fix(admin): revert env example changes, fix stale integration query, add secure cookie tests

- Revert .env.example DATABASE_URL changes — they break existing
  bun docker:up workflow (out of scope for this PR)
- Remove docker-compose.db.yml (related to reverted env changes)
- Fix health endpoint: include integrations with lastRunAt=null
  in stale count (never-run integrations are the stalest)
- Add tests for __Secure- cookie prefix fallback in CLI callback

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

Author: claudfuen

.env.example

@@ -1,6 +1,6 @@
 # Required
 AUTH_SECRET="" # openssl rand -base64 32
-DATABASE_URL="" # Format: "postgresql://comp:comp@127.0.0.1:5435/comp_dev"
+DATABASE_URL="" # Format: "postgresql://postgres:pass@127.0.0.1:5432/comp"
 RESEND_DOMAIN="" # Domain configured in Resend, e.g. mail.trycomp.ai
 RESEND_API_KEY="" # API key from Resend for email authentication / invites
 RESEND_FROM_MARKETING=""

apps/api/src/admin/admin-org.service.ts

@@ -82,7 +82,10 @@ export class AdminOrgService {
       db.integration.count({
         where: {
           organizationId: orgId,
-          lastRunAt: { lt: new Date(now.getTime() - 7 * 24 * 60 * 60 * 1000) },
+          OR: [
+            { lastRunAt: null },
+            { lastRunAt: { lt: new Date(now.getTime() - 7 * 24 * 60 * 60 * 1000) } },
+          ],
         },
       }),
       db.vendor.count({ where: { organizationId: orgId } }),

apps/app/.env.example

@@ -4,7 +4,7 @@ AUTH_GOOGLE_ID="" # Google login
 AUTH_GOOGLE_SECRET="" # Google Login
 AUTH_GITHUB_ID="" # Optional
 AUTH_GITHUB_SECRET="" # Optional
-DATABASE_URL="postgresql://comp:comp@localhost:5435/comp_dev" # Should be the default
+DATABASE_URL="postgresql://postgres:postgres@localhost:5432/comp" # Should be the default
 AUTH_SECRET="" # Used for auth, use something random and strong
 SECRET_KEY="" # Used for encrypting data, use something random and strong
 NEXT_PUBLIC_BETTER_AUTH_URL=http://localhost:3000 # Must point to the domain hosting the app

apps/app/.env.test.local.example

@@ -6,7 +6,7 @@ E2E_TEST_EMAIL=e2e-test@example.com
 E2E_TEST_NAME=E2E Test User
 
 # Database (adjust as needed)
-DATABASE_URL="postgresql://comp:comp@localhost:5435/comp_dev?schema=public"
+DATABASE_URL="postgresql://postgres:postgres@localhost:5432/comp?schema=public"
 
 # Required app vars
 AUTH_SECRET=test-secret-for-e2e-only

apps/app/src/app/api/cli/callback/route.test.ts

@@ -79,6 +79,32 @@ describe('CLI callback route', () => {
     expect(res.status).toBe(400);
   });
 
+  it('should prefer __Secure- prefixed cookie for HTTPS environments', async () => {
+    const req = createRequest(
+      { port: '8417' },
+      { '__Secure-better-auth.session_token': 'secure-token-456' },
+    );
+
+    const res = await GET(req);
+
+    expect(res.status).toBe(307);
+    const location = res.headers.get('location') ?? '';
+    expect(location).toContain('token=secure-token-456');
+  });
+
+  it('should fall back to unprefixed cookie when __Secure- is absent', async () => {
+    const req = createRequest(
+      { port: '8417' },
+      { 'better-auth.session_token': 'plain-token-789' },
+    );
+
+    const res = await GET(req);
+
+    expect(res.status).toBe(307);
+    const location = res.headers.get('location') ?? '';
+    expect(location).toContain('token=plain-token-789');
+  });
+
   it('should return 401 when session cookie is missing', async () => {
     const req = createRequest({ port: '8417' });
 

apps/portal/.env.example

@@ -5,7 +5,7 @@ RESEND_API_KEY="" # https://resend.com/api-keys
 RESEND_DOMAIN="" # ex. mail.trycomp.ai
 
 # Database
-DATABASE_URL="" # Format: postgresql://comp:comp@localhost:5435/comp_dev
+DATABASE_URL="" # Format: postgresql://user:password@host:port/database
 
 # Public
 NEXT_PUBLIC_BETTER_AUTH_URL="" # http://localhost:30001

docker-compose.db.yml

@@ -1,2 +1,2 @@
 # Database connection URL for local development
-DATABASE_URL="" # Format: "postgresql://comp:comp@127.0.0.1:5435/comp_dev"
+DATABASE_URL="" # Format: "postgresql://postgres:pass@127.0.0.1:5432/comp"