Skip to content

Merge latest develop branch into qa #1393

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
shitrerohit merged 19 commits into from
Aug 19, 2025
Merged

Merge latest develop branch into qa #1393

shitrerohit merged 19 commits into from
Aug 19, 2025

Conversation

@shitrerohit
Copy link
Contributor

@shitrerohit shitrerohit commented Aug 19, 2025

What?

Merge latest develop branch into qa

bhavanakarwade and others added 19 commits August 13, 2025 13:33
@bhavanakarwade @shitrerohit
fix: taking variable value from env
addfec5 
Signed-off-by: bhavanakarwade <bhavana.karwade@ayanworks.com>
@bhavanakarwade @shitrerohit
wip: implemented fetch session details api
804c0b9 
Signed-off-by: bhavanakarwade <bhavana.karwade@ayanworks.com>
@bhavanakarwade @shitrerohit
fix: added pnpm file
1a183c0 
Signed-off-by: bhavanakarwade <bhavana.karwade@ayanworks.com>
@bhavanakarwade @shitrerohit
wip: fetch session details
541f603 
Signed-off-by: bhavanakarwade <bhavana.karwade@ayanworks.com>
@bhavanakarwade @shitrerohit
wip: fetch session details
ecfac3d 
Signed-off-by: bhavanakarwade <bhavana.karwade@ayanworks.com>
@bhavanakarwade @shitrerohit
fix: encryption issues
ff8aef3 
Signed-off-by: bhavanakarwade <bhavana.karwade@ayanworks.com>
@shitrerohit
fix:Added realtion between session and account table
b136932 
Signed-off-by: shitrerohit <rohit.shitre@ayanworks.com>
@bhavanakarwade @shitrerohit
wip: update session
c4d66f2 
Signed-off-by: bhavanakarwade <bhavana.karwade@ayanworks.com>
@shitrerohit
fix: Flow modification in generate token using clientId and secrat API
1b4b699 
Signed-off-by: shitrerohit <rohit.shitre@ayanworks.com>
@bhavanakarwade @shitrerohit
feat: implemented destroy session functionality
ddbfb57 
Signed-off-by: bhavanakarwade <bhavana.karwade@ayanworks.com>
@shitrerohit
fix:worked on generate client token API related workflow
97d8f79 
Signed-off-by: shitrerohit <rohit.shitre@ayanworks.com>
@shitrerohit
account and session table related migration added
b19ec58 
Signed-off-by: shitrerohit <rohit.shitre@ayanworks.com>
@shitrerohit
fix:modification in session creation and account creation
48ab913 
Signed-off-by: shitrerohit <rohit.shitre@ayanworks.com>
@shitrerohit
fix:modified the client login credential mathod response
9751adc 
Signed-off-by: shitrerohit <rohit.shitre@ayanworks.com>
@shitrerohit
fix:update fetch owner org details query
c6b330b 
Signed-off-by: shitrerohit <rohit.shitre@ayanworks.com>
@shitrerohit
WIP:refresh token flow modification
084a268 
Signed-off-by: shitrerohit <rohit.shitre@ayanworks.com>
@bhavanakarwade @shitrerohit
fix: session id decoding issue
d0a6267 
Signed-off-by: bhavanakarwade <bhavana.karwade@ayanworks.com>
@shitrerohit
fix:store correct account details issue
d616a85 
Signed-off-by: shitrerohit <rohit.shitre@ayanworks.com>
@shitrerohit
Merge pull request #1320 from credebl/feat/database-strategy
fe5fbad 
feat: SSO changes for fetching, update and delete session
github-advanced-security[bot]
github-advanced-security bot found potential problems Aug 19, 2025
View reviewed changes
libs/prisma-service/prisma/seed.ts
const encryptedToken = CryptoJS.AES.encrypt(JSON.stringify(clientCredential), process.env.CRYPTO_PRIVATE_KEY).toString();
const command = `${process.cwd()}/${scriptPath} ${dbUrl}`;

const { stdout, stderr } = await execPromise(command);

Check warning

Code scanning / CodeQL

Shell command built from environment values Medium

This shell command depends on an uncontrolled
absolute path
Loading
.

Copilot Autofix

AI 6 months ago

To fix the problem, we should avoid constructing a shell command string and passing it to exec (or its promisified version). Instead, we should use execFile (or its promisified version), which allows us to pass the command and its arguments as separate parameters, avoiding shell interpretation of spaces or metacharacters. Specifically, we should:

  • Split the command into the script path and its arguments.
  • Use execFile (or a promisified version) to run the script, passing the script path as the command and the database URL as an argument.
  • Update the import to use execFile from child_process.
  • Promisify execFile instead of exec.
  • Update the call in importGeoLocationMasterData to use the new approach.

All changes are within libs/prisma-service/prisma/seed.ts.

Suggested changeset 1
libs/prisma-service/prisma/seed.ts

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/libs/prisma-service/prisma/seed.ts b/libs/prisma-service/prisma/seed.ts
--- a/libs/prisma-service/prisma/seed.ts
+++ b/libs/prisma-service/prisma/seed.ts
@@ -4,9 +4,9 @@
 import { PrismaClient } from '@prisma/client';
 import { CommonConstants } from '../../common/src/common.constant';
 import * as CryptoJS from 'crypto-js';
-import { exec } from 'child_process';
+import { execFile } from 'child_process';
 import * as util from 'util';
-const execPromise = util.promisify(exec);
+const execFilePromise = util.promisify(execFile);
 
 const prisma = new PrismaClient();
 const logger = new Logger('Init seed DB');
@@ -401,9 +400,9 @@
       throw new Error('Environment variables GEO_LOCATION_MASTER_DATA_IMPORT_SCRIPT or DATABASE_URL are not set.');
     }
 
-    const command = `${process.cwd()}/${scriptPath} ${dbUrl}`;
+    const absoluteScriptPath = `${process.cwd()}/${scriptPath}`;
 
-    const { stdout, stderr } = await execPromise(command);
+    const { stdout, stderr } = await execFilePromise(absoluteScriptPath, [dbUrl]);
 
     if (stdout) {
       logger.log(`Shell script output: ${stdout}`);
EOF
@@ -4,9 +4,9 @@
import { PrismaClient } from '@prisma/client';
import { CommonConstants } from '../../common/src/common.constant';
import * as CryptoJS from 'crypto-js';
import { exec } from 'child_process';
import { execFile } from 'child_process';
import * as util from 'util';
const execPromise = util.promisify(exec);
const execFilePromise = util.promisify(execFile);

const prisma = new PrismaClient();
const logger = new Logger('Init seed DB');
@@ -401,9 +400,9 @@
throw new Error('Environment variables GEO_LOCATION_MASTER_DATA_IMPORT_SCRIPT or DATABASE_URL are not set.');
}

const command = `${process.cwd()}/${scriptPath} ${dbUrl}`;
const absoluteScriptPath = `${process.cwd()}/${scriptPath}`;

const { stdout, stderr } = await execPromise(command);
const { stdout, stderr } = await execFilePromise(absoluteScriptPath, [dbUrl]);

if (stdout) {
logger.log(`Shell script output: ${stdout}`);
Copilot is powered by AI and may make mistakes. Always verify output.
libs/prisma-service/prisma/seed.ts
async function main(): Promise<void> {
const command = `${process.cwd()}/${scriptPath} ${dbUrl} ${encryptedClientId} ${encryptedClientSecret}`;

const { stdout, stderr } = await execPromise(command);

Check warning

Code scanning / CodeQL

Shell command built from environment values Medium

This shell command depends on an uncontrolled
absolute path
Loading
.

Copilot Autofix

AI 6 months ago

To fix the problem, we should avoid constructing a shell command as a single string and passing it to exec (or its promisified version). Instead, we should use execFile (or its promisified version), which takes the command and its arguments as separate parameters, thus avoiding shell interpretation and the associated risks. This means:

  • Parse the script path and arguments into an array, not a single string.
  • Use execFile instead of exec for execution.
  • Promisify execFile as needed.
  • Update the import and the execPromise definition.
  • Update the call site to use the new function signature.

All changes are within libs/prisma-service/prisma/seed.ts:

  • Import execFile from child_process.
  • Promisify execFile instead of exec.
  • Change the command construction to an array of arguments.
  • Use execFilePromise with the script path and arguments.
Suggested changeset 1
libs/prisma-service/prisma/seed.ts

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/libs/prisma-service/prisma/seed.ts b/libs/prisma-service/prisma/seed.ts
--- a/libs/prisma-service/prisma/seed.ts
+++ b/libs/prisma-service/prisma/seed.ts
@@ -4,9 +4,9 @@
 import { PrismaClient } from '@prisma/client';
 import { CommonConstants } from '../../common/src/common.constant';
 import * as CryptoJS from 'crypto-js';
-import { exec } from 'child_process';
+import { execFile } from 'child_process';
 import * as util from 'util';
-const execPromise = util.promisify(exec);
+const execFilePromise = util.promisify(execFile);
 
 const prisma = new PrismaClient();
 const logger = new Logger('Init seed DB');
@@ -447,10 +446,10 @@
     const encryptedClientId = await encryptClientCredential(process.env.KEYCLOAK_MANAGEMENT_CLIENT_ID);
     const encryptedClientSecret = await encryptClientCredential(process.env.KEYCLOAK_MANAGEMENT_CLIENT_SECRET);
 
-    const command = `${process.cwd()}/${scriptPath} ${dbUrl} ${encryptedClientId} ${encryptedClientSecret}`;
+    const scriptFullPath = `${process.cwd()}/${scriptPath}`;
+    const args = [dbUrl, encryptedClientId, encryptedClientSecret];
+    const { stdout, stderr } = await execFilePromise(scriptFullPath, args);
 
-    const { stdout, stderr } = await execPromise(command);
-
     if (stdout) {
       logger.log(`Shell script output: ${stdout}`);
     }
EOF
@@ -4,9 +4,9 @@
import { PrismaClient } from '@prisma/client';
import { CommonConstants } from '../../common/src/common.constant';
import * as CryptoJS from 'crypto-js';
import { exec } from 'child_process';
import { execFile } from 'child_process';
import * as util from 'util';
const execPromise = util.promisify(exec);
const execFilePromise = util.promisify(execFile);

const prisma = new PrismaClient();
const logger = new Logger('Init seed DB');
@@ -447,10 +446,10 @@
const encryptedClientId = await encryptClientCredential(process.env.KEYCLOAK_MANAGEMENT_CLIENT_ID);
const encryptedClientSecret = await encryptClientCredential(process.env.KEYCLOAK_MANAGEMENT_CLIENT_SECRET);

const command = `${process.cwd()}/${scriptPath} ${dbUrl} ${encryptedClientId} ${encryptedClientSecret}`;
const scriptFullPath = `${process.cwd()}/${scriptPath}`;
const args = [dbUrl, encryptedClientId, encryptedClientSecret];
const { stdout, stderr } = await execFilePromise(scriptFullPath, args);

const { stdout, stderr } = await execPromise(command);

if (stdout) {
logger.log(`Shell script output: ${stdout}`);
}
Copilot is powered by AI and may make mistakes. Always verify output.
@coderabbitai
Copy link

coderabbitai bot commented Aug 19, 2025

Important

Review skipped

Auto reviews are disabled on base/target branches other than the default branch.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

✨ Finishing Touches
🧪 Generate unit tests
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch develop

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share
🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>, please review it.
    • Open a follow-up GitHub issue for this discussion.
  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query.
  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

CodeRabbit Commands (Invoked using PR/Issue comments)

Type @coderabbitai help to get the list of available commands.

Other keywords and placeholders

  • Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
  • Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
  • Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

  • You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
  • Please see the configuration documentation for more information.
  • If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Status, Documentation and Community

  • Visit our Status Page to check the current availability of CodeRabbit.
  • Visit our Documentation for detailed information on how to use CodeRabbit.
  • Join our Discord Community to get help, request features, and share feedback.
  • Follow us on X/Twitter for updates and announcements.

@shitrerohit shitrerohit self-assigned this Aug 19, 2025
@sonarqubecloud
Copy link

sonarqubecloud bot commented Aug 19, 2025

Quality Gate Passed Quality Gate passed

Issues
6 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@shitrerohit shitrerohit merged commit a2e2f4b into qa Aug 19, 2025
10 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@RinkalBhojani RinkalBhojani RinkalBhojani approved these changes

Assignees

@shitrerohit shitrerohit

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@shitrerohit @RinkalBhojani @bhavanakarwade