npm - @friggframework/core - Versions diffs - 2.0.0--canary.419.e387a34.0 → 2.0.0--canary.419.e82b061.0 - Mend

@friggframework/core 2.0.0--canary.419.e387a34.0 → 2.0.0--canary.419.e82b061.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/database/mongo.js +73 -33
package/package.json +5 -5

package/database/mongo.js CHANGED Viewed

@@ -25,7 +25,10 @@ try {
         }
     }
 } catch (error) {
-    debug('Could not load app definition for DocumentDB configuration:', error.message);
+    debug(
+        'Could not load app definition for DocumentDB configuration:',
+        error.message
+    );
 }
 // Buffering means mongoose will queue up operations if it gets
@@ -39,48 +42,85 @@ const mongoConfig = {
     serverSelectionTimeoutMS: 5000,
 };
+console.log('📁 AppDefinition content:', JSON.stringify(appDefinition));
 // Add DocumentDB TLS configuration if enabled
 if (appDefinition.database?.documentDB?.enable === true) {
     console.log('📄 DocumentDB configuration detected, enabling TLS');
     console.log('📁 Current working directory:', process.cwd());
-    console.log('📋 App definition database config:', JSON.stringify(appDefinition.database, null, 2));
+    console.log(
+        '📋 App definition database config:',
+        JSON.stringify(appDefinition.database, null, 2)
+    );
     mongoConfig.tls = true;
     // Set TLS CA file path if specified
     if (appDefinition.database.documentDB.tlsCAFile) {
-        const tlsCAFilePath = path.resolve(process.cwd(), appDefinition.database.documentDB.tlsCAFile);
-        mongoConfig.tlsCAFile = tlsCAFilePath;
-        console.log('📄 DocumentDB TLS CA file configured:');
-        console.log('   📎 Original path:', appDefinition.database.documentDB.tlsCAFile);
-        console.log('   📎 Resolved path:', tlsCAFilePath);
-        console.log('   📄 File exists:', fs.existsSync(tlsCAFilePath));
-        // List current directory contents for debugging
-        try {
-            console.log('📁 Current directory contents:');
-            fs.readdirSync(process.cwd()).forEach(item => {
-                const stats = fs.statSync(path.join(process.cwd(), item));
-                console.log(`   ${stats.isDirectory() ? '📁' : '📄'} ${item}`);
-            });
-            // Check if security directory exists
-            const securityDir = path.join(process.cwd(), 'security');
-            if (fs.existsSync(securityDir)) {
-                console.log('📁 Security directory contents:');
-                fs.readdirSync(securityDir).forEach(item => {
-                    console.log(`   📄 ${item}`);
-                });
+        const tlsCAFile = appDefinition.database.documentDB.tlsCAFile;
+        // Basic safety: reject obviously dangerous paths
+        if (tlsCAFile.includes('..') || path.isAbsolute(tlsCAFile)) {
+            console.warn(
+                '⚠️  Rejecting potentially unsafe tlsCAFile path:',
+                tlsCAFile
+            );
+        } else {
+            const tlsCAFilePath = path.resolve(process.cwd(), tlsCAFile);
+            console.log('📄 DocumentDB TLS CA file configured:');
+            console.log('   📎 Original path:', tlsCAFile);
+            console.log('   📎 Resolved path:', tlsCAFilePath);
+            console.log('   📄 File exists:', fs.existsSync(tlsCAFilePath));
+            // Only set tlsCAFile if the file actually exists
+            if (fs.existsSync(tlsCAFilePath)) {
+                mongoConfig.tlsCAFile = tlsCAFilePath;
+                console.log('✅ TLS CA file configured successfully');
             } else {
-                console.log('❌ Security directory does not exist at:', securityDir);
+                console.error(
+                    '❌ TLS CA file not found, continuing without certificate'
+                );
+            }
+            // Debug directory listing (only in development)
+            if (process.env.NODE_ENV !== 'production') {
+                try {
+                    console.log('📁 Current directory contents:');
+                    fs.readdirSync(process.cwd()).forEach((item) => {
+                        const stats = fs.statSync(
+                            path.join(process.cwd(), item)
+                        );
+                        console.log(
+                            `   ${stats.isDirectory() ? '📁' : '📄'} ${item}`
+                        );
+                    });
+                    const securityDir = path.join(process.cwd(), 'security');
+                    if (fs.existsSync(securityDir)) {
+                        console.log('📁 Security directory contents:');
+                        fs.readdirSync(securityDir).forEach((item) => {
+                            console.log(`   📄 ${item}`);
+                        });
+                    } else {
+                        console.log(
+                            '❌ Security directory does not exist at:',
+                            securityDir
+                        );
+                    }
+                } catch (error) {
+                    console.log(
+                        '❌ Error listing directory contents:',
+                        error.message
+                    );
+                }
             }
-        } catch (error) {
-            console.log('❌ Error listing directory contents:', error.message);
         }
     }
 } else {
-    console.log('📄 DocumentDB not enabled, using standard MongoDB configuration');
+    console.log(
+        '📄 DocumentDB not enabled, using standard MongoDB configuration'
+    );
 }
 const checkIsConnected = () => mongoose.connection?.readyState > 0;
@@ -94,10 +134,10 @@ const connectToDatabase = async () => {
     console.log('🔗 Connecting to database...');
     console.log('🔗 MongoDB URI:', process.env.MONGO_URI ? 'SET' : 'NOT SET');
     console.log('🔧 Final mongoConfig:', JSON.stringify(mongoConfig, null, 2));
     debug('=> using new database connection');
     await mongoose.connect(process.env.MONGO_URI, mongoConfig);
-    debug('Connection state:',  mongoose.STATES[mongoose.connection.readyState]);
+    debug('Connection state:', mongoose.STATES[mongoose.connection.readyState]);
     mongoose.connection.on('error', (error) => flushDebugLog(error));
 };

package/package.json CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "name": "@friggframework/core",
   "prettier": "@friggframework/prettier-config",
-  "version": "2.0.0--canary.419.e387a34.0",
+  "version": "2.0.0--canary.419.e82b061.0",
   "dependencies": {
     "@hapi/boom": "^10.0.1",
     "aws-sdk": "^2.1200.0",
@@ -22,9 +22,9 @@
     "uuid": "^9.0.1"
   },
   "devDependencies": {
-    "@friggframework/eslint-config": "2.0.0--canary.419.e387a34.0",
-    "@friggframework/prettier-config": "2.0.0--canary.419.e387a34.0",
-    "@friggframework/test": "2.0.0--canary.419.e387a34.0",
+    "@friggframework/eslint-config": "2.0.0--canary.419.e82b061.0",
+    "@friggframework/prettier-config": "2.0.0--canary.419.e82b061.0",
+    "@friggframework/test": "2.0.0--canary.419.e82b061.0",
     "@types/lodash": "4.17.15",
     "@typescript-eslint/eslint-plugin": "^8.0.0",
     "chai": "^4.3.6",
@@ -56,5 +56,5 @@
   "publishConfig": {
     "access": "public"
   },
-  "gitHead": "e387a348fdc21f44aacf0ead206444dfd07dec90"
+  "gitHead": "e82b061425a3503af2280f0704c34934f3237c35"
 }