Move sync-server into Actual repo #4334
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
GitHub CI log: ``` [linux/arm/v6 base 6/8] RUN yarn workspaces focus --all --production 204.6 ➤ YN0007: │ bcrypt@npm:5.1.0 must be built because it never has been before or the last one failed 204.6 ➤ YN0007: │ better-sqlite3@npm:8.2.0 must be built because it never has been before or the last one failed ... [linux/arm/v7 base 6/8] RUN yarn workspaces focus --all --production 203.8 ➤ YN0007: │ bcrypt@npm:5.1.0 must be built because it never has been before or the last one failed 203.8 ➤ YN0007: │ better-sqlite3@npm:8.2.0 must be built because it never has been before or the last one failed ``` It seems that both armv6 and armv7 have the same issues with `bcrypt` and `better-sqlite3` not being built. These packages are required to build from source, luckily QEMU use armv7l for compiling. Tested and working on RPi Zero W. --------- Co-authored-by: Jed Fox <[email protected]>
Seems like we already added `tsc` to build the project, but we use the wrong babel preset (Flow) instead of the specific TS one. This is only used in testing to make Jest work (from what I can tell).
CodeQL keeps yelling at us about this… I’m not sure if the filter is smart enough to use this rate limit middleware to remove the warnings, but at least we will be setting a reasonable bound on attempts to crack the server password.
Co-authored-by: Matiss Janis Aboltins <[email protected]>
…192) Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
…(#190) Helps with actualbudget#919 by adding the `all` field wit both pending and booked transactions to the output of `getTransactionsWithBalance()` and, by extension, the `/nordigen/transactions` endpoint. I could alter the `getTransactions()` to return the `all` field as well but I figured that keeping it such that it returns the output from Nordigen API 1:1 might be better so I left it as is. If you don't agree, let me know and I'll update this.
Co-authored-by: Henrik Maaland <[email protected]>
A small fix: returning JSON response instead of plain-text. The frontend always expects a JSON response. So a tiny fix here..
Previously, the latest artifact list was requested unauthenticated using `ADD "https://api.github.com/..." /tmp/artifacts.json`. While this works locally, on GitHub’s servers it seems that the per-IP rate limit was exceeded. There isn’t a way to get Docker to pass the `Authorization` header that I know of, so this work has been moved to an external shell script that pulls down the relevant data.
Web: actualbudget#1087 Server: actualbudget/actual-server#207 Docs: actualbudget/docs#179 --------- Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Remove the bulk in favour of links to our core docs. --------- Co-authored-by: Jed Fox <[email protected]>
Replaced contributing link <!-- Thank you for submitting a pull request! Make sure to follow the instructions to write release notes for your PR — it should only take a minute or two: https://github.com/actualbudget/docs#writing-good-release-notes -->
This allows running a health check from inside the container. Usage: `npm run health-check`. That may not work inside of Alpine containers, so you can do `node src/scripts/health-check.js` directly instead. Fixes actualbudget#213.
Using the new CRDT package instead of API.
- web: actualbudget#1280 - server: actualbudget/actual-server#222 - docs: actualbudget/docs#223 --------- Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
1. upgrade `nordigen-node` to 1.2.6 (which uses the new gocardless domain) 2. allow accessing `nordigen` functionality via `/gocardless` to unblock using the new API path in actual-web
matt-fidd
previously approved these changes
Feb 9, 2025
MatissJanis
requested changes
Feb 10, 2025
There was a problem hiding this comment.
Most of my comments are nitpicks that can be addressed post-merge.
The only blocker I would say is: aligning the prettier config. It will be easier to align the prettier config in this PR (& re-run prettier auto-fixer) than to do this later and submit another mega-pr with all the code-style modifications.
| @@ -41,6 +41,7 @@ | |||
| "devDependencies": { | |||
| "@actual-app/api": "workspace:^", | |||
| "@actual-app/crdt": "workspace:^", | |||
| "@actual-app/web": "workspace:^", | |||
There was a problem hiding this comment.
This is not great 😬
(but I get that your changes in this PR don't actually introduce this)
packages/sync-server/.dockerignore
Outdated
There was a problem hiding this comment.
I think we can move this file to root folder
(but I might be wrong)
packages/sync-server/.editorconfig
Outdated
packages/sync-server/.eslintignore
Outdated
packages/sync-server/.eslintrc.cjs
Outdated
packages/sync-server/LICENSE.txt
Outdated
There was a problem hiding this comment.
I think we can delete this file. It's the same as the LICENSE in the root dir.
| @@ -0,0 +1,65 @@ | |||
| { | |||
| "name": "actual-sync", | |||
There was a problem hiding this comment.
💬 suggestion: to align with the other pkg names
Suggested change
| "name": "actual-sync", | |
| "name": "@actual-app/sync-server", |
There was a problem hiding this comment.
Will tackle this in a follow up just to be safe
There was a problem hiding this comment.
Are these release note files supposed to be here? Should we instead move them to the root folder?
There was a problem hiding this comment.
I moved them to the root folder
* feedback * remove temp script
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
Comment on lines
+293
to
+297
| const req = https.request(new URL(token), options, res => { | ||
| res.on('data', d => { | ||
| resolve(d.toString()); | ||
| }); | ||
| }); |
Check failure
Code scanning / CodeQL
Server-side request forgery Critical
Comment on lines
+361
to
+386
| const req = https.request( | ||
| new URL(`${sfin.baseUrl}/accounts${queryString}`), | ||
| options, | ||
| res => { | ||
| let data = ''; | ||
| res.on('data', d => { | ||
| data += d; | ||
| }); | ||
| res.on('end', () => { | ||
| if (res.statusCode === 403) { | ||
| reject(new Error('Forbidden')); | ||
| } else { | ||
| try { | ||
| const results = JSON.parse(data); | ||
| results.sferrors = results.errors; | ||
| results.hasError = false; | ||
| results.errors = {}; | ||
| resolve(results); | ||
| } catch (e) { | ||
| console.log(`Error parsing JSON response: ${data}`); | ||
| reject(e); | ||
| } | ||
| } | ||
| }); | ||
| }, | ||
| ); |
Check failure
Code scanning / CodeQL
Server-side request forgery Critical
MikesGlitch
changed the title
MatissJanis
previously approved these changes
Feb 10, 2025
MatissJanis
approved these changes
Feb 10, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bringing the Actual Sync Server into the Actual workspace.
Looking for 3+ approvers before merging.
I had to update
yarn start:serverandyarn install:serverfor some easy of use.yarn install:serverisn't required, but it only installs servers dependencies so it'll be a faster/smaller download.