fix: codebase audit fixes — indexes, daily_rate, anomaly key, CSRF, chat pruning, shopping_name · ed447d5811 - EverShelf

fix: codebase audit fixes — indexes, daily_rate, anomaly key, CSRF, chat pruning, shopping_name

## v1.7.6

- DB: fix shopping_name Pi→Piadina, Grana→Formaggio, Prosciutto cotto→Affettato, Panna acida→Panna
- DB: composite indexes idx_transactions_type_date + idx_transactions_pid_type_undone (+ migration)
- PHP: daily_rate uses first_in→last_activity window (not first_in→now)
- PHP: anomaly dismiss key uses product_id+direction (stable, not product_id+round(expected))
- PHP: smart shopping — products exhausted within 14 days bypass token/family suppression
- PHP: chat pruning — DELETE messages beyond 200 after each chatSave()
- PHP: getStats() — 5 queries → 1 consolidated query with subselects
- PHP: bringCleanupObsolete — 300ms delay between bulk removals
- PHP: CSRF guard — POST write actions require X-EverShelf-Request:1 or Content-Type:application/json
- JS: api() — sends X-EverShelf-Request:1 on all POST requests
- JS: _opLog — prunes entries older than 30 days in addition to 200-entry cap

This commit is contained in:

dadaloop82

2026-05-10 11:26:10 +00:00

parent f65fb4365c

commit ed447d5811

6 changed files with 106 additions and 20 deletions

									
										manifest.json
									
		+1
		-1
	
												View File
												
				@@ -2,7 +2,7 @@

				    "name": "EverShelf",

				    "short_name": "EverShelf",

				    "description": "Gestione completa della dispensa di casa con scansione barcode",

				    "version": "1.7.5",

				    "version": "1.7.6",

				    "start_url": "/evershelf/",

				    "display": "standalone",

				    "background_color": "#f0f4e8",