Merge branch 'main' into snyk-upgrade-9f1c6df16b588d5967b55cb8a240c18c

Author: KleilsonSantos

.github/workflows/main-ci.yml

@@ -49,7 +49,7 @@ jobs:
         with:
           node-version: ${{ matrix.node-version }}
       - run: npm run test:coverage:sonar
-
+      
 
   webpack:
     name: 📦 Webpack Build

.vscode/settings.json

@@ -0,0 +1,7 @@
+{
+  "docwriter.style": "GoDoc",
+  "sonarlint.connectedMode.project": {
+    "connectionId": "My Sonar Server",
+    "projectKey": "mongo-rest-api"
+  }
+}

README.md

@@ -30,7 +30,7 @@ meu-projeto
 │   │   ├── UserRole.enum
 │   ├──  middlewares
 │   │   ├── authMiddleware.ts
-│   │   ├── morgan-middleware.ts
+│   │   ├── morgan.middleware.ts
 │   │   ├── swaggerAuth.ts
 │   ├──  models
 │   │   ├── User.ts
@@ -156,7 +156,7 @@ SWAGGER_API_KEY=sua-api-key
 - `src/model/Payload.interface.ts`: Arquivo de configuração da interface Payload.
 - `src/routes/user-router.ts`: Arquivo de configuração das rotas de usuários.
 - `src/middlewares/authMiddleware.ts`: Arquivo de configuração do middleware de autenticação.
-- `src/middlewares/morgan-middleware.ts`: Arquivo de configuração do middleware de log.
+- `src/middlewares/morgan.middleware.ts`: Arquivo de configuração do middleware de log.
 - `src/config/db.ts`: Arquivo de configuração da conexão com o banco de dados.
 - `src/config/logger.ts`: Arquivo de configuração do logger.
 - `src/config/swagger.ts`: Arquivo de configuração do Swagger.

SECURITY.md

@@ -0,0 +1,21 @@
+# Security Policy
+
+## Supported Versions
+
+Use this section to tell people about which versions of your project are
+currently being supported with security updates.
+
+| Version | Supported          |
+| ------- | ------------------ |
+| 5.1.x   | :white_check_mark: |
+| 5.0.x   | :x:                |
+| 4.0.x   | :white_check_mark: |
+| < 4.0   | :x:                |
+
+## Reporting a Vulnerability
+
+Use this section to tell people how to report a vulnerability.
+
+Tell them where to go, how often they can expect to get an update on a
+reported vulnerability, what to expect if the vulnerability is accepted or
+declined, etc.

jest.config.mjs

@@ -13,16 +13,17 @@ async function setupJestConfig() {
     testEnvironment: 'node',
 
     // 📁 Define a raiz dos testes como a pasta "src"
-    roots: ['<rootDir>/src'],
+    roots: ['<rootDir>./src'],
 
+    
     // 📄 Extensões de arquivos que o Jest deve considerar
     moduleFileExtensions: ['ts', 'js'],
 
     // 🔄 Como transformar os arquivos TypeScript para testes
     transform: {
       '^.+\\.ts?$': ['ts-jest', { useESM: true }],
     },
-
+    
     // 📦 Extensões tratadas como módulos ES
     extensionsToTreatAsEsm: ['.ts'],
 
@@ -35,46 +36,48 @@ async function setupJestConfig() {
       '!src/**/*.d.ts', // Ignora arquivos de definição de tipos
       '!src/**/*.test.ts', // Ignora arquivos de teste
     ],
-
+    
     // 🗂️ Pasta onde será gerado o relatório de cobertura
     coverageDirectory: 'coverage',
-
+    
     // 🚫 Ignora arquivos/pastas específicos da cobertura
     coveragePathIgnorePatterns: [
       '/node_modules/',
       '<rootDir>/src/interfaces/',
       '<rootDir>/src/types/',
     ],
-
+    
     // 📰 Define os "reporters" para saída dos testes
     reporters: [
       'default', // Reporter padrão do Jest
       [
         'jest-html-reporter', // Gera relatório HTML
         {
-          outputDirectory: 'coverage/jest-html-reporter',
           outputName: 'jest-html-reporter.html',
         },
       ],
       [
         'jest-sonar', // Gera relatório SonarQube
         {
-          outputDirectory: 'coverage/sonar-report',
           outputName: 'sonar-report.xml',
         },
       ],
     ],
-
+    
     // ⏱️ Configurações relacionadas a fake timers do Jest
     fakeTimers: {
       enableGlobally: false,
     },
-
+    
     // ⚙️ Scripts que devem ser executados antes de inicializar os testes
     setupFiles: ['<rootDir>/src/config/load-env.ts'],
-    globalSetup: './src/tests/setup/globalSetup.ts',
-    globalTeardown: './src/tests/setup/globalTeardown.ts',
-    setupFilesAfterEnv: ['./src/tests/setup/jest.setup.ts'],
+    setupFilesAfterEnv: ['./src/setup/jest.setup.ts'],
+    
+    // 🧪 Config
+    testMatch: ['**/tests/**/*.test.ts', '**/?(*.)+(spec|test).ts'],
+    
+    // 🧪 Define o padrão de teste para arquivos TypeScript
+    testRegex: undefined,
   };
 }
 

package-lock.json

@@ -1,10 +1,10 @@
 {
   "name": "mongo-rest-api",
-  "version": "1.3.11",
+  "version": "1.3.12",
   "description": "MongoDB REST API - With Node.js, Express and TypeScript",
   "main": "index.js",
   "scripts": {
-    "development": "NODE_ENV=development ts-node -r ./load-env.ts src/app.ts",
+    "dev": "NODE_ENV=development ts-node -r ./src/config/load-env.ts src/server/server.ts",
     "env": "tsx src/config/load-env.ts",
     "prestart": "npm run start:ts &&npm run build:webpack",
     "start:webpack": "webpack serve --config webpack.config.js",
@@ -17,7 +17,7 @@
     "format": "prettier --write '\"src/**/*.{ts,js,json,md}\"'",
     "test": "cross-env NODE_ENV=test jest --config jest.config.mjs --verbose --detectOpenHandles",
     "test:coverage:sonar": "tsx src/config/load-env.ts && cross-env NODE_ENV=test jest --coverage --config jest.config.mjs --reporters=default jest-sonar --reporters=jest-sonar",
-    "sonar:scanner": "sonar-scanner -Dsonar.projectKey=mongo-rest-api -Dsonar.sources=. -Dsonar.host.url=${SONAR_URL_LOCAL} -Dsonar.login=${SONAR_TOKEN} -Dsonar.language=js -Dsonar.sourceEncoding=UTF-8",
+    "sonar:scanner": "sonar-scanner -Dsonar.projectKey=mongo-rest-api -Dsonar.sources=. -Dsonar.host.url=${SONAR_HOST_URL} -Dsonar.login=${SONAR_TOKEN} -Dsonar.language=js -Dsonar.sourceEncoding=UTF-8",
     "dependency:check": "snyk test",
     "dependency:monitor": "snyk monitor",
     "owasp:generate": "cross-env JAVA_OPTS='-Xmx1024m' owasp-dependency-check --project mongo-rest-api --out=./coverage/dependency-check/reports -f HTML -f JSON",
@@ -49,13 +49,13 @@
     "browserify-zlib": "^0.2.0",
     "config": "^3.3.12",
     "crypto-browserify": "^3.12.1",
-    "dotenv": "^16.4.7",
+    "dotenv": "^16.5.0",
     "dotenv-flow": "^4.1.0",
     "dotenv-safe": "^9.1.0",
     "express": "^4.21.2",
     "express-validator": "^7.2.1",
     "jsonwebtoken": "^9.0.2",
-    "mongoose": "^8.13.2",
+    "mongoose": "^8.14.1",
     "morgan": "^1.10.0",
     "progress": "^2.0.3",
     "simple-git": "^3.27.0",

package.json

@@ -1,10 +1,10 @@
 
 sonar.projectName=Mongo Rest API
 sonar.projectKey=mongo-rest-api
-sonar.projectVersion=1.3.11
+sonar.projectVersion=1.3.12
 
 sonar.host.url=${SONAR_HOST_URL}
-sonar.login=${SONAR_TOKEN}
+sonar.token=${SONAR_TOKEN}
 sonar.sourceEncoding=UTF-8
 
 # Fontes e testes

sonar-project.properties

@@ -1,9 +1,9 @@
 import './config/load-env';
-import Logger from './config/logger';
+import express from 'express';
 import setupSwagger from './config/swagger';
 import { router } from './routers/router';
-import { morganMiddleware } from './middlewares/morgan-middleware';
-import express, { NextFunction, Request, Response } from 'express';
+import { errorMiddleware } from './middlewares/error.middleware';
+import { morganMiddleware } from './middlewares/morgan.middleware';
 
 // 🌍 Get environment variables
 const apiUrl: string | undefined = process.env.API_URL ?? '/api/v1';
@@ -20,10 +20,8 @@ app.use(apiUrl, router); // 🌐 Use main router for API endpoints
 // 📊 Swagger
 setupSwagger(app);
 
+
 // ⚠️ Global Middleware error handling
-app.use((err: Error, req: Request, res: Response, next: NextFunction) => {
-  Logger.error('🔥 Global error handler:', err);
-  res.status(500).json({ message: err.message || 'Internal Server Error' });
-});
+app.use(errorMiddleware);
 
-export default app;
+export default app;

src/app.ts

@@ -1,6 +1,6 @@
 import swaggerJsDoc from 'swagger-jsdoc';
 import swaggerUi from 'swagger-ui-express';
-import swaggerAuthMiddleware from '../middlewares/swagger-auth-middleware';
+import swaggerAuthMiddleware from '../middlewares/swagger.middleware';
 import { Express } from 'express';
 
 // ⚙️ Swagger options configuration