security hardening

2026-05-31 09:35:31 +02:00
parent d7d437a871
commit 01b4734477
31 changed files with 1234 additions and 238 deletions
@@ -10,7 +10,7 @@
    "config:use": "shopify app config use",
    "env": "shopify app env",
    "start": "node ./server.js",
-    "docker-start": "npm run setup && npm run start",
+    "docker-start": "prisma migrate deploy && npm run start",
    "setup": "prisma generate && prisma migrate deploy",
    "lint": "eslint --ignore-path .gitignore --cache --cache-location ./node_modules/.cache/eslint .",
    "shopify": "shopify",
@@ -28,13 +28,10 @@
    "@prisma/client": "^6.16.3",
    "@react-pdf/renderer": "^4.5.1",
    "@react-router/dev": "^7.12.0",
+    "@react-router/express": "^7.14.2",
    "@react-router/fs-routes": "^7.12.0",
    "@react-router/node": "^7.12.0",
-    "@react-router/express": "^7.14.2",
    "@react-router/serve": "^7.12.0",
-    "compression": "^1.8.1",
-    "express": "^4.22.1",
-    "morgan": "^1.10.1",
    "@shopify/app-bridge-react": "^4.2.4",
    "@shopify/shopify-app-react-router": "^1.1.0",
    "@shopify/shopify-app-session-storage-prisma": "^8.0.0",
@@ -46,8 +43,14 @@
    "@tiptap/react": "^3.23.1",
    "@tiptap/starter-kit": "^3.23.1",
    "@types/nodemailer": "^8.0.0",
+    "compression": "^1.8.1",
+    "express": "^4.22.1",
+    "express-rate-limit": "^8.5.2",
+    "ipaddr.js": "^2.4.0",
    "isbot": "^5.1.31",
+    "morgan": "^1.10.1",
    "nodemailer": "^8.0.7",
+    "p-limit": "^3.1.0",
    "prisma": "^6.16.3",
    "qrcode": "^1.5.4",
    "react": "^18.3.1",