@gov-cy/govcy-express-services 1.0.0-alpha.15 → 1.0.0-alpha.16

package/README.md

@@ -3,6 +3,7 @@
 ![License](https://img.shields.io/github/license/gov-cy/govcy-express-services)
 [![Unit test](https://github.com/gov-cy/govcy-express-services/actions/workflows/unit-test.yml/badge.svg)](https://github.com/gov-cy/govcy-express-services/actions/workflows/unit-test.yml)
 [![tag-and-publish-on-version-change](https://github.com/gov-cy/govcy-express-services/actions/workflows/tag-and-publish-on-version-change.yml/badge.svg)](https://github.com/gov-cy/govcy-express-services/actions/workflows/tag-and-publish-on-version-change.yml)
+![coverage](coverage-badges.svg)
 
 > ⚠️ **Warning:**  
 > This package is **under active development** and is not a finished product. It is intended for testing, acceptance, integration, and browser testing purposes only. 
@@ -29,15 +30,15 @@ The APIs used for submission, temporary save and file uploads are not part of th
 - [✅ Best Practices](#-best-practices)
 - [📦 Full installation guide](#-full-installation-guide)
 - [🛠️ Usage](#%EF%B8%8F-usage)
-  - [🧩 Dynamic services rendering](#-dynamic-services-rendering)
+  - [🧩 Dynamic services](#-dynamic-services)
   - [🛡️ Site eligibility checks](#%EF%B8%8F-site-eligibility-checks)
   - [📤 Site submissions](#-site-submissions)
   - [✅ Input validations](#-input-validations)
-  - [✅ Conditional logic](#-conditional-logic)
+  - [🔀 Conditional logic](#-conditional-logic)
   - [💾 Temporary save feature](#-temporary-save-feature)
   - [🗃️ Files uploads feature](#%EF%B8%8F-files-uploads-feature)
 - [🛣️ Routes](#%EF%B8%8F-routes)
-- [👨‍💻 Enviromental variables](#-enviromental-variables)
+- [👨‍💻 Environment variables](#-environment-variables)
 - [🔒 Security note](#-security-note)
 - [❓ Troubleshooting / FAQ](#-troubleshooting--faq)
 - [🙏 Credits](#-credits)
@@ -141,7 +142,7 @@ The CY Login tokens are used to also connect with the various APIs through [cyCo
 
 The CY Login settings are configured in the `secrets/.env` file.
 
-### 🧩 Dynamic Services Rendering
+### 🧩 Dynamic Services
 Services are rendered dynamically using JSON templates stored in the `/data` folder. All the service configuration, pages, routes, and logic is stored in the JSON files. The service will load `data/:siteId.json` to get the form data when a user visits `/:siteId/:pageUrl`. Checkout the [express-service-shema.json](express-service-shema.json) and the example JSON structure of the **[test.json](data/test.json)** file for more details.
 
 Here is an example JSON config:
@@ -1266,7 +1267,7 @@ The data is collected from the form elements and the data layer and are sent via
       "id_number": "654654",
       "arc_number": "",
       "aka": "232323",
-      "evidenceAttachments":                // File attachments contains an object with `fileId` and `sha256`
+      "evidenceAttachment":                // File attachments contains an object with `fileId` and `sha256`
       {
         "fileId": "1234567891234567890",
         "sha256": "123456789012345678901234567890123456789012345678901234567890123456"
@@ -1744,7 +1745,7 @@ Example:
 ]
 ```
 
-### ✅ Conditional logic
+### 🔀 Conditional logic
 
 The project supports conditional logic on pages. Conditional logic is evaluated using a custom `govcyExpressions.mjs` module, which executes expressions in a safe and scoped context using `new Function`. Only safe data access through the `dataLayer` is allowed. The system uses expressions and session data from the service's [data layer](NOTES.md#data-layer) to decide if a page will be shown or not.
 
@@ -2487,7 +2488,7 @@ The project uses express.js to serve the following routes:
 #### API routes:
 - **`/apis/:siteId/:pageUrl/upload`**: Uploads a file. Used from the client side JS.
 
-### 👨‍💻 Enviromental variables
+### 👨‍💻 Environment variables
 The environment variables are defined in:
  - **Secret environment variables**: These are secret variables and MUSR NOT be saved in version control. The are saved locally in the `secrets/.env` file and they control the server configuration, authentication, integrations, and development behavior. These variables vary depending on the environment and are defined through the deployment prosses for `staging` and `production`.
  - **Non secret environment variables**:  These are non secret enviromentat variables and can be saved in version control. These are stored in the root folder of the project:

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@gov-cy/govcy-express-services",
-  "version": "1.0.0-alpha.15",
+  "version": "1.0.0-alpha.16",
   "description": "An Express-based system that dynamically renders services using @gov-cy/govcy-frontend-renderer and posts data to a submission API.",
   "author": "DMRID - DSF Team",
   "license": "MIT",
@@ -45,8 +45,9 @@
     "test:package": "mocha --recursive tests/package/**/*.test.mjs",
     "test:functional": "mocha --timeout 30000 --recursive tests/functional/**/*.test.mjs",
     "test:watch": "mocha --watch --timeout 60000 tests/**/*.test.mjs",
-    "coverage": "c8 --reporter=html --reporter=text --reporter=lcov  --reporter=cobertura npm test",
-    "coverage:report": "c8 report"
+    "coverage": "c8 --reporter=html --reporter=text --reporter=lcov --reporter=json-summary npm test",
+    "coverage:report": "c8 report",
+    "coverage:badge": "coverage-badges --output ./coverage-badges.svg"
   },
   "dependencies": {
     "@gov-cy/dsf-email-templates": "^2.1.0",
@@ -65,6 +66,7 @@
     "c8": "^10.1.3",
     "chai": "^5.2.0",
     "chai-http": "^5.1.1",
+    "coverage-badges-cli": "^2.2.0",
     "mocha": "^11.1.0",
     "mochawesome": "^7.1.3",
     "nodemon": "^3.0.2",

package/src/auth/cyLoginAuth.mjs

@@ -2,7 +2,7 @@ import * as client from 'openid-client';
 import { getEnvVariable } from '../utils/govcyEnvVariables.mjs';
 import { logger } from "../utils/govcyLogger.mjs";
 
-
+/* c8 ignore start */
 // OpenID Configuration
 const issuerUrl = getEnvVariable('CYLOGIN_ISSUER_URL');
 const clientId = getEnvVariable('CYLOGIN_CLIENT_ID');
@@ -131,3 +131,4 @@ export function getLogoutUrl(id_token_hint = '') {
 
 // Export config if needed elsewhere
 export { config };
+/* c8 ignore end */

package/src/middleware/cyLoginAuth.mjs

@@ -10,6 +10,7 @@ import { handleMiddlewareError } from "../utils/govcyUtils.mjs";
 import { errorResponse } from "../utils/govcyApiResponse.mjs"; 
 import { isApiRequest } from '../utils/govcyApiDetection.mjs';
 
+/* c8 ignore start */
 /**
  * Middleware to check if the user is authenticated. If not, redirect to the login page.
  * 
@@ -136,4 +137,5 @@ export function handleLogout() {
             res.redirect(logoutUrl);
         });
     };
-}
+}
+/* c8 ignore end */

package/src/middleware/govcyPDFRender.mjs

@@ -6,6 +6,7 @@ import { logger } from "../utils/govcyLogger.mjs";
  * Middleware function to render PDFs using the GovCy Frontend Renderer.
  * This function takes the processed page data and template, and generates the final PDF response.
  */
+/* c8 ignore start */
 export function govcyPDFRender() {
     return async (req, res) => {
         try {
@@ -29,4 +30,5 @@ export function govcyPDFRender() {
             res.status(500).send('Unable to generate PDF at this time.');
         }
     };
-}
+}
+/* c8 ignore end */

package/src/utils/govcyConstants.mjs

@@ -4,5 +4,5 @@
 export const ALLOWED_FORM_ELEMENTS = ["textInput", "textArea", "select", "radios", "checkboxes", "datePicker", "dateInput","fileInput","fileView"];
 export const ALLOWED_FILE_MIME_TYPES = ['application/pdf', 'image/jpeg', 'image/png'];
 export const ALLOWED_FILE_EXTENSIONS = ['pdf', 'jpg', 'jpeg', 'png'];
-export const ALLOWED_FILE_SIZE_MB = 5; // Maximum file size in MB
+export const ALLOWED_FILE_SIZE_MB = 4; // Maximum file size in MB
 export const ALLOWED_MULTER_FILE_SIZE_MB = 10; // Maximum file size in MB