[122] Update api service libraries (#137)

* Update version of package.lock and remove unused library

* Update typescript and test libraries

* Update  mongo libraries and fix breaking changes

* Another batch of updated libraries

* Update eslint + axios

* Update passport and express library

* Update another batch of libraries

* Update types and express related libraries

* Update another batch + audit fix

* Update mongodb and i18n countries

* Last batch of libraries

* use previous version of mongo

verification/curator-service/api/package.json

@@ -26,77 +26,74 @@
     }
   },
   "devDependencies": {
-    "@shelf/jest-mongodb": "^2.2.2",
-    "@types/bcrypt": "^5.0.0",
-    "@types/chai": "^4.2.12",
-    "@types/cookie-parser": "^1.4.2",
-    "@types/cors": "^2.8.12",
+    "@shelf/jest-mongodb": "^4.3.2",
+    "@types/bcrypt": "^5.0.2",
+    "@types/cookie-parser": "^1.4.7",
+    "@types/cors": "^2.8.17",
     "@types/dotenv": "^8.2.0",
-    "@types/eslint": "^7.2.2",
-    "@types/express": "^4.17.8",
-    "@types/express-session": "^1.17.0",
-    "@types/jest": "^27.0.2",
-    "@types/lodash": "^4.14.161",
-    "@types/node": "^17.0.0",
-    "@types/nodemailer": "^6.4.0",
-    "@types/passport": "^1.0.4",
-    "@types/passport-google-oauth20": "^2.0.4",
-    "@types/passport-http-bearer": "^1.0.36",
-    "@types/passport-local": "^1.0.33",
-    "@types/pino": "^6.3.0",
-    "@types/supertest": "^2.0.10",
-    "@typescript-eslint/eslint-plugin": "^3.10.1",
-    "@typescript-eslint/parser": "^3.10.1",
-    "aws-sdk-mock": "^5.1.0",
-    "chai": "^4.2.0",
-    "eslint": "^7.9.0",
+    "@types/eslint": "^8.56.10",
+    "@types/express": "^4.17.21",
+    "@types/express-session": "^1.18.0",
+    "@types/jest": "^29.5.12",
+    "@types/lodash": "^4.17.4",
+    "@types/node": "^20.12.13",
+    "@types/nodemailer": "^6.4.15",
+    "@types/passport": "^1.0.16",
+    "@types/passport-google-oauth20": "^2.0.16",
+    "@types/passport-http-bearer": "^1.0.41",
+    "@types/passport-local": "^1.0.38",
+    "@types/pino": "^7.0.5",
+    "@types/supertest": "^6.0.2",
+    "@types/yamljs": "^0.2.34",
+    "@typescript-eslint/eslint-plugin": "^7.11.0",
+    "@typescript-eslint/parser": "^7.11.0",
+    "aws-sdk-mock": "^6.0.1",
+    "eslint": "^8.57.0",
     "eslint-config-google": "^0.14.0",
-    "eslint-config-prettier": "^6.11.0",
-    "eslint-plugin-prettier": "^3.1.4",
-    "husky": "^4.3.0",
-    "jest": "^27.3.1",
-    "lint-staged": "^10.4.0",
-    "nodemon": "^2.0.20",
-    "prettier": "^2.1.2",
-    "supertest": "^4.0.2",
-    "ts-jest": "^27.0.7",
+    "eslint-config-prettier": "^9.1.0",
+    "eslint-plugin-prettier": "^5.1.3",
+    "husky": "^9.0.11",
+    "jest": "^29.7.0",
+    "lint-staged": "^15.2.5",
+    "nodemon": "^3.1.2",
+    "prettier": "^3.2.5",
+    "supertest": "^7.0.0",
+    "ts-jest": "^29.1.4",
     "tslint": "^6.1.3",
-    "typescript": "^3.9.7"
+    "typescript": "^5.4.5"
   },
   "dependencies": {
-    "@types/multer": "^1.4.4",
-    "@types/swagger-ui-express": "^4.1.2",
-    "@types/yamljs": "^0.2.31",
-    "aws-sdk": "^2.933.0",
-    "axios": "^0.21.2",
-    "bcrypt": "^5.0.1",
-    "connect-mongo": "^4.6.0",
+    "@types/swagger-ui-express": "^4.1.6",
+    "aws-sdk": "^2.1631.0",
+    "axios": "^1.7.2",
+    "bcrypt": "^5.1.1",
+    "connect-mongo": "^5.1.0",
     "cookie-parser": "^1.4.5",
     "cors": "^2.8.5",
-    "dotenv": "^8.2.0",
-    "envalid": "^7.2.2",
-    "express": "^4.17.1",
-    "express-openapi-validator": "^4.9.0",
-    "express-rate-limit": "^6.5.1",
-    "express-session": "^1.17.1",
+    "dotenv": "^16.4.5",
+    "envalid": "^8.0.0",
+    "express": "^4.19.2",
+    "express-openapi-validator": "^4.13.8",
+    "express-rate-limit": "^7.2.0",
+    "express-session": "^1.18.0",
     "express-winston": "^4.2.0",
-    "i18n-iso-countries": "^7.3.0",
-    "jsonwebtoken": "^8.5.1",
-    "jszip": "^3.7.0",
+    "i18n-iso-countries": "^7.11.2",
+    "jsonwebtoken": "^9.0.2",
+    "jszip": "^3.10.1",
     "lodash": "^4.17.21",
     "longjohn": "^0.2.12",
     "mimemessage": "^1.0.5",
-    "mongodb": "^4.1.4",
-    "mongodb-memory-server": "^6.6.7",
-    "nodemailer": "^6.4.16",
-    "passport": "^0.4.1",
+    "mongodb": "^6.7.0",
+    "mongodb-memory-server": "^9.2.0",
+    "nodemailer": "^6.9.13",
+    "passport": "^0.7.0",
     "passport-google-oauth20": "^2.0.0",
     "passport-http-bearer": "^1.0.1",
     "passport-local": "^1.0.0",
-    "pino": "^6.6.1",
-    "pino-pretty": "^4.2.1",
-    "swagger-ui-express": "^4.1.4",
-    "winston": "^3.7.2",
+    "pino": "^9.1.0",
+    "pino-pretty": "^11.1.0",
+    "swagger-ui-express": "^5.0.0",
+    "winston": "^3.13.0",
     "yamljs": "^0.3.0"
   },
   "husky": {
@@ -110,6 +107,6 @@
     ]
   },
   "engines": {
-    "node": "16.18.0"
+    "node": "18.18.0"
   }
 }

verification/curator-service/api/src/clients/aws-batch-client.ts

@@ -116,7 +116,7 @@ export default class AwsBatchClient {
             const ret = { jobName: res.jobName };
             return ret;
         } catch (e) {
-            logger.error(e);
+            if (e instanceof Error) logger.error(e);
             throw e;
         }
     };
@@ -135,7 +135,7 @@ export default class AwsBatchClient {
                     }) || []
             );
         } catch (e) {
-            logger.error(e);
+            if (e instanceof Error) logger.error(e);
             throw e;
         }
     };

verification/curator-service/api/src/controllers/auth.ts

@@ -98,7 +98,7 @@ export const mustBeAuthenticated = (
         res.status(200);
         return next();
     } else {
-        passport.authenticate('bearer', (err, user) => {
+        passport.authenticate('bearer', (err: any, user: Express.User | false | null) => {
             if (err) {
                 return next(err);
             }
@@ -145,7 +145,7 @@ export const mustHaveAnyRole = (requiredRoles: string[]) => {
             res.status(200);
             return next();
         } else {
-            passport.authenticate('bearer', (err, user) => {
+            passport.authenticate('bearer', (err: any, user: Express.User | false | null) => {
                 if (err) {
                     return next(err);
                 } else if (
@@ -176,7 +176,7 @@ interface GoogleProfile extends Profile {
     displayName: string;
     // List of emails belonging to the profile.
     // Unclear as to when multiple ones are possible.
-    emails: [{ value: string; verified: 'true' | 'false' }];
+    emails: [{ value: string; verified: boolean }];
 }
 
 /**
@@ -286,16 +286,18 @@ export class AuthController {
                         req.logIn(user, (err) => {
                             if (err) return next(err);
                         });
-                        loginLimiter.resetKey(req.ip);
+                        if (req.ip) loginLimiter.resetKey(req.ip);
                         res.status(200).json(user);
                     },
                 )(req, res, next);
             },
         );
 
-        this.router.get('/logout', (req: Request, res: Response): void => {
-            req.logout();
-            res.redirect('/');
+        this.router.get('/logout', (req: Request, res: Response, next: NextFunction): void => {
+            req.logout(function(err) {
+                if (err) { return next(err); }
+                res.redirect('/');
+            });
         });
 
         // Starts the authentication flow with Google OAuth.
@@ -400,6 +402,7 @@ export class AuthController {
                     const result = await users().findOneAndUpdate(
                         { _id: new ObjectId(req.params.id) },
                         { $unset: { apiKey: '' } },
+                        { includeResultMetadata: true }
                     );
                     if (!result.ok) {
                         logger.warn(
@@ -479,7 +482,7 @@ export class AuthController {
                             .json({ message: 'Old password is incorrect' });
                     }
 
-                    resetPasswordLimiter.resetKey(req.ip);
+                    if (req.ip) resetPasswordLimiter.resetKey(req.ip);
 
                     updateFailedAttempts(
                         currentUser._id,
@@ -673,10 +676,10 @@ export class AuthController {
                     const result = await users().findOneAndUpdate(
                         { _id: new ObjectId(userId) },
                         { $set: { password: hashedPassword } },
-                        { returnDocument: 'after' },
+                        { returnDocument: 'after', includeResultMetadata: true },
                     );
 
-                    if (!result.ok) {
+                    if (!result.ok || !req.ip) {
                         logger.error(
                             `error resetting password for user ${userId}`,
                             result.lastErrorObject,
@@ -989,7 +992,7 @@ export class AuthController {
                             const update = await users().findOneAndUpdate(
                                 { googleID: googleProfile.id },
                                 { $set: { picture } },
-                                { returnDocument: 'after' },
+                                { returnDocument: 'after', includeResultMetadata: true },
                             );
                             user = update.value;
                         }
@@ -1003,7 +1006,7 @@ export class AuthController {
                             const update = await users().findOneAndUpdate(
                                 { googleID: googleProfile.id },
                                 { $set: { newsletterAccepted: true } },
-                                { returnDocument: 'after' },
+                                { returnDocument: 'after', includeResultMetadata: true },
                             );
                             user = update.value;
                         }

verification/curator-service/api/src/controllers/cases.ts

@@ -92,6 +92,7 @@ export default class CasesController {
                         },
                     },
                 },
+                { includeResultMetadata: true },
             );
             this.logOutcomeOfAppendingDownloadToUser(user.id, result);
 
@@ -160,6 +161,7 @@ export default class CasesController {
                         },
                     },
                 },
+                { includeResultMetadata: true },
             );
 
             this.logOutcomeOfAppendingDownloadToUser(user.id, result);
@@ -230,6 +232,7 @@ export default class CasesController {
                         },
                     },
                 },
+                { includeResultMetadata: true },
             );
             this.logOutcomeOfAppendingDownloadToUser(user.id, result);
 
@@ -280,6 +283,7 @@ export default class CasesController {
                         },
                     },
                 },
+                { includeResultMetadata: true },
             );
             this.logOutcomeOfAppendingDownloadToUser(user.id, result);
 
@@ -329,10 +333,12 @@ export default class CasesController {
             );
             res.status(response.status).json(response.data);
         } catch (err) {
-            logger.error(err);
-            if (err.response?.status && err.response?.data) {
-                res.status(err.response.status).send(err.response.data);
-                return;
+            if (err instanceof Error) logger.error(err);
+            if (axios.isAxiosError(err)) {
+                if (err.response?.status && err.response?.data) {
+                    res.status(err.response.status).send(err.response.data);
+                    return;
+                }
             }
             res.status(500).send(err);
         }
@@ -346,10 +352,12 @@ export default class CasesController {
             );
             res.status(response.status).json(response.data);
         } catch (err) {
-            logger.error(err);
-            if (err.response?.status && err.response?.data) {
-                res.status(err.response.status).send(err.response.data);
-                return;
+            if (err instanceof Error) logger.error(err);
+            if (axios.isAxiosError(err)) {
+                if (err.response?.status && err.response?.data) {
+                    res.status(err.response.status).send(err.response.data);
+                    return;
+                }
             }
             res.status(500).send(err);
         }
@@ -402,10 +410,12 @@ export default class CasesController {
             );
             res.status(response.status).json(response.data);
         } catch (err) {
-            logger.error(err);
-            if (err.response?.status && err.response?.data) {
-                res.status(err.response.status).send(err.response.data);
-                return;
+            if (err instanceof Error) logger.error(err);
+            if (axios.isAxiosError(err)) {
+                if (err.response?.status && err.response?.data) {
+                    res.status(err.response.status).send(err.response.data);
+                    return;
+                }
             }
             res.status(500).send(err);
         }

verification/curator-service/api/src/controllers/geocode.ts

@@ -89,7 +89,7 @@ export default class GeocodeProxy {
                     this.locationServiceURL + `/geocode/countryName?c=${code}`,
                 );
                 const geocodeName = res.data;
-                if (names.indexOf(geocodeName) < 0) {
+                if (names && names.indexOf(geocodeName) < 0) {
                     names.push(geocodeName);
                 }
             } catch (err) {

verification/curator-service/api/src/controllers/sources.ts

@@ -183,7 +183,7 @@ export default class SourcesController {
             const updatedSource = await sources().findOneAndUpdate(
                 { _id: sourceId },
                 update,
-                { returnDocument: 'after' },
+                { returnDocument: 'after', includeResultMetadata: true },
             );
             if (!updatedSource.ok) {
                 logger.error(

verification/curator-service/api/src/controllers/uploads.ts

@@ -59,7 +59,7 @@ export default class UploadsController {
                         uploads: upload,
                     },
                 },
-                { returnDocument: 'after' },
+                { returnDocument: 'after', includeResultMetadata: true },
             );
             const updatedSource = result.value!;
             const update =
@@ -125,7 +125,7 @@ export default class UploadsController {
                         [`uploads.${uploadIndex}`]: upload,
                     },
                 },
-                { returnDocument: 'after' },
+                { returnDocument: 'after', includeResultMetadata: true },
             );
             if (upload.status === 'ERROR') {
                 this.sendErrorNotification(result.value!, upload);

verification/curator-service/api/src/controllers/users.ts

@@ -85,6 +85,7 @@ export const updateRoles = async (
             {
                 // Return the updated object.
                 returnDocument: 'after',
+                 includeResultMetadata: true,
             },
         );
         if (!result.ok || !result.value) {

verification/curator-service/api/src/util/logger.ts

@@ -1,4 +1,5 @@
 import pino from 'pino';
+import pretty from 'pino-pretty'
 
 // The Pino team recommends against using pino-pretty/prettyPrint in
 // production. Without a prettifier, Pino logs JSON messages. This is faster,
@@ -7,6 +8,4 @@ import pino from 'pino';
 //
 // Instead, prettifying programmatically, since we only use it for HTTP errors,
 // as opposed to all requests.
-export const logger = pino({
-    prettyPrint: { colorize: process.env.NODE_ENV !== 'production' },
-});
+export const logger = pino(pretty({colorize: process.env.NODE_ENV !== 'production'}));