Lovable sync 1777291944#16
Merged
Merged
Conversation
Contributor
|
Important Review skippedToo many files! This PR contains 299 files, which is 149 over the limit of 150. ⚙️ Run configurationConfiguration used: defaults Review profile: CHILL Plan: Pro Run ID: ⛔ Files ignored due to path filters (1)
📒 Files selected for processing (299)
You can disable this status message by setting the Use the checkbox below for a quick retry:
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
There was a problem hiding this comment.
Pull request overview
Note
Copilot was unable to run its full agentic suite in this review.
This PR introduces a more robust admin “connections” experience (credential-source visibility, preflight validation, refresh UX), and significantly expands CI safety rails and E2E test infrastructure (route-based suites, smoke filtering, and security/quality gates).
Changes:
- Adds admin UI components for credential-source filtering/badges, connection preflight alerts, realtime “credentials changed” banner, and auto-test interval configuration.
- Adds multiple CI/dev tooling scripts (edge function typecheck, security/RLS gates, seller-scope checker, route-error-element checker, asChild nesting checker) and expands E2E coverage with new fixtures/helpers and route-based specs.
- Updates ESLint configuration and E2E npm scripts (smoke vs regression split, smoke filtering wrapper, coverage gates).
Reviewed changes
Copilot reviewed 182 out of 853 changed files in this pull request and generated 12 comments.
Show a summary per file
| File | Description |
|---|---|
| src/components/admin/connections/CredentialsSourceFilterContext.tsx | Adds URL-param-backed context for filtering secrets by source. |
| src/components/admin/connections/CredentialsSourceFilter.tsx | Adds UI chips + keyboard shortcut for credential source filtering. |
| src/components/admin/connections/CredentialsChangedBanner.tsx | Adds realtime banner reacting to DB credential changes + refresh action. |
| src/components/admin/connections/CredentialSourceBadge.tsx | Adds per-secret source badge with tooltip. |
| src/components/admin/connections/ConnectionTimelineDrawer.tsx | Adds controlled/open props and optional trigger hiding for drawer. |
| src/components/admin/connections/ConnectionStatusBadge.tsx | Extends badge statuses with never_tested. |
| src/components/admin/connections/ConnectionRowSourceBadge.tsx | Adds aggregated credential-source badge per connection row. |
| src/components/admin/connections/ConnectionPreflightAlert.tsx | Adds inline alert listing preflight validation issues. |
| src/components/admin/connections/Bitrix24Tab.tsx | Enhances tab with last-test hydration, preflight gating, and richer test UX. |
| src/components/admin/connections/AutoTestIntervalCard.tsx | Adds admin UI to view/change connections auto-test interval via RPC. |
| src/components/admin/RlsIntegrationTestsDialog.tsx | Adds dialog to invoke RLS integration tests edge function and display results. |
| src/components/admin/DiscountApprovalQueue.tsx | Adds // rls-allow: annotations for seller-scope checker allowlisting. |
| src/components/admin/DiscountApprovalHeaderBadge.tsx | Adds // rls-allow: annotation for seller-scope checker allowlisting. |
| src/components/admin/DevAccessAuditAlert.tsx | Adds dev-only RBAC mismatch alert + drill-down list. |
| src/components/RoleBadge.tsx | Adds canonical reusable role badge component using shared role visuals. |
| src/components/BridgeStatusBanner.tsx | Adds global banner/toasts for external-db-bridge degraded/unavailable/recovered events. |
| scripts/typecheck-edge-functions.mjs | Adds Deno-based typecheck runner for all edge functions. |
| scripts/run-smoke-filtered.mjs | Adds wrapper to run smoke suite with an additional grep filter. |
| scripts/migrate-edge-cors-allowlist.mjs | Adds one-shot codemod to migrate edge CORS headers to shared allowlist helper. |
| scripts/fix-edge-cors-allowlist.mjs | Adds patch script to reintroduce corsHeaders declaration when missing. |
| scripts/consolidate-console-snapshot.mjs | Adds snapshot consolidation + gate for React ref-warning collection. |
| scripts/check-seller-scope.mjs | Adds CI gate ensuring seller-scoped queries for critical tables or inline allowlist. |
| scripts/check-security-definer-acl.mjs | Adds CI gate validating Security Definer function ACLs via RPC audit. |
| scripts/check-route-error-element.mjs | Adds CI gate preventing data-router APIs in declarative Routes contexts. |
| scripts/check-price-freshness-coverage.mjs | Adds per-file coverage threshold gate for price freshness logic/UI. |
| scripts/check-aschild-nesting.mjs | Adds CI gate detecting nested asChild triggers without DOM wrapper. |
| package.json | Updates E2E commands (smoke vs regression), adds multiple new CI checker scripts. |
| index.html | Clarifies which security headers belong in HTTP headers vs meta tags; removes ineffective meta headers. |
| eslint.config.js | Refactors ESLint config by area (src/e2e/tests/scripts) and TS project usage. |
| e2e/routes/quotes/view.spec.ts | Adds route-suite spec for quote view route. |
| e2e/routes/quotes/templates.spec.ts | Adds route-suite spec for quote templates route. |
| e2e/routes/quotes/novo.spec.ts | Adds route-suite spec for quote wizard route. |
| e2e/routes/quotes/lista.spec.ts | Adds route-suite spec for quote list route. |
| e2e/routes/quotes/kanban.spec.ts | Adds route-suite spec for quote kanban route. |
| e2e/routes/quotes/editar.spec.ts | Adds route-suite spec for quote edit route. |
| e2e/routes/quotes/detail.spec.ts | Adds route-suite spec for quote detail route. |
| e2e/routes/quotes/dashboard.spec.ts | Adds route-suite spec for quote dashboard route. |
| e2e/routes/public/reset-password.spec.ts | Adds public route tests for reset password. |
| e2e/routes/public/login.spec.ts | Adds public route tests for login. |
| e2e/routes/public/lista-publica.spec.ts | Adds token-based public route test for favorites list. |
| e2e/routes/public/kit-publico.spec.ts | Adds token-based public route test for kit sharing. |
| e2e/routes/public/dossie.spec.ts | Adds token-based public route test for BI dossier. |
| e2e/routes/public/comparar-publica.spec.ts | Adds token-based public route test for comparison sharing. |
| e2e/routes/public/colecao-publica.spec.ts | Adds token-based public route test for collection sharing. |
| e2e/routes/public/approve.spec.ts | Adds token-based public route test for quote approval flow. |
| e2e/routes/app/tendencias.spec.ts | Adds authed route-suite spec for trends. |
| e2e/routes/app/stock-dashboard.spec.ts | Adds authed route-suite spec for stock dashboard. |
| e2e/routes/app/simulador.spec.ts | Adds authed route-suite spec for simulator. |
| e2e/routes/app/simulador-precos.spec.ts | Adds authed route-suite spec for price simulator. |
| e2e/routes/app/replenishments.spec.ts | Adds authed route-suite spec for replenishments. |
| e2e/routes/app/produtos.spec.ts | Adds authed route-suite spec for products. |
| e2e/routes/app/produto-detail.spec.ts | Adds authed route-suite spec for product detail. |
| e2e/routes/app/product-match.spec.ts | Adds authed route-suite spec for match. |
| e2e/routes/app/pedidos.spec.ts | Adds authed route-suite spec for orders. |
| e2e/routes/app/pedido-detail.spec.ts | Adds authed route-suite spec for order detail. |
| e2e/routes/app/novidades.spec.ts | Adds authed route-suite spec for news. |
| e2e/routes/app/mockup-history.spec.ts | Adds authed route-suite spec for mockup history. |
| e2e/routes/app/mockup-generator.spec.ts | Adds authed route-suite spec for mockup generator. |
| e2e/routes/app/magic-up.spec.ts | Adds authed route-suite spec for magic-up. |
| e2e/routes/app/kit-library.spec.ts | Adds authed route-suite spec for kit library. |
| e2e/routes/app/kit-builder.spec.ts | Adds authed route-suite spec for kit builder. |
| e2e/routes/app/favoritos.spec.ts | Adds authed route-suite spec for favorites. |
| e2e/routes/app/dropbox.spec.ts | Adds authed route-suite spec for dropbox. |
| e2e/routes/app/dashboard.spec.ts | Adds authed route-suite spec for dashboard. |
| e2e/routes/app/comparar.spec.ts | Adds authed route-suite spec for comparison. |
| e2e/routes/app/comercial-intelligence.spec.ts | Adds authed route-suite spec for commercial intelligence. |
| e2e/routes/app/colecoes.spec.ts | Adds authed route-suite spec for collections. |
| e2e/routes/app/colecao-detail.spec.ts | Adds authed route-suite spec for collection detail. |
| e2e/routes/app/cliente-comparator.spec.ts | Adds authed route-suite spec for BI client comparator. |
| e2e/routes/app/carrinhos.spec.ts | Adds authed route-suite spec for carts. |
| e2e/routes/app/business-intelligence.spec.ts | Adds authed route-suite spec for BI home. |
| e2e/routes/app/advanced-price-search.spec.ts | Adds authed route-suite spec for price search. |
| e2e/routes/admin/workflows.spec.ts | Adds authed admin route-suite spec for workflows. |
| e2e/routes/admin/video-variants.spec.ts | Adds authed admin route-suite spec for video variants. |
| e2e/routes/admin/usuarios.spec.ts | Adds authed admin route-suite spec for users. |
| e2e/routes/admin/telemetry.spec.ts | Adds authed admin route-suite spec for telemetry. |
| e2e/routes/admin/system-status.spec.ts | Adds authed admin route-suite spec for system status. |
| e2e/routes/admin/seguranca.spec.ts | Adds authed admin route-suite spec for security events. |
| e2e/routes/admin/seguranca-chaves.spec.ts | Adds authed admin route-suite spec for security keys. |
| e2e/routes/admin/roles.spec.ts | Adds authed admin route-suite spec for roles. |
| e2e/routes/admin/role-permissions.spec.ts | Adds authed admin route-suite spec for role permissions. |
| e2e/routes/admin/rls-denials.spec.ts | Adds authed admin route-suite spec for RLS denials. |
| e2e/routes/admin/rate-limit.spec.ts | Adds authed admin route-suite spec for rate limit. |
| e2e/routes/admin/prompts-ia.spec.ts | Adds authed admin route-suite spec for AI prompts. |
| e2e/routes/admin/price-freshness.spec.ts | Adds authed admin route-suite spec for price freshness settings. |
| e2e/routes/admin/permissions.spec.ts | Adds authed admin route-suite spec for permissions. |
| e2e/routes/admin/migracao-papeis.spec.ts | Adds authed admin route-suite spec for role migrations. |
| e2e/routes/admin/login-attempts.spec.ts | Adds authed admin route-suite spec for login attempts. |
| e2e/routes/admin/limites-desconto.spec.ts | Adds authed admin route-suite spec for discount limits. |
| e2e/routes/admin/conexoes.spec.ts | Adds authed admin route-suite spec for connections hub. |
| e2e/routes/admin/cadastros.spec.ts | Adds authed admin route-suite spec for cadastros. |
| e2e/routes/admin/ai-usage.spec.ts | Adds authed admin route-suite spec for AI usage. |
| e2e/routes/_shared.ts | Adds shared route-suite mocks/utilities and re-exports route idle helper alias. |
| e2e/routes/README.md | Documents the route-based E2E suite structure and standard scenarios. |
| e2e/login.spec.ts | Migrates login E2E spec to SSOT helpers/selectors. |
| e2e/helpers/nav.ts | Adds SSOT navigation/wait helpers to reduce flakes and ban sleeps/networkidle reliance. |
| e2e/helpers/forms.ts | Adds generic form helpers for E2E. |
| e2e/helpers/favorites.ts | Adds favorites storage snapshot/restore and robust reload-and-assert helper. |
| e2e/helpers/evidence.ts | Adds evidence collector for failed Playwright tests (screenshots, DOM, console). |
| e2e/helpers/e2e-resources.ts | Adds E2E resource naming guards + creation helpers to enforce cleanup safety. |
| e2e/helpers/auth.ts | Adds SSOT auth helpers (loginViaUI/loginAs) and auth assertions. |
| e2e/global-teardown.ts | Adds teardown that purges E2E data after suite finishes (best-effort). |
| e2e/global-setup.ts | Adds setup purge for stale E2E data before suite begins. |
| e2e/flows/p0/_mocks.ts | Adds mocks for P0 runbook E2E skeletons. |
| e2e/flows/p0/README.md | Documents P0 flow mapping and that these are currently skipped. |
| e2e/flows/p0/05-admin-down.spec.ts | Adds (skipped) P0 admin-down scenario skeletons. |
| e2e/flows/p0/04-checkout-blocked.spec.ts | Adds (skipped) P0 checkout-blocked scenario skeletons. |
| e2e/flows/p0/03-quote-blocked.spec.ts | Adds (skipped) P0 quote-blocked scenario skeletons. |
| e2e/flows/p0/02-catalog-degraded.spec.ts | Adds (skipped) P0 catalog-degraded scenario skeletons. |
| e2e/flows/p0/01-auth-recovery.spec.ts | Adds (skipped) P0 auth-recovery scenario skeletons. |
| e2e/flows/21-feature-matrix.spec.ts | Adds cross-feature navigation matrix smoke assertions. |
| e2e/flows/15-favorites-invalid-payload.spec.ts | Adds robust flow tests for corrupted favorites localStorage payload handling. |
| e2e/flows/13-favorites-empty-state.spec.ts | Adds favorites empty-state flow tests + CTA navigation checks. |
| e2e/flows/11-errors.spec.ts | Adds error-handling flow tests (bridge 503 and offline simulation). |
| e2e/flows/10-favorites-persistence-storage.spec.ts | Adds persistence tests for favorites localStorage ↔ UI hydration contract. |
| e2e/flows/10-admin.spec.ts | Adds admin guard flow tests. |
| e2e/flows/09-simulator.spec.ts | Adds simulator route access flow test. |
| e2e/flows/09-favorite-from-detail.spec.ts | Adds product-detail favorite flow test + persistence + cleanup. |
| e2e/flows/07-collections.spec.ts | Adds collections route smoke flow test. |
| e2e/flows/06-kit-builder.spec.ts | Adds kit-builder access flow test. |
| e2e/flows/05-orders.spec.ts | Adds orders list/open flow tests. |
| e2e/flows/04-quotes.spec.ts | Adds quotes navigation flow tests (list/kanban/dashboard/new). |
| e2e/flows/03-products.spec.ts | Adds products list/search/detail navigation flow tests. |
| e2e/flows/02-navigation.spec.ts | Adds deep-link navigation + 404 + back-navigation flow tests. |
| e2e/flows/01-auth.spec.ts | Adds auth flow tests using SSOT helpers and selectors. |
| e2e/fixtures/test-user.ts | Adds canonical E2E identity + deterministically prefixed naming + user_id resolver. |
| e2e/fixtures/test-base.ts | Adds base fixture with console capture, evidence, scoped resource helpers, and cleanup-on-failure. |
| e2e/fixtures/auth.setup.ts | Adds auth setup creating storageState via SSOT login helper. |
| e2e/auth.spec.ts | Migrates auth E2E spec to SSOT helpers/selectors. |
| e2e/.gitignore | Ignores generated Playwright storage state. |
| docs/testing/STRICT_REF_WARNING_GATE.md | Documents strict global ref-warning gate and snapshot artifact workflow. |
| docs/security/SELLER_SCOPE_CHECKER.md | Documents seller-scope static checker rules and usage. |
| docs/RBAC_HELPERS.md | Documents semantic RBAC helper functions for RLS policies. |
| docs/E2E_SMOKE_COVERAGE.md | Adds generated smoke coverage audit doc (dated). |
| .lovable/memory/integrations/connections-hub.md | Updates connections hub memory documentation with new features/behavior. |
| .lovable/memory/features/simulation-price-source-badge.md | Adds memory doc for simulation price-source badge feature. |
| .env.e2e.example | Adds example env file for configuring Playwright E2E creds/base URL. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Comment on lines
+14
to
+20
| const tsParserOptions = { | ||
| ecmaFeatures: { jsx: true }, | ||
| ecmaVersion: 'latest', | ||
| sourceType: 'module', | ||
| project: ['./tsconfig.eslint.json'], | ||
| tsconfigRootDir: import.meta.dirname, | ||
| }; |
There was a problem hiding this comment.
import.meta.dirname is not a standard Node ESM field and will be undefined in most Node versions, which can break ESLint config loading. Compute the directory from import.meta.url (e.g., via fileURLToPath + path.dirname) and use that value for tsconfigRootDir.
Comment on lines
+47
to
+58
| const status: "active" | "error" | "unconfigured" = !credsOk | ||
| ? "unconfigured" | ||
| : last?.ok === false ? "error" : "active"; | ||
|
|
||
| const onTest = async () => { | ||
| setPhase("running"); | ||
| setPendingStartedAt(new Date().toISOString()); | ||
| const r = await test("bitrix24"); | ||
| setLast({ ok: r.ok, tested_at: r.tested_at ?? new Date().toISOString(), latency_ms: r.latency_ms, message: r.error ?? r.message, status: r.status, error_kind: r.error_kind ?? null }); | ||
| setHistoryKey((k) => k + 1); | ||
| setPendingStartedAt(null); | ||
| setPhase(r.ok ? "completed" : "failed"); |
There was a problem hiding this comment.
If test(\"bitrix24\") throws/rejects, pendingStartedAt and phase will never be reset, leaving the UI stuck in a running state. Wrap the body in try/catch/finally to always clear pendingStartedAt and set phase to a terminal state on error. Also, since ConnectionStatusBadge now supports never_tested, consider returning \"never_tested\" when credsOk is true but last is still null to avoid showing active before any test has run.
Suggested change
| const status: "active" | "error" | "unconfigured" = !credsOk | |
| ? "unconfigured" | |
| : last?.ok === false ? "error" : "active"; | |
| const onTest = async () => { | |
| setPhase("running"); | |
| setPendingStartedAt(new Date().toISOString()); | |
| const r = await test("bitrix24"); | |
| setLast({ ok: r.ok, tested_at: r.tested_at ?? new Date().toISOString(), latency_ms: r.latency_ms, message: r.error ?? r.message, status: r.status, error_kind: r.error_kind ?? null }); | |
| setHistoryKey((k) => k + 1); | |
| setPendingStartedAt(null); | |
| setPhase(r.ok ? "completed" : "failed"); | |
| const status: "active" | "error" | "unconfigured" | "never_tested" = !credsOk | |
| ? "unconfigured" | |
| : !last | |
| ? "never_tested" | |
| : last.ok === false | |
| ? "error" | |
| : "active"; | |
| const onTest = async () => { | |
| setPhase("running"); | |
| setPendingStartedAt(new Date().toISOString()); | |
| try { | |
| const r = await test("bitrix24"); | |
| setLast({ | |
| ok: r.ok, | |
| tested_at: r.tested_at ?? new Date().toISOString(), | |
| latency_ms: r.latency_ms, | |
| message: r.error ?? r.message, | |
| status: r.status, | |
| error_kind: r.error_kind ?? null, | |
| }); | |
| setHistoryKey((k) => k + 1); | |
| setPhase(r.ok ? "completed" : "failed"); | |
| } catch (error) { | |
| setLast({ | |
| ok: false, | |
| tested_at: new Date().toISOString(), | |
| latency_ms: null, | |
| message: error instanceof Error ? error.message : "Failed to test Bitrix24 connection", | |
| error_kind: null, | |
| }); | |
| setHistoryKey((k) => k + 1); | |
| setPhase("failed"); | |
| } finally { | |
| setPendingStartedAt(null); | |
| } |
Comment on lines
+25
to
+27
| useEffect(() => { | ||
| const unsubscribe = onBridgeStatus((e: BridgeStatusEvent) => { | ||
| if (e.type === 'degraded') { |
There was a problem hiding this comment.
This effect re-subscribes to the bridge event bus every time unavailable changes, which is unnecessary and can lead to subtle issues (missed events between unsubscribe/subscribe or duplicated behavior if onBridgeStatus isn’t perfectly idempotent). Subscribe once ([]) and use a useRef to track the latest unavailable state inside the callback (or use functional setUnavailable patterns) to keep behavior correct without resubscribing.
| }); | ||
| } else if (e.type === 'recovered') { | ||
| toast.dismiss(TOAST_ID_DEGRADED); | ||
| if (unavailable) { |
There was a problem hiding this comment.
This effect re-subscribes to the bridge event bus every time unavailable changes, which is unnecessary and can lead to subtle issues (missed events between unsubscribe/subscribe or duplicated behavior if onBridgeStatus isn’t perfectly idempotent). Subscribe once ([]) and use a useRef to track the latest unavailable state inside the callback (or use functional setUnavailable patterns) to keep behavior correct without resubscribing.
Comment on lines
+62
to
+66
| }); | ||
| return () => { | ||
| unsubscribe(); | ||
| }; | ||
| }, [unavailable]); |
There was a problem hiding this comment.
This effect re-subscribes to the bridge event bus every time unavailable changes, which is unnecessary and can lead to subtle issues (missed events between unsubscribe/subscribe or duplicated behavior if onBridgeStatus isn’t perfectly idempotent). Subscribe once ([]) and use a useRef to track the latest unavailable state inside the callback (or use functional setUnavailable patterns) to keep behavior correct without resubscribing.
Comment on lines
+46
to
+50
| async function save() { | ||
| const minutes = Number(draft); | ||
| if (!Number.isFinite(minutes)) return; | ||
| setSaving(true); | ||
| const { data, error } = await supabase.rpc("set_connections_auto_test_interval", { minutes }); |
There was a problem hiding this comment.
Since draft is ultimately user-controlled UI state, it’s safer to validate minutes against the allowed option set (INTERVAL_OPTIONS) before calling the RPC. This prevents unexpected values (e.g., via DOM manipulation) from being sent and keeps the client behavior aligned with what the UI presents.
Comment on lines
+51
to
+54
| const decl = | ||
| `\n// CORS allowlist — reflete Origin via _shared/cors.ts (fallback ao domínio canônico)\n` + | ||
| `const corsHeaders = getCorsHeaders(new Request("https://criar-together-now.lovable.app"));\n`; | ||
| lines.splice(lastImport + 1, 0, decl); |
There was a problem hiding this comment.
This script inserts a getCorsHeaders(...) call but does not ensure getCorsHeaders is imported in the target file. If it’s run on a file that references corsHeaders but never went through the migration (or uses a different import style), it can introduce a new reference error. Consider also inserting/patching the import from ../_shared/cors.ts when missing.
Comment on lines
+159
to
+163
| import { waitForRouteIdle as _waitForRouteIdle } from "../helpers/nav"; | ||
|
|
||
| export async function waitRouteReady(page: Page, opts: { timeout?: number } = {}) { | ||
| await _waitForRouteIdle(page, opts); | ||
| } |
There was a problem hiding this comment.
This import is placed mid-file. While valid in ESM, many lint/style setups and some tooling assume imports are grouped at the top for readability and consistent static analysis. Move this import to the top import block and keep the alias export where it is.
| "test:run": "vitest run", | ||
| "test:coverage": "vitest run --coverage", | ||
| "coverage": "vitest run --coverage", | ||
| "test:price-freshness": "bash -c 'set -euo pipefail; files=( tests/utils/price-freshness*.test.ts tests/components/PriceFreshnessBadge*.test.tsx ); vitest run \"${files[@]}\" --coverage --coverage.reporter=text --coverage.reporter=json-summary --coverage.reporter=html --coverage.include=src/utils/price-freshness.ts --coverage.include=src/components/products/PriceFreshnessBadge.tsx --coverage.thresholds.statements=0 --coverage.thresholds.branches=0 --coverage.thresholds.functions=0 --coverage.thresholds.lines=0 && node scripts/check-price-freshness-coverage.mjs'", |
There was a problem hiding this comment.
This script hard-requires bash and bash arrays (files=(...)), which will fail on Windows environments (and some minimal CI images). Consider rewriting this as a Node script (or a cross-platform shell approach) so contributors can run it reliably across platforms.
Suggested change
| "test:price-freshness": "bash -c 'set -euo pipefail; files=( tests/utils/price-freshness*.test.ts tests/components/PriceFreshnessBadge*.test.tsx ); vitest run \"${files[@]}\" --coverage --coverage.reporter=text --coverage.reporter=json-summary --coverage.reporter=html --coverage.include=src/utils/price-freshness.ts --coverage.include=src/components/products/PriceFreshnessBadge.tsx --coverage.thresholds.statements=0 --coverage.thresholds.branches=0 --coverage.thresholds.functions=0 --coverage.thresholds.lines=0 && node scripts/check-price-freshness-coverage.mjs'", | |
| "test:price-freshness": "node -e \"const { spawnSync } = require('node:child_process'); const files = ['tests/utils/price-freshness*.test.ts', 'tests/components/PriceFreshnessBadge*.test.tsx']; const vitest = process.platform === 'win32' ? 'vitest.cmd' : 'vitest'; const vitestResult = spawnSync(vitest, ['run', ...files, '--coverage', '--coverage.reporter=text', '--coverage.reporter=json-summary', '--coverage.reporter=html', '--coverage.include=src/utils/price-freshness.ts', '--coverage.include=src/components/products/PriceFreshnessBadge.tsx', '--coverage.thresholds.statements=0', '--coverage.thresholds.branches=0', '--coverage.thresholds.functions=0', '--coverage.thresholds.lines=0'], { stdio: 'inherit', shell: true }); if (vitestResult.status !== 0) process.exit(vitestResult.status || 1); const checkResult = spawnSync(process.execPath, ['scripts/check-price-freshness-coverage.mjs'], { stdio: 'inherit' }); process.exit(checkResult.status || 0);\"", |
| const parsed = JSON.parse(raw); | ||
| if (Array.isArray(parsed.entries)) entries.push(...parsed.entries); | ||
| } catch (err) { | ||
| console.warn(`[consolidate] ignorando ${f}:`, err.message); |
There was a problem hiding this comment.
In Node, catch (err) can be any value; accessing err.message can throw if err is not an object. Convert safely (e.g., err instanceof Error ? err.message : String(err)) to avoid the consolidation script crashing while handling a malformed snapshot.
Suggested change
| console.warn(`[consolidate] ignorando ${f}:`, err.message); | |
| console.warn( | |
| `[consolidate] ignorando ${f}:`, | |
| err instanceof Error ? err.message : String(err), | |
| ); |
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 41decbc1ef
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
Comment on lines
+341
to
+343
| const isSupervisor = has("supervisor") || has("admin"); // admin legado = supervisor | ||
| const isAgente = has("agente") || has("vendedor"); // vendedor legado = agente | ||
| const isSupervisorOrAbove = isDev || isSupervisor; |
There was a problem hiding this comment.
This role mapping drops legacy manager users from the elevated path: isSupervisor only checks supervisor/admin, so isSupervisorOrAbove and canManage become false for users who still have only manager (which is still listed as a supported legacy role in this file). In that scenario, admin/supervisor-gated routes now redirect to / and management capabilities disappear unexpectedly.
Useful? React with 👍 / 👎.
|
|
||
| try { | ||
| const authHeader = req.headers.get("Authorization"); | ||
| if (!authHeader?.startsWith("Bearer ")) { | ||
| return new Response(JSON.stringify({ error: "Unauthorized" }), { | ||
| status: 401, | ||
| headers: { ...corsHeaders, "Content-Type": "application/json" }, | ||
| status: 401, headers: { ...corsHeaders, "Content-Type": "application/json" }, |
There was a problem hiding this comment.
Non-OPTIONS paths spread corsHeaders in response headers, but no corsHeaders variable is defined in scope anymore after this refactor. The first unauthorized/validation/error response will throw a ReferenceError, causing connection-tester calls to fail at runtime instead of returning the intended JSON error payload.
Useful? React with 👍 / 👎.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Superseded —
mainis now atf3e6de1c(waslovable-sync-1777296493HEAD, the most recent Lovable sync). This PR's branch is an earlier snapshot of the same development line and is fully contained in main now. Closing.See PR #17 for the analysis of why this consolidation was needed and how it was done.