ci: Bump version to 0.9.38 [skip ci]

.gitea/workflows/deploy-to-test.yml

@@ -113,7 +113,7 @@ jobs:
           REDIS_PASSWORD: ${{ secrets.REDIS_PASSWORD_TEST }}
 
           # --- Integration test specific variables ---
-          FRONTEND_URL: 'http://localhost:3000'
+          FRONTEND_URL: 'https://example.com'
           VITE_API_BASE_URL: 'http://localhost:3001/api'
           GEMINI_API_KEY: ${{ secrets.VITE_GOOGLE_GENAI_API_KEY }}
 
@@ -389,7 +389,7 @@ jobs:
           REDIS_PASSWORD: ${{ secrets.REDIS_PASSWORD_TEST }}
 
           # Application Secrets
-          FRONTEND_URL: 'https://flyer-crawler-test.projectium.com'
+          FRONTEND_URL: 'https://example.com'
           JWT_SECRET: ${{ secrets.JWT_SECRET }}
           GEMINI_API_KEY: ${{ secrets.VITE_GOOGLE_GENAI_API_KEY_TEST }}
           GOOGLE_MAPS_API_KEY: ${{ secrets.GOOGLE_MAPS_API_KEY }}

package-lock.json

@@ -1,12 +1,12 @@
 {
   "name": "flyer-crawler",
-  "version": "0.9.33",
+  "version": "0.9.38",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "flyer-crawler",
-      "version": "0.9.33",
+      "version": "0.9.38",
       "dependencies": {
         "@bull-board/api": "^6.14.2",
         "@bull-board/express": "^6.14.2",

package.json

@@ -1,7 +1,7 @@
 {
   "name": "flyer-crawler",
   "private": true,
-  "version": "0.9.33",
+  "version": "0.9.38",
   "type": "module",
   "scripts": {
     "dev": "concurrently \"npm:start:dev\" \"vite\"",

sql/initial_schema.sql

@@ -90,10 +90,10 @@ CREATE TABLE IF NOT EXISTS public.profiles (
   created_at TIMESTAMPTZ DEFAULT now() NOT NULL,
   updated_at TIMESTAMPTZ DEFAULT now() NOT NULL,
   CONSTRAINT profiles_full_name_check CHECK (full_name IS NULL OR TRIM(full_name) <> ''),
-  CONSTRAINT profiles_avatar_url_check CHECK (avatar_url IS NULL OR avatar_url ~* '^https://?.*'),
   created_by UUID REFERENCES public.users(user_id) ON DELETE SET NULL,
   updated_by UUID REFERENCES public.users(user_id) ON DELETE SET NULL
 );
+  -- CONSTRAINT profiles_avatar_url_check CHECK (avatar_url IS NULL OR avatar_url ~* '^https://?.*'),
 COMMENT ON TABLE public.profiles IS 'Stores public-facing user data, linked to the public.users table.';
 COMMENT ON COLUMN public.profiles.address_id IS 'A foreign key to the user''s primary address in the `addresses` table.';
 -- This index is crucial for the gamification leaderboard feature.
@@ -108,9 +108,9 @@ CREATE TABLE IF NOT EXISTS public.stores (
   created_at TIMESTAMPTZ DEFAULT now() NOT NULL,
   updated_at TIMESTAMPTZ DEFAULT now() NOT NULL,
   CONSTRAINT stores_name_check CHECK (TRIM(name) <> ''),
-  CONSTRAINT stores_logo_url_check CHECK (logo_url IS NULL OR logo_url ~* '^https://?.*'),
   created_by UUID REFERENCES public.users(user_id) ON DELETE SET NULL
 );
+  -- CONSTRAINT stores_logo_url_check CHECK (logo_url IS NULL OR logo_url ~* '^https://?.*'),
 COMMENT ON TABLE public.stores IS 'Stores metadata for grocery store chains (e.g., Safeway, Kroger).';
 
 -- 5. The 'categories' table for normalized category data.
@@ -141,10 +141,10 @@ CREATE TABLE IF NOT EXISTS public.flyers (
   updated_at TIMESTAMPTZ DEFAULT now() NOT NULL,
   CONSTRAINT flyers_valid_dates_check CHECK (valid_to >= valid_from),
   CONSTRAINT flyers_file_name_check CHECK (TRIM(file_name) <> ''),
-  CONSTRAINT flyers_image_url_check CHECK (image_url ~* '^https://?.*'),
-  CONSTRAINT flyers_icon_url_check CHECK (icon_url IS NULL OR icon_url ~* '^https://?.*'),
   CONSTRAINT flyers_checksum_check CHECK (checksum IS NULL OR length(checksum) = 64)
 );
+  -- CONSTRAINT flyers_image_url_check CHECK (image_url ~* '^https://?.*'),
+  -- CONSTRAINT flyers_icon_url_check CHECK (icon_url IS NULL OR icon_url ~* '^https://?.*'),
 COMMENT ON TABLE public.flyers IS 'Stores metadata for each processed flyer, linking it to a store and its validity period.';
 CREATE INDEX IF NOT EXISTS idx_flyers_store_id ON public.flyers(store_id);
 COMMENT ON COLUMN public.flyers.file_name IS 'The original name of the uploaded flyer file (e.g., "flyer_week_1.pdf").';
@@ -198,9 +198,9 @@ CREATE TABLE IF NOT EXISTS public.brands (
     store_id BIGINT REFERENCES public.stores(store_id) ON DELETE SET NULL,
     created_at TIMESTAMPTZ DEFAULT now() NOT NULL,
     updated_at TIMESTAMPTZ DEFAULT now() NOT NULL,
-    CONSTRAINT brands_name_check CHECK (TRIM(name) <> ''),
+    CONSTRAINT brands_name_check CHECK (TRIM(name) <> '')
-    CONSTRAINT brands_logo_url_check CHECK (logo_url IS NULL OR logo_url ~* '^https://?.*')
 );
+    -- CONSTRAINT brands_logo_url_check CHECK (logo_url IS NULL OR logo_url ~* '^https://?.*')
 COMMENT ON TABLE public.brands IS 'Stores brand names like "Coca-Cola", "Maple Leaf", or "Kraft".';
 COMMENT ON COLUMN public.brands.store_id IS 'If this is a store-specific brand (e.g., President''s Choice), this links to the parent store.';
 
@@ -464,9 +464,9 @@ CREATE TABLE IF NOT EXISTS public.user_submitted_prices (
     upvotes INTEGER DEFAULT 0 NOT NULL CHECK (upvotes >= 0),
     downvotes INTEGER DEFAULT 0 NOT NULL CHECK (downvotes >= 0),
     created_at TIMESTAMPTZ DEFAULT now() NOT NULL,
-    updated_at TIMESTAMPTZ DEFAULT now() NOT NULL,
+    updated_at TIMESTAMPTZ DEFAULT now() NOT NULL
-    CONSTRAINT user_submitted_prices_photo_url_check CHECK (photo_url IS NULL OR photo_url ~* '^https://?.*')
 );
+-- CONSTRAINT user_submitted_prices_photo_url_check CHECK (photo_url IS NULL OR photo_url ~* '^https://?.*')
 COMMENT ON TABLE public.user_submitted_prices IS 'Stores item prices submitted by users directly from physical stores.';
 COMMENT ON COLUMN public.user_submitted_prices.photo_url IS 'URL to user-submitted photo evidence of the price.';
 COMMENT ON COLUMN public.user_submitted_prices.upvotes IS 'Community validation score indicating accuracy.';
@@ -521,9 +521,9 @@ CREATE TABLE IF NOT EXISTS public.recipes (
     fork_count INTEGER DEFAULT 0 NOT NULL CHECK (fork_count >= 0),
     created_at TIMESTAMPTZ DEFAULT now() NOT NULL,
     updated_at TIMESTAMPTZ DEFAULT now() NOT NULL,
-    CONSTRAINT recipes_name_check CHECK (TRIM(name) <> ''),
+    CONSTRAINT recipes_name_check CHECK (TRIM(name) <> '')
-    CONSTRAINT recipes_photo_url_check CHECK (photo_url IS NULL OR photo_url ~* '^https://?.*')
 );
+-- CONSTRAINT recipes_photo_url_check CHECK (photo_url IS NULL OR photo_url ~* '^https://?.*')
 COMMENT ON TABLE public.recipes IS 'Stores recipes that can be used to generate shopping lists.';
 COMMENT ON COLUMN public.recipes.servings IS 'The number of servings this recipe yields.';
 COMMENT ON COLUMN public.recipes.original_recipe_id IS 'If this recipe is a variation of another, this points to the original.';
@@ -920,9 +920,9 @@ CREATE TABLE IF NOT EXISTS public.receipts (
     raw_text TEXT,
     created_at TIMESTAMPTZ DEFAULT now() NOT NULL,
     processed_at TIMESTAMPTZ,    
-    updated_at TIMESTAMPTZ DEFAULT now() NOT NULL,
+    updated_at TIMESTAMPTZ DEFAULT now() NOT NULL
-    CONSTRAINT receipts_receipt_image_url_check CHECK (receipt_image_url ~* '^https://?.*')
 );
+    -- CONSTRAINT receipts_receipt_image_url_check CHECK (receipt_image_url ~* '^https://?.*')
 COMMENT ON TABLE public.receipts IS 'Stores uploaded user receipts for purchase tracking and analysis.';
 CREATE INDEX IF NOT EXISTS idx_receipts_user_id ON public.receipts(user_id);
 CREATE INDEX IF NOT EXISTS idx_receipts_store_id ON public.receipts(store_id);

sql/master_schema_rollup.sql

@@ -106,10 +106,10 @@ CREATE TABLE IF NOT EXISTS public.profiles (
     created_at TIMESTAMPTZ DEFAULT now() NOT NULL,
     updated_at TIMESTAMPTZ DEFAULT now() NOT NULL,
     CONSTRAINT profiles_full_name_check CHECK (full_name IS NULL OR TRIM(full_name) <> ''),
-    CONSTRAINT profiles_avatar_url_check CHECK (avatar_url IS NULL OR avatar_url ~* '^https?://.*'),
     created_by UUID REFERENCES public.users(user_id) ON DELETE SET NULL,    
     updated_by UUID REFERENCES public.users(user_id) ON DELETE SET NULL
 );
+    -- CONSTRAINT profiles_avatar_url_check CHECK (avatar_url IS NULL OR avatar_url ~* '^https?://.*'),
 COMMENT ON TABLE public.profiles IS 'Stores public-facing user data, linked to the public.users table.';
 COMMENT ON COLUMN public.profiles.address_id IS 'A foreign key to the user''s primary address in the `addresses` table.';
 -- This index is crucial for the gamification leaderboard feature.
@@ -124,9 +124,9 @@ CREATE TABLE IF NOT EXISTS public.stores (
     created_at TIMESTAMPTZ DEFAULT now() NOT NULL,
     updated_at TIMESTAMPTZ DEFAULT now() NOT NULL,
     CONSTRAINT stores_name_check CHECK (TRIM(name) <> ''),
-    CONSTRAINT stores_logo_url_check CHECK (logo_url IS NULL OR logo_url ~* '^https?://.*'),
     created_by UUID REFERENCES public.users(user_id) ON DELETE SET NULL    
 );
+    -- CONSTRAINT stores_logo_url_check CHECK (logo_url IS NULL OR logo_url ~* '^https?://.*'),
 COMMENT ON TABLE public.stores IS 'Stores metadata for grocery store chains (e.g., Safeway, Kroger).';
 
 -- 5. The 'categories' table for normalized category data.
@@ -157,10 +157,10 @@ CREATE TABLE IF NOT EXISTS public.flyers (
     updated_at TIMESTAMPTZ DEFAULT now() NOT NULL,
     CONSTRAINT flyers_valid_dates_check CHECK (valid_to >= valid_from),
     CONSTRAINT flyers_file_name_check CHECK (TRIM(file_name) <> ''),
-    CONSTRAINT flyers_image_url_check CHECK (image_url ~* '^https?://.*'),
-    CONSTRAINT flyers_icon_url_check CHECK (icon_url ~* '^https?://.*'),
     CONSTRAINT flyers_checksum_check CHECK (checksum IS NULL OR length(checksum) = 64)
 );
+    -- CONSTRAINT flyers_image_url_check CHECK (image_url ~* '^https?://.*'),
+    -- CONSTRAINT flyers_icon_url_check CHECK (icon_url ~* '^https?://.*'),
 COMMENT ON TABLE public.flyers IS 'Stores metadata for each processed flyer, linking it to a store and its validity period.';
 CREATE INDEX IF NOT EXISTS idx_flyers_store_id ON public.flyers(store_id);
 COMMENT ON COLUMN public.flyers.file_name IS 'The original name of the uploaded flyer file (e.g., "flyer_week_1.pdf").';
@@ -214,9 +214,9 @@ CREATE TABLE IF NOT EXISTS public.brands (
     store_id BIGINT REFERENCES public.stores(store_id) ON DELETE SET NULL,
     created_at TIMESTAMPTZ DEFAULT now() NOT NULL,
     updated_at TIMESTAMPTZ DEFAULT now() NOT NULL,
-    CONSTRAINT brands_name_check CHECK (TRIM(name) <> ''),
+    CONSTRAINT brands_name_check CHECK (TRIM(name) <> '')
-    CONSTRAINT brands_logo_url_check CHECK (logo_url IS NULL OR logo_url ~* '^https?://.*')
 );
+    -- CONSTRAINT brands_logo_url_check CHECK (logo_url IS NULL OR logo_url ~* '^https?://.*')
 COMMENT ON TABLE public.brands IS 'Stores brand names like "Coca-Cola", "Maple Leaf", or "Kraft".';
 COMMENT ON COLUMN public.brands.store_id IS 'If this is a store-specific brand (e.g., President''s Choice), this links to the parent store.';
 
@@ -481,9 +481,9 @@ CREATE TABLE IF NOT EXISTS public.user_submitted_prices (
     upvotes INTEGER DEFAULT 0 NOT NULL CHECK (upvotes >= 0),
     downvotes INTEGER DEFAULT 0 NOT NULL CHECK (downvotes >= 0),
     created_at TIMESTAMPTZ DEFAULT now() NOT NULL,
-    updated_at TIMESTAMPTZ DEFAULT now() NOT NULL,
+    updated_at TIMESTAMPTZ DEFAULT now() NOT NULL
-    CONSTRAINT user_submitted_prices_photo_url_check CHECK (photo_url IS NULL OR photo_url ~* '^https?://.*')
 );
+    -- CONSTRAINT user_submitted_prices_photo_url_check CHECK (photo_url IS NULL OR photo_url ~* '^https?://.*')
 COMMENT ON TABLE public.user_submitted_prices IS 'Stores item prices submitted by users directly from physical stores.';
 COMMENT ON COLUMN public.user_submitted_prices.photo_url IS 'URL to user-submitted photo evidence of the price.';
 COMMENT ON COLUMN public.user_submitted_prices.upvotes IS 'Community validation score indicating accuracy.';
@@ -538,9 +538,9 @@ CREATE TABLE IF NOT EXISTS public.recipes (
     fork_count INTEGER DEFAULT 0 NOT NULL CHECK (fork_count >= 0),
     created_at TIMESTAMPTZ DEFAULT now() NOT NULL,
     updated_at TIMESTAMPTZ DEFAULT now() NOT NULL,
-    CONSTRAINT recipes_name_check CHECK (TRIM(name) <> ''),
+    CONSTRAINT recipes_name_check CHECK (TRIM(name) <> '')
-    CONSTRAINT recipes_photo_url_check CHECK (photo_url IS NULL OR photo_url ~* '^https?://.*')
 );
+    -- CONSTRAINT recipes_photo_url_check CHECK (photo_url IS NULL OR photo_url ~* '^https?://.*')
 COMMENT ON TABLE public.recipes IS 'Stores recipes that can be used to generate shopping lists.';
 COMMENT ON COLUMN public.recipes.servings IS 'The number of servings this recipe yields.';
 COMMENT ON COLUMN public.recipes.original_recipe_id IS 'If this recipe is a variation of another, this points to the original.';
@@ -940,9 +940,9 @@ CREATE TABLE IF NOT EXISTS public.receipts (
     raw_text TEXT,
     created_at TIMESTAMPTZ DEFAULT now() NOT NULL,
     processed_at TIMESTAMPTZ,    
-    CONSTRAINT receipts_receipt_image_url_check CHECK (receipt_image_url ~* '^https?://.*'),
     updated_at TIMESTAMPTZ DEFAULT now() NOT NULL
 );
+    -- CONSTRAINT receipts_receipt_image_url_check CHECK (receipt_image_url ~* '^https?://.*'),
 COMMENT ON TABLE public.receipts IS 'Stores uploaded user receipts for purchase tracking and analysis.';
 CREATE INDEX IF NOT EXISTS idx_receipts_user_id ON public.receipts(user_id);
 CREATE INDEX IF NOT EXISTS idx_receipts_store_id ON public.receipts(store_id);

src/App.test.tsx

@@ -628,7 +628,7 @@ describe('App Component', () => {
           app: {
             version: '2.0.0',
             commitMessage: 'A new version!',
-            commitUrl: 'http://example.com/commit/2.0.0',
+            commitUrl: 'https://example.com/commit/2.0.0',
           },
         },
       }));
@@ -638,7 +638,7 @@ describe('App Component', () => {
       renderApp();
       const versionLink = screen.getByText(`Version: 2.0.0`);
       expect(versionLink).toBeInTheDocument();
-      expect(versionLink).toHaveAttribute('href', 'http://example.com/commit/2.0.0');
+      expect(versionLink).toHaveAttribute('href', 'https://example.com/commit/2.0.0');
     });
 
     it('should open the "What\'s New" modal when the question mark icon is clicked', async () => {

src/components/FlyerCorrectionTool.test.tsx

@@ -19,7 +19,7 @@ const mockedNotifyError = notifyError as Mocked<typeof notifyError>;
 const defaultProps = {
   isOpen: true,
   onClose: vi.fn(),
-  imageUrl: 'http://example.com/flyer.jpg',
+  imageUrl: 'https://example.com/flyer.jpg',
   onDataExtracted: vi.fn(),
 };
 

src/components/Leaderboard.test.tsx

@@ -25,7 +25,7 @@ const mockLeaderboardData: LeaderboardUser[] = [
   createMockLeaderboardUser({
     user_id: 'user-2',
     full_name: 'Bob',
-    avatar_url: 'http://example.com/bob.jpg',
+    avatar_url: 'https://example.com/bob.jpg',
     points: 950,
     rank: '2',
   }),
@@ -95,7 +95,7 @@ describe('Leaderboard', () => {
 
       // Check for correct avatar URLs
       const bobAvatar = screen.getByAltText('Bob') as HTMLImageElement;
-      expect(bobAvatar.src).toBe('http://example.com/bob.jpg');
+      expect(bobAvatar.src).toBe('https://example.com/bob.jpg');
 
       const aliceAvatar = screen.getByAltText('Alice') as HTMLImageElement;
       expect(aliceAvatar.src).toContain('api.dicebear.com'); // Check for fallback avatar

src/features/flyer/AnalysisPanel.test.tsx

@@ -160,9 +160,9 @@ describe('AnalysisPanel', () => {
       results: { WEB_SEARCH: 'Search results text.' },
       sources: {
         WEB_SEARCH: [
-          { title: 'Valid Source', uri: 'http://example.com/source1' },
+          { title: 'Valid Source', uri: 'https://example.com/source1' },
           { title: 'Source without URI', uri: null },
-          { title: 'Another Valid Source', uri: 'http://example.com/source2' },
+          { title: 'Another Valid Source', uri: 'https://example.com/source2' },
         ],
       },
       loadingAnalysis: null,
@@ -178,7 +178,7 @@ describe('AnalysisPanel', () => {
     expect(screen.getByText('Sources:')).toBeInTheDocument();
     const source1 = screen.getByText('Valid Source');
     expect(source1).toBeInTheDocument();
-    expect(source1.closest('a')).toHaveAttribute('href', 'http://example.com/source1');
+    expect(source1.closest('a')).toHaveAttribute('href', 'https://example.com/source1');
     expect(screen.queryByText('Source without URI')).not.toBeInTheDocument();
     expect(screen.getByText('Another Valid Source')).toBeInTheDocument();
   });
@@ -278,13 +278,13 @@ describe('AnalysisPanel', () => {
       loadingAnalysis: null,
       error: null,
       runAnalysis: mockRunAnalysis,
-      generatedImageUrl: 'http://example.com/meal.jpg',
+      generatedImageUrl: 'https://example.com/meal.jpg',
       generateImage: mockGenerateImage,
     });
     rerender(<AnalysisPanel selectedFlyer={mockFlyer} />);
     const image = screen.getByAltText('AI generated meal plan');
     expect(image).toBeInTheDocument();
-    expect(image).toHaveAttribute('src', 'http://example.com/meal.jpg');
+    expect(image).toHaveAttribute('src', 'https://example.com/meal.jpg');
   });
 
   it('should not show sources for non-search analysis types', () => {

src/features/flyer/FlyerDisplay.test.tsx

@@ -8,13 +8,13 @@ import { createMockStore } from '../../tests/utils/mockFactories';
 const mockStore = createMockStore({
   store_id: 1,
   name: 'SuperMart',
-  logo_url: 'http://example.com/logo.png',
+  logo_url: 'https://example.com/logo.png',
 });
 
 const mockOnOpenCorrectionTool = vi.fn();
 
 const defaultProps = {
-  imageUrl: 'http://example.com/flyer.jpg',
+  imageUrl: 'https://example.com/flyer.jpg',
   store: mockStore,
   validFrom: '2023-10-26',
   validTo: '2023-11-01',

src/features/flyer/FlyerList.test.tsx

@@ -19,7 +19,7 @@ const mockFlyers: Flyer[] = [
     flyer_id: 1,
     file_name: 'metro_flyer_oct_1.pdf',
     item_count: 50,
-    image_url: 'http://example.com/flyer1.jpg',
+    image_url: 'https://example.com/flyer1.jpg',
     store: { store_id: 101, name: 'Metro' },
     valid_from: '2023-10-05',
     valid_to: '2023-10-11',
@@ -29,7 +29,7 @@ const mockFlyers: Flyer[] = [
     flyer_id: 2,
     file_name: 'walmart_flyer.pdf',
     item_count: 75,
-    image_url: 'http://example.com/flyer2.jpg',
+    image_url: 'https://example.com/flyer2.jpg',
     store: { store_id: 102, name: 'Walmart' },
     valid_from: '2023-10-06',
     valid_to: '2023-10-06', // Same day
@@ -40,8 +40,8 @@ const mockFlyers: Flyer[] = [
       flyer_id: 3,
       file_name: 'no-store-flyer.pdf',
       item_count: 10,
-      image_url: 'http://example.com/flyer3.jpg',
+      image_url: 'https://example.com/flyer3.jpg',
-      icon_url: 'http://example.com/icon3.png',
+      icon_url: 'https://example.com/icon3.png',
       valid_from: '2023-10-07',
       valid_to: '2023-10-08',
       store_address: '456 Side St, Ottawa',
@@ -53,7 +53,7 @@ const mockFlyers: Flyer[] = [
     flyer_id: 4,
     file_name: 'bad-date-flyer.pdf',
     item_count: 5,
-    image_url: 'http://example.com/flyer4.jpg',
+    image_url: 'https://example.com/flyer4.jpg',
     store: { store_id: 103, name: 'Date Store' },
     created_at: 'invalid-date',
     valid_from: 'invalid-from',
@@ -163,7 +163,7 @@ describe('FlyerList', () => {
       const flyerWithIcon = screen.getByText('Unknown Store').closest('li'); // Flyer ID 3
       const iconImage = flyerWithIcon?.querySelector('img');
       expect(iconImage).toBeInTheDocument();
-      expect(iconImage).toHaveAttribute('src', 'http://example.com/icon3.png');
+      expect(iconImage).toHaveAttribute('src', 'https://example.com/icon3.png');
     });
 
     it('should render a document icon when icon_url is not present', () => {

src/hooks/useFlyerItems.test.ts

@@ -15,8 +15,8 @@ describe('useFlyerItems Hook', () => {
   const mockFlyer = createMockFlyer({
     flyer_id: 123,
     file_name: 'test-flyer.jpg',
-    image_url: 'http://example.com/test.jpg',
+    image_url: 'https://example.com/test.jpg',
-    icon_url: 'http://example.com/icon.jpg',
+    icon_url: 'https://example.com/icon.jpg',
     checksum: 'abc',
     valid_from: '2024-01-01',
     valid_to: '2024-01-07',

src/hooks/useFlyers.test.tsx

@@ -72,7 +72,7 @@ describe('useFlyers Hook and FlyersProvider', () => {
       createMockFlyer({
         flyer_id: 1,
         file_name: 'flyer1.jpg',
-        image_url: 'http://example.com/flyer1.jpg',
+        image_url: 'https://example.com/flyer1.jpg',
         item_count: 5,
         created_at: '2024-01-01',
       }),

src/pages/HomePage.test.tsx

@@ -79,7 +79,7 @@ describe('HomePage Component', () => {
   describe('when a flyer is selected', () => {
     const mockFlyer: Flyer = createMockFlyer({
       flyer_id: 1,
-      image_url: 'http://example.com/flyer.jpg',
+      image_url: 'https://example.com/flyer.jpg',
     });
 
     it('should render FlyerDisplay but not data tables if there are no flyer items', () => {

src/pages/UserProfilePage.test.tsx

@@ -26,7 +26,7 @@ const mockedApiClient = vi.mocked(apiClient);
 const mockProfile: UserProfile = createMockUserProfile({
   user: createMockUser({ user_id: 'user-123', email: 'test@example.com' }),
   full_name: 'Test User',
-  avatar_url: 'http://example.com/avatar.jpg',
+  avatar_url: 'https://example.com/avatar.jpg',
   points: 150,
   role: 'user',
 });
@@ -359,7 +359,7 @@ describe('UserProfilePage', () => {
     });
 
     it('should upload a new avatar and update the image source', async () => {
-      const updatedProfile = { ...mockProfile, avatar_url: 'http://example.com/new-avatar.png' };
+      const updatedProfile = { ...mockProfile, avatar_url: 'https://example.com/new-avatar.png' };
 
       // Log when the mock is called
       mockedApiClient.uploadAvatar.mockImplementation((file) => {

src/pages/admin/ActivityLog.test.tsx

@@ -30,7 +30,7 @@ const mockLogs: ActivityLogItem[] = [
     user_id: 'user-123',
     action: 'flyer_processed',
     display_text: 'Processed a new flyer for Walmart.',
-    user_avatar_url: 'http://example.com/avatar.png',
+    user_avatar_url: 'https://example.com/avatar.png',
     user_full_name: 'Test User',
     details: { flyer_id: 1, store_name: 'Walmart' },
   }),
@@ -63,7 +63,7 @@ const mockLogs: ActivityLogItem[] = [
     action: 'recipe_favorited',
     display_text: 'User favorited a recipe',
     user_full_name: 'Pizza Lover',
-    user_avatar_url: 'http://example.com/pizza.png',
+    user_avatar_url: 'https://example.com/pizza.png',
     details: { recipe_name: 'Best Pizza' },
   }),
   createMockActivityLogItem({
@@ -136,7 +136,7 @@ describe('ActivityLog', () => {
       // Check for avatar
       const avatar = screen.getByAltText('Test User');
       expect(avatar).toBeInTheDocument();
-      expect(avatar).toHaveAttribute('src', 'http://example.com/avatar.png');
+      expect(avatar).toHaveAttribute('src', 'https://example.com/avatar.png');
 
       // Check for fallback avatar (Newbie User has no avatar)
       // The fallback is an SVG inside a span. We can check for the span's class or the SVG.

src/pages/admin/FlyerReviewPage.test.tsx

@@ -59,14 +59,14 @@ describe('FlyerReviewPage', () => {
         file_name: 'flyer1.jpg',
         created_at: '2023-01-01T00:00:00Z',
         store: { name: 'Store A' },
-        icon_url: 'http://example.com/icon1.jpg',
+        icon_url: 'https://example.com/icon1.jpg',
       },
       {
         flyer_id: 2,
         file_name: 'flyer2.jpg',
         created_at: '2023-01-02T00:00:00Z',
         store: { name: 'Store B' },
-        icon_url: 'http://example.com/icon2.jpg',
+        icon_url: 'https://example.com/icon2.jpg',
       },
       {
         flyer_id: 3,

src/pages/admin/components/AdminBrandManager.test.tsx

@@ -19,7 +19,7 @@ const mockBrands = [
     brand_id: 2,
     name: 'Compliments',
     store_name: 'Sobeys',
-    logo_url: 'http://example.com/compliments.png',
+    logo_url: 'https://example.com/compliments.png',
   }),
 ];
 
@@ -92,7 +92,7 @@ describe('AdminBrandManager', () => {
     );
     mockedApiClient.uploadBrandLogo.mockImplementation(
       async () =>
-        new Response(JSON.stringify({ logoUrl: 'http://example.com/new-logo.png' }), {
+        new Response(JSON.stringify({ logoUrl: 'https://example.com/new-logo.png' }), {
           status: 200,
         }),
     );
@@ -120,7 +120,7 @@ describe('AdminBrandManager', () => {
       // Check if the UI updates with the new logo
       expect(screen.getByAltText('No Frills logo')).toHaveAttribute(
         'src',
-        'http://example.com/new-logo.png',
+        'https://example.com/new-logo.png',
       );
       console.log('TEST SUCCESS: All assertions for successful upload passed.');
     });
@@ -350,7 +350,7 @@ describe('AdminBrandManager', () => {
       // Brand 2 should still have original logo
       expect(screen.getByAltText('Compliments logo')).toHaveAttribute(
         'src',
-        'http://example.com/compliments.png',
+        'https://example.com/compliments.png',
       );
     });
   });

src/pages/admin/components/ProfileManager.test.tsx

@@ -35,7 +35,7 @@ const authenticatedUser = createMockUser({ user_id: 'auth-user-123', email: 'tes
 const mockAddressId = 123;
 const authenticatedProfile = createMockUserProfile({
   full_name: 'Test User',
-  avatar_url: 'http://example.com/avatar.png',
+  avatar_url: 'https://example.com/avatar.png',
   role: 'user',
   points: 100,
   preferences: {

src/routes/ai.routes.ts

@@ -28,6 +28,7 @@ const uploadAndProcessSchema = z.object({
         .length(64, 'Checksum must be 64 characters long.')
         .regex(/^[a-f0-9]+$/, 'Checksum must be a valid hexadecimal string.'),
     ),
+    baseUrl: z.string().url().optional(),
   }),
 });
 
@@ -198,6 +199,7 @@ router.post(
         userProfile,
         req.ip ?? 'unknown',
         req.log,
+        body.baseUrl,
       );
 
       // Respond immediately to the client with 202 Accepted

src/routes/personalization.routes.test.ts

@@ -40,7 +40,7 @@ describe('Personalization Routes (/api/personalization)', () => {
       const mockItems = [createMockMasterGroceryItem({ master_grocery_item_id: 1, name: 'Milk' })];
       vi.mocked(db.personalizationRepo.getAllMasterItems).mockResolvedValue(mockItems);
 
-      const response = await supertest(app).get('/api/personalization/master-items');
+      const response = await supertest(app).get('/api/personalization/master-items').set('x-test-rate-limit-enable', 'true');
 
       expect(response.status).toBe(200);
       expect(response.body).toEqual(mockItems);
@@ -49,7 +49,7 @@ describe('Personalization Routes (/api/personalization)', () => {
     it('should return 500 if the database call fails', async () => {
       const dbError = new Error('DB Error');
       vi.mocked(db.personalizationRepo.getAllMasterItems).mockRejectedValue(dbError);
-      const response = await supertest(app).get('/api/personalization/master-items');
+      const response = await supertest(app).get('/api/personalization/master-items').set('x-test-rate-limit-enable', 'true');
       expect(response.status).toBe(500);
       expect(response.body.message).toBe('DB Error');
       expect(mockLogger.error).toHaveBeenCalledWith(

src/routes/user.routes.test.ts

@@ -1030,7 +1030,7 @@ describe('User Routes (/api/users)', () => {
       it('should upload an avatar and update the user profile', async () => {
         const mockUpdatedProfile = createMockUserProfile({
           ...mockUserProfile,
-          avatar_url: 'http://localhost:3001/uploads/avatars/new-avatar.png',
+          avatar_url: 'https://example.com/uploads/avatars/new-avatar.png',
         });
         vi.mocked(userService.updateUserAvatar).mockResolvedValue(mockUpdatedProfile);
 
@@ -1042,7 +1042,7 @@ describe('User Routes (/api/users)', () => {
           .attach('avatar', Buffer.from('dummy-image-content'), dummyImagePath);
 
         expect(response.status).toBe(200);
-        expect(response.body.avatar_url).toContain('http://localhost:3001/uploads/avatars/');
+        expect(response.body.avatar_url).toContain('https://example.com/uploads/avatars/');
         expect(userService.updateUserAvatar).toHaveBeenCalledWith(
           mockUserProfile.user.user_id,
           expect.any(Object),
@@ -1243,7 +1243,7 @@ describe('User Routes (/api/users)', () => {
 
       beforeEach(() => {
         // Advance time to ensure rate limits are reset between tests
-        vi.advanceTimersByTime(60 * 60 * 1000 + 1000);
+        vi.advanceTimersByTime(2 * 60 * 60 * 1000);
       });
 
       afterAll(() => {
@@ -1299,29 +1299,32 @@ describe('User Routes (/api/users)', () => {
         expect(response.headers).toHaveProperty('ratelimit-limit');
         expect(parseInt(response.headers['ratelimit-limit'])).toBe(20);
       });
-    });
 
-    it('should apply userSensitiveUpdateLimiter to DELETE /account and block after limit', async () => {
+      it('should apply userSensitiveUpdateLimiter to DELETE /account and block after limit', async () => {
-      const limit = 5;
+        // Explicitly advance time to ensure the rate limiter window has reset from previous tests
-      vi.mocked(userService.deleteUserAccount).mockResolvedValue(undefined);
+        vi.advanceTimersByTime(60 * 60 * 1000 + 5000);
 
-      // Consume the limit
+        const limit = 5;
-      for (let i = 0; i < limit; i++) {
+        vi.mocked(userService.deleteUserAccount).mockResolvedValue(undefined);
+
+        // Consume the limit
+        for (let i = 0; i < limit; i++) {
+          const response = await supertest(app)
+            .delete('/api/users/account')
+            .set('X-Test-Rate-Limit-Enable', 'true')
+            .send({ password: 'correct-password' });
+          expect(response.status).toBe(200);
+        }
+
+        // Next request should be blocked
         const response = await supertest(app)
           .delete('/api/users/account')
           .set('X-Test-Rate-Limit-Enable', 'true')
           .send({ password: 'correct-password' });
-        expect(response.status).toBe(200);
-      }
 
-      // Next request should be blocked
+        expect(response.status).toBe(429);
-      const response = await supertest(app)
+        expect(response.text).toContain('Too many sensitive requests');
-        .delete('/api/users/account')
+      });
-        .set('X-Test-Rate-Limit-Enable', 'true')
-        .send({ password: 'correct-password' });
-
-      expect(response.status).toBe(429);
-      expect(response.text).toContain('Too many sensitive requests');
     });
   });
 });

src/services/aiService.server.test.ts

@@ -116,7 +116,7 @@ interface MockFlyer {
   updated_at: string;
 }
 
-const baseUrl = 'http://localhost:3001';
+const baseUrl = 'https://example.com';
 
 describe('AI Service (Server)', () => {
   // Create mock dependencies that will be injected into the service
@@ -1015,7 +1015,7 @@ describe('AI Service (Server)', () => {
         userId: 'user123',
         submitterIp: '127.0.0.1',
         userProfileAddress: '123 St, City, Country', // Partial address match based on filter(Boolean)
-        baseUrl: 'http://localhost:3000',
+        baseUrl: 'https://example.com',
       });
       expect(result.id).toBe('job123');
     });
@@ -1037,7 +1037,7 @@ describe('AI Service (Server)', () => {
         expect.objectContaining({
           userId: undefined,
           userProfileAddress: undefined,
-          baseUrl: 'http://localhost:3000',
+          baseUrl: 'https://example.com',
         }),
       );
     });

src/services/aiService.server.ts

@@ -753,6 +753,7 @@ async enqueueFlyerProcessing(
     userProfile: UserProfile | undefined,
     submitterIp: string,
     logger: Logger,
+    baseUrlOverride?: string,
   ): Promise<Job> {
     // 1. Check for duplicate flyer
     const existingFlyer = await db.flyerRepo.findFlyerByChecksum(checksum, logger);
@@ -779,7 +780,7 @@ async enqueueFlyerProcessing(
         .join(', ');
     }
 
-    const baseUrl = getBaseUrl(logger);
+    const baseUrl = baseUrlOverride || getBaseUrl(logger);
     // --- START DEBUGGING ---
     // Add a fail-fast check to ensure the baseUrl is a valid URL before enqueuing.
     // This will make the test fail at the upload step if the URL is the problem,

src/services/authService.test.ts

@@ -59,7 +59,7 @@ describe('AuthService', () => {
 
     // Set environment variables before any modules are imported
     vi.stubEnv('JWT_SECRET', 'test-secret');
-    vi.stubEnv('FRONTEND_URL', 'http://localhost:3000');
+    vi.stubEnv('FRONTEND_URL', 'https://example.com');
 
     // Mock all dependencies before dynamically importing the service
     // Core modules like bcrypt, jsonwebtoken, and crypto are now mocked globally in tests-setup-unit.ts

src/services/db/flyer.db.test.ts

@@ -132,8 +132,8 @@ describe('Flyer DB Service', () => {
     it('should execute an INSERT query and return the new flyer', async () => {
       const flyerData: FlyerDbInsert = {
         file_name: 'test.jpg',
-        image_url: 'http://localhost:3001/images/test.jpg',
+        image_url: 'https://example.com/images/test.jpg',
-        icon_url: 'http://localhost:3001/images/icons/test.jpg',
+        icon_url: 'https://example.com/images/icons/test.jpg',
         checksum: 'checksum123',
         store_id: 1,
         valid_from: '2024-01-01',
@@ -155,8 +155,8 @@ describe('Flyer DB Service', () => {
         expect.stringContaining('INSERT INTO flyers'),
         [
           'test.jpg',
-          'http://localhost:3001/images/test.jpg',
+          'https://example.com/images/test.jpg',
-          'http://localhost:3001/images/icons/test.jpg',
+          'https://example.com/images/icons/test.jpg',
           'checksum123',
           1,
           '2024-01-01',

src/services/db/shopping.db.test.ts

@@ -596,7 +596,7 @@ describe('Shopping DB Service', () => {
       const mockReceipt = {
         receipt_id: 1,
         user_id: 'user-1',
-        receipt_image_url: 'http://example.com/receipt.jpg',
+        receipt_image_url: 'https://example.com/receipt.jpg',
         status: 'pending',
       };
       mockPoolInstance.query.mockResolvedValue({ rows: [mockReceipt] });

src/services/flyerAiProcessor.server.test.ts

@@ -21,7 +21,7 @@ const createMockJobData = (data: Partial<FlyerJobData>): FlyerJobData => ({
   filePath: '/tmp/flyer.jpg',
   originalFileName: 'flyer.jpg',
   checksum: 'checksum-123',
-  baseUrl: 'http://localhost:3000',
+  baseUrl: 'https://example.com',
   ...data,
 });
 

src/services/flyerDataTransformer.test.ts

@@ -5,6 +5,7 @@ import { logger as mockLogger } from './logger.server';
 import { generateFlyerIcon } from '../utils/imageProcessor';
 import type { AiProcessorResult } from './flyerAiProcessor.server';
 import type { FlyerItemInsert } from '../types';
+import { getBaseUrl } from '../utils/serverUtils';
 
 // Mock the dependencies
 vi.mock('../utils/imageProcessor', () => ({
@@ -15,6 +16,10 @@ vi.mock('./logger.server', () => ({
   logger: { info: vi.fn(), error: vi.fn(), warn: vi.fn(), debug: vi.fn() },
 }));
 
+vi.mock('../utils/serverUtils', () => ({
+  getBaseUrl: vi.fn(),
+}));
+
 describe('FlyerDataTransformer', () => {
   let transformer: FlyerDataTransformer;
 
@@ -23,12 +28,13 @@ describe('FlyerDataTransformer', () => {
     transformer = new FlyerDataTransformer();
     // Stub environment variables to ensure consistency and predictability.
     // Prioritize FRONTEND_URL to match the updated service logic.
-    vi.stubEnv('FRONTEND_URL', 'http://localhost:3000');
+    vi.stubEnv('FRONTEND_URL', 'https://example.com');
     vi.stubEnv('BASE_URL', ''); // Ensure this is not used to confirm priority logic
     vi.stubEnv('PORT', '');     // Ensure this is not used
 
     // Provide a default mock implementation for generateFlyerIcon
     vi.mocked(generateFlyerIcon).mockResolvedValue('icon-flyer-page-1.webp');
+    vi.mocked(getBaseUrl).mockReturnValue('https://example.com');
   });
 
   it('should transform AI data into database-ready format with a user ID', async () => {
@@ -63,7 +69,7 @@ describe('FlyerDataTransformer', () => {
     const originalFileName = 'my-flyer.pdf';
     const checksum = 'checksum-abc-123';
     const userId = 'user-xyz-456';
-    const baseUrl = 'http://test.host';
+    const baseUrl = 'https://example.com';
 
     // Act
     const { flyerData, itemsForDb } = await transformer.transform(
@@ -244,7 +250,7 @@ describe('FlyerDataTransformer', () => {
     );
   });
 
-  it('should use fallback baseUrl if none is provided and log a warning', async () => {
+  it('should use fallback baseUrl from getBaseUrl if none is provided', async () => {
     // Arrange
     const aiResult: AiProcessorResult = {
       data: {
@@ -256,11 +262,10 @@ describe('FlyerDataTransformer', () => {
       },
       needsReview: false,
     };
-    const baseUrl = undefined; // Explicitly pass undefined for this test
+    const baseUrl = ''; // Explicitly pass '' for this test
 
-    // The fallback logic uses process.env.PORT || 3000.
+    const expectedFallbackUrl = 'http://fallback-url.com';
-    // The beforeEach sets PORT to '', so it should fallback to 3000.
+    vi.mocked(getBaseUrl).mockReturnValue(expectedFallbackUrl);
-    const expectedFallbackUrl = 'http://localhost:3000';
 
     // Act
     const { flyerData } = await transformer.transform(
@@ -275,10 +280,8 @@ describe('FlyerDataTransformer', () => {
     );
 
     // Assert
-    // 1. Check that a warning was logged
+    // 1. Check that getBaseUrl was called
-    expect(mockLogger.warn).toHaveBeenCalledWith(
+    expect(getBaseUrl).toHaveBeenCalledWith(mockLogger);
-      `Base URL not provided in job data. Falling back to default local URL: ${expectedFallbackUrl}`,
-    );
 
     // 2. Check that the URLs were constructed with the fallback
     expect(flyerData.image_url).toBe(`${expectedFallbackUrl}/flyer-images/flyer-page-1.jpg`);

src/services/flyerDataTransformer.ts

@@ -7,6 +7,7 @@ import type { AiProcessorResult } from './flyerAiProcessor.server'; // Keep this
 import { AiFlyerDataSchema } from '../types/ai'; // Import consolidated schema
 import { TransformationError } from './processingErrors';
 import { parsePriceToCents } from '../utils/priceParser';
+import { getBaseUrl } from '../utils/serverUtils';
 
 /**
  * This class is responsible for transforming the validated data from the AI service
@@ -58,17 +59,11 @@ export class FlyerDataTransformer {
   private _buildUrls(
     imageFileName: string,
     iconFileName: string,
-    baseUrl: string | undefined,
+    baseUrl: string,
     logger: Logger,
   ): { imageUrl: string; iconUrl: string } {
     logger.debug({ imageFileName, iconFileName, baseUrl }, 'Building URLs');
-    let finalBaseUrl = baseUrl;
+    const finalBaseUrl = baseUrl || getBaseUrl(logger);
-    if (!finalBaseUrl) {
-      const port = process.env.PORT || 3000;
-      finalBaseUrl = `http://localhost:${port}`;
-      logger.warn(`Base URL not provided in job data. Falling back to default local URL: ${finalBaseUrl}`);
-    }
-    finalBaseUrl = finalBaseUrl.endsWith('/') ? finalBaseUrl.slice(0, -1) : finalBaseUrl;
     const imageUrl = `${finalBaseUrl}/flyer-images/${imageFileName}`;
     const iconUrl = `${finalBaseUrl}/flyer-images/icons/${iconFileName}`;
     logger.debug({ imageUrl, iconUrl }, 'Constructed URLs');
@@ -93,7 +88,7 @@ export class FlyerDataTransformer {
     checksum: string,
     userId: string | undefined,
     logger: Logger,
-    baseUrl?: string,
+    baseUrl: string,
   ): Promise<{ flyerData: FlyerInsert; itemsForDb: FlyerItemInsert[] }> {
     logger.info('Starting data transformation from AI output to database format.');
 

src/services/flyerProcessingService.server.test.ts

@@ -104,8 +104,8 @@ describe('FlyerProcessingService', () => {
     vi.spyOn(FlyerDataTransformer.prototype, 'transform').mockResolvedValue({
       flyerData: {
         file_name: 'test.jpg',
-        image_url: 'http://example.com/test.jpg',
+        image_url: 'https://example.com/test.jpg',
-        icon_url: 'http://example.com/icon.webp',
+        icon_url: 'https://example.com/icon.webp',
         store_name: 'Mock Store',
         // Add required fields for FlyerInsert type
         status: 'processed',
@@ -169,7 +169,7 @@ describe('FlyerProcessingService', () => {
       flyer: createMockFlyer({
         flyer_id: 1,
         file_name: 'test.jpg',
-        image_url: 'http://example.com/test.jpg',
+        image_url: 'https://example.com/test.jpg',
         item_count: 1,
       }),
       items: [],
@@ -189,7 +189,7 @@ describe('FlyerProcessingService', () => {
         filePath: '/tmp/flyer.jpg',
         originalFileName: 'flyer.jpg',
         checksum: 'checksum-123',
-        baseUrl: 'http://localhost:3000',
+        baseUrl: 'https://example.com',
         ...data,
       },
       updateProgress: vi.fn(),
@@ -241,7 +241,7 @@ describe('FlyerProcessingService', () => {
         'checksum-123', // checksum
         undefined, // userId
         expect.any(Object), // logger
-        'http://localhost:3000', // baseUrl
+        'https://example.com', // baseUrl
       );
 
       // 5. DB transaction was initiated
@@ -695,8 +695,8 @@ describe('FlyerProcessingService', () => {
     it('should derive paths from DB and delete files if job paths are empty', async () => {
       const job = createMockCleanupJob({ flyerId: 1, paths: [] }); // Empty paths
       const mockFlyer = createMockFlyer({
-        image_url: 'http://localhost:3000/flyer-images/flyer-abc.jpg',
+        image_url: 'https://example.com/flyer-images/flyer-abc.jpg',
-        icon_url: 'http://localhost:3000/flyer-images/icons/icon-flyer-abc.webp',
+        icon_url: 'https://example.com/flyer-images/icons/icon-flyer-abc.webp',
       });
       // Mock DB call to return a flyer
       vi.mocked(mockedDb.flyerRepo.getFlyerById).mockResolvedValue(mockFlyer);

src/services/userService.test.ts

@@ -7,6 +7,7 @@ import { ValidationError, NotFoundError } from './db/errors.db';
 import { DatabaseError } from './processingErrors';
 import type { Job } from 'bullmq';
 import type { TokenCleanupJobData } from '../types/job-data';
+import { getTestBaseUrl } from '../tests/utils/testHelpers';
 
 // Un-mock the service under test to ensure we are testing the real implementation,
 // not the global mock from `tests/setup/tests-setup-unit.ts`.
@@ -240,12 +241,12 @@ describe('UserService', () => {
   describe('updateUserAvatar', () => {
     it('should construct avatar URL and update profile', async () => {
       const { logger } = await import('./logger.server');
-      const testBaseUrl = 'http://localhost:3001';
+      const testBaseUrl = getTestBaseUrl();
       vi.stubEnv('FRONTEND_URL', testBaseUrl);
 
       const userId = 'user-123';
       const file = { filename: 'avatar.jpg' } as Express.Multer.File;
-      const expectedUrl = `${testBaseUrl}/uploads/avatars/avatar.jpg`;
+      const expectedUrl = `${testBaseUrl}/uploads/avatars/${file.filename}`;
 
       mocks.mockUpdateUserProfile.mockResolvedValue({} as any);
 

src/tests/integration/admin.integration.test.ts

@@ -4,7 +4,7 @@ import supertest from 'supertest';
 import app from '../../../server';
 import { getPool } from '../../services/db/connection.db';
 import type { UserProfile } from '../../types';
-import { createAndLoginUser } from '../utils/testHelpers';
+import { createAndLoginUser, TEST_EXAMPLE_DOMAIN } from '../utils/testHelpers';
 import { cleanupDb } from '../utils/cleanup';
 
 /**
@@ -164,7 +164,7 @@ describe('Admin API Routes Integration Tests', () => {
     beforeEach(async () => {
       const flyerRes = await getPool().query(
         `INSERT INTO public.flyers (store_id, file_name, image_url, icon_url, item_count, checksum) 
-         VALUES ($1, 'admin-test.jpg', 'https://example.com/flyer-images/asdmin-test.jpg', 'https://example.com/flyer-images/icons/admin-test.jpg', 1, $2) RETURNING flyer_id`,
+         VALUES ($1, 'admin-test.jpg', '${TEST_EXAMPLE_DOMAIN}/flyer-images/asdmin-test.jpg', '${TEST_EXAMPLE_DOMAIN}/flyer-images/icons/admin-test.jpg', 1, $2) RETURNING flyer_id`,
         // The checksum must be a unique 64-character string to satisfy the DB constraint.
         // We generate a dynamic string and pad it to 64 characters.
         [testStoreId, `checksum-${Date.now()}-${Math.random()}`.padEnd(64, '0')],

src/tests/integration/flyer-processing.integration.test.ts

@@ -9,7 +9,7 @@ import { getPool } from '../../services/db/connection.db';
 import { generateFileChecksum } from '../../utils/checksum';
 import { logger } from '../../services/logger.server';
 import type { UserProfile, ExtractedFlyerItem } from '../../types';
-import { createAndLoginUser } from '../utils/testHelpers';
+import { createAndLoginUser, getTestBaseUrl } from '../utils/testHelpers';
 import { cleanupDb } from '../utils/cleanup';
 import { poll } from '../utils/poll';
 import { cleanupFiles } from '../utils/cleanupFiles';
@@ -57,7 +57,7 @@ describe('Flyer Processing Background Job Integration Test', () => {
   beforeAll(async () => {
     // FIX: Stub FRONTEND_URL to ensure valid absolute URLs (http://...) are generated
     // for the database, satisfying the 'url_check' constraint.
-    vi.stubEnv('FRONTEND_URL', 'http://localhost:3000');
+    vi.stubEnv('FRONTEND_URL', 'https://example.com');
   });
 
   // FIX: Reset mocks before each test to ensure isolation.
@@ -130,7 +130,7 @@ describe('Flyer Processing Background Job Integration Test', () => {
       .field('checksum', checksum)
       // Pass the baseUrl directly in the form data to ensure the worker receives it,
       // bypassing issues with vi.stubEnv in multi-threaded test environments.
-      .field('baseUrl', 'http://localhost:3000')
+      .field('baseUrl', getTestBaseUrl())
       .attach('flyerFile', uniqueContent, uniqueFileName);
     if (token) {
       uploadReq.set('Authorization', `Bearer ${token}`);
@@ -248,7 +248,7 @@ describe('Flyer Processing Background Job Integration Test', () => {
       const uploadResponse = await request
         .post('/api/ai/upload-and-process')
         .set('Authorization', `Bearer ${token}`)
-        .field('baseUrl', 'http://localhost:3000')
+        .field('baseUrl', getTestBaseUrl())
         .field('checksum', checksum)
         .attach('flyerFile', imageWithExifBuffer, uniqueFileName);
 
@@ -333,7 +333,7 @@ describe('Flyer Processing Background Job Integration Test', () => {
       const uploadResponse = await request
         .post('/api/ai/upload-and-process')
         .set('Authorization', `Bearer ${token}`)
-        .field('baseUrl', 'http://localhost:3000')
+        .field('baseUrl', getTestBaseUrl())
         .field('checksum', checksum)
         .attach('flyerFile', imageWithMetadataBuffer, uniqueFileName);
 
@@ -399,7 +399,7 @@ it(
       // Act 1: Upload the file to start the background job.
       const uploadResponse = await request
         .post('/api/ai/upload-and-process')
-        .field('baseUrl', 'http://localhost:3000')
+        .field('baseUrl', getTestBaseUrl())
         .field('checksum', checksum)
         .attach('flyerFile', uniqueContent, uniqueFileName);
 
@@ -451,7 +451,7 @@ it(
       // Act 1: Upload the file to start the background job.
       const uploadResponse = await request
         .post('/api/ai/upload-and-process')
-        .field('baseUrl', 'http://localhost:3000')
+        .field('baseUrl', getTestBaseUrl())
         .field('checksum', checksum)
         .attach('flyerFile', uniqueContent, uniqueFileName);
 
@@ -505,7 +505,7 @@ it(
       // Act 1: Upload the file to start the background job.
       const uploadResponse = await request
         .post('/api/ai/upload-and-process')
-        .field('baseUrl', 'http://localhost:3000')
+        .field('baseUrl', getTestBaseUrl())
         .field('checksum', checksum)
         .attach('flyerFile', uniqueContent, uniqueFileName);
 

src/tests/integration/flyer.integration.test.ts

@@ -5,6 +5,7 @@ import { getPool } from '../../services/db/connection.db';
 import app from '../../../server';
 import type { Flyer, FlyerItem } from '../../types';
 import { cleanupDb } from '../utils/cleanup';
+import { TEST_EXAMPLE_DOMAIN } from '../utils/testHelpers';
 
 /**
  * @vitest-environment node
@@ -27,7 +28,7 @@ describe('Public Flyer API Routes Integration Tests', () => {
 
     const flyerRes = await getPool().query(
       `INSERT INTO public.flyers (store_id, file_name, image_url, icon_url, item_count, checksum) 
-       VALUES ($1, 'integration-test.jpg', 'https://example.com/flyer-images/integration-test.jpg', 'https://example.com/flyer-images/icons/integration-test.jpg', 1, $2) RETURNING flyer_id`,
+       VALUES ($1, 'integration-test.jpg', '${TEST_EXAMPLE_DOMAIN}/flyer-images/integration-test.jpg', '${TEST_EXAMPLE_DOMAIN}/flyer-images/icons/integration-test.jpg', 1, $2) RETURNING flyer_id`,
       [testStoreId, `${Date.now().toString(16)}`.padEnd(64, '0')],
     );
     createdFlyerId = flyerRes.rows[0].flyer_id;

src/tests/integration/gamification.integration.test.ts

@@ -5,7 +5,7 @@ import app from '../../../server';
 import path from 'path';
 import fs from 'node:fs/promises';
 import { getPool } from '../../services/db/connection.db';
-import { createAndLoginUser } from '../utils/testHelpers';
+import { createAndLoginUser, getTestBaseUrl } from '../utils/testHelpers';
 import { generateFileChecksum } from '../../utils/checksum';
 import * as db from '../../services/db/index.db';
 import { cleanupDb } from '../utils/cleanup';
@@ -69,7 +69,7 @@ describe('Gamification Flow Integration Test', () => {
 
     // Stub environment variables for URL generation in the background worker.
     // This needs to be in beforeAll to ensure it's set before any code that might use it is imported.
-    vi.stubEnv('FRONTEND_URL', 'http://localhost:3001');
+    vi.stubEnv('FRONTEND_URL', 'https://example.com');
 
     // Setup default mock response for the AI service's extractCoreDataFromFlyerImage method.
     mockExtractCoreData.mockResolvedValue({
@@ -253,7 +253,8 @@ describe('Gamification Flow Integration Test', () => {
       // 8. Assert that the URLs are fully qualified.
       expect(savedFlyer.image_url).to.equal(newFlyer.image_url);
       expect(savedFlyer.icon_url).to.equal(newFlyer.icon_url);
-      expect(newFlyer.image_url).toContain('http://localhost:3001/flyer-images/');
+      const expectedBaseUrl = getTestBaseUrl();
+      expect(newFlyer.image_url).toContain(`${expectedBaseUrl}/flyer-images/`);
     });
   });
 });

src/tests/integration/price.integration.test.ts

@@ -3,6 +3,7 @@ import { describe, it, expect, beforeAll, afterAll } from 'vitest';
 import supertest from 'supertest';
 import app from '../../../server';
 import { getPool } from '../../services/db/connection.db';
+import { TEST_EXAMPLE_DOMAIN } from '../utils/testHelpers';
 
 /**
  * @vitest-environment node
@@ -35,21 +36,21 @@ describe('Price History API Integration Test (/api/price-history)', () => {
     // 3. Create two flyers with different dates
     const flyerRes1 = await pool.query(
       `INSERT INTO public.flyers (store_id, file_name, image_url, icon_url, item_count, checksum, valid_from) 
-       VALUES ($1, 'price-test-1.jpg', 'https://example.com/flyer-images/price-test-1.jpg', 'https://example.com/flyer-images/icons/price-test-1.jpg', 1, $2, '2025-01-01') RETURNING flyer_id`,
+       VALUES ($1, 'price-test-1.jpg', '${TEST_EXAMPLE_DOMAIN}/flyer-images/price-test-1.jpg', '${TEST_EXAMPLE_DOMAIN}/flyer-images/icons/price-test-1.jpg', 1, $2, '2025-01-01') RETURNING flyer_id`,
       [storeId, `${Date.now().toString(16)}1`.padEnd(64, '0')],
     );
     flyerId1 = flyerRes1.rows[0].flyer_id;
 
     const flyerRes2 = await pool.query(
       `INSERT INTO public.flyers (store_id, file_name, image_url, icon_url, item_count, checksum, valid_from) 
-       VALUES ($1, 'price-test-2.jpg', 'https://example.com/flyer-images/price-test-2.jpg', 'https://example.com/flyer-images/icons/price-test-2.jpg', 1, $2, '2025-01-08') RETURNING flyer_id`,
+       VALUES ($1, 'price-test-2.jpg', '${TEST_EXAMPLE_DOMAIN}/flyer-images/price-test-2.jpg', '${TEST_EXAMPLE_DOMAIN}/flyer-images/icons/price-test-2.jpg', 1, $2, '2025-01-08') RETURNING flyer_id`,
       [storeId, `${Date.now().toString(16)}2`.padEnd(64, '0')],
     );
     flyerId2 = flyerRes2.rows[0].flyer_id; // This was a duplicate, fixed.
 
     const flyerRes3 = await pool.query(
       `INSERT INTO public.flyers (store_id, file_name, image_url, icon_url, item_count, checksum, valid_from) 
-       VALUES ($1, 'price-test-3.jpg', 'https://example.com/flyer-images/price-test-3.jpg', 'https://example.com/flyer-images/icons/price-test-3.jpg', 1, $2, '2025-01-15') RETURNING flyer_id`,
+       VALUES ($1, 'price-test-3.jpg', '${TEST_EXAMPLE_DOMAIN}/flyer-images/price-test-3.jpg', '${TEST_EXAMPLE_DOMAIN}/flyer-images/icons/price-test-3.jpg', 1, $2, '2025-01-15') RETURNING flyer_id`,
       [storeId, `${Date.now().toString(16)}3`.padEnd(64, '0')],
     );
     flyerId3 = flyerRes3.rows[0].flyer_id;
@@ -93,7 +94,7 @@ describe('Price History API Integration Test (/api/price-history)', () => {
   });
 
   it('should return the correct price history for a given master item ID', async () => {
-    const response = await request.post('/api/price-history').send({ masterItemIds: [masterItemId] });
+    const response = await request.post('/api/price-history').set('Authorization', 'Bearer ${token}').send({ masterItemIds: [masterItemId] });
 
     expect(response.status).toBe(200);
     expect(response.body).toBeInstanceOf(Array);
@@ -107,6 +108,7 @@ describe('Price History API Integration Test (/api/price-history)', () => {
   it('should respect the limit parameter', async () => {
     const response = await request
       .post('/api/price-history')
+      .set('Authorization', 'Bearer ${token}')
       .send({ masterItemIds: [masterItemId], limit: 2 });
 
     expect(response.status).toBe(200);
@@ -118,6 +120,7 @@ describe('Price History API Integration Test (/api/price-history)', () => {
   it('should respect the offset parameter', async () => {
     const response = await request
       .post('/api/price-history')
+      .set('Authorization', 'Bearer ${token}')
       .send({ masterItemIds: [masterItemId], limit: 2, offset: 1 });
 
     expect(response.status).toBe(200);
@@ -127,7 +130,7 @@ describe('Price History API Integration Test (/api/price-history)', () => {
   });
 
   it('should return price history sorted by date in ascending order', async () => {
-    const response = await request.post('/api/price-history').send({ masterItemIds: [masterItemId] });
+    const response = await request.post('/api/price-history').set('Authorization', 'Bearer ${token}').send({ masterItemIds: [masterItemId] });
 
     expect(response.status).toBe(200);
     const history = response.body;
@@ -142,7 +145,7 @@ describe('Price History API Integration Test (/api/price-history)', () => {
   });
 
   it('should return an empty array for a master item ID with no price history', async () => {
-    const response = await request.post('/api/price-history').send({ masterItemIds: [999999] });
+    const response = await request.post('/api/price-history').set('Authorization', 'Bearer ${token}').send({ masterItemIds: [999999] });
     expect(response.status).toBe(200);
     expect(response.body).toEqual([]);
   });

src/tests/integration/public.routes.integration.test.ts

@@ -14,7 +14,7 @@ import type {
 import { getPool } from '../../services/db/connection.db';
 import { cleanupDb } from '../utils/cleanup';
 import { poll } from '../utils/poll';
-import { createAndLoginUser } from '../utils/testHelpers';
+import { createAndLoginUser, TEST_EXAMPLE_DOMAIN } from '../utils/testHelpers';
 
 /**
  * @vitest-environment node
@@ -64,7 +64,7 @@ describe('Public API Routes Integration Tests', () => {
     testStoreId = storeRes.rows[0].store_id;
     const flyerRes = await pool.query(
       `INSERT INTO public.flyers (store_id, file_name, image_url, icon_url, item_count, checksum) 
-       VALUES ($1, 'public-routes-test.jpg', 'https://example.com/flyer-images/public-routes-test.jpg', 'https://example.com/flyer-images/icons/public-routes-test.jpg', 1, $2) RETURNING *`,
+       VALUES ($1, 'public-routes-test.jpg', '${TEST_EXAMPLE_DOMAIN}/flyer-images/public-routes-test.jpg', '${TEST_EXAMPLE_DOMAIN}/flyer-images/icons/public-routes-test.jpg', 1, $2) RETURNING *`,
       [testStoreId, `${Date.now().toString(16)}`.padEnd(64, '0')],
     );
     testFlyer = flyerRes.rows[0];

src/tests/utils/mockFactories.ts

@@ -178,7 +178,7 @@ export const createMockFlyer = (
     store_id: overrides.store_id ?? overrides.store?.store_id,
   });
 
-  const baseUrl = 'http://localhost:3001'; // A reasonable default for tests
+  const baseUrl = 'https://example.com'; // A reasonable default for tests
 
   // Determine the final file_name to generate dependent properties from.
   const fileName = overrides.file_name ?? `flyer-${flyerId}.jpg`;

src/tests/utils/testHelpers.ts

@@ -5,6 +5,12 @@ import type { UserProfile } from '../../types';
 import supertest from 'supertest';
 
 export const TEST_PASSWORD = 'a-much-stronger-password-for-testing-!@#$';
+export const TEST_EXAMPLE_DOMAIN = 'https://example.com';
+
+export const getTestBaseUrl = (): string => {
+  const url = process.env.FRONTEND_URL || `https://example.com`;
+  return url.endsWith('/') ? url.slice(0, -1) : url;
+};
 
 interface CreateUserOptions {
   email?: string;

src/utils/serverUtils.test.ts

@@ -56,29 +56,21 @@ describe('serverUtils', () => {
       expect(mockLogger.warn).not.toHaveBeenCalled();
     });
 
-    it('should fall back to localhost with default port 3000 if no URL is provided', () => {
+    it('should fall back to example.com with default port 3000 if no URL is provided', () => {
       delete process.env.FRONTEND_URL;
       delete process.env.BASE_URL;
       delete process.env.PORT;
       const baseUrl = getBaseUrl(mockLogger);
-      expect(baseUrl).toBe('http://localhost:3000');
+      expect(baseUrl).toBe('https://example.com:3000');
       expect(mockLogger.warn).not.toHaveBeenCalled();
     });
 
-    it('should fall back to localhost with the specified PORT if no URL is provided', () => {
-      delete process.env.FRONTEND_URL;
-      delete process.env.BASE_URL;
-      process.env.PORT = '8888';
-      const baseUrl = getBaseUrl(mockLogger);
-      expect(baseUrl).toBe('http://localhost:8888');
-    });
-
     it('should log a warning and fall back if FRONTEND_URL is invalid (does not start with http)', () => {
       process.env.FRONTEND_URL = 'invalid.url.com';
       const baseUrl = getBaseUrl(mockLogger);
-      expect(baseUrl).toBe('http://localhost:3000');
+      expect(baseUrl).toBe('https://example.com:3000');
       expect(mockLogger.warn).toHaveBeenCalledWith(
-        "[getBaseUrl] FRONTEND_URL/BASE_URL is invalid or incomplete ('invalid.url.com'). Falling back to default local URL: http://localhost:3000",
+        "[getBaseUrl] FRONTEND_URL/BASE_URL is invalid or incomplete ('invalid.url.com'). Falling back to default local URL: https://example.com:3000",
       );
     });
   });

src/utils/serverUtils.ts

@@ -14,7 +14,7 @@ export function getBaseUrl(logger: Logger): string {
   let baseUrl = (process.env.FRONTEND_URL || process.env.BASE_URL || '').trim();
   if (!baseUrl || !baseUrl.startsWith('http')) {
     const port = process.env.PORT || 3000;
-    const fallbackUrl = `http://localhost:${port}`;
+    const fallbackUrl = `https://example.com:${port}`;
     if (baseUrl) {
       logger.warn(
         `[getBaseUrl] FRONTEND_URL/BASE_URL is invalid or incomplete ('${baseUrl}'). Falling back to default local URL: ${fallbackUrl}`,

vitest.config.integration.ts

@@ -47,7 +47,7 @@ const finalConfig = mergeConfig(
       // Fix: Set environment variables to ensure generated URLs pass validation
       env: {
         NODE_ENV: 'test',
-        BASE_URL: 'http://example.com', // Use a standard domain to pass strict URL validation
+        BASE_URL: 'https://example.com', // Use a standard domain to pass strict URL validation
         PORT: '3000',
       },
       // This setup script starts the backend server before tests run.