Skip to content

Develop -> Master (31 Oct)#2576

Merged
HarshP4585 merged 326 commits into
masterfrom
develop
Nov 4, 2025
Merged

Develop -> Master (31 Oct)#2576
HarshP4585 merged 326 commits into
masterfrom
develop

Conversation

@HarshP4585
Copy link
Copy Markdown
Collaborator

@HarshP4585 HarshP4585 commented Oct 31, 2025

Describe your changes

  • Merge develop into master (31 Oct)

Write your issue number after "Fixes "

Enter the corresponding issue number after "Fixes #"

Please ensure all items are checked off before requesting a review:

  • I deployed the code locally.
  • I have performed a self-review of my code.
  • I have included the issue # in the PR.
  • I have labelled the PR correctly.
  • The issue I am working on is assigned to me.
  • I have avoided using hardcoded values to ensure scalability and maintain consistency across the application.
  • I have ensured that font sizes, color choices, and other UI elements are referenced from the theme.
  • My pull request is focused and addresses a single, specific feature.
  • If there are UI changes, I have attached a screenshot or video to this PR.

solan117 and others added 30 commits October 24, 2025 17:31
@solan117
refactor(tools): streamline file download with `triggerBrowserDownloa…
810f276 
…d` utility

- Replaced inline browser download logic with the reusable `triggerBrowserDownload` utility.
- Simplified `handleDownload` function for improved readability and maintainability.
- Added JSDoc for enhanced code documentation.
@solan117
Merge branch 'develop' into feature/file-manager-tables
f32093f 
# Conflicts:
#	Clients/src/presentation/components/Modals/Basic/index.tsx
@solan117
fix(ui): remove duplicate conditional rendering in BasicModal button
7aef00e
@solan117
feat(utils): refactor file download logic with reusable utilities
ab61172 
- Added `triggerBrowserDownload` and `extractFilenameFromHeaders` utilities for cleaner and reusable browser download logic.
- Updated `handleDownload` and `handleAutoDownload` to leverage shared download functionality.
- Enhanced maintainability by reducing duplicate code and following DRY principles.
@solan117
feat(utils): add new file manager actions for download and delete
66dee97 
- Added `handleFileManagerDownload` and `handleFileDelete` functions for downloading and deleting files from the file manager.
- Updated `handleDownload` and `handleAutoDownload` with consistent formatting and error handling.
- Improved compatibility with `feature/file-manager-tables`.
@solan117
feat(utils): reuse extractFilenameFromHeaders in file download logic
1f16b43 
- Replaced inline filename extraction logic with the shared `extractFilenameFromHeaders` utility to ensure consistency and maintain DRY principles.
- Updated `IconButton` dropdown actions to include "remove" for "evidence" type.
@solan117
Merge branch 'develop' into feature/file-manager-upload
9397a36
@solan117
refactor(utils): improve handleAutoDownload with defensive checks a…
a791f2f 
…nd type safety

- Added `Promise<number>` type to ensure return type clarity.
- Enhanced filename extraction with defensive logic to handle missing or malformed `Content-Disposition` headers.
- Added null check for `Content-Type` header to improve robustness.
@solan117
security(routes): enhance path containment validation in temp file cl…
8a87d70 
…eanup

- Replaced `path.resolve` with `fs.realpathSync` for symlink-aware validation.
- Added error handling for path resolution failures.
- Strengthened containment checks to prevent directory traversal using symlinks.
- Improved logging for unresolved paths during cleanup.
@solan117
security(routes): improve error handling in temp file cleanup
3574cf6 
- Moved error handling for path resolution failures below containment checks.
- Enhanced logging with formatted messages for unresolved paths and violations.
- Ensured cleanup process proceeds gracefully despite resolution errors.
@Br0wnHammer
Feat: Geography Select FE
89d1782
@Br0wnHammer
Feat: Geography Column in Project Model
a3ef215
@Br0wnHammer
Feat: Multi-tenant Migration
db70077
@Br0wnHammer
Fix: FE Build
0b15d10
@solan117
refactor(middleware): remove custom keyGenerator for rate limiting
23dba49 
- Simplified rate limiting middleware by relying on the default `keyGenerator` for IP handling.
- Updated comments to reflect support for IPv6 and Express trust proxy behavior.
@solan117
refactor(fileManager): improve error handling and modularize utilities
0176dca 
- Enhanced error handling for file deletion to detect partial failures and raise appropriate exceptions.
- Modularized temp file cleanup and authentication validation into reusable utilities.
- Improved logging for cleanup errors and unauthorized actions.
- Strengthened type checks and ensured consistent behavior across file operations.
@solan117
refactor(middleware): enhance rate limiting with reusable logic and r…
619bf50 
…obust IP handling

- Added centralized `baseRateLimitConfig` for shared settings across limiters.
- Introduced a robust `getClientIp` utility for reliable IP extraction with multiple fallbacks.
- Modularized rate limit handlers using `createRateLimitHandler` for standardized responses.
- Improved logging and error handling for rate limit violations.
- Updated all limiters (file operations, general API, auth) to use new utilities.
@solan117
security(fileManager): add symlink-aware path validation in temp file…
e879328 
… cleanup

- Implemented `fs.realpathSync` to ensure symlink-aware validation during file deletion.
- Added containment checks to prevent directory traversal attacks and log violations.
- Enhanced cleanup logic to ignore already-deleted files while maintaining robust error handling.
@solan117
security(fileManager): strengthen temp file cleanup with stricter pat…
3b27727 
…h validation

- Added filename sanitization to allow only safe characters (alphanumeric, underscore, hyphen, dot).
- Reconstructed file paths using trusted inputs to prevent directory traversal.
- Improved symlink-aware validation and ensured files are strictly contained within the temp directory.
- Enhanced error handling, logging violations, and handling edge cases like missing or non-existent files.
- Maintained asynchronous behavior for non-blocking cleanup.
@solan117
refactor(fileManager): streamline response handling and adjust loggin…
53ca64b 
…g parameters

- Updated response format using `STATUS_CODE[200]` utility for consistency.
- Replaced explicit `userId` type conversion with cleaner usage.
- Improved code readability and standardized response structure.
@solan117
security(fileManager, middleware): enhance tenant validation and stre…
4369b93 
…ngthen rate limiting

- Moved tenant format validation to `authenticateUpload` for centralized validation logic.
- Improved rate limiting by rejecting requests without identifiable IPs, ensuring stricter security.
@Br0wnHammer
Fix: Demo Data Insertion
6a445b2
@solan117
refactor(middleware): simplify rate limiting with reusable configurat…
35c151c 
…ions

- Introduced centralized `RATE_LIMIT_CONFIGS` for predefined settings.
- Replaced custom IP extraction with express-rate-limit's built-in IPv6-safe handling.
- Streamlined rate limiters (file operations, general API, auth) with `createRateLimiter` utility.
- Improved logging for rate limit violations with normalized IP handling.
@solan117
Merge branch 'develop' into feature/file-manager-backend
6c172a4
@solan117
refactor(logging): replace console logging with centralized logger ut…
40d146f 
…ility

- Updated all `console.error` and `console.warn` calls to use `logger.error` and `logger.warn` respectively.
- Integrated `fileLogger` utility into `fileManager`, `middleware`, and `routes` to ensure standardized logging.
@solan117
Merge branch 'develop' into feature/file-manager-core
a561d3b
@solan117
feat(api): improve type safety and response handling in file repository
b205277 
- Exported `FileMetadata` and `FileManagerResponse` for shared usage across modules.
- Introduced `FileUploadResponse` interface for structured upload response typing.
- Updated API methods (`getFileById`, `getUserFilesMetaData`, `uploadFileToManager`, `downloadFileFromManager`) to utilize typed responses.
- Refined return types for better clarity and type alignment across file operations.
@solan117
feat(api): add uploadedBy field to FileMetadata interface
e9c7126 
- Extended `FileMetadata` to include `uploadedBy`, enhancing information stored for each file.
@solan117
feat(ui): add FileManagerUploadModal component for file upload mana…
b5f81d6 
…gement

- Introduced `FileManagerUploadModal` to handle file uploads with drag-and-drop and browse options.
- Includes file validation, upload progress tracking, error handling, and success states.
- Integrated Material-UI components and lucide-react icons for UI consistency.
@solan117
feat(ui): add FileManagerUploadModal component for file upload mana…
9cdeb54 
…gement

- Introduced `FileManagerUploadModal` to handle file uploads with drag-and-drop and browse options.
- Includes file validation, upload progress tracking, error handling, and success states.
- Integrated Material-UI components and lucide-react icons for UI consistency.
MuhammadKhalilzadeh and others added 4 commits November 3, 2025 10:29
@MuhammadKhalilzadeh @github-advanced-security
Potential fix for code scanning alert no. 10: Missing rate limiting
a2fd82e 
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
@MuhammadKhalilzadeh
Merge pull request #2596 from bluewave-labs/alert-autofix-10
8e7c040 
Potential fix for code scanning alert no. 10: Missing rate limiting
@MuhammadKhalilzadeh @github-advanced-security
Potential fix for code scanning alert no. 12: Database query built fr…
52e7f61 
…om user-controlled sources

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
@MuhammadKhalilzadeh
Merge pull request #2597 from bluewave-labs/alert-autofix-12
d18431e 
Potential fix for code scanning alert no. 12: Database query built from user-controlled sources
gorkem-bwl and others added 22 commits November 3, 2025 11:01
@gorkem-bwl
Merge pull request #2578 from bluewave-labs/ks-038-Oct-31-File-Manage…
98b21d1 
…r-Table

Ks 038 oct 31 file manager table
added code to link models with projects and frameworks
2afa1e7
resolve merge conflicts
385900c
@MuhammadKhalilzadeh @github-advanced-security
Potential fix for code scanning alert no. 10: Missing rate limiting
6c6cf7e 
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
@MuhammadKhalilzadeh
Merge pull request #2599 from bluewave-labs/alert-autofix-10
e79cef1 
Potential fix for code scanning alert no. 10: Missing rate limiting
@gorkem-bwl
Fix Management dropdown overflow in collapsed sidebar
ee75210 
When the sidebar is collapsed, the Management dropdown menu items were being cut off. This fixes the issue by:
- Adjusting anchor positioning to show the menu to the right when collapsed
- Adding minimum width to ensure proper display of all menu items
@gorkem-bwl
Merge pull request #2600 from bluewave-labs/fix-management-dropdown-o…
59fcd1e 
…verflow

Fix Management dropdown overflow in collapsed sidebar
updated code
f83b8a6
@Br0wnHammer
Fix: Multi-Report Data Type
3b9e3f9
@gorkem-bwl
Merge pull request #2601 from bluewave-labs/as-nov-3-hotfix-multi-report
7c2d205 
Fix: Multi-Report Data Type
@gorkem-bwl
Add count badges to tab labels
8a9e0ef 
- Create reusable tabUtils utility for tab labels with count badges
- Add counts to Vendors and Risks tabs in Vendors page
- Add counts to Models, Model risks, and MLFlow data tabs in Model Inventory
- Add counts to Resources and Subprocessors tabs in AI Trust Center
- Badge design: green circular style with adaptive width for 1-2 digits
updated migration script
cbe9562
@gorkem-bwl
Remove unused Chip import
50617a9
@gorkem-bwl
Merge pull request #2602 from bluewave-labs/add-tab-count-badges
bda0d19 
Add count badges to tab labels
fix mlflow bug
e7be170
Merge branch 'develop' of https://github.com/bluewave-labs/verifywise
07227cf 
…into develop
Merge branch 'develop' of https://github.com/bluewave-labs/verifywise
b872e97 
…into hp-nov-3-link-models-with-projects-and-frameworks
fixed warnings
fb80e78
@HarshP4585
Merge pull request #2598 from bluewave-labs/hp-nov-3-link-models-with…
37324af 
…-projects-and-frameworks

Link models with projects and frameworks
updated geograpgy migration script
e68da17
updated code
a7d8bbf
fix file manager migration file
202834d
@HarshP4585 HarshP4585 marked this pull request as ready for review November 4, 2025 00:55
@HarshP4585 HarshP4585 merged commit 6b6c0ff into master Nov 4, 2025
9 of 10 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@MuhammadKhalilzadeh MuhammadKhalilzadeh MuhammadKhalilzadeh approved these changes

@gorkem-bwl gorkem-bwl Awaiting requested review from gorkem-bwl

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

9 participants

@HarshP4585 @github-advanced-security @MuhammadKhalilzadeh @solan117 @Br0wnHammer @gorkem-bwl @rachanabasnet @sermengi @swaleha456