Skip to content

fix(i18n): corrige mojibake UTF-8 (22 arquivos) + auditoria front-end via MCP#294

Merged
adm01-debug merged 1 commit into
mainfrom
claude/epic-faraday-GQILK
May 24, 2026
Merged

fix(i18n): corrige mojibake UTF-8 (22 arquivos) + auditoria front-end via MCP#294
adm01-debug merged 1 commit into
mainfrom
claude/epic-faraday-GQILK

Conversation

@adm01-debug
Copy link
Copy Markdown
Owner

@adm01-debug adm01-debug commented May 24, 2026
edited by cubic-dev-ai Bot
Loading

Contexto

Varredura exaustiva do sistema em produção (https://www.promogifts.com.br/) via navegador MCP (sessão autenticada como adm01@promobrindes.com.br, papel Supervisor), com captura de rede, snapshots ARIA/screenshots, análise de código e advisors de segurança do Supabase (doufsxqlfjyuvxuezpln).

Relatório completo: audit/AUDITORIA_FRONTEND_MCP_2026-05-24.md

O que este PR corrige (executável)

Mojibake UTF-8 (dupla codificação) em 22 arquivos / 500 ocorrências, visível em telas centrais:

  • Login: "...Brilhar, você nasce para isso!"
  • Kit Maker: "15× 10 × 8 cm", "Papelão Revestido"
  • Simulador de preços: "Quantidade mÃnima é...", "Ãrea de gravação"
  • Formulários admin (componentes de kit, fornecedores, importação)

Reversão seletiva (runs de bytes Latin-1 que formam UTF-8 válido → preserva caracteres legítimos). Diff balanceado (apenas conteúdo de strings/comentários, sem mudança estrutural). 0 mojibake restante. Verificado que a corrupção não atingia comparações de lógica (===/includes/case).

Achados documentados (requerem decisão — não alterados aqui)

Sev Achado
Alta 17 funções SECURITY DEFINER executáveis por anon/authenticated (ex.: get_quote_token_by_value, cleanup_expired_webhook_request_nonces por anon)
Média/Alta 373 tabelas expostas ao papel anon (inclui admin_audit_log, admin_settings, auth_login_attempts) — verificar RLS
Média RLS sempre-verdadeira em password_reset_requests (validar rate-limit)
Média Kit Maker servindo mock-data.ts em produção
Média Todos os produtos exibem aviso "Preço próximo do limite de validade" (threshold mal calibrado?)
Baixa Widget de calendário do Dashboard preso em skeleton

Cobertura / honestidade de escopo

  • Auditado (render + rede 2xx OK): /auth, /, /dashboard, /orcamentos, /orcamentos/novo, /clientes, /montar-kit, /ferramentas/bi, /busca-preco, /produtos.
  • Não auditado a fundo: /admin/* (bloqueado por modal obrigatório de MFA — não habilitamos MFA na conta) e interação botão-a-botão exaustiva nas ~70 rotas.

Test plan

  • CI verde (typecheck/lint/build) — mudança é apenas de conteúdo de string/comentário
  • Conferir login, simulador e Kit Maker renderizando acentuação correta
  • (Backend) revisar grants de funções SECURITY DEFINER e RLS conforme relatório

https://claude.ai/code/session_01HjiGVkF3Df9GiFjDbfxDYn

Generated by Claude Code

Summary by cubic

Corrige mojibake UTF-8 (dupla codificação) em textos do app para restaurar a acentuação correta no Login, Simulador de Preços, Kit Maker e telas admin. Adiciona relatório de auditoria front-end via MCP com recomendações de segurança para revisão (ver audit/AUDITORIA_FRONTEND_MCP_2026-05-24.md).

  • Bug Fixes
    • Corrigidas ~500 ocorrências em 22 arquivos; apenas conteúdo de strings/comentários, sem mudanças estruturais.
    • Correção seletiva preserva caracteres válidos; nenhuma lógica (comparações/condições) foi alterada.

Written for commit 8a7465d. Summary will update on new commits. Review in cubic

@claude
fix(i18n): corrige mojibake UTF-8 em 22 arquivos + auditoria front-en…
8a7465d 
…d via MCP

Varredura do sistema em produção (promogifts.com.br) via navegador MCP,
captura de rede e advisors do Supabase. Achado principal: dupla codificação
UTF-8 (Latin-1) corrompendo texto visível em login, simulador de preços,
Kit Maker e formulários admin (500 ocorrências). Reversão seletiva preserva
caracteres legítimos; sem mudança estrutural de código.

Relatório completo em audit/AUDITORIA_FRONTEND_MCP_2026-05-24.md (backend RLS,
funções SECURITY DEFINER expostas a anon, Kit Maker em mock, price-freshness).

https://claude.ai/code/session_01HjiGVkF3Df9GiFjDbfxDYn
@vercel
Copy link
Copy Markdown

vercel Bot commented May 24, 2026
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
we-dream-big Ready Ready Preview, Comment May 24, 2026 8:41pm

@supabase
Copy link
Copy Markdown

supabase Bot commented May 24, 2026

This pull request has been ignored for the connected project doufsxqlfjyuvxuezpln because there are no changes detected in supabase directory. You can change this behaviour in Project Integrations Settings ↗︎.

Preview Branches by Supabase.
Learn more about Supabase Branching ↗︎.

@coderabbitai
Copy link
Copy Markdown

coderabbitai Bot commented May 24, 2026
edited
Loading

Warning

Review limit reached

@adm01-debug, we couldn't start this review because you've used your available PR reviews for now.

Your plan includes 5 reviews of capacity. Refill in 58 minutes and 50 seconds.

Your organization has run out of usage credits. Purchase more in the billing tab.

⌛ How to resolve this issue?

After more review capacity refills, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than trial, open-source, and free plans. In all cases, review capacity refills continuously over time.

Please see our FAQ for further information.

ℹ️ Review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: dfee9917-1bca-4e80-8417-c37e9fcd0c86

📥 Commits

Reviewing files that changed from the base of the PR and between bfca536 and 8a7465d.

📒 Files selected for processing (23)
  • audit/AUDITORIA_FRONTEND_MCP_2026-05-24.md
  • src/components/admin/products/bulk-import/StepPreview.tsx
  • src/components/admin/products/kit-components/ComponentForm.tsx
  • src/components/admin/products/kit-components/PrintAreaForm.tsx
  • src/components/admin/products/kit-components/VolumeValidation.tsx
  • src/components/admin/products/kit-components/api.ts
  • src/components/admin/suppliers-manager/SupplierTable.tsx
  • src/components/pricing/QuantityPriceCalculator.tsx
  • src/components/pricing/calculator/TechniqueMultiSelector.tsx
  • src/components/pricing/simulator/CustomizationOptions.tsx
  • src/components/pricing/simulator/EngravingList.tsx
  • src/components/pricing/simulator/MultiEngravingResult.tsx
  • src/components/pricing/simulator/QuantityAndResult.tsx
  • src/components/pricing/simulator/TechniqueSelector.tsx
  • src/hooks/voice/processTranscript.ts
  • src/lib/kit-builder/mock-data.ts
  • src/lib/kit-builder/price-calculator.ts
  • src/lib/kit-builder/volume-calculator.ts
  • src/lib/personalization/calculators.ts
  • src/lib/personalization/selectors.ts
  • src/lib/personalization/transformers.ts
  • src/lib/personalization/validators.ts
  • src/pages/auth/Auth.tsx
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch claude/epic-faraday-GQILK

Comment @coderabbitai help to get the list of available commands and usage tips.

@adm01-debug adm01-debug marked this pull request as ready for review May 24, 2026 20:47
Copilot AI review requested due to automatic review settings May 24, 2026 20:47
@adm01-debug adm01-debug merged commit 7903d84 into main May 24, 2026
30 of 35 checks passed
@adm01-debug adm01-debug deleted the claude/epic-faraday-GQILK branch May 24, 2026 20:50
@adm01-debug adm01-debug mentioned this pull request May 24, 2026
Merged
3 tasks
@adm01-debug adm01-debug review requested due to automatic review settings May 24, 2026 21:10
@adm01-debug adm01-debug mentioned this pull request May 26, 2026
Merged
2 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@adm01-debug @claude