fix: stock correction not working for bottle type and manual calculation mode (#133)

- Fix bottle type: submitStockCorrection used blister formula for baseTotal
  but getMedTotal uses only looseTablets for bottles. Now uses getPackageSize()
  which handles both types correctly.
- Fix manual mode: same-day taken doses were counted as consumed after a stock
  correction (>= comparison with date-only timestamps). Changed to > so doses
  on the correction day are excluded.
- Add agent instruction: only release-manager may create PRs/push/merge.

.github/agents/release-manager.agent.md

@@ -0,0 +1,318 @@
+---
+name: release-manager
+description: Manages the full release lifecycle - from branching and PRs through versioning and GitHub release notes. Use when code changes are complete and ready to ship.
+argument-hint: Describe what was changed, e.g., "fix stock correction bug" or "new refill tracking feature"
+---
+
+# Release Manager Agent
+
+You are the release manager for **MedAssist-ng**. Your job is to guide code from "done" to "released" following the project's strict branch protection, CI pipeline, and semantic versioning rules.
+
+**All output (commits, PR titles, release notes) MUST be in English**, even if the user communicates in German.
+
+## Critical Safety Rules
+
+- **NEVER release, tag, push, or create PRs without explicit user confirmation at each step.** Always present your plan and wait for approval.
+- **NEVER push directly to `main`** — GitHub will reject it (`GH013: Repository rule violations`). All changes go through Pull Requests.
+- **NEVER skip CI checks.** Wait for all status checks to pass before merging.
+
+---
+
+## Task 1: Branch, PR, and Merge Workflow
+
+When code changes (features or bug fixes) are complete and tested locally:
+
+### Step 1: Verify Readiness
+
+1. Check for uncommitted changes: `git status`
+2. Ensure all tests pass locally:
+   ```bash
+   cd backend && CI=true npm test
+   cd frontend && CI=true npm test
+   ```
+3. If tests fail, stop and fix them first.
+
+### Step 2: Create Feature Branch
+
+1. Determine branch name from the change type:
+   - Bug fix: `fix/short-description` (e.g., `fix/stock-correction-consumption`)
+   - Feature: `feat/short-description` (e.g., `feat/refill-tracking`)
+   - Chore: `chore/short-description`
+2. Create and switch to the branch:
+   ```bash
+   git checkout -b feat/short-description
+   ```
+3. Stage and commit changes with a conventional commit message:
+   ```bash
+   git add .
+   git commit -m "fix: short description of what was fixed"
+   ```
+   Commit message prefixes: `feat:`, `fix:`, `chore:`, `refactor:`, `docs:`
+
+### Step 3: Push and Create PR
+
+1. Push the branch:
+   ```bash
+   git push -u origin feat/short-description
+   ```
+2. Create a Pull Request via GitHub CLI:
+   ```bash
+   gh pr create --title "fix: short description" --body "Description of charges"
+   ```
+3. **Present the PR URL to the user and wait for confirmation.**
+
+### Step 4: Wait for CI and Merge
+
+1. Monitor CI status:
+   ```bash
+   gh pr checks <PR_NUMBER> --watch
+   ```
+   Required checks:
+   - ✅ `backend-test` (TypeScript type-check + vitest coverage)
+   - ✅ `frontend-build` (npm build)
+2. If CI fails: analyze the failure, fix it, push again, and re-check.
+3. Once CI is green, **ask the user for merge confirmation**, then:
+   ```bash
+   gh pr merge <PR_NUMBER> --squash --delete-branch
+   ```
+4. Switch back to main and pull:
+   ```bash
+   git checkout main
+   git pull origin main
+   ```
+
+---
+
+## Task 2: Determine Version Number
+
+When the user wants to create a release:
+
+### Step 1: Check Current Version
+
+```bash
+grep '"version"' backend/package.json
+```
+
+Also check the latest git tag:
+```bash
+git tag --sort=-v:refname | head -5
+```
+
+### Step 2: Analyze Changes Since Last Release
+
+```bash
+git log $(git describe --tags --abbrev=0)..HEAD --oneline
+```
+
+Read through the commits to understand what changed.
+
+### Step 3: Select SemVer Level
+
+Apply these rules strictly:
+
+| Change Type | Version Bump | Example |
+|------------|-------------|---------|
+| Bug fixes only, no new features | **patch** | `1.4.2` → `1.4.3` |
+| New features (backward compatible) | **minor** | `1.4.2` → `1.5.0` |
+| Breaking changes (DB schema without migration, removed ENV vars, changed API) | **major** | `1.4.2` → `2.0.0` |
+
+**Guidelines:**
+- When in doubt between patch and minor, prefer **minor** if any user-visible behavior is new.
+- Bug fixes that also introduce small UX improvements = **patch**.
+- Multiple bug fixes in one release = still **patch**.
+- New UI sections, new API endpoints, new settings = **minor**.
+- If a user can run `docker compose pull && docker compose up -d` without changing anything → NOT a breaking change.
+
+**Present your version recommendation to the user with reasoning and wait for confirmation.**
+
+---
+
+## Task 3: Execute Release
+
+Use the release script — it is **fully non-interactive** (no y/N prompts) and handles the entire flow automatically:
+
+```bash
+./scripts/release.sh <patch|minor|major|x.y.z>
+```
+
+The script performs these steps in order:
+1. Checks out and updates `main`
+2. Creates release branch `chore/release-X.Y.Z`
+3. Bumps version in `backend/package.json` and `frontend/package.json`
+4. Commits, pushes, and creates a PR
+5. Waits for CI checks (with retry logic — polls every 15s, waits up to 10 minutes)
+6. Merges the PR (squash + delete branch)
+7. Creates a signed tag `vX.Y.Z` and pushes it
+
+**The script auto-detects the git remote** (`origin` or `github`) and uses it consistently.
+
+**CI wait behavior:** GitHub Actions can take 10-30 seconds before checks appear on a new PR. The script waits 20 seconds initially, then polls every 15 seconds until checks are registered, then watches them to completion. Maximum wait is 10 minutes.
+
+**On failure:** If CI fails, the script exits with an error. The release branch and PR remain open for inspection. Fix the issue, push to the branch, and the PR will re-run CI. Then merge manually or re-run the script.
+
+### Version Files (MANDATORY)
+
+The version number is displayed in the **About modal** (Settings → About) as a single unified app version. This version is a **clickable link** pointing to the corresponding GitHub release (`https://github.com/DanielVolz/medassist-ng/releases/tag/vX.Y.Z`). The version is read from:
+
+- **`backend/package.json`** → Backend version, returned by `/health` endpoint
+- **`frontend/package.json`** → Frontend version, injected at build time via Vite's `__APP_VERSION__` define and used to construct the release link
+
+**Both files MUST be updated to the new version before tagging a release.** If forgotten:
+- The About modal will show the old version
+- The version link will point to a non-existent GitHub release page
+
+### Manual Release (if script is not available)
+
+1. Create release branch:
+   ```bash
+   git checkout main && git pull origin main
+   git checkout -b chore/release-X.Y.Z
+   ```
+2. Update versions in **both** `backend/package.json` and `frontend/package.json` to `X.Y.Z`
+3. Commit, push, create PR, wait for CI, merge (same as Task 1)
+4. Create signed tag:
+   ```bash
+   git checkout main && git pull origin main
+   git tag -s "vX.Y.Z" -m "Release vX.Y.Z"
+   git push origin "vX.Y.Z"
+   ```
+
+### After Tagging
+
+- The `docker-build.yml` workflow automatically builds and pushes Docker images to GHCR.
+- The `version-bump.yml` workflow automatically updates `package.json` versions if needed.
+- Track progress: `https://github.com/DanielVolz/medassist-ng/actions`
+
+---
+
+## Task 4: Write Release Notes
+
+When the user asks to write release notes (MANDATORY for minor/major releases):
+
+### Step 1: Gather Changes
+
+```bash
+git log vPREVIOUS..vNEW --oneline
+```
+
+Read the actual code changes (not just commit messages) to understand what was added or fixed.
+
+### Step 2: Write Release Notes
+
+**Release title:** Use just `vX.Y.Z` (e.g., `v1.4.1`), NOT "Release vX.Y.Z".
+
+**Required structure:**
+
+1. **"What's New"** (1-2 sentences): Brief intro explaining the main change
+2. **"New Features" / "Bug Fixes" / "Improvements"**: Grouped bullet points with **bold feature names** and descriptions
+3. **"Where to Find It"**: Tell users where they can access the new feature or see the fix
+4. **Breaking Changes Warning** (if applicable): See below
+
+**Style guidelines:**
+- Use `### Heading` for sections
+- Use **bold** for feature names in bullet points
+- Keep descriptions on the same line as the feature name
+- Minimal emoji usage (sparingly, not on every line)
+- Always end with "Where to Find It" section
+- End with: `**Full Changelog**: https://github.com/DanielVolz/medassist-ng/compare/vPREV...vNEW`
+
+**ONLY include user-relevant changes.** DO NOT include:
+- ❌ Technical implementation details (new columns, endpoints, database changes)
+- ❌ Number of tests added
+- ❌ Internal API changes (unless breaking)
+- ❌ Excessive emoji on every bullet point
+- ❌ .gitignore changes or other developer-only file changes
+- ❌ AI/Copilot instruction updates
+- ❌ CI/CD workflow changes (unless affecting users)
+- ❌ Code refactoring without user-visible changes
+
+### Example: Good Release Notes
+
+```markdown
+## What's New
+
+This release introduces a medication refill tracking feature and improves the mobile user experience.
+
+### New Features
+
+- **Medication Refill**: Track when you refill your medications with a single click. Add full packs or individual pills and view complete refill history.
+- **Automatic Stock Updates**: Stock levels are automatically recalculated after each refill.
+- **Refill History**: Each medication shows a complete history of all refills with timestamps.
+
+### Mobile Improvements
+
+- **Centered Tooltips**: Info tooltips now display centered on screen for better readability.
+- **Touch-friendly**: Tooltips close automatically when scrolling on touch devices.
+
+### Where to Find It
+
+The refill button appears in the medication detail modal and in the edit form for each medication.
+
+**Full Changelog**: https://github.com/DanielVolz/medassist-ng/compare/v1.2.3...v1.3.0
+```
+
+### Breaking Changes Warning
+
+If the update breaks existing configurations or stored data, it MUST be prominently warned:
+
+**Breaking Changes include:**
+- Database schema changes without automatic migration
+- Removed or renamed ENV variables
+- Changed API endpoints
+- Incompatible `.env` format changes
+- Loss of stored data after update
+
+**Format:**
+
+```markdown
+## ⚠️ BREAKING CHANGES - Please read before updating!
+
+**Database migration required**: This update changes the database schema.
+Existing installations need to:
+1. Create backup of `data/` folder
+2. Stop containers
+3. Perform update
+4. If issues occur: Rollback using backup
+
+**ENV variables changed**:
+- `OLD_VAR` was renamed to `NEW_VAR`
+- `REMOVED_VAR` is no longer supported
+```
+
+**What is NOT a Breaking Change:**
+- ✅ New optional columns with DEFAULT values
+- ✅ New ENV variables (with sensible defaults)
+- ✅ New features that don't affect existing data
+- ✅ Bug fixes that correct behavior
+
+### Step 3: Publish
+
+Present the release notes to the user. They will copy them to the GitHub release page or ask you to publish via:
+```bash
+gh release create vX.Y.Z --title "vX.Y.Z" --notes "RELEASE_NOTES_HERE"
+```
+
+---
+
+## Complete Workflow Summary
+
+```
+Code complete & tests pass locally
+        ↓
+1. Create feature branch (fix/... or feat/...)
+2. Commit, push, create PR
+3. Wait for CI (backend-test + frontend-build)
+4. Merge PR to main (squash + delete branch)
+        ↓
+Ready for release?
+        ↓
+5. Check current version (git tag + package.json)
+6. Analyze changes → determine SemVer level
+7. Run ./scripts/release.sh <patch|minor|major>
+   (or manually: branch → version bump → PR → CI → merge → tag)
+        ↓
+8. Write release notes (mandatory for minor/major)
+9. Publish GitHub release
+        ↓
+Docker images built automatically via CI
+```

.github/copilot-instructions.md

@@ -4,12 +4,13 @@
 
 - **English is the primary language**: All code, comments, documentation, commit messages, PR descriptions, and GitHub releases MUST be written in English. The user may communicate in German, but all project artifacts must be in English.
 - **NEVER release without explicit permission**: Do NOT create tags, releases, or version bumps unless the user explicitly asks for it. Always wait for explicit confirmation before any release action.
-- **NEVER create PRs without explicit permission**: Do NOT create Pull Requests, push branches, or merge code unless the user explicitly asks for it. Always present changes and wait for the user to confirm before any git operations that affect the remote repository.
+- **NEVER create PRs, push, or merge**: Only the **release-manager agent** (`@release-manager`) is allowed to create Pull Requests, push branches to the remote, or merge code. Regular agents and Copilot MUST NOT perform any git operations that affect the remote repository (no `git push`, no `gh pr create`, no `gh pr merge`). Present your local changes and tell the user to invoke `@release-manager` when ready to ship.
 - **No temporary files**: Delete temporary scripts/files immediately after use. Do not commit temporary debug scripts, test files, or one-off utilities to the repository.
 - **Clean workspace**: Always clean up after yourself. If you create a file for a specific task, delete it once done.
 - **Remove old code when re-implementing**: When fixing a bug or re-implementing a feature that didn't work, ALWAYS remove the old/broken code completely. Never leave dead code, unused functions, or obsolete implementations in the codebase.
 - **Tests are mandatory**: Every new feature and every bug fix MUST have corresponding tests. When modifying existing features, update or add tests accordingly. If old tests become obsolete due to code changes, remove or update them.
 - **Fix bugs, don't test around them**: If you discover incorrect behavior in the code while writing tests, ALWAYS fix the buggy code first, then write tests that verify the correct behavior. NEVER write tests that mimic or assert broken behavior. The user's time is finite and irreplaceable — every bug left unfixed wastes it.
+- **Keep README.md up to date**: After implementing code changes, check whether the `README.md` needs to be updated (e.g., new features, changed ENV variables, new commands, changed architecture, new endpoints, updated screenshots). If changes are relevant to the README, **ask the user for confirmation** before updating it. Do NOT silently update the README — always present the proposed README changes and wait for approval. Examples of README-relevant changes: new ENV variables, new API endpoints, new UI features, changed setup/install steps, new dependencies, changed Docker configuration.
 
 ## Architecture Overview
 
@@ -180,141 +181,6 @@ gh pr merge --squash --delete-branch
 | `.github/workflows/test.yml` | Pull Requests | Run tests, block PR on failures |
 | `.github/workflows/docker-build.yml` | Push to main, Tags | Tests + Build and push Docker images |
 
-### Adding New Code - Checklist
-1. ✅ Implement feature
-2. ✅ Write tests for the feature
-3. ✅ Run `npm run test:coverage` locally
-4. ✅ Coverage must not decrease
-5. ✅ Create and push feature branch
-6. ✅ Create Pull Request
-7. ✅ Wait until CI is green
-8. ✅ Merge PR (branch is automatically deleted)
-
-## GitHub Releases
-
-> ⚠️ **IMPORTANT**: All GitHub Releases must be written in **English**!
-
-### Release Workflow (MANDATORY for minor/major releases)
-
-The `main` branch is protected - releases are created via GitHub's release UI or API.
-
-**Release Process:**
-1. Create a new release on GitHub with tag `vX.Y.Z`
-2. **Automatic Version Bump**: A GitHub Action (`version-bump.yml`) automatically updates `package.json` versions to match the release tag
-3. User asks AI to write release notes: "Write the release notes for vX.Y.Z"
-4. AI writes descriptive release notes following the style guide below
-5. User publishes the release with the written notes
-
-> ⚠️ **MANDATORY for minor and major releases**: The AI assistant MUST write proper descriptive release notes!
-> Do NOT just publish the auto-generated commit list. Follow the process above.
-
-**AI Assistant Release Notes Workflow:**
-1. When user asks to write release notes for a version:
-   - Check commits since previous tag: `git log vPREV..vNEW --oneline`
-   - Read through the changes to understand what was added/fixed
-   - Write release notes following the style guide below
-   - Present the notes to the user for copying to GitHub
-
-### Creating Release Notes
-
-> ⚠️ **MANDATORY**: GitHub Releases MUST contain a written message!
-> Not just auto-generated commit lists, but a brief descriptive text.
-
-**Release title:** Use just `vX.Y.Z` (e.g., `v1.4.1`), NOT "Release vX.Y.Z".
-
-**Keep it informative but concise.** Users want to know what changed and where to find it.
-
-**Required structure of release notes:**
-
-1. **"What's New"** (1-2 sentences): Brief intro explaining the main change
-2. **"New Features" / "Improvements"**: Grouped bullet points with **bold feature names** and descriptions
-3. **"Where to Find It"**: Tell users where they can access the new feature
-4. **Breaking Changes Warning** (if applicable): See below
-
-**Style guidelines:**
-- Use `### Heading` for sections (New Features, Improvements, Security, etc.)
-- Use **bold** for feature names in bullet points
-- Keep descriptions on the same line as the feature name
-- Minimal emoji usage (sparingly, not on every line)
-- Always end with "Where to Find It" section
-
-**DO NOT include:**
-- ❌ Technical implementation details (new columns, endpoints, database changes)
-- ❌ Number of tests added
-- ❌ Internal API changes (unless breaking)
-- ❌ Excessive emoji on every bullet point
-- ❌ .gitignore changes or other developer-only file changes
-- ❌ AI/Copilot instruction updates
-- ❌ CI/CD workflow changes (unless affecting users)
-- ❌ Code refactoring without user-visible changes
-
-**Only include user-relevant changes** - things that affect what users see or experience in the app.
-
-**Example of good release notes:**
-
-```markdown
-## What's New
-
-This release introduces a medication refill tracking feature and improves the mobile user experience.
-
-### New Features
-
-- **Medication Refill**: Track when you refill your medications with a single click. Add full packs or individual pills and view complete refill history.
-- **Automatic Stock Updates**: Stock levels are automatically recalculated after each refill.
-- **Refill History**: Each medication shows a complete history of all refills with timestamps.
-
-### Mobile Improvements
-
-- **Centered Tooltips**: Info tooltips now display centered on screen for better readability.
-- **Touch-friendly**: Tooltips close automatically when scrolling on touch devices.
-
-### Where to Find It
-
-The refill button appears in the medication detail modal and in the edit form for each medication.
-
-**Full Changelog**: https://github.com/DanielVolz/medassist-ng/compare/v1.2.3...v1.3.0
-```
-
-### Breaking Changes Warning (CRITICAL!)
-
-> ⚠️ **MANDATORY**: If an update breaks existing configurations or stored data, it MUST be prominently warned about in the release notes!
-
-**Breaking Changes include:**
-- Database schema changes without automatic migration
-- Removed or renamed ENV variables
-- Changed API endpoints
-- Incompatible `.env` format changes
-- Loss of stored data after update
-
-**Format for Breaking Changes:**
-
-```markdown
-## ⚠️ BREAKING CHANGES - Please read before updating!
-
-**Database migration required**: This update changes the database schema. 
-Existing installations need to:
-1. Create backup of `data/` folder
-2. Stop containers
-3. Perform update
-4. If issues occur: Rollback using backup
-
-**ENV variables changed**: 
-- `OLD_VAR` was renamed to `NEW_VAR`
-- `REMOVED_VAR` is no longer supported
-
-**Medication data**: Intake schedules with only one time entry will be automatically 
-migrated. Please verify all times are correct after update.
-```
-
-**What is NOT a Breaking Change:**
-- ✅ New optional columns with DEFAULT values
-- ✅ New ENV variables (with sensible defaults)
-- ✅ New features that don't affect existing data
-- ✅ Bug fixes that correct behavior
-
-**Rule of thumb**: If a user can simply run `docker compose pull && docker compose up -d` 
-without adjusting anything → Not a Breaking Change.
-
 ## Key Patterns
 
 ### Backend Routes (`backend/src/routes/`)

.github/workflows/codeql.yml

@@ -3,8 +3,30 @@ name: "CodeQL"
 on:
   push:
     branches: [main]
+    paths:
+      - '**.js'
+      - '**.ts'
+      - '**.tsx'
+      - '**.jsx'
+      - 'backend/package.json'
+      - 'backend/package-lock.json'
+      - 'frontend/package.json'
+      - 'frontend/package-lock.json'
+      - '.github/codeql/**'
+      - '.github/workflows/codeql.yml'
   pull_request:
     branches: [main]
+    paths:
+      - '**.js'
+      - '**.ts'
+      - '**.tsx'
+      - '**.jsx'
+      - 'backend/package.json'
+      - 'backend/package-lock.json'
+      - 'frontend/package.json'
+      - 'frontend/package-lock.json'
+      - '.github/codeql/**'
+      - '.github/workflows/codeql.yml'
   schedule:
     - cron: "0 6 * * 1" # Weekly on Monday at 6am UTC
   workflow_dispatch: # Allow manual trigger

.github/workflows/docker-build.yml

@@ -25,50 +25,12 @@ env:
 
 jobs:
   # =============================================================================
-  # Run Tests First
-  # =============================================================================
-  backend-test:
-    name: Backend Tests
-    runs-on: ubuntu-latest
-    permissions:
-      contents: read
-    defaults:
-      run:
-        working-directory: backend
-    steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-node@v4
-        with:
-          node-version: '22'
-          cache: 'npm'
-          cache-dependency-path: backend/package-lock.json
-      - run: npm ci
-      - run: npx tsc --noEmit
-      - run: npm run test:run
-
-  frontend-build:
-    name: Frontend Build
-    runs-on: ubuntu-latest
-    permissions:
-      contents: read
-    defaults:
-      run:
-        working-directory: frontend
-    steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-node@v4
-        with:
-          node-version: '22'
-          cache: 'npm'
-          cache-dependency-path: frontend/package-lock.json
-      - run: npm ci
-      - run: npm run build
-
-  # =============================================================================
-  # Build and Push Docker Images (only after tests pass)
+  # Build and Push Docker Images
+  # Tests are NOT run here — branch protection on main requires all PR checks
+  # (backend-test + frontend-build from test.yml) to pass before merge.
+  # Tags are created from main, so code is already tested.
   # =============================================================================
   build-and-push:
-    needs: [backend-test, frontend-build]
     runs-on: ubuntu-latest
     permissions:
       contents: read

.github/workflows/test.yml

@@ -10,10 +10,38 @@ permissions:
 
 jobs:
   # =============================================================================
-  # Backend Tests
+  # Detect which paths changed to skip unnecessary jobs
+  # =============================================================================
+  changes:
+    name: Detect Changes
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      pull-requests: read
+    outputs:
+      backend: ${{ steps.filter.outputs.backend }}
+      frontend: ${{ steps.filter.outputs.frontend }}
+    steps:
+      - uses: dorny/paths-filter@v3
+        id: filter
+        with:
+          filters: |
+            backend:
+              - 'backend/**'
+              - 'biome.json'
+              - '.github/workflows/test.yml'
+            frontend:
+              - 'frontend/**'
+              - 'biome.json'
+              - '.github/workflows/test.yml'
+
+  # =============================================================================
+  # Backend Tests (skipped if no backend-related files changed)
   # =============================================================================
   backend-test:
     name: Backend Tests
+    needs: changes
+    if: needs.changes.outputs.backend == 'true'
     runs-on: ubuntu-latest
     permissions:
       contents: read
@@ -53,10 +81,12 @@ jobs:
           retention-days: 7
 
   # =============================================================================
-  # Frontend Build Validation
+  # Frontend Build Validation (skipped if no frontend-related files changed)
   # =============================================================================
   frontend-build:
     name: Frontend Build
+    needs: changes
+    if: needs.changes.outputs.frontend == 'true'
     runs-on: ubuntu-latest
     permissions:
       contents: read

.github/workflows/update-test-badges.yml

@@ -22,7 +22,7 @@ jobs:
       - name: Checkout repository
         uses: actions/checkout@v4
         with:
-          token: ${{ secrets.GITHUB_TOKEN }}
+          token: ${{ secrets.BADGE_TOKEN || secrets.GITHUB_TOKEN }}
 
       - name: Setup Node.js
         uses: actions/setup-node@v4
@@ -91,17 +91,14 @@ jobs:
             exit 0
           fi
 
-      - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v7
-        with:
-          token: ${{ secrets.GITHUB_TOKEN }}
-          commit-message: 'chore: update test count badges'
-          title: 'chore: update test count badges'
-          body: |
-            Automated update of test count badges in README.md.
-            
-            - Backend tests: ${{ steps.backend-tests.outputs.count }}
-            - Frontend tests: ${{ steps.frontend-tests.outputs.count }}
-          branch: chore/update-test-badges
-          delete-branch: true
-          labels: automated
+      - name: Commit and push badge updates
+        run: |
+          git config user.name "github-actions[bot]"
+          git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
+          git add README.md
+          if git diff --cached --quiet; then
+            echo "No badge changes to commit"
+          else
+            git commit -m "chore: update test count badges [skip ci]"
+            git push
+          fi

README.md

@@ -18,8 +18,8 @@
 </p>
 
 <p align="center">
-  <img src="https://img.shields.io/badge/Backend_Tests-454%2F454-brightgreen?logo=vitest" alt="Backend Tests 454/454" />
-  <img src="https://img.shields.io/badge/Frontend_Tests-611%2F611-brightgreen?logo=vitest" alt="Frontend Tests 611/611" />
+  <img src="https://img.shields.io/badge/Backend_Tests-494%2F494-brightgreen?logo=vitest" alt="Backend Tests 454/454" />
+  <img src="https://img.shields.io/badge/Frontend_Tests-639%2F639-brightgreen?logo=vitest" alt="Frontend Tests 611/611" />
 </p>
 
 ### 🤖 AI-Generated Code

backend/package-lock.json

@@ -1,12 +1,12 @@
 {
   "name": "medassist-ng-backend",
-  "version": "1.7.1",
+  "version": "1.8.3",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "medassist-ng-backend",
-      "version": "1.7.1",
+      "version": "1.8.3",
       "dependencies": {
         "@fastify/cookie": "^10.0.1",
         "@fastify/cors": "^10.0.1",

backend/package.json

@@ -1,6 +1,6 @@
 {
   "name": "medassist-ng-backend",
-  "version": "1.7.1",
+  "version": "1.8.6",
   "private": true,
   "type": "module",
   "scripts": {

backend/src/db/client.ts

@@ -1,322 +1,37 @@
-import { accessSync, constants, existsSync, mkdirSync, statSync, writeFileSync } from "node:fs";
-import { dirname, resolve } from "node:path";
-import { fileURLToPath } from "node:url";
+import { existsSync, statSync } from "node:fs";
+import { resolve } from "node:path";
 import { type Client, createClient } from "@libsql/client";
 import dotenv from "dotenv";
 import { drizzle } from "drizzle-orm/libsql";
-import { migrate } from "drizzle-orm/libsql/migrator";
-import { parseIntakesJson, parseLocalDateTime } from "../utils/scheduler-utils.js";
 
-dotenv.config({ path: process.env.DOTENV_PATH || ".env" });
+// Import utilities from db-utils (side-effect-free)
+import {
+	ensureDataDirectory,
+	ensureDefaultUser,
+	getDataDir,
+	getDbPaths,
+	repairOrphanedDoseIds,
+	repairTrailingHyphenDoseIds,
+	runAlterMigrations,
+	runDrizzleMigrations,
+} from "./db-utils.js";
 
-// Get migrations folder path (relative to this file's location)
-const __filename = fileURLToPath(import.meta.url);
-const __dirname = dirname(__filename);
-const migrationsFolder = resolve(__dirname, "../../drizzle");
+// Re-export all utilities so existing imports from client.ts keep working
+export {
+	buildDbUrl,
+	ensureDataDirectory,
+	ensureDefaultUser,
+	getDataDir,
+	getDbPaths,
+	repairOrphanedDoseIds,
+	repairTrailingHyphenDoseIds,
+	runAlterMigrations,
+	runDrizzleMigrations,
+} from "./db-utils.js";
 
-// =============================================================================
-// Exported utility functions for testing
-// =============================================================================
-
-/** Build the database URL from a path */
-export function buildDbUrl(dbPath: string): string {
-	return `file:${dbPath}`;
-}
-
-/** Get data directory and database path */
-export function getDbPaths(cwd: string = process.cwd()): { dataDir: string; dbPath: string; url: string } {
-	const dataDir = resolve(cwd, "data");
-	const dbPath = resolve(dataDir, "medassist-ng.db");
-	const url = buildDbUrl(dbPath);
-	return { dataDir, dbPath, url };
-}
-
-/** Ensure data directory exists and is writable */
-export function ensureDataDirectory(dataDir: string): { success: boolean; error?: string } {
-	try {
-		if (!existsSync(dataDir)) {
-			mkdirSync(dataDir, { recursive: true });
-		}
-
-		// Check if directory is writable
-		accessSync(dataDir, constants.W_OK);
-
-		// Try to create a test file to verify write access
-		const testFile = resolve(dataDir, ".write-test");
-		writeFileSync(testFile, "test");
-
-		return { success: true };
-	} catch (err: any) {
-		return { success: false, error: err.message };
-	}
-}
-
-/** Run drizzle-kit migrations on the database */
-export async function runDrizzleMigrations(
-	database: ReturnType<typeof drizzle>
-): Promise<{ success: boolean; error?: string; warning?: string }> {
-	try {
-		await migrate(database, { migrationsFolder });
-		return { success: true };
-	} catch (err: any) {
-		// If the error is "duplicate column", it means the schema is already up-to-date
-		// This happens when ALTER migrations in client.ts have already added the columns
-		// We consider this a success with a warning, not a failure
-		if (err.message?.includes("duplicate column")) {
-			return { success: true, warning: `Schema already up-to-date: ${err.message}` };
-		}
-		return { success: false, error: err.message };
-	}
-}
-
-/** Run ALTER TABLE migrations for backward compatibility with older databases */
-export async function runAlterMigrations(client: Client): Promise<{ success: boolean; errors: string[] }> {
-	const errors: string[] = [];
-
-	// These add new columns to existing tables (silently fail if column already exists)
-	const alterMigrations = [
-		// Added in v1.x - repeat reminders and nagging settings
-		`ALTER TABLE user_settings ADD COLUMN skip_reminders_for_taken_doses integer NOT NULL DEFAULT 0`,
-		`ALTER TABLE user_settings ADD COLUMN repeat_reminders_enabled integer NOT NULL DEFAULT 0`,
-		`ALTER TABLE user_settings ADD COLUMN reminder_repeat_interval_minutes integer NOT NULL DEFAULT 30`,
-		`ALTER TABLE user_settings ADD COLUMN max_nagging_reminders integer NOT NULL DEFAULT 5`,
-		// Added in v1.2.3 - dismiss missed doses without deducting stock
-		`ALTER TABLE dose_tracking ADD COLUMN dismissed integer NOT NULL DEFAULT 0`,
-		// Added in v1.3.x - stock calculation mode (automatic/manual)
-		`ALTER TABLE user_settings ADD COLUMN stock_calculation_mode text NOT NULL DEFAULT 'automatic'`,
-		// Added for stock correction - hidden offset that doesn't affect looseTablets
-		`ALTER TABLE medications ADD COLUMN stock_adjustment integer NOT NULL DEFAULT 0`,
-		// Added for stock correction - timestamp to ignore consumed doses before correction
-		`ALTER TABLE medications ADD COLUMN last_stock_correction_at integer`,
-		// Added in v1.5.1 - dismiss past doses until date (robust against timestamp changes)
-		`ALTER TABLE medications ADD COLUMN dismissed_until text`,
-		// Added for more detailed reminder info display
-		`ALTER TABLE user_settings ADD COLUMN last_reminder_med_name text`,
-		`ALTER TABLE user_settings ADD COLUMN last_reminder_taken_by text`,
-		// Added for package type support (blister vs bottle)
-		`ALTER TABLE medications ADD COLUMN package_type text NOT NULL DEFAULT 'blister'`,
-		`ALTER TABLE medications ADD COLUMN total_pills integer`,
-		// Added for dose unit selection (mg, g, mcg, ml, IU, etc.)
-		`ALTER TABLE medications ADD COLUMN dose_unit text DEFAULT 'mg'`,
-		// Added for intake-level takenBy: unified intakes structure
-		`ALTER TABLE medications ADD COLUMN intakes_json text NOT NULL DEFAULT '[]'`,
-	];
-
-	for (const sql of alterMigrations) {
-		try {
-			await client.execute(sql);
-		} catch (e: any) {
-			// Silently ignore "duplicate column" errors - column already exists
-			if (!e.message?.includes("duplicate column")) {
-				errors.push(e.message);
-			}
-		}
-	}
-
-	// Create tables that might be missing (silently fail if already exists)
-	const createTableMigrations = [
-		// Added in v1.3.x - refill history tracking
-		`CREATE TABLE IF NOT EXISTS refill_history (
-      id INTEGER PRIMARY KEY AUTOINCREMENT,
-      medication_id INTEGER NOT NULL REFERENCES medications(id) ON DELETE CASCADE,
-      user_id INTEGER NOT NULL REFERENCES users(id) ON DELETE CASCADE,
-      packs_added INTEGER NOT NULL DEFAULT 0,
-      loose_pills_added INTEGER NOT NULL DEFAULT 0,
-      refill_date INTEGER NOT NULL DEFAULT (strftime('%s','now'))
-    )`,
-	];
-
-	for (const sql of createTableMigrations) {
-		try {
-			await client.execute(sql);
-		} catch (e: any) {
-			// Silently ignore "table already exists" errors
-			if (!e.message?.includes("already exists")) {
-				errors.push(e.message);
-			}
-		}
-	}
-
-	return { success: errors.length === 0, errors };
-}
-
-/** Ensure default user exists for auth-disabled mode */
-export async function ensureDefaultUser(client: Client, authEnabled: boolean): Promise<boolean> {
-	if (authEnabled) {
-		return false; // No default user needed
-	}
-
-	try {
-		const result = await client.execute("SELECT id FROM users WHERE id = 1");
-		if (result.rows.length === 0) {
-			await client.execute("INSERT INTO users (id, username, auth_provider) VALUES (1, 'default', 'local')");
-			return true; // Created
-		}
-		return false; // Already exists
-	} catch (e: any) {
-		console.error(`[DB] Error creating default user:`, e.message);
-		return false;
-	}
-}
-
-// =============================================================================
-// Startup repair: fix orphaned dose tracking IDs from past schedule changes
-// =============================================================================
-
-const MS_PER_DAY = 86_400_000;
-
-/**
- * Repair dose IDs that have a trailing hyphen caused by a frontend bug where
- * `[].toString()` produced an empty string, resulting in IDs like "5-0-1729123200000-"
- * instead of "5-0-1729123200000". This strips trailing hyphens from all dose IDs.
- *
- * This function is idempotent - safe to run on every startup.
- */
-export async function repairTrailingHyphenDoseIds(client: Client): Promise<{ repaired: number; errors: string[] }> {
-	const errors: string[] = [];
-	let repaired = 0;
-
-	try {
-		const result = await client.execute(
-			"UPDATE dose_tracking SET dose_id = RTRIM(dose_id, '-') WHERE dose_id LIKE '%-'"
-		);
-		repaired = result.rowsAffected;
-	} catch (e: any) {
-		errors.push(`Trailing-hyphen repair failed: ${e.message}`);
-	}
-
-	return { repaired, errors };
-}
-
-/**
- * Repair orphaned dose tracking IDs that no longer match the current intake schedule.
- * This fixes dose IDs that became invalid when a medication's schedule was changed
- * BEFORE the on-edit migration (PR #103) was introduced.
- *
- * For each medication, generates all valid schedule dateOnlyMs values from each intake's
- * start date up to today, then checks all dose_tracking entries. Any dose whose timestamp
- * doesn't match a valid schedule date is remapped to the nearest valid date.
- *
- * This function is idempotent - safe to run on every startup.
- */
-export async function repairOrphanedDoseIds(client: Client): Promise<{ repaired: number; errors: string[] }> {
-	const errors: string[] = [];
-	let repaired = 0;
-
-	try {
-		// Get all medications
-		const medsResult = await client.execute(
-			"SELECT id, intakes_json, usage_json, every_json, start_json, intake_reminders_enabled FROM medications"
-		);
-
-		if (medsResult.rows.length === 0) return { repaired, errors };
-
-		// Get all dose tracking entries
-		const dosesResult = await client.execute("SELECT id, dose_id FROM dose_tracking");
-		if (dosesResult.rows.length === 0) return { repaired, errors };
-
-		// Build a map of medId → dose entries for quick lookup
-		const dosesByMed = new Map<number, Array<{ id: number; doseId: string }>>();
-		for (const row of dosesResult.rows) {
-			const doseId = row.dose_id as string;
-			const parts = doseId.split("-");
-			if (parts.length < 3) continue;
-			const medId = parseInt(parts[0], 10);
-			if (Number.isNaN(medId)) continue;
-			if (!dosesByMed.has(medId)) dosesByMed.set(medId, []);
-			dosesByMed.get(medId)!.push({ id: row.id as number, doseId });
-		}
-
-		const now = new Date();
-		const today = new Date(now.getFullYear(), now.getMonth(), now.getDate());
-
-		for (const med of medsResult.rows) {
-			const medId = med.id as number;
-			const medDoses = dosesByMed.get(medId);
-			if (!medDoses || medDoses.length === 0) continue;
-
-			// Parse intakes
-			const intakes = parseIntakesJson(
-				med.intakes_json as string | null,
-				{
-					usageJson: (med.usage_json as string) || "[]",
-					everyJson: (med.every_json as string) || "[]",
-					startJson: (med.start_json as string) || "[]",
-				},
-				(med.intake_reminders_enabled as number) === 1
-			);
-
-			if (intakes.length === 0) continue;
-
-			// For each intake index, build the set of valid dateOnlyMs values
-			const validDatesByIntake = new Map<number, Set<number>>();
-			for (let idx = 0; idx < intakes.length; idx++) {
-				const intake = intakes[idx];
-				const start = parseLocalDateTime(intake.start);
-				const every = intake.every;
-				if (every <= 0 || Number.isNaN(start.getTime())) continue;
-
-				const validDates = new Set<number>();
-				for (let d = new Date(start); d <= today; d.setDate(d.getDate() + every)) {
-					validDates.add(new Date(d.getFullYear(), d.getMonth(), d.getDate()).getTime());
-				}
-				validDatesByIntake.set(idx, validDates);
-			}
-
-			// Check each dose entry
-			for (const dose of medDoses) {
-				const parts = dose.doseId.split("-");
-				if (parts.length < 3) continue;
-
-				const intakeIdx = parseInt(parts[1], 10);
-				const dateOnlyMs = parseInt(parts[2], 10);
-				if (Number.isNaN(intakeIdx) || Number.isNaN(dateOnlyMs)) continue;
-
-				const validDates = validDatesByIntake.get(intakeIdx);
-				if (!validDates) continue; // Unknown intake index - skip
-
-				// Check if this dose's timestamp is valid
-				if (validDates.has(dateOnlyMs)) continue; // Already valid - nothing to do
-
-				// Orphaned dose - find the nearest valid schedule date
-				const intake = intakes[intakeIdx];
-				if (!intake) continue;
-
-				const halfInterval = (intake.every * MS_PER_DAY) / 2;
-				let bestMatch: number | null = null;
-				let bestDist = Infinity;
-
-				for (const validDate of validDates) {
-					const dist = Math.abs(validDate - dateOnlyMs);
-					if (dist < bestDist && dist <= halfInterval) {
-						bestDist = dist;
-						bestMatch = validDate;
-					}
-				}
-
-				if (bestMatch !== null) {
-					// Rebuild dose ID with new timestamp, preserving person suffix
-					const personSuffix = parts.length > 3 ? `-${parts.slice(3).join("-")}` : "";
-					const newDoseId = `${medId}-${intakeIdx}-${bestMatch}${personSuffix}`;
-
-					try {
-						await client.execute({
-							sql: "UPDATE dose_tracking SET dose_id = ? WHERE id = ?",
-							args: [newDoseId, dose.id],
-						});
-						repaired++;
-					} catch (e: any) {
-						errors.push(`Failed to repair dose ${dose.id}: ${e.message}`);
-					}
-				}
-			}
-		}
-	} catch (e: any) {
-		errors.push(`Repair failed: ${e.message}`);
-	}
-
-	return { repaired, errors };
-}
+// Load .env: try cwd first, then parent dir (for local dev running from backend/)
+const envPath = process.env.DOTENV_PATH || (existsSync(".env") ? ".env" : "../.env");
+dotenv.config({ path: envPath });
 
 // =============================================================================
 // Database initialization (runs on import)
@@ -361,7 +76,7 @@ export const db = drizzle(client);
 // Auto-run migrations (self-healing database)
 async function runMigrations() {
 	// Run drizzle-kit generated migrations
-	console.log(`[DB] Running drizzle migrations from: ${migrationsFolder}`);
+	console.log(`[DB] Running drizzle migrations...`);
 	const migrateResult = await runDrizzleMigrations(db);
 	if (!migrateResult.success) {
 		console.error(`[DB] Migration error:`, migrateResult.error);

backend/src/db/db-utils.ts

@@ -0,0 +1,352 @@
+/**
+ * Pure utility functions for database operations.
+ * Separated from client.ts to allow importing without triggering
+ * top-level database initialization side effects.
+ */
+
+import { accessSync, constants, existsSync, mkdirSync, writeFileSync } from "node:fs";
+import { dirname, resolve } from "node:path";
+import { fileURLToPath } from "node:url";
+import type { Client } from "@libsql/client";
+import type { drizzle } from "drizzle-orm/libsql";
+import { migrate } from "drizzle-orm/libsql/migrator";
+import { parseIntakesJson, parseLocalDateTime } from "../utils/scheduler-utils.js";
+
+// Get migrations folder path (relative to this file's location)
+const __filename = fileURLToPath(import.meta.url);
+const __dirname = dirname(__filename);
+const migrationsFolder = resolve(__dirname, "../../drizzle");
+
+// =============================================================================
+// Path & Directory utilities
+// =============================================================================
+
+/**
+ * Get the data directory path.
+ *
+ * Resolution order:
+ * 1. DATA_DIR env var (set by docker-compose for containers)
+ * 2. Monorepo detection: if ../docker-compose.yml exists, we're in backend/
+ *    subdirectory → use ../data (project root's data folder)
+ * 3. Fallback: resolve(cwd, "data") (running from project root or standalone)
+ */
+export function getDataDir(cwd: string = process.cwd()): string {
+	// Docker containers set DATA_DIR explicitly
+	if (process.env.DATA_DIR) return resolve(process.env.DATA_DIR);
+
+	// Local dev: detect if we're in backend/ subdirectory of the monorepo
+	if (existsSync(resolve(cwd, "..", "docker-compose.yml"))) {
+		return resolve(cwd, "..", "data");
+	}
+
+	// Default: data/ relative to cwd (running from project root)
+	return resolve(cwd, "data");
+}
+
+/** Build the database URL from a path */
+export function buildDbUrl(dbPath: string): string {
+	return `file:${dbPath}`;
+}
+
+/** Get data directory and database path */
+export function getDbPaths(cwd: string = process.cwd()): { dataDir: string; dbPath: string; url: string } {
+	const dataDir = getDataDir(cwd);
+	const dbPath = resolve(dataDir, "medassist-ng.db");
+	const url = buildDbUrl(dbPath);
+	return { dataDir, dbPath, url };
+}
+
+/** Ensure data directory exists and is writable */
+export function ensureDataDirectory(dataDir: string): { success: boolean; error?: string } {
+	try {
+		if (!existsSync(dataDir)) {
+			mkdirSync(dataDir, { recursive: true });
+		}
+
+		// Check if directory is writable
+		accessSync(dataDir, constants.W_OK);
+
+		// Try to create a test file to verify write access
+		const testFile = resolve(dataDir, ".write-test");
+		writeFileSync(testFile, "test");
+
+		return { success: true };
+	} catch (err: any) {
+		return { success: false, error: err.message };
+	}
+}
+
+// =============================================================================
+// Migration utilities
+// =============================================================================
+
+/** Run drizzle-kit migrations on the database */
+export async function runDrizzleMigrations(
+	database: ReturnType<typeof drizzle>
+): Promise<{ success: boolean; error?: string; warning?: string }> {
+	try {
+		await migrate(database, { migrationsFolder });
+		return { success: true };
+	} catch (err: any) {
+		// If the error is "duplicate column", it means the schema is already up-to-date
+		// This happens when ALTER migrations in client.ts have already added the columns
+		// We consider this a success with a warning, not a failure
+		if (err.message?.includes("duplicate column")) {
+			return { success: true, warning: `Schema already up-to-date: ${err.message}` };
+		}
+		return { success: false, error: err.message };
+	}
+}
+
+/** Run ALTER TABLE migrations for backward compatibility with older databases */
+export async function runAlterMigrations(client: Client): Promise<{ success: boolean; errors: string[] }> {
+	const errors: string[] = [];
+
+	// These add new columns to existing tables (silently fail if column already exists)
+	const alterMigrations = [
+		// Added in v1.x - repeat reminders and nagging settings
+		`ALTER TABLE user_settings ADD COLUMN skip_reminders_for_taken_doses integer NOT NULL DEFAULT 0`,
+		`ALTER TABLE user_settings ADD COLUMN repeat_reminders_enabled integer NOT NULL DEFAULT 0`,
+		`ALTER TABLE user_settings ADD COLUMN reminder_repeat_interval_minutes integer NOT NULL DEFAULT 30`,
+		`ALTER TABLE user_settings ADD COLUMN max_nagging_reminders integer NOT NULL DEFAULT 5`,
+		// Added in v1.2.3 - dismiss missed doses without deducting stock
+		`ALTER TABLE dose_tracking ADD COLUMN dismissed integer NOT NULL DEFAULT 0`,
+		// Added in v1.3.x - stock calculation mode (automatic/manual)
+		`ALTER TABLE user_settings ADD COLUMN stock_calculation_mode text NOT NULL DEFAULT 'automatic'`,
+		// Added for stock correction - hidden offset that doesn't affect looseTablets
+		`ALTER TABLE medications ADD COLUMN stock_adjustment integer NOT NULL DEFAULT 0`,
+		// Added for stock correction - timestamp to ignore consumed doses before correction
+		`ALTER TABLE medications ADD COLUMN last_stock_correction_at integer`,
+		// Added in v1.5.1 - dismiss past doses until date (robust against timestamp changes)
+		`ALTER TABLE medications ADD COLUMN dismissed_until text`,
+		// Added for more detailed reminder info display
+		`ALTER TABLE user_settings ADD COLUMN last_reminder_med_name text`,
+		`ALTER TABLE user_settings ADD COLUMN last_reminder_taken_by text`,
+		// Added for package type support (blister vs bottle)
+		`ALTER TABLE medications ADD COLUMN package_type text NOT NULL DEFAULT 'blister'`,
+		`ALTER TABLE medications ADD COLUMN total_pills integer`,
+		// Added for dose unit selection (mg, g, mcg, ml, IU, etc.)
+		`ALTER TABLE medications ADD COLUMN dose_unit text DEFAULT 'mg'`,
+		// Added for intake-level takenBy: unified intakes structure
+		`ALTER TABLE medications ADD COLUMN intakes_json text NOT NULL DEFAULT '[]'`,
+	];
+
+	for (const sql of alterMigrations) {
+		try {
+			await client.execute(sql);
+		} catch (e: any) {
+			// Silently ignore "duplicate column" errors - column already exists
+			if (!e.message?.includes("duplicate column")) {
+				errors.push(e.message);
+			}
+		}
+	}
+
+	// Create tables that might be missing (silently fail if already exists)
+	const createTableMigrations = [
+		// Added in v1.3.x - refill history tracking
+		`CREATE TABLE IF NOT EXISTS refill_history (
+      id INTEGER PRIMARY KEY AUTOINCREMENT,
+      medication_id INTEGER NOT NULL REFERENCES medications(id) ON DELETE CASCADE,
+      user_id INTEGER NOT NULL REFERENCES users(id) ON DELETE CASCADE,
+      packs_added INTEGER NOT NULL DEFAULT 0,
+      loose_pills_added INTEGER NOT NULL DEFAULT 0,
+      refill_date INTEGER NOT NULL DEFAULT (strftime('%s','now'))
+    )`,
+	];
+
+	for (const sql of createTableMigrations) {
+		try {
+			await client.execute(sql);
+		} catch (e: any) {
+			// Silently ignore "table already exists" errors
+			if (!e.message?.includes("already exists")) {
+				errors.push(e.message);
+			}
+		}
+	}
+
+	return { success: errors.length === 0, errors };
+}
+
+// =============================================================================
+// User utilities
+// =============================================================================
+
+/** Ensure default user exists for auth-disabled mode */
+export async function ensureDefaultUser(client: Client, authEnabled: boolean): Promise<boolean> {
+	if (authEnabled) {
+		return false; // No default user needed
+	}
+
+	try {
+		const result = await client.execute("SELECT id FROM users WHERE id = 1");
+		if (result.rows.length === 0) {
+			await client.execute("INSERT INTO users (id, username, auth_provider) VALUES (1, 'default', 'local')");
+			return true; // Created
+		}
+		return false; // Already exists
+	} catch (e: any) {
+		console.error(`[DB] Error creating default user:`, e.message);
+		return false;
+	}
+}
+
+// =============================================================================
+// Startup repair: fix orphaned dose tracking IDs from past schedule changes
+// =============================================================================
+
+const MS_PER_DAY = 86_400_000;
+
+/**
+ * Repair dose IDs that have a trailing hyphen caused by a frontend bug where
+ * `[].toString()` produced an empty string, resulting in IDs like "5-0-1729123200000-"
+ * instead of "5-0-1729123200000". This strips trailing hyphens from all dose IDs.
+ *
+ * This function is idempotent - safe to run on every startup.
+ */
+export async function repairTrailingHyphenDoseIds(client: Client): Promise<{ repaired: number; errors: string[] }> {
+	const errors: string[] = [];
+	let repaired = 0;
+
+	try {
+		const result = await client.execute(
+			"UPDATE dose_tracking SET dose_id = RTRIM(dose_id, '-') WHERE dose_id LIKE '%-'"
+		);
+		repaired = result.rowsAffected;
+	} catch (e: any) {
+		errors.push(`Trailing-hyphen repair failed: ${e.message}`);
+	}
+
+	return { repaired, errors };
+}
+
+/**
+ * Repair orphaned dose tracking IDs that no longer match the current intake schedule.
+ * This fixes dose IDs that became invalid when a medication's schedule was changed
+ * BEFORE the on-edit migration (PR #103) was introduced.
+ *
+ * For each medication, generates all valid schedule dateOnlyMs values from each intake's
+ * start date up to today, then checks all dose_tracking entries. Any dose whose timestamp
+ * doesn't match a valid schedule date is remapped to the nearest valid date.
+ *
+ * This function is idempotent - safe to run on every startup.
+ */
+export async function repairOrphanedDoseIds(client: Client): Promise<{ repaired: number; errors: string[] }> {
+	const errors: string[] = [];
+	let repaired = 0;
+
+	try {
+		// Get all medications
+		const medsResult = await client.execute(
+			"SELECT id, intakes_json, usage_json, every_json, start_json, intake_reminders_enabled FROM medications"
+		);
+
+		if (medsResult.rows.length === 0) return { repaired, errors };
+
+		// Get all dose tracking entries
+		const dosesResult = await client.execute("SELECT id, dose_id FROM dose_tracking");
+		if (dosesResult.rows.length === 0) return { repaired, errors };
+
+		// Build a map of medId → dose entries for quick lookup
+		const dosesByMed = new Map<number, Array<{ id: number; doseId: string }>>();
+		for (const row of dosesResult.rows) {
+			const doseId = row.dose_id as string;
+			const parts = doseId.split("-");
+			if (parts.length < 3) continue;
+			const medId = parseInt(parts[0], 10);
+			if (Number.isNaN(medId)) continue;
+			if (!dosesByMed.has(medId)) dosesByMed.set(medId, []);
+			dosesByMed.get(medId)!.push({ id: row.id as number, doseId });
+		}
+
+		const now = new Date();
+		const today = new Date(now.getFullYear(), now.getMonth(), now.getDate());
+
+		for (const med of medsResult.rows) {
+			const medId = med.id as number;
+			const medDoses = dosesByMed.get(medId);
+			if (!medDoses || medDoses.length === 0) continue;
+
+			// Parse intakes
+			const intakes = parseIntakesJson(
+				med.intakes_json as string | null,
+				{
+					usageJson: (med.usage_json as string) || "[]",
+					everyJson: (med.every_json as string) || "[]",
+					startJson: (med.start_json as string) || "[]",
+				},
+				(med.intake_reminders_enabled as number) === 1
+			);
+
+			if (intakes.length === 0) continue;
+
+			// For each intake index, build the set of valid dateOnlyMs values
+			const validDatesByIntake = new Map<number, Set<number>>();
+			for (let idx = 0; idx < intakes.length; idx++) {
+				const intake = intakes[idx];
+				const start = parseLocalDateTime(intake.start);
+				const every = intake.every;
+				if (every <= 0 || Number.isNaN(start.getTime())) continue;
+
+				const validDates = new Set<number>();
+				for (let d = new Date(start); d <= today; d.setDate(d.getDate() + every)) {
+					validDates.add(new Date(d.getFullYear(), d.getMonth(), d.getDate()).getTime());
+				}
+				validDatesByIntake.set(idx, validDates);
+			}
+
+			// Check each dose entry
+			for (const dose of medDoses) {
+				const parts = dose.doseId.split("-");
+				if (parts.length < 3) continue;
+
+				const intakeIdx = parseInt(parts[1], 10);
+				const dateOnlyMs = parseInt(parts[2], 10);
+				if (Number.isNaN(intakeIdx) || Number.isNaN(dateOnlyMs)) continue;
+
+				const validDates = validDatesByIntake.get(intakeIdx);
+				if (!validDates) continue; // Unknown intake index - skip
+
+				// Check if this dose's timestamp is valid
+				if (validDates.has(dateOnlyMs)) continue; // Already valid - nothing to do
+
+				// Orphaned dose - find the nearest valid schedule date
+				const intake = intakes[intakeIdx];
+				if (!intake) continue;
+
+				const halfInterval = (intake.every * MS_PER_DAY) / 2;
+				let bestMatch: number | null = null;
+				let bestDist = Infinity;
+
+				for (const validDate of validDates) {
+					const dist = Math.abs(validDate - dateOnlyMs);
+					if (dist < bestDist && dist <= halfInterval) {
+						bestDist = dist;
+						bestMatch = validDate;
+					}
+				}
+
+				if (bestMatch !== null) {
+					// Rebuild dose ID with new timestamp, preserving person suffix
+					const personSuffix = parts.length > 3 ? `-${parts.slice(3).join("-")}` : "";
+					const newDoseId = `${medId}-${intakeIdx}-${bestMatch}${personSuffix}`;
+
+					try {
+						await client.execute({
+							sql: "UPDATE dose_tracking SET dose_id = ? WHERE id = ?",
+							args: [newDoseId, dose.id],
+						});
+						repaired++;
+					} catch (e: any) {
+						errors.push(`Failed to repair dose ${dose.id}: ${e.message}`);
+					}
+				}
+			}
+		}
+	} catch (e: any) {
+		errors.push(`Repair failed: ${e.message}`);
+	}
+
+	return { repaired, errors };
+}

backend/src/db/migrate.ts

@@ -1,3 +1,4 @@
+import { existsSync } from "node:fs";
 import { dirname, resolve } from "node:path";
 import { fileURLToPath } from "node:url";
 import { type Client, createClient } from "@libsql/client";
@@ -5,7 +6,9 @@ import dotenv from "dotenv";
 import { drizzle } from "drizzle-orm/libsql";
 import { migrate } from "drizzle-orm/libsql/migrator";
 
-dotenv.config({ path: process.env.DOTENV_PATH || ".env" });
+// Load .env: try cwd first, then parent dir (for local dev running from backend/)
+const envPath = process.env.DOTENV_PATH || (existsSync(".env") ? ".env" : "../.env");
+dotenv.config({ path: envPath });
 
 // Get migrations folder path (relative to this file's location)
 const __filename = fileURLToPath(import.meta.url);

backend/src/index.ts

@@ -10,6 +10,7 @@ import sensible from "@fastify/sensible";
 import fastifyStatic from "@fastify/static";
 import Fastify, { type FastifyInstance } from "fastify";
 import { migrationsReady } from "./db/client.js";
+import { getDataDir } from "./db/db-utils.js";
 import { env } from "./plugins/env.js";
 import { authRoutes } from "./routes/auth.js";
 import { doseRoutes } from "./routes/doses.js";
@@ -66,7 +67,7 @@ export async function createApp(options?: {
 		accessTtlMinutes: options?.accessTtlMinutes ?? 15,
 		refreshTtlDays: options?.refreshTtlDays ?? 7,
 		isProduction: options?.isProduction ?? false,
-		imagesDir: options?.imagesDir ?? resolve(process.cwd(), "data/images"),
+		imagesDir: options?.imagesDir ?? resolve(getDataDir(), "images"),
 	};
 
 	const app = Fastify({

backend/src/plugins/env.ts

@@ -1,7 +1,10 @@
+import { existsSync } from "node:fs";
 import dotenv from "dotenv";
 import { z } from "zod";
 
-dotenv.config({ path: process.env.DOTENV_PATH || ".env" });
+// Load .env: try cwd first, then parent dir (for local dev running from backend/)
+const envPath = process.env.DOTENV_PATH || (existsSync(".env") ? ".env" : "../.env");
+dotenv.config({ path: envPath });
 
 const EnvSchema = z.object({
 	NODE_ENV: z.enum(["development", "production", "test"]).default("production"),

backend/src/routes/auth.ts

@@ -4,6 +4,7 @@ import { eq } from "drizzle-orm";
 import type { FastifyInstance } from "fastify";
 import { z } from "zod";
 import { db } from "../db/client.js";
+import { getDataDir } from "../db/db-utils.js";
 import { refreshTokens, users } from "../db/schema.js";
 import { getAuthState, requireAuth } from "../plugins/auth.js";
 import type { AuthUser } from "../types/fastify.js";
@@ -476,7 +477,7 @@ export async function authRoutes(app: FastifyInstance) {
 			// Save file
 			const fs = await import("node:fs/promises");
 			const path = await import("node:path");
-			const imagesDir = path.join(process.cwd(), "data", "images");
+			const imagesDir = path.join(getDataDir(), "images");
 			await fs.mkdir(imagesDir, { recursive: true });
 
 			const buffer = await data.toBuffer();
@@ -523,7 +524,7 @@ export async function authRoutes(app: FastifyInstance) {
 			const fs = await import("node:fs/promises");
 			const path = await import("node:path");
 			try {
-				await fs.unlink(path.join(process.cwd(), "data", "images", user.avatarUrl));
+				await fs.unlink(path.join(getDataDir(), "images", user.avatarUrl));
 			} catch {
 				// Ignore if file doesn't exist
 			}
@@ -556,7 +557,7 @@ export async function authRoutes(app: FastifyInstance) {
 				const fs = await import("node:fs/promises");
 				const path = await import("node:path");
 				try {
-					await fs.unlink(path.join(process.cwd(), "data", "images", user.avatarUrl));
+					await fs.unlink(path.join(getDataDir(), "images", user.avatarUrl));
 				} catch {
 					// Ignore if file doesn't exist
 				}

backend/src/routes/export.ts

@@ -5,13 +5,14 @@ import { eq } from "drizzle-orm";
 import type { FastifyInstance } from "fastify";
 import { z } from "zod";
 import { db } from "../db/client.js";
+import { getDataDir } from "../db/db-utils.js";
 import { doseTracking, medications, shareTokens, userSettings } from "../db/schema.js";
 import { getAnonymousUserId, requireAuth } from "../plugins/auth.js";
 import { env } from "../plugins/env.js";
 import type { AuthUser } from "../types/fastify.js";
 import { parseIntakesJson, parseTakenByJson } from "../utils/scheduler-utils.js";
 
-const IMAGES_DIR = resolve(process.cwd(), "data/images");
+const IMAGES_DIR = resolve(getDataDir(), "images");
 
 // =============================================================================
 // Export Format Version (bump this when format changes)

backend/src/routes/medications.ts

@@ -5,13 +5,14 @@ import { and, eq, like } from "drizzle-orm";
 import type { FastifyInstance, FastifyReply, FastifyRequest } from "fastify";
 import { z } from "zod";
 import { db } from "../db/client.js";
+import { getDataDir } from "../db/db-utils.js";
 import { doseTracking, medications } from "../db/schema.js";
 import { getAnonymousUserId, requireAuth } from "../plugins/auth.js";
 import { env } from "../plugins/env.js";
 import type { AuthUser } from "../types/fastify.js";
 import { type Intake, parseIntakesJson, parseLocalDateTime, parseTakenByJson } from "../utils/scheduler-utils.js";
 
-const IMAGES_DIR = resolve(process.cwd(), "data/images");
+const IMAGES_DIR = resolve(getDataDir(), "images");
 
 // New intake schema with per-intake takenBy
 const intakeSchema = z.object({
@@ -284,6 +285,17 @@ export async function medicationRoutes(app: FastifyInstance) {
 		const startJson = JSON.stringify(intakes.map((s) => s.start));
 		const takenByJson = JSON.stringify(takenBy || []);
 
+		// If stock-defining fields changed, reset stockAdjustment so the new
+		// base stock reflects actual inventory.  This prevents the old
+		// correction offset from skewing the total after an edit.
+		const stockFieldsChanged =
+			existing.packCount !== packCount ||
+			existing.blistersPerPack !== blistersPerPack ||
+			existing.pillsPerBlister !== pillsPerBlister ||
+			(existing.looseTablets ?? 0) !== (looseTablets ?? 0);
+
+		const stockResetFields = stockFieldsChanged ? { stockAdjustment: 0, lastStockCorrectionAt: new Date() } : {};
+
 		const result = await db
 			.update(medications)
 			.set({
@@ -306,6 +318,7 @@ export async function medicationRoutes(app: FastifyInstance) {
 				everyJson,
 				startJson,
 				updatedAt: new Date(),
+				...stockResetFields,
 			})
 			.where(and(eq(medications.id, idNum), eq(medications.userId, userId)))
 			.returning();
@@ -668,10 +681,19 @@ export async function medicationRoutes(app: FastifyInstance) {
 				const blisterStart = parseLocalDateTime(blister.start);
 				if (Number.isNaN(blisterStart.getTime())) return;
 
-				const effectiveStart = Math.max(blisterStart.getTime(), stockCorrectionCutoff);
+				const period = Math.max(1, blister.every) * msPerDay;
+
+				// After a stock correction, start counting from the NEXT scheduled
+				// dose, because the user's pill count already reflects all
+				// consumption up to the correction time.
+				let effectiveStart: number;
+				if (stockCorrectionCutoff > 0 && stockCorrectionCutoff >= blisterStart.getTime()) {
+					effectiveStart = stockCorrectionCutoff + period;
+				} else {
+					effectiveStart = blisterStart.getTime();
+				}
 				if (effectiveStart > now.getTime()) return;
 
-				const period = Math.max(1, blister.every) * msPerDay;
 				const occurrences = Math.floor((now.getTime() - effectiveStart) / period) + 1;
 
 				// Get the people for this intake (from intakes array or medication takenBy)

backend/src/services/intake-reminder-scheduler.ts

@@ -3,6 +3,7 @@ import { resolve } from "node:path";
 import { and, eq, gte, lte } from "drizzle-orm";
 import nodemailer from "nodemailer";
 import { db } from "../db/client.js";
+import { getDataDir } from "../db/db-utils.js";
 import { doseTracking, medications } from "../db/schema.js";
 import { getDateLocale, getTranslations, type Language, t } from "../i18n/translations.js";
 import { getAllUserSettings, sendShoutrrrNotification, type UserSettings } from "../routes/settings.js";
@@ -25,7 +26,7 @@ import { updateReminderSentTime, updateUserReminderSentTime } from "./reminder-s
 const REMINDER_MINUTES_BEFORE = parseInt(process.env.REMINDER_MINUTES_BEFORE ?? "15", 10);
 const CHECK_INTERVAL_MS = 60 * 1000; // Check every 1 minute
 
-const intakeReminderStateFile = resolve(process.cwd(), "data", "intake-reminder-state.json");
+const intakeReminderStateFile = resolve(getDataDir(), "intake-reminder-state.json");
 
 function loadIntakeReminderState(): IntakeReminderState {
 	try {

backend/src/services/reminder-scheduler.ts

@@ -3,6 +3,7 @@ import { resolve } from "node:path";
 import { eq } from "drizzle-orm";
 import nodemailer from "nodemailer";
 import { db } from "../db/client.js";
+import { getDataDir } from "../db/db-utils.js";
 import { medications, userSettings } from "../db/schema.js";
 import { getTranslations, type Language, t } from "../i18n/translations.js";
 import { getAllUserSettings, sendShoutrrrNotification, type UserSettings } from "../routes/settings.js";
@@ -25,7 +26,7 @@ import {
 
 const REMINDER_HOUR = parseInt(process.env.REMINDER_HOUR ?? "6", 10); // Default 6:00 AM local time
 
-const reminderStateFile = resolve(process.cwd(), "data", "reminder-state.json");
+const reminderStateFile = resolve(getDataDir(), "reminder-state.json");
 
 function loadReminderState(): ReminderState {
 	try {

backend/src/test/database.test.ts

@@ -5,19 +5,20 @@ import { fileURLToPath } from "node:url";
 import { createClient } from "@libsql/client";
 import { drizzle } from "drizzle-orm/libsql";
 import { migrate } from "drizzle-orm/libsql/migrator";
-import { afterEach, beforeEach, describe, expect, it } from "vitest";
+import { afterEach, beforeEach, describe, expect, it, vi } from "vitest";
 
-// Import the exported utility functions from client.ts
+// Import utility functions from db-utils (no side effects, unlike client.ts which initializes the DB)
 import {
 	buildDbUrl,
 	ensureDataDirectory,
 	ensureDefaultUser,
+	getDataDir,
 	getDbPaths,
 	repairOrphanedDoseIds,
 	repairTrailingHyphenDoseIds,
 	runAlterMigrations,
 	runDrizzleMigrations,
-} from "../db/client.js";
+} from "../db/db-utils.js";
 
 // Import the exported utility functions from migrate.ts
 import { executeMigration, getStatementPreview, splitSQLStatements } from "../db/migrate.js";
@@ -144,15 +145,78 @@ describe("Database Client Utilities", () => {
 		});
 	});
 
+	describe("getDataDir", () => {
+		const originalDataDir = process.env.DATA_DIR;
+
+		afterEach(() => {
+			if (originalDataDir === undefined) {
+				delete process.env.DATA_DIR;
+			} else {
+				process.env.DATA_DIR = originalDataDir;
+			}
+		});
+
+		it("should use DATA_DIR env var when set (Docker)", () => {
+			process.env.DATA_DIR = "/app/data";
+			expect(getDataDir()).toBe("/app/data");
+		});
+
+		it("should resolve relative DATA_DIR to absolute", () => {
+			process.env.DATA_DIR = "../data";
+			const result = getDataDir();
+			expect(result).not.toContain("..");
+			expect(result).toMatch(/\/data$/);
+		});
+
+		it("should detect monorepo and use ../data when in backend/ subdir", () => {
+			delete process.env.DATA_DIR;
+			// Tests run from backend/ which has ../docker-compose.yml
+			const result = getDataDir();
+			// Should resolve to the project root's data/ folder, not backend/data/
+			expect(result).toMatch(/\/data$/);
+			expect(result).not.toMatch(/backend\/data$/);
+		});
+
+		it("should fall back to cwd/data when not in monorepo", () => {
+			delete process.env.DATA_DIR;
+			// Use a directory that has no ../docker-compose.yml
+			expect(getDataDir("/tmp")).toBe("/tmp/data");
+		});
+
+		it("should prefer DATA_DIR over monorepo detection", () => {
+			process.env.DATA_DIR = "/override/data";
+			expect(getDataDir("/app")).toBe("/override/data");
+		});
+	});
+
 	describe("getDbPaths", () => {
-		it("should return correct paths based on cwd", () => {
+		const originalDataDir = process.env.DATA_DIR;
+
+		afterEach(() => {
+			if (originalDataDir === undefined) {
+				delete process.env.DATA_DIR;
+			} else {
+				process.env.DATA_DIR = originalDataDir;
+			}
+		});
+
+		it("should return correct paths with DATA_DIR set", () => {
+			process.env.DATA_DIR = "/app/data";
 			const paths = getDbPaths("/app");
 			expect(paths.dataDir).toBe("/app/data");
 			expect(paths.dbPath).toBe("/app/data/medassist-ng.db");
 			expect(paths.url).toBe("file:/app/data/medassist-ng.db");
 		});
 
+		it("should return correct paths without DATA_DIR in non-monorepo dir", () => {
+			delete process.env.DATA_DIR;
+			const paths = getDbPaths("/tmp");
+			expect(paths.dataDir).toBe("/tmp/data");
+			expect(paths.dbPath).toBe("/tmp/data/medassist-ng.db");
+		});
+
 		it("should use process.cwd() by default", () => {
+			delete process.env.DATA_DIR;
 			const paths = getDbPaths();
 			expect(paths.dataDir).toContain("data");
 			expect(paths.dbPath).toContain("medassist-ng.db");

backend/src/test/e2e-routes.test.ts

@@ -1730,6 +1730,304 @@ describe("E2E Tests with Real Routes", () => {
 		});
 	});
 
+	// ---------------------------------------------------------------------------
+	// Real Stock Correction (PATCH /medications/:id/stock-adjustment) Tests
+	// ---------------------------------------------------------------------------
+
+	describe("Real /medications/:id/stock-adjustment routes", () => {
+		it("should update stockAdjustment and lastStockCorrectionAt", async () => {
+			const createResponse = await app.inject({
+				method: "POST",
+				url: "/medications",
+				payload: {
+					name: "Stock Correction Med",
+					packCount: 1,
+					blistersPerPack: 14,
+					pillsPerBlister: 14,
+					blisters: [{ usage: 1, every: 1, start: "2025-01-01T08:00:00.000Z" }],
+				},
+			});
+			expect(createResponse.statusCode).toBe(200);
+			const medId = createResponse.json().id;
+
+			// Correct stock: set adjustment to -83 (196 base - 83 = 113 pills)
+			const response = await app.inject({
+				method: "PATCH",
+				url: `/medications/${medId}/stock-adjustment`,
+				payload: { stockAdjustment: -83 },
+			});
+
+			expect(response.statusCode).toBe(200);
+			const data = response.json();
+			expect(data.stockAdjustment).toBe(-83);
+			expect(data.lastStockCorrectionAt).toBeTruthy();
+			expect(data.updatedAt).toBeTruthy();
+		});
+
+		it("should persist stockAdjustment in GET /medications", async () => {
+			const createResponse = await app.inject({
+				method: "POST",
+				url: "/medications",
+				payload: {
+					name: "Persist Stock Med",
+					packCount: 1,
+					blistersPerPack: 1,
+					pillsPerBlister: 30,
+					blisters: [{ usage: 1, every: 1, start: "2025-01-01T08:00:00.000Z" }],
+				},
+			});
+			const medId = createResponse.json().id;
+
+			// Apply stock correction
+			await app.inject({
+				method: "PATCH",
+				url: `/medications/${medId}/stock-adjustment`,
+				payload: { stockAdjustment: -7 },
+			});
+
+			// Verify via GET
+			const getResponse = await app.inject({
+				method: "GET",
+				url: "/medications",
+			});
+
+			expect(getResponse.statusCode).toBe(200);
+			const meds = getResponse.json();
+			const med = meds.find((m: any) => m.id === medId);
+			expect(med).toBeDefined();
+			expect(med.stockAdjustment).toBe(-7);
+			expect(med.lastStockCorrectionAt).toBeTruthy();
+		});
+
+		it("should not reset stockAdjustment when editing medication via PUT", async () => {
+			const createResponse = await app.inject({
+				method: "POST",
+				url: "/medications",
+				payload: {
+					name: "Keep Adjustment Med",
+					packCount: 1,
+					blistersPerPack: 1,
+					pillsPerBlister: 30,
+					blisters: [{ usage: 1, every: 1, start: "2025-01-01T08:00:00.000Z" }],
+				},
+			});
+			const medId = createResponse.json().id;
+
+			// Set stock adjustment
+			await app.inject({
+				method: "PATCH",
+				url: `/medications/${medId}/stock-adjustment`,
+				payload: { stockAdjustment: -5 },
+			});
+
+			// Edit the medication (change name) - should preserve stockAdjustment
+			await app.inject({
+				method: "PUT",
+				url: `/medications/${medId}`,
+				payload: {
+					name: "Renamed Med",
+					packCount: 1,
+					blistersPerPack: 1,
+					pillsPerBlister: 30,
+					looseTablets: 0,
+					blisters: [{ usage: 1, every: 1, start: "2025-01-01T08:00:00.000Z" }],
+				},
+			});
+
+			// Verify stockAdjustment is preserved
+			const getResponse = await app.inject({
+				method: "GET",
+				url: "/medications",
+			});
+			const med = getResponse.json().find((m: any) => m.id === medId);
+			expect(med.name).toBe("Renamed Med");
+			expect(med.stockAdjustment).toBe(-5);
+		});
+
+		it("should return 400 for non-numeric stockAdjustment", async () => {
+			const createResponse = await app.inject({
+				method: "POST",
+				url: "/medications",
+				payload: {
+					name: "Bad Adjustment Med",
+					blisters: [{ usage: 1, every: 1, start: "2025-01-01T08:00:00.000Z" }],
+				},
+			});
+			const medId = createResponse.json().id;
+
+			const response = await app.inject({
+				method: "PATCH",
+				url: `/medications/${medId}/stock-adjustment`,
+				payload: { stockAdjustment: "not-a-number" },
+			});
+
+			expect(response.statusCode).toBe(400);
+		});
+
+		it("should return 404 for non-existent medication", async () => {
+			const response = await app.inject({
+				method: "PATCH",
+				url: "/medications/99999/stock-adjustment",
+				payload: { stockAdjustment: 5 },
+			});
+
+			expect(response.statusCode).toBe(404);
+		});
+
+		it("should return 400 for invalid medication id", async () => {
+			const response = await app.inject({
+				method: "PATCH",
+				url: "/medications/invalid/stock-adjustment",
+				payload: { stockAdjustment: 5 },
+			});
+
+			expect(response.statusCode).toBe(400);
+		});
+
+		it("should reset stockAdjustment when stock fields change via PUT", async () => {
+			const createResponse = await app.inject({
+				method: "POST",
+				url: "/medications",
+				payload: {
+					name: "Reset Adj Med",
+					packCount: 1,
+					blistersPerPack: 1,
+					pillsPerBlister: 30,
+					looseTablets: 0,
+					blisters: [{ usage: 1, every: 1, start: "2025-01-01T08:00:00.000Z" }],
+				},
+			});
+			const medId = createResponse.json().id;
+
+			// Set stock adjustment to -10
+			await app.inject({
+				method: "PATCH",
+				url: `/medications/${medId}/stock-adjustment`,
+				payload: { stockAdjustment: -10 },
+			});
+
+			// Verify adjustment is set
+			let getMeds = await app.inject({ method: "GET", url: "/medications" });
+			let med = getMeds.json().find((m: any) => m.id === medId);
+			expect(med.stockAdjustment).toBe(-10);
+
+			// Edit medication with CHANGED stock fields (packCount 1 → 2)
+			await app.inject({
+				method: "PUT",
+				url: `/medications/${medId}`,
+				payload: {
+					name: "Reset Adj Med",
+					packCount: 2,
+					blistersPerPack: 1,
+					pillsPerBlister: 30,
+					looseTablets: 0,
+					blisters: [{ usage: 1, every: 1, start: "2025-01-01T08:00:00.000Z" }],
+				},
+			});
+
+			// stockAdjustment should be reset to 0
+			getMeds = await app.inject({ method: "GET", url: "/medications" });
+			med = getMeds.json().find((m: any) => m.id === medId);
+			expect(med.stockAdjustment).toBe(0);
+			expect(med.lastStockCorrectionAt).toBeTruthy();
+		});
+
+		it("should preserve stockAdjustment when only non-stock fields change via PUT", async () => {
+			const createResponse = await app.inject({
+				method: "POST",
+				url: "/medications",
+				payload: {
+					name: "Preserve Adj Med",
+					packCount: 1,
+					blistersPerPack: 1,
+					pillsPerBlister: 30,
+					looseTablets: 0,
+					blisters: [{ usage: 1, every: 1, start: "2025-01-01T08:00:00.000Z" }],
+				},
+			});
+			const medId = createResponse.json().id;
+
+			// Set stock adjustment
+			await app.inject({
+				method: "PATCH",
+				url: `/medications/${medId}/stock-adjustment`,
+				payload: { stockAdjustment: -5 },
+			});
+
+			// Edit only non-stock fields (name, notes)
+			await app.inject({
+				method: "PUT",
+				url: `/medications/${medId}`,
+				payload: {
+					name: "Renamed Preserve Med",
+					notes: "Updated notes",
+					packCount: 1,
+					blistersPerPack: 1,
+					pillsPerBlister: 30,
+					looseTablets: 0,
+					blisters: [{ usage: 1, every: 1, start: "2025-01-01T08:00:00.000Z" }],
+				},
+			});
+
+			// stockAdjustment should be preserved
+			const getMeds = await app.inject({ method: "GET", url: "/medications" });
+			const med = getMeds.json().find((m: any) => m.id === medId);
+			expect(med.name).toBe("Renamed Preserve Med");
+			expect(med.stockAdjustment).toBe(-5);
+		});
+
+		it("should not count phantom consumption in planner after stock correction", async () => {
+			// Create medication: 1 pack × 14 blisters × 14 pills = 196 pills total
+			// Schedule: 1 pill daily starting far in the past
+			const farPast = new Date("2024-01-01T08:00:00.000Z");
+
+			const createResponse = await app.inject({
+				method: "POST",
+				url: "/medications",
+				payload: {
+					name: "Planner Phantom Med",
+					packCount: 1,
+					blistersPerPack: 14,
+					pillsPerBlister: 14,
+					looseTablets: 0,
+					blisters: [{ usage: 1, every: 1, start: farPast.toISOString() }],
+				},
+			});
+			const medId = createResponse.json().id;
+
+			// Correct stock to 113 pills (196 base - 83 = 113)
+			await app.inject({
+				method: "PATCH",
+				url: `/medications/${medId}/stock-adjustment`,
+				payload: { stockAdjustment: -83 },
+			});
+
+			// Query planner immediately - stock should be ~113 (not reduced by phantom dose)
+			const tomorrow = new Date();
+			tomorrow.setDate(tomorrow.getDate() + 1);
+			const nextWeek = new Date();
+			nextWeek.setDate(nextWeek.getDate() + 7);
+
+			const response = await app.inject({
+				method: "POST",
+				url: "/medications/usage",
+				payload: {
+					startDate: tomorrow.toISOString(),
+					endDate: nextWeek.toISOString(),
+				},
+			});
+
+			expect(response.statusCode).toBe(200);
+			const data = response.json();
+			const med = data.find((m: any) => m.medicationId === medId);
+			expect(med).toBeDefined();
+			// Total should be very close to 113 (not 112 or lower from phantom consumption)
+			// Allow up to 1 pill of natural consumption (test runs fast, but at most 1 day could pass)
+			expect(med.totalPills).toBeGreaterThanOrEqual(112);
+			expect(med.totalPills).toBeLessThanOrEqual(113);
+		});
+	});
+
 	// ---------------------------------------------------------------------------
 	// Real Export/Import Routes Tests
 	// ---------------------------------------------------------------------------

backend/src/utils/server-config.ts

@@ -6,6 +6,7 @@
 import { existsSync, mkdirSync } from "node:fs";
 import { resolve } from "node:path";
 import type { CookieSerializeOptions } from "@fastify/cookie";
+import { getDataDir } from "../db/db-utils.js";
 
 /**
  * Parse comma-separated CORS origins string
@@ -81,8 +82,7 @@ export function buildAppConfig(options: AppConfigOptions): AppConfig {
  * Ensure images directory exists
  */
 export function ensureImagesDirectory(cwd?: string): string {
-	const basePath = cwd || process.cwd();
-	const imagesDir = resolve(basePath, "data/images");
+	const imagesDir = resolve(getDataDir(cwd), "images");
 	if (!existsSync(imagesDir)) {
 		mkdirSync(imagesDir, { recursive: true });
 	}

docker-compose.dev.yml

@@ -9,6 +9,8 @@ services:
       - ./data:/app/data
     env_file:
       - .env
+    environment:
+      - DATA_DIR=/app/data
     ports:
       - "3000:3000"
     security_opt:

docker-compose.yml

@@ -7,6 +7,7 @@ services:
     environment:
       - PUID=${PUID:-1000}
       - PGID=${PGID:-1000}
+      - DATA_DIR=/app/data
     volumes:
       - ./data:/app/data
     ports:
@@ -34,6 +35,8 @@ services:
   frontend:
     image: ghcr.io/danielvolz/medassist-ng-frontend:latest
     container_name: medassist-ng-frontend
+    environment:
+      - BACKEND_URL=backend:3000
     ports:
       - "4174:8080"
     networks:

frontend/Dockerfile

@@ -32,8 +32,14 @@ RUN npm run build
 # -----------------------------------------------------------------------------
 FROM nginxinc/nginx-unprivileged:1.27-alpine AS runner
 
-# Copy custom nginx config (must listen on 8080, not 80)
-COPY nginx.conf /etc/nginx/conf.d/default.conf
+# Redirect envsubst output to /tmp (writable under read_only: true)
+# and update nginx main config to include from there instead of /etc/nginx/conf.d/
+ENV NGINX_ENVSUBST_OUTPUT_DIR=/tmp
+RUN sed -i 's|include /etc/nginx/conf.d/\*.conf;|include /tmp/default.conf;|' /etc/nginx/nginx.conf
+
+# Copy custom nginx config as template for envsubst processing
+# nginx-unprivileged automatically substitutes env vars in .template files
+COPY nginx.conf /etc/nginx/templates/default.conf.template
 
 # Copy built static files with correct ownership (nginx user = uid 101)
 COPY --from=builder --chown=101:101 /app/dist /usr/share/nginx/html
@@ -44,5 +50,5 @@ EXPOSE 8080
 # Already runs as non-root (nginx user, uid 101)
 USER nginx
 
-# Start nginx
+# Start nginx (entrypoint processes templates automatically)
 CMD ["nginx", "-g", "daemon off;"]

frontend/nginx.conf

@@ -20,7 +20,14 @@ server {
     }
 
     location /api/ {
-        proxy_pass http://medassist-ng-backend:3000/;
+        # Use variable for runtime DNS resolution (nginx resolves at startup by default)
+        # Docker embedded DNS (127.0.0.11) with 10s cache
+        resolver 127.0.0.11 valid=10s ipv6=off;
+        set $backend_upstream ${BACKEND_URL};
+
+        # Strip /api prefix (nginx doesn't auto-rewrite when using variables in proxy_pass)
+        rewrite ^/api/(.*)$ /$1 break;
+        proxy_pass http://$backend_upstream;
         proxy_set_header Host $host;
         proxy_set_header X-Real-IP $remote_addr;
         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

frontend/package-lock.json

@@ -1,12 +1,12 @@
 {
   "name": "medassist-ng-frontend",
-  "version": "1.7.1",
+  "version": "1.8.3",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "medassist-ng-frontend",
-      "version": "1.7.1",
+      "version": "1.8.3",
       "dependencies": {
         "i18next": "^24.2.2",
         "i18next-browser-languagedetector": "^8.0.4",
@@ -133,7 +133,6 @@
       "integrity": "sha512-e7jT4DxYvIDLk1ZHmU/m/mB19rex9sv0c2ftBtjSBv+kVM/902eh0fINUzD7UwLLNR+jU585GxUJ8/EBfAM5fw==",
       "dev": true,
       "license": "MIT",
-      "peer": true,
       "dependencies": {
         "@babel/code-frame": "^7.27.1",
         "@babel/generator": "^7.28.5",
@@ -655,7 +654,6 @@
         }
       ],
       "license": "MIT",
-      "peer": true,
       "engines": {
         "node": ">=18"
       },
@@ -699,7 +697,6 @@
         }
       ],
       "license": "MIT",
-      "peer": true,
       "engines": {
         "node": ">=18"
       }
@@ -1647,7 +1644,8 @@
       "resolved": "https://registry.npmjs.org/@types/aria-query/-/aria-query-5.0.4.tgz",
       "integrity": "sha512-rfT93uj5s0PRL7EzccGMs3brplhcrghnDoV26NqKhCAS1hVo+WdNsPvE/yb6ilfr5hi2MEk6d5EWJTKdxg8jVw==",
       "dev": true,
-      "license": "MIT"
+      "license": "MIT",
+      "peer": true
     },
     "node_modules/@types/babel__core": {
       "version": "7.20.5",
@@ -1739,7 +1737,6 @@
       "integrity": "sha512-cisd7gxkzjBKU2GgdYrTdtQx1SORymWyaAFhaxQPK9bYO9ot3Y5OikQRvY0VYQtvwjeQnizCINJAenh/V7MK2w==",
       "dev": true,
       "license": "MIT",
-      "peer": true,
       "dependencies": {
         "@types/prop-types": "*",
         "csstype": "^3.2.2"
@@ -1751,7 +1748,6 @@
       "integrity": "sha512-MEe3UeoENYVFXzoXEWsvcpg6ZvlrFNlOQ7EOsvhI3CfAXwzPfO8Qwuxd40nepsYKqyyVQnTdEfv68q91yLcKrQ==",
       "dev": true,
       "license": "MIT",
-      "peer": true,
       "peerDependencies": {
         "@types/react": "^18.0.0"
       }
@@ -1958,6 +1954,7 @@
       "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==",
       "dev": true,
       "license": "MIT",
+      "peer": true,
       "engines": {
         "node": ">=8"
       }
@@ -1968,6 +1965,7 @@
       "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==",
       "dev": true,
       "license": "MIT",
+      "peer": true,
       "engines": {
         "node": ">=10"
       },
@@ -2054,7 +2052,6 @@
         }
       ],
       "license": "MIT",
-      "peer": true,
       "dependencies": {
         "baseline-browser-mapping": "^2.9.0",
         "caniuse-lite": "^1.0.30001759",
@@ -2238,7 +2235,8 @@
       "resolved": "https://registry.npmjs.org/dom-accessibility-api/-/dom-accessibility-api-0.5.16.tgz",
       "integrity": "sha512-X7BJ2yElsnOJ30pZF4uIIDfBEVgF4XEBxL9Bxhy6dnrm5hkzqmsWHGTiHqRiITNhMyFLyAiWndIJP7Z1NTteDg==",
       "dev": true,
-      "license": "MIT"
+      "license": "MIT",
+      "peer": true
     },
     "node_modules/electron-to-chromium": {
       "version": "1.5.267",
@@ -2468,7 +2466,6 @@
         }
       ],
       "license": "MIT",
-      "peer": true,
       "dependencies": {
         "@babel/runtime": "^7.26.10"
       },
@@ -2558,7 +2555,6 @@
       "integrity": "sha512-mjzqwWRD9Y1J1KUi7W97Gja1bwOOM5Ug0EZ6UDK3xS7j7mndrkwozHtSblfomlzyB4NepioNt+B2sOSzczVgtQ==",
       "dev": true,
       "license": "MIT",
-      "peer": true,
       "dependencies": {
         "@acemir/cssom": "^0.9.28",
         "@asamuzakjp/dom-selector": "^6.7.6",
@@ -2647,6 +2643,7 @@
       "integrity": "sha512-h5bgJWpxJNswbU7qCrV0tIKQCaS3blPDrqKWx+QxzuzL1zGUzij9XCWLrSLsJPu5t+eWA/ycetzYAO5IOMcWAQ==",
       "dev": true,
       "license": "MIT",
+      "peer": true,
       "bin": {
         "lz-string": "bin/bin.js"
       }
@@ -2796,7 +2793,6 @@
       "integrity": "sha512-5gTmgEY/sqK6gFXLIsQNH19lWb4ebPDLA4SdLP7dsWkIXHWlG66oPuVvXSGFPppYZz8ZDZq0dYYrbHfBCVUb1Q==",
       "dev": true,
       "license": "MIT",
-      "peer": true,
       "engines": {
         "node": ">=12"
       },
@@ -2886,6 +2882,7 @@
       "integrity": "sha512-Qb1gy5OrP5+zDf2Bvnzdl3jsTf1qXVMazbvCoKhtKqVs4/YK4ozX4gKQJJVyNe+cajNPn0KoC0MC3FUmaHWEmQ==",
       "dev": true,
       "license": "MIT",
+      "peer": true,
       "dependencies": {
         "ansi-regex": "^5.0.1",
         "ansi-styles": "^5.0.0",
@@ -2910,7 +2907,6 @@
       "resolved": "https://registry.npmjs.org/react/-/react-18.3.1.tgz",
       "integrity": "sha512-wS+hAgJShR0KhEvPJArfuPVN1+Hz1t0Y6n5jLrGQbkb4urgPE/0Rve+1kMB1v/oWgHgm4WIcV+i7F2pTVj+2iQ==",
       "license": "MIT",
-      "peer": true,
       "dependencies": {
         "loose-envify": "^1.1.0"
       },
@@ -2923,7 +2919,6 @@
       "resolved": "https://registry.npmjs.org/react-dom/-/react-dom-18.3.1.tgz",
       "integrity": "sha512-5m4nQKp+rZRb09LNH59GM4BxTh9251/ylbKIbpe7TpGxfJ+9kv6BLkLBXIjjspbgbnIBNqlI23tRnTWT0snUIw==",
       "license": "MIT",
-      "peer": true,
       "dependencies": {
         "loose-envify": "^1.1.0",
         "scheduler": "^0.23.2"
@@ -2963,7 +2958,8 @@
       "resolved": "https://registry.npmjs.org/react-is/-/react-is-17.0.2.tgz",
       "integrity": "sha512-w2GsyukL62IJnlaff/nRegPQR94C/XXamvMWmSHRJ4y7Ts/4ocGRmTHvOs8PSE6pB3dWOrD/nueuU5sduBsQ4w==",
       "dev": true,
-      "license": "MIT"
+      "license": "MIT",
+      "peer": true
     },
     "node_modules/react-refresh": {
       "version": "0.17.0",
@@ -3277,7 +3273,6 @@
       "integrity": "sha512-jl1vZzPDinLr9eUt3J/t7V6FgNEw9QjvBPdysz9KfQDD41fQrC2Y4vKQdiaUpFT4bXlb1RHhLpp8wtm6M5TgSw==",
       "devOptional": true,
       "license": "Apache-2.0",
-      "peer": true,
       "bin": {
         "tsc": "bin/tsc",
         "tsserver": "bin/tsserver"
@@ -3323,7 +3318,6 @@
       "integrity": "sha512-dZwN5L1VlUBewiP6H9s2+B3e3Jg96D0vzN+Ry73sOefebhYr9f94wwkMNN/9ouoU8pV1BqA1d1zGk8928cx0rg==",
       "dev": true,
       "license": "MIT",
-      "peer": true,
       "dependencies": {
         "esbuild": "^0.27.0",
         "fdir": "^6.5.0",
@@ -3399,7 +3393,6 @@
       "integrity": "sha512-FQMeF0DJdWY0iOnbv466n/0BudNdKj1l5jYgl5JVTwjSsZSlqyXFt/9+1sEyhR6CLowbZpV7O1sCHrzBhucKKg==",
       "dev": true,
       "license": "MIT",
-      "peer": true,
       "dependencies": {
         "@vitest/expect": "4.0.17",
         "@vitest/mocker": "4.0.17",

frontend/package.json

@@ -1,7 +1,7 @@
 {
   "name": "medassist-ng-frontend",
   "private": true,
-  "version": "1.7.1",
+  "version": "1.8.6",
   "type": "module",
   "scripts": {
     "dev": "vite",

frontend/src/components/AboutModal.tsx

@@ -3,7 +3,7 @@ import { useTranslation } from "react-i18next";
 import { FRONTEND_VERSION, GITHUB_URL } from "../App";
 
 interface UpdateCheckResult {
-	status: "checking" | "up-to-date" | "update-available" | "error";
+	status: "up-to-date" | "update-available" | "error";
 	latestVersion?: string;
 	lastChecked?: string;
 }
@@ -15,19 +15,13 @@ interface AboutModalProps {
 
 export default function AboutModal({ isOpen, onClose }: AboutModalProps) {
 	const { t } = useTranslation();
-	const [backendVersion, setBackendVersion] = useState<string | null>(null);
+	const [isChecking, setIsChecking] = useState(false);
 	const [updateCheckResult, setUpdateCheckResult] = useState<UpdateCheckResult | null>(null);
 
-	// Fetch backend version and cached update result on mount
+	// Load cached update check result on mount
 	useEffect(() => {
 		if (!isOpen) return;
 
-		// Fetch backend version
-		fetch("/api/health")
-			.then((res) => res.json())
-			.then((data) => setBackendVersion(data.version || "unknown"))
-			.catch(() => setBackendVersion("unknown"));
-
 		// Load cached update check result
 		const cached = sessionStorage.getItem("updateCheckResult");
 		if (cached) {
@@ -43,9 +37,13 @@ export default function AboutModal({ isOpen, onClose }: AboutModalProps) {
 	}, [isOpen]);
 
 	async function checkForUpdates() {
-		setUpdateCheckResult({ status: "checking" });
+		setIsChecking(true);
+		const minDelay = new Promise((resolve) => setTimeout(resolve, 1000));
 		try {
-			const res = await fetch(`https://api.github.com/repos/DanielVolz/medassist-ng/releases/latest`);
+			const [res] = await Promise.all([
+				fetch(`https://api.github.com/repos/DanielVolz/medassist-ng/releases/latest`),
+				minDelay,
+			]);
 			if (!res.ok) throw new Error("Failed to fetch");
 			const data = await res.json();
 			const latestVersion = (data.tag_name || "").replace(/^v/, "");
@@ -61,6 +59,8 @@ export default function AboutModal({ isOpen, onClose }: AboutModalProps) {
 			sessionStorage.setItem("updateCheckResult", JSON.stringify(result));
 		} catch {
 			setUpdateCheckResult({ status: "error" });
+		} finally {
+			setIsChecking(false);
 		}
 	}
 
@@ -74,32 +74,27 @@ export default function AboutModal({ isOpen, onClose }: AboutModalProps) {
 				</button>
 				<div className="about-header">
 					<div className="about-logo">
-						<svg viewBox="0 0 24 24" fill="none" stroke="currentColor" strokeWidth="1.5">
-							<path d="M19.5 12c0 4.14-3.36 7.5-7.5 7.5S4.5 16.14 4.5 12 7.86 4.5 12 4.5s7.5 3.36 7.5 7.5z" />
-							<path d="M12 8v4l2.5 2.5" />
-							<path d="M9 2h6M12 2v2" />
-						</svg>
+						<img src="/favicon.svg" alt="MedAssist-ng" />
 					</div>
 					<h2>{t("about.appName", "MedAssist-ng")}</h2>
 					<p className="about-tagline">{t("about.description", "Personal medication tracking and reminder app")}</p>
 				</div>
 				<div className="about-versions">
 					<div className="about-version-row">
-						<span className="about-version-label">{t("about.frontendVersion", "Frontend")}</span>
-						<span className="about-version-value">{FRONTEND_VERSION}</span>
-					</div>
-					<div className="about-version-row">
-						<span className="about-version-label">{t("about.backendVersion", "Backend")}</span>
-						<span className="about-version-value">{backendVersion || "..."}</span>
+						<span className="about-version-label">{t("about.version", "Version")}</span>
+						<a
+							href={`${GITHUB_URL}/releases/tag/v${FRONTEND_VERSION}`}
+							target="_blank"
+							rel="noopener noreferrer"
+							className="about-version-value about-version-link"
+						>
+							{FRONTEND_VERSION}
+						</a>
 					</div>
 				</div>
 				<div className="about-update-section">
-					<button
-						className="about-update-btn"
-						onClick={checkForUpdates}
-						disabled={updateCheckResult?.status === "checking"}
-					>
-						{updateCheckResult?.status === "checking" ? (
+					<button className="about-update-btn" onClick={checkForUpdates} disabled={isChecking}>
+						{isChecking ? (
 							<>
 								<span className="spinner-small"></span>
 								{t("about.checking", "Checking...")}
@@ -116,7 +111,7 @@ export default function AboutModal({ isOpen, onClose }: AboutModalProps) {
 							</>
 						)}
 					</button>
-					{updateCheckResult && updateCheckResult.status !== "checking" && (
+					{updateCheckResult && (
 						<div className={`about-update-result ${updateCheckResult.status}`}>
 							{updateCheckResult.status === "up-to-date" && (
 								<span className="update-status-text">✓ {t("about.upToDate", "You are up to date!")}</span>

frontend/src/hooks/useRefill.ts

@@ -1,6 +1,6 @@
 import { useCallback, useState } from "react";
 import type { Coverage, FormState, Medication, RefillEntry } from "../types";
-import { getMedTotal } from "../types";
+import { getMedTotal, getPackageSize } from "../types";
 
 export interface UseRefillReturn {
 	// Refill state
@@ -146,8 +146,8 @@ export function useRefill(): UseRefillReturn {
 				const desiredTotal = finalFullBlisters * selectedMed.pillsPerBlister + finalPartialPills;
 
 				// The "base" from DB structure (without any stockAdjustment)
-				const baseTotal =
-					selectedMed.packCount * selectedMed.blistersPerPack * selectedMed.pillsPerBlister + selectedMed.looseTablets;
+				// Use getPackageSize() which handles both blister and bottle types correctly
+				const baseTotal = getPackageSize(selectedMed);
 
 				// stockAdjustment = what we need to make getMedTotal() return desiredTotal
 				const newStockAdjustment = desiredTotal - baseTotal;

frontend/src/i18n/de.json

@@ -474,8 +474,6 @@
     "appName": "MedAssist-ng",
     "description": "Open-Source Medikamentenverwaltung und Planungsanwendung für selbst gehostete Umgebungen.",
     "version": "Version",
-    "frontend": "Frontend",
-    "backend": "Backend",
     "checkForUpdates": "Nach Updates suchen",
     "checking": "Prüfe...",
     "upToDate": "Du bist auf dem neuesten Stand!",

frontend/src/i18n/en.json

@@ -474,8 +474,6 @@
     "appName": "MedAssist-ng",
     "description": "Open-source medication tracking and planning application for self-hosted environments.",
     "version": "Version",
-    "frontend": "Frontend",
-    "backend": "Backend",
     "checkForUpdates": "Check for Updates",
     "checking": "Checking...",
     "upToDate": "You're up to date!",

frontend/src/styles.css

@@ -4551,18 +4551,12 @@ h3 .reminder-icon.info-tooltip {
 	width: 64px;
 	height: 64px;
 	margin: 0 auto 1rem;
-	background: linear-gradient(135deg, var(--accent) 0%, var(--accent-hover) 100%);
-	border-radius: 16px;
-	display: flex;
-	align-items: center;
-	justify-content: center;
-	box-shadow: 0 4px 12px rgba(var(--accent-rgb, 59, 130, 246), 0.25);
 }
 
-.about-logo svg {
-	width: 36px;
-	height: 36px;
-	stroke: white;
+.about-logo img {
+	width: 64px;
+	height: 64px;
+	border-radius: 16px;
 }
 
 .about-header h2 {
@@ -4586,15 +4580,12 @@ h3 .reminder-icon.info-tooltip {
 
 .about-version-row {
 	display: flex;
-	justify-content: space-between;
+	justify-content: center;
 	align-items: center;
+	gap: 0.75rem;
 	padding: 0.5rem 0;
 }
 
-.about-version-row:not(:last-child) {
-	border-bottom: 1px dashed var(--border-secondary);
-}
-
 .about-version-label {
 	font-size: 0.875rem;
 	color: var(--text-secondary);
@@ -4610,9 +4601,20 @@ h3 .reminder-icon.info-tooltip {
 	border-radius: 4px;
 }
 
+a.about-version-link {
+	color: var(--accent-primary);
+	text-decoration: none;
+	transition: text-decoration 0.15s ease;
+}
+
+a.about-version-link:hover {
+	text-decoration: underline;
+}
+
 .about-update-section {
 	padding: 1.25rem 1.5rem;
 	border-bottom: 1px solid var(--border-primary);
+	min-height: 148px;
 }
 
 .about-update-btn {

frontend/src/test/components/AboutModal.test.tsx

@@ -16,10 +16,6 @@ describe("AboutModal", () => {
 
 	beforeEach(() => {
 		vi.clearAllMocks();
-		(global.fetch as ReturnType<typeof vi.fn>).mockResolvedValue({
-			ok: true,
-			json: () => Promise.resolve({ version: "1.0.0" }),
-		});
 	});
 
 	it("returns null when not open", () => {
@@ -65,8 +61,10 @@ describe("AboutModal", () => {
 		expect(links.length).toBeGreaterThan(0);
 	});
 
-	it("fetches backend version on open", async () => {
+	it("renders version as link to GitHub release", () => {
 		render(<AboutModal {...defaultProps} />);
-		expect(fetch).toHaveBeenCalledWith("/api/health");
+		const versionLink = screen.getByText("1.0.0").closest("a");
+		expect(versionLink).toHaveAttribute("href", "https://github.com/test/repo/releases/tag/v1.0.0");
+		expect(versionLink).toHaveAttribute("target", "_blank");
 	});
 });

frontend/src/test/hooks/useRefill.test.ts

@@ -287,6 +287,114 @@ describe("useRefill", () => {
 		expect(mockLoadMeds).toHaveBeenCalled();
 	});
 
+	it("stock correction uses correct base for bottle type medications", async () => {
+		// BUG FIX: submitStockCorrection used blister formula (packCount * blistersPerPack * pillsPerBlister + looseTablets)
+		// for ALL medications, but getMedTotal() uses only looseTablets + stockAdjustment for bottles.
+		// This mismatch caused the correction to compute the wrong stockAdjustment.
+		(global.fetch as ReturnType<typeof vi.fn>).mockResolvedValueOnce({ ok: true });
+
+		const bottleMed: Medication = {
+			id: 4,
+			name: "Pills in a Box",
+			packageType: "bottle",
+			packCount: 1,
+			blistersPerPack: 1,
+			pillsPerBlister: 1,
+			looseTablets: 150,
+			stockAdjustment: -2,
+			takenBy: [],
+			blisters: [{ usage: 1, every: 1, start: "2026-01-31T20:27:00" }],
+			updatedAt: null,
+		};
+
+		// getMedTotal for bottle = looseTablets + stockAdjustment = 150 + (-2) = 148
+		// getPackageSize for bottle = looseTablets = 150
+
+		const mockLoadMeds = vi.fn();
+		const { result } = renderHook(() => useRefill());
+
+		// Pre-fill: user sees 148 pills (148 / 1 = 148 full, 0 partial)
+		act(() => {
+			result.current.openEditStockModal(bottleMed, {
+				all: [{ name: "Pills in a Box", medsLeft: 148, daysLeft: 148 }] as Coverage[],
+			});
+		});
+
+		// User adds +1 → 149 full blisters (pillsPerBlister=1)
+		act(() => {
+			result.current.setEditStockFullBlisters(149);
+			result.current.setEditStockPartialBlisterPills(0);
+		});
+
+		await act(async () => {
+			await result.current.submitStockCorrection(4, bottleMed, mockLoadMeds);
+		});
+
+		// desiredTotal = 149 * 1 + 0 = 149
+		// baseTotal (fixed) = getPackageSize(bottle) = looseTablets = 150
+		// newStockAdjustment = 149 - 150 = -1
+		// → getMedTotal = 150 + (-1) = 149 ✓
+		const fetchCall = (global.fetch as ReturnType<typeof vi.fn>).mock.calls.find(
+			(call: [string, RequestInit]) => call[0] === "/api/medications/4/stock-adjustment"
+		);
+		expect(fetchCall).toBeDefined();
+		const body = JSON.parse(fetchCall![1].body as string);
+		expect(body.stockAdjustment).toBe(-1); // NOT -2 (the old bug)
+	});
+
+	it("stock correction uses correct base for blister type medications", async () => {
+		// Ensure blister type still works correctly after the bottle fix
+		(global.fetch as ReturnType<typeof vi.fn>).mockResolvedValueOnce({ ok: true });
+
+		const blisterMed: Medication = {
+			id: 2,
+			name: "Blister Med",
+			packageType: "blister",
+			packCount: 1,
+			blistersPerPack: 5,
+			pillsPerBlister: 5,
+			looseTablets: 0,
+			stockAdjustment: 1,
+			takenBy: [],
+			blisters: [{ usage: 1, every: 1, start: "2026-01-30T21:07:00" }],
+			updatedAt: null,
+		};
+
+		// getMedTotal for blister = 1*5*5 + 0 + 1 = 26
+		// getPackageSize for blister = 1*5*5 + 0 = 25
+
+		const mockLoadMeds = vi.fn();
+		const { result } = renderHook(() => useRefill());
+
+		// User sees 26 pills → 5 full blisters (5pills each) + 1 partial
+		act(() => {
+			result.current.openEditStockModal(blisterMed, {
+				all: [{ name: "Blister Med", medsLeft: 26, daysLeft: 26 }] as Coverage[],
+			});
+		});
+
+		// User changes to 27 (+1): 5 full + 2 partial
+		act(() => {
+			result.current.setEditStockFullBlisters(5);
+			result.current.setEditStockPartialBlisterPills(2);
+		});
+
+		await act(async () => {
+			await result.current.submitStockCorrection(2, blisterMed, mockLoadMeds);
+		});
+
+		// desiredTotal = 5 * 5 + 2 = 27
+		// baseTotal = getPackageSize(blister) = 1*5*5 + 0 = 25
+		// newStockAdjustment = 27 - 25 = 2
+		// → getMedTotal = 25 + 2 = 27 ✓
+		const fetchCall = (global.fetch as ReturnType<typeof vi.fn>).mock.calls.find(
+			(call: [string, RequestInit]) => call[0] === "/api/medications/2/stock-adjustment"
+		);
+		expect(fetchCall).toBeDefined();
+		const body = JSON.parse(fetchCall![1].body as string);
+		expect(body.stockAdjustment).toBe(2);
+	});
+
 	it("allows setting state directly", () => {
 		const { result } = renderHook(() => useRefill());
 

frontend/src/test/utils/schedule.test.ts

@@ -366,6 +366,304 @@ describe("calculateCoverage", () => {
 		expect(result.all).toHaveLength(1);
 		// Daily rate should be doubled for 2 people
 	});
+
+	it("stock correction immediately reflects new stock without phantom consumption", () => {
+		// BUG: After a stock correction of +1 pill, the coverage calculation
+		// immediately consumed 1 dose (due to the +1 in occurrences formula),
+		// making the correction appear to have no effect.
+		//
+		// Scenario: User has 112 pills, corrects to 113 (+1 pill).
+		// Expected: medsLeft = 113 immediately after correction.
+		// Bug: medsLeft stayed at 112 because 1 dose was counted as consumed.
+		const correctionTime = new Date("2024-03-15T12:00:00Z");
+
+		const meds: Medication[] = [
+			{
+				id: 1,
+				name: "TestMed",
+				packCount: 1,
+				blistersPerPack: 14,
+				pillsPerBlister: 14,
+				looseTablets: 0,
+				stockAdjustment: -83, // 196 - 83 = 113 pills
+				lastStockCorrectionAt: correctionTime.toISOString(),
+				takenBy: [],
+				blisters: [
+					{
+						usage: 1,
+						every: 1,
+						start: "2024-01-01T08:00:00",
+					},
+				],
+				updatedAt: correctionTime.toISOString(),
+			},
+		];
+
+		// Calculate coverage immediately after correction (same second)
+		const result = calculateCoverage(meds, [], "en", 7, "automatic", new Set());
+
+		expect(result.all).toHaveLength(1);
+		// getMedTotal = 1*14*14 + 0 + (-83) = 113
+		// Consumed since correction should be 0 (not 1!)
+		expect(result.all[0].medsLeft).toBe(113);
+	});
+
+	it("stock correction with dose tracking data also reflects correctly", () => {
+		// When the user has dose tracking data, the actualConsumed path is used.
+		// Verify that no phantom dose is generated right after a stock correction.
+		const correctionTime = new Date("2024-03-15T12:00:00Z");
+		const march14 = new Date("2024-03-14T00:00:00").getTime();
+
+		const meds: Medication[] = [
+			{
+				id: 1,
+				name: "TestMed",
+				packCount: 1,
+				blistersPerPack: 1,
+				pillsPerBlister: 30,
+				looseTablets: 0,
+				stockAdjustment: -7, // 30 - 7 = 23 pills
+				lastStockCorrectionAt: correctionTime.toISOString(),
+				takenBy: [],
+				blisters: [
+					{
+						usage: 1,
+						every: 1,
+						start: "2024-03-01T08:00:00",
+					},
+				],
+				updatedAt: correctionTime.toISOString(),
+			},
+		];
+
+		// User has tracked a dose yesterday (before the correction)
+		const takenDoses = new Set([`1-0-${march14}`]);
+
+		const result = calculateCoverage(meds, [], "en", 7, "automatic", takenDoses);
+
+		expect(result.all).toHaveLength(1);
+		// getMedTotal = 30 - 7 = 23.
+		// The taken dose from yesterday should NOT be counted (it's before the correction).
+		// No new doses should exist since the correction just happened.
+		expect(result.all[0].medsLeft).toBe(23);
+	});
+
+	it("stock correction consumption resumes after one full period", () => {
+		// After 1 day (for daily medication), the next dose should be consumed.
+		// Set system time to 1 day + 1 hour after correction.
+		const correctionTime = new Date("2024-03-14T12:00:00Z");
+		vi.setSystemTime(new Date("2024-03-15T13:00:00Z")); // 25 hours after correction
+
+		const meds: Medication[] = [
+			{
+				id: 1,
+				name: "TestMed",
+				packCount: 1,
+				blistersPerPack: 1,
+				pillsPerBlister: 30,
+				looseTablets: 0,
+				stockAdjustment: -7, // 30 - 7 = 23 pills
+				lastStockCorrectionAt: correctionTime.toISOString(),
+				takenBy: [],
+				blisters: [
+					{
+						usage: 1,
+						every: 1,
+						start: "2024-03-01T08:00:00",
+					},
+				],
+				updatedAt: correctionTime.toISOString(),
+			},
+		];
+
+		const result = calculateCoverage(meds, [], "en", 7, "automatic", new Set());
+
+		expect(result.all).toHaveLength(1);
+		// After 1 full period since correction, 1 dose should be consumed.
+		// medsLeft = 23 - 1 = 22
+		expect(result.all[0].medsLeft).toBe(22);
+	});
+
+	it("manual mode: stock correction excludes same-day taken doses", () => {
+		// BUG FIX: In manual mode, doses taken on the same day as a stock correction
+		// were counted as consumed (>= comparison with date-only timestamps).
+		// The user already accounted for today's consumption when setting the stock count.
+		//
+		// Scenario: User has 110 pills, took 1 dose today, corrects to 111.
+		// Bug: medsLeft = 111 - 1 = 110 (today's dose counted)
+		// Fix: medsLeft = 111 - 0 = 111 (today's dose excluded)
+		const correctionTime = new Date("2024-03-15T12:00:00Z");
+		const todayMidnight = new Date("2024-03-15T00:00:00").getTime();
+
+		const meds: Medication[] = [
+			{
+				id: 1,
+				name: "DailyMed",
+				packCount: 1,
+				blistersPerPack: 14,
+				pillsPerBlister: 14,
+				looseTablets: 0,
+				stockAdjustment: -85, // 196 - 85 = 111 pills
+				lastStockCorrectionAt: correctionTime.toISOString(),
+				takenBy: [],
+				blisters: [
+					{
+						usage: 1,
+						every: 1,
+						start: "2024-01-01T08:00:00",
+					},
+				],
+				updatedAt: correctionTime.toISOString(),
+			},
+		];
+
+		// User took a dose today (before the correction)
+		const takenDoses = new Set([`1-0-${todayMidnight}`]);
+
+		const result = calculateCoverage(meds, [], "en", 7, "manual", takenDoses);
+
+		expect(result.all).toHaveLength(1);
+		// getMedTotal = 196 - 85 = 111
+		// Today's taken dose should NOT be counted (same day as correction)
+		expect(result.all[0].medsLeft).toBe(111);
+	});
+
+	it("manual mode: stock correction counts next-day taken doses", () => {
+		// After a stock correction, doses taken the next day SHOULD be counted.
+		const correctionTime = new Date("2024-03-14T12:00:00Z");
+		const march15Midnight = new Date("2024-03-15T00:00:00").getTime();
+
+		const meds: Medication[] = [
+			{
+				id: 1,
+				name: "DailyMed",
+				packCount: 1,
+				blistersPerPack: 1,
+				pillsPerBlister: 30,
+				looseTablets: 0,
+				stockAdjustment: -7, // 30 - 7 = 23 pills
+				lastStockCorrectionAt: correctionTime.toISOString(),
+				takenBy: [],
+				blisters: [
+					{
+						usage: 1,
+						every: 1,
+						start: "2024-03-01T08:00:00",
+					},
+				],
+				updatedAt: correctionTime.toISOString(),
+			},
+		];
+
+		// User takes dose on March 15 (day after correction on March 14)
+		const takenDoses = new Set([`1-0-${march15Midnight}`]);
+
+		const result = calculateCoverage(meds, [], "en", 7, "manual", takenDoses);
+
+		expect(result.all).toHaveLength(1);
+		// getMedTotal = 30 - 7 = 23
+		// March 15 dose should be counted (day after correction)
+		expect(result.all[0].medsLeft).toBe(22);
+	});
+
+	it("manual mode: no stock correction counts all taken doses", () => {
+		// Without any stock correction, all taken doses should be counted
+		const march14Midnight = new Date("2024-03-14T00:00:00").getTime();
+		const march15Midnight = new Date("2024-03-15T00:00:00").getTime();
+
+		const meds: Medication[] = [
+			{
+				id: 1,
+				name: "DailyMed",
+				packCount: 1,
+				blistersPerPack: 1,
+				pillsPerBlister: 30,
+				looseTablets: 0,
+				takenBy: [],
+				blisters: [
+					{
+						usage: 1,
+						every: 1,
+						start: "2024-03-01T08:00:00",
+					},
+				],
+				updatedAt: null,
+			},
+		];
+
+		// User took doses on March 14 and 15
+		const takenDoses = new Set([`1-0-${march14Midnight}`, `1-0-${march15Midnight}`]);
+
+		const result = calculateCoverage(meds, [], "en", 7, "manual", takenDoses);
+
+		expect(result.all).toHaveLength(1);
+		// Both doses should be counted: medsLeft = 30 - 2 = 28
+		expect(result.all[0].medsLeft).toBe(28);
+	});
+
+	it("manual mode: stock correction with multiple medications", () => {
+		// Regression test: 3 medications (daily, daily, weekly).
+		// Stock correction on all 3. The daily ones have same-day taken doses.
+		const correctionTime = new Date("2024-03-15T12:00:00Z");
+		const todayMidnight = new Date("2024-03-15T00:00:00").getTime();
+
+		const meds: Medication[] = [
+			{
+				id: 1,
+				name: "DailyMed1",
+				packCount: 1,
+				blistersPerPack: 14,
+				pillsPerBlister: 14,
+				looseTablets: 0,
+				stockAdjustment: -85, // 196 - 85 = 111
+				lastStockCorrectionAt: correctionTime.toISOString(),
+				takenBy: [],
+				blisters: [{ usage: 1, every: 1, start: "2024-01-01T08:00:00" }],
+				updatedAt: correctionTime.toISOString(),
+			},
+			{
+				id: 2,
+				name: "DailyMed2",
+				packCount: 1,
+				blistersPerPack: 1,
+				pillsPerBlister: 30,
+				looseTablets: 0,
+				stockAdjustment: -10, // 30 - 10 = 20
+				lastStockCorrectionAt: correctionTime.toISOString(),
+				takenBy: [],
+				blisters: [{ usage: 1, every: 1, start: "2024-01-01T09:00:00" }],
+				updatedAt: correctionTime.toISOString(),
+			},
+			{
+				id: 3,
+				name: "WeeklyMed",
+				packCount: 1,
+				blistersPerPack: 1,
+				pillsPerBlister: 10,
+				looseTablets: 0,
+				stockAdjustment: -2, // 10 - 2 = 8
+				lastStockCorrectionAt: correctionTime.toISOString(),
+				takenBy: [],
+				blisters: [{ usage: 1, every: 7, start: "2024-01-05T10:00:00" }],
+				updatedAt: correctionTime.toISOString(),
+			},
+		];
+
+		// Daily meds have same-day taken doses, weekly med does not
+		const takenDoses = new Set([`1-0-${todayMidnight}`, `2-0-${todayMidnight}`]);
+
+		const result = calculateCoverage(meds, [], "en", 7, "manual", takenDoses);
+
+		expect(result.all).toHaveLength(3);
+		const daily1 = result.all.find((c) => c.name === "DailyMed1")!;
+		const daily2 = result.all.find((c) => c.name === "DailyMed2")!;
+		const weekly = result.all.find((c) => c.name === "WeeklyMed")!;
+
+		// All three should reflect full stock (same-day doses excluded)
+		expect(daily1.medsLeft).toBe(111);
+		expect(daily2.medsLeft).toBe(20);
+		expect(weekly.medsLeft).toBe(8);
+	});
 });
 
 describe("getStockStatus", () => {

frontend/src/utils/schedule.ts

@@ -126,9 +126,18 @@ export function calculateCoverage(
 			// but also account for manual corrections (doses marked as not taken)
 			blisters.forEach((s, blisterIdx) => {
 				const blisterStart = new Date(s.start).getTime();
-				const effectiveStart = Math.max(blisterStart, stockCorrectionCutoff);
-				if (Number.isNaN(effectiveStart) || effectiveStart > now) return;
 				const period = Math.max(1, s.every) * MS_PER_DAY;
+
+				// After a stock correction, start counting consumption from the NEXT
+				// scheduled dose, because the user's pill count already reflects all
+				// consumption up to the correction time.
+				let effectiveStart: number;
+				if (stockCorrectionCutoff > 0 && stockCorrectionCutoff >= blisterStart) {
+					effectiveStart = stockCorrectionCutoff + period;
+				} else {
+					effectiveStart = blisterStart;
+				}
+				if (Number.isNaN(effectiveStart) || effectiveStart > now) return;
 				const occurrences = Math.floor((now - effectiveStart) / period) + 1;
 				const intake = intakes[blisterIdx];
 				const intakePerson = intake?.takenBy;
@@ -193,7 +202,7 @@ export function calculateCoverage(
 						if (
 							!Number.isNaN(blisterStartDateOnly) &&
 							doseTimestamp >= blisterStartDateOnly &&
-							doseTimestamp >= stockCorrectionDateOnly
+							doseTimestamp > stockCorrectionDateOnly
 						) {
 							consumed += blisters[blisterIdx].usage;
 						}

scripts/release.sh

@@ -1,6 +1,6 @@
 #!/bin/bash
 # =============================================================================
-# MedAssist Release Script
+# MedAssist Release Script (non-interactive)
 # =============================================================================
 # Usage:
 #   ./scripts/release.sh patch    # 1.0.0 -> 1.0.1 (bugfixes)
@@ -8,8 +8,9 @@
 #   ./scripts/release.sh major    # 1.0.0 -> 2.0.0 (breaking changes)
 #   ./scripts/release.sh 1.2.3    # explicit version
 #
-# This script creates a PR for the version bump (required due to branch protection),
-# waits for CI, merges it, and then creates a signed tag for the release.
+# Fully non-interactive: no y/N prompts. Designed to be called by AI agents
+# or CI systems. Creates a PR for the version bump (required due to branch
+# protection), waits for CI with retry logic, merges, and creates a signed tag.
 # =============================================================================
 
 set -e
@@ -21,45 +22,98 @@ YELLOW='\033[1;33m'
 BLUE='\033[0;34m'
 NC='\033[0m' # No Color
 
-# GitHub repo
+# Configuration
 GITHUB_REPO="DanielVolz/medassist-ng"
+CI_POLL_INTERVAL=15          # seconds between CI status polls
+CI_INITIAL_DELAY=20          # seconds to wait before first CI check
+CI_MAX_WAIT=600              # maximum seconds to wait for CI (10 minutes)
 
 # Get script directory and project root
 SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
 PROJECT_ROOT="$(dirname "$SCRIPT_DIR")"
 cd "$PROJECT_ROOT"
 
-# Check for gh CLI
+# Detect git remote name (prefer 'origin', fall back to 'github')
+detect_remote() {
+    if git remote | grep -q '^origin$'; then
+        echo "origin"
+    elif git remote | grep -q '^github$'; then
+        echo "github"
+    else
+        echo -e "${RED}Error: No 'origin' or 'github' remote found.${NC}" >&2
+        exit 1
+    fi
+}
+
+GIT_REMOTE=$(detect_remote)
+
+# Wait for CI checks on a PR with retry logic
+# GitHub Actions can take 10-30 seconds before checks are reported.
+# This function polls until checks appear and then watches them.
+wait_for_ci() {
+    local pr_number="$1"
+    local elapsed=0
+
+    echo -e "${BLUE}Waiting ${CI_INITIAL_DELAY}s for CI checks to be registered...${NC}"
+    sleep "${CI_INITIAL_DELAY}"
+    elapsed=$CI_INITIAL_DELAY
+
+    while [[ $elapsed -lt $CI_MAX_WAIT ]]; do
+        # Check if any checks have been reported
+        local check_output
+        check_output=$(gh pr checks "${pr_number}" --repo "${GITHUB_REPO}" 2>&1) || true
+
+        if echo "$check_output" | grep -q "no checks reported"; then
+            echo -e "${YELLOW}No checks reported yet (${elapsed}s elapsed). Retrying in ${CI_POLL_INTERVAL}s...${NC}"
+            sleep "${CI_POLL_INTERVAL}"
+            elapsed=$((elapsed + CI_POLL_INTERVAL))
+            continue
+        fi
+
+        # Checks are registered — use --watch to wait for completion
+        echo -e "${BLUE}CI checks registered. Watching for completion...${NC}"
+        if gh pr checks "${pr_number}" --repo "${GITHUB_REPO}" --watch; then
+            echo -e "${GREEN}CI checks passed!${NC}"
+            return 0
+        else
+            echo -e "${RED}CI checks failed!${NC}"
+            return 1
+        fi
+    done
+
+    echo -e "${RED}Timed out waiting for CI checks after ${CI_MAX_WAIT}s.${NC}"
+    return 1
+}
+
+# ─── Preflight checks ────────────────────────────────────────────────────────
+
 if ! command -v gh &> /dev/null; then
     echo -e "${RED}Error: GitHub CLI (gh) is required but not installed.${NC}"
     echo "Install it with: brew install gh"
     exit 1
 fi
 
-# Check gh authentication
 if ! gh auth status &> /dev/null; then
     echo -e "${RED}Error: Not authenticated with GitHub CLI.${NC}"
     echo "Run: gh auth login"
     exit 1
 fi
 
-# Check for uncommitted changes
 if [[ -n $(git status --porcelain) ]]; then
     echo -e "${RED}Error: You have uncommitted changes. Commit or stash them first.${NC}"
     git status --short
     exit 1
 fi
 
-# Make sure we're on main and up to date
+# ─── Determine version ───────────────────────────────────────────────────────
+
 echo -e "${BLUE}Updating main branch...${NC}"
 git checkout main
-git pull origin main 2>/dev/null || git pull github main 2>/dev/null || true
+git pull "${GIT_REMOTE}" main
 
-# Get current version from backend/package.json
 CURRENT_VERSION=$(grep '"version"' backend/package.json | sed 's/.*"version": "\(.*\)".*/\1/')
 echo -e "${BLUE}Current version: ${YELLOW}v${CURRENT_VERSION}${NC}"
 
-# Calculate new version
 if [[ -z "$1" ]]; then
     echo -e "${RED}Usage: $0 <patch|minor|major|x.y.z>${NC}"
     exit 1
@@ -79,7 +133,6 @@ case "$1" in
         NEW_VERSION="$((major + 1)).0.0"
         ;;
     *)
-        # Assume explicit version (validate format)
         if [[ ! "$1" =~ ^[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
             echo -e "${RED}Invalid version format. Use: x.y.z${NC}"
             exit 1
@@ -88,45 +141,31 @@ case "$1" in
         ;;
 esac
 
-echo -e "${GREEN}New version: ${YELLOW}v${NEW_VERSION}${NC}"
-echo ""
+echo -e "${GREEN}Releasing: ${YELLOW}v${CURRENT_VERSION} → v${NEW_VERSION}${NC}"
 
-# Confirm
-read -p "Release v${NEW_VERSION}? (y/N) " -n 1 -r
-echo ""
-if [[ ! $REPLY =~ ^[Yy]$ ]]; then
-    echo "Aborted."
-    exit 1
-fi
+# ─── Create release branch and PR ────────────────────────────────────────────
 
-# Branch name for the release
 RELEASE_BRANCH="chore/release-${NEW_VERSION}"
 
-# Check if branch already exists
 if git show-ref --verify --quiet "refs/heads/${RELEASE_BRANCH}"; then
     echo -e "${YELLOW}Branch ${RELEASE_BRANCH} already exists locally. Deleting...${NC}"
     git branch -D "${RELEASE_BRANCH}"
 fi
 
-# Create release branch
 echo -e "${BLUE}Creating release branch...${NC}"
 git checkout -b "${RELEASE_BRANCH}"
 
-# Update version in package.json files
 echo -e "${BLUE}Updating package.json files...${NC}"
 sed -i '' "s/\"version\": \"${CURRENT_VERSION}\"/\"version\": \"${NEW_VERSION}\"/" backend/package.json
 sed -i '' "s/\"version\": \"${CURRENT_VERSION}\"/\"version\": \"${NEW_VERSION}\"/" frontend/package.json 2>/dev/null || true
 
-# Commit version bump
 echo -e "${BLUE}Committing version bump...${NC}"
 git add backend/package.json frontend/package.json 2>/dev/null || git add backend/package.json
 git commit -m "chore: release v${NEW_VERSION}"
 
-# Push branch to GitHub
-echo -e "${BLUE}Pushing release branch to GitHub...${NC}"
-git push -u origin "${RELEASE_BRANCH}" 2>/dev/null || git push -u github "${RELEASE_BRANCH}"
+echo -e "${BLUE}Pushing release branch...${NC}"
+git push -u "${GIT_REMOTE}" "${RELEASE_BRANCH}"
 
-# Create PR
 echo -e "${BLUE}Creating Pull Request...${NC}"
 PR_URL=$(gh pr create \
     --repo "${GITHUB_REPO}" \
@@ -136,57 +175,49 @@ PR_URL=$(gh pr create \
 
 Automated version bump for release v${NEW_VERSION}.
 
-This PR was created by the release script." \
-    2>&1)
+This PR was created by the release script.")
 
 echo -e "${GREEN}PR created: ${YELLOW}${PR_URL}${NC}"
-
-# Extract PR number
 PR_NUMBER=$(echo "$PR_URL" | grep -oE '[0-9]+$')
 
-# Wait for CI checks
-echo -e "${BLUE}Waiting for CI checks to complete...${NC}"
-if ! gh pr checks "${PR_NUMBER}" --repo "${GITHUB_REPO}" --watch; then
+# ─── Wait for CI and merge ────────────────────────────────────────────────────
+
+if ! wait_for_ci "${PR_NUMBER}"; then
     echo -e "${RED}CI checks failed! Please fix the issues and try again.${NC}"
+    echo -e "${RED}Release branch '${RELEASE_BRANCH}' and PR #${PR_NUMBER} are still open.${NC}"
     exit 1
 fi
 
-echo -e "${GREEN}CI checks passed!${NC}"
-
-# Merge PR
-echo -e "${BLUE}Merging PR...${NC}"
+echo -e "${BLUE}Merging PR #${PR_NUMBER}...${NC}"
 gh pr merge "${PR_NUMBER}" --repo "${GITHUB_REPO}" --squash --delete-branch
 
-# Switch back to main and pull
-echo -e "${BLUE}Updating main branch with merged changes...${NC}"
+echo -e "${BLUE}Updating main branch...${NC}"
 git checkout main
-git pull origin main 2>/dev/null || git pull github main 2>/dev/null || true
+git pull "${GIT_REMOTE}" main
+
+# ─── Create and push signed tag ──────────────────────────────────────────────
 
-# Check if tag exists and delete it
 if git rev-parse "v${NEW_VERSION}" >/dev/null 2>&1; then
     echo -e "${YELLOW}Tag v${NEW_VERSION} already exists locally. Deleting...${NC}"
     git tag -d "v${NEW_VERSION}"
 fi
 
-# Check if remote tag exists
-if git ls-remote --tags origin "v${NEW_VERSION}" 2>/dev/null | grep -q "v${NEW_VERSION}" || \
-   git ls-remote --tags github "v${NEW_VERSION}" 2>/dev/null | grep -q "v${NEW_VERSION}"; then
+if git ls-remote --tags "${GIT_REMOTE}" "v${NEW_VERSION}" 2>/dev/null | grep -q "v${NEW_VERSION}"; then
     echo -e "${YELLOW}Tag v${NEW_VERSION} exists on remote. Deleting...${NC}"
-    git push origin ":refs/tags/v${NEW_VERSION}" 2>/dev/null || true
-    git push github ":refs/tags/v${NEW_VERSION}" 2>/dev/null || true
+    git push "${GIT_REMOTE}" ":refs/tags/v${NEW_VERSION}" 2>/dev/null || true
 fi
 
-# Create signed tag
 echo -e "${BLUE}Creating signed tag v${NEW_VERSION}...${NC}"
 git tag -s "v${NEW_VERSION}" -m "Release v${NEW_VERSION}"
 
-# Push tag
-echo -e "${BLUE}Pushing tag to GitHub...${NC}"
-git push origin "v${NEW_VERSION}" 2>/dev/null || git push github "v${NEW_VERSION}"
+echo -e "${BLUE}Pushing tag...${NC}"
+git push "${GIT_REMOTE}" "v${NEW_VERSION}"
+
+# ─── Done ─────────────────────────────────────────────────────────────────────
 
 echo ""
 echo -e "${GREEN}════════════════════════════════════════════════════════════${NC}"
-echo -e "${GREEN}✓ Released v${NEW_VERSION}${NC}"
+echo -e "${GREEN}  ✓ Released v${NEW_VERSION}${NC}"
 echo -e "${GREEN}════════════════════════════════════════════════════════════${NC}"
 echo ""
 echo -e "${BLUE}GitHub Actions will now build and publish Docker images.${NC}"