Commit Graph

83 Commits

Author SHA1 Message Date
b6a48f1249 refactor(frontend): eliminate backdrop-blur throughout codebase
Remove all instances of backdrop-blur effect (14+ occurrences) to simplify visual design
and eliminate signature 2023-2024 AI aesthetic tell. Components now use solid backgrounds
and borders for hierarchy and affordance instead of decorative blur.

Affected:
- BottomNav: solid bg-slate-950, clean border
- AdminOverlay: removed overlay blur
- Admin managers (Identity, Database, AI, Category, LDAP): removed glass-card aesthetic
- Modals (IdentityCheck, Scanner, AIOnboarding): removed decorative blur
- Page layouts (home, inventory, logs): removed modal backdrop blur
- globals.css: removed glass-card utility

Build: passes with zero errors. Bundle sizes unchanged.

Simplification improves: clarity, perceived intentionality, removes AI aesthetic tells.
2026-04-17 10:26:39 +03:00
572422b677 Build [v1.10.11] 2026-04-15 20:57:01 +03:00
add873b159 dada 2026-04-15 16:58:20 +03:00
Daniel Bedeleanu
546eca6b9a docs: finalize session state - mobile stat cards responsive fix complete
- StatCard component created with accessibility features
- Inventory, Logs, and Admin pages refactored (7 stat cards total)
- Mobile viewport testing verified (320px-1024px)
- All responsive breakpoints working correctly
- Spec coverage 100% - ready for production deployment
2026-04-15 11:36:50 +03:00
Daniel Bedeleanu
e8c804da71 docs: update session state - Admin page stat cards refactored (Task 4 complete) 2026-04-15 11:26:49 +03:00
Daniel Bedeleanu
29b5c7020c docs: update session state - Docker build fully verified and tested locally
✓ Frontend build: TypeScript compilation successful (0 errors)
✓ Full stack build: All 3 images built successfully
✓ Integration test: Services running and responding to HTTP

Ready for remote server deployment.
2026-04-15 10:06:58 +03:00
Daniel Bedeleanu
70670a3c9d docs: add Docker build verification plan and update session state
- Created comprehensive 4-task plan for local Docker testing
- Plan includes: frontend build, full stack build, integration tests, handover
- Updated SESSION_STATE.md with TypeScript fix status and next steps
- Ready for remote deployment verification
2026-04-15 09:37:50 +03:00
Daniel Bedeleanu
6c57b1b0c2 blabla 2026-04-14 22:54:19 +03:00
Daniel Bedeleanu
1ea5e90bc4 Fix: resolve Unterminated regexp literal build error in page.tsx 2026-04-14 20:48:53 +03:00
Daniel Bedeleanu
fcb187974e Build [v1.9.18] 2026-04-13 23:43:52 +03:00
Daniel Bedeleanu
5e648002f0 Build [v1.8.1] (Fix Docker Context) 2026-04-13 19:36:06 +03:00
Daniel Bedeleanu
81b775c9ae Build [v1.8.0] 2026-04-13 19:23:48 +03:00
Daniel Bedeleanu
994920bda2 Build [v1.7.0] - GitGuard - Infrastructure Hardening 2026-04-12 22:45:27 +03:00
Daniel Bedeleanu
0a6368b9f6 modificari de documentatii dupa o implementare noua 2026-04-12 21:43:08 +03:00
Daniel Bedeleanu
2e5c666cc8 Build [v1.5.0] - Box Management & Label Printing 2026-04-12 21:30:50 +03:00
Daniel Bedeleanu
50ae3671c9 Build [v1.4.1] - Security hardening, PWA and UI refinements 2026-04-12 10:45:57 +03:00
Daniel Bedeleanu
f3d861b1a2 Build [v1.4.0] - Audit Dashboard & LDAP Restoration 2026-04-12 09:39:17 +03:00
Daniel Bedeleanu
161a182281 Build [v.1.3.9] 2026-04-12 07:29:58 +03:00
Daniel Bedeleanu
704934165f Build [v.1.3.6] 2026-04-11 17:14:22 +03:00
Daniel Bedeleanu
483a747600 fix: CORS configuration for both docker-compose and start_server.sh deployments
- Update start_server.sh to auto-detect local IP and export ALLOWED_ORIGINS
- Includes both localhost and detected IP on HTTP/HTTPS proxy ports
- Export JWT_SECRET_KEY with ephemeral key if not set
- Fix Romanian comments in docker-compose.yml to English
- Document two deployment methods in SESSION_STATE.md
2026-04-11 14:44:00 +03:00
Daniel Bedeleanu
0b77324a3f docs: update SESSION_STATE — v1.3.5 release with complete English compliance 2026-04-11 14:29:44 +03:00
Daniel Bedeleanu
29dee921f9 docs: translate SESSION_STATE to English + add DEPLOYMENT section to README
Session state fully in English (following STRICT ENGLISH POLICY for production docs).
Added comprehensive Production Deployment section to README with:
- Environment variables table (JWT_SECRET_KEY, ALLOWED_ORIGINS)
- Critical deployment checklist
- Docker production setup example
- Reference to SECURITY_REPORT.md

Addresses:
1. Documentation in English for production files ✓
2. Details on JWT_SECRET_KEY and ALLOWED_ORIGINS for production users ✓

Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>
2026-04-11 14:18:34 +03:00
Daniel Bedeleanu
2574726f78 docs: final SESSION_STATE — ALL TASKS COMPLETE v1.3.5
Audit de securitate: 12 vulnerabilități identificate, 12/12 remediate
JWT backend: complet cu auth pe toți routers
JWT frontend: token handling + 401 redirect
Rate limiting: 10/min pe /items/extract-label
CORS: ALLOWED_ORIGINS configurable via env
Docker: environment vars pentru dev+prod

Status: PRODUCTION-READY (cu caveate env setup)

Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>
2026-04-11 13:42:41 +03:00
Daniel Bedeleanu
e9ada00497 docs: update SESSION_STATE cu status [C-01] JWT auth COMPLET
Backend-ul are autentificație JWT completa pe toți routers-ii.
Frontend-ul trebuie actualizat pentru a trimite token în header.
Rate limiting (H-02) și CORS final rămân pending.

Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>
2026-04-11 13:38:45 +03:00
Daniel Bedeleanu
247ea45408 security: audit complet + patch vulnerabilitati critice v1.3.5
Audit de securitate executat pe Backend (FastAPI) si Frontend (Next.js/Dexie).
12 vulnerabilitati identificate (4 CRITICE, 4 HIGH, 3 MEDIUM, 1 LOW).

Patch-uri aplicate direct:
- [C-02] Eliminat bypass autentificare pentru useri fara parola (users.py)
- [C-03] Parola default Admin inlocuita cu secrets.token_urlsafe(16) (users.py)
- [H-01] LDAP injection fix: escape_filter_chars pe username (users.py)
- [H-03] Validare MIME + limita 10MB pe /items/extract-label (items.py)
- [M-01] CORS fix: allow_origins din env ALLOWED_ORIGINS, nu wildcard (main.py)
- [M-03] Toate print() LDAP inlocuite cu log.debug() (users.py)

Raport complet: dev_docs/SECURITY_REPORT.md
Actiuni arhitecturale ramase (JWT enforcement, rate limiting): SESSION_STATE.md

Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>
2026-04-11 13:20:05 +03:00
Daniel Bedeleanu
903c65a4b4 docs: archive gemini session and hand over to claude for security audit 2026-04-11 13:03:19 +03:00
Daniel Bedeleanu
2e5ce8d153 feat: complete dockerization architecture with data/logs persistence and prod export script v1.3.0 2026-04-11 12:33:13 +03:00
Daniel Bedeleanu
432cd28ca5 docs: refactor documentation for portability and SSOT v1.2.7 2026-04-11 11:57:13 +03:00
Daniel Bedeleanu
4136d49936 style: ui readability refactor v1.2.2 (removed uppercase, tracking, increased font sizes) 2026-04-11 11:22:40 +03:00
Daniel Bedeleanu
99b70a9de8 Docs: Finalize session logs and handover for v1.2.1 2026-04-10 22:00:05 +03:00
Daniel Bedeleanu
8a3783c7e9 Infrastructure: Implement master/dev/vX branching, save git path, and fix username casing 2026-04-10 21:51:22 +03:00
Daniel Bedeleanu
f0c22d1732 feat: frontend PWA scaffolding with React and Tailwind 2026-04-10 14:06:27 +03:00
Daniel Bedeleanu
373652e8b8 feat: AI coordination protocol and advanced audit operations 2026-04-10 13:57:42 +03:00