);
+		if (shouldLog("warn")) console.warn(`[${ts()}] [WARN] ${msg}`);
 	},
 	error(msg: string): void {
-		if (shouldLog("error")) console.error(msg);
+		if (shouldLog("error")) console.error(`[${ts()}] [ERROR] ${msg}`);
 	},
 };
 

doku/memory_notes.md

@@ -0,0 +1,365 @@
+# Agent Memory Notes
+
+Purpose: persistent agent work memory to survive context loss.
+
+## Usage Rules
+
+- Update this file during and after meaningful work.
+- Record decisions, touched files, constraints, and unresolved follow-ups.
+- Keep entries concise and chronological.
+
+## How to maintain (1-minute template)
+
+Use this block for each meaningful task:
+
+```md
+### YYYY-MM-DD
+
+- 🧩 Task:
+- ✅ Decisions:
+- 📁 Files touched:
+- 🔜 Follow-up/open points:
+```
+
+## Entries
+
+### 2026-02-27 (split-and-ship all pending local changes)
+
+- 🧩 Task: Split one large local working tree into coherent PRs and merge all to `main` end-to-end.
+- ✅ Decisions:
+	- Created and merged 4 PRs to keep scopes reviewable while ensuring all pending changes were shipped.
+	- PR mapping:
+		- #334 `feat/form-login-enabled` (Issue #309)
+		- #336 `chore/improve-logging` (Issue #335)
+		- #339 `fix/typescript-strictness-react19` (Issue #337)
+		- #341 `chore/dependabot-agent-governance` (Issue #340)
+	- For PR #341, required checks were initially skipped by path filtering; added minimal no-op backend/frontend comment touches so required checks executed and merge satisfied ruleset.
+	- Verified linked project items for issues `#309`, `#335`, `#337`, `#340` are `Done`.
+- 📁 Files touched:
+	- All changed files were fully distributed across PRs and merged.
+	- Mandatory reporting updated: `doku/memory_notes.md`, `doku/report.md`.
+- 🔜 Follow-up/open points:
+	- None pending from this split/merge task.
+
+### 2026-02-27 (pre-PR gate validation for `chore/dependabot-agent-governance`)
+
+- 🧩 Task: Validate minimal relevant local non-interactive checks for governance/config/docs changes.
+- ✅ Decisions:
+	- Confirmed changed scope with `git status --short` and validated only listed files.
+	- Ran repo-defined lint gate (`npm run lint`) to satisfy local pre-PR lint requirement.
+	- Ran parser-level YAML/frontmatter checks for changed `.yml` and agent markdown files.
+	- Ran a targeted `markdownlint-cli2` check; it reported many style errors, but this linter is not part of this repository's configured gate.
+- 📁 Files touched:
+	- `doku/memory_notes.md`
+	- `doku/report.md`
+- 🔜 Follow-up/open points:
+	- Local pre-PR gate for this scope is satisfied by configured checks (lint + syntax validation); optional markdown style cleanup can be handled in a separate docs-formatting pass.
+
+### 2026-02-27 (PR3 local gate rerun after MedDetailModal test fix)
+
+- 🧩 Task: Re-run PR3 local gate on `fix/typescript-strictness-react19` after `MedDetailModal` assertion fix.
+- ✅ Decisions:
+	- Re-ran `frontend check` via `CI=true npm --prefix /Users/danielvolz/git/medassist/frontend run check`.
+	- Re-ran the same focused Vitest subset from prior gate run (12 files including `MedDetailModal.test.tsx`).
+	- Treated React `act(...)` warnings and JSDOM `scrollTo()` notices as non-blocking because all tests passed.
+- 📁 Files touched:
+	- `doku/memory_notes.md`
+	- `doku/report.md`
+- 🔜 Follow-up/open points:
+	- Pre-PR local gate for the requested frontend scope is now satisfied.
+
+### 2026-02-27 (pre-PR gate validation for `fix/typescript-strictness-react19`)
+
+- 🧩 Task: Validate minimal relevant local non-interactive frontend lint/tests for React 19 + TS strictness scope.
+- ✅ Decisions:
+	- Ran only frontend checks relevant to the changed scope: `check` (Biome + `tsc --noEmit`) and targeted Vitest on changed test files.
+	- Treated React `act(...)` warnings and JSDOM `scrollTo` notices as non-blocking because they did not fail tests.
+- 📁 Files touched:
+	- `doku/memory_notes.md`
+	- `doku/report.md`
+- 🔜 Follow-up/open points:
+	- Gate is blocked by one failing test assertion in `src/test/components/MedDetailModal.test.tsx` expecting `undefined` where implementation currently passes `false` as second arg to `onSubmitRefill`.
+
+### 2026-02-27
+
+- 🧩 Task: Implement Issue #309 — Optionally disable form login when OIDC enabled
+- ✅ Decisions:
+  - Env var: `FORM_LOGIN_ENABLED` (not `LOCAL_AUTH_ENABLED` — "local" is ambiguous, "form login" matches the UI element)
+  - Renamed internal field `localAuthEnabled` → `formLoginEnabled` throughout for consistency
+  - Default `true` for backward compat
+  - First-user override: form login forced on when no users exist (needsSetup)
+  - Lockout guard: startup error when no login method available
+  - Mismatch warning: log when REGISTRATION_ENABLED=true but form login off
+  - No DB changes, no i18n changes, no README update
+- 📁 Files touched:
+  - `backend/src/plugins/env.ts` — added FORM_LOGIN_ENABLED + validation
+  - `backend/src/plugins/auth.ts` — renamed field + wired to env var + first-user override
+  - `backend/src/routes/auth.ts` — renamed guard references + error code
+  - `frontend/src/components/Auth.tsx` — renamed interface + conditionals
+  - `frontend/src/test/components/Auth.test.tsx` — renamed in mocks
+  - `frontend/src/test/components/AppHeader.test.tsx` — renamed in mocks
+  - `backend/src/test/auth.test.ts` — renamed env mock + assertion
+  - `.env.example` — documented new var
+- 🔜 Follow-up: E2E tests for OIDC-only mode (delegate to @testing-manager)
+
+### 2026-02-27 (pre-PR gate validation for chore/improve-logging)
+
+- 🧩 Task: Validate local lint/tests for branch `chore/improve-logging` on changed logging/nginx/backend-route files.
+- ✅ Decisions:
+	- Ran minimal relevant non-interactive checks only: backend lint, frontend lint, and targeted backend route test file (`e2e-routes.test.ts`).
+	- No additional broad suites were executed to keep scope minimal.
+- 📁 Files touched:
+	- `doku/memory_notes.md`
+	- `doku/report.md`
+- 🔜 Follow-up/open points:
+	- Frontend lint still reports one warning in `frontend/src/components/MedicationAvatar.tsx` (`useExhaustiveDependencies`, extra dependency `imageUrl`).
+	- Pre-PR gate is not clean until this lint warning is resolved.
+
+### 2026-02-26
+
+- Added mandatory memory/report persistence rules to `.github/copilot-instructions.md` and `AGENTS.md`.
+- Removed obsolete mandatory persistence rule for `doku/APP_BEHAVIOR.md` from `AGENTS.md`.
+- Created `doku/memory_notes.md` and `doku/report.md` as the new required persistence/reporting files.
+
+### 2026-02-26 — Logging Implementation Plan
+
+- 🧩 Task: Create implementation plan to fix noisy logging (nginx 5s polling spam, missing timestamps, unfilterable levels).
+- ✅ Decisions:
+  - Use Fastify per-route `logLevel` option (not `disableRequestLogging`) to suppress health/polling request logs.
+  - Suppress `GET /doses/taken` and `GET /health` at `info` level (visible at `debug`).
+  - Add separate nginx location blocks for polling paths with `access_log off` at `info` level.
+  - Add ISO timestamps to startup logger (`backend/src/utils/logger.ts`).
+  - Add `pino-pretty` as devDependency for human-readable dev logs.
+  - Use nginx `log_format timed` with `$time_iso8601`.
+- 📁 Files touched: `plan/feature-structured-logging-1.md` (created).
+- 🔜 Follow-up: Implement the plan (5 phases, 18 tasks).
+
+### 2026-02-26 — Logging Plan Implementation (complete)
+
+- 🧩 Task: Implement all 5 phases of the structured logging plan.
+- ✅ Decisions:
+  - Phase 1: Added `logLevel: 'warn'` to `GET /health`, `logLevel: 'debug'` to `GET /doses/taken` and `GET /share/:token/doses` — suppresses Pino automatic request logs at `info` level.
+  - Phase 2: Updated startup logger (`backend/src/utils/logger.ts`) to prepend `[ISO timestamp] [LEVEL]` prefix. Added `pino-pretty` devDependency with transport config active only when `NODE_ENV !== 'production' && !== 'test'`.
+  - Phase 3+4: nginx.conf now has dedicated location blocks for polling endpoints using `${NGINX_POLLING_LOG}` variable. `nginx-entrypoint.sh` differentiates `debug` (all logs) / `info` (polling suppressed) / `warn+` (all suppressed). Added `log_format timed` with ISO timestamps.
+  - Phase 5: Updated `.env.example` and `README.md` with detailed LOG_LEVEL behavior descriptions.
+- 📁 Files touched:
+  - `backend/src/routes/health.ts` — logLevel: 'warn'
+  - `backend/src/routes/doses.ts` — logLevel: 'debug' on GET /doses/taken and GET /share/:token/doses
+  - `backend/src/utils/logger.ts` — ISO timestamps on all startup log messages
+  - `backend/src/index.ts` — pino-pretty transport for dev mode
+  - `backend/package.json` — added pino-pretty devDependency
+  - `frontend/nginx.conf` — polling location blocks, log_format timed
+  - `frontend/nginx-entrypoint.sh` — 3-tier LOG_LEVEL logic (debug/info/warn+)
+  - `.env.example` — expanded LOG_LEVEL docs
+  - `README.md` — expanded LOG_LEVEL description
+- 🔜 Follow-up: Docker build + manual verification (TEST-004 through TEST-008). Hand off to @testing-manager for any automated test coverage.
+
+### 2026-02-26 (follow-up)
+
+- Added a short "How to maintain" template section to this file and to `doku/report.md`.
+- Updated report entry so this follow-up is documented for user review.
+
+### 2026-02-26 (emoji template follow-up)
+
+- Added emoji-based label conventions for faster scanning in this file template.
+- Updated `doku/report.md` template to match the same emoji convention.
+
+### 2026-02-26 (testing-manager instruction hardening)
+
+- 🧩 Task: Strengthen `testing-manager` agent instructions for lint gates, real/reliable tests, and current test setup commands.
+- ✅ Decisions:
+	- Added hard lint gate: all errors and simple/fixable warnings must be resolved before PR-ready handoff.
+	- Added explicit anti-fake-test rules and validity checklist to enforce real functional verification and regression safety.
+	- Updated backend/frontend Vitest commands to non-watch CI-safe `test:run` usage and aligned Playwright examples.
+- 📁 Files touched:
+	- `.github/agents/testing-manager.agent.md`
+	- `doku/memory_notes.md`
+	- `doku/report.md`
+- 🔜 Follow-up/open points:
+	- Keep this instruction set mirrored if additional testing policy docs are introduced later.
+
+### 2026-02-26 (pre-PR local quality gate clarification)
+
+- 🧩 Task: Clarify that PRs must not be created before local lint/tests are green.
+- ✅ Decisions:
+	- Added explicit rule: before PR creation, all lint errors and relevant tests must pass locally.
+	- Added explicit rule: no CI-first failures; broken behavior must reproduce and be fixed locally before handoff.
+- 📁 Files touched:
+	- `.github/agents/testing-manager.agent.md`
+	- `doku/memory_notes.md`
+	- `doku/report.md`
+- 🔜 Follow-up/open points:
+	- Apply same wording to other governance docs only if requested.
+
+### 2026-02-26 (release-manager local gate alignment)
+
+- 🧩 Task: Apply the same pre-PR local lint/test gate policy to `release-manager` instructions.
+- ✅ Decisions:
+	- Added explicit pre-PR local quality gate requirement to `release-manager` critical rules.
+	- Added explicit no CI-first-failure policy for release orchestration.
+	- Updated PR workflow steps to require local gate confirmation before push/PR creation.
+- 📁 Files touched:
+	- `.github/agents/release-manager.agent.md`
+	- `doku/memory_notes.md`
+	- `doku/report.md`
+- 🔜 Follow-up/open points:
+	- Keep both manager agents (`testing-manager`, `release-manager`) aligned on this gate language.
+
+### 2026-02-26 (React 19 upgrade best-practice clarification)
+
+- 🧩 Task: Validate and refine the React 19 upgrade plan with official guidance.
+- ✅ Decisions:
+	- Keep `@types/react` and `@types/react-dom`, but bump both to `^19.x` during the React upgrade.
+	- Do not force `useContext` to `use()` migration in the upgrade PR; only fix what is required for compatibility.
+	- Keep strict scope boundary: version upgrade only; adopt new React 19 features in separate follow-up PRs.
+- 📁 Files touched:
+	- `doku/memory_notes.md`
+	- `doku/report.md`
+- 🔜 Follow-up/open points:
+	- When implementation starts, apply the same scope boundary in commit and PR structure.
+
+### 2026-02-26 (React 19 implementation)
+
+- 🧩 Task: Implement the scoped React 19 dependency upgrade.
+- ✅ Decisions:
+	- Upgraded `react`/`react-dom` to `^19.2.0`.
+	- Kept `@types/react` and `@types/react-dom` and upgraded both to `^19.2.2`.
+	- Did not include optional API migrations (`useContext` to `use()`, Actions APIs, RSC changes).
+- 📁 Files touched:
+	- `frontend/package.json`
+	- `frontend/package-lock.json`
+	- `doku/memory_notes.md`
+	- `doku/report.md`
+- 🔜 Follow-up/open points:
+	- Run local install/lint/check in a dedicated testing handoff to validate full dependency tree behavior.
+
+### 2026-02-26 (testing handoff run for React 19 upgrade)
+
+- 🧩 Task: Execute frontend lint/check/relevant tests and apply only mandatory compatibility fixes.
+- ✅ Decisions:
+	- Fixed only strict compatibility/type issues in touched tests (`ics`, `schedule`, `MobileEditModal`) without feature migration.
+	- Did not expand scope into broad unrelated test refactors.
+- 📁 Files touched:
+	- `frontend/src/test/utils/ics.test.ts`
+	- `frontend/src/test/utils/schedule.test.ts`
+	- `frontend/src/test/components/MobileEditModal.test.tsx`
+	- `doku/memory_notes.md`
+	- `doku/report.md`
+- 🔜 Follow-up/open points:
+	- `frontend check` still blocked by unrelated `MedDetailModal.test.tsx` prop-shape mismatches (`usePrescriptionRefill`, `onUsePrescriptionRefillChange`, and `RefillEntry` field changes).
+	- Existing lint warning remains in `frontend/src/components/MedicationAvatar.tsx` (`useExhaustiveDependencies`).
+
+### 2026-02-26 (blocker follow-up: lint fix + testing-manager handoff)
+
+- 🧩 Task: Remove remaining lint warning and prepare formal handoff for out-of-scope MedDetailModal test drift.
+- ✅ Decisions:
+	- Fixed `MedicationAvatar` warning by tracking previous `imageUrl` via ref in effect logic.
+	- Kept `MedDetailModal.test.tsx` changes out of this implementation due testing ownership boundary and prepared explicit handoff content instead.
+- 📁 Files touched:
+	- `frontend/src/components/MedicationAvatar.tsx`
+	- `doku/memory_notes.md`
+	- `doku/report.md`
+- 🔜 Follow-up/open points:
+	- `@testing-manager` should align `MedDetailModal` tests with current `MedDetailModalProps` (`usePrescriptionRefill`, `onUsePrescriptionRefillChange`) and `RefillEntry` shape (`refillDate`, `loosePillsAdded`).
+
+### 2026-02-26 (automatic delegation preference applied)
+
+- 🧩 Task: Apply user preference to delegate testing work automatically without additional confirmation prompts.
+- ✅ Decisions:
+	- Hand off residual test/type drift work to `@testing-manager` immediately when detected.
+	- Do not pause for approval before delegation unless there is a blocking ambiguity.
+- 📁 Files touched:
+	- `doku/memory_notes.md`
+	- `doku/report.md`
+- 🔜 Follow-up/open points:
+	- Keep this delegation style for future testing ownership boundaries.
+
+### 2026-02-26 (continued type-fix sweep to green frontend check)
+
+- 🧩 Task: Continue and clear remaining `frontend check` blockers after delegated MedDetailModal fixes.
+- ✅ Decisions:
+	- Applied minimal compatibility fixes in production files only where type/lint failed (`MobileEditModal`, `SharedSchedule`, `AppContext`, `dashboard-helpers`, `DashboardPage`, `stock.ts`).
+	- Applied fixture-only updates in tests for new required `Medication`/`StockThresholds` shapes and minor mock typing issues.
+	- Kept scope to type/lint compatibility; no feature behavior migration.
+- 📁 Files touched:
+	- `frontend/src/components/MobileEditModal.tsx`
+	- `frontend/src/components/SharedSchedule.tsx`
+	- `frontend/src/context/AppContext.tsx`
+	- `frontend/src/pages/dashboard-helpers.ts`
+	- `frontend/src/pages/DashboardPage.tsx`
+	- `frontend/src/utils/stock.ts`
+	- `frontend/src/test/setup.ts`
+	- `frontend/src/test/components/Lightbox.test.tsx`
+	- `frontend/src/test/components/UserFilterModal.test.tsx`
+	- `frontend/src/test/context/AppContext.test.tsx`
+	- `frontend/src/test/hooks/useMedications.test.ts`
+	- `frontend/src/test/hooks/useRefill.test.ts`
+	- `frontend/src/test/hooks/useSettings.test.ts`
+	- `frontend/src/test/hooks/useShare.test.ts`
+	- `frontend/src/test/utils/formatters.test.ts`
+	- `frontend/src/test/utils/schedule.test.ts`
+	- `doku/memory_notes.md`
+	- `doku/report.md`
+- 🔜 Follow-up/open points:
+	- `frontend check` is now green.
+	- Focused tests pass; remaining broader suite execution can be done as separate validation step if requested.
+
+### 2026-02-26 (npm EINTEGRITY fix)
+
+- 🧩 Task: Resolve npm tarball corruption/integrity install failure after React 19 lockfile update.
+- ✅ Decisions:
+	- Verified official registry integrity values with `npm view` and corrected lockfile hashes.
+	- Did not change versions; only fixed integrity metadata for `@types/react@19.2.2` and `@types/react-dom@19.2.2`.
+
+### 2026-02-26 (dependency update automation)
+
+- 🧩 Task: Implement automatic dependency update flow with safe merge policy.
+- ✅ Decisions:
+	- Extended existing `.github/dependabot.yml` instead of replacing it.
+	- Added grouped minor/patch updates for root npm and GitHub Actions, plus scoped labels (`frontend`, `backend`, `root`).
+	- Added `.github/workflows/dependabot-automerge.yml` to enable auto-merge only for Dependabot npm/GitHub Actions patch+minor updates.
+	- Kept major updates manual by design.
+	- Synced docs in `README.md` and updated React badge to 19.
+- 📁 Files touched:
+	- `.github/dependabot.yml`
+	- `.github/workflows/dependabot-automerge.yml`
+	- `README.md`
+	- `doku/memory_notes.md`
+	- `doku/report.md`
+- 🔜 Follow-up/open points:
+	- If branch protection requires specific checks, ensure required status checks are set so auto-merge waits correctly.
+- 📁 Files touched:
+	- `frontend/package-lock.json`
+	- `doku/memory_notes.md`
+	- `doku/report.md`
+- 🔜 Follow-up/open points:
+	- `npm ci` now succeeds cleanly.
+
+### 2026-02-26 (npm deprecation warnings assessment)
+
+- 🧩 Task: Assess reported npm deprecation warnings and identify real source/package owners.
+- ✅ Decisions:
+	- Warnings are not from `frontend`; they originate in `backend` transitive dependencies.
+	- `@esbuild-kit/*` comes from `drizzle-kit@0.31.9` (currently latest).
+	- `node-domexception` comes via `@libsql/client -> node-fetch -> fetch-blob` (currently latest published chain).
+	- Treat as non-blocking upstream warnings for now (no local secure/functional regression).
+- 📁 Files touched:
+	- `doku/memory_notes.md`
+	- `doku/report.md`
+- 🔜 Follow-up/open points:
+	- Re-check on future dependency releases; warnings can be removed once upstream chains migrate.
+
+### 2026-02-26 (MedDetailModal test type drift fix)
+
+- 🧩 Task: Unblock the targeted `MedDetailModal` test type drift after React 19 changes.
+- ✅ Decisions:
+	- Kept scope minimal and test-only: updated `frontend/src/test/components/MedDetailModal.test.tsx` only.
+	- Added missing required props in `defaultProps`: `usePrescriptionRefill`, `onUsePrescriptionRefillChange`.
+	- Updated `RefillEntry` fixtures to current shape by replacing legacy fields with `refillDate` and `loosePillsAdded`.
+	- Did not run the targeted test command because the requested precondition (`npm run check` passing) is not met.
+- 📁 Files touched:
+	- `frontend/src/test/components/MedDetailModal.test.tsx`
+	- `doku/memory_notes.md`
+	- `doku/report.md`
+- 🔜 Follow-up/open points:
+	- `frontend check` remains blocked by unrelated TypeScript errors in other files (outside MedDetailModal test scope).

doku/report.md

@@ -0,0 +1,478 @@
+# Work Report
+
+Purpose: user-facing summary of completed work.
+
+## Format
+
+For each task, add:
+
+- Date
+- Scope
+- What changed
+- Files touched
+- Follow-ups (if any)
+
+## How to maintain (1-minute template)
+
+```md
+### YYYY-MM-DD
+
+- **🧩 Scope**:
+- **🛠️ What changed**:
+  -
+- **📁 Files touched**:
+  -
+- **🔜 Follow-ups**:
+  -
+```
+
+## Entries
+
+### 2026-02-27 (All pending local changes split and merged)
+
+- **🧩 Scope**: Take the full pending local change set, split into meaningful PRs, and merge everything into `main`.
+- **🛠️ What changed**:
+  - Created and merged 4 PRs with full metadata (assignee, labels, project link, issue closure):
+    - PR `#334` (`feat/form-login-enabled`) closing Issue `#309`
+    - PR `#336` (`chore/improve-logging`) closing Issue `#335`
+    - PR `#339` (`fix/typescript-strictness-react19`) closing Issue `#337`
+    - PR `#341` (`chore/dependabot-agent-governance`) closing Issue `#340`
+  - Waited for CI on every PR and merged only with green required checks.
+  - Verified project board status for linked issues: all moved to `Done`.
+  - Resolved one merge-policy blocker on PR `#341` by adding minimal no-op backend/frontend touches so required checks were actually triggered (instead of skipped by path filtering).
+- **📁 Files touched**:
+  - Entire pending workspace delta was fully shipped across the 4 PRs above.
+  - Final bookkeeping updated in:
+    - `doku/memory_notes.md`
+    - `doku/report.md`
+- **🔜 Follow-ups**:
+  - None for this delivery request.
+
+### 2026-02-27 (Local pre-PR gate validation: `chore/dependabot-agent-governance`)
+
+- **🧩 Scope**: Validate minimal relevant non-interactive local checks for changed governance/config/docs files.
+- **🛠️ What changed**:
+  - Confirmed changed file scope with `git status --short`.
+  - Ran repo lint gate: `npm run lint` -> passed (backend Biome clean, frontend Biome clean).
+  - Ran YAML/frontmatter parser checks for changed `.yml` and agent markdown files -> passed.
+  - Ran targeted markdownlint (`npx -y markdownlint-cli2 ...`) -> failed with 379 markdown style issues (mostly line-length/table-spacing) across changed markdown files.
+  - Assessed markdownlint result as non-gating because this repository's configured local gate uses Biome on backend/frontend source files only.
+- **📁 Files touched**:
+  - `doku/memory_notes.md`
+  - `doku/report.md`
+- **🔜 Follow-ups**:
+  - Optional: run a dedicated markdown formatting/lint cleanup pass for agent/docs files in a separate scope.
+
+### 2026-02-27 (PR3 local gate rerun: `fix/typescript-strictness-react19`)
+
+- **🧩 Scope**: Re-run requested local pre-PR frontend gate after `MedDetailModal` test fix.
+- **🛠️ What changed**:
+  - Ran `CI=true npm --prefix /Users/danielvolz/git/medassist/frontend run check` -> passed.
+  - Re-ran the same focused Vitest subset (12 files) used previously -> passed.
+  - `src/test/components/MedDetailModal.test.tsx` now passes in that subset.
+- **📁 Files touched**:
+  - `doku/memory_notes.md`
+  - `doku/report.md`
+- **🔜 Follow-ups**:
+  - Requested local pre-PR gate is satisfied for frontend check + focused subset.
+
+### 2026-02-27 (Local pre-PR gate validation: `fix/typescript-strictness-react19`)
+
+- **🧩 Scope**: Validate minimal relevant non-interactive frontend lint/tests for changed React 19 + TypeScript strictness files.
+- **🛠️ What changed**:
+  - Ran `CI=true npm --prefix /Users/danielvolz/git/medassist/frontend run check` -> passed (Biome clean, `tsc --noEmit` clean).
+  - Ran focused Vitest only on changed test files:
+    - `src/test/components/Lightbox.test.tsx`
+    - `src/test/components/MedDetailModal.test.tsx`
+    - `src/test/components/MobileEditModal.test.tsx`
+    - `src/test/components/UserFilterModal.test.tsx`
+    - `src/test/context/AppContext.test.tsx`
+    - `src/test/hooks/useMedications.test.ts`
+    - `src/test/hooks/useRefill.test.ts`
+    - `src/test/hooks/useSettings.test.ts`
+    - `src/test/hooks/useShare.test.ts`
+    - `src/test/utils/formatters.test.ts`
+    - `src/test/utils/ics.test.ts`
+    - `src/test/utils/schedule.test.ts`
+  - Focused Vitest result: 11 files passed, 1 file failed (`MedDetailModal.test.tsx`, 1 failing assertion).
+- **📁 Files touched**:
+  - `doku/memory_notes.md`
+  - `doku/report.md`
+- **🔜 Follow-ups**:
+  - Fix failing assertion in `src/test/components/MedDetailModal.test.tsx:329`:
+    - expected `onSubmitRefill(mockMedication.id, undefined)`
+    - received `onSubmitRefill(mockMedication.id, false)`
+  - Re-run the same focused Vitest command after the assertion/behavior is aligned.
+
+### 2026-02-27
+
+- **🧩 Scope**: Issue #309 — Optionally disable form login when OIDC enabled
+- **🛠️ What changed**:
+  - New env var `FORM_LOGIN_ENABLED` (default `true`). Set to `false` to hide username/password form and only show the OIDC SSO button.
+  - Renamed all internal `localAuthEnabled` references to `formLoginEnabled` for clarity.
+  - Backend enforces lockout guard at startup — if no login method is available, the server refuses to start with a clear error message.
+  - Backend warns if `REGISTRATION_ENABLED=true` but form login is off (registration has no effect without the form).
+  - First-user setup override: even with `FORM_LOGIN_ENABLED=false`, the first admin account can always be created locally.
+  - All existing frontend/backend tests pass (55 frontend + 32 backend).
+  - Lint clean.
+- **📁 Files touched**:
+  - `backend/src/plugins/env.ts`
+  - `backend/src/plugins/auth.ts`
+  - `backend/src/routes/auth.ts`
+  - `frontend/src/components/Auth.tsx`
+  - `frontend/src/test/components/Auth.test.tsx`
+  - `frontend/src/test/components/AppHeader.test.tsx`
+  - `backend/src/test/auth.test.ts`
+  - `.env.example`
+- **🔜 Follow-ups**:
+  - E2E test for OIDC-only login flow → delegate to @testing-manager
+  - Consider adding backend unit test specifically for FORM_LOGIN_ENABLED=false scenarios
+
+### 2026-02-27 (Local pre-PR gate validation: `chore/improve-logging`)
+
+- **🧩 Scope**: Validate minimal relevant non-interactive lint/tests for changed files:
+  - `.env.example`
+  - `backend/package.json`
+  - `backend/package-lock.json`
+  - `backend/src/db/client.ts`
+  - `backend/src/db/db-utils.ts`
+  - `backend/src/index.ts`
+  - `backend/src/routes/doses.ts`
+  - `backend/src/routes/health.ts`
+  - `backend/src/routes/settings.ts`
+  - `backend/src/test/e2e-routes.test.ts`
+  - `backend/src/utils/logger.ts`
+  - `frontend/nginx-entrypoint.sh`
+  - `frontend/nginx.conf`
+- **🛠️ What changed**:
+  - Ran `cd backend && npm run lint` → passed.
+  - Ran `cd frontend && npm run lint` → warning found in `src/components/MedicationAvatar.tsx` (`useExhaustiveDependencies`).
+  - Ran `cd backend && CI=true npm run test:run -- src/test/e2e-routes.test.ts` → passed (103/103).
+  - No code changes were made as part of this validation request.
+- **📁 Files touched**:
+  - `doku/memory_notes.md`
+  - `doku/report.md`
+- **🔜 Follow-ups**:
+  - Resolve frontend lint warning in `frontend/src/components/MedicationAvatar.tsx` before considering local pre-PR gate fully satisfied.
+
+### 2026-02-26 — Structured Logging Implementation Plan
+
+- **🧩 Scope**: Observability / logging improvements
+- **🛠️ What changed**:
+  - Created implementation plan to fix the log noise problem: nginx and Fastify log every 5-second dose-polling request at `info` level, making `info` unusable.
+  - Plan covers 5 phases: (1) suppress noisy backend routes via per-route `logLevel`, (2) add timestamps to startup logger + pino-pretty for dev, (3) suppress polling in nginx access logs, (4) differentiate debug/info/warn in nginx entrypoint, (5) update docs.
+- **📁 Files touched**:
+  - `plan/feature-structured-logging-1.md` (new)
+- **🔜 Follow-ups**:
+  - Implement the 18 tasks across 5 phases.
+
+### 2026-02-26 — Structured Logging Implementation (complete)
+
+- **🧩 Scope**: Observability / logging — make `LOG_LEVEL=info` usable
+- **🛠️ What changed**:
+  - **Backend route noise suppression**: `GET /health` (logLevel: warn), `GET /doses/taken` and `GET /share/:token/doses` (logLevel: debug) — these high-frequency polling routes no longer flood `info` logs with Pino's automatic `incoming request` / `request completed` messages.
+  - **Startup logger timestamps**: All pre-Fastify log messages (DB migrations, etc.) now include `[2026-02-26T14:30:05.123Z] [INFO]` prefix.
+  - **pino-pretty for development**: Backend dev mode now outputs human-readable, colorized log lines with translated timestamps (production still uses structured JSON).
+  - **nginx polling suppression**: New dedicated `location` blocks in `nginx.conf` for `/api/doses/taken`, `/api/share/*/doses`, and `/api/health` with conditional `access_log` via `NGINX_POLLING_LOG` variable.
+  - **nginx 3-tier LOG_LEVEL**: `debug` = all access logs, `info` = all except polling (default), `warn+` = no access logs.
+  - **nginx timestamps**: Custom `log_format timed` with ISO 8601 timestamps applied to all access logging.
+  - **Documentation**: `.env.example` and `README.md` updated with detailed per-level behavior.
+- **📁 Files touched**:
+  - `backend/src/routes/health.ts`
+  - `backend/src/routes/doses.ts`
+  - `backend/src/utils/logger.ts`
+  - `backend/src/index.ts`
+  - `backend/package.json` + `package-lock.json`
+  - `frontend/nginx.conf`
+  - `frontend/nginx-entrypoint.sh`
+  - `.env.example`
+  - `README.md`
+- **🔜 Follow-ups**:
+  - Docker build + manual live verification
+  - Delegate automated test coverage to @testing-manager
+
+### 2026-02-26
+
+- **Scope**: Update governance instructions for persistent agent memory and user-readable reporting.
+- **What changed**:
+  - Added a **VERY IMPORTANT** section to `.github/copilot-instructions.md`.
+  - Added a **VERY IMPORTANT — Memory + Reporting Persistence** section to `AGENTS.md`.
+  - Removed the obsolete mandatory `doku/APP_BEHAVIOR.md` persistence rule from `AGENTS.md`.
+  - Created `doku/memory_notes.md` and `doku/report.md`.
+- **Files touched**:
+  - `.github/copilot-instructions.md`
+  - `AGENTS.md`
+  - `doku/memory_notes.md`
+  - `doku/report.md`
+- **Follow-ups**:
+  - Keep both files updated on every meaningful task going forward.
+
+### 2026-02-26 (follow-up)
+
+- **Scope**: Add ultra-short maintenance templates so future updates stay consistent.
+- **What changed**:
+  - Added a "How to maintain (1-minute template)" section in this file.
+  - Added a matching "How to maintain" section in `doku/memory_notes.md`.
+- **Files touched**:
+  - `doku/report.md`
+  - `doku/memory_notes.md`
+- **Follow-ups**:
+  - Reuse the templates for all upcoming meaningful tasks.
+
+### 2026-02-26 (emoji template follow-up)
+
+- **🧩 Scope**: Add emoji label conventions for faster, more readable scan in future entries.
+- **🛠️ What changed**:
+  - Updated the report template labels to emoji-based headings.
+  - Updated the memory notes template labels to the same style.
+- **📁 Files touched**:
+  - `doku/report.md`
+  - `doku/memory_notes.md`
+- **🔜 Follow-ups**:
+  - Use this emoji format for all upcoming entries unless governance changes.
+
+### 2026-02-26 (testing-manager instruction update)
+
+- **🧩 Scope**: Tighten testing governance in the `testing-manager` agent instructions.
+- **🛠️ What changed**:
+  - Added mandatory linting gate: all lint errors and simple/fixable warnings must be resolved, especially before PR handoff from `@release-manager`.
+  - Added strict reliability/validity rules to avoid fake-green tests and over-mocking.
+  - Added a concrete test validity checklist focused on true functional verification.
+  - Updated command examples to current setup:
+    - Backend Vitest via `CI=true npm run test:run` / `test:coverage`
+    - Frontend Vitest via `CI=true npm run test:run` / `test:coverage`
+    - Playwright E2E with `PLAYWRIGHT_HTML_OPEN=never` and CI-stable worker guidance.
+- **📁 Files touched**:
+  - `.github/agents/testing-manager.agent.md`
+  - `doku/memory_notes.md`
+  - `doku/report.md`
+- **🔜 Follow-ups**:
+  - Reuse these strengthened rules for future CI triage and pre-PR test handoffs.
+
+### 2026-02-26 (pre-PR local gate update)
+
+- **🧩 Scope**: Make pre-PR quality requirements explicit for testing handoff.
+- **🛠️ What changed**:
+  - Added explicit pre-PR rule: no PR creation before local lint is clean and relevant tests pass locally.
+  - Added explicit anti-pattern rule: do not let obvious regressions be discovered first in GitHub CI.
+  - Updated workflow/lint sections and done criteria to include this mandatory local gate.
+- **📁 Files touched**:
+  - `.github/agents/testing-manager.agent.md`
+  - `doku/memory_notes.md`
+  - `doku/report.md`
+- **🔜 Follow-ups**:
+  - Enforce this gate in every future testing handoff before PR creation.
+
+### 2026-02-26 (release-manager gate alignment)
+
+- **🧩 Scope**: Apply the same local quality gate requirements to `release-manager` workflow.
+- **🛠️ What changed**:
+  - Added explicit pre-PR local gate rule in `release-manager`: lint clean + relevant tests passed locally before PR creation.
+  - Added explicit no CI-first-failure rule in `release-manager` critical safety section.
+  - Updated release workflow steps so push/PR creation is blocked until local gate is confirmed.
+- **📁 Files touched**:
+  - `.github/agents/release-manager.agent.md`
+  - `doku/memory_notes.md`
+  - `doku/report.md`
+- **🔜 Follow-ups**:
+  - Reuse this policy consistently for all future release PR orchestration.
+
+### 2026-02-26 (React 19 plan refinement)
+
+- **🧩 Scope**: Validate that the React 19 plan follows official best practices.
+- **🛠️ What changed**:
+  - Confirmed from the React 19 upgrade guide: TypeScript projects should upgrade to `@types/react@^19` and `@types/react-dom@^19`.
+  - Updated recommendation: do not remove `@types/*` packages during this upgrade.
+  - Updated scope policy: keep upgrade PR focused on version bump and required compatibility fixes only.
+  - Marked optional feature adoption (`useOptimistic`, `useFormStatus`, Server Components, broader API migrations) as follow-up PR scope.
+- **📁 Files touched**:
+  - `doku/memory_notes.md`
+  - `doku/report.md`
+- **🔜 Follow-ups**:
+  - Apply this exact scope and dependency policy when implementing the React 19 upgrade branch.
+
+### 2026-02-26 (React 19 implementation)
+
+- **🧩 Scope**: Execute the scoped React 19 dependency upgrade in frontend only.
+- **🛠️ What changed**:
+  - Upgraded `react` and `react-dom` to `^19.2.0` in frontend dependencies.
+  - Upgraded `@types/react` and `@types/react-dom` to `^19.2.2` (kept them, not removed).
+  - Updated `frontend/package-lock.json` entries for `react`, `react-dom`, `scheduler`, `@types/react`, and `@types/react-dom` to matching 19.x metadata.
+  - Kept migration scope strict: no optional React 19 feature adoption or broad refactors.
+- **📁 Files touched**:
+  - `frontend/package.json`
+  - `frontend/package-lock.json`
+  - `doku/memory_notes.md`
+  - `doku/report.md`
+- **🔜 Follow-ups**:
+  - Delegate local validation (lint/check/tests) to `@testing-manager` before PR handoff.
+
+### 2026-02-26 (Testing handoff execution)
+
+- **🧩 Scope**: Run `frontend` lint/check/relevant tests after React 19 upgrade and apply only mandatory compatibility fixes.
+- **🛠️ What changed**:
+  - Ran `npm run lint` in `frontend`: 1 existing warning remains in `src/components/MedicationAvatar.tsx` (`useExhaustiveDependencies`).
+  - Ran `npm run check` in `frontend`: fixed compatibility/type errors in targeted tests:
+    - `src/test/utils/ics.test.ts` (typed mock assignments + fixture default safety)
+    - `src/test/utils/schedule.test.ts` (added required `packageType` in medication fixtures, event `id` field)
+    - `src/test/components/MobileEditModal.test.tsx` (added required `imageUploadError` prop and form-event typing)
+  - Ran focused test scope:
+    - `CI=true npm run test:run -- src/test/utils/ics.test.ts src/test/utils/schedule.test.ts src/test/components/MobileEditModal.test.tsx`
+    - Result: 3 files passed, 147 tests passed.
+  - `frontend check` is still blocked by unrelated type mismatches in `src/test/components/MedDetailModal.test.tsx` (new required props and `RefillEntry` shape drift).
+- **📁 Files touched**:
+  - `frontend/src/test/utils/ics.test.ts`
+  - `frontend/src/test/utils/schedule.test.ts`
+  - `frontend/src/test/components/MobileEditModal.test.tsx`
+  - `doku/memory_notes.md`
+  - `doku/report.md`
+- **🔜 Follow-ups**:
+  - Separate follow-up to align `MedDetailModal` tests with current `MedDetailModalProps` and `RefillEntry` type.
+  - Decide whether to resolve or waive the existing lint warning in `MedicationAvatar.tsx` for strict pre-PR gate.
+
+### 2026-02-26 (Blocker follow-up)
+
+- **🧩 Scope**: Resolve remaining non-test lint blocker and prepare delegated test-fix handoff.
+- **🛠️ What changed**:
+  - Fixed the remaining lint warning in `frontend/src/components/MedicationAvatar.tsx` by making image reset logic dependency-safe with previous-value tracking (`useRef`).
+  - Kept `MedDetailModal.test.tsx` adaptations delegated to `@testing-manager` per testing ownership rule.
+  - Prepared concrete handoff targets for `@testing-manager`:
+    - Add required props in test `defaultProps`: `usePrescriptionRefill`, `onUsePrescriptionRefillChange`.
+    - Update `RefillEntry` fixtures from old fields (`medicationId`, `timestamp`, `looseAdded`) to current shape (`refillDate`, `loosePillsAdded`).
+- **📁 Files touched**:
+  - `frontend/src/components/MedicationAvatar.tsx`
+  - `doku/memory_notes.md`
+  - `doku/report.md`
+- **🔜 Follow-ups**:
+  - `@testing-manager` to run and fix the full `frontend check` residual failures in `src/test/components/MedDetailModal.test.tsx`.
+
+### 2026-02-26 (Dependency update automation)
+
+- **🧩 Scope**: Automate dependency updates with controlled auto-merge.
+- **🛠️ What changed**:
+  - Extended existing `.github/dependabot.yml` for weekly updates across `frontend`, `backend`, root npm tooling, and GitHub Actions.
+  - Added grouping for minor/patch updates in root npm and GitHub Actions to reduce PR noise.
+  - Added scoped labels (`frontend`, `backend`, `root`, `ci`) for easier triage.
+  - Added `.github/workflows/dependabot-automerge.yml` to enable auto-merge only for Dependabot patch/minor updates (npm + GitHub Actions), while major updates remain manual.
+  - Updated `README.md` with a new "Dependency Updates" section and changed the React badge to 19.
+- **📁 Files touched**:
+  - `.github/dependabot.yml`
+  - `.github/workflows/dependabot-automerge.yml`
+  - `README.md`
+  - `doku/memory_notes.md`
+  - `doku/report.md`
+- **🔜 Follow-ups**:
+  - Verify repository branch protection required checks are configured so auto-merge waits for CI gates as intended.
+
+### 2026-02-26 (Automatic handoff to testing-manager)
+
+- **🧩 Scope**: Execute delegated testing ownership without waiting for user confirmation.
+- **🛠️ What changed**:
+  - Issued direct handoff to `@testing-manager` for residual `frontend check` blockers in `frontend/src/test/components/MedDetailModal.test.tsx`.
+  - Handoff checklist includes:
+    - add required `MedDetailModalProps` test props (`usePrescriptionRefill`, `onUsePrescriptionRefillChange`),
+    - align `RefillEntry` test fixtures to current type shape (`refillDate`, `loosePillsAdded`),
+    - run `cd frontend && npm run check` and report remaining deltas.
+- **📁 Files touched**:
+  - `doku/report.md`
+  - `doku/memory_notes.md`
+- **🔜 Follow-ups**:
+  - After `@testing-manager` completion, continue with PR-ready summary and release handoff.
+
+### 2026-02-26 (Continued execution: frontend check fully green)
+
+- **🧩 Scope**: Continue implementation to remove all remaining `frontend` type/lint blockers.
+- **🛠️ What changed**:
+  - Fixed remaining production type/lint blockers in:
+    - `src/components/MobileEditModal.tsx` (prop destructuring + packageType change handler typing)
+    - `src/components/SharedSchedule.tsx` (critical threshold typing)
+    - `src/context/AppContext.tsx` (import result typing for imported counts)
+    - `src/pages/dashboard-helpers.ts` (strict `PackageType` + null-safe stockAdjustment)
+    - `src/pages/DashboardPage.tsx` (missing `Coverage` type import)
+    - `src/utils/stock.ts` (removed unreachable nullish coalescing)
+  - Fixed remaining test typing drift in:
+    - `src/test/setup.ts`
+    - `src/test/components/Lightbox.test.tsx`
+    - `src/test/components/UserFilterModal.test.tsx`
+    - `src/test/context/AppContext.test.tsx`
+    - `src/test/hooks/useMedications.test.ts`
+    - `src/test/hooks/useRefill.test.ts`
+    - `src/test/hooks/useSettings.test.ts`
+    - `src/test/hooks/useShare.test.ts`
+    - `src/test/utils/formatters.test.ts`
+    - `src/test/utils/schedule.test.ts`
+  - Validation results:
+    - `cd frontend && npm run check` -> **PASS**
+    - `CI=true npm run test:run -- src/test/hooks/useShare.test.ts src/test/hooks/useRefill.test.ts src/test/hooks/useSettings.test.ts src/test/utils/formatters.test.ts` -> **PASS** (4 files, 84 tests)
+- **📁 Files touched**:
+  - `frontend/src/components/MobileEditModal.tsx`
+  - `frontend/src/components/SharedSchedule.tsx`
+  - `frontend/src/context/AppContext.tsx`
+  - `frontend/src/pages/dashboard-helpers.ts`
+  - `frontend/src/pages/DashboardPage.tsx`
+  - `frontend/src/utils/stock.ts`
+  - `frontend/src/test/setup.ts`
+  - `frontend/src/test/components/Lightbox.test.tsx`
+  - `frontend/src/test/components/UserFilterModal.test.tsx`
+  - `frontend/src/test/context/AppContext.test.tsx`
+  - `frontend/src/test/hooks/useMedications.test.ts`
+  - `frontend/src/test/hooks/useRefill.test.ts`
+  - `frontend/src/test/hooks/useSettings.test.ts`
+  - `frontend/src/test/hooks/useShare.test.ts`
+  - `frontend/src/test/utils/formatters.test.ts`
+  - `frontend/src/test/utils/schedule.test.ts`
+  - `doku/memory_notes.md`
+  - `doku/report.md`
+- **🔜 Follow-ups**:
+  - Optional: run full frontend test suite as additional confidence step before release handoff.
+
+### 2026-02-26 (npm integrity issue resolved)
+
+- **🧩 Scope**: Fix `npm ci` failure caused by tarball integrity mismatch warnings/errors.
+- **🛠️ What changed**:
+  - Reproduced failure (`EINTEGRITY`) for `@types/react@19.2.2` / `@types/react-dom@19.2.2`.
+  - Pulled authoritative integrity hashes from npm registry via:
+    - `npm view @types/react@19.2.2 dist.integrity`
+    - `npm view @types/react-dom@19.2.2 dist.integrity`
+  - Corrected two integrity strings in `frontend/package-lock.json` to match official registry values.
+  - Re-ran install:
+    - `npm ci --no-audit --no-fund` -> **PASS**.
+- **📁 Files touched**:
+  - `frontend/package-lock.json`
+  - `doku/memory_notes.md`
+  - `doku/report.md`
+- **🔜 Follow-ups**:
+  - None required for this issue; install path is healthy again.
+
+### 2026-02-26 (Deprecation warnings triage)
+
+- **🧩 Scope**: Investigate reported npm deprecation warnings and determine if local code changes are required.
+- **🛠️ What changed**:
+  - Verified warnings are from `backend` transitive deps, not `frontend`:
+    - `drizzle-kit@0.31.9` -> `@esbuild-kit/esm-loader@2.6.5` -> `@esbuild-kit/core-utils@3.3.2`
+    - `@libsql/client@0.17.0` -> `node-fetch@3.3.2` -> `fetch-blob@3.2.0` -> `node-domexception@1.0.0`
+  - Confirmed current installed versions are already latest published for both direct parents (`drizzle-kit`, `@libsql/client`).
+  - Classified as non-blocking upstream deprecation warnings (no immediate local fix available without changing stack/library choices).
+- **📁 Files touched**:
+  - `doku/memory_notes.md`
+  - `doku/report.md`
+- **🔜 Follow-ups**:
+  - Re-evaluate after upstream releases; remove warnings via normal dependency updates when available.
+
+### 2026-02-26 (MedDetailModal test type drift fix)
+
+- **🧩 Scope**: Fix only residual prop/type drift in `MedDetailModal` tests to unblock frontend check target area.
+- **🛠️ What changed**:
+  - Updated `defaultProps` in `frontend/src/test/components/MedDetailModal.test.tsx` with required `MedDetailModalProps` fields:
+    - `usePrescriptionRefill`
+    - `onUsePrescriptionRefillChange`
+  - Updated `RefillEntry` fixtures in the same file to current type shape:
+    - removed legacy fields (`medicationId`, `timestamp`, `looseAdded`)
+    - added current fields (`refillDate`, `loosePillsAdded`)
+  - Ran `cd frontend && npm run check`: the file-specific drift is resolved, but command still fails due unrelated TypeScript errors in other frontend files.
+- **📁 Files touched**:
+  - `frontend/src/test/components/MedDetailModal.test.tsx`
+  - `doku/memory_notes.md`
+  - `doku/report.md`
+- **🔜 Follow-ups**:
+  - Resolve remaining unrelated `frontend` TypeScript errors before rerunning full `npm run check` and then the targeted MedDetailModal test command.

frontend/nginx-entrypoint.sh

@@ -4,21 +4,30 @@
 # Translates LOG_LEVEL into nginx access log control before
 # delegating to the standard nginx-unprivileged entrypoint.
 #
-# LOG_LEVEL=debug|info  → access logs enabled  (default)
-# LOG_LEVEL=warn|error|fatal|silent → access logs suppressed
+# LOG_LEVEL=debug        → all access logs enabled (including polling)
+# LOG_LEVEL=info         → access logs enabled, polling endpoints suppressed (default)
+# LOG_LEVEL=warn|error|fatal|silent → all access logs suppressed
 # =============================================================================
 
 # Normalize: lowercase + trim whitespace
 level=$(printf '%s' "${LOG_LEVEL:-info}" | tr '[:upper:]' '[:lower:]' | tr -d '[:space:]')
 
 case "$level" in
+  debug)
+    export NGINX_ACCESS_LOG="/dev/stdout timed"
+    export NGINX_POLLING_LOG="/dev/stdout timed"
+    echo "[nginx-entrypoint] LOG_LEVEL=${LOG_LEVEL} → access_log on (all requests)"
+    ;;
   warn|error|fatal|silent)
     export NGINX_ACCESS_LOG="off"
+    export NGINX_POLLING_LOG="off"
     echo "[nginx-entrypoint] LOG_LEVEL=${LOG_LEVEL} → access_log off"
     ;;
   *)
-    export NGINX_ACCESS_LOG="/dev/stdout"
-    echo "[nginx-entrypoint] LOG_LEVEL=${LOG_LEVEL:-info} → access_log /dev/stdout"
+    # info (default): log everything except high-frequency polling endpoints
+    export NGINX_ACCESS_LOG="/dev/stdout timed"
+    export NGINX_POLLING_LOG="off"
+    echo "[nginx-entrypoint] LOG_LEVEL=${LOG_LEVEL:-info} → access_log on (polling suppressed)"
     ;;
 esac
 

frontend/nginx.conf

@@ -6,6 +6,9 @@ server {
     root /usr/share/nginx/html;
     index index.html;
 
+    # Custom log format with ISO timestamps
+    log_format timed '$time_iso8601 $status $request_method $request_uri ($request_time s)';
+
     # Access log control (suppressed when LOG_LEVEL is warn or higher)
     access_log ${NGINX_ACCESS_LOG};
 
@@ -24,6 +27,52 @@ server {
         try_files $uri /index.html;
     }
 
+    # -------------------------------------------------------------------------
+    # High-frequency polling endpoints — suppress access logs at info level
+    # (visible at debug level via NGINX_POLLING_LOG)
+    # -------------------------------------------------------------------------
+    location = /api/doses/taken {
+        access_log ${NGINX_POLLING_LOG};
+        resolver 127.0.0.11 valid=10s ipv6=off;
+        set $backend_upstream ${BACKEND_URL};
+        rewrite ^/api/(.*)$ /$1 break;
+        proxy_pass http://$backend_upstream;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_pass_header Set-Cookie;
+        proxy_cookie_path / /;
+    }
+
+    location ~ ^/api/share/[^/]+/doses$ {
+        access_log ${NGINX_POLLING_LOG};
+        resolver 127.0.0.11 valid=10s ipv6=off;
+        set $backend_upstream ${BACKEND_URL};
+        rewrite ^/api/(.*)$ /$1 break;
+        proxy_pass http://$backend_upstream;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_pass_header Set-Cookie;
+        proxy_cookie_path / /;
+    }
+
+    location = /api/health {
+        access_log ${NGINX_POLLING_LOG};
+        resolver 127.0.0.11 valid=10s ipv6=off;
+        set $backend_upstream ${BACKEND_URL};
+        rewrite ^/api/(.*)$ /$1 break;
+        proxy_pass http://$backend_upstream;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_pass_header Set-Cookie;
+        proxy_cookie_path / /;
+    }
+
     location /api/ {
         # Use variable for runtime DNS resolution (nginx resolves at startup by default)
         # Docker embedded DNS (127.0.0.11) with 10s cache

frontend/package-lock.json

@@ -1,18 +1,18 @@
 {
   "name": "medassist-ng-frontend",
-  "version": "1.16.0",
+  "version": "1.16.1",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "medassist-ng-frontend",
-      "version": "1.16.0",
+      "version": "1.16.1",
       "dependencies": {
         "i18next": "^25.8.13",
         "i18next-browser-languagedetector": "^8.2.1",
         "lucide-react": "^0.575.0",
-        "react": "^18.3.1",
-        "react-dom": "^18.3.1",
+        "react": "^19.2.0",
+        "react-dom": "^19.2.0",
         "react-i18next": "^15.4.1",
         "react-router-dom": "^7.13.1",
         "zod": "^4.3.6"
@@ -24,8 +24,8 @@
         "@testing-library/react": "^16.3.2",
         "@testing-library/user-event": "^14.6.1",
         "@types/node": "^25.3.0",
-        "@types/react": "^18.3.4",
-        "@types/react-dom": "^18.3.0",
+        "@types/react": "^19.2.2",
+        "@types/react-dom": "^19.2.2",
         "@types/react-router-dom": "^5.3.3",
         "@vitejs/plugin-react": "^5.1.4",
         "@vitest/coverage-v8": "^4.0.18",
@@ -1247,9 +1247,9 @@
       "license": "MIT"
     },
     "node_modules/@rollup/rollup-android-arm-eabi": {
-      "version": "4.53.5",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-android-arm-eabi/-/rollup-android-arm-eabi-4.53.5.tgz",
-      "integrity": "sha512-iDGS/h7D8t7tvZ1t6+WPK04KD0MwzLZrG0se1hzBjSi5fyxlsiggoJHwh18PCFNn7tG43OWb6pdZ6Y+rMlmyNQ==",
+      "version": "4.59.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-android-arm-eabi/-/rollup-android-arm-eabi-4.59.0.tgz",
+      "integrity": "sha512-upnNBkA6ZH2VKGcBj9Fyl9IGNPULcjXRlg0LLeaioQWueH30p6IXtJEbKAgvyv+mJaMxSm1l6xwDXYjpEMiLMg==",
       "cpu": [
         "arm"
       ],
@@ -1261,9 +1261,9 @@
       ]
     },
     "node_modules/@rollup/rollup-android-arm64": {
-      "version": "4.53.5",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-android-arm64/-/rollup-android-arm64-4.53.5.tgz",
-      "integrity": "sha512-wrSAViWvZHBMMlWk6EJhvg8/rjxzyEhEdgfMMjREHEq11EtJ6IP6yfcCH57YAEca2Oe3FNCE9DSTgU70EIGmVw==",
+      "version": "4.59.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-android-arm64/-/rollup-android-arm64-4.59.0.tgz",
+      "integrity": "sha512-hZ+Zxj3SySm4A/DylsDKZAeVg0mvi++0PYVceVyX7hemkw7OreKdCvW2oQ3T1FMZvCaQXqOTHb8qmBShoqk69Q==",
       "cpu": [
         "arm64"
       ],
@@ -1275,9 +1275,9 @@
       ]
     },
     "node_modules/@rollup/rollup-darwin-arm64": {
-      "version": "4.53.5",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-darwin-arm64/-/rollup-darwin-arm64-4.53.5.tgz",
-      "integrity": "sha512-S87zZPBmRO6u1YXQLwpveZm4JfPpAa6oHBX7/ghSiGH3rz/KDgAu1rKdGutV+WUI6tKDMbaBJomhnT30Y2t4VQ==",
+      "version": "4.59.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-darwin-arm64/-/rollup-darwin-arm64-4.59.0.tgz",
+      "integrity": "sha512-W2Psnbh1J8ZJw0xKAd8zdNgF9HRLkdWwwdWqubSVk0pUuQkoHnv7rx4GiF9rT4t5DIZGAsConRE3AxCdJ4m8rg==",
       "cpu": [
         "arm64"
       ],
@@ -1289,9 +1289,9 @@
       ]
     },
     "node_modules/@rollup/rollup-darwin-x64": {
-      "version": "4.53.5",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-darwin-x64/-/rollup-darwin-x64-4.53.5.tgz",
-      "integrity": "sha512-YTbnsAaHo6VrAczISxgpTva8EkfQus0VPEVJCEaboHtZRIb6h6j0BNxRBOwnDciFTZLDPW5r+ZBmhL/+YpTZgA==",
+      "version": "4.59.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-darwin-x64/-/rollup-darwin-x64-4.59.0.tgz",
+      "integrity": "sha512-ZW2KkwlS4lwTv7ZVsYDiARfFCnSGhzYPdiOU4IM2fDbL+QGlyAbjgSFuqNRbSthybLbIJ915UtZBtmuLrQAT/w==",
       "cpu": [
         "x64"
       ],
@@ -1303,9 +1303,9 @@
       ]
     },
     "node_modules/@rollup/rollup-freebsd-arm64": {
-      "version": "4.53.5",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-freebsd-arm64/-/rollup-freebsd-arm64-4.53.5.tgz",
-      "integrity": "sha512-1T8eY2J8rKJWzaznV7zedfdhD1BqVs1iqILhmHDq/bqCUZsrMt+j8VCTHhP0vdfbHK3e1IQ7VYx3jlKqwlf+vw==",
+      "version": "4.59.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-freebsd-arm64/-/rollup-freebsd-arm64-4.59.0.tgz",
+      "integrity": "sha512-EsKaJ5ytAu9jI3lonzn3BgG8iRBjV4LxZexygcQbpiU0wU0ATxhNVEpXKfUa0pS05gTcSDMKpn3Sx+QB9RlTTA==",
       "cpu": [
         "arm64"
       ],
@@ -1317,9 +1317,9 @@
       ]
     },
     "node_modules/@rollup/rollup-freebsd-x64": {
-      "version": "4.53.5",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-freebsd-x64/-/rollup-freebsd-x64-4.53.5.tgz",
-      "integrity": "sha512-sHTiuXyBJApxRn+VFMaw1U+Qsz4kcNlxQ742snICYPrY+DDL8/ZbaC4DVIB7vgZmp3jiDaKA0WpBdP0aqPJoBQ==",
+      "version": "4.59.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-freebsd-x64/-/rollup-freebsd-x64-4.59.0.tgz",
+      "integrity": "sha512-d3DuZi2KzTMjImrxoHIAODUZYoUUMsuUiY4SRRcJy6NJoZ6iIqWnJu9IScV9jXysyGMVuW+KNzZvBLOcpdl3Vg==",
       "cpu": [
         "x64"
       ],
@@ -1331,9 +1331,9 @@
       ]
     },
     "node_modules/@rollup/rollup-linux-arm-gnueabihf": {
-      "version": "4.53.5",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm-gnueabihf/-/rollup-linux-arm-gnueabihf-4.53.5.tgz",
-      "integrity": "sha512-dV3T9MyAf0w8zPVLVBptVlzaXxka6xg1f16VAQmjg+4KMSTWDvhimI/Y6mp8oHwNrmnmVl9XxJ/w/mO4uIQONA==",
+      "version": "4.59.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm-gnueabihf/-/rollup-linux-arm-gnueabihf-4.59.0.tgz",
+      "integrity": "sha512-t4ONHboXi/3E0rT6OZl1pKbl2Vgxf9vJfWgmUoCEVQVxhW6Cw/c8I6hbbu7DAvgp82RKiH7TpLwxnJeKv2pbsw==",
       "cpu": [
         "arm"
       ],
@@ -1345,9 +1345,9 @@
       ]
     },
     "node_modules/@rollup/rollup-linux-arm-musleabihf": {
-      "version": "4.53.5",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm-musleabihf/-/rollup-linux-arm-musleabihf-4.53.5.tgz",
-      "integrity": "sha512-wIGYC1x/hyjP+KAu9+ewDI+fi5XSNiUi9Bvg6KGAh2TsNMA3tSEs+Sh6jJ/r4BV/bx/CyWu2ue9kDnIdRyafcQ==",
+      "version": "4.59.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm-musleabihf/-/rollup-linux-arm-musleabihf-4.59.0.tgz",
+      "integrity": "sha512-CikFT7aYPA2ufMD086cVORBYGHffBo4K8MQ4uPS/ZnY54GKj36i196u8U+aDVT2LX4eSMbyHtyOh7D7Zvk2VvA==",
       "cpu": [
         "arm"
       ],
@@ -1359,9 +1359,9 @@
       ]
     },
     "node_modules/@rollup/rollup-linux-arm64-gnu": {
-      "version": "4.53.5",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm64-gnu/-/rollup-linux-arm64-gnu-4.53.5.tgz",
-      "integrity": "sha512-Y+qVA0D9d0y2FRNiG9oM3Hut/DgODZbU9I8pLLPwAsU0tUKZ49cyV1tzmB/qRbSzGvY8lpgGkJuMyuhH7Ma+Vg==",
+      "version": "4.59.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm64-gnu/-/rollup-linux-arm64-gnu-4.59.0.tgz",
+      "integrity": "sha512-jYgUGk5aLd1nUb1CtQ8E+t5JhLc9x5WdBKew9ZgAXg7DBk0ZHErLHdXM24rfX+bKrFe+Xp5YuJo54I5HFjGDAA==",
       "cpu": [
         "arm64"
       ],
@@ -1373,9 +1373,9 @@
       ]
     },
     "node_modules/@rollup/rollup-linux-arm64-musl": {
-      "version": "4.53.5",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm64-musl/-/rollup-linux-arm64-musl-4.53.5.tgz",
-      "integrity": "sha512-juaC4bEgJsyFVfqhtGLz8mbopaWD+WeSOYr5E16y+1of6KQjc0BpwZLuxkClqY1i8sco+MdyoXPNiCkQou09+g==",
+      "version": "4.59.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm64-musl/-/rollup-linux-arm64-musl-4.59.0.tgz",
+      "integrity": "sha512-peZRVEdnFWZ5Bh2KeumKG9ty7aCXzzEsHShOZEFiCQlDEepP1dpUl/SrUNXNg13UmZl+gzVDPsiCwnV1uI0RUA==",
       "cpu": [
         "arm64"
       ],
@@ -1387,9 +1387,23 @@
       ]
     },
     "node_modules/@rollup/rollup-linux-loong64-gnu": {
-      "version": "4.53.5",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-loong64-gnu/-/rollup-linux-loong64-gnu-4.53.5.tgz",
-      "integrity": "sha512-rIEC0hZ17A42iXtHX+EPJVL/CakHo+tT7W0pbzdAGuWOt2jxDFh7A/lRhsNHBcqL4T36+UiAgwO8pbmn3dE8wA==",
+      "version": "4.59.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-loong64-gnu/-/rollup-linux-loong64-gnu-4.59.0.tgz",
+      "integrity": "sha512-gbUSW/97f7+r4gHy3Jlup8zDG190AuodsWnNiXErp9mT90iCy9NKKU0Xwx5k8VlRAIV2uU9CsMnEFg/xXaOfXg==",
+      "cpu": [
+        "loong64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ]
+    },
+    "node_modules/@rollup/rollup-linux-loong64-musl": {
+      "version": "4.59.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-loong64-musl/-/rollup-linux-loong64-musl-4.59.0.tgz",
+      "integrity": "sha512-yTRONe79E+o0FWFijasoTjtzG9EBedFXJMl888NBEDCDV9I2wGbFFfJQQe63OijbFCUZqxpHz1GzpbtSFikJ4Q==",
       "cpu": [
         "loong64"
       ],
@@ -1401,9 +1415,23 @@
       ]
     },
     "node_modules/@rollup/rollup-linux-ppc64-gnu": {
-      "version": "4.53.5",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-ppc64-gnu/-/rollup-linux-ppc64-gnu-4.53.5.tgz",
-      "integrity": "sha512-T7l409NhUE552RcAOcmJHj3xyZ2h7vMWzcwQI0hvn5tqHh3oSoclf9WgTl+0QqffWFG8MEVZZP1/OBglKZx52Q==",
+      "version": "4.59.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-ppc64-gnu/-/rollup-linux-ppc64-gnu-4.59.0.tgz",
+      "integrity": "sha512-sw1o3tfyk12k3OEpRddF68a1unZ5VCN7zoTNtSn2KndUE+ea3m3ROOKRCZxEpmT9nsGnogpFP9x6mnLTCaoLkA==",
+      "cpu": [
+        "ppc64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ]
+    },
+    "node_modules/@rollup/rollup-linux-ppc64-musl": {
+      "version": "4.59.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-ppc64-musl/-/rollup-linux-ppc64-musl-4.59.0.tgz",
+      "integrity": "sha512-+2kLtQ4xT3AiIxkzFVFXfsmlZiG5FXYW7ZyIIvGA7Bdeuh9Z0aN4hVyXS/G1E9bTP/vqszNIN/pUKCk/BTHsKA==",
       "cpu": [
         "ppc64"
       ],
@@ -1415,9 +1443,9 @@
       ]
     },
     "node_modules/@rollup/rollup-linux-riscv64-gnu": {
-      "version": "4.53.5",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-riscv64-gnu/-/rollup-linux-riscv64-gnu-4.53.5.tgz",
-      "integrity": "sha512-7OK5/GhxbnrMcxIFoYfhV/TkknarkYC1hqUw1wU2xUN3TVRLNT5FmBv4KkheSG2xZ6IEbRAhTooTV2+R5Tk0lQ==",
+      "version": "4.59.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-riscv64-gnu/-/rollup-linux-riscv64-gnu-4.59.0.tgz",
+      "integrity": "sha512-NDYMpsXYJJaj+I7UdwIuHHNxXZ/b/N2hR15NyH3m2qAtb/hHPA4g4SuuvrdxetTdndfj9b1WOmy73kcPRoERUg==",
       "cpu": [
         "riscv64"
       ],
@@ -1429,9 +1457,9 @@
       ]
     },
     "node_modules/@rollup/rollup-linux-riscv64-musl": {
-      "version": "4.53.5",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-riscv64-musl/-/rollup-linux-riscv64-musl-4.53.5.tgz",
-      "integrity": "sha512-GwuDBE/PsXaTa76lO5eLJTyr2k8QkPipAyOrs4V/KJufHCZBJ495VCGJol35grx9xryk4V+2zd3Ri+3v7NPh+w==",
+      "version": "4.59.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-riscv64-musl/-/rollup-linux-riscv64-musl-4.59.0.tgz",
+      "integrity": "sha512-nLckB8WOqHIf1bhymk+oHxvM9D3tyPndZH8i8+35p/1YiVoVswPid2yLzgX7ZJP0KQvnkhM4H6QZ5m0LzbyIAg==",
       "cpu": [
         "riscv64"
       ],
@@ -1443,9 +1471,9 @@
       ]
     },
     "node_modules/@rollup/rollup-linux-s390x-gnu": {
-      "version": "4.53.5",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-s390x-gnu/-/rollup-linux-s390x-gnu-4.53.5.tgz",
-      "integrity": "sha512-IAE1Ziyr1qNfnmiQLHBURAD+eh/zH1pIeJjeShleII7Vj8kyEm2PF77o+lf3WTHDpNJcu4IXJxNO0Zluro8bOw==",
+      "version": "4.59.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-s390x-gnu/-/rollup-linux-s390x-gnu-4.59.0.tgz",
+      "integrity": "sha512-oF87Ie3uAIvORFBpwnCvUzdeYUqi2wY6jRFWJAy1qus/udHFYIkplYRW+wo+GRUP4sKzYdmE1Y3+rY5Gc4ZO+w==",
       "cpu": [
         "s390x"
       ],
@@ -1457,9 +1485,9 @@
       ]
     },
     "node_modules/@rollup/rollup-linux-x64-gnu": {
-      "version": "4.53.5",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-gnu/-/rollup-linux-x64-gnu-4.53.5.tgz",
-      "integrity": "sha512-Pg6E+oP7GvZ4XwgRJBuSXZjcqpIW3yCBhK4BcsANvb47qMvAbCjR6E+1a/U2WXz1JJxp9/4Dno3/iSJLcm5auw==",
+      "version": "4.59.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-gnu/-/rollup-linux-x64-gnu-4.59.0.tgz",
+      "integrity": "sha512-3AHmtQq/ppNuUspKAlvA8HtLybkDflkMuLK4DPo77DfthRb71V84/c4MlWJXixZz4uruIH4uaa07IqoAkG64fg==",
       "cpu": [
         "x64"
       ],
@@ -1471,9 +1499,9 @@
       ]
     },
     "node_modules/@rollup/rollup-linux-x64-musl": {
-      "version": "4.53.5",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-musl/-/rollup-linux-x64-musl-4.53.5.tgz",
-      "integrity": "sha512-txGtluxDKTxaMDzUduGP0wdfng24y1rygUMnmlUJ88fzCCULCLn7oE5kb2+tRB+MWq1QDZT6ObT5RrR8HFRKqg==",
+      "version": "4.59.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-musl/-/rollup-linux-x64-musl-4.59.0.tgz",
+      "integrity": "sha512-2UdiwS/9cTAx7qIUZB/fWtToJwvt0Vbo0zmnYt7ED35KPg13Q0ym1g442THLC7VyI6JfYTP4PiSOWyoMdV2/xg==",
       "cpu": [
         "x64"
       ],
@@ -1484,10 +1512,24 @@
         "linux"
       ]
     },
+    "node_modules/@rollup/rollup-openbsd-x64": {
+      "version": "4.59.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-openbsd-x64/-/rollup-openbsd-x64-4.59.0.tgz",
+      "integrity": "sha512-M3bLRAVk6GOwFlPTIxVBSYKUaqfLrn8l0psKinkCFxl4lQvOSz8ZrKDz2gxcBwHFpci0B6rttydI4IpS4IS/jQ==",
+      "cpu": [
+        "x64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "openbsd"
+      ]
+    },
     "node_modules/@rollup/rollup-openharmony-arm64": {
-      "version": "4.53.5",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-openharmony-arm64/-/rollup-openharmony-arm64-4.53.5.tgz",
-      "integrity": "sha512-3DFiLPnTxiOQV993fMc+KO8zXHTcIjgaInrqlG8zDp1TlhYl6WgrOHuJkJQ6M8zHEcntSJsUp1XFZSY8C1DYbg==",
+      "version": "4.59.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-openharmony-arm64/-/rollup-openharmony-arm64-4.59.0.tgz",
+      "integrity": "sha512-tt9KBJqaqp5i5HUZzoafHZX8b5Q2Fe7UjYERADll83O4fGqJ49O1FsL6LpdzVFQcpwvnyd0i+K/VSwu/o/nWlA==",
       "cpu": [
         "arm64"
       ],
@@ -1499,9 +1541,9 @@
       ]
     },
     "node_modules/@rollup/rollup-win32-arm64-msvc": {
-      "version": "4.53.5",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-arm64-msvc/-/rollup-win32-arm64-msvc-4.53.5.tgz",
-      "integrity": "sha512-nggc/wPpNTgjGg75hu+Q/3i32R00Lq1B6N1DO7MCU340MRKL3WZJMjA9U4K4gzy3dkZPXm9E1Nc81FItBVGRlA==",
+      "version": "4.59.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-arm64-msvc/-/rollup-win32-arm64-msvc-4.59.0.tgz",
+      "integrity": "sha512-V5B6mG7OrGTwnxaNUzZTDTjDS7F75PO1ae6MJYdiMu60sq0CqN5CVeVsbhPxalupvTX8gXVSU9gq+Rx1/hvu6A==",
       "cpu": [
         "arm64"
       ],
@@ -1513,9 +1555,9 @@
       ]
     },
     "node_modules/@rollup/rollup-win32-ia32-msvc": {
-      "version": "4.53.5",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-ia32-msvc/-/rollup-win32-ia32-msvc-4.53.5.tgz",
-      "integrity": "sha512-U/54pTbdQpPLBdEzCT6NBCFAfSZMvmjr0twhnD9f4EIvlm9wy3jjQ38yQj1AGznrNO65EWQMgm/QUjuIVrYF9w==",
+      "version": "4.59.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-ia32-msvc/-/rollup-win32-ia32-msvc-4.59.0.tgz",
+      "integrity": "sha512-UKFMHPuM9R0iBegwzKF4y0C4J9u8C6MEJgFuXTBerMk7EJ92GFVFYBfOZaSGLu6COf7FxpQNqhNS4c4icUPqxA==",
       "cpu": [
         "ia32"
       ],
@@ -1527,9 +1569,9 @@
       ]
     },
     "node_modules/@rollup/rollup-win32-x64-gnu": {
-      "version": "4.53.5",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-x64-gnu/-/rollup-win32-x64-gnu-4.53.5.tgz",
-      "integrity": "sha512-2NqKgZSuLH9SXBBV2dWNRCZmocgSOx8OJSdpRaEcRlIfX8YrKxUT6z0F1NpvDVhOsl190UFTRh2F2WDWWCYp3A==",
+      "version": "4.59.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-x64-gnu/-/rollup-win32-x64-gnu-4.59.0.tgz",
+      "integrity": "sha512-laBkYlSS1n2L8fSo1thDNGrCTQMmxjYY5G0WFWjFFYZkKPjsMBsgJfGf4TLxXrF6RyhI60L8TMOjBMvXiTcxeA==",
       "cpu": [
         "x64"
       ],
@@ -1541,9 +1583,9 @@
       ]
     },
     "node_modules/@rollup/rollup-win32-x64-msvc": {
-      "version": "4.53.5",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-x64-msvc/-/rollup-win32-x64-msvc-4.53.5.tgz",
-      "integrity": "sha512-JRpZUhCfhZ4keB5v0fe02gQJy05GqboPOaxvjugW04RLSYYoB/9t2lx2u/tMs/Na/1NXfY8QYjgRljRpN+MjTQ==",
+      "version": "4.59.0",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-x64-msvc/-/rollup-win32-x64-msvc-4.59.0.tgz",
+      "integrity": "sha512-2HRCml6OztYXyJXAvdDXPKcawukWY2GpR5/nxKp4iBgiO3wcoEGkAaqctIbZcNB6KlUQBIqt8VYkNSj2397EfA==",
       "cpu": [
         "x64"
       ],
@@ -1746,32 +1788,24 @@
         "undici-types": "~7.18.0"
       }
     },
-    "node_modules/@types/prop-types": {
-      "version": "15.7.15",
-      "resolved": "https://registry.npmjs.org/@types/prop-types/-/prop-types-15.7.15.tgz",
-      "integrity": "sha512-F6bEyamV9jKGAFBEmlQnesRPGOQqS2+Uwi0Em15xenOxHaf2hv6L8YCVn3rPdPJOiJfPiCnLIRyvwVaqMY3MIw==",
-      "dev": true,
-      "license": "MIT"
-    },
     "node_modules/@types/react": {
-      "version": "18.3.27",
-      "resolved": "https://registry.npmjs.org/@types/react/-/react-18.3.27.tgz",
-      "integrity": "sha512-cisd7gxkzjBKU2GgdYrTdtQx1SORymWyaAFhaxQPK9bYO9ot3Y5OikQRvY0VYQtvwjeQnizCINJAenh/V7MK2w==",
+      "version": "19.2.2",
+      "resolved": "https://registry.npmjs.org/@types/react/-/react-19.2.2.tgz",
+      "integrity": "sha512-6mDvHUFSjyT2B2yeNx2nUgMxh9LtOWvkhIU3uePn2I2oyNymUAX1NIsdgviM4CH+JSrp2D2hsMvJOkxY+0wNRA==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
-        "@types/prop-types": "*",
-        "csstype": "^3.2.2"
+        "csstype": "^3.0.2"
       }
     },
     "node_modules/@types/react-dom": {
-      "version": "18.3.7",
-      "resolved": "https://registry.npmjs.org/@types/react-dom/-/react-dom-18.3.7.tgz",
-      "integrity": "sha512-MEe3UeoENYVFXzoXEWsvcpg6ZvlrFNlOQ7EOsvhI3CfAXwzPfO8Qwuxd40nepsYKqyyVQnTdEfv68q91yLcKrQ==",
+      "version": "19.2.2",
+      "resolved": "https://registry.npmjs.org/@types/react-dom/-/react-dom-19.2.2.tgz",
+      "integrity": "sha512-9KQPoO6mZCi7jcIStSnlOWn2nEF3mNmyr3rIAsGnAbQKYbRLyqmeSc39EVgtxXVia+LMT8j3knZLAZAh+xLmrw==",
       "dev": true,
       "license": "MIT",
       "peerDependencies": {
-        "@types/react": "^18.0.0"
+        "@types/react": "^19.2.0"
       }
     },
     "node_modules/@types/react-router": {
@@ -2925,9 +2959,9 @@
       }
     },
     "node_modules/react": {
-      "version": "18.3.1",
-      "resolved": "https://registry.npmjs.org/react/-/react-18.3.1.tgz",
-      "integrity": "sha512-wS+hAgJShR0KhEvPJArfuPVN1+Hz1t0Y6n5jLrGQbkb4urgPE/0Rve+1kMB1v/oWgHgm4WIcV+i7F2pTVj+2iQ==",
+      "version": "19.2.0",
+      "resolved": "https://registry.npmjs.org/react/-/react-19.2.0.tgz",
+      "integrity": "sha512-tmbWg6W31tQLeB5cdIBOicJDJRR2KzXsV7uSK9iNfLWQ5bIZfxuPEHp7M8wiHyHnn0DD1i7w3Zmin0FtkrwoCQ==",
       "license": "MIT",
       "dependencies": {
         "loose-envify": "^1.1.0"
@@ -2937,16 +2971,16 @@
       }
     },
     "node_modules/react-dom": {
-      "version": "18.3.1",
-      "resolved": "https://registry.npmjs.org/react-dom/-/react-dom-18.3.1.tgz",
-      "integrity": "sha512-5m4nQKp+rZRb09LNH59GM4BxTh9251/ylbKIbpe7TpGxfJ+9kv6BLkLBXIjjspbgbnIBNqlI23tRnTWT0snUIw==",
+      "version": "19.2.0",
+      "resolved": "https://registry.npmjs.org/react-dom/-/react-dom-19.2.0.tgz",
+      "integrity": "sha512-UlbRu4cAiGaIewkPyiRGJk0imDN2T3JjieT6spoL2UeSf5od4n5LB/mQ4ejmxhCFT1tYe8IvaFulzynWovsEFQ==",
       "license": "MIT",
       "dependencies": {
         "loose-envify": "^1.1.0",
-        "scheduler": "^0.23.2"
+        "scheduler": "^0.27.0"
       },
       "peerDependencies": {
-        "react": "^18.3.1"
+        "react": "^19.2.0"
       }
     },
     "node_modules/react-i18next": {
@@ -3056,9 +3090,9 @@
       }
     },
     "node_modules/rollup": {
-      "version": "4.53.5",
-      "resolved": "https://registry.npmjs.org/rollup/-/rollup-4.53.5.tgz",
-      "integrity": "sha512-iTNAbFSlRpcHeeWu73ywU/8KuU/LZmNCSxp6fjQkJBD3ivUb8tpDrXhIxEzA05HlYMEwmtaUnb3RP+YNv162OQ==",
+      "version": "4.59.0",
+      "resolved": "https://registry.npmjs.org/rollup/-/rollup-4.59.0.tgz",
+      "integrity": "sha512-2oMpl67a3zCH9H79LeMcbDhXW/UmWG/y2zuqnF2jQq5uq9TbM9TVyXvA4+t+ne2IIkBdrLpAaRQAvo7YI/Yyeg==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
@@ -3072,28 +3106,31 @@
         "npm": ">=8.0.0"
       },
       "optionalDependencies": {
-        "@rollup/rollup-android-arm-eabi": "4.53.5",
-        "@rollup/rollup-android-arm64": "4.53.5",
-        "@rollup/rollup-darwin-arm64": "4.53.5",
-        "@rollup/rollup-darwin-x64": "4.53.5",
-        "@rollup/rollup-freebsd-arm64": "4.53.5",
-        "@rollup/rollup-freebsd-x64": "4.53.5",
-        "@rollup/rollup-linux-arm-gnueabihf": "4.53.5",
-        "@rollup/rollup-linux-arm-musleabihf": "4.53.5",
-        "@rollup/rollup-linux-arm64-gnu": "4.53.5",
-        "@rollup/rollup-linux-arm64-musl": "4.53.5",
-        "@rollup/rollup-linux-loong64-gnu": "4.53.5",
-        "@rollup/rollup-linux-ppc64-gnu": "4.53.5",
-        "@rollup/rollup-linux-riscv64-gnu": "4.53.5",
-        "@rollup/rollup-linux-riscv64-musl": "4.53.5",
-        "@rollup/rollup-linux-s390x-gnu": "4.53.5",
-        "@rollup/rollup-linux-x64-gnu": "4.53.5",
-        "@rollup/rollup-linux-x64-musl": "4.53.5",
-        "@rollup/rollup-openharmony-arm64": "4.53.5",
-        "@rollup/rollup-win32-arm64-msvc": "4.53.5",
-        "@rollup/rollup-win32-ia32-msvc": "4.53.5",
-        "@rollup/rollup-win32-x64-gnu": "4.53.5",
-        "@rollup/rollup-win32-x64-msvc": "4.53.5",
+        "@rollup/rollup-android-arm-eabi": "4.59.0",
+        "@rollup/rollup-android-arm64": "4.59.0",
+        "@rollup/rollup-darwin-arm64": "4.59.0",
+        "@rollup/rollup-darwin-x64": "4.59.0",
+        "@rollup/rollup-freebsd-arm64": "4.59.0",
+        "@rollup/rollup-freebsd-x64": "4.59.0",
+        "@rollup/rollup-linux-arm-gnueabihf": "4.59.0",
+        "@rollup/rollup-linux-arm-musleabihf": "4.59.0",
+        "@rollup/rollup-linux-arm64-gnu": "4.59.0",
+        "@rollup/rollup-linux-arm64-musl": "4.59.0",
+        "@rollup/rollup-linux-loong64-gnu": "4.59.0",
+        "@rollup/rollup-linux-loong64-musl": "4.59.0",
+        "@rollup/rollup-linux-ppc64-gnu": "4.59.0",
+        "@rollup/rollup-linux-ppc64-musl": "4.59.0",
+        "@rollup/rollup-linux-riscv64-gnu": "4.59.0",
+        "@rollup/rollup-linux-riscv64-musl": "4.59.0",
+        "@rollup/rollup-linux-s390x-gnu": "4.59.0",
+        "@rollup/rollup-linux-x64-gnu": "4.59.0",
+        "@rollup/rollup-linux-x64-musl": "4.59.0",
+        "@rollup/rollup-openbsd-x64": "4.59.0",
+        "@rollup/rollup-openharmony-arm64": "4.59.0",
+        "@rollup/rollup-win32-arm64-msvc": "4.59.0",
+        "@rollup/rollup-win32-ia32-msvc": "4.59.0",
+        "@rollup/rollup-win32-x64-gnu": "4.59.0",
+        "@rollup/rollup-win32-x64-msvc": "4.59.0",
         "fsevents": "~2.3.2"
       }
     },
@@ -3111,9 +3148,9 @@
       }
     },
     "node_modules/scheduler": {
-      "version": "0.23.2",
-      "resolved": "https://registry.npmjs.org/scheduler/-/scheduler-0.23.2.tgz",
-      "integrity": "sha512-UOShsPwz7NrMUqhR6t0hWjFduvOzbtv7toDH1/hIrfRNIDBnnBWd0CwJTGvTpngVlmwGCdP9/Zl/tVrDqcuYzQ==",
+      "version": "0.27.0",
+      "resolved": "https://registry.npmjs.org/scheduler/-/scheduler-0.27.0.tgz",
+      "integrity": "sha512-eNv+WrVbKu1f3vbYJT/xtiF5syA5HPIMtf9IgY/nKg0sWqzAUEvqY/xm7OcZc/qafLx/iO9FgOmeSAp4v5ti/Q==",
       "license": "MIT",
       "dependencies": {
         "loose-envify": "^1.1.0"

frontend/package.json

@@ -1,7 +1,7 @@
 {
   "name": "medassist-ng-frontend",
   "private": true,
-  "version": "1.16.1",
+  "version": "1.17.0",
   "type": "module",
   "scripts": {
     "dev": "vite",
@@ -30,8 +30,8 @@
     "i18next": "^25.8.13",
     "i18next-browser-languagedetector": "^8.2.1",
     "lucide-react": "^0.575.0",
-    "react": "^18.3.1",
-    "react-dom": "^18.3.1",
+    "react": "^19.2.0",
+    "react-dom": "^19.2.0",
     "react-i18next": "^15.4.1",
     "react-router-dom": "^7.13.1",
     "zod": "^4.3.6"
@@ -43,8 +43,8 @@
     "@testing-library/react": "^16.3.2",
     "@testing-library/user-event": "^14.6.1",
     "@types/node": "^25.3.0",
-    "@types/react": "^18.3.4",
-    "@types/react-dom": "^18.3.0",
+    "@types/react": "^19.2.2",
+    "@types/react-dom": "^19.2.2",
     "@types/react-router-dom": "^5.3.3",
     "@vitejs/plugin-react": "^5.1.4",
     "@vitest/coverage-v8": "^4.0.18",

frontend/src/components/AboutModal.tsx

@@ -1,7 +1,6 @@
 import { useEffect, useState } from "react";
 import { useTranslation } from "react-i18next";
 import { FRONTEND_VERSION, GITHUB_URL } from "../App";
-import { useEscapeKey } from "../hooks/useEscapeKey";
 
 interface UpdateCheckResult {
 	status: "up-to-date" | "update-available" | "error";
@@ -18,7 +17,7 @@ export default function AboutModal({ isOpen, onClose }: AboutModalProps) {
 	const [isChecking, setIsChecking] = useState(false);
 	const [updateCheckResult, setUpdateCheckResult] = useState<UpdateCheckResult | null>(null);
 
-	useEscapeKey(isOpen, onClose);
+	// ESC is handled by the global handler in App.tsx to avoid double history.back()
 
 	// Reset check result when modal opens so stale results are never shown
 	useEffect(() => {

frontend/src/components/Auth.tsx

@@ -20,7 +20,7 @@ export interface User {
 export interface AuthState {
 	authEnabled: boolean;
 	registrationEnabled: boolean;
-	localAuthEnabled: boolean;
+	formLoginEnabled: boolean;
 	oidcEnabled: boolean;
 	oidcProviderName: string;
 	hasUsers: boolean;
@@ -425,7 +425,7 @@ export function LoginForm({
 							</svg>
 							{t("auth.loginWithSSO", "Login with {{provider}}", { provider: authState.oidcProviderName || "SSO" })}
 						</button>
-						{authState?.localAuthEnabled && (
+						{authState?.formLoginEnabled && (
 							<div className="auth-divider">
 								<span>{t("auth.or", "or")}</span>
 							</div>
@@ -433,8 +433,8 @@ export function LoginForm({
 					</div>
 				)}
 
-				{/* Local Login Form - only show if local auth is enabled */}
-				{authState?.localAuthEnabled && (
+				{/* Local login form: only show if form login is enabled */}
+				{authState?.formLoginEnabled && (
 					<form onSubmit={handleSubmit} className="auth-form">
 						{error && <div className="auth-error">{error}</div>}
 
@@ -474,7 +474,7 @@ export function LoginForm({
 					</form>
 				)}
 
-				{authState?.registrationEnabled && authState?.localAuthEnabled && onSwitchToRegister && (
+				{authState?.registrationEnabled && authState?.formLoginEnabled && onSwitchToRegister && (
 					<div className="auth-links">
 						<button type="button" className="auth-link-btn" onClick={onSwitchToRegister}>
 							{t("auth.createAccount", "Create account")}
@@ -540,7 +540,7 @@ export function RegisterForm({ onSuccess, onSwitchToLogin }: { onSuccess?: () =>
 							</svg>
 							{t("auth.loginWithSSO", "Login with {{provider}}", { provider: authState.oidcProviderName || "SSO" })}
 						</button>
-						{authState?.localAuthEnabled && (
+						{authState?.formLoginEnabled && (
 							<div className="auth-divider">
 								<span>{t("auth.or", "or")}</span>
 							</div>
@@ -549,7 +549,7 @@ export function RegisterForm({ onSuccess, onSwitchToLogin }: { onSuccess?: () =>
 				)}
 
 				{/* Local Registration Form - only show if local auth is enabled */}
-				{authState?.localAuthEnabled && (
+				{authState?.formLoginEnabled && (
 					<form onSubmit={handleSubmit} className="auth-form">
 						{error && <div className="auth-error">{error}</div>}
 

frontend/src/components/MedicationAvatar.tsx

@@ -2,7 +2,7 @@
 // MedicationAvatar Component
 // =============================================================================
 
-import { useEffect, useState } from "react";
+import { useEffect, useRef, useState } from "react";
 
 export type MedicationAvatarProps = {
 	name: string;
@@ -12,8 +12,11 @@ export type MedicationAvatarProps = {
 
 export function MedicationAvatar({ name, imageUrl, size = "sm" }: MedicationAvatarProps) {
 	const [thumbFailed, setThumbFailed] = useState(false);
+	const previousImageUrlRef = useRef(imageUrl);
 
 	useEffect(() => {
+		if (previousImageUrlRef.current === imageUrl) return;
+		previousImageUrlRef.current = imageUrl;
 		setThumbFailed(false);
 	}, [imageUrl]);
 

frontend/src/components/MobileEditModal.tsx

@@ -96,9 +96,9 @@ export function MobileEditModal({
 	onAddTakenByPerson,
 	onRemoveTakenByPerson,
 	onTakenByKeyDown,
-	_onSetBlisterValue,
-	_onAddBlister,
-	_onRemoveBlister,
+	onSetBlisterValue: _onSetBlisterValue,
+	onAddBlister: _onAddBlister,
+	onRemoveBlister: _onRemoveBlister,
 	onSetIntakeValue,
 	onAddIntake,
 	onRemoveIntake,
@@ -108,7 +108,7 @@ export function MobileEditModal({
 	onDeleteMedImage,
 	imageUploadError,
 	onClose,
-	_onResetForm,
+	onResetForm: _onResetForm,
 	onSaveMedication,
 }: MobileEditModalProps) {
 	const { t } = useTranslation();
@@ -402,7 +402,7 @@ export function MobileEditModal({
 											<select
 												className="package-type-select"
 												value={form.packageType}
-												onChange={(e) => onHandleValueChange("packageType", e.target.value)}
+												onChange={(e) => onHandleValueChange("packageType", e.target.value as FormState["packageType"])}
 											>
 												<option value="blister">{t("form.packageTypeBlister")}</option>
 												<option value="bottle">{t("form.packageTypeBottle")}</option>

frontend/src/components/ProfileModal.tsx

@@ -1,4 +1,3 @@
-import { useEscapeKey } from "../hooks/useEscapeKey";
 import { UserProfile } from "./Auth";
 
 interface ProfileModalProps {
@@ -7,7 +6,7 @@ interface ProfileModalProps {
 }
 
 export default function ProfileModal({ isOpen, onClose }: ProfileModalProps) {
-	useEscapeKey(isOpen, onClose);
+	// ESC is handled by the global handler in App.tsx to avoid double history.back()
 
 	if (!isOpen) return null;
 

frontend/src/components/ShareDialog.tsx

@@ -5,7 +5,6 @@
 
 import { Check, Copy, Link2, X } from "lucide-react";
 import { useTranslation } from "react-i18next";
-import { useEscapeKey } from "../hooks/useEscapeKey";
 
 export interface ShareDialogProps {
 	show: boolean;
@@ -44,7 +43,7 @@ export function ShareDialog({
 	const closeLabel = t("common.close");
 	const copyLabel = shareCopied ? t("share.copied") : t("share.copyLink");
 
-	useEscapeKey(show, onClose);
+	// ESC is handled by the global handler in App.tsx to avoid double history.back()
 
 	if (!show) return null;
 

frontend/src/components/SharedSchedule.tsx

@@ -21,11 +21,11 @@ import { MedicationAvatar } from "./MedicationAvatar";
 function getStockStatus(
 	daysLeft: number | null,
 	medsLeft: number,
-	thresholds: { lowStockDays: number; normalStockDays: number; highStockDays: number; reminderDaysBefore: number }
+	thresholds: { lowStockDays: number; normalStockDays: number; highStockDays: number; criticalStockDays: number }
 ) {
 	if (medsLeft <= 0 || daysLeft === 0) return { className: "danger", label: "status.outOfStock" };
 	if (daysLeft === null) return { className: "success", label: "status.noSchedule" };
-	if (daysLeft <= thresholds.reminderDaysBefore) return { className: "danger", label: "status.criticalStock" };
+	if (daysLeft <= thresholds.criticalStockDays) return { className: "danger", label: "status.criticalStock" };
 	if (daysLeft < thresholds.lowStockDays) return { className: "warning", label: "status.lowStock" };
 	if (daysLeft >= thresholds.highStockDays) return { className: "high", label: "status.highStock" };
 	return { className: "success", label: "status.normal" };

frontend/src/context/AppContext.tsx

@@ -665,7 +665,18 @@ export function AppProvider({ children }: { children: React.ReactNode }) {
 
 			// Get the response text first to handle non-JSON responses
 			const text = await res.text();
-			let data: { error?: string; message?: string; imported?: number } = {};
+			let data: {
+				error?: string;
+				message?: string;
+				imported?:
+					| {
+							medications?: number;
+							doseHistory?: number;
+							refillHistory?: number;
+							shareLinks?: number;
+					  }
+					| number;
+			} = {};
 			try {
 				data = text ? JSON.parse(text) : {};
 			} catch {
@@ -680,11 +691,12 @@ export function AppProvider({ children }: { children: React.ReactNode }) {
 			}
 
 			// Show success message in UI instead of browser alert
+			const importedCounts = typeof data.imported === "object" && data.imported !== null ? data.imported : null;
 			setImportResult({
-				medications: data.imported?.medications || 0,
-				doses: data.imported?.doseHistory || 0,
-				refills: data.imported?.refillHistory || 0,
-				shares: data.imported?.shareLinks || 0,
+				medications: importedCounts?.medications || 0,
+				doses: importedCounts?.doseHistory || 0,
+				refills: importedCounts?.refillHistory || 0,
+				shares: importedCounts?.shareLinks || 0,
 			});
 
 			// Reload all data

frontend/src/pages/DashboardPage.tsx

@@ -6,7 +6,7 @@ import { ConfirmModal, MedicationAvatar } from "../components";
 import { useAuth } from "../components/Auth";
 import { useAppContext } from "../context";
 import { useModalHistory } from "../hooks";
-import { getMedDisplayName } from "../types";
+import { type Coverage, getMedDisplayName } from "../types";
 import { formatNumber, getExpiryClass, getSystemLocale } from "../utils/formatters";
 import { expandDoseIds, getStockStatus, isDoseDismissed } from "../utils/schedule";
 import {

frontend/src/pages/MedicationsPage.tsx

@@ -719,6 +719,7 @@ export function MedicationsPage() {
 				setReadOnlyView(true);
 				startEdit(med, openEditModal);
 				setViewMode("form");
+				scrollToTopForDesktopEdit();
 			};
 			setUnsavedConfirmSource(showEditModal ? "mobile-edit" : "desktop-form");
 			setShowUnsavedConfirm(true);
@@ -729,6 +730,7 @@ export function MedicationsPage() {
 		setActiveTab("general");
 		startEdit(med, openEditModal);
 		setViewMode("form");
+		scrollToTopForDesktopEdit();
 	}
 
 	function handleNewEntryClick() {
@@ -792,6 +794,7 @@ export function MedicationsPage() {
 		setActiveTab("general");
 		startEdit(medicationToEdit, openEditModal);
 		setViewMode("form");
+		scrollToTopForDesktopEdit();
 		setPendingEditTransition(false);
 		window.dispatchEvent(new Event("medassist:edit-transition-ready"));
 

frontend/src/pages/dashboard-helpers.ts

@@ -1,4 +1,4 @@
-import type { Coverage } from "../types";
+import type { Coverage, PackageType } from "../types";
 import { getMedTotal as getMedTotalFromTypes } from "../types";
 import { splitCurrentBlisterStock } from "../utils/stock";
 
@@ -43,9 +43,12 @@ export function getMedTotal(med: {
 	pillsPerBlister: number;
 	looseTablets: number;
 	stockAdjustment?: number | null;
-	packageType?: string;
+	packageType?: PackageType;
 }): number {
-	return getMedTotalFromTypes(med);
+	return getMedTotalFromTypes({
+		...med,
+		stockAdjustment: med.stockAdjustment ?? undefined,
+	});
 }
 
 export function getReminderStatusData(

frontend/src/test/components/AppHeader.test.tsx

@@ -36,7 +36,7 @@ describe("AppHeader", () => {
 				json: () =>
 					Promise.resolve({
 						authEnabled: false,
-						localAuthEnabled: true,
+						formLoginEnabled: true,
 						hasUsers: false,
 						needsSetup: false,
 					}),
@@ -171,7 +171,7 @@ describe("AppHeader", () => {
 				json: () =>
 					Promise.resolve({
 						authEnabled: false,
-						localAuthEnabled: true,
+						formLoginEnabled: true,
 						hasUsers: false,
 						needsSetup: false,
 					}),
@@ -205,7 +205,7 @@ describe("AppHeader", () => {
 				json: () =>
 					Promise.resolve({
 						authEnabled: false,
-						localAuthEnabled: true,
+						formLoginEnabled: true,
 						hasUsers: false,
 						needsSetup: false,
 					}),
@@ -239,7 +239,7 @@ describe("AppHeader", () => {
 				json: () =>
 					Promise.resolve({
 						authEnabled: false,
-						localAuthEnabled: true,
+						formLoginEnabled: true,
 						hasUsers: false,
 						needsSetup: false,
 					}),
@@ -322,7 +322,7 @@ describe("AppHeader", () => {
 					Promise.resolve({
 						authEnabled: true,
 						registrationEnabled: true,
-						localAuthEnabled: true,
+						formLoginEnabled: true,
 						oidcEnabled: false,
 						oidcProviderName: "",
 						hasUsers: true,

frontend/src/test/components/Auth.test.tsx

@@ -11,7 +11,7 @@ describe("AuthProvider", () => {
 		vi.resetAllMocks();
 		(global.fetch as ReturnType<typeof vi.fn>).mockResolvedValue({
 			ok: true,
-			json: () => Promise.resolve({ authEnabled: true, localAuthEnabled: true }),
+			json: () => Promise.resolve({ authEnabled: true, formLoginEnabled: true }),
 		});
 	});
 
@@ -79,7 +79,7 @@ describe("AuthProvider", () => {
 		(global.fetch as ReturnType<typeof vi.fn>)
 			.mockResolvedValueOnce({
 				ok: true,
-				json: () => Promise.resolve({ authEnabled: false, localAuthEnabled: true }),
+				json: () => Promise.resolve({ authEnabled: false, formLoginEnabled: true }),
 			})
 			.mockResolvedValueOnce({ ok: false, status: 401 })
 			.mockResolvedValueOnce({ ok: true, status: 200 })
@@ -116,7 +116,7 @@ describe("AuthProvider", () => {
 		(global.fetch as ReturnType<typeof vi.fn>)
 			.mockResolvedValueOnce({
 				ok: true,
-				json: () => Promise.resolve({ authEnabled: true, localAuthEnabled: true }),
+				json: () => Promise.resolve({ authEnabled: true, formLoginEnabled: true }),
 			})
 			.mockResolvedValueOnce({ ok: true, status: 200, json: () => Promise.resolve({ id: 1, username: "tester" }) })
 			.mockResolvedValueOnce({ ok: false, status: 401 })
@@ -141,7 +141,7 @@ describe("AuthProvider", () => {
 		(global.fetch as ReturnType<typeof vi.fn>)
 			.mockResolvedValueOnce({
 				ok: true,
-				json: () => Promise.resolve({ authEnabled: true, localAuthEnabled: true }),
+				json: () => Promise.resolve({ authEnabled: true, formLoginEnabled: true }),
 			})
 			.mockResolvedValueOnce({ ok: true, json: () => Promise.resolve({ id: 1, username: "timer-user" }) })
 			.mockResolvedValueOnce({ ok: true, status: 200 });
@@ -167,7 +167,7 @@ describe("AuthProvider", () => {
 describe("LoginForm", () => {
 	const mockAuthState = {
 		authEnabled: true,
-		localAuthEnabled: true,
+		formLoginEnabled: true,
 		oidcEnabled: false,
 		registrationEnabled: true,
 		hasUsers: true,
@@ -281,7 +281,7 @@ describe("LoginForm", () => {
 				json: () =>
 					Promise.resolve({
 						authEnabled: false,
-						localAuthEnabled: true,
+						formLoginEnabled: true,
 						oidcEnabled: false,
 						registrationEnabled: true,
 						hasUsers: true,
@@ -317,7 +317,7 @@ describe("LoginForm", () => {
 describe("RegisterForm", () => {
 	const mockAuthState = {
 		authEnabled: true,
-		localAuthEnabled: true,
+		formLoginEnabled: true,
 		oidcEnabled: false,
 		registrationEnabled: true,
 		hasUsers: false,
@@ -404,7 +404,7 @@ describe("RegisterForm", () => {
 			json: () =>
 				Promise.resolve({
 					authEnabled: true,
-					localAuthEnabled: true,
+					formLoginEnabled: true,
 					oidcEnabled: false,
 					registrationEnabled: true,
 					hasUsers: false,
@@ -439,7 +439,7 @@ describe("RegisterForm", () => {
 describe("AuthPage", () => {
 	const mockAuthState = {
 		authEnabled: true,
-		localAuthEnabled: true,
+		formLoginEnabled: true,
 		oidcEnabled: false,
 		registrationEnabled: true,
 		hasUsers: true,
@@ -504,7 +504,7 @@ describe("UserProfile", () => {
 		(global.fetch as ReturnType<typeof vi.fn>)
 			.mockResolvedValueOnce({
 				ok: true,
-				json: () => Promise.resolve({ authEnabled: true, localAuthEnabled: true }),
+				json: () => Promise.resolve({ authEnabled: true, formLoginEnabled: true }),
 			})
 			.mockResolvedValueOnce({
 				ok: true,
@@ -724,7 +724,7 @@ describe("AuthProvider methods", () => {
 	it("refreshUser retries after token refresh on 401", async () => {
 		vi.clearAllMocks();
 		(global.fetch as ReturnType<typeof vi.fn>)
-			.mockResolvedValueOnce({ ok: true, json: () => Promise.resolve({ authEnabled: false, localAuthEnabled: true }) })
+			.mockResolvedValueOnce({ ok: true, json: () => Promise.resolve({ authEnabled: false, formLoginEnabled: true }) })
 			.mockResolvedValueOnce({ ok: false, status: 401 })
 			.mockResolvedValueOnce({ ok: true })
 			.mockResolvedValueOnce({ ok: true, json: () => Promise.resolve({ id: 1, username: "refreshed-user" }) });

frontend/src/test/components/Lightbox.test.tsx

@@ -1,5 +1,5 @@
 import { fireEvent, render, screen } from "@testing-library/react";
-import { describe, expect, it, vi } from "vitest";
+import { beforeEach, describe, expect, it, vi } from "vitest";
 import { Lightbox } from "../../components/Lightbox";
 
 describe("Lightbox", () => {

frontend/src/test/components/MedDetailModal.test.tsx

@@ -55,6 +55,8 @@ const defaultProps = {
 	onRefillPacksChange: vi.fn(),
 	refillLoose: 0,
 	onRefillLooseChange: vi.fn(),
+	usePrescriptionRefill: false,
+	onUsePrescriptionRefillChange: vi.fn(),
 	refillSaving: false,
 	refillHistory: [] as RefillEntry[],
 	refillHistoryExpanded: false,
@@ -324,7 +326,7 @@ describe("MedDetailModal with refill modal", () => {
 
 		const submitBtn = document.querySelector(".refill-modal .modal-footer .success") as HTMLButtonElement;
 		fireEvent.click(submitBtn);
-		expect(onSubmitRefill).toHaveBeenCalledWith(mockMedication.id, undefined);
+		expect(onSubmitRefill).toHaveBeenCalledWith(mockMedication.id, false);
 	});
 
 	it("disables refill submit button when no pills are entered", () => {
@@ -589,7 +591,7 @@ describe("MedDetailModal with refill history", () => {
 
 	it("shows refill history when expanded", () => {
 		const refillHistory: RefillEntry[] = [
-			{ id: 1, medicationId: 1, timestamp: new Date().toISOString(), packsAdded: 1, looseAdded: 0 },
+			{ id: 1, refillDate: new Date().toISOString(), packsAdded: 1, loosePillsAdded: 0 },
 		];
 
 		render(<MedDetailModal {...defaultProps} refillHistory={refillHistory} refillHistoryExpanded={true} />);
@@ -602,7 +604,7 @@ describe("MedDetailModal with refill history", () => {
 	it("calls onRefillHistoryExpandedChange when toggle clicked", () => {
 		const onRefillHistoryExpandedChange = vi.fn();
 		const refillHistory: RefillEntry[] = [
-			{ id: 1, medicationId: 1, timestamp: new Date().toISOString(), packsAdded: 1, looseAdded: 0 },
+			{ id: 1, refillDate: new Date().toISOString(), packsAdded: 1, loosePillsAdded: 0 },
 		];
 
 		render(

frontend/src/test/components/MobileEditModal.test.tsx

@@ -1,4 +1,5 @@
 import { fireEvent, render, screen } from "@testing-library/react";
+import type { FormEvent } from "react";
 import { beforeEach, describe, expect, it, vi } from "vitest";
 import { MobileEditModal } from "../../components/MobileEditModal";
 import type { FormState } from "../../types";
@@ -78,6 +79,7 @@ const defaultProps = {
 	meds: [],
 	onUploadMedImage: vi.fn(),
 	onDeleteMedImage: vi.fn(),
+	imageUploadError: null,
 	onClose: vi.fn(),
 	onResetForm: vi.fn(),
 	onSaveMedication: vi.fn(),
@@ -383,7 +385,7 @@ describe("MobileEditModal form submission", () => {
 	});
 
 	it("calls onSaveMedication when form submitted", () => {
-		const onSaveMedication = vi.fn((e: Event) => e.preventDefault());
+		const onSaveMedication = vi.fn((e: FormEvent) => e.preventDefault());
 		const validForm = { ...defaultForm, name: "TestMed" };
 
 		render(<MobileEditModal {...defaultProps} form={validForm} onSaveMedication={onSaveMedication} />);

frontend/src/test/components/ProfileModal.test.tsx

@@ -66,27 +66,7 @@ describe("ProfileModal", () => {
 		expect(onClose).not.toHaveBeenCalled();
 	});
 
-	it("calls onClose when Escape is pressed on overlay", () => {
-		const onClose = vi.fn();
-		render(<ProfileModal isOpen={true} onClose={onClose} />);
-
-		const overlay = document.querySelector(".modal-overlay");
-		if (overlay) {
-			fireEvent.keyDown(overlay, { key: "Escape" });
-		}
-
-		expect(onClose).toHaveBeenCalledTimes(1);
-	});
-
-	it("does not close on non-escape keydown", () => {
-		const onClose = vi.fn();
-		render(<ProfileModal isOpen={true} onClose={onClose} />);
-
-		const overlay = document.querySelector(".modal-overlay");
-		if (overlay) {
-			fireEvent.keyDown(overlay, { key: "Enter" });
-		}
-
-		expect(onClose).not.toHaveBeenCalled();
-	});
+	// ESC key handling is tested at the App level — the global handler in
+	// App.tsx manages Escape for all modals, so per-component ESC tests are
+	// not applicable here.
 });

frontend/src/test/components/UserFilterModal.test.tsx

@@ -15,6 +15,7 @@ const mockMedication: Medication = {
 	id: 1,
 	name: "Test Med",
 	genericName: "Generic Name",
+	packageType: "blister",
 	packCount: 1,
 	blistersPerPack: 1,
 	pillsPerBlister: 30,

frontend/src/test/context/AppContext.test.tsx

@@ -51,6 +51,7 @@ const meds: Medication[] = [
 		id: 11,
 		name: "Aspirin",
 		takenBy: ["Max", "Anna"],
+		packageType: "blister",
 		packCount: 1,
 		blistersPerPack: 1,
 		pillsPerBlister: 10,

frontend/src/test/hooks/useMedications.test.ts

@@ -196,7 +196,20 @@ describe("useMedications", () => {
 	it("allows setting meds directly", () => {
 		const { result } = renderHook(() => useMedications());
 
-		const newMeds: Array<Pick<Medication, "id" | "name">> = [{ id: 1, name: "NewMed" }];
+		const newMeds: Medication[] = [
+			{
+				id: 1,
+				name: "NewMed",
+				packageType: "blister",
+				packCount: 1,
+				blistersPerPack: 1,
+				pillsPerBlister: 30,
+				looseTablets: 0,
+				takenBy: [],
+				blisters: [],
+				updatedAt: null,
+			},
+		];
 
 		act(() => {
 			result.current.setMeds(newMeds);

frontend/src/test/hooks/useRefill.test.ts

@@ -184,6 +184,7 @@ describe("useRefill", () => {
 			pillsPerBlister: 10,
 			looseTablets: 5,
 			takenBy: [],
+			packageType: "blister",
 			blisters: [],
 			updatedAt: null,
 		};
@@ -241,6 +242,7 @@ describe("useRefill", () => {
 			pillsPerBlister: 10,
 			looseTablets: 5,
 			takenBy: [],
+			packageType: "blister",
 			blisters: [],
 			updatedAt: null,
 		};
@@ -267,6 +269,7 @@ describe("useRefill", () => {
 			pillsPerBlister: 10,
 			looseTablets: 5,
 			takenBy: [],
+			packageType: "blister",
 			blisters: [],
 			updatedAt: null,
 		};
@@ -300,6 +303,7 @@ describe("useRefill", () => {
 			pillsPerBlister: 10,
 			looseTablets: 5,
 			takenBy: [],
+			packageType: "blister",
 			blisters: [],
 			updatedAt: null,
 		};
@@ -368,7 +372,7 @@ describe("useRefill", () => {
 		// newStockAdjustment = 149 - 150 = -1
 		// → getMedTotal = 150 + (-1) = 149 ✓
 		const fetchCall = (global.fetch as ReturnType<typeof vi.fn>).mock.calls.find(
-			(call: [string, RequestInit]) => call[0] === "/api/medications/4/stock-adjustment"
+			(call) => call[0] === "/api/medications/4/stock-adjustment"
 		);
 		expect(fetchCall).toBeDefined();
 		const body = JSON.parse(fetchCall![1].body as string);
@@ -420,7 +424,7 @@ describe("useRefill", () => {
 		// baseTotal = getPackageSize(blister) = 25
 		// newStockAdjustment = 25 - 25 = 0
 		const fetchCall = (global.fetch as ReturnType<typeof vi.fn>).mock.calls.find(
-			(call: [string, RequestInit]) => call[0] === "/api/medications/2/stock-adjustment"
+			(call) => call[0] === "/api/medications/2/stock-adjustment"
 		);
 		expect(fetchCall).toBeDefined();
 		const body = JSON.parse(fetchCall![1].body as string);
@@ -462,7 +466,7 @@ describe("useRefill", () => {
 		});
 
 		const fetchCall = (global.fetch as ReturnType<typeof vi.fn>).mock.calls.find(
-			(call: [string, RequestInit]) => call[0] === "/api/medications/5/stock-adjustment"
+			(call) => call[0] === "/api/medications/5/stock-adjustment"
 		);
 		expect(fetchCall).toBeDefined();
 		const body = JSON.parse(fetchCall![1].body as string);
@@ -507,7 +511,7 @@ describe("useRefill", () => {
 		});
 
 		const fetchCall = (global.fetch as ReturnType<typeof vi.fn>).mock.calls.find(
-			(call: [string, RequestInit]) => call[0] === "/api/medications/6/stock-adjustment"
+			(call) => call[0] === "/api/medications/6/stock-adjustment"
 		);
 		expect(fetchCall).toBeDefined();
 		const body = JSON.parse(fetchCall![1].body as string);

frontend/src/test/hooks/useSettings.test.ts

@@ -281,13 +281,13 @@ describe("useSettings", () => {
 	it("refreshes reminder status on interval", async () => {
 		let refreshCallback: (() => void) | null = null;
 		const nativeSetInterval = global.setInterval;
-		vi.spyOn(global, "setInterval").mockImplementation((handler: TimerHandler, timeout?: number) => {
+		vi.spyOn(global, "setInterval").mockImplementation(((handler: TimerHandler, timeout?: number) => {
 			if (timeout === 30000) {
 				refreshCallback = handler as () => void;
 				return 1 as unknown as ReturnType<typeof setInterval>;
 			}
 			return nativeSetInterval(handler, timeout);
-		});
+		}) as typeof setInterval);
 
 		(global.fetch as ReturnType<typeof vi.fn>)
 			.mockResolvedValueOnce({ ok: true, json: () => Promise.resolve({}) })

frontend/src/test/hooks/useShare.test.ts

@@ -12,7 +12,7 @@ describe("useShare", () => {
 		vi.useFakeTimers();
 
 		mockAlert = vi.fn();
-		global.alert = mockAlert;
+		global.alert = mockAlert as unknown as typeof global.alert;
 
 		mockClipboard = { writeText: vi.fn().mockResolvedValue(undefined) };
 		Object.defineProperty(navigator, "clipboard", {
@@ -59,6 +59,7 @@ describe("useShare", () => {
 				id: 1,
 				name: "Med1",
 				takenBy: ["Alice", "Bob"],
+				packageType: "blister",
 				packCount: 1,
 				blistersPerPack: 1,
 				pillsPerBlister: 10,
@@ -70,6 +71,7 @@ describe("useShare", () => {
 				id: 2,
 				name: "Med2",
 				takenBy: ["Bob", "Charlie"],
+				packageType: "blister",
 				packCount: 1,
 				blistersPerPack: 1,
 				pillsPerBlister: 10,
@@ -103,6 +105,7 @@ describe("useShare", () => {
 				id: 1,
 				name: "Med1",
 				takenBy: ["Alice"],
+				packageType: "blister",
 				packCount: 1,
 				blistersPerPack: 1,
 				pillsPerBlister: 10,
@@ -128,6 +131,7 @@ describe("useShare", () => {
 				id: 1,
 				name: "Med1",
 				takenBy: ["Alice"],
+				packageType: "blister",
 				packCount: 1,
 				blistersPerPack: 1,
 				pillsPerBlister: 10,
@@ -168,6 +172,7 @@ describe("useShare", () => {
 				id: 1,
 				name: "Med1",
 				takenBy: ["Alice"],
+				packageType: "blister",
 				packCount: 1,
 				blistersPerPack: 1,
 				pillsPerBlister: 10,
@@ -199,6 +204,7 @@ describe("useShare", () => {
 				id: 1,
 				name: "Med1",
 				takenBy: ["Alice"],
+				packageType: "blister",
 				packCount: 1,
 				blistersPerPack: 1,
 				pillsPerBlister: 10,
@@ -270,6 +276,7 @@ describe("useShare", () => {
 				id: 1,
 				name: "Med1",
 				takenBy: ["Alice"],
+				packageType: "blister",
 				packCount: 1,
 				blistersPerPack: 1,
 				pillsPerBlister: 10,
@@ -308,6 +315,7 @@ describe("useShare", () => {
 				id: 1,
 				name: "Med1",
 				takenBy: ["Alice"],
+				packageType: "blister",
 				packCount: 1,
 				blistersPerPack: 1,
 				pillsPerBlister: 10,

frontend/src/test/setup.ts

@@ -1,5 +1,5 @@
 import "@testing-library/jest-dom";
-import { vi } from "vitest";
+import { beforeEach, vi } from "vitest";
 
 // Mock fetch globally
 global.fetch = vi.fn();

frontend/src/test/utils/formatters.test.ts

@@ -190,6 +190,7 @@ describe("getBlisterStock", () => {
 		const med: Medication = {
 			id: 1,
 			name: "Test Med",
+			packageType: "blister",
 			packCount: 1,
 			blistersPerPack: 2,
 			pillsPerBlister: 10,
@@ -209,6 +210,7 @@ describe("getBlisterStock", () => {
 		const med: Medication = {
 			id: 1,
 			name: "Test Med",
+			packageType: "blister",
 			packCount: 1,
 			blistersPerPack: 1,
 			pillsPerBlister: 10,

frontend/src/test/utils/ics.test.ts

@@ -17,22 +17,22 @@ describe("generateICS", () => {
 		mockRemoveChild = vi.fn();
 		mockClick = vi.fn();
 
-		global.URL.createObjectURL = mockCreateObjectURL;
-		global.URL.revokeObjectURL = mockRevokeObjectURL;
+		global.URL.createObjectURL = mockCreateObjectURL as unknown as typeof URL.createObjectURL;
+		global.URL.revokeObjectURL = mockRevokeObjectURL as unknown as typeof URL.revokeObjectURL;
 
 		vi.spyOn(document.body, "appendChild").mockImplementation((node) => {
-			mockAppendChild(node);
+			(mockAppendChild as unknown as (child: Node) => void)(node);
 			createdLink = node as HTMLAnchorElement;
 			return node;
 		});
-		vi.spyOn(document.body, "removeChild").mockImplementation(mockRemoveChild);
+		vi.spyOn(document.body, "removeChild").mockImplementation(mockRemoveChild as unknown as (child: Node) => Node);
 
 		// Mock createElement to track the created anchor
 		const originalCreateElement = document.createElement.bind(document);
 		vi.spyOn(document, "createElement").mockImplementation((tag) => {
 			const element = originalCreateElement(tag);
 			if (tag === "a") {
-				element.click = mockClick;
+				element.click = mockClick as unknown as () => void;
 			}
 			return element;
 		});
@@ -63,6 +63,7 @@ describe("generateICS", () => {
 		notes: "Take with food",
 		updatedAt: null,
 		...overrides,
+		packageType: overrides?.packageType ?? "blister",
 	});
 
 	it("creates and downloads ICS file", () => {

frontend/src/test/utils/schedule.test.ts

@@ -42,6 +42,7 @@ describe("buildSchedulePreview", () => {
 				pillsPerBlister: 30,
 				looseTablets: 0,
 				takenBy: ["John"],
+				packageType: "blister",
 				blisters: [
 					{
 						usage: 1,
@@ -68,6 +69,7 @@ describe("buildSchedulePreview", () => {
 				pillsPerBlister: 30,
 				looseTablets: 0,
 				takenBy: [],
+				packageType: "blister",
 				blisters: [
 					{
 						usage: 1,
@@ -95,6 +97,7 @@ describe("buildSchedulePreview", () => {
 				pillsPerBlister: 30,
 				looseTablets: 0,
 				takenBy: [],
+				packageType: "blister",
 				blisters: [
 					{
 						usage: 1,
@@ -121,6 +124,7 @@ describe("buildSchedulePreview", () => {
 				pillsPerBlister: 30,
 				looseTablets: 0,
 				takenBy: [],
+				packageType: "blister",
 				blisters: [
 					{
 						usage: 1,
@@ -138,6 +142,7 @@ describe("buildSchedulePreview", () => {
 				pillsPerBlister: 30,
 				looseTablets: 0,
 				takenBy: [],
+				packageType: "blister",
 				blisters: [
 					{
 						usage: 1,
@@ -167,6 +172,7 @@ describe("buildSchedulePreview", () => {
 				pillsPerBlister: 30,
 				looseTablets: 0,
 				takenBy: [],
+				packageType: "blister",
 				blisters: [{ usage: 1, every: 1, start: "2024-03-10T09:00:00" }],
 				updatedAt: null,
 			},
@@ -181,6 +187,7 @@ describe("buildSchedulePreview", () => {
 				pillsPerBlister: 30,
 				looseTablets: 0,
 				takenBy: [],
+				packageType: "blister",
 				blisters: [{ usage: 1, every: 1, start: "2024-03-10T21:00:00" }],
 				updatedAt: new Date("2024-03-15T10:00:00Z").toISOString(),
 			},
@@ -208,6 +215,7 @@ describe("buildSchedulePreview", () => {
 				pillsPerBlister: 30,
 				looseTablets: 0,
 				takenBy: [],
+				packageType: "blister",
 				blisters: [{ usage: 1, every: 1, start: "2024-03-14T15:30:00" }],
 				updatedAt: null,
 			},
@@ -249,6 +257,7 @@ describe("calculateCoverage", () => {
 				pillsPerBlister: 30,
 				looseTablets: 0,
 				takenBy: [],
+				packageType: "blister",
 				blisters: [
 					{
 						usage: 1,
@@ -260,7 +269,7 @@ describe("calculateCoverage", () => {
 			},
 		];
 
-		const events = [{ medName: "TestMed", when: Date.now() }];
+		const events = [{ medName: "TestMed", when: Date.now(), id: "test-dose-id" }];
 		const result = calculateCoverage(meds, events, "en", 7, "automatic", new Set());
 
 		expect(result.all).toHaveLength(1);
@@ -278,6 +287,7 @@ describe("calculateCoverage", () => {
 				pillsPerBlister: 30,
 				looseTablets: 0,
 				takenBy: [],
+				packageType: "blister",
 				blisters: [],
 				updatedAt: null,
 			},
@@ -301,6 +311,7 @@ describe("calculateCoverage", () => {
 				pillsPerBlister: 30,
 				looseTablets: 0,
 				takenBy: [],
+				packageType: "blister",
 				blisters: [], // Empty blisters — intakes should be used instead
 				intakes: [
 					{
@@ -334,6 +345,7 @@ describe("calculateCoverage", () => {
 				pillsPerBlister: 60,
 				looseTablets: 0,
 				takenBy: ["Alice", "Bob"],
+				packageType: "blister",
 				blisters: [],
 				intakes: [
 					{
@@ -377,6 +389,7 @@ describe("calculateCoverage", () => {
 				pillsPerBlister: 30,
 				looseTablets: 0,
 				takenBy: [],
+				packageType: "blister",
 				blisters: [
 					{
 						usage: 1,
@@ -406,6 +419,7 @@ describe("calculateCoverage", () => {
 				pillsPerBlister: 30,
 				looseTablets: 5,
 				takenBy: [],
+				packageType: "blister",
 				blisters: [
 					{
 						usage: 1,
@@ -431,6 +445,7 @@ describe("calculateCoverage", () => {
 				pillsPerBlister: 30,
 				looseTablets: 0,
 				takenBy: [],
+				packageType: "blister",
 				blisters: [
 					{
 						usage: 1,
@@ -458,6 +473,7 @@ describe("calculateCoverage", () => {
 				pillsPerBlister: 30,
 				looseTablets: 0,
 				takenBy: ["Alice", "Bob"],
+				packageType: "blister",
 				blisters: [
 					{
 						usage: 1,
@@ -495,6 +511,7 @@ describe("calculateCoverage", () => {
 				stockAdjustment: -83, // 196 - 83 = 113 pills
 				lastStockCorrectionAt: correctionTime.toISOString(),
 				takenBy: [],
+				packageType: "blister",
 				blisters: [
 					{
 						usage: 1,
@@ -533,6 +550,7 @@ describe("calculateCoverage", () => {
 				stockAdjustment: -7, // 30 - 7 = 23 pills
 				lastStockCorrectionAt: correctionTime.toISOString(),
 				takenBy: [],
+				packageType: "blister",
 				blisters: [
 					{
 						usage: 1,
@@ -576,6 +594,7 @@ describe("calculateCoverage", () => {
 				stockAdjustment: -7, // 30 - 7 = 23 pills
 				lastStockCorrectionAt: correctionTime.toISOString(),
 				takenBy: [],
+				packageType: "blister",
 				blisters: [
 					{
 						usage: 1,
@@ -615,6 +634,7 @@ describe("calculateCoverage", () => {
 				stockAdjustment: -5, // 30 - 5 = 25 pills
 				lastStockCorrectionAt: correctionTime.toISOString(),
 				takenBy: [],
+				packageType: "blister",
 				blisters: [
 					{
 						usage: 1,
@@ -652,6 +672,7 @@ describe("calculateCoverage", () => {
 				stockAdjustment: -5,
 				lastStockCorrectionAt: correctionTime.toISOString(),
 				takenBy: [],
+				packageType: "blister",
 				blisters: [
 					{
 						usage: 1,
@@ -685,6 +706,7 @@ describe("calculateCoverage", () => {
 				pillsPerBlister: 30,
 				looseTablets: 0,
 				takenBy: [],
+				packageType: "blister",
 				blisters: [
 					{
 						usage: 1,
@@ -727,6 +749,7 @@ describe("calculateCoverage", () => {
 				pillsPerBlister: 30,
 				looseTablets: 0,
 				takenBy: [],
+				packageType: "blister",
 				blisters: [
 					{
 						usage: 1,
@@ -766,6 +789,7 @@ describe("calculateCoverage", () => {
 				pillsPerBlister: 30,
 				looseTablets: 0,
 				takenBy: [],
+				packageType: "blister",
 				blisters: [
 					{
 						usage: 1,
@@ -808,6 +832,7 @@ describe("calculateCoverage", () => {
 				stockAdjustment: -85, // 196 - 85 = 111 pills
 				lastStockCorrectionAt: correctionTime.toISOString(),
 				takenBy: [],
+				packageType: "blister",
 				blisters: [
 					{
 						usage: 1,
@@ -848,6 +873,7 @@ describe("calculateCoverage", () => {
 				stockAdjustment: -85, // 196 - 85 = 111 pills
 				lastStockCorrectionAt: correctionTime.toISOString(),
 				takenBy: [],
+				packageType: "blister",
 				blisters: [
 					{
 						usage: 1,
@@ -888,6 +914,7 @@ describe("calculateCoverage", () => {
 				stockAdjustment: -7, // 30 - 7 = 23 pills
 				lastStockCorrectionAt: correctionTime.toISOString(),
 				takenBy: [],
+				packageType: "blister",
 				blisters: [
 					{
 						usage: 1,
@@ -926,6 +953,7 @@ describe("calculateCoverage", () => {
 				pillsPerBlister: 30,
 				looseTablets: 0,
 				takenBy: [],
+				packageType: "blister",
 				blisters: [
 					{
 						usage: 1,
@@ -971,6 +999,7 @@ describe("calculateCoverage", () => {
 				stockAdjustment: -85, // 196 - 85 = 111
 				lastStockCorrectionAt: correctionTime.toISOString(),
 				takenBy: [],
+				packageType: "blister",
 				blisters: [{ usage: 1, every: 1, start: "2024-01-01T08:00:00" }],
 				updatedAt: correctionTime.toISOString(),
 			},
@@ -984,6 +1013,7 @@ describe("calculateCoverage", () => {
 				stockAdjustment: -10, // 30 - 10 = 20
 				lastStockCorrectionAt: correctionTime.toISOString(),
 				takenBy: [],
+				packageType: "blister",
 				blisters: [{ usage: 1, every: 1, start: "2024-01-01T09:00:00" }],
 				updatedAt: correctionTime.toISOString(),
 			},
@@ -997,6 +1027,7 @@ describe("calculateCoverage", () => {
 				stockAdjustment: -2, // 10 - 2 = 8
 				lastStockCorrectionAt: correctionTime.toISOString(),
 				takenBy: [],
+				packageType: "blister",
 				blisters: [{ usage: 1, every: 7, start: "2024-01-05T10:00:00" }],
 				updatedAt: correctionTime.toISOString(),
 			},
@@ -1040,6 +1071,7 @@ describe("calculateCoverage", () => {
 				pillsPerBlister: 30,
 				looseTablets: 0,
 				takenBy: ["Daniel"],
+				packageType: "blister",
 				blisters: [
 					{
 						usage: 1,
@@ -1083,6 +1115,7 @@ describe("calculateCoverage", () => {
 				pillsPerBlister: 30,
 				looseTablets: 0,
 				takenBy: ["Daniel"],
+				packageType: "blister",
 				blisters: [
 					{
 						usage: 1,
@@ -1114,8 +1147,10 @@ describe("calculateCoverage", () => {
 describe("getStockStatus", () => {
 	const thresholds: StockThresholds = {
 		lowStockDays: 30,
+		criticalStockDays: 7,
 		normalStockDays: 90,
 		highStockDays: 180,
+		expiryWarningDays: 30,
 	};
 
 	it("returns out-of-stock when medsLeft is 0", () => {
@@ -1160,6 +1195,7 @@ describe("getStockStatus", () => {
 			criticalStockDays: 7,
 			normalStockDays: 90,
 			highStockDays: 180,
+			expiryWarningDays: 30,
 		};
 
 		const result = getStockStatus(5, 10, thresholdsWithCritical);
@@ -1603,6 +1639,7 @@ describe("dose tracking survives medication edits (regression)", () => {
 				pillsPerBlister: 30,
 				looseTablets: 0,
 				takenBy: [],
+				packageType: "blister",
 				blisters: [{ usage: 1, every: 1, start: "2024-03-10T09:00:00" }],
 				updatedAt: null,
 			},
@@ -1636,6 +1673,7 @@ describe("dose tracking survives medication edits (regression)", () => {
 				pillsPerBlister: 30,
 				looseTablets: 0,
 				takenBy: [],
+				packageType: "blister",
 				blisters: [{ usage: 1, every: 1, start: "2024-03-10T21:00:00" }],
 				updatedAt: new Date("2024-03-15T10:00:00Z").toISOString(),
 			},
@@ -1667,6 +1705,7 @@ describe("dose tracking survives medication edits (regression)", () => {
 				pillsPerBlister: 30,
 				looseTablets: 0,
 				takenBy: [],
+				packageType: "blister",
 				blisters: [{ usage: 1, every: 1, start: "2024-03-10T09:00:00" }],
 				updatedAt: new Date("2024-03-15T10:00:00Z").toISOString(), // Just edited!
 			},
@@ -1694,6 +1733,7 @@ describe("dose tracking survives medication edits (regression)", () => {
 				pillsPerBlister: 30,
 				looseTablets: 0,
 				takenBy: [],
+				packageType: "blister",
 				blisters: [{ usage: 1, every: 1, start: "2024-03-15T09:00:00" }],
 				updatedAt: null,
 			},
@@ -1724,6 +1764,7 @@ describe("dose tracking survives medication edits (regression)", () => {
 				pillsPerBlister: 30,
 				looseTablets: 0,
 				takenBy: [],
+				packageType: "blister",
 				blisters: [{ usage: 1, every: 1, start: "2024-03-10T09:00:00" }],
 				updatedAt: new Date("2024-03-15T10:00:00Z").toISOString(),
 				dismissedUntil: "2024-03-14", // Dismissed through yesterday
@@ -1751,6 +1792,7 @@ describe("dose tracking survives medication edits (regression)", () => {
 				pillsPerBlister: 30,
 				looseTablets: 0,
 				takenBy: [],
+				packageType: "blister",
 				blisters: [{ usage: 1, every: 1, start: "2024-03-10T09:00:00" }],
 				updatedAt: new Date("2024-03-15T10:00:00Z").toISOString(), // Just edited!
 			},
@@ -1762,6 +1804,7 @@ describe("dose tracking survives medication edits (regression)", () => {
 				pillsPerBlister: 30,
 				looseTablets: 0,
 				takenBy: [],
+				packageType: "blister",
 				blisters: [{ usage: 1, every: 1, start: "2024-03-10T08:00:00" }],
 				updatedAt: null,
 			},
@@ -1799,6 +1842,7 @@ describe("dose tracking survives medication edits (regression)", () => {
 				pillsPerBlister: 30,
 				looseTablets: 0,
 				takenBy: ["Alice", "Bob"],
+				packageType: "blister",
 				blisters: [],
 				intakes: [
 					{ usage: 1, every: 1, start: "2024-03-10T09:00:00", takenBy: "Alice", intakeRemindersEnabled: false },
@@ -1836,6 +1880,7 @@ describe("dose tracking survives medication edits (regression)", () => {
 				pillsPerBlister: 30,
 				looseTablets: 0,
 				takenBy: ["Alice", "Bob"],
+				packageType: "blister",
 				blisters: [],
 				intakes: [
 					{ usage: 1, every: 1, start: "2024-03-10T21:00:00", takenBy: "Alice", intakeRemindersEnabled: false },

frontend/src/utils/stock.ts

@@ -35,9 +35,9 @@ export function splitCurrentBlisterStock(
  */
 export function getBlisterStockFromMedication(med: Medication): BlisterStockSplit {
 	const total =
-		(med.packageType === "bottle"
+		med.packageType === "bottle"
 			? med.looseTablets + (med.stockAdjustment ?? 0)
-			: med.packCount * med.blistersPerPack * med.pillsPerBlister + med.looseTablets + (med.stockAdjustment ?? 0)) ?? 0;
+			: med.packCount * med.blistersPerPack * med.pillsPerBlister + med.looseTablets + (med.stockAdjustment ?? 0);
 
 	return splitCurrentBlisterStock(total, med.pillsPerBlister, med.looseTablets);
 }