Workflow/backend/package.json
root 093fe85573 fix: frontend API mapping, security hardening, test suite
Frontend:
- Fix all API response unwrapping (backend wraps in {data:...})
- Fix workflow publish/archive to use PATCH /status endpoint
- Fix step reorder payload format
- Add tenantId to workflow creation
- Fix step count display using _count

Security (CRITICAL/HIGH):
- Add JWT algorithm restriction (HS256 only)
- Replace weak default JWT secrets
- Fix token blacklist memory leak
- Fix step reorder IDOR vulnerability
- Strengthen password policy (8 chars, mixed case + digit)

Tests:
- 68 tests: auth (17), workflows (26), tenants (25)
- Complete Prisma mock setup with test fixtures
2026-03-20 23:15:07 +00:00

43 lines
1.1 KiB
JSON

{
"name": "workflow-portal-backend",
"version": "1.0.0",
"scripts": {
"dev": "nodemon --exec ts-node src/index.ts",
"build": "tsc",
"start": "node dist/index.js",
"test": "jest --forceExit --detectOpenHandles",
"test:coverage": "jest --forceExit --detectOpenHandles --coverage",
"test:watch": "jest --watch",
"db:migrate": "npx prisma migrate deploy",
"db:seed": "ts-node prisma/seed.ts",
"db:generate": "npx prisma generate"
},
"dependencies": {
"@prisma/client": "^6.0.0",
"bcryptjs": "^2.4.3",
"cors": "^2.8.5",
"dotenv": "^16.4.0",
"express": "^4.21.0",
"express-rate-limit": "^7.4.0",
"helmet": "^8.0.0",
"jsonwebtoken": "^9.0.2",
"zod": "^3.23.0"
},
"devDependencies": {
"@types/bcryptjs": "^2.4.6",
"@types/cors": "^2.8.17",
"@types/express": "^5.0.0",
"@types/jest": "^29.5.0",
"@types/jsonwebtoken": "^9.0.7",
"@types/node": "^22.0.0",
"@types/supertest": "^6.0.0",
"jest": "^29.7.0",
"nodemon": "^3.1.0",
"prisma": "^6.0.0",
"supertest": "^7.0.0",
"ts-jest": "^29.2.0",
"ts-node": "^10.9.2",
"typescript": "^5.6.0"
}
}