Merge branch 'main' into 1237-schema-docs

Author: kriswest

eslint.config.mjs

@@ -7,7 +7,6 @@ import js from '@eslint/js';
 import ts from 'typescript-eslint';
 import react from 'eslint-plugin-react';
 import json from '@eslint/json';
-// @ts-expect-error
 import cypress from 'eslint-plugin-cypress';
 import prettierConfig from 'eslint-config-prettier/flat';
 

package-lock.json

@@ -3,7 +3,8 @@
   "version": "2.0.0-rc.3",
   "description": "Deploy custom push protections and policies on top of Git.",
   "scripts": {
-    "cli": "node ./packages/git-proxy-cli/index.js",
+    "cli": "tsx ./packages/git-proxy-cli/index.ts",
+    "cli:js": "node ./packages/git-proxy-cli/dist/index.js",
     "client": "vite --config vite.config.ts",
     "clientinstall": "npm install --prefix client",
     "server": "tsx index.ts",
@@ -44,7 +45,7 @@
   "dependencies": {
     "@material-ui/core": "^4.12.4",
     "@material-ui/icons": "4.11.3",
-    "@primer/octicons-react": "^19.18.0",
+    "@primer/octicons-react": "^19.19.0",
     "@seald-io/nedb": "^4.1.2",
     "axios": "^1.12.2",
     "bcryptjs": "^3.0.2",
@@ -59,7 +60,7 @@
     "express-rate-limit": "^8.1.0",
     "express-session": "^1.18.2",
     "history": "5.3.0",
-    "isomorphic-git": "^1.33.1",
+    "isomorphic-git": "^1.34.0",
     "jsonwebtoken": "^9.0.2",
     "jwk-to-pem": "^2.0.7",
     "load-plugin": "^6.0.3",
@@ -68,7 +69,7 @@
     "moment": "^2.30.1",
     "mongodb": "^5.9.2",
     "nodemailer": "^6.10.1",
-    "openid-client": "^6.8.0",
+    "openid-client": "^6.8.1",
     "parse-diff": "^0.11.1",
     "passport": "^0.7.0",
     "passport-activedirectory": "^1.4.0",
@@ -90,14 +91,14 @@
     "@commitlint/cli": "^19.8.1",
     "@commitlint/config-conventional": "^19.8.1",
     "@eslint/compat": "^1.4.0",
-    "@eslint/js": "^9.36.0",
+    "@eslint/js": "^9.37.0",
     "@eslint/json": "^0.13.2",
     "@types/domutils": "^1.7.8",
     "@types/express": "^5.0.3",
     "@types/express-http-proxy": "^1.6.7",
     "@types/lodash": "^4.17.20",
     "@types/mocha": "^10.0.10",
-    "@types/node": "^22.18.6",
+    "@types/node": "^22.18.8",
     "@types/react-dom": "^17.0.26",
     "@types/react-html-parser": "^2.0.7",
     "@types/validator": "^13.15.3",
@@ -106,15 +107,15 @@
     "@vitejs/plugin-react": "^4.7.0",
     "chai": "^4.5.0",
     "chai-http": "^4.4.0",
-    "cypress": "^15.3.0",
-    "eslint": "^9.36.0",
+    "cypress": "^15.4.0",
+    "eslint": "^9.37.0",
     "eslint-config-prettier": "^10.1.8",
-    "eslint-plugin-cypress": "^5.1.1",
+    "eslint-plugin-cypress": "^5.2.0",
     "eslint-plugin-react": "^7.37.5",
     "fast-check": "^4.3.0",
     "globals": "^16.4.0",
     "husky": "^9.1.7",
-    "lint-staged": "^16.2.0",
+    "lint-staged": "^16.2.3",
     "mocha": "^10.8.2",
     "nyc": "^17.1.0",
     "prettier": "^3.6.2",
@@ -124,9 +125,9 @@
     "sinon-chai": "^3.7.0",
     "ts-mocha": "^11.1.0",
     "ts-node": "^10.9.2",
-    "tsx": "^4.20.5",
-    "typescript": "^5.9.2",
-    "typescript-eslint": "^8.44.1",
+    "tsx": "^4.20.6",
+    "typescript": "^5.9.3",
+    "typescript-eslint": "^8.46.0",
     "vite": "^4.5.14",
     "vite-tsconfig-paths": "^5.1.4"
   },

package.json

@@ -1,9 +1,12 @@
 #!/usr/bin/env node
-const axios = require('axios');
-const yargs = require('yargs/yargs');
-const { hideBin } = require('yargs/helpers');
-const fs = require('fs');
-const util = require('util');
+import axios from 'axios';
+import yargs from 'yargs/yargs';
+import { hideBin } from 'yargs/helpers';
+import fs from 'fs';
+import util from 'util';
+
+import { CommitData, PushData } from '@finos/git-proxy/src/types/models';
+import { PushQuery } from '@finos/git-proxy/src/db/types';
 
 const GIT_PROXY_COOKIE_FILE = 'git-proxy-cookie';
 // GitProxy UI HOST and PORT (configurable via environment variable)
@@ -19,7 +22,7 @@ axios.defaults.timeout = 30000;
  * @param {string} username The user name to login with
  * @param {string} password The password to use for the login
  */
-async function login(username, password) {
+async function login(username: string, password: string) {
   try {
     let response = await axios.post(
       `${baseUrl}/api/auth/login`,
@@ -44,7 +47,7 @@ async function login(username, password) {
     const user = `"${response.data.username}" <${response.data.email}>`;
     const isAdmin = response.data.admin ? ' (admin)' : '';
     console.log(`Login ${user}${isAdmin}: OK`);
-  } catch (error) {
+  } catch (error: any) {
     if (error.response) {
       console.error(`Error: Login '${username}': '${error.response.status}'`);
       process.exitCode = 1;
@@ -61,7 +64,7 @@ async function login(username, password) {
  * the push is allowed, authorised, blocked, canceled, encountered an error,
  * or was rejected.
  *
- * @param {Object} filters - An object containing filter criteria for Git
+ * @param {Partial<PushQuery>} filters - An object containing filter criteria for Git
  *          pushes.
  * @param {boolean} filters.allowPush - If not null, filters for pushes with
  *          given attribute and status.
@@ -76,7 +79,7 @@ async function login(username, password) {
  * @param {boolean} filters.rejected - If not null, filters for pushes with
  *          given attribute and status.
  */
-async function getGitPushes(filters) {
+async function getGitPushes(filters: Partial<PushQuery>) {
   if (!fs.existsSync(GIT_PROXY_COOKIE_FILE)) {
     console.error('Error: List: Authentication required');
     process.exitCode = 1;
@@ -91,40 +94,64 @@ async function getGitPushes(filters) {
       params: filters,
     });
 
-    const records = [];
-    response.data?.forEach((push) => {
-      const record = {};
-      record.id = push.id;
-      record.timestamp = push.timestamp;
-      record.url = push.url;
-      record.allowPush = push.allowPush;
-      record.authorised = push.authorised;
-      record.blocked = push.blocked;
-      record.canceled = push.canceled;
-      record.error = push.error;
-      record.rejected = push.rejected;
-
-      record.lastStep = {
-        stepName: push.lastStep?.stepName,
-        error: push.lastStep?.error,
-        errorMessage: push.lastStep?.errorMessage,
-        blocked: push.lastStep?.blocked,
-        blockedMessage: push.lastStep?.blockedMessage,
+    const records: PushData[] = [];
+    response.data.forEach((push: PushData) => {
+      const record: PushData = {
+        id: push.id,
+        repo: push.repo,
+        branch: push.branch,
+        commitFrom: push.commitFrom,
+        commitTo: push.commitTo,
+        commitData: push.commitData,
+        diff: push.diff,
+        error: push.error,
+        canceled: push.canceled,
+        rejected: push.rejected,
+        blocked: push.blocked,
+        authorised: push.authorised,
+        attestation: push.attestation,
+        autoApproved: push.autoApproved,
+        timestamp: push.timestamp,
+        url: push.url,
+        allowPush: push.allowPush,
       };
 
-      record.commitData = [];
-      push.commitData?.forEach((pushCommitDataRecord) => {
-        record.commitData.push({
-          message: pushCommitDataRecord.message,
-          committer: pushCommitDataRecord.committer,
+      if (push.lastStep) {
+        record.lastStep = {
+          id: push.lastStep?.id,
+          content: push.lastStep?.content,
+          logs: push.lastStep?.logs,
+          stepName: push.lastStep?.stepName,
+          error: push.lastStep?.error,
+          errorMessage: push.lastStep?.errorMessage,
+          blocked: push.lastStep?.blocked,
+          blockedMessage: push.lastStep?.blockedMessage,
+        };
+      }
+
+      if (push.commitData) {
+        const commitData: CommitData[] = [];
+        push.commitData.forEach((pushCommitDataRecord: CommitData) => {
+          commitData.push({
+            message: pushCommitDataRecord.message,
+            committer: pushCommitDataRecord.committer,
+            committerEmail: pushCommitDataRecord.committerEmail,
+            author: pushCommitDataRecord.author,
+            authorEmail: pushCommitDataRecord.authorEmail,
+            commitTimestamp: pushCommitDataRecord.commitTimestamp,
+            tree: pushCommitDataRecord.tree,
+            parent: pushCommitDataRecord.parent,
+            commitTs: pushCommitDataRecord.commitTs,
+          });
         });
-      });
+        record.commitData = commitData;
+      }
 
       records.push(record);
     });
 
     console.log(`${util.inspect(records, false, null, false)}`);
-  } catch (error) {
+  } catch (error: any) {
     // default error
     const errorMessage = `Error: List: '${error.message}'`;
     process.exitCode = 2;
@@ -136,7 +163,7 @@ async function getGitPushes(filters) {
  * Authorise git push by ID
  * @param {string} id The ID of the git push to authorise
  */
-async function authoriseGitPush(id) {
+async function authoriseGitPush(id: string) {
   if (!fs.existsSync(GIT_PROXY_COOKIE_FILE)) {
     console.error('Error: Authorise: Authentication required');
     process.exitCode = 1;
@@ -168,16 +195,15 @@ async function authoriseGitPush(id) {
     );
 
     console.log(`Authorise: ID: '${id}': OK`);
-  } catch (error) {
+  } catch (error: any) {
     // default error
     let errorMessage = `Error: Authorise: '${error.message}'`;
     process.exitCode = 2;
 
     if (error.response) {
       switch (error.response.status) {
         case 401:
-          errorMessage =
-            'Error: Authorise: Authentication required (401): ' + error?.response?.data?.message;
+          errorMessage = 'Error: Authorise: Authentication required';
           process.exitCode = 3;
           break;
         case 404:
@@ -193,7 +219,7 @@ async function authoriseGitPush(id) {
  * Reject git push by ID
  * @param {string} id The ID of the git push to reject
  */
-async function rejectGitPush(id) {
+async function rejectGitPush(id: string) {
   if (!fs.existsSync(GIT_PROXY_COOKIE_FILE)) {
     console.error('Error: Reject: Authentication required');
     process.exitCode = 1;
@@ -216,16 +242,15 @@ async function rejectGitPush(id) {
     );
 
     console.log(`Reject: ID: '${id}': OK`);
-  } catch (error) {
+  } catch (error: any) {
     // default error
     let errorMessage = `Error: Reject: '${error.message}'`;
     process.exitCode = 2;
 
     if (error.response) {
       switch (error.response.status) {
         case 401:
-          errorMessage =
-            'Error: Reject: Authentication required (401): ' + error?.response?.data?.message;
+          errorMessage = 'Error: Reject: Authentication required';
           process.exitCode = 3;
           break;
         case 404:
@@ -241,7 +266,7 @@ async function rejectGitPush(id) {
  * Cancel git push by ID
  * @param {string} id The ID of the git push to cancel
  */
-async function cancelGitPush(id) {
+async function cancelGitPush(id: string) {
   if (!fs.existsSync(GIT_PROXY_COOKIE_FILE)) {
     console.error('Error: Cancel: Authentication required');
     process.exitCode = 1;
@@ -264,16 +289,15 @@ async function cancelGitPush(id) {
     );
 
     console.log(`Cancel: ID: '${id}': OK`);
-  } catch (error) {
+  } catch (error: any) {
     // default error
     let errorMessage = `Error: Cancel: '${error.message}'`;
     process.exitCode = 2;
 
     if (error.response) {
       switch (error.response.status) {
         case 401:
-          errorMessage =
-            'Error: Cancel: Authentication required (401): ' + error?.response?.data?.message;
+          errorMessage = 'Error: Cancel: Authentication required';
           process.exitCode = 3;
           break;
         case 404:
@@ -302,7 +326,7 @@ async function logout() {
           headers: { Cookie: cookies },
         },
       );
-    } catch (error) {
+    } catch (error: any) {
       console.log(`Warning: Logout: '${error.message}'`);
     }
   }
@@ -326,7 +350,7 @@ async function reloadConfig() {
     await axios.post(`${baseUrl}/api/v1/admin/reload-config`, {}, { headers: { Cookie: cookies } });
 
     console.log('Configuration reloaded successfully');
-  } catch (error) {
+  } catch (error: any) {
     const errorMessage = `Error: Reload config: '${error.message}'`;
     process.exitCode = 2;
     console.error(errorMessage);
@@ -341,7 +365,13 @@ async function reloadConfig() {
  * @param {string} gitAccount The git account for the new user
  * @param {boolean} [admin=false] Whether the user should be an admin (optional)
  */
-async function createUser(username, password, email, gitAccount, admin = false) {
+async function createUser(
+  username: string,
+  password: string,
+  email: string,
+  gitAccount: string,
+  admin: boolean = false,
+) {
   if (!fs.existsSync(GIT_PROXY_COOKIE_FILE)) {
     console.error('Error: Create User: Authentication required');
     process.exitCode = 1;
@@ -366,7 +396,7 @@ async function createUser(username, password, email, gitAccount, admin = false)
     );
 
     console.log(`User '${username}' created successfully`);
-  } catch (error) {
+  } catch (error: any) {
     let errorMessage = `Error: Create User: '${error.message}'`;
     process.exitCode = 2;
 
@@ -518,8 +548,10 @@ yargs(hideBin(process.argv)) // eslint-disable-line @typescript-eslint/no-unused
   })
   .command({
     command: 'reload-config',
-    description: 'Reload GitProxy configuration without restarting',
-    action: reloadConfig,
+    describe: 'Reload GitProxy configuration without restarting',
+    handler() {
+      reloadConfig();
+    },
   })
   .command({
     command: 'create-user',