Activity - familienarchiv - Gitea: Git with a cup of tea

marcel/familienarchiv

32 Active Pull Requests

40 Active Issues

30
Merged Pull Requests 2
Proposed Pull Requests 22
Closed Issues 38
New Issues

Excluding merges, 1 author has pushed 303 commits to main and 315 commits to all branches. On main, 218 files have changed and there have been 21753 additions and 2140 deletions.

30 Pull requests merged by 1 user

Merged #568 fix(ci): run svelte-kit sync before lint to fix cache-hit tsconfig miss 2026-05-14 12:09:04 +02:00

Merged #565 ci: restrict push trigger to main — eliminate duplicate CI runs 2026-05-14 11:12:25 +02:00

Merged #564 fix(ci): run client coverage even when server coverage fails 2026-05-14 11:07:35 +02:00

Merged #563 fix(tests): use native element clicks in layout dropdown spec 2026-05-14 11:07:23 +02:00

Merged #561 fix(ci): add IMPORT_HOST_DIR stub to compose-idempotency job 2026-05-14 10:58:40 +02:00

Merged #558 ci(devops): downgrade upload-artifact v4 → v3 + ADR-014 + grep guard 2026-05-14 10:58:20 +02:00

Merged #559 chore(coverage): drop client branches threshold 80→75 to unblock CI 2026-05-14 10:16:52 +02:00

Merged #555 fix(#553): close [birpc] rpc is closed race — sync-factory invariant + duplicate-ID guard + PR #10267 backport 2026-05-13 12:55:49 +02:00

Merged #552 fix(notification): replace view-all anchor with button to prevent iframe navigation 2026-05-12 18:56:14 +02:00

Merged #550 fix(pdf-viewer): eliminate real pdfjs-dist loading from browser tests — stop birpc teardown race 2026-05-12 16:20:29 +02:00

Merged #549 fix(pdf-viewer): remove banned vi.mock('pdfjs-dist') — ADR 012 enforcement (issue #546) 2026-05-12 12:32:24 +02:00

Merged #548 fix(test): NotificationDropdown iframe navigation crash + Tailwind CI noise 2026-05-12 11:35:41 +02:00

Merged #547 test: fix flaky browser-mode tests in AnnotationShape and OcrTrainingCard specs 2026-05-12 11:14:22 +02:00

Merged #536 fix(#535): eliminate vi.mock(pdfjs-dist) birpc teardown race via libLoader injection 2026-05-12 09:57:30 +02:00

Merged #544 fix(ci): replace iproute2 ip with /proc/net/route for gateway detection 2026-05-12 09:57:03 +02:00

Merged #540 fix(ci): resolve smoke test host via bridge gateway, not 127.0.0.1 2026-05-12 09:28:45 +02:00

Merged #537 ci(nightly): reload Caddy before smoke test 2026-05-12 07:51:13 +02:00

Merged #505 test(coverage): drive browser tests to 80% on all metrics (#496) 2026-05-11 21:50:39 +02:00

Merged #526 feat(infra): bind-mount /import for backend mass-import endpoint 2026-05-11 20:55:43 +02:00

Merged #525 fix(infra): frontend healthcheck on 127.0.0.1, not localhost 2026-05-11 18:52:31 +02:00

Merged #521 fix(security): promote auth_token cookie to Authorization header (#520) 2026-05-11 18:20:10 +02:00

Merged #519 fix(user): findOrCreate Administrators group instead of blind-INSERT (#518) 2026-05-11 18:19:50 +02:00

Merged #517 fix(caddy): wrap actuator block in handle so it takes precedence over catch-all (#512) 2026-05-11 17:15:03 +02:00

Merged #516 fix(user): rename yaml key username→email so admin seed reads APP_ADMIN_USERNAME (#513) 2026-05-11 17:12:37 +02:00

Merged #515 fix(frontend): disable prerender crawl so protected routes aren't baked to login-bounces (#514) 2026-05-11 17:12:03 +02:00

Merged #511 fix(compose): mark create-buckets as one-shot for up --wait (#510) 2026-05-11 17:00:00 +02:00

Merged #509 fix(workflows): match runner label — runs-on ubuntu-latest (#508) 2026-05-11 16:18:40 +02:00

Merged #507 fix(minio): bake bootstrap.sh into image instead of bind-mounting (#506) 2026-05-11 15:56:06 +02:00

Merged #504 fix(fail2ban): pin polling backend so jail actually reads Caddy access log (#503) 2026-05-11 15:08:59 +02:00

Merged #499 feat(infra): production deployment pipeline — Caddy, staging, Gitea Actions (#497) 2026-05-11 14:29:33 +02:00

2 Pull requests proposed by 1 user

Proposed #567 fix(admin): clear unsaved-changes guard before redirect on groups/new and users/new 2026-05-14 11:59:08 +02:00

Proposed #569 ui(admin/system): improve mass-import card (loading state, i18n, font size) 2026-05-14 12:11:57 +02:00

22 Issues closed from 1 user

Closed #531 ci(nightly): post-deploy smoke test for /api/admin/import-status 2026-05-14 11:53:21 +02:00

Closed #557 ci(devops): downgrade actions/upload-artifact v4 → v3 (re-regression — needs ADR to prevent future re-upgrade) 2026-05-14 10:58:20 +02:00

Closed #554 audit: factory mocks → prop injection migration (sveltest pattern) 2026-05-14 10:37:38 +02:00

Closed #556 ci(coverage): drop client-project branches threshold 80 → 70 to unblock CI 2026-05-14 10:16:53 +02:00

Closed #553 Unit & Component Tests job exits 1 — birpc teardown race resurfaces from async vi.mock factory with dynamic import 2026-05-13 12:55:50 +02:00

Closed #551 fix(test): NotificationDropdown view-all click navigates iframe — breaks vitest coverage 2026-05-12 16:38:41 +02:00

Closed #546 test: PdfViewer.svelte.test.ts re-introduces banned vi.mock('pdfjs-dist') factory — restores birpc teardown race 2026-05-12 12:32:25 +02:00

Closed #545 fix(test): NotificationDropdown "view-all link" test causes iframe navigation crash in CI 2026-05-12 11:35:41 +02:00

Closed #541 test: fix flaky browser-mode tests in AnnotationShape and OcrTrainingCard specs 2026-05-12 11:14:22 +02:00

Closed #535 Unit & Component Tests job exits 1 from vitest-browser teardown race — every test green but CI red 2026-05-12 09:57:30 +02:00

Closed #496 Increase browser component test coverage to ≥ 80% on all metrics (statements, lines, branches, functions) 2026-05-11 21:50:39 +02:00

Closed #522 tech-debt(auth): replace cookie-promotion glue with a proper session-based auth model 2026-05-11 18:50:50 +02:00

Closed #520 bug(security): browser-side /api/* requests miss Authorization in production → browser shows Basic-auth popup 2026-05-11 18:20:11 +02:00

Closed #518 bug(user): UserDataInitializer blind-INSERTs Administrators group; fails on retry (HIGH, prod-blocking) 2026-05-11 18:19:50 +02:00

Closed #512 bug(caddy): respond @actuator 404 swallowed by catch-all handle; /actuator/health returns 302 2026-05-11 17:15:04 +02:00

Closed #513 bug(user): admin seed ignores APP_ADMIN_USERNAME / PASSWORD — falls back to defaults (HIGH, prod-blocking) 2026-05-11 17:12:37 +02:00

Closed #514 bug(frontend): SvelteKit prerender-crawl bakes redirect-to-login into static HTML for protected routes (HIGH, prod-blocking) 2026-05-11 17:12:03 +02:00

Closed #510 bug(compose): up -d --wait treats create-buckets exit(0) as failure 2026-05-11 17:00:00 +02:00

Closed #508 bug(workflows): deploy workflows use runs-on: self-hosted but runner advertises ubuntu-latest — jobs never picked up 2026-05-11 16:18:41 +02:00

Closed #506 bug(infra/minio): create-buckets bootstrap.sh bind-mount fails on DooD runner (Is a directory) 2026-05-11 15:56:06 +02:00

Closed #503 bug(infra/fail2ban): jail defaults to systemd backend on Debian, never inspects Caddy access log 2026-05-11 15:08:59 +02:00

Closed #497 devops: production deployment — Caddy, staging env, and Gitea Actions CI/CD 2026-05-11 14:29:33 +02:00

38 Issues created by 1 user

Opened #500 devops: bootstrap Renovate config for production deps (MinIO, mc, Postgres, Node, Caddy, mailpit) 2026-05-11 13:19:22 +02:00

Opened #501 test(ci): production image smoke-test job — boot frontend + backend images, curl /login 2026-05-11 13:19:38 +02:00

Opened #502 devops: nightly backup pipeline — pg_dump + mc mirror over Tailscale to heim-nas 2026-05-11 13:20:00 +02:00

Opened #503 bug(infra/fail2ban): jail defaults to systemd backend on Debian, never inspects Caddy access log 2026-05-11 14:58:50 +02:00

Opened #506 bug(infra/minio): create-buckets bootstrap.sh bind-mount fails on DooD runner (Is a directory) 2026-05-11 15:31:42 +02:00

Opened #508 bug(workflows): deploy workflows use runs-on: self-hosted but runner advertises ubuntu-latest — jobs never picked up 2026-05-11 16:15:46 +02:00

Opened #510 bug(compose): up -d --wait treats create-buckets exit(0) as failure 2026-05-11 16:32:12 +02:00

Opened #512 bug(caddy): respond @actuator 404 swallowed by catch-all handle; /actuator/health returns 302 2026-05-11 16:34:15 +02:00

Opened #513 bug(user): admin seed ignores APP_ADMIN_USERNAME / PASSWORD — falls back to defaults (HIGH, prod-blocking) 2026-05-11 16:35:26 +02:00

Opened #514 bug(frontend): SvelteKit prerender-crawl bakes redirect-to-login into static HTML for protected routes (HIGH, prod-blocking) 2026-05-11 16:52:24 +02:00

Opened #518 bug(user): UserDataInitializer blind-INSERTs Administrators group; fails on retry (HIGH, prod-blocking) 2026-05-11 17:25:37 +02:00

Opened #520 bug(security): browser-side /api/* requests miss Authorization in production → browser shows Basic-auth popup 2026-05-11 17:31:58 +02:00

Opened #522 tech-debt(auth): replace cookie-promotion glue with a proper session-based auth model 2026-05-11 18:20:55 +02:00

Opened #523 feat(auth): server-side session model replacing Basic-auth cookie promotion 2026-05-11 18:49:05 +02:00

Opened #524 feat(auth): defense-in-depth — CSRF, session revocation, login rate limit 2026-05-11 18:50:20 +02:00

Opened #527 "Unsaved changes" banner appears after creating a group/user — users think save failed 2026-05-11 19:06:41 +02:00

Opened #528 security(import): harden DocumentBuilderFactory against XXE in MassImportService 2026-05-11 20:13:22 +02:00

Opened #529 security(import): validate PDF magic bytes in MassImportService before S3 upload 2026-05-11 20:13:32 +02:00

Opened #530 security(import): reject path-traversal filenames from ODS in MassImportService.processRows 2026-05-11 20:13:41 +02:00

Opened #531 ci(nightly): post-deploy smoke test for /api/admin/import-status 2026-05-11 20:13:52 +02:00

Opened #532 ci(nightly): assert backend container can read /import after deploy 2026-05-11 20:13:57 +02:00

Opened #533 ui(admin/system): improve mass-import status card (loading state, i18n, font size) 2026-05-11 20:14:08 +02:00

Opened #534 spec(import): decide and document mass-import operator policy (3 open questions) 2026-05-11 20:14:22 +02:00

Opened #535 Unit & Component Tests job exits 1 from vitest-browser teardown race — every test green but CI red 2026-05-11 20:54:40 +02:00

Opened #538 bug(test): flaky browser-mode test — admin edit-user unsaved-changes guard 2026-05-11 22:46:07 +02:00

Opened #539 ci: extract Reload Caddy step into a composite action 2026-05-11 22:54:55 +02:00

Opened #541 test: fix flaky browser-mode tests in AnnotationShape and OcrTrainingCard specs 2026-05-12 09:35:57 +02:00

Opened #542 test: share fakePdfjs fixture across viewer test files 2026-05-12 09:39:45 +02:00

Opened #543 UX: PDF viewer has no loading indicator or error state when pdfjs-dist fails to initialise 2026-05-12 09:39:53 +02:00

Opened #545 fix(test): NotificationDropdown "view-all link" test causes iframe navigation crash in CI 2026-05-12 10:20:20 +02:00

Opened #546 test: PdfViewer.svelte.test.ts re-introduces banned vi.mock('pdfjs-dist') factory — restores birpc teardown race 2026-05-12 10:31:13 +02:00

Opened #551 fix(test): NotificationDropdown view-all click navigates iframe — breaks vitest coverage 2026-05-12 16:16:25 +02:00

Opened #553 Unit & Component Tests job exits 1 — birpc teardown race resurfaces from async vi.mock factory with dynamic import 2026-05-12 18:07:05 +02:00

Opened #554 audit: factory mocks → prop injection migration (sveltest pattern) 2026-05-13 10:02:51 +02:00

Opened #556 ci(coverage): drop client-project branches threshold 80 → 70 to unblock CI 2026-05-13 12:57:12 +02:00

Opened #557 ci(devops): downgrade actions/upload-artifact v4 → v3 (re-regression — needs ADR to prevent future re-upgrade) 2026-05-13 12:57:25 +02:00

Opened #560 audit report: factory vi.mock → prop-injection / __mocks__ migration (87 call sites, 12 modules) 2026-05-14 10:37:24 +02:00

Opened #566 feat(admin): assign groups when creating an invite link 2026-05-14 11:41:11 +02:00

2 Unresolved Conversations

Open #498 devops: production observability stack — Prometheus, Loki, Grafana, Alertmanager 2026-05-11 13:52:36 +02:00

Open #461 devops(ci): add SAST/SCA/secret-scan/container-scan gates to .gitea/workflows/ci.yml 2026-05-11 13:19:38 +02:00