🔒 Security Enhancements:
- Add HTTPS validation for production URLs with comprehensive checks
- Implement type-safe Mollie status mapping to prevent type confusion
- Add robust request body handling with proper error boundaries
🚀 Reliability Improvements:
- Implement optimistic locking to prevent webhook race conditions
- Add providerId field indexing for efficient payment lookups
- Include webhook processing metadata for audit trails
📊 Performance Optimizations:
- Index providerId field for faster webhook payment queries
- Optimize concurrent webhook handling with version checking
- Add graceful degradation for update conflicts
🛡️ Production Readiness:
- Validate HTTPS protocol enforcement in production
- Prevent localhost URLs in production environments
- Enhanced error context and logging for debugging
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
🔒 Security Fixes:
- Make webhook signature validation required for production
- Prevent information disclosure by returning 200 for all webhook responses
- Sanitize external error messages while preserving internal logging
🔧 Code Quality Improvements:
- Add URL validation to prevent localhost usage in production
- Create currency utilities for proper handling of non-centesimal currencies
- Replace unsafe 'any' types with type-safe ProviderData wrapper
- Add comprehensive input validation for amounts, currencies, and descriptions
- Set default Stripe API version for consistency
📦 New Features:
- Currency conversion utilities supporting JPY, KRW, and other special cases
- Type-safe provider data structure with metadata
- Enhanced validation functions for payment data
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Implement Stripe payment provider with PaymentIntent creation
- Add webhook handler with signature verification and event processing
- Handle payment status updates and refund events
- Move Stripe to peer dependencies for better compatibility
- Update README with peer dependency installation instructions
- Document new provider configuration patterns and webhook endpoints
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Introduce `mollieProvider` for handling Mollie payments
- Add configurable payment hooks for initialization and processing
- Implement `initPayment` logic to create Mollie payments and update metadata
- Include types for Mollie integration in payments and refunds
- Update `package.json` to include `@mollie/api-client` dependency
- Refactor existing payment-related types into modular files for better maintainability
- Remove `seedBillingData` function for sample data creation
- Update refunds, invoices, and payments collections to use pluginConfig for dynamic overrides
- Introduce utility functions like `extractSlug` for customizable collection slugs
- Streamline customer relation and data extractor logic across collections
- Remove outdated payment provider and testing information
- Focus on current customer data management features
- Document customer info extractor pattern and usage
- Include clear configuration examples
- Remove references to unimplemented features
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Restore missing customers collection import and creation
- Fix required field validation: customerInfo fields only required when no extractor
- Fix linting warnings in webhook handler
- Ensure consistent typing across all interfaces
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Eliminate `createCustomersCollection` from collections and main index files
- Update `config.collections` logic to remove customer collection dependency
- Add CustomerInfoExtractor callback type for flexible customer data extraction
- Implement automatic customer info sync via beforeChange hook
- Make customer info fields read-only when using extractor
- Add defaultCustomerInfoExtractor for built-in customer collection
- Update validation to require customer selection when using extractor
- Keep customer info in sync when relationship changes
Breaking change: Plugin users must now provide customerInfoExtractor callback
to enable customer relationship syncing.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Remove currency, logger, validation utilities, and base/test provider logic
- Delete associated tests and TypeScript definitions for deprecated modules
- Clean up exports in `src/utils` to reflect module removals
- Make customerInfo fields conditionally required based on customer relationship
- Add admin UI conditional visibility to hide embedded fields when relationship exists
- Fix address field naming inconsistency (postal_code -> postalCode)
- Update types to properly reflect optional customerInfo/billingAddress
- Add validation to ensure either customer relationship or embedded info is provided
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Add customerInfo and billingAddress fields to invoice collection
- Make customer relationship optional and configurable via plugin config
- Update TypeScript types to reflect new invoice structure
- Allow disabling customer relationship with customerRelation: false
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Simplified and clarified README structure and content.
- Replaced `mongooseAdapter` with `sqliteAdapter` for database configuration.
- Disabled all `perfectionist` ESLint rules for consistency.
- Updated `billingPlugin` import path in dev config.
