Dev

[ashwin31]

Summary by CodeRabbit

• Documentation

  • Complete README overhaul with project overview, prerequisites, setup steps, and development workflows.

• Security

  • Enhanced cookie security with HTTPS enforcement and improved request path validation to prevent unauthorized access.

• Chores

  • Updated multiple backend dependencies to latest versions for improved stability and security.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Caution

Review failed

The pull request is closed.

Walkthrough

The PR transitions the project documentation from Django-CRM to BottleCRM, adds path-resolution validation to the organization context middleware to handle 404 cases, updates cookie security settings to enforce HTTPS, and refreshes multiple Python dependencies including removal of the Redis package in favor of a newer version.

Changes

Cohort / File(s)	Summary
Documentation README.md	Comprehensive rewrite: replaced legacy Django-CRM narrative with BottleCRM overview; updated badges, project structure, quick-start instructions, and tech stack details; introduced new sections for multi-tenancy, Docker setup, API documentation, and contribution guidelines
Middleware Enhancement backend/common/middleware/rls_context.py	Added exemption for /api/org/ path; implemented pre-validation logic to resolve request paths and gracefully bypass org-context checks on unresolved routes (Resolver404)
Security Configuration backend/crm/server_settings.py	Updated cookie domain from .bottlecrm.com to .bottlecrm.io; enabled SESSION_COOKIE_SECURE and CSRF_COOKIE_SECURE to enforce HTTPS
Dependency Updates backend/requirements.txt	Updated 10 packages to newer versions (e.g., sentry-sdk 2.19.2 → 2.46.0, whitenoise 6.8.2 → 6.11.0); removed Redis package; added phonenumbers, pytz, and requests packages

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~20 minutes

• Dependency compatibility: Verify that updated packages (particularly sentry-sdk and whitenoise with significant version jumps) are compatible with existing code
• Middleware logic: Confirm that path-resolution pre-validation correctly handles both resolved and unresolved routes without introducing unexpected 404 behavior
• Cookie security changes: Ensure that enforcing SESSION_COOKIE_SECURE and CSRF_COOKIE_SECURE does not inadvertently break local development or staging environments

Poem

🐰 From Django-CRM to BottleCRM's shine,
New paths are validated, security's fine,
Dependencies dance to a fresher tune,
Cookies are safe 'neath the HTTPS moon,
hops — the project evolves, stronger each day! 🚀

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch dev

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between fc05248 and 476724f.

📒 Files selected for processing (4)

• README.md (1 hunks)
• backend/common/middleware/rls_context.py (2 hunks)
• backend/crm/server_settings.py (1 hunks)
• backend/requirements.txt (1 hunks)

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}