AeThex-Corporation/aethex-forge
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Prettier format pending files

Browse source
This commit is contained in:
Builder.io 2025-11-09 21:48:04 +00:00
parent dc60ba6219
commit 84357d935f
6 changed files with 71 additions and 43 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
.github/workflows/build.yml vendored
View file

@ -9,19 +9,19 @@ on:
jobs: jobs:
build: build:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
- name: Use Node.js 20.x - name: Use Node.js 20.x
uses: actions/setup-node@v4 uses: actions/setup-node@v4
with: with:
node-version: 20.x node-version: 20.x
cache: 'npm' cache: "npm"
- name: Install dependencies - name: Install dependencies
run: npm ci run: npm ci
- name: Build client - name: Build client
run: npm run build run: npm run build
env: env:
@ -32,7 +32,7 @@ jobs:
VITE_DEVCONNECT_URL: ${{ secrets.VITE_DEVCONNECT_URL }} VITE_DEVCONNECT_URL: ${{ secrets.VITE_DEVCONNECT_URL }}
VITE_DEVCONNECT_ANON_KEY: ${{ secrets.VITE_DEVCONNECT_ANON_KEY }} VITE_DEVCONNECT_ANON_KEY: ${{ secrets.VITE_DEVCONNECT_ANON_KEY }}
VITE_BUILDER_API_KEY: ${{ secrets.VITE_BUILDER_API_KEY }} VITE_BUILDER_API_KEY: ${{ secrets.VITE_BUILDER_API_KEY }}
- name: Check bundle size - name: Check bundle size
run: | run: |
if [ -d "dist" ]; then if [ -d "dist" ]; then
@ -40,7 +40,7 @@ jobs:
du -sh dist/ du -sh dist/
find dist -type f -name "*.js" -o -name "*.css" | head -20 find dist -type f -name "*.js" -o -name "*.css" | head -20
fi fi
- name: Upload build artifacts - name: Upload build artifacts
if: always() if: always()
uses: actions/upload-artifact@v3 uses: actions/upload-artifact@v3

12
.github/workflows/deploy.yml vendored
View file

@ -8,19 +8,19 @@ on:
jobs: jobs:
deploy: deploy:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
- name: Use Node.js 20.x - name: Use Node.js 20.x
uses: actions/setup-node@v4 uses: actions/setup-node@v4
with: with:
node-version: 20.x node-version: 20.x
cache: 'npm' cache: "npm"
- name: Install dependencies - name: Install dependencies
run: npm ci run: npm ci
- name: Build - name: Build
run: npm run build run: npm run build
env: env:
@ -31,7 +31,7 @@ jobs:
VITE_DEVCONNECT_URL: ${{ secrets.VITE_DEVCONNECT_URL }} VITE_DEVCONNECT_URL: ${{ secrets.VITE_DEVCONNECT_URL }}
VITE_DEVCONNECT_ANON_KEY: ${{ secrets.VITE_DEVCONNECT_ANON_KEY }} VITE_DEVCONNECT_ANON_KEY: ${{ secrets.VITE_DEVCONNECT_ANON_KEY }}
VITE_BUILDER_API_KEY: ${{ secrets.VITE_BUILDER_API_KEY }} VITE_BUILDER_API_KEY: ${{ secrets.VITE_BUILDER_API_KEY }}
- name: Deploy to Vercel - name: Deploy to Vercel
uses: vercel/action@v6 uses: vercel/action@v6
with: with:

14
.github/workflows/lint.yml vendored
View file

@ -9,24 +9,24 @@ on:
jobs: jobs:
lint: lint:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
- name: Use Node.js 20.x - name: Use Node.js 20.x
uses: actions/setup-node@v4 uses: actions/setup-node@v4
with: with:
node-version: 20.x node-version: 20.x
cache: 'npm' cache: "npm"
- name: Install dependencies - name: Install dependencies
run: npm ci run: npm ci
- name: Run ESLint - name: Run ESLint
run: npm run lint || true run: npm run lint || true
- name: Type check - name: Type check
run: npm run type-check || true run: npm run type-check || true
- name: Format check - name: Format check
run: npm run format:check || true run: npm run format:check || true

14
.github/workflows/security.yml vendored
View file

@ -6,15 +6,15 @@ on:
pull_request: pull_request:
branches: [main, develop] branches: [main, develop]
schedule: schedule:
- cron: '0 2 * * 0' - cron: "0 2 * * 0"
jobs: jobs:
semgrep: semgrep:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
- name: Run Semgrep - name: Run Semgrep
uses: returntocorp/semgrep-action@v1 uses: returntocorp/semgrep-action@v1
with: with:
@ -23,7 +23,7 @@ jobs:
p/security-audit p/security-audit
p/typescript p/typescript
p/react p/react
- name: Upload SARIF file - name: Upload SARIF file
uses: github/codeql-action/upload-sarif@v2 uses: github/codeql-action/upload-sarif@v2
with: with:
@ -32,14 +32,14 @@ jobs:
dependency-check: dependency-check:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
- name: Run npm audit - name: Run npm audit
run: npm audit --production --audit-level=moderate run: npm audit --production --audit-level=moderate
continue-on-error: true continue-on-error: true
- name: Check for vulnerable dependencies - name: Check for vulnerable dependencies
run: npm audit --production run: npm audit --production
continue-on-error: true continue-on-error: true

14
.github/workflows/test.yml vendored
View file

@ -9,28 +9,28 @@ on:
jobs: jobs:
test: test:
runs-on: ubuntu-latest runs-on: ubuntu-latest
strategy: strategy:
matrix: matrix:
node-version: [18.x, 20.x] node-version: [18.x, 20.x]
steps: steps:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
- name: Use Node.js ${{ matrix.node-version }} - name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v4 uses: actions/setup-node@v4
with: with:
node-version: ${{ matrix.node-version }} node-version: ${{ matrix.node-version }}
cache: 'npm' cache: "npm"
- name: Install dependencies - name: Install dependencies
run: npm ci run: npm ci
- name: Run tests - name: Run tests
run: npm test -- --coverage --watchAll=false run: npm test -- --coverage --watchAll=false
env: env:
CI: true CI: true
- name: Upload coverage - name: Upload coverage
uses: codecov/codecov-action@v3 uses: codecov/codecov-action@v3
with: with:

46
docs/IMPLEMENTATION_STATUS_ROADMAP_AUDIT.md
View file

@ -11,6 +11,7 @@
The AETHEX project has made significant progress on Discord integration (Phase 2: Dual-Auth) and database schema (Phase 2/3). However, critical gaps exist in CSP configuration (Phase 1), RLS performance optimization (Phase 3), and CI/CD pipeline (Phase 4). The AETHEX project has made significant progress on Discord integration (Phase 2: Dual-Auth) and database schema (Phase 2/3). However, critical gaps exist in CSP configuration (Phase 1), RLS performance optimization (Phase 3), and CI/CD pipeline (Phase 4).
**Key Findings:** **Key Findings:**
- ✅ Discord OAuth backend fully implemented - ✅ Discord OAuth backend fully implemented
- ✅ Database schema for Discord integration complete - ✅ Database schema for Discord integration complete
- ✅ Discord bot (Discord.js) deployed and operational - ✅ Discord bot (Discord.js) deployed and operational
@ -27,6 +28,7 @@ The AETHEX project has made significant progress on Discord integration (Phase 2
**File**: `code/vercel.json` **File**: `code/vercel.json`
#### What's Configured ✅ #### What's Configured ✅
```json ```json
{ {
"rewrites": [{ "source": "/(.*)", "destination": "/index.html" }], "rewrites": [{ "source": "/(.*)", "destination": "/index.html" }],
@ -36,8 +38,14 @@ The AETHEX project has made significant progress on Discord integration (Phase 2
"headers": [ "headers": [
{ "key": "X-Frame-Options", "value": "DENY" }, { "key": "X-Frame-Options", "value": "DENY" },
{ "key": "X-Content-Type-Options", "value": "nosniff" }, { "key": "X-Content-Type-Options", "value": "nosniff" },
{ "key": "Referrer-Policy", "value": "strict-origin-when-cross-origin" }, {
{ "key": "Permissions-Policy", "value": "geolocation=(), microphone=(), camera=()" }, "key": "Referrer-Policy",
"value": "strict-origin-when-cross-origin"
},
{
"key": "Permissions-Policy",
"value": "geolocation=(), microphone=(), camera=()"
},
{ {
"key": "Content-Security-Policy", "key": "Content-Security-Policy",
"value": "default-src 'self' https: data: blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: blob: https:; font-src 'self' data: https:; connect-src 'self' https: wss:; frame-ancestors 'none'" "value": "default-src 'self' https: data: blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: blob: https:; font-src 'self' data: https:; connect-src 'self' https: wss:; frame-ancestors 'none'"
@ -51,11 +59,13 @@ The AETHEX project has made significant progress on Discord integration (Phase 2
#### Critical Issues ⚠️ #### Critical Issues ⚠️
1. **`frame-ancestors 'none'`** - BLOCKS Discord Activity iFrame 1. **`frame-ancestors 'none'`** - BLOCKS Discord Activity iFrame
- Current policy: `frame-ancestors 'none'` - Current policy: `frame-ancestors 'none'`
- Required policy: `frame-ancestors 'self' https://*.discordsays.com` - Required policy: `frame-ancestors 'self' https://*.discordsays.com`
- **Impact**: Discord Activity cannot embed the app - **Impact**: Discord Activity cannot embed the app
2. **Missing Supabase URL in `connect-src`** 2. **Missing Supabase URL in `connect-src`**
- Current: `connect-src 'self' https: wss:` (too broad, catch-all) - Current: `connect-src 'self' https: wss:` (too broad, catch-all)
- Should be explicit: `connect-src 'self' https://kmdeisowhtsalsekkzqd.supabase.co https://xakdofkmympbhxkbkxbh.supabase.co wss:` - Should be explicit: `connect-src 'self' https://kmdeisowhtsalsekkzqd.supabase.co https://xakdofkmympbhxkbkxbh.supabase.co wss:`
@ -84,6 +94,7 @@ Replace the CSP header in `vercel.json` line 47:
**File**: `code/api/discord/oauth/callback.ts` (196 lines) **File**: `code/api/discord/oauth/callback.ts` (196 lines)
**What's Working:** **What's Working:**
- ✅ Receives Discord OAuth code - ✅ Receives Discord OAuth code
- ✅ Exchanges code for Discord access token - ✅ Exchanges code for Discord access token
- ✅ Fetches user profile via Discord API - ✅ Fetches user profile via Discord API
@ -92,6 +103,7 @@ Replace the CSP header in `vercel.json` line 47:
- ✅ Redirects to /onboarding or /dashboard - ✅ Redirects to /onboarding or /dashboard
**Code Flow** (lines 48-120): **Code Flow** (lines 48-120):
```typescript ```typescript
1. Receive Discord code 1. Receive Discord code
2. POST to https://discord.com/api/v10/oauth2/token 2. POST to https://discord.com/api/v10/oauth2/token
@ -106,11 +118,13 @@ Replace the CSP header in `vercel.json` line 47:
#### Frontend Implementation ⚠️ PARTIALLY COMPLETE #### Frontend Implementation ⚠️ PARTIALLY COMPLETE
**Files**: **Files**:
- `code/client/contexts/DiscordActivityContext.tsx` (137 lines) - `code/client/contexts/DiscordActivityContext.tsx` (137 lines)
- `code/client/pages/Activity.tsx` (152 lines) - `code/client/pages/Activity.tsx` (152 lines)
**What's Working:** **What's Working:**
- ✅ Discord SDK initialization in context - ✅ Discord SDK initialization in context
- ✅ Detects iFrame context (frame_id query param) - ✅ Detects iFrame context (frame_id query param)
- ✅ Calls /api/discord/activity-auth endpoint - ✅ Calls /api/discord/activity-auth endpoint
@ -118,12 +132,14 @@ Replace the CSP header in `vercel.json` line 47:
- ✅ Activity page with profile display - ✅ Activity page with profile display
**What's Missing:** **What's Missing:**
- ❌ Custom dual-auth flow (Phase 2 Section A step 10) - ❌ Custom dual-auth flow (Phase 2 Section A step 10)
- Current: Uses standard `supabase.auth.setSession()` - Current: Uses standard `supabase.auth.setSession()`
- Needed: Call `discordSdk.commands.authenticate()` with Discord token - Needed: Call `discordSdk.commands.authenticate()` with Discord token
- Impact: Discord SDK commands unavailable inside Activity - Impact: Discord SDK commands unavailable inside Activity
**Code Gap** (DiscordActivityContext.tsx line ~80): **Code Gap** (DiscordActivityContext.tsx line ~80):
```typescript ```typescript
// Current: // Current:
await supabase.auth.setSession(supabaseSession); await supabase.auth.setSession(supabaseSession);
@ -151,7 +167,8 @@ Update `code/client/contexts/DiscordActivityContext.tsx` to complete the dual-au
### Current State ### Current State
**Files**: **Files**:
- `code/supabase/migrations/20250107_add_discord_integration.sql` (line 62) - `code/supabase/migrations/20250107_add_discord_integration.sql` (line 62)
- `code/supabase/migrations/20250107_add_web3_and_games.sql` (lines 108-121) - `code/supabase/migrations/20250107_add_web3_and_games.sql` (lines 108-121)
- `code/supabase/migrations/20251018_fix_team_memberships_rls.sql` (lines 15, 21, 34) - `code/supabase/migrations/20251018_fix_team_memberships_rls.sql` (lines 15, 21, 34)
@ -161,6 +178,7 @@ Update `code/client/contexts/DiscordActivityContext.tsx` to complete the dual-au
#### Anti-Pattern Policies Found ⚠️ #### Anti-Pattern Policies Found ⚠️
**Policy 1: Discord Links** (20250107_add_discord_integration.sql:62) **Policy 1: Discord Links** (20250107_add_discord_integration.sql:62)
```sql ```sql
-- NON-PERFORMANT (Per-Row Execution): -- NON-PERFORMANT (Per-Row Execution):
CREATE POLICY "discord_links_users_select" ON discord_links CREATE POLICY "discord_links_users_select" ON discord_links
@ -169,6 +187,7 @@ CREATE POLICY "discord_links_users_select" ON discord_links
``` ```
**Policy 2: Web3 Nonces** (20250107_add_web3_and_games.sql:109) **Policy 2: Web3 Nonces** (20250107_add_web3_and_games.sql:109)
```sql ```sql
-- NON-PERFORMANT (Per-Row Execution): -- NON-PERFORMANT (Per-Row Execution):
CREATE POLICY "web3_nonces_user_select" ON web3_nonces CREATE POLICY "web3_nonces_user_select" ON web3_nonces
@ -177,6 +196,7 @@ CREATE POLICY "web3_nonces_user_select" ON web3_nonces
``` ```
**Policy 3: Team Memberships** (20251018_fix_team_memberships_rls.sql:15) **Policy 3: Team Memberships** (20251018_fix_team_memberships_rls.sql:15)
```sql ```sql
-- NON-PERFORMANT (Per-Row Execution): -- NON-PERFORMANT (Per-Row Execution):
CREATE POLICY team_memberships_users_read ON team_memberships CREATE POLICY team_memberships_users_read ON team_memberships
@ -245,10 +265,12 @@ CREATE POLICY team_memberships_users_read ON team_memberships
### What's Missing ❌ ### What's Missing ❌
1. **GitHub Actions workflow file**: `.github/workflows/supabase-deploy.yml` 1. **GitHub Actions workflow file**: `.github/workflows/supabase-deploy.yml`
- Not created - Not created
- Would handle automated schema deployments - Would handle automated schema deployments
2. **GitHub Environments**: 2. **GitHub Environments**:
- No `staging` environment configured - No `staging` environment configured
- No `production` environment configured - No `production` environment configured
- No repository secrets configured - No repository secrets configured
@ -279,7 +301,7 @@ jobs:
deploy-supabase-migrations: deploy-supabase-migrations:
name: Deploy Supabase Migrations name: Deploy Supabase Migrations
runs-on: ubuntu-latest runs-on: ubuntu-latest
environment: environment:
name: ${{ github.ref == 'refs/heads/main' && 'production' || 'staging' }} name: ${{ github.ref == 'refs/heads/main' && 'production' || 'staging' }}
@ -289,7 +311,7 @@ jobs:
- name: Set up Supabase CLI - name: Set up Supabase CLI
uses: supabase/setup-cli@v1 uses: supabase/setup-cli@v1
with: with:
version: '*' version: "*"
- name: Set Environment Variables - name: Set Environment Variables
run: | run: |
@ -312,6 +334,7 @@ jobs:
In repository settings (Settings → Environments): In repository settings (Settings → Environments):
**Staging Environment:** **Staging Environment:**
- Branch: `develop` - Branch: `develop`
- Secrets: - Secrets:
- `SUPABASE_ACCESS_TOKEN`: Personal token from supabase.com/account/tokens - `SUPABASE_ACCESS_TOKEN`: Personal token from supabase.com/account/tokens
@ -319,6 +342,7 @@ In repository settings (Settings → Environments):
- `SUPABASE_DB_PASSWORD`: Staging database password - `SUPABASE_DB_PASSWORD`: Staging database password
**Production Environment:** **Production Environment:**
- Branch: `main` - Branch: `main`
- Secrets: - Secrets:
- `SUPABASE_ACCESS_TOKEN`: (same as above) - `SUPABASE_ACCESS_TOKEN`: (same as above)
@ -329,7 +353,7 @@ In repository settings (Settings → Environments):
Create: `code/docs/SUPABASE_MIGRATION_WORKFLOW.md` Create: `code/docs/SUPABASE_MIGRATION_WORKFLOW.md`
```markdown ````markdown
# Supabase Migration Workflow # Supabase Migration Workflow
## For Developers ## For Developers
@ -338,10 +362,12 @@ Create: `code/docs/SUPABASE_MIGRATION_WORKFLOW.md`
```bash ```bash
supabase migration new <migration_name> supabase migration new <migration_name>
``` ```
````
2. Edit migration in `supabase/migrations/` 2. Edit migration in `supabase/migrations/`
3. Test locally: 3. Test locally:
```bash ```bash
supabase db reset supabase db reset
``` ```
@ -355,6 +381,7 @@ Create: `code/docs/SUPABASE_MIGRATION_WORKFLOW.md`
7. After verification, merge `develop``main` 7. After verification, merge `develop``main`
8. Production deployment triggered automatically 8. Production deployment triggered automatically
``` ```
--- ---
@ -481,6 +508,7 @@ Create: `code/docs/SUPABASE_MIGRATION_WORKFLOW.md`
--- ---
**Report Generated**: $(date) **Report Generated**: $(date)
**Reviewer**: AETHEX Development Team **Reviewer**: AETHEX Development Team
**Status**: Ready for Implementation **Status**: Ready for Implementation
```