pieced/pieced-portal
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
117 Commits 1 Branch 83 Tags
9939f75c03765b69ff02a73fea0a6b4b42de69a9
Commit Graph

12 Commits

Author SHA1 Message Date
admin
ed915ec539 Phase7b: Manual Invoice
Some checks failed
Build and Push / build (push) Failing after 59s
Details
2026-05-26 23:04:09 +02:00
admin
1c61111da3 Phase7: Void/Refund logic
All checks were successful
Build and Push / build (push) Successful in 1m46s
Details
2026-05-25 22:52:54 +02:00
admin
e15a668f8e Phase7: Void/Refund logic
Some checks failed
Build and Push / build (push) Failing after 52s
Details
2026-05-25 21:54:51 +02:00
admin
427c7c6204 Phase5: Automate bill creation
All checks were successful
Build and Push / build (push) Successful in 1m43s
Details
2026-05-25 10:41:51 +02:00
admin
cf190e5ac5 Phase3: Billing Customerpage/Mailings
Some checks failed
Build and Push / build (push) Failing after 46s
Details
2026-05-24 21:44:10 +02:00
admin
49b085e59e Phase2.5: Skill SetUp Process
All checks were successful
Build and Push / build (push) Successful in 1m39s
Details
2026-05-24 17:25:08 +02:00
admin
b77dd04b15 EMail templates rework
All checks were successful
Build and Push / build (push) Successful in 1m26s
Details
2026-05-02 22:03:19 +02:00
admin
11157b872c Add note to reactivation request
All checks were successful
Build and Push / build (push) Successful in 1m28s
Details
2026-05-02 16:43:54 +02:00
admin
8273d08f15 Support org
All checks were successful
Build and Push / build (push) Successful in 1m30s
Details
2026-05-02 10:50:06 +02:00
admin
46369fda01 Show suspended since and new emails for suspend continue approve and rejection
All checks were successful
Build and Push / build (push) Successful in 1m26s
Details
2026-05-01 22:37:23 +02:00
admin
f0eca1959b fix(portal): security hardening for pilot readiness 
- C1: Rewrite /api/usage to resolve teamId server-side from tenant CR;
  customers can no longer pass arbitrary teamId (IDOR fix)
- C2: Remove POST /api/tenants — tenants are only created via admin
  approval flow
- H1: Validate packages against catalog, workspaceFiles against allowlist,
  and field lengths in PATCH /api/tenants/[name]
- H2: Remove full ZITADEL profile claims logging from JWT callback
- H3: Add safeError() utility; sanitize all error responses to clients,
  toggle raw errors via PORTAL_DEBUG_ERRORS=true
- H4/H5: Escape HTML entities in all email templates (contactName,
  companyName, adminNotes)
 2026-04-14 20:20:04 +02:00
admin
97b483c121 Adjusted SMTP 2026-04-11 12:21:34 +02:00