ci: Bump version to 0.1.2 [skip ci]

.gitea/workflows/deploy-to-prod.yml

@@ -47,6 +47,19 @@ jobs:
       - name: Install Dependencies
         run: npm ci
 
+      - name: Bump Minor Version and Push
+        run: |
+          # Configure git for the commit.
+          git config --global user.name 'Gitea Actions'
+          git config --global user.email 'actions@gitea.projectium.com'
+
+          # Bump the minor version number. This creates a new commit and a new tag.
+          # The commit message includes [skip ci] to prevent this push from triggering another workflow run.
+          npm version minor -m "ci: Bump version to %s for production release [skip ci]"
+
+          # Push the new commit and the new tag back to the main branch.
+          git push --follow-tags
+
       - name: Check for Production Database Schema Changes
         env:
           DB_HOST: ${{ secrets.DB_HOST }}
@@ -61,9 +74,10 @@ jobs:
           echo "--- Checking for production schema changes ---"
           CURRENT_HASH=$(cat sql/master_schema_rollup.sql | dos2unix | sha256sum | awk '{ print $1 }')
           echo "Current Git Schema Hash: $CURRENT_HASH"
-          DEPLOYED_HASH=$(PGPASSWORD="$DB_PASSWORD" psql -v ON_ERROR_STOP=1 -h "$DB_HOST" -p 5432 -U "$DB_USER" -d "$DB_NAME" -c "SELECT schema_hash FROM public.schema_info WHERE environment = 'production';" -t -A || echo "none")
+          # The psql command will now fail the step if the query errors (e.g., column missing), preventing deployment on a bad schema.
+          DEPLOYED_HASH=$(PGPASSWORD="$DB_PASSWORD" psql -v ON_ERROR_STOP=1 -h "$DB_HOST" -p 5432 -U "$DB_USER" -d "$DB_NAME" -c "SELECT schema_hash FROM public.schema_info WHERE environment = 'production';" -t -A)
           echo "Deployed DB Schema Hash: $DEPLOYED_HASH"
-          if [ "$DEPLOYED_HASH" = "none" ] || [ -z "$DEPLOYED_HASH" ]; then
+          if [ -z "$DEPLOYED_HASH" ]; then
             echo "WARNING: No schema hash found in the production database. This is expected for a first-time deployment."
           elif [ "$CURRENT_HASH" != "$DEPLOYED_HASH" ]; then
             echo "ERROR: Database schema mismatch detected! A manual database migration is required."
@@ -79,8 +93,9 @@ jobs:
             exit 1
           fi
           GITEA_SERVER_URL="https://gitea.projectium.com"
-          COMMIT_MESSAGE=$(git log -1 --pretty=%s)
-          VITE_APP_VERSION="$(date +'%Y%m%d-%H%M'):$(git rev-parse --short HEAD)" \
+          COMMIT_MESSAGE=$(git log -1 --grep="\[skip ci\]" --invert-grep --pretty=%s)
+          PACKAGE_VERSION=$(node -p "require('./package.json').version")
+          VITE_APP_VERSION="$(date +'%Y%m%d-%H%M'):$(git rev-parse --short HEAD):$PACKAGE_VERSION" \
           VITE_APP_COMMIT_URL="$GITEA_SERVER_URL/${{ gitea.repository }}/commit/${{ gitea.sha }}" \
           VITE_APP_COMMIT_MESSAGE="$COMMIT_MESSAGE" \
           VITE_API_BASE_URL=/api VITE_API_KEY=${{ secrets.VITE_GOOGLE_GENAI_API_KEY }} npm run build
@@ -148,7 +163,12 @@ jobs:
           echo "Updating schema hash in production database..."
           CURRENT_HASH=$(cat sql/master_schema_rollup.sql | dos2unix | sha256sum | awk '{ print $1 }')
           PGPASSWORD="$DB_PASSWORD" psql -v ON_ERROR_STOP=1 -h "$DB_HOST" -p 5432 -U "$DB_USER" -d "$DB_NAME" -c \
-          "INSERT INTO public.schema_info (environment, schema_hash, deployed_at) VALUES ('production', '$CURRENT_HASH', NOW())
+          "CREATE TABLE IF NOT EXISTS public.schema_info (
+            environment VARCHAR(50) PRIMARY KEY,
+            schema_hash VARCHAR(64) NOT NULL,
+            deployed_at TIMESTAMP DEFAULT NOW()
+          );
+          INSERT INTO public.schema_info (environment, schema_hash, deployed_at) VALUES ('production', '$CURRENT_HASH', NOW())
            ON CONFLICT (environment) DO UPDATE SET schema_hash = EXCLUDED.schema_hash, deployed_at = NOW();"
 
           UPDATED_HASH=$(PGPASSWORD="$DB_PASSWORD" psql -v ON_ERROR_STOP=1 -h "$DB_HOST" -p 5432 -U "$DB_USER" -d "$DB_NAME" -c "SELECT schema_hash FROM public.schema_info WHERE environment = 'production';" -t -A)

.gitea/workflows/deploy-to-test.yml

@@ -119,6 +119,11 @@ jobs:
           # --- JWT Secret for Passport authentication in tests ---
           JWT_SECRET: ${{ secrets.JWT_SECRET }}
 
+          # --- V8 Coverage for Server Process ---
+          # This variable tells the Node.js process (our server, started by globalSetup)
+          # where to output its raw V8 coverage data.
+          NODE_V8_COVERAGE: '.coverage/tmp/integration-server'
+
           # --- Increase Node.js memory limit to prevent heap out of memory errors ---
           # This is crucial for memory-intensive tasks like running tests and coverage.
           NODE_OPTIONS: '--max-old-space-size=8192'
@@ -137,15 +142,15 @@ jobs:
           # The `|| true` ensures the workflow continues even if tests fail, allowing coverage to run.
           echo "--- Running Unit Tests ---"
           # npm run test:unit -- --coverage --reporter=verbose --includeTaskLocation --testTimeout=10000 --silent=passed-only || true
-          npm run test:unit -- --coverage --reporter=verbose --includeTaskLocation --testTimeout=10000 --silent=passed-only  --no-file-parallelism || true
+          npm run test:unit -- --coverage --coverage.exclude='**/*.test.ts' --coverage.exclude='**/tests/**' --coverage.exclude='**/mocks/**' --reporter=verbose --includeTaskLocation --testTimeout=10000 --silent=passed-only  --no-file-parallelism || true
 
           echo "--- Running Integration Tests ---"
-          npm run test:integration -- --coverage --reporter=verbose --includeTaskLocation --testTimeout=10000 --silent=passed-only || true
+          npm run test:integration -- --coverage --coverage.exclude='**/*.test.ts' --coverage.exclude='**/tests/**' --coverage.exclude='**/mocks/**' --reporter=verbose --includeTaskLocation --testTimeout=10000 --silent=passed-only || true
 
           echo "--- Running E2E Tests ---"
-          # Run E2E tests using the integration config (for DB setup) but output coverage separately.
-          # We increase timeout significantly (120s) for E2E flows that involve AI processing.
-          npx vitest run src/tests/e2e --config vitest.config.integration.ts --coverage --coverage.reportsDirectory=.coverage/e2e --reporter=verbose --testTimeout=120000 --no-file-parallelism || true
+          # Run E2E tests using the dedicated E2E config which inherits from integration config.
+          # We still pass --coverage to enable it, but directory and timeout are now in the config.
+          npx vitest run --config vitest.config.e2e.ts --coverage --coverage.exclude='**/*.test.ts' --coverage.exclude='**/tests/**' --coverage.exclude='**/mocks/**' --reporter=verbose --no-file-parallelism || true
 
           # Re-enable secret masking for subsequent steps.
           echo "::secret-masking::"
@@ -174,7 +179,7 @@ jobs:
           # Run c8: read raw files from the temp dir, and output an Istanbul JSON report.
           # We only generate the 'json' report here because it's all nyc needs for merging.
           echo "Server coverage report about to be generated..."
-          npx c8 report --reporter=json --temp-directory .coverage/tmp/integration-server --reports-dir .coverage/integration-server
+          npx c8 report --exclude='**/*.test.ts' --exclude='**/tests/**' --exclude='**/mocks/**' --reporter=json --temp-directory .coverage/tmp/integration-server --reports-dir .coverage/integration-server
           echo "Server coverage report generated. Verifying existence:"
           ls -l .coverage/integration-server/coverage-final.json
 
@@ -213,7 +218,10 @@ jobs:
             --reporter=text \
             --reporter=html \
             --report-dir .coverage/ \
-            --temp-dir "$NYC_SOURCE_DIR"
+            --temp-dir "$NYC_SOURCE_DIR" \
+            --exclude "**/*.test.ts" \
+            --exclude "**/tests/**" \
+            --exclude "**/mocks/**"
 
           # Re-enable secret masking for subsequent steps.
           echo "::secret-masking::"
@@ -264,18 +272,19 @@ jobs:
           # We normalize line endings to ensure the hash is consistent across different OS environments.
           CURRENT_HASH=$(cat sql/master_schema_rollup.sql | dos2unix | sha256sum | awk '{ print $1 }')
           echo "Current Git Schema Hash: $CURRENT_HASH"
-
           # Query the production database to get the hash of the deployed schema.
           # The `psql` command requires PGPASSWORD to be set.
           # `\t` sets tuples-only mode and `\A` unaligns output to get just the raw value.
-          # The `|| echo "none"` ensures the command doesn't fail if the table or row doesn't exist yet.          
-          DEPLOYED_HASH=$(PGPASSWORD="$DB_PASSWORD" psql -v ON_ERROR_STOP=1 -h "$DB_HOST" -p 5432 -U "$DB_USER" -d "$DB_NAME" -c "SELECT schema_hash FROM public.schema_info WHERE environment = 'test';" -t -A || echo "none")
+          # The psql command will now fail the step if the query errors (e.g., column missing), preventing deployment on a bad schema.
+          DEPLOYED_HASH=$(PGPASSWORD="$DB_PASSWORD" psql -v ON_ERROR_STOP=1 -h "$DB_HOST" -p 5432 -U "$DB_USER" -d "$DB_NAME" -c "SELECT schema_hash FROM public.schema_info WHERE environment = 'test';" -t -A)
           echo "Deployed DB Schema Hash: $DEPLOYED_HASH"
-
           # Check if the hash is "none" (command failed) OR if it's an empty string (table exists but is empty).
-          if [ "$DEPLOYED_HASH" = "none" ] || [ -z "$DEPLOYED_HASH" ]; then
+          if [ -z "$DEPLOYED_HASH" ]; then
             echo "WARNING: No schema hash found in the test database."
             echo "This is expected for a first-time deployment. The hash will be set after a successful deployment."
+            echo "--- Debug: Dumping schema_info table ---"
+            PGPASSWORD="$DB_PASSWORD" psql -v ON_ERROR_STOP=0 -h "$DB_HOST" -p 5432 -U "$DB_USER" -d "$DB_NAME" -c "SELECT * FROM public.schema_info;" || true
+            echo "----------------------------------------"
             # We allow the deployment to continue, but a manual schema update is required.
             # You could choose to fail here by adding `exit 1`.
           elif [ "$CURRENT_HASH" != "$DEPLOYED_HASH" ]; then
@@ -299,8 +308,9 @@ jobs:
           fi
 
           GITEA_SERVER_URL="https://gitea.projectium.com" # Your Gitea instance URL
-          COMMIT_MESSAGE=$(git log -1 --pretty=%s)
-          VITE_APP_VERSION="$(date +'%Y%m%d-%H%M'):$(git rev-parse --short HEAD)" \
+          COMMIT_MESSAGE=$(git log -1 --grep="\[skip ci\]" --invert-grep --pretty=%s)
+          PACKAGE_VERSION=$(node -p "require('./package.json').version")
+          VITE_APP_VERSION="$(date +'%Y%m%d-%H%M'):$(git rev-parse --short HEAD):$PACKAGE_VERSION" \
           VITE_APP_COMMIT_URL="$GITEA_SERVER_URL/${{ gitea.repository }}/commit/${{ gitea.sha }}" \
           VITE_APP_COMMIT_MESSAGE="$COMMIT_MESSAGE" \
           VITE_API_BASE_URL="https://flyer-crawler-test.projectium.com/api" VITE_API_KEY=${{ secrets.VITE_GOOGLE_GENAI_API_KEY_TEST }} npm run build
@@ -362,7 +372,7 @@ jobs:
 
           echo "Installing production dependencies and restarting test server..."
           cd /var/www/flyer-crawler-test.projectium.com
-          npm install --omit=dev # Install only production dependencies
+          npm install --omit=dev
           # Use `startOrReload` with the ecosystem file. This is the standard, idempotent way to deploy.
           # It will START the process if it's not running, or RELOAD it if it is.
           # We also add `&& pm2 save` to persist the process list across server reboots.
@@ -374,7 +384,12 @@ jobs:
           echo "Updating schema hash in test database..."
           CURRENT_HASH=$(cat sql/master_schema_rollup.sql | dos2unix | sha256sum | awk '{ print $1 }')
           PGPASSWORD="$DB_PASSWORD" psql -v ON_ERROR_STOP=1 -h "$DB_HOST" -p 5432 -U "$DB_USER" -d "$DB_NAME" -c \
-          "INSERT INTO public.schema_info (environment, schema_hash, deployed_at) VALUES ('test', '$CURRENT_HASH', NOW())
+          "CREATE TABLE IF NOT EXISTS public.schema_info (
+            environment VARCHAR(50) PRIMARY KEY,
+            schema_hash VARCHAR(64) NOT NULL,
+            deployed_at TIMESTAMP DEFAULT NOW()
+          );
+          INSERT INTO public.schema_info (environment, schema_hash, deployed_at) VALUES ('test', '$CURRENT_HASH', NOW())
            ON CONFLICT (environment) DO UPDATE SET schema_hash = EXCLUDED.schema_hash, deployed_at = NOW();"
 
           # Verify the hash was updated

.gitea/workflows/manual-deploy-major.yml

@@ -0,0 +1,181 @@
+# .gitea/workflows/manual-deploy-major.yml
+#
+# This workflow provides a MANUAL trigger to perform a MAJOR version bump
+# and deploy the application to the PRODUCTION environment.
+name: Manual - Deploy Major Version to Production
+
+on:
+  workflow_dispatch:
+    inputs:
+      confirmation:
+        description: 'Type "deploy-major-to-prod" to confirm you want to deploy a new major version.'
+        required: true
+        default: 'do-not-run'
+      force_reload:
+        description: 'Force PM2 reload even if version matches (true/false).'
+        required: false
+        type: boolean
+        default: false
+
+jobs:
+  deploy-production-major:
+    runs-on: projectium.com
+
+    steps:
+      - name: Verify Confirmation Phrase
+        run: |
+          if [ "${{ gitea.event.inputs.confirmation }}" != "deploy-major-to-prod" ]; then
+            echo "ERROR: Confirmation phrase did not match. Aborting deployment."
+            exit 1
+          fi
+          echo "✅ Confirmation accepted. Proceeding with major version production deployment."
+
+      - name: Checkout Code from 'main' branch
+        uses: actions/checkout@v3
+        with:
+          ref: 'main' # Explicitly check out the main branch for production deployment
+          fetch-depth: 0
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v3
+        with:
+          node-version: '20'
+          cache: 'npm'
+          cache-dependency-path: '**/package-lock.json'
+
+      - name: Install Dependencies
+        run: npm ci
+
+      - name: Bump Major Version and Push
+        run: |
+          # Configure git for the commit.
+          git config --global user.name 'Gitea Actions'
+          git config --global user.email 'actions@gitea.projectium.com'
+
+          # Bump the major version number. This creates a new commit and a new tag.
+          # The commit message includes [skip ci] to prevent this push from triggering another workflow run.
+          npm version major -m "ci: Bump version to %s for major release [skip ci]"
+
+          # Push the new commit and the new tag back to the main branch.
+          git push --follow-tags
+
+      - name: Check for Production Database Schema Changes
+        env:
+          DB_HOST: ${{ secrets.DB_HOST }}
+          DB_USER: ${{ secrets.DB_USER }}
+          DB_PASSWORD: ${{ secrets.DB_PASSWORD }}
+          DB_NAME: ${{ secrets.DB_DATABASE_PROD }}
+        run: |
+          if [ -z "$DB_HOST" ] || [ -z "$DB_USER" ] || [ -z "$DB_PASSWORD" ] || [ -z "$DB_NAME" ]; then
+            echo "ERROR: One or more production database secrets (DB_HOST, DB_USER, DB_PASSWORD, DB_DATABASE_PROD) are not set."
+            exit 1
+          fi
+          echo "--- Checking for production schema changes ---"
+          CURRENT_HASH=$(cat sql/master_schema_rollup.sql | dos2unix | sha256sum | awk '{ print $1 }')
+          echo "Current Git Schema Hash: $CURRENT_HASH"
+          # The psql command will now fail the step if the query errors (e.g., column missing), preventing deployment on a bad schema.
+          DEPLOYED_HASH=$(PGPASSWORD="$DB_PASSWORD" psql -v ON_ERROR_STOP=1 -h "$DB_HOST" -p 5432 -U "$DB_USER" -d "$DB_NAME" -c "SELECT schema_hash FROM public.schema_info WHERE environment = 'production';" -t -A)
+          echo "Deployed DB Schema Hash: $DEPLOYED_HASH"
+          if [ -z "$DEPLOYED_HASH" ]; then
+            echo "WARNING: No schema hash found in the production database. This is expected for a first-time deployment."
+          elif [ "$CURRENT_HASH" != "$DEPLOYED_HASH" ]; then
+            echo "ERROR: Database schema mismatch detected! A manual database migration is required."
+            exit 1
+          else
+            echo "✅ Schema is up to date. No changes detected."
+          fi
+
+      - name: Build React Application for Production
+        run: |
+          if [ -z "${{ secrets.VITE_GOOGLE_GENAI_API_KEY }}" ]; then
+            echo "ERROR: The VITE_GOOGLE_GENAI_API_KEY secret is not set."
+            exit 1
+          fi
+          GITEA_SERVER_URL="https://gitea.projectium.com"
+          COMMIT_MESSAGE=$(git log -1 --grep="\[skip ci\]" --invert-grep --pretty=%s)
+          PACKAGE_VERSION=$(node -p "require('./package.json').version")
+          VITE_APP_VERSION="$(date +'%Y%m%d-%H%M'):$(git rev-parse --short HEAD):$PACKAGE_VERSION" \
+          VITE_APP_COMMIT_URL="$GITEA_SERVER_URL/${{ gitea.repository }}/commit/${{ gitea.sha }}" \
+          VITE_APP_COMMIT_MESSAGE="$COMMIT_MESSAGE" \
+          VITE_API_BASE_URL=/api VITE_API_KEY=${{ secrets.VITE_GOOGLE_GENAI_API_KEY }} npm run build
+
+      - name: Deploy Application to Production Server
+        run: |
+          echo "Deploying application files to /var/www/flyer-crawler.projectium.com..."
+          APP_PATH="/var/www/flyer-crawler.projectium.com"
+          mkdir -p "$APP_PATH"
+          mkdir -p "$APP_PATH/flyer-images/icons" "$APP_PATH/flyer-images/archive"
+          rsync -avz --delete --exclude 'node_modules' --exclude '.git' --exclude 'dist' --exclude 'flyer-images' ./ "$APP_PATH/"
+          rsync -avz dist/ "$APP_PATH"
+          echo "Application deployment complete."
+
+      - name: Install Backend Dependencies and Restart Production Server
+        env:
+          # --- Production Secrets Injection ---
+          DB_HOST: ${{ secrets.DB_HOST }}
+          DB_USER: ${{ secrets.DB_USER }}
+          DB_PASSWORD: ${{ secrets.DB_PASSWORD }}
+          DB_NAME: ${{ secrets.DB_DATABASE_PROD }}
+          REDIS_URL: 'redis://localhost:6379'
+          REDIS_PASSWORD: ${{ secrets.REDIS_PASSWORD_PROD }}
+          FRONTEND_URL: 'https://flyer-crawler.projectium.com'
+          JWT_SECRET: ${{ secrets.JWT_SECRET }}
+          GEMINI_API_KEY: ${{ secrets.VITE_GOOGLE_GENAI_API_KEY }}
+          GOOGLE_MAPS_API_KEY: ${{ secrets.GOOGLE_MAPS_API_KEY }}
+          SMTP_HOST: 'localhost'
+          SMTP_PORT: '1025'
+          SMTP_SECURE: 'false'
+          SMTP_USER: ''
+          SMTP_PASS: ''
+          SMTP_FROM_EMAIL: 'noreply@flyer-crawler.projectium.com'
+        run: |
+          if [ -z "$DB_HOST" ] || [ -z "$DB_USER" ] || [ -z "$DB_PASSWORD" ] || [ -z "$DB_NAME" ]; then
+            echo "ERROR: One or more production database secrets (DB_HOST, DB_USER, DB_PASSWORD, DB_DATABASE_PROD) are not set."
+            exit 1
+          fi
+          echo "Installing production dependencies and restarting server..."
+          cd /var/www/flyer-crawler.projectium.com
+          npm install --omit=dev
+
+          # --- Version Check Logic ---
+          # Get the version from the newly deployed package.json
+          NEW_VERSION=$(node -p "require('./package.json').version")
+          echo "Deployed Package Version: $NEW_VERSION"
+
+          # Get the running version from PM2 for the main API process
+          # We use a small node script to parse the JSON output from pm2 jlist
+          RUNNING_VERSION=$(pm2 jlist | node -e "try { const list = JSON.parse(require('fs').readFileSync(0, 'utf-8')); const app = list.find(p => p.name === 'flyer-crawler-api'); console.log(app ? app.pm2_env.version : ''); } catch(e) { console.log(''); }")
+          echo "Running PM2 Version: $RUNNING_VERSION"
+
+          if [ "${{ gitea.event.inputs.force_reload }}" == "true" ] || [ "$NEW_VERSION" != "$RUNNING_VERSION" ] || [ -z "$RUNNING_VERSION" ]; then
+            if [ "${{ gitea.event.inputs.force_reload }}" == "true" ]; then
+              echo "Force reload triggered by manual input. Reloading PM2..."
+            else
+              echo "Version mismatch (Running: $RUNNING_VERSION -> Deployed: $NEW_VERSION) or app not running. Reloading PM2..."
+            fi
+            pm2 startOrReload ecosystem.config.cjs --env production && pm2 save
+            echo "Production backend server reloaded successfully."
+          else
+            echo "Version $NEW_VERSION is already running. Skipping PM2 reload."
+          fi
+
+          echo "Updating schema hash in production database..."
+          CURRENT_HASH=$(cat sql/master_schema_rollup.sql | dos2unix | sha256sum | awk '{ print $1 }')
+          PGPASSWORD="$DB_PASSWORD" psql -v ON_ERROR_STOP=1 -h "$DB_HOST" -p 5432 -U "$DB_USER" -d "$DB_NAME" -c \
+          "INSERT INTO public.schema_info (environment, schema_hash, deployed_at) VALUES ('production', '$CURRENT_HASH', NOW())
+           ON CONFLICT (environment) DO UPDATE SET schema_hash = EXCLUDED.schema_hash, deployed_at = NOW();"
+
+          UPDATED_HASH=$(PGPASSWORD="$DB_PASSWORD" psql -v ON_ERROR_STOP=1 -h "$DB_HOST" -p 5432 -U "$DB_USER" -d "$DB_NAME" -c "SELECT schema_hash FROM public.schema_info WHERE environment = 'production';" -t -A)
+          if [ "$CURRENT_HASH" = "$UPDATED_HASH" ]; then
+            echo "✅ Schema hash successfully updated in the database to: $UPDATED_HASH"
+          else
+            echo "ERROR: Failed to update schema hash in the database."
+          fi
+
+      - name: Show PM2 Environment for Production
+        run: |
+          echo "--- Displaying recent PM2 logs for flyer-crawler-api ---"
+          sleep 5
+          pm2 describe flyer-crawler-api || echo "Could not find production pm2 process."
+          pm2 logs flyer-crawler-api --lines 20 --nostream || echo "Could not find production pm2 process."
+          pm2 env flyer-crawler-api || echo "Could not find production pm2 process."

ecosystem.config.cjs

@@ -18,12 +18,70 @@ module.exports = {
         NODE_ENV: 'production', // Set the Node.js environment to production
         name: 'flyer-crawler-api',
         cwd: '/var/www/flyer-crawler.projectium.com',
+        // Inherit secrets from the deployment environment
+        DB_HOST: process.env.DB_HOST,
+        DB_USER: process.env.DB_USER,
+        DB_PASSWORD: process.env.DB_PASSWORD,
+        DB_NAME: process.env.DB_NAME,
+        REDIS_URL: process.env.REDIS_URL,
+        REDIS_PASSWORD: process.env.REDIS_PASSWORD,
+        FRONTEND_URL: process.env.FRONTEND_URL,
+        JWT_SECRET: process.env.JWT_SECRET,
+        GEMINI_API_KEY: process.env.GEMINI_API_KEY,
+        GOOGLE_MAPS_API_KEY: process.env.GOOGLE_MAPS_API_KEY,
+        SMTP_HOST: process.env.SMTP_HOST,
+        SMTP_PORT: process.env.SMTP_PORT,
+        SMTP_SECURE: process.env.SMTP_SECURE,
+        SMTP_USER: process.env.SMTP_USER,
+        SMTP_PASS: process.env.SMTP_PASS,
+        SMTP_FROM_EMAIL: process.env.SMTP_FROM_EMAIL,
       },
       // Test Environment Settings
       env_test: {
-        NODE_ENV: 'development', // Use 'development' for test to enable more verbose logging if needed
+        NODE_ENV: 'test', // Set to 'test' to match the environment purpose and disable pino-pretty
         name: 'flyer-crawler-api-test',
         cwd: '/var/www/flyer-crawler-test.projectium.com',
+        // Inherit secrets from the deployment environment
+        DB_HOST: process.env.DB_HOST,
+        DB_USER: process.env.DB_USER,
+        DB_PASSWORD: process.env.DB_PASSWORD,
+        DB_NAME: process.env.DB_NAME,
+        REDIS_URL: process.env.REDIS_URL,
+        REDIS_PASSWORD: process.env.REDIS_PASSWORD,
+        FRONTEND_URL: process.env.FRONTEND_URL,
+        JWT_SECRET: process.env.JWT_SECRET,
+        GEMINI_API_KEY: process.env.GEMINI_API_KEY,
+        GOOGLE_MAPS_API_KEY: process.env.GOOGLE_MAPS_API_KEY,
+        SMTP_HOST: process.env.SMTP_HOST,
+        SMTP_PORT: process.env.SMTP_PORT,
+        SMTP_SECURE: process.env.SMTP_SECURE,
+        SMTP_USER: process.env.SMTP_USER,
+        SMTP_PASS: process.env.SMTP_PASS,
+        SMTP_FROM_EMAIL: process.env.SMTP_FROM_EMAIL,
+      },
+      // Development Environment Settings
+      env_development: {
+        NODE_ENV: 'development',
+        name: 'flyer-crawler-api-dev',
+        watch: true,
+        ignore_watch: ['node_modules', 'logs', '*.log', 'flyer-images', '.git'],
+        // Inherit secrets from the deployment environment
+        DB_HOST: process.env.DB_HOST,
+        DB_USER: process.env.DB_USER,
+        DB_PASSWORD: process.env.DB_PASSWORD,
+        DB_NAME: process.env.DB_NAME,
+        REDIS_URL: process.env.REDIS_URL,
+        REDIS_PASSWORD: process.env.REDIS_PASSWORD,
+        FRONTEND_URL: process.env.FRONTEND_URL,
+        JWT_SECRET: process.env.JWT_SECRET,
+        GEMINI_API_KEY: process.env.GEMINI_API_KEY,
+        GOOGLE_MAPS_API_KEY: process.env.GOOGLE_MAPS_API_KEY,
+        SMTP_HOST: process.env.SMTP_HOST,
+        SMTP_PORT: process.env.SMTP_PORT,
+        SMTP_SECURE: process.env.SMTP_SECURE,
+        SMTP_USER: process.env.SMTP_USER,
+        SMTP_PASS: process.env.SMTP_PASS,
+        SMTP_FROM_EMAIL: process.env.SMTP_FROM_EMAIL,
       },
     },
     {
@@ -36,12 +94,70 @@ module.exports = {
         NODE_ENV: 'production',
         name: 'flyer-crawler-worker',
         cwd: '/var/www/flyer-crawler.projectium.com',
+        // Inherit secrets from the deployment environment
+        DB_HOST: process.env.DB_HOST,
+        DB_USER: process.env.DB_USER,
+        DB_PASSWORD: process.env.DB_PASSWORD,
+        DB_NAME: process.env.DB_NAME,
+        REDIS_URL: process.env.REDIS_URL,
+        REDIS_PASSWORD: process.env.REDIS_PASSWORD,
+        FRONTEND_URL: process.env.FRONTEND_URL,
+        JWT_SECRET: process.env.JWT_SECRET,
+        GEMINI_API_KEY: process.env.GEMINI_API_KEY,
+        GOOGLE_MAPS_API_KEY: process.env.GOOGLE_MAPS_API_KEY,
+        SMTP_HOST: process.env.SMTP_HOST,
+        SMTP_PORT: process.env.SMTP_PORT,
+        SMTP_SECURE: process.env.SMTP_SECURE,
+        SMTP_USER: process.env.SMTP_USER,
+        SMTP_PASS: process.env.SMTP_PASS,
+        SMTP_FROM_EMAIL: process.env.SMTP_FROM_EMAIL,
       },
       // Test Environment Settings
       env_test: {
-        NODE_ENV: 'development',
+        NODE_ENV: 'test',
         name: 'flyer-crawler-worker-test',
         cwd: '/var/www/flyer-crawler-test.projectium.com',
+        // Inherit secrets from the deployment environment
+        DB_HOST: process.env.DB_HOST,
+        DB_USER: process.env.DB_USER,
+        DB_PASSWORD: process.env.DB_PASSWORD,
+        DB_NAME: process.env.DB_NAME,
+        REDIS_URL: process.env.REDIS_URL,
+        REDIS_PASSWORD: process.env.REDIS_PASSWORD,
+        FRONTEND_URL: process.env.FRONTEND_URL,
+        JWT_SECRET: process.env.JWT_SECRET,
+        GEMINI_API_KEY: process.env.GEMINI_API_KEY,
+        GOOGLE_MAPS_API_KEY: process.env.GOOGLE_MAPS_API_KEY,
+        SMTP_HOST: process.env.SMTP_HOST,
+        SMTP_PORT: process.env.SMTP_PORT,
+        SMTP_SECURE: process.env.SMTP_SECURE,
+        SMTP_USER: process.env.SMTP_USER,
+        SMTP_PASS: process.env.SMTP_PASS,
+        SMTP_FROM_EMAIL: process.env.SMTP_FROM_EMAIL,
+      },
+      // Development Environment Settings
+      env_development: {
+        NODE_ENV: 'development',
+        name: 'flyer-crawler-worker-dev',
+        watch: true,
+        ignore_watch: ['node_modules', 'logs', '*.log', 'flyer-images', '.git'],
+        // Inherit secrets from the deployment environment
+        DB_HOST: process.env.DB_HOST,
+        DB_USER: process.env.DB_USER,
+        DB_PASSWORD: process.env.DB_PASSWORD,
+        DB_NAME: process.env.DB_NAME,
+        REDIS_URL: process.env.REDIS_URL,
+        REDIS_PASSWORD: process.env.REDIS_PASSWORD,
+        FRONTEND_URL: process.env.FRONTEND_URL,
+        JWT_SECRET: process.env.JWT_SECRET,
+        GEMINI_API_KEY: process.env.GEMINI_API_KEY,
+        GOOGLE_MAPS_API_KEY: process.env.GOOGLE_MAPS_API_KEY,
+        SMTP_HOST: process.env.SMTP_HOST,
+        SMTP_PORT: process.env.SMTP_PORT,
+        SMTP_SECURE: process.env.SMTP_SECURE,
+        SMTP_USER: process.env.SMTP_USER,
+        SMTP_PASS: process.env.SMTP_PASS,
+        SMTP_FROM_EMAIL: process.env.SMTP_FROM_EMAIL,
       },
     },
     {
@@ -54,12 +170,70 @@ module.exports = {
         NODE_ENV: 'production',
         name: 'flyer-crawler-analytics-worker',
         cwd: '/var/www/flyer-crawler.projectium.com',
+        // Inherit secrets from the deployment environment
+        DB_HOST: process.env.DB_HOST,
+        DB_USER: process.env.DB_USER,
+        DB_PASSWORD: process.env.DB_PASSWORD,
+        DB_NAME: process.env.DB_NAME,
+        REDIS_URL: process.env.REDIS_URL,
+        REDIS_PASSWORD: process.env.REDIS_PASSWORD,
+        FRONTEND_URL: process.env.FRONTEND_URL,
+        JWT_SECRET: process.env.JWT_SECRET,
+        GEMINI_API_KEY: process.env.GEMINI_API_KEY,
+        GOOGLE_MAPS_API_KEY: process.env.GOOGLE_MAPS_API_KEY,
+        SMTP_HOST: process.env.SMTP_HOST,
+        SMTP_PORT: process.env.SMTP_PORT,
+        SMTP_SECURE: process.env.SMTP_SECURE,
+        SMTP_USER: process.env.SMTP_USER,
+        SMTP_PASS: process.env.SMTP_PASS,
+        SMTP_FROM_EMAIL: process.env.SMTP_FROM_EMAIL,
       },
       // Test Environment Settings
       env_test: {
-        NODE_ENV: 'development',
+        NODE_ENV: 'test',
         name: 'flyer-crawler-analytics-worker-test',
         cwd: '/var/www/flyer-crawler-test.projectium.com',
+        // Inherit secrets from the deployment environment
+        DB_HOST: process.env.DB_HOST,
+        DB_USER: process.env.DB_USER,
+        DB_PASSWORD: process.env.DB_PASSWORD,
+        DB_NAME: process.env.DB_NAME,
+        REDIS_URL: process.env.REDIS_URL,
+        REDIS_PASSWORD: process.env.REDIS_PASSWORD,
+        FRONTEND_URL: process.env.FRONTEND_URL,
+        JWT_SECRET: process.env.JWT_SECRET,
+        GEMINI_API_KEY: process.env.GEMINI_API_KEY,
+        GOOGLE_MAPS_API_KEY: process.env.GOOGLE_MAPS_API_KEY,
+        SMTP_HOST: process.env.SMTP_HOST,
+        SMTP_PORT: process.env.SMTP_PORT,
+        SMTP_SECURE: process.env.SMTP_SECURE,
+        SMTP_USER: process.env.SMTP_USER,
+        SMTP_PASS: process.env.SMTP_PASS,
+        SMTP_FROM_EMAIL: process.env.SMTP_FROM_EMAIL,
+      },
+      // Development Environment Settings
+      env_development: {
+        NODE_ENV: 'development',
+        name: 'flyer-crawler-analytics-worker-dev',
+        watch: true,
+        ignore_watch: ['node_modules', 'logs', '*.log', 'flyer-images', '.git'],
+        // Inherit secrets from the deployment environment
+        DB_HOST: process.env.DB_HOST,
+        DB_USER: process.env.DB_USER,
+        DB_PASSWORD: process.env.DB_PASSWORD,
+        DB_NAME: process.env.DB_NAME,
+        REDIS_URL: process.env.REDIS_URL,
+        REDIS_PASSWORD: process.env.REDIS_PASSWORD,
+        FRONTEND_URL: process.env.FRONTEND_URL,
+        JWT_SECRET: process.env.JWT_SECRET,
+        GEMINI_API_KEY: process.env.GEMINI_API_KEY,
+        GOOGLE_MAPS_API_KEY: process.env.GOOGLE_MAPS_API_KEY,
+        SMTP_HOST: process.env.SMTP_HOST,
+        SMTP_PORT: process.env.SMTP_PORT,
+        SMTP_SECURE: process.env.SMTP_SECURE,
+        SMTP_USER: process.env.SMTP_USER,
+        SMTP_PASS: process.env.SMTP_PASS,
+        SMTP_FROM_EMAIL: process.env.SMTP_FROM_EMAIL,
       },
     },
   ],

package-lock.json

@@ -1,12 +1,12 @@
 {
   "name": "flyer-crawler",
-  "version": "0.0.25",
+  "version": "0.1.2",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "flyer-crawler",
-      "version": "0.0.25",
+      "version": "0.1.2",
       "dependencies": {
         "@bull-board/api": "^6.14.2",
         "@bull-board/express": "^6.14.2",

package.json

@@ -1,7 +1,7 @@
 {
   "name": "flyer-crawler",
   "private": true,
-  "version": "0.0.25",
+  "version": "0.1.2",
   "type": "module",
   "scripts": {
     "dev": "concurrently \"npm:start:dev\" \"vite\"",

src/App.test.tsx

@@ -36,7 +36,7 @@ vi.mock('pdfjs-dist', () => ({
 // Mock the new config module
 vi.mock('./config', () => ({
   default: {
-    app: { version: '1.0.0', commitMessage: 'Initial commit', commitUrl: '#' },
+    app: { version: '20250101-1200:abc1234:1.0.0', commitMessage: 'Initial commit', commitUrl: '#' },
     google: { mapsEmbedApiKey: 'mock-key' },
   },
 }));
@@ -243,9 +243,7 @@ describe('App Component', () => {
     mockedApiClient.fetchShoppingLists.mockImplementation(() =>
       Promise.resolve(new Response(JSON.stringify([]))),
     );
-    mockedAiApiClient.rescanImageArea.mockResolvedValue(
-      new Response(JSON.stringify({ text: 'mocked text' })),
-    ); // Mock for FlyerCorrectionTool
+    mockedAiApiClient.rescanImageArea.mockResolvedValue({ text: 'mocked text' }); // Mock for FlyerCorrectionTool
     console.log('[TEST DEBUG] beforeEach: Setup complete');
   });
 
@@ -588,11 +586,11 @@ describe('App Component', () => {
       // Mock the config module for this specific test
       vi.mock('./config', () => ({
         default: {
-          app: { version: '1.0.1', commitMessage: 'New feature!', commitUrl: '#' },
+          app: { version: '20250101-1200:abc1234:1.0.1', commitMessage: 'New feature!', commitUrl: '#' },
           google: { mapsEmbedApiKey: 'mock-key' },
         },
       }));
-      localStorageMock.setItem('lastSeenVersion', '1.0.0');
+      localStorageMock.setItem('lastSeenVersion', '20250101-1200:abc1234:1.0.0');
       renderApp();
       await expect(screen.findByTestId('whats-new-modal-mock')).resolves.toBeInTheDocument();
     });
@@ -741,7 +739,7 @@ describe('App Component', () => {
       vi.mock('./config', () => ({
         default: {
           app: {
-            version: '2.0.0',
+            version: '20250101-1200:abc1234:2.0.0',
             commitMessage: 'A new version!',
             commitUrl: 'http://example.com/commit/2.0.0',
           },
@@ -752,14 +750,14 @@ describe('App Component', () => {
 
     it('should display the version number and commit link', () => {
       renderApp();
-      const versionLink = screen.getByText(`Version: 2.0.0`);
+      const versionLink = screen.getByText(`Version: 20250101-1200:abc1234:2.0.0`);
       expect(versionLink).toBeInTheDocument();
       expect(versionLink).toHaveAttribute('href', 'http://example.com/commit/2.0.0');
     });
 
     it('should open the "What\'s New" modal when the question mark icon is clicked', async () => {
       // Pre-set the localStorage to prevent the modal from opening automatically
-      localStorageMock.setItem('lastSeenVersion', '2.0.0');
+      localStorageMock.setItem('lastSeenVersion', '20250101-1200:abc1234:2.0.0');
 
       renderApp();
       expect(screen.queryByTestId('whats-new-modal-mock')).not.toBeInTheDocument();

src/features/flyer/FlyerUploader.test.tsx

@@ -73,12 +73,11 @@ describe('FlyerUploader', () => {
 
   it('should handle file upload and start polling', async () => {
     console.log('--- [TEST LOG] ---: 1. Setting up mocks for upload and polling.');
-    mockedAiApiClient.uploadAndProcessFlyer.mockResolvedValue(
-      new Response(JSON.stringify({ jobId: 'job-123' }), { status: 200 }),
-    );
-    mockedAiApiClient.getJobStatus.mockResolvedValue(
-      new Response(JSON.stringify({ state: 'active', progress: { message: 'Checking...' } })),
-    );
+    mockedAiApiClient.uploadAndProcessFlyer.mockResolvedValue({ jobId: 'job-123' });
+    mockedAiApiClient.getJobStatus.mockResolvedValue({
+      state: 'active',
+      progress: { message: 'Checking...' },
+    });
 
     console.log('--- [TEST LOG] ---: 2. Rendering component and preparing file.');
     renderComponent();
@@ -131,12 +130,11 @@ describe('FlyerUploader', () => {
 
   it('should handle file upload via drag and drop', async () => {
     console.log('--- [TEST LOG] ---: 1. Setting up mocks for drag and drop.');
-    mockedAiApiClient.uploadAndProcessFlyer.mockResolvedValue(
-      new Response(JSON.stringify({ jobId: 'job-dnd' }), { status: 200 }),
-    );
-    mockedAiApiClient.getJobStatus.mockResolvedValue(
-      new Response(JSON.stringify({ state: 'active', progress: { message: 'Dropped...' } })),
-    );
+    mockedAiApiClient.uploadAndProcessFlyer.mockResolvedValue({ jobId: 'job-dnd' });
+    mockedAiApiClient.getJobStatus.mockResolvedValue({
+      state: 'active',
+      progress: { message: 'Dropped...' },
+    });
 
     console.log('--- [TEST LOG] ---: 2. Rendering component and preparing file for drop.');
     renderComponent();
@@ -159,16 +157,10 @@ describe('FlyerUploader', () => {
   it('should poll for status, complete successfully, and redirect', async () => {
     const onProcessingComplete = vi.fn();
     console.log('--- [TEST LOG] ---: 1. Setting up mock sequence for polling.');
-    mockedAiApiClient.uploadAndProcessFlyer.mockResolvedValue(
-      new Response(JSON.stringify({ jobId: 'job-123' }), { status: 200 }),
-    );
+    mockedAiApiClient.uploadAndProcessFlyer.mockResolvedValue({ jobId: 'job-123' });
     mockedAiApiClient.getJobStatus
-      .mockResolvedValueOnce(
-        new Response(JSON.stringify({ state: 'active', progress: { message: 'Analyzing...' } })),
-      )
-      .mockResolvedValueOnce(
-        new Response(JSON.stringify({ state: 'completed', returnValue: { flyerId: 42 } })),
-      );
+      .mockResolvedValueOnce({ state: 'active', progress: { message: 'Analyzing...' } })
+      .mockResolvedValueOnce({ state: 'completed', returnValue: { flyerId: 42 } });
 
     console.log('--- [TEST LOG] ---: 2. Rendering component and uploading file.');
     renderComponent(onProcessingComplete);
@@ -229,12 +221,11 @@ describe('FlyerUploader', () => {
 
   it('should handle a failed job', async () => {
     console.log('--- [TEST LOG] ---: 1. Setting up mocks for a failed job.');
-    mockedAiApiClient.uploadAndProcessFlyer.mockResolvedValue(
-      new Response(JSON.stringify({ jobId: 'job-fail' }), { status: 200 }),
-    );
-    mockedAiApiClient.getJobStatus.mockResolvedValue(
-      new Response(JSON.stringify({ state: 'failed', failedReason: 'AI model exploded' })),
-    );
+    mockedAiApiClient.uploadAndProcessFlyer.mockResolvedValue({ jobId: 'job-fail' });
+    mockedAiApiClient.getJobStatus.mockResolvedValue({
+      state: 'failed',
+      failedReason: 'AI model exploded',
+    });
 
     console.log('--- [TEST LOG] ---: 2. Rendering and uploading.');
     renderComponent();
@@ -260,11 +251,82 @@ describe('FlyerUploader', () => {
     console.log('--- [TEST LOG] ---: 6. "Upload Another" button confirmed.');
   });
 
+  it('should clear the polling timeout when a job fails', async () => {
+    const clearTimeoutSpy = vi.spyOn(global, 'clearTimeout');
+    console.log('--- [TEST LOG] ---: 1. Setting up mocks for failed job timeout clearance.');
+    mockedAiApiClient.uploadAndProcessFlyer.mockResolvedValue({ jobId: 'job-fail-timeout' });
+
+    // We need at least one 'active' response to establish a timeout loop so we have something to clear
+    mockedAiApiClient.getJobStatus
+      .mockResolvedValueOnce({ state: 'active', progress: { message: 'Working...' } })
+      .mockResolvedValueOnce({ state: 'failed', failedReason: 'Fatal Error' });
+
+    renderComponent();
+    const file = new File(['content'], 'flyer.pdf', { type: 'application/pdf' });
+    const input = screen.getByLabelText(/click to select a file/i);
+
+    fireEvent.change(input, { target: { files: [file] } });
+
+    // Wait for the first poll to complete and UI to update to "Working..."
+    await screen.findByText('Working...');
+
+    // Advance time to trigger the second poll
+    await act(async () => {
+      vi.advanceTimersByTime(3000);
+    });
+
+    // Wait for the failure UI
+    await screen.findByText(/Processing failed: Fatal Error/i);
+
+    // Verify clearTimeout was called
+    expect(clearTimeoutSpy).toHaveBeenCalled();
+
+    // Verify no further polling occurs
+    const callsBefore = mockedAiApiClient.getJobStatus.mock.calls.length;
+    await act(async () => {
+      vi.advanceTimersByTime(10000);
+    });
+    expect(mockedAiApiClient.getJobStatus).toHaveBeenCalledTimes(callsBefore);
+
+    clearTimeoutSpy.mockRestore();
+  });
+
+  it('should clear the polling timeout when the component unmounts', async () => {
+    const clearTimeoutSpy = vi.spyOn(global, 'clearTimeout');
+    console.log('--- [TEST LOG] ---: 1. Setting up mocks for unmount timeout clearance.');
+    mockedAiApiClient.uploadAndProcessFlyer.mockResolvedValue({ jobId: 'job-unmount' });
+    mockedAiApiClient.getJobStatus.mockResolvedValue({
+      state: 'active',
+      progress: { message: 'Polling...' },
+    });
+
+    const { unmount } = renderComponent();
+    const file = new File(['content'], 'flyer.pdf', { type: 'application/pdf' });
+    const input = screen.getByLabelText(/click to select a file/i);
+
+    fireEvent.change(input, { target: { files: [file] } });
+
+    // Wait for the first poll to complete and the UI to show the polling state
+    await screen.findByText('Polling...');
+
+    // Now that we are in a polling state (and a timeout is set), unmount the component
+    console.log('--- [TEST LOG] ---: 2. Unmounting component to trigger cleanup effect.');
+    unmount();
+
+    // Verify that the cleanup function in the useEffect hook was called
+    expect(clearTimeoutSpy).toHaveBeenCalled();
+    console.log('--- [TEST LOG] ---: 3. clearTimeout confirmed.');
+
+    clearTimeoutSpy.mockRestore();
+  });
+
   it('should handle a duplicate flyer error (409)', async () => {
     console.log('--- [TEST LOG] ---: 1. Setting up mock for 409 duplicate error.');
-    mockedAiApiClient.uploadAndProcessFlyer.mockResolvedValue(
-      new Response(JSON.stringify({ flyerId: 99, message: 'Duplicate' }), { status: 409 }),
-    );
+    // The API client now throws a structured error for non-2xx responses.
+    mockedAiApiClient.uploadAndProcessFlyer.mockRejectedValue({
+      status: 409,
+      body: { flyerId: 99, message: 'Duplicate' },
+  });
 
     console.log('--- [TEST LOG] ---: 2. Rendering and uploading.');
     renderComponent();
@@ -295,12 +357,11 @@ describe('FlyerUploader', () => {
 
   it('should allow the user to stop watching progress', async () => {
     console.log('--- [TEST LOG] ---: 1. Setting up mocks for infinite polling.');
-    mockedAiApiClient.uploadAndProcessFlyer.mockResolvedValue(
-      new Response(JSON.stringify({ jobId: 'job-stop' }), { status: 200 }),
-    );
-    mockedAiApiClient.getJobStatus.mockResolvedValue(
-      new Response(JSON.stringify({ state: 'active', progress: { message: 'Analyzing...' } })),
-    );
+    mockedAiApiClient.uploadAndProcessFlyer.mockResolvedValue({ jobId: 'job-stop' });
+    mockedAiApiClient.getJobStatus.mockResolvedValue({
+      state: 'active',
+      progress: { message: 'Analyzing...' },
+    } as any);
 
     console.log('--- [TEST LOG] ---: 2. Rendering and uploading.');
     renderComponent();
@@ -362,9 +423,11 @@ describe('FlyerUploader', () => {
 
     it('should handle a generic network error during upload', async () => {
       console.log('--- [TEST LOG] ---: 1. Setting up mock for generic upload error.');
-      mockedAiApiClient.uploadAndProcessFlyer.mockRejectedValue(
-        new Error('Network Error During Upload'),
-      );
+      // Simulate a structured error from the API client
+      mockedAiApiClient.uploadAndProcessFlyer.mockRejectedValue({
+        status: 500,
+        body: { message: 'Network Error During Upload' },
+      });
       renderComponent();
       const file = new File(['content'], 'flyer.pdf', { type: 'application/pdf' });
       const input = screen.getByLabelText(/click to select a file/i);
@@ -379,9 +442,7 @@ describe('FlyerUploader', () => {
 
     it('should handle a generic network error during polling', async () => {
       console.log('--- [TEST LOG] ---: 1. Setting up mock for polling error.');
-      mockedAiApiClient.uploadAndProcessFlyer.mockResolvedValue(
-        new Response(JSON.stringify({ jobId: 'job-poll-fail' }), { status: 200 }),
-      );
+      mockedAiApiClient.uploadAndProcessFlyer.mockResolvedValue({ jobId: 'job-poll-fail' });
       mockedAiApiClient.getJobStatus.mockRejectedValue(new Error('Polling Network Error'));
 
       renderComponent();
@@ -398,11 +459,9 @@ describe('FlyerUploader', () => {
 
     it('should handle a completed job with a missing flyerId', async () => {
       console.log('--- [TEST LOG] ---: 1. Setting up mock for malformed completion payload.');
-      mockedAiApiClient.uploadAndProcessFlyer.mockResolvedValue(
-        new Response(JSON.stringify({ jobId: 'job-no-flyerid' }), { status: 200 }),
-      );
+      mockedAiApiClient.uploadAndProcessFlyer.mockResolvedValue({ jobId: 'job-no-flyerid' });
       mockedAiApiClient.getJobStatus.mockResolvedValue(
-        new Response(JSON.stringify({ state: 'completed', returnValue: {} })), // No flyerId
+      { state: 'completed', returnValue: {} }, // No flyerId
       );
 
       renderComponent();
@@ -419,6 +478,27 @@ describe('FlyerUploader', () => {
       console.log('--- [TEST LOG] ---: 4. Assertions passed.');
     });
 
+    it('should handle a non-JSON response during polling', async () => {
+      console.log('--- [TEST LOG] ---: 1. Setting up mock for non-JSON response.');
+      // The actual function would throw, so we mock the rejection.
+      // The new getJobStatus would throw an error like "Failed to parse JSON..."
+      mockedAiApiClient.uploadAndProcessFlyer.mockResolvedValue({ jobId: 'job-bad-json' });
+      mockedAiApiClient.getJobStatus.mockRejectedValue(
+        new Error('Failed to parse JSON response from server. Body: <html>502 Bad Gateway</html>'),
+      );
+
+      renderComponent();
+      const file = new File(['content'], 'flyer.pdf', { type: 'application/pdf' });
+      const input = screen.getByLabelText(/click to select a file/i);
+
+      console.log('--- [TEST LOG] ---: 2. Firing file change event.');
+      fireEvent.change(input, { target: { files: [file] } });
+
+      console.log('--- [TEST LOG] ---: 3. Awaiting error message.');
+      expect(await screen.findByText(/Failed to parse JSON response from server/i)).toBeInTheDocument();
+      console.log('--- [TEST LOG] ---: 4. Assertions passed.');
+    });
+
     it('should do nothing if the file input is cancelled', () => {
       renderComponent();
       const input = screen.getByLabelText(/click to select a file/i);

src/features/flyer/FlyerUploader.tsx

@@ -60,14 +60,8 @@ export const FlyerUploader: React.FC<FlyerUploaderProps> = ({ onProcessingComple
     const pollStatus = async () => {
       console.debug(`[DEBUG] pollStatus(): Polling for jobId: ${jobId}`);
       try {
-        const statusResponse = await getJobStatus(jobId);
-        console.debug(`[DEBUG] pollStatus(): API response status: ${statusResponse.status}`);
-        if (!statusResponse.ok) {
-          throw new Error(`Failed to get job status (HTTP ${statusResponse.status})`);
-        }
-
-        const job = await statusResponse.json();
-        console.debug('[DEBUG] pollStatus(): Job status received:', job);
+        const job = await getJobStatus(jobId); // Now returns parsed JSON directly
+        console.debug('[DEBUG] pollStatus(): Job status received:', job); // The rest of the logic remains the same
 
         if (job.progress) {
           setProcessingStages(job.progress.stages || []);
@@ -97,7 +91,13 @@ export const FlyerUploader: React.FC<FlyerUploaderProps> = ({ onProcessingComple
             console.debug(
               `[DEBUG] pollStatus(): Job state is "failed". Reason: ${job.failedReason}`,
             );
+            // Explicitly clear any pending timeout to stop the polling loop immediately.
+            if (pollingTimeoutRef.current) {
+              clearTimeout(pollingTimeoutRef.current);
+            }
             setErrorMessage(`Processing failed: ${job.failedReason || 'Unknown error'}`);
+            // Clear any stale "in-progress" messages to avoid user confusion.
+            setStatusMessage(null);
             setProcessingState('error');
             break;
 
@@ -150,29 +150,24 @@ export const FlyerUploader: React.FC<FlyerUploaderProps> = ({ onProcessingComple
         `[DEBUG] processFile(): Checksum generated: ${checksum}. Calling uploadAndProcessFlyer.`,
       );
 
-      const startResponse = await uploadAndProcessFlyer(file, checksum);
-      console.debug(`[DEBUG] processFile(): Upload response status: ${startResponse.status}`);
-
-      if (!startResponse.ok) {
-        const errorData = await startResponse.json();
-        console.debug('[DEBUG] processFile(): Upload failed. Error data:', errorData);
-        if (startResponse.status === 409 && errorData.flyerId) {
-          setErrorMessage(`This flyer has already been processed. You can view it here:`);
-          setDuplicateFlyerId(errorData.flyerId);
-        } else {
-          setErrorMessage(errorData.message || `Upload failed with status ${startResponse.status}`);
-        }
-        setProcessingState('error');
-        return;
-      }
-
-      const { jobId: newJobId } = await startResponse.json();
+      // The API client now returns parsed JSON on success or throws a structured error on failure.
+      const { jobId: newJobId } = await uploadAndProcessFlyer(file, checksum);
       console.debug(`[DEBUG] processFile(): Upload successful. Received jobId: ${newJobId}`);
       setJobId(newJobId);
       setProcessingState('polling');
-    } catch (error) {
-      logger.error('An unexpected error occurred during file upload:', { error });
-      setErrorMessage(error instanceof Error ? error.message : 'An unexpected error occurred.');
+    } catch (error: any) {
+      // Handle the structured error thrown by the API client.
+      logger.error('An error occurred during file upload:', { error });
+      // Handle 409 Conflict for duplicate flyers
+      if (error?.status === 409 && error.body?.flyerId) {
+        setErrorMessage(`This flyer has already been processed. You can view it here:`);
+        setDuplicateFlyerId(error.body.flyerId);
+      } else {
+        // Handle other errors (e.g., validation, server errors)
+        const message =
+          error?.body?.message || error?.message || 'An unexpected error occurred during upload.';
+        setErrorMessage(message);
+      }
       setProcessingState('error');
     }
   }, []);

src/routes/ai.routes.test.ts

@@ -353,10 +353,11 @@ describe('AI Routes (/api/ai)', () => {
       expect(response.status).toBe(400);
     });
 
-    it('should return 409 Conflict if flyer checksum already exists', async () => {
+    it('should return 409 Conflict and delete the uploaded file if flyer checksum already exists', async () => {
       // Arrange
       const mockExistingFlyer = createMockFlyer({ flyer_id: 99 });
       vi.mocked(mockedDb.flyerRepo.findFlyerByChecksum).mockResolvedValue(mockExistingFlyer); // Duplicate found
+      const unlinkSpy = vi.spyOn(fs.promises, 'unlink').mockResolvedValue(undefined);
 
       // Act
       const response = await supertest(app)
@@ -368,6 +369,10 @@ describe('AI Routes (/api/ai)', () => {
       expect(response.status).toBe(409);
       expect(response.body.message).toBe('This flyer has already been processed.');
       expect(mockedDb.createFlyerAndItems).not.toHaveBeenCalled();
+      // Assert that the file was deleted
+      expect(unlinkSpy).toHaveBeenCalledTimes(1);
+      // The filename is predictable in the test environment because of the multer config in ai.routes.ts
+      expect(unlinkSpy).toHaveBeenCalledWith(expect.stringContaining('flyerImage-test-flyer-image.jpg'));
     });
 
     it('should accept payload when extractedData.items is missing and save with empty items', async () => {
@@ -530,6 +535,27 @@ describe('AI Routes (/api/ai)', () => {
       const flyerDataArg = vi.mocked(mockedDb.createFlyerAndItems).mock.calls[0][0];
       expect(flyerDataArg.store_name).toBe('Root Store');
     });
+
+    it('should default item quantity to 1 if missing', async () => {
+      const payloadMissingQuantity = {
+        checksum: 'qty-checksum',
+        originalFileName: 'flyer-qty.jpg',
+        extractedData: {
+          store_name: 'Qty Store',
+          items: [{ name: 'Item without qty', price: 100 }],
+        },
+      };
+
+      const response = await supertest(app)
+        .post('/api/ai/flyers/process')
+        .field('data', JSON.stringify(payloadMissingQuantity))
+        .attach('flyerImage', imagePath);
+
+      expect(response.status).toBe(201);
+      expect(mockedDb.createFlyerAndItems).toHaveBeenCalledTimes(1);
+      const itemsArg = vi.mocked(mockedDb.createFlyerAndItems).mock.calls[0][1];
+      expect(itemsArg[0].quantity).toBe(1);
+    });
   });
 
   describe('POST /check-flyer', () => {

src/routes/ai.routes.ts

@@ -50,6 +50,15 @@ const errMsg = (e: unknown) => {
   return String(e || 'An unknown error occurred.');
 };
 
+const cleanupUploadedFile = async (file?: Express.Multer.File) => {
+  if (!file) return;
+  try {
+    await fs.promises.unlink(file.path);
+  } catch (err) {
+    // Ignore cleanup errors (e.g. file already deleted)
+  }
+};
+
 const cropAreaObjectSchema = z.object({
   x: z.number(),
   y: z.number(),
@@ -185,7 +194,7 @@ router.use((req: Request, res: Response, next: NextFunction) => {
       '[API /ai] Incoming request',
     );
   } catch (e: unknown) {
-    logger.error({ error: e }, 'Failed to log incoming AI request headers');
+    logger.error({ error: errMsg(e) }, 'Failed to log incoming AI request headers');
   }
   next();
 });
@@ -316,7 +325,7 @@ router.post(
 
       // Try several ways to obtain the payload so we are tolerant to client variations.
       let parsed: FlyerProcessPayload = {};
-      let extractedData: Partial<ExtractedCoreData> = {};
+      let extractedData: Partial<ExtractedCoreData> | null | undefined = {};
       try {
         // If the client sent a top-level `data` field (stringified JSON), parse it.
         if (req.body && (req.body.data || req.body.extractedData)) {
@@ -337,7 +346,7 @@ router.post(
             ) as FlyerProcessPayload;
           }
           // If parsed itself contains an `extractedData` field, use that, otherwise assume parsed is the extractedData
-          extractedData = parsed.extractedData ?? (parsed as Partial<ExtractedCoreData>);
+          extractedData = 'extractedData' in parsed ? parsed.extractedData : (parsed as Partial<ExtractedCoreData>);
         } else {
           // No explicit `data` field found. Attempt to interpret req.body as an object (Express may have parsed multipart fields differently).
           try {
@@ -383,6 +392,12 @@ router.post(
 
       // Pull common metadata fields (checksum, originalFileName) from whichever shape we parsed.
       const checksum = parsed.checksum ?? parsed?.data?.checksum ?? '';
+
+      if (!checksum) {
+        await cleanupUploadedFile(req.file);
+        return res.status(400).json({ message: 'Checksum is required.' });
+      }
+
       const originalFileName =
         parsed.originalFileName ?? parsed?.data?.originalFileName ?? req.file.originalname;
       const userProfile = req.user as UserProfile | undefined;
@@ -409,6 +424,7 @@ router.post(
       const itemsForDb = itemsArray.map((item: Partial<ExtractedFlyerItem>) => ({
         ...item,
         master_item_id: item.master_item_id === null ? undefined : item.master_item_id,
+        quantity: item.quantity ?? 1, // Default to 1 to satisfy DB constraint
         view_count: 0,
         click_count: 0,
         updated_at: new Date().toISOString(),
@@ -429,6 +445,7 @@ router.post(
       const existingFlyer = await db.flyerRepo.findFlyerByChecksum(checksum, req.log);
       if (existingFlyer) {
         logger.warn(`Duplicate flyer upload attempt blocked for checksum: ${checksum}`);
+        await cleanupUploadedFile(req.file);
         return res.status(409).json({ message: 'This flyer has already been processed.' });
       }
 
@@ -476,6 +493,7 @@ router.post(
 
       res.status(201).json({ message: 'Flyer processed and saved successfully.', flyer: newFlyer });
     } catch (error) {
+      await cleanupUploadedFile(req.file);
       next(error);
     }
   },

src/routes/price.routes.test.ts

@@ -96,7 +96,8 @@ describe('Price Routes (/api/price-history)', () => {
         .send({ masterItemIds: 'not-an-array' });
 
       expect(response.status).toBe(400);
-      expect(response.body.errors[0].message).toContain('Expected array, received string');
+      // The actual message is "Invalid input: expected array, received string"
+      expect(response.body.errors[0].message).toBe('Invalid input: expected array, received string');
     });
 
     it('should return 400 if masterItemIds contains non-positive integers', async () => {
@@ -112,7 +113,8 @@ describe('Price Routes (/api/price-history)', () => {
       const response = await supertest(app).post('/api/price-history').send({});
 
       expect(response.status).toBe(400);
-      expect(response.body.errors[0].message).toBe('Required');
+      // The actual message is "Invalid input: expected array, received undefined"
+      expect(response.body.errors[0].message).toBe('Invalid input: expected array, received undefined');
     });
 
     it('should return 400 for invalid limit and offset', async () => {
@@ -122,8 +124,9 @@ describe('Price Routes (/api/price-history)', () => {
 
       expect(response.status).toBe(400);
       expect(response.body.errors).toHaveLength(2);
-      expect(response.body.errors[0].message).toBe('Number must be greater than 0');
-      expect(response.body.errors[1].message).toBe('Expected number, received string');
+      // The actual message is "Too small: expected number to be >0"
+      expect(response.body.errors[0].message).toBe('Too small: expected number to be >0');
+      expect(response.body.errors[1].message).toBe('Invalid input: expected number, received NaN');
     });
   });
 });

src/services/aiAnalysisService.ts

@@ -1,15 +1,8 @@
 // src/services/aiAnalysisService.ts
-import { Flyer, FlyerItem, MasterGroceryItem, GroundedResponse, Source } from '../types';
+import { Flyer, FlyerItem, MasterGroceryItem, GroundedResponse } from '../types';
 import * as aiApiClient from './aiApiClient';
 import { logger } from './logger.client';
 
-interface RawSource {
-  web?: {
-    uri?: string;
-    title?: string;
-  };
-}
-
 /**
  * A service class to encapsulate all AI analysis API calls and related business logic.
  * This decouples the React components and hooks from the data fetching implementation.
@@ -22,7 +15,8 @@ export class AiAnalysisService {
    */
   async getQuickInsights(items: FlyerItem[]): Promise<string> {
     logger.info('[AiAnalysisService] getQuickInsights called.');
-    return aiApiClient.getQuickInsights(items).then((res) => res.json());
+    const result = await aiApiClient.getQuickInsights(items);
+    return result.text;
   }
 
   /**
@@ -32,7 +26,8 @@ export class AiAnalysisService {
    */
   async getDeepDiveAnalysis(items: FlyerItem[]): Promise<string> {
     logger.info('[AiAnalysisService] getDeepDiveAnalysis called.');
-    return aiApiClient.getDeepDiveAnalysis(items).then((res) => res.json());
+    const result = await aiApiClient.getDeepDiveAnalysis(items);
+    return result.text;
   }
 
   /**
@@ -44,18 +39,7 @@ export class AiAnalysisService {
     logger.info('[AiAnalysisService] searchWeb called.');
     // Construct a query string from the item names.
     const query = items.map((item) => item.item).join(', ');
-    // The API client returns a specific shape that we need to await the JSON from
-    const response: { text: string; sources: RawSource[] } = await aiApiClient
-      .searchWeb(query)
-      .then((res) => res.json());
-    // Normalize sources to a consistent format.
-    const mappedSources = (response.sources || []).map(
-      (s: RawSource) =>
-        (s.web
-          ? { uri: s.web.uri || '', title: s.web.title || 'Untitled' }
-          : { uri: '', title: 'Untitled' }) as Source,
-    );
-    return { ...response, sources: mappedSources };
+    return aiApiClient.searchWeb(query);
   }
 
   /**
@@ -68,7 +52,7 @@ export class AiAnalysisService {
     logger.info('[AiAnalysisService] planTripWithMaps called.');
     // Encapsulate geolocation logic within the service.
     const userLocation = await this.getCurrentLocation();
-    return aiApiClient.planTripWithMaps(items, store, userLocation).then((res) => res.json());
+    return aiApiClient.planTripWithMaps(items, store, userLocation);
   }
 
   /**
@@ -78,17 +62,7 @@ export class AiAnalysisService {
    */
   async compareWatchedItemPrices(watchedItems: MasterGroceryItem[]): Promise<GroundedResponse> {
     logger.info('[AiAnalysisService] compareWatchedItemPrices called.');
-    const response: { text: string; sources: RawSource[] } = await aiApiClient
-      .compareWatchedItemPrices(watchedItems)
-      .then((res) => res.json());
-    // Normalize sources to a consistent format.
-    const mappedSources = (response.sources || []).map(
-      (s: RawSource) =>
-        (s.web
-          ? { uri: s.web.uri || '', title: s.web.title || 'Untitled' }
-          : { uri: '', title: 'Untitled' }) as Source,
-    );
-    return { ...response, sources: mappedSources };
+    return aiApiClient.compareWatchedItemPrices(watchedItems);
   }
 
   /**
@@ -98,7 +72,8 @@ export class AiAnalysisService {
    */
   async generateImageFromText(prompt: string): Promise<string> {
     logger.info('[AiAnalysisService] generateImageFromText called.');
-    return aiApiClient.generateImageFromText(prompt).then((res) => res.json());
+    const result = await aiApiClient.generateImageFromText(prompt);
+    return result.imageUrl;
   }
 
   /**

src/services/aiApiClient.ts

@@ -4,7 +4,13 @@
  * It communicates with the application's own backend endpoints, which then securely
  * call the Google AI services. This ensures no API keys are exposed on the client.
  */
-import type { FlyerItem, Store, MasterGroceryItem } from '../types';
+import type {
+  FlyerItem,
+  Store,
+  MasterGroceryItem,
+  ProcessingStage,
+  GroundedResponse,
+} from '../types';
 import { logger } from './logger.client';
 import { apiFetch } from './apiClient';
 
@@ -20,14 +26,14 @@ export const uploadAndProcessFlyer = async (
   file: File,
   checksum: string,
   tokenOverride?: string,
-): Promise<Response> => {
+): Promise<{ jobId: string }> => {
   const formData = new FormData();
   formData.append('flyerFile', file);
   formData.append('checksum', checksum);
 
   logger.info(`[aiApiClient] Starting background processing for file: ${file.name}`);
 
-  return apiFetch(
+  const response = await apiFetch(
     '/ai/upload-and-process',
     {
       method: 'POST',
@@ -35,26 +41,79 @@ export const uploadAndProcessFlyer = async (
     },
     { tokenOverride },
   );
+
+  if (!response.ok) {
+    let errorBody;
+    try {
+      errorBody = await response.json();
+    } catch (e) {
+      errorBody = { message: await response.text() };
+    }
+    // Throw a structured error so the component can inspect the status and body
+    throw { status: response.status, body: errorBody };
+  }
+
+  return response.json();
 };
 
+// Define the expected shape of the job status response
+export interface JobStatus {
+  id: string;
+  state: 'completed' | 'failed' | 'active' | 'waiting' | 'delayed' | 'paused';
+  progress: {
+    stages?: ProcessingStage[];
+    estimatedTimeRemaining?: number;
+    message?: string;
+  } | null;
+  returnValue: {
+    flyerId?: number;
+  } | null;
+  failedReason: string | null;
+}
+
 /**
  * Fetches the status of a background processing job.
  * This is the second step in the new background processing flow.
  * @param jobId The ID of the job to check.
  * @param tokenOverride Optional token for testing.
- * @returns A promise that resolves to the API response with the job's status.
+ * @returns A promise that resolves to the parsed job status object.
+ * @throws An error if the network request fails or if the response is not valid JSON.
  */
-export const getJobStatus = async (jobId: string, tokenOverride?: string): Promise<Response> => {
-  return apiFetch(`/ai/jobs/${jobId}/status`, {}, { tokenOverride });
+export const getJobStatus = async (
+  jobId: string,
+  tokenOverride?: string,
+): Promise<JobStatus> => {
+  const response = await apiFetch(`/ai/jobs/${jobId}/status`, {}, { tokenOverride });
+
+  if (!response.ok) {
+    let errorText = `API Error: ${response.status} ${response.statusText}`;
+    try {
+      const errorBody = await response.text();
+      if (errorBody) errorText = `API Error ${response.status}: ${errorBody}`;
+    } catch (e) {
+      // ignore if reading body fails
+    }
+    throw new Error(errorText);
+  }
+
+  try {
+    return await response.json();
+  } catch (error) {
+    const rawText = await response.text();
+    throw new Error(`Failed to parse JSON response from server. Body: ${rawText}`);
+  }
 };
 
-export const isImageAFlyer = async (imageFile: File, tokenOverride?: string): Promise<Response> => {
+export const isImageAFlyer = async (
+  imageFile: File,
+  tokenOverride?: string,
+): Promise<{ is_flyer: boolean }> => {
   const formData = new FormData();
   formData.append('image', imageFile);
 
   // Use apiFetchWithAuth for FormData to let the browser set the correct Content-Type.
   // The URL must be relative, as the helper constructs the full path.
-  return apiFetch(
+  const response = await apiFetch(
     '/ai/check-flyer',
     {
       method: 'POST',
@@ -62,16 +121,28 @@ export const isImageAFlyer = async (imageFile: File, tokenOverride?: string): Pr
     },
     { tokenOverride },
   );
+
+  if (!response.ok) {
+    let errorBody;
+    try {
+      errorBody = await response.json();
+    } catch (e) {
+      errorBody = { message: await response.text() };
+    }
+    throw { status: response.status, body: errorBody };
+  }
+
+  return response.json();
 };
 
 export const extractAddressFromImage = async (
   imageFile: File,
   tokenOverride?: string,
-): Promise<Response> => {
+): Promise<{ address: string }> => {
   const formData = new FormData();
   formData.append('image', imageFile);
 
-  return apiFetch(
+  const response = await apiFetch(
     '/ai/extract-address',
     {
       method: 'POST',
@@ -79,18 +150,30 @@ export const extractAddressFromImage = async (
     },
     { tokenOverride },
   );
+
+  if (!response.ok) {
+    let errorBody;
+    try {
+      errorBody = await response.json();
+    } catch (e) {
+      errorBody = { message: await response.text() };
+    }
+    throw { status: response.status, body: errorBody };
+  }
+
+  return response.json();
 };
 
 export const extractLogoFromImage = async (
   imageFiles: File[],
   tokenOverride?: string,
-): Promise<Response> => {
+): Promise<{ store_logo_base_64: string | null }> => {
   const formData = new FormData();
   imageFiles.forEach((file) => {
     formData.append('images', file);
   });
 
-  return apiFetch(
+  const response = await apiFetch(
     '/ai/extract-logo',
     {
       method: 'POST',
@@ -98,14 +181,26 @@ export const extractLogoFromImage = async (
     },
     { tokenOverride },
   );
+
+  if (!response.ok) {
+    let errorBody;
+    try {
+      errorBody = await response.json();
+    } catch (e) {
+      errorBody = { message: await response.text() };
+    }
+    throw { status: response.status, body: errorBody };
+  }
+
+  return response.json();
 };
 
 export const getQuickInsights = async (
   items: Partial<FlyerItem>[],
   signal?: AbortSignal,
   tokenOverride?: string,
-): Promise<Response> => {
-  return apiFetch(
+): Promise<{ text: string }> => {
+  const response = await apiFetch(
     '/ai/quick-insights',
     {
       method: 'POST',
@@ -115,14 +210,26 @@ export const getQuickInsights = async (
     },
     { tokenOverride, signal },
   );
+
+  if (!response.ok) {
+    let errorBody;
+    try {
+      errorBody = await response.json();
+    } catch (e) {
+      errorBody = { message: await response.text() };
+    }
+    throw { status: response.status, body: errorBody };
+  }
+
+  return response.json();
 };
 
 export const getDeepDiveAnalysis = async (
   items: Partial<FlyerItem>[],
   signal?: AbortSignal,
   tokenOverride?: string,
-): Promise<Response> => {
-  return apiFetch(
+): Promise<{ text: string }> => {
+  const response = await apiFetch(
     '/ai/deep-dive',
     {
       method: 'POST',
@@ -132,14 +239,26 @@ export const getDeepDiveAnalysis = async (
     },
     { tokenOverride, signal },
   );
+
+  if (!response.ok) {
+    let errorBody;
+    try {
+      errorBody = await response.json();
+    } catch (e) {
+      errorBody = { message: await response.text() };
+    }
+    throw { status: response.status, body: errorBody };
+  }
+
+  return response.json();
 };
 
 export const searchWeb = async (
   query: string,
   signal?: AbortSignal,
   tokenOverride?: string,
-): Promise<Response> => {
-  return apiFetch(
+): Promise<GroundedResponse> => {
+  const response = await apiFetch(
     '/ai/search-web',
     {
       method: 'POST',
@@ -149,6 +268,18 @@ export const searchWeb = async (
     },
     { tokenOverride, signal },
   );
+
+  if (!response.ok) {
+    let errorBody;
+    try {
+      errorBody = await response.json();
+    } catch (e) {
+      errorBody = { message: await response.text() };
+    }
+    throw { status: response.status, body: errorBody };
+  }
+
+  return response.json();
 };
 
 // ============================================================================
@@ -161,9 +292,9 @@ export const planTripWithMaps = async (
   userLocation: GeolocationCoordinates,
   signal?: AbortSignal,
   tokenOverride?: string,
-): Promise<Response> => {
+): Promise<GroundedResponse> => {
   logger.debug('Stub: planTripWithMaps called with location:', { userLocation });
-  return apiFetch(
+  const response = await apiFetch(
     '/ai/plan-trip',
     {
       method: 'POST',
@@ -172,6 +303,18 @@ export const planTripWithMaps = async (
     },
     { signal, tokenOverride },
   );
+
+  if (!response.ok) {
+    let errorBody;
+    try {
+      errorBody = await response.json();
+    } catch (e) {
+      errorBody = { message: await response.text() };
+    }
+    throw { status: response.status, body: errorBody };
+  }
+
+  return response.json();
 };
 
 /**
@@ -183,9 +326,9 @@ export const generateImageFromText = async (
   prompt: string,
   signal?: AbortSignal,
   tokenOverride?: string,
-): Promise<Response> => {
+): Promise<{ imageUrl: string }> => {
   logger.debug('Stub: generateImageFromText called with prompt:', { prompt });
-  return apiFetch(
+  const response = await apiFetch(
     '/ai/generate-image',
     {
       method: 'POST',
@@ -195,6 +338,18 @@ export const generateImageFromText = async (
     },
     { tokenOverride, signal },
   );
+
+  if (!response.ok) {
+    let errorBody;
+    try {
+      errorBody = await response.json();
+    } catch (e) {
+      errorBody = { message: await response.text() };
+    }
+    throw { status: response.status, body: errorBody };
+  }
+
+  return response.json();
 };
 
 /**
@@ -206,9 +361,9 @@ export const generateSpeechFromText = async (
   text: string,
   signal?: AbortSignal,
   tokenOverride?: string,
-): Promise<Response> => {
+): Promise<{ audioUrl: string }> => {
   logger.debug('Stub: generateSpeechFromText called with text:', { text });
-  return apiFetch(
+  const response = await apiFetch(
     '/ai/generate-speech',
     {
       method: 'POST',
@@ -218,6 +373,18 @@ export const generateSpeechFromText = async (
     },
     { tokenOverride, signal },
   );
+
+  if (!response.ok) {
+    let errorBody;
+    try {
+      errorBody = await response.json();
+    } catch (e) {
+      errorBody = { message: await response.text() };
+    }
+    throw { status: response.status, body: errorBody };
+  }
+
+  return response.json();
 };
 
 /**
@@ -264,13 +431,29 @@ export const rescanImageArea = async (
   cropArea: { x: number; y: number; width: number; height: number },
   extractionType: 'store_name' | 'dates' | 'item_details',
   tokenOverride?: string,
-): Promise<Response> => {
+): Promise<{ text: string | undefined }> => {
   const formData = new FormData();
   formData.append('image', imageFile);
   formData.append('cropArea', JSON.stringify(cropArea));
   formData.append('extractionType', extractionType);
 
-  return apiFetch('/ai/rescan-area', { method: 'POST', body: formData }, { tokenOverride });
+  const response = await apiFetch(
+    '/ai/rescan-area',
+    { method: 'POST', body: formData },
+    { tokenOverride },
+  );
+
+  if (!response.ok) {
+    let errorBody;
+    try {
+      errorBody = await response.json();
+    } catch (e) {
+      errorBody = { message: await response.text() };
+    }
+    throw { status: response.status, body: errorBody };
+  }
+
+  return response.json();
 };
 
 /**
@@ -281,10 +464,10 @@ export const rescanImageArea = async (
 export const compareWatchedItemPrices = async (
   watchedItems: MasterGroceryItem[],
   signal?: AbortSignal,
-): Promise<Response> => {
+): Promise<GroundedResponse> => {
   // Use the apiFetch wrapper for consistency with other API calls in this file.
   // This centralizes token handling and base URL logic.
-  return apiFetch(
+  const response = await apiFetch(
     '/ai/compare-prices',
     {
       method: 'POST',
@@ -293,4 +476,16 @@ export const compareWatchedItemPrices = async (
     },
     { signal },
   );
+
+  if (!response.ok) {
+    let errorBody;
+    try {
+      errorBody = await response.json();
+    } catch (e) {
+      errorBody = { message: await response.text() };
+    }
+    throw { status: response.status, body: errorBody };
+  }
+
+  return response.json();
 };

src/services/aiService.server.test.ts

@@ -166,6 +166,127 @@ describe('AI Service (Server)', () => {
     });
   });
 
+  describe('Model Fallback Logic', () => {
+    const originalEnv = process.env;
+
+    beforeEach(() => {
+      vi.unstubAllEnvs();
+      process.env = { ...originalEnv, GEMINI_API_KEY: 'test-key' };
+      vi.resetModules(); // Re-import to use the new env var and re-instantiate the service
+    });
+
+    afterEach(() => {
+      process.env = originalEnv;
+      vi.unstubAllEnvs();
+    });
+
+    it('should try the next model if the first one fails with a quota error', async () => {
+      // Arrange
+      const { AIService } = await import('./aiService.server');
+      const { logger } = await import('./logger.server');
+      const serviceWithFallback = new AIService(logger);
+
+      const quotaError = new Error('User rate limit exceeded due to quota');
+      const successResponse = { text: 'Success from fallback model', candidates: [] };
+
+      // Mock the generateContent function to fail on the first call and succeed on the second
+      mockGenerateContent.mockRejectedValueOnce(quotaError).mockResolvedValueOnce(successResponse);
+
+      const request = { contents: [{ parts: [{ text: 'test prompt' }] }] };
+
+      // Act
+      const result = await (serviceWithFallback as any).aiClient.generateContent(request);
+
+      // Assert
+      expect(result).toEqual(successResponse);
+      expect(mockGenerateContent).toHaveBeenCalledTimes(2);
+
+      // Check first call
+      expect(mockGenerateContent).toHaveBeenNthCalledWith(1, {
+        model: 'gemini-2.5-flash',
+        ...request,
+      });
+
+      // Check second call
+      expect(mockGenerateContent).toHaveBeenNthCalledWith(2, {
+        model: 'gemini-3-flash',
+        ...request,
+      });
+
+      // Check that a warning was logged
+      expect(logger.warn).toHaveBeenCalledWith(
+        expect.stringContaining(
+          "Model 'gemini-2.5-flash' failed due to quota/rate limit. Trying next model.",
+        ),
+      );
+    });
+
+    it('should throw immediately for non-retriable errors', async () => {
+      // Arrange
+      const { AIService } = await import('./aiService.server');
+      const { logger } = await import('./logger.server');
+      const serviceWithFallback = new AIService(logger);
+
+      const nonRetriableError = new Error('Invalid API Key');
+      mockGenerateContent.mockRejectedValueOnce(nonRetriableError);
+
+      const request = { contents: [{ parts: [{ text: 'test prompt' }] }] };
+
+      // Act & Assert
+      await expect((serviceWithFallback as any).aiClient.generateContent(request)).rejects.toThrow(
+        'Invalid API Key',
+      );
+
+      expect(mockGenerateContent).toHaveBeenCalledTimes(1);
+      expect(logger.error).toHaveBeenCalledWith(
+        `[AIService Adapter] Model 'gemini-2.5-flash' failed with a non-retriable error.`,
+        { error: nonRetriableError },
+      );
+    });
+
+    it('should throw the last error if all models fail', async () => {
+      // Arrange
+      const { AIService } = await import('./aiService.server');
+      const { logger } = await import('./logger.server');
+      const serviceWithFallback = new AIService(logger);
+
+      const quotaError1 = new Error('Quota exhausted for model 1');
+      const quotaError2 = new Error('429 Too Many Requests for model 2');
+      const quotaError3 = new Error('RESOURCE_EXHAUSTED for model 3');
+
+      mockGenerateContent
+        .mockRejectedValueOnce(quotaError1)
+        .mockRejectedValueOnce(quotaError2)
+        .mockRejectedValueOnce(quotaError3);
+
+      const request = { contents: [{ parts: [{ text: 'test prompt' }] }] };
+
+      // Act & Assert
+      await expect((serviceWithFallback as any).aiClient.generateContent(request)).rejects.toThrow(
+        quotaError3,
+      );
+
+      expect(mockGenerateContent).toHaveBeenCalledTimes(3);
+      expect(mockGenerateContent).toHaveBeenNthCalledWith(1, {
+        model: 'gemini-2.5-flash',
+        ...request,
+      });
+      expect(mockGenerateContent).toHaveBeenNthCalledWith(2, {
+        model: 'gemini-3-flash',
+        ...request,
+      });
+      expect(mockGenerateContent).toHaveBeenNthCalledWith(3, {
+        model: 'gemini-2.5-flash-lite',
+        ...request,
+      });
+
+      expect(logger.error).toHaveBeenCalledWith(
+        '[AIService Adapter] All AI models failed. Throwing last known error.',
+        { lastError: quotaError3 },
+      );
+    });
+  });
+
   describe('extractItemsFromReceiptImage', () => {
     it('should extract items from a valid AI response', async () => {
       const mockAiResponseText = `[

src/services/aiService.server.ts

@@ -72,6 +72,7 @@ export class AIService {
   private fs: IFileSystem;
   private rateLimiter: <T>(fn: () => Promise<T>) => Promise<T>;
   private logger: Logger;
+  private readonly models = ['gemini-2.5-flash', 'gemini-3-flash', 'gemini-2.5-flash-lite'];
 
   constructor(logger: Logger, aiClient?: IAiClient, fs?: IFileSystem) {
     this.logger = logger;
@@ -121,17 +122,11 @@ export class AIService {
         );
       }
 
-      // do not change "gemini-2.5-flash" - this is correct
-      const modelName = 'gemini-2.5-flash';
-
       // We create a shim/adapter that matches the old structure but uses the new SDK call pattern.
       // This preserves the dependency injection pattern used throughout the class.
       this.aiClient = genAI
         ? {
             generateContent: async (request) => {
-              // The model name is now injected here, into every call, as the new SDK requires.
-              // Architectural guard clause: All requests from this service must have content.
-              // This prevents sending invalid requests to the API and satisfies TypeScript's strictness.
               if (!request.contents || request.contents.length === 0) {
                 this.logger.error(
                   { request },
@@ -140,14 +135,7 @@ export class AIService {
                 throw new Error('AIService.generateContent requires at least one content element.');
               }
 
-              // Architectural Fix: After the guard clause, assign the guaranteed-to-exist element
-              // to a new constant. This provides a definitive type-safe variable for the compiler.
-              const firstContent = request.contents[0];
-              this.logger.debug(
-                { modelName, requestParts: firstContent.parts?.length ?? 0 },
-                '[AIService] Calling actual generateContent via adapter.',
-              );
-              return genAI.models.generateContent({ model: modelName, ...request });
+              return this._generateWithFallback(genAI, request);
             },
           }
         : {
@@ -182,6 +170,54 @@ export class AIService {
     this.logger.info('---------------- [AIService] Constructor End ----------------');
   }
 
+  private async _generateWithFallback(
+    genAI: GoogleGenAI,
+    request: { contents: Content[]; tools?: Tool[] },
+  ): Promise<GenerateContentResponse> {
+    let lastError: Error | null = null;
+
+    for (const modelName of this.models) {
+      try {
+        this.logger.info(
+          `[AIService Adapter] Attempting to generate content with model: ${modelName}`,
+        );
+        const result = await genAI.models.generateContent({ model: modelName, ...request });
+        // If the call succeeds, return the result immediately.
+        return result;
+      } catch (error: unknown) {
+        lastError = error instanceof Error ? error : new Error(String(error));
+        const errorMessage = lastError.message || '';
+
+        // Check for specific error messages indicating quota issues or model unavailability.
+        if (
+          errorMessage.includes('quota') ||
+          errorMessage.includes('429') || // HTTP 429 Too Many Requests
+          errorMessage.includes('RESOURCE_EXHAUSTED') ||
+          errorMessage.includes('model is overloaded')
+        ) {
+          this.logger.warn(
+            `[AIService Adapter] Model '${modelName}' failed due to quota/rate limit. Trying next model. Error: ${errorMessage}`,
+          );
+          continue; // Try the next model in the list.
+        } else {
+          // For other errors (e.g., invalid input, safety settings), fail immediately.
+          this.logger.error(
+            { error: lastError },
+            `[AIService Adapter] Model '${modelName}' failed with a non-retriable error.`,
+          );
+          throw lastError;
+        }
+      }
+    }
+
+    // If all models in the list have failed, throw the last error encountered.
+    this.logger.error(
+      { lastError },
+      '[AIService Adapter] All AI models failed. Throwing last known error.',
+    );
+    throw lastError || new Error('All AI models failed to generate content.');
+  }
+
   private async serverFileToGenerativePart(path: string, mimeType: string) {
     const fileData = await this.fs.readFile(path);
     return {

src/services/logger.server.ts

@@ -34,6 +34,9 @@ export const logger = pino({
       '*.body.password',
       '*.body.newPassword',
       '*.body.currentPassword',
+      '*.body.confirmPassword',
+      '*.body.refreshToken',
+      '*.body.token',
     ],
     censor: '[REDACTED]',
   },

src/services/queueService.server.ts

@@ -1,5 +1,5 @@
 // src/services/queueService.server.ts
-import { Queue, Worker, Job } from 'bullmq';
+import { Queue, Worker, Job, UnrecoverableError } from 'bullmq';
 import IORedis from 'ioredis'; // Correctly imported
 import fsPromises from 'node:fs/promises';
 import { exec } from 'child_process';
@@ -185,9 +185,26 @@ const attachWorkerEventListeners = (worker: Worker) => {
 
 export const flyerWorker = new Worker<FlyerJobData>(
   'flyer-processing', // Must match the queue name
-  (job) => {
-    // The processJob method creates its own job-specific logger internally.
-    return flyerProcessingService.processJob(job);
+  async (job) => {
+    try {
+      // The processJob method creates its own job-specific logger internally.
+      return await flyerProcessingService.processJob(job);
+    } catch (error: any) {
+      // Check for quota errors or other unrecoverable errors from the AI service
+      const errorMessage = error?.message || '';
+      if (
+        errorMessage.includes('quota') ||
+        errorMessage.includes('429') ||
+        errorMessage.includes('RESOURCE_EXHAUSTED')
+      ) {
+        logger.error(
+          { err: error, jobId: job.id },
+          '[FlyerWorker] Unrecoverable quota error detected. Failing job immediately.',
+        );
+        throw new UnrecoverableError(errorMessage);
+      }
+      throw error;
+    }
   },
   {
     connection,

src/tests/integration/price.integration.test.ts

@@ -56,15 +56,15 @@ describe('Price History API Integration Test (/api/price-history)', () => {
 
     // 4. Create flyer items linking the master item to the flyers with prices
     await pool.query(
-      `INSERT INTO public.flyer_items (flyer_id, master_item_id, item, price_in_cents, price_display) VALUES ($1, $2, 'Apples', 199, '$1.99')`,
+      `INSERT INTO public.flyer_items (flyer_id, master_item_id, item, price_in_cents, price_display, quantity) VALUES ($1, $2, 'Apples', 199, '$1.99', '1')`,
       [flyerId1, masterItemId],
     );
     await pool.query(
-      `INSERT INTO public.flyer_items (flyer_id, master_item_id, item, price_in_cents, price_display) VALUES ($1, $2, 'Apples', 249, '$2.49')`,
+      `INSERT INTO public.flyer_items (flyer_id, master_item_id, item, price_in_cents, price_display, quantity) VALUES ($1, $2, 'Apples', 249, '$2.49', '1')`,
       [flyerId2, masterItemId],
     );
     await pool.query(
-      `INSERT INTO public.flyer_items (flyer_id, master_item_id, item, price_in_cents, price_display) VALUES ($1, $2, 'Apples', 299, '$2.99')`,
+      `INSERT INTO public.flyer_items (flyer_id, master_item_id, item, price_in_cents, price_display, quantity) VALUES ($1, $2, 'Apples', 299, '$2.99', '1')`,
       [flyerId3, masterItemId],
     );
   });

src/utils/zodUtils.test.ts

@@ -59,7 +59,7 @@ describe('Zod Utilities', () => {
       expect(result.success).toBe(false);
       if (!result.success) {
         // z.string() will throw its own error message before min(1) is checked.
-        expect(result.error.issues[0].message).toBe('Expected string, received number');
+        expect(result.error.issues[0].message).toBe('Invalid input: expected string, received number');
       }
     });
 
@@ -67,7 +67,7 @@ describe('Zod Utilities', () => {
       const result = schema.safeParse({ a: 1 });
       expect(result.success).toBe(false);
       if (!result.success) {
-        expect(result.error.issues[0].message).toBe('Expected string, received object');
+        expect(result.error.issues[0].message).toBe('Invalid input: expected string, received object');
       }
     });
   });
@@ -95,7 +95,7 @@ describe('Zod Utilities', () => {
       const result = schema.safeParse({ params: { id: 'abc' } });
       expect(result.success).toBe(false);
       if (!result.success) {
-        expect(result.error.issues[0].message).toContain('Expected number, received nan');
+        expect(result.error.issues[0].message).toBe('Invalid input: expected number, received NaN');
       }
     });
 
@@ -103,7 +103,7 @@ describe('Zod Utilities', () => {
       const result = schema.safeParse({ params: { id: -1 } });
       expect(result.success).toBe(false);
       if (!result.success) {
-        expect(result.error.issues[0].message).toContain('Must be a number');
+        expect(result.error.issues[0].message).toBe("Invalid ID for parameter 'id'. Must be a number.");
       }
     });
 
@@ -111,7 +111,7 @@ describe('Zod Utilities', () => {
       const result = schema.safeParse({ params: { id: 1.5 } });
       expect(result.success).toBe(false);
       if (!result.success) {
-        expect(result.error.issues[0].message).toContain('Must be a number');
+        expect(result.error.issues[0].message).toBe("Invalid ID for parameter 'id'. Must be a number.");
       }
     });
 
@@ -119,7 +119,7 @@ describe('Zod Utilities', () => {
       const result = schema.safeParse({ params: { id: 0 } });
       expect(result.success).toBe(false);
       if (!result.success) {
-        expect(result.error.issues[0].message).toContain('Must be a number');
+        expect(result.error.issues[0].message).toBe("Invalid ID for parameter 'id'. Must be a number.");
       }
     });
 
@@ -224,7 +224,7 @@ describe('Zod Utilities', () => {
       const floatResult = schema.safeParse('123.45');
       expect(floatResult.success).toBe(false);
       if (!floatResult.success) {
-        expect(floatResult.error.issues[0].message).toBe('Expected integer, received float');
+        expect(floatResult.error.issues[0].message).toBe('Invalid input: expected int, received number');
       }
     });
 
@@ -234,7 +234,7 @@ describe('Zod Utilities', () => {
       const zeroResult = schema.safeParse('0');
       expect(zeroResult.success).toBe(false);
       if (!zeroResult.success) {
-        expect(zeroResult.error.issues[0].message).toBe('Number must be greater than 0');
+        expect(zeroResult.error.issues[0].message).toBe('Too small: expected number to be >0');
       }
     });
 
@@ -244,7 +244,7 @@ describe('Zod Utilities', () => {
       const negativeResult = schema.safeParse('-1');
       expect(negativeResult.success).toBe(false);
       if (!negativeResult.success) {
-        expect(negativeResult.error.issues[0].message).toBe('Number must be greater than or equal to 0');
+        expect(negativeResult.error.issues[0].message).toBe('Too small: expected number to be >=0');
       }
     });
 
@@ -254,12 +254,12 @@ describe('Zod Utilities', () => {
       const tooSmallResult = schema.safeParse('9');
       expect(tooSmallResult.success).toBe(false);
       if (!tooSmallResult.success) {
-        expect(tooSmallResult.error.issues[0].message).toBe('Number must be greater than or equal to 10');
+        expect(tooSmallResult.error.issues[0].message).toBe('Too small: expected number to be >=10');
       }
       const tooLargeResult = schema.safeParse('21');
       expect(tooLargeResult.success).toBe(false);
       if (!tooLargeResult.success) {
-        expect(tooLargeResult.error.issues[0].message).toBe('Number must be less than or equal to 20');
+        expect(tooLargeResult.error.issues[0].message).toBe('Too big: expected number to be <=20');
       }
     });
   });

src/utils/zodUtils.ts

@@ -59,18 +59,27 @@ export const optionalNumeric = (
     nonnegative?: boolean;
   } = {},
 ) => {
-  let schema = z.coerce.number();
+  let numberSchema = z.coerce.number();
 
-  if (options.integer) schema = schema.int();
-  if (options.positive) schema = schema.positive();
-  else if (options.nonnegative) schema = schema.nonnegative();
+  if (options.integer) numberSchema = numberSchema.int();
+  if (options.positive) numberSchema = numberSchema.positive();
+  else if (options.nonnegative) numberSchema = numberSchema.nonnegative();
 
-  if (options.min !== undefined) schema = schema.min(options.min);
-  if (options.max !== undefined) schema = schema.max(options.max);
+  if (options.min !== undefined) numberSchema = numberSchema.min(options.min);
+  if (options.max !== undefined) numberSchema = numberSchema.max(options.max);
 
-  if (options.default !== undefined) return schema.optional().default(options.default);
+  // Make the number schema optional *before* preprocessing. This allows it to correctly handle
+  // the `undefined` value that our preprocessor generates from `null`.
+  const optionalNumberSchema = numberSchema.optional();
 
-  return schema.optional();
+  // This is crucial because z.coerce.number(null) results in 0, which bypasses
+  // the .optional() and .default() logic for null inputs. We want null to be
+  // treated as "not provided", just like undefined.
+  const schema = z.preprocess((val) => (val === null ? undefined : val), optionalNumberSchema);
+  
+  if (options.default !== undefined) return schema.default(options.default);
+
+  return schema;
 };
 
 /**

vitest.config.e2e.ts

@@ -0,0 +1,26 @@
+import { defineConfig, mergeConfig } from 'vitest/config';
+import integrationConfig from './vitest.config.integration';
+
+const e2eConfig = mergeConfig(
+  integrationConfig,
+  defineConfig({
+    test: {
+      name: 'e2e',
+      // Point specifically to E2E tests
+      include: ['src/tests/e2e/**/*.e2e.test.ts'],
+      // Increase timeout for E2E flows that involve AI or full API chains
+      testTimeout: 120000,
+      coverage: {
+        reportsDirectory: '.coverage/e2e',
+      },
+    },
+  }),
+);
+
+// Explicitly override the include array to ensure we don't inherit integration tests
+// (mergeConfig might concatenate arrays by default)
+if (e2eConfig.test) {
+  e2eConfig.test.include = ['src/tests/e2e/**/*.e2e.test.ts'];
+}
+
+export default e2eConfig;