Merge branch 'freeCodeCamp:main' into main

Author: GauravSharmaCode

.github/workflows/crowdin-upload.client-ui.yml

@@ -2,8 +2,8 @@ name: i18n - Upload Client UI
 on:
   workflow_dispatch:
   schedule:
-    # runs every weekday at 11:15 AM UTC
-    - cron: '15 11 * * 1-5'
+    # runs every weekday at 7:15 AM UTC
+    - cron: '15 7 * * 1-5'
 
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/crowdin-upload.curriculum.yml

@@ -2,8 +2,8 @@ name: i18n - Upload Curriculum
 on:
   workflow_dispatch:
   schedule:
-    # runs every weekday at 11:30 AM UTC
-    - cron: '30 11 * * 1-5'
+    # runs every weekday at 7:30 AM UTC
+    - cron: '30 7 * * 1-5'
 
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/deploy.yml

@@ -11,9 +11,6 @@ on:
           - info
           - warn
         default: info
-  push:
-    branches:
-      - prod-*
 
 jobs:
   static:

README.md

@@ -1,7 +1,7 @@
 [![freeCodeCamp Social Banner](https://cdn.freecodecamp.org/platform/universal/fcc_banner_new.png)](https://www.freecodecamp.org/)
 
-[![Pull Requests Welcome](https://img.shields.io/badge/PRs-welcome-brightgreen.svg?style=flat)](http://makeapullrequest.com)
-[![first-timers-only Friendly](https://img.shields.io/badge/first--timers--only-friendly-blue.svg)](http://www.firsttimersonly.com/)
+[![Pull Requests Welcome](https://img.shields.io/badge/PRs-welcome-brightgreen.svg?style=flat)](https://makeapullrequest.com)
+[![first-timers-only Friendly](https://img.shields.io/badge/first--timers--only-friendly-blue.svg)](https://www.firsttimersonly.com/)
 [![Open Source Helpers](https://www.codetriage.com/freecodecamp/freecodecamp/badges/users.svg)](https://www.codetriage.com/freecodecamp/freecodecamp)
 [![Setup Automated](https://img.shields.io/badge/setup-automated-blue?logo=gitpod)](https://gitpod.io/from-referrer/)
 [![Discord](https://img.shields.io/discord/692816967895220344?logo=discord&label=Discord&color=5865F2)](https://discord.gg/PRyKn3Vbay)
@@ -257,10 +257,6 @@ Recent Contributions:
 
 ![Alt](https://repobeats.axiom.co/api/embed/89be0a1a1c8f641c54f9234a7423e7755352c746.svg 'Repobeats analytics image')
 
-### Platform, Build, and Deployment Status
-
-The general platform status for all our applications is available at [`status.freecodecamp.org`](https://status.freecodecamp.org). The build and deployment status for the code is available in [our DevOps Guide](https://contribute.freecodecamp.org/#/devops).
-
 ### License
 
 Copyright © 2025 freeCodeCamp.org

api/src/plugins/bouncer.ts

@@ -19,6 +19,12 @@ const plugin: FastifyPluginCallback = (fastify, _options, done) => {
     'send401IfNoUser',
     async function (req: FastifyRequest, reply: FastifyReply) {
       if (!req.user) {
+        const logger = fastify.log.child({ req });
+
+        logger.debug(
+          'User tried to access a protected route without being authenticated.'
+        );
+
         await reply.status(401).send({
           type: req.accessDeniedMessage?.type,
           message: req.accessDeniedMessage?.content
@@ -30,7 +36,11 @@ const plugin: FastifyPluginCallback = (fastify, _options, done) => {
   fastify.decorate(
     'redirectIfNoUser',
     async function (req: FastifyRequest, reply: FastifyReply) {
+      const logger = fastify.log.child({ req });
       if (!req.user) {
+        logger.debug(
+          'User tried to access a protected route without being authenticated.'
+        );
         const { origin } = getRedirectParams(req);
         await reply.redirectWithMessage(origin, {
           type: 'info',
@@ -45,7 +55,12 @@ const plugin: FastifyPluginCallback = (fastify, _options, done) => {
     'redirectIfSignedIn',
     async function (req: FastifyRequest, reply: FastifyReply) {
       if (req.user) {
+        const logger = fastify.log.child({ req });
+
         const { returnTo } = getRedirectParams(req);
+
+        logger.debug(`User is being redirected to: ${returnTo}`);
+
         await reply.redirect(returnTo);
       }
     }

api/src/plugins/cookie-update.ts

@@ -22,6 +22,8 @@ export const cookieUpdate: FastifyPluginCallback<Options> = (
   done
 ) => {
   fastify.addHook('onSend', (request, reply, _payload, next) => {
+    const logger = fastify.log.child({ request });
+
     for (const cookie of options.cookies) {
       const oldCookie = request.cookies[cookie];
       if (!oldCookie) continue;
@@ -30,6 +32,9 @@ export const cookieUpdate: FastifyPluginCallback<Options> = (
       const raw = unsigned.valid ? unsigned.value : oldCookie;
       void reply.setCookie(cookie, raw, options.attributes);
     }
+
+    logger.debug('Updated cookies for user.');
+
     next();
   });
 

api/src/plugins/cookies.ts

@@ -50,6 +50,7 @@ export const unsign = (rawValue: string): UnsignResult => {
  * @param done Callback to signal that the logic has completed.
  */
 const cookies: FastifyPluginCallback = (fastify, _options, done) => {
+  const logger = fastify.log.child({});
   void fastify.register(fastifyCookie, {
     secret: {
       sign,
@@ -71,6 +72,8 @@ const cookies: FastifyPluginCallback = (fastify, _options, done) => {
     void this.clearCookie('jwt_access_token');
     void this.clearCookie(CSRF_SECRET_COOKIE);
     void this.clearCookie(CSRF_COOKIE);
+
+    logger.debug('Clearing cookies for user.');
   });
 
   done();

api/src/plugins/csrf.ts

@@ -26,9 +26,9 @@ const csrf: FastifyPluginCallback = (fastify, _options, done) => {
   });
 
   // All routes except signout should add a CSRF token to the response
-  fastify.addHook('onRequest', (_req, reply, done) => {
-    const logger = fastify.log.child({ _req });
-    const isSignout = _req.url === '/signout' || _req.url === '/signout/';
+  fastify.addHook('onRequest', (req, reply, done) => {
+    const logger = fastify.log.child({ req });
+    const isSignout = req.url === '/signout' || req.url === '/signout/';
 
     if (!isSignout) {
       logger.debug('Adding CSRF token to response');

api/src/plugins/not-found.ts

@@ -14,17 +14,20 @@ import { getRedirectParams } from '../utils/redirection';
 const fourOhFour: FastifyPluginCallback = (fastify, _options, done) => {
   // If the request accepts JSON and does not specifically prefer text/html,
   // this will return a 404 JSON response. Everything else will be redirected.
-  fastify.setNotFoundHandler((request, reply) => {
-    const accepted = request.accepts().type(['json', 'html']);
+  fastify.setNotFoundHandler((req, reply) => {
+    const logger = fastify.log.child({ req });
+    const accepted = req.accepts().type(['json', 'html']);
+
+    logger.debug('User requested path that does not exist');
 
     if (accepted == 'json') {
       void reply.code(404).send({ error: 'path not found' });
     } else {
-      const { origin } = getRedirectParams(request);
+      const { origin } = getRedirectParams(req);
       void reply.status(302);
       void reply.redirectWithMessage(`${origin}/404`, {
         type: 'danger',
-        content: `We couldn't find path ${request.url}`
+        content: `We couldn't find path ${req.url}`
       });
     }
   });

api/src/plugins/security.ts

@@ -5,7 +5,11 @@ import { FREECODECAMP_NODE_ENV } from '../utils/env';
 
 const securityHeaders: FastifyPluginCallback = (fastify, _options, done) => {
   // OWASP recommended headers
-  fastify.addHook('onRequest', async (_request, reply) => {
+  fastify.addHook('onRequest', async (req, reply) => {
+    const logger = fastify.log.child({ req });
+
+    logger.debug('Adding security headers to response');
+
     void reply
       .header('Cache-Control', 'no-store')
       .header('Content-Security-Policy', "frame-ancestors 'none'")