fix postgres test env file, remove sign up confirm password input

[xoldd]

What kind of change does this PR introduce?

bugfix, feature

Issue Number:

Fixes #

Snapshots/Videos:

If relevant, did you update the documentation?

Summary

Fixed the issue for postgres test database where incorrect corresponding docker service name was provided through the .env.development file.

Removed the confirmedPassword input check as it is a UX concern.

Does this PR introduce a breaking change?

Checklist

CodeRabbit AI Review

• I have reviewed and addressed all critical issues flagged by CodeRabbit AI
• I have implemented or provided justification for each non-critical suggestion
• I have documented my reasoning in the PR comments where CodeRabbit AI suggestions were not implemented

Test Coverage

• I have written tests for all new changes/features
• I have verified that test coverage meets or exceeds 95%
• I have run the test suite locally and all tests pass

Other information

Have you read the contributing guide?

Summary by CodeRabbit

Release Notes

• New Features

  • None

• Bug Fixes

  • None

• Dependency Updates

  • Updated Node.js base image to version 22.13.0
  • Updated multiple package dependencies to latest versions
  • Updated package manager to pnpm 9.15.4

• Changes

  • Removed password confirmation field from sign-up process
  • Updated Docker and development container configurations

• Chores

  • Routine maintenance and version bumps across project dependencies

[coderabbitai]

Walkthrough

This pull request encompasses multiple configuration and dependency updates across various files. The changes include removing the confirmedPassword field from sign-up processes, updating Node.js and dependency versions, modifying environment configurations, and adjusting Docker and development container settings. The modifications appear to be routine maintenance and refinement of the project's infrastructure and dependency management.

Changes

File	Change Summary
.devcontainer/devcontainer.json	Removed pnpm push_drizzle_schema from postCreateCommand
docker/api.Containerfile	Updated Node.js base image from 22.12.0 to 22.13.0
envFiles/.env.devcontainer	Changed PostgreSQL test profile from postgres-test to postgres_test
package.json	Updated multiple dependency versions and Node.js engine requirement
schema.graphql	Removed confirmedPassword field from MutationSignUpInput
src/graphql/inputs/MutationSignUpInput.ts	Removed confirmedPassword validation and field
test/routes/graphql/Mutation/signUp.test.ts	Removed confirmedPassword-related test cases
test/routes/graphql/gql.tada-cache.d.ts	Updated GraphQL mutation type definitions
test/routes/graphql/gql.tada.d.ts	Removed confirmedPassword from input type

Possibly related PRs

• fix devcontainer, add documentation #2836: Development container setup modifications
• Added 12 new posts to sample_data/posts.json #2837: Sample data updates potentially affecting development environment
• feat:cleanup root dir #2853: Root directory cleanup and path updates

Suggested labels

ignore-sensitive-files-pr

Suggested reviewers

• palisadoes
• Cioppolo14
• gautam-divyanshu

Finishing Touches

• 📝 Generate Docstrings (Beta)

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR. (Beta)
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[github-actions]

Our Pull Request Approval Process

Thanks for contributing!

Testing Your Code

Remember, your PRs won't be reviewed until these criteria are met:

1. We don't merge PRs with poor code quality.
   1. Follow coding best practices such that CodeRabbit.ai approves your PR.
2. We don't merge PRs with failed tests.
   1. When tests fail, click on the Details link to learn more.
   2. Write sufficient tests for your changes (CodeCov Patch Test). Your testing level must be better than the target threshold of the repository
   3. Tests may fail if you edit sensitive files. Ask to add the ignore-sensitive-files-pr label if the edits are necessary.
3. We cannot merge PRs with conflicting files. These must be fixed.

Our policies make our code better.

Reviewers

Do not assign reviewers. Our Queue Monitors will review your PR and assign them.
When your PR has been assigned reviewers contact them to get your code reviewed and approved via:

1. comments in this PR or
2. our slack channel

Reviewing Your Code

Your reviewer(s) will have the following roles:

1. arbitrators of future discussions with other contributors about the validity of your changes
2. point of contact for evaluating the validity of your work
3. person who verifies matching issues by others that should be closed.
4. person who gives general guidance in fixing your tests

CONTRIBUTING.md

Read our CONTRIBUTING.md file. Most importantly:

1. PRs with issues not assigned to you will be closed by the reviewer
2. Fix the first comment in the PR so that each issue listed automatically closes

Other

1. 🎯 Please be considerate of our volunteers' time. Contacting the person who assigned the reviewers is not advised unless they ask for your input. Do not @ the person who did the assignment otherwise.
2. Read the CONTRIBUTING.md file make

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: .coderabbit.yaml
Review profile: ASSERTIVE
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 79d896a and f11e90d.

⛔ Files ignored due to path filters (1)

• pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml

📒 Files selected for processing (9)

• .devcontainer/devcontainer.json (1 hunks)
• docker/api.Containerfile (1 hunks)
• envFiles/.env.devcontainer (1 hunks)
• package.json (4 hunks)
• schema.graphql (0 hunks)
• src/graphql/inputs/MutationSignUpInput.ts (0 hunks)
• test/routes/graphql/Mutation/signUp.test.ts (0 hunks)
• test/routes/graphql/gql.tada-cache.d.ts (1 hunks)
• test/routes/graphql/gql.tada.d.ts (1 hunks)

💤 Files with no reviewable changes (3)

• schema.graphql
• src/graphql/inputs/MutationSignUpInput.ts
• test/routes/graphql/Mutation/signUp.test.ts

🧰 Additional context used

🪛 GitHub Actions: Pull request workflow

package.json

[error] Unauthorized changes detected in sensitive file. Requires 'ignore-sensitive-files-pr' label to proceed.

🔇 Additional comments (6)

test/routes/graphql/gql.tada-cache.d.ts (2)

Line range hint 94-94: LGTM! Input type definition is complete and well-structured.

The MutationSignUpInput type maintains all necessary fields for user registration while removing the redundant password confirmation.

---

14-14: LGTM! Schema changes align with PR objectives.

The removal of the confirmedPassword field from the Mutation_signUp type definition is consistent with the PR's goal to simplify the sign-up process.

Let's verify that this change is consistent across the schema:

✅ Verification successful

Verification successful: confirmedPassword field completely removed

The schema changes are consistent across the codebase with no remaining references to the confirmedPassword field in any GraphQL schemas or related files.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Check for any remaining references to confirmedPassword in schema files
# Expect: No occurrences of confirmedPassword in schema definitions

# Search for confirmedPassword in schema files
rg -i "confirmedPassword" --type graphql

Length of output: 72

---

Script:

#!/bin/bash
# Find potential GraphQL schema files
echo "=== Finding GraphQL files ==="
fd -e graphql -e gql

echo -e "\n=== Searching for confirmedPassword ==="
# Use regular grep since we know exact files to search
fd -e graphql -e gql -x grep -i "confirmedPassword" {} \;

# Also search in TypeScript/JavaScript files that might contain GraphQL
echo -e "\n=== Searching in TS/JS files ==="
rg -t ts -t js "confirmedPassword"

Length of output: 378

test/routes/graphql/gql.tada.d.ts (1)

Line range hint 1-1: Skipping review of identical file.

This file is identical to gql.tada-cache.d.ts and contains the same schema changes.

.devcontainer/devcontainer.json (1)

73-73: ⚠️ Potential issue

Sensitive file modification requires approval.

This change modifies a sensitive file and requires the 'ignore-sensitive-files-pr' label to proceed according to the pipeline failure.

Additionally, removing pnpm push_drizzle_schema from the post-create command might affect database schema synchronization. Please verify if this removal is intentional and won't impact the development environment setup.

package.json (1)

9-10: ⚠️ Potential issue

Sensitive file modification requires approval.

The package.json updates require the 'ignore-sensitive-files-pr' label to proceed. However, the changes appear to be routine dependency updates with minor version bumps.

Let's verify the compatibility of these updates:

Also applies to: 17-17, 26-26, 38-40, 45-45, 49-49, 54-54, 66-66

✅ Verification successful

Package updates verified as safe routine maintenance

The package.json changes are minor version updates to secure versions:

• fastify: ^5.2.1 (well above last vulnerable version 4.10.2)
• @fastify/jwt: ^9.0.3 (no known vulnerabilities)
• @fastify/rate-limit: ^10.2.2

While this is a sensitive file, the changes are routine dependency updates with no security implications.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Check for any known vulnerabilities in the updated packages
gh api graphql -f query='
{
  securityVulnerabilities(first: 10, ecosystem: NPM, package: "fastify") {
    nodes {
      advisory {
        summary
        severity
        publishedAt
      }
      vulnerableVersionRange
    }
  }
}'

Length of output: 1211

---

Script:

#!/bin/bash
# Check Fastify version and related package versions
cat package.json | jq '.dependencies | .["fastify"], .["@fastify/jwt"], .["@fastify/rate-limit"]'

# Check for vulnerabilities in specific packages
gh api graphql -f query='
{
  securityVulnerabilities(first: 10, ecosystem: NPM, package: "@fastify/jwt") {
    nodes {
      advisory {
        summary
        severity
        publishedAt
      }
      vulnerableVersionRange
    }
  }
}'

Length of output: 419

🧰 Tools

🪛 GitHub Actions: Pull request workflow

[error] Unauthorized changes detected in sensitive file. Requires 'ignore-sensitive-files-pr' label to proceed.

docker/api.Containerfile (1)

43-43: LGTM: Consistent Node.js version update.

The update to node:22.13.0-bookworm-slim aligns with the Node.js engine requirement in package.json.

[coderabbitai]

💡 Codebase verification

⚠️ Inconsistent naming convention for PostgreSQL test service

The service is defined as postgres-test (with hyphen) in Docker Compose files, but COMPOSE_PROFILES uses postgres_test (with underscore). This mismatch should be fixed:

• docker/compose.testing.yaml: Uses postgres-test
• docker/compose.devcontainer.yaml: Uses postgres-test
• envFiles/.env.devcontainer: Uses postgres_test

🔗 Analysis chain

Approved: Fix for postgres test environment configuration.

The change from postgres-test to postgres_test in COMPOSE_PROFILES aligns with the PR objective to fix the PostgreSQL test database configuration.

Let's verify the consistency of this naming convention:

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Check if the service name matches in Docker Compose files
rg -l 'postgres[-_]test' docker/compose.*.yaml

Length of output: 148

---

Script:

#!/bin/bash
# Display the actual service definitions
rg -A 5 'postgres[-_]test:' docker/compose.*.yaml

Length of output: 2259