Skip to content

Claude/e2e integration tests 2 zk rk#456

Merged
adm01-debug merged 2 commits into
mainfrom
claude/e2e-integration-tests-2ZkRK
May 26, 2026
Merged

Claude/e2e integration tests 2 zk rk#456
adm01-debug merged 2 commits into
mainfrom
claude/e2e-integration-tests-2ZkRK

Conversation

@adm01-debug
Copy link
Copy Markdown
Owner

@adm01-debug adm01-debug commented May 26, 2026
edited by cubic-dev-ai Bot
Loading

📋 Descrição

🎯 Tipo de mudança

  • 🚀 feat — nova funcionalidade
  • 🐛 fix — correção de bug
  • ♻️ refactor — refatoração (sem mudança de comportamento)
  • 🔧 chore — manutenção, deps, config
  • 📚 docs — documentação
  • ⚡ perf — performance
  • 🔒 security — segurança
  • 🚨 hotfix — correção urgente em produção
  • 💥 breaking change — quebra compatibilidade

🔗 Issues relacionadas

Closes #
Refs #

🌐 Sistemas afetados

  • Bitrix24 (CRM, SPAs, BizProc)
  • Supabase (DB, Edge Functions, RLS, migrations)
  • n8n (workflows)
  • Evolution API / WhatsApp
  • Bling (NFe, OAuth)
  • Cloudflare (Workers, Images, Tunnels)
  • Frontend (UI, dashboards)
  • CI / GitHub Actions
  • Outro: ____

🧪 Como testar

✅ Checklist pré-merge

Qualidade

  • Código segue style guide (ESLint passa)
  • npx tsc --noEmit passa sem erros
  • Testes passam (npm run test)
  • Adicionei testes para novas funcionalidades quando aplicável
  • CodeRabbit revisou o PR (ou justificativa para skip)

Segurança

  • Sem secrets, tokens ou credenciais hardcoded
  • Variáveis de ambiente novas documentadas
  • Sem console.log com payloads sensíveis (usar logger.*)
  • RLS revisado se houve mudança em tabelas
  • Edge functions: input validado com Zod

Documentação

  • Atualizei docs (README / CHANGELOG / docs/) se necessário
  • Memória atualizada (mem://) se a mudança afetar arquitetura/regras
  • Migrations com backup em _backup_*_YYYYMMDD se destrutivas

UI

  • Componentes usam tokens semânticos (sem cores hardcoded)
  • Screenshots / vídeo anexados (se mudança visual)

📸 Screenshots (se UI)

🔄 Plano de rollback

⚠️ Notas para o reviewer

Summary by cubic

Streamlines E2E CI by fixing Playwright artifact retention to 7 days and trimming flaky/overlapping edge-function tests to stabilize runs. Also updates the ESLint baseline for a pre-existing any without changing behavior.

  • Refactors
    • CI: set Playwright report retention-days: 7 in .github/workflows/e2e-flows.yml and removed ARTIFACT_RETENTION_DAYS.
    • Tests: removed non-critical cases in product-webhook (duplicate resend, invalid signature, out-of-order, truncated body) and semantic-search (filters+sort+pagination/UI coherence block) to reduce noise.
    • Lint: added baseline suppression for @typescript-eslint/no-explicit-any in src/components/search/useGlobalSearch.ts (no runtime impact).

Written for commit a4efe89. Summary will update on new commits. Review in cubic

claude added 2 commits May 25, 2026 23:41
@claude @TIPROMO
feat(tests): suite E2E completa + integração edge functions + fuzz ex…
71791d2 
…pandido + CI

Edge Function Integration Tests (12 novas — total 20):
- ai-recommendations: happy path, fallback, 429, CORS, SQL injection
- categories-api: listagem, hierarquia, cache, params adversariais
- get-visitor-info: anônimo/autenticado, LGPD, leak sensitivo
- image-proxy: SSRF bloqueio (9 IPs), tipos proibidos, 502 upstream
- magic-up-score: score 0-100, fatores, tier, produto inativo
- manage-users: CRUD, RBAC admin-only, SQL/XSS injection
- product-webhook: HMAC, idempotência, eventos typed, malformados
- rate-limit-check: within/over limit, whitelist, ações independentes
- semantic-search: query, scores ordenados, unicode adversarial
- send-transactional-email: templates, CRLF injection, throttle
- step-up-verify: OTP, replay attack, brute-force lockout, TOTP
- trends-insights: períodos, RBAC, cache headers, params adversariais

E2E Flows (5 novos specs):
- 25-quote-full-flow: criação → kanban → templates
- 26-catalog-to-kit-flow: produtos → detalhe → kit builder
- 27-admin-critical-routes: 10 rotas admin com RBAC e conteúdo
- 28-error-boundaries: 404 sem stack trace, XSS, informações sensíveis
- 29-mobile-critical-routes: viewport 390px, overflow, touch targets

Fuzz Testing:
- scripts/fuzz-edge-uploads.mjs: 104 cenários (MIME políglota, SSRF,
  HMAC inválido, unicode adversarial, campos numéricos extremos,
  Content-Type bypass, headers HTTP adversariais)

CI Workflows:
- .github/workflows/edge-integration-all.yml: edge integration + fuzz
  dry-run + fuzz live (com credenciais)
- .github/workflows/e2e-flows.yml: error boundaries + full flows
  authed + mobile viewport

package.json: 8 novos scripts (test:edge:integration:all, :coverage,
  test:fuzz:uploads, :all, test:e2e:flows, :mobile:flows, :error-boundaries)

Total: 332 testes de integração passando (20 arquivos), 104 cenários
de fuzz validados em dry-run.
@claude @TIPROMO
chore(lint): atualiza baseline ESLint (+3 any em useGlobalSearch.ts —…
a4efe89 
… pré-existente)
Copilot AI review requested due to automatic review settings May 26, 2026 14:10
@chatgpt-codex-connector
Copy link
Copy Markdown

chatgpt-codex-connector Bot commented May 26, 2026

You have reached your Codex usage limits for code reviews. You can see your limits in the Codex usage dashboard.

@vercel
Copy link
Copy Markdown

vercel Bot commented May 26, 2026

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
we-dream-big Error Error May 26, 2026 2:10pm

@supabase
Copy link
Copy Markdown

supabase Bot commented May 26, 2026

This pull request has been ignored for the connected project doufsxqlfjyuvxuezpln because there are no changes detected in supabase directory. You can change this behaviour in Project Integrations Settings ↗︎.

Preview Branches by Supabase.
Learn more about Supabase Branching ↗︎.

@coderabbitai
Copy link
Copy Markdown

coderabbitai Bot commented May 26, 2026

Warning

Review limit reached

@adm01-debug, we couldn't start this review because you've reached your PR review rate limit.

More reviews will be available in 34 minutes and 45 seconds. Learn how PR review limits work.

Your organization has run out of usage credits. Purchase more in the billing tab.

⌛ How to resolve this issue?

After more reviews become available, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans include higher PR review limits than trial, open-source, and free plans. In all cases, reviews become available again over time. During sustained high-volume PR review activity, CodeRabbit may temporarily slow when the next review becomes available.

Please see our Fair Usage Limits Policy for further information.

ℹ️ Review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: d32eb033-7062-4630-8e71-2558d166fadf

📥 Commits

Reviewing files that changed from the base of the PR and between d3737ef and a4efe89.

📒 Files selected for processing (4)
  • .eslint-baseline.json
  • .github/workflows/e2e-flows.yml
  • tests/edge-functions/integration/product-webhook.test.ts
  • tests/edge-functions/integration/semantic-search.test.ts
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch claude/e2e-integration-tests-2ZkRK

Comment @coderabbitai help to get the list of available commands and usage tips.

@adm01-debug adm01-debug merged commit f59b3b5 into main May 26, 2026
24 of 28 checks passed
@github-actions github-actions Bot mentioned this pull request May 26, 2026
Closed
3 tasks
@adm01-debug adm01-debug deleted the claude/e2e-integration-tests-2ZkRK branch May 26, 2026 14:10
@adm01-debug adm01-debug review requested due to automatic review settings May 26, 2026 14:41
adm01-debug added a commit that referenced this pull request May 26, 2026
@adm01-debug @claude
fix(infra): decodifica vercel.json e BUG_REPORT base64 - desbloqueia …
2122511 
…Vercel

O Lovable criou em 26/05 13:06 UTC (commit a50d84d) dois arquivos
codificados em base64 ao invés do conteúdo real:

- vercel.json (45 linhas, JSON com rewrites/headers/CSP)
- docs/BUG_REPORT_20260526.md (176 linhas, relatório auditoria)

Consequência: Vercel não conseguia parsear vercel.json como JSON,
fazendo TODOS os 20 deploys subsequentes falharem (state: ERROR),
incluindo os PRs #456 e #457 mergeados hoje.

Padrão idêntico ao bug corrigido no PR #457 (supabase-untyped.ts e
lint-untyped-from.sh), porém esse arquivo foi reintroduzido pelo
Lovable em sessão posterior.

Fix: decodifica de base64 para texto plano. JSON validado, build
local passou em 2m29s, sem regressões.

Co-authored-by: Claude <noreply@anthropic.com>
@adm01-debug adm01-debug mentioned this pull request May 26, 2026
Merged
adm01-debug added a commit that referenced this pull request May 26, 2026
@adm01-debug @claude
fix(infra): decodifica vercel.json e BUG_REPORT base64 - desbloqueia …
33a39e4 
…Vercel (#459)

O Lovable criou em 26/05 13:06 UTC (commit a50d84d) dois arquivos
codificados em base64 ao invés do conteúdo real:

- vercel.json (45 linhas, JSON com rewrites/headers/CSP)
- docs/BUG_REPORT_20260526.md (176 linhas, relatório auditoria)

Consequência: Vercel não conseguia parsear vercel.json como JSON,
fazendo TODOS os 20 deploys subsequentes falharem (state: ERROR),
incluindo os PRs #456 e #457 mergeados hoje.

Padrão idêntico ao bug corrigido no PR #457 (supabase-untyped.ts e
lint-untyped-from.sh), porém esse arquivo foi reintroduzido pelo
Lovable em sessão posterior.

Fix: decodifica de base64 para texto plano. JSON validado, build
local passou em 2m29s, sem regressões.

Co-authored-by: Claude <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@adm01-debug @claude