Full deployment history for this project.
🎨 Palette: Improve form accessibility in Campaign Form Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
⚡ Bolt: Replace manual O(N) array mapping loop with O(K) mapped Array.from(selectedOptions) in CampaignForm Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
🎨 Palette: Improve ComposeMail form accessibility and UX Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
refactor: optimize handling of selected options in CampaignForm Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
🎨 Palette: Fix accessibility in CampaignForm - Add explicit `id` attributes to inputs matching `<label htmlFor="id">`. - Add `aria-required="true"` and visual asterisk `*` to required fields. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
🎨 Palette: Improve accessibility of Auth forms - Added visual red asterisks to the Email and Password labels on `/auth/login` and `/auth/signup` forms. - Added `aria-required="true"` to the respective input fields. - Added proper `htmlFor` and `id` linking for the labels in the Auth components. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
🛡️ Sentinel: Fix unauthenticated PDF generation Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
🛡️ Sentinel: [CRITICAL] Fix unauthenticated file generation Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
🎨 Palette: Improve accessibility of LoginForm and login page Added `htmlFor` attributes to `<label>` elements and matching `id` attributes to `<Input>` elements to ensure proper association for screen readers. Added visual required indicators (red asterisks) to the labels, and `aria-required="true"` to the inputs for semantic correctness. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
🎨 Palette: Improve accessibility and usability of the Login form Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
🛡️ Sentinel: Fix missing authentication on PDF generation endpoint Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
Merge pull request #16 from ph3ar/bolt-memoize-dashboard-button-12363453856159033184 ⚡ Bolt: Memoize DashboardButton for faster rendering
🛡️ Sentinel: [HIGH] Fix IDOR in cancel-mail endpoint Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
🛡️ Sentinel: Fix IDOR vulnerability in cancel mail endpoint - Added authentication check using `getUserFromSession` to `api/stannp/cancel-mail.ts` - Added database query to explicitly check if the authenticated `user.id` is the owner of the `mail_item` being cancelled via the `stannp_id` - Modified error response to be secure and not leak internal information - Added a `.jules/sentinel.md` journal entry detailing this finding Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
Merge pull request #11 from ph3ar/sentinel/fix-api-proxy-abuse-12098932589519700902 🛡️ Sentinel: [HIGH] Fix API proxy abuse vulnerability in Stannp route
🛡️ Sentinel: [HIGH] Fix API proxy abuse vulnerability in Stannp route Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
Merge pull request #9 from ph3ar/sentinel/fix-pdf-ssrf-6605141478258078754 🛡️ Sentinel: [CRITICAL] Fix SSRF in PDF generation
Merge pull request #10 from ph3ar/bolt-sendmail-promise-all-9000495345179068375 ⚡ Bolt: [performance improvement] concurrent database queries in api/sendMail.ts
Refactor `api/sendMail.ts` to use `Promise.all` for database queries Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
🛡️ Sentinel: [CRITICAL] Fix SSRF in PDF generation Added URL validation to fetchImage functions to ensure that only images from the configured Supabase URL can be downloaded by the server. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
⚡ Bolt: Parallelize independent database queries in sendMail API Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
⚡ Bolt: Refactor backend API to fetch independent user and recipient database queries concurrently Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
Merge pull request #6 from ph3ar/bolt-optimize-auth-user-fetch-4910875095134759275
Merge pull request #5 from ph3ar/feat/ux-aria-labels-delete-buttons-3671510306874614148
⚡ Jules: Replaced `supabase.auth.getUser()` with `useUser()` hook I have replaced all instances of `await supabase.auth.getUser()` in React component bodies and `useEffect` hooks with the synchronous `useUser` hook from `@supabase/auth-helpers-react`. This eliminates redundant network calls on component mount and form submissions, resolving an N+1 query issue for the frontend auth state. I also updated loading state handling in `pages/dashboard.tsx` with `useSessionContext` to prevent flashing unauthenticated states, and added inline comments noting the performance impact. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
🎨 Palette: Add `aria-label` to destructive delete buttons for screen readers - Added `aria-label` indicating specifically which recipient or campaign is being deleted in `CampaignList.tsx` and `RecipientList.tsx`. - Added `focus-visible` outline for keyboard navigation accessibility. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
Merge pull request #4 from ph3ar/bolt-parallelize-data-fetching-9979161746928360574 ⚡ Bolt: Parallelize data fetching in ComposeMail
⚡ Bolt: Parallelize data fetching in ComposeMail Refactor ComposeMail.tsx to fetch user profile and recipients concurrently using Promise.all, eliminating a sequential network waterfall. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
Merge pull request #3 from ph3ar/copilot/fix-next-auth-dependency-issues Fix nodemailer peer dependency conflict blocking npm install
Merge pull request #3 from ph3ar/copilot/fix-next-auth-dependency-issues Fix nodemailer peer dependency conflict blocking npm install
fix: upgrade nodemailer from ^6.9.15 to ^7.0.7 to resolve peer dependency conflict with next-auth Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>