chore: fix all linting issues

Ticket: WP-4352

Author: pranavjain97

.eslintrc.js

@@ -1,16 +1,14 @@
 module.exports = {
   parser: '@typescript-eslint/parser',
-  extends: [
-    'plugin:@typescript-eslint/recommended',
-    'plugin:prettier/recommended',
-  ],
+  extends: ['plugin:@typescript-eslint/recommended', 'plugin:prettier/recommended'],
   parserOptions: {
     ecmaVersion: 2018,
     sourceType: 'module',
   },
   rules: {
     '@typescript-eslint/explicit-function-return-type': 'off',
-    '@typescript-eslint/no-explicit-any': 'warn',
+    '@typescript-eslint/no-explicit-any': 'off',
     '@typescript-eslint/no-unused-vars': ['error', { argsIgnorePattern: '^_' }],
   },
-}; 
+  ignorePatterns: ['dist/**/*', 'node_modules/**/*'],
+};

jest.config.js

@@ -11,4 +11,4 @@ module.exports = {
   coverageDirectory: 'coverage',
   coverageReporters: ['text', 'lcov'],
   verbose: true,
-}; 
+};

src/__tests__/config.test.ts

@@ -6,6 +6,9 @@ describe('Configuration', () => {
   beforeEach(() => {
     jest.resetModules();
     process.env = { ...originalEnv };
+    // Explicitly clear MTLS-related environment variables
+    delete process.env.MTLS_ENABLED;
+    delete process.env.MASTER_BITGO_EXPRESS_DISABLE_TLS;
   });
 
   afterAll(() => {
@@ -37,6 +40,12 @@ describe('Configuration', () => {
     expect(cfg.tlsMode).toBe(TlsMode.MTLS);
   });
 
+  it('should throw error when both TLS disabled and mTLS enabled', () => {
+    process.env.MASTER_BITGO_EXPRESS_DISABLE_TLS = 'true';
+    process.env.MTLS_ENABLED = 'true';
+    expect(() => config()).toThrow('Cannot have both TLS disabled and mTLS enabled');
+  });
+
   it('should read mTLS settings from environment variables', () => {
     process.env.MTLS_ENABLED = 'true';
     process.env.MTLS_REQUEST_CERT = 'true';
@@ -48,4 +57,4 @@ describe('Configuration', () => {
     expect(cfg.mtlsRejectUnauthorized).toBe(true);
     expect(cfg.mtlsAllowedClientFingerprints).toEqual(['ABC123', 'DEF456']);
   });
-}); 
+});

src/__tests__/index.test.ts

@@ -6,4 +6,4 @@ describe('Basic test setup', () => {
   it('should handle basic math', () => {
     expect(1 + 1).toBe(2);
   });
-}); 
+});

src/__tests__/routes.test.ts

@@ -30,7 +30,10 @@ describe('Routes', () => {
     it('should return 404 for non-existent routes', async () => {
       const response = await request(app).get('/non-existent-route');
       expect(response.status).toBe(404);
-      expect(response.body).toHaveProperty('error', 'Route not found or not supported in enclaved mode');
+      expect(response.body).toHaveProperty(
+        'error',
+        'Route not found or not supported in enclaved mode',
+      );
     });
   });
-}); 
+});

src/config.ts

@@ -1,41 +1,17 @@
 /**
  * @prettier
  */
+import fs from 'fs';
+import { Config, TlsMode } from './types';
 
-export enum TlsMode {
-  DISABLED = 'disabled',   // No TLS (plain HTTP)
-  ENABLED = 'enabled',     // TLS with server cert only
-  MTLS = 'mtls'           // TLS with both server and client certs
-}
-
-export interface Config {
-  port: number;
-  bind: string;
-  ipc?: string;
-  debugNamespace?: string[];
-  // TLS settings
-  keyPath?: string;
-  crtPath?: string;
-  tlsKey?: string;
-  tlsCert?: string;
-  tlsMode: TlsMode;
-  // mTLS settings
-  mtlsRequestCert?: boolean;
-  mtlsRejectUnauthorized?: boolean;
-  mtlsAllowedClientFingerprints?: string[];
-  // Other settings
-  logFile?: string;
-  timeout: number;
-  keepAliveTimeout?: number;
-  headersTimeout?: number;
-}
+export { Config, TlsMode };
 
-const defaultConfig: Config = {
+export const defaultConfig: Config = {
   port: 3080,
   bind: 'localhost',
   timeout: 305 * 1000,
   logFile: '',
-  tlsMode: TlsMode.ENABLED,  // Default to TLS enabled
+  tlsMode: TlsMode.ENABLED, // Default to TLS enabled
   mtlsRequestCert: false,
   mtlsRejectUnauthorized: false,
 };
@@ -46,23 +22,38 @@ function readEnvVar(name: string): string | undefined {
   }
 }
 
+function determineTlsMode(): TlsMode {
+  const disableTls = readEnvVar('MASTER_BITGO_EXPRESS_DISABLE_TLS') === 'true';
+  const mtlsEnabled = readEnvVar('MTLS_ENABLED') === 'true';
+
+  if (disableTls && mtlsEnabled) {
+    throw new Error('Cannot have both TLS disabled and mTLS enabled');
+  }
+
+  if (disableTls) {
+    return TlsMode.DISABLED;
+  }
+  if (mtlsEnabled) {
+    return TlsMode.MTLS;
+  }
+  return TlsMode.ENABLED;
+}
+
 export function config(): Config {
   const envConfig: Partial<Config> = {
     port: Number(readEnvVar('MASTER_BITGO_EXPRESS_PORT')) || defaultConfig.port,
     bind: readEnvVar('MASTER_BITGO_EXPRESS_BIND') || defaultConfig.bind,
     ipc: readEnvVar('MASTER_BITGO_EXPRESS_IPC'),
-    debugNamespace: (readEnvVar('MASTER_BITGO_EXPRESS_DEBUG_NAMESPACE') || '').split(',').filter(Boolean),
+    debugNamespace: (readEnvVar('MASTER_BITGO_EXPRESS_DEBUG_NAMESPACE') || '')
+      .split(',')
+      .filter(Boolean),
     // Basic TLS settings from MASTER_BITGO_EXPRESS
     keyPath: readEnvVar('MASTER_BITGO_EXPRESS_KEYPATH'),
     crtPath: readEnvVar('MASTER_BITGO_EXPRESS_CRTPATH'),
     tlsKey: readEnvVar('MASTER_BITGO_EXPRESS_TLS_KEY'),
     tlsCert: readEnvVar('MASTER_BITGO_EXPRESS_TLS_CERT'),
     // Determine TLS mode
-    tlsMode: readEnvVar('MASTER_BITGO_EXPRESS_DISABLE_TLS') === 'true'
-      ? TlsMode.DISABLED
-      : readEnvVar('MTLS_ENABLED') === 'true'
-        ? TlsMode.MTLS
-        : TlsMode.ENABLED,
+    tlsMode: determineTlsMode(),
     // mTLS settings
     mtlsRequestCert: readEnvVar('MTLS_REQUEST_CERT') === 'true',
     mtlsRejectUnauthorized: readEnvVar('MTLS_REJECT_UNAUTHORIZED') === 'true',
@@ -77,15 +68,15 @@ export function config(): Config {
   // Support loading key/cert from file if keyPath/crtPath are set and tlsKey/tlsCert are not
   if (!envConfig.tlsKey && envConfig.keyPath) {
     try {
-      envConfig.tlsKey = require('fs').readFileSync(envConfig.keyPath, 'utf-8');
+      envConfig.tlsKey = fs.readFileSync(envConfig.keyPath, 'utf-8');
     } catch (e) {
       const err = e instanceof Error ? e : new Error(String(e));
       throw new Error(`Failed to read TLS key from keyPath: ${err.message}`);
     }
   }
   if (!envConfig.tlsCert && envConfig.crtPath) {
     try {
-      envConfig.tlsCert = require('fs').readFileSync(envConfig.crtPath, 'utf-8');
+      envConfig.tlsCert = fs.readFileSync(envConfig.crtPath, 'utf-8');
     } catch (e) {
       const err = e instanceof Error ? e : new Error(String(e));
       throw new Error(`Failed to read TLS certificate from crtPath: ${err.message}`);

src/enclavedApp.ts

@@ -2,22 +2,22 @@
  * @prettier
  */
 import express from 'express';
-import * as path from 'path';
+import path from 'path';
 import debug from 'debug';
-import * as https from 'https';
-import * as http from 'http';
+import https from 'https';
+import http from 'http';
 import morgan from 'morgan';
-import * as fs from 'fs';
+import fs from 'fs';
 import timeout from 'connect-timeout';
-import * as bodyParser from 'body-parser';
-import * as _ from 'lodash';
+import bodyParser from 'body-parser';
+import _ from 'lodash';
 import { SSL_OP_NO_TLSv1 } from 'constants';
+import pjson from '../package.json';
 
 import { Config, config, TlsMode } from './config';
 import * as routes from './routes';
 
 const debugLogger = debug('enclaved:express');
-const pjson = require('../package.json');
 
 /**
  * Set up the logging middleware provided by morgan
@@ -80,16 +80,17 @@ function isTLS(config: Config): boolean {
 }
 
 async function createHttpsServer(app: express.Application, config: Config): Promise<https.Server> {
-  const { keyPath, crtPath, tlsKey, tlsCert, tlsMode, mtlsRequestCert, mtlsRejectUnauthorized } = config;
+  const { keyPath, crtPath, tlsKey, tlsCert, tlsMode, mtlsRequestCert, mtlsRejectUnauthorized } =
+    config;
   let key: string;
   let cert: string;
   if (tlsKey && tlsCert) {
     key = tlsKey;
     cert = tlsCert;
     console.log('Using TLS key and cert from environment variables');
   } else if (keyPath && crtPath) {
-    const privateKeyPromise = require('fs').promises.readFile(keyPath, 'utf8');
-    const certificatePromise = require('fs').promises.readFile(crtPath, 'utf8');
+    const privateKeyPromise = fs.promises.readFile(keyPath, 'utf8');
+    const certificatePromise = fs.promises.readFile(crtPath, 'utf8');
     [key, cert] = await Promise.all([privateKeyPromise, certificatePromise]);
     console.log(`Using TLS key and cert from files: ${keyPath}, ${crtPath}`);
   } else {
@@ -133,7 +134,10 @@ function createHttpServer(app: express.Application): http.Server {
   return http.createServer(app);
 }
 
-export async function createServer(config: Config, app: express.Application): Promise<https.Server | http.Server> {
+export async function createServer(
+  config: Config,
+  app: express.Application,
+): Promise<https.Server | http.Server> {
   const server = isTLS(config) ? await createHttpsServer(app, config) : createHttpServer(app);
   if (config.keepAliveTimeout !== undefined) {
     server.keepAliveTimeout = config.keepAliveTimeout;
@@ -155,7 +159,12 @@ export function createBaseUri(config: Config): string {
  * Create error handling middleware
  */
 function errorHandler() {
-  return function (err: any, req: express.Request, res: express.Response, _next: express.NextFunction) {
+  return function (
+    err: any,
+    req: express.Request,
+    res: express.Response,
+    _next: express.NextFunction,
+  ) {
     debugLogger('Error: ' + (err && err.message ? err.message : String(err)));
     const statusCode = err && err.status ? err.status : 500;
     const result = {
@@ -191,7 +200,11 @@ export function app(cfg: Config): express.Application {
   }
 
   // Be more robust about accepting URLs with double slashes
-  app.use(function replaceUrlSlashes(req: express.Request, res: express.Response, next: express.NextFunction) {
+  app.use(function replaceUrlSlashes(
+    req: express.Request,
+    res: express.Response,
+    next: express.NextFunction,
+  ) {
     req.url = req.url.replace(/\/{2,}/g, '/');
     next();
   });

src/routes.ts

@@ -3,6 +3,7 @@
  */
 import express from 'express';
 import debug from 'debug';
+import pjson from '../package.json';
 
 const debugLogger = debug('enclaved:routes');
 
@@ -21,7 +22,6 @@ function handlePingExpress(_req: express.Request) {
  * Handler for version info
  */
 function handleVersionInfo(_req: express.Request) {
-  const pjson = require('../package.json');
   return {
     version: pjson.version,
     name: pjson.name,
@@ -37,7 +37,7 @@ function setupPingRoutes(app: express.Application) {
   app.get('/version', promiseWrapper(handleVersionInfo));
 }
 
-function setupKeyGenRoutes(app: express.Application) {
+function setupKeyGenRoutes() {
   // Register additional routes here as needed
   debugLogger('KeyGen routes configured');
 }
@@ -51,7 +51,7 @@ export function setupRoutes(app: express.Application): void {
   setupPingRoutes(app);
 
   // Register keygen routes
-  setupKeyGenRoutes(app);
+  setupKeyGenRoutes();
 
   // Add a catch-all for unsupported routes
   app.use('*', (_req, res) => {

src/types.ts

@@ -0,0 +1,30 @@
+/**
+ * @prettier
+ */
+export enum TlsMode {
+  DISABLED = 'disabled', // No TLS (plain HTTP)
+  ENABLED = 'enabled', // TLS with server cert only
+  MTLS = 'mtls', // TLS with both server and client certs
+}
+
+export interface Config {
+  port: number;
+  bind: string;
+  ipc?: string;
+  debugNamespace?: string[];
+  // TLS settings
+  keyPath?: string;
+  crtPath?: string;
+  tlsKey?: string;
+  tlsCert?: string;
+  tlsMode: TlsMode;
+  // mTLS settings
+  mtlsRequestCert?: boolean;
+  mtlsRejectUnauthorized?: boolean;
+  mtlsAllowedClientFingerprints?: string[];
+  // Other settings
+  logFile?: string;
+  timeout: number;
+  keepAliveTimeout?: number;
+  headersTimeout?: number;
+}

tsconfig.json

@@ -5,13 +5,14 @@
     "lib": ["es2018"],
     "declaration": true,
     "outDir": "./dist",
-    "rootDir": "./src",
+    "rootDir": ".",
     "strict": true,
     "esModuleInterop": true,
     "skipLibCheck": true,
     "forceConsistentCasingInFileNames": true,
+    "resolveJsonModule": true,
     "types": ["node", "jest"]
   },
-  "include": ["src/**/*"],
+  "include": ["src/**/*", "package.json"],
   "exclude": ["node_modules", "dist", "**/*.test.ts"]
 }