fix: resolve all pre-existing backend eslint errors and add eslint config#843
Open
Rudra-clrscr wants to merge 3 commits into
Open
fix: resolve all pre-existing backend eslint errors and add eslint config#843Rudra-clrscr wants to merge 3 commits into
Rudra-clrscr wants to merge 3 commits into
Conversation
…nfig
Adds backend/eslint.config.js (none existed before) and fixes every error
it surfaces except middleware/fileValidation.js (separately tracked, in
progress). Several of these were one-off typos or single duplicate
lines; a few turned out to be much larger merge-corruption issues.
Small fixes:
- config/index.js: `configs.development` -> `config.development` typo.
- utils/emailRules.js: `matchingRule.type` -> `matchedType` (the actual
variable holding the matched rule's type in that scope).
- utils/fileValidation.js: drop an unnecessary regex escape.
- utils/utils/emailTransporter.js -> utils/emailTransporter.js: fix a
duplicated-directory path bug (authController.js requires
'../utils/emailTransporter', which never existed at that path).
- server.js: fix an empty catch block (log the error instead of
silently swallowing it) and remove a require for
'./routes/visualRoutes', a file that never existed anywhere in the
repo (dead "VBSF routes" stub, not implemented on the Node side).
Larger fixes (duplicate/corrupted code from bad merges):
- middleware/adversarialGuard.js: removed a duplicated
`detectAdversarialPatterns` call, a duplicated `adversarialGuard`
function stub, a duplicated outer `if` in `monitorConfidence`, and two
`catch` clauses attached to the same `try` - all leftover copies with
a working original alongside them.
- server.js: removed a broken, never-closed `logStartupTime` stub and
its duplicated EvoMail/startup-timer requires that preceded the real,
complete versions; moved the EvoMail/visual route `app.use()` calls to
after `const app = express()` is defined (they previously ran before
`app` existed, which would throw at runtime once the file parsed).
- routes/authRoutes.js: this file had ~11 controller functions
(register, login, logout, getMe, googleLogin, updateAvatar,
forgotPassword, resetPassword, changePassword, updateWebhook,
getSessionStatus) each duplicated 2-3x (verified byte-identical
copies), plus assignRole/getUserPermissions/getRolesAndPermissions
whose bodies were corrupted/incomplete in every copy. More importantly,
despite creating an Express Router, the file never once called
router.get/post() - it only exported bare handler functions - while
server.js did `app.use("/api/v1/auth", authRoutes)`, passing a plain
object where Express requires a router/middleware function. The whole
auth API was not actually routed. Rewrote the file as a thin router
that imports the (already complete, working) handlers from
controllers/authController.js and wires each one to its documented
`@route` (recovered from the file's own JSDoc comments) with the
appropriate validator/rate-limiter/protect middleware, then exports
the router. Deleted routes/prediction.route.js, an orphaned, never-
required duplicate of predictionRoutes.js's /stats route that
referenced a `Prediction` model that doesn't exist anywhere in the
codebase; fixed predictionRoutes.js's own /stats route (same bug) to
use the History model it already imports.
Verified: `node --check` on every touched file, `npx eslint .` (1
remaining error is middleware/fileValidation.js, tracked separately),
a full server.js boot with dummy env vars (previously impossible - it
couldn't get past its first require), and the existing Jest (16/16) and
node:test (26/26) suites still pass.
Left as pre-existing, separately-tracked issues (not touched here):
- middleware/fileValidation.js's own parsing error (your in-progress
work).
- services/otpService.js exports rate limiters instead of OTP
functions - unrelated corruption discovered while tracing
authRoutes.js's dead requestOTP/verifyOTP/getOTPStatus imports (no
working implementation of those three exists anywhere, so they were
dropped from the new router rather than inventing the feature).
- 63 remaining eslint warnings (mostly unused vars/imports across many
files) left non-blocking, consistent with the frontend cleanup PR.
|
Someone is attempting to deploy a commit to the Aditya Sharma's projects Team on Vercel. A member of the Team first needs to authorize it. |
Contributor
Author
|
@Userunknown84 this is an extra PR needed for solving CI issue |
There was a problem hiding this comment.
Pull request overview
This PR introduces a backend ESLint flat config and fixes a large set of pre-existing backend issues surfaced by linting and merge corruption, including making auth routing functional and removing dead/broken server code.
Changes:
- Add
backend/eslint.config.js, add a backendlintscript, and introduce ESLint dependencies. - Repair backend runtime wiring issues (auth router export/wiring, server startup ordering, dead route removal).
- Fix correctness issues in prediction stats and various utility/middleware cleanups.
Reviewed changes
Copilot reviewed 10 out of 12 changed files in this pull request and generated 5 comments.
Show a summary per file
| File | Description |
|---|---|
| backend/utils/fileValidation.js | Regex cleanup for CSV formula-injection guard. |
| backend/utils/emailTransporter.js | Adds a centralized Nodemailer transporter module. |
| backend/utils/emailRules.js | Fixes rule-applied field to use the matched rule type variable. |
| backend/server.js | Removes broken/duplicated startup stubs, fixes route registration order, improves error logging. |
| backend/routes/predictionRoutes.js | Fixes /stats to use History model fields; minor handler restructuring. |
| backend/routes/prediction.route.js | Deletes an orphaned duplicate stats route file. |
| backend/routes/authRoutes.js | Replaces corrupted/duplicated handlers with a proper Express router wiring controllers + middleware. |
| backend/package.json | Adds lint script and ESLint-related devDependencies. |
| backend/package-lock.json | Locks ESLint-related dependencies. |
| backend/middleware/adversarialGuard.js | Removes duplicated/corrupted code and replaces an empty catch. |
| backend/eslint.config.js | Adds ESLint flat config for backend. |
| backend/config/index.js | Fixes fallback config typo (configs.development → config.development). |
Files not reviewed (1)
- backend/package-lock.json: Generated file
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Comment on lines
292
to
295
| router.post("/feedback", protect, async (req, res) => { | ||
| const { text, predicted_label, correct_label } = req.body; | ||
| try { | ||
| const { text, predicted_label, correct_label } = req.body; | ||
|
|
||
| if (!text || !correct_label) { |
Comment on lines
+3
to
+4
| const multer = require('multer'); | ||
| const upload = multer(); |
| res.status(500).json({ error: 'Server error. Please try again.' }); | ||
| } | ||
| }; | ||
| router.post('/avatar', protect, upload.single('avatar'), updateAvatar); |
Comment on lines
52
to
58
| "devDependencies": { | ||
| "@eslint/js": "^10.0.1", | ||
| "eslint": "^10.7.0", | ||
| "globals": "^17.7.0", | ||
| "jest": "^30.4.2", | ||
| "supertest": "^7.2.2" | ||
| } |
| } | ||
| } | ||
| } catch (err) { | ||
| logger.error('[DB Pool] Failed to log connection pool stats:', err.message); |
added 2 commits
July 14, 2026 04:38
The container's Flask process defaults to FLASK_HOST=127.0.0.1 (a deliberate secure default for bare-metal runs), so inside the CI container it never listens on an interface reachable through the -p 5000:5000 port mapping, and the smoke test's curl always times out. docker-compose.yml already sets FLASK_HOST=0.0.0.0 for the same reason; the CI workflow's docker run step needs the same override.
main's copies of these files have a duplicate 'function App()' declaration and a stray '#Manipulation' line before an import respectively - both invalid JS that break 'vite build' in the frontend Docker image stage. Only fixed inside the open fix/frontend-eslint-errors PR branch, never merged to main, so any branch cut from main (including this one) inherits them. Pulling in the already-verified fix.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Adds backend/eslint.config.js (none existed before) and fixes every error it surfaces except middleware/fileValidation.js (separately tracked, in progress). Several of these were one-off typos or single duplicate lines; a few turned out to be much larger merge-corruption issues.
Small fixes:
configs.development->config.developmenttypo.matchingRule.type->matchedType(the actual variable holding the matched rule's type in that scope).Larger fixes (duplicate/corrupted code from bad merges):
detectAdversarialPatternscall, a duplicatedadversarialGuardfunction stub, a duplicated outerifinmonitorConfidence, and twocatchclauses attached to the sametry- all leftover copies with a working original alongside them.logStartupTimestub and its duplicated EvoMail/startup-timer requires that preceded the real, complete versions; moved the EvoMail/visual routeapp.use()calls to afterconst app = express()is defined (they previously ran beforeappexisted, which would throw at runtime once the file parsed).app.use("/api/v1/auth", authRoutes), passing a plain object where Express requires a router/middleware function. The whole auth API was not actually routed. Rewrote the file as a thin router that imports the (already complete, working) handlers from controllers/authController.js and wires each one to its documented@route(recovered from the file's own JSDoc comments) with the appropriate validator/rate-limiter/protect middleware, then exports the router. Deleted routes/prediction.route.js, an orphaned, never- required duplicate of predictionRoutes.js's /stats route that referenced aPredictionmodel that doesn't exist anywhere in the codebase; fixed predictionRoutes.js's own /stats route (same bug) to use the History model it already imports.Verified:
node --checkon every touched file,npx eslint .(1 remaining error is middleware/fileValidation.js, tracked separately), a full server.js boot with dummy env vars (previously impossible - it couldn't get past its first require), and the existing Jest (16/16) and node:test (26/26) suites still pass.Left as pre-existing, separately-tracked issues (not touched here):