You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Please link to related issues when possible, and explain WHY you changed things, not WHAT you changed.
Other information:
eg: Did you discuss this change with anybody before working on it (not required, but can be a good idea for bigger changes). Any plans for the future, etc?
Checklist:
Put a "X" in the boxes below to indicate you have followed the checklist;
I checked that there were not similar issues or PRs already open for this.
This PR fixes just ONE issue (do not include multiple issues or types of change in the same PR) For example, don't try and fix a UI issue and include new dependencies in the same PR.
PR Type
Enhancement
Description
Add Olitt app URL configuration for "Back to Olitt" navigation button
Update authentication layout to redirect users back to Olitt app
Remove logout component from settings and billing interfaces
Simplify Docker build workflow by removing multi-arch platform support
Add gap styling to logo navigation element
Diagram Walkthrough
flowchart LR
A["Environment Config<br/>NEXT_PUBLIC_OLITT_APP_URL"] --> B["Layout Providers<br/>Pass olittAppUrl"]
B --> C["Variable Context<br/>Store olittAppUrl"]
C --> D["Logo Component<br/>Link to Olitt"]
C --> E["Auth Layout<br/>Redirect Button"]
F["Remove Logout<br/>from UI"] --> G["Settings & Billing<br/>Simplified Navigation"]
Below is a summary of compliance checks for this PR:
Security Compliance
⚪
Unvalidated redirect link
Description: The new href uses process.env.NEXT_PUBLIC_OLITT_APP_URL directly (href={olittAppUrl}) without validating scheme/host, so a misconfigured or compromised environment value (e.g., javascript:... or a phishing domain) could turn the “Back to Olitt” button into an XSS/phishing vector. layout.tsx [17-35]
Referred Code
constolittAppUrl=process.env.NEXT_PUBLIC_OLITT_APP_URL||'/';return(<divclassName="bg-[#0E0E0E] flex justify-center items-center flex-1 p-[12px] gap-[12px] min-h-screen w-screen text-white"><ReturnUrlComponent/><divclassName="flex justify-center items-center flex-col gap-4 text-start"><h1className="text-[32px] font-[600]">Continue in Olitt</h1><pclassName="text-[14px] text-[#cfcfcf] leading-6">
Please return to Olitt to start your login again.
</p><div><ahref={olittAppUrl}className="inline-flex items-center justify-center px-4 py-3 rounded-[10px] bg-white text-black font-[600] hover:opacity-90 transition-opacity">
Back to Olitt
</a></div>
Ticket Compliance
⚪
🎫 No ticket provided
Create ticket/issue
Codebase Duplication Compliance
⚪
Codebase context is not defined
Follow the guide to enable codebase context checks.
Custom Compliance
🟢
Generic: Comprehensive Audit Trails
Objective: To create a detailed and reliable record of critical system actions for security analysis and compliance.
Generic: Security-First Input Validation and Data Handling
Objective: Ensure all data inputs are validated, sanitized, and handled securely to prevent vulnerabilities
Status: Unvalidated redirect URL: The PR uses process.env.NEXT_PUBLIC_OLITT_APP_URL directly in an <a href=...> without validation/allowlisting, enabling potentially unsafe schemes (e.g., javascript:) or open-redirect style navigation if the environment value is misconfigured or attacker-controlled.
Referred Code
constolittAppUrl=process.env.NEXT_PUBLIC_OLITT_APP_URL||'/';return(<divclassName="bg-[#0E0E0E] flex justify-center items-center flex-1 p-[12px] gap-[12px] min-h-screen w-screen text-white"><ReturnUrlComponent/><divclassName="flex justify-center items-center flex-col gap-4 text-start"><h1className="text-[32px] font-[600]">Continue in Olitt</h1><pclassName="text-[14px] text-[#cfcfcf] leading-6">
Please return to Olitt to start your login again.
</p><div><ahref={olittAppUrl}className="inline-flex items-center justify-center px-4 py-3 rounded-[10px] bg-white text-black font-[600] hover:opacity-90 transition-opacity">
Back to Olitt
</a></div>
The Docker build process was modified to remove multi-arch support, specifically for linux/arm64. This is a significant regression that could break local development for users on ARM-based systems like Apple Silicon and limit future deployment options.
# .github/workflows/build-and-push-dockerhub.yml
- name: Build and push imageuses: docker/build-push-action@v4with:
context: .file: Dockerfile.dev# The 'platforms' key is removed, defaulting to only linux/amd64push: true...
Suggestion importance[1-10]: 9
__
Why: This suggestion correctly identifies a critical regression in the Docker build process, as removing ARM64 support significantly impacts developers on ARM-based machines and limits deployment flexibility.
High
Possible issue
Avoid empty string for URL fallback
In apps/frontend/src/app/(extension)/layout.tsx, change the fallback for olittAppUrl from an empty string to 'https://app.olitt.com/app/websites' to prevent incorrect link behavior.
Why: The suggestion correctly identifies an inconsistent fallback value for olittAppUrl that could lead to confusing user navigation, and proposes a fix that aligns with other parts of the codebase.
Medium
General
Use a consistent external fallback URL
In apps/frontend/src/app/(app)/auth/layout.tsx and login/page.tsx, change the fallback URL for olittAppUrl from '/' to 'https://app.olitt.com/app/websites' for consistency.
Why: This suggestion correctly points out an inconsistent fallback URL and proposes using a more explicit and consistent default, which improves maintainability and predictability.
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
User description
What kind of change does this PR introduce?
eg: Bug fix, feature, docs update, ...
Why was this change needed?
Please link to related issues when possible, and explain WHY you changed things, not WHAT you changed.
Other information:
eg: Did you discuss this change with anybody before working on it (not required, but can be a good idea for bigger changes). Any plans for the future, etc?
Checklist:
Put a "X" in the boxes below to indicate you have followed the checklist;
PR Type
Enhancement
Description
Add Olitt app URL configuration for "Back to Olitt" navigation button
Update authentication layout to redirect users back to Olitt app
Remove logout component from settings and billing interfaces
Simplify Docker build workflow by removing multi-arch platform support
Add gap styling to logo navigation element
Diagram Walkthrough
File Walkthrough
2 files
Add Olitt app URL environment variableRemove multi-architecture platform support8 files
Redesign auth layout with Olitt redirectReplace login component with Olitt redirectPass Olitt app URL to context providerPass Olitt app URL to extension layoutRemove logout component from settingsRemove logout component from billing viewConvert logo to Olitt app navigation linkAdd olittAppUrl to context interface