Skip to content

fix: build config, demo data, license security, and README update#45

Merged
NeuroKoder3 merged 2 commits intomainfrom
fix/build-and-demo-improvements
Mar 28, 2026
Merged

fix: build config, demo data, license security, and README update#45
NeuroKoder3 merged 2 commits intomainfrom
fix/build-and-demo-improvements

Conversation

@NeuroKoder3
Copy link
Copy Markdown
Owner

@NeuroKoder3 NeuroKoder3 commented Mar 28, 2026

Summary

  • Fix electron-builder v26.6.0 config errors (invalid win/mac properties)
  • Fix native module version mismatch (Node v24 vs Electron's Node v22) with buildDependenciesFromSource
  • Fix migration FK constraint failure on settings table
  • Secure owner bypass to dev/unpackaged builds only (was exploitable in production)
  • Fix frontend license check crashing before user login
  • Fix logger crash on null meta
  • Add pretest/posttest hooks so tests and builds don't conflict on native modules
  • Add demo seed data for evaluation builds (12 patients, 3 donors, 5 barriers)
  • Add technical due diligence document for potential buyers
  • Update README with correct admin credentials and fix email typo

Test plan

  • All 87 tests passing (13 cross-org + 43 business logic + 31 compliance)
  • Enterprise build succeeds and launches
  • Evaluation build succeeds and launches with demo data
  • Owner bypass only works in unpackaged dev builds

@NeuroKoder3
security: enforce RBAC on all entity CRUD handlers (fixes BAC vulnera…
335a631 
…bility)

The entity:create, entity:get, entity:update, entity:delete, entity:list, and entity:filter IPC handlers previously only checked session validity, allowing any authenticated user (including viewers) to mutate data.

Now every handler calls enforcePermission() which checks the user's role against the RBAC matrix in accessControl.cjs before allowing the operation. Each entity type maps to specific permissions for view/create/update/delete actions.
@NeuroKoder3
fix: build config, demo data, license bypass security, and README cre…
55bfdea 
…dentials

- Fix electron-builder v26.6.0 config (remove invalid win/mac properties)
- Add buildDependenciesFromSource to fix native module version mismatch
- Fix migration FK constraint on settings table
- Secure owner bypass to dev/unpackaged builds only
- Fix frontend license check to not require session before login
- Fix logger null meta crash
- Add pretest/posttest hooks for native module rebuild
- Add demo seed data for evaluation builds (12 patients, 3 donors, 5 barriers)
- Add due diligence document
- Update README with correct admin credentials and email
@NeuroKoder3 NeuroKoder3 merged commit f83e1d8 into main Mar 28, 2026
12 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@NeuroKoder3