Full deployment history for this project.
ā” Bolt: [performance improvement] Memoize global context providers Added `useMemo` and `useCallback` inside `CartProvider` and `I18nProvider` to properly memoize the context values. This prevents all components consuming the React contexts from re-rendering whenever the top-level parent re-renders unless the derived state explicitly changes. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
š”ļø Sentinel: [CRITICAL] Fix missing authentication on supplier endpoint Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
š”ļø Sentinel: [CRITICAL] Fix missing authentication on supplier API Adds a required check for the INTERNAL_API_SECRET in the Authorization header for the greens supplier POST endpoint to prevent unauthorized access. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
ā” Bolt: Optimize CartProvider with useMemo and useCallback Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
šØ Palette: Improve ProductCard accessibility by removing nested interactive elements - Converted ProductCard wrapper from `<Link>` to `<div>`. - Applied `<Link>` directly to the title and used `before:absolute before:inset-0 before:z-10` to stretch the link across the entire card area. - Added `z-20` to the nested button and badge to ensure they remain clickable and focusable above the stretched link. - Resolves an HTML spec violation and significantly improves keyboard and screen reader accessibility. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
š”ļø Sentinel: [CRITICAL] Fix unauthenticated internal supplier API Added `INTERNAL_API_SECRET` authentication check to the `POST` handler in `app/api/v1/suppliers/greens/route.ts` to prevent unauthorized access and order creation. The endpoint relied on middleware CORS, which is globally permissive (`Origin: *`). Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
šØ Palette: Fix nested interactive elements in product card Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
ā” Bolt: Optimize CartProvider to prevent unnecessary re-renders Memoized action handlers and derived state in CartProvider using useCallback and useMemo to prevent unnecessary re-renders of consuming components. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
ā” Bolt: Memoize CartProvider context value and actions - Wrap all CartContext action functions in `useCallback` - Wrap derived cart calculations (`totalItems`, `totalPrice`) in `useMemo` - Wrap the context provider value object in `useMemo` This prevents all consuming components from re-rendering unless the actual cart state changes, improving performance across the application. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
šØ Palette: Add aria-hidden to decorative icons Added `aria-hidden="true"` to purely decorative icon `<span>` elements in `components/header.tsx` and `components/product-card.tsx` to prevent redundant screen reader announcements. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
š”ļø Sentinel: [CRITICAL] Fix origin spoofing vulnerability in middleware Replaced insecure Origin header check with Authorization header verification using INTERNAL_API_SECRET for internal network requests. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
Merge pull request #7 from mbarbine/sentinel-add-security-headers-13911676102182493261 š”ļø Sentinel: [security improvement] Add security headers to responses
Merge pull request #1 from mbarbine/v0/mbarbine-9f1c2578 Launch e-commerce platform with Stripe and multi-language support