[comp] Production Deploy#2714
Merged
Merged
Conversation
…ground-checks # Conflicts: # apps/api/src/frameworks/frameworks-scores.helper.ts # apps/api/src/main.ts # apps/app/.env.example # packages/db/prisma/schema/organization-billing.prisma
…port The previous master-detail logic flipped at md (768px). At md-to-xl (768-1279px) — the iPad / narrow-laptop range — the split-view rendered both panes, but the global rail + section sub-nav already eat ~345px before SplitView even starts. That left the main pane at ~600px and squeezed the SevTally / detail header into letter-by-letter overflow (see customer screenshot). Bumping the cutoff to xl (1280px) means tablets and narrow laptops now use the master-detail flow (one pane + back-bar), and the split only kicks in once there's enough room for both panes to be useful. xl+ behavior is unchanged. Internal content layouts (4-stat band, KV strip, padding) stay at md breakpoints — those are about content within a single pane, not about whether the panes are split. They work correctly whether the pane is full-width (master-detail) or shares the row with the sidebar (split).
fix(pentest): tablet-friendly split-view (md → xl breakpoint)
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
…uploads, and UI P1: Upload file before marking custom background check as completed, scope refund to identity API failures only, reconcile state on duplicate webhook events, and verify checkout session status before processing. P2: Remove unnecessary buffer copy in raw body parsing, track SWR loading state for custom attachments, handle numeric-string epoch timestamps, include device task in totals while loading, add 30s timeout to Identity API calls, assert 402 status in payment test, accept $0 prices in billing, and validate whitespace-only employee names via DTO transform. P3: Deduplicate BackgroundCheckStatus type definition. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…ation, and logging P1: Restructure requestForMember to create DB record before charging Stripe, preventing orphaned payments on DB failure and eliminating the TOCTOU race condition on concurrent requests via unique constraint catch. P2: Add @maxlength to base64 fileData field (50MB limit), add @isurl validation to billing redirect DTOs, remove env var names from error messages, and add session metadata org check in handleSetupSuccess. P3: Enhance refund failure logging with structured context for manual intervention. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
… URL validation Raise base64 @maxlength to 134_217_728 (~100MB binary) to match the service's file-size policy. Set require_tld: false on @isurl so http://localhost redirect URLs used in local/dev flows are not rejected. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
[dev] [carhartlewis] lewis/comp-background-checks
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
Stop storing employeeName and employeeEmail in sessionStorage during the Stripe billing redirect flow. Only requesterNotes (non-PII) is persisted. After redirect, employeeName re-derives from the employee prop and the email field resets to its default. Resolves code-scanning alert #133 (clear text storage of sensitive information). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
fix(background-checks): remove employee PII from sessionStorage
![cubic-dev-ai[bot]](https://avatars.githubusercontent.com/in/1082092?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
No issues found across 91 files
Requires human review: This is a massive production release (91 files, 8k+ lines) involving critical payment flows (Stripe), background check logic, and database operations that require human review.
Note: This PR contains a large number of files. cubic only reviews up to 75 files per PR, so some files may not have been reviewed. cubic prioritises the most important files to review.
Contributor
|
🎉 This PR is included in version 3.39.0 🎉 The release is available on GitHub release Your semantic-release bot 📦🚀 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This is an automated pull request to release the candidate branch into production, which will trigger a deployment.
It was created by the [Production PR] action.
Summary by cubic
Launch end-to-end employee background checks: request and charge via Stripe, verify webhooks, snapshot reports, and manage custom uploads with a new People page UI. Switch pentest SplitView to a master-detail flow below
xland remove GTM/LinkedIn marketing pixels so the app tracks product analytics only.Bug Fixes
mdtoxland adjusted sidebar width/visibility.Refactors
@next/third-parties,LinkedInInsight, and related env vars; tracking is PostHog-only; cleaned Dockerfile/docs and simplified checkout tracking.Written for commit 26d75be. Summary will update on new commits. Review in cubic