Conversation
Improves code reliability and maintainability by introducing extensive unit test coverage for core modules and services. Integrates a GitHub Actions workflow to automate test execution and coverage reporting, supporting continuous integration for key branches. Encourages robust development practices and simplifies future feature changes and bug fixes.
- Add jest.config.ts with proper coverage exclusions (moved from package.json) - Add 22 test files covering validators, filters, interceptors, middleware, decorators, auth guards, database service, metadata services, garbage collection, savefiles, and activity gateway - 369 tests passing across 37 suites - Coverage at 68.35% statements (up from 25%)
This reverts commit fd59c0e.
… dependency management - Updated various guards, strategies, services, and controllers to use ConfigService instead of direct configuration imports. - Introduced a private `config` getter in multiple classes to access application configuration. - Ensured that testing flags and other configuration values are accessed through the ConfigService for improved testability and maintainability.
…tion across services
…d removing unused imports
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
Comment on lines
+17
to
+19
| uses: ./.github/workflows/test.yml | ||
|
|
||
| docker: |
Check warning
Code scanning / CodeQL
Workflow does not contain permissions Medium
This autofix suggestion was applied.
Show autofix suggestion
Hide autofix suggestion
This autofix suggestion was applied.
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 12 days ago
To fix this, the workflow should explicitly define minimal GITHUB_TOKEN permissions using a permissions: block. The safest, least invasive fix is to add a root-level permissions section (applies to all jobs that do not override it) with read-only access to repository contents and packages, which is generally sufficient for building and pushing Docker images when registry authentication is done via dedicated secrets (as here with DOCKERHUB_TOKEN and SONAR_TOKEN). The login steps to Docker Hub and GHCR use username/password or secrets.GITHUB_TOKEN as a password to the container registry, which does not require repository write permissions.
Concretely, in .github/workflows/deploy.yml, directly after the on: block (after line 10, before concurrency:), add:
permissions:
contents: read
packages: readThis sets default permissions for the entire workflow, including the test, docker, manifest, and sonarcloud jobs, without changing their functionality. No additional imports or methods are required: this is a pure YAML configuration change.
Suggested changeset
1
.github/workflows/deploy.yml
| @@ -8,6 +8,10 @@ | ||
| - develop | ||
| - early-access | ||
|
|
||
| permissions: | ||
| contents: read | ||
| packages: read | ||
|
|
||
| concurrency: | ||
| group: deploy-${{ github.ref }} | ||
| cancel-in-progress: true |
Copilot is powered by AI and may make mistakes. Always verify output.
Alfagun74
committed this autofix suggestion 12 days ago.
Comment on lines
+20
to
+86
| needs: test | ||
| runs-on: ubuntu-latest | ||
| strategy: | ||
| fail-fast: false | ||
| matrix: | ||
| platform: | ||
| - linux/amd64 | ||
| - linux/arm64 | ||
| outputs: | ||
| version: ${{ steps.package-version.outputs.current-version }} | ||
| steps: | ||
| - name: Checkout | ||
| uses: actions/checkout@v4 | ||
| with: | ||
| fetch-depth: "${{ github.ref == 'refs/heads/master' || github.ref == 'refs/heads/hotfix' && 0 || 1 }}" | ||
|
|
||
| - name: Fetch Current Package Version | ||
| if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/hotfix' || github.ref == 'refs/heads/develop' | ||
| id: package-version | ||
| uses: martinbeentjes/npm-get-version-action@v1.3.1 | ||
|
|
||
| - name: Set up QEMU | ||
| uses: docker/setup-qemu-action@v3 | ||
|
|
||
| - name: Set up Docker Buildx | ||
| uses: docker/setup-buildx-action@v3 | ||
|
|
||
| - name: Login to Docker Hub | ||
| uses: docker/login-action@v3 | ||
| with: | ||
| username: phalcode | ||
| password: ${{ secrets.DOCKERHUB_TOKEN }} | ||
|
|
||
| - name: Login to GitHub Container Registry | ||
| uses: docker/login-action@v3 | ||
| with: | ||
| registry: ghcr.io | ||
| username: phalcode | ||
| password: ${{ secrets.GITHUB_TOKEN }} | ||
|
|
||
| - name: Build and Push by digest | ||
| id: build | ||
| uses: docker/build-push-action@v6 | ||
| with: | ||
| platforms: ${{ matrix.platform }} | ||
| tags: | | ||
| phalcode/gamevault-backend | ||
| ghcr.io/phalcode/gamevault-backend | ||
| outputs: type=image,push-by-digest=true,name-canonical=true,push=true | ||
| cache-from: type=gha | ||
| cache-to: type=gha,mode=max | ||
|
|
||
| - name: Export digest | ||
| run: | | ||
| mkdir -p /tmp/digests | ||
| digest="${{ steps.build.outputs.digest }}" | ||
| touch "/tmp/digests/${digest#sha256:}" | ||
|
|
||
| - name: Upload digest | ||
| uses: actions/upload-artifact@v4 | ||
| with: | ||
| name: digests-${{ strategy.job-index }} | ||
| path: /tmp/digests/* | ||
| if-no-files-found: error | ||
| retention-days: 1 | ||
|
|
||
| manifest: |
Check warning
Code scanning / CodeQL
Workflow does not contain permissions Medium
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 12 days ago
In general, to fix this issue you should add an explicit permissions: block either at the workflow root (to apply to all jobs) or per job, granting only the minimal set of scopes each job actually needs. This documents the intended access and ensures the workflow does not accidentally gain broader permissions if repository or organization defaults change.
For this workflow, the cleanest approach without changing functionality is:
- Add a root‑level
permissions:grantingcontents: readandpackages: read, which is sufficient for:actions/checkout(needs repo contents read).actions/upload-artifactandactions/download-artifact(use the token but only need repo read).- Docker build/push to external registries using provided secrets (these don’t need repo write).
- Override permissions for the
manifestjob only, since it runsCupOfTea696/gh-action-auto-releaseto create GitHub tags and releases, which requires write access. For that job, set:contents: write(to create tags and releases).packages: read(to maintain consistency with the root and any package needs).
- The
testjob is a reusable workflow (uses: ./.github/workflows/test.yml). Its internal permissions should be defined in that called workflow; this top‑level workflow’s defaultpermissionswill apply to it unless overridden insidetest.yml.
Concretely:
- In
.github/workflows/deploy.yml, insert a root‑levelpermissions:block after theon:section (beforeconcurrency:) with:permissions: contents: read packages: read
- In the same file, inside the
manifestjob definition, add:directly underpermissions: contents: write packages: read
runs-on: ubuntu-latest.
No imports or external dependencies are needed for this change; it’s purely YAML configuration inside the existing workflow.
Suggested changeset
1
.github/workflows/deploy.yml
| @@ -8,6 +8,10 @@ | ||
| - develop | ||
| - early-access | ||
|
|
||
| permissions: | ||
| contents: read | ||
| packages: read | ||
|
|
||
| concurrency: | ||
| group: deploy-${{ github.ref }} | ||
| cancel-in-progress: true | ||
| @@ -86,6 +90,9 @@ | ||
| manifest: | ||
| needs: docker | ||
| runs-on: ubuntu-latest | ||
| permissions: | ||
| contents: write | ||
| packages: read | ||
| steps: | ||
| - name: Download digests | ||
| uses: actions/download-artifact@v4 |
Copilot is powered by AI and may make mistakes. Always verify output.
Unable to commit as this autofix suggestion is now outdated
Comment on lines
+87
to
+160
| needs: docker | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: Download digests | ||
| uses: actions/download-artifact@v4 | ||
| with: | ||
| path: /tmp/digests | ||
| pattern: digests-* | ||
| merge-multiple: true | ||
|
|
||
| - name: Set up Docker Buildx | ||
| uses: docker/setup-buildx-action@v3 | ||
|
|
||
| - name: Login to Docker Hub | ||
| uses: docker/login-action@v3 | ||
| with: | ||
| username: phalcode | ||
| password: ${{ secrets.DOCKERHUB_TOKEN }} | ||
|
|
||
| - name: Login to GitHub Container Registry | ||
| uses: docker/login-action@v3 | ||
| with: | ||
| registry: ghcr.io | ||
| username: phalcode | ||
| password: ${{ secrets.GITHUB_TOKEN }} | ||
|
|
||
| - name: Create manifest list and push | ||
| run: | | ||
| BRANCH="${GITHUB_REF#refs/heads/}" | ||
| VERSION="${{ needs.docker.outputs.version }}" | ||
|
|
||
| push_manifest() { | ||
| local REPO=$1 | ||
| local TAGS=$2 | ||
| local ARGS="" | ||
| for tag in $TAGS; do | ||
| ARGS="$ARGS -t $REPO:$tag" | ||
| done | ||
|
|
||
| docker buildx imagetools create $ARGS \ | ||
| $(printf "$REPO@sha256:%s " $(ls /tmp/digests)) | ||
| } | ||
|
|
||
| case "$BRANCH" in | ||
| master|hotfix) | ||
| push_manifest "phalcode/gamevault-backend" "latest $VERSION" | ||
| push_manifest "ghcr.io/phalcode/gamevault-backend" "latest $VERSION" | ||
| ;; | ||
| develop) | ||
| push_manifest "phalcode/gamevault-backend" "unstable" | ||
| push_manifest "ghcr.io/phalcode/gamevault-backend" "unstable" | ||
| ;; | ||
| early-access) | ||
| push_manifest "phalcode/gamevault-backend" "early-access" | ||
| push_manifest "ghcr.io/phalcode/gamevault-backend" "early-access" | ||
| ;; | ||
| esac | ||
|
|
||
| - name: Create Github Tag & Release | ||
| if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/hotfix' | ||
| id: release | ||
| uses: CupOfTea696/gh-action-auto-release@v1.0.2 | ||
| env: | ||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
|
|
||
| - name: Discord notification | ||
| if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/hotfix' | ||
| uses: Ilshidur/action-discord@master | ||
| env: | ||
| DISCORD_WEBHOOK: ${{ secrets.DISCORD_RELEASE_BOT_WEBHOOK }} | ||
| with: | ||
| args: "<@&1128857090090340382> New Release: {{ EVENT_PAYLOAD.repository.full_name }} v$VERSION has been deployed. Here are the changes: https://github.com/{{ EVENT_PAYLOAD.repository.full_name }}/releases/tag/$VERSION" | ||
|
|
||
| sonarcloud: |
Check warning
Code scanning / CodeQL
Workflow does not contain permissions Medium
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 12 days ago
To fix this, add explicit permissions blocks to the workflow so that the default for all jobs is read‑only, and then grant elevated permissions only to the jobs that need them. This constrains what GITHUB_TOKEN can do while keeping existing behavior intact.
The safest pattern here is:
- At the top level (root of the workflow), add
permissions: contents: readso that all jobs default to read‑only access. - For jobs that need to publish releases or otherwise write to the repository, override with job‑level permissions. In this workflow, the
manifestjob runsCupOfTea696/gh-action-auto-release, which creates tags/releases and thus needscontents: write. Thesonarcloudjob only needs to report status checks; SonarCloud’s official docs indicate it needschecks: writeandpull-requests: read(and does not generally needcontents: writefor typical setups). Thedockerjob appears to only build and push images to external registries usingsecrets.DOCKERHUB_TOKENandsecrets.GITHUB_TOKENfor GHCR authentication, but not to modify the GitHub repo; it can keep read‑only defaults.
Concretely:
- In
.github/workflows/deploy.yml, aftername: Deploy(line 1) and beforeon:(line 3), insert a root‑levelpermissionsblock withcontents: read. - Under the
manifestjob (line 86), add apermissionsblock specifyingcontents: writebecause of the GitHub tag & release step. - Under the
sonarcloudjob (line 160), add apermissionsblock specifyingcontents: read,checks: write, andpull-requests: readto match least privilege for analysis/reporting while avoiding broad write access to repository contents.
This keeps existing functionality while explicitly constraining token capabilities.
Suggested changeset
1
.github/workflows/deploy.yml
| @@ -1,5 +1,8 @@ | ||
| name: Deploy | ||
|
|
||
| permissions: | ||
| contents: read | ||
|
|
||
| on: | ||
| push: | ||
| branches: | ||
| @@ -86,6 +89,8 @@ | ||
| manifest: | ||
| needs: docker | ||
| runs-on: ubuntu-latest | ||
| permissions: | ||
| contents: write | ||
| steps: | ||
| - name: Download digests | ||
| uses: actions/download-artifact@v4 | ||
| @@ -161,6 +166,10 @@ | ||
| needs: test | ||
| if: github.ref == 'refs/heads/develop' | ||
| runs-on: ubuntu-latest | ||
| permissions: | ||
| contents: read | ||
| checks: write | ||
| pull-requests: read | ||
| steps: | ||
| - uses: actions/checkout@v4 | ||
| with: |
Copilot is powered by AI and may make mistakes. Always verify output.
Unable to commit as this autofix suggestion is now outdated
Comment on lines
+161
to
+172
| needs: test | ||
| if: github.ref == 'refs/heads/develop' | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - uses: actions/checkout@v4 | ||
| with: | ||
| fetch-depth: 0 | ||
| - name: SonarCloud Scan | ||
| uses: SonarSource/sonarcloud-github-action@master | ||
| env: | ||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} |
Check warning
Code scanning / CodeQL
Workflow does not contain permissions Medium
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 12 days ago
To fix this, explicitly declare a least-privilege permissions block in .github/workflows/deploy.yml. Because multiple jobs use GITHUB_TOKEN (Docker-related actions may read from the repo; the release action writes tags/releases; SonarCloud reads code metadata), the cleanest approach is:
- Add a root-level
permissions:block after theon:section that grants minimal read access globally. - For the job that needs write access (the release job within
manifest), add a job-levelpermissions:block that augments or overrides with only the specific write scopes required (e.g.,contents: writeand optionallyissues: writeorpull-requests: writeif that action uses them).
However, since we only see job headers for test, docker, manifest, and sonarcloud, and the CodeQL finding is on the sonarcloud job, the minimal non-breaking change is:
- Add a root-level
permissions:block granting read-only repo access:contents: read. - Add a job-level
permissions:block to themanifestjob to allow it to create tags and releases usingGITHUB_TOKEN, e.g.contents: write. This keepssonarcloud(and other jobs) limited to read-only while preserving existing release behavior.
No new methods or imports are needed; this is purely YAML configuration. The changes should be made within .github/workflows/deploy.yml near the top-level keys (on:, concurrency:, jobs:) and at the manifest: job definition.
Suggested changeset
1
.github/workflows/deploy.yml
| @@ -8,6 +8,9 @@ | ||
| - develop | ||
| - early-access | ||
|
|
||
| permissions: | ||
| contents: read | ||
|
|
||
| concurrency: | ||
| group: deploy-${{ github.ref }} | ||
| cancel-in-progress: true | ||
| @@ -86,6 +89,8 @@ | ||
| manifest: | ||
| needs: docker | ||
| runs-on: ubuntu-latest | ||
| permissions: | ||
| contents: write | ||
| steps: | ||
| - name: Download digests | ||
| uses: actions/download-artifact@v4 |
Copilot is powered by AI and may make mistakes. Always verify output.
Unable to commit as this autofix suggestion is now outdated
…in permissions Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
…in permissions Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
There was a problem hiding this comment.
Pull request overview
Release 16.3.0 aggregates platform features and infrastructure changes across the GameVault backend, including configuration refactors, new admin endpoints, and expanded test coverage.
Changes:
- Migrate runtime configuration access toward NestJS Config via a global
GAMEVAULT_CONFIGprovider and injection decorator. - Add/adjust APIs and behaviors (HTTPS support, admin game upload/delete, news update endpoint, IGDB metadata enrichments, UNPLAYED filtering fix, plugin loader hardening).
- Introduce/expand unit and e2e tests, plus CI workflow updates (tests + deploy pipeline refactor).
Reviewed changes
Copilot reviewed 93 out of 94 changed files in this pull request and generated 1 comment.
Show a summary per file
| File | Description |
|---|---|
| src/validators/media.validator.spec.ts | Adds tests for MediaValidator behavior and default messages. |
| src/validators/is-optional-if.validator.spec.ts | Adds tests for conditional optional validation decorator. |
| src/validators/is-date-string-before-now.validator.spec.ts | Adds tests for date-string “before now” validator. |
| src/plugin.ts | Ensures plugin inject directory exists before scanning/loading plugin modules. |
| src/modules/web-ui/web-ui.service.ts | Switches Web UI service to injected configuration; refactors cache path. |
| src/modules/web-ui/web-ui.service.spec.ts | Adds unit tests for Web UI caching/version selection behaviors. |
| src/modules/web-ui/web-ui.module.ts | Resolves static root path to avoid relative path issues. |
| src/modules/users/users.service.ts | Switches users service to injected configuration for server/testing/parental settings. |
| src/modules/users/users.controller.spec.ts | Adds controller unit tests for user endpoints behavior. |
| src/modules/users/activity.gateway.spec.ts | Adds gateway tests for activity tracking/broadcast. |
| src/modules/status/status.service.spec.ts | Adds unit tests for status service and protocol behavior. |
| src/modules/status/status.e2e.spec.ts | Converts status e2e test to real HTTP request against a test Nest app. |
| src/modules/status/status.controller.spec.ts | Adds controller unit tests for role-based status detail. |
| src/modules/savefiles/savefile.service.ts | Switches savefile service to injected config; adapts mime usage for ESM. |
| src/modules/savefiles/savefile.service.spec.ts | Adds unit tests for savefile validation/upload/delete/download flows. |
| src/modules/progresses/progress.controller.spec.ts | Adds controller tests for progress CRUD/increment endpoints. |
| src/modules/otp/otp.service.spec.ts | Adds OTP service tests for creation/consumption/expiry behavior. |
| src/modules/otp/models/otp.model.spec.ts | Adds OTP model tests including log redaction. |
| src/modules/metadata/tags/tags.metadata.controller.ts | Adjusts tag list query to only include tags linked to non-deleted games; counts distinct games. |
| src/modules/metadata/tags/tags.metadata.controller.spec.ts | Adds tests validating updated tag query/join/sort behavior. |
| src/modules/metadata/tags/tag.metadata.service.spec.ts | Adds TagMetadataService unit tests for find/save semantics. |
| src/modules/metadata/publishers/publishers.metadata.controller.ts | Adjusts publisher list query to only include publishers linked to non-deleted games; counts distinct games. |
| src/modules/metadata/publishers/publishers.metadata.controller.spec.ts | Adds tests validating updated publisher query/join/sort behavior. |
| src/modules/metadata/publishers/publisher.metadata.service.spec.ts | Adds PublisherMetadataService unit tests for find/save semantics. |
| src/modules/metadata/providers/igdb/models/gamevault-igdb-age-rating.map.ts | Migrates IGDB age rating mapping to rating-name-based matching. |
| src/modules/metadata/providers/igdb/igdb.metadata-provider.service.ts | Updates IGDB fields, early access mapping, adds time-to-beat fetch for average playtime, and new age rating mapping. |
| src/modules/metadata/providers/igdb/igdb.metadata-provider.service.spec.ts | Adds tests for IGDB provider mapping, playtime fallback, and media download fallback. |
| src/modules/metadata/metadata.service.ts | Uses injected config for metadata TTL and installer parameter defaults. |
| src/modules/metadata/genres/genres.metadata.controller.ts | Adjusts genre list query to only include genres linked to non-deleted games; counts distinct games. |
| src/modules/metadata/genres/genres.metadata.controller.spec.ts | Adds tests validating updated genre query/join/sort behavior. |
| src/modules/metadata/genres/genre.metadata.service.spec.ts | Adds GenreMetadataService unit tests for find/save semantics. |
| src/modules/metadata/developers/developers.metadata.controller.ts | Adjusts developer list query to only include developers linked to non-deleted games; counts distinct games. |
| src/modules/metadata/developers/developers.metadata.controller.spec.ts | Adds tests validating updated developer query/join/sort behavior. |
| src/modules/metadata/developers/developer.metadata.service.spec.ts | Adds DeveloperMetadataService unit tests for find/save semantics. |
| src/modules/media/media.service.ts | Switches media service to injected config for volumes/testing/supported formats. |
| src/modules/media/media.service.spec.ts | Adds unit tests for media availability, upload validation, and delete behavior. |
| src/modules/garbage-collection/media-garbage-collection.service.spec.ts | Adds unit tests for media garbage collection behavior and guardrails. |
| src/modules/gamevault-config/gamevault-config.module.ts | Adds global module providing GAMEVAULT_CONFIG via Nest ConfigService. |
| src/modules/games/models/game-type.enum.ts | Adds WINDOWS_SOFTWARE and LINUX_SOFTWARE game types. |
| src/modules/games/games.service.spec.ts | Adds GamesService unit tests (sorting, retrieval, existence checks, random). |
| src/modules/games/games.module.ts | Registers Progress repository for games module queries. |
| src/modules/games/games.controller.ts | Adds admin upload/delete game endpoints and rewrites UNPLAYED filter handling. |
| src/modules/games/games.controller.spec.ts | Adds controller unit tests for new and existing game endpoints. |
| src/modules/games/files.service.spec.ts | Adds FilesService tests covering upload/delete/download behavior and validation. |
| src/modules/database/db_configuration.ts | Refactors DB config to accept AppConfiguration and uses async TypeORM config in module. |
| src/modules/database/database.service.ts | Switches DB service to injected config; adapts mime usage for ESM; adjusts backup/restore flows. |
| src/modules/database/database.service.spec.ts | Adds tests for DB password validation and in-memory DB guards. |
| src/modules/database/database.module.ts | Moves to TypeOrmModule.forRootAsync using Nest ConfigService. |
| src/modules/config/models/update-news.dto.ts | Adds DTO for updating news.md content. |
| src/modules/config/config.controller.ts | Adds admin PUT endpoint to update news.md; uses injected config. |
| src/modules/auth/strategies/refresh-token.strategy.ts | Switches refresh token secret to injected config. |
| src/modules/auth/strategies/oauth2.strategy.ts | Switches OAuth2 strategy config to injected config; enables OAuth state. |
| src/modules/auth/strategies/authentication.strategy.ts | Switches access token secret to injected config. |
| src/modules/auth/guards/authorization.guard.ts | Switches auth-disable checks to injected config. |
| src/modules/auth/guards/authorization.guard.spec.ts | Adds unit tests for AuthorizationGuard behaviors and auth-disabled mode. |
| src/modules/auth/guards/authentication.guard.ts | Switches auth-disable checks to injected config. |
| src/modules/auth/guards/authentication.guard.spec.ts | Adds unit tests for AuthenticationGuard and auth-disabled mode. |
| src/modules/auth/guards/api-key.guard.ts | Switches auth-disable checks to injected config. |
| src/modules/auth/guards/api-key.guard.spec.ts | Adds unit tests for ApiKeyGuard (HTTP/WS, error cases). |
| src/modules/auth/authentication.service.ts | Switches refresh-token settings to injected config. |
| src/modules/auth/authentication.service.spec.ts | Adds unit tests for AuthenticationService login/refresh/register/revoke flows. |
| src/modules/admin/admin.controller.spec.ts | Adds unit tests for admin controller backup/restore/webui restart routes. |
| src/middleware/legacy-routes.middleware.spec.ts | Adds tests for legacy route rewrite middleware. |
| src/main.ts | Reworks bootstrap to use ExpressAdapter with explicit HTTP/HTTPS server creation and session middleware. |
| src/interceptors/http-logging.interceptor.ts | Switches HTTP logging enablement to injected config. |
| src/interceptors/http-logging.interceptor.spec.ts | Adds tests for HTTP logging interceptor behavior. |
| src/interceptors/disable-api-if.interceptor.spec.ts | Adds tests for DisableApiIf interceptor behavior. |
| src/globals.ts | Adds .appimage to executable formats. |
| src/gamevault-config.ts | Adds helper to retrieve AppConfiguration from Nest ConfigService. |
| src/filters/http-exception.filter.spec.ts | Adds tests for exception filter response behavior. |
| src/decorators/inject-gamevault-config.decorator.ts | Adds decorator for injecting GAMEVAULT_CONFIG. |
| src/decorators/decorators.spec.ts | Adds tests for decorator metadata behavior. |
| src/configuration.spec.ts | Adds tests for config censoring, defaults, and YAML/env precedence. |
| src/app.module.ts | Introduces global Nest ConfigModule setup and GamevaultConfigModule wiring. |
| package.json | Bumps version to 16.3.0, adds packageManager, updates deps, moves Jest config to jest.config.ts. |
| jest.config.ts | Adds Jest config file and coverage collection/exclusions. |
| eslint.config.mjs | Disables certain TS lint rules for spec files. |
| coverage-target/coverage-summary.json | Adds a coverage summary artifact file. |
| Dockerfile | Adds HTTPS port env/expose, installs ca-certificates, updates pnpm, changes PG client install approach. |
| CHANGELOG.md | Adds 16.3.0 release notes. |
| .npm-upgrade.json | Removes previously ignored packages related to ESM constraints. |
| .github/workflows/test.yml | Adds reusable PR test workflow with coverage artifact upload. |
| .github/workflows/deployment-master.yml | Removes legacy deployment workflow. |
| .github/workflows/deployment-early-access.yml | Removes legacy early-access deployment workflow. |
| .github/workflows/deployment-develop.yml | Removes legacy develop deployment workflow. |
| .github/workflows/deploy.yml | Adds consolidated deploy workflow with test gate, multi-arch build by digest, manifest publish, optional release/discord/sonar. |
| .github/workflows/delete_all_images.yml | Bumps delete-package-versions action version. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Comment on lines
+2
to
+3
| ,"/home/alfagun74/git/phalcode/gamevault/gamevault-backend/src/modules/metadata/providers/igdb/igdb.metadata-provider.service.ts": {"lines":{"total":90,"covered":84,"skipped":0,"pct":93.33},"functions":{"total":30,"covered":30,"skipped":0,"pct":100},"statements":{"total":94,"covered":86,"skipped":0,"pct":91.48},"branches":{"total":45,"covered":25,"skipped":0,"pct":55.55}} | ||
| ,"/home/alfagun74/git/phalcode/gamevault/gamevault-backend/src/modules/web-ui/web-ui.service.ts": {"lines":{"total":110,"covered":99,"skipped":0,"pct":90},"functions":{"total":18,"covered":16,"skipped":0,"pct":88.88},"statements":{"total":118,"covered":106,"skipped":0,"pct":89.83},"branches":{"total":39,"covered":37,"skipped":0,"pct":94.87}} |
There was a problem hiding this comment.
This coverage summary JSON contains absolute filesystem paths (e.g., /home/.../src/...). That makes the artifact non-portable and can leak local directory structure. Consider excluding this from the repo (generate it in CI only) or rewriting keys to relative paths before committing.
Suggested change
| ,"/home/alfagun74/git/phalcode/gamevault/gamevault-backend/src/modules/metadata/providers/igdb/igdb.metadata-provider.service.ts": {"lines":{"total":90,"covered":84,"skipped":0,"pct":93.33},"functions":{"total":30,"covered":30,"skipped":0,"pct":100},"statements":{"total":94,"covered":86,"skipped":0,"pct":91.48},"branches":{"total":45,"covered":25,"skipped":0,"pct":55.55}} | |
| ,"/home/alfagun74/git/phalcode/gamevault/gamevault-backend/src/modules/web-ui/web-ui.service.ts": {"lines":{"total":110,"covered":99,"skipped":0,"pct":90},"functions":{"total":18,"covered":16,"skipped":0,"pct":88.88},"statements":{"total":118,"covered":106,"skipped":0,"pct":89.83},"branches":{"total":39,"covered":37,"skipped":0,"pct":94.87}} | |
| ,"src/modules/metadata/providers/igdb/igdb.metadata-provider.service.ts": {"lines":{"total":90,"covered":84,"skipped":0,"pct":93.33},"functions":{"total":30,"covered":30,"skipped":0,"pct":100},"statements":{"total":94,"covered":86,"skipped":0,"pct":91.48},"branches":{"total":45,"covered":25,"skipped":0,"pct":55.55}} | |
| ,"src/modules/web-ui/web-ui.service.ts": {"lines":{"total":110,"covered":99,"skipped":0,"pct":90},"functions":{"total":18,"covered":16,"skipped":0,"pct":88.88},"statements":{"total":118,"covered":106,"skipped":0,"pct":89.83},"branches":{"total":39,"covered":37,"skipped":0,"pct":94.87}} |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.