fix: 20-step kill-switch corrections + observability improvements

[adm01-debug]

Fechado — cherry-pick seletivo aplicado diretamente em main

Este PR foi resolvido sem merge direto para evitar o conflito crítico em rest-native.ts (PR baseado em Phase 4, main já estava em Phase 5 com +19 tabelas — merge direto destruiria a Phase 5).

O que foi aplicado (commits em main):

79d77c6 — fix(eslint): remove unused imports + any type + validate-supabase-config

• Corrige os 13 erros ESLint não-baselineados que bloqueavam o CI gate

cc8c472 — feat(pr542-cherry): observability dashboard + kill-switch fixes + REST write tables

• 4 novas migrations (kill-switch bug fix + 3x RLS SELECT policies)
• useKillSwitchObservability: rollout_percentage
• ObservabilityDashboard: botão Atualizar + badge rollout% + updated_at por switch
• SidebarReorganized: link Observabilidade (devOnly)
• Routing completo: lazy-pages + admin-routes + restricted-routes
• rest-native.ts write whitelist +6 tabelas (Phase 5 preservado intacto)
• Tests: not.eq/not.in, sortBy fixes, CI if-guards

O que NÃO foi aplicado:

• .eslint-baseline.json do PR (redução de 107→80 requer 27 correções de código adicionais)
• Mudanças em rest-native.ts read whitelist (já presente em Phase 5, mais completo)

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
we-dream-big	Error		May 31, 2026 3:18pm

[coderabbitai]

Walkthrough

PR implementa observabilidade de kill switches com campo de rollout percentage, refatora badge visibility store com type safety rigorosa, expande REST-native com múltiplas whitelists de tabelas e parsing melhorado de filtros, adiciona fallbacks de env vars em workflows CI/CD e reduz violações do ESLint de 107 para 80.

Changes

Kill Switch Observability & Admin Infrastructure

Layer / File(s)	Summary
Hook & Page: kill switch data com rollout_percentage src/hooks/admin/useKillSwitchObservability.ts, src/pages/admin/ObservabilityDashboard.tsx	Interface SwitchState ganha campo `rollout_percentage: number
Admin routing: lazy-loading & dev-only registration src/routes/lazy-pages.ts, src/routes/admin-routes.tsx, src/lib/navigation/restricted-routes.ts, src/components/layout/SidebarReorganized.tsx	Lazy-pages exporta ObservabilityDashboardPage. Admin-routes registra rota /admin/observabilidade em DevRoute. Restricted-routes adiciona prefixo a DEV_ONLY_ROUTE_PREFIXES. Sidebar adiciona menu item "Observabilidade".
SQL migrations: kill switches & RLS policies supabase/migrations/20260531120000_*.sql, supabase/migrations/20260531130000_*.sql	Migração corretiva insere 6 kill switches com reason e legacy_message idempotentes. Segunda migração cria políticas RLS de SELECT para kit_component_media, kit_component_print_areas, product_tags.

Badge Visibility Store Refactoring

Layer / File(s)	Summary
Badge store: type safety, runtime validation & sync logic src/stores/useBadgeVisibilityStore.ts	Interface muda initializeFromProfile de any para unknown. Método valida que preferences é objeto (não-array) contendo badge_visibility. toggleBadges e setBadgesEnabled reorganizam lógica, sincronizam com Supabase preservando outros campos, estrutura de .update() explícita.
Badge store test: mock thenable type casting src/stores/__tests__/useBadgeVisibilityStore.test.ts	Mock de eq() trocado para thenable com tipo rigoroso no callback then.

REST-native Data Access Layer Expansion

Layer / File(s)	Summary
REST-native table whitelists & column remapping src/lib/external-db/rest-native.ts (select/write whitelists, aliases)	SELECT whitelist expande com kit_component_media, kit_component_print_areas, product_tags. WRITE whitelist expande para product media e kit-related tables. Aliases estende com codigo/nome/ativo/ordem_exibicao.
REST-native filter parsing: null handling & not. operators* src/lib/external-db/rest-native.ts (parsePostgrestString, applyFilters)	Parser suporta not.<op>.<val>, extrai innerOp/innerVal com warning se malformado. applyFilters trata null via query.is() e strings via parsePostgrestString.
REST-native query execution: short-circuit & logging src/lib/external-db/rest-native.ts (executeRestNativeSelect, try* methods)	Short-circuit para IN() vazio mantido com logging explícito. countOption derivado (none/exact/planned/estimated). Logs reformatados, telemetria preservada.
REST-native test suite: eligibility, operators & edge cases src/lib/external-db/rest-native.test.ts	makeQueryStub expande com loop de métodos, registro de __calls. Testes de elegibilidade, operadores (ilike, not.eq, not.in), arrays vazios e short-circuit.

CI/CD Resilience & Test Infrastructure

Layer / File(s)	Summary
E2E workflow configuration: fallbacks & conditional gates .github/workflows/ci.yml, .github/workflows/delivery-quality.yml	Workflows ganham blocos env com fallbacks para VITE_SUPABASE_URL e VITE_SUPABASE_PUBLISHABLE_KEY. Execução de E2E condicionada a E2E_USER_EMAIL != ''. Uploads de artifacts com if-no-files-found: ignore.
Supabase client config validation: multi-pattern support scripts/validate-supabase-config.mjs	Script expande para aceitar padrões antigos (canonical/includes) e novos (FORBIDDEN_REFS/envPointsToForbidden).
Test mocks: Supabase client constants export tests/components/render-helpers.tsx, tests/hooks/*.test.*	Múltiplos mocks exportam SUPABASE_URL e SUPABASE_PUBLISHABLE_KEY.

Product UI Components & Test Adjustments

Layer / File(s)	Summary
Product iteration indices & catalog sorting tests src/pages/tools/VisualSearchPage.tsx, src/tests/CatalogFilteringLogic.test.tsx, src/tests/CatalogToolbarRegression.test.tsx	VisualSearchPage passa idx em results.products.map. Testes de catálogo mudam sortBy de 'relevance' para 'name' em 5 casos. gridColumns ajustado para 4 as const.
Product component keys & media attribute fixes src/components/pdf/proposal/ProposalProductTable.tsx, src/components/products/gallery/PromoFlixPlayer.test.tsx, src/lib/external-db/batch-import.ts	ProposalProductTable usa key={globalIdx} direto. PromoFlixPlayer test espera crossorigin null. Batch import cast para Record<string, unknown>.

ESLint Baseline Update

Layer / File(s)	Summary
ESLint baseline: metadata & file exception entries .eslint-baseline.json	Metadata atualizado, totalErrors reduzido de 107 para 80. Entradas removidas e adicionadas, contagens ajustadas em múltiplas regras.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Possibly related PRs

• adm01-debug/promo-gifts-v4#534: Alterações em src/lib/external-db/batch-import.ts (cast de chunk para Record<string, unknown>) relacionadas ao batch import no write path REST-native.
• adm01-debug/promo-gifts-v4#535: Mudanças em src/lib/external-db/rest-native.ts (parsing de filtros, whitelists, short-circuit de arrays) alinhadas aos traps A1/A2 de tratamento de _search e arrays vazios.
• adm01-debug/promo-gifts-v4#502: Ambos PRs ajustam src/components/products/gallery/PromoFlixPlayer.test.tsx validando compatibilidade de crossorigin com Cloudflare Stream.

Suggested labels

codex

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 46.15% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	O título reflete com precisão a mudança principal: correções críticas no kill-switch (20 passos de correção mencionados no PR objetivo) e melhorias de observabilidade (dashboard, rollout_percentage, UI).
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch claude/friendly-pascal-CSPrD

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[supabase]

This pull request has been ignored for the connected project doufsxqlfjyuvxuezpln due to reaching the limit of concurrent preview branches.
Go to Project Integrations Settings ↗︎ if you wish to update this limit.

---

Preview Branches by Supabase.
Learn more about Supabase Branching ↗︎.

[Copilot]

Pull request overview

This PR fixes critical kill-switch seeding issues, makes the admin observability dashboard reachable (dev-only), and expands the REST-native external DB path to cover additional read/write tables—along with CI/E2E and test adjustments to keep gates passing.

Changes:

• Add corrective Supabase migrations for missing kill-switch rows and defensive SELECT RLS policies for newly REST-native-readable tables.
• Expose the ObservabilityDashboard under /admin/observabilidade (lazy route + dev-only nav/restrictions) and enhance its UI (rollout badge, relative updated time, manual refresh).
• Expand REST-native read/write allowlists and update tests/CI workflows to stabilize E2E/unit runs.

Reviewed changes

Copilot reviewed 26 out of 26 changed files in this pull request and generated 2 comments.

Show a summary per file

File	Description
tests/hooks/voice/processTranscript.test.ts	Extend Supabase client mock exports used by tests.
tests/hooks/useFavorites.test.ts	Extend Supabase client mock exports used by tests.
tests/hooks/useComparison.test.tsx	Extend Supabase client mock exports used by tests.
tests/hooks/hooks-audit-bugfix-08-14.test.ts	Fix expected table name for techniques query (tecnicas_gravacao).
tests/components/render-helpers.tsx	Extend Supabase client mock exports used by component tests.
supabase/migrations/20260531120000_corretiva_kill_switches_reason_col.sql	Correctly seed missing kill-switches using reason (idempotent insert).
supabase/migrations/20260531130000_rest_native_read_rls_kit_tags.sql	Add SELECT policies for newly whitelisted REST-native read tables.
src/tests/CatalogToolbarRegression.test.tsx	Align test expectations/types for catalog toolbar state.
src/tests/CatalogFilteringLogic.test.tsx	Update tests to use sortBy: 'name' instead of relevance.
src/stores/useBadgeVisibilityStore.ts	Tighten typing/casting for persisted badge visibility + backend sync.
src/stores/tests/useBadgeVisibilityStore.test.ts	Update mocks/types to match store changes.
src/routes/lazy-pages.ts	Add lazy import for Observability dashboard page.
src/routes/admin-routes.tsx	Register /admin/observabilidade route under DevRoute.
src/pages/tools/VisualSearchPage.tsx	Use index-based animation delay/priority styling while keeping stable keys.
src/pages/filters/useFiltersPageState.ts	Minor formatting change in filter application.
src/pages/admin/ObservabilityDashboard.tsx	Add manual refresh + per-switch relative timestamps + rollout badge when OFF < 100%.
src/lib/navigation/restricted-routes.ts	Mark /admin/observabilidade as dev-only route prefix.
src/lib/external-db/rest-native.ts	Expand REST-native allowlists; refactor filter parsing/formatting; enable additional write tables.
src/lib/external-db/batch-import.ts	Adjust payload typing cast for batch insert invocation.
src/hooks/products/useNovelties.ts	Formatting and small refactors in mock data/enrichment/stats computation.
src/hooks/admin/useKillSwitchObservability.ts	Add rollout_percentage to switch state selection/type.
src/components/products/ProductStatusBadge.tsx	Formatting and minor class ordering; no functional changes intended.
src/components/products/ProductListItem.tsx	Use index param for variant tab interactions; formatting.
src/components/products/ProductCategoryBadges.tsx	Reorder Tailwind classes for hover shimmer; no logic change.
src/components/products/ProductCardImage.tsx	Remove unused icon imports; formatting of badge usage.
src/components/products/NoveltyBadge.tsx	Remove unused imports and format component props.
src/components/products/gallery/PromoFlixPlayer.test.tsx	Update regression expectation: no crossOrigin attribute on Cloudflare Stream video.
src/components/products/EnhancedProductCard.tsx	Remove unused imports/types; formatting and small map reflow.
src/components/pdf/proposal/ProposalProductTable.tsx	Use globalIdx as table row key for stability.
src/components/novelties/NoveltyCards.tsx	Remove unused imports; pass through onStatusClick; formatting.
src/components/layout/SidebarReorganized.tsx	Add dev-only sidebar link to Observability dashboard.
src/components/layout/Header.tsx	Formatting and minor cleanup around badge toggle UI strings.
e2e/flows/22-header-sticky.spec.ts	Accept position: sticky or fixed for header in E2E assertion.
.github/workflows/delivery-quality.yml	Add env fallbacks + gate E2E on creds + ignore missing artifacts.
.github/workflows/ci.yml	Add env fallbacks + gate E2E on creds + ignore missing artifacts.

Comments suppressed due to low confidence (1)

src/stores/useBadgeVisibilityStore.ts:201

• initializeFromProfile() only checks that preferences is an object and that it has a badge_visibility key, but it doesn’t validate the shape/value of preferences.badge_visibility. If that field is null, an array, or a non-object JSON value, the store will set routeSettings to an invalid value and callers like isBadgeEnabled() can crash or behave incorrectly.

            syncError: null,
          });
        }
      },
    }),
    { 
      name: 'badge-visibility-v2', // Versão 2 para evitar conflitos com o formato anterior
      partialize: (state) => ({ 
        routeSettings: state.routeSettings,
        badgesEnabled: state.badgesEnabled 
      }),
    },

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 61e00c4ebb

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

Repair the failing migration before this correction runs

On a fresh database or CI db reset, migrations are applied in timestamp order, and 20260525200103_corrections_kill_switches.sql still runs INSERT INTO system_kill_switches (..., description) before this new migration exists. Postgres aborts on that nonexistent column, so execution never reaches this corrective insert; this only helps databases that somehow got past the earlier failure. The old migration needs to be fixed/superseded before it runs, or a compatibility column must exist before 20260525200103.

Useful? React with 👍 / 👎.

[chatgpt-codex-connector]

Route intercepted bridge writes through REST native

When admin callers still use the intercepted supabase.functions.invoke('external-db-bridge') path, writes never consult this new whitelist: checked src/lib/external-db/bridge-compat.ts, and it only routes select through invokeExternalDb while insert/update/delete still go back to the Edge Function. With edge_external_db_bridge OFF, existing media/tag editors such as ProductTagsSection and the image/video/kit editors therefore still fail instead of using REST native, so adding these tables here does not unblock the advertised save flows unless the compat write branch is migrated too.

Useful? React with 👍 / 👎.

[chatgpt-codex-connector]

Whitelist tag definitions with product tag links

Adding only product_tags does not make the tag editor usable when the bridge is OFF: ProductTagsSection.fetchTags still reads the tag catalog from table: 'tags', and the bridge interceptor routes that select through invokeExternalDb, which returns an empty result when the table is not REST-native eligible. In that context the UI shows “Nenhuma tag disponível” even though the product/tag link table is now whitelisted, so the tags table (and its SELECT policy) needs to be added too.

Useful? React with 👍 / 👎.

[chatgpt-codex-connector]

Validate badge_visibility before replacing the store

If a saved profile contains the key with a null or otherwise non-object value (for example { "badge_visibility": null }, which the previous truthiness check ignored), this branch now writes that value into routeSettings. The next isBadgeEnabled/Header selector then indexes routeSettings[path] and can throw, breaking the shell for that user; keep the old skip behavior unless badge_visibility is a plain object with route settings.

Useful? React with 👍 / 👎.

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 4c5be50758

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

Add the tags SELECT policy alongside the whitelist

Fresh evidence in this revision is that tags is now added to REST_NATIVE_SAFE_TABLES, but this migration only grants REST-native read policies for kit_component_media, kit_component_print_areas, and product_tags. When edge_external_db_bridge is OFF and RLS is applied to tags, callers such as ProductTagsSection.fetchTags and the expert filter options now hit PostgREST with anon/authenticated credentials and still receive an empty/error result instead of the tag catalog, so add a matching tags SELECT policy here.

Useful? React with 👍 / 👎.

[coderabbitai]

Actionable comments posted: 4

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

.github/workflows/ci.yml (1)

609-618: ⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Adicione permissions explícito (least-privilege) neste job.

O job elite-ui-validation (e também critical-e2e) não declara bloco permissions, herdando o default do runner — sinalizado pelo zizmor. Esses jobs só fazem checkout, build e upload de artefato; contents: read basta.

🔒 Fix sugerido

   elite-ui-validation:
     name: Elite UX Validation (E2E)
     runs-on: ubuntu-latest
     needs: [build-gate, detect-changes]
     if: github.event_name != 'pull_request' || needs.detect-changes.outputs.elite_changed == 'true'
+    permissions:
+      contents: read
     env:

Aplique o mesmo em critical-e2e.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.github/workflows/ci.yml around lines 609 - 618, O job "elite-ui-validation"
está herdando permissões padrão do runner; adicione um bloco permissions com
princípio de least-privilege (por exemplo permissions: contents: read) dentro da
definição do job para limitar acessos; faça a mesma alteração no job
"critical-e2e" para garantir ambos só têm acesso de leitura ao conteúdo do
repositório durante checkout/build/upload de artefatos.

🧹 Nitpick comments (1)

src/lib/external-db/batch-import.ts (1)

155-155: ⚡ Quick win

Cast duplo esconde incompatibilidade de tipos.

O cast chunk as unknown as Record<string, unknown> força um array (ImportRow[]) a ser tratado como um objeto genérico. Isso sugere que a assinatura de invokeExternalDb pode estar incorreta para operações batch, que deveriam aceitar arrays.

A solução correta seria ajustar o tipo de invokeExternalDb para aceitar Record<string, unknown> | Array<Record<string, unknown>> no campo data, permitindo arrays para operações batch sem necessidade de casts que suprimem validação de tipos.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@src/lib/external-db/batch-import.ts` at line 155, O cast "chunk as unknown as
Record<string, unknown>" oculta uma incompatibilidade: estamos passando um array
(chunk: ImportRow[]) para o campo data que a função invokeExternalDb não aceita;
em vez de suprimir o erro, altere a assinatura/type do parâmetro data em
invokeExternalDb para aceitar Record<string, unknown> | Array<Record<string,
unknown>> (ou Array<ImportRow> se quiser ser mais específico), atualize as
sobrecargas/tipos relacionados e então envie chunk diretamente (sem cast) ao
chamar invokeExternalDb; verifique também usos adicionais de invokeExternalDb
para conservar compatibilidade.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In @.github/workflows/ci.yml:
- Around line 577-581: The CI currently falls back to a hardcoded
VITE_SUPABASE_URL in the env block which, combined with only gating on
E2E_USER_EMAIL/E2E_USER_PASSWORD, can cause E2E jobs to run against production
because src/integrations/supabase/client.ts will use the canonical URL when
VITE_SUPABASE_URL is missing; remove the hardcoded fallback for
VITE_SUPABASE_URL in the env section so the secret must be provided (or change
the fallback to a dedicated test project), and update the job gating/condition
(the CI job that checks E2E_USER_EMAIL/E2E_USER_PASSWORD) to also require
VITE_SUPABASE_URL is defined/non-empty so the workflow fails early instead of
defaulting to production.

In `@src/components/pdf/proposal/ProposalProductTable.tsx`:
- Around line 191-192: The table row key change removed the stable identifier
and now uses only the positional index (globalIdx), which can break React
reconciliation; restore the previous fallback so each <tr> in
ProposalProductTable uses item.id when present and falls back to globalIdx
(e.g., key={item.id || globalIdx}) so React can track items across
reorders/updates and avoid DOM reuse bugs.

In `@src/lib/external-db/rest-native.ts`:
- Around line 361-370: The parsing for the "not.*" branch (case 'not') currently
trusts innerOp (from rest.slice(0, dotIdx)) and passes it to query.not which can
cause runtime errors for unsupported operators; update this branch to validate
innerOp against the supported operator whitelist (e.g., allowed ops used
elsewhere in this module) before calling query.not(col, innerOp, innerVal), and
if innerOp is not in the whitelist log a warning with logger.warn(`[rest-native]
Malformed not.* filter for '${col}': '${raw}'`) and return a safe fallback (for
example query.eq(col, raw) or the existing fallback used for malformed filters)
instead of calling query.not with an invalid operator.

In `@src/stores/useBadgeVisibilityStore.ts`:
- Around line 189-204: The initializeFromProfile implementation blindly casts
preferences.badge_visibility to Record<string, ThemeSettings>, which can hide
malformed entries and cause isBadgeEnabled to crash when .light/.dark are
missing or not boolean; update initializeFromProfile to iterate over
(preferences as Record<string, unknown>).badge_visibility entries, validate each
value is a non-array object with boolean properties "light" and "dark" (or
coerce to safe booleans/defaults), build a new safe routeSettings object only
from valid entries, set syncError when any invalid entry is encountered, and
call set({ routeSettings: safeRouteSettings, syncError: null|Error }) instead of
the direct cast so ThemeSettings and isBadgeEnabled are never given malformed
data.

---

Outside diff comments:
In @.github/workflows/ci.yml:
- Around line 609-618: O job "elite-ui-validation" está herdando permissões
padrão do runner; adicione um bloco permissions com princípio de least-privilege
(por exemplo permissions: contents: read) dentro da definição do job para
limitar acessos; faça a mesma alteração no job "critical-e2e" para garantir
ambos só têm acesso de leitura ao conteúdo do repositório durante
checkout/build/upload de artefatos.

---

Nitpick comments:
In `@src/lib/external-db/batch-import.ts`:
- Line 155: O cast "chunk as unknown as Record<string, unknown>" oculta uma
incompatibilidade: estamos passando um array (chunk: ImportRow[]) para o campo
data que a função invokeExternalDb não aceita; em vez de suprimir o erro, altere
a assinatura/type do parâmetro data em invokeExternalDb para aceitar
Record<string, unknown> | Array<Record<string, unknown>> (ou Array<ImportRow> se
quiser ser mais específico), atualize as sobrecargas/tipos relacionados e então
envie chunk diretamente (sem cast) ao chamar invokeExternalDb; verifique também
usos adicionais de invokeExternalDb para conservar compatibilidade.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 4a235e52-b9c0-4fa0-89c9-c7ba3213eeff

📥 Commits

Reviewing files that changed from the base of the PR and between c336f1b and 4c5be50.

📒 Files selected for processing (28)

• .eslint-baseline.json
• .github/workflows/ci.yml
• .github/workflows/delivery-quality.yml
• scripts/validate-supabase-config.mjs
• src/components/layout/SidebarReorganized.tsx
• src/components/pdf/proposal/ProposalProductTable.tsx
• src/components/products/gallery/PromoFlixPlayer.test.tsx
• src/hooks/admin/useKillSwitchObservability.ts
• src/lib/external-db/batch-import.ts
• src/lib/external-db/rest-native.test.ts
• src/lib/external-db/rest-native.ts
• src/lib/navigation/restricted-routes.ts
• src/pages/admin/ObservabilityDashboard.tsx
• src/pages/tools/VisualSearchPage.tsx
• src/routes/admin-routes.tsx
• src/routes/lazy-pages.ts
• src/stores/__tests__/useBadgeVisibilityStore.test.ts
• src/stores/useBadgeVisibilityStore.ts
• src/tests/CatalogFilteringLogic.test.tsx
• src/tests/CatalogToolbarRegression.test.tsx
• supabase/migrations/20260525200103_corrections_kill_switches.sql
• supabase/migrations/20260531120000_corretiva_kill_switches_reason_col.sql
• supabase/migrations/20260531130000_rest_native_read_rls_kit_tags.sql
• tests/components/render-helpers.tsx
• tests/hooks/hooks-audit-bugfix-08-14.test.ts
• tests/hooks/useComparison.test.tsx
• tests/hooks/useFavorites.test.ts
• tests/hooks/voice/processTranscript.test.ts

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 425635d816

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

Restore REST-native coverage for live read tables

With edge_external_db_bridge seeded OFF, invokeExternalDb returns an empty result for any SELECT that is not in REST_NATIVE_SAFE_TABLES; this shrink of the whitelist removes tables that are still actively queried, e.g. stock_daily_summary in src/hooks/intelligence/useSparklineSales.tsx, product_relationships/product_group_members in src/hooks/products/useSimilarProducts.ts, and ramo_atividade_filho in src/services/ramoAtividadeService.ts. In those contexts the stock charts, similar-products fallback, and product ramo/segment admin data silently disappear rather than using REST native, so keep the previously covered live tables or migrate those callers before dropping them.

Useful? React with 👍 / 👎.