@striae-org/striae 3.2.0 → 3.2.2

package/README.md

@@ -1,6 +1,6 @@
 # @striae-org/striae
 
-Striae is a cloud-native forensic annotation application for firearms identification, built with Remix and Cloudflare Workers.
+Striae is a cloud-native forensic annotation application for firearms identification, built with React Router and Cloudflare Workers.
 
 This npm package publishes the Striae application source and deployment scaffolding for teams that run their own Striae environment.
 
@@ -40,7 +40,7 @@ npm i @striae-org/striae
 cp -R node_modules/@striae-org/striae/. .
 ```
 
-3) Reinstall using Striae's own package.json (includes dev deps like wrangler/remix)
+3) Reinstall using Striae's own package.json (includes dev deps like wrangler/react-router)
 
 ```bash
 rm -rf node_modules package-lock.json
@@ -62,41 +62,12 @@ cp -f app/config-example/admin-service.json app/config/admin-service.json
 npx wrangler login
 ```
 
-6) Run guided config + full deployment
+7) Run guided config + full deployment
 
 ```bash
 npm run deploy:all
 ```
 
-## Publish To npmjs And GitHub Packages
-
-1) Verify auth for both registries
-
-```bash
-npm whoami --registry=https://registry.npmjs.org/
-npm whoami --registry=https://npm.pkg.github.com/
-```
-
-2) Publish current version to npmjs (public)
-
-```bash
-npm run publish:npm
-```
-
-3) Publish the same version to GitHub Packages
-
-```bash
-npm run publish:github
-```
-
-4) Optional dry-runs before a real release
-
-```bash
-npm run publish:npm:dry-run
-npm run publish:github:dry-run
-npm run publish:all:dry-run
-```
-
 ## NPM Package Content Policy
 
 This package intentionally includes only non-sensitive defaults and runtime source needed for setup.

package/app/components/actions/case-export/core-export.ts

@@ -1,5 +1,5 @@
-import { User } from 'firebase/auth';
-import { AnnotationData, CaseExportData, AllCasesExportData, ExportOptions } from '~/types';
+import type { User } from 'firebase/auth';
+import { type AnnotationData, type CaseExportData, type AllCasesExportData, type ExportOptions } from '~/types';
 import { fetchFiles } from '../image-manage';
 import { getNotes } from '../notes-manage';
 import { checkExistingCase, validateCaseNumber, listCases } from '../case-manage';

package/app/components/actions/case-export/data-processing.ts

@@ -1,13 +1,68 @@
-import { CaseExportData } from '~/types';
+import { type CaseExportData } from '~/types';
 import { calculateSHA256Secure } from '~/utils/SHA256';
 import { CSV_HEADERS } from './types-constants';
 import { addForensicDataWarning } from './metadata-helpers';
 
+export type TabularCell = string | number | boolean | null;
+
+const MAX_SPREADSHEET_CELL_LENGTH = 32767;
+const DANGEROUS_FORMULA_PREFIX_PATTERN = /^\s*[=+\-@]/;
+
+function stripUnsafeControlChars(input: string): string {
+  let output = '';
+
+  for (let index = 0; index < input.length; index += 1) {
+    const code = input.charCodeAt(index);
+    const isControlChar = code <= 0x1f || code === 0x7f;
+    const isAllowedWhitespace = code === 0x09 || code === 0x0a || code === 0x0d;
+
+    if (!isControlChar || isAllowedWhitespace) {
+      output += input[index];
+    }
+  }
+
+  return output;
+}
+
+/**
+ * Sanitize cell values before CSV/XLSX export.
+ * - Strips non-printable control characters (except tab/newline/carriage return)
+ * - Prevents formula injection when files are opened in spreadsheet tools
+ * - Caps content length to Excel's per-cell limit
+ */
+export function sanitizeTabularCell(value: unknown): TabularCell {
+  if (value === null || value === undefined) {
+    return '';
+  }
+
+  if (typeof value === 'number' || typeof value === 'boolean') {
+    return value;
+  }
+
+  let normalized = stripUnsafeControlChars(String(value));
+
+  if (normalized.length > MAX_SPREADSHEET_CELL_LENGTH) {
+    normalized = normalized.slice(0, MAX_SPREADSHEET_CELL_LENGTH);
+  }
+
+  if (DANGEROUS_FORMULA_PREFIX_PATTERN.test(normalized)) {
+    return `'${normalized}`;
+  }
+
+  return normalized;
+}
+
+export function sanitizeTabularMatrix(
+  rows: Array<Array<string | number | boolean | null | undefined>>
+): TabularCell[][] {
+  return rows.map((row) => row.map((cell) => sanitizeTabularCell(cell)));
+}
+
 /**
  * Generate metadata rows for tabular format
  */
-export function generateMetadataRows(exportData: CaseExportData): string[][] {
-  return [
+export function generateMetadataRows(exportData: CaseExportData): TabularCell[][] {
+  return sanitizeTabularMatrix([
     ['Case Export Report'],
     [''],
     ['Case Number', exportData.metadata.caseNumber],
@@ -31,13 +86,13 @@ export function generateMetadataRows(exportData: CaseExportData): string[][] {
     ['Latest Annotation Date', exportData.summary?.latestAnnotationDate || 'N/A'],
     [''],
     ['File Details']
-  ];
+  ]);
 }
 
 /**
  * Process file data for tabular format (CSV/Excel)
  */
-export function processFileDataForTabular(fileEntry: CaseExportData['files'][0]): string[][] {
+export function processFileDataForTabular(fileEntry: CaseExportData['files'][0]): TabularCell[][] {
   // Full file data for the first row (excluding Additional Notes and Last Updated)
   const fullFileData = [
     fileEntry.fileData.id,
@@ -83,7 +138,7 @@ export function processFileDataForTabular(fileEntry: CaseExportData['files'][0])
   const emptyFileData = Array(fileDataColumnCount).fill('');
   const emptyAdditionalData = Array(additionalDataColumnCount).fill('');
 
-  const rows: string[][] = [];
+  const rows: Array<Array<string | number | boolean | null | undefined>> = [];
 
   // If there are box annotations, create a row for each one
   if (fileEntry.annotations?.boxAnnotations && fileEntry.annotations.boxAnnotations.length > 0) {
@@ -120,7 +175,7 @@ export function processFileDataForTabular(fileEntry: CaseExportData['files'][0])
     ]);
   }
 
-  return rows;
+  return sanitizeTabularMatrix(rows);
 }
 
 /**
@@ -131,16 +186,16 @@ export async function generateCSVContent(exportData: CaseExportData, protectFore
   const metadataRows = generateMetadataRows(exportData);
 
   // File data rows
-  const fileRows: string[][] = [];
+  const fileRows: TabularCell[][] = [];
   exportData.files.forEach(fileEntry => {
     const processedRows = processFileDataForTabular(fileEntry);
     fileRows.push(...processedRows);
   });
 
   // Combine data rows for hash calculation (excluding header comments)
-  const dataRows = [
+  const dataRows: TabularCell[][] = [
     ...metadataRows,
-    CSV_HEADERS,
+    ...sanitizeTabularMatrix([CSV_HEADERS]),
     ...fileRows
   ];
 

package/app/components/actions/case-export/download-handlers.ts

@@ -1,13 +1,100 @@
-import { User } from 'firebase/auth';
-import { FileData, AllCasesExportData, CaseExportData, ExportOptions } from '~/types';
+import type { User } from 'firebase/auth';
+import type * as ExcelJSModule from 'exceljs';
+import { type FileData, type AllCasesExportData, type CaseExportData, type ExportOptions } from '~/types';
 import { getImageUrl } from '../image-manage';
 import { generateForensicManifestSecure, calculateSHA256Secure } from '~/utils/SHA256';
 import { signForensicManifest } from '~/utils/data-operations';
-import { ExportFormat, formatDateForFilename, CSV_HEADERS } from './types-constants';
+import { type ExportFormat, formatDateForFilename, CSV_HEADERS } from './types-constants';
 import { protectExcelWorksheet, addForensicDataWarning } from './metadata-helpers';
-import { generateMetadataRows, generateCSVContent, processFileDataForTabular } from './data-processing';
+import { generateMetadataRows, generateCSVContent, processFileDataForTabular, sanitizeTabularMatrix } from './data-processing';
 import { exportCaseData } from './core-export';
-import { auditService } from '~/services/audit.service';
+import { auditService } from '~/services/audit';
+
+type TabularRow = Array<string | number | boolean | null | undefined>;
+type ExcelJsBrowserBundle = typeof ExcelJSModule;
+
+const EXCELJS_BROWSER_BUNDLE_SRC = '/vendor/exceljs.bare.min.js';
+let excelJsBundlePromise: Promise<ExcelJsBrowserBundle> | null = null;
+
+async function loadExcelJsBrowserBundle(): Promise<ExcelJsBrowserBundle> {
+  if (typeof window === 'undefined') {
+    throw new Error('Excel export is only available in a browser context.');
+  }
+
+  if (window.ExcelJS?.Workbook) {
+    return window.ExcelJS;
+  }
+
+  if (!excelJsBundlePromise) {
+    excelJsBundlePromise = new Promise((resolve, reject) => {
+      const resolveFromWindow = () => {
+        if (window.ExcelJS?.Workbook) {
+          resolve(window.ExcelJS);
+          return;
+        }
+
+        excelJsBundlePromise = null;
+        reject(new Error('ExcelJS bundle loaded but Workbook API is unavailable.'));
+      };
+
+      const failLoad = () => {
+        excelJsBundlePromise = null;
+        reject(new Error('Failed to load ExcelJS browser bundle.'));
+      };
+
+      const existingScript = document.querySelector<HTMLScriptElement>('script[data-exceljs-bundle="true"]');
+
+      if (existingScript) {
+        if (existingScript.dataset.loaded === 'true') {
+          resolveFromWindow();
+          return;
+        }
+
+        existingScript.addEventListener('load', resolveFromWindow, { once: true });
+        existingScript.addEventListener('error', failLoad, { once: true });
+        return;
+      }
+
+      const script = document.createElement('script');
+      script.src = EXCELJS_BROWSER_BUNDLE_SRC;
+      script.async = true;
+      script.dataset.exceljsBundle = 'true';
+      script.addEventListener(
+        'load',
+        () => {
+          script.dataset.loaded = 'true';
+          resolveFromWindow();
+        },
+        { once: true }
+      );
+      script.addEventListener('error', failLoad, { once: true });
+      document.head.appendChild(script);
+    });
+  }
+
+  return excelJsBundlePromise;
+}
+
+function sanitizeWorksheetName(name: string): string {
+  const cleaned = name.replace(/[\\/?*:\x5B\x5D]/g, '_').trim();
+  const normalized = cleaned.length > 0 ? cleaned : 'Sheet';
+  return normalized.substring(0, 31);
+}
+
+function createUniqueWorksheetName(existingNames: Set<string>, desiredName: string): string {
+  const baseName = sanitizeWorksheetName(desiredName);
+  let candidate = baseName;
+  let suffix = 1;
+
+  while (existingNames.has(candidate)) {
+    const suffixText = `_${suffix}`;
+    candidate = `${baseName.substring(0, 31 - suffixText.length)}${suffixText}`;
+    suffix += 1;
+  }
+
+  existingNames.add(candidate);
+  return candidate;
+}
 
 /**
  * Generate export filename with embedded ID to prevent collisions
@@ -122,10 +209,22 @@ export async function downloadAllCasesAsCSV(user: User, exportData: AllCasesExpo
     // Start audit workflow
     auditService.startWorkflow('all-cases');
     
-    // Dynamic import of XLSX to avoid bundle size issues
-    const XLSX = await import('xlsx');
+    const ExcelJS = await loadExcelJsBrowserBundle();
     
-    const workbook = XLSX.utils.book_new();
+    const workbook = new ExcelJS.Workbook();
+    workbook.creator = exportData.metadata.exportedBy || 'Striae';
+    workbook.lastModifiedBy = exportData.metadata.exportedBy || 'Striae';
+    workbook.created = new Date();
+    workbook.modified = new Date();
+
+    const existingWorksheetNames = new Set<string>();
+
+    const appendRowsToWorksheet = (worksheet: { addRow: (row: TabularRow) => unknown }, rows: TabularRow[]) => {
+      rows.forEach((row) => {
+        worksheet.addRow(row);
+      });
+    };
+
     let exportPassword: string | undefined;
 
     // Create summary worksheet
@@ -146,7 +245,7 @@ export async function downloadAllCasesAsCSV(user: User, exportData: AllCasesExpo
     ];
     
     // XLSX files are inherently protected, no hash validation needed
-    const summaryData = [
+    const summaryData = sanitizeTabularMatrix([
       protectForensicData ? ['CASE DATA - PROTECTED EXPORT'] : ['Striae - All Cases Export Summary'],
       protectForensicData ? ['WARNING: This workbook contains evidence data and is protected from editing.'] : [''],
       [''],
@@ -195,36 +294,37 @@ export async function downloadAllCasesAsCSV(user: User, exportData: AllCasesExpo
         caseData.summary?.latestAnnotationDate || '',
         caseData.summary?.exportError || ''
       ])
-    ];
+    ]);
 
-    const summaryWorksheet = XLSX.utils.aoa_to_sheet(summaryData);
+    const summaryWorksheetName = createUniqueWorksheetName(existingWorksheetNames, 'Summary');
+    const summaryWorksheet = workbook.addWorksheet(summaryWorksheetName);
+    appendRowsToWorksheet(summaryWorksheet, summaryData);
     
     // Protect summary worksheet if forensic protection is enabled
     if (protectForensicData) {
-      exportPassword = protectExcelWorksheet(summaryWorksheet);
+      exportPassword = await protectExcelWorksheet(summaryWorksheet);
     }
-    
-    XLSX.utils.book_append_sheet(workbook, summaryWorksheet, 'Summary');
 
     // Create a worksheet for each case
-    exportData.cases.forEach((caseData) => {
+    for (const caseData of exportData.cases) {
       if (caseData.summary?.exportError) {
         // For failed cases, create a simple error sheet
-        const errorData = [
+        const errorData = sanitizeTabularMatrix([
           [`Case ${caseData.metadata.caseNumber} - Export Failed`],
           [''],
           ['Error:', caseData.summary.exportError],
           ['Case Number:', caseData.metadata.caseNumber],
           ['Total Files:', caseData.metadata.totalFiles]
-        ];
-        const errorWorksheet = XLSX.utils.aoa_to_sheet(errorData);
+        ]);
+        const errorSheetName = createUniqueWorksheetName(existingWorksheetNames, `Case_${caseData.metadata.caseNumber}_Error`);
+        const errorWorksheet = workbook.addWorksheet(errorSheetName);
+        appendRowsToWorksheet(errorWorksheet, errorData);
         
         if (protectForensicData && exportPassword) {
-          protectExcelWorksheet(errorWorksheet, exportPassword);
+          await protectExcelWorksheet(errorWorksheet, exportPassword);
         }
-        
-        XLSX.utils.book_append_sheet(workbook, errorWorksheet, `Case_${caseData.metadata.caseNumber}_Error`);
-        return;
+
+        continue;
       }
 
       // For successful cases, create detailed worksheets
@@ -257,36 +357,22 @@ export async function downloadAllCasesAsCSV(user: User, exportData: AllCasesExpo
         caseDetailsData.push(['No detailed file data available for this case']);
       }
 
-      const caseWorksheet = XLSX.utils.aoa_to_sheet(caseDetailsData);
+      const sanitizedCaseDetailsData = sanitizeTabularMatrix(caseDetailsData);
+
+      // Clean sheet name for Excel compatibility and uniqueness
+      const sheetName = createUniqueWorksheetName(existingWorksheetNames, `Case_${caseData.metadata.caseNumber}`);
+      const caseWorksheet = workbook.addWorksheet(sheetName);
+      appendRowsToWorksheet(caseWorksheet, sanitizedCaseDetailsData);
       
       // Protect worksheet if forensic protection is enabled
       if (protectForensicData && exportPassword) {
-        protectExcelWorksheet(caseWorksheet, exportPassword);
+        await protectExcelWorksheet(caseWorksheet, exportPassword);
       }
-      
-      // Clean sheet name for Excel compatibility
-      const sheetName = `Case_${caseData.metadata.caseNumber}`.replace(/[\\/?*\x5B\x5D]/g, '_').substring(0, 31);
-      XLSX.utils.book_append_sheet(workbook, caseWorksheet, sheetName);
-    });
 
-    // Set workbook protection if forensic protection is enabled
-    if (protectForensicData && exportPassword) {
-      workbook.Props = {
-        Title: 'Striae Case Export - Protected',
-        Subject: 'Case Data Export',
-        Author: exportData.metadata.exportedBy || 'Striae',
-        Comments: `This workbook contains protected case data. Modification may compromise evidence integrity. Worksheets are password protected.`,
-        Company: 'Striae'
-      };
     }
 
     // Generate Excel file
-    const excelBuffer = XLSX.write(workbook, { 
-      bookType: 'xlsx', 
-      type: 'array',
-      bookSST: true, // Shared string table for better compression
-      cellStyles: true
-    });
+    const excelBuffer = await workbook.xlsx.writeBuffer();
     
     // Create blob and download
     const blob = new Blob([excelBuffer], { type: 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet' });

package/app/components/actions/case-export/metadata-helpers.ts

@@ -1,4 +1,4 @@
-import { User } from 'firebase/auth';
+import type { User } from 'firebase/auth';
 import { getUserData } from '~/utils/permissions';
 
 /**
@@ -68,16 +68,38 @@ export function generateRandomPassword(): string {
   return password.split('').sort(() => Math.random() - 0.5).join('');
 }
 
+type WorksheetProtectionOptions = {
+  selectLockedCells: boolean;
+  selectUnlockedCells: boolean;
+  formatCells: boolean;
+  formatColumns: boolean;
+  formatRows: boolean;
+  insertColumns: boolean;
+  insertRows: boolean;
+  insertHyperlinks: boolean;
+  deleteColumns: boolean;
+  deleteRows: boolean;
+  sort: boolean;
+  autoFilter: boolean;
+  pivotTables: boolean;
+  objects: boolean;
+  scenarios: boolean;
+  spinCount: number;
+};
+
+type ProtectableWorksheet = {
+  protect: (password: string, options: Record<string, unknown>) => Promise<unknown> | unknown;
+};
+
 /**
  * Protect Excel worksheet from editing
  */
-export function protectExcelWorksheet(worksheet: Record<string, unknown>, sheetPassword?: string): string {
+export async function protectExcelWorksheet(worksheet: ProtectableWorksheet, sheetPassword?: string): Promise<string> {
   // Generate random password if none provided
   const password = sheetPassword || generateRandomPassword();
-  
-  // Set worksheet protection
-  worksheet['!protect'] = {
-    password: password,
+
+  const protectionOptions: WorksheetProtectionOptions = {
+    // Keep read-only defaults and prevent structural edits.
     selectLockedCells: true,
     selectUnlockedCells: true,
     formatCells: false,
@@ -92,15 +114,11 @@ export function protectExcelWorksheet(worksheet: Record<string, unknown>, sheetP
     autoFilter: false,
     pivotTables: false,
     objects: false,
-    scenarios: false
+    scenarios: false,
+    spinCount: 100000
   };
-  
-  // Lock all cells by default
-  if (!worksheet['!cols']) worksheet['!cols'] = [];
-  if (!worksheet['!rows']) worksheet['!rows'] = [];
-  
-  // Add protection metadata
-  worksheet['!margins'] = { left: 0.7, right: 0.7, top: 0.75, bottom: 0.75, header: 0.3, footer: 0.3 };
+
+  await Promise.resolve(worksheet.protect(password, protectionOptions as Record<string, unknown>));
   
   // Return the password for inclusion in metadata
   return password;

package/app/components/actions/case-import/annotation-import.ts

@@ -1,5 +1,5 @@
-import { User } from 'firebase/auth';
-import { CaseExportData } from '~/types';
+import type { User } from 'firebase/auth';
+import { type CaseExportData } from '~/types';
 import { saveNotes } from '../notes-manage';
 
 /**

package/app/components/actions/case-import/confirmation-import.ts

@@ -1,10 +1,10 @@
-import { User } from 'firebase/auth';
+import type { User } from 'firebase/auth';
 import paths from '~/config/config.json';
 import { getDataApiKey } from '~/utils/auth';
-import { ConfirmationImportResult, ConfirmationImportData } from '~/types';
+import { type ConfirmationImportResult, type ConfirmationImportData } from '~/types';
 import { checkExistingCase } from '../case-manage';
 import { validateExporterUid, validateConfirmationHash, validateConfirmationSignatureFile } from './validation';
-import { auditService } from '~/services/audit.service';
+import { auditService } from '~/services/audit';
 
 const DATA_WORKER_URL = paths.data_worker_url;
 

package/app/components/actions/case-import/image-operations.ts

@@ -1,6 +1,6 @@
 import paths from '~/config/config.json';
 import { getImageApiKey } from '~/utils/auth';
-import { FileData, ImageUploadResponse } from '~/types';
+import { type FileData, type ImageUploadResponse } from '~/types';
 
 const IMAGE_WORKER_URL = paths.image_worker_url;
 

package/app/components/actions/case-import/orchestrator.ts

@@ -1,9 +1,9 @@
-import { User } from 'firebase/auth';
-import { ImportOptions, ImportResult, ReadOnlyCaseMetadata, FileData } from '~/types';
+import type { User } from 'firebase/auth';
+import { type ImportOptions, type ImportResult, type ReadOnlyCaseMetadata, type FileData } from '~/types';
 import { checkExistingCase } from '../case-manage';
 import {
   extractForensicManifestData,
-  SignedForensicManifest,
+  type SignedForensicManifest,
   validateCaseIntegritySecure as validateForensicIntegrity,
   verifyForensicManifestSignature
 } from '~/utils/SHA256';
@@ -19,7 +19,7 @@ import {
 } from './storage-operations';
 import { uploadImageBlob } from './image-operations';
 import { importAnnotations } from './annotation-import';
-import { auditService } from '~/services/audit.service';
+import { auditService } from '~/services/audit';
 
 /**
  * Track the state of an import operation for cleanup purposes

package/app/components/actions/case-import/storage-operations.ts

@@ -1,4 +1,4 @@
-import { User } from 'firebase/auth';
+import type { User } from 'firebase/auth';
 import paths from '~/config/config.json';
 import { 
   getDataApiKey,
@@ -10,14 +10,14 @@ import {
   validateUserSession
 } from '~/utils/permissions';
 import { 
-  CaseExportData,   
-  ExtendedUserData,
-  FileData,
-  CaseData,
-  ReadOnlyCaseMetadata
+  type CaseExportData,   
+  type ExtendedUserData,
+  type FileData,
+  type CaseData,
+  type ReadOnlyCaseMetadata
 } from '~/types';
 import { deleteFile } from '../image-manage';
-import { SignedForensicManifest } from '~/utils/SHA256';
+import { type SignedForensicManifest } from '~/utils/SHA256';
 
 const USER_WORKER_URL = paths.user_worker_url;
 const DATA_WORKER_URL = paths.data_worker_url;

package/app/components/actions/case-import/validation.ts

@@ -1,8 +1,8 @@
-import { User } from 'firebase/auth';
+import type { User } from 'firebase/auth';
 import paths from '~/config/config.json';
 import { getUserApiKey } from '~/utils/auth';
-import { CaseExportData, ConfirmationImportData } from '~/types';
-import { calculateSHA256Secure, ManifestSignatureVerificationResult } from '~/utils/SHA256';
+import { type CaseExportData, type ConfirmationImportData } from '~/types';
+import { calculateSHA256Secure, type ManifestSignatureVerificationResult } from '~/utils/SHA256';
 import { verifyConfirmationSignature } from '~/utils/confirmation-signature';
 
 const USER_WORKER_URL = paths.user_worker_url;

package/app/components/actions/case-import/zip-processing.ts

@@ -1,9 +1,9 @@
-import { User } from 'firebase/auth';
-import { CaseExportData, CaseImportPreview } from '~/types';
+import type { User } from 'firebase/auth';
+import { type CaseExportData, type CaseImportPreview } from '~/types';
 import { validateCaseNumber } from '../case-manage';
 import {
   extractForensicManifestData,
-  SignedForensicManifest,
+  type SignedForensicManifest,
   validateCaseIntegritySecure as validateForensicIntegrity,
   verifyForensicManifestSignature
 } from '~/utils/SHA256';

package/app/components/actions/case-manage.ts

@@ -1,4 +1,4 @@
-import { User } from 'firebase/auth';
+import type { User } from 'firebase/auth';
 import { 
   canCreateCase, 
   getUserCases,
@@ -13,8 +13,8 @@ import {
   duplicateCaseData,
   deleteFileAnnotations
 } from '~/utils/data-operations';
-import { CaseData, ReadOnlyCaseData, FileData } from '~/types';
-import { auditService } from '~/services/audit.service';
+import { type CaseData, type ReadOnlyCaseData, type FileData } from '~/types';
+import { auditService } from '~/services/audit';
 import { getImageApiKey } from '~/utils/auth';
 import paths from '~/config/config.json';
 

package/app/components/actions/confirm-export.ts

@@ -1,9 +1,9 @@
-import { User } from 'firebase/auth';
+import type { User } from 'firebase/auth';
 import { calculateSHA256Secure } from '~/utils/SHA256';
 import { getUserData } from '~/utils/permissions';
 import { getCaseData, updateCaseData, signConfirmationData } from '~/utils/data-operations';
-import { ConfirmationData, CaseConfirmations, CaseDataWithConfirmations, ConfirmationImportData } from '~/types';
-import { auditService } from '~/services/audit.service';
+import { type ConfirmationData, type CaseConfirmations, type CaseDataWithConfirmations, type ConfirmationImportData } from '~/types';
+import { auditService } from '~/services/audit';
 
 /**
  * Store a confirmation for a specific image, linked to the original image ID

package/app/components/actions/generate-pdf.ts

@@ -1,8 +1,8 @@
 import paths from '~/config/config.json';
-import { AnnotationData } from '~/types/annotations';
-import { auditService } from '~/services/audit.service';
+import { type AnnotationData } from '~/types/annotations';
+import { auditService } from '~/services/audit';
 import { getPdfApiKey } from '~/utils/auth';
-import { User } from 'firebase/auth';
+import type { User } from 'firebase/auth';
 
 interface GeneratePDFParams {
   user: User;