zensgit · zensgit · Sep 23, 2025 · Sep 19, 2025 · Sep 19, 2025 · Sep 19, 2025
diff --git a/.githooks/pre-commit b/.githooks/pre-commit
@@ -0,0 +1,7 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+echo "[pre-commit] Running API lint (SQLx check + Clippy)..."
+make api-lint
+echo "[pre-commit] OK"
+
diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
@@ -0,0 +1,135 @@
+# CODEOWNERS file for Jive Money project
+# This file defines code review assignments for different parts of the codebase
+# See: https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners
+
+# Global fallback - all files require review from project maintainer
+* @huazhou
+
+# Rust API backend code
+/jive-api/ @huazhou
+/jive-core/ @huazhou
+
+# Rust specific configurations
+*.toml @huazhou
+Cargo.lock @huazhou
+/deny.toml @huazhou
+
+# Flutter frontend code
+/jive-flutter/ @huazhou
+/jive-flutter/lib/ @huazhou
+/jive-flutter/pubspec.yaml @huazhou
+/jive-flutter/pubspec.lock @huazhou
+
+# Database and migration files
+/database/ @huazhou
+**/migrations/ @huazhou
+*.sql @huazhou
+
+# CI/CD and deployment configuration
+/.github/ @huazhou
+/.github/workflows/ @huazhou
+/.github/dependabot.yml @huazhou
+/docker-compose*.yml @huazhou
+/Dockerfile* @huazhou
+*.dockerfile @huazhou
+
+# Documentation files (require careful review)
+*.md @huazhou
+/docs/ @huazhou
+/README.md @huazhou
+/CLAUDE.md @huazhou
+
+# Security-sensitive files
+/jive-api/src/auth/ @huazhou
+/jive-api/src/middleware/ @huazhou
+/jive-api/src/security/ @huazhou
+**/auth_* @huazhou
+**/security_* @huazhou
+
+# Configuration files
+*.env* @huazhou
+*.config.* @huazhou
+/config/ @huazhou
+
+# Test files (require review to ensure proper coverage)
+**/tests/ @huazhou
+**/*_test.* @huazhou
+**/*_test_* @huazhou
+/jive-flutter/test/ @huazhou
+/jive-api/tests/ @huazhou
+
+# Build and deployment scripts
+*.sh @huazhou
+*.py @huazhou
+/scripts/ @huazhou
+/Makefile @huazhou
+**/Makefile @huazhou
+
+# Package management files
+/package*.json @huazhou
+/yarn.lock @huazhou
+/pnpm-lock.yaml @huazhou
+
+# Git configuration and workflow files
+/.gitignore @huazhou
+/.gitattributes @huazhou
+/.git* @huazhou
+
+# IDE and editor configurations
+/.vscode/ @huazhou
+/.idea/ @huazhou
+*.code-workspace @huazhou
+
+# Docker and containerization
+/*docker* @huazhou
+/docker/ @huazhou
+
+# API routes and handlers (critical for security)
+/jive-api/src/routes/ @huazhou
+/jive-api/src/handlers/ @huazhou
+/jive-api/src/controllers/ @huazhou
+
+# Database models and schema
+/jive-api/src/models/ @huazhou
+/jive-api/src/schema/ @huazhou
+/jive-flutter/lib/models/ @huazhou
+
+# Service layer (business logic)
+/jive-api/src/services/ @huazhou
+/jive-flutter/lib/services/ @huazhou
+
+# Provider layer (state management)
+/jive-flutter/lib/providers/ @huazhou
+
+# UI components and screens (require UX review)
+/jive-flutter/lib/screens/ @huazhou
+/jive-flutter/lib/widgets/ @huazhou
+/jive-flutter/lib/ui/ @huazhou
+
+# Theme and styling
+/jive-flutter/lib/theme/ @huazhou
+/jive-flutter/lib/core/theme/ @huazhou
+
+# Networking and API client code
+/jive-flutter/lib/core/network/ @huazhou
+/jive-api/src/client/ @huazhou
+
+# Storage and database adapters
+/jive-flutter/lib/core/storage/ @huazhou
+/jive-api/src/db/ @huazhou
+
+# External integrations and third-party code
+/jive-api/src/integrations/ @huazhou
+/jive-flutter/lib/integrations/ @huazhou
+
+# Utility and helper functions
+/jive-api/src/utils/ @huazhou
+/jive-flutter/lib/utils/ @huazhou
+
+# Localization and internationalization
+/jive-flutter/lib/l10n/ @huazhou
+/jive-flutter/assets/i18n/ @huazhou
+
+# Assets and static files
+/jive-flutter/assets/ @huazhou
+/jive-flutter/web/ @huazhou
diff --git a/.github/PR24_DESCRIPTION.md b/.github/PR24_DESCRIPTION.md
@@ -0,0 +1,45 @@
+# PR: API CSV gating + currency fixes + SQLx diff artifact
+
+## 1) Purpose
+- Fix API compile errors spotted in CI (Option handling in currency modules).
+- Gate CSV streaming export under `core_export` the same way as POST export, avoiding missing-local-helper errors when core path is active.
+- Improve CI debuggability by uploading SQLx offline cache diff on prepare --check failure.
+
+## 2) Approach
+- Handlers
+  - `jive-api/src/handlers/transactions.rs`: Stream CSV path now mirrors POST path.
+    - `core_export` ON → `jive-core` `ExportService::generate_csv_simple`.
+    - `core_export` OFF → local safe CSV writer (`csv_escape_cell`).
+- Currency modules
+  - `jive-api/src/services/currency_service.rs`: `base_currency` uses Option fallback; fixed `effective_date`/`created_at` mapping for history rows.
+  - `jive-api/src/handlers/currency_handler_enhanced.rs`: handle optional `created_at` before `.naive_utc()`.
+- CI
+  - `.github/workflows/ci.yml`: on SQLx prepare --check failure, regenerate cache to a temp location, produce diff patch and tarballs, upload artifact `api-sqlx-diff`, then fail the job (remains strict).
+- Docs/Tools
+  - `AGENTS.md`: added “CSV export feature gating” notes.
+  - `Makefile`: added `hooks` target to enable pre-commit (`make api-lint`).
+
+## 3) Affected layers
+- API only, plus CI workflow. No schema changes.
+
+## 4) Testing evidence
+- Local: `make api-lint` reaches SQLx check; build succeeds until cache check (expected to fail if `.sqlx` stale). Currency compile errors reproduced by CI are resolved locally.
+- Feature note: we intentionally keep CI without `core_export` to avoid pulling unfinished `jive-core/db` modules.
+
+## 5) Migration notes
+- None. No changes under `migrations/`.
+
+## 6) Rollback plan
+- Revert this PR. No data migrations to undo.
+
+## 7) Follow-ups
+- If CI uploads `api-sqlx-diff`, apply the patch to `.sqlx/` and re-run.
+- After 1–2 green runs, flip Rust API clippy to blocking (`-D warnings`).
+- Consider later decoupling CSV generation in `jive-core` from `db` feature so `core_export` can be enabled in CI without DB modules.
+
+---
+Checklist
+- [ ] CI run completed and artifacts reviewed
+- [ ] Apply `api-sqlx-diff` if present, re-run CI
+- [ ] Switch clippy to blocking after observation window
+- [ ] Enable pre-commit locally: `make hooks`
diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md
@@ -0,0 +1,23 @@
+## PR Checklist
+
+- [ ] SQLx offline cache up to date (`jive-api/.sqlx`)
+- [ ] `make api-lint` passes locally (SQLx check + Clippy -D warnings)
+- [ ] Tests relevant to this change pass locally
+- [ ] Secrets not committed; new env vars documented in `.env.example`
+
+## Purpose
+Describe the problem and the high-level approach.
+
+## Changes
+- Files/areas touched and why
+- Feature flags or conditional paths (if any)
+
+## Testing
+- Commands run and results
+- Screenshots/logs (if UI/API visible behavior)
+
+## Migration Notes (if any)
+- DB migrations, data backfills, roll-forward/rollback steps
+
+## Rollback Plan
+- How to revert safely if issues arise
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -0,0 +1,127 @@
+version: 2
+updates:
+  # Rust dependencies for jive-api
+  - package-ecosystem: "cargo"
+    directory: "/jive-api"
+    schedule:
+      interval: "weekly"
+      day: "monday"
+      time: "09:00"
+      timezone: "UTC"
+    open-pull-requests-limit: 5
+    reviewers:
+      - "huazhou"
+    assignees:
+      - "huazhou"
+    commit-message:
+      prefix: "cargo"
+      include: "scope"
+    labels:
+      - "dependencies"
+      - "rust"
+      - "jive-api"
+    ignore:
+      # Ignore major version updates for stable dependencies
+      - dependency-name: "tokio"
+        update-types: ["version-update:semver-major"]
+      - dependency-name: "sqlx"
+        update-types: ["version-update:semver-major"]
+      - dependency-name: "axum"
+        update-types: ["version-update:semver-major"]
+
+  # Rust dependencies for jive-core
+  - package-ecosystem: "cargo"
+    directory: "/jive-core"
+    schedule:
+      interval: "weekly"
+      day: "monday"
+      time: "09:30"
+      timezone: "UTC"
+    open-pull-requests-limit: 3
+    reviewers:
+      - "huazhou"
+    assignees:
+      - "huazhou"
+    commit-message:
+      prefix: "cargo(core)"
+      include: "scope"
+    labels:
+      - "dependencies"
+      - "rust"
+      - "jive-core"
+
+  # Flutter/Dart dependencies
+  - package-ecosystem: "pub"
+    directory: "/jive-flutter"
+    schedule:
+      interval: "weekly"
+      day: "tuesday"
+      time: "09:00"
+      timezone: "UTC"
+    open-pull-requests-limit: 5
+    reviewers:
+      - "huazhou"
+    assignees:
+      - "huazhou"
+    commit-message:
+      prefix: "flutter"
+      include: "scope"
+    labels:
+      - "dependencies"
+      - "flutter"
+      - "dart"
+    ignore:
+      # Ignore major Flutter SDK updates (handle manually)
+      - dependency-name: "flutter"
+        update-types: ["version-update:semver-major"]
+      # Ignore breaking changes in UI libraries
+      - dependency-name: "provider"
+        update-types: ["version-update:semver-major"]
+
+  # GitHub Actions dependencies
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "monthly"
+      day: "first-monday"
+      time: "10:00"
+      timezone: "UTC"
+    open-pull-requests-limit: 3
+    reviewers:
+      - "huazhou"
+    assignees:
+      - "huazhou"
+    commit-message:
+      prefix: "ci"
+      include: "scope"
+    labels:
+      - "dependencies"
+      - "github-actions"
+      - "ci"
+
+  # Docker dependencies
+  - package-ecosystem: "docker"
+    directory: "/jive-api"
+    schedule:
+      interval: "monthly"
+      day: "second-monday"
+      time: "10:00"
+      timezone: "UTC"
+    open-pull-requests-limit: 2
+    reviewers:
+      - "huazhou"
+    assignees:
+      - "huazhou"
+    commit-message:
+      prefix: "docker"
+      include: "scope"
+    labels:
+      - "dependencies"
+      - "docker"
+    ignore:
+      # Ignore PostgreSQL major version updates (handle manually)
+      - dependency-name: "postgres"
+        update-types: ["version-update:semver-major"]
+      # Ignore Redis major version updates (handle manually)
+      - dependency-name: "redis"
+        update-types: ["version-update:semver-major"]