High volume data generation on top of MongoDB #105
Conversation
…erfile to expose port 8080, and add MongoDB service to Docker Compose
…add unit tests for settings functionality
…ations, update setup logic, and remove unused models
…pdate method signatures, and enhance test coverage
…Tests.ts run via "npx tsx src/__tests__/services/calendarClockServiceTests.ts"
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
There was a problem hiding this comment.
ESLint found more than 20 potential problems in the proposed changes. Check the Files changed tab for more details.
Dependency ReviewThe following issues were found:
|
| const newData = JSON.parse(JSON.stringify(this.baseData)); | ||
|
|
||
| newData.surveys = newData.surveys.map((survey: any) => { | ||
| survey.userId = this.getRandomUserId(); |
Check failure
Code scanning / CodeQL
Insecure randomness High test
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI 9 days ago
To fix the problem, we need to replace the use of Math.random() with a cryptographically secure random number generator. In Node.js, we can use the crypto module's randomInt function to generate secure random integers. This will ensure that the generated values are not predictable and enhance the security of the application.
We will:
- Import the
cryptomodule. - Replace all instances of
Math.random()withcrypto.randomInt.
| @@ -6,2 +6,3 @@ | ||
| import { SurveyType } from 'models/survey.model.js'; | ||
| import { randomInt } from 'crypto'; | ||
|
|
||
| @@ -17,3 +18,3 @@ | ||
| private getRandomUserId(): string { | ||
| return this.config.userIds[Math.floor(Math.random() * this.config.userIds.length)]; | ||
| return this.config.userIds[randomInt(this.config.userIds.length)]; | ||
| } | ||
| @@ -21,3 +22,3 @@ | ||
| private getRandomOrg(): string { | ||
| return this.config.orgs[Math.floor(Math.random() * this.config.orgs.length)]; | ||
| return this.config.orgs[randomInt(this.config.orgs.length)]; | ||
| } | ||
| @@ -25,3 +26,3 @@ | ||
| private getRandomRepo(): string { | ||
| return this.config.repos[Math.floor(Math.random() * this.config.repos.length)]; | ||
| return this.config.repos[randomInt(this.config.repos.length)]; | ||
| } | ||
| @@ -29,3 +30,3 @@ | ||
| private getRandomPrNumber(): number { | ||
| return Math.floor(Math.random() * 100); | ||
| return randomInt(100); | ||
| } | ||
| @@ -33,3 +34,3 @@ | ||
| private getRandomPercentTimeSaved(): number { | ||
| return Math.floor(Math.random() * 100); | ||
| return randomInt(100); | ||
| } | ||
| @@ -37,3 +38,3 @@ | ||
| private getRandomReason(): string { | ||
| return this.config.reasons[Math.floor(Math.random() * this.config.reasons.length)]; | ||
| return this.config.reasons[randomInt(this.config.reasons.length)]; | ||
| } | ||
| @@ -41,3 +42,3 @@ | ||
| private getRandomTimeUsedFor(): string { | ||
| return this.config.timeUsedFors[Math.floor(Math.random() * this.config.timeUsedFors.length)]; | ||
| return this.config.timeUsedFors[randomInt(this.config.timeUsedFors.length)]; | ||
| } | ||
| @@ -45,3 +46,3 @@ | ||
| private getRandomDate(): Date { | ||
| return addDays(this.config.startDate, Math.floor(Math.random() * (this.config.endDate.getTime() - this.config.startDate.getTime()) / (1000 * 60 * 60 * 24))); | ||
| return addDays(this.config.startDate, randomInt((this.config.endDate.getTime() - this.config.startDate.getTime()) / (1000 * 60 * 60 * 24))); | ||
| } | ||
| @@ -57,3 +58,3 @@ | ||
| survey.prNumber = this.getRandomPrNumber(); | ||
| survey.usedCopilot = Math.random() > 0.5; | ||
| survey.usedCopilot = randomInt(2) > 0; | ||
| survey.percentTimeSaved = this.getRandomPercentTimeSaved(); |
| const [updated] = await Survey.update(req.body, { | ||
| where: { id } | ||
| }); | ||
| const updated = await Survey.findByIdAndUpdate(id, req.body); |
Check failure
Code scanning / CodeQL
Database query built from user-controlled sources High
| }], | ||
| attributes: ['name', 'org', 'slug', 'description', 'html_url'] | ||
| const query = req.query.org ? { org: req.query.org as string } : {}; | ||
| const teams = await Team.find(query) |
Check failure
Code scanning / CodeQL
Database query built from user-controlled sources High
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI 11 days ago
To fix the problem, we need to ensure that the user input is interpreted as a literal value and not as a query object. This can be achieved by using the $eq operator in the MongoDB query. This approach ensures that the user input is treated as a literal value, preventing any potential NoSQL injection attacks.
| @@ -10,3 +10,3 @@ | ||
| try { | ||
| const query = req.query.org ? { org: req.query.org as string } : {}; | ||
| const query = req.query.org ? { org: { $eq: req.query.org as string } } : {}; | ||
| const teams = await Team.find(query) |
| }); | ||
| return await Survey.findByPk(survey.id); | ||
| const Survey = mongoose.model('Survey'); | ||
| await Survey.updateOne({ id: survey.id }, survey); |
Check failure
Code scanning / CodeQL
Database query built from user-controlled sources High
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI about 23 hours ago
To fix the problem, we need to ensure that the user input is properly sanitized before being used in the database query. We can use the $eq operator to ensure that the id is treated as a literal value and not as a query object. This will prevent any potential NoSQL injection attacks.
| @@ -11,3 +11,3 @@ | ||
| const Survey = mongoose.model('Survey'); | ||
| await Survey.updateOne({ id: survey.id }, survey); | ||
| await Survey.updateOne({ id: { $eq: survey.id } }, survey); | ||
| return await Survey.findOne({ id: survey.id }); |
| }); | ||
| return await Survey.findByPk(survey.id); | ||
| const Survey = mongoose.model('Survey'); | ||
| await Survey.updateOne({ id: survey.id }, survey); |
Check failure
Code scanning / CodeQL
Database query built from user-controlled sources High
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI about 23 hours ago
To fix the problem, we need to ensure that the user-provided data is properly sanitized before being used in a MongoDB query. We can use the $eq operator to ensure that the user input is interpreted as a literal value and not as a query object. This will prevent NoSQL injection attacks.
| @@ -11,3 +11,3 @@ | ||
| const Survey = mongoose.model('Survey'); | ||
| await Survey.updateOne({ id: survey.id }, survey); | ||
| await Survey.updateOne({ id: { $eq: survey.id } }, survey); | ||
| return await Survey.findOne({ id: survey.id }); |
| return await Survey.findByPk(survey.id); | ||
| const Survey = mongoose.model('Survey'); | ||
| await Survey.updateOne({ id: survey.id }, survey); | ||
| return await Survey.findOne({ id: survey.id }); |
Check failure
Code scanning / CodeQL
Database query built from user-controlled sources High
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI about 23 hours ago
To fix the problem, we need to ensure that the user-provided data is properly sanitized or validated before being used in a database query. For MongoDB, we can use the $eq operator to ensure that the user input is interpreted as a literal value and not as a query object. This will prevent any potential NoSQL injection attacks.
We will modify the updateSurvey method in backend/src/services/survey.service.ts to use the $eq operator for the id field in the query.
| @@ -11,4 +11,4 @@ | ||
| const Survey = mongoose.model('Survey'); | ||
| await Survey.updateOne({ id: survey.id }, survey); | ||
| return await Survey.findOne({ id: survey.id }); | ||
| await Survey.updateOne({ id: { $eq: survey.id } }, survey); | ||
| return await Survey.findOne({ id: { $eq: survey.id } }); | ||
| } |
…pdate routes for adoption data retrieval
…rvice return types
…ice for unique ID generation, and enhance database connection settings
…dling, and clean up test files
There was a problem hiding this comment.
Copilot reviewed 60 out of 75 changed files in this pull request and generated 1 comment.
Files not reviewed (15)
- .vscode/tasks.json: Language not supported
- Dockerfile: Language not supported
- backend/github-manifest.json: Language not supported
- backend/package.json: Language not supported
- backend/src/tests/mock/metrics-gen/example.json: Language not supported
- backend/src/tests/mock/seats-gen/seatsExampleTest.json: Language not supported
- backend/src/tests/mock/survey-gen/exampleSurvey.json: Language not supported
- README.md: Evaluated as low risk
- backend/src/tests/mock/metrics-gen/runExampleMock.ts: Evaluated as low risk
- backend/jest.config.ts: Evaluated as low risk
- backend/src/tests/mock/metrics-gen/runMock.ts: Evaluated as low risk
- backend/src/tests/mock/metrics-gen/mockGenerator.ts: Evaluated as low risk
- backend/src/tests/mock/mock.mongo.ts: Evaluated as low risk
- backend/src/tests/mock/seats-gen/runSeatsGenerator.ts: Evaluated as low risk
- backend/src/tests/mock/seats-gen/mockSeatsGenerator.js: Evaluated as low risk
Comments suppressed due to low confidence (3)
backend/src/tests/mock/seats-gen/mockSeatsGenerator.ts:25
- The variable 'lastActivityAt' should have a specific type instead of 'any'. Consider using 'string' or 'Date'.
const lastActivityAt : any = seat.last_activity_at;
backend/src/tests/mock/seats-gen/mockSeatsGenerator.ts:55
- Use '===' instead of '==' for comparing dates.
if (newActivity == currentActivity ){
backend/src/tests/mock/seats-gen/mockSeatsGenerator.ts:74
- The property 'specificUser' is not defined in the 'SeatsMockConfig' type. Ensure it is part of the configuration.
seat.specificUser = this.config.specificUser;
Tip: If you use Visual Studio Code, you can request a review from Copilot before you push from the "Source Control" tab. Learn more
| } | ||
|
|
||
| private getRandomDate(): Date { | ||
| return addDays(this.config.startDate, Math.floor(Math.random() * (this.config.endDate.getTime() - this.config.startDate.getTime()) / (1000 * 60 * 60 * 24))); |
There was a problem hiding this comment.
The division by (1000 * 60 * 60 * 24) should be inside the Math.floor function to ensure the correct number of days is calculated. The corrected line should be: return addDays(this.config.startDate, Math.floor(Math.random() * ((this.config.endDate.getTime() - this.config.startDate.getTime()) / (1000 * 60 * 60 * 24))));
| return addDays(this.config.startDate, Math.floor(Math.random() * (this.config.endDate.getTime() - this.config.startDate.getTime()) / (1000 * 60 * 60 * 24))); | |
| return addDays(this.config.startDate, Math.floor(Math.random() * ((this.config.endDate.getTime() - this.config.startDate.getTime()) / (1000 * 60 * 60 * 24)))); |
Copilot is powered by AI, so mistakes are possible. Review output carefully before use.
…ce for API interactions
…with filtering options
…irective; update adoption service and main component startup logging.
…sary logs and update route for adoption totals.
…and enhance index creation for adoption and member schemas.
…te adoption service to define AdoptionType.
…ce filtering options for adoptions.
The calendarClockServiceTests.ts file simulates a calendar-clock function that runs various data generation tasks on an hourly basis. It connects to a MongoDB database and performs the following tasks:
Survey Generation: Randomly generates surveys 20% of the time during weekdays (Monday to Friday) between 6 AM and 11 PM.
Seats Generation: Generates seat data for each member of the team every hour.
Metrics Generation: Generates metrics data daily at 11 PM.
The script loops through each hour within a specified date range, incrementing the datetime parameter each cycle, and calls the respective data generation functions. It also retrieves all team members from the database to use in the seats generation process.