[comp] Production Deploy #2083
[comp] Production Deploy #2083
Conversation
…2079) * feat(app): add 'Remove Device' menu on Employ Devices tab * feat(api): create delete endpoint to remove single host from fleet * feat(app): integrate delete endpoint to remove the host * fix(api): missing host ownership validation allows cross-organization deletion * fix(app): redundant null check after early return guard on handleRemoveDeviceClick * fix(api): duplicated host deletion logic not consolidated on fleet.service * fix(app): remove unnecessary accessorKey on actions column * fix(app): remove duplicated database query for current user member --------- Co-authored-by: chasprowebdev <chasgarciaprowebdev@gmail.com>
|
The latest updates on your projects. Learn more about Vercel for GitHub.
1 Skipped Deployment
|
|
|
PR SummaryHigh Risk Overview Publishing/approval flows are updated to be version-aware. Draft edits are stored separately ( Storage + data migration changes. Policy creation now creates version 1 transactionally; deleting a policy/version cleans up associated S3 PDFs (including version PDFs); Trigger tasks are added to bulk-migrate legacy policies without versions; trust portal PDF bundling and vector-store sync now prefer version content. Other changes. Findings updates gain Written by Cursor Bugbot for commit 3a37196. This will update automatically on new commits. Configure here. |
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
* feat(api): add revision note handling for findings update * feat(app): update onStatusChange to support async handling in FindingItem --------- Co-authored-by: Tofik Hasanov <annexcies@gmail.com>
apps/app/src/app/(app)/[orgId]/tasks/[taskId]/components/findings/FindingItem.tsx
Show resolved
Hide resolved
| } finally { | ||
| setIsSubmitting(false); | ||
| } | ||
| }; |
There was a problem hiding this comment.
Revision dialog closes on API failure, losing user input
Medium Severity
The handleRevisionSubmit and handleRevisionSkip functions expect onStatusChange to throw on API failure so the dialog remains open for retry. However, handleStatusChange (the implementation of onStatusChange) catches errors internally and shows a toast but doesn't re-throw. This causes await onStatusChange(...) to always resolve successfully, so the dialog closes and the user's typed revision note is cleared even when the API call fails. The user sees an error toast but loses their input.
Additional Locations (1)
| @IsString() | ||
| @IsOptional() | ||
| @MaxLength(2000) | ||
| revisionNote?: string | null; |
There was a problem hiding this comment.
Missing explicit type causes incorrect OpenAPI schema
Low Severity
The @ApiProperty decorator for revisionNote is missing an explicit type: String specification. Combined with nullable: true and TypeScript type string | null, this causes NestJS Swagger to generate "type": "object" in the OpenAPI spec instead of "type": "string". Add type: String to the decorator options.
* feat(api): add policy versioning with create, update, delete, and fetch operations * fix(api): update approver handling and current version assignment in policy changes * feat(api): enhance deleteById to clean up PDFs from S3 before deletion * feat(api): update policy version creation to handle S3 copy after transaction * feat(api): clear pending approval state when publishing or activating versions * feat(api): include organizationId check to prevent cross-org access in PDF URL retrieval * feat(api): sync draft content to prevent unpublished changes UI bug * feat(api): prevent activating a different version when another is pending approval * feat(api): add validation for deactivated members as approvers * feat(api): clear signatures when publishing or activating policy versions * feat(api): sync draft content to prevent false unpublished changes indicator * feat(api): use transaction for atomic policy updates and sync draft content --------- Co-authored-by: Tofik Hasanov <annexcies@gmail.com>
| } | ||
| return []; | ||
| })() | ||
| } |
There was a problem hiding this comment.
Editor loads published content instead of draft content
Medium Severity
The policyContent prop passed to PolicyContentManager loads from currentVersion.content or policy.content, but never from policy.draftContent. Meanwhile, hasDraftChanges correctly compares draftContent vs content to detect unpublished changes. This mismatch means when a user has draft changes (saved to draftContent), the editor will show the published version content instead of their draft. The "unpublished changes" indicator will appear, but the actual draft content won't be displayed or editable, potentially causing users to overwrite their draft work.
| } | ||
|
|
||
| return processed; | ||
| } |
There was a problem hiding this comment.
Duplicated processContent function and ContentNode interface
Medium Severity
The ContentNode interface and processContent function are duplicated in both update-draft.ts and update-version-content.ts. These are nearly identical implementations that sanitize TipTap editor content. Extract to a shared utility like apps/app/src/actions/policies/lib/content-utils.ts.
| console.error('Error copying policy PDF:', error); | ||
| return null; | ||
| } | ||
| } |
There was a problem hiding this comment.
Duplicated S3 PDF copy helper function
Low Severity
The copyPolicyVersionPdf function duplicates the logic in AttachmentsService.copyPolicyVersionPdf (apps/api/src/attachments/attachments.service.ts lines 341-358). Consider extracting to a shared S3 utility module or creating a reusable pattern.
| } catch (error) { | ||
| console.error('Error deleting policy PDF:', error); | ||
| } | ||
| } |
There was a problem hiding this comment.
Duplicated S3 PDF delete helper function
Low Severity
The deletePolicyVersionPdf function duplicates the logic in AttachmentsService.deletePolicyVersionPdf (apps/api/src/attachments/attachments.service.ts lines 363-374). Consider extracting to a shared S3 utility module.
* fix(trust-portal): improve error handling for custom domain updates * fix(trust-portal): enhance error handling for domain ownership checks --------- Co-authored-by: Tofik Hasanov <annexcies@gmail.com>
apps/app/src/app/(app)/[orgId]/policies/[policyId]/editor/components/PolicyDetails.tsx
Show resolved
Hide resolved
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 3 potential issues.
Bugbot Autofix is OFF. To automatically fix reported issues with Cloud Agents, enable Autofix in the Cursor dashboard.
| ); | ||
| } | ||
|
|
||
| // Delete the policy (versions are cascade deleted) |
There was a problem hiding this comment.
S3 deletion before database update causes inconsistent state on failure
Medium Severity
S3 PDF files are deleted before the database operation (delete or transaction). If the database operation fails after S3 deletion succeeds, the policy versions will reference non-existent S3 files, causing broken PDF links for users. The S3 cleanup should occur after the database operation succeeds to maintain data consistency. This affects policy deletion and policy regeneration flows.
Additional Locations (2)
| }); | ||
|
|
||
| return version.id; | ||
| } |
There was a problem hiding this comment.
Unused exported function ensurePolicyHasVersion
Low Severity
The ensurePolicyHasVersion utility function is exported but never imported or used anywhere in the codebase. The comment states it "Can be called from other server actions or components when needed" but no callers exist.
| console.error('Error copying policy PDF:', error); | ||
| return null; | ||
| } | ||
| } |
There was a problem hiding this comment.
Duplicate S3 helper functions across packages
Low Severity
copyPolicyVersionPdf in create-version.ts and deletePolicyVersionPdf in delete-version.ts duplicate functionality that already exists in AttachmentsService (attachments.service.ts lines 341-374). Consider creating a shared S3 utility in the app package or calling the API endpoints.
2 participants
This is an automated pull request to release the candidate branch into production, which will trigger a deployment.
It was created by the [Production PR] action.