Compare commits

...

56 Commits
v1.3 ... v1.8.3

Author SHA1 Message Date
Daniel Bedeleanu
939ad8648d Build [v1.8.3] (Explicit directory creation in bundle) 2026-04-13 19:39:33 +03:00
Daniel Bedeleanu
6f6caf3c5a Build [v1.8.2] (Fix missing scripts in bundle) 2026-04-13 19:38:11 +03:00
Daniel Bedeleanu
5e648002f0 Build [v1.8.1] (Fix Docker Context) 2026-04-13 19:36:06 +03:00
Daniel Bedeleanu
81b775c9ae Build [v1.8.0] 2026-04-13 19:23:48 +03:00
Daniel Bedeleanu
994920bda2 Build [v1.7.0] - GitGuard - Infrastructure Hardening 2026-04-12 22:45:27 +03:00
Daniel Bedeleanu
0a6368b9f6 modificari de documentatii dupa o implementare noua 2026-04-12 21:43:08 +03:00
Daniel Bedeleanu
26e8f034a2 Update save_version.py: Added automatic master branch synchronization 2026-04-12 21:32:55 +03:00
Daniel Bedeleanu
2e5c666cc8 Build [v1.5.0] - Box Management & Label Printing 2026-04-12 21:30:50 +03:00
Daniel Bedeleanu
e383b97d44 docs: finalized v1.4.1 session logs and architecture security section 2026-04-12 10:49:48 +03:00
Daniel Bedeleanu
50ae3671c9 Build [v1.4.1] - Security hardening, PWA and UI refinements 2026-04-12 10:45:57 +03:00
Daniel Bedeleanu
f3d861b1a2 Build [v1.4.0] - Audit Dashboard & LDAP Restoration 2026-04-12 09:39:17 +03:00
Daniel Bedeleanu
5cceba21f4 Fix version naming format: v.X.Y.Z → vX.Y.Z 2026-04-12 07:32:16 +03:00
Daniel Bedeleanu
161a182281 Build [v.1.3.9] 2026-04-12 07:29:58 +03:00
Daniel Bedeleanu
38e9428109 chore: update VERSION.json commit hash to 0869ab8c 2026-04-11 19:48:02 +03:00
Daniel Bedeleanu
0869ab8cdd chore: purge .npx_cache/ and scratch/npm_cache/ from git index [v1.3.8]
These directories were already tracked before being added to .gitignore.
Removed 3350 cached files from git index via 'git rm --cached -r'.
Files remain on disk but are no longer tracked by git.
2026-04-11 19:47:20 +03:00
Daniel Bedeleanu
106f46e9f8 chore: update VERSION.json commit hash to 955b1e86 2026-04-11 19:37:38 +03:00
Daniel Bedeleanu
955b1e86e5 security: harden gitignore and add config example files [v1.3.7]
- Expanded .gitignore: root venv, npx_cache, AI metadata (.remember, .claude),
  data/ (SQLite DB), frontend/config/, frontend/public/icons/, certificates,
  docker-compose.override.yml
- Removed backend/config/ldap_config.json from git tracking (contains real IPs/credentials)
- Added backend/config/ldap_config.json.example with placeholder template
- Updated backend/.env.example: added JWT_SECRET_KEY, ALLOWED_ORIGINS, DATA_DIR, LOGS_DIR
2026-04-11 19:37:16 +03:00
Daniel Bedeleanu
6981cadb57 changed_version_naming 2026-04-11 18:44:24 +03:00
Daniel Bedeleanu
704934165f Build [v.1.3.6] 2026-04-11 17:14:22 +03:00
Daniel Bedeleanu
775808506f fix: convert user_id to string for JWT sub claim (JWT spec requirement) 2026-04-11 15:30:31 +03:00
Daniel Bedeleanu
cee93fe53c debug: log DATA_DIR and database path at startup 2026-04-11 15:28:53 +03:00
Daniel Bedeleanu
c95d095f9f debug: add JWT validation logging to diagnose 401 errors 2026-04-11 15:25:51 +03:00
Daniel Bedeleanu
a8d74f3ae8 debug: add detailed logging to login response handling 2026-04-11 15:14:54 +03:00
Daniel Bedeleanu
d6e7a8d2a4 debug: add console logging to token save and request interceptor
- Log when saveToken is called with token details
- Log when request interceptor checks for token
- Log when Authorization header is set or token is missing
- Helps diagnose 401 Unauthorized issues after login
2026-04-11 15:11:25 +03:00
Daniel Bedeleanu
c1b8d2d8b9 fix: use absolute paths for DATA_DIR and LOGS_DIR in start_server.sh
- Resolves sqlite3.OperationalError when database path is relative
- Uses script directory as base for all relative paths
- Ensures consistent behavior regardless of working directory
2026-04-11 15:07:51 +03:00
Daniel Bedeleanu
02a4951901 refactor: centralize configuration in backend/config/ and frontend/config/
- Move ldap_config.json from ./data/ to backend/config/
- Update users.py to read LDAP config from backend/config/ldap_config.json
- Create frontend/config/ directory for future frontend configs
- DATA_DIR still used for database and runtime files in ./data/
- Update .gitignore to track backend/config/ but ignore runtime data dirs
2026-04-11 15:06:56 +03:00
Daniel Bedeleanu
ac1703e6c2 fix: set DATA_DIR and LOGS_DIR environment variables in start_server.sh
- DATA_DIR=./data points backend to correct config location
- Ensures ldap_config.json and database are found consistently
- Matches docker-compose setup
2026-04-11 15:04:05 +03:00
Daniel Bedeleanu
a6d2d176ba debug: add detailed LDAP authentication logging with error traceback 2026-04-11 15:02:57 +03:00
Daniel Bedeleanu
6e58cce73a fix: restore original LDAP configuration with correct group mappings
- Use proper group names: inventory_admins (admin), inventory_users (user)
- Use relative groups_dn: 'ou=groups' (not absolute path)
- Matches original user's GUI-configured settings
2026-04-11 15:01:12 +03:00
Daniel Bedeleanu
7d821d1f7b config: add LDAP configuration for LLDAP server at 192.168.84.107:3890 2026-04-11 14:59:16 +03:00
Daniel Bedeleanu
c816cb4630 fix: enable DEBUG logging for development (configurable via LOG_LEVEL env var) 2026-04-11 14:56:13 +03:00
Daniel Bedeleanu
3c8d50162b debug: add detailed logging to login authentication flow
- Log when local auth succeeds/fails
- Log when password mismatch occurs
- Log LDAP auth attempts and failures
- Helps diagnose why login is returning 401
2026-04-11 14:55:31 +03:00
Daniel Bedeleanu
483a747600 fix: CORS configuration for both docker-compose and start_server.sh deployments
- Update start_server.sh to auto-detect local IP and export ALLOWED_ORIGINS
- Includes both localhost and detected IP on HTTP/HTTPS proxy ports
- Export JWT_SECRET_KEY with ephemeral key if not set
- Fix Romanian comments in docker-compose.yml to English
- Document two deployment methods in SESSION_STATE.md
2026-04-11 14:44:00 +03:00
Daniel Bedeleanu
d9e75368fb debug: add error logging to getUsers call for troubleshooting 2026-04-11 14:40:44 +03:00
Daniel Bedeleanu
cf528ac161 fix: use plain axios for getUsers (public endpoint, avoid JWT interceptor) 2026-04-11 14:39:34 +03:00
Daniel Bedeleanu
c949bcd211 fix: reorder CORS middleware before rate limiter to fix OPTIONS preflight 2026-04-11 14:38:43 +03:00
Daniel Bedeleanu
356dfa32f1 fix: remove invalid add_exception_handler call for slowapi 2026-04-11 14:38:00 +03:00
Daniel Bedeleanu
c2bd8e44fb fix: add Request parameter to extract_label for slowapi rate limiter 2026-04-11 14:37:28 +03:00
Daniel Bedeleanu
6fede92860 fix: remove HTTPAuthCredentials import (FastAPI compatibility) 2026-04-11 14:36:46 +03:00
Daniel Bedeleanu
427be99f67 fix: move package management rule to AI_RULES.md (Single Source of Truth) 2026-04-11 14:35:44 +03:00
Daniel Bedeleanu
1767b38373 docs: add mandatory rules for package management and English-only policy to CLAUDE.md 2026-04-11 14:34:38 +03:00
Daniel Bedeleanu
45b0f8b35c fix: make getUsers endpoint public for login page + translate remaining Romanian comments 2026-04-11 14:32:17 +03:00
Daniel Bedeleanu
0b77324a3f docs: update SESSION_STATE — v1.3.5 release with complete English compliance 2026-04-11 14:29:44 +03:00
Daniel Bedeleanu
73115a24ac chore: update VERSION.json to final commit ccc69d92 2026-04-11 14:27:21 +03:00
Daniel Bedeleanu
ccc69d92df fix: translate final Romanian comment in items.py to English 2026-04-11 14:27:15 +03:00
Daniel Bedeleanu
9dbe0f8b6c refactor: translate all docstrings and comments to English (STRICT ENGLISH POLICY complete) 2026-04-11 14:26:55 +03:00
Daniel Bedeleanu
54b40c9d37 chore: update VERSION.json to v1.3.5 with final commit 2026-04-11 14:25:15 +03:00
Daniel Bedeleanu
c31209b740 chore: translate remaining Romanian code comments to English (STRICT ENGLISH POLICY) 2026-04-11 14:25:03 +03:00
Daniel Bedeleanu
f0de7d763a docs: translate USER_GUIDE.md to English (STRICT ENGLISH POLICY)
USER_GUIDE.md is a production file → must be ENGLISH ONLY.

Complete translation covering:
- PWA mobile installation
- Authentication (JWT tokens, LDAP, 8h token expiry)
- Scanning modes (barcode, AI OCR)
- Inventory organization
- Offline operation & auto-sync
- Activity/audit log
- Admin functions (users, LDAP, settings)
- Security notices
- Troubleshooting guide
- Version info

Follows mandatory rule: All production documentation in English ONLY.
(Only AI-user discussion can be in Romanian)

Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>
2026-04-11 14:19:55 +03:00
Daniel Bedeleanu
29dee921f9 docs: translate SESSION_STATE to English + add DEPLOYMENT section to README
Session state fully in English (following STRICT ENGLISH POLICY for production docs).
Added comprehensive Production Deployment section to README with:
- Environment variables table (JWT_SECRET_KEY, ALLOWED_ORIGINS)
- Critical deployment checklist
- Docker production setup example
- Reference to SECURITY_REPORT.md

Addresses:
1. Documentation in English for production files ✓
2. Details on JWT_SECRET_KEY and ALLOWED_ORIGINS for production users ✓

Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>
2026-04-11 14:18:34 +03:00
Daniel Bedeleanu
2574726f78 docs: final SESSION_STATE — ALL TASKS COMPLETE v1.3.5
Audit de securitate: 12 vulnerabilități identificate, 12/12 remediate
JWT backend: complet cu auth pe toți routers
JWT frontend: token handling + 401 redirect
Rate limiting: 10/min pe /items/extract-label
CORS: ALLOWED_ORIGINS configurable via env
Docker: environment vars pentru dev+prod

Status: PRODUCTION-READY (cu caveate env setup)

Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>
2026-04-11 13:42:41 +03:00
Daniel Bedeleanu
e6ca33f2f0 feat: frontend JWT handling, rate limiting [H-02], CORS config
Frontend:
- Creiez frontend/lib/auth.ts cu saveToken, getToken, getAuthHeader, clearAuth
- Modific api.ts: axiosInstance cu interceptor Bearer token + 401 → /login redirect
- Modific login page: salveaza JWT token din response

Backend:
- [H-02] Integrez slowapi rate limiting: 10 req/minute pe /items/extract-label
- [M-01] CORS: ALLOWED_ORIGINS din env (dev fallback: localhost:3000, localhost:3002)
- [C-01] JWT_SECRET_KEY din env (dev fallback: ephemeral key)

docker-compose.yml:
- Adaug ALLOWED_ORIGINS env var (dev: localhost)
- Adaug JWT_SECRET_KEY env var cu fallback warning

Status:
-  JWT backend: complet
-  JWT frontend: token save + attach + 401 handling
-  Rate limiting: 10/min pe extract-label
-  CORS: configurable via env

Gata pentru dev + testing local.

Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>
2026-04-11 13:42:09 +03:00
Daniel Bedeleanu
e9ada00497 docs: update SESSION_STATE cu status [C-01] JWT auth COMPLET
Backend-ul are autentificație JWT completa pe toți routers-ii.
Frontend-ul trebuie actualizat pentru a trimite token în header.
Rate limiting (H-02) și CORS final rămân pending.

Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>
2026-04-11 13:38:45 +03:00
Daniel Bedeleanu
9b6adad618 feat: implementare JWT Bearer authentication pe toți routers [C-01]
Implementare completă a autentificării Bearer token:
- Creiez backend/auth.py: funcții JWT (create_access_token, get_current_user, get_current_admin)
- Modific /users/login: returnează TokenResponse cu JWT token și expirare 8h
- Adaug Depends(get_current_user) pe toate endpoint-urile API
- [M-02] user_id extras din JWT token, nu din request body
- [L-01] Token cu exp claim pentru sesiuni frontend

Acces endpoints-uri:
- GET/POST /users/: authenticated users
- POST /users/: admin only
- PUT /users/{id}, DELETE /users/{id}, /ldap-config, /test-ldap: admin only
- Toți routers (items, operations, categories): authenticated users minimum

Modificări dependențe:
- Adaug: python-jose[cryptography]>=3.3.0, slowapi>=0.1.9 (pentru H-02 rate limiting)

Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>
2026-04-11 13:38:24 +03:00
Daniel Bedeleanu
247ea45408 security: audit complet + patch vulnerabilitati critice v1.3.5
Audit de securitate executat pe Backend (FastAPI) si Frontend (Next.js/Dexie).
12 vulnerabilitati identificate (4 CRITICE, 4 HIGH, 3 MEDIUM, 1 LOW).

Patch-uri aplicate direct:
- [C-02] Eliminat bypass autentificare pentru useri fara parola (users.py)
- [C-03] Parola default Admin inlocuita cu secrets.token_urlsafe(16) (users.py)
- [H-01] LDAP injection fix: escape_filter_chars pe username (users.py)
- [H-03] Validare MIME + limita 10MB pe /items/extract-label (items.py)
- [M-01] CORS fix: allow_origins din env ALLOWED_ORIGINS, nu wildcard (main.py)
- [M-03] Toate print() LDAP inlocuite cu log.debug() (users.py)

Raport complet: dev_docs/SECURITY_REPORT.md
Actiuni arhitecturale ramase (JWT enforcement, rate limiting): SESSION_STATE.md

Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>
2026-04-11 13:20:05 +03:00
Daniel Bedeleanu
903c65a4b4 docs: archive gemini session and hand over to claude for security audit 2026-04-11 13:03:19 +03:00
3422 changed files with 4497 additions and 55489 deletions

View File

@@ -0,0 +1,43 @@
---
trigger: manual
description: You are an expert in API Testing using tools like Postman and REST Assured.
---
# API Testing (Postman, REST Assured)
You are an expert in API Testing using tools like Postman and REST Assured.
Key Principles:
- Test the business logic layer directly
- Faster and more stable than UI tests
- Validate request/response contracts
- Check status codes, headers, and body
- Ensure security and performance
Postman:
- Collections and Folders
- Environment and Global variables
- Pre-request scripts and Tests (JavaScript)
- Newman CLI for CI/CD integration
- Mock Servers
REST Assured (Java):
- Fluent BDD-like syntax (Given-When-Then)
- Easy integration with JUnit/TestNG
- JSON/XML Schema validation
- Request/Response logging
- Authentication support (OAuth, Basic)
What to Test:
- Status Codes (200, 201, 400, 401, 403, 404, 500)
- Response Payload (JSON structure and data)
- Headers (Content-Type, Cache-Control)
- Performance (Response time)
- Security (Auth, Rate limiting)
Best Practices:
- Chain requests (Extract token -> Use token)
- Use JSON Schema validation
- Data-driven testing (CSV/JSON files)
- Clean up created resources
- Run API tests in CI pipeline

View File

@@ -0,0 +1,74 @@
---
trigger: manual
description: You are an expert in modern CSS and responsive web design.
---
# Modern CSS & Responsive Design Expert
You are an expert in modern CSS and responsive web design.
Key Principles:
- Use mobile-first approach
- Implement responsive design with CSS Grid and Flexbox
- Use CSS custom properties (variables)
- Follow BEM or similar naming convention
- Write maintainable and scalable CSS
Layout:
- Use CSS Grid for two-dimensional layouts
- Use Flexbox for one-dimensional layouts
- Use CSS Grid auto-fit and auto-fill
- Implement proper spacing with gap property
- Use logical properties (inline, block)
Responsive Design:
- Use mobile-first media queries
- Use relative units (rem, em, %)
- Implement fluid typography with clamp()
- Use container queries when appropriate
- Test on multiple devices and screen sizes
Modern CSS Features:
- Use CSS custom properties for theming
- Use CSS Grid and Flexbox
- Use aspect-ratio for maintaining proportions
- Use clamp() for fluid sizing
- Use min(), max() for responsive values
- Use :is(), :where() for cleaner selectors
Animations:
- Use CSS transitions for simple animations
- Use CSS animations for complex sequences
- Use transform for better performance
- Respect prefers-reduced-motion
- Use will-change sparingly
Performance:
- Minimize CSS file size
- Remove unused CSS
- Use CSS containment
- Avoid expensive selectors
- Use CSS Grid/Flexbox over floats
- Minimize repaints and reflows
Architecture:
- Use BEM or similar methodology
- Organize CSS logically
- Use CSS custom properties for consistency
- Implement design tokens
- Use utility classes sparingly
Accessibility:
- Ensure sufficient color contrast
- Use focus-visible for focus styles
- Don't rely on color alone
- Test with high contrast mode
- Ensure text is readable
Best Practices:
- Use CSS reset or normalize
- Implement consistent spacing scale
- Use semantic class names
- Avoid !important
- Comment complex CSS
- Use CSS linting tools

View File

@@ -0,0 +1,88 @@
---
trigger: manual
description: Progressive Web App (PWA) Expert
---
# Progressive Web App (PWA) Expert
You are an expert in Progressive Web App development.
Key Principles:
- Implement offline-first strategy
- Use service workers for caching
- Make app installable
- Ensure fast loading
- Provide app-like experience
Service Workers:
- Implement proper caching strategies
- Use Cache API effectively
- Handle offline scenarios
- Implement background sync
- Use workbox for easier implementation
- Handle service worker updates
Manifest:
- Create comprehensive web app manifest
- Define app icons for all sizes
- Set appropriate display mode
- Define theme and background colors
- Set start URL and scope
- Add screenshots for app stores
Caching Strategies:
- Use cache-first for static assets
- Use network-first for dynamic content
- Implement stale-while-revalidate
- Use cache-only for offline pages
- Implement proper cache versioning
Offline Experience:
- Provide offline fallback page
- Cache critical resources
- Implement background sync
- Show offline indicator
- Queue failed requests
Performance:
- Implement lazy loading
- Use code splitting
- Optimize images
- Minimize JavaScript
- Use HTTP/2 push
- Implement resource hints
Installability:
- Meet PWA criteria
- Implement beforeinstallprompt
- Provide install UI
- Test installation flow
- Handle app updates
Push Notifications:
- Implement push notification API
- Request permission appropriately
- Handle notification clicks
- Implement notification best practices
- Test on multiple platforms
Security:
- Serve over HTTPS
- Implement CSP headers
- Validate all inputs
- Use secure authentication
- Implement proper CORS
Testing:
- Use Lighthouse for audits
- Test offline functionality
- Test on multiple devices
- Test installation flow
- Test push notifications
Best Practices:
- Follow PWA checklist
- Implement progressive enhancement
- Provide app shell architecture
- Use PRPL pattern
- Monitor performance metrics

View File

@@ -0,0 +1,44 @@
---
trigger: manual
description: You are an expert in Security Testing and Penetration Testing.
---
# Security & Penetration Testing
You are an expert in Security Testing and Penetration Testing.
Key Principles:
- Think like an attacker
- Defense in Depth
- Shift Left (Security early in SDLC)
- Validate controls and mitigations
- Compliance and Risk Management
OWASP Top 10 (Focus Areas):
- Broken Access Control
- Cryptographic Failures
- Injection (SQLi, XSS)
- Insecure Design
- Security Misconfiguration
Testing Types:
- SAST (Static Application Security Testing): Code analysis (SonarQube)
- DAST (Dynamic Application Security Testing): Runtime analysis (OWASP ZAP, Burp Suite)
- SCA (Software Composition Analysis): Dependency checks (Snyk, Dependabot)
- Penetration Testing: Manual exploitation
Tools:
- Burp Suite: Proxy and scanner
- OWASP ZAP: Open source scanner
- Metasploit: Exploitation framework
- Nmap: Network scanning
- Wireshark: Packet analysis
Best Practices:
- Sanitize all inputs
- Encode all outputs
- Use parameterized queries
- Implement proper authentication/authorization
- Keep dependencies updated
- Conduct regular vulnerability scans
- Perform manual code reviews for security logic

View File

@@ -0,0 +1,25 @@
{
"permissions": {
"allow": [
"mcp__plugin_context-mode_context-mode__ctx_batch_execute",
"mcp__plugin_context-mode_context-mode__ctx_search",
"Bash(git add:*)",
"Bash(git commit -m ':*)",
"mcp__plugin_context-mode_context-mode__ctx_execute",
"Bash(git commit -m 'docs: update SESSION_STATE cu status [C-01] JWT auth COMPLET:*)",
"Bash(git commit -m 'docs: final SESSION_STATE — ALL TASKS COMPLETE v1.3.5:*)",
"Bash(git rebase:*)",
"Bash(git filter-branch:*)",
"Bash(git reset:*)",
"Bash(git commit -m 'feat: implement JWT Bearer authentication on all routers [C-01]:*)",
"Bash(git commit:*)",
"Bash(git branch:*)",
"Bash(pip install:*)",
"Bash(sqlite3 data/inventory.db \"SELECT username, role, origin, hashed_password FROM users;\")",
"Bash(sqlite3 data/inventory.db \".schema users\")",
"Bash(sqlite3 data/inventory.db \"SELECT * FROM users;\")",
"Bash(git restore:*)",
"Bash(pkill -f \"uvicorn\")"
]
}
}

95
.gitignore vendored
View File

@@ -1,10 +1,91 @@
# ============================================================
# TFM aInventory — .gitignore
# ============================================================
# ── Python environments ──────────────────────────────────────
.venv/
backend/venv/
backend/data/
__pycache__/
**/__pycache__/
*.pyc
.env
.DS_Store
aInventory-PROD*
aInventory-PROD*.zip
logs/
*.pyo
*.pyd
*.egg-info/
dist/
build/
# ── Runtime data directories ─────────────────────────────────
# Content is excluded; the directories themselves are tracked via .gitkeep.
# On fresh clone: run ./start_server.sh or docker compose up to initialize.
/data/*
!/data/.gitkeep
/data/backups/
/logs/*
!/logs/.gitkeep
# Duplicate runtime dirs that may exist inside backend/ (Docker legacy)
backend/data/
backend/logs/
# ── Sensitive configuration files ────────────────────────────
# The ACTIVE LDAP config is: backend/config/ldap_config.json
# It contains real server IPs and credentials — never commit.
# The template/example IS committed and used by init_data.sh on fresh installs.
backend/config/ldap_config.json
!backend/config/ldap_config.json.example
# ── Environment files (secrets) ──────────────────────────────
.env
.env.*
!.env.example
backend/.env
backend/.env.*
!backend/.env.example
# Docker environment override file
docker-compose.override.yml
.env.docker
# ── Application logs ─────────────────────────────────────────
# (also covered by /logs/* above, these catch any other locations)
frontend/logs/
*.log
npm-debug.log*
yarn-debug.log*
yarn-error.log*
# ── Frontend build artifacts ──────────────────────────────────
frontend/.next/
frontend/out/
frontend/build/
frontend/node_modules/
# ── Frontend generated/runtime assets ────────────────────────
# SSL certs and runtime configs (generated by start_server.sh)
frontend/config/
# PWA icons generated at build time
frontend/public/icons/
# ── npm / npx caches ─────────────────────────────────────────
.npx_cache/
scratch/npm_cache/
# ── Production bundles (generated by export_prod.sh) ─────────
aInventory-PROD*/
aInventory-PROD*.zip
# ── AI / IDE metadata ─────────────────────────────────────────
.remember/
.claude/
# ── macOS system files ────────────────────────────────────────
.DS_Store
**/.DS_Store
# ── Certificates & keys ──────────────────────────────────────
*.pem
*.key
*.crt
*.cert
__push_ALL_to_remote.sh

Some files were not shown because too many files have changed in this diff Show More