* feat(statements): add account statement vault
Add web-only statement uploads, account linking, duplicate detection, and per-account coverage/reconciliation checks without mutating transactions. Extend ActiveStorage authorization and targeted tests for family/account scoping.
* fix(statements): return deleted account statements to inbox
Preserve linked statement records when an account is deleted by moving them back to the unmatched inbox, then expand coverage for upload validation, sanitized parser metadata, unavailable reconciliation, and missing-month coverage.
* fix(statements): harden vault upload review flows
Address review and security findings in the statement vault by preserving sanitized parser metadata, failing closed on orphaned statement blobs, avoiding account_id mass assignment permits, and adding regression coverage for link/delete edge cases.
* fix(statements): harden vault upload and access controls
* fix(statements): address vault hardening review
* fix(statements): address vault review feedback
Prioritize SHA-256 duplicate detection while preserving MD5 fallback for legacy rows.
Remove free-form account notes from statement matching, document direct account-destroy unlinking, and add year-selectable historical coverage with muted out-of-range months.
* fix(statements): harden vault review follow-ups
Clarify legacy MD5 checksum use, whitelist statement balance helper dispatch, and preserve sanitized parser metadata.
Hide statement management controls from read-only viewers while keeping server-side authorization unchanged.
* fix(statements): repair settings system coverage
Allow the changelog provider lookup in the self-hosting settings system test, include Statement Vault in settings navigation coverage, and align the feature title casing. Update the devcontainer so ActiveStorage and parallel system tests can run in the documented environment.
* fix(statements): move vault beside accounts
Place Statement Vault with account settings instead of between Imports and Exports. Keep settings footer ordering and system navigation coverage aligned, including the non-admin visibility guard.
* fix(statements): address vault review cleanup
Resolve CodeRabbit review feedback for statement upload validation, duplicate race handling, account statement matching semantics, metadata detection, ActiveStorage authorization tests, and small UI/style cleanups.
* fix(statements): address vault cleanup review
* fix(statements): deduplicate vault style helpers
* fix(statements): close vault review follow-ups
* fix(statements): refresh schema after upstream rebase
* fix(statements): process vault uploads sequentially
* fix(statements): close vault review follow-ups
* fix(statements): scope vault index to accessible accounts
* fix(statements): harden statement vault readiness
Squash the statement vault migration hardening into the feature migration, tighten Active Storage authorization edge cases, bound CSV metadata detection, and add real PDF fixture coverage for stored statements.
Validation: targeted statement/auth/controller/provider tests, full Rails suite, system tests, RuboCop, Biome, Brakeman, Zeitwerk, importmap audit, npm audit, ERB lint, CodeRabbit, and Codex Security all passed locally.
* fix(statements): close vault review follow-ups
Move statement unlinking to after account destroy commit, keep Kraken account creation on the shared crypto helper, and add statement metadata length limits with DB checks.
Validation: fresh devcontainer with fresh DB via db:prepare, focused account/statement/Kraken/Binance tests, RuboCop, Brakeman, Zeitwerk, git diff --check, CodeRabbit, and Codex Security passed before commit.
* fix(statements): address vault scan follow-ups
Move statement tab data setup out of the ERB partial, harden reconciliation labels and coverage initialization, and tighten statement schema constraints.
Validation: CodeRabbit and Codex Security reviewed the current PR diff; Rails focused tests, full Rails tests, system tests, RuboCop, Brakeman, Zeitwerk, ERB lint, npm lint, importmap audit, npm audit, and git diff --check passed.
* fix(statements): defer vault tab loading
---------
Signed-off-by: Juan José Mata <juanjo.mata@gmail.com>
Co-authored-by: Juan José Mata <juanjo.mata@gmail.com>
* Ipv6 support
* Proper fix for containers, dev and local
* Edits similar to non-AI compose file
---------
Co-authored-by: Juan José Mata <jjmata@jjmata.com>
* chore(devcontainer): optimize Dockerfile for Ruby dev environment
* chore(devcontainer): update container name and improve VSCode settings
- Rename devcontainer from 'Maybe' to 'Sure'
- Add GIT_EDITOR env var for VSCode integration
- Add Shopify Ruby extensions pack
* feat(devcontainer): add custom Bash prompt with Git info
- Implement Git branch, status markers in prompt
- Show username, current dir, and Git info with colors
- Mount custom .bashrc into container for prompt enhancements
* fix(devcontainer): improve branch detection & status markers in prompt
- Support detached HEAD by showing short SHA
- Show detailed git states: rebase, merge, bisect, am
- Fix prompt formatting and trailing colors
* Better solution to GitHub Codespaces CSRF issue
* feat(devcontainer): add Git autocompletion support in bashrc
* refactor(devcontainer): reorder volumes and service settings
- Added volume mounts for workspace & bundle cache to worker service.
---------
Co-authored-by: Juan José Mata <juanjo.mata@gmail.com>
* devContainer: Use Redis for ActiveJob and ActionCable
* devContainer: Simplify environment variables for services.
* devContainer: Remove version field as it's no longer required in Compose.
* chore: add formatting and linting for javascript code relates to #1295
* use spaces instaed
* add to recommended extensions
* only enforce lint
* auto save
Back in this [commit](5f50ea3f02 (diff-5a674c769541a71f2471a45c0e9dde911b4455344e3131bddc5a363701ba6325R22-R23)) I added a default postgres user and password.
Often this is not the user and password that is used in non-devcontainer environments.
This commit uses environment variables that are set in the devcontainer to set the user and password in the database.yml file.
If the environment variables are not set, it falls back to the default user and password on the users system.
This compiles a Ruby 3.3.0 with a patch that fixes issues on Apple
Silicon Macs. It is a bandaid until Ruby 3.3.1 when we will revert back
to using blessed ruby docker images.
