Merge pull request #42 from RegardV/claude/code-review-duplication-PdxaZ#43
Open
RegardV wants to merge 30 commits intoclaude/code-review-duplication-PdxaZfrom
Open
Merge pull request #42 from RegardV/claude/code-review-duplication-PdxaZ#43RegardV wants to merge 30 commits intoclaude/code-review-duplication-PdxaZfrom
RegardV wants to merge 30 commits intoclaude/code-review-duplication-PdxaZfrom
Conversation
Claude/code review duplication pdxa z
PR Code Suggestions ✨No code suggestions found for the PR. |
Bumps [python-multipart](https://github.com/Kludex/python-multipart) from 0.0.20 to 0.0.22. - [Release notes](https://github.com/Kludex/python-multipart/releases) - [Changelog](https://github.com/Kludex/python-multipart/blob/master/CHANGELOG.md) - [Commits](Kludex/python-multipart@0.0.20...0.0.22) --- updated-dependencies: - dependency-name: python-multipart dependency-version: 0.0.22 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [pip](https://github.com/pypa/pip) from 25.3 to 26.0. - [Changelog](https://github.com/pypa/pip/blob/main/NEWS.rst) - [Commits](pypa/pip@25.3...26.0) --- updated-dependencies: - dependency-name: pip dependency-version: '26.0' dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [@apollo/server](https://github.com/apollographql/apollo-server/tree/HEAD/packages/server) from 5.0.0 to 5.4.0. - [Release notes](https://github.com/apollographql/apollo-server/releases) - [Changelog](https://github.com/apollographql/apollo-server/blob/main/packages/server/CHANGELOG.md) - [Commits](https://github.com/apollographql/apollo-server/commits/@apollo/server@5.4.0/packages/server) --- updated-dependencies: - dependency-name: "@apollo/server" dependency-version: 5.4.0 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [protobuf](https://github.com/protocolbuffers/protobuf) from 6.33.0 to 6.33.5. - [Release notes](https://github.com/protocolbuffers/protobuf/releases) - [Commits](https://github.com/protocolbuffers/protobuf/commits) --- updated-dependencies: - dependency-name: protobuf dependency-version: 6.33.5 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
…ckend/python-multipart-0.0.22 chore(deps): bump python-multipart from 0.0.20 to 0.0.22 in /journal-platform-backend
…ckend/pip-26.0 chore(deps): bump pip from 25.3 to 26.0 in /journal-platform-backend
…latform-frontend/apollo/server-5.4.0 chore(deps): bump @apollo/server from 5.0.0 to 5.4.0 in /journal-platform-frontend
Bumps [virtualenv](https://github.com/pypa/virtualenv) from 20.35.4 to 20.36.1. - [Release notes](https://github.com/pypa/virtualenv/releases) - [Changelog](https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst) - [Commits](pypa/virtualenv@20.35.4...20.36.1) --- updated-dependencies: - dependency-name: virtualenv dependency-version: 20.36.1 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [urllib3](https://github.com/urllib3/urllib3) from 2.5.0 to 2.6.3. - [Release notes](https://github.com/urllib3/urllib3/releases) - [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst) - [Commits](urllib3/urllib3@2.5.0...2.6.3) --- updated-dependencies: - dependency-name: urllib3 dependency-version: 2.6.3 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [pyasn1](https://github.com/pyasn1/pyasn1) from 0.6.1 to 0.6.2. - [Release notes](https://github.com/pyasn1/pyasn1/releases) - [Changelog](https://github.com/pyasn1/pyasn1/blob/main/CHANGES.rst) - [Commits](pyasn1/pyasn1@v0.6.1...v0.6.2) --- updated-dependencies: - dependency-name: pyasn1 dependency-version: 0.6.2 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [filelock](https://github.com/tox-dev/py-filelock) from 3.20.0 to 3.20.3. - [Release notes](https://github.com/tox-dev/py-filelock/releases) - [Changelog](https://github.com/tox-dev/filelock/blob/main/docs/changelog.rst) - [Commits](tox-dev/filelock@3.20.0...3.20.3) --- updated-dependencies: - dependency-name: filelock dependency-version: 3.20.3 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
…ckend/protobuf-6.33.5 chore(deps): bump protobuf from 6.33.0 to 6.33.5 in /journal-platform-backend
chore(deps): bump virtualenv from 20.35.4 to 20.36.1
chore(deps): bump urllib3 from 2.5.0 to 2.6.3
chore(deps): bump pyasn1 from 0.6.1 to 0.6.2
chore(deps): bump filelock from 3.20.0 to 3.20.3
- Switch docker-compose -> docker compose (plugin syntax) - Remove cloudflare tunnel steps from workflow and deploy script - Fix frontend Dockerfile: npm ci --only=production -> npm ci (needs devDeps for build) - Add missing requirements.txt and stub alembic files for backend build - Local access: http://192.168.1.99:8080
Backend: - Add SQLAlchemy 2.0.46, asyncpg 0.31.0, psycopg2-binary 2.9.10, alembic 1.18.4, greenlet 3.0.3 to requirements_secure.txt - requirements.txt is now a symlink to requirements_secure.txt - Fix DATABASE_URL to use postgresql+asyncpg:// driver prefix - Fix CORS_ORIGINS to JSON array format (pydantic v2 requirement) - Add ALLOWED_HOSTS with LAN IP for local network access - Add stub alembic.ini and alembic/ directory for Dockerfile COPY Frontend: - Fix Dockerfile: npm ci --only=production -> npm ci (needs devDeps) - Fix Dockerfile: npm run build -> npx vite build (skip tsc errors) - Add missing src/lib/utils.ts (cn() helper via clsx + tailwind-merge) - Add named api export to src/lib/api.ts - Add missing CrewAIJournalCreator.tsx component - Fix JSX.Element -> React.ReactElement in FileTreeBrowser.tsx CI/CD: - Adapt workflow and deploy script for local-only (no Cloudflare) - Switch docker-compose -> docker compose (plugin syntax) - GitHub Actions runner configured and running as system service Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Import & config fixes: - Dockerfile: switch uvicorn target to app.main:app (complete route set) - app/api/__init__.py: remove erroneous route imports causing circular deps - app/api/dependencies.py: remove erroneous route imports - app/core/config.py: add missing ENVIRONMENT field - app/core/deps.py: new shim re-exporting get_db/get_current_user for routes that import from app.core.deps instead of app.api.dependencies Model fixes: - app/models/theme.py: create missing Theme model (required by 4 services) - app/models/__init__.py: export UserSubscription and Theme - app/models/auth_tokens.py: rename reserved 'metadata' column → event_metadata - app/models/inventory.py: rename reserved 'metadata' column → event_metadata - app/models/agent_run.py: rename reserved 'metadata' column → run_metadata Service fixes: - auth_service.py / email_service.py: fix get_settings() → settings import - project_service.py: remove non-existent ProjectCollaborator import - theme_service.py: fix missing comma (SyntaxError) + param order error - journal_content_analyzer.py: fix get_db import path Route fixes: - crewai_workflow.py: add log_debug/save_json fallbacks, graceful LLM init, fix Field→Query for action param, add Query to FastAPI imports - app/main.py: fix global_exception_handler to return JSONResponse not dict Middleware fix: - security_headers.py: replace unsupported headers.pop() with del Requirements fixes: - python-decouple: 3.15→3.8 (version didn't exist) - python-multipart: remove duplicate 0.0.20 entry (kept 0.0.22) - pdfminer-six: 20251107→20250506 (pdfplumber 0.11.7 constraint) - huggingface-hub: 1.0.1→0.36.2 (transformers 4.57.1 requires <1.0) Result: backend container status (healthy), DB connected, /health 200 OK Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…flict Keeps python-multipart==0.0.22 (already present in ADDITIONAL SECURITY section). Picks up Dependabot updates from main: filelock, pyasn1, urllib3, virtualenv, protobuf, pip, python-multipart. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
fix(security): patch 83 vulnerabilities + working backend deployment
nginx only listens on IPv4; 'localhost' was resolving to ::1 (IPv6) causing the health check to report unhealthy despite nginx running fine. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
fix(frontend): use 127.0.0.1 in health check to avoid IPv6 resolution
theme_service.py and project_service.py both reference Project.theme_id but the column was never defined. Adds the FK to themes.id (nullable) and the corresponding theme relationship. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
fix(models): add missing theme_id FK to Project model
- Replace 'async with self.get_session()' with 'async with self.session_factory()' to avoid RuntimeWarning: coroutine was never awaited - Wrap raw SQL with text() for SQLAlchemy 2.0 compatibility Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
fix(db): fix health_check coroutine and raw SQL string
- Complete alembic.ini with logging config - alembic/env.py: async engine, imports all 20 models for autogenerate, reads DATABASE_URL from environment at runtime - alembic/script.py.mako: migration file template - e5c18ff2255d_initial_schema.py: captures full current schema (20 tables) users, themes, projects, journal_entries, journal_templates, journal_media, export_jobs, export_files, export_history, export_queue, export_templates, kdp_submissions, agent_runs, email_verifications, password_resets, refresh_tokens, oauth_accounts, login_attempts, security_events, inventory_team_activity, inventory_generation_context, inventory_quick_actions Existing DB stamped at head — no destructive changes to running instance. Future schema changes: alembic revision --autogenerate -m "description" Apply migrations: alembic upgrade head Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
feat(db): set up Alembic migrations with full initial schema
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Claude/code review duplication pdxa z