Skip to content

Develop #1

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
k1n0b0n wants to merge 26 commits into
base: main
Choose a base branch
from
Open

Develop #1

k1n0b0n wants to merge 26 commits into from

Conversation

@k1n0b0n
Copy link
Collaborator

@k1n0b0n k1n0b0n commented Oct 28, 2025

Add order inbounds

@k1n0b0n
chore(cleanup): remove unused deployment files
b79f96b
@k1n0b0n
chore(cleanup): simplify and clean up code
cff2a85
@k1n0b0n
feat(clean_code): switch to typescript and clean some code
6f81308
@k1n0b0n
feat(oidc-auth): set up OIDC auth
b2a884e
@k1n0b0n
feat(adding-menu): menu styling ok
6a85826
@k1n0b0n
feat(adding-menu): creating a page not found
deee1dd
@k1n0b0n
Merge branch 'feature/adding-menu' into develop
051ec23
@k1n0b0n
feat(logout): set tu proper logout and fix route guard issues
a4483c0
@k1n0b0n
feat(fix-stock): fix stock zone page
48d4e32
@k1n0b0n
feat(fix-stock): fix stock form
1a45f09
@k1n0b0n
feat(fix-stock): ok for now
709644f
@k1n0b0n
Merge branch 'feature/fix-stock' into develop
815dc38
@k1n0b0n
feat(stock): adding a list design instead of table, fits better on mo…
9543654 
…bile
@k1n0b0n
feat(reception): remove useless files
e77f1c2
@k1n0b0n
feat(reception): order list
8bf61b4
@k1n0b0n
feat(reception): products list WIP
d6c7112
@k1n0b0n
feat(reception): product detail, scan page and other minor things
5f78886
@k1n0b0n
feat(reception): product error form
80a40f5
@k1n0b0n
feat(scanner): custom barcode scanner implementation with BarcodeDete…
52477cc 
…ction API polyfills
@k1n0b0n
feat(auth): add axios with interceptor to add access_token to request
0857db8
@k1n0b0n
feat(requests): prepare requests for backend
0863fac
@k1n0b0n
Merge branch 'feature/reception' into develop
0c6c7f4
@k1n0b0n k1n0b0n requested a review from Andros78 October 28, 2025 11:28
@k1n0b0n k1n0b0n self-assigned this Oct 28, 2025
Andros78 and others added 4 commits November 16, 2025 18:07
@Andros78
modif date format pour accord avec backend
4d44fa8
@Andros78
refacto et debug pour deploiment avec back
3ab0c6b
@emillumine
security: remplace la commande npm install par npm ci (clean install)…
bb9f135 
… dans la CI

La commande npm install peut mettre à jour des dépendances et modifier le fichier package-lock.json.
Avec l'attaque shai-hulud 2.0 en cours, c'est très risqué de mettre à jour des dépendances actuellement, et utiliser la commande npm ci (clean install) est une meilleure pratique pour le déploiement.
https://docs.npmjs.com/cli/v8/commands/npm-ci
@emillumine
security: empêche l'exécution automatique des scripts lors de l'insta…
f246e69 
…llation de paquets npm

L'attaque shai-hulud 2.0 se propage via l'exécution d'un script malveillant durant la phase preinstall de paquets npm corrompus.
Bloquer toute exécution auto des scripts protège donc a priori de cette attaque.
Mais attention, il est possible que certaines dépendances légitimes du projet nécessitent l'exécution de scripts (je n'ai pas testé).
Il est possible de réactiver les lifecycle scripts en opt-in package par package par exemple en utilisant
https://github.com/LavaMoat/LavaMoat/tree/main/packages/allow-scripts
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Andros78 Andros78 Awaiting requested review from Andros78

Assignees

@k1n0b0n k1n0b0n

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@k1n0b0n @Andros78 @emillumine