chore: changes ...

chore: changes...
chore: wip
2026-01-12 16:48:06 -05:00 · 2025-06-22 19:58:59 +04:00 · 2025-06-20 19:14:27 +04:00 · 2025-06-20 19:11:09 +04:00 · 2025-06-20 17:00:07 +04:00 · 2025-06-20 16:38:57 +04:00
7 changed files with 324 additions and 27 deletions
--- a/autogpt_platform/frontend/package.json
+++ b/autogpt_platform/frontend/package.json
@@ -4,15 +4,14 @@
  "private": true,
  "scripts": {
    "dev": "next dev --turbo",
-    "dev:test": "NODE_ENV=test && next dev --turbo",
    "build": "SKIP_STORYBOOK_TESTS=true next build",
    "start": "next start",
    "start:standalone": "cd .next/standalone && node server.js",
    "lint": "next lint && prettier --check .",
    "format": "prettier --write .",
    "type-check": "tsc --noEmit",
-    "test": "next build --turbo && playwright test",
-    "test-ui": "next build --turbo && playwright test --ui",
+    "test": "playwright test",
+    "test-ui": "playwright test --ui",
    "test:no-build": "playwright test",
    "gentests": "playwright codegen http://localhost:3000",
    "storybook": "storybook dev -p 6006",
--- a/autogpt_platform/frontend/playwright.config.ts
+++ b/autogpt_platform/frontend/playwright.config.ts
@@ -34,7 +34,18 @@ export default defineConfig({
    bypassCSP: true,
  },
  /* Maximum time one test can run for */
-  timeout: 60000,
+  timeout: 30000,
+
+  /* Configure web server to start automatically */
+  webServer: {
+    command: "NEXT_PUBLIC_PW_TEST=true pnpm dev",
+    url: "http://localhost:3000",
+    reuseExistingServer: !process.env.CI,
+    timeout: 120 * 1000,
+    env: {
+      NEXT_PUBLIC_PW_TEST: "true",
+    },
+  },

  /* Configure projects for major browsers */
  projects: [
@@ -73,15 +84,4 @@ export default defineConfig({
    //   use: { ...devices['Desktop Chrome'], channel: 'chrome' },
    // },
  ],
-
-  /* Run your local server before starting the tests */
-  webServer: {
-    command: "pnpm start",
-    url: "http://localhost:3000/",
-    reuseExistingServer: !process.env.CI,
-    timeout: 10 * 1000,
-    env: {
-      NODE_ENV: "test",
-    },
-  },
 });
--- a/autogpt_platform/frontend/pnpm-lock.yaml
+++ b/autogpt_platform/frontend/pnpm-lock.yaml
@@ -285,6 +285,9 @@ importers:
      require-in-the-middle:
        specifier: 7.5.2
        version: 7.5.2
+      start-server-and-test:
+        specifier: 2.0.12
+        version: 2.0.12
      storybook:
        specifier: 9.0.12
        version: 9.0.12(@testing-library/dom@10.4.0)(prettier@3.5.3)
@@ -1086,6 +1089,12 @@ packages:
  '@floating-ui/utils@0.2.9':
    resolution: {integrity: sha512-MDWhGtE+eHw5JW7lq4qhc5yRLS11ERl1c7Z6Xd0a58DozHES6EnNNwUWbMiG4J9Cgj053Bhk8zvlhFYKVhULwg==}

+  '@hapi/hoek@9.3.0':
+    resolution: {integrity: sha512-/c6rf4UJlmHlC9b5BaNvzAcFv7HZ2QHaV0D4/HNlBdvFnvQq8RI4kYdhyPCl7Xj+oWvTWQ8ujhqS53LIgAe6KQ==}
+
+  '@hapi/topo@5.1.0':
+    resolution: {integrity: sha512-foQZKJig7Ob0BMAYBfcJk8d77QtOe7Wo4ox7ff1lQYoNNAb6jwcY1ncdoy2e9wQZzvNy7ODZCYJkK8kzmcAnAg==}
+
  '@hookform/resolvers@5.1.1':
    resolution: {integrity: sha512-J/NVING3LMAEvexJkyTLjruSm7aOFx7QX21pzkiJfMoNG0wl5aFEjLTl7ay7IQb9EWY6AkrBy7tHL2Alijpdcg==}
    peerDependencies:
@@ -2362,6 +2371,15 @@ packages:
    peerDependencies:
      webpack: '>=4.40.0'

+  '@sideway/address@4.1.5':
+    resolution: {integrity: sha512-IqO/DUQHUkPeixNQ8n0JA6102hT9CmaljNTPmQ1u8MEhBo/R4Q8eKLN/vGZxuebwOroDB4cbpjheD4+/sKFK4Q==}
+
+  '@sideway/formula@3.0.1':
+    resolution: {integrity: sha512-/poHZJJVjx3L+zVD6g9KgHfYnb443oi7wLu/XKojDviHy6HOEOA6z1Trk5aR1dGcmPenJEgb2sK2I80LeS3MIg==}
+
+  '@sideway/pinpoint@2.0.0':
+    resolution: {integrity: sha512-RNiOoTPkptFtSVzQevY/yWtZwf/RxyVnPy/OcA9HBM3MlGDnBEYL5B41H0MTn0Uec8Hi+2qUtTfG2WWZBmMejQ==}
+
  '@standard-schema/utils@0.3.0':
    resolution: {integrity: sha512-e7Mew686owMaPJVNNLs55PUvgz371nKgwsc4vxE49zsODpJEnxgxRo2y/OKrqueavXgZNMDVj3DdHFlaSAeU8g==}

@@ -3110,6 +3128,9 @@ packages:
    resolution: {integrity: sha512-hsU18Ae8CDTR6Kgu9DYf0EbCr/a5iGL0rytQDobUcdpYOKokk8LEjVphnXkDkgpi0wYVsqrXuP0bZxJaTqdgoA==}
    engines: {node: '>= 0.4'}

+  asynckit@0.4.0:
+    resolution: {integrity: sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q==}
+
  available-typed-arrays@1.0.7:
    resolution: {integrity: sha512-wvUjBtSGN7+7SjNpq/9M2Tg350UZD3q62IFZLbRAR1bSMlCo1ZaeW+BJ+D090e4hIIZLBcTDWe4Mh4jvUDajzQ==}
    engines: {node: '>= 0.4'}
@@ -3129,6 +3150,9 @@ packages:
    peerDependencies:
      playwright: '>1.0.0'

+  axios@1.10.0:
+    resolution: {integrity: sha512-/1xYAC4MP/HEG+3duIhFr4ZQXR4sQXOIe+o6sdqzeykGLx6Upp/1p8MHqhINOvGeP7xyNHe7tsiJByc4SSVUxw==}
+
  axobject-query@4.1.0:
    resolution: {integrity: sha512-qIj0G9wZbMGNLjLmg1PT6v2mE9AH2zlnADJD/2tC6E00hgmhUOfEB6greHPAfLRSufHqROIUTkw6E+M3lH0PTQ==}
    engines: {node: '>= 0.4'}
@@ -3175,6 +3199,9 @@ packages:
    resolution: {integrity: sha512-Ceh+7ox5qe7LJuLHoY0feh3pHuUDHAcRUeyL2VYghZwfpkNIy/+8Ocg0a3UuSoYzavmylwuLWQOf3hl0jjMMIw==}
    engines: {node: '>=8'}

+  bluebird@3.7.2:
+    resolution: {integrity: sha512-XpNj6GDQzdfW+r2Wnn7xiSAd7TM3jzkxGXBGTtWKuSXv1xUV+azxAm8jdWZN06QTQk+2N2XB9jRDkvbmQmcRtg==}
+
  bn.js@4.12.2:
    resolution: {integrity: sha512-n4DSx829VRTRByMRGdjQ9iqsN0Bh4OolPsFnaZBLcbi8iXcB+kJ9s7EnRt4wILZNV3kPLHkRVfOc/HvhC3ovDw==}

@@ -3305,6 +3332,10 @@ packages:
    resolution: {integrity: sha512-OAlb+T7V4Op9OwdkjmguYRqncdlx5JiofwOAUkmTF+jNdHwzTaTs4sRAGpzLF3oOz5xAyDGrPgeIDFQmDOTiJw==}
    engines: {node: '>= 16'}

+  check-more-types@2.24.0:
+    resolution: {integrity: sha512-Pj779qHxV2tuapviy1bSZNEL1maXr13bPYpsvSDB68HlYcYuhlDrmGd63i0JHMCLKzc7rUSNIrpdJlhVlNwrxA==}
+    engines: {node: '>= 0.8.0'}
+
  chokidar@3.6.0:
    resolution: {integrity: sha512-7VT13fmjotKpGipCW9JEQAusEPE+Ei8nl6/g4FBAmIm0GOOLMua9NDDo/DWp0ZAxCr3cPq5ZpBqmPAQgDda2Pw==}
    engines: {node: '>= 8.10.0'}
@@ -3392,6 +3423,10 @@ packages:
  colorette@2.0.20:
    resolution: {integrity: sha512-IfEDxwoWIjkeXL1eXcDiow4UbKjhLdq6/EuSVR9GMN7KVH3r9gQ83e73hsz1Nd1T3ijd5xv1wcWRYO+D6kCI2w==}

+  combined-stream@1.0.8:
+    resolution: {integrity: sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==}
+    engines: {node: '>= 0.8'}
+
  comma-separated-tokens@2.0.3:
    resolution: {integrity: sha512-Fu4hJdvzeylCfQPp9SGWidpzrMs7tTrlu6Vb8XGaRGck8QSNZJJp538Wrb60Lax4fPwR64ViY468OIUTbRlGZg==}

@@ -3656,6 +3691,10 @@ packages:
    resolution: {integrity: sha512-8QmQKqEASLd5nx0U1B1okLElbUuuttJ/AnYmRXbbbGDWh6uS208EjD4Xqq/I9wK7u0v6O08XhTWnt5XtEbR6Dg==}
    engines: {node: '>= 0.4'}

+  delayed-stream@1.0.0:
+    resolution: {integrity: sha512-ZySD7Nf91aLB0RxL4KGrKHBXl7Eds1DAmEdcoVawXnLD7SDhpNgtuII2aAkg7a7QS41jxPSZ17p4VdGnMHk3MQ==}
+    engines: {node: '>=0.4.0'}
+
  dequal@2.0.3:
    resolution: {integrity: sha512-0je+qPKHEMohvfRTCEo3CrPG6cAzAYgmzKyxRiYSSDkS6eGJdyVJm7WaYA5ECaAD9wLB2T4EEeymA5aFVcYXCA==}
    engines: {node: '>=6'}
@@ -3730,6 +3769,9 @@ packages:
    resolution: {integrity: sha512-KIN/nDJBQRcXw0MLVhZE9iQHmG68qAVIBg9CqmUYjmQIhgij9U5MFvrqkUL5FbtyyzZuOeOt0zdeRe4UY7ct+A==}
    engines: {node: '>= 0.4'}

+  duplexer@0.1.2:
+    resolution: {integrity: sha512-jtD6YG370ZCIi/9GTaJKQxWTZD045+4R4hTk/x1UyoqadyJ9x9CgSi1RlVDQF8U2sxLLSnFkCaMihqljHIWgMg==}
+
  eastasianwidth@0.2.0:
    resolution: {integrity: sha512-I88TYZWc9XiYHRQ4/3c5rjjfgkjhLyW2luGIheGERbNQ6OY7yTybanSpDXZa8y7VUP9YmDcYa+eyq4ca7iLqWA==}

@@ -3973,6 +4015,9 @@ packages:
    resolution: {integrity: sha512-kVscqXk4OCp68SZ0dkgEKVi6/8ij300KBWTJq32P/dYeWTSwK41WyTxalN1eRmA5Z9UU/LX9D7FWSmV9SAYx6g==}
    engines: {node: '>=0.10.0'}

+  event-stream@3.3.4:
+    resolution: {integrity: sha512-QHpkERcGsR0T7Qm3HNJSyXKEEj8AHNxkY3PK8TS2KJvQ7NiSHe3DDpwVKKtoYprL/AreyzFBeIkBIWChAqn60g==}
+
  event-target-shim@5.0.1:
    resolution: {integrity: sha512-i/2XbnSz/uxRCU6+NdVJgKWDTM427+MqYbkQzD321DuCQJUqOuJKIA0IM2+W2xtYHdKOmZ4dR6fExsd4SXL+WQ==}
    engines: {node: '>=6'}
@@ -3987,6 +4032,10 @@ packages:
  evp_bytestokey@1.0.3:
    resolution: {integrity: sha512-/f2Go4TognH/KvCISP7OUsHn85hT9nUkxxA9BEWxFn+Oj9o8ZNLm/40hdlgSLyuOimsrTKLUMEorQexp/aPQeA==}

+  execa@5.1.1:
+    resolution: {integrity: sha512-8uSpZZocAZRBAPIEINJj3Lo9HyGitllczc27Eh5YYojjMFMn8yHMDMaUHE2Jqfq05D/wucwI4JGURyXt1vchyg==}
+    engines: {node: '>=10'}
+
  exenv@1.2.2:
    resolution: {integrity: sha512-Z+ktTxTwv9ILfgKCk32OX3n/doe+OcLTRtqK9pcL+JsP3J1/VW8Uvl4ZjLlKqeW4rzK4oesDOGMEMRIZqtP4Iw==}

@@ -4081,6 +4130,15 @@ packages:
  flatted@3.3.3:
    resolution: {integrity: sha512-GX+ysw4PBCz0PzosHDepZGANEuFCMLrnRTiEy9McGjmkCQYwRq4A/X786G/fjM/+OjsWSU1ZrY5qyARZmO/uwg==}

+  follow-redirects@1.15.9:
+    resolution: {integrity: sha512-gew4GsXizNgdoRyqmyfMHyAmXsZDk6mHkSxZFCzW9gwlbtOW44CDtYavM+y+72qD/Vq2l550kMF52DT8fOLJqQ==}
+    engines: {node: '>=4.0'}
+    peerDependencies:
+      debug: '*'
+    peerDependenciesMeta:
+      debug:
+        optional: true
+
  for-each@0.3.5:
    resolution: {integrity: sha512-dKx12eRCVIzqCxFGplyFKJMPvLEWgmNtUrpTiJIR5u97zEhRG8ySrtboPHZXx7daLxQVrl643cTzbab2tkQjxg==}
    engines: {node: '>= 0.4'}
@@ -4096,6 +4154,10 @@ packages:
      typescript: '>3.6.0'
      webpack: ^5.11.0

+  form-data@4.0.3:
+    resolution: {integrity: sha512-qsITQPfmvMOSAdeyZ+12I1c+CKSstAFAwu+97zrnWAbIr5u8wfsExUzCesVLC8NgHuRUqNN4Zy6UPWUTRGslcA==}
+    engines: {node: '>= 6'}
+
  forwarded-parse@2.1.2:
    resolution: {integrity: sha512-alTFZZQDKMporBH77856pXgzhEzaUVmLCDk+egLgIgHst3Tpndzz8MnKe+GzRJRfvVdn69HhpW7cmXzvtLvJAw==}

@@ -4113,6 +4175,9 @@ packages:
      react-dom:
        optional: true

+  from@0.1.7:
+    resolution: {integrity: sha512-twe20eF1OxVxp/ML/kq2p1uc6KvFK/+vs8WjEbeKmV2He22MKm7YF2ANIt+EOqhJ5L3K/SuuPhk0hWQDjOM23g==}
+
  fs-extra@10.1.0:
    resolution: {integrity: sha512-oRXApq54ETRj4eMiFzGnHWGy+zo5raudjuxN0b8H7s/RU2oW0Wvsx9O0ACRN/kRq9E8Vu/ReskGB5o3ji+FzHQ==}
    engines: {node: '>=12'}
@@ -4168,6 +4233,10 @@ packages:
    resolution: {integrity: sha512-sTSfBjoXBp89JvIKIefqw7U2CCebsc74kiY6awiGogKtoSGbgjYE/G/+l9sF3MWFPNc9IcoOC4ODfKHfxFmp0g==}
    engines: {node: '>= 0.4'}

+  get-stream@6.0.1:
+    resolution: {integrity: sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg==}
+    engines: {node: '>=10'}
+
  get-symbol-description@1.1.0:
    resolution: {integrity: sha512-w9UMqWwJxHNOvoNzSJ2oPF5wvYcvP7jUvYzhp67yEhTi17ZDBBC1z9pTdGuzjD+EFIqLSYRweZjqfiPzQ06Ebg==}
    engines: {node: '>= 0.4'}
@@ -4310,6 +4379,10 @@ packages:
    resolution: {integrity: sha512-dFcAjpTQFgoLMzC2VwU+C/CbS7uRL0lWmxDITmqm7C+7F0Odmj6s9l6alZc6AELXhrnggM2CeWSXHGOdX2YtwA==}
    engines: {node: '>= 6'}

+  human-signals@2.1.0:
+    resolution: {integrity: sha512-B4FFZ6q/T2jhhksgkbEW3HBvWIfDW85snkQgawt07S7J5QXTk6BkNV+0yAeZrM5QpMAdYlocGoljn0sJ/WQkFw==}
+    engines: {node: '>=10.17.0'}
+
  icss-utils@5.1.0:
    resolution: {integrity: sha512-soFhflCVWLfRNOPU3iv5Z9VUdT44xFRbzjLsEzSr5AQmgqPMTHdU3PMT1Cf1ssx8fLNJDA1juftYl+PUcv3MqA==}
    engines: {node: ^10 || ^12 || >= 14}
@@ -4497,6 +4570,10 @@ packages:
    resolution: {integrity: sha512-ISWac8drv4ZGfwKl5slpHG9OwPNty4jOWPRIhBpxOoD+hqITiwuipOQ2bNthAzwA3B4fIjO4Nln74N0S9byq8A==}
    engines: {node: '>= 0.4'}

+  is-stream@2.0.1:
+    resolution: {integrity: sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg==}
+    engines: {node: '>=8'}
+
  is-string@1.1.1:
    resolution: {integrity: sha512-BtEeSsoaQjlSPBemMQIrY1MY0uM6vnS1g5fmufYOtnxLGUZM2178PKbhsk7Ffv58IX+ZtcvoGwccYsh0PglkAA==}
    engines: {node: '>= 0.4'}
@@ -4552,6 +4629,9 @@ packages:
    resolution: {integrity: sha512-/imKNG4EbWNrVjoNC/1H5/9GFy+tqjGBHCaSsN+P2RnPqjsLmv6UD3Ej+Kj8nBWaRAwyk7kK5ZUc+OEatnTR3A==}
    hasBin: true

+  joi@17.13.3:
+    resolution: {integrity: sha512-otDA4ldcIx+ZXsKHWmp0YizCweVRZG96J10b0FevjfuncLO1oX59THoAmHkNubYJ+9gWsYsp5k8v4ib6oDv1fA==}
+
  js-tokens@4.0.0:
    resolution: {integrity: sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==}

@@ -4626,6 +4706,10 @@ packages:
      react: ^16.6.3 || ^17.0.0 || ^18.0.0 || ^19.0.0
      react-dom: ^16.8.4 || ^17.0.0 || ^18.0.0 || ^19.0.0

+  lazy-ass@1.6.0:
+    resolution: {integrity: sha512-cc8oEVoctTvsFZ/Oje/kGnHbpWHYBe8IAJe4C0QNc3t8uM/0Y8+erSz/7Y1ALuXTEZTMvxXwO6YbX1ey3ujiZw==}
+    engines: {node: '> 0.8'}
+
  levn@0.4.1:
    resolution: {integrity: sha512-+bT2uH4E5LGE7h/n3evcS/sQlJXCpIp6ym8OWJ5eV6+67Dsql/LaaT7qJBAt2rzfoa/5QBGBhxDix1dMt2kQKQ==}
    engines: {node: '>= 0.8.0'}
@@ -4712,6 +4796,9 @@ packages:
    resolution: {integrity: sha512-g3FeP20LNwhALb/6Cz6Dd4F2ngze0jz7tbzrD2wAV+o9FeNHe4rL+yK2md0J/fiSf1sa1ADhXqi5+oVwOM/eGw==}
    engines: {node: '>=8'}

+  map-stream@0.1.0:
+    resolution: {integrity: sha512-CkYQrPYZfWnu/DAmVCpTSX/xHpKZ80eKh2lAkyA6AJTef6bW+6JpbQZN5rofum7da+SyN1bi5ctTm+lTfcCW3g==}
+
  math-intrinsics@1.1.0:
    resolution: {integrity: sha512-/IXtbwEk5HTPyEwyKX6hGkYXxM9nbj64B+ilVJnC/R6B0pH5G4V3b0pVbL7DBj4tkhBAppbQUlf6F6Xl9LHu1g==}
    engines: {node: '>= 0.4'}
@@ -4833,6 +4920,10 @@ packages:
    resolution: {integrity: sha512-ZDY+bPm5zTTF+YpCrAU9nK0UgICYPT0QtT1NZWFv4s++TNkcgVaT0g6+4R2uI4MjQjzysHB1zxuWL50hzaeXiw==}
    engines: {node: '>= 0.6'}

+  mimic-fn@2.1.0:
+    resolution: {integrity: sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==}
+    engines: {node: '>=6'}
+
  min-indent@1.0.1:
    resolution: {integrity: sha512-I9jwMn07Sy/IwOj3zVkVik2JTvgpaykDZEigL6Rx6N9LbMywwUSMtxET+7lVoDLLd3O3IXwJwvuuns8UB/HeAg==}
    engines: {node: '>=4'}
@@ -4977,6 +5068,10 @@ packages:
    resolution: {integrity: sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==}
    engines: {node: '>=0.10.0'}

+  npm-run-path@4.0.1:
+    resolution: {integrity: sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw==}
+    engines: {node: '>=8'}
+
  nth-check@2.1.1:
    resolution: {integrity: sha512-lqjrjmaOoAnWfMmBPL+XNnynZh2+swxiX3WUE0s4yEHI6m+AwrK2UZOimIRl3X/4QctVqS8AiZjFqyOGrMXb/w==}

@@ -5026,6 +5121,10 @@ packages:
  once@1.4.0:
    resolution: {integrity: sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==}

+  onetime@5.1.2:
+    resolution: {integrity: sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==}
+    engines: {node: '>=6'}
+
  open@8.4.2:
    resolution: {integrity: sha512-7x81NCL719oNbsq/3mh+hVrAWmFuEYUqrq/Iw3kUzH8ReypT9QQ0BLoJS7/G9k6N81XjW4qHWtjWwe/9eLy1EQ==}
    engines: {node: '>=12'}
@@ -5139,6 +5238,9 @@ packages:
    resolution: {integrity: sha512-vE7JKRyES09KiunauX7nd2Q9/L7lhok4smP9RZTDeD4MVs72Dp2qNFVz39Nz5a0FVEW0BJR6C0DYrq6unoziZA==}
    engines: {node: '>= 14.16'}

+  pause-stream@0.0.11:
+    resolution: {integrity: sha512-e3FBlXLmN/D1S+zHzanP4E/4Z60oFAa3O051qt1pxa7DEJWKAyil6upYVXCWadEnuoqa4Pkc9oUx9zsxYeRv8A==}
+
  pbkdf2@3.1.2:
    resolution: {integrity: sha512-iuh7L6jA7JEGu2WxDwtQP1ddOpaJNC4KlDEFfdQajSGgGPNi4OyDc2R7QnbY2bR9QjBVGwgvTdNJZoE7RaxUMA==}
    engines: {node: '>=0.12'}
@@ -5392,6 +5494,11 @@ packages:
  proxy-from-env@1.1.0:
    resolution: {integrity: sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg==}

+  ps-tree@1.2.0:
+    resolution: {integrity: sha512-0VnamPPYHl4uaU/nSFeZZpR21QAWRz+sRv4iW9+v/GS/J5U5iZB5BNN6J0RMoOvdx2gWM2+ZFMIm58q24e4UYA==}
+    engines: {node: '>= 0.10'}
+    hasBin: true
+
  psl@1.15.0:
    resolution: {integrity: sha512-JZd3gMVBAVQkSs6HdNZo9Sdo0LNcQeMNP3CozBJb3JYC/QUYZTnKxP+f8oWRX4rHP5EurWxqAHTSwUCjlNKa1w==}

@@ -5810,6 +5917,9 @@ packages:
    resolution: {integrity: sha512-ZX99e6tRweoUXqR+VBrslhda51Nh5MTQwou5tnUDgbtyM0dBgmhEDtWGP/xbKn6hqfPRHujUNwz5fy/wbbhnpw==}
    engines: {node: '>= 0.4'}

+  signal-exit@3.0.7:
+    resolution: {integrity: sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==}
+
  signal-exit@4.1.0:
    resolution: {integrity: sha512-bzyZ1e88w9O1iNJbKnOlvYTrWPDl46O1bG0D3XInv+9tkPrxrN8jUUTiFlDkkmKWgn1M6CfIA13SuGqOa9Korw==}
    engines: {node: '>=14'}
@@ -5835,6 +5945,9 @@ packages:
  space-separated-tokens@2.0.2:
    resolution: {integrity: sha512-PEGlAwrG8yXGXRjW32fGbg66JAlOAwbObuqVoJpv/mRgoWDQfgH1wDPvtzWyUSNAXBGSk8h755YDbbcEy3SH2Q==}

+  split@0.3.3:
+    resolution: {integrity: sha512-wD2AeVmxXRBoX44wAycgjVpMhvbwdI2aZjCkvfNcH1YqHQvJVa1duWc73OyVGJUc05fhFaTZeQ/PYsrmyH0JVA==}
+
  stable-hash@0.0.5:
    resolution: {integrity: sha512-+L3ccpzibovGXFK+Ap/f8LOS0ahMrHTf3xu7mMLSpEGU0EO9ucaysSylKo9eRDFNhWve/y275iPmIZ4z39a9iA==}

@@ -5845,6 +5958,11 @@ packages:
    resolution: {integrity: sha512-WjlahMgHmCJpqzU8bIBy4qtsZdU9lRlcZE3Lvyej6t4tuOuv1vk57OW3MBrj6hXBFx/nNoC9MPMTcr5YA7NQbg==}
    engines: {node: '>=6'}

+  start-server-and-test@2.0.12:
+    resolution: {integrity: sha512-U6QiS5qsz+DN5RfJJrkAXdooxMDnLZ+n5nR8kaX//ZH19SilF6b58Z3zM9zTfrNIkJepzauHo4RceSgvgUSX9w==}
+    engines: {node: '>=16'}
+    hasBin: true
+
  statuses@2.0.2:
    resolution: {integrity: sha512-DvEy55V3DB7uknRo+4iOGT5fP1slR8wQohVdknigZPMpMstaKJQWhwiYBACJE3Ul2pTnATihhBYnRhZQHGBiRw==}
    engines: {node: '>= 0.8'}
@@ -5865,6 +5983,9 @@ packages:
  stream-browserify@3.0.0:
    resolution: {integrity: sha512-H73RAHsVBapbim0tU2JwwOiXUj+fikfiaoYAKHF3VJfA0pe2BCzkhAHBlLG6REzE+2WNZcxOXjK7lkso+9euLA==}

+  stream-combiner@0.0.4:
+    resolution: {integrity: sha512-rT00SPnTVyRsaSz5zgSPma/aHSOic5U1prhYdRy5HS2kTZviFpmDgzilbtsJsxiroqACmayynDN/9VzIbX5DOw==}
+
  stream-http@3.2.0:
    resolution: {integrity: sha512-Oq1bLqisTyK3TSCXpPbT4sdeYNdmyZJv1LxpEm2vu1ZhK89kSE5YXwZc3cWk0MagGaKriBh9mCFbVGtO+vY29A==}

@@ -5927,6 +6048,10 @@ packages:
    resolution: {integrity: sha512-vavAMRXOgBVNF6nyEEmL3DBK19iRpDcoIwW+swQ+CbGiu7lju6t+JklA1MHweoWtadgt4ISVUsXLyDq34ddcwA==}
    engines: {node: '>=4'}

+  strip-final-newline@2.0.0:
+    resolution: {integrity: sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA==}
+    engines: {node: '>=6'}
+
  strip-indent@3.0.0:
    resolution: {integrity: sha512-laJTa3Jb+VQpaC6DseHhF7dXVqHTfJPCRDaEbid/drOhgitgYku/letMUqOXFoWV0zIIUbjpdH2t+tYj4bQMRQ==}
    engines: {node: '>=8'}
@@ -6055,6 +6180,9 @@ packages:
  third-party-capital@1.0.20:
    resolution: {integrity: sha512-oB7yIimd8SuGptespDAZnNkzIz+NWaJCu2RMsbs4Wmp9zSDUM8Nhi3s2OOcqYuv3mN4hitXc8DVx+LyUmbUDiA==}

+  through@2.3.8:
+    resolution: {integrity: sha512-w89qg7PI8wAdvX60bMDP+bFoD5Dvhm9oLheFp5O4a2QF0cSBGsBX4qZmadPMvVqlLJBBci+WqGGOAPvcDeNSVg==}
+
  timers-browserify@2.0.12:
    resolution: {integrity: sha512-9phl76Cqm6FhSX9Xe1ZUAMLtm1BLkKj2Qd5ApyWkXzsMRaA7dgr81kf4wJmQf/hAvg8EEyJxDo3du/0KlhPiKQ==}
    engines: {node: '>=0.6.0'}
@@ -6310,6 +6438,11 @@ packages:
  vm-browserify@1.1.2:
    resolution: {integrity: sha512-2ham8XPWTONajOR0ohOKOHXkm3+gaBmGut3SRuu75xLd/RRaY6vqgh8NBYYk7+RW3u5AtzPQZG8F10LHkl0lAQ==}

+  wait-on@8.0.3:
+    resolution: {integrity: sha512-nQFqAFzZDeRxsu7S3C7LbuxslHhk+gnJZHyethuGKAn2IVleIbTB9I3vJSQiSR+DifUqmdzfPMoMPJfLqMF2vw==}
+    engines: {node: '>=12.0.0'}
+    hasBin: true
+
  warning@4.0.3:
    resolution: {integrity: sha512-rpJyN222KWIvHJ/F53XSZv0Zl/accqHR8et1kpaMTD/fLCRxtV8iX8czMzY7sVZupTI3zcUTg8eycS2kNF9l6w==}

@@ -7383,6 +7516,12 @@ snapshots:

  '@floating-ui/utils@0.2.9': {}

+  '@hapi/hoek@9.3.0': {}
+
+  '@hapi/topo@5.1.0':
+    dependencies:
+      '@hapi/hoek': 9.3.0
+
  '@hookform/resolvers@5.1.1(react-hook-form@7.57.0(react@18.3.1))':
    dependencies:
      '@standard-schema/utils': 0.3.0
@@ -8701,6 +8840,14 @@ snapshots:
      - encoding
      - supports-color

+  '@sideway/address@4.1.5':
+    dependencies:
+      '@hapi/hoek': 9.3.0
+
+  '@sideway/formula@3.0.1': {}
+
+  '@sideway/pinpoint@2.0.0': {}
+
  '@standard-schema/utils@0.3.0': {}

  '@storybook/addon-a11y@9.0.12(storybook@9.0.12(@testing-library/dom@10.4.0)(prettier@3.5.3))':
@@ -9629,6 +9776,8 @@ snapshots:

  async-function@1.0.0: {}

+  asynckit@0.4.0: {}
+
  available-typed-arrays@1.0.7:
    dependencies:
      possible-typed-array-names: 1.1.0
@@ -9649,6 +9798,14 @@ snapshots:
      picocolors: 1.1.1
      playwright: 1.53.1

+  axios@1.10.0(debug@4.4.1):
+    dependencies:
+      follow-redirects: 1.15.9(debug@4.4.1)
+      form-data: 4.0.3
+      proxy-from-env: 1.1.0
+    transitivePeerDependencies:
+      - debug
+
  axobject-query@4.1.0: {}

  babel-loader@9.2.1(@babel/core@7.27.4)(webpack@5.99.9(esbuild@0.25.5)):
@@ -9696,6 +9853,8 @@ snapshots:

  binary-extensions@2.3.0: {}

+  bluebird@3.7.2: {}
+
  bn.js@4.12.2: {}

  bn.js@5.2.2: {}
@@ -9848,6 +10007,8 @@ snapshots:

  check-error@2.1.1: {}

+  check-more-types@2.24.0: {}
+
  chokidar@3.6.0:
    dependencies:
      anymatch: 3.1.3
@@ -9927,6 +10088,10 @@ snapshots:

  colorette@2.0.20: {}

+  combined-stream@1.0.8:
+    dependencies:
+      delayed-stream: 1.0.0
+
  comma-separated-tokens@2.0.3: {}

  commander@2.20.3: {}
@@ -10194,6 +10359,8 @@ snapshots:
      has-property-descriptors: 1.0.2
      object-keys: 1.1.1

+  delayed-stream@1.0.0: {}
+
  dequal@2.0.3: {}

  des.js@1.1.0:
@@ -10274,6 +10441,8 @@ snapshots:
      es-errors: 1.3.0
      gopd: 1.2.0

+  duplexer@0.1.2: {}
+
  eastasianwidth@0.2.0: {}

  electron-to-chromium@1.5.170: {}
@@ -10691,6 +10860,16 @@ snapshots:

  esutils@2.0.3: {}

+  event-stream@3.3.4:
+    dependencies:
+      duplexer: 0.1.2
+      from: 0.1.7
+      map-stream: 0.1.0
+      pause-stream: 0.0.11
+      split: 0.3.3
+      stream-combiner: 0.0.4
+      through: 2.3.8
+
  event-target-shim@5.0.1: {}

  eventemitter3@4.0.7: {}
@@ -10702,6 +10881,18 @@ snapshots:
      md5.js: 1.3.5
      safe-buffer: 5.2.1

+  execa@5.1.1:
+    dependencies:
+      cross-spawn: 7.0.6
+      get-stream: 6.0.1
+      human-signals: 2.1.0
+      is-stream: 2.0.1
+      merge-stream: 2.0.0
+      npm-run-path: 4.0.1
+      onetime: 5.1.2
+      signal-exit: 3.0.7
+      strip-final-newline: 2.0.0
+
  exenv@1.2.2: {}

  extend@3.0.2: {}
@@ -10796,6 +10987,10 @@ snapshots:

  flatted@3.3.3: {}

+  follow-redirects@1.15.9(debug@4.4.1):
+    optionalDependencies:
+      debug: 4.4.1
+
  for-each@0.3.5:
    dependencies:
      is-callable: 1.2.7
@@ -10822,6 +11017,14 @@ snapshots:
      typescript: 5.8.3
      webpack: 5.99.9(esbuild@0.25.5)

+  form-data@4.0.3:
+    dependencies:
+      asynckit: 0.4.0
+      combined-stream: 1.0.8
+      es-set-tostringtag: 2.1.0
+      hasown: 2.0.2
+      mime-types: 2.1.35
+
  forwarded-parse@2.1.2: {}

  framer-motion@12.16.0(@emotion/is-prop-valid@1.2.2)(react-dom@18.3.1(react@18.3.1))(react@18.3.1):
@@ -10834,6 +11037,8 @@ snapshots:
      react: 18.3.1
      react-dom: 18.3.1(react@18.3.1)

+  from@0.1.7: {}
+
  fs-extra@10.1.0:
    dependencies:
      graceful-fs: 4.2.11
@@ -10891,6 +11096,8 @@ snapshots:
      dunder-proto: 1.0.1
      es-object-atoms: 1.1.1

+  get-stream@6.0.1: {}
+
  get-symbol-description@1.1.0:
    dependencies:
      call-bound: 1.0.4
@@ -11065,6 +11272,8 @@ snapshots:
    transitivePeerDependencies:
      - supports-color

+  human-signals@2.1.0: {}
+
  icss-utils@5.1.0(postcss@8.5.6):
    dependencies:
      postcss: 8.5.6
@@ -11239,6 +11448,8 @@ snapshots:
    dependencies:
      call-bound: 1.0.4

+  is-stream@2.0.1: {}
+
  is-string@1.1.1:
    dependencies:
      call-bound: 1.0.4
@@ -11300,6 +11511,14 @@ snapshots:

  jiti@1.21.7: {}

+  joi@17.13.3:
+    dependencies:
+      '@hapi/hoek': 9.3.0
+      '@hapi/topo': 5.1.0
+      '@sideway/address': 4.1.5
+      '@sideway/formula': 3.0.1
+      '@sideway/pinpoint': 2.0.0
+
  js-tokens@4.0.0: {}

  js-yaml@4.1.0:
@@ -11374,6 +11593,8 @@ snapshots:
      react: 18.3.1
      react-dom: 18.3.1(react@18.3.1)

+  lazy-ass@1.6.0: {}
+
  levn@0.4.1:
    dependencies:
      prelude-ls: 1.2.1
@@ -11449,6 +11670,8 @@ snapshots:
    dependencies:
      semver: 6.3.1

+  map-stream@0.1.0: {}
+
  math-intrinsics@1.1.0: {}

  md5.js@1.3.5:
@@ -11703,6 +11926,8 @@ snapshots:
    dependencies:
      mime-db: 1.52.0

+  mimic-fn@2.1.0: {}
+
  min-indent@1.0.1: {}

  minimalistic-assert@1.0.1: {}
@@ -11863,6 +12088,10 @@ snapshots:

  normalize-path@3.0.0: {}

+  npm-run-path@4.0.1:
+    dependencies:
+      path-key: 3.1.1
+
  nth-check@2.1.1:
    dependencies:
      boolbase: 1.0.0
@@ -11922,6 +12151,10 @@ snapshots:
    dependencies:
      wrappy: 1.0.2

+  onetime@5.1.2:
+    dependencies:
+      mimic-fn: 2.1.0
+
  open@8.4.2:
    dependencies:
      define-lazy-prop: 2.0.0
@@ -12042,6 +12275,10 @@ snapshots:

  pathval@2.0.0: {}

+  pause-stream@0.0.11:
+    dependencies:
+      through: 2.3.8
+
  pbkdf2@3.1.2:
    dependencies:
      create-hash: 1.2.0
@@ -12221,6 +12458,10 @@ snapshots:

  proxy-from-env@1.1.0: {}

+  ps-tree@1.2.0:
+    dependencies:
+      event-stream: 3.3.4
+
  psl@1.15.0:
    dependencies:
      punycode: 2.3.1
@@ -12775,6 +13016,8 @@ snapshots:
      side-channel-map: 1.0.1
      side-channel-weakmap: 1.0.2

+  signal-exit@3.0.7: {}
+
  signal-exit@4.1.0: {}

  simple-swizzle@0.2.2:
@@ -12795,6 +13038,10 @@ snapshots:

  space-separated-tokens@2.0.2: {}

+  split@0.3.3:
+    dependencies:
+      through: 2.3.8
+
  stable-hash@0.0.5: {}

  stackframe@1.3.4: {}
@@ -12803,6 +13050,19 @@ snapshots:
    dependencies:
      type-fest: 0.7.1

+  start-server-and-test@2.0.12:
+    dependencies:
+      arg: 5.0.2
+      bluebird: 3.7.2
+      check-more-types: 2.24.0
+      debug: 4.4.1
+      execa: 5.1.1
+      lazy-ass: 1.6.0
+      ps-tree: 1.2.0
+      wait-on: 8.0.3(debug@4.4.1)
+    transitivePeerDependencies:
+      - supports-color
+
  statuses@2.0.2: {}

  stop-iteration-iterator@1.1.0:
@@ -12836,6 +13096,10 @@ snapshots:
      inherits: 2.0.4
      readable-stream: 3.6.2

+  stream-combiner@0.0.4:
+    dependencies:
+      duplexer: 0.1.2
+
  stream-http@3.2.0:
    dependencies:
      builtin-status-codes: 3.0.0
@@ -12932,6 +13196,8 @@ snapshots:

  strip-bom@3.0.0: {}

+  strip-final-newline@2.0.0: {}
+
  strip-indent@3.0.0:
    dependencies:
      min-indent: 1.0.1
@@ -13069,6 +13335,8 @@ snapshots:

  third-party-capital@1.0.20: {}

+  through@2.3.8: {}
+
  timers-browserify@2.0.12:
    dependencies:
      setimmediate: 1.0.5
@@ -13367,6 +13635,16 @@ snapshots:

  vm-browserify@1.1.2: {}

+  wait-on@8.0.3(debug@4.4.1):
+    dependencies:
+      axios: 1.10.0(debug@4.4.1)
+      joi: 17.13.3
+      lodash: 4.17.21
+      minimist: 1.2.8
+      rxjs: 7.8.2
+    transitivePeerDependencies:
+      - debug
+
  warning@4.0.3:
    dependencies:
      loose-envify: 1.4.0
--- a/autogpt_platform/frontend/src/lib/supabase/helpers.ts
+++ b/autogpt_platform/frontend/src/lib/supabase/helpers.ts
@@ -1,4 +1,6 @@
-// Session management constants and utilities
+import { type CookieOptions } from "@supabase/ssr";
+
+const isTest = process.env.NEXT_PUBLIC_PW_TEST === "true";

 export const PROTECTED_PAGES = [
  "/monitor",
@@ -15,6 +17,19 @@ export const STORAGE_KEYS = {
  LOGOUT: "supabase-logout",
 } as const;

+export function getCookieSettings(): Partial<CookieOptions> {
+  if (isTest)
+    return {
+      secure: false,
+      sameSite: "lax",
+    };
+
+  return {
+    secure: true,
+    sameSite: "lax",
+  } as const;
+}
+
 // Page protection utilities
 export function isProtectedPage(pathname: string): boolean {
  return PROTECTED_PAGES.some((page) => pathname.startsWith(page));
--- a/autogpt_platform/frontend/src/lib/supabase/hooks/useSupabase.ts
+++ b/autogpt_platform/frontend/src/lib/supabase/hooks/useSupabase.ts
@@ -1,8 +1,8 @@
 "use client";
-import { useEffect, useMemo, useState, useRef } from "react";
 import { createBrowserClient } from "@supabase/ssr";
 import { User } from "@supabase/supabase-js";
 import { useRouter } from "next/navigation";
+import { useEffect, useMemo, useRef, useState } from "react";
 import {
  broadcastLogout,
  getRedirectPath,
@@ -34,9 +34,7 @@ export function useSupabase() {

    broadcastLogout();

-    const { error } = await supabase.auth.signOut({
-      scope: "global",
-    });
+    const { error } = await supabase.auth.signOut();
    if (error) console.error("Error logging out:", error);

    router.push("/login");
--- a/autogpt_platform/frontend/src/lib/supabase/middleware.ts
+++ b/autogpt_platform/frontend/src/lib/supabase/middleware.ts
@@ -1,6 +1,6 @@
 import { createServerClient } from "@supabase/ssr";
 import { NextResponse, type NextRequest } from "next/server";
-import { isAdminPage, isProtectedPage } from "./helpers";
+import { getCookieSettings, isAdminPage, isProtectedPage } from "./helpers";

 export async function updateSession(request: NextRequest) {
  let supabaseResponse = NextResponse.next({
@@ -32,9 +32,12 @@ export async function updateSession(request: NextRequest) {
            supabaseResponse = NextResponse.next({
              request,
            });
-            cookiesToSet.forEach(({ name, value, options }) =>
-              supabaseResponse.cookies.set(name, value, options),
-            );
+            cookiesToSet.forEach(({ name, value, options }) => {
+              supabaseResponse.cookies.set(name, value, {
+                ...options,
+                ...getCookieSettings(),
+              });
+            });
          },
        },
      },
--- a/autogpt_platform/frontend/src/lib/supabase/server/getServerSupabase.ts
+++ b/autogpt_platform/frontend/src/lib/supabase/server/getServerSupabase.ts
@@ -1,4 +1,5 @@
 import { createServerClient, type CookieOptions } from "@supabase/ssr";
+import { getCookieSettings } from "../helpers";

 type Cookies = { name: string; value: string; options?: CookieOptions }[];

@@ -19,9 +20,12 @@ export async function getServerSupabase() {
          },
          setAll(cookiesToSet: Cookies) {
            try {
-              cookiesToSet.forEach(({ name, value, options }) =>
-                cookieStore.set(name, value, options),
-              );
+              cookiesToSet.forEach(({ name, value, options }) => {
+                cookieStore.set(name, value, {
+                  ...options,
+                  ...getCookieSettings(),
+                });
+              });
            } catch {
              // The `setAll` method was called from a Server Component.
              // This can be ignored if you have middleware refreshing
Author	SHA1	Message	Date
Lluis Agusti	8958357343	chore: changes ...	2025-06-22 19:58:59 +04:00
Lluis Agusti	0b1b29a9bb	chore: changes...	2025-06-20 19:14:27 +04:00
Lluis Agusti	d5dfc40263	chore: wip	2025-06-20 19:11:09 +04:00
Lluis Agusti	d9f9f80346	chore: don't set cookie settings on tests...	2025-06-20 17:00:07 +04:00
Lluis Agusti	a47e1916fb	chore: bypass cookie settings on tests	2025-06-20 16:38:57 +04:00
Ubbe	49b22576b5	Merge branch 'dev' into fix/cookie-config	2025-06-19 19:28:07 +04:00
Nicholas Tindle	db3d62eaa0	fix(frontend): specify path for lax	2025-06-18 15:01:56 -05:00
Nicholas Tindle	46da6a1c5f	Merge branch 'dev' into fix/cookie-config	2025-06-18 11:42:39 -05:00
Nicholas Tindle	f1471377c3	Merge branch 'dev' into fix/cookie-config	2025-06-17 14:22:09 -05:00
Lluis Agusti	13e5f6bf8e	Merge 'dev' into 'fix/cookie-config'	2025-06-17 18:45:41 +04:00
Lluis Agusti	add32b8449	chore: working cookie settings	2025-06-17 18:43:41 +04:00
Nicholas Tindle	2f11dade70	Merge branch 'dev' into fix/cookie-config	2025-06-17 09:11:00 -05:00
Nicholas Tindle	8f1ebfc696	Merge branch 'dev' into fix/cookie-config	2025-06-16 10:37:11 -05:00
Nicholas Tindle	fc975e9e17	Merge branch 'fix/untrusted-origins' into fix/cookie-config	2025-06-13 15:15:45 -05:00
Nicholas Tindle	7985da3e8e	fix: correct header + don't trust anyone!	2025-06-13 14:15:44 -05:00
Nicholas Tindle	34184f7cc0	fix: don't let other poeple look at our cookies	2025-06-13 13:49:44 -05:00
Nicholas Tindle	ade66f3d27	fix: lockfile	2025-06-13 13:15:53 -05:00
Nicholas Tindle	9b221ff931	fix: remove logging of secret things	2025-06-13 13:06:35 -05:00
Nicholas Tindle	0955cfb869	fix: formatting + crypto comparisons	2025-06-13 11:49:32 -05:00
Nicholas Tindle	bf26b8f14a	Merge branch 'dev' into fix/untrusted-origins	2025-06-13 11:02:27 -05:00
Swifty	82f6687646	Merge branch 'dev' into fix/untrusted-origins	2025-06-11 11:07:56 +02:00
Nicholas Tindle	10efb1772e	fix(backend): don't trust external orgins	2025-06-06 15:10:25 -05:00
Nicholas Tindle	692c6defce	fix: prevent invalid json uploads	2025-06-05 16:24:22 -05:00
Nicholas Tindle	08c56a337b	fix: DoS attack prevention	2025-06-05 16:23:20 -05:00
Nicholas Tindle	41ebd5fe5d	fix: don't allow open redirects	2025-06-05 16:13:18 -05:00
Nicholas Tindle	e8657ed711	feat: use expected trusted sources for each	2025-06-05 16:00:01 -05:00