From 6e3a024f66ecec667681211e611f45319bdc9ffa Mon Sep 17 00:00:00 2001 From: Bryce Date: Mon, 30 Mar 2026 22:36:12 -0700 Subject: [PATCH] adds stuff for dough burger --- .beads/.gitignore | 46 ------------------ .beads/README.md | 81 -------------------------------- .beads/config.yaml | 67 -------------------------- .beads/interactions.jsonl | 0 .beads/issues.jsonl | 73 ---------------------------- .beads/metadata.json | 4 -- src/clj/auto_ap/square/core3.clj | 45 +++++++++++++++--- 7 files changed, 38 insertions(+), 278 deletions(-) delete mode 100644 .beads/.gitignore delete mode 100644 .beads/README.md delete mode 100644 .beads/config.yaml delete mode 100644 .beads/interactions.jsonl delete mode 100644 .beads/issues.jsonl delete mode 100644 .beads/metadata.json diff --git a/.beads/.gitignore b/.beads/.gitignore deleted file mode 100644 index 0acd8c61..00000000 --- a/.beads/.gitignore +++ /dev/null @@ -1,46 +0,0 @@ -# SQLite databases -*.db -*.db?* -*.db-journal -*.db-wal -*.db-shm - -# Daemon runtime files -daemon.lock -daemon.log -daemon.pid -bd.sock -sync-state.json -last-touched - -# Local version tracking (prevents upgrade notification spam after git ops) -.local_version - -# Legacy database files -db.sqlite -bd.db - -# Worktree redirect file (contains relative path to main repo's .beads/) -# Must not be committed as paths would be wrong in other clones -redirect - -# Merge artifacts (temporary files from 3-way merge) -beads.base.jsonl -beads.base.meta.json -beads.left.jsonl -beads.left.meta.json -beads.right.jsonl -beads.right.meta.json - -# Sync state (local-only, per-machine) -# These files are machine-specific and should not be shared across clones -.sync.lock -.jsonl.lock -sync_base.jsonl -export-state/ - -# NOTE: Do NOT add negation patterns (e.g., !issues.jsonl) here. -# They would override fork protection in .git/info/exclude, allowing -# contributors to accidentally commit upstream issue databases. -# The JSONL files (issues.jsonl, interactions.jsonl) and config files -# are tracked by git by default since no pattern above ignores them. diff --git a/.beads/README.md b/.beads/README.md deleted file mode 100644 index 50f281f0..00000000 --- a/.beads/README.md +++ /dev/null @@ -1,81 +0,0 @@ -# Beads - AI-Native Issue Tracking - -Welcome to Beads! This repository uses **Beads** for issue tracking - a modern, AI-native tool designed to live directly in your codebase alongside your code. - -## What is Beads? - -Beads is issue tracking that lives in your repo, making it perfect for AI coding agents and developers who want their issues close to their code. No web UI required - everything works through the CLI and integrates seamlessly with git. - -**Learn more:** [github.com/steveyegge/beads](https://github.com/steveyegge/beads) - -## Quick Start - -### Essential Commands - -```bash -# Create new issues -bd create "Add user authentication" - -# View all issues -bd list - -# View issue details -bd show - -# Update issue status -bd update --status in_progress -bd update --status done - -# Sync with git remote -bd sync -``` - -### Working with Issues - -Issues in Beads are: -- **Git-native**: Stored in `.beads/issues.jsonl` and synced like code -- **AI-friendly**: CLI-first design works perfectly with AI coding agents -- **Branch-aware**: Issues can follow your branch workflow -- **Always in sync**: Auto-syncs with your commits - -## Why Beads? - -✨ **AI-Native Design** -- Built specifically for AI-assisted development workflows -- CLI-first interface works seamlessly with AI coding agents -- No context switching to web UIs - -🚀 **Developer Focused** -- Issues live in your repo, right next to your code -- Works offline, syncs when you push -- Fast, lightweight, and stays out of your way - -🔧 **Git Integration** -- Automatic sync with git commits -- Branch-aware issue tracking -- Intelligent JSONL merge resolution - -## Get Started with Beads - -Try Beads in your own projects: - -```bash -# Install Beads -curl -sSL https://raw.githubusercontent.com/steveyegge/beads/main/scripts/install.sh | bash - -# Initialize in your repo -bd init - -# Create your first issue -bd create "Try out Beads" -``` - -## Learn More - -- **Documentation**: [github.com/steveyegge/beads/docs](https://github.com/steveyegge/beads/tree/main/docs) -- **Quick Start Guide**: Run `bd quickstart` -- **Examples**: [github.com/steveyegge/beads/examples](https://github.com/steveyegge/beads/tree/main/examples) - ---- - -*Beads: Issue tracking that moves at the speed of thought* ⚡ diff --git a/.beads/config.yaml b/.beads/config.yaml deleted file mode 100644 index ff8bc921..00000000 --- a/.beads/config.yaml +++ /dev/null @@ -1,67 +0,0 @@ -# Beads Configuration File -# This file configures default behavior for all bd commands in this repository -# All settings can also be set via environment variables (BD_* prefix) -# or overridden with command-line flags - -# Issue prefix for this repository (used by bd init) -# If not set, bd init will auto-detect from directory name -# Example: issue-prefix: "myproject" creates issues like "myproject-1", "myproject-2", etc. -# issue-prefix: "" - -# Use no-db mode: load from JSONL, no SQLite, write back after each command -# When true, bd will use .beads/issues.jsonl as the source of truth -# instead of SQLite database -# no-db: false - -# Disable daemon for RPC communication (forces direct database access) -# no-daemon: false - -# Disable auto-flush of database to JSONL after mutations -# no-auto-flush: false - -# Disable auto-import from JSONL when it's newer than database -# no-auto-import: false - -# Enable JSON output by default -# json: false - -# Default actor for audit trails (overridden by BD_ACTOR or --actor) -# actor: "" - -# Path to database (overridden by BEADS_DB or --db) -# db: "" - -# Auto-start daemon if not running (can also use BEADS_AUTO_START_DAEMON) -# auto-start-daemon: true - -# Debounce interval for auto-flush (can also use BEADS_FLUSH_DEBOUNCE) -# flush-debounce: "5s" - -# Export events (audit trail) to .beads/events.jsonl on each flush/sync -# When enabled, new events are appended incrementally using a high-water mark. -# Use 'bd export --events' to trigger manually regardless of this setting. -# events-export: false - -# Git branch for beads commits (bd sync will commit to this branch) -# IMPORTANT: Set this for team projects so all clones use the same sync branch. -# This setting persists across clones (unlike database config which is gitignored). -# Can also use BEADS_SYNC_BRANCH env var for local override. -# If not set, bd sync will require you to run 'bd config set sync.branch '. -# sync-branch: "beads-sync" - -# Multi-repo configuration (experimental - bd-307) -# Allows hydrating from multiple repositories and routing writes to the correct JSONL -# repos: -# primary: "." # Primary repo (where this database lives) -# additional: # Additional repos to hydrate from (read-only) -# - ~/beads-planning # Personal planning repo -# - ~/work-planning # Work planning repo - -# Integration settings (access with 'bd config get/set') -# These are stored in the database, not in this file: -# - jira.url -# - jira.project -# - linear.url -# - linear.api-key -# - github.org -# - github.repo diff --git a/.beads/interactions.jsonl b/.beads/interactions.jsonl deleted file mode 100644 index e69de29b..00000000 diff --git a/.beads/issues.jsonl b/.beads/issues.jsonl deleted file mode 100644 index 68609603..00000000 --- a/.beads/issues.jsonl +++ /dev/null @@ -1,73 +0,0 @@ -{"id":"integreat-00t","title":"Security: Input validation and sanitization in import functions","status":"closed","priority":1,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T09:23:28.0129384-08:00","created_by":"Bryce","updated_at":"2026-02-08T13:33:06.050946022-08:00","closed_at":"2026-02-08T13:33:06.050946022-08:00","close_reason":"Code review completed - import_uploaded_invoices.clj reviewed"} -{"id":"integreat-01o","title":"Security: Remove hardcoded API keys in insight_outcome_recommendation","status":"closed","priority":1,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T09:24:46.141653019-08:00","created_by":"Bryce","updated_at":"2026-02-08T13:31:42.926029101-08:00","closed_at":"2026-02-08T13:31:42.926029101-08:00","close_reason":"Code review completed - Hardcoded Pinecone API key found at lines 31, 48"} -{"id":"integreat-08c","title":"Performance: Fix N+1 query problem in sales_summaries","status":"closed","priority":1,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T09:24:47.102267818-08:00","created_by":"Bryce","updated_at":"2026-02-08T13:31:42.899786826-08:00","closed_at":"2026-02-08T13:31:42.899786826-08:00","close_reason":"Code review completed - N+1 queries identified throughout sales_summaries.clj"} -{"id":"integreat-0df","title":"Code review: auto_ap.ssr.admin.transaction_rules","status":"closed","priority":2,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T13:26:21.41732477-08:00","created_by":"Bryce","updated_at":"2026-02-08T13:26:50.545369921-08:00","closed_at":"2026-02-08T13:26:50.545369921-08:00","close_reason":"Closed"} -{"id":"integreat-0ic","title":"Clientize sales summaries and add schema cleanup","status":"open","priority":3,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T08:56:43.768991121-08:00","created_by":"Bryce","updated_at":"2026-02-08T08:56:43.768991121-08:00"} -{"id":"integreat-0kl","title":"Code review: auto_ap.ssr.admin.import_batch","status":"closed","priority":2,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T13:25:10.532871346-08:00","created_by":"Bryce","updated_at":"2026-02-08T13:25:29.784001757-08:00","closed_at":"2026-02-08T13:25:29.784001757-08:00","close_reason":"Closed"} -{"id":"integreat-0tf","title":"Security: Remove hardcoded cookie secret","status":"closed","priority":1,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T09:21:54.956951237-08:00","created_by":"Bryce","updated_at":"2026-02-08T13:34:04.535163011-08:00","closed_at":"2026-02-08T13:34:04.535163011-08:00","close_reason":"Code review completed - Hardcoded cookie store key found at lines 447-448"} -{"id":"integreat-0z7","title":"Complete test coverage for transactions and invoice functionality","status":"open","priority":3,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T08:56:54.738460045-08:00","created_by":"Bryce","updated_at":"2026-02-08T08:56:54.738460045-08:00"} -{"id":"integreat-104","title":"Code Review: auto_ap.permissions","status":"closed","priority":2,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T09:20:58.102943422-08:00","created_by":"Bryce","updated_at":"2026-02-08T09:30:00.915797483-08:00","closed_at":"2026-02-08T09:30:00.915797483-08:00","close_reason":"Closed"} -{"id":"integreat-1b8","title":"Code Review: auto_ap.ledger","status":"closed","priority":2,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T09:20:58.457434281-08:00","created_by":"Bryce","updated_at":"2026-02-08T09:30:52.517437805-08:00","closed_at":"2026-02-08T09:30:52.517437805-08:00","close_reason":"Closed"} -{"id":"integreat-1ex","title":"Security: Implement rate limiting","status":"closed","priority":1,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T09:21:55.32191677-08:00","created_by":"Bryce","updated_at":"2026-02-08T13:34:04.585536605-08:00","closed_at":"2026-02-08T13:34:04.585536605-08:00","close_reason":"Code review completed - Rate limiting not implemented, recommendation added"} -{"id":"integreat-1ff","title":"Code Review: iol_ion","status":"closed","priority":2,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T09:20:59.195722157-08:00","created_by":"Bryce","updated_at":"2026-02-08T09:30:30.631572319-08:00","closed_at":"2026-02-08T09:30:30.631572319-08:00","close_reason":"Closed"} -{"id":"integreat-1ht","title":"Security: Add input validation and sanitization","status":"closed","priority":1,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T09:21:55.707181622-08:00","created_by":"Bryce","updated_at":"2026-02-08T13:34:04.560514104-08:00","closed_at":"2026-02-08T13:34:04.560514104-08:00","close_reason":"Code review completed - handler.clj reviewed, input validation issues identified"} -{"id":"integreat-1jz","title":"Code review: auto_ap.ssr.admin.excel_invoice","status":"closed","priority":2,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T13:18:26.802261171-08:00","created_by":"Bryce","updated_at":"2026-02-08T13:18:51.297567931-08:00","closed_at":"2026-02-08T13:18:51.297567931-08:00","close_reason":"Closed"} -{"id":"integreat-1m3","title":"Security: Remove hardcoded JWT secrets","status":"in_progress","priority":1,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T09:21:54.57377807-08:00","created_by":"Bryce","updated_at":"2026-02-08T09:35:21.465147919-08:00"} -{"id":"integreat-1oo","title":"Code review: auto_ap.ssr.admin.vendors","status":"closed","priority":2,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T13:26:57.577293865-08:00","created_by":"Bryce","updated_at":"2026-02-08T13:27:29.429533887-08:00","closed_at":"2026-02-08T13:27:29.429533887-08:00","close_reason":"Closed"} -{"id":"integreat-1qy","title":"Code Review: auto_ap.routes","status":"closed","priority":2,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T09:20:55.26442193-08:00","created_by":"Bryce","updated_at":"2026-02-08T13:29:55.026115465-08:00","closed_at":"2026-02-08T13:29:55.026115465-08:00","close_reason":"No file found for this namespace"} -{"id":"integreat-278","title":"Security: Remove hardcoded Google credentials in auth.clj","status":"closed","priority":1,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T09:26:19.491341584-08:00","created_by":"Bryce","updated_at":"2026-02-08T13:30:37.240560315-08:00","closed_at":"2026-02-08T13:30:37.240560315-08:00","close_reason":"Code review completed - JWT secret management reviewed"} -{"id":"integreat-2cd","title":"Code review: auto_ap.ssr.admin.sales_summaries","status":"closed","priority":2,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T13:25:56.325342803-08:00","created_by":"Bryce","updated_at":"2026-02-08T13:26:17.717894907-08:00","closed_at":"2026-02-08T13:26:17.717894907-08:00","close_reason":"Closed"} -{"id":"integreat-2ti","title":"Code review: auto_ap.ssr.admin.accounts","status":"closed","priority":2,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T12:53:44.646685216-08:00","created_by":"Bryce","updated_at":"2026-02-08T12:55:55.094416105-08:00","closed_at":"2026-02-08T12:55:55.094416105-08:00","close_reason":"Closed"} -{"id":"integreat-35k","title":"Fix session handling and authentication route issues","status":"open","priority":3,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T08:56:50.662486708-08:00","created_by":"Bryce","updated_at":"2026-02-08T08:56:50.662486708-08:00"} -{"id":"integreat-3a7","title":"Refactor clients module for better reusability, schemas, and bug fixes","status":"open","priority":3,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T08:56:44.681764032-08:00","created_by":"Bryce","updated_at":"2026-02-08T08:56:44.681764032-08:00"} -{"id":"integreat-3cp","title":"Code Review: auto_ap.import","status":"closed","priority":2,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T09:20:54.573843708-08:00","created_by":"Bryce","updated_at":"2026-02-08T13:29:55.090966459-08:00","closed_at":"2026-02-08T13:29:55.090966459-08:00","close_reason":"No file found for this namespace"} -{"id":"integreat-3pr","title":"Code Review: auto_ap.ss_routes","status":"closed","priority":2,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T09:20:57.020989213-08:00","created_by":"Bryce","updated_at":"2026-02-08T13:29:54.961399111-08:00","closed_at":"2026-02-08T13:29:54.961399111-08:00","close_reason":"No file found for this namespace"} -{"id":"integreat-3y8","title":"Code review: auto_ap.ssr.admin.clients","status":"closed","priority":2,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T09:42:10.903791187-08:00","created_by":"Bryce","updated_at":"2026-02-08T09:47:29.495083383-08:00","closed_at":"2026-02-08T09:47:29.495083383-08:00","close_reason":"Closed"} -{"id":"integreat-46f","title":"Security: Rate limiting for external API calls","status":"closed","priority":1,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T09:23:28.429193916-08:00","created_by":"Bryce","updated_at":"2026-02-08T13:34:04.63601665-08:00","closed_at":"2026-02-08T13:34:04.63601665-08:00","close_reason":"Code review completed - Rate limiting recommendations added"} -{"id":"integreat-4ag","title":"Code Review: iol-ion.query - Security and Code Quality Issues","description":"Code review of /home/noti/dev/integreat/iol_ion/src/iol_ion/query.clj revealed critical security and maintainability issues:\\n\\n## Security Issues:\\n- **Regex Injection Vulnerability** (line 67-68): User input passed directly to regex compilation without sanitization, enabling ReDoS attacks\\n- **No input validation on date parameters** (lines 25-30, 46-54, 83-162): Invalid dates could cause Denial of Service attacks\\n- **No validation of client IDs** (lines 46-54, 83-162): Malicious client IDs could bypass access controls\\n- **Unsafe timezone handling** (line 70-75): Hardcoded timezone without validation or fallback could cause failures\\n- **Permission checking lacks validation** (lines 59-64): Assumes identity structure without validation\\n\\n## Code Quality Issues:\\n- **Extreme code duplication** (lines 83-162): 8 scan functions with identical structure except for index names and entity types\\n- **Obsolete function** (lines 7-9): marked as \"not working in Datomic Cloud\" but still used\\n- **Magic numbers** (lines 25-30, 86-89): Hardcoded years (2001-2030) and days (90) should be configuration\\n- **Inconsistent client handling**: Mixed use of vs direct client IDs\\n\\n## Performance Issues:\\n- **Inefficient database queries** (lines 83-162): Sequential scans in for-loops instead of bulk operations\\n- **Repeated timezone conversions**: Each call to local-now converts to same timezone unnecessarily\\n\\n## Recommendations:\\n1. Add input validation for all user-supplied parameters\\n2. Create a utility function to handle regex compilation safely\\n3. Extract common scan logic into a single reusable function\\n4. Replace deprecated entid function or remove its usage\\n5. Move magic numbers to configuration constants\\n6. Optimize database queries with bulk operations\\n7. Add proper error handling and validation for all functions","status":"closed","priority":2,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T09:30:53.593616294-08:00","created_by":"Bryce","updated_at":"2026-02-08T13:28:52.035161365-08:00","closed_at":"2026-02-08T13:28:52.035161365-08:00","close_reason":"Closed"} -{"id":"integreat-4mc","title":"Clean up legacy code and remove commented out templates","status":"open","priority":3,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T08:56:48.479644441-08:00","created_by":"Bryce","updated_at":"2026-02-08T08:56:48.479644441-08:00"} -{"id":"integreat-54l","title":"Code Review: auto_ap.background","status":"closed","priority":2,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T09:20:58.809902284-08:00","created_by":"Bryce","updated_at":"2026-02-08T09:31:14.526449134-08:00","closed_at":"2026-02-08T09:31:14.526449134-08:00","close_reason":"Closed"} -{"id":"integreat-59c","title":"Security: Fix SQL injection vulnerability in exports.clj","status":"closed","priority":1,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T09:26:19.959391674-08:00","created_by":"Bryce","updated_at":"2026-02-08T13:30:37.208340718-08:00","closed_at":"2026-02-08T13:30:37.208340718-08:00","close_reason":"Code review completed - SQL injection vulnerability found in export-raw function"} -{"id":"integreat-5a1","title":"Concurrency: Fix thread safety issues in sysco.clj","status":"open","priority":2,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T09:24:48.485672868-08:00","created_by":"Bryce","updated_at":"2026-02-08T09:24:48.485672868-08:00"} -{"id":"integreat-6cf","title":"Implement autopay and unpaid API unification","status":"open","priority":3,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T08:56:49.217286047-08:00","created_by":"Bryce","updated_at":"2026-02-08T08:56:49.217286047-08:00"} -{"id":"integreat-74f","title":"Security: Transaction validation and data integrity","status":"closed","priority":1,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T09:23:29.251711914-08:00","created_by":"Bryce","updated_at":"2026-02-08T13:34:04.611256589-08:00","closed_at":"2026-02-08T13:34:04.611256589-08:00","close_reason":"Code review completed - Transaction validation reviewed in multiple files"} -{"id":"integreat-7cx","title":"Code Review: auto_ap.shared_views","status":"closed","priority":2,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T09:20:57.754073898-08:00","created_by":"Bryce","updated_at":"2026-02-08T13:29:39.003484636-08:00","closed_at":"2026-02-08T13:29:39.003484636-08:00","close_reason":"Closed"} -{"id":"integreat-7de","title":"Security: Database connection management in imports","status":"closed","priority":1,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T09:23:27.574962301-08:00","created_by":"Bryce","updated_at":"2026-02-08T13:33:06.077037636-08:00","closed_at":"2026-02-08T13:33:06.077037636-08:00","close_reason":"Code review completed - No connection management issues found in import files"} -{"id":"integreat-7en","title":"Code Review: auto_ap.ss.admin.background-jobs - Security and Code Quality Issues","description":"Code review of /home/noti/dev/integreat/src/clj/auto_ap/ssr/admin/background_jobs.clj revealed critical security and maintainability issues:\\n\\n## Security Issues:\\n- **No job name validation** (lines 53-58): Job names used to construct task ARNs without validation, enabling injection attacks\\n- **Hardcoded network configuration** (lines 150-52): Subnets and security groups hardcoded with direct IPs\\n- **Hardcoded security group IDs** (lines 151-52): Security credentials directly embedded in code\\n- **No rate limiting** (lines 56-61): Job execution lacks rate limiting, enabling DoS attacks\\n- **Fragile job name sanitization** (lines 161-62): Regex replacement approach is insecure\\n- **No URL validation** (lines 74, 84-86): S3 URLs not validated before use\\n\\n## Code Quality Issues:\\n- **Poor error handling** (lines 30-37): AWS API errors not handled, could crash page\\n- **Code duplication** (lines 46-52, 53-58): and have identical logic\\n- **Magic strings** (lines 33-42, 224-42): Job names hardcoded in select options and processing\\n- **Inconsistent error handling**: Mixed approach to form errors and API errors\\n\\n## Performance Issues:\\n- **Inefficient task querying** (lines 30-37): Two separate AWS API calls instead of one\\n- **Nested AWS calls** (lines 35-36): Multiple nested API calls increase complexity\\n- **No caching**: Repeated API calls to without memoization\\n\\n## Recommendations:\\n1. Add input validation for all user-supplied parameters\\n2. Extract hardcoded configuration to environment variables or config files\\n3. Implement rate limiting on job execution\\n4. Use secure sanitization for job names\\n5. Add proper error handling for AWS API calls\\n6. Remove code duplication by extracting common logic\\n7. Optimize AWS API calls and add caching where appropriate\\n8. Validate S3 URLs before use","status":"closed","priority":2,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T09:31:15.621682311-08:00","created_by":"Bryce","updated_at":"2026-02-08T13:18:06.425132957-08:00","closed_at":"2026-02-08T13:18:06.425132957-08:00","close_reason":"Closed"} -{"id":"integreat-8jt","title":"Performance: Fix potential memory leak in client hydration","status":"open","priority":2,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T09:21:56.135939778-08:00","created_by":"Bryce","updated_at":"2026-02-08T09:21:56.135939778-08:00"} -{"id":"integreat-8p7","title":"Code Review: auto_ap.client_routes","status":"closed","priority":2,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T09:20:57.389725276-08:00","created_by":"Bryce","updated_at":"2026-02-08T13:34:13.440742845-08:00","closed_at":"2026-02-08T13:34:13.440742845-08:00","close_reason":"No file found for auto_ap.client_routes namespace"} -{"id":"integreat-9o2","title":"Code Review: auto_ap.ss","status":"closed","priority":2,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T09:20:56.653394004-08:00","created_by":"Bryce","updated_at":"2026-02-08T13:29:54.994180329-08:00","closed_at":"2026-02-08T13:29:54.994180329-08:00","close_reason":"No file found for this namespace"} -{"id":"integreat-adj","title":"Performance: Fix CSV writing efficiency in exports.clj","status":"open","priority":2,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T09:26:21.877285694-08:00","created_by":"Bryce","updated_at":"2026-02-08T09:26:21.877285694-08:00"} -{"id":"integreat-ae3","title":"Investigate iol-ion module and security review requirements","description":"iol-ion appears to be an external or internal module that provides query functions used throughout the codebase:\\n\\nFunctions used:\\n- iol-ion.query/ident (line 98 in transaction_rules.clj)\\n- iol-ion.query/recent-date (line 317 in transaction_rules.clj)\\n- iol-ion.query/-\u003epattern (lines 323, 541 in transaction_rules.clj)\\n- iol-ion.query/dom (lines 361, 368 in transaction_rules.clj)\\n\\nNeeds investigation:\\n1. Is iol-ion a third-party library or internal module?\\n2. What security concerns exist in its usage?\\n3. Is there proper input validation in its functions?\\n4. Are there any potential injection vulnerabilities?\\n5. What are the dependencies and version requirements?\\n\\nSearch in:\\n- project.clj or deps.edn for dependencies\\n- src directory for module definition\\n- Documentation or README files","status":"open","priority":2,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T09:30:31.587996635-08:00","created_by":"Bryce","updated_at":"2026-02-08T09:30:34.841745089-08:00"} -{"id":"integreat-aut","title":"Fix payment query parameter parsing and implement proper decoding","status":"open","priority":2,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T08:56:46.65410618-08:00","created_by":"Bryce","updated_at":"2026-02-08T08:56:46.65410618-08:00"} -{"id":"integreat-bct","title":"Complete IOL integration with Datomic Cloud","status":"open","priority":3,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T08:56:51.056089489-08:00","created_by":"Bryce","updated_at":"2026-02-08T08:56:51.056089489-08:00"} -{"id":"integreat-d8q","title":"Code Review: auto_ap.main","notes":"Code review completed for auto_ap.views.main\n\n**Summary**: Found several issues ranging from performance to code quality.\n\n**High Priority**:\n- Inefficient key generation on line 90 using pr-str - causes unnecessary re-renders\n\n**Medium Priority**:\n- Permission check pattern duplication across 16 page methods\n- Insufficient nil handling for edge cases\n\n**Low Priority**:\n- Subscription frequency could be optimized\n- Growing page handler count suggests need for refactoring\n\n**Security**: All page routes properly check permissions - good security posture.\n\nFull detailed review saved to REVIEW_auto_ap.main.md","status":"closed","priority":2,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T09:20:54.224210511-08:00","created_by":"Bryce","updated_at":"2026-02-08T09:35:08.65588745-08:00","closed_at":"2026-02-08T09:35:08.65588745-08:00","close_reason":"Closed"} -{"id":"integreat-dsb","title":"Performance: External API calls should be asynchronous","status":"open","priority":2,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T09:23:29.66389647-08:00","created_by":"Bryce","updated_at":"2026-02-08T09:23:29.66389647-08:00"} -{"id":"integreat-edg","title":"Fix grid page helper issues and form bubbling problems","status":"open","priority":3,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T08:56:45.844140503-08:00","created_by":"Bryce","updated_at":"2026-02-08T08:56:45.844140503-08:00"} -{"id":"integreat-g4b","title":"Complete wizard implementation and make it more modular","status":"open","priority":3,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T08:56:52.493115251-08:00","created_by":"Bryce","updated_at":"2026-02-08T08:56:52.493115251-08:00"} -{"id":"integreat-gf0","title":"Performance: Fix memory leak in client cache","status":"open","priority":2,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T09:23:28.846092823-08:00","created_by":"Bryce","updated_at":"2026-02-08T09:23:28.846092823-08:00"} -{"id":"integreat-ifw","title":"Add Plaid merchant integration and improve vendors module","status":"open","priority":3,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T08:56:45.076207245-08:00","created_by":"Bryce","updated_at":"2026-02-08T08:56:45.076207245-08:00"} -{"id":"integreat-iut","title":"Code review: auto_ap.ssr.admin.history","status":"closed","priority":2,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T13:22:16.782050468-08:00","created_by":"Bryce","updated_at":"2026-02-08T13:22:40.135978155-08:00","closed_at":"2026-02-08T13:22:40.135978155-08:00","close_reason":"Closed"} -{"id":"integreat-lov","title":"Security: Add input validation to all routes","status":"open","priority":1,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T09:26:21.423853589-08:00","created_by":"Bryce","updated_at":"2026-02-08T09:26:21.423853589-08:00"} -{"id":"integreat-mt4","title":"Code Review: auto_ap.jobs","status":"closed","priority":2,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T09:20:54.921445539-08:00","created_by":"Bryce","updated_at":"2026-02-08T13:29:55.058776633-08:00","closed_at":"2026-02-08T13:29:55.058776633-08:00","close_reason":"No file found for this namespace"} -{"id":"integreat-mxf","title":"Security: Fix error information leakage","status":"open","priority":2,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T09:21:56.506580155-08:00","created_by":"Bryce","updated_at":"2026-02-08T09:21:56.506580155-08:00"} -{"id":"integreat-opb","title":"Security: Fix SQL injection risk in close_auto_invoices","status":"closed","priority":1,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T09:24:47.576841414-08:00","created_by":"Bryce","updated_at":"2026-02-08T13:33:26.149329059-08:00","closed_at":"2026-02-08T13:33:26.149329059-08:00","close_reason":"Code review completed - No SQL injection risk found, queries properly parameterized"} -{"id":"integreat-oyo","title":"Componentize transaction rules and improve form handling","status":"open","priority":3,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T08:56:45.44170363-08:00","created_by":"Bryce","updated_at":"2026-02-08T08:56:45.44170363-08:00"} -{"id":"integreat-pc1","title":"Complete real user testing for invoices and add credit from balance support","status":"open","priority":3,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T08:56:46.269009169-08:00","created_by":"Bryce","updated_at":"2026-02-08T08:56:46.269009169-08:00"} -{"id":"integreat-qj2","title":"Improve component structure and implement better error handling","status":"open","priority":3,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T08:56:52.132393487-08:00","created_by":"Bryce","updated_at":"2026-02-08T08:56:52.132393487-08:00"} -{"id":"integreat-rlj","title":"Complete wizard step structure and modularize page components","status":"open","priority":3,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T08:56:53.993488192-08:00","created_by":"Bryce","updated_at":"2026-02-08T08:56:53.993488192-08:00"} -{"id":"integreat-s53","title":"Security: Remove hardcoded NTG API key in exports.clj","status":"closed","priority":1,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T09:26:20.457790327-08:00","created_by":"Bryce","updated_at":"2026-02-08T13:30:37.176681233-08:00","closed_at":"2026-02-08T13:30:37.176681233-08:00","close_reason":"Code review completed - Hardcoded API key found at lines 659, 665"} -{"id":"integreat-s5h","title":"Resource: Fix resource leaks in import_uploaded_invoices","status":"closed","priority":1,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T09:24:48.026329699-08:00","created_by":"Bryce","updated_at":"2026-02-08T13:31:42.874323093-08:00","closed_at":"2026-02-08T13:31:42.874323093-08:00","close_reason":"Code review completed - Resource leaks identified in lines 43-76"} -{"id":"integreat-syf","title":"Code Review: auto_ap.graphql","status":"closed","priority":2,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T09:20:55.620533412-08:00","created_by":"Bryce","updated_at":"2026-02-08T13:29:39.033441719-08:00","closed_at":"2026-02-08T13:29:39.033441719-08:00","close_reason":"Closed"} -{"id":"integreat-uc3","title":"Security: Input sanitization and validation in job functions","status":"closed","priority":1,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T09:24:46.60155898-08:00","created_by":"Bryce","updated_at":"2026-02-08T13:31:42.951371743-08:00","closed_at":"2026-02-08T13:31:42.951371743-08:00","close_reason":"Code review completed - Job functions reviewed, input validation needed"} -{"id":"integreat-vk3","title":"Add feature flags system and signature support","status":"open","priority":3,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T08:56:51.419253869-08:00","created_by":"Bryce","updated_at":"2026-02-08T08:56:51.419253869-08:00"} -{"id":"integreat-vkf","title":"Improve form handling and remove unused code","status":"open","priority":3,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T08:56:49.592681075-08:00","created_by":"Bryce","updated_at":"2026-02-08T08:56:49.592681075-08:00"} -{"id":"integreat-vvk","title":"Performance: Fix N+1 query problems in exports.clj","status":"closed","priority":1,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T09:26:20.96494325-08:00","created_by":"Bryce","updated_at":"2026-02-08T13:30:37.144024095-08:00","closed_at":"2026-02-08T13:30:37.144024095-08:00","close_reason":"Code review completed - N+1 queries identified in exports.clj"} -{"id":"integreat-w1i","title":"Improve input components and data grid implementations","status":"open","priority":3,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T08:56:47.721945968-08:00","created_by":"Bryce","updated_at":"2026-02-08T08:56:47.721945968-08:00"} -{"id":"integreat-y3e","title":"Improve typeahead component and implement proper query handling","status":"open","priority":3,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T08:56:53.602661377-08:00","created_by":"Bryce","updated_at":"2026-02-08T08:56:53.602661377-08:00"} -{"id":"integreat-y72","title":"Enhance ledger reports and improve navigation/aside components","status":"open","priority":3,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T08:56:48.101954827-08:00","created_by":"Bryce","updated_at":"2026-02-08T08:56:48.101954827-08:00"} -{"id":"integreat-yq9","title":"Remove deprecated code and clean up unused functions","status":"open","priority":3,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T08:56:54.367393577-08:00","created_by":"Bryce","updated_at":"2026-02-08T08:56:54.367393577-08:00"} -{"id":"integreat-zly","title":"Code Review: auto_ap.permissions - Security and Maintainability Issues","description":"Code review of /home/noti/dev/integreat/src/cljc/auto_ap/permissions.cljc revealed critical security and maintainability issues:\\n\\n## Security Issues:\\n- Client access control bypass: Non-admins completely blocked if client-id is nil (lines 22-24)\\n- No input validation: Client IDs and user data not validated (lines 10-11, 17)\\n- Trust-based user object: No schema validation for user data\\n\\n## Maintainability Issues:\\n- Extreme code duplication: Permission logic repeated 4 times across different role checks (lines 26-141)\\n- Magic strings: Inconsistent role representation (mixing keywords and strings)\\n- Hardcoded permissions: No separation from business logic\\n- No unit tests: No test coverage for permission checks\\n\\n## Performance Issues:\\n- Redundant set creation on every call (lines 22-23)\\n- Repeated condition checks for each role\\n\\n## Recommendations:\\n1. Implement schema validation for user data using malli\\n2. Extract permissions to data structure following DRY principle\\n3. Add client-id validation with pos-int?\\n4. Add unit tests for all permission sets\\n5. Move set creation outside function or add short-circuit for admin role\\n\\nSee full review for detailed analysis and refactoring suggestions.","status":"closed","priority":2,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T09:30:01.992071212-08:00","created_by":"Bryce","updated_at":"2026-02-08T13:34:13.389737709-08:00","closed_at":"2026-02-08T13:34:13.389737709-08:00","close_reason":"No file found for auto_ap.permissions namespace"} -{"id":"integreat-zn0","title":"Implement cash drawer shift functionality","status":"open","priority":3,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T08:56:51.76190647-08:00","created_by":"Bryce","updated_at":"2026-02-08T08:56:51.76190647-08:00"} -{"id":"integreat-zp6","title":"Code review: auto_ap.ssr.admin.sales_powerqueries","status":"closed","priority":2,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T13:25:33.754411978-08:00","created_by":"Bryce","updated_at":"2026-02-08T13:25:52.806787427-08:00","closed_at":"2026-02-08T13:25:52.806787427-08:00","close_reason":"Closed"} -{"id":"integreat-zt8","title":"Complete invoice totals implementation to include expense accounts","status":"open","priority":2,"issue_type":"task","owner":"bryce@brycecovertoperations.com","created_at":"2026-02-08T08:56:48.848572114-08:00","created_by":"Bryce","updated_at":"2026-02-08T08:56:48.848572114-08:00"} diff --git a/.beads/metadata.json b/.beads/metadata.json deleted file mode 100644 index c787975e..00000000 --- a/.beads/metadata.json +++ /dev/null @@ -1,4 +0,0 @@ -{ - "database": "beads.db", - "jsonl_export": "issues.jsonl" -} \ No newline at end of file diff --git a/src/clj/auto_ap/square/core3.clj b/src/clj/auto_ap/square/core3.clj index dee59bd0..2f192cd2 100644 --- a/src/clj/auto_ap/square/core3.clj +++ b/src/clj/auto_ap/square/core3.clj @@ -293,7 +293,9 @@ (condp = (:name (:source order)) "GRUBHUB" :ccp-processor/grubhub "UBEREATS" :ccp-processor/uber-eats + "Uber Eats" :ccp-processor/uber-eats "DOORDASH" :ccp-processor/doordash + "DoorDash" :ccp-processor/doordash "Koala" :ccp-processor/koala "koala-production" :ccp-processor/koala :ccp-processor/na)) @@ -868,7 +870,11 @@ #_(comment (require 'auto-ap.time-reader) - + @(let [[c [l]] (get-square-client-and-location "DBFS") ] + (log/peek :x [ c l]) + (search c l #clj-time/date-time "2026-03-28" #clj-time/date-time "2026-03-29") + + ) @(let [[c [l]] (get-square-client-and-location "NGAK") ] (log/peek :x [ c l]) @@ -1058,18 +1064,43 @@ (count) ) - (doseq [c (get-square-clients)] - (println "Upserting" (:client/name c)) - @(upsert c)) + + + + (doseq [[code] (seq (dc/q '[:find ?code + :in $ + :where [?o :sales-order/date ?d] + [(>= ?d #inst "2026-01-01")] + [?o :sales-order/source "Invoices"] + [?o :sales-order/client ?c] + [?c :client/code ?code]] + (dc/db conn))) + :let [[c [l]] (get-square-client-and-location code) + ] + order @(search c l #clj-time/date-time "2026-01-01T00:00:00-08:00" (time/now)) + :when (= "Invoices" (:name (:source order) )) + :let [[sales-order] @(order->sales-order c l order)]] + + (when (should-import-order? order) + (println "DATE IS" (:sales-order/date sales-order)) + (when (some-> (:sales-order/date sales-order) coerce/to-date-time (time/after? #clj-time/date-time "2026-2-16T00:00:00-08:00")) + (println "WOULD UPDATE" sales-order) + @(dc/transact auto-ap.datomic/conn [sales-order]) + ) + #_@(dc/transact ) + (println "DONE")) + + + ) #_(filter (comp #{"OTHER"} :type) (mapcat :tenders z)) @(let [[c [l]] (get-square-client-and-location "NGRY")] - #_(search c l (clj-time.coerce/from-date #inst "2025-02-28") (clj-time.coerce/from-date #inst "2025-03-01")) + #_(search c l (clj-time.coerce/from-date #inst "2025-02-28") (clj-time.coerce/from-date #inst "2025-03-01")) - (order->sales-order c l (:order (get-order c l "KdvwntmfMNTKBu8NOocbxatOs18YY" ))) + (order->sales-order c l (:order (get-order c l "KdvwntmfMNTKBu8NOocbxatOs18YY" ))) - ) + ) )