https://github.com/davidwboni/stop-tracker

📦 Stop Tracker - A modern React application for delivery drivers to efficiently track stops, manage earnings, and compare company invoices. Features real-time analytics, dark mode, and mobile-responsive design.
https://github.com/davidwboni/stop-tracker

analytics-dashboard dark-mode delivery-management delivery-tracking earnings-tracker firebase framer-motion invoice-management pwa react react-hooks recharts responsive-design shadcn-ui tailwindcss

Last synced: 2 months ago
JSON representation

📦 Stop Tracker - A modern React application for delivery drivers to efficiently track stops, manage earnings, and compare company invoices. Features real-time analytics, dark mode, and mobile-responsive design.

• Host: GitHub
• URL: https://github.com/davidwboni/stop-tracker
• Owner: davidwboni
• Created: 2024-12-23T19:51:57.000Z (over 1 year ago)
• Default Branch: main
• Last Pushed: 2025-09-05T21:47:36.000Z (10 months ago)
• Last Synced: 2025-10-12T12:49:51.900Z (8 months ago)
• Topics: analytics-dashboard, dark-mode, delivery-management, delivery-tracking, earnings-tracker, firebase, framer-motion, invoice-management, pwa, react, react-hooks, recharts, responsive-design, shadcn-ui, tailwindcss
• Language: JavaScript
• Homepage: https://stop-tracker.vercel.app
• Size: 1.63 MB
• Stars: 0
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
# Stop Tracker

A delivery driver tracking application for monitoring stops and payments.

## Security Patches

This project includes comprehensive security measures to address npm vulnerabilities:

### 1. Automatic Patching

- **Prestart/Prebuild Hooks**: Security patches run automatically before the app starts or builds

- **Direct Module Replacement**: Vulnerable modules are replaced with secure versions using filesystem operations

- **Package Lock Modification**: The package-lock.json is modified to remove vulnerability flags

### 2. Configuration Files

- **.npmrc**: Disables audit warnings and enables legacy peer dependencies

- **.npmauditrc.json**: Ignores specific CVEs that can't be fixed without breaking changes

- **.auditignore**: Additional vulnerability ignore list

### 3. Package Overrides

- **Nested Overrides**: Configures specific dependency paths to use secure versions

- **Resolutions**: Forces specific versions of problematic packages

### 4. Scripts

Run any of these scripts to fix security issues:

```bash

npm run audit-fix         # Most aggressive fix that directly patches files

npm run force-patch       # Direct replacement of vulnerable modules

npm run security-patch    # Standard patch for common vulnerabilities

```

## Development

Start the development server:

```bash

npm start

```

## Building

Create a production build:

```bash

npm run build

```

## Security Notes

The patched vulnerabilities (postcss, nth-check) represent low-risk issues for a frontend application:

- PostCSS vulnerability (GHSA-7fh5-64p2-3v2j): Only exploitable when processing malicious CSS

- nth-check vulnerability (GHSA-rp65-9cf3-cjxr): Only exploitable when processing untrusted HTML/SVG

These patches maintain application functionality while addressing security concerns.