issues Search Results · language:Dune language:JavaScript language:JavaScript language:JavaScript linked:pr linked:pr
Filter by
1.7M results
package.json test script is NODE_ENV=test ./node_modules/.bin/mocha .... The inline env-var syntax does not work in
Windows cmd/PowerShell, and cross-env (already a dependency) is not used. There are also ...
backend
bug
testing
dev-miro26
server.js carries a big commented-out session/connect-mongo block and a duplicate bootstrap. models/user.js imports
Metrics only for a commented-out pre( save ) default-seeding hook. Remove the dead code ...
backend
cleanup
config/config.js is an empty file. config/express.js builds a second Express app that is never required by the live
entrypoint (server.js). routes/routes.js similarly duplicates the route wiring in server.js ...
backend
cleanup
package.json pins mongoose@^5.9.6. Mongoose 5 is EOL and no longer receives security fixes. Plan an upgrade to
Mongoose 7/8, which also removes the deprecated connection options currently used in config/mongoose.js. ...
backend
dependencies
security
config/mongoose.js connects to process.env.MONGODB_URI_PRODUCTION regardless of environment, and uses deprecated options
(useNewUrlParser, useUnifiedTopology, useFindAndModify). There is no separate dev/test ...
backend
bug
middleware/checkObjectId.js is present but not applied on any route. Endpoints that take _id (delete/update metric,
wage, group) will throw a CastError → 500 when given a malformed ObjectId. Apply checkObjectId ...
backend
bug
controllers/wage.js getUserMetricsAllTodayWages loads all of a user s wages with Wage.find({ userId }) and filters them
in JavaScript by year/month/day.
Problems:
- Does not scale — fetches the entire ...
backend
bug
performance
The API authenticates via the x-auth-token header and a JWT containing { user: { id } }. This is fragile and
undocumented. Document the auth contract (header name, token payload, expiry) in the README ...
backend
documentation
utils/auth.js exports createJWT(email, userId, duration) producing a payload { email, userId, duration }, but
controllers/auth.js signs its own token with payload { user: { id } } and the middleware reads ...
backend
bug
cleanup
In controllers/auth.js register, there is a stray line Metrics.insertM between hashing the password and await
user.save(). It references a non-existent method, is not called, and has no effect. It looks ...
backend
bug
cleanup
Learn how you can use GitHub Issues to plan and track your work.
Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub IssuesProTip! Restrict your search to the title by using the in:title qualifier.
Learn how you can use GitHub Issues to plan and track your work.
Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub IssuesProTip! Restrict your search to the title by using the in:title qualifier.