36823b2d9f
debug: fix types for 403 interceptors
2026-02-25 13:13:10 +00:00
26ceccbfb9
debug: add 403 interceptors to find which operation fails
2026-02-25 13:11:55 +00:00
06999b2bd7
fix: add allowedOrigins for Next.js server actions behind reverse proxy
...
Next.js has its own CSRF protection for server actions, separate from
Payload's csrf config. Without allowedOrigins, server actions from the
admin panel behind a reverse proxy are rejected because the Origin header
(cms.c2sgmbh.de) doesn't match the Host header (localhost:3001).
Also removes temporary debug logging from multiTenant access check.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-25 13:02:03 +00:00
35bab1935a
debug: add temporary logging to userHasAccessToAllTenants
2026-02-25 12:55:58 +00:00
47c6500679
fix: add cms.c2sgmbh.de to CORS/CSRF and save isSuperAdmin to JWT
...
- Add pl.c2sgmbh.de and cms.c2sgmbh.de to cors and csrf arrays
to fix Forbidden error on PATCH requests from these domains
- Add saveToJWT: true to isSuperAdmin field so multiTenantPlugin
correctly grants super admins access to all tenants
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-25 12:32:51 +00:00
bd174c8569
docs: update CLAUDE.md tech stack versions after dependency updates
...
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-23 10:36:26 +00:00
06092335f3
deps: update remaining dependencies (react, dev-tools, bullmq)
...
- react/react-dom 19.2.3 → 19.2.4
- @types/react 19.2.7 → 19.2.14
- @types/node 22.19.11 → 25.3.0
- @playwright/test + playwright 1.57.0 → 1.58.2
- vitest + @vitest/coverage-v8 4.0.15 → 4.0.18
- vite-tsconfig-paths 6.0.0 → 6.1.1
- bullmq 5.70.0 → 5.70.1
- jsdom 26.1.0 → 28.1.0
Resolves Dependabot PRs #19 , #20 , #28 , #30 , #31 (lockfile conflicts).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-23 09:15:25 +00:00
dependabot[bot]
e860ec3059
deps(dev)(deps-dev): bump eslint-config-next ( #29 )
...
Bumps [eslint-config-next](https://github.com/vercel/next.js/tree/HEAD/packages/eslint-config-next ) from 16.2.0-canary.41 to 16.2.0-canary.58.
- [Release notes](https://github.com/vercel/next.js/releases )
- [Changelog](https://github.com/vercel/next.js/blob/canary/release.js )
- [Commits](https://github.com/vercel/next.js/commits/v16.2.0-canary.58/packages/eslint-config-next )
---
updated-dependencies:
- dependency-name: eslint-config-next
dependency-version: 16.2.0-canary.58
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-23 10:08:09 +01:00
dependabot[bot]
38040a76cb
deps(deps): bump nodemailer from 7.0.13 to 8.0.1 ( #27 )
...
Bumps [nodemailer](https://github.com/nodemailer/nodemailer ) from 7.0.13 to 8.0.1.
- [Release notes](https://github.com/nodemailer/nodemailer/releases )
- [Changelog](https://github.com/nodemailer/nodemailer/blob/master/CHANGELOG.md )
- [Commits](https://github.com/nodemailer/nodemailer/compare/v7.0.13...v8.0.1 )
---
updated-dependencies:
- dependency-name: nodemailer
dependency-version: 8.0.1
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-23 10:08:04 +01:00
dependabot[bot]
b55769f52e
deps(deps): bump googleapis from 170.1.0 to 171.4.0 ( #26 )
...
Bumps [googleapis](https://github.com/googleapis/google-api-nodejs-client ) from 170.1.0 to 171.4.0.
- [Release notes](https://github.com/googleapis/google-api-nodejs-client/releases )
- [Changelog](https://github.com/googleapis/google-api-nodejs-client/blob/main/release-please-config.json )
- [Commits](https://github.com/googleapis/google-api-nodejs-client/compare/googleapis-v170.1.0...googleapis-v171.4.0 )
---
updated-dependencies:
- dependency-name: googleapis
dependency-version: 171.4.0
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-23 10:08:02 +01:00
dependabot[bot]
8ffbb66679
deps(dev)(deps-dev): bump @vitejs/plugin-react from 4.5.2 to 5.1.4 ( #25 )
...
Bumps [@vitejs/plugin-react](https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react ) from 4.5.2 to 5.1.4.
- [Release notes](https://github.com/vitejs/vite-plugin-react/releases )
- [Changelog](https://github.com/vitejs/vite-plugin-react/blob/main/packages/plugin-react/CHANGELOG.md )
- [Commits](https://github.com/vitejs/vite-plugin-react/commits/plugin-react@5.1.4/packages/plugin-react )
---
updated-dependencies:
- dependency-name: "@vitejs/plugin-react"
dependency-version: 5.1.4
dependency-type: direct:development
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-23 10:07:58 +01:00
dependabot[bot]
cfbd445e1b
deps(deps): bump next from 16.2.0-canary.41 to 16.2.0-canary.58 ( #24 )
...
Bumps [next](https://github.com/vercel/next.js ) from 16.2.0-canary.41 to 16.2.0-canary.58.
- [Release notes](https://github.com/vercel/next.js/releases )
- [Changelog](https://github.com/vercel/next.js/blob/canary/release.js )
- [Commits](https://github.com/vercel/next.js/compare/v16.2.0-canary.41...v16.2.0-canary.58 )
---
updated-dependencies:
- dependency-name: next
dependency-version: 16.2.0-canary.58
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-23 10:07:55 +01:00
dependabot[bot]
511ffbbc88
deps(deps): bump @anthropic-ai/sdk from 0.71.2 to 0.78.0 ( #23 )
...
Bumps [@anthropic-ai/sdk](https://github.com/anthropics/anthropic-sdk-typescript ) from 0.71.2 to 0.78.0.
- [Release notes](https://github.com/anthropics/anthropic-sdk-typescript/releases )
- [Changelog](https://github.com/anthropics/anthropic-sdk-typescript/blob/main/CHANGELOG.md )
- [Commits](https://github.com/anthropics/anthropic-sdk-typescript/compare/sdk-v0.71.2...sdk-v0.78.0 )
---
updated-dependencies:
- dependency-name: "@anthropic-ai/sdk"
dependency-version: 0.78.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-23 10:07:42 +01:00
dependabot[bot]
d26ff507c0
deps(deps): bump dotenv from 16.4.7 to 17.3.1 ( #22 )
...
Bumps [dotenv](https://github.com/motdotla/dotenv ) from 16.4.7 to 17.3.1.
- [Changelog](https://github.com/motdotla/dotenv/blob/master/CHANGELOG.md )
- [Commits](https://github.com/motdotla/dotenv/compare/v16.4.7...v17.3.1 )
---
updated-dependencies:
- dependency-name: dotenv
dependency-version: 17.3.1
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-23 10:07:35 +01:00
dependabot[bot]
ea3d5b78d4
deps(deps): bump cross-env from 7.0.3 to 10.1.0 ( #21 )
...
Bumps [cross-env](https://github.com/kentcdodds/cross-env ) from 7.0.3 to 10.1.0.
- [Release notes](https://github.com/kentcdodds/cross-env/releases )
- [Changelog](https://github.com/kentcdodds/cross-env/blob/main/CHANGELOG.md )
- [Commits](https://github.com/kentcdodds/cross-env/compare/v7.0.3...v10.1.0 )
---
updated-dependencies:
- dependency-name: cross-env
dependency-version: 10.1.0
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-23 10:07:28 +01:00
dependabot[bot]
2e2dd8f3e6
deps(actions): bump actions/setup-node from 4 to 6 ( #17 )
...
Bumps [actions/setup-node](https://github.com/actions/setup-node ) from 4 to 6.
- [Release notes](https://github.com/actions/setup-node/releases )
- [Commits](https://github.com/actions/setup-node/compare/v4...v6 )
---
updated-dependencies:
- dependency-name: actions/setup-node
dependency-version: '6'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-23 10:06:27 +01:00
dependabot[bot]
9e630a274b
deps(actions): bump actions/upload-artifact from 4 to 6 ( #16 )
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 4 to 6.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](https://github.com/actions/upload-artifact/compare/v4...v6 )
---
updated-dependencies:
- dependency-name: actions/upload-artifact
dependency-version: '6'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-23 10:06:21 +01:00
dependabot[bot]
7f91fbfabd
deps(actions): bump actions/download-artifact from 4 to 7 ( #15 )
...
Bumps [actions/download-artifact](https://github.com/actions/download-artifact ) from 4 to 7.
- [Release notes](https://github.com/actions/download-artifact/releases )
- [Commits](https://github.com/actions/download-artifact/compare/v4...v7 )
---
updated-dependencies:
- dependency-name: actions/download-artifact
dependency-version: '7'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-23 10:06:14 +01:00
dependabot[bot]
a3bb49e11a
deps(actions): bump pnpm/action-setup from 3 to 4 ( #14 )
...
Bumps [pnpm/action-setup](https://github.com/pnpm/action-setup ) from 3 to 4.
- [Release notes](https://github.com/pnpm/action-setup/releases )
- [Commits](https://github.com/pnpm/action-setup/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: pnpm/action-setup
dependency-version: '4'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-23 10:06:06 +01:00
dependabot[bot]
90fc83d287
deps(actions): bump lewagon/wait-on-check-action from 1.3.4 to 1.5.0 ( #13 )
...
Bumps [lewagon/wait-on-check-action](https://github.com/lewagon/wait-on-check-action ) from 1.3.4 to 1.5.0.
- [Release notes](https://github.com/lewagon/wait-on-check-action/releases )
- [Changelog](https://github.com/lewagon/wait-on-check-action/blob/master/CHANGELOG.md )
- [Commits](https://github.com/lewagon/wait-on-check-action/compare/v1.3.4...v1.5.0 )
---
updated-dependencies:
- dependency-name: lewagon/wait-on-check-action
dependency-version: 1.5.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-23 10:05:59 +01:00
dependabot[bot]
1c9263b244
deps(deps): bump the payload-core group with 11 updates ( #18 )
...
Bumps the payload-core group with 11 updates:
| Package | From | To |
| --- | --- | --- |
| [@payloadcms/db-postgres](https://github.com/payloadcms/payload/tree/HEAD/packages/db-postgres ) | `3.76.1` | `3.77.0` |
| [@payloadcms/next](https://github.com/payloadcms/payload/tree/HEAD/packages/next ) | `3.76.1` | `3.77.0` |
| [@payloadcms/plugin-form-builder](https://github.com/payloadcms/payload/tree/HEAD/packages/plugin-form-builder ) | `3.76.1` | `3.77.0` |
| [@payloadcms/plugin-multi-tenant](https://github.com/payloadcms/payload/tree/HEAD/packages/plugin-multi-tenant ) | `3.76.1` | `3.77.0` |
| [@payloadcms/plugin-nested-docs](https://github.com/payloadcms/payload/tree/HEAD/packages/plugin-nested-docs ) | `3.76.1` | `3.77.0` |
| [@payloadcms/plugin-redirects](https://github.com/payloadcms/payload/tree/HEAD/packages/plugin-redirects ) | `3.76.1` | `3.77.0` |
| [@payloadcms/plugin-seo](https://github.com/payloadcms/payload/tree/HEAD/packages/plugin-seo ) | `3.76.1` | `3.77.0` |
| [@payloadcms/richtext-lexical](https://github.com/payloadcms/payload/tree/HEAD/packages/richtext-lexical ) | `3.76.1` | `3.77.0` |
| [@payloadcms/translations](https://github.com/payloadcms/payload/tree/HEAD/packages/translations ) | `3.76.1` | `3.77.0` |
| [@payloadcms/ui](https://github.com/payloadcms/payload/tree/HEAD/packages/ui ) | `3.76.1` | `3.77.0` |
| [payload](https://github.com/payloadcms/payload/tree/HEAD/packages/payload ) | `3.76.1` | `3.77.0` |
Updates `@payloadcms/db-postgres` from 3.76.1 to 3.77.0
- [Release notes](https://github.com/payloadcms/payload/releases )
- [Commits](https://github.com/payloadcms/payload/commits/v3.77.0/packages/db-postgres )
Updates `@payloadcms/next` from 3.76.1 to 3.77.0
- [Release notes](https://github.com/payloadcms/payload/releases )
- [Commits](https://github.com/payloadcms/payload/commits/v3.77.0/packages/next )
Updates `@payloadcms/plugin-form-builder` from 3.76.1 to 3.77.0
- [Release notes](https://github.com/payloadcms/payload/releases )
- [Commits](https://github.com/payloadcms/payload/commits/v3.77.0/packages/plugin-form-builder )
Updates `@payloadcms/plugin-multi-tenant` from 3.76.1 to 3.77.0
- [Release notes](https://github.com/payloadcms/payload/releases )
- [Commits](https://github.com/payloadcms/payload/commits/v3.77.0/packages/plugin-multi-tenant )
Updates `@payloadcms/plugin-nested-docs` from 3.76.1 to 3.77.0
- [Release notes](https://github.com/payloadcms/payload/releases )
- [Commits](https://github.com/payloadcms/payload/commits/v3.77.0/packages/plugin-nested-docs )
Updates `@payloadcms/plugin-redirects` from 3.76.1 to 3.77.0
- [Release notes](https://github.com/payloadcms/payload/releases )
- [Commits](https://github.com/payloadcms/payload/commits/v3.77.0/packages/plugin-redirects )
Updates `@payloadcms/plugin-seo` from 3.76.1 to 3.77.0
- [Release notes](https://github.com/payloadcms/payload/releases )
- [Commits](https://github.com/payloadcms/payload/commits/v3.77.0/packages/plugin-seo )
Updates `@payloadcms/richtext-lexical` from 3.76.1 to 3.77.0
- [Release notes](https://github.com/payloadcms/payload/releases )
- [Commits](https://github.com/payloadcms/payload/commits/v3.77.0/packages/richtext-lexical )
Updates `@payloadcms/translations` from 3.76.1 to 3.77.0
- [Release notes](https://github.com/payloadcms/payload/releases )
- [Commits](https://github.com/payloadcms/payload/commits/v3.77.0/packages/translations )
Updates `@payloadcms/ui` from 3.76.1 to 3.77.0
- [Release notes](https://github.com/payloadcms/payload/releases )
- [Commits](https://github.com/payloadcms/payload/commits/v3.77.0/packages/ui )
Updates `payload` from 3.76.1 to 3.77.0
- [Release notes](https://github.com/payloadcms/payload/releases )
- [Commits](https://github.com/payloadcms/payload/commits/v3.77.0/packages/payload )
---
updated-dependencies:
- dependency-name: "@payloadcms/db-postgres"
dependency-version: 3.77.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: payload-core
- dependency-name: "@payloadcms/next"
dependency-version: 3.77.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: payload-core
- dependency-name: "@payloadcms/plugin-form-builder"
dependency-version: 3.77.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: payload-core
- dependency-name: "@payloadcms/plugin-multi-tenant"
dependency-version: 3.77.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: payload-core
- dependency-name: "@payloadcms/plugin-nested-docs"
dependency-version: 3.77.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: payload-core
- dependency-name: "@payloadcms/plugin-redirects"
dependency-version: 3.77.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: payload-core
- dependency-name: "@payloadcms/plugin-seo"
dependency-version: 3.77.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: payload-core
- dependency-name: "@payloadcms/richtext-lexical"
dependency-version: 3.77.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: payload-core
- dependency-name: "@payloadcms/translations"
dependency-version: 3.77.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: payload-core
- dependency-name: "@payloadcms/ui"
dependency-version: 3.77.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: payload-core
- dependency-name: payload
dependency-version: 3.77.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: payload-core
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-23 10:04:42 +01:00
b62ca46133
chore: add zweitmeinung migration docs and GitHub protection script
...
- docs/zweitmeinung/: Migration guide (Strapi → Payload), content
inventory, website guide, and reference screenshots
- scripts/setup-github-protection.sh: Branch protection + Dependabot
auto-merge setup for cms.c2sgmbh repo
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-23 07:16:15 +00:00
1932ad26ef
deps: target develop branch for
...
Dependabot PRs
Aligns with git-flow: updates go through develop before main.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-22 16:53:50 +00:00
c85cf22496
deps: add Dependabot config for automated dependency updates
...
- Daily npm dependency checks at 04:00 Europe/Berlin
- Grouped updates: payload-core, react-nextjs, fullcalendar, dev-deps
- Weekly GitHub Actions updates
- Auto-merge workflow for patch updates after CI passes
- Minor dev-dependency updates also auto-merged
- Critical after CVE-2025-55182 incident on 2025-12-09
2026-02-22 16:43:42 +00:00
a8a0bf3cb1
chore(deps): update dependencies and fix security vulnerabilities
...
Updated: ioredis 5.9.3, nodemailer 7.0.13, recharts 3.7.0,
drizzle-kit 0.31.9, eslint 9.39.3, prettier 3.8.1,
@types/node 22.19.11, @types/nodemailer 7.0.11
Security overrides (pnpm.overrides):
- minimatch >=10.2.1 (CVE-2026-26996 ReDoS)
- esbuild >=0.25.0 (GHSA-67mh-4wv8-2f99)
- ajv >=8.18.0 (GHSA-2g4f-4pwh-qvx6 ReDoS)
- ioredis 5.9.3 (fix BullMQ type mismatch)
Added Codex CLI remote orchestration docs to CLAUDE.md
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-22 14:53:22 +00:00
d234682539
feat(seed): populate service features, icons, and detailSections for zweitmeinung
...
Add structured data (icon, features[], detailSections[]) to all 6 services
so the frontend can render benefits grids and checklists from CMS data.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-21 01:34:13 +00:00
03c0e5e5d8
feat(seed): add CMS pages to zweitmeinung seed script
...
Adds 9 pages with Payload blocks for tenant 12 (zweitmeinu.ng):
home, fachbereiche, faq, so-funktionierts, motivation, ueber-uns,
kontakt, impressum, datenschutz.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-21 00:59:53 +00:00
ab4ee4bb70
fix(access): allow tenant resolution from query parameter in tenantScopedPublicRead
...
Previously, tenantScopedPublicRead only resolved the tenant from the Host
header, which fails when frontend API clients call cms.c2sgmbh.de (the CMS
hostname doesn't match any tenant domain). Now falls back to extracting the
tenant ID from the where[tenant][equals] query parameter. The returned access
filter still enforces tenant isolation.
Also adds seed script for zweitmeinung (tenant 12) with all content:
site settings, 2 service categories, 6 services, 24 FAQs, navigation,
4 social links, and contact form.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-21 00:44:42 +00:00
101ee0abed
docs: update documentation for contact form multi-tenant refactoring
...
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-17 21:06:27 +00:00
290c2af40f
fix(cors): add sv-frontend IP to CORS and CSRF whitelist
...
Add http://10.10.181.104:3000 (sv-frontend staging) to allow cross-origin
form submissions from the staging frontend to the CMS API.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-17 17:23:35 +00:00
d90657c2cf
fix: form submission hooks — tenant propagation + email notification
...
- FormSubmissionsOverrides: fields must be a function (not array) for
the form-builder plugin to merge them with defaultFields
- setSubmissionTenant: add overrideAccess for unauthenticated submissions
- sendFormNotification: handle populated form object (extract ID),
add overrideAccess for tenant SMTP lookup
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-17 16:58:40 +00:00
5e223cd7fb
feat: multi-tenant contact form refactoring
...
- Add forms + form-submissions to multiTenantPlugin with tenant scoping
- Inject tenant field into forms via formOverrides
- Reorder plugins: formBuilderPlugin before multiTenantPlugin (fixes warning)
- Refactor ContactFormBlock: form relationship replaces hardcoded recipientEmail
- Add setSubmissionTenant hook to auto-copy tenant from form to submission
- Add tenant field (read-only) to FormSubmissionsOverrides
- Migration: tenant_id on forms/form_submissions, form_id on contact block
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-17 16:22:58 +00:00
130ab46ffb
fix(ci): update production deploy workflow for new heap limit and CRON_SECRET
...
- Remove redundant NODE_OPTIONS override (heap limit now in package.json)
- Add CRON_SECRET placeholder for pre-test build step
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-17 12:54:08 +00:00
a21f916300
fix(ci): add CRON_SECRET placeholder for production build
...
Next.js builds run in NODE_ENV=production which triggers env
validation requiring CRON_SECRET (added by security hardening).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-17 12:09:20 +00:00
4e3710655e
fix(ci): increase build heap limit from 2GB to 4GB
...
The codebase grew past the 2GB heap limit with security/monitoring
additions. cross-env in build script overrides CI NODE_OPTIONS, so
the limit must be set in package.json itself.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-17 12:03:48 +00:00
037835d1de
fix(ci): increase build heap size and format monitoring files
...
Build was OOM-ing in CI with default Node heap limit. Added
NODE_OPTIONS with 4GB heap. Also ran Prettier on monitoring files.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-17 11:58:08 +00:00
884d33c0ae
fix: remove .js extensions from monitoring module imports
...
Next.js webpack build cannot resolve .js extensions for .ts files.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-17 11:51:25 +00:00
bb02128b28
fix: stabilize guard responses and validation typing
2026-02-17 11:47:55 +00:00
e3987e50dc
feat: security hardening, monitoring improvements, and API guards
...
- Hardened cron endpoints with coordination and auth improvements
- Added API guards and input validation layer
- Security observability and secrets health checks
- Monitoring types and service improvements
- PDF URL validation and newsletter unsubscribe security
- Unit tests for security-critical paths
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-17 11:42:56 +00:00
4d1456fe98
feat: add production deploy health check script
...
Monitors porwoll.de and blogwoman.de for stale builds caused by
Plesk Git's silent deploy failures (code pulled but build never ran).
- Compares source file timestamps vs .next/BUILD_ID mtime
- HTTP health checks via public URLs
- --alert flag for CMS monitoring API integration
- Runs as cron job every 30 minutes on sv-payload
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-17 11:42:45 +00:00
063dae411c
security: harden payload endpoints and access controls
2026-02-17 10:41:51 +00:00
01a0a43f39
docs: add tenant SMTP admin-save troubleshooting notes
2026-02-17 09:48:39 +00:00
80f7fd2e75
docs: update project status and add typecheck stabilization report
2026-02-17 09:30:19 +00:00
5f45cc820d
fix: unblock tenant SMTP saves in admin
2026-02-17 08:58:21 +00:00
4386ac5d8d
fix: resolve global typecheck errors
2026-02-17 08:57:32 +00:00
6b4dae8eeb
fix: handle non-JSON responses in test email and prevent cascading failures
...
- Add content-type check in TestEmailButton before parsing response as JSON
- Wrap updateEmailLog in error handler with try-catch to prevent double failures
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-16 16:32:32 +00:00
0c222b9aa9
fix(tenants): make SMTP password field visible in admin panel
...
neverReadable blocked the field everywhere including the admin UI.
Changed to allow read for authenticated users only, so the field
shows in admin but stays hidden in unauthenticated API responses.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-16 16:19:09 +00:00
9bb041bd7c
fix(blocks): add database migration for CardGridBlock icon fields
...
Adds missing columns (media_type, icon, icon_position) to
pages_blocks_card_grid_block_cards table. Without this migration,
pages API returns 500 on production.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-16 14:30:04 +00:00
85c76a1eb4
feat(blocks): add icon support to CardGridBlock
...
Cards can now display a Lucide icon as alternative to an image,
with configurable position (top/left). Fields show conditionally
based on mediaType selection.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-16 14:07:51 +00:00
8abf3a346e
refactor(pages): remove fixed hero group from Pages collection
...
Hero content is now handled via HeroBlock/HeroSliderBlock in the
flexible layout blocks system, giving editors full control.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-16 11:17:11 +00:00
