Upgrade Elixir and dependencies

.env.production.example

@@ -0,0 +1,45 @@
+# Cambiatus Backend Production Environment Variables
+# Copy this file to your production server and set the appropriate values
+
+# Basic Phoenix configuration
+NODE_ENV=production
+MIX_ENV=prod
+PHX_SERVER=true
+PORT=4000
+PHX_HOST=your-domain.com
+
+# Database configuration
+DATABASE_URL=ecto://username:password@hostname:5432/database_name
+POOL_SIZE=10
+ECTO_IPV6=false
+
+# Phoenix secret (generate with: mix phx.gen.secret)
+SECRET_KEY_BASE=your_very_long_secret_key_base_here
+
+# EOS/Blockchain configuration
+EOSIO_WALLET_NAME=default
+BESPIRAL_WALLET_PASSWORD=your_wallet_password
+BESPIRAL_ACCOUNT=your_eos_account
+BESPIRAL_CONTRACT=your_contract_name
+BESPIRAL_AUTO_INVITE_CMM=your_cmm_value
+EOSIO_WALLET_URL=http://localhost:8888
+EOSIO_URL=http://localhost:8888
+EOSIO_SYMBOL=EOS
+
+# Authentication secrets
+GRAPHQL_SECRET=your_graphql_secret
+USER_SALT=your_user_salt
+EMAIL_SALT=your_email_salt
+INVITATION_SALT=your_invitation_salt
+
+# AWS SES configuration for email
+AWS_SES_REGION=us-east-1
+AWS_SES_ACCESS_KEY=your_aws_access_key
+AWS_SES_SECRET_ACCESS_KEY=your_aws_secret_access_key
+
+# Sentry error tracking (optional)
+SENTRY_DSN=https://your-sentry-dsn@sentry.io/project-id
+
+# Push notifications (optional)
+PUSH_PUBLIC_KEY=your_push_public_key
+PUSH_PRIVATE_KEY=your_push_private_key

.github/workflows/test.yml

@@ -2,25 +2,27 @@ name: Elixir CI
 
 on:
   push:
-    branches: [ master ]
+    branches: [master]
   pull_request:
-    branches: [ master ]
+    branches: [master]
 
 jobs:
   test:
     name: Build and test
     runs-on: ubuntu-22.04
     strategy:
       matrix:
-        otp: ['24.2']
-        elixir: ['1.14.2']
+        otp: ["28.0.0"]
+        elixir: ["1.18.4"]
 
     services:
       db:
-        image: postgres
-        ports: ['5432:5432']
+        image: postgres:latest
+        ports: ["5432:5432"]
         env:
+          POSTGRES_USER: postgres
           POSTGRES_PASSWORD: postgres
+          POSTGRES_DB: cambiatus_test
         options: >-
           --health-cmd pg_isready
           --health-interval 10s
@@ -31,13 +33,12 @@ jobs:
       - uses: actions/checkout@v2
       - uses: erlef/setup-beam@v1
         with:
-          otp-version: '24.2'
-          elixir-version: '1.14.2'
+          otp-version: "28.0.0"
+          elixir-version: "1.18.4"
 
       - run: sudo apt -y install exiftool
       - run: mix deps.get
-      - run: mix format --check-formatted    
+      - run: mix format --check-formatted
       - run: mix do format --check-formatted, credo --strict --only warning
-      - run: mix sobelow --config 
+      - run: mix sobelow --config
       - run: mix test
-

.tool-versions

@@ -1 +1,2 @@
-elixir 1.14.2
+elixir 1.18.4-otp-28
+erlang 28.0.1

CLAUDE.md

@@ -0,0 +1,175 @@
+# CLAUDE.md
+
+This file provides guidance to Claude Code (claude.ai/code) when working with code in this repository.
+
+## Project Overview
+
+Cambiatus is an Elixir/Phoenix backend application that serves as a GraphQL API for a regeneration economy platform. It syncs data from an EOS blockchain to a PostgreSQL database, providing a queryable interface for user accounts, communities, objectives, shop functionality, payments, and more.
+
+**Key Links:**
+- [Architecture & Data Flow](/.github/deep-dive.md)
+- [Contributing Guidelines](./.github/contributing.md)
+- [Setup Instructions](./.github/setup.md)
+
+## Technology Stack
+
+- **Language:** Elixir (~> 1.18)
+- **Framework:** Phoenix 1.7.0
+- **API:** GraphQL via Absinthe 1.7
+- **Database:** PostgreSQL via Ecto 3.12
+- **Job Queue:** Oban 2.18 (background jobs)
+- **Blockchain:** EOS (via eosrpc 0.6.2)
+- **File Storage:** AWS S3 (via ex_aws_s3)
+- **Email:** Swoosh 1.19
+- **Push Notifications:** Web Push Encryption 0.3.1
+
+## Project Structure
+
+The application is organized into logical domains under `lib/cambiatus/`:
+
+- **accounts/** - User account management
+- **auth/** - Authentication (sign up, sign in, sessions, invitations)
+- **commune/** - Community/network management, transfers, roles
+- **objectives/** - Objectives, actions, claims, rewards, validators
+- **social/** - News feed and social features
+- **shop/** - Products, orders, categories
+- **payments/** - Contributions and payment callbacks
+- **kyc/** - Know-Your-Customer data (addresses, cities, countries)
+- **notifications/** - Push notifications and notification history
+- **workers/** - Oban background job workers
+- **eos.ex** - EOS blockchain integration
+
+The Phoenix web layer is under `lib/cambiatus_web/`:
+
+- **schema/** - GraphQL type definitions (split by domain: account_types, commune_types, etc.)
+- **resolvers/** - GraphQL field resolvers (one per domain)
+- **controllers/** - HTTP endpoint handlers (email, rich links, etc.)
+- **plugs/** - HTTP middleware
+- **channels/** - WebSocket channels for subscriptions
+
+Each domain module exports a `data()` function that provides Dataloader configuration for efficient GraphQL batch loading.
+
+## Essential Commands
+
+### Development
+
+```bash
+# Install dependencies
+mix deps.get
+
+# Set up database (create, migrate, seed)
+mix ecto.setup
+
+# Run development server
+mix phx.server
+# Server runs on http://localhost:4000
+
+# Run single test file
+mix test test/path/to/test.exs
+
+# Run specific test
+mix test test/path/to/test.exs:12
+```
+
+### Code Quality & Formatting
+
+```bash
+# Format code
+mix format
+
+# Check formatting (used in CI)
+mix format --check-formatted
+
+# Run static analysis (linter)
+mix credo
+
+# Run security checks
+mix sobelow --config
+
+# Run comprehensive checks (all of the above)
+mix check
+```
+
+### Database
+
+```bash
+# Create database
+mix ecto.create
+
+# Run migrations
+mix ecto.migrate
+
+# Rollback last migration
+mix ecto.rollback
+
+# Reset database (drop, create, migrate, seed)
+mix ecto.reset
+```
+
+### Testing
+
+```bash
+# Run all tests (uses test alias which handles DB reset and migrations)
+mix test
+
+# Run tests with verbose output
+mix test --verbose
+
+# Run tests matching a pattern
+mix test --include tag_name
+```
+
+## Key Architectural Patterns
+
+### GraphQL API Design
+
+- **Absinthe + Relay:** The schema uses Absinthe with Relay cursor-based pagination
+- **Type Files:** GraphQL types are defined separately (e.g., `CommuneTypes`, `AccountTypes`) and imported into the main schema
+- **Dataloader:** All domains provide a `Dataloader` source for N+1 query prevention. Check `lib/cambiatus_web/schema.ex` for how loaders are wired
+
+### Authentication
+
+- Request authentication is handled via middleware in `lib/cambiatus_web/schema/middleware/` (authenticate.ex, admin_authenticate.ex, email_special_authenticate.ex)
+- Tokens are stored and managed in `lib/cambiatus_web/auth_token.ex`
+
+### Background Jobs
+
+- Uses Oban for background job processing
+- Workers are defined in `lib/cambiatus/workers/` and scheduled through Oban configuration
+- Common workers: email notifications (claim_email, transfer_email, digest), contributions (paypal), scheduled news
+
+### Blockchain Integration
+
+- EOS blockchain calls are centralized in `lib/cambiatus/eos.ex`
+- Database changes trigger blockchain writes; blockchain events trigger database updates via `DbListener`
+
+### Database Migrations
+
+- Migrations are in `priv/repo/migrations/`
+- Seed data is in `priv/repo/seeds.exs` (countries are in `priv/repo/country_seeds.exs`)
+
+## Code Quality Standards
+
+- Code is checked with **Credo** (linter) and **Sobelow** (security scanner)
+- All code must pass `mix format --check-formatted` before being merged
+- PR process requires review from at least one maintainer and one tester
+
+## Testing Conventions
+
+- Test files mirror source structure (e.g., `test/cambiatus/accounts/user_test.exs` for `lib/cambiatus/accounts/user.ex`)
+- Uses `ex_machina` for factory fixtures and `Faker` for generating test data
+- `mox` is used for mocking external dependencies
+- Database state is reset before each test run (via the test alias)
+
+## Important Notes
+
+- **Database credentials:** Changes to database user/password in `config/dev.exs` and `config/test.exs` must not be committed
+- **Environment variables:** Use `config/runtime.exs` for runtime configuration that comes from environment variables
+- **External dependencies:** ImageMagick and Exiftool must be installed for image upload functionality
+- **Oban:** The job queue needs proper Oban configuration in the supervision tree (see `lib/cambiatus/application.ex`)
+
+## Deployment
+
+- Releases are defined in `mix.exs` (dev, demo, cambiatus)
+- See `DEPLOYMENT.md` for deployment-specific information
+- Production uses NGINX for reverse proxy and crawler detection for Open Graph rich links