Develop upgrades

[jagankumar-egov]

Choose the appropriate template for your PR:

Feature/Bugfix Request

JIRA ID

Module

Description

Summary by CodeRabbit

• New Features

  • Multi‑tenant support, tenant-aware startup, added HRMS, PGR, Sandbox and OpenPayment modules, new PDF export options, enhanced loaders and sandbox UI.

• Bug Fixes

  • Responsive/mobile layout adjustments, accessibility and theme color consistency, table/header and component styling tweaks, disabled-control behavior fixes.

• Documentation

  • Comprehensive v1.9.0 release notes, migration guides, many environment examples, extensive READMEs, changelogs and new PR templates.

• Chores

  • Branch-name enforcement hook added and CI/dev tooling updates (ignore rules, Docker/dev build refinements).

[coderabbitai]

Important

Review skipped

Review was skipped due to path filters

⛔ Files ignored due to path filters (2)

• micro-ui/web/core/inter-package.json is excluded by !**/*.json
• micro-ui/web/core/package.json is excluded by !**/*.json

CodeRabbit blocks several paths by default. You can override this behavior by explicitly including those paths in the path filters. For example, including **/dist/** will override the default block on the dist directory, by removing the pattern from both the lists.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

📝 Walkthrough

Walkthrough

Adds GitHub PR templates and a pre-push hook; introduces multi-root tenant handling and async app initialization; wires HRMS/PGR/OpenPayment modules and PGR reducer; expands libraries with tenant-config, MDMS v2, new hooks, utilities, and PDF helpers; large CSS/design-system additions and many example environment and Docker updates; numerous docs/changelogs added.

Changes

Cohort / File(s)	Summary
Repo Templates & Hook ​.github/PULL_REQUEST_TEMPLATE/bugfix_template.md, ​.github/PULL_REQUEST_TEMPLATE/feature_template.md, ​.github/PULL_REQUEST_TEMPLATE/release_template.md, ​.github/pull_request_template.md, ​.github/hooks/pre-push	Added PR templates and an executable pre-push hook enforcing branch-name pattern.
VCS Ignore ​.gitignore	Narrowed ignore from utilities/ to utilities/project-factory/.
Build / Tooling micro-ui/web/.babelrc, micro-ui/web/core/webpack.config.js, micro-ui/web/docker/Dockerfile, micro-ui/web/docker/devDockerfile, micro-ui/web/docker/masDockerfile	Reflowed Babel config, added optional-chaining plugin, updated webpack babel-loader config; replaced/rewrote Dockerfiles and build base images.
App Init & Modules micro-ui/web/core/App.js, micro-ui/web/micro-ui-internals/example/src/index.js	Made initDigitUI async; added multi-root context/globalPath logic; enabled HRMS/PGR/OpenPayment/Sandbox modules; added PGRReducers and init helpers; moduleReducers now exposes pgr.
Example envs & proxy micro-ui/web/micro-ui-internals/example/.env*, micro-ui/web/micro-ui-internals/example/src/setupProxy.js	Added/updated many example .env files with new proxy/asset/global URLs and context keys; expanded development proxy route list extensively.
Example UI & customizations micro-ui/web/micro-ui-internals/example/public/index.html, micro-ui/web/micro-ui-internals/example/src/UICustomizations.js	Updated favicon and added external CSS; added SearchDefaultConfig (duplicated insertion present) and route-aware preprocessing/validation customizations.
Removed / renamed example code micro-ui/web/micro-ui-internals/example/src/components/SelectName.js, micro-ui/web/micro-ui-internals/example/src/fsm.js, micro-ui/web/micro-ui-internals/example/src/pgr.js	Deleted SelectName component; removed getEmployeeApplicationCustomization from fsm; replaced pgrComponents with overrideComponents and removed some pgr customizations.
Docs & Changelogs micro-ui/web/micro-ui-internals/CHANGELOG.md, .../COMPLETE_MODULE_CHANGELOG_SUMMARY.md, .../GLOBAL_CONFIG_CHANGELOG.md, many packages/*/CHANGELOG.md, README.md files	Added extensive release notes, global-config docs, migration guides, and module/package READMEs and changelogs.
CSS / Design system micro-ui/web/micro-ui-internals/packages/css/src/**, micro-ui/web/micro-ui-internals/packages/css/tailwind.config.js, micro-ui/web/micro-ui-internals/packages/css/src/index.scss	Large stylesheet additions and edits (Carousel, sandbox, workbench, many components/pages), new classes and responsive rules, and theme color token changes (#F47738 → #c84c0e).
Libraries — Hooks & API surface micro-ui/web/micro-ui-internals/packages/libraries/src/hooks/*, .../src/hooks/index.js	Added useInitTenantConfig, useTenantManagementSearch; extended useStore/useInitStore with modulePrefix; enhanced custom API hooks (headers/method/options); mdmsv2 branch added.
Libraries — Services & atoms micro-ui/web/micro-ui-internals/packages/libraries/src/services/atoms/*, .../elements/*	Added mdms-v2 settings, MDMS_V2 and TenantConfigSearch URLs; added TenantConfigSearch service; Download gained PDFMAIN/PDFMAIN2; Request defaulted auth=true; CustomService.getResponse accepts auth/headers/method; localization and MDMS adjusted for multi-root.
Libraries — Store & Init flow micro-ui/web/micro-ui-internals/packages/libraries/src/services/molecules/Store/service.js, .../services/index.js, .../services/molecules/Ulb/index.js, .../hooks/store.js	Added getTenantConfig; made digitInitData/defaultData modulePrefix-aware; tenant-config-driven initialization for multi-root; re-exported useInitTenantConfig; updated tenant/state resolution.
Libraries — Utils & helpers micro-ui/web/micro-ui-internals/packages/libraries/src/utils/*	Added getFieldIdName, iconRender, multi-tenant helpers (getMultiRootTenant, transformURL, mdms helpers), re-exported utilities, and locale/pdf adjustments.
Package public API micro-ui/web/micro-ui-internals/packages/libraries/src/index.js	Exported Request from the libraries package.
Miscellaneous assorted files (formatting, newlines, small CSS tweaks)	Whitespace/formatting fixes, trailing newlines, minor CSS & config tweaks across many files.

Sequence Diagram(s)

sequenceDiagram
    participant Browser as Browser
    participant App as Digit App
    participant ULB as ULB Service
    participant Store as StoreService
    participant TenantCfg as TenantConfigService
    participant MDMS as MDMS Service

    Browser->>App: load
    App->>ULB: getStateId() (path-aware / multi-root)
    ULB-->>App: stateCode
    App->>Store: digitInitData(stateCode, enabledModules, modulePrefix)
    alt multi-root enabled
        Store->>TenantCfg: tenant(stateCode)
        TenantCfg-->>Store: tenantConfig
        Store->>MDMS: fetch MDMS (v2 preferred) & assets
    else single-root
        Store->>MDMS: fetch MDMS v1
    end
    MDMS-->>Store: mdmsData
    Store-->>App: initData
    App->>App: init HRMS, DSS, PGR, OpenPayment, Workbench...
    App-->>Browser: render UI

Loading

sequenceDiagram
    participant Dev as Developer
    participant Hook as pre-push Hook

    Dev->>Hook: git push
    Hook->>Hook: read current branch name
    alt matches ^(FEATURE|BUGFIX|RELEASE)\/(HCMPRE|DPG|SN)-[0-9]{1,5}$
        Hook-->>Dev: allow push (exit 0)
    else
        Hook-->>Dev: print naming usage and reject (exit 1)
    end

Loading

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~60 minutes

• Files/areas needing focused review:
  • store/service.js — tenant-config merge, digitInitData/defaultData modulePrefix impact.
  • CustomService.getResponse & Request.js — auth/header/method changes and default auth=true; verify callers.
  • Download.js — new PDFMAIN/PDFMAIN2 implementations and third-party libs (jsPDF, pdfMake).
  • example/src/index.js & core/App.js — async init, moduleReducers change (pgr), enabledModules updates.
  • example/src/UICustomizations.js — duplicated SearchDefaultConfig insertion (redefinition).
  • packages/css/** and tailwind.config.js — large token/color and style changes that may cause visual regressions.

Poem

🐰 I hopped through templates, hooks, and theme,
Tenants and reducers joined the team,
PDFs fluttered, styles grew wide,
Docs and envs tucked every side,
A carrot-coded leap — small rabbit pride.

Pre-merge checks and finishing touches

❌ Failed checks (2 warnings, 1 inconclusive)

Check name	Status	Explanation	Resolution
Description Check	⚠️ Warning	The PR description is entirely incomplete and consists only of the template structure with all required sections left blank. The JIRA ID, Module, and Description fields contain only HTML comments with placeholder guidance but no actual content. According to the template requirements, all three sections should be filled with specific information: a task reference, the affected module(s), and a detailed explanation of the changes. Since no substantive information has been provided in any of these sections, the description fails to meet the baseline requirements for a pull request.
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	You can run @coderabbitai generate docstrings to improve docstring coverage.
Title Check	❓ Inconclusive	The PR title "Develop upgrades" is highly generic and vague, providing no meaningful insight into the actual changes being introduced. While the branch name suggests infrastructure or feature upgrades, the title fails to specify what was upgraded or the primary focus of the changeset. The raw summary shows this PR includes significant changes across templates, configuration files, Docker setup, CSS styling, multi-tenant architecture enhancements, and module enablement—yet the title conveys none of this specificity. A teammate scanning the commit history would not understand the scope or purpose of these changes from this title alone.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

To address the problem, you should add a permissions block to the workflow to explicitly limit the permissions of the GITHUB_TOKEN granted to the job(s). As per best practice and the workflow's requirements, minimally the job requires read access to repository contents to allow actions/checkout to function, but does not need write access. There are also API calls to fetch PR details, but those only require permission to read metadata (which is covered by contents: read in this case). To fix, add a top-level permissions: section—just below the workflow's name: field—setting contents: read. If additional permission is later required (e.g., to write to issues or PRs), those should be added specifically. Edit .github/workflows/branch-name-check.yml to add the following block:

permissions:
  contents: read

This change should be made as a new block after the name: line (after line 1, before on:). No new imports or dependencies are required.

The problem is that the workflow does not declare a permissions key, and so uses the repository's default (potentially overly privileged) token permissions. To fix this, add a permissions block at the root of the workflow, just after the name/run-name keys and before on:. As the minimal safe default, set permissions: contents: read. If specific jobs require more, these can be expanded, but for the jobs and steps shown, contents: read (read-only access to the repository) is sufficient.

The change is a single addition to the top-level YAML keys in .github/workflows/build.yaml. No additional imports, methods, or new definitions are needed.

---

To fix the problem, we should set an explicit permissions block for the relevant job or workflow. This ensures that the GITHUB_TOKEN only has the minimal permissions needed during run, reducing repository risk. Since the build-matrix job does not interact with the repository except possibly to read its contents (for actions/checkout), the least privilege starting point is contents: read. The permissions block may be added at the workflow root (affecting all jobs), or at the job level for build-matrix. To minimize surprise, add it only to build-matrix as CodeQL highlighted that job.
The edit is:

• Within the build-matrix job (underneath 134: name: Build application ${{ matrix.arch }}), add:

  permissions:
    contents: read

No new methods, imports, or definitions are needed.

To mitigate the risk, an explicit permissions block must be added. The best practice is to set permissions at the top (root) of the workflow so that it automatically applies to all jobs. This should specify only the minimum required permissions. For most build-and-push Docker workflows that do not interact with the GitHub API to write to the repository, read-only access to repository contents is typically sufficient: permissions: { contents: read }. If a job later needs an elevated permission (e.g., to create a release, update a PR, etc.), it can be specified in that job only.

Steps:

• Insert a permissions block at the root of the workflow (immediately after name: ... and run-name: ..., and before on:).
• Set to contents: read for the minimum safe starting permissions.
• No additional imports, methods, or variable definitions are needed.

---

To fix the problem, the string assigned to footerBWLogoURL should use escaped dots in the domain name, ensuring that if it is ever interpolated into a regular expression, it will only match the intended host. This means converting all . characters in the hostname portion of the URL to \. (e.g., unified-dev.digit.org should become unified-dev\.digit\.org). The path section (/egov-dev-assets/mseva-white-logo.png) does not require escaping unless the entire URL is used in a regex, but safest is to escape all literal dots.

You should modify only the assignment to footerBWLogoURL, leaving the rest of the code unchanged. No external imports or other changes are required.

---

To prevent the risk of an incomplete regular expression allowing unintended hostnames, escape the periods in the hostname part of the URL string—so that if this string is ever used to construct a regular expression, it won't inadvertently allow, e.g., unifiedXdevYdigitZorg as a match.
The best fix without altering any current functionality is to store the string value with an escaped (literal) hostname:

• The variable assignment for footerLogoURL should be updated so that the periods in the hostname (unified-dev.digit.org) are replaced with escaped periods (unified-dev\.digit\.org).
• Alter only the assignment of the value for footerLogoURL on line 17, leaving the rest of the code unchanged.
• No imports or new functions/definitions are required for this literal string fix.

---

To address this issue, the string digitHomeURL should be assigned an escaped version of the host name, so that if/when it is used for matching hostnames via regular expressions, it will not match unintended domains. Specifically, the dot (.) in 'www.digit.org' should be escaped to \. resulting in 'https://www.digit\.org/'. The appropriate change is to update line 18 in micro-ui/web/micro-ui-internals/sampleGlobalConfig.js to use the escaped dot.

---

[coderabbitai]

Actionable comments posted: 132

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (17)

micro-ui/web/micro-ui-internals/packages/css/src/components/uploadcomponents.scss (1)

46-74: Consolidate duplicate .upload-img-container svg selectors and clarify centering approach.

Lines 57–61 and 63–68 both target .upload-img-container svg with partially conflicting properties. The first rule applies flexbox alignment (justify-content: center; align-items: center;), while the second applies traditional margin-based centering and relative positioning. This duplication creates ambiguity about the intended behavior and may cause subtle rendering inconsistencies due to CSS cascade.

Additionally, the second rule's position: relative; top: calc(50% - 21px); may not interact predictably with the flex container and @apply flex; on the same element.

Recommendation: Consolidate these rules into a single coherent approach. If migrating to flexbox, remove the margin-based and positioning properties. If keeping the traditional approach, remove the flexbox alignment properties from the first rule.

Example consolidated rule (flexbox-based):

 .upload-img-container {
   border: 1px dashed theme(colors.border);
   margin: 0 !important;
   display: flex !important;
+  justify-content: center;
+  align-items: center;

   img {
     margin-left: auto;
     margin-right: auto;
     padding-top: calc(33% - 21px);
   }

-  svg {
-    @apply flex;
-    justify-content: center;
-    align-items: center;
-  }
-
-  svg {
-    margin-left: auto;
-    margin-right: auto;
-    top: calc(50% - 21px);
-    position: relative;
-  }
+  svg {
+    height: auto;
+    width: auto;
+  }

Also consider whether the !important flag on display: flex is necessary, as it may indicate unresolved specificity conflicts elsewhere in the stylesheet.

micro-ui/web/micro-ui-internals/packages/modules/common/README.md (1)

1-337: Fix markdown formatting violations for consistency with linting standards.

The README contains well-structured content but has multiple markdown formatting issues flagged by markdownlint-cli2. These are minor but should be corrected for consistency:

1. Headings not surrounded by blank lines (MD022): Lines 3, 14, 20, 26, 34, 47, 60, 194, 200, 206, 212, 244, 253, 263, 269, 275, 290, 296, 302, 308, 334 all need a blank line before the heading.
2. Ordered list numbering inconsistencies (MD029): Numbered lists at lines 48, 54, 61, 67 should restart at 1 within their subsections.
3. Code blocks not surrounded by blank lines (MD031): Lines 223 and 245.
4. Missing trailing newline (MD047): End of file.
5. Grammar/hyphenation (QB_NEW_EN_HYPHEN): Line 197 uses a dash instead of hyphen in "Accessibility": use hyphen between "WCAG" and "compliant" or adjust phrasing.

Apply this diff to fix the most critical formatting issues:

# @egovernments/digit-ui-module-common
 
+## Version: 1.9.0
-## Version: 1.9.0

For comprehensive fixes, consider these patterns:

Add blank lines before headings:

 content above
+
 ## Heading Name
 content below

Renumber ordered lists consistently:

-3. **Card-Based UI Support**: ...
-4. **Multi-Tenant Architecture**: ...
+1. **Card-Based UI Support**: ...
+2. **Multi-Tenant Architecture**: ...

Fix code block spacing:

 some text
+
 ```bash
 code here

more text

**Add trailing newline at end of file (after line 337).**

**Fix hyphenation at line 197:**
```diff
-**Accessibility**: WCAG compliant shared components
+**Accessibility**: WCAG-compliant shared components

micro-ui/web/micro-ui-internals/packages/css/src/pages/employee/login.scss (1)

1-356: Consider reducing !important density to improve CSS maintainability.

This file uses !important extensively (lines 10, 27, 33, 53, 73, 142, 152–154, 161–163, 169, 176, 181–182, 240, 269, 281, 285). While sometimes necessary to override third-party component styles, high frequency suggests potential CSS specificity issues. Consider:

• Using more specific selectors instead of !important.
• Reviewing if component styling can be adjusted at the source rather than with overrides.
• Documenting why !important is necessary for critical cases (e.g., fighting Bootstrap or external library resets).

Audit the use of !important in this file and refactor specificity chains where possible to reduce reliance on broad overrides. This improves debuggability and reduces cascading side effects.

micro-ui/web/micro-ui-internals/packages/css/src/digitv2/components/actionbarV2.scss (1)

3-66: Add explanatory comment documenting the intentional migration.

The .digit-action-bar-wrap styling has been intentionally disabled as part of PR #1347 (Later App integration), with the active styling migrated to .digit-action-bar-wrap-registry. No usage of the commented class exists in the codebase, so this is not a breaking change.

To improve maintainability, add a comment block before line 3 documenting the migration:

+ /* 
+  * .digit-action-bar-wrap styling disabled in favor of .digit-action-bar-wrap-registry.
+  * Migrated as part of PR #1347 (Later App and sidebar components integration).
+  * See: https://github.com/egovernments/DIGIT-UI/pull/1347
+  */
  /*.digit-action-bar-wrap {

micro-ui/web/micro-ui-internals/packages/css/src/digitv2/components/bannerV2.scss (1)

94-114: Consolidate duplicate banner styling between files.

Both bannercomponents.scss (lines 110–130) and bannerV2.scss (lines 94–114) define identical .banner and .bannerLogo classes. Consider extracting this shared styling to a common file to reduce duplication and maintenance burden, especially if future updates need to be applied to both versions.

micro-ui/web/micro-ui-internals/packages/libraries/src/hooks/pgr/useComplaintDetails.js (1)

3-11: Address the TODO: Move thumbnail fetching to service layer.

The TODO comment indicates this function should be moved to a service layer for better separation of concerns. This would improve maintainability and testability.

Would you like me to help refactor this into a proper service or open a tracking issue?

micro-ui/web/micro-ui-internals/packages/libraries/src/utils/pdf.js (3)

252-257: Centralize primary color; avoid hardcoded hex in multiple places

Replace repeated "#c84c0e" with a single token/constant to keep PDFs aligned with theme updates and avoid drift.

Example near top of file:

+const COLORS = {
+  primary: "#c84c0e",
+  banner: "#f7e0d4",
+  textMuted: "#6f777c",
+  textDark: "#1a1a1a",
+};

Then use color: COLORS.primary and fillColor: COLORS.primary at the changed call sites.

Also applies to: 522-526, 543-551, 590-596, 671-674, 690-694

---

260-271: Header row fill logic is off-by-one; last data row gets solid fill

if (rowIndex === (table?.tableRows?.length)) matches the last row in body, not the header (since body includes the header row at index 0). This paints the last row solid instead of the header.

Apply:

- if(rowIndex === (table?.tableRows?.length)) {
+ if (rowIndex === 0) { // header row
   return "#c84c0e"
 }
- return (rowIndex % 2 === 0) ? "#c84c0e" : null;
+ return (rowIndex % 2 === 1) ? "#c84c0e" : null; // zebra on data rows only

Also set header text color to ensure contrast (see next comment).

---

277-285: Ensure contrast on header cells over solid primary background

Header texts render in default black over solid "#c84c0e" (after fixing the header fill), which is likely insufficient for WCAG. Set header cell text to white.

 table?.headers?.map(header =>{
   return {
     text:t(header),
     style:"header",
     fontSize:11,
     bold:true,
+    color: "#FFFFFF",
     border: [false, false, false, false]
   }
 })

micro-ui/web/micro-ui-internals/packages/libraries/src/services/atoms/Download.js (2)

91-94: Duplicate CSS toggles and double revert; wrap in try/finally

changeClasses('dss-white-pre-line',"dss-white-pre-temp") is called twice (also by applyCss()), and revertCss() is invoked twice. Use a single apply + guaranteed revert.

- changeClasses('dss-white-pre-line',"dss-white-pre-temp");
-
- applyCss();
+ applyCss(); // single entry point

   const element = ReactDOM.findDOMNode(node.current);
-  ...
-      changeClasses("dss-white-pre-temp",'dss-white-pre-line');
-
-     revertCss();
-     var blobData = dataURItoBlob(dataUrl);
-       revertCss();
+  try {
+    ...
+    var blobData = dataURItoBlob(dataUrl);
+    return share
+      ? resolve(new File([blobData], `${fileName}.jpeg`, { type: "image/jpeg" }))
+      : saveAs(dataUrl, `${fileName}.jpeg`);
+  } finally {
+    revertCss();
+  }
-      return share
-      ? resolve(new File([blobData], `${fileName}.jpeg`, { type: "image/jpeg" }))
-      : saveAs(dataUrl, `${fileName}.jpeg`)

Also applies to: 116-121

---

63-83: Unify “PDF” vs “PDFMAIN” naming/behavior; handle mSewaApp for PDFs too; sanitize long file names

• Current PDF downloads JPEG; PDFMAIN downloads real PDF. This is confusing for consumers.
• Consider deprecating PDF or delegating PDF → PDFMAIN.
• For mobile WebView (mSewaApp), add similar logic to deliver base64 for PDFs.
• Truncate or sanitize filenames (Excel path truncates to 30 chars).

Happy to send a follow-up patch to consolidate and add a shared saveFile helper.

Also applies to: 169-171, 228-229

micro-ui/web/micro-ui-internals/packages/css/src/components/table.scss (1)

99-118: Fix incorrect sticky positioning for last column.

The .table-fixed-last-column class has a critical logic error. For a sticky last column, only right: 0 should be set, not left: 0. Having both left: 0 and right: 0 simultaneously will cause the element to stretch across the entire viewport width.

Lines 105 and 115 incorrectly include left: 0 for elements that should be positioned on the right side.

Apply this diff:

 .table-fixed-last-column {
   thead {
     th:last-child {
       position: sticky;
       background: #fff;
       right: 0;
-      left: 0;
       border-top-left-radius: 4px;
     }
   }
   tbody {
     td:last-child {
       position: sticky;
       background: #fff;
       color: theme(colors.primary.main);
-      left: 0;
       right: 0;
     }
   }
 }

micro-ui/web/micro-ui-internals/example/src/setupProxy.js (1)

22-98: Remove duplicate proxy route entries.

Several routes appear multiple times in the proxy configuration array:

• /user-otp (lines 25 and 35)
• /mdms-v2 (lines 27 and 88)
• /tenant-management (lines 24 and 96)

While this doesn't break functionality, it's redundant and can confuse maintenance.

Apply this diff to remove duplicates:

   [
     "/access/v1/actions/mdms",
     "/tenant-management",
-    "/user-otp",
     "/egov-mdms-service",
-    "/mdms-v2",
     "/egov-idgen",
     // ... keep other routes
     "/mdms-v2",
     "/facility/v1/_search",
     "/project/staff/v1/_create",
     "/product/v1/_create",
     "/boundary-service",
     "/project-factory",
     "/project-factory/v1/data/_autoGenerateBoundaryCode",
     "/billing-service/bill/v2/_fetchbill",
-    "/tenant-management",
     "/default-data-handler"
   ].forEach((location) => app.use(location, createProxy));

micro-ui/web/micro-ui-internals/packages/libraries/src/services/elements/MDMS.js (2)

1126-1132: Bug: wrong variable spread in getPTPropertyType.

Spreads UsageCategorylist which is undefined in this scope; should spread PTPropertyTypelist.

Apply this diff:

-  MdmsRes["PropertyTax"].UsageCategory.filter((PropertyType) => PropertyType.active).map((PTPropertyTypelist) => {
+  MdmsRes["PropertyTax"].UsageCategory.filter((PropertyType) => PropertyType.active).map((PTPropertyTypelist) => {
     return {
-      ...UsageCategorylist,
+      ...PTPropertyTypelist,
       i18nKey: `COMMON_PROPTYPE_${Digit.Utils.locale.stringReplaceAll(PTPropertyTypelist.code, ".", "_")}`,
     };
   });

---

1-1: Remove stray comment.

//HAVE TO CHANGE THI looks like a leftover.

micro-ui/web/micro-ui-internals/packages/css/src/pages/employee/index.scss (1)

734-737: Duplicate rule: connection-details-new-value-wrapper defined twice.

Remove the duplicate block to avoid maintenance drift.

- .connection-details-new-value-wrapper {
-   flex: 1 1 auto;
- }

micro-ui/web/micro-ui-internals/packages/libraries/src/utils/index.js (1)

503-511: Duplicate key in export default (downloadBill).

The earlier key is overwritten; remove the duplicate.

 export default {
   pdf: PDFUtil,
   createFunction,
   downloadReceipt,
-  downloadBill,
   downloadPDFFromLink,
   downloadBill,

♻️ Duplicate comments (4)

micro-ui/web/micro-ui-internals/example/.env-unifieddev (1)

3-4: Security risk: Hardcoded authentication tokens.

The hardcoded REACT_APP_EMPLOYEE_TOKEN and REACT_APP_CITIZEN_TOKEN values should not be committed to the repository. These tokens should be managed through secure secret management systems.

micro-ui/web/micro-ui-internals/example/.env-unifiedDev (2)

3-4: Security risk: Hardcoded authentication tokens.

The hardcoded REACT_APP_EMPLOYEE_TOKEN and REACT_APP_CITIZEN_TOKEN values should not be committed to the repository. These tokens should be managed through secure secret management systems.

---

7-15: Multiple configuration issues require attention.

This file has identical issues to .env-unifieddev:

1. Duplicate key (Line 13-14): SELCO_REACT_APP_PROXY_API is defined twice.
2. Inconsistent naming convention: Variables without REACT_APP_ prefix won't be accessible in React.
3. Critical: Filename collision - This file and .env-unifieddev differ only in casing ('Dev' vs 'dev'). On case-insensitive filesystems, one will overwrite the other, causing deployment/build failures.

Determine which filename convention should be used and remove the duplicate file.

micro-ui/web/micro-ui-internals/example/.env-workbench-mz-uat (1)

3-4: Security risk: Hardcoded authentication tokens.

The hardcoded REACT_APP_EMPLOYEE_TOKEN and REACT_APP_CITIZEN_TOKEN values should not be committed to the repository. These tokens should be managed through secure secret management systems.

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

CRITICAL: Remove hardcoded authentication tokens from version control.

These hardcoded tokens pose a severe security risk:

1. Exposed credentials: Authentication tokens are now visible in the repository history and can be exploited to gain unauthorized access
2. Compliance violation: Storing secrets in version control violates security best practices and may breach compliance requirements
3. Token reuse: These same tokens appear in multiple environment files, amplifying the risk

Immediate actions required:

1. Remove these tokens from the file and replace with empty values (like .env sandbox)
2. Revoke/rotate these tokens immediately in your authentication system
3. Add environment files with secrets to .gitignore
4. Use secrets management (e.g., environment variables, AWS Secrets Manager, HashiCorp Vault) for runtime token injection

Apply this diff to remove the hardcoded tokens:

-REACT_APP_EMPLOYEE_TOKEN=c835932f-2ad4-4d05-83d6-49e0b8c59f8a
-REACT_APP_CITIZEN_TOKEN=7cd58aae-30b3-41ed-a1b3-3417107a993c
+REACT_APP_EMPLOYEE_TOKEN=
+REACT_APP_CITIZEN_TOKEN=

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	REACT_APP_EMPLOYEE_TOKEN=c835932f-2ad4-4d05-83d6-49e0b8c59f8a
	REACT_APP_CITIZEN_TOKEN=7cd58aae-30b3-41ed-a1b3-3417107a993c
	REACT_APP_EMPLOYEE_TOKEN=
	REACT_APP_CITIZEN_TOKEN=

🧰 Tools

🪛 Gitleaks (8.28.0)

[high] 3-3: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

---

[high] 4-4: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Remove duplicate !important declarations in dt breakpoint.

Lines 55–56 duplicate the same override pattern from lines 18–19. Once the base cascade issue is resolved, consider removing the !important flags and consolidating the responsive styles.

After addressing the !important issue, the repeated declarations can likely be consolidated. If both breakpoints need the same styles, consider grouping them without !important:

  .links {
    @apply text-heading-s text-primary-main;

    a {
      @apply block pb-sm text-decoration-none;
-     color: theme(colors.primary.main) !important;
-     text-decoration: none !important;
    }
  }
  
  @screen dt {
    .CitizenHomeCard {
      .links {
        a {
          @apply pb-md;
          padding-left: 0.2em;
          margin-bottom: 16px;
          width: 100%;
          overflow: hidden;
          text-overflow: ellipsis;
          min-width: 0;
-         color: theme(colors.primary.main) !important;
-         text-decoration: none !important;
        }
      }
    }
  }

If inheritance already ensures correct coloring, the explicit color can be removed, and text-decoration: none can be expressed via @apply text-decoration-none or similar.

Committable suggestion skipped: line range outside the PR's diff.

🤖 Prompt for AI Agents

In
micro-ui/web/micro-ui-internals/packages/css/src/components/CitizenHomeCard.scss
around lines 55–56, remove the duplicate "!important" declarations that repeat
the same overrides already applied at lines 18–19; consolidate the responsive
and base rules so the same color and text-decoration rules are declared once
(preferably in the base scope) and drop the "!important" flags after fixing
cascade specificity; if both breakpoints require the same styles, merge them
into a single selector or shared class and prefer inheritance or a utility
(e.g., text-decoration-none or @apply) instead of forcing with "!important".

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Remove duplicate display: flex; declaration.

The display: flex; property is declared twice: once at lines 2–3 and again at line 7. Consolidate these into a single declaration block to reduce redundancy and improve maintainability.

 .bg-loader-with-gap-container {
     display: flex;
     justify-content: center;
     align-items: center;
+    flex-direction: column;
     height: 100%;
     width: 100%;
-    display: flex;
-    flex-direction: column;
     background-color: rgba(0, 0, 0, 0.7);
     position: fixed;
     top: 0;
     left: 0;
     z-index: 99999;

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	.bg-loader-with-gap-container {
	display: flex;
	justify-content: center;
	align-items: center;
	height: 100%;
	width: 100%;
	display: flex;
	flex-direction: column;
	background-color: rgba(0, 0, 0, 0.7);
	position: fixed;
	top: 0;
	left: 0;
	z-index: 99999;
	.bg-loader-with-gap-container {
	display: flex;
	justify-content: center;
	align-items: center;
	flex-direction: column;
	height: 100%;
	width: 100%;
	background-color: rgba(0, 0, 0, 0.7);
	position: fixed;
	top: 0;
	left: 0;
	z-index: 99999;

🤖 Prompt for AI Agents

In
micro-ui/web/micro-ui-internals/packages/css/src/components/loaderWithGap.scss
around lines 1 to 13, the .bg-loader-with-gap-container block contains a
duplicated "display: flex;" declaration; remove the redundant occurrence so only
a single "display: flex;" remains (keep it with other layout properties),
ensuring the styles remain the same and reducing redundancy for maintainability.

[coderabbitai]

🧹 Nitpick | 🔵 Trivial

Consider refactoring hardcoded colors to CSS variables.

Hardcoded color values (e.g., rgba(0, 0, 0, 0.7), rgb(255, 255, 255), whitesmoke) reduce flexibility and make theme updates difficult. Define these as CSS custom properties to align with the design system and improve maintainability.

Additionally, the z-index value of 99999 is exceptionally high and may indicate z-index management concerns. Review your z-index strategy to ensure it's sustainable and doesn't create conflicts elsewhere in the stylesheet hierarchy.

+:root {
+  --loader-overlay-bg: rgba(0, 0, 0, 0.7);
+  --loader-border-color: rgb(255, 255, 255);
+  --loader-text-color: whitesmoke;
+  --loader-z-index: 99999;
+}
+
 .bg-loader-with-gap-container {
     display: flex;
     justify-content: center;
     align-items: center;
     flex-direction: column;
     height: 100%;
     width: 100%;
-    background-color: rgba(0, 0, 0, 0.7);
+    background-color: var(--loader-overlay-bg);
     position: fixed;
     top: 0;
     left: 0;
-    z-index: 99999;
+    z-index: var(--loader-z-index);
 
     .bg-loader {
-        border: 0.5rem solid rgb(255, 255, 255);
-        border-top: 0.5rem solid rgba(80, 76, 76, 0);
+        border: 0.5rem solid var(--loader-border-color);
+        border-top: 0.5rem solid rgba(80, 76, 76, 0);
         border-radius: 50%;
         width: 3.125rem;
         height: 3.125rem;
         animation: spin 2s linear infinite;
     }
 
     .bg-loader-inner {
-        border: 1px solid rgb(255, 255, 255);
+        border: 1px solid var(--loader-border-color);
         border-radius: 50%;
         width: 100%;
         height: 100%;
     }
 
     .bg-loader-text {
-        color: whitesmoke;
+        color: var(--loader-text-color);
         padding-top: 1.25rem;
     }
 }

Committable suggestion skipped: line range outside the PR's diff.

🤖 Prompt for AI Agents

In
micro-ui/web/micro-ui-internals/packages/css/src/components/loaderWithGap.scss
around lines 1 to 35, replace hardcoded color literals and the magic z-index
with CSS custom properties and remove the duplicate display declaration:
introduce and use variables (e.g., --overlay-bg, --loader-border,
--loader-inner-border, --loader-text) with sensible defaults at a root or
component scope and reference them via var(...) in place of rgba(0,0,0,0.7),
rgb(255,255,255) and whitesmoke; ensure the component defines/uses fallback
values so themes can override them, and replace the fixed z-index: 99999 with a
variable (e.g., --loader-z-index) or a much lower, documented value to integrate
with your z-index management strategy.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Remove duplicate .custom-steps-list definition.

The class .custom-steps-list is defined identically at lines 1533–1537 and 1562–1566. Keep only one definition.

Remove the second occurrence (lines 1562–1566).

 .custom-steps-list {
   padding-left: 1.5rem;
   margin-bottom: 1.5rem;
   list-style-type: disc;
 }
 
-.custom-steps-list {
-  padding-left: 1.5rem;
-  margin-bottom: 1.5rem;
-  list-style-type: disc;
-}
-
 /* Styling for each step item */
 .custom-step-item {
   margin-bottom: 0.75rem;

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	.custom-steps-list {
	padding-left: 1.5rem;
	margin-bottom: 1.5rem;
	list-style-type: disc;
	}
	.custom-step-header {
	padding-top: 0.5rem;
	font-weight: bold;
	font-size: 1.2rem;
	color: #505A5F;
	;
	}
	/* Custom button container */
	.custom-continue-button-container {
	display: flex;
	justify-content: center;
	/* Align the button to the right */
	margin-top: 2rem;
	}
	/* Custom button styling */
	.custom-continue-button {
	align-self: flex-end;
	/* Ensure the button aligns to the right */
	}
	.custom-steps-list {
	padding-left: 1.5rem;
	margin-bottom: 1.5rem;
	list-style-type: disc;
	}
	.custom-steps-list {
	padding-left: 1.5rem;
	margin-bottom: 1.5rem;
	list-style-type: disc;
	}
	.custom-step-header {
	padding-top: 0.5rem;
	font-weight: bold;
	font-size: 1.2rem;
	color: #505A5F;
	;
	}
	/* Custom button container */
	.custom-continue-button-container {
	display: flex;
	justify-content: center;
	/* Align the button to the right */
	margin-top: 2rem;
	}
	/* Custom button styling */
	.custom-continue-button {
	align-self: flex-end;
	/* Ensure the button aligns to the right */
	}

🤖 Prompt for AI Agents

In micro-ui/web/micro-ui-internals/packages/css/src/pages/employee/sandbox.scss
around lines 1533–1566, there is a duplicate .custom-steps-list block defined at
1533–1537 and again at 1562–1566; remove the second occurrence (lines 1562–1566)
so only the first definition remains, ensuring no other selectors or comments
rely on the later duplicate.

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

Consolidate conflicting .step-item definitions.

The class .step-item is defined at lines 1632–1640 with specific font/color properties, then redefined at lines 1654–1656 with only max-width. The second definition effectively removes styling from the first. Merge these into one coherent rule.

Clarify whether .step-item should have the full styling from lines 1632–1640, and keep only that one definition.

 .step-item {
   margin-bottom: 0.5rem;
   font-family: Roboto;
   font-weight: 400;
   font-size: 18px;
   line-height: 28px;
   letter-spacing: 0px;
   color: #0b4b66;
+  max-width: 95%;
 }
 
 .middle-header {
   width: 40%;
   margin-top: 2.3rem;
   margin-left: 9rem;
 }
 
 .steps-list {
   max-width: 50%;
   color: #0B4B66;
 }
 
-
-.step-item {
-  max-width: 95%;
-}

---

🏁 Script executed:

#!/bin/bash
# Verify the SCSS file and examine the .step-item definitions
if [ -f "micro-ui/web/micro-ui-internals/packages/css/src/pages/employee/sandbox.scss" ]; then
  echo "=== File exists, showing lines 1620-1670 ==="
  sed -n '1620,1670p' "micro-ui/web/micro-ui-internals/packages/css/src/pages/employee/sandbox.scss"
  echo ""
  echo "=== Searching for all .step-item definitions in file ==="
  grep -n "\.step-item" "micro-ui/web/micro-ui-internals/packages/css/src/pages/employee/sandbox.scss"
else
  echo "File not found at expected path"
fi

Length of output: 993

---

🏁 Script executed:

#!/bin/bash
# Check context around other .step-item definitions to see if they're nested/scoped
echo "=== Context around line 937 (10 lines before and after) ==="
sed -n '927,947p' "micro-ui/web/micro-ui-internals/packages/css/src/pages/employee/sandbox.scss"
echo ""
echo "=== Context around line 1067 (10 lines before and after) ==="
sed -n '1057,1077p' "micro-ui/web/micro-ui-internals/packages/css/src/pages/employee/sandbox.scss"
echo ""
echo "=== Full context lines 1630-1665 to understand nesting ==="
sed -n '1630,1665p' "micro-ui/web/micro-ui-internals/packages/css/src/pages/employee/sandbox.scss" | cat -n

Length of output: 1617

---

Consolidate conflicting .step-item definitions.

The root-level class .step-item is defined at lines 1632–1640 with specific font and color properties, then redefined at lines 1654–1656 with only max-width. The second definition cascades over the first, effectively removing the typography and color styling. Merge these into a single definition.

 .step-item {
   margin-bottom: 0.5rem;
   font-family: Roboto;
   font-weight: 400;
   font-size: 18px;
   line-height: 28px;
   letter-spacing: 0px;
   color: #0b4b66;
+  max-width: 95%;
 }
 
 .middle-header {
   width: 40%;
   margin-top: 2.3rem;
   margin-left: 9rem;
 }
 
 .steps-list {
   max-width: 50%;
   color: #0B4B66;
 }
 
-
-.step-item {
-  max-width: 95%;
-}

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	.step-item {
	margin-bottom: 0.5rem;
	font-family: Roboto;
	font-weight: 400;
	font-size: 18px;
	line-height: 28px;
	letter-spacing: 0px;
	color: #0b4b66;
	}
	.middle-header {
	width: 40%;
	margin-top: 2.3rem;
	margin-left: 9rem;
	}
	.steps-list {
	max-width: 50%;
	color: #0B4B66;
	}
	.step-item {
	max-width: 95%;
	}
	.step-item {
	margin-bottom: 0.5rem;
	font-family: Roboto;
	font-weight: 400;
	font-size: 18px;
	line-height: 28px;
	letter-spacing: 0px;
	color: #0b4b66;
	max-width: 95%;
	}
	.middle-header {
	width: 40%;
	margin-top: 2.3rem;
	margin-left: 9rem;
	}
	.steps-list {
	max-width: 50%;
	color: #0B4B66;
	}

🤖 Prompt for AI Agents

In micro-ui/web/micro-ui-internals/packages/css/src/pages/employee/sandbox.scss
around lines 1632 to 1656, there are two conflicting .step-item blocks: the
first (lines 1632–1640) contains typography and color rules, and the later one
(lines 1654–1656) only sets max-width which overrides the earlier block;
consolidate them by merging the max-width into the original .step-item block
(remove the duplicate block) so the final single .step-item contains
margin-bottom, font-family, font-weight, font-size, line-height, letter-spacing,
color, and max-width.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Handle edge cases in URL parsing for tenant extraction.

The URL parsing logic on lines 60-66 has several edge cases that could cause incorrect tenant extraction:

1. Missing CONTEXT_PATH: If context is null, undefined, or not found in the pathname, indexOf returns -1, causing start to be calculated incorrectly.
2. Context not in pathname: When pathname.indexOf(context) returns -1, the subsequent substring operation will extract from the wrong position.
3. Malformed URL structure: If the URL doesn't follow the expected pattern, the tenant extraction may fail silently, returning an empty string.

Apply defensive checks to handle these edge cases:

  getStateId: () => {
    const isMultiRootTenant = window?.globalConfigs?.getConfig("MULTI_ROOT_TENANT") || false;
    const overrideRootTenant = window?.globalConfigs?.getConfig("OVERRIDE_ROOT_TENANT_WITH_LOGGEDIN_TENANT") || false;

    const pathname = window.location.pathname;
    const context = window?.globalConfigs?.getConfig("CONTEXT_PATH");
-   const start = pathname.indexOf(context) + context.length + 1;
+   const contextIndex = pathname.indexOf(context);
+   if (contextIndex === -1 || !context) {
+     // Context not found or not configured; skip URL-based tenant extraction
+     const currentTenant = ULBService.getCurrentTenantId();
+     if (overrideRootTenant && currentTenant) {
+       return currentTenant;
+     }
+     return window?.globalConfigs?.getConfig("STATE_LEVEL_TENANT_ID");
+   }
+   const start = contextIndex + context.length + 1;
    const employeeIndex = pathname.indexOf("employee");
    const citizenIndex = pathname.indexOf("citizen");
    const end = employeeIndex !== -1 ? employeeIndex : citizenIndex !== -1 ? citizenIndex : -1;
    const tenant = end > start ? pathname.substring(start, end).replace(/\/$/, "") : "";

    const currentTenant = ULBService.getCurrentTenantId();
    if (isMultiRootTenant && tenant) {
      return tenant;
    } else if (overrideRootTenant && currentTenant) {
      return currentTenant;
    } else {
      return window?.globalConfigs?.getConfig("STATE_LEVEL_TENANT_ID");
    }
  },

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	getStateId: () => {
	return window?.globalConfigs?.getConfig("STATE_LEVEL_TENANT_ID");
	const isMultiRootTenant = window?.globalConfigs?.getConfig("MULTI_ROOT_TENANT") || false;
	const overrideRootTenant = window?.globalConfigs?.getConfig("OVERRIDE_ROOT_TENANT_WITH_LOGGEDIN_TENANT") || false;
	const pathname = window.location.pathname;
	const context = window?.globalConfigs?.getConfig("CONTEXT_PATH");
	const start = pathname.indexOf(context) + context.length + 1;
	const employeeIndex = pathname.indexOf("employee");
	const citizenIndex = pathname.indexOf("citizen");
	const end = employeeIndex !== -1 ? employeeIndex : citizenIndex !== -1 ? citizenIndex : -1;
	const tenant = end > start ? pathname.substring(start, end).replace(/\/$/, "") : "";
	const currentTenant = ULBService.getCurrentTenantId();
	if (isMultiRootTenant && tenant) {
	return tenant;
	} else if (overrideRootTenant && currentTenant) {
	return currentTenant;
	} else {
	return window?.globalConfigs?.getConfig("STATE_LEVEL_TENANT_ID");
	}
	},
	getStateId: () => {
	const isMultiRootTenant = window?.globalConfigs?.getConfig("MULTI_ROOT_TENANT") || false;
	const overrideRootTenant = window?.globalConfigs?.getConfig("OVERRIDE_ROOT_TENANT_WITH_LOGGEDIN_TENANT") || false;
	const pathname = window.location.pathname;
	const context = window?.globalConfigs?.getConfig("CONTEXT_PATH");
	const contextIndex = pathname.indexOf(context);
	if (contextIndex === -1 || !context) {
	// Context not found or not configured; skip URL-based tenant extraction
	const currentTenant = ULBService.getCurrentTenantId();
	if (overrideRootTenant && currentTenant) {
	return currentTenant;
	}
	return window?.globalConfigs?.getConfig("STATE_LEVEL_TENANT_ID");
	}
	const start = contextIndex + context.length + 1;
	const employeeIndex = pathname.indexOf("employee");
	const citizenIndex = pathname.indexOf("citizen");
	const end = employeeIndex !== -1 ? employeeIndex : citizenIndex !== -1 ? citizenIndex : -1;
	const tenant = end > start ? pathname.substring(start, end).replace(/\/$/, "") : "";
	const currentTenant = ULBService.getCurrentTenantId();
	if (isMultiRootTenant && tenant) {
	return tenant;
	} else if (overrideRootTenant && currentTenant) {
	return currentTenant;
	} else {
	return window?.globalConfigs?.getConfig("STATE_LEVEL_TENANT_ID");
	}
	},

🤖 Prompt for AI Agents

In
micro-ui/web/micro-ui-internals/packages/libraries/src/services/molecules/Ulb/index.js
around lines 56 to 76, the tenant-extraction logic assumes CONTEXT_PATH exists
and is present in window.location.pathname which can yield invalid start/end
indices; update the code to defensively handle missing or not-found context by
first retrieving context and returning the STATE_LEVEL_TENANT_ID if context is
falsy or pathname.indexOf(context) === -1, compute start only when context is
found, determine end by searching for "employee" or "citizen" only after
validating their indices are > start, and as a fallback parse pathname segments
(split by "/") to safely extract the tenant segment or return an empty string /
STATE_LEVEL_TENANT_ID; ensure no negative indices are used in substring
operations and prefer clear fallbacks for malformed URLs.

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

Fix inconsistent return type in getCurrentUlb.

Line 90 has a critical type inconsistency: it returns either a tenant object (from find()) or a string (from getStateId()). This will break downstream code that expects a consistent object structure.

The fallback should return a tenant object, not just a tenant ID string:

  getCurrentUlb: () => {
    const initData = StoreService.getInitData();
    const tenantId = ULBService.getCurrentTenantId();
-   return initData?.tenants?.find((tenant) => tenant?.code === tenantId) || ULBService.getStateId();
+   const tenant = initData?.tenants?.find((tenant) => tenant?.code === tenantId);
+   if (tenant) {
+     return tenant;
+   }
+   // Fallback: construct a minimal tenant object with the state ID
+   const stateId = ULBService.getStateId();
+   return initData?.tenants?.find((tenant) => tenant?.code === stateId) || { code: stateId };
  },

[coderabbitai]

🧹 Nitpick | 🔵 Trivial

Clarify migration step wording and add concrete examples.

The "Migration Guide" (lines 222–241) is generic. Consider adding:

• Specific breaking changes between v1.8.x and v1.9.0
• Deprecated APIs or renamed exports
• Code diff examples showing how to update actual component/hook calls
• Troubleshooting tips for common migration errors

🧰 Tools

🪛 markdownlint-cli2 (0.18.1)

223-223: Fenced code blocks should be surrounded by blank lines

(MD031, blanks-around-fences)

---

227-227: Ordered list item prefix
Expected: 1; Actual: 2; Style: 1/2/3

(MD029, ol-prefix)

---

232-232: Ordered list item prefix
Expected: 2; Actual: 3; Style: 1/2/3

(MD029, ol-prefix)

---

237-237: Ordered list item prefix
Expected: 3; Actual: 4; Style: 1/2/3

(MD029, ol-prefix)

🤖 Prompt for AI Agents

In micro-ui/web/micro-ui-internals/packages/modules/common/README.md around
lines 222 to 241, the migration steps are too generic; update this section to
enumerate the concrete breaking changes from v1.8.x→v1.9.0 (list renamed or
removed exports, signature changes for hooks, and behavior changes in payment
components), add a short "Deprecated APIs" subsection naming former exports and
their replacements, include 2–3 concise code diff examples showing before/after
imports and usage for a hook and a payment component, and append a small
"Troubleshooting" list with 3 common errors and recommended fixes (e.g., import
errors, prop name mismatches, gateway config changes).

[coderabbitai]

Actionable comments posted: 95

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (17)

micro-ui/web/micro-ui-internals/packages/css/src/components/uploadcomponents.scss (1)

57-68: Duplicate svg selector will prevent the flex centering from working.

There are two svg selectors within .upload-img-container (lines 57–61 and lines 63–68). The second rule will override the first, so the newly added justify-content and align-items flex properties will never apply. Additionally, the second rule uses position: relative which may not work as expected on a flex item.

Consolidate these rules into a single svg selector that properly centers the SVG content.

   svg {
     @apply flex;
-    justify-content: center;
-    align-items: center;
+    justify-content: center !important;
+    align-items: center !important;
+    margin-left: auto;
+    margin-right: auto;
+    top: calc(50% - 21px);
+    position: relative;
   }
-
-  svg {
-    margin-left: auto;
-    margin-right: auto;
-    top: calc(50% - 21px);
-    position: relative;
-  }

micro-ui/web/micro-ui-internals/packages/css/src/digitv2/components/FormComposerV2.scss (2)

51-58: Consolidate fragmented .employee-card-input selector definitions.

The selector .employee-card-input is defined twice (lines 51–54 and 56–58), with the second definition containing only the max-width property. This violates DRY principles and complicates maintenance. Merge both definitions into a single block.

Apply this diff to consolidate the definitions:

 .employee-card-input {
   @apply mb-lg pl-sm outline-none block border w-full h-10 border-input-border border-solid bg-white leading-10 text-form-field text-text-primary;
   @extend .light-input-border;
+  max-width: 540px;
 }
-
-.employee-card-input {
-  max-width: 540px;
-}

---

81-89: Consolidate fragmented .employee-card-textarea selector definitions.

The selector .employee-card-textarea is split across lines 81–85 (as part of a combined selector) and lines 86–89 (standalone), with the second containing only the max-width property. This creates unnecessary CSS fragmentation and maintainability burden. Consolidate into a single definition.

Apply this diff to consolidate the definitions:

 .card-textarea,
 .employee-card-textarea {
   @apply block outline-none mt-md mb-lg border w-full border-input-border border-solid bg-white h-24 text-form-field text-text-primary p-sm;
   @extend .light-input-border;
+  max-width: 540px;
 }
-.employee-card-textarea {
-  @apply w-full;
-  max-width: 540px;
-}

micro-ui/web/micro-ui-internals/packages/modules/common/README.md (1)

391-418: Clarify App.js setup example with concrete module initialization.

The App.js setup example (lines 404–417) shows importing from the common module but is unclear about how to actually enable and initialize it within a broader DIGIT application context. The initDigitUI function is defined but never called, and the relationship to enabledModules is ambiguous.

Consider expanding this section to show:

import { paymentConfigs, PaymentLinks, PaymentModule } from "@egovernments/digit-ui-module-common";

// Initialize common components
const initDigitUI = () => {
  window?.Digit.ComponentRegistryService.setupRegistry({
    PaymentModule,
    ...paymentConfigs,
    PaymentLinks,
  });
};

// Call on app boot
useEffect(() => {
  initDigitUI();
}, []);

// In your module config
const enabledModules = ["Payment", "Common"];

micro-ui/web/micro-ui-internals/example/src/setupProxy.js (1)

22-98: Remove duplicate proxy routes.

The following routes are defined multiple times in the array:

• /tenant-management appears at lines 24 and 96
• /mdms-v2 appears at lines 27 and 88
• /user-otp appears at lines 25 and 35

While Express.js will use the first matching route, duplicates create maintenance confusion and increase the risk of configuration errors.

Apply this diff to remove the duplicates:

     "/mdms-v2",
     "/egov-idgen",
     "/egov-location",
     "/localization",
     "/egov-workflow-v2",
     "/pgr-services",
     "/filestore",
     "/egov-hrms",
-    "/user-otp",
     "/user",
     "/fsm",
     "/billing-service",
     "/collection-services",
     "/pdf-service",
     "/pg-service",
     "/vehicle",
     "/vendor",
     "/property-services",
     "/fsm-calculator/v1/billingSlab/_search",
     "/pt-calculator-v2",
     "/dashboard-analytics",
     "/echallan-services",
     "/egov-searcher/bill-genie/mcollectbills/_get",
     "/egov-searcher/bill-genie/billswithaddranduser/_get",
     "/egov-searcher/bill-genie/waterbills/_get",
     "/egov-searcher/bill-genie/seweragebills/_get",
     "/egov-pdf/download/UC/mcollect-challan",
     "/egov-hrms/employees/_count",
     "/tl-services/v1/_create",
     "/tl-services/v1/_search",
     "/egov-url-shortening/shortener",
     "/inbox/v1/_search",
     "/inbox/v2/_search",
     "/inbox-v2/v2/_search",
     "/tl-services",
     "/tl-calculator",
     "/org-services",
     "/edcr",
     "/hcm-moz-impl",
     "/bpa-services",
     "/noc-services",
     "/egov-user-event",
     "/egov-document-uploader",
     "/egov-pdf",
     "/egov-survey-services",
     "/ws-services",
     "/sw-services",
     "/ws-calculator",
     "/sw-calculator/",
     "/audit-service/",
     "/egov-searcher",
     "/report",
     "/inbox/v1/dss/_search",
     "/loi-service",
     "/project/v1/",
     "/estimate-service",
     "/loi-service",
     "/works-inbox-service/v2/_search",
     "/egov-pdf/download/WORKSESTIMATE/estimatepdf",
     "/muster-roll",
     "/individual",
-    "/mdms-v2",
     "/facility/v1/_search",
     "/project/staff/v1/_create",
     "/product/v1/_create",
     "/boundary-service",
     "/project-factory",
     "/project-factory/v1/data/_autoGenerateBoundaryCode",
     "/billing-service/bill/v2/_fetchbill",
-    "/tenant-management",
     "/default-data-handler"

micro-ui/web/docker/Dockerfile (3)

7-7: Memory allocation differs significantly across Dockerfiles.

This file allocates 8168 MB, while devDockerfile uses 1792 MB and masDockerfile uses 3792 MB. This inconsistency suggests a lack of standardization and may indicate over/under-provisioning.

Conduct benchmarking to determine the optimal memory allocation for your build process, then standardize this value across all Dockerfiles. Document the rationale for the chosen value.

---

12-16: Inconsistent environment configuration and build commands.

Line 12 has envs.js commented out, while devDockerfile and masDockerfile actively run it. Additionally, this file uses yarn build:webpack while the others use yarn build. These inconsistencies may cause environment-specific failures.

Align the build steps across all Dockerfiles:

1. Determine if node envs.js is required and use it consistently
2. Standardize on either yarn build:webpack or yarn build based on your build requirements

---

18-19: Inconsistent nginx base images across Dockerfiles.

This file uses the public nginx:mainline-alpine, while devDockerfile and masDockerfile use ghcr.io/egovernments/nginx:mainline-alpine. If the custom nginx image includes security hardening, configurations, or patches, using the public image here creates a security/configuration gap.

Standardize the nginx base image. If custom configurations or security patches are present in ghcr.io/egovernments/nginx:mainline-alpine, use it consistently across all Dockerfiles.

micro-ui/web/micro-ui-internals/packages/libraries/src/hooks/pgr/useInboxData.js (2)

20-20: Add null-safety check before accessing ServiceWrappers.

Line 20 assumes complaintDetailsResponse.ServiceWrappers exists, but this could throw an error if complaintDetailsResponse is null or doesn't contain ServiceWrappers. While combineResponses now handles this safely (line 50), this line executes before that function is called.

Apply this diff to add null-safety:

-    complaintDetailsResponse.ServiceWrappers.forEach((service) => serviceIds.push(service.service.serviceRequestId));
+    complaintDetailsResponse?.ServiceWrappers?.forEach((service) => serviceIds.push(service.service.serviceRequestId));

---

23-28: Empty array returned when workflow instances are missing, preventing complaints from displaying.

When workflowInstances.ProcessInstances.length is 0, the conditional block (lines 23–28) is skipped and combinedRes remains an empty array, which is then returned at line 29. This means complaints fetched at line 19 are silently discarded, and users see an empty inbox despite data being available.

The combineResponses function includes fallback logic to return all complaints when no workflow matches are found (line 54), but this function is never invoked when ProcessInstances is empty. Consider either calling combineResponses unconditionally or adding an else clause to return complaints without workflow data.

micro-ui/web/micro-ui-internals/packages/libraries/src/services/atoms/Download.js (1)

24-270: Reduce code duplication by extracting common utilities.

The saveAs function is duplicated in Image, PDF, and IndividualChartImage methods. Similarly, dataURItoBlob is duplicated in PDF and IndividualChartImage. Extracting these as module-level helper functions would improve maintainability.

Consider extracting shared utilities at the module level:

const saveAs = (uri, filename) => {
  if(window.mSewaApp && window.mSewaApp.isMsewaApp()){
    window.mSewaApp.downloadBase64File(uri, filename);
  }
  const link = document.createElement("a");

  if (typeof link.download === "string") {
    link.href = uri;
    link.download = filename;
    document.body.appendChild(link);
    link.click();
    document.body.removeChild(link);
  } else {
    window.open(uri);
  }
};

const dataURItoBlob = (dataURI) => {
  var binary = atob(dataURI.split(',')[1]);
  var array = [];
  for (var i = 0; i < binary.length; i++) {
      array.push(binary.charCodeAt(i));
  }
  return new Blob([new Uint8Array(array)], { type: 'image/jpeg' });
};

Then reference these functions from all methods instead of redefining them.

micro-ui/web/micro-ui-internals/example/.env-unifieddev (1)

3-4: Avoid committing authentication tokens to version control.

Hardcoded tokens pose a security risk even in development environments, as they can grant unauthorized access to shared dev systems and remain visible in git history.

Consider these alternatives:

• Document placeholder values in a .env.example file
• Store actual tokens in .env.local (add to .gitignore)
• Use a secure secret management system
• Rotate these tokens if they're currently active

-REACT_APP_EMPLOYEE_TOKEN=c835932f-2ad4-4d05-83d6-49e0b8c59f8a
-REACT_APP_CITIZEN_TOKEN=7cd58aae-30b3-41ed-a1b3-3417107a993c
+REACT_APP_EMPLOYEE_TOKEN=<your-employee-token>
+REACT_APP_CITIZEN_TOKEN=<your-citizen-token>

micro-ui/web/micro-ui-internals/packages/libraries/src/utils/index.js (1)

503-512: Remove duplicate object key.

Line 511 contains a duplicate downloadBill key that was already defined at line 509. Only the last definition will be used; the first is ignored. Remove the duplicate.

export default {
  pdf: PDFUtil,
  createFunction,
  downloadReceipt,
-  downloadBill,
  downloadPDFFromLink,
  downloadBill,
  getFileUrl,

micro-ui/web/micro-ui-internals/packages/libraries/src/services/atoms/ApiCacheService.js (1)

49-67: Guard against unknown services in getSetting.

If a service isn’t listed, serviceSetting is undefined and dereferencing .cacheTimeInSecs will throw.

Apply:

 const getSetting = (serviceName, moduleName) => {
   const setting = getCachedSetting();
-  const serviceSetting = setting.find((item) => item.serviceName === serviceName);
-  const responseSetting = {
-    cacheTimeInSecs: serviceSetting.cacheTimeInSecs,
-    debounceTimeInMS: serviceSetting.debounceTimeInMS || 100,
-  };
+  const serviceSetting = setting.find((item) => item.serviceName === serviceName);
+  const responseSetting = {
+    cacheTimeInSecs: serviceSetting?.cacheTimeInSecs ?? 300,
+    debounceTimeInMS: serviceSetting?.debounceTimeInMS ?? 100,
+  };
   if (!moduleName) {
     return responseSetting;
   }
-  const moduleSettings = serviceSetting?.moduleSettings?.find((item) => item.moduleName === moduleName);
+  const moduleSettings = serviceSetting?.moduleSettings?.find((item) => item.moduleName === moduleName);
   if (!moduleSettings) {
     return responseSetting;
   }
   return {
     cacheTimeInSecs: moduleSettings.cacheTimeInSecs || responseSetting.cacheTimeInSecs,
     debounceTimeInMS: moduleSettings.debounceTimeInMS || responseSetting.debounceTimeInMS,
   };
 };

micro-ui/web/micro-ui-internals/packages/css/src/index.scss (1)

714-740: Remove duplicated wrapper rules (DRY to avoid cascade conflicts).

.connection-details-new/old-value-wrapper and .plumber-details-new/old-value-wrapper appear twice with identical declarations.

Apply:

- .connection-details-new-value-wrapper { flex: 1 1 auto; }
- .plumber-details-new-value-wrapper { flex: 2 1 auto; }
- .connection-details-old-value-wrapper,
- .plumber-details-old-value-wrapper { ... }
+ /* Keep a single occurrence above; delete this duplicated block */

Also applies to: 744-757

micro-ui/web/micro-ui-internals/packages/libraries/src/services/molecules/Store/service.js (2)

7-17: Rewrite fallback URL through getImgUrl too.

If primary url missing and fallback is S3, it won’t be rewritten.

Apply:

-const getImgUrl = (url, fallbackUrl) => {
-  if (!url && fallbackUrl) {
-    return fallbackUrl;
-  }
+const getImgUrl = (url, fallbackUrl) => {
+  if (!url && fallbackUrl) {
+    url = fallbackUrl;
+  }
   if (url?.includes("s3.ap-south-1.amazonaws.com")) {
     const baseDomain = window?.location?.origin;
     return url.replace("https://s3.ap-south-1.amazonaws.com", baseDomain);
   }
   return url;
 };

---

163-167: Remove unused variable moduleTenants.

Computed and then unused; delete to reduce noise.

♻️ Duplicate comments (27)

micro-ui/web/micro-ui-internals/packages/css/src/pages/employee/form-fields.scss (2)

14-15: Remove unnecessary blank lines.

Lines 14–15 and 20 are blank and add unnecessary whitespace.

Apply this diff to remove the extra blank lines:

     }
 }
-
-

-.form-explorer{
+.form-explorer{
     display: flex;
     flex-flow: row;
     justify-content:space-between;
-    
     .form-component{
         width: 60%;
     }
 }

Also applies to: 20-20

---

16-24: Use Tailwind utilities for consistency with the rest of the file.

The existing code uses Tailwind's @apply directive (lines 1–13), but the new .form-explorer block uses plain CSS. The flex-flow: row is also redundant since row is the default flex direction. Additionally, there's a missing space after the colon in justify-content:space-between;.

Apply this diff to use Tailwind utilities:

-
-
-.form-explorer{
-    display: flex;
-    flex-flow: row;
-    justify-content:space-between;
-    
-    .form-component{
-        width: 60%;
-    }
-}
+@screen dt {
+    .form-explorer{
+        @apply flex justify-between;
+    }
+
+    .form-component{
+        @apply w-3/5;
+    }
+}

If .form-explorer should also apply on mobile, add an additional rule above the @screen dt block:

.form-explorer{
    @apply flex justify-between;
}

micro-ui/web/micro-ui-internals/packages/css/src/digitv2/components/loaderV2.scss (2)

30-32: Missing horizontal centering transform for absolutely positioned loader.

This issue was previously flagged and remains unresolved. The .digit-page-loader is positioned with left: 50% but lacks transform: translateX(-50%), causing the element's left edge (not its center) to align at 50%, resulting in misalignment.

Apply this diff to fix the centering:

 .digit-page-loader {
   padding-top: 20%;
   position: absolute;
   left: 50%;
+  transform: translateX(-50%);
 }

---

72-78: Consolidate duplicate frame class definitions.

This issue was previously flagged and remains unresolved. The new .digit-loadingio-spinner-rolling-frame class is identical to the existing .digit-loadingio-spinner-rolling-faewnb8ux8 class (lines 64–70), violating the DRY principle and increasing maintainability burden.

Consolidate the duplicate definitions using a comma-separated selector:

-.digit-loadingio-spinner-rolling-faewnb8ux8 {
-  width: 48px;
-  height: 48px;
-  display: inline-block;
-  overflow: hidden;
-  background: none;
-}
-
-.digit-loadingio-spinner-rolling-frame {
-  width: 48px;
-  height: 48px;
-  display: inline-block;
-  overflow: hidden;
-  background: none;
+.digit-loadingio-spinner-rolling-faewnb8ux8,
+.digit-loadingio-spinner-rolling-frame {
+  width: 48px;
+  height: 48px;
+  display: inline-block;
+  overflow: hidden;
+  background: none;
 }

micro-ui/web/micro-ui-internals/packages/css/src/components/CitizenHomeCard.scss (1)

18-19: Consolidate duplicate anchor styling; reconsider necessity of !important.

The base styles for .CitizenHomeCard .links a (lines 18–19) are duplicated identically in the @screen dt breakpoint (lines 55–56). Since anchor styling inherits by default, the base declarations should apply to both mobile and desktop unless overridden. If !important is needed here, it signals a cascade specificity issue that should be addressed at the source rather than forcing with !important.

Recommended refactor:

Remove the duplicated declarations from the dt breakpoint and let the base styles cascade naturally:

  .links {
    @apply text-heading-s text-primary-main;

    a {
      @apply block pb-sm;
      color: theme(colors.primary.main) !important;
      text-decoration: none !important;
    }
  }
}

@screen dt {
  .citizenAllServiceGrid {
    display: flex;
    flex-direction: column;
    justify-content: center;
    flex: 1;
  }

  .CitizenHomeCard {
    @apply p-lg;
    .header {
      @apply pb-lg text-heading-l-dt;
      svg {
        @apply w-12 h-12;
      }
    }

    .links {
      @apply grid grid-cols-4 gap-px;
      .linksWrapper {
        height: 25px;
        margin-bottom: 0.5em;
      }
      a {
        @apply pb-md;
        padding-left: 0.2em;
        margin-bottom: 16px;
        width: 100%;
        overflow: hidden;
        text-overflow: ellipsis;
        min-width: 0;
      }
    }
  }
}

If the dt breakpoint genuinely needs different color or text-decoration values, make them explicit. Otherwise, remove the duplicate entirely.

micro-ui/web/micro-ui-internals/packages/css/src/digitv2/components/popUpV2.scss (1)

18-24: Reconsider !important and replace hardcoded values with design tokens.

This code reintroduces concerns flagged in prior reviews: the use of !important and hardcoded magic numbers. Per the PR context indicating a design-system redesign, these values should align with the new design token system.

On !important (line 19): While the retrieved learnings show that !important can be justified in specific cases (e.g., .wbh-header-container and .modal-header in microplanning.scss to prevent unintended overrides), the rationale for the logout popup differs. If the wrapper needs a fixed width, consider using a higher-specificity selector or a dedicated modifier class (e.g., .digit-logout-popup-wrapper--fixed-width) to enforce the constraint without !important.

On magic numbers (lines 19, 22): The hardcoded values 31.25rem and 2.5rem should be replaced with design tokens (SCSS variables or CSS custom properties) to maintain consistency with the digitv2 design system.

Refactor to remove !important and use design tokens:

+ // Import design tokens if not already present
+ // @import 'path/to/digitv2/tokens';
+
- .digit-logout-popup-wrapper{
-   width: 31.25rem !important;
+ .digit-logout-popup-wrapper {
+   width: var(--dt-popup-logout-width, 31.25rem);
  
    .logout-cancel-button{
-     height: 2.5rem;
+     height: var(--dt-button-height-sm, 2.5rem);
    }
  }

If higher specificity is required to prevent overrides without tokens, consider:

.digit-popup-wrap .digit-logout-popup-wrapper {
  width: 31.25rem;
}

micro-ui/web/micro-ui-internals/packages/libraries/src/services/molecules/Ulb/index.js (2)

56-76: Edge cases in URL parsing remain unhandled.

The URL parsing logic on lines 62-66 still lacks defensive checks for:

1. Missing or null/undefined CONTEXT_PATH
2. context not found in pathname (causing indexOf to return -1)
3. Malformed URLs where start or end indices become invalid

When pathname.indexOf(context) returns -1, line 62 computes an incorrect start index, leading to unpredictable substring results on line 66.

The previous review comment on this segment provided a detailed fix with defensive checks. Please implement those defensive checks before the substring operations to ensure robust tenant extraction.

---

87-91: Critical: Type inconsistency in return value remains unfixed.

Line 90 returns either a tenant object from find() or a string from ULBService.getStateId(). This type inconsistency will break any downstream code that expects a consistent object structure with properties like tenant.code, tenant.name, etc.

The previous review comment provided a fix that constructs a fallback tenant object. Please implement that solution or ensure getStateId() result is used to lookup the corresponding tenant object before returning.

micro-ui/web/micro-ui-internals/packages/css/src/components/toggleSwitch.scss (1)

34-34: Fix disabled selector; add disabled visuals.

Use :disabled pseudo-class, not a non-existent .disabled class. Add clear disabled styling.

-.react-switch-checkbox:checked + .react-switch-label .react-switch-button:not(.disabled) {
+.react-switch-checkbox:not(:disabled):checked + .react-switch-label .react-switch-button {
   left: calc(100% - 2px);
   transform: translateX(-100%);
 }
+
+/* Disabled state visuals */
+.react-switch-checkbox:disabled + .react-switch-label {
+  cursor: not-allowed;
+  opacity: 0.5;
+}
+.react-switch-checkbox:disabled + .react-switch-label .react-switch-button {
+  box-shadow: none;
+}

Note: Decide whether a checked+disabled switch should still show the knob on the right (recommended). If yes, drop the :not(:disabled) on the checked rule and instead disable pointer/animation via reduced transition.

micro-ui/web/micro-ui-internals/packages/css/src/digitv2/pages/employee/index.scss (1)

1-35: Reviewed: Styling changes align with UI refresh.

The toast animation, topbar adjustments, and sidebar positioning support the broader digitv2 UI updates. Previous review comments have already addressed the use of !important and z-index management concerns.

micro-ui/web/micro-ui-internals/packages/css/src/components/PageBasedInput.scss (1)

13-27: Duplicate styles and parallel implementations noted.

The new .digit-page-based-input-wrapper duplicates the styling from .PageBasedInputWrapper .SubmitBar (line 4 vs line 19). Previous review comments have already suggested extracting these into a shared mixin and clarifying the migration strategy between the two naming conventions.

micro-ui/web/micro-ui-internals/packages/css/src/components/loaderWithGap.scss (1)

1-45: Duplicate property and maintainability concerns already flagged.

Previous review comments have comprehensively addressed:

• The duplicate display: flex; declaration (lines 2 and 7)
• The extremely high z-index: 99999 value (line 13)
• Hardcoded color values that should use CSS variables

micro-ui/web/micro-ui-internals/packages/css/src/digitv2/pages/employee/workbench.scss (4)

554-554: Fix invalid CSS property value.

Line 554 sets font-weight: 400px; which is invalid. The font-weight property does not accept length units. Remove px to use a valid unitless value.

      .tooltiptextvalue {
        font-size: 14px;
-       font-weight: 400px;
+       font-weight: 400;
        color: white;
      }

---

464-466: Fix incorrect Tailwind utility for flex container.

Line 464 uses justify-items-center which is a CSS Grid utility and does not apply to flex containers. Use justify-center instead to center items along the main axis.

  .workbench-no-schema-found {
-   @apply flex justify-items-center flex-col;
+   @apply flex justify-center flex-col;
    align-items: center;
  }

---

594-627: Fix malformed SCSS nesting structure.

The nesting and brace closures between lines 594-627 are malformed. The .module-card and .master-card selectors appear to be missing proper closure, and .employee-card-sub-header is positioned ambiguously with extra closing braces.

Correct the nesting hierarchy:

 .module-cards-grid,
 .master-cards-grid {
   display: flex;
   flex-flow: wrap;

   .module-card,
   .master-card {
     width: 22rem;
     margin: 0.5rem;
+  }

-

-
-.employee-card-sub-header {
+  .employee-card-sub-header {
     white-space: nowrap;
     overflow: hidden;
     text-overflow: ellipsis;
     max-width: 100%;
     transition: all 0.3s ease;
-    
+
     &:hover {
       overflow: visible;
       white-space: normal;
       word-wrap: break-word;
       z-index: 10;
       padding: 0.5rem;
       margin: -0.5rem;
       border-radius: 4px;
     }
+  }
 }
-
-  }
-}
-}

---

485-506: Replace hardcoded colors with design system tokens.

Lines 485-506 use hardcoded color values (#fe7a51 for orange, #ffffff for white) in the spinner styles. These should use design system theme tokens for consistency and maintainability.

      .jk-spinner {
-       border: 0.4em solid #fe7a51;
+       border: 0.4em solid theme(digitv2.lightTheme.primary);
        border-radius: 50%;
-       border-top: 0.4em solid #ffffff;
+       border-top: 0.4em solid theme(digitv2.lightTheme.background);
        width: 4em;
        height: 4em;
        -webkit-animation: spin 2s linear infinite;
        animation: spin 1s linear infinite;
      }

  .jk-sm-inbox-loader {
-   border: 0.2em solid #fe7a51;
+   border: 0.2em solid theme(digitv2.lightTheme.primary);
     border-radius: 50%;
-    border-top: 0.2em solid #ffffff;
+    border-top: 0.2em solid theme(digitv2.lightTheme.background);
     width: 2em;
     height: 2em;
     -webkit-animation: spin 2s linear infinite;
     animation: spin 1s linear infinite;
   }

micro-ui/web/micro-ui-internals/example/.env-staging (1)

3-4: Remove hardcoded tokens; rotate immediately.

Secrets in VCS are critical risk. Blank them and revoke/rotate now. Add env files to .gitignore; use a secrets manager/CI variables.

-REACT_APP_EMPLOYEE_TOKEN=c835932f-2ad4-4d05-83d6-49e0b8c59f8a
-REACT_APP_CITIZEN_TOKEN=7cd58aae-30b3-41ed-a1b3-3417107a993c
+REACT_APP_EMPLOYEE_TOKEN=
+REACT_APP_CITIZEN_TOKEN=

Also applies to: 5-9

micro-ui/web/micro-ui-internals/example/.env-health-demo (1)

3-4: Remove hardcoded tokens; do not reuse across envs.

Blank, rotate, and manage via secrets. Tokens are identical to staging — avoid reuse.

-REACT_APP_EMPLOYEE_TOKEN=c835932f-2ad4-4d05-83d6-49e0b8c59f8a
-REACT_APP_CITIZEN_TOKEN=7cd58aae-30b3-41ed-a1b3-3417107a993c
+REACT_APP_EMPLOYEE_TOKEN=
+REACT_APP_CITIZEN_TOKEN=

Also applies to: 1-7

micro-ui/web/micro-ui-internals/packages/css/src/pages/employee/sandbox.scss (5)

46-54: Conflicting width definitions remain unresolved.

This issue was previously flagged but not addressed. Line 48 sets width: 100% and line 53 sets width: auto, causing the latter to override the former.

Apply the previously suggested fix:

 .sandbox-module-button {
   position: absolute;
-  width: 100%;
   bottom: 1.5rem;
   left: 1rem;
   right: 1rem;
   margin: auto;
   width: auto;
 }

---

264-273: Duplicate font-family property remains unresolved.

This issue was previously flagged. Line 267 duplicates the font-family: Roboto; already declared on line 265.

 .digit-card-label.sandbox-custom-otp-subheader {
   font-family: "Roboto";
   margin-bottom: 3rem;
-  font-family: Roboto;
   margin-top: 8rem !important;
   color: #0b4b66 !important;

---

307-310: Critical: Orphaned closing brace causes syntax error.

This syntax error was previously flagged but remains unfixed. Line 309 contains an orphaned closing brace.

     justify-content: space-between;
   }
 }
-
-  }
 
 .sandbox-signup-form .digit-field .digit-error-message {

---

583-585: Critical: Missing class selector dot.

Line 583 is missing the leading dot (.), so the selector digit-card-text.center will not match any elements.

-digit-card-text.center {
+.digit-card-text.center {
   text-align: center;
 }

---

1455-1458: Critical: Invalid quoted CSS color value.

CSS color values should not be quoted.

 .highlight-sandbox {
-  color: "#c84c0e";
+  color: #c84c0e;
   /* or your specific orange color code */
 }

micro-ui/web/micro-ui-internals/packages/css/src/pages/employee/login.scss (4)

9-11: Deduplicate min-width for .banner .bannerCard.

Keep a single source of truth; remove one definition and drop unnecessary !important if not needed.

Also applies to: 25-28

---

64-68: Remove invalid self-nesting .submit-bar .submit-bar.

Apply style directly to .submit-bar.

---

141-143: Replace redundant calc(100vh) with 100vh.

---

331-339: Fix quoted CSS values; current rules won’t parse.

Remove quotes from property values.

Apply:

 .policy-subdescription {
-  margin-left: "1rem";
-  margin-top: "0.5rem";
+  margin-left: 1rem;
+  margin-top: 0.5rem;
 }
 .policy-subdescription-points {
-  display: "flex";
-  align-items: "center";
-  margin-bottom: "0.5rem";
-  padding-left: "1rem";
+  display: flex;
+  align-items: center;
+  margin-bottom: 0.5rem;
+  padding-left: 1rem;
 }

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

Fix shell compatibility issue.

The script uses #!/bin/sh (POSIX shell) but line 10 uses [[ ]], which is a bash-specific construct. This will fail on systems where /bin/sh is not bash (e.g., dash on Debian/Ubuntu).

Choose one solution:

Solution 1 (recommended): Change shebang to bash:

-#!/bin/sh
+#!/bin/bash

Solution 2: Use POSIX-compatible syntax:

-if [[ ! "$BRANCH_NAME" =~ $PATTERN ]]; then
+if ! echo "$BRANCH_NAME" | grep -Eq "$PATTERN"; then

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	#!/bin/sh
	# Get the current branch name
	BRANCH_NAME=$(git rev-parse --abbrev-ref HEAD)
	# Define the pattern
	PATTERN="^(FEATURE|BUGFIX|RELEASE)\/(HCMPRE|DPG|SN)-[0-9]{1,5}$"
	# Check if the branch name matches the pattern
	if [[ ! "$BRANCH_NAME" =~ $PATTERN ]]; then
	#!/bin/bash
	# Get the current branch name
	BRANCH_NAME=$(git rev-parse --abbrev-ref HEAD)
	# Define the pattern
	PATTERN="^(FEATURE|BUGFIX|RELEASE)\/(HCMPRE|DPG|SN)-[0-9]{1,5}$"
	# Check if the branch name matches the pattern
	if [[ ! "$BRANCH_NAME" =~ $PATTERN ]]; then

Suggested change

	#!/bin/sh
	# Get the current branch name
	BRANCH_NAME=$(git rev-parse --abbrev-ref HEAD)
	# Define the pattern
	PATTERN="^(FEATURE|BUGFIX|RELEASE)\/(HCMPRE|DPG|SN)-[0-9]{1,5}$"
	# Check if the branch name matches the pattern
	if [[ ! "$BRANCH_NAME" =~ $PATTERN ]]; then
	#!/bin/sh
	# Get the current branch name
	BRANCH_NAME=$(git rev-parse --abbrev-ref HEAD)
	# Define the pattern
	PATTERN="^(FEATURE|BUGFIX|RELEASE)\/(HCMPRE|DPG|SN)-[0-9]{1,5}$"
	# Check if the branch name matches the pattern
	if ! echo "$BRANCH_NAME" | grep -Eq "$PATTERN"; then

🤖 Prompt for AI Agents

In .github/hooks/pre-push around lines 1 to 10 the script declares #!/bin/sh but
uses the bash-specific [[ ]] test which will fail on shells like dash; fix by
either changing the shebang to a bash interpreter (e.g., #!/usr/bin/env bash) so
[[ ]] is valid, or replace the [[ ]] test with POSIX-compatible logic (for
example use case, grep -E, or expr to match the branch name against the PATTERN)
and ensure any other bash-only constructs are removed.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Add missing RELEASE/SN example.

The pattern allows RELEASE/SN-<TICKET_NO> but this example is missing from the error message, creating an inconsistency.

Apply this diff:

   echo " - RELEASE/HCMPRE-<TICKET_NO>"
   echo " - RELEASE/DPG-<TICKET_NO>"
+  echo " - RELEASE/SN-<TICKET_NO>"

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	echo " - RELEASE/HCMPRE-<TICKET_NO>"
	echo " - RELEASE/DPG-<TICKET_NO>"
	echo " - RELEASE/HCMPRE-<TICKET_NO>"
	echo " - RELEASE/DPG-<TICKET_NO>"
	echo " - RELEASE/SN-<TICKET_NO>"

🤖 Prompt for AI Agents

In .github/hooks/pre-push around lines 18 to 19, the error/examples output lists
RELEASE/HCMPRE-<TICKET_NO> and RELEASE/DPG-<TICKET_NO> but omits the allowed
RELEASE/SN-<TICKET_NO> pattern; add a third echo line echo " -
RELEASE/SN-<TICKET_NO>" alongside the existing two so the message consistently
shows all permitted RELEASE patterns.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Correct the ticket number range in documentation.

The pattern {1,5} allows 1 to 5 digits (1-99999), not "0 and 99999" as stated. The documentation is misleading.

Apply this diff:

-echo "Where <TICKET_NO> is a number between 0 and 99999."
+echo "Where <TICKET_NO> is a 1-5 digit number (1-99999)."

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	echo "Where <TICKET_NO> is a number between 0 and 99999."
	echo "Where <TICKET_NO> is a 1-5 digit number (1-99999)."

🤖 Prompt for AI Agents

In .github/hooks/pre-push around line 20, the comment "Where <TICKET_NO> is a
number between 0 and 99999." is incorrect because the regex {1,5} matches 1 to 5
digits (1–99999); update the wording to accurately state "Where <TICKET_NO> is a
number between 1 and 99999" (or "1–99999") so the documentation matches the
pattern.

[coderabbitai]

🧹 Nitpick | 🔵 Trivial

Add blank line after heading.

Markdown style guidelines recommend surrounding headings with blank lines for better readability.

Apply this diff:

 ## Choose the appropriate template for your PR:
+
 - [Feature PR](./PULL_REQUEST_TEMPLATE/feature_template.md)

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	## Choose the appropriate template for your PR:
	- [Feature PR](./PULL_REQUEST_TEMPLATE/feature_template.md)
	- [Bugfix PR](./PULL_REQUEST_TEMPLATE/bugfix_template.md)
	- [Release PR](./PULL_REQUEST_TEMPLATE/release_template.md)
	## Choose the appropriate template for your PR:
	- [Feature PR](./PULL_REQUEST_TEMPLATE/feature_template.md)
	- [Bugfix PR](./PULL_REQUEST_TEMPLATE/bugfix_template.md)
	- [Release PR](./PULL_REQUEST_TEMPLATE/release_template.md)

🧰 Tools

🪛 markdownlint-cli2 (0.18.1)

3-3: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

🤖 Prompt for AI Agents

.github/pull_request_template.md around lines 1 to 5: the heading line "##
Choose the appropriate template for your PR:" is not followed by a blank line;
add a single blank line immediately after the heading so the markdown heading is
separated from the subsequent list for proper formatting and readability.

[coderabbitai]

🧹 Nitpick | 🔵 Trivial

Consider using a top-level heading.

Markdown convention suggests the first heading should be level 1 (#) rather than level 3 (###).

Apply this diff:

-### Bugfix Request
+# Bugfix Request

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	### Bugfix Request
	# Bugfix Request

🧰 Tools

🪛 LanguageTool

[grammar] ~1-~1: Ensure spelling is correct
Context: ### Bugfix Request #### JIRA ID <!-- Provide a de...

(QB_NEW_EN_ORTHOGRAPHY_ERROR_IDS_1)

🪛 markdownlint-cli2 (0.18.1)

1-1: First line in a file should be a top-level heading

(MD041, first-line-heading, first-line-h1)

🤖 Prompt for AI Agents

.github/PULL_REQUEST_TEMPLATE/bugfix_template.md around lines 1 to 1: The
template currently starts with a level-3 heading "### Bugfix Request"; change it
to a top-level level-1 heading by replacing the initial "###" with "#" so the
file begins with "# Bugfix Request" to follow Markdown convention.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Breaking change: Auth token inclusion logic simplified.

The condition was changed from if (auth || !!Digit.UserService.getUser()?.access_token) to if (auth). This means:

• Before: Auth token was included if auth=true OR if the user had an access token (automatic fallback).
• After: Auth token is included ONLY if auth=true explicitly.

This removes the automatic fallback behavior and makes authentication opt-in via the auth parameter. Verify that all API endpoints requiring authentication explicitly set auth=true or rely on the new default.

🤖 Prompt for AI Agents

In
micro-ui/web/micro-ui-internals/packages/libraries/src/services/atoms/Utils/Request.js
around lines 77 to 80, the auth inclusion was simplified to only run when auth
is truthy, removing the previous fallback that used the current user's
access_token; restore the original behavior by changing the condition back to
check either auth OR the presence of Digit.UserService.getUser()?.access_token
(e.g., if (auth || !!Digit.UserService.getUser()?.access_token)) so endpoints
that rely on implicit user tokens continue receiving RequestInfo, or
alternatively update all callers to explicitly pass auth=true where
authentication is required.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Fix markdown formatting violations across the file.

The file has systematic markdown linting issues: headings lack blank lines before/after (MD022), ordered list numbering is incorrect (MD029), code blocks lack surrounding blank lines (MD031), and the file is missing a trailing newline (MD047). These violations impact consistency with markdown standards and tooling compatibility.

Apply this diff to fix a sample of violations (lines 1–50):

 # @egovernments/digit-ui-module-common
-
+
 ## Version: 1.9.0
+
 **Release Date:** October 23, 2025
 
 ## 📦 Installation
+
 ```bash
 npm install --save @egovernments/[email protected]

🚀 What's New in v1.9.0

🔄 Enhanced Shared Components

• Card-Based UI Support: Enhanced common components for modern card-based interfaces
  @@ -19,6 +20,7 @@
• Payment System Enhancement: Advanced payment processing and validation components

🛠️ Shared Utilities & Services

• Enhanced Common Hooks: Improved hooks for tenant management and shared functionality
• Validation Libraries: Advanced form validation and error handling utilities
• Service Abstractions: Better service layer abstractions for cross-module functionality
  @@ -26,6 +28,7 @@
• Configuration Management: Enhanced shared configuration management utilities

⚡ Performance & Architecture

• Bundle Optimization: Significant reduction in bundle size through code splitting
• Caching Strategies: Improved caching for shared resources and components
• Memory Management: Better resource cleanup and lifecycle management
  @@ -34,12 +37,14 @@

📋 Core Features

🔄 Shared Component Library

1. Enhanced Common Components (Updated)

   • Card-Based UI Components: Modern card layouts and interactive elements
   • Form Components: Reusable form elements with validation
   • Navigation Components: Consistent navigation patterns across modules
   • Layout Components: Responsive layout systems and grid components

2. Payment System Components (Enhanced)

   • Payment Processing: Advanced payment workflow components

Use `markdownlint-cli2 --fix` on the entire file to auto-correct remaining violations systematically.

<details>
<summary>🧰 Tools</summary>

<details>
<summary>🪛 markdownlint-cli2 (0.18.1)</summary>

3-3: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

14-14: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

20-20: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

26-26: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

34-34: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

47-47: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

48-48: Ordered list item prefix
Expected: 1; Actual: 3; Style: 1/2/3

(MD029, ol-prefix)

</details>

</details>

<details>
<summary>🤖 Prompt for AI Agents</summary>

In micro-ui/web/micro-ui-internals/packages/modules/common/README.md around
lines 1 to 50, the markdown has lint violations (missing blank lines
before/after headings MD022, incorrect ordered list numbering MD029, code blocks
not surrounded by blank lines MD031, and missing trailing newline MD047); fix by
adding a blank line before and after each top-level and subsection heading,
ensure ordered lists use sequential numbering (1., 2., 3.) or regenerate with a
linter fix, place fenced code blocks with a blank line above and below, and add
a final newline at EOF; run markdownlint-cli2 --fix on the entire file to apply
remaining automatic corrections.

</details>

<!-- This is an auto-generated comment by CodeRabbit -->

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Fix hyphen usage in compound adjective.

Line 483 should join "WCAG compliant" with hyphen when used as a compound adjective before the noun. The grammar hint flags this as a style issue.

-   - **Accessibility**: WCAG compliant shared components
+   - **Accessibility**: WCAG-compliant shared components

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	- **Consistent UI**: Standardized components across all DIGIT modules
	- **Responsive Design**: Mobile-first responsive components
	- **Accessibility**: WCAG compliant shared components
	- **Theme Support**: Consistent theming and styling system
	- **Consistent UI**: Standardized components across all DIGIT modules
	- **Responsive Design**: Mobile-first responsive components
	- **Accessibility**: WCAG-compliant shared components
	- **Theme Support**: Consistent theming and styling system

🧰 Tools

🪛 LanguageTool

[grammar] ~483-~483: Use a hyphen to join words.
Context: ...ive components - Accessibility: WCAG compliant shared components - **Theme Su...

(QB_NEW_EN_HYPHEN)

🤖 Prompt for AI Agents

In micro-ui/web/micro-ui-internals/packages/modules/common/README.md around
lines 481 to 485, the phrase "WCAG compliant shared components" should use a
hyphen when the compound adjective precedes the noun; change it to
"WCAG-compliant shared components" (and scan nearby lines for any other
instances of "WCAG compliant" used as a pre-nominal adjective and apply the same
hyphenation).

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Expand migration guide with breaking changes, deprecated APIs, and concrete code diffs.

The migration guide (lines 504–527) is still generic and does not meet the concrete specificity requested in the prior review. It lists high-level updates but lacks:

• Explicit breaking changes (e.g., removed/renamed exports, signature changes)
• Deprecated APIs section (which old hooks/components are no longer recommended)
• Before/after code diffs showing actual import and component usage updates
• Troubleshooting section with common migration errors and fixes (e.g., import errors, prop mismatches)

For example, the guide should clarify:

• If any payment component prop names changed or were removed
• If any common hooks were renamed or have new signatures
• How to migrate code that depends on v1.8.x payment gateways to v1.9.0 multi-gateway support

Expand the migration guide to include:

### From v1.8.x to v1.9.0

#### Breaking Changes
- `PaymentComponent` prop `gateway` is now required (previously optional with default)
- `useTenantContext` hook signature changed: returns `{ currentTenant, switchTenant }` instead of `{ tenant, setTenant }`
- Receipt template format changed from `receiptConfig` to nested `config.format` object
- Validation rule syntax updated: custom validators now use object format instead of string patterns

#### Deprecated APIs
- `getPaymentGateway()` → Replaced by `PaymentComponent` multi-gateway support
- `validatePaymentLegacy()` → Use `useCommonValidation()` hook instead
- `formatCurrency()` → Use locale-aware formatting via `Digit.Customizations`

#### Migration Examples

**Before (v1.8.x):**
\`\`\`jsx
import { PaymentComponent } from "@egovernments/digit-ui-module-common";
<PaymentComponent gateway="paygov" data={paymentData} />

const { tenant, setTenant } = useTenantContext();
\`\`\`

**After (v1.9.0):**
\`\`\`jsx
import { PaymentComponent } from "@egovernments/digit-ui-module-common";
<PaymentComponent
  config={{ defaultGateway: "paygov", supportedGateways: ["paygov", "razorpay"] }}
  paymentData={paymentData}
/>

const { currentTenant, switchTenant } = useTenantContext();
\`\`\`

#### Common Migration Errors & Fixes

1. **Error: "gateway prop is required"**
   - Fix: Wrap PaymentComponent usage with `config.defaultGateway` setting

2. **Error: "useTenantContext returns undefined"**
   - Fix: Update destructuring from `tenant` to `currentTenant`

3. **Error: "Receipt template not rendering"**
   - Fix: Nest receipt config under `config.format` instead of flat `receiptConfig`

🧰 Tools

🪛 markdownlint-cli2 (0.18.1)

509-509: Fenced code blocks should be surrounded by blank lines

(MD031, blanks-around-fences)

---

513-513: Ordered list item prefix
Expected: 1; Actual: 2; Style: 1/2/3

(MD029, ol-prefix)

---

518-518: Ordered list item prefix
Expected: 2; Actual: 3; Style: 1/2/3

(MD029, ol-prefix)

---

523-523: Ordered list item prefix
Expected: 3; Actual: 4; Style: 1/2/3

(MD029, ol-prefix)

🤖 Prompt for AI Agents

micro-ui/web/micro-ui-internals/packages/modules/common/README.md lines 504-527:
the migration guide is too generic—expand it to list explicit breaking changes
(e.g., PaymentComponent: gateway now required; useTenantContext signature
changed; receiptConfig → config.format; validation rule syntax change), add a
Deprecated APIs section mapping old functions to new replacements, include
concrete before/after code snippets showing import and usage changes
(PaymentComponent props and useTenantContext destructuring), and add a Common
Migration Errors & Fixes troubleshooting subsection with specific error messages
and exact fixes (gateway required, updated hook destructuring, nested receipt
config) so consumers can follow step-by-step to migrate from v1.8.x to v1.9.0.

[coderabbitai]

🧹 Nitpick | 🔵 Trivial

Testing checklist items lack verification steps.

The testing checklist (lines 539–546) enumerates features to test but does not provide concrete verification methods, expected outputs, or test code snippets. This makes it harder for developers to ensure compliance during integration.

Expand with concrete test steps:

### Testing Checklist
- [ ] **Payment processing**: Call `<PaymentComponent>` with test gateway; verify success/failure callbacks fire
- [ ] **Multi-tenant**: Call `switchTenant(newTenant)` and verify `currentTenant` updates and UI re-renders
- [ ] **Form validation**: Submit form with invalid data; verify error messages appear and match `Digit.Customizations` rules
- [ ] **Shared components**: Render `<DataTable>`, `<FormValidator>`, `<Receipt>` with sample data; verify all props apply correctly
- [ ] **Receipt generation**: Trigger receipt download/print; verify PDF/print dialog opens without errors
- [ ] **Error handling**: Intentionally trigger payment failure; verify error UI and recovery flow work

🧰 Tools

🪛 markdownlint-cli2 (0.18.1)

539-539: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

[coderabbitai]

Actionable comments posted: 82

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (13)

micro-ui/web/micro-ui-internals/packages/css/src/components/checkpoint.scss (1)

8-14: Apply z-index consistently or clarify the intentional difference.

The z-index: 10 value for .checkpoint-done h2 is appropriate and aligns with similar interactive UI elements throughout the codebase. However, the .checkpoint h2 element (pending state) lacks a z-index property, creating an inconsistency.

The checkpointV2.scss file applies z-index: 1 to both done and pending states, suggesting both should have z-index for proper stacking. Either:

• Add z-index to .checkpoint h2 for consistency, or
• Document why the pending state intentionally lacks z-index

micro-ui/web/micro-ui-internals/packages/css/src/components/uploadcomponents.scss (1)

57-68: Clarify SVG centering approach.

The SVG element has conflicting centering strategies:

• Lines 59-61: justify-content: center; align-items: center; make the SVG itself a flex container
• Lines 64-66: margin: auto centers the SVG within its parent

Applying flex container properties (justify-content, align-items) to the SVG element is unusual—typically these center the SVG's children. If the intent is to center the SVG itself within .upload-img-container, the margin-auto approach (lines 64-66) is sufficient. Consider removing lines 59-61 if the SVG has no children to center.

micro-ui/web/micro-ui-internals/packages/css/src/digitv2/components/FormComposerV2.scss (1)

51-58: Merge duplicate .employee-card-input selectors.

Having two separate .employee-card-input blocks (lines 51-54 and 56-58) is redundant and can lead to confusion. The max-width property should be added to the first declaration.

Apply this diff to consolidate the selectors:

 .employee-card-input {
   @apply mb-lg pl-sm outline-none block border w-full h-10 border-input-border border-solid bg-white leading-10 text-form-field text-text-primary;
   @extend .light-input-border;
+  max-width: 540px;
 }
-
-.employee-card-input {
-  max-width: 540px;
-}

micro-ui/web/micro-ui-internals/packages/css/src/components/inboxv2/InboxLinks.scss (1)

51-57: Simplify color declaration to eliminate hardcoded fallback.

Line 56 includes a hardcoded RGBA fallback rgba(244, 119, 56, var(--text-opacity)) that duplicates the intent of the theme token on line 55. This creates a maintenance burden: if the theme token changes, the hardcoded fallback won't update automatically. Remove the redundant fallback.

 .link {
     @extend .light-primary;
     padding: 8px;
     --text-opacity: 1;
     color: theme(colors.primary.main);
-    color: rgba(244, 119, 56, var(--text-opacity));
 }

Alternatively, if backward compatibility is critical for older browsers, document why this fallback is necessary.

micro-ui/web/micro-ui-internals/packages/css/src/index.scss (1)

714-716: Remove duplicate .connection-details-new-value-wrapper block.

The selector .connection-details-new-value-wrapper is defined identically at lines 714–716 and again at lines 734–736. This creates code duplication and a maintenance issue. Keep only one definition.

 .plumber-details-new-value-wrapper {
   flex: 2 1 auto;
 }

 .connection-details-new-value-wrapper {
   flex: 1 1 auto;
 }

-.connection-details-old-value-wrapper,
-.plumber-details-old-value-wrapper {
-  flex: 1 1 auto;
-
-  .old-value-null-wrapper {
-    visibility: hidden;
-    padding-bottom: 8px;
-    margin-bottom: 8px;
-  }
-  .row {
-    color: #b1b4b6;
-    font-weight: 700;
-    font-size: 16px;
-  }
-}
-
-.connection-details-new-value-wrapper {
-  flex: 1 1 auto;
-}
-

 .plumber-details-new-value-wrapper {
   flex: 2 1 auto;
 }

Also applies to: 734-736

micro-ui/web/micro-ui-internals/packages/libraries/src/utils/locale.js (1)

78-98: Update JSDoc to reflect actual return types.

The JSDoc comment states @returns {Array}, but the function actually returns number | string | null. This misleading documentation could cause confusion for developers using this utility.

Apply this diff to correct the documentation:

 /**
  * Custom util to format the code for localisation
  *
  * @author jagankumar-egov
  *
  * @example
  *  Digit.Utils.locale.getTransformedLocale(
  *                                          code)
  *
- * @returns {Array} Returns the Array of object
+ * @returns {number | string | null} Returns the transformed locale string, unchanged number, or null for invalid types
  */
 export const getTransformedLocale = (label) => {

micro-ui/web/micro-ui-internals/packages/libraries/src/translations/index.js (1)

33-42: Simplify redundant safety checks after String conversion.

Line 34 converts text to a string using String(text), which guarantees returnText will always be a string (never null or undefined). The subsequent checks on line 38 (returnText && returnText?.replace) are therefore redundant.

Apply this diff to simplify:

 function replaceLiterals(text = "", dynamicValues = {}) {
   let returnText = String(text);
   const regex = /[^\{\{][\{]\w+/;
   if (regex.exec(text) !== null) {
     Object.keys(dynamicValues).forEach((key) => {
-      returnText = returnText && returnText?.replace(`{${key.toUpperCase()}}`, dynamicValues[key]);
+      returnText = returnText.replace(`{${key.toUpperCase()}}`, dynamicValues[key]);
     });
   }
   return returnText;
 }

micro-ui/web/micro-ui-internals/packages/libraries/src/hooks/useCustomAPIMutationHook.js (1)

47-55: Do not cache mutations; force useCache: false

Mutations must bypass internal Request cache to avoid stale responses and side effects.

Apply:

-  const { isLoading, data, isFetching, ...rest } = useMutation(
-    (data) => CustomService.getResponse({ url, params: { ...params, ...data?.params }, body: { ...body, ...data?.body }, plainAccessRequest, headers: { ...headers, ...data?.headers }, method }),
+  const { isLoading, data, isFetching, ...rest } = useMutation(
+    (data) =>
+      CustomService.getResponse({
+        url,
+        params: { ...params, ...data?.params },
+        body: { ...body, ...data?.body },
+        plainAccessRequest,
+        headers: { ...headers, ...data?.headers },
+        method,
+        useCache: false
+      }),
     {
       cacheTime: 0,
       ...config,
     }
   );

micro-ui/web/micro-ui-internals/packages/libraries/src/services/elements/CustomService.js (1)

4-16: Remove unused plainAccessRequest parameter; fix useCache default for mutations

CustomService passes plainAccessRequest to Request(), but Request() doesn't accept it as a parameter—it synthesizes plainAccessRequest internally from privacy data. Remove this unused parameter. Additionally, useCache defaults to true in CustomService despite being appropriate only for GET requests; align it with the method to avoid caching mutations.

export const CustomService = {
- getResponse: ({ url, params, body, plainAccessRequest, useCache=true, userService=true, setTimeParam=true, userDownload=false, auth=true, headers={}, method="POST"}) => Request({
+ getResponse: ({ url, params, body, useCache, userService=true, setTimeParam=true, userDownload=false, auth=true, headers={}, method="POST"}) => {
+   const _useCache = typeof useCache === "boolean" ? useCache : method?.toUpperCase() === "GET";
+   return Request({
     url: url,
     data: body,
-    useCache,
+    useCache: _useCache,
     userService,
     method: method,
     auth: auth,
     params: params,
     headers: headers,
-    plainAccessRequest: plainAccessRequest,
     userDownload: userDownload,
     setTimeParam
-  })
+  });
+ }
};

micro-ui/web/micro-ui-internals/packages/libraries/src/services/molecules/Store/service.js (1)

190-191: Use initData.stateInfo when rendering logos.

After multi-root override, stateInfo may be stale. Use the final values.

-      renderTenantLogos(stateInfo, initData.tenants);
+      renderTenantLogos(initData.stateInfo, initData.tenants);

micro-ui/web/micro-ui-internals/packages/libraries/src/utils/index.js (1)

503-558: Critical: Duplicate property key in export object.

The property downloadBill appears twice in the export object (lines 507 and 509). JavaScript will only retain the last definition, potentially causing unexpected behavior. This was also flagged by the static analysis tool.

Apply this diff to remove the duplicate:

 export default {
   pdf: PDFUtil,
   createFunction,
   downloadReceipt,
   downloadBill,
   downloadPDFFromLink,
-  downloadBill,
   getFileUrl,
   mdms,

micro-ui/web/micro-ui-internals/example/.env-unifiedDev (1)

3-4: CRITICAL: Remove hardcoded authentication tokens from version control.

These are the same hardcoded tokens used across multiple environment files, creating a significant security vulnerability.

Apply this diff:

-REACT_APP_EMPLOYEE_TOKEN=c835932f-2ad4-4d05-83d6-49e0b8c59f8a
-REACT_APP_CITIZEN_TOKEN=7cd58aae-30b3-41ed-a1b3-3417107a993c
+REACT_APP_EMPLOYEE_TOKEN=
+REACT_APP_CITIZEN_TOKEN=

micro-ui/web/micro-ui-internals/example/.env-unifieddev (1)

3-4: Remove hard-coded access tokens from source control.

Committing tokens (even for dev) is a security/compliance risk. Load them from a developer-only .env.local (gitignored) or use a dev auth flow.

• Delete these lines here.
• Add .env.local entries on developer machines.
• Ensure .gitignore includes .env.local and any secrets files.

♻️ Duplicate comments (56)

micro-ui/web/micro-ui-internals/packages/css/src/components/toggleSwitch.scss (1)

34-37: Fix CSS selector mismatch: use :disabled pseudo-class instead of :not(.disabled).

This issue was flagged in a previous review but remains unresolved. The selector uses :not(.disabled) to target a CSS class that is never applied. The component only sets the HTML disabled attribute and applies inline pointerEvents: "none" style, so the animation condition is always true, and disabled switches will still animate when checked—defeating the intended purpose.

Apply this diff to fix the selector:

-  .react-switch-checkbox:checked + .react-switch-label .react-switch-button:not(.disabled) {
+  .react-switch-checkbox:not(:disabled):checked + .react-switch-label .react-switch-button {
     left: calc(100% - 2px);
     transform: translateX(-100%);
   }

Additionally, add visual disabled state styling (opacity reduction, cursor change) to provide clear feedback that the switch is disabled.

micro-ui/web/micro-ui-internals/packages/css/src/digitv2/components/loaderV2.scss (2)

30-32: ⚠️ Previous issue unresolved: Missing horizontal centering transform for absolutely positioned loader.

The .digit-page-loader is positioned with left: 50% but still lacks transform: translateX(-50%) to center it horizontally. Without this, the element's left edge aligns at 50%, causing it to be off-center.

Apply this diff to fix the centering:

 .digit-page-loader {
   padding-top: 20%;
   position: absolute;
   left: 50%;
+  transform: translateX(-50%);
 }

---

72-78: ⚠️ Previous issue unresolved: Duplicate frame class definitions violate DRY principle.

The new .digit-loadingio-spinner-rolling-frame class (lines 72–78) is identical to the existing .digit-loadingio-spinner-rolling-faewnb8ux8 class (lines 64–70). This duplication increases maintainability burden and should be consolidated.

Use one of these approaches to consolidate:

Option 1 (preferred): Use a comma-separated selector

-.digit-loadingio-spinner-rolling-faewnb8ux8 {
-  width: 48px;
-  height: 48px;
-  display: inline-block;
-  overflow: hidden;
-  background: none;
-}
-
-.digit-loadingio-spinner-rolling-frame {
-  width: 48px;
-  height: 48px;
-  display: inline-block;
-  overflow: hidden;
-  background: none;
-}
+.digit-loadingio-spinner-rolling-faewnb8ux8,
+.digit-loadingio-spinner-rolling-frame {
+  width: 48px;
+  height: 48px;
+  display: inline-block;
+  overflow: hidden;
+  background: none;
+}

Option 2 (if backward compatibility requires separate names): Use SCSS extends

+%digit-spinner-frame {
+  width: 48px;
+  height: 48px;
+  display: inline-block;
+  overflow: hidden;
+  background: none;
+}
+
 .digit-loadingio-spinner-rolling-faewnb8ux8 {
-  width: 48px;
-  height: 48px;
-  display: inline-block;
-  overflow: hidden;
-  background: none;
+  @extend %digit-spinner-frame;
 }

 .digit-loadingio-spinner-rolling-frame {
-  width: 48px;
-  height: 48px;
-  display: inline-block;
-  overflow: hidden;
-  background: none;
+  @extend %digit-spinner-frame;
 }

micro-ui/web/micro-ui-internals/packages/css/src/digitv2/components/popUpV2.scss (2)

18-20: Justify or remove !important; avoid CSS anti-patterns.

This comment mirrors prior feedback already flagged on these lines. The use of !important undermines specificity and makes styles difficult to override elsewhere. While retrieved learnings show !important was justified in microplanning.scss to prevent unintended overrides, no explicit justification is provided here.

Consider one of these alternatives:

• Use a higher-specificity selector or dedicated modifier class (e.g., .digit-popup-wrap .digit-logout-popup-wrapper or .digit-logout-popup-wrapper--fixed).
• Use CSS custom properties that can be overridden at a higher level.
• Document why !important is necessary if the fixed width must never be overridden.

Apply this diff if removing !important is feasible:

  .digit-logout-popup-wrapper{
-   width: 31.25rem !important;
+   width: 31.25rem;

---

18-24: Replace hardcoded magic numbers with design tokens.

The popup width (31.25rem) and button height (2.5rem) are hardcoded values. Per the PR context (broad design-system updates in digitv2 components), these should be derived from design tokens for consistency, maintainability, and future scalability.

Identify or define design tokens for popup dimensions and button heights, then reference them:

+ $popup-width-lg: var(--token-popup-width-lg, 31.25rem);
+ $button-height-md: var(--token-button-height-md, 2.5rem);
+
  .digit-logout-popup-wrapper{
-   width: 31.25rem !important;
+   width: $popup-width-lg !important; // or remove !important per above comment
  
    .logout-cancel-button{
-     height: 2.5rem;
+     height: $button-height-md;
    }
  }

Can you confirm which design-token file or CSS custom-property namespace should be used for these values?

micro-ui/web/micro-ui-internals/packages/css/src/components/PageBasedInput.scss (2)

13-27: Clarify the ongoing migration strategy between parallel submit-bar implementations.

The code maintains two independent implementations with differing naming conventions (kebab-case .digit-submit-bar-container vs. PascalCase .SubmitBar), creating ambiguity about the canonical pattern and deprecation timeline. A prior review flagged this concern; the new wrapper addition (lines 13–27) extends the duplication without resolving the underlying architecture question.

Before proceeding further, confirm:

1. Should both implementations coexist permanently, or is one intended to replace the other?
2. What is the canonical naming convention going forward (kebab-case or PascalCase)?
3. Is a deprecation timeline defined for the old .PageBasedInputWrapper variant?

Please document these decisions inline or in a migration guide to prevent future confusion.

---

13-21: Duplicate @apply utilities perpet­uate DRY violation from prior review—extract to a reusable mixin.

Line 19 repeats the exact @apply directives from line 4 (p-sm fixed w-full bottom-0 left-0 text-right bg-white). This was flagged in a previous review and remains unaddressed. Using Tailwind's @apply directive to extract repeated utility patterns to custom CSS classes is the recommended approach for reusability. Define a shared SCSS mixin to consolidate both occurrences and improve maintainability.

// At the top of the file, define:
@mixin submit-bar-utilities {
  z-index: 60;
  @apply p-sm fixed w-full bottom-0 left-0 text-right bg-white;
}

// Then replace both usages:
.PageBasedInputWrapper {
  .SubmitBar {
    @include submit-bar-utilities;
  }
  // ... rest of rules
}

.digit-page-based-input-wrapper {
  .digit-page-based-submit-bar {
    @apply hidden;
  }
  .digit-submit-bar-container {
    @include submit-bar-utilities;
  }
}

micro-ui/web/.babelrc (1)

2-8: This configuration may be ignored due to webpack inline options.

The Babel configuration in this file duplicates the inline options defined in micro-ui/web/core/webpack.config.js (lines 17-20). When babel-loader includes inline options, it takes precedence over .babelrc, potentially making this file ineffective.

To avoid maintenance confusion, choose one source of truth:

• Option 1 (recommended): Remove the inline options from the webpack config's babel-loader and rely solely on this .babelrc file.
• Option 2: Remove this .babelrc file and maintain the configuration only in webpack.

Option 1 - Update webpack.config.js:

         use: {
           loader: "babel-loader",
-          options: {
-            presets: ["@babel/preset-env", "@babel/preset-react"],
-            plugins: ["@babel/plugin-proposal-optional-chaining"]
-          }
         },

Option 2 - Remove this file and keep webpack config as-is.

micro-ui/web/core/webpack.config.js (1)

15-21: Configuration duplication remains unresolved.

This inline Babel configuration duplicates the settings in micro-ui/web/.babelrc. A previous review comment flagged this same issue, and it has not been addressed.

As noted in the earlier review, webpack's inline options take precedence over .babelrc, which can cause maintenance confusion. Please consolidate to a single configuration source.

micro-ui/web/micro-ui-internals/packages/libraries/src/hooks/pgr/useInboxData.js (2)

50-54: Fallback logic still defeats filtering and creates data inconsistency risk.

The fallback on line 54 remains problematic. When filtered.length is 0, falling back to wrappers means processing complaints without workflow data, which causes:

1. taskOwner defaults to "-" (line 61)
2. sla becomes undefined (line 62), which converts to NaN on line 26
3. Users see incomplete/corrupted inbox data

This indicates a data synchronization issue between PGR and workflow services that should be handled explicitly.

Remove the fallback to return only valid data:

  const filtered = wrappers.filter(
    (complaint) => complaint?.service?.serviceRequestId && wfMap?.[complaint.service.serviceRequestId]
  );
- const complaints = filtered.length ? filtered : wrappers;
  
- return complaints.map((complaint) => ({
+ return filtered.map((complaint) => ({

Or add logging when the synchronization issue occurs:

  const complaints = filtered.length ? filtered : wrappers;
+ if (!filtered.length && wrappers.length) {
+   console.warn('No complaints matched workflow data, falling back to unfiltered wrappers');
+ }

---

56-64: Inconsistent null-safety may cause runtime errors.

The filter (line 52) uses optional chaining for complaint?.service?.serviceRequestId, but the mapping directly accesses complaint.service.* without null-safety. When the fallback to wrappers occurs, complaints that failed filtering will cause runtime errors if complaint.service is null/undefined.

Apply consistent null-safety throughout the mapping:

  return complaints.map((complaint) => ({
-    serviceRequestId: complaint.service.serviceRequestId,
-    complaintSubType: complaint.service.serviceCode,
-    locality: complaint.service.address.locality.code,
-    status: complaint.service.applicationStatus,
-    taskOwner: wfMap[complaint.service.serviceRequestId]?.assignes?.[0]?.name || "-",
-    sla: wfMap[complaint.service.serviceRequestId]?.businesssServiceSla,
-    tenantId: complaint.service.tenantId,
+    serviceRequestId: complaint?.service?.serviceRequestId,
+    complaintSubType: complaint?.service?.serviceCode,
+    locality: complaint?.service?.address?.locality?.code,
+    status: complaint?.service?.applicationStatus,
+    taskOwner: wfMap[complaint?.service?.serviceRequestId]?.assignes?.[0]?.name || "-",
+    sla: wfMap[complaint?.service?.serviceRequestId]?.businesssServiceSla,
+    tenantId: complaint?.service?.tenantId,
  }));

micro-ui/web/micro-ui-internals/example/public/index.html (1)

6-8: Improve formatting by separating link tags.

Two <link> tags are merged on line 6, reducing readability. Consider separating them onto individual lines.

Apply this diff to improve formatting:

-  <link rel="icon" href="https://digit-ui-assets.s3.ap-south-1.amazonaws.com/browser-icon.png" />  <link
+  <link rel="icon" href="https://digit-ui-assets.s3.ap-south-1.amazonaws.com/browser-icon.png" />
+  <link
     href="https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@400;500;700&family=Roboto:wght@400;500;700&display=swap"
     rel='stylesheet' type='text/css'>

micro-ui/web/micro-ui-internals/packages/css/src/digitv2/pages/employee/workbench.scss (7)

464-466: Fix incorrect Tailwind utility for flex container.

justify-items-center is a grid utility and does not apply to flex containers. Use justify-center instead.

  .workbench-no-schema-found {
-   @apply flex justify-items-center flex-col;
+   @apply flex justify-center flex-col;
    align-items: center;
  }

---

485-506: Replace hardcoded colors with theme tokens.

Lines 485, 487, 498, and 500 use hardcoded orange (#fe7a51) and white (#ffffff) for spinners. Align with the design system by using theme tokens instead.

  .jk-spinner {
-   border: 0.4em solid #fe7a51;
+   border: 0.4em solid theme(digitv2.lightTheme.primary);
    border-radius: 50%;
-   border-top: 0.4em solid #ffffff;
+   border-top: 0.4em solid theme(digitv2.lightTheme.background);
    width: 4em;
    height: 4em;
    -webkit-animation: spin 2s linear infinite;
    animation: spin 1s linear infinite;
  }

  .jk-sm-inbox-loader {
-   border: 0.2em solid #fe7a51;
+   border: 0.2em solid theme(digitv2.lightTheme.primary);
    border-radius: 50%;
-   border-top: 0.2em solid #ffffff;
+   border-top: 0.2em solid theme(digitv2.lightTheme.background);
    width: 2em;
    height: 2em;
    -webkit-animation: spin 2s linear infinite;
    animation: spin 1s linear infinite;
  }

---

552-556: Fix invalid CSS property value.

font-weight does not accept length units. Remove px to use a valid unitless value.

  .tooltiptextvalue {
    font-size: 14px;
-   font-weight: 400px;
+   font-weight: 400;
    color: white;
  }

---

594-627: Resolve malformed SCSS nesting structure.

The selector nesting and brace closure is malformed. The .employee-card-sub-header block (lines 606–622) appears outside proper closure, and stray closing braces remain at lines 625–627. Fix the hierarchy by properly closing nested selectors and aligning indentation.

  .module-cards-grid,
  .master-cards-grid {
    display: flex;
    flex-flow: wrap;
  
    .module-card,
    .master-card {
      width: 22rem;
      margin: 0.5rem;
+   }
  
-
-
-.employee-card-sub-header {
+  .employee-card-sub-header {
    white-space: nowrap;
    overflow: hidden;
    text-overflow: ellipsis;
    max-width: 100%;
    transition: all 0.3s ease;
-  
+
    &:hover {
      overflow: visible;
      white-space: normal;
      word-wrap: break-word;
      z-index: 10;
      padding: 0.5rem;
      margin: -0.5rem;
      border-radius: 4px;
    }
+  }
  }
-}
-}
-
-  }
-}
-}

---

811-834: Simplify complex selector chains and remove redundant styling.

Lines 811–821 contain an overly specific selector chain with duplicate width declarations (line 812: calc(100% - 32px) and line 816: 100%) and unnecessary !important flags. Consolidate and simplify.

  .modal-content .employee-select-wrap .select input {
-   width: calc(100% - 32px);
    background-color: initial;
-   position: relative !important;
-   z-index: 8 !important; 
+   position: relative;
+   z-index: 8;
    width: 100%;
    height: 100%;
    outline: 2px solid transparent;
    outline-offset: 2px;
    padding-left: 8px;
  }

---

91-117: Extract Tailwind utility patterns into reusable classes.

Lines 91, 113, and 115–117 (also 398, 405–407) use width ratios (@apply w-3/5, @apply w-1/3, @apply w-full) that repeat across the file. Consider extracting these into named reusable utility classes (e.g., .w-form-label, .w-form-field) to improve maintainability and ensure consistency.

Verify that the width ratios (3/5, 1/3) align with your design system's grid proportions and that breakpoint behavior remains consistent across all usages.

---

594-597: Replace deprecated flex-flow with flex-wrap.

Line 597 uses flex-flow: wrap, which is legacy syntax. Use flex-wrap: wrap instead (combined with explicit flex-direction if needed).

  .master-cards-grid {
    display: flex;
-   flex-flow: wrap;
+   flex-wrap: wrap;

.github/pull_request_template.md (1)

1-5: LGTM! PR template structure is clear and appropriate.

The template provides a clear entry point for contributors to select the appropriate PR type. The structure and links are correct.

Note: A past review comment already flagged the markdown formatting issues (missing blank line after heading and trailing space).

.github/PULL_REQUEST_TEMPLATE/bugfix_template.md (1)

1-16: LGTM! Bugfix template structure is appropriate.

The template provides the necessary sections for documenting bug fixes, including JIRA ID, Module, Description, Root Cause, and Related Issues.

Note: Past review comments already flagged markdown formatting issues (heading level, placeholder text inconsistencies).

.github/PULL_REQUEST_TEMPLATE/release_template.md (1)

1-16: LGTM! Release template structure is appropriate.

The template provides the necessary sections for documenting releases, including JIRA ID, Module, Description, List of Features, and List of Issues.

Note: Past review comments already flagged markdown formatting issues (heading level, placeholder text, trailing spaces).

.github/PULL_REQUEST_TEMPLATE/feature_template.md (1)

1-13: LGTM! Feature template structure is appropriate.

The template provides the necessary sections for documenting feature requests, including JIRA ID, Module, Description, and Related Issues.

Note: Past review comments already flagged markdown formatting issues (heading level, placeholder text).

.github/hooks/pre-push (2)

18-20: Verify completeness of error message.

The error message examples should match all patterns allowed by the regex.

Note: Past review comments already flagged missing RELEASE/SN example and incorrect ticket number range documentation.

---

1-10: Critical: Shell compatibility issue.

The script uses #!/bin/sh (POSIX shell) but line 10 uses [[ ]], which is bash-specific. This will fail on systems where /bin/sh is not bash.

Note: Past review comments already flagged this issue and suggested either changing the shebang to #!/bin/bash or using POSIX-compatible syntax.

micro-ui/web/docker/Dockerfile (1)

2-2: Critical: Node.js 14 is end-of-life.

Node.js 14 reached EOL on April 30, 2023, and no longer receives security updates. This exposes the application to unpatched vulnerabilities.

Note: Past review comments already flagged this issue and suggested upgrading to Node 18 or 20 LTS.

micro-ui/web/docker/devDockerfile (2)

2-2: Critical: Node.js 14 is end-of-life.

The base image uses Node.js 14, which reached EOL on April 30, 2023, and no longer receives security updates.

Note: Past review comments already flagged this issue and suggested upgrading to a Node 18 or Node 20 LTS builder image.

---

1-1: Remove commented-out code.

The commented line suggests incomplete migration or experimentation. Clean up once the configuration is finalized.

Note: Past review comments already flagged this issue.

micro-ui/web/docker/masDockerfile (3)

7-7: Memory allocation differs across environments.

This allocates 3792 MB while other Dockerfiles use 8168 MB (Dockerfile) and 1792 MB (devDockerfile). Ensure this value suits the mas environment's requirements.

---

1-2: Critical: Node.js 14 EOL and clean up commented code.

Two issues persist:

1. Node.js 14 reached end-of-life on April 30, 2023, exposing builds to unpatched security vulnerabilities.
2. Commented-out legacy base image should be removed.

Apply this diff:

-#FROM egovio/alpine-node-builder-14:yarn AS build
-FROM ghcr.io/egovernments/alpine-node-builder-14:yarn AS build
+FROM ghcr.io/egovernments/alpine-node-builder-20:yarn AS build

Verify that the Node.js 20 LTS builder image exists in your registry before merging.

---

12-16: Remove commented code and verify install-deps.sh requirement.

Two issues:

1. Line 12 contains commented-out code that should be removed.
2. Unlike other Dockerfiles, this omits ./install-deps.sh before yarn install. If that script installs required system dependencies, builds may fail.

Apply this diff:

-#RUN node web/envs.js
 RUN cd web/ \
     && node envs.js \
+    && ./install-deps.sh \
     && yarn install \
     && yarn build

If install-deps.sh is genuinely unnecessary for mas builds, document why with a comment.

micro-ui/web/micro-ui-internals/packages/libraries/src/services/molecules/Ulb/index.js (2)

56-76: Handle edge cases in URL parsing for tenant extraction.

The URL parsing logic still lacks defensive checks for edge cases that were previously flagged:

1. Missing or invalid CONTEXT_PATH: If context is null, undefined, or not found in the pathname, indexOf returns -1, causing incorrect index calculations.
2. Malformed URL structure: The substring operation may extract incorrect values or fail silently.

Add validation before performing string operations:

  getStateId: () => {
    const isMultiRootTenant = window?.globalConfigs?.getConfig("MULTI_ROOT_TENANT") || false;
    const overrideRootTenant = window?.globalConfigs?.getConfig("OVERRIDE_ROOT_TENANT_WITH_LOGGEDIN_TENANT") || false;

    const pathname = window.location.pathname;
    const context = window?.globalConfigs?.getConfig("CONTEXT_PATH");
+   
+   // Validate context path exists in pathname
+   const contextIndex = context ? pathname.indexOf(context) : -1;
+   if (contextIndex === -1) {
+     // Context not found; skip URL-based tenant extraction
+     const currentTenant = ULBService.getCurrentTenantId();
+     if (overrideRootTenant && currentTenant) {
+       return currentTenant;
+     }
+     return window?.globalConfigs?.getConfig("STATE_LEVEL_TENANT_ID");
+   }
+   
-   const start = pathname.indexOf(context) + context.length + 1;
+   const start = contextIndex + context.length + 1;
    const employeeIndex = pathname.indexOf("employee");
    const citizenIndex = pathname.indexOf("citizen");
    const end = employeeIndex !== -1 ? employeeIndex : citizenIndex !== -1 ? citizenIndex : -1;
    const tenant = end > start ? pathname.substring(start, end).replace(/\/$/, "") : "";

    const currentTenant = ULBService.getCurrentTenantId();
    if (isMultiRootTenant && tenant) {
      return tenant;
    } else if (overrideRootTenant && currentTenant) {
      return currentTenant;
    } else {
      return window?.globalConfigs?.getConfig("STATE_LEVEL_TENANT_ID");
    }
  },

---

87-91: Fix inconsistent return type in getCurrentUlb.

Line 90 still has the critical type inconsistency that was previously flagged: the method returns either a tenant object (from find()) or a string (from getStateId()). This will cause runtime errors when downstream code attempts to access object properties.

The fallback should construct or return a tenant object:

  getCurrentUlb: () => {
    const initData = StoreService.getInitData();
    const tenantId = ULBService.getCurrentTenantId();
-   return initData?.tenants?.find((tenant) => tenant?.code === tenantId) || ULBService.getStateId();
+   const tenant = initData?.tenants?.find((tenant) => tenant?.code === tenantId);
+   if (tenant) {
+     return tenant;
+   }
+   // Fallback: try to find tenant by state ID or construct minimal tenant object
+   const stateId = ULBService.getStateId();
+   return initData?.tenants?.find((tenant) => tenant?.code === stateId) || { code: stateId };
  },

micro-ui/web/micro-ui-internals/packages/css/src/digitv2/components/selectdropdownV2.scss (1)

169-170: Remove empty media query block.

The @screen dt rule remains empty and should be removed to avoid dead code.

Apply this diff to remove the empty block:

-@screen dt {
-}

micro-ui/web/micro-ui-internals/packages/css/src/components/CitizenHomeCard.scss (1)

18-19: Consolidate duplicate !important declarations.

The same color and text-decoration overrides appear at both the base level (lines 18-19) and within the dt breakpoint (lines 55-56). While the retrieved learning confirms that !important may be necessary to prevent style overrides, the duplication is unnecessary.

Consider declaring these styles once in the base .links a selector and allowing them to cascade into the responsive breakpoint, or if the responsive context requires different specificity, consolidate using a shared mixin or utility class.

Based on learnings and past review feedback.

Also applies to: 55-56

micro-ui/web/micro-ui-internals/packages/css/src/pages/employee/form-fields.scss (2)

14-15: Remove unnecessary blank lines.

The extra blank lines at lines 14-15 and 20 add unnecessary whitespace.

Also applies to: 20-20

---

16-24: Use Tailwind utilities for consistency.

The .form-explorer block uses plain CSS while the rest of the file uses Tailwind's @apply directive. Additionally, flex-flow: row is redundant (row is the default), and there's a missing space in justify-content:space-between.

Refactor to use Tailwind utilities:

-.form-explorer{
-    display: flex;
-    flex-flow: row;
-    justify-content:space-between;
-    
-    .form-component{
-        width: 60%;
-    }
-}
+.form-explorer {
+  @apply flex justify-between;
+
+  .form-component {
+    @apply w-3/5;
+  }
+}

micro-ui/web/micro-ui-internals/packages/libraries/src/services/atoms/Download.js (2)

170-202: Add error handling to prevent CSS state corruption.

If the domtoimage.toJpeg promise rejects, the CSS classes modified by applyCss() at line 172 will never be reverted, leaving the DOM in an incorrect state.

Apply this diff to add proper error handling:

   PDFMAIN: (node, fileName, share, resolve = null) => {
     changeClasses("dss-white-pre-line", "dss-white-pre-temp");
     applyCss();
 
     const element = ReactDOM.findDOMNode(node.current);
 
     return domtoimage
       .toJpeg(element, {
         quality: 1,
         bgcolor: "white",
         filter: (node) => !node?.className?.includes?.("divToBeHidden"),
         style: { margin: "25px" },
       })
       .then((dataUrl) => {
         // create PDF
         const pdf = new jsPDF("l", "pt", [element.offsetWidth, element.offsetHeight]);
         pdf.setFontSize?.(16);
         pdf.text?.(40, 30, "Certificate");
         pdf.addImage(dataUrl, "JPEG", 25, 50, element.offsetWidth, element.offsetHeight);
 
         changeClasses("dss-white-pre-temp", "dss-white-pre-line");
         revertCss();
 
         if (share) {
           // return PDF as File
           const pdfBlob = pdf.output("blob");
           return resolve(new File([pdfBlob], `${fileName}.pdf`, { type: "application/pdf" }));
         } else {
           // trigger download
           pdf.save(`${fileName}.pdf`);
         }
-      });
+      })
+      .catch((error) => {
+        changeClasses("dss-white-pre-temp", "dss-white-pre-line");
+        revertCss();
+        throw error;
+      });
   },

---

203-230: Fix promise resolution issue in share mode.

When share is true, the getBlob callback at line 222 is used, but pdf.getBlob() doesn't return a promise, so await does nothing. The outer promise chain will resolve before the callback executes, causing resolve() to be called too late or not at all.

Refactor to properly handle the asynchronous getBlob operation:

  PDFMAIN2: (node, fileName, share, resolve = null) => {
    const element = ReactDOM.findDOMNode(node.current);
    return html2canvas(element, {
      scrollY: -window.scrollY,
      scrollX: 0,
      useCORS: true,
      scale: 1.5,
      windowWidth: element.offsetWidth,
      windowHeight: element.offsetHeight,
-   }).then(async (canvas) => {
+   }).then((canvas) => {
      const jpegImage = canvas.toDataURL("image/jpeg");
      var docDefinition = {
          content: [{
              image: jpegImage,
              width: 500,
          }]
      };
      const pdf = pdfMake.createPdf(docDefinition);
      if(share) {
-       await pdf.getBlob((blob) => {
-         resolve(new File([blob], `${fileName}.pdf`, { type: "application/pdf" }))
-       });
-       return;
+       return new Promise((resolvePromise) => {
+         pdf.getBlob((blob) => {
+           resolve(new File([blob], `${fileName}.pdf`, { type: "application/pdf" }));
+           resolvePromise();
+         });
+       });
      }
    
      return pdf.download(`${fileName}.pdf`);
-   });  
+   })
+   .catch((error) => {
+     console.error('PDF generation failed:', error);
+     throw error;
+   });  
  },

micro-ui/web/micro-ui-internals/packages/css/src/pages/employee/sandbox.scss (7)

46-54: ⚠️ - Unresolved: Fix conflicting width definitions in .sandbox-module-button.

This critical issue was previously flagged and remains unresolved. Line 48 declares width: 100%, which is immediately overridden by width: auto on line 53, resulting in inconsistent layout behavior.

 .sandbox-module-button {
   position: absolute;
-  width: 100%;
   bottom: 1.5rem;
   left: 1rem;
   right: 1rem;
   margin: auto;
   width: auto;
 }

Decide the intended behavior (full-width or intrinsic) and remove the conflicting declaration.

---

264-273: ⚠️ - Unresolved: Remove duplicate font-family property.

Previously flagged and still present. Line 265 and line 267 both declare font-family with different quote styles.

 .digit-card-label.sandbox-custom-otp-subheader {
   font-family: "Roboto";
   margin-bottom: 3rem;
-  font-family: Roboto;
   margin-top: 8rem !important;
   color: #0b4b66 !important;

---

302-310: ⚠️ - Unresolved: Remove orphaned closing brace causing SCSS syntax error.

Line 309 contains an orphaned closing brace without a matching opening brace, creating a syntax error. This was previously flagged.

   .sandbox-signup-form {
     height: 100vh !important;
     align-items: center !important;
     display: flex !important;
   }
-
-  }
 
 .sandbox-signup-form .digit-field .digit-error-message {

---

583-585: ⚠️ - Unresolved: Fix missing class selector dot.

The selector on line 583 lacks the leading dot (.), so this rule will not match any elements. Previously flagged.

-digit-card-text.center {
+.digit-card-text.center {
   text-align: center;
 }

---

1332-1389: ⚠️ - Unresolved: Consolidate duplicate CSS rule definitions.

Rules for .role-list (lines 1332–1335 and 1378–1382) and .role-list-item (lines 1337–1342 and 1384–1389) are defined identically twice. Previously flagged. Remove the duplicate definitions (lines 1378–1389).

---

1455-1458: ⚠️ - Unresolved: Fix invalid CSS color syntax.

Line 1456 contains a quoted hex value color: "#c84c0e". CSS color values must not be quoted. Previously flagged.

 .highlight-sandbox {
-  color: "#c84c0e";
+  color: #c84c0e;
   /* or your specific orange color code */
 }

---

1632-1656: ⚠️ - Unresolved: Consolidate conflicting .step-item definitions.

Two .step-item blocks exist: lines 1632–1640 (with typography/color) and lines 1654–1656 (with only max-width). The second definition cascades over the first, removing styling. Previously flagged. Merge them into a single definition.

 .step-item {
   margin-bottom: 0.5rem;
   font-family: Roboto;
   font-weight: 400;
   font-size: 18px;
   line-height: 28px;
   letter-spacing: 0px;
   color: #0b4b66;
+  max-width: 95%;
 }
 
 .middle-header {
   width: 40%;
   margin-top: 2.3rem;
   margin-left: 9rem;
 }
 
 .steps-list {
   max-width: 50%;
   color: #0B4B66;
 }
 
-.step-item {
-  max-width: 95%;
-}

micro-ui/web/micro-ui-internals/packages/css/src/components/loaderWithGap.scss (2)

1-13: ⚠️ - Unresolved: Remove duplicate display: flex declaration.

Lines 2–3 and lines 7–8 both declare display: flex. This redundancy increases file size and reduces clarity.

 .bg-loader-with-gap-container {
     display: flex;
     justify-content: center;
     align-items: center;
     height: 100%;
     width: 100%;
-    display: flex;
     flex-direction: column;
     background-color: rgba(0, 0, 0, 0.7);

---

1-35: ⚠️ - Unresolved: Refactor hardcoded colors and z-index as CSS variables.

This file uses hardcoded color values (e.g., rgba(0, 0, 0, 0.7), rgb(255, 255, 255), whitesmoke) and an exceptionally high z-index value (99999). These should be defined as CSS custom properties to align with the design system and enable theme flexibility. Previously flagged.

+:root {
+  --loader-overlay-bg: rgba(0, 0, 0, 0.7);
+  --loader-border-color: rgb(255, 255, 255);
+  --loader-text-color: whitesmoke;
+  --loader-z-index: 99999;
+}
+
 .bg-loader-with-gap-container {
     display: flex;
     justify-content: center;
     align-items: center;
     height: 100%;
     width: 100%;
     flex-direction: column;
-    background-color: rgba(0, 0, 0, 0.7);
+    background-color: var(--loader-overlay-bg);
     position: fixed;
     top: 0;
     left: 0;
-    z-index: 99999;
+    z-index: var(--loader-z-index);
 
     .bg-loader {
-        border: 0.5rem solid rgb(255, 255, 255);
+        border: 0.5rem solid var(--loader-border-color);
         border-top: 0.5rem solid rgba(80, 76, 76, 0);
         border-radius: 50%;
         width: 3.125rem;
         height: 3.125rem;
         animation: spin 2s linear infinite;
     }
 
     .bg-loader-inner {
-        border: 1px solid rgb(255, 255, 255);
+        border: 1px solid var(--loader-border-color);
         border-radius: 50%;
         width: 100%;
         height: 100%;
     }
 
     .bg-loader-text {
-        color: whitesmoke;
+        color: var(--loader-text-color);
         padding-top: 1.25rem;
     }
 }

micro-ui/web/micro-ui-internals/packages/css/src/pages/employee/login.scss (3)

64-68: Remove self-nesting .submit-bar selector.

Line 65 creates invalid cascading with .submit-bar { .submit-bar { ... } }, yielding the selector .submit-bar .submit-bar. This appears to be unintentional and should target .submit-bar directly. This issue was flagged in a previous review and remains unfixed.

Apply this diff:

 .submit-bar {
-  .submit-bar {
-    @apply w-full;
-  }
+  @apply w-full;
 }

---

330-339: Remove quoted strings from CSS property values.

Lines 331–339 use invalid CSS syntax with quoted string values such as margin-left: "1rem" and display: "flex". These quotes will not parse correctly and the properties will be ignored. This issue was flagged in a previous review and remains unfixed.

Apply this diff to fix:

 .policy-subdescription {
-  margin-left: "1rem";
-  margin-top: "0.5rem";
+  margin-left: 1rem;
+  margin-top: 0.5rem;
 }
 .policy-subdescription-points {
-  display: "flex";
-  align-items: "center";
-  margin-bottom: "0.5rem";
-  padding-left: "1rem";
+  display: flex;
+  align-items: center;
+  margin-bottom: 0.5rem;
+  padding-left: 1rem;
 }

---

141-143: Simplify redundant calc(100vh) to 100vh.

calc(100vh) is semantically identical to 100vh and the wrapping calculation is unnecessary. This was flagged in a previous review. Apply this diff:

 .banner {
-  height: calc(100vh) !important;
+  height: 100vh !important;
 }

micro-ui/web/micro-ui-internals/packages/libraries/src/services/atoms/Utils/Request.js (1)

77-80: Authentication logic simplified—verify intentional removal of fallback.

The previous condition if (auth || !!Digit.UserService.getUser()?.access_token) provided automatic fallback to include auth when a user was logged in. The new logic if (auth) removes this fallback.

Combined with the auth=true default, authentication is now always included unless explicitly disabled. Confirm this aligns with the intended security model and that all callers expecting unauthenticated requests set auth=false.

micro-ui/web/micro-ui-internals/README.md (1)

65-71: Duplicate heading and missing blank line formatting.

Lines 65-71 introduce a duplicate "## Environment Variables" heading that conflicts with the existing section at line 49. Additionally, there's a missing blank line before the fenced code block.

Apply this diff to fix both issues:

  [sample .env file](https://github.com/egovernments/Digit-Core/blob/workbench/frontend/micro-ui/web/micro-ui-internals/example/.env-unifieddev)

-## Environment Variables
+## Global Configuration

  To create your own globalConfig, copy and refer the below file.
+
  ```bash
      frontend/micro-ui/web/micro-ui-internals/sampleGlobalConfig.js

This restructures the section with a distinct heading ("Global Configuration") to separate it from the environment variables documentation, and adds the required blank line before the code fence per markdown linting standards.

</blockquote></details>
<details>
<summary>micro-ui/web/micro-ui-internals/example/.env-health-demo (1)</summary><blockquote>

`3-4`: **CRITICAL: Remove hardcoded authentication tokens (duplicate from past review).**

This issue was already flagged in a previous review. The hardcoded tokens remain a critical security vulnerability that must be addressed before merging.

</blockquote></details>
<details>
<summary>micro-ui/web/micro-ui-internals/example/.env-staging (1)</summary><blockquote>

`3-4`: **CRITICAL: Remove hardcoded authentication tokens (duplicate from past review).**

This issue was already flagged in a previous review. The hardcoded tokens remain a critical security vulnerability that must be addressed before merging.

</blockquote></details>
<details>
<summary>micro-ui/web/micro-ui-internals/example/.env-unifieddev (1)</summary><blockquote>

`13-14`: **Duplicate env var; keep a single definition.**

SELCO_REACT_APP_PROXY_API is declared twice; the last overrides the first.


```diff
 SELCO_REACT_APP_PROXY_API=https://e4h-dev.selcofoundation.org
-SELCO_REACT_APP_PROXY_API=https://e4h-dev.selcofoundation.org
 SELCO_REACT_APP_GLOBAL=https://s3.ap-south-1.amazonaws.com/egov-dev-assets/globalConfigs.js

[coderabbitai]

🧹 Nitpick | 🔵 Trivial

Consider pinning git to a specific version range.

The constraint >2.30.0 accepts any newer version without an upper bound, which may introduce untested or vulnerable versions.

Consider pinning to a specific stable version or narrow range:

-RUN apk add --no-cache git>2.30.0
+RUN apk add --no-cache git~=2.43

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	RUN apk add --no-cache git>2.30.0
	RUN apk add --no-cache git~=2.43

🤖 Prompt for AI Agents

In micro-ui/web/docker/masDockerfile around line 4, the RUN apk add --no-cache
git>2.30.0 allows any newer git version with no upper bound; change it to pin
git to a concrete, tested package version or a narrow version range supported by
your Alpine repo (for example use apk add --no-cache git=<exact-version> or
git=<major>.<minor>.*) so builds are reproducible and avoid untested/vulnerable
releases, and update the Dockerfile comment to document the chosen version and
reason.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Provide a default value for WORK_DIR.

The ARG has no default value. If the build argument is not supplied, the COPY on line 9 will fail.

Add a sensible default:

-ARG WORK_DIR
+ARG WORK_DIR=.

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	ARG WORK_DIR
	ARG WORK_DIR=.

🤖 Prompt for AI Agents

In micro-ui/web/docker/masDockerfile around line 5, the ARG WORK_DIR has no
default which can cause the subsequent COPY to fail if not supplied; update the
ARG declaration to include a sensible default (for example /app) so WORK_DIR is
defined when the build-arg is omitted, and ensure any later COPY/WORKDIR
instructions use that ARG consistently.

[coderabbitai]

🧹 Nitpick | 🔵 Trivial

Remove debug command.

The ls -lah appears to be a verification step during development. It creates an unnecessary image layer and can be removed for production builds.

 COPY ${WORK_DIR} .
-RUN ls -lah

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	RUN ls -lah
	COPY ${WORK_DIR} .

🤖 Prompt for AI Agents

In micro-ui/web/docker/masDockerfile around line 10, remove the development
debug command `ls -lah` which creates an unnecessary image layer; delete that
RUN instruction so the Dockerfile no longer executes the listing during build
and commit the change to keep the production image lean.

[coderabbitai]

🧹 Nitpick | 🔵 Trivial

Remove commented-out nginx base image.

The commented line should be removed once the ghcr.io migration is finalized.

-#FROM nginx:mainline-alpine
 FROM ghcr.io/egovernments/nginx:mainline-alpine

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	#FROM nginx:mainline-alpine
	FROM ghcr.io/egovernments/nginx:mainline-alpine
	FROM ghcr.io/egovernments/nginx:mainline-alpine

🤖 Prompt for AI Agents

In micro-ui/web/docker/masDockerfile around lines 18 to 19, remove the
commented-out nginx base image line ("#FROM nginx:mainline-alpine") so only the
active migrated base image (FROM ghcr.io/egovernments/nginx:mainline-alpine)
remains; delete the commented line to clean up the Dockerfile and avoid stale
commented configuration.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Rename file to use standard naming convention.

The filename .env sandbox contains a space, which can cause issues with shell scripts, Docker, CI/CD pipelines, and dotenv libraries. Standard convention uses hyphens or dots (e.g., .env.sandbox or .env-sandbox), and other environment files in this PR follow the hyphen convention (.env-health-demo, .env-staging).

Rename the file to:

.env-sandbox

🤖 Prompt for AI Agents

In micro-ui/web/micro-ui-internals/example/.env sandbox around lines 1 to 7, the
filename contains a space which breaks shells, dotenv tools and CI; rename the
file to .env-sandbox and commit it as a git mv to preserve history, then update
any references (npm/yarn scripts, Dockerfiles, CI config, and any dotenv loads)
to point to .env-sandbox and verify environment loading works locally and in CI.

---

🧹 Nitpick | 🔵 Trivial

Consider adding comments for clarity.

While optional, adding brief comments explaining each variable's purpose would improve maintainability, especially for developers unfamiliar with the codebase.

Example:

+# Skip Create React App preflight checks
 SKIP_PREFLIGHT_CHECK=true
+
+# User type for the application (Citizen or Employee)
 REACT_APP_USER_TYPE=Citizen
+
+# Authentication tokens (set at deployment/runtime)
 REACT_APP_EMPLOYEE_TOKEN=
 REACT_APP_CITIZEN_TOKEN=
+
+# Proxy endpoints for API and assets
 REACT_APP_PROXY_API=https://digit-lts.digit.org
 REACT_APP_PROXY_ASSETS=https://digit-lts.digit.org
+
+# Global configuration file location
 REACT_APP_GLOBAL=https://egov-dev-assets.s3.ap-south-1.amazonaws.com/sandbox/globalConfigSandboxLTS.js

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	SKIP_PREFLIGHT_CHECK=true
	REACT_APP_USER_TYPE=Citizen
	REACT_APP_EMPLOYEE_TOKEN=
	REACT_APP_CITIZEN_TOKEN=
	REACT_APP_PROXY_API=https://digit-lts.digit.org
	REACT_APP_PROXY_ASSETS=https://digit-lts.digit.org
	REACT_APP_GLOBAL=https://egov-dev-assets.s3.ap-south-1.amazonaws.com/sandbox/globalConfigSandboxLTS.js
	# Skip Create React App preflight checks
	SKIP_PREFLIGHT_CHECK=true
	# User type for the application (Citizen or Employee)
	REACT_APP_USER_TYPE=Citizen
	# Authentication tokens (set at deployment/runtime)
	REACT_APP_EMPLOYEE_TOKEN=
	REACT_APP_CITIZEN_TOKEN=
	# Proxy endpoints for API and assets
	REACT_APP_PROXY_API=https://digit-lts.digit.org
	REACT_APP_PROXY_ASSETS=https://digit-lts.digit.org
	# Global configuration file location
	REACT_APP_GLOBAL=https://egov-dev-assets.s3.ap-south-1.amazonaws.com/sandbox/globalConfigSandboxLTS.js

🤖 Prompt for AI Agents

In micro-ui/web/micro-ui-internals/example/.env sandbox around lines 1 to 7, the
env file lacks explanatory comments; add brief inline comments above each
variable stating its purpose, expected values or format (e.g.,
SKIP_PREFLIGHT_CHECK=true to bypass CRA checks, REACT_APP_USER_TYPE values like
Citizen/Employee, REACT_APP_EMPLOYEE_TOKEN/REACT_APP_CITIZEN_TOKEN are auth
tokens and should be left empty in example files or replaced with placeholders,
REACT_APP_PROXY_API and REACT_APP_PROXY_ASSETS are base API/asset URLs,
REACT_APP_GLOBAL points to the global config JS file), and add a note reminding
not to commit real secrets and to use environment-specific files for production.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Fix heading and code block formatting violations in Testing section.

Lines 530, 531, 539 violate MD022 (missing blank lines) and MD031 (code blocks not surrounded by blank lines).

Apply this diff:

  ## 🧪 Testing
  
  ### Feature Testing
  
  \`\`\`javascript
  // Test common module functionality
  window.globalConfigs.getConfig = (key) => {
    if (key === 'OVERRIDE_ROOT_TENANT_WITH_LOGGEDIN_TENANT') return true;
    if (key === 'COMMON_PAYMENT_CONFIG') return 'PaymentConfig';
  };
  \`\`\`
  
  ### Testing Checklist
  - [ ] Payment processing components work correctly
  - [ ] Multi-tenant context switching functions

Committable suggestion skipped: line range outside the PR's diff.

🧰 Tools

🪛 markdownlint-cli2 (0.18.1)

530-530: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

531-531: Fenced code blocks should be surrounded by blank lines

(MD031, blanks-around-fences)

---

539-539: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

🤖 Prompt for AI Agents

In micro-ui/web/micro-ui-internals/packages/modules/common/README.md around
lines 530 to 546, the "Feature Testing" heading and the JavaScript code block
are missing surrounding blank lines causing MD022 and MD031 violations; add a
blank line above the "### Feature Testing" heading (if not present), ensure
there is a blank line immediately before the opening ```javascript and
immediately after the closing ``` so the code block is isolated, and add a blank
line between the end of the code block and the "### Testing Checklist" heading
so all headings and code blocks are properly separated.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Fix heading formatting violations in Dependencies and subsequent sections.

Lines 549, 555, 561, 576, 582, 588, 594, 620 violate MD022 (missing blank lines before headings).

Apply this diff to fix headings throughout this section:

  ## 🔗 Dependencies
  
  ### Required Dependencies
  - `@egovernments/digit-ui-react-components`: ^1.8.0
  - `@egovernments/digit-ui-components`: ^1.0.0
  - `react`: ^17.0.2
  - `react-dom`: ^17.0.2
  
  ### Peer Dependencies
  - `lodash`: ^4.17.21
  - `moment`: ^2.29.0
  
  ## 🐛 Known Issues & Solutions
  
  ### Common Issues
  1. **Payment Component Issues**: Fixed in v1.9.0 with enhanced validation
  2. **Multi-Tenant Context**: Improved context management and switching
  3. **Form Validation**: Enhanced validation with better error messages
  4. **Component Stability**: Fixed with improved lifecycle management
  
  ## 📊 Performance Improvements
  
  - **Bundle Size**: 30% reduction through better code splitting
  - **Component Rendering**: 25% improvement in common component performance
  - **Memory Usage**: 20% reduction in memory consumption
  - **Caching**: 40% improvement in shared resource caching
  
  ## 🎯 Common Patterns Supported
  
  ### Payment Workflows
  - Payment gateway integration and processing
  - Receipt generation and management
  - Payment validation and error handling
  - Transaction tracking and analytics
  
  ### Form Management
  - Reusable form components and validation
  - Multi-step form workflows
  - Dynamic form generation
  - Error handling and user feedback
  
  ### Multi-Tenant Support
  - Tenant context management and switching
  - Tenant-specific configuration handling
  - Data isolation and security
  - Cross-tenant functionality
  
  ### Shared Services
  - Common API service patterns
  - Authentication and authorization utilities
  - Notification and messaging services
  - File upload and management services
  
  ### Published from DIGIT Frontend
  [DIGIT Frontend Repository](https://github.com/egovernments/DIGIT-Frontend/tree/develop)

Committable suggestion skipped: line range outside the PR's diff.

🧰 Tools

🪛 markdownlint-cli2 (0.18.1)

549-549: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

555-555: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

561-561: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

576-576: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

582-582: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

588-588: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

594-594: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

🤖 Prompt for AI Agents

In micro-ui/web/micro-ui-internals/packages/modules/common/README.md around
lines 547 to 598, several headings are missing a blank line before them (MD022)
at lines 549, 555, 561, 576, 582, 588 and 594; fix by inserting a single blank
line immediately above each of those heading lines so every heading is preceded
by one blank line, and verify the rest of the section uses consistent
single-blank-line separation between paragraphs and headings.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Known Issues section lacks actionable status and resolution details.

The Known Issues section (lines 559–566) lists four items but provides no status markers, workarounds, resolution timelines, or version history. Developers cannot distinguish between long-standing limitations, recently fixed issues, or issues that are actively being worked on.

Enhance the Known Issues section with status, workarounds, and resolution information:

## 🐛 Known Issues & Solutions

### Common Issues

1. **Payment Component Issues** (Resolved in v1.9.0)
   - **Description**: Payment validation was too strict in v1.8.x, rejecting valid amounts
   - **Workaround** (v1.8.x): Pre-validate amounts before passing to component
   - **Fix in v1.9.0**: Enhanced validation with configurable rules per gateway

2. **Multi-Tenant Context** (Active – Partial limitation)
   - **Description**: Switching tenants does not always sync PGR module state in multi-root tenant setup
   - **Workaround**: Manually refresh PGR module after tenant switch using `switchTenant()` followed by `window.location.reload()`
   - **ETA**: Planned fix in v1.9.1

3. **Form Validation** (Resolved in v1.9.0)
   - **Description**: Custom validators were not applied to nested form fields (v1.8.x)
   - **Fix in v1.9.0**: Recursive field validation now fully supported

4. **Component Stability** (Resolved in v1.9.0)
   - **Description**: Memory leaks during rapid component mount/unmount cycles
   - **Fix in v1.9.0**: Improved lifecycle management and resource cleanup

🧰 Tools

🪛 markdownlint-cli2 (0.18.1)

561-561: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

🤖 Prompt for AI Agents

micro-ui/web/micro-ui-internals/packages/modules/common/README.md around lines
559-566: the Known Issues list lacks actionable status, workarounds, and
resolution/version info; update each listed item to include an explicit status
(e.g., Resolved, Active, Planned), a short description, any workaround steps
(commands or function calls if applicable), and the fix/version or ETA, and
reorder entries to show resolved items with version tags and active/blocked
items with ETA and repro steps so developers can immediately know state and
remediation.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Add missing trailing newline to file.

The file ends abruptly without a trailing newline, violating MD047 markdown standard and causing issues with version control and tooling compatibility.

Add a single blank line at the end of the file (after line 623, following the DIGIT logo reference).

🧰 Tools

🪛 markdownlint-cli2 (0.18.1)

623-623: Files should end with a single newline character

(MD047, single-trailing-newline)

🤖 Prompt for AI Agents

In micro-ui/web/micro-ui-internals/packages/modules/common/README.md around line
623, the file is missing a trailing newline which violates MD047 and can cause
VCS/tooling issues; add a single blank line (newline character) at the end of
the file after the DIGIT logo reference so the file ends with a newline.

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

Fix markdown formatting violations and verify feature documentation accuracy.

This comprehensive README has multiple markdown linting violations and requires verification of documented features. The issues fall into several categories:

Formatting Issues (from markdownlint):

• 11 headings missing blank lines above content (MD022): Lines 3, 14, 22, 31, 38, 44, 54, 61, 71, 81, 92, etc.
• 6 code blocks missing surrounding blank lines (MD031): Lines 93, 112, 126, 219, 240
• 3 ordered list items with incorrect numbering (MD029): Migration steps at lines 223, 228, 232 show inconsistent prefix style
• Missing trailing newline at end of file (MD047)

Documentation Verification Needed:

• Lines 15-20, 32-36: Verify that all listed features (e.g., useLoginConfig, useTenantConfigSearch, PrivacyComponent, CustomErrorComponent, SandBoxHeader) are actually exported from this module
• Lines 64-69, 74-79: Verify that global configuration keys (OVERRIDE_ROOT_TENANT_WITH_LOGGEDIN_TENANT, MULTI_ROOT_TENANT, ENABLE_SINGLEINSTANCE, CORE_MOBILE_CONFIGS) are accurate and complete
• Lines 263-266: Performance metrics (25%, 30%, 20%) lack attribution or basis; verify these are accurate or remove
• Lines 271-275: Confirm peer dependency versions match current requirements

Apply this diff to fix the most critical formatting issues:

 # @egovernments/digit-ui-module-core
 
~## Version: 1.9.0
+
+## Version: 1.9.0
 **Release Date:** October 23, 2025
 
+
 ## 📦 Installation
 
 ```bash
~npm install --save @egovernments/[email protected]
+npm install --save @egovernments/[email protected]

🚀 What's New in v1.9.0

~### Major Features
+
+### Major Features

• 🔐 Authentication v2 System: Complete authentication overhaul with email/mobile login support

For the **ordered list prefix issues** (lines 218-236), ensure Migration Guide follows consistent numbering:

```diff
~1. **Update Dependencies**:
+1. **Update Dependencies**:
 ```bash
 npm update @egovernments/[email protected]

~2. Update Global Configurations:
+2. Update Global Configurations:
- Add support for OVERRIDE_ROOT_TENANT_WITH_LOGGEDIN_TENANT flag
- Configure allowedUserTypes if needed
- Set defaultLanding based on requirements

~3. Update Component Imports:
+3. Update Component Imports:
- Some components have moved to new locations
- Update imports for new components

~4. Test Authentication Flows:
+4. Test Authentication Flows:
- Verify email/mobile login functionality
- Test OTP flows
- Validate multi-tenant scenarios if applicable

Add a trailing newline at the end of the file (after line 310).


To verify that documented features are actually available, please run:

---

🏁 Script executed:

```shell
#!/bin/bash
# Description: Verify exported components and hooks from the core module

# Find the main index/export file for the core module
fd -e 'index\.(ts|tsx|js|jsx)$' 'packages/modules/core' --type f | head -1

# Search for exports of documented components
rg -n 'export.*(?:PrivacyComponent|CustomErrorComponent|SandBoxHeader|useLoginConfig|useTenantConfigSearch)' 'packages/modules/core' --type ts --type tsx

# Verify global config key usage
rg -n 'OVERRIDE_ROOT_TENANT_WITH_LOGGEDIN_TENANT|MULTI_ROOT_TENANT|ENABLE_SINGLEINSTANCE|CORE_MOBILE_CONFIGS' 'packages/modules/core' --type ts --type tsx -A 2 -B 2

Length of output: 55

---

🏁 Script executed:

#!/bin/bash
# Description: Verify exported components and hooks from the core module (corrected)

echo "=== Finding index files in core module ==="
find packages/modules/core -name "index.*" -type f 2>/dev/null | head -5

echo -e "\n=== Searching for component exports (PrivacyComponent, CustomErrorComponent, SandBoxHeader) ==="
rg -n "export.*PrivacyComponent|export.*CustomErrorComponent|export.*SandBoxHeader" packages/modules/core 2>/dev/null | head -20

echo -e "\n=== Searching for hook exports (useLoginConfig, useTenantConfigSearch) ==="
rg -n "export.*useLoginConfig|export.*useTenantConfigSearch" packages/modules/core 2>/dev/null | head -20

echo -e "\n=== Searching for global config key usage ==="
rg -n "OVERRIDE_ROOT_TENANT_WITH_LOGGEDIN_TENANT|MULTI_ROOT_TENANT|ENABLE_SINGLEINSTANCE|CORE_MOBILE_CONFIGS" packages/modules/core 2>/dev/null | head -30

echo -e "\n=== Checking core module structure ==="
ls -la packages/modules/core/ 2>/dev/null | head -20

Length of output: 302

---

🏁 Script executed:

#!/bin/bash
# Description: Explore repository structure and locate core module files

echo "=== Locating the README file being reviewed ==="
find . -path "*/core/README.md" -type f 2>/dev/null

echo -e "\n=== General structure under packages ==="
ls -la packages/ 2>/dev/null || echo "packages/ not found"

echo -e "\n=== General structure under micro-ui ==="
ls -la micro-ui/ 2>/dev/null | head -20 || echo "micro-ui/ not found"

echo -e "\n=== Searching for any files mentioning the documented components ==="
rg -l "PrivacyComponent|CustomErrorComponent|SandBoxHeader" . 2>/dev/null | head -10

echo -e "\n=== Searching for files mentioning the documented hooks ==="
rg -l "useLoginConfig|useTenantConfigSearch" . 2>/dev/null | head -10

echo -e "\n=== Repository root structure ==="
ls -la | head -20

Length of output: 3078

---

🏁 Script executed:

#!/bin/bash
# Description: Verify exports and config key usage in core module

CORE_PATH="./micro-ui/web/micro-ui-internals/packages/modules/core"

echo "=== Checking Module.js exports ==="
cat "$CORE_PATH/src/Module.js" 2>/dev/null | head -50

echo -e "\n=== Checking index/export files ==="
find "$CORE_PATH/src" -name "index.*" -type f -exec echo "File: {}" \; -exec cat {} \;

echo -e "\n=== Checking config key usage in source files ==="
rg -n "OVERRIDE_ROOT_TENANT_WITH_LOGGEDIN_TENANT|MULTI_ROOT_TENANT|ENABLE_SINGLEINSTANCE|CORE_MOBILE_CONFIGS" "$CORE_PATH/src" -A 2 -B 2

echo -e "\n=== Checking useLoginConfig hook signature ==="
head -30 "$CORE_PATH/src/hooks/useLoginConfig.js" 2>/dev/null

echo -e "\n=== Checking useTenantConfigSearch hook signature ==="
head -30 "$CORE_PATH/src/hooks/useTenantConfigSearch.js" 2>/dev/null

echo -e "\n=== Checking PrivacyComponent implementation ==="
head -40 "$CORE_PATH/src/components/PrivacyComponent.js" 2>/dev/null

echo -e "\n=== Checking package.json for peer dependencies ==="
cat "$CORE_PATH/package.json" 2>/dev/null

Length of output: 81087

---

Update README with accurate version, peer dependencies, configuration keys, and remove unsubstantiated performance claims. Fix markdown formatting violations.

This README contains critical documentation inaccuracies that must be corrected:

Version Inaccuracy:

• README declares v1.9.0 (final release), but package.json shows v1.9.0-rc1. Update to reflect release candidate status or align versions if this is a final release.

Peer Dependency Version Mismatches:

• README lists @egovernments/digit-ui-react-components: ^1.8.0, but package.json requires 1.9.0-rc1
• README lists @egovernments/digit-ui-components: ^1.0.0, but package.json requires 0.2.3
• Correct the README peer dependencies table (lines 271-275) to match actual package.json versions

Configuration Keys Documentation Errors:

• OVERRIDE_ROOT_TENANT_WITH_LOGGEDIN_TENANT and MULTI_ROOT_TENANT are documented in the config table but do not exist in source code. The codebase uses Digit.Utils.getMultiRootTenant() instead.
• Remove or correct these entries in the Global Configuration table (lines 64-69) to match actual implementation

Unsubstantiated Performance Claims:

• Lines 263-266 claim "25% faster," "30% reduction," and "20% smaller" without attribution or evidence. Remove these claims or provide documentation/benchmarks.

Markdown Formatting Issues (from original review):

• 11 headings need blank lines above content
• 6 code blocks need surrounding blank lines
• 3 ordered list items have inconsistent formatting (lines 223, 228, 232)
• Add trailing newline to end of file

🧰 Tools

🪛 markdownlint-cli2 (0.18.1)

3-3: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

14-14: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

22-22: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

31-31: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

38-38: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

44-44: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

54-54: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

61-61: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

71-71: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

81-81: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

92-92: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

93-93: Fenced code blocks should be surrounded by blank lines

(MD031, blanks-around-fences)

---

111-111: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

112-112: Fenced code blocks should be surrounded by blank lines

(MD031, blanks-around-fences)

---

125-125: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

126-126: Fenced code blocks should be surrounded by blank lines

(MD031, blanks-around-fences)

---

219-219: Fenced code blocks should be surrounded by blank lines

(MD031, blanks-around-fences)

---

223-223: Ordered list item prefix
Expected: 1; Actual: 2; Style: 1/2/3

(MD029, ol-prefix)

---

228-228: Ordered list item prefix
Expected: 2; Actual: 3; Style: 1/2/3

(MD029, ol-prefix)

---

232-232: Ordered list item prefix
Expected: 3; Actual: 4; Style: 1/2/3

(MD029, ol-prefix)

---

239-239: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

240-240: Fenced code blocks should be surrounded by blank lines

(MD031, blanks-around-fences)

---

248-248: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

256-256: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

270-270: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

281-281: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

309-309: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

312-312: Files should end with a single newline character

(MD047, single-trailing-newline)

[coderabbitai]

Actionable comments posted: 45

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (15)

micro-ui/web/micro-ui-internals/packages/css/src/components/table.scss (1)

1-201: Consider standardizing color tokens across the file.

The file mixes multiple approaches for colors: Tailwind classes, hardcoded hex values, CSS variables, and theme tokens. Standardizing on theme tokens (like theme(colors.white), theme(colors.grey.*)) throughout would improve consistency, maintainability, and make future theme changes easier.

micro-ui/web/micro-ui-internals/packages/css/gulpfile.js (2)

50-52: Missing return statement breaks stream chain in stylesLive.

The stylesLive function creates a stream from styles() but does not return it. This will cause the promise chain to fail in the watcher context, potentially leaving watchers unfinished or causing errors when used in series/parallel task composition.

Apply this diff to fix the stream handling:

 function stylesLive() {
-  styles().pipe(livereload({ start: true }));
+  return styles().pipe(livereload({ start: true }));
 }

---

35-42: Consider removing redundant autoprefixer configuration.

autoprefixer is configured twice: implicitly within postcss-preset-env (line 38, autoprefixer: { cascade: false }) and again as a standalone plugin (line 39). This redundancy can lead to unnecessary CSS transforms and unclear behavior.

To streamline the pipeline, remove the standalone autoprefixer plugin and rely on the one integrated in postcss-preset-env:

   const plugins = [
     require("postcss-import"),
     require("tailwindcss"),
     postcssPresetEnv({ stage: 2, autoprefixer: { cascade: false }, features: { "custom-properties": true } }),
-    require("autoprefixer"),
     require("cssnano"),
     header({ header: headerString }),
   ];

Alternatively, if standalone autoprefixer is intentional (e.g., to apply additional prefixing after preset-env), document the intent clearly.

micro-ui/web/micro-ui-internals/example/src/setupProxy.js (1)

22-98: Remove duplicate route entries.

The route array contains several duplicate entries:

• "/user-otp" appears on lines 25 and 35
• "/mdms-v2" appears on lines 27 and 88
• "/tenant-management" appears on lines 24 and 96
• "/loi-service" appears on lines 80 and 83

Duplicate routes cause the proxy middleware to be registered multiple times for the same path, creating redundant middleware chains that can lead to unexpected behavior.

Apply this diff to remove the duplicates:

   [
     "/access/v1/actions/mdms",
     "/tenant-management",
     "/user-otp",
     "/egov-mdms-service",
     "/mdms-v2",
     "/egov-idgen",
     "/egov-location",
     "/localization",
     "/egov-workflow-v2",
     "/pgr-services",
     "/filestore",
     "/egov-hrms",
-    "/user-otp",
     "/user",
     "/fsm",
     "/billing-service",
     "/collection-services",
     "/pdf-service",
     "/pg-service",
     "/vehicle",
     "/vendor",
     "/property-services",
     "/fsm-calculator/v1/billingSlab/_search",
     "/pt-calculator-v2",
     "/dashboard-analytics",
     "/echallan-services",
     "/egov-searcher/bill-genie/mcollectbills/_get",
     "/egov-searcher/bill-genie/billswithaddranduser/_get",
     "/egov-searcher/bill-genie/waterbills/_get",
     "/egov-searcher/bill-genie/seweragebills/_get",
     "/egov-pdf/download/UC/mcollect-challan",
     "/egov-hrms/employees/_count",
     "/tl-services/v1/_create",
     "/tl-services/v1/_search",
     "/egov-url-shortening/shortener",
     "/inbox/v1/_search",
     "/inbox/v2/_search",
     "/inbox-v2/v2/_search",
     "/tl-services",
     "/tl-calculator",
     "/org-services",
     "/edcr",
     "/hcm-moz-impl",
     "/bpa-services",
     "/noc-services",
     "/egov-user-event",
     "/egov-document-uploader",
     "/egov-pdf",
     "/egov-survey-services",
     "/ws-services",
     "/sw-services",
     "/ws-calculator",
     "/sw-calculator/",
     "/audit-service/",
     "/egov-searcher",
     "/report",
     "/inbox/v1/dss/_search",
     "/loi-service",
     "/project/v1/",
     "/estimate-service",
-    "/loi-service",
     "/works-inbox-service/v2/_search",
     "/egov-pdf/download/WORKSESTIMATE/estimatepdf",
     "/muster-roll",
     "/individual",
-    "/mdms-v2",
     "/facility/v1/_search",
     "/project/staff/v1/_create",
     "/product/v1/_create",
     "/boundary-service",
     "/project-factory",
     "/project-factory/v1/data/_autoGenerateBoundaryCode",
     "/billing-service/bill/v2/_fetchbill",
-    "/tenant-management",
     "/default-data-handler"
   ].forEach((location) => app.use(location, createProxy));

micro-ui/web/docker/Dockerfile (1)

13-16: Build steps inconsistent with devDockerfile.

This Dockerfile does not call ./install-deps.sh before yarn install, unlike devDockerfile (lines 13-17). If that script performs necessary setup (e.g., installing system dependencies), omitting it may cause build failures. Additionally, this file uses yarn build:webpack while other Dockerfiles use yarn build, creating further inconsistency.

Verify whether ./install-deps.sh is required. If it is, add it and standardize the build command:

 RUN cd web/ \
+    && ./install-deps.sh \
     && yarn install \
-    && yarn build:webpack
+    && yarn build

If the script and different build command are genuinely not needed here, document why in a comment.

micro-ui/web/micro-ui-internals/example/.env-unifieddev (1)

1-15: Remove duplicate .env-unifiedDev file; use .env-unifieddev (lowercase).

Two identical environment files exist in micro-ui/web/micro-ui-internals/example/:

• .env-unifieddev (lowercase 'd') — referenced in README.md as the authoritative example
• .env-unifiedDev (capital 'D') — unintended duplicate with no references

The .env-unifiedDev file should be removed to prevent:

• Filesystem conflicts on case-insensitive systems (Windows, macOS)
• Maintenance confusion about which file is canonical

Delete micro-ui/web/micro-ui-internals/example/.env-unifiedDev and keep .env-unifieddev.

micro-ui/web/micro-ui-internals/packages/css/src/digitv2/components/actionbarV2.scss (1)

3-66: Remove the commented .digit-action-bar-wrap block—it's confirmed unused.

The codebase search confirms that .digit-action-bar-wrap is referenced only within the commented block (lines 3-66) and nowhere else. Components continue to use the legacy .action-bar-wrap class from the old actionbar.scss file. The newer .digit-action-bar-wrap-registry class (line 68) is also unused.

Remove lines 3-66 entirely:

-/*.digit-action-bar-wrap {
-  @extend .light-text-color-primary;
-  @extend .light-paper-primary;
-  box-shadow: rgba(0, 0, 0, 0.16) 0 -2px 8px;
-  max-width: 100%;
-  z-index: 100;
-
-  @apply left-0 bottom-0 w-full bg-white py-sm px-sm fixed text-right;
-
-  div {
-    @apply w-full;
-  }
-
-  .digit-menu-wrap {
-    @apply absolute bg-white text-left mb-xs z-30 cursor-pointer;
-    @extend .light-background;
-    bottom: 45px;
-    box-shadow: rgba(0, 0, 0, 0.14) 0 8px 10px 1px, rgba(0, 0, 0, 0.12) 0 3px 14px 2px, rgba(0, 0, 0, 0.2) 0 5px 5px -3px;
-    width: calc(100% - 16px);
-    right: 8px;
-
-    div {
-      @apply h-12 pl-sm py-md text-body-l text-text-primary;
-      @extend .light-primary;
-
-      &:hover {
-        @apply bg-grey-mid w-full;
-        @extend .light-background;
-      }
-    }
-  }
-}
-
-@screen dt {
-  .digit-action-bar-wrap {
-    box-shadow: rgba(0, 0, 0, 0.16) 0 -2px 8px;
-    left: 0;
-    max-width: none;
-    z-index: 999;
-
-    @apply fixed bottom-0 bg-white py-sm pr-lg text-right;
-
-    div {
-      width: calc(100% - 16px);
-    }
-
-    .digit-menu-wrap {
-      bottom: 45px;
-      top: unset;
-      box-shadow: rgba(0, 0, 0, 0.14) 0 8px 10px 1px, rgba(0, 0, 0, 0.12) 0 3px 14px 2px, rgba(0, 0, 0, 0.2) 0 5px 5px -3px;
-      @apply absolute h-auto bg-white text-left mb-xs z-30;
-      width: 240px;
-      right: 24px;
-
-      div {
-        @apply h-12 pl-sm py-md text-body-l text-text-primary;
-
-        &:hover {
-          @apply bg-grey-mid w-full;
-        }
-      }
-    }
-  }
-}*/
-

Git history preserves any rollback path if needed. Commented code adds maintenance debt without benefit.

micro-ui/web/micro-ui-internals/packages/css/src/digitv2/components/FormComposerV2.scss (1)

51-58: Merge duplicate .employee-card-input declarations.

The .employee-card-input selector is defined twice (lines 51-54 and 56-58), which is poor CSS practice and creates maintenance issues. The second declaration only adds max-width, which should be merged into the first.

Apply this diff to consolidate:

 .employee-card-input {
   @apply mb-lg pl-sm outline-none block border w-full h-10 border-input-border border-solid bg-white leading-10 text-form-field text-text-primary;
   @extend .light-input-border;
+  max-width: 540px;
 }
-
-.employee-card-input {
-  max-width: 540px;
-}

micro-ui/web/micro-ui-internals/packages/libraries/src/utils/index.js (1)

503-511: Remove duplicate downloadBill export.

The export object contains downloadBill twice (lines 507 and 509). The second declaration overwrites the first, making it redundant. Remove one occurrence.

export default {
  pdf: PDFUtil,
  createFunction,
  downloadReceipt,
- downloadBill,
  downloadPDFFromLink,
  downloadBill,
  getFileUrl,
  mdms,

micro-ui/web/micro-ui-internals/packages/libraries/src/services/molecules/Ulb/index.js (2)

41-45: Fix optional chaining and broaden tenant fallback for citizens.

• window?.globalConfigs.getConfig can throw if globalConfigs is undefined; add ?. before getConfig.
• getCurrentTenantId is used in citizen flows too; prefer user.info.tenantId when present (for both EMPLOYEE and CITIZEN) before falling back to state ID.

Apply:

   //TODO: fix tenant id from userinfo
-  const tenantId =
-    user?.info?.type === "EMPLOYEE" && user?.info?.tenantId ? user?.info?.tenantId : window?.globalConfigs.getConfig("STATE_LEVEL_TENANT_ID");
+  const tenantId =
+    (user?.info?.tenantId) 
+      ? user.info.tenantId 
+      : window?.globalConfigs?.getConfig("STATE_LEVEL_TENANT_ID");
   return tenantId;

---

126-166: Minor cleanups: spelling and small utility.

• teantsArray typo; rename to tenantsArray.
• stringReplaceAll can be simplified with String.prototype.replaceAll when supported (keep current if legacy support required).

Apply:

-  const userloggedValues = Digit.SessionStorage.get("citizen.userRequestObject");
-  let teantsArray = [],
+  const userloggedValues = Digit.SessionStorage.get("citizen.userRequestObject");
+  let tenantsArray = [],
       filteredArray = [];
   if (userRole === "") {
-    userloggedValues?.info?.roles?.forEach((role) => teantsArray.push(role.tenantId));
-    let unique = teantsArray.filter((item, i, ar) => ar.indexOf(item) === i);
+    userloggedValues?.info?.roles?.forEach((role) => tenantsArray.push(role.tenantId));
+    let unique = tenantsArray.filter((item, i, ar) => ar.indexOf(item) === i);
@@
   } else {
     userloggedValues?.info?.roles?.forEach((role) => {
-      if (userRole === role.code) teantsArray.push(role.tenantId);
+      if (userRole === role.code) tenantsArray.push(role.tenantId);
     });
-    let unique = teantsArray.filter((item, i, ar) => ar.indexOf(item) === i);
+    let unique = tenantsArray.filter((item, i, ar) => ar.indexOf(item) === i);

micro-ui/web/micro-ui-internals/packages/libraries/src/hooks/useCustomAPIHook.js (1)

5-27: Update JSDoc/example to match new API signature.

Docs still show positional params; the hook now accepts a single options object.

I can submit a doc change with a correct usage snippet if desired.

micro-ui/web/micro-ui-internals/packages/css/src/index.scss (1)

714-716: Remove duplicate .connection-details-new-value-wrapper block.

The selector is defined twice; keep a single definition to avoid cascade ambiguity.

 .connection-details-new-value-wrapper {
   flex: 1 1 auto;
 }
-
-.connection-details-new-value-wrapper {
-  flex: 1 1 auto;
-}

Also applies to: 734-736

micro-ui/web/micro-ui-internals/packages/libraries/src/services/molecules/Store/service.js (2)

190-191: Use initData.stateInfo when rendering logos.

Currently passes the pre-MR state info, ignoring tenant-config overrides.

-      renderTenantLogos(stateInfo, initData.tenants);
+      renderTenantLogos(initData.stateInfo, initData.tenants);

---

19-31: Prevent duplicate DOM nodes and update existing logos instead.

Appending multiple <img id="logo-..."> elements leaks nodes and violates unique ID constraints.

 const addLogo = (id, url, fallbackUrl = "") => {
   const containerDivId = "logo-img-container";
   let containerDiv = document.getElementById(containerDivId);
   if (!containerDiv) {
     containerDiv = document.createElement("div");
     containerDiv.id = containerDivId;
     containerDiv.style = "position: absolute; top: 0; left: -9999px;";
     document.body.appendChild(containerDiv);
   }
-  const img = document.createElement("img");
-  img.src = getImgUrl(url, fallbackUrl);
-  img.id = `logo-${id}`;
-  containerDiv.appendChild(img);
+  const imgId = `logo-${id}`;
+  const existing = document.getElementById(imgId);
+  const src = getImgUrl(url, fallbackUrl);
+  if (existing) {
+    existing.src = src;
+    return;
+  }
+  const img = document.createElement("img");
+  img.src = src;
+  img.id = imgId;
+  containerDiv.appendChild(img);
 };

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Remove trailing whitespace.

Line 12 has trailing whitespace that should be removed for clean markdown formatting.

Apply this diff:

-#### Related Issues 
+#### Related Issues

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	#### Related Issues
	#### Related Issues

🧰 Tools

🪛 markdownlint-cli2 (0.18.1)

12-12: Trailing spaces
Expected: 0 or 2; Actual: 1

(MD009, no-trailing-spaces)

🤖 Prompt for AI Agents

In .github/PULL_REQUEST_TEMPLATE/feature_template.md around line 12, there is
trailing whitespace at the end of the "#### Related Issues" line; remove the
trailing space(s) so the markdown line ends immediately after the text (no extra
spaces or tabs) to ensure clean formatting and no trailing whitespace in the
file.

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

CRITICAL: Remove hardcoded authentication tokens from version control.

These hardcoded tokens pose a severe security risk:

1. Exposed credentials: Authentication tokens are now visible in the repository history and can be exploited for unauthorized access
2. Compliance violation: Storing secrets in version control violates security best practices and may breach compliance requirements
3. Token reuse: These same tokens appear across multiple environment files in this PR, amplifying the risk

Immediate actions required:

1. Remove these tokens and replace with empty values or environment-specific placeholders
2. Revoke/rotate these tokens immediately in your authentication system
3. Use secrets management (e.g., environment variables at runtime, AWS Secrets Manager, HashiCorp Vault) instead of committing secrets
4. Add .env* patterns to .gitignore if not already present

Apply this diff to remove the hardcoded tokens:

-REACT_APP_EMPLOYEE_TOKEN=c835932f-2ad4-4d05-83d6-49e0b8c59f8a
-REACT_APP_CITIZEN_TOKEN=7cd58aae-30b3-41ed-a1b3-3417107a993c
+REACT_APP_EMPLOYEE_TOKEN=
+REACT_APP_CITIZEN_TOKEN=

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	REACT_APP_EMPLOYEE_TOKEN=c835932f-2ad4-4d05-83d6-49e0b8c59f8a
	REACT_APP_CITIZEN_TOKEN=7cd58aae-30b3-41ed-a1b3-3417107a993c
	REACT_APP_EMPLOYEE_TOKEN=
	REACT_APP_CITIZEN_TOKEN=

🧰 Tools

🪛 Gitleaks (8.28.0)

[high] 3-3: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

---

[high] 4-4: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

🤖 Prompt for AI Agents

In micro-ui/web/micro-ui-internals/example/.env-workbench-mz-uat around lines 3
to 4, remove the hardcoded REACT_APP_EMPLOYEE_TOKEN and REACT_APP_CITIZEN_TOKEN
values and replace them with empty values or descriptive placeholders (e.g.
REACT_APP_EMPLOYEE_TOKEN= and REACT_APP_CITIZEN_TOKEN= or
REACT_APP_EMPLOYEE_TOKEN=${EMPLOYEE_TOKEN}) so no secrets are committed;
revoke/rotate the exposed tokens immediately in the auth system; search the repo
for any other occurrences of these tokens and remove/replace them; add .env*
patterns to .gitignore if absent to prevent future commits of env files;
consider storing and injecting secrets via your secrets manager or CI
environment variables instead of in-file.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Remove duplicate mdmsProxy registration.

Line 100 duplicates line 21, registering the same route "/mdms-v2/v2/_create" to mdmsProxy twice. This creates a redundant middleware chain.

Apply this diff to remove the duplicate:

   ].forEach((location) => app.use(location, createProxy));
   ["/pb-egov-assets"].forEach((location) => app.use(location, assetsProxy));
-  ["/mdms-v2/v2/_create"].forEach((location) => app.use(location, mdmsProxy));
 };

Committable suggestion skipped: line range outside the PR's diff.

🤖 Prompt for AI Agents

In micro-ui/web/micro-ui-internals/example/src/setupProxy.js around line 100,
the route registration ["/mdms-v2/v2/_create"].forEach((location) =>
app.use(location, mdmsProxy)); is a duplicate of the earlier registration at
line 21; remove the redundant line at or around line 100 so the route is only
registered once, leaving the original registration intact and preventing
duplicate middleware chaining.

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

Invalid React hook usage: useLocation/useParams inside non-hook utility.

Hooks from react-router-dom must run inside React components/custom hooks. Calling them in preProcess causes “Invalid hook call” at runtime.

Apply this refactor to make preProcess a pure function and remove hook imports:

-import { useLocation } from "react-router-dom";
-import { useParams } from "react-router-dom";
+// Hooks must not be used here; pass routing info via data.meta if needed.

@@
-  // eslint-disable-next-line
-  const location = useLocation();
+  const search = data?.meta?.locationSearch ?? window.location.search;
@@
-  // eslint-disable-next-line
-  const { masterName } = useParams();
+  const routeMasterName = data?.meta?.routeParams?.masterName;

@@
-  const searchParams = new URLSearchParams(location.search);
+  const searchParams = new URLSearchParams(search);
@@
-  const id = searchParams.get("config")|| masterName;
+  const id = searchParams.get("config") || routeMasterName;

Upstream: pass { meta: { locationSearch: location.search, routeParams: { masterName } } } when invoking preProcess.

Also applies to: 433-439

---

🏁 Script executed:

#!/bin/bash
# Retrieve the UICustomizations.js file to verify hook usage claims
cat "micro-ui/web/micro-ui-internals/example/src/UICustomizations.js"

Length of output: 24772

---

🏁 Script executed:

#!/bin/bash
# Search for where useLocation and useParams are actually called in the file
rg -n "useLocation\s*\(|useParams\s*\(" "micro-ui/web/micro-ui-internals/example/src/UICustomizations.js" -A2 -B2

Length of output: 313

---

🏁 Script executed:

#!/bin/bash
# Inspect the preProcess function and surrounding context
rg -n "preProcess" "micro-ui/web/micro-ui-internals/example/src/UICustomizations.js" -B3 -A10

Length of output: 1617

---

🏁 Script executed:

#!/bin/bash
# Check specific lines 433-439 mentioned in the review
sed -n '430,442p' "micro-ui/web/micro-ui-internals/example/src/UICustomizations.js"

Length of output: 396

---

Critical issue confirmed: React hooks misused in utility function.

The useLocation() and useParams() hooks are called at lines 434 and 437 inside the preProcess utility function, which violates React's Rules of Hooks. These hooks may only be called at the top level of React components or custom hooks, not in utility functions. This will cause an "Invalid hook call" runtime error when preProcess is invoked.

Remove the hook imports at lines 3-4 and refactor preProcess to accept routing data via a parameter (e.g., data.meta) instead of calling hooks directly:

-import { useLocation } from "react-router-dom";
-import { useParams } from "react-router-dom";

@@
 preProcess: (data) => {
-  const location = useLocation();
+  const search = data?.meta?.locationSearch ?? window.location.search;
-  const { masterName } = useParams();
+  const routeMasterName = data?.meta?.routeParams?.masterName;
-  const searchParams = new URLSearchParams(location.search);
+  const searchParams = new URLSearchParams(search);
-  const id = searchParams.get("config")|| masterName;
+  const id = searchParams.get("config") || routeMasterName;

Callers must pass { meta: { locationSearch: location.search, routeParams: { masterName } } } when invoking preProcess.

Committable suggestion skipped: line range outside the PR's diff.

🤖 Prompt for AI Agents

In micro-ui/web/micro-ui-internals/example/src/UICustomizations.js around lines
3-4 and the preProcess usage at lines ~434-437, React hooks useLocation() and
useParams() are being called inside a utility function (preProcess) which
violates the Rules of Hooks; remove the imports of useLocation and useParams and
refactor preProcess to accept routing data via a parameter (e.g., data.meta)
instead of calling hooks; update preProcess signature to read locationSearch and
routeParams from data.meta and change all callers to pass { meta: {
locationSearch: location.search, routeParams: { masterName } } } (or equivalent)
from within React components where hooks are legal.

[coderabbitai]

🧹 Nitpick | 🔵 Trivial

Optional: extract duplicated transform logic into a helper.

The pathConfig/dateConfig/selectConfig/textConfig → reducer pattern repeats; consider a reusable buildSearchPayload() utility for consistency and testability.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Risk of ID collisions with default "id" fallback.

When the input is empty or invalid, the function returns a hard-coded "id". If multiple fields have empty input, this will cause ID collisions in the DOM, which violates HTML standards and can break functionality.

Consider one of these approaches:

1. Append a unique suffix:

 const sanitizeToHtmlId = (input) => {
-  if (!input) return "id"; // Default to 'id' if input is empty or invalid
+  if (!input) return `id-${Math.random().toString(36).substr(2, 9)}`; // Generate unique ID
 
   return input
     .toLowerCase()
     .replace(/[^a-z0-9-_]+/g, "-") // Replace invalid characters with hyphens
     .replace(/^-+|-+$/g, ""); // Trim leading/trailing hyphens
 };

2. Return empty and handle at call site:

 const sanitizeToHtmlId = (input) => {
-  if (!input) return "id";
+  if (!input) return "";

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	const sanitizeToHtmlId = (input) => {
	if (!input) return "id"; // Default to 'id' if input is empty or invalid
	return input
	.toLowerCase()
	.replace(/[^a-z0-9-_]+/g, "-") // Replace invalid characters with hyphens
	.replace(/^-+|-+$/g, ""); // Trim leading/trailing hyphens
	};
	const sanitizeToHtmlId = (input) => {
	if (!input) return `id-${Math.random().toString(36).substr(2, 9)}`; // Generate unique ID
	return input
	.toLowerCase()
	.replace(/[^a-z0-9-_]+/g, "-") // Replace invalid characters with hyphens
	.replace(/^-+|-+$/g, ""); // Trim leading/trailing hyphens
	};

Suggested change

	const sanitizeToHtmlId = (input) => {
	if (!input) return "id"; // Default to 'id' if input is empty or invalid
	return input
	.toLowerCase()
	.replace(/[^a-z0-9-_]+/g, "-") // Replace invalid characters with hyphens
	.replace(/^-+|-+$/g, ""); // Trim leading/trailing hyphens
	};
	const sanitizeToHtmlId = (input) => {
	if (!input) return "";
	return input
	.toLowerCase()
	.replace(/[^a-z0-9-_]+/g, "-") // Replace invalid characters with hyphens
	.replace(/^-+|-+$/g, ""); // Trim leading/trailing hyphens
	};

🤖 Prompt for AI Agents

In micro-ui/web/micro-ui-internals/packages/libraries/src/utils/field.js around
lines 61 to 68, the sanitizeToHtmlId fallback returns a hard-coded "id" which
will collide when multiple inputs are empty; change the fallback to either
generate a unique id (e.g., "id-<uniqueSuffix>" where uniqueSuffix is a short
random string, timestamp, or incrementing counter) so repeated calls produce
distinct IDs, or return an empty string/null and update callers to handle
generation/validation upstream; ensure any change keeps the sanitized formatting
rules and update affected call sites/tests to expect the new behavior.

[coderabbitai]

🧹 Nitpick | 🔵 Trivial

Use object property shorthand for cleaner code.

When the property name and value variable are identical, use shorthand syntax for better readability.

Apply this diff:

       const svgElement = DynamicIcon({
-        width: width,
-        height: height,
-        fill: iconFill,
-        className: className,
+        width,
+        height,
+        fill: iconFill,
+        className,
       });

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	const svgElement = DynamicIcon({
	width: width,
	height: height,
	fill: iconFill,
	className: className,
	});
	const svgElement = DynamicIcon({
	width,
	height,
	fill: iconFill,
	className,
	});

🤖 Prompt for AI Agents

In micro-ui/web/micro-ui-internals/packages/libraries/src/utils/iconRender.js
around lines 9 to 14, the DynamicIcon call uses verbose property assignments
(width: width, height: height, className: className); change to use object
property shorthand for identical names—pass { width, height, fill: iconFill,
className } so width, height and className use shorthand while keeping the
explicit fill: iconFill mapping.

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

Fix function call in transformURL - missing parentheses.

Line 378 checks getMultiRootTenant as a function reference instead of calling it. This will always evaluate to true, breaking the intended multi-tenant logic.

  if (Digit.Utils.isContextPathMissing(url)) {
    let updatedUrl = null;
-   if (getMultiRootTenant) {
+   if (getMultiRootTenant()) {
      url = url.replace("/sandbox-ui/employee", `/sandbox-ui/${tenantId}/employee`);
      updatedUrl = url;
    } else {

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	const transformURL = (url = "", tenantId) => {
	if (url == "/") {
	return;
	}
	if (Digit.Utils.isContextPathMissing(url)) {
	let updatedUrl = null;
	if (getMultiRootTenant) {
	url = url.replace("/sandbox-ui/employee", `/sandbox-ui/${tenantId}/employee`);
	updatedUrl = url;
	} else {
	updatedUrl = url;
	}
	return updatedUrl;
	} else {
	return url;
	}
	};
	const transformURL = (url = "", tenantId) => {
	if (url == "/") {
	return;
	}
	if (Digit.Utils.isContextPathMissing(url)) {
	let updatedUrl = null;
	if (getMultiRootTenant()) {
	url = url.replace("/sandbox-ui/employee", `/sandbox-ui/${tenantId}/employee`);
	updatedUrl = url;
	} else {
	updatedUrl = url;
	}
	return updatedUrl;
	} else {
	return url;
	}
	};

🤖 Prompt for AI Agents

In micro-ui/web/micro-ui-internals/packages/libraries/src/utils/index.js around
lines 372 to 388, the transformURL function checks getMultiRootTenant as a
function reference instead of invoking it; change the conditional to call
getMultiRootTenant() (i.e., if (getMultiRootTenant()) ) so the multi-tenant
branch actually evaluates correctly, and ensure getMultiRootTenant is in
scope/imported where this function runs.

[coderabbitai]

🧹 Nitpick | 🔵 Trivial

Address markdown formatting issues in changelog.

The static analysis tools have flagged multiple markdown formatting violations including missing blank lines around headings, spelling errors, and ordered list numbering inconsistencies. While these don't affect functionality, fixing them would improve documentation quality and consistency.

Key issues to address:

• Add blank lines above headings (MD022 violations)
• Fix spelling: "componenet" → "component", "Ethopia" → "Ethiopia", "stablity" → "stability", "republihsing" → "republishing", "hambuger" → "hamburger"
• Correct ordered list numbering in migration sections (should be 1, 2, 3, 4 instead of jumping)

🧰 Tools

🪛 LanguageTool

[grammar] ~151-~151: Ensure spelling is correct
Context: ....49] [22-Sep-2025] - updated the login componenet to handle email based login ## [1.8.47...

(QB_NEW_EN_ORTHOGRAPHY_ERROR_IDS_1)

---

[grammar] ~151-~151: Use a hyphen to join words.
Context: ...ted the login componenet to handle email based login ## [1.8.47] [22-Sep-2025] ...

(QB_NEW_EN_HYPHEN)

---

[uncategorized] ~180-~180: The name of this brand needs to be capitalized.
Context: ...t wherever required as older version of react doesn't support <></> PrivateRoute is...

(ON_SKYPE)

---

[grammar] ~217-~217: Ensure spelling is correct
Context: ...ed core issues and related found in PGR Ethopia demo ## [1.8.23] [3-Feb-2025] - FEATU...

(QB_NEW_EN_ORTHOGRAPHY_ERROR_IDS_1)

---

[grammar] ~217-~217: Ensure spelling is correct
Context: ...es and related found in PGR Ethopia demo ## [1.8.23] [3-Feb-2025] - FEATURE/HCMPRE-...

(QB_NEW_EN_ORTHOGRAPHY_ERROR_IDS_1)

---

[grammar] ~255-~255: Ensure spelling is correct
Context: ...8.10] [19-Nov-2024] - Fixed the module stablity & new components integrated republihsin...

(QB_NEW_EN_ORTHOGRAPHY_ERROR_IDS_1)

---

[grammar] ~255-~255: Ensure spelling is correct
Context: ...le stablity & new components integrated republihsing the same due to component version issue...

(QB_NEW_EN_ORTHOGRAPHY_ERROR_IDS_1)

---

[grammar] ~258-~258: Ensure spelling is correct
Context: ... issue, ## [1.8.3] - Fixed the module stablity & new components integrated, sandbox en...

(QB_NEW_EN_ORTHOGRAPHY_ERROR_IDS_1)

---

[grammar] ~264-~264: Ensure spelling is correct
Context: ....17 - Integrated new topbar,sidebar and hambuger ## 1.8.2-beta.12 - Updated the css ## 1.8...

(QB_NEW_EN_ORTHOGRAPHY_ERROR_IDS_1)

---

[grammar] ~411-~411: Ensure spelling is correct
Context: ... city. ## 1.5.46 - Added classname for topbar options dropdown. ## 1.5.45 - Alignmen...

(QB_NEW_EN_ORTHOGRAPHY_ERROR_IDS_1)

🪛 markdownlint-cli2 (0.18.1)

3-3: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

14-14: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

20-20: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

26-26: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

34-34: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

47-47: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

48-48: Ordered list item prefix
Expected: 1; Actual: 3; Style: 1/2/3

(MD029, ol-prefix)

---

54-54: Ordered list item prefix
Expected: 2; Actual: 4; Style: 1/2/3

(MD029, ol-prefix)

---

60-60: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

61-61: Ordered list item prefix
Expected: 1; Actual: 5; Style: 1/2/3

(MD029, ol-prefix)

---

67-67: Ordered list item prefix
Expected: 2; Actual: 6; Style: 1/2/3

(MD029, ol-prefix)

🤖 Prompt for AI Agents

In micro-ui/web/micro-ui-internals/packages/modules/core/CHANGELOG.md around
lines 1 to 464, the changelog has several markdown/style issues flagged by
static analysis; add a blank line before each heading to satisfy MD022, correct
spelling mistakes ("componenet"→"component", "Ethopia"→"Ethiopia",
"stablity"→"stability", "republihsing"→"republishing", "hambuger"→"hamburger"),
and normalize any ordered list numbering so sequences use incremental numbering
(1, 2, 3...) where applicable; run a markdown linter after edits to ensure no
other heading/blank-line or list-numbering violations remain.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Fix duplicate heading and missing blank line per markdown standards.

Line 65 duplicates the "## Environment Variables" heading (which appears at line 49), and line 68 is missing a blank line before the code fence per markdown linting rules (MD024, MD031).

Rename the heading to distinguish the sections and add the required blank line:

 [sample .env file](https://github.com/egovernments/Digit-Core/blob/workbench/frontend/micro-ui/web/micro-ui-internals/example/.env-unifieddev)
 
-## Environment Variables
+## Global Configuration
 
 To create your own globalConfig, copy and refer the below file.
+
 ```bash
     frontend/micro-ui/web/micro-ui-internals/sampleGlobalConfig.js

<details>
<summary>🧰 Tools</summary>

<details>
<summary>🪛 markdownlint-cli2 (0.18.1)</summary>

65-65: Multiple headings with the same content

(MD024, no-duplicate-heading)

---

68-68: Fenced code blocks should be surrounded by blank lines

(MD031, blanks-around-fences)

</details>

</details>

<details>
<summary>🤖 Prompt for AI Agents</summary>

In micro-ui/web/micro-ui-internals/README.md around lines 65 to 71, the "##
Environment Variables" heading duplicates the one at line 49 and the code fence
lacks a preceding blank line; rename this heading to something distinct (e.g.,
"## Sample Global Config" or "## Creating a globalConfig") and insert a blank
line immediately before the opening ```bash code fence so the section no longer
duplicates the earlier heading and conforms to markdown linting rules (MD024,
MD031).

</details>

<!-- This is an auto-generated comment by CodeRabbit -->

[coderabbitai]

Actionable comments posted: 26

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (5)

micro-ui/web/micro-ui-internals/packages/css/src/components/inboxv2/inboxSearchComposer.scss (1)

73-75: Missing semicolon after grid-template-columns.

grid-template-columns: 100% lacks a trailing semicolon, risking CSS parse issues. Add it.

 &.download {
-  grid-template-columns: 100%
+  grid-template-columns: 100%;
 }

micro-ui/web/micro-ui-internals/packages/libraries/src/services/molecules/Store/service.js (1)

194-212: Guard against undefined- module names in defaultData as well.*

The same modulePrefix undefined issue exists in defaultData. When modulePrefix is falsy, lines 198–199 and 203–205 will produce "undefined-*" strings.

Apply this diff:

   defaultData: async (stateCode, moduleCode, language, modulePrefix) => {
     let moduleCodes = [];
     if (typeof moduleCode !== "string")
       moduleCode.forEach((code) => {
-        moduleCodes.push(modulePrefix ? `${modulePrefix}-${code.toLowerCase()}` : `${code.toLowerCase()}`);
+        moduleCodes.push(modulePrefix ? `${modulePrefix}-${code.toLowerCase()}` : code.toLowerCase());
       });
     const LocalePromise = LocalizationService.getLocale({
       modules:
         typeof moduleCode == "string"
           ? modulePrefix
-            ? [`${modulePrefix}-${moduleCode.toLowerCase()}`]
-            : [`${moduleCode.toLowerCase()}`]
+            ? [`${modulePrefix}-${moduleCode.toLowerCase()}`]
+            : [moduleCode.toLowerCase()]
           : moduleCodes,
       locale: language,
       tenantId: stateCode,
     });

micro-ui/web/micro-ui-internals/packages/css/src/digitv2/components/actionbarV2.scss (1)

3-66: Remove commented-out code to reduce technical debt.

A large block of CSS (63 lines) is commented out. If this styling is no longer needed, remove it entirely. If it's temporarily disabled pending migration, document the plan with a TODO comment.

Apply this diff to remove the commented block:

-/*.digit-action-bar-wrap {
-  @extend .light-text-color-primary;
-  @extend .light-paper-primary;
-  box-shadow: rgba(0, 0, 0, 0.16) 0 -2px 8px;
-  max-width: 100%;
-  z-index: 100;
-
-  @apply left-0 bottom-0 w-full bg-white py-sm px-sm fixed text-right;
-
-  div {
-    @apply w-full;
-  }
-
-  .digit-menu-wrap {
-    @apply absolute bg-white text-left mb-xs z-30 cursor-pointer;
-    @extend .light-background;
-    bottom: 45px;
-    box-shadow: rgba(0, 0, 0, 0.14) 0 8px 10px 1px, rgba(0, 0, 0, 0.12) 0 3px 14px 2px, rgba(0, 0, 0, 0.2) 0 5px 5px -3px;
-    width: calc(100% - 16px);
-    right: 8px;
-
-    div {
-      @apply h-12 pl-sm py-md text-body-l text-text-primary;
-      @extend .light-primary;
-
-      &:hover {
-        @apply bg-grey-mid w-full;
-        @extend .light-background;
-      }
-    }
-  }
-}
-
-@screen dt {
-  .digit-action-bar-wrap {
-    box-shadow: rgba(0, 0, 0, 0.16) 0 -2px 8px;
-    left: 0;
-    max-width: none;
-    z-index: 999;
-
-    @apply fixed bottom-0 bg-white py-sm pr-lg text-right;
-
-    div {
-      width: calc(100% - 16px);
-    }
-
-    .digit-menu-wrap {
-      bottom: 45px;
-      top: unset;
-      box-shadow: rgba(0, 0, 0, 0.14) 0 8px 10px 1px, rgba(0, 0, 0, 0.12) 0 3px 14px 2px, rgba(0, 0, 0, 0.2) 0 5px 5px -3px;
-      @apply absolute h-auto bg-white text-left mb-xs z-30;
-      width: 240px;
-      right: 24px;
-
-      div {
-        @apply h-12 pl-sm py-md text-body-l text-text-primary;
-
-        &:hover {
-          @apply bg-grey-mid w-full;
-        }
-      }
-    }
-  }
-}*/
-

micro-ui/web/micro-ui-internals/packages/libraries/src/utils/index.js (2)

503-512: Duplicate downloadBill in default export; remove the extra entry.

   downloadReceipt,
-  downloadBill,
   downloadPDFFromLink,
   downloadBill,

---

214-221: Prefer local getter over global Digit.Utils to avoid init-order issues.

Use getMultiRootTenant() defined in-module.

-  if (Digit.Utils.getMultiRootTenant()) {
+  if (getMultiRootTenant()) {
     pgrRoles.push("SUPERUSER");
   }

[coderabbitai]

🧹 Nitpick | 🔵 Trivial

Ensure the hook actually runs and harden it.

• Document or automate: git config core.hooksPath .github/hooks so this script executes.
• Optional: if you adopt bash, add set -euo pipefail at the top.

🤖 Prompt for AI Agents

.github/hooks/pre-push lines 1-25: the hook currently may not run for
contributors and is not hardened; add documentation and an automated setup plus
tighten the script: document in CONTRIBUTING (or add a repo setup script) that
callers must run git config core.hooksPath .github/hooks (or run the provided
setup script) so the hook is actually installed, and modify the hook itself to
use a stricter shell and fail-fast behaviour by switching the shebang to bash if
you rely on bash features and adding safe flags (set -euo pipefail) or otherwise
keep POSIX sh-compatible logic; also ensure the branch-name regex check uses a
shell construct supported by the chosen shell (or use git rev-parse and grep -E
for portability) and keep the existing exit codes.

[coderabbitai]

🧹 Nitpick | 🔵 Trivial

Use a top‑level H1 for the first heading (markdownlint MD041).

Change the opening heading to H1.

-## Choose the appropriate template for your PR:
+# Choose the appropriate template for your PR:

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	## Choose the appropriate template for your PR:
	# Choose the appropriate template for your PR:

🧰 Tools

🪛 markdownlint-cli2 (0.18.1)

1-1: First line in a file should be a top-level heading

(MD041, first-line-heading, first-line-h1)

🤖 Prompt for AI Agents

In .github/pull_request_template.md around line 1, the first heading is
currently a level-2 heading ("## Choose the appropriate template for your PR:")
which violates markdownlint MD041; change it to a top-level H1 by replacing the
leading "##" with "#" so the file begins with "# Choose the appropriate template
for your PR:" ensuring the very first heading in the document is H1.

[coderabbitai]

🧹 Nitpick | 🔵 Trivial

Consider fixing markdown formatting violations.

The changelog has multiple markdown linting violations that affect readability:

• MD022: 70+ headings missing blank lines
• MD009: Multiple lines with trailing spaces
• MD031: Code blocks missing surrounding blank lines
• MD047: Missing trailing newline

While these don't affect functionality, fixing them improves document consistency. Run markdownlint --fix to auto-correct most issues, or manually:

1. Add blank lines above all headings
2. Remove trailing spaces
3. Add blank lines around code blocks
4. Add a single trailing newline at EOF

🧰 Tools

🪛 LanguageTool

[style] ~97-~97: ‘with success’ might be wordy. Consider a shorter alternative.
Context: ...file formats - Real-time progress bar with success/error tracking - Template generation ...

(EN_WORDINESS_PREMIUM_WITH_SUCCESS)

---

[uncategorized] ~329-~329: If this is a compound adjective that modifies the following noun, use a hyphen.
Context: ...and branding customization tools ### Long Term - AI Integration: Smart recommend...

(EN_COMPOUND_ADJECTIVE_INTERNAL)

---

[style] ~372-~372: Some style guides suggest that commas should set off the year in a month-day-year date.
Context: ...nts --- Release Date: October 23, 2025 Document Version: 1.0 **Total M...

(MISSING_COMMA_AFTER_YEAR)

🪛 markdownlint-cli2 (0.18.1)

7-7: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

8-8: Trailing spaces
Expected: 0 or 2; Actual: 1

(MD009, no-trailing-spaces)

---

13-13: Trailing spaces
Expected: 0 or 2; Actual: 1

(MD009, no-trailing-spaces)

---

19-19: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

20-20: Trailing spaces
Expected: 0 or 2; Actual: 1

(MD009, no-trailing-spaces)

---

25-25: Trailing spaces
Expected: 0 or 2; Actual: 1

(MD009, no-trailing-spaces)

---

31-31: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

32-32: Trailing spaces
Expected: 0 or 2; Actual: 1

(MD009, no-trailing-spaces)

---

37-37: Trailing spaces
Expected: 0 or 2; Actual: 1

(MD009, no-trailing-spaces)

---

42-42: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

43-43: Trailing spaces
Expected: 0 or 2; Actual: 1

(MD009, no-trailing-spaces)

---

48-48: Trailing spaces
Expected: 0 or 2; Actual: 1

(MD009, no-trailing-spaces)

---

54-54: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

55-55: Trailing spaces
Expected: 0 or 2; Actual: 1

(MD009, no-trailing-spaces)

---

60-60: Trailing spaces
Expected: 0 or 2; Actual: 1

(MD009, no-trailing-spaces)

---

66-66: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

67-67: Trailing spaces
Expected: 0 or 2; Actual: 1

(MD009, no-trailing-spaces)

---

72-72: Trailing spaces
Expected: 0 or 2; Actual: 1

(MD009, no-trailing-spaces)

---

78-78: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

84-84: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

90-90: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

96-96: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

105-105: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

113-113: Trailing spaces
Expected: 0 or 2; Actual: 1

(MD009, no-trailing-spaces)

---

129-129: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

132-132: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

133-133: Trailing spaces
Expected: 0 or 2; Actual: 1

(MD009, no-trailing-spaces)

---

135-135: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

138-138: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

142-142: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

145-145: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

148-148: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

151-151: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

155-155: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

158-158: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

161-161: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

164-164: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

167-167: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

171-171: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

172-172: Trailing spaces
Expected: 0 or 2; Actual: 1

(MD009, no-trailing-spaces)

---

174-174: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

177-177: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

180-180: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

181-181: Trailing spaces
Expected: 0 or 2; Actual: 1

(MD009, no-trailing-spaces)

---

183-183: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

186-186: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

189-189: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

192-192: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

195-195: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

198-198: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

201-201: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

204-204: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

207-207: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

211-211: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

215-215: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

218-218: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

221-221: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

224-224: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

227-227: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

230-230: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

233-233: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

236-236: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

239-239: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

242-242: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

245-245: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

248-248: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

251-251: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

254-254: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

257-257: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

260-260: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

263-263: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

266-266: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

269-269: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

272-272: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

275-275: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

278-278: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

281-281: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

284-284: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

287-287: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

290-290: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

293-293: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

296-296: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

299-299: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

302-302: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

305-305: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

308-308: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

311-311: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

---

314-314: Headings should be surrounded by blank lines
Expected: 1; Actual: 0; Below

(MD022, blanks-around-headings)

🤖 Prompt for AI Agents

In micro-ui/web/micro-ui-internals/CHANGELOG.md around lines 1 to 377, the file
has multiple markdown-lint violations (missing blank lines before headings
MD022, trailing spaces MD009, code blocks not separated MD031, and missing final
newline MD047); fix by inserting a blank line above each top-level and
subsequent heading, remove any trailing spaces at line ends, ensure all fenced
code blocks have a blank line before and after them, and add a single trailing
newline at EOF (you can run `markdownlint --fix` or apply these edits manually).

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

Verify module versions match package manifests.

Confirm listed versions align with package.json across modules to avoid drift in release notes.

---

🏁 Script executed:

#!/bin/bash
# Check declared versions in docs vs package.json files
rg -nP --type=json '"name":\s*"@egovernments/digit-ui-module-[^"]+"' -n -C1
rg -nP '@egovernments/digit-ui-(module|libraries|components)[^@\s]*@?([0-9]+\.[0-9]+[^"\s]*)?' -n micro-ui -C1

Length of output: 106470

---

Update versions in changelog to match package.json manifests.

All modules currently use release candidate versions (-rc1 suffix) in package.json, but the changelog documents them as final releases (without -rc1). Update the table to reflect:

• Core: 1.9.0-rc1 (not 1.9.0)
• Workbench: 1.1.0-rc1 (not 1.1.0)
• HRMS: 1.9.0-rc1 (not 1.9.0)
• PGR: 1.9.0-rc1 (not 1.9.0)
• DSS: 1.9.0-rc1 (not 1.9.0)
• Common: 1.9.0-rc1 (not 1.9.0)
• Engagement: 1.9.0-rc1 (not 1.9.0)
• Utilities: 1.1.0-rc1 (not 1.1.0)
• Sandbox: 0.1.0-rc1 (not 0.1.0)
• Open Payment: 0.1.0-rc1 (not 0.1.0)

🤖 Prompt for AI Agents

In micro-ui/web/micro-ui-internals/COMPLETE_MODULE_CHANGELOG_SUMMARY.md around
lines 22 to 36, the changelog table lists final release versions but
package.json uses release-candidate versions; update the "New Version" column
entries to match package manifests by appending "-rc1" as follows: Core ->
1.9.0-rc1, Workbench -> 1.1.0-rc1, HRMS -> 1.9.0-rc1, PGR -> 1.9.0-rc1, DSS ->
1.9.0-rc1, Common -> 1.9.0-rc1, Engagement -> 1.9.0-rc1, Utilities -> 1.1.0-rc1,
Sandbox -> 0.1.0-rc1, Open Payment -> 0.1.0-rc1; ensure table formatting remains
intact and update any matching references elsewhere in the file if present.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Hyphenate compound adjective.

Use “single-tenant” for consistency.

- - Auto-tenant selection for single tenant scenarios
+ - Auto-tenant selection for single-tenant scenarios

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	### **HRMS Module (v1.9.0)**
	- Multi-tenant employee management
	- Auto-tenant selection for single tenant scenarios
	- Improved date picker components
	- Enhanced form validation
	### **HRMS Module (v1.9.0)**
	- Multi-tenant employee management
	- Auto-tenant selection for single-tenant scenarios
	- Improved date picker components
	- Enhanced form validation

🧰 Tools

🪛 LanguageTool

[grammar] ~110-~110: Use a hyphen to join words.
Context: ...ement - Auto-tenant selection for single tenant scenarios - Improved date picker ...

(QB_NEW_EN_HYPHEN)

🤖 Prompt for AI Agents

In micro-ui/web/micro-ui-internals/COMPLETE_MODULE_CHANGELOG_SUMMARY.md around
lines 108 to 112, the phrase "single tenant scenarios" should be hyphenated as
"single-tenant scenarios" to correctly form a compound adjective; update that
line accordingly to maintain consistency across the changelog.

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

pdfMake fonts wiring and duplicate bundle risk

Importing pdfMake without wiring vfs fonts often breaks text rendering; also, this file-level import may duplicate pdfMake if utils/pdf.js also requires it. Prefer centralizing the import, or wire fonts here and verify there’s no duplicate include.

Option A (wire fonts here):

 import jsPDF from "jspdf";
-import pdfMake from 'pdfmake/build/pdfmake';
+import pdfMake from "pdfmake/build/pdfmake";
+import pdfFonts from "pdfmake/build/vfs_fonts";
+pdfMake.vfs = pdfFonts.pdfMake.vfs;

Option B (centralize via utils to avoid duplication):

-import pdfMake from "pdfmake/build/pdfmake";
+import pdfMake from "../../utils/pdf";

Run to verify single source of truth and vfs setup:

---

🏁 Script executed:

#!/bin/bash
rg -nP -C2 'pdfmake/build/(pdfmake|vfs_fonts)' && rg -nP -C2 '\bpdfMake\.vfs\b'

Length of output: 3180

---

Wire pdfMake.vfs to avoid font rendering failures in Download.js

pdfmake uses vfs_fonts.js for fonts and other files embedded into PDFs, creating a key/value object pdfMake.vfs. The Download.js import lacks vfs setup; meanwhile, utils/pdf.js wires it correctly at lines 33, 159, and 238. Since both files import pdfMake separately, each instance requires independent vfs configuration.

Fix by wiring vfs locally in Download.js (line 6):

 import jsPDF from "jspdf";
-import pdfMake from 'pdfmake/build/pdfmake';
+import pdfMake from "pdfmake/build/pdfmake";
+import pdfFonts from "pdfmake/build/vfs_fonts";
+pdfMake.vfs = pdfFonts.pdfMake.vfs;

Alternatively, import the pre-configured pdfMake from utils/pdf.js to avoid duplication (requires verifying utils/pdf.js exports pdfMake).

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	import jsPDF from "jspdf";
	import pdfMake from 'pdfmake/build/pdfmake';
	import jsPDF from "jspdf";
	import pdfMake from "pdfmake/build/pdfmake";
	import pdfFonts from "pdfmake/build/vfs_fonts";
	pdfMake.vfs = pdfFonts.pdfMake.vfs;

🤖 Prompt for AI Agents

In
micro-ui/web/micro-ui-internals/packages/libraries/src/services/atoms/Download.js
around lines 5 to 6, pdfMake is imported without wiring its vfs which causes
font rendering failures; fix by either (A) locally wiring pdfMake.vfs to the
same vfs object used in utils/pdf.js (import the vfs map or vfs_fonts.js and
assign pdfMake.vfs = <vfs object> immediately after the import) or (B) import
the already-configured pdfMake from utils/pdf.js instead of importing
pdfmake/build/pdfmake here (verify utils/pdf.js exports the configured pdfMake
and replace the import accordingly).

[coderabbitai]

🧹 Nitpick | 🔵 Trivial

Consider parity with mSewaApp download path

The older PDF/Image flows respect window.mSewaApp for in-app downloads; PDFMAIN/PDFMAIN2 don’t. If mobile app usage matters, add the same branch to trigger native download.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Remove unused tenantConfig variable.

The tenantConfig variable is awaited but never used, causing unnecessary async work.

-    if (tenantConfigFetch) {
-      const tenantConfig = await StoreService.getTenantConfig(stateCode, enabledModules); // Await the async call
-    }

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	if (tenantConfigFetch) {
	const tenantConfig = await StoreService.getTenantConfig(stateCode, enabledModules); // Await the async call
	}
	if (tenantConfigFetch) {
	await StoreService.getTenantConfig(stateCode, enabledModules); // Await the async call for side effects
	}

🤖 Prompt for AI Agents

In
micro-ui/web/micro-ui-internals/packages/libraries/src/services/molecules/Store/service.js
around lines 100 to 102, the code awaits StoreService.getTenantConfig into an
unused tenantConfig variable; remove the unused variable and the unnecessary
async call. Delete the assignment line (or the whole if block if
tenantConfigFetch has no other side effects) so you no longer await or store
tenantConfig, keeping behavior consistent and avoiding the needless async work.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Refactor fetchTenantConfig to improve readability and fix missing semicolon.

This helper has several issues: missing semicolon on line 113, deeply nested ternaries on lines 123 and 128 that harm readability, and duplicates module-filtering logic from the else branch.

Apply this diff:

     const fetchTenantConfig = async () => {
       const tenantConfigs = await TenantConfigSearch.tenant(stateCode);
       const tenantConfigSearch = tenantConfigs?.tenantConfigs ? tenantConfigs?.tenantConfigs : null;
       const logoArray = tenantConfigSearch[0].documents
         .filter(doc => doc.type === "logoUrl")
         .map(doc => doc.fileStoreId);
       const bannerArray = tenantConfigSearch[0].documents
         .filter(doc => doc.type === "bannerUrl")
         .map(doc => doc.fileStoreId);
       const logoUrl = await Digit.UploadServices.Filefetch(logoArray, tenantConfigSearch?.[0]?.code);
-      const bannerUrl = await Digit.UploadServices.Filefetch(bannerArray, tenantConfigSearch?.[0]?.code)
+      const bannerUrl = await Digit.UploadServices.Filefetch(bannerArray, tenantConfigSearch?.[0]?.code);
       const formattedLanguages = tenantConfigSearch?.[0]?.languages?.map(lang => ({
         label: lang,
         value: lang
       })) || [];
+
+      const logoFetched = logoUrl?.data?.fileStoreIds?.[0]?.url?.split('?')[0];
+      const bannerFetched = bannerUrl?.data?.fileStoreIds?.[0]?.url?.split('?')[0];
+      const logoFallback = tenantConfigSearch?.[0]?.documents?.find((item) => item.type === "logoUrl")?.url;
+      const bannerFallback = tenantConfigSearch?.[0]?.documents?.find((item) => item.type === "bannerUrl")?.url;
+
       return {
         languages: tenantConfigSearch?.[0]?.languages? formattedLanguages : [{ label: "ENGLISH", value: Digit.Utils.getDefaultLanguage() }],
         stateInfo: {
-          code: tenantConfigFetch ? tenantConfigSearch?.[0]?.code : stateInfo.code,
-          name: tenantConfigFetch ? tenantConfigSearch?.[0]?.name : stateInfo.name,
-          logoUrl: tenantConfigFetch ? logoUrl?.data?.fileStoreIds?.[0]?.url ? logoUrl?.data?.fileStoreIds?.[0]?.url?.split('?')[0] : tenantConfigSearch?.[0]?.documents?.find((item) => item.type === "logoUrl")?.url : stateInfo.logoUrl,
-          statelogo: tenantConfigFetch ? tenantConfigSearch?.[0]?.documents?.find((item) => item.type === "statelogo")?.url : stateInfo.statelogo,
-          logoUrlWhite: tenantConfigFetch
-            ? tenantConfigSearch?.[0]?.documents?.find((item) => item.type === "logoUrlWhite")?.url
-            : stateInfo.logoUrlWhite,
-          bannerUrl: tenantConfigFetch ? bannerUrl?.data?.fileStoreIds?.[0]?.url  ? bannerUrl?.data?.fileStoreIds?.[0]?.url?.split('?')[0] : tenantConfigSearch?.[0]?.documents?.find((item) => item.type === "bannerUrl")?.url : stateInfo.bannerUrl,
+          code: tenantConfigSearch?.[0]?.code,
+          name: tenantConfigSearch?.[0]?.name,
+          logoUrl: logoFetched || logoFallback,
+          statelogo: tenantConfigSearch?.[0]?.documents?.find((item) => item.type === "statelogo")?.url,
+          logoUrlWhite: tenantConfigSearch?.[0]?.documents?.find((item) => item.type === "logoUrlWhite")?.url,
+          bannerUrl: bannerFetched || bannerFallback,
         },

Committable suggestion skipped: line range outside the PR's diff.

[coderabbitai]

🛠️ Refactor suggestion | 🟠 Major

Extract duplicate module-filtering logic into a helper.

The module-filtering logic is duplicated between fetchTenantConfig (lines 131–135) and the else branch (lines 152–156).

Extract a helper before line 103:

+    const getActiveModules = () =>
+      MdmsRes?.tenant?.citymodule
+        ?.filter((module) => module?.active)
+        ?.filter((module) => enabledModules?.includes(module?.code))
+        ?.sort((x, y) => x?.order - y?.order) || [];
+
     const fetchTenantConfig = async () => {
       ...
         localizationModules: stateInfo.localizationModules,
-        modules:
-          MdmsRes?.tenant?.citymodule
-            ?.filter((module) => module?.active)
-            ?.filter((module) => enabledModules?.includes(module?.code))
-            ?.sort((x, y) => x?.order - y?.order) || [],
+        modules: getActiveModules(),
         uiHomePage: uiHomePage,
       };
     };
     const initData = tenantConfigFetch
       ? await fetchTenantConfig()
       : {
           ...
           localizationModules: stateInfo.localizationModules,
-          modules:
-            MdmsRes?.tenant?.citymodule
-              ?.filter((module) => module?.active)
-              ?.filter((module) => enabledModules?.includes(module?.code))
-              ?.sort((x, y) => x?.order - y?.order) || [],
+          modules: getActiveModules(),
           uiHomePage: uiHomePage,
         };

Committable suggestion skipped: line range outside the PR's diff.

🤖 Prompt for AI Agents

In
micro-ui/web/micro-ui-internals/packages/libraries/src/services/molecules/Store/service.js
around lines 139 to 158, the module-filtering logic is duplicated; extract a
helper function placed before line 103 that accepts MdmsRes, enabledModules and
returns MdmsRes?.tenant?.citymodule?.filter(m => m?.active).filter(m =>
enabledModules?.includes(m?.code)).sort((x,y)=>x?.order - y?.order) || [];
Replace the duplicated inline logic in both fetchTenantConfig and the else
branch with calls to this helper, keeping existing null-safety and default
empty-array behavior.