@contentstack/datasync-mongodb-sdk 1.0.9-beta.1 → 1.0.11

package/.github/workflows/issues-jira.yml

@@ -0,0 +1,31 @@
+name: Create Jira Ticket for Github Issue
+
+on:
+  issues:
+    types: [opened]
+
+jobs:
+  issue-jira:
+    runs-on: ubuntu-latest
+    steps:
+
+      - name: Login to Jira
+        uses: atlassian/gajira-login@master
+        env:
+          JIRA_BASE_URL: ${{ secrets.JIRA_BASE_URL }}
+          JIRA_USER_EMAIL: ${{ secrets.JIRA_USER_EMAIL }}
+          JIRA_API_TOKEN: ${{ secrets.JIRA_API_TOKEN }}
+
+      - name: Create Jira Issue
+        id: create_jira
+        uses: atlassian/gajira-create@master
+        with:
+          project: ${{ secrets.JIRA_PROJECT }}
+          issuetype: ${{ secrets.JIRA_ISSUE_TYPE }}
+          summary: Github | Issue | ${{ github.event.repository.name }} | ${{ github.event.issue.title }}
+          description: |
+            *GitHub Issue:* ${{ github.event.issue.html_url }}
+            
+            *Description:*
+            ${{ github.event.issue.body }}
+          fields: "${{ secrets.ISSUES_JIRA_FIELDS }}"

package/.github/workflows/policy-scan.yml

@@ -0,0 +1,27 @@
+name: Checks the security policy and configurations
+on:
+  pull_request:
+    types: [opened, synchronize, reopened]
+jobs:
+  security-policy:
+    if: github.event.repository.visibility == 'public'
+    runs-on: ubuntu-latest
+    defaults:
+      run:
+        shell: bash
+    steps:
+      - uses: actions/checkout@master
+      - name: Checks for SECURITY.md policy file
+        run: |
+          if ! [[ -f "SECURITY.md" || -f ".github/SECURITY.md" ]]; then exit 1; fi
+  security-license:
+    if: github.event.repository.visibility == 'public'
+    runs-on: ubuntu-latest
+    defaults:
+      run:
+        shell: bash
+    steps:
+      - uses: actions/checkout@master
+      - name: Checks for License file
+        run: |
+          if ! [[ -f "LICENSE" || -f "License.txt" || -f "LICENSE.md" ]]; then exit 1; fi

package/.github/workflows/release.yml

@@ -2,7 +2,7 @@ name: Release
 
 on:
   push:
-    branches: [feat/2326-npm-publish]
+    branches: [master]
 
 jobs:
   build:
@@ -28,12 +28,12 @@ jobs:
         uses: codex-team/action-nodejs-package-info@v1.1
 
       # Install npm-pack-all to create a package archive
-      - name: Install npm-pack-all
-        run: npm install npm-pack-all
-
+      - name: Install npm pack
+        run: npm install npm-pack
+        
       # Pack the package into a .tgz archive
       - name: Pack the npm package
-        run: node node_modules/.bin/npm-pack-all
+        run: npm pack
 
       # Publish the package to npm
       - name: Publish to npm
@@ -41,7 +41,7 @@ jobs:
         uses: JS-DevTools/npm-publish@v3
         with:
           token: ${{ secrets.NPM_TOKEN }}
-          access: public # Uncomment this line if you want to publish the package as public for first time
+          # access: public # Uncomment this line if you want to publish the package as public for first time
 
       # Auto-tag the new version if a change is detected
       - name: Auto-tag new version

package/dist/stack.js

@@ -1815,8 +1815,9 @@ class Stack {
             return this.includeReferenceIteration(queries, schemaList, locale, pendingPath, shelf);
         });
     }
-    fetchPathDetails(data, locale, pathArr, queryBucket, shelf, assetsOnly = false, parent, pos, counter = 0) {
+    fetchPathDetails(data = {}, locale, pathArr, queryBucket, shelf = [], assetsOnly = false, parent = {}, pos, counter = 0) {
         if (counter === (pathArr.length)) {
+            queryBucket = this.sanitizeQueryBucket(queryBucket);
             if (data && typeof data === 'object') {
                 if (data instanceof Array && data.length) {
                     data.forEach((elem, idx) => {
@@ -1883,13 +1884,13 @@ class Stack {
                 // tslint:disable-next-line: prefer-for-of
                 for (let i = 0; i < data.length; i++) {
                     if (data[i][currentField]) {
-                        this.fetchPathDetails(data[i][currentField], locale, pathArr, queryBucket, shelf, assetsOnly, data[i], currentField, counter);
+                        this.fetchPathDetails(data[i][currentField], locale, pathArr, this.sanitizeQueryBucket(queryBucket), shelf, assetsOnly, data[i], currentField, counter);
                     }
                 }
             }
             else {
                 if (data[currentField]) {
-                    this.fetchPathDetails(data[currentField], locale, pathArr, queryBucket, shelf, assetsOnly, data, currentField, counter);
+                    this.fetchPathDetails(data[currentField], locale, pathArr, this.sanitizeQueryBucket(queryBucket), shelf, assetsOnly, data, currentField, counter);
                 }
             }
         }
@@ -1899,14 +1900,12 @@ class Stack {
     bindLeftoverAssets(queries, locale, pointerList) {
         return __awaiter(this, void 0, void 0, function* () {
             // const contents = await readFile(getAssetsPath(locale) + '.json')
-            if (!this.sanitizeIQuery(queries)) {
-                throw new Error('Invalid queries provided');
-            }
+            const queriesSanitize = this.sanitizeQueryBucket(queries);
             const filteredAssets = yield this.db.collection((0, util_1.getCollectionName)({
                 content_type_uid: this.types.assets,
                 locale,
             }, this.collectionNames))
-                .find(queries)
+                .find(queriesSanitize)
                 .project({
                 _content_type_uid: 0,
                 _id: 0,
@@ -1968,11 +1967,12 @@ class Stack {
             if (!this.sanityQueryAny(query)) {
                 throw new Error('Invalid query provided');
             }
+            const querySanitize = this.sanitizeQueryBucket(query);
             const schemas = yield this.db.collection((0, util_1.getCollectionName)({
                 content_type_uid: this.types.content_types,
                 locale,
             }, this.collectionNames))
-                .find(query)
+                .find(querySanitize)
                 .project({
                 _assets: 1,
                 _id: 0,
@@ -2055,11 +2055,12 @@ class Stack {
             if (!this.sanitizeIQuery(query)) {
                 throw new Error('Invalid queries provided');
             }
+            const sanitizeQuery = this.sanitizeQueryBucket(query);
             const result = yield this.db.collection((0, util_1.getCollectionName)({
                 content_type_uid: 'entries',
                 locale,
             }, this.collectionNames))
-                .find(query)
+                .find(sanitizeQuery)
                 .project({
                 _content_type_uid: 0,
                 _id: 0,
@@ -2114,7 +2115,7 @@ class Stack {
             // iterate over each path in the entries and fetch the references
             // while fetching, keep track of their location
             for (let i = 0, j = paths.length; i < j; i++) {
-                this.fetchPathDetails(entries, locale, paths[i].split('.'), queries, objectPointerList, true, entries, 0);
+                this.fetchPathDetails(entries, locale, paths[i].split('.'), this.sanitizeQueryBucket(queries), objectPointerList, true, entries, 0);
             }
             // even after traversing, if no references were found, simply return the entries found thusfar
             if (objectPointerList.length === 0) {
@@ -2268,5 +2269,40 @@ class Stack {
         }
         return true;
     }
+    sanitizeQueryBucket(queryBucket) {
+        if (!queryBucket || typeof queryBucket !== 'object') {
+            return { $or: [{ _id: { $exists: true } }] };
+        }
+        const sanitized = { $or: [] };
+        if (!Array.isArray(queryBucket.$or)) {
+            return { $or: [{ _id: { $exists: true } }] };
+        }
+        for (const item of queryBucket.$or) {
+            if (!item || typeof item !== 'object') {
+                continue;
+            }
+            const safeItem = {};
+            if (typeof item._content_type_uid === 'string') {
+                safeItem._content_type_uid = item._content_type_uid;
+            }
+            if (typeof item.uid === 'string') {
+                safeItem.uid = item.uid;
+            }
+            if (typeof item.locale === 'string') {
+                safeItem.locale = item.locale;
+            }
+            if (item._version && typeof item._version === 'object' &&
+                typeof item._version.$exists === 'boolean') {
+                safeItem._version = { $exists: item._version.$exists };
+            }
+            if (safeItem._content_type_uid && safeItem.uid) {
+                sanitized.$or.push(safeItem);
+            }
+        }
+        if (sanitized.$or.length === 0) {
+            return { $or: [{ _id: { $exists: true } }] };
+        }
+        return sanitized;
+    }
 }
 exports.Stack = Stack;

package/package.json

@@ -1,7 +1,7 @@
 {
   "author": "Contentstack Ecosystem <ecosystem@contentstack.com>",
   "name": "@contentstack/datasync-mongodb-sdk",
-  "version": "1.0.9-beta.1",
+  "version": "1.0.11",
   "description": "Mongodb query wrapper around contents synced via @contentstack/content-store-mongodb",
   "main": "dist/index.js",
   "scripts": {
@@ -19,7 +19,7 @@
   "dependencies": {
     "lodash": "^4.17.21",
     "mongodb": "^6.12.0",
-    "npm-pack-all": "^1.12.7",
+    "npm-pack": "^1.0.0",
     "sift": "^17.1.3"
   },
   "devDependencies": {

package/typings/stack.d.ts

@@ -1094,4 +1094,5 @@ export declare class Stack {
     private getAllReferencePaths;
     private sanitizeIQuery;
     private sanityQueryAny;
+    private sanitizeQueryBucket;
 }

package/.github/workflows/jira.yml

@@ -1,33 +0,0 @@
-name: Create JIRA ISSUE
-on:
-  pull_request:
-    types: [opened]
-jobs:
-  security-jira:
-    if: ${{ github.actor == 'dependabot[bot]' || github.actor == 'snyk-bot' || contains(github.event.pull_request.head.ref, 'snyk-fix-')  || contains(github.event.pull_request.head.ref, 'snyk-upgrade-')}}
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v2
-      - name: Login into JIRA
-        uses: atlassian/gajira-login@master
-        env:
-          JIRA_BASE_URL: ${{ secrets.JIRA_BASE_URL }}
-          JIRA_USER_EMAIL: ${{ secrets.JIRA_USER_EMAIL }}
-          JIRA_API_TOKEN: ${{ secrets.JIRA_API_TOKEN }}
-      - name: Create a JIRA Issue
-        id: create
-        uses: atlassian/gajira-create@master
-        with:
-          project: ${{ secrets.JIRA_PROJECT }}
-          issuetype: ${{ secrets.JIRA_ISSUE_TYPE }}
-          summary: |
-            Snyk | Vulnerability | ${{ github.event.repository.name }} | ${{ github.event.pull_request.title }}
-          description: |
-            PR: ${{ github.event.pull_request.html_url }}
-
-          fields: "${{ secrets.JIRA_FIELDS }}"
-      - name: Transition issue
-        uses: atlassian/gajira-transition@v3
-        with:
-          issue: ${{ steps.create.outputs.issue }}
-          transition: ${{ secrets.JIRA_TRANSITION }}

package/.github/workflows/sast-scan.yml

@@ -1,11 +0,0 @@
-name: SAST Scan
-on:
-  pull_request:
-    types: [opened, synchronize, reopened]
-jobs:
-  security-sast:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v2
-      - name: Semgrep Scan
-        run: docker run -v /var/run/docker.sock:/var/run/docker.sock -v "${PWD}:/src" returntocorp/semgrep semgrep scan --config auto