Skip to content

Survey and targeting calculation enhancements, plus API docs, also added Oauth related headers to status json #200

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
13 commits merged into from
May 22, 2025
Merged

Survey and targeting calculation enhancements, plus API docs, also added Oauth related headers to status json #200

13 commits merged into from
May 22, 2025

Conversation

@MattG57
Copy link
Collaborator

@MattG57 MattG57 commented Apr 13, 2025

I updated all the issues that were related to this work.
I probably need to add an issue for the api docs and oauth status for traceability.

@github-actions
Copy link

github-actions bot commented Apr 13, 2025
edited
Loading

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

Scanned Files

None

github-advanced-security[bot]
github-advanced-security bot found potential problems Apr 13, 2025
View reviewed changes
backend/src/controllers/api-docs.controller.ts
}

res.status(200).json(openApiSpec);
} catch (error) {

Check failure

Code scanning / ESLint

Disallow unused variables Error

'error' is defined but never used.
backend/src/services/target-calculation-service.ts
@@ -0,0 +1,900 @@
import settingsService, { SettingsType } from './settings.service.js';

Check failure

Code scanning / ESLint

Disallow unused variables Error

'settingsService' is defined but never used.
backend/src/services/target-calculation-service.ts
}

// More specific typed interfaces for metrics data
interface MetricsData {

Check failure

Code scanning / ESLint

Disallow unused variables Error

'MetricsData' is defined but never used.
backend/src/services/target-calculation-service.ts
// Collection of logs to return with the response
calculationLogs: Array<{
name: string;
inputs: Record<string, any>;

Check failure

Code scanning / ESLint

Disallow the `any` type Error

Unexpected any. Specify a different type.
backend/src/services/target-calculation-service.ts
name: string;
inputs: Record<string, any>;
formula: string;
result: any;

Check failure

Code scanning / ESLint

Disallow the `any` type Error

Unexpected any. Specify a different type.
backend/src/services/target-calculation-service.ts
org: string | null,
enableLogging: boolean = false,
includeLogsInResponse: boolean = false
): Promise<{ targets: Targets; logs?: Array<any> }> {

Check failure

Code scanning / ESLint

Disallow the `any` type Error

Unexpected any. Specify a different type.
backend/src/services/target-calculation-service.ts
org: string | null,
enableLogging: boolean = false,
includeLogsInResponse: boolean = false
): Promise<{ targets: Targets; logs?: Array<any> }> {

Check failure

Code scanning / ESLint

Disallow the `any` type Error

Unexpected any. Specify a different type.
backend/src/services/target.service.ts
const existingTargets = await Targets.findOne();

if (!existingTargets) {
if (!existingTargets || true) {

Check failure

Code scanning / ESLint

Disallow constant expressions in conditions Error

Unexpected constant condition.
github-advanced-security[bot]
github-advanced-security bot found potential problems Apr 13, 2025
View reviewed changes
frontend/src/app/main/copilot/copilot-surveys/github.service.ts

constructor(private http: HttpClient) {}

getOrgMembers(): Observable<any[]> {

Check failure

Code scanning / ESLint

Disallow the `any` type Error

Unexpected any. Specify a different type.
frontend/src/app/main/copilot/copilot-surveys/github.service.ts
constructor(private http: HttpClient) {}

getOrgMembers(): Observable<any[]> {
return this.http.get<any[]>(`${this.apiUrl}/members`);

Check failure

Code scanning / ESLint

Disallow the `any` type Error

Unexpected any. Specify a different type.
...tend/src/app/main/copilot/copilot-surveys/new-copilot-survey/new-copilot-survey.component.ts
import { MembersService, Member } from '../../../../services/api/members.service';
import { InstallationsService } from '../../../../services/api/installations.service';
import { catchError, map, Observable, of } from 'rxjs';
import { BehaviorSubject, catchError, finalize, map, Observable, of, Subject, startWith, take } from 'rxjs';

Check failure

Code scanning / ESLint

Disallow unused variables Error

'startWith' is defined but never used.
...tend/src/app/main/copilot/copilot-surveys/new-copilot-survey/new-copilot-survey.component.ts
import { MembersService, Member } from '../../../../services/api/members.service';
import { InstallationsService } from '../../../../services/api/installations.service';
import { catchError, map, Observable, of } from 'rxjs';
import { BehaviorSubject, catchError, finalize, map, Observable, of, Subject, startWith, take } from 'rxjs';

Check failure

Code scanning / ESLint

Disallow unused variables Error

'take' is defined but never used.
...tend/src/app/main/copilot/copilot-surveys/new-copilot-survey/new-copilot-survey.component.ts
import { MatRadioModule } from '@angular/material/radio'; // Import MatRadioModule
import { MatCardModule } from '@angular/material/card'; // Import MatCardModule
import { MatSliderModule } from '@angular/material/slider'; // Import MatSliderModule
import { debounceTime, distinctUntilChanged, filter, switchMap, tap } from 'rxjs/operators';

Check failure

Code scanning / ESLint

Disallow unused variables Error

'filter' is defined but never used.
...tend/src/app/main/copilot/copilot-surveys/new-copilot-survey/new-copilot-survey.component.ts
import { MatRadioModule } from '@angular/material/radio'; // Import MatRadioModule
import { MatCardModule } from '@angular/material/card'; // Import MatCardModule
import { MatSliderModule } from '@angular/material/slider'; // Import MatSliderModule
import { debounceTime, distinctUntilChanged, filter, switchMap, tap } from 'rxjs/operators';

Check failure

Code scanning / ESLint

Disallow unused variables Error

'tap' is defined but never used.
...tend/src/app/main/copilot/copilot-surveys/new-copilot-survey/new-copilot-survey.component.ts

// Handle GitHub URL parsing
if (params['url'] && params['url'].includes('github.com')) {
const { org, repo, prNumber } = this.parseGitHubPRUrl(params['url']);

Check failure

Code scanning / ESLint

Disallow unused variables Error

'org' is assigned a value but never used.
frontend/src/app/services/api/members.service.ts
import { HttpClient } from '@angular/common/http';
import { Endpoints } from '@octokit/types';
import { catchError } from 'rxjs/operators';
import { catchError, map, Observable, tap } from 'rxjs';

Check failure

Code scanning / ESLint

Disallow unused variables Error

'map' is defined but never used.
frontend/src/app/services/api/members.service.ts

getMemberByLogin(login: string) {
return this.http.get<Endpoints["GET /users/{username}"]["response"]["data"]>(`${this.apiUrl}/${login}`);
getMemberByLogin(login: string, exact: boolean = true) {

Check failure

Code scanning / ESLint

Disallow explicit type declarations for variables or parameters initialized to a number, string, or boolean Error

Type boolean trivially inferred from a boolean literal, remove type annotation.
github-advanced-security[bot]
github-advanced-security bot found potential problems Apr 13, 2025
View reviewed changes
...tend/src/app/main/copilot/copilot-surveys/new-copilot-survey/new-copilot-survey.component.ts
}

// Handle GitHub URL parsing
if (params['url'] && params['url'].includes('github.com')) {

Check failure

Code scanning / CodeQL

Incomplete URL substring sanitization High

'
github.com
Loading
' can be anywhere in the URL, and arbitrary hosts may come before or after it.

Copilot Autofix

AI 10 months ago

To fix the problem, we need to parse the URL and check the host value explicitly. This ensures that the check handles arbitrary subdomain sequences correctly and prevents bypassing the security check by embedding "github.com" in unexpected locations within the URL.

The best way to fix the problem without changing existing functionality is to use the URL constructor to parse the URL and then check the host value against a whitelist of allowed hosts. This approach ensures that only valid GitHub URLs are accepted.

We need to modify the code in the ngOnInit method to parse the URL and check the host value. We will also need to import the URL class from the standard library.

Suggested changeset 1
frontend/src/app/main/copilot/copilot-surveys/new-copilot-survey/new-copilot-survey.component.ts

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/frontend/src/app/main/copilot/copilot-surveys/new-copilot-survey/new-copilot-survey.component.ts b/frontend/src/app/main/copilot/copilot-surveys/new-copilot-survey/new-copilot-survey.component.ts
--- a/frontend/src/app/main/copilot/copilot-surveys/new-copilot-survey/new-copilot-survey.component.ts
+++ b/frontend/src/app/main/copilot/copilot-surveys/new-copilot-survey/new-copilot-survey.component.ts
@@ -158,9 +158,17 @@
       // Handle GitHub URL parsing
-      if (params['url'] && params['url'].includes('github.com')) {
-        const { org, repo, prNumber } = this.parseGitHubPRUrl(params['url']);
-        if (!params['repo'] && repo) {
-          this.surveyForm.get('repo')?.setValue(repo);
-        }
-        if (!params['prno'] && prNumber) {
-          this.surveyForm.get('prNumber')?.setValue(prNumber);
+      if (params['url']) {
+        try {
+          const url = new URL(params['url']);
+          const allowedHosts = ['github.com', 'www.github.com'];
+          if (allowedHosts.includes(url.host)) {
+            const { org, repo, prNumber } = this.parseGitHubPRUrl(params['url']);
+            if (!params['repo'] && repo) {
+              this.surveyForm.get('repo')?.setValue(repo);
+            }
+            if (!params['prno'] && prNumber) {
+              this.surveyForm.get('prNumber')?.setValue(prNumber);
+            }
+          }
+        } catch (e) {
+          console.error('Invalid URL:', params['url']);
         }
EOF
@@ -158,9 +158,17 @@
// Handle GitHub URL parsing
if (params['url'] && params['url'].includes('github.com')) {
const { org, repo, prNumber } = this.parseGitHubPRUrl(params['url']);
if (!params['repo'] && repo) {
this.surveyForm.get('repo')?.setValue(repo);
}
if (!params['prno'] && prNumber) {
this.surveyForm.get('prNumber')?.setValue(prNumber);
if (params['url']) {
try {
const url = new URL(params['url']);
const allowedHosts = ['github.com', 'www.github.com'];
if (allowedHosts.includes(url.host)) {
const { org, repo, prNumber } = this.parseGitHubPRUrl(params['url']);
if (!params['repo'] && repo) {
this.surveyForm.get('repo')?.setValue(repo);
}
if (!params['prno'] && prNumber) {
this.surveyForm.get('prNumber')?.setValue(prNumber);
}
}
} catch (e) {
console.error('Invalid URL:', params['url']);
}
Copilot is powered by AI and may make mistakes. Always verify output.
github-advanced-security[bot]
github-advanced-security bot found potential problems Apr 13, 2025
View reviewed changes
backend/src/controllers/teams.controller.ts
try {
const { login } = req.params;
const member = teamsService.getMemberByLogin(login);
const exact = req.query.exact === 'true';

Check failure

Code scanning / ESLint

Disallow unused variables Error

'exact' is assigned a value but never used.
github-advanced-security[bot]
github-advanced-security bot found potential problems Apr 13, 2025
View reviewed changes
backend/src/services/target-calculation-service.ts
annualTimeSavingsAsDollars: Target;
productivityOrThroughputBoostPercent: Target;
};
[key: string]: any; // Add this index signature

Check failure

Code scanning / ESLint

Disallow the `any` type Error

Unexpected any. Specify a different type.
backend/src/services/target.service.ts
}

async initialize() {
calculateTargets(settings: SettingsType, adoptions: AdoptionType[]): Promise<{ targets: Targets; logs?: any[] }> {

Check failure

Code scanning / ESLint

Disallow unused variables Error

'settings' is defined but never used.
backend/src/services/target.service.ts
}

async initialize() {
calculateTargets(settings: SettingsType, adoptions: AdoptionType[]): Promise<{ targets: Targets; logs?: any[] }> {

Check failure

Code scanning / ESLint

Disallow unused variables Error

'adoptions' is defined but never used.
backend/src/services/target.service.ts
}

async initialize() {
calculateTargets(settings: SettingsType, adoptions: AdoptionType[]): Promise<{ targets: Targets; logs?: any[] }> {

Check failure

Code scanning / ESLint

Disallow the `any` type Error

Unexpected any. Specify a different type.
@austenstone austenstone closed this pull request by merging all changes into main in 61708ee May 22, 2025
@austenstone austenstone deleted the survey-and-targeting-enhancements branch May 22, 2025 14:43
@M1999-maestru
Copy link

M1999-maestru commented May 23, 2025

Hi, can someone help me with an nfcgate application to install on a Samsung android and keep my server active for money of course?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@MattG57 @M1999-maestru @austenstone