@contentstack/datasync-mongodb-sdk 1.0.10 → 1.0.12

package/.github/workflows/issues-jira.yml

@@ -0,0 +1,31 @@
+name: Create Jira Ticket for Github Issue
+
+on:
+  issues:
+    types: [opened]
+
+jobs:
+  issue-jira:
+    runs-on: ubuntu-latest
+    steps:
+
+      - name: Login to Jira
+        uses: atlassian/gajira-login@master
+        env:
+          JIRA_BASE_URL: ${{ secrets.JIRA_BASE_URL }}
+          JIRA_USER_EMAIL: ${{ secrets.JIRA_USER_EMAIL }}
+          JIRA_API_TOKEN: ${{ secrets.JIRA_API_TOKEN }}
+
+      - name: Create Jira Issue
+        id: create_jira
+        uses: atlassian/gajira-create@master
+        with:
+          project: ${{ secrets.JIRA_PROJECT }}
+          issuetype: ${{ secrets.JIRA_ISSUE_TYPE }}
+          summary: Github | Issue | ${{ github.event.repository.name }} | ${{ github.event.issue.title }}
+          description: |
+            *GitHub Issue:* ${{ github.event.issue.html_url }}
+            
+            *Description:*
+            ${{ github.event.issue.body }}
+          fields: "${{ secrets.ISSUES_JIRA_FIELDS }}"

package/.github/workflows/policy-scan.yml

@@ -0,0 +1,46 @@
+name: Checks the security policy and configurations
+on:
+  pull_request:
+    types: [opened, synchronize, reopened]
+jobs:
+  security-policy:
+    if: github.event.repository.visibility == 'public'
+    runs-on: ubuntu-latest
+    defaults:
+      run:
+        shell: bash
+    steps:
+      - uses: actions/checkout@master
+      - name: Checks for SECURITY.md policy file
+        run: |
+          if ! [[ -f "SECURITY.md" || -f ".github/SECURITY.md" ]]; then exit 1; fi
+  security-license:
+    if: github.event.repository.visibility == 'public'
+    runs-on: ubuntu-latest
+    defaults:
+      run:
+        shell: bash
+    steps:
+      - uses: actions/checkout@master
+      - name: Checks for License file
+        run: |
+          expected_license_files=("LICENSE" "LICENSE.txt" "LICENSE.md" "License.txt")
+          license_file_found=false
+          current_year=$(date +"%Y")
+
+          for license_file in "${expected_license_files[@]}"; do
+              if  [ -f "$license_file" ]; then
+                 license_file_found=true
+                 # check the license file for the current year, if not exists, exit with error
+                  if  ! grep -q "$current_year" "$license_file"; then
+                      echo "License file $license_file does not contain the current year."
+                      exit 2
+                  fi
+                  break
+              fi        
+          done
+
+          if [ "$license_file_found" = false ]; then
+              echo "No license file found. Please add a license file to the repository."
+              exit 1
+          fi

package/.github/workflows/release.yml

@@ -28,12 +28,12 @@ jobs:
         uses: codex-team/action-nodejs-package-info@v1.1
 
       # Install npm-pack-all to create a package archive
-      - name: Install npm-pack-all
-        run: npm install npm-pack-all
-
+      - name: Install npm pack
+        run: npm install npm-pack
+        
       # Pack the package into a .tgz archive
       - name: Pack the npm package
-        run: node node_modules/.bin/npm-pack-all
+        run: npm pack
 
       # Publish the package to npm
       - name: Publish to npm

package/.husky/pre-commit

@@ -0,0 +1,69 @@
+#!/usr/bin/env sh
+# Pre-commit hook to run Snyk and Talisman scans, completing both before deciding to commit
+
+# Function to check if a command exists
+command_exists() {
+  command -v "$1" >/dev/null 2>&1
+}
+
+# Check if Snyk is installed
+if ! command_exists snyk; then
+  echo "Error: Snyk is not installed. Please install it and try again."
+  exit 1
+fi
+
+# Check if Talisman is installed
+if ! command_exists talisman; then
+  echo "Error: Talisman is not installed. Please install it and try again."
+  exit 1
+fi
+
+# Allow bypassing the hook with an environment variable
+if [ "$SKIP_HOOK" = "1" ]; then
+  echo "Skipping Snyk and Talisman scans (SKIP_HOOK=1)."
+  exit 0
+fi
+
+# Initialize variables to track scan results
+snyk_failed=false
+talisman_failed=false
+
+# Run Snyk vulnerability scan
+echo "Running Snyk vulnerability scan..."
+snyk test --all-projects > snyk_output.log 2>&1
+snyk_exit_code=$?
+
+if [ $snyk_exit_code -eq 0 ]; then
+  echo "Snyk scan passed: No vulnerabilities found."
+elif [ $snyk_exit_code -eq 1 ]; then
+  echo "Snyk found vulnerabilities. See snyk_output.log for details."
+  snyk_failed=true
+else
+  echo "Snyk scan failed with error (exit code $snyk_exit_code). See snyk_output.log for details."
+  snyk_failed=true
+fi
+
+# Run Talisman secret scan (continues even if Snyk failed)
+echo "Running Talisman secret scan..."
+talisman --githook pre-commit > talisman_output.log 2>&1
+talisman_exit_code=$?
+
+if [ $talisman_exit_code -eq 0 ]; then
+  echo "Talisman scan passed: No secrets found."
+else
+  echo "Talisman scan failed (exit code $talisman_exit_code). See talisman_output.log for details."
+  talisman_failed=true
+fi
+
+# Evaluate results after both scans
+if [ "$snyk_failed" = true ] || [ "$talisman_failed" = true ]; then
+  echo "Commit aborted due to issues found in one or both scans."
+  [ "$snyk_failed" = true ] && echo "- Snyk issues: Check snyk_output.log"
+  [ "$talisman_failed" = true ] && echo "- Talisman issues: Check talisman_output.log"
+  exit 1
+fi
+
+# If both scans pass, allow the commit
+echo "All scans passed. Proceeding with commit.cd ."
+rm -f snyk_output.log talisman_output.log
+exit 0

package/.talismanrc

@@ -1,4 +1,10 @@
 fileignoreconfig:
+- filename: .github/workflows/secrets-scan.yml
+  ignore_detectors:
+    - filecontent
 - filename: package-lock.json
-  checksum: a618ae6c113021eef425f224f1dfd7066b15af1a45249ea063a193517ce5a92f
-version: ""
+  checksum: 37742c5c56859fdfed906c14e97881c4a10e0a52464fda489e4eb8154298fde4
+- filename: .husky/pre-commit
+  checksum: 5baabd7d2c391648163f9371f0e5e9484f8fb90fa2284cfc378732ec3192c193
+version: ""
+base64_entropy: false

package/CODEOWNERS

@@ -1 +1,11 @@
-* @contentstack/security-admin
+* @contentstack/devex-pr-reviewers
+
+.github/workflows/sca-scan.yml @contentstack/security-admin
+
+.github/workflows/codeql-anaylsis.yml @contentstack/security-admin
+
+**/.snyk @contentstack/security-admin
+
+.github/workflows/policy-scan.yml @contentstack/security-admin
+
+.github/workflows/issues-jira.yml @contentstack/security-admin

package/dist/messages.js

@@ -0,0 +1,53 @@
+"use strict";
+/**
+ * Centralized error messages and warnings for the DataSync MongoDB SDK
+ * This file contains all user-facing messages for consistency and maintainability
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.WarningMessages = exports.ErrorMessages = void 0;
+exports.ErrorMessages = {
+    // Configuration errors
+    INVALID_MONGODB_URI: (uri) => `MongoDB connection URL: ${uri} must be of type string`,
+    INVALID_DBNAME: 'Content store dbName should be of type string and not empty',
+    // Sorting errors
+    INVALID_ASCENDING_PARAMS: 'Invalid parameters for .ascending(). Expected a valid string field name',
+    INVALID_DESCENDING_PARAMS: 'Invalid parameters for .descending(). Expected a valid string field name',
+    // Language errors
+    INVALID_LANGUAGE_PARAMS: 'Invalid parameters for .language(). Expected a valid language code string',
+    // Logical operator errors
+    INVALID_AND_PARAMS: 'Invalid parameters for .and(). Expected an array of query objects',
+    INVALID_OR_PARAMS: 'Invalid parameters for .or(). Expected an array of query objects',
+    // Comparison operator errors
+    INVALID_LESSTHAN_PARAMS: 'Invalid key or value parameters for .lessThan(). Expected a string key and a value',
+    INVALID_LESSTHAN_OR_EQUAL_PARAMS: 'Invalid key or value parameters for .lessThanOrEqualTo(). Expected a string key and a value',
+    INVALID_GREATERTHAN_PARAMS: 'Invalid key or value parameters for .greaterThan(). Expected a string key and a value',
+    INVALID_GREATERTHAN_OR_EQUAL_PARAMS: 'Invalid key or value parameters for .greaterThanOrEqualTo(). Expected a string key and a value',
+    INVALID_NOTEQUAL_PARAMS: 'Invalid key or value parameters for .notEqualTo(). Expected a string key and a value',
+    INVALID_CONTAINED_IN_PARAMS: 'Invalid key or value parameters for .containedIn(). Expected a string key and an array value',
+    INVALID_NOT_CONTAINED_IN_PARAMS: 'Invalid key or value parameters for .notContainedIn(). Expected a string key and an array value',
+    INVALID_EXISTS_PARAMS: 'Invalid key parameter for .exists(). Expected a valid string field name',
+    INVALID_NOT_EXISTS_PARAMS: 'Invalid key parameter for .notExists(). Expected a valid string field name',
+    // Content type errors
+    MISSING_CONTENT_TYPE_UID: 'Content type UID is required. Please provide a valid content type UID',
+    MISSING_CONTENT_TYPE_FOR_ENTRY: 'Please call .contentType() before .entry()',
+    MISSING_CONTENT_TYPE_FOR_ENTRIES: 'Please call .contentType() before .entries()',
+    // Pagination errors
+    INVALID_LIMIT_VALUE: 'Invalid value for .limit(). Expected a positive numeric value',
+    INVALID_SKIP_VALUE: 'Invalid value for .skip(). Expected a non-negative numeric value',
+    // Projection errors
+    INVALID_ONLY_PARAMS: 'Invalid field values for .only(). Expected a non-empty array of field names',
+    INVALID_EXCEPT_PARAMS: 'Invalid field values for .except(). Expected a non-empty array of field names',
+    // Query errors
+    INVALID_REGEX_PARAMS: 'Invalid field or pattern parameters for .regex(). Expected string values for both field and pattern',
+    INVALID_TAGS_PARAMS: 'Invalid field values for .tags(). Expected an array of tag values',
+    INVALID_WHERE_PARAMS: 'Invalid expression for .where(). Expected a valid expression or function',
+    INVALID_QUERY_REFERENCES_PARAMS: 'Invalid query object for .queryReferences(). Expected a valid query object',
+    INVALID_INCLUDE_PARAMS: 'Invalid reference field path for .include(). Expected a valid string or array of strings',
+    // Query validation errors
+    INVALID_QUERY: 'Invalid query provided. Please ensure your query is properly formatted',
+    INVALID_QUERIES: 'Invalid queries provided. Please ensure all queries are properly formatted',
+};
+exports.WarningMessages = {
+    // Performance warnings
+    SLOW_INCLUDE_REFERENCES: '.includeReferences(...) is a relatively slow query. Consider limiting the depth or using .include() for specific references',
+};

package/dist/stack.js

@@ -23,6 +23,7 @@ const mongodb_1 = require("mongodb");
 const sift_1 = __importDefault(require("sift"));
 const config_1 = require("./config");
 const util_1 = require("./util");
+const messages_1 = require("./messages");
 /**
  * @class Stack
  * @descriptionExpose SDK query methods on Stack
@@ -67,7 +68,7 @@ class Stack {
      */
     ascending(field) {
         if (typeof this.q.content_type_uid !== 'string' || typeof field !== 'string' || field.length === 0) {
-            throw new Error('Kindly provide valid parameters for .ascending!');
+            throw new Error(messages_1.ErrorMessages.INVALID_ASCENDING_PARAMS);
         }
         else if (this.internal.sort && typeof this.internal.sort === 'object') {
             this.internal.sort[field] = 1;
@@ -105,7 +106,7 @@ class Stack {
      */
     descending(field) {
         if (typeof this.q.content_type_uid !== 'string' || typeof field !== 'string' || field.length === 0) {
-            throw new Error('Kindly provide valid parameters for .descending()!');
+            throw new Error(messages_1.ErrorMessages.INVALID_DESCENDING_PARAMS);
         }
         else if (this.internal.sort && typeof this.internal.sort === 'object') {
             this.internal.sort[field] = -1;
@@ -182,7 +183,7 @@ class Stack {
      */
     language(code) {
         if (typeof code !== 'string' || code.length === 0) {
-            throw new Error('Kindly pass valid parameters for .language()!');
+            throw new Error(messages_1.ErrorMessages.INVALID_LANGUAGE_PARAMS);
         }
         this.q.locale = code;
         return this;
@@ -217,7 +218,7 @@ class Stack {
      */
     and(queries) {
         if (typeof queries !== 'object' || !Array.isArray(queries)) {
-            throw new Error('Kindly provide valid parameters for .and()!');
+            throw new Error(messages_1.ErrorMessages.INVALID_AND_PARAMS);
         }
         else if (this.q.query && typeof this.q.query === 'object') {
             this.q.query = (0, lodash_1.merge)(this.q.query, {
@@ -261,7 +262,7 @@ class Stack {
      */
     or(queries) {
         if (typeof queries !== 'object' || !Array.isArray(queries)) {
-            throw new Error('Kindly provide valid parameters for .or()!');
+            throw new Error(messages_1.ErrorMessages.INVALID_OR_PARAMS);
         }
         else if (this.q.query && typeof this.q.query === 'object') {
             this.q.query = (0, lodash_1.merge)(this.q.query, {
@@ -303,7 +304,7 @@ class Stack {
      */
     lessThan(key, value) {
         if (typeof key !== 'string' || typeof value === 'undefined') {
-            throw new Error('Kindly pass valid key and value parameters for \'.lessThan()\'');
+            throw new Error(messages_1.ErrorMessages.INVALID_LESSTHAN_PARAMS);
         }
         else if (this.q.query && typeof this.q.query === 'object') {
             this.q.query[key] = {
@@ -347,7 +348,7 @@ class Stack {
      */
     lessThanOrEqualTo(key, value) {
         if (typeof key !== 'string' || typeof value === 'undefined') {
-            throw new Error('Kindly pass valid key and value parameters for \'.lessThanOrEqualTo()\'');
+            throw new Error(messages_1.ErrorMessages.INVALID_LESSTHAN_OR_EQUAL_PARAMS);
         }
         else if (this.q.query && typeof this.q.query === 'object') {
             this.q.query[key] = {
@@ -391,7 +392,7 @@ class Stack {
      */
     greaterThan(key, value) {
         if (typeof key !== 'string' || typeof value === 'undefined') {
-            throw new Error('Kindly pass valid key and value parameters for \'.greaterThan()\'');
+            throw new Error(messages_1.ErrorMessages.INVALID_GREATERTHAN_PARAMS);
         }
         else if (this.q.query && typeof this.q.query === 'object') {
             this.q.query[key] = {
@@ -435,7 +436,7 @@ class Stack {
      */
     greaterThanOrEqualTo(key, value) {
         if (typeof key !== 'string' || typeof value === 'undefined') {
-            throw new Error('Kindly pass valid key and value parameters for \'.greaterThanOrEqualTo()\'');
+            throw new Error(messages_1.ErrorMessages.INVALID_GREATERTHAN_OR_EQUAL_PARAMS);
         }
         else if (this.q.query && typeof this.q.query === 'object') {
             this.q.query[key] = {
@@ -484,7 +485,7 @@ class Stack {
      */
     notEqualTo(key, value) {
         if (typeof key !== 'string' || typeof value === 'undefined') {
-            throw new Error('Kindly pass valid key and value parameters for \'.notEqualTo()\'');
+            throw new Error(messages_1.ErrorMessages.INVALID_NOTEQUAL_PARAMS);
         }
         else if (this.q.query && typeof this.q.query === 'object') {
             this.q.query[key] = {
@@ -534,7 +535,7 @@ class Stack {
      */
     containedIn(key, value) {
         if (typeof key !== 'string' || typeof value !== 'object' || !(value instanceof Array)) {
-            throw new Error('Kindly pass valid key and value parameters for \'.containedIn()\'');
+            throw new Error(messages_1.ErrorMessages.INVALID_CONTAINED_IN_PARAMS);
         }
         else if (this.q.query && typeof this.q.query === 'object') {
             this.q.query[key] = {
@@ -584,7 +585,7 @@ class Stack {
      */
     notContainedIn(key, value) {
         if (typeof key !== 'string' || typeof value !== 'object' || !(value instanceof Array)) {
-            throw new Error('Kindly pass valid key and value parameters for \'.notContainedIn()\'');
+            throw new Error(messages_1.ErrorMessages.INVALID_NOT_CONTAINED_IN_PARAMS);
         }
         else if (this.q.query && typeof this.q.query === 'object') {
             this.q.query[key] = {
@@ -634,7 +635,7 @@ class Stack {
      */
     exists(key) {
         if (typeof key !== 'string') {
-            throw new Error('Kindly pass valid key for \'.exists()\'');
+            throw new Error(messages_1.ErrorMessages.INVALID_EXISTS_PARAMS);
         }
         else if (this.q.query && typeof this.q.query === 'object') {
             this.q.query[key] = {
@@ -683,7 +684,7 @@ class Stack {
      */
     notExists(key) {
         if (typeof key !== 'string') {
-            throw new Error('Kindly pass valid key for \'.notExists()\'');
+            throw new Error(messages_1.ErrorMessages.INVALID_NOT_EXISTS_PARAMS);
         }
         else if (this.q.query && typeof this.q.query === 'object') {
             this.q.query[key] = {
@@ -725,7 +726,7 @@ class Stack {
             stack.q.content_type_uid = uid;
             return stack;
         }
-        throw new Error('Kindly pass the content type\'s uid');
+        throw new Error(messages_1.ErrorMessages.MISSING_CONTENT_TYPE_UID);
     }
     /**
      * @public
@@ -751,7 +752,7 @@ class Stack {
      */
     entry(uid) {
         if (!(this.q.content_type_uid)) {
-            throw new Error('Kindly call \'contentType()\' before \'entry()\'!');
+            throw new Error(messages_1.ErrorMessages.MISSING_CONTENT_TYPE_FOR_ENTRY);
         }
         if (uid && typeof uid === 'string') {
             this.q.query = this.q.query || {};
@@ -785,7 +786,7 @@ class Stack {
         if (this.q.content_type_uid && typeof this.q.content_type_uid === 'string') {
             return this;
         }
-        throw new Error('Kindly call \'contentType()\' before \'entries()\'!');
+        throw new Error(messages_1.ErrorMessages.MISSING_CONTENT_TYPE_FOR_ENTRIES);
     }
     /**
      * @public
@@ -956,7 +957,7 @@ class Stack {
             this.internal.limit = no;
             return this;
         }
-        throw new Error('Kindly provide a valid \'numeric\' value for \'limit()\'');
+        throw new Error(messages_1.ErrorMessages.INVALID_LIMIT_VALUE);
     }
     /**
      * @public
@@ -987,7 +988,7 @@ class Stack {
             this.internal.skip = no;
             return this;
         }
-        throw new Error('Kindly provide a valid \'numeric\' value for \'skip()\'');
+        throw new Error(messages_1.ErrorMessages.INVALID_SKIP_VALUE);
     }
     /**
      * @public
@@ -1045,7 +1046,7 @@ class Stack {
      */
     only(fields) {
         if (!fields || typeof fields !== 'object' || !(fields instanceof Array) || fields.length === 0) {
-            throw new Error('Kindly provide valid \'field\' values for \'only()\'');
+            throw new Error(messages_1.ErrorMessages.INVALID_ONLY_PARAMS);
         }
         this.internal.only = this.internal.only || {};
         this.internal.only._id = 0;
@@ -1080,7 +1081,7 @@ class Stack {
      */
     except(fields) {
         if (!fields || typeof fields !== 'object' || !(fields instanceof Array) || fields.length === 0) {
-            throw new Error('Kindly provide valid \'field\' values for \'except()\'');
+            throw new Error(messages_1.ErrorMessages.INVALID_EXCEPT_PARAMS);
         }
         this.internal.except = this.internal.except || {};
         fields.forEach((field) => {
@@ -1117,7 +1118,7 @@ class Stack {
      */
     regex(field, pattern, options = 'i') {
         if (!(field) || !(pattern) || typeof field !== 'string' || typeof pattern !== 'string') {
-            throw new Error('Kindly provide a valid field and pattern value for \'.regex()\'');
+            throw new Error(messages_1.ErrorMessages.INVALID_REGEX_PARAMS);
         }
         else if (this.q.query && typeof this.q.query === 'object') {
             this.q.query = (0, lodash_1.merge)(this.q.query, {
@@ -1160,7 +1161,7 @@ class Stack {
      */
     tags(values) {
         if (!values || typeof values !== 'object' || !(values instanceof Array)) {
-            throw new Error('Kindly provide valid \'field\' values for \'tags()\'');
+            throw new Error(messages_1.ErrorMessages.INVALID_TAGS_PARAMS);
         }
         // filter non-string keys
         (0, lodash_1.remove)(values, (value) => {
@@ -1213,7 +1214,7 @@ class Stack {
      */
     where(expr) {
         if (!(expr)) {
-            throw new Error('Kindly provide a valid field and expr/fn value for \'.where()\'');
+            throw new Error(messages_1.ErrorMessages.INVALID_WHERE_PARAMS);
         }
         else if (this.q.query && typeof this.q.query === 'object') {
             if (typeof expr === 'function') {
@@ -1360,7 +1361,7 @@ class Stack {
             this.internal.queryReferences = query;
             return this;
         }
-        throw new Error('Kindly pass a query object for \'.queryReferences()\'');
+        throw new Error(messages_1.ErrorMessages.INVALID_QUERY_REFERENCES_PARAMS);
     }
     /**
      * @public
@@ -1393,7 +1394,7 @@ class Stack {
      * @returns {Stack} Returns 'this' instance (of Stack)
      */
     includeReferences(depth) {
-        console.warn('.includeReferences() is a relatively slow query..!');
+        console.warn(messages_1.WarningMessages.SLOW_INCLUDE_REFERENCES);
         if (typeof depth === 'number') {
             this.q.referenceDepth = depth;
         }
@@ -1415,7 +1416,7 @@ class Stack {
      */
     include(fields) {
         if (fields.length === 0) {
-            throw new Error('Kindly pass a valid reference field path to \'.include()\' ');
+            throw new Error(messages_1.ErrorMessages.INVALID_INCLUDE_PARAMS);
         }
         else if (typeof fields === 'string') {
             this.internal.includeSpecificReferences = [fields];
@@ -1815,8 +1816,9 @@ class Stack {
             return this.includeReferenceIteration(queries, schemaList, locale, pendingPath, shelf);
         });
     }
-    fetchPathDetails(data, locale, pathArr, queryBucket, shelf, assetsOnly = false, parent, pos, counter = 0) {
+    fetchPathDetails(data = {}, locale, pathArr, queryBucket, shelf = [], assetsOnly = false, parent = {}, pos, counter = 0) {
         if (counter === (pathArr.length)) {
+            queryBucket = this.sanitizeQueryBucket(queryBucket);
             if (data && typeof data === 'object') {
                 if (data instanceof Array && data.length) {
                     data.forEach((elem, idx) => {
@@ -1883,13 +1885,13 @@ class Stack {
                 // tslint:disable-next-line: prefer-for-of
                 for (let i = 0; i < data.length; i++) {
                     if (data[i][currentField]) {
-                        this.fetchPathDetails(data[i][currentField], locale, pathArr, queryBucket, shelf, assetsOnly, data[i], currentField, counter);
+                        this.fetchPathDetails(data[i][currentField], locale, pathArr, this.sanitizeQueryBucket(queryBucket), shelf, assetsOnly, data[i], currentField, counter);
                     }
                 }
             }
             else {
                 if (data[currentField]) {
-                    this.fetchPathDetails(data[currentField], locale, pathArr, queryBucket, shelf, assetsOnly, data, currentField, counter);
+                    this.fetchPathDetails(data[currentField], locale, pathArr, this.sanitizeQueryBucket(queryBucket), shelf, assetsOnly, data, currentField, counter);
                 }
             }
         }
@@ -1899,14 +1901,12 @@ class Stack {
     bindLeftoverAssets(queries, locale, pointerList) {
         return __awaiter(this, void 0, void 0, function* () {
             // const contents = await readFile(getAssetsPath(locale) + '.json')
-            if (!this.sanitizeIQuery(queries)) {
-                throw new Error('Invalid queries provided');
-            }
+            const queriesSanitize = this.sanitizeQueryBucket(queries);
             const filteredAssets = yield this.db.collection((0, util_1.getCollectionName)({
                 content_type_uid: this.types.assets,
                 locale,
             }, this.collectionNames))
-                .find(queries)
+                .find(queriesSanitize)
                 .project({
                 _content_type_uid: 0,
                 _id: 0,
@@ -1966,13 +1966,14 @@ class Stack {
     getReferencePath(query, locale, currentInclude) {
         return __awaiter(this, void 0, void 0, function* () {
             if (!this.sanityQueryAny(query)) {
-                throw new Error('Invalid query provided');
+                throw new Error(messages_1.ErrorMessages.INVALID_QUERY);
             }
+            const querySanitize = this.sanitizeQueryBucket(query);
             const schemas = yield this.db.collection((0, util_1.getCollectionName)({
                 content_type_uid: this.types.content_types,
                 locale,
             }, this.collectionNames))
-                .find(query)
+                .find(querySanitize)
                 .project({
                 _assets: 1,
                 _id: 0,
@@ -2053,13 +2054,14 @@ class Stack {
     fetchEntries(query, locale, paths, include, includeAll = false) {
         return __awaiter(this, void 0, void 0, function* () {
             if (!this.sanitizeIQuery(query)) {
-                throw new Error('Invalid queries provided');
+                throw new Error(messages_1.ErrorMessages.INVALID_QUERIES);
             }
+            const sanitizeQuery = this.sanitizeQueryBucket(query);
             const result = yield this.db.collection((0, util_1.getCollectionName)({
                 content_type_uid: 'entries',
                 locale,
             }, this.collectionNames))
-                .find(query)
+                .find(sanitizeQuery)
                 .project({
                 _content_type_uid: 0,
                 _id: 0,
@@ -2114,7 +2116,7 @@ class Stack {
             // iterate over each path in the entries and fetch the references
             // while fetching, keep track of their location
             for (let i = 0, j = paths.length; i < j; i++) {
-                this.fetchPathDetails(entries, locale, paths[i].split('.'), queries, objectPointerList, true, entries, 0);
+                this.fetchPathDetails(entries, locale, paths[i].split('.'), this.sanitizeQueryBucket(queries), objectPointerList, true, entries, 0);
             }
             // even after traversing, if no references were found, simply return the entries found thusfar
             if (objectPointerList.length === 0) {
@@ -2268,5 +2270,40 @@ class Stack {
         }
         return true;
     }
+    sanitizeQueryBucket(queryBucket) {
+        if (!queryBucket || typeof queryBucket !== 'object') {
+            return { $or: [{ _id: { $exists: true } }] };
+        }
+        const sanitized = { $or: [] };
+        if (!Array.isArray(queryBucket.$or)) {
+            return { $or: [{ _id: { $exists: true } }] };
+        }
+        for (const item of queryBucket.$or) {
+            if (!item || typeof item !== 'object') {
+                continue;
+            }
+            const safeItem = {};
+            if (typeof item._content_type_uid === 'string') {
+                safeItem._content_type_uid = item._content_type_uid;
+            }
+            if (typeof item.uid === 'string') {
+                safeItem.uid = item.uid;
+            }
+            if (typeof item.locale === 'string') {
+                safeItem.locale = item.locale;
+            }
+            if (item._version && typeof item._version === 'object' &&
+                typeof item._version.$exists === 'boolean') {
+                safeItem._version = { $exists: item._version.$exists };
+            }
+            if (safeItem._content_type_uid && safeItem.uid) {
+                sanitized.$or.push(safeItem);
+            }
+        }
+        if (sanitized.$or.length === 0) {
+            return { $or: [{ _id: { $exists: true } }] };
+        }
+        return sanitized;
+    }
 }
 exports.Stack = Stack;

package/dist/util.js

@@ -7,6 +7,7 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.getCollectionName = exports.validateConfig = exports.checkCyclic = exports.validateURI = void 0;
 const lodash_1 = require("lodash");
+const messages_1 = require("./messages");
 /**
  * @private
  * @method validateURI
@@ -17,7 +18,7 @@ const lodash_1 = require("lodash");
  */
 const validateURI = (uri) => {
     if (typeof uri !== 'string' || uri.length === 0) {
-        throw new Error(`Mongodb connection url: ${uri} must be of type string`);
+        throw new Error(messages_1.ErrorMessages.INVALID_MONGODB_URI(uri));
     }
     return uri;
 };
@@ -56,7 +57,7 @@ const getParents = (child, mapping) => {
 };
 const validateContentStore = (contentStore) => {
     if (typeof contentStore.dbName !== 'string' || contentStore.dbName.length === 0) {
-        throw new Error('Contentstore dbName should be of type string and not empty!');
+        throw new Error(messages_1.ErrorMessages.INVALID_DBNAME);
     }
     if (typeof contentStore.collectionName === 'string') {
         contentStore.collection = {

package/package.json

@@ -1,7 +1,7 @@
 {
   "author": "Contentstack Ecosystem <ecosystem@contentstack.com>",
   "name": "@contentstack/datasync-mongodb-sdk",
-  "version": "1.0.10",
+  "version": "1.0.12",
   "description": "Mongodb query wrapper around contents synced via @contentstack/content-store-mongodb",
   "main": "dist/index.js",
   "scripts": {
@@ -11,6 +11,7 @@
     "watch-ts": "npm run clean && tsc -w",
     "compile": "tsc",
     "prepare": "npm run compile",
+    "pre-commit": "husky install && husky && chmod +x .husky/pre-commit",
     "start": "dist/index.js",
     "tslint": "npx tslint -c tslint.json 'src/**/*.ts' --fix",
     "test": "jest"
@@ -19,7 +20,7 @@
   "dependencies": {
     "lodash": "^4.17.21",
     "mongodb": "^6.12.0",
-    "npm-pack-all": "^1.12.7",
+    "npm-pack": "^1.0.0",
     "sift": "^17.1.3"
   },
   "devDependencies": {
@@ -28,6 +29,7 @@
     "@types/node": "10.17.60",
     "@types/rimraf": "4.0.5",
     "debug": "^4.4.0",
+    "husky": "^9.1.7",
     "jest": "^29.7.0",
     "jsdoc": "^4.0.4",
     "node-notifier": "^10.0.1",

package/typings/messages.d.ts

@@ -0,0 +1,39 @@
+/**
+ * Centralized error messages and warnings for the DataSync MongoDB SDK
+ * This file contains all user-facing messages for consistency and maintainability
+ */
+export declare const ErrorMessages: {
+    readonly INVALID_MONGODB_URI: (uri: any) => string;
+    readonly INVALID_DBNAME: "Content store dbName should be of type string and not empty";
+    readonly INVALID_ASCENDING_PARAMS: "Invalid parameters for .ascending(). Expected a valid string field name";
+    readonly INVALID_DESCENDING_PARAMS: "Invalid parameters for .descending(). Expected a valid string field name";
+    readonly INVALID_LANGUAGE_PARAMS: "Invalid parameters for .language(). Expected a valid language code string";
+    readonly INVALID_AND_PARAMS: "Invalid parameters for .and(). Expected an array of query objects";
+    readonly INVALID_OR_PARAMS: "Invalid parameters for .or(). Expected an array of query objects";
+    readonly INVALID_LESSTHAN_PARAMS: "Invalid key or value parameters for .lessThan(). Expected a string key and a value";
+    readonly INVALID_LESSTHAN_OR_EQUAL_PARAMS: "Invalid key or value parameters for .lessThanOrEqualTo(). Expected a string key and a value";
+    readonly INVALID_GREATERTHAN_PARAMS: "Invalid key or value parameters for .greaterThan(). Expected a string key and a value";
+    readonly INVALID_GREATERTHAN_OR_EQUAL_PARAMS: "Invalid key or value parameters for .greaterThanOrEqualTo(). Expected a string key and a value";
+    readonly INVALID_NOTEQUAL_PARAMS: "Invalid key or value parameters for .notEqualTo(). Expected a string key and a value";
+    readonly INVALID_CONTAINED_IN_PARAMS: "Invalid key or value parameters for .containedIn(). Expected a string key and an array value";
+    readonly INVALID_NOT_CONTAINED_IN_PARAMS: "Invalid key or value parameters for .notContainedIn(). Expected a string key and an array value";
+    readonly INVALID_EXISTS_PARAMS: "Invalid key parameter for .exists(). Expected a valid string field name";
+    readonly INVALID_NOT_EXISTS_PARAMS: "Invalid key parameter for .notExists(). Expected a valid string field name";
+    readonly MISSING_CONTENT_TYPE_UID: "Content type UID is required. Please provide a valid content type UID";
+    readonly MISSING_CONTENT_TYPE_FOR_ENTRY: "Please call .contentType() before .entry()";
+    readonly MISSING_CONTENT_TYPE_FOR_ENTRIES: "Please call .contentType() before .entries()";
+    readonly INVALID_LIMIT_VALUE: "Invalid value for .limit(). Expected a positive numeric value";
+    readonly INVALID_SKIP_VALUE: "Invalid value for .skip(). Expected a non-negative numeric value";
+    readonly INVALID_ONLY_PARAMS: "Invalid field values for .only(). Expected a non-empty array of field names";
+    readonly INVALID_EXCEPT_PARAMS: "Invalid field values for .except(). Expected a non-empty array of field names";
+    readonly INVALID_REGEX_PARAMS: "Invalid field or pattern parameters for .regex(). Expected string values for both field and pattern";
+    readonly INVALID_TAGS_PARAMS: "Invalid field values for .tags(). Expected an array of tag values";
+    readonly INVALID_WHERE_PARAMS: "Invalid expression for .where(). Expected a valid expression or function";
+    readonly INVALID_QUERY_REFERENCES_PARAMS: "Invalid query object for .queryReferences(). Expected a valid query object";
+    readonly INVALID_INCLUDE_PARAMS: "Invalid reference field path for .include(). Expected a valid string or array of strings";
+    readonly INVALID_QUERY: "Invalid query provided. Please ensure your query is properly formatted";
+    readonly INVALID_QUERIES: "Invalid queries provided. Please ensure all queries are properly formatted";
+};
+export declare const WarningMessages: {
+    readonly SLOW_INCLUDE_REFERENCES: ".includeReferences(...) is a relatively slow query. Consider limiting the depth or using .include() for specific references";
+};

package/typings/stack.d.ts

@@ -1094,4 +1094,5 @@ export declare class Stack {
     private getAllReferencePaths;
     private sanitizeIQuery;
     private sanityQueryAny;
+    private sanitizeQueryBucket;
 }

package/.github/workflows/jira.yml

@@ -1,33 +0,0 @@
-name: Create JIRA ISSUE
-on:
-  pull_request:
-    types: [opened]
-jobs:
-  security-jira:
-    if: ${{ github.actor == 'dependabot[bot]' || github.actor == 'snyk-bot' || contains(github.event.pull_request.head.ref, 'snyk-fix-')  || contains(github.event.pull_request.head.ref, 'snyk-upgrade-')}}
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v2
-      - name: Login into JIRA
-        uses: atlassian/gajira-login@master
-        env:
-          JIRA_BASE_URL: ${{ secrets.JIRA_BASE_URL }}
-          JIRA_USER_EMAIL: ${{ secrets.JIRA_USER_EMAIL }}
-          JIRA_API_TOKEN: ${{ secrets.JIRA_API_TOKEN }}
-      - name: Create a JIRA Issue
-        id: create
-        uses: atlassian/gajira-create@master
-        with:
-          project: ${{ secrets.JIRA_PROJECT }}
-          issuetype: ${{ secrets.JIRA_ISSUE_TYPE }}
-          summary: |
-            Snyk | Vulnerability | ${{ github.event.repository.name }} | ${{ github.event.pull_request.title }}
-          description: |
-            PR: ${{ github.event.pull_request.html_url }}
-
-          fields: "${{ secrets.JIRA_FIELDS }}"
-      - name: Transition issue
-        uses: atlassian/gajira-transition@v3
-        with:
-          issue: ${{ steps.create.outputs.issue }}
-          transition: ${{ secrets.JIRA_TRANSITION }}

package/.github/workflows/sast-scan.yml

@@ -1,11 +0,0 @@
-name: SAST Scan
-on:
-  pull_request:
-    types: [opened, synchronize, reopened]
-jobs:
-  security-sast:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v2
-      - name: Semgrep Scan
-        run: docker run -v /var/run/docker.sock:/var/run/docker.sock -v "${PWD}:/src" returntocorp/semgrep semgrep scan --config auto