Developement#29
Open
MatthiasBlc wants to merge 68 commits into
Open
Conversation
…point Replace the public API endpoint approach (POST /api/admin/changelog/generate with API key) by Portainer exec, keeping everything internal to the Docker network. No new env vars or secrets needed.
Add ChangelogEntry Prisma model with soft delete, CHANGELOG_* enum values in AdminActionType, migration, and idempotent v1.0.0 seed upsert.
Admin endpoints: GET/POST/PATCH/DELETE /api/admin/changelog with Zod validation, audit logging, soft delete, and 17 integration tests.
User endpoints: GET /api/changelog (paginated list) and GET /api/changelog/:id (detail), both filtered by deletedAt. 7 integration tests.
- scripts/generate-changelog.js: parses conventional commits, computes semver version, outputs JSON (runs in CI) - backend/src/scripts/insertChangelog.ts: inserts changelog entry via Prisma (runs in container via Portainer exec) - Add rootDir/include to tsconfig for consistent dist/ output
…hase 5) New job in deploy.yml that runs after deploy-prod: parses conventional commits, generates changelog JSON, inserts into DB via Portainer exec in the backend container, and creates a git version tag.
…version (Phase 6) - ChangelogPage with card layout, version badges, date relative/absolute, categorized items - API methods getChangelog/getChangelogEntry in APIManager - Route /changelog (lazy loaded, protected) - Sidebar: dynamic version from latest changelog entry, clickable link to /changelog - 6 component tests with MSW handlers
…Phase 7) - AdminChangelogPage with table (version, title, date, status, actions) - Create/edit modal with structured content editor (3 sections with add/remove items) - Delete confirmation modal (soft delete) - Show/hide deleted entries filter - Admin API methods (getAdminChangelog, createAdminChangelog, updateAdminChangelog, deleteAdminChangelog) - AdminLayout nav item with FaNewspaper icon - Route /admin/changelog in adminRoutes - 10 component tests with MSW handlers
- API_MAP: add 6 user + 4 admin changelog endpoints (107 total) - DB_MODELS: add ChangelogEntry model + CHANGELOG_* enum values - FILE_MAP: add all new backend/frontend files and tests - PROGRESS: mark changelog feature as complete - TESTS: add 24 backend + 16 frontend changelog tests (~1372 total) - CLAUDE.md: add CHANGELOG_001-004 error codes
- Modele de donnees avec dates reelles, statut ACTIVE/ARCHIVED, slots disabled/locked - Unicite par (date, mealTime) au lieu de DayOfWeek fixe - Transaction atomique archivage + creation, sans contrainte unique DB - updatedById sur MealSlot pour tracabilite collaborative - Feature 2 : frequencyPer (PER_WEEK/PER_PLANNING), cooldown cross-planning - Feature 2 : on delete SetNull regles, Cascade pins, endpoint duplicate - Feature 2 : passe de rattrapage frequencyMin par tranche PER_WEEK - Codes erreur complets (MEAL_001-013, MEAL_GEN_001-013)
Add MealPlan, MealSlot, MealIdea models with enums (DayOfWeek, MealTime, MealSlotType, MealPlanStatus). Seed MEAL_PLAN feature and test data. Update test cleanup for new FK constraints.
…e 2) Generic requireFeature middleware checks CommunityFeature (revokedAt null). Add MEAL_001-013 error codes, GET /meal-plan endpoint stub, integration tests for feature guard. Update project docs.
POST/DELETE/PATCH meal-plan, PATCH slots/:slotId, POST slots/swap. Zod validation schemas, permission dynamique (editableByMembers), auto-archive, copyDisabledFromPrevious, slot auto-enable. 30 integration tests covering CRUD, permissions, edge cases.
Phase 4 - Archives API: - GET /meal-plan/archives: paginated list with slot counts - GET /meal-plan/archives/:planId: archive detail with slots - DELETE /meal-plan/archives/:planId: delete archive (MODERATOR) - 39 tests covering plan CRUD, slots, swap, archives Phase 5 - Meal Ideas API: - GET /meal-ideas: paginated list with search - POST /meal-ideas: create idea (memberOf) - PATCH /meal-ideas/:ideaId: update (creator or MODERATOR) - DELETE /meal-ideas/:ideaId: soft delete (creator or MODERATOR) - 25 tests covering CRUD and permissions
Phase 6 - Plan Creation: - MealPlanPage with tabs (planning, archives, ideas) - CreatePlanModal with date pickers, default servings, slot preview - Option to copy disabled slots from previous plan - Archive warning when replacing existing plan Phase 7 - Desktop Grid View: - MealPlanGrid with days x meals table - Slot cards with recipe/free text, servings, status icons - Horizontal scroll for long plans Phase 8 - Slot Editing: - SlotEditModal with recipe search, free text mode, empty mode - Disabled/locked toggles, servings input, comment field Phase 9 - Drag & Drop: - HTML5 native drag and drop for slot swapping - Visual feedback during drag Phase 10 - Mobile View: - Responsive layout with vertical day cards - useIsMobile hook integration Phase 11 - Archives: - MealPlanArchives component with list and read-only viewer - Delete archive functionality for moderators Phase 12 - Ideas: - MealIdeasPanel with search, CRUD operations - Recipe linking support
- Remove unused imports in MealPlanPage (useMemo, useNavigate, refetch) - Remove unused refetch and isModerator in MealIdeasPanel - Remove unused MealSlotType import in SlotEditModal - Fix self-closing tags in CreatePlanModal and MealPlanGrid
Add MealGenerationParams, MealSlotExclusion, MealGenerationRule, and MealSlotPin models with FrequencyPer enum. Update test cleanup order and seed with a "Standard" params set for the test community.
Add controller, routes, validation schemas, and error codes for MealGenerationParams CRUD. Includes isDefault toggle logic and 26 integration tests covering permissions, validation, and soft delete.
Add PUT exclusions, CRUD rules, PUT pins endpoints with full validation: tagId XOR recipeId, weight 0-2, frequencyMin<=Max, tag-only constraints, pin/exclusion conflict check. 35 integration tests.
…e 4) Add services/mealGeneration.ts with full generation algorithm: skip logic, pin filtering, recipe/tag cooldowns (intra + cross-planning), frequencyMax, weighted random pick, MealIdea support, pool exhaustion. 25 unit tests covering all constraint types.
Meal plan generation
MatthiasBlc
force-pushed
the
Developement
branch
2 times, most recently
from
37734c5 to
cb46b2e
Compare
- Fix Prettier formatting in 5 frontend files - Fix 11 lint errors (unused variables prefixed with _) - Remove unused MEAL_GEN_005 import - Update dependencies to fix flatted and socket.io-parser vulnerabilities
MatthiasBlc
force-pushed
the
Developement
branch
from
cb46b2e to
86b1f0f
Compare
Slot dates from Prisma API are ISO datetime strings (2026-03-20T00:00:00.000Z) but the grid map keys are date-only strings (2026-03-20), causing all slots to show "No slot" despite successful generation.
Split on last dash instead of all dashes to preserve YYYY-MM-DD date format
- frontend: pin axios to 1.13.6 (fixes CVE-2025-27152, avoids compromised 1.14.1) - backend: fix path-to-regexp (ReDoS via Express), fast-xml-parser via override 5.5.9, picomatch and brace-expansion
- backend: update fast-xml-parser override from 5.5.9 to ^5.7.0 (fixes GHSA-gh4j-gqv2-49f6 and related AWS SDK chain) - frontend: update axios from 1.13.6 to ^1.16.0 (fixes 15 CVEs including SSRF, prototype pollution, CRLF injection)
…ent, clarify Phase 2
- classnames: object API usage requires string constant, not cn() utility - usehooks-ts: enrich useClickOutside with touchstart before branching Modal - axios→fetch: response.data wrapper (Option A), 204 No Content guard, 410 case in removeMember - envalid→zod: complete equivalence table + full validateEnv.ts replacement - Roadmap updated: exact inline replacements, touchstart test gate, 204 test, 5c subsection for 410
Replace cn() calls with inline string constant and template literal. Uninstall classnames package. 546 frontend tests pass.
…ide with touchstart Add touchstart listener to useClickOutside (mobile regression prevention). Add 2 touchstart tests. Swap Modal.tsx from usehooks-ts to local hook. Uninstall usehooks-ts. 548 frontend tests pass.
…rom backend helmet ships own types (index.d.cts) — @types/helmet removed entirely. Replace read package with readline stdlib in createAdmin.ts. 1010 backend tests pass.
Zod already a dependency. Exact equivalences: port(), bool(), str({choices}).
Note: .default() must precede .transform() in Zod v4. 1010 backend tests pass.
Tests for apiFetch, ApiError, handleApiError, handleApiErrorWith, removeMember 410. 13 tests fail intentionally (apiFetch/ApiError not yet implemented). 2 pass now: removeMember 410 via MSW, handleApiError network error case.
…tend New apiClient.ts: apiFetch wrapper with credentials, CSRF, 204 guard, ApiError class. API object preserves get/post/patch/put/delete interface — api.ts/adminApi.ts/mealApi.ts unchanged except removeMember 410 handler (AxiosError → ApiError). Uninstall axios. 563/563 frontend tests pass (13 Phase 5 tests now green).
apiClient.ts: file-level disable (intentional generic wrapper). mealPlan/mealGeneration controllers and service: eslint-disable-next-line on Prisma result formatters and Express query casts. Test files: file-level disable for integration/unit assertion any casts.
…l controllers and tests
Update dep
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.