commit 719af59d7078cb09853557dbc914337bd5eab9e9 Author: Jason Hall Date: Sun Aug 10 17:41:10 2025 -0400 initial commit Signed-off-by: Jason Hall diff --git a/.github/workflows/update-dependencies.yml b/.github/workflows/update-dependencies.yml new file mode 100644 index 0000000..34c8c76 --- /dev/null +++ b/.github/workflows/update-dependencies.yml @@ -0,0 +1,66 @@ +name: Update Dependencies + +on: + #schedule: + # # Run daily at 2:00 AM UTC + # - cron: '0 2 * * *' + workflow_dispatch: + +permissions: + contents: write + pull-requests: write + issues: write + id-token: write + +jobs: + update-dependencies: + runs-on: ubuntu-latest + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Update Dependencies and Create PR + uses: anthropics/claude-code-action@beta + with: + anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }} + timeout_minutes: "30" + custom_instructions: | + You are tasked with updating all dependencies in this Node.js project and creating a pull request with the changes. + + Please perform the following steps: + + 1. First, analyze the current package.json to understand the project's dependencies + + 2. Update all dependencies to their latest versions using npm-check-updates + + 3. Install the updated dependencies to generate a new package-lock.json + + 4. Run the test suite to check for any breaking changes + + 5. Create a new branch named "update-dependencies-YYYYMMDD" (use today's date) + + 6. Commit the changes with a descriptive commit message + + 7. Push the branch and create a pull request + + 8. In the PR description, provide: + - A summary of all dependency updates + - Any breaking changes detected and how to address them + - Security implications (vulnerabilities fixed or introduced) + - Test results and any failures + - Migration steps for breaking changes + - Recommendations for additional testing + + Focus especially on: + - Identifying breaking changes between major versions + - Security vulnerabilities that are addressed + - Dependencies that might have compatibility issues + - Any deprecated features being used that need updates + + The PR should have: + - Title: "chore: automated dependency updates [DATE]" + - Labels: "dependencies", "automated" + - A comprehensive description that helps reviewers understand all changes diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..2aeff9b --- /dev/null +++ b/.gitignore @@ -0,0 +1,21 @@ +node_modules/ +npm-debug.log* +yarn-debug.log* +yarn-error.log* +.npm +.DS_Store +*.log +.env +.env.local +.env.development.local +.env.test.local +.env.production.local +coverage/ +.nyc_output/ +dist/ +build/ +.vscode/ +.idea/ +*.swp +*.swo +*~ \ No newline at end of file diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..7a4a3ea --- /dev/null +++ b/LICENSE @@ -0,0 +1,202 @@ + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. \ No newline at end of file diff --git a/README.md b/README.md new file mode 100644 index 0000000..8cae92e --- /dev/null +++ b/README.md @@ -0,0 +1,3 @@ +Testing Claude Code GitHub Action + +- can it be a better dependabot? diff --git a/app.js b/app.js new file mode 100644 index 0000000..6cb197d --- /dev/null +++ b/app.js @@ -0,0 +1,163 @@ +var express = require('express'); +var bodyParser = require('body-parser'); +var mongoose = require('mongoose'); +var _ = require('lodash'); +var moment = require('moment'); +var async = require('async'); +var request = require('request'); +var jwt = require('jsonwebtoken'); +var bcrypt = require('bcryptjs'); +var winston = require('winston'); +var morgan = require('morgan'); +var helmet = require('helmet'); +var cors = require('cors'); +var chalk = require('chalk'); +var validator = require('validator'); +var uuid = require('uuid'); +var compression = require('compression'); + +var app = express(); + +app.use(bodyParser()); +app.use(morgan('dev')); +app.use(helmet()); +app.use(cors()); +app.use(compression()); + +var logger = new winston.Logger({ + transports: [ + new winston.transports.Console({ + colorize: true + }) + ] +}); + +var users = []; + +app.get('/', function(req, res) { + var now = moment().format('YYYY-MM-DD HH:mm:ss'); + var randomId = uuid.v4(); + + logger.info('Home page accessed at ' + now); + + res.send('

Outdated Dependencies App

' + + '

Current time: ' + now + '

' + + '

Session ID: ' + randomId + '

' + + '

This app uses ' + _.keys(require('./package.json').dependencies).length + ' outdated dependencies!

'); +}); + +app.post('/register', function(req, res) { + var email = req.body.email; + var password = req.body.password; + + if (!validator.isEmail(email)) { + return res.status(400).send({ error: 'Invalid email' }); + } + + bcrypt.hash(password, 10, function(err, hash) { + if (err) { + return res.status(500).send({ error: 'Hash error' }); + } + + var user = { + id: uuid.v4(), + email: email, + password: hash, + created: moment().toISOString() + }; + + users.push(user); + + var token = jwt.sign({ id: user.id }, 'secret', { expiresInMinutes: 60 }); + + logger.info(chalk.green('New user registered: ' + email)); + + res.send({ + message: 'User created', + token: token, + user: _.omit(user, 'password') + }); + }); +}); + +app.post('/login', function(req, res) { + var email = req.body.email; + var password = req.body.password; + + var user = _.find(users, { email: email }); + + if (!user) { + return res.status(404).send({ error: 'User not found' }); + } + + bcrypt.compare(password, user.password, function(err, valid) { + if (!valid) { + return res.status(401).send({ error: 'Invalid password' }); + } + + var token = jwt.sign({ id: user.id }, 'secret', { expiresInMinutes: 60 }); + + logger.info(chalk.blue('User logged in: ' + email)); + + res.send({ + message: 'Login successful', + token: token, + user: _.omit(user, 'password') + }); + }); +}); + +app.get('/users', function(req, res) { + var sanitized = _.map(users, function(user) { + return _.omit(user, 'password'); + }); + + res.send(sanitized); +}); + +app.get('/external-data', function(req, res) { + async.parallel([ + function(callback) { + request('http://api.github.com/repos/nodejs/node', function(error, response, body) { + callback(null, { github: body ? JSON.parse(body).stargazers_count : 0 }); + }); + }, + function(callback) { + setTimeout(function() { + callback(null, { random: Math.random() }); + }, 100); + } + ], function(err, results) { + res.send({ + timestamp: moment().unix(), + data: results + }); + }); +}); + +app.get('/info', function(req, res) { + var memUsage = process.memoryUsage(); + + res.send({ + uptime: process.uptime(), + memory: { + rss: (memUsage.rss / 1024 / 1024).toFixed(2) + ' MB', + heapTotal: (memUsage.heapTotal / 1024 / 1024).toFixed(2) + ' MB', + heapUsed: (memUsage.heapUsed / 1024 / 1024).toFixed(2) + ' MB' + }, + nodeVersion: process.version, + platform: process.platform, + dependencies: _.keys(require('./package.json').dependencies) + }); +}); + +var port = process.env.PORT || 3000; + +if (!module.parent) { + app.listen(port, function() { + console.log(chalk.yellow('Server running on port ' + port)); + logger.info('Application started with ' + _.keys(require('./package.json').dependencies).length + ' dependencies'); + }); +} + +module.exports = app; \ No newline at end of file diff --git a/package-minimal.json b/package-minimal.json new file mode 100644 index 0000000..9ab62ff --- /dev/null +++ b/package-minimal.json @@ -0,0 +1,27 @@ +{ + "name": "outdated-deps-app", + "version": "1.0.0", + "description": "Testing with minimal deps", + "main": "app.js", + "scripts": { + "start": "node app.js", + "test": "node simple-test.js" + }, + "dependencies": { + "express": "3.4.8", + "lodash": "2.4.1", + "moment": "2.8.1", + "async": "0.9.0", + "request": "2.40.0", + "bcryptjs": "2.4.3", + "jsonwebtoken": "5.0.5", + "validator": "3.40.1", + "uuid": "2.0.3", + "chalk": "0.5.1", + "winston": "0.8.3", + "morgan": "1.3.2", + "helmet": "0.4.2", + "cors": "2.4.2", + "compression": "1.0.11" + } +} \ No newline at end of file diff --git a/package.json b/package.json new file mode 100644 index 0000000..0978b9f --- /dev/null +++ b/package.json @@ -0,0 +1,93 @@ +{ + "name": "outdated-deps-app", + "version": "1.0.0", + "description": "An app with many outdated dependencies", + "main": "app.js", + "scripts": { + "start": "node app.js", + "test": "mocha" + }, + "author": "", + "license": "MIT", + "dependencies": { + "express": "3.4.8", + "body-parser": "1.0.0", + "mongoose": "3.8.0", + "lodash": "2.4.1", + "moment": "2.8.1", + "async": "0.9.0", + "request": "2.40.0", + "cheerio": "0.17.0", + "bluebird": "2.3.0", + "joi": "4.6.0", + "bcryptjs": "2.0.0", + "jsonwebtoken": "5.0.0", + "passport": "0.2.0", + "passport-local": "1.0.0", + "nodemailer": "1.3.0", + "redis": "0.12.0", + "socket.io": "1.0.6", + "multer": "0.1.0", + "compression": "1.0.0", + "helmet": "0.4.0", + "cors": "2.4.0", + "dotenv": "0.4.0", + "winston": "0.8.0", + "morgan": "1.3.0", + "validator": "3.40.0", + "uuid": "2.0.0", + "chalk": "0.5.0", + "commander": "2.3.0", + "inquirer": "0.8.0", + "yargs": "1.3.0", + "axios": "0.5.0", + "graphql": "0.4.2", + "sequelize": "2.0.0", + "knex": "0.6.22", + "bookshelf": "0.7.0", + "pg": "3.4.0", + "mysql": "2.5.0", + "sqlite3": "3.0.0", + "mongodb": "1.4.0", + "elasticsearch": "3.0.0", + "kafka-node": "0.2.0", + "amqplib": "0.2.0", + "ws": "0.4.32", + "gm": "1.16.0", + "jimp": "0.2.0", + "pdfkit": "0.7.0", + "xlsx": "0.7.12", + "csv-parse": "1.0.0", + "xml2js": "0.4.0", + "marked": "0.3.0", + "highlight.js": "8.0.0", + "handlebars": "2.0.0", + "ejs": "1.0.0", + "jade": "1.0.0", + "mustache": "0.8.0", + "nunjucks": "1.0.0" + }, + "devDependencies": { + "mocha": "1.21.0", + "chai": "1.9.0", + "sinon": "1.10.0", + "supertest": "0.13.0", + "istanbul": "0.3.0", + "eslint": "0.6.0", + "jshint": "2.5.0", + "grunt": "0.4.0", + "gulp": "3.8.0", + "webpack": "1.0.0", + "babel-core": "5.0.0", + "typescript": "1.0.0", + "coffeescript": "1.8.0", + "node-sass": "3.0.0", + "less": "1.7.0", + "stylus": "0.48.0", + "browserify": "5.0.0", + "watchify": "1.0.0", + "nodemon": "1.2.0", + "pm2": "0.10.0", + "forever": "0.11.0" + } +} \ No newline at end of file diff --git a/simple-test.js b/simple-test.js new file mode 100644 index 0000000..8606038 --- /dev/null +++ b/simple-test.js @@ -0,0 +1,170 @@ +// Simple test without external dependencies +var http = require('http'); +var assert = require('assert'); + +var testsPassed = 0; +var testsFailed = 0; + +function makeRequest(method, path, data, callback) { + var options = { + hostname: 'localhost', + port: 3000, + path: path, + method: method, + headers: { + 'Content-Type': 'application/json' + } + }; + + var req = http.request(options, function(res) { + var body = ''; + res.on('data', function(chunk) { + body += chunk; + }); + res.on('end', function() { + callback(null, res, body); + }); + }); + + req.on('error', callback); + + if (data) { + req.write(JSON.stringify(data)); + } + req.end(); +} + +function test(name, fn) { + console.log('Testing: ' + name); + fn(function(err) { + if (err) { + console.log(' ✗ FAILED:', err.message); + testsFailed++; + } else { + console.log(' ✓ PASSED'); + testsPassed++; + } + }); +} + +// Start the server first +var app = require('./app'); +var server = app.listen(3000, function() { + console.log('\n=== Running Tests ===\n'); + + // Run tests sequentially + setTimeout(runTests, 100); +}); + +function runTests() { + test('GET / should return homepage', function(done) { + makeRequest('GET', '/', null, function(err, res, body) { + if (err) return done(err); + assert.equal(res.statusCode, 200, 'Status should be 200'); + assert(body.includes('Outdated Dependencies App'), 'Should contain app title'); + done(); + }); + }); + + setTimeout(function() { + test('POST /register should create user', function(done) { + makeRequest('POST', '/register', { + email: 'test@example.com', + password: 'password123' + }, function(err, res, body) { + if (err) return done(err); + assert.equal(res.statusCode, 200, 'Status should be 200'); + var data = JSON.parse(body); + assert.equal(data.message, 'User created', 'Should have success message'); + assert(data.token, 'Should have token'); + done(); + }); + }); + }, 200); + + setTimeout(function() { + test('POST /register with invalid email should fail', function(done) { + makeRequest('POST', '/register', { + email: 'notanemail', + password: 'password123' + }, function(err, res, body) { + if (err) return done(err); + assert.equal(res.statusCode, 400, 'Status should be 400'); + var data = JSON.parse(body); + assert.equal(data.error, 'Invalid email', 'Should have error message'); + done(); + }); + }); + }, 400); + + setTimeout(function() { + test('POST /login with correct credentials', function(done) { + makeRequest('POST', '/login', { + email: 'test@example.com', + password: 'password123' + }, function(err, res, body) { + if (err) return done(err); + assert.equal(res.statusCode, 200, 'Status should be 200'); + var data = JSON.parse(body); + assert.equal(data.message, 'Login successful', 'Should have success message'); + assert(data.token, 'Should have token'); + done(); + }); + }); + }, 600); + + setTimeout(function() { + test('POST /login with wrong password', function(done) { + makeRequest('POST', '/login', { + email: 'test@example.com', + password: 'wrongpassword' + }, function(err, res, body) { + if (err) return done(err); + assert.equal(res.statusCode, 401, 'Status should be 401'); + var data = JSON.parse(body); + assert.equal(data.error, 'Invalid password', 'Should have error message'); + done(); + }); + }); + }, 800); + + setTimeout(function() { + test('GET /users should return users', function(done) { + makeRequest('GET', '/users', null, function(err, res, body) { + if (err) return done(err); + assert.equal(res.statusCode, 200, 'Status should be 200'); + var data = JSON.parse(body); + assert(Array.isArray(data), 'Should be an array'); + assert(data.length > 0, 'Should have at least one user'); + assert(!data[0].password, 'Should not include password'); + done(); + }); + }); + }, 1000); + + setTimeout(function() { + test('GET /info should return system info', function(done) { + makeRequest('GET', '/info', null, function(err, res, body) { + if (err) return done(err); + assert.equal(res.statusCode, 200, 'Status should be 200'); + var data = JSON.parse(body); + assert(data.uptime, 'Should have uptime'); + assert(data.memory, 'Should have memory info'); + assert(data.nodeVersion, 'Should have node version'); + assert(Array.isArray(data.dependencies), 'Should have dependencies array'); + done(); + }); + }); + }, 1200); + + // Print results and exit + setTimeout(function() { + console.log('\n=== Test Results ==='); + console.log('Passed:', testsPassed); + console.log('Failed:', testsFailed); + console.log('Total:', testsPassed + testsFailed); + + server.close(); + process.exit(testsFailed > 0 ? 1 : 0); + }, 1500); +} \ No newline at end of file diff --git a/test.js b/test.js new file mode 100644 index 0000000..740fe50 --- /dev/null +++ b/test.js @@ -0,0 +1,150 @@ +var request = require('supertest'); +var chai = require('chai'); +var expect = chai.expect; +var app = require('./app'); + +describe('Outdated App Tests', function() { + + describe('GET /', function() { + it('should return homepage with status 200', function(done) { + request(app) + .get('/') + .expect(200) + .end(function(err, res) { + if (err) return done(err); + expect(res.text).to.include('Outdated Dependencies App'); + expect(res.text).to.include('Session ID'); + done(); + }); + }); + }); + + describe('POST /register', function() { + it('should register a new user', function(done) { + request(app) + .post('/register') + .send({ email: 'test@example.com', password: 'password123' }) + .expect(200) + .end(function(err, res) { + if (err) return done(err); + expect(res.body).to.have.property('message', 'User created'); + expect(res.body).to.have.property('token'); + expect(res.body.user).to.have.property('email', 'test@example.com'); + expect(res.body.user).to.not.have.property('password'); + done(); + }); + }); + + it('should reject invalid email', function(done) { + request(app) + .post('/register') + .send({ email: 'notanemail', password: 'password123' }) + .expect(400) + .end(function(err, res) { + if (err) return done(err); + expect(res.body).to.have.property('error', 'Invalid email'); + done(); + }); + }); + }); + + describe('POST /login', function() { + before(function(done) { + // Register a user first + request(app) + .post('/register') + .send({ email: 'login@example.com', password: 'testpass' }) + .end(done); + }); + + it('should login with correct credentials', function(done) { + request(app) + .post('/login') + .send({ email: 'login@example.com', password: 'testpass' }) + .expect(200) + .end(function(err, res) { + if (err) return done(err); + expect(res.body).to.have.property('message', 'Login successful'); + expect(res.body).to.have.property('token'); + expect(res.body.user).to.have.property('email', 'login@example.com'); + done(); + }); + }); + + it('should reject wrong password', function(done) { + request(app) + .post('/login') + .send({ email: 'login@example.com', password: 'wrongpass' }) + .expect(401) + .end(function(err, res) { + if (err) return done(err); + expect(res.body).to.have.property('error', 'Invalid password'); + done(); + }); + }); + + it('should reject non-existent user', function(done) { + request(app) + .post('/login') + .send({ email: 'nobody@example.com', password: 'anypass' }) + .expect(404) + .end(function(err, res) { + if (err) return done(err); + expect(res.body).to.have.property('error', 'User not found'); + done(); + }); + }); + }); + + describe('GET /users', function() { + it('should return all users without passwords', function(done) { + request(app) + .get('/users') + .expect(200) + .end(function(err, res) { + if (err) return done(err); + expect(res.body).to.be.an('array'); + res.body.forEach(function(user) { + expect(user).to.not.have.property('password'); + expect(user).to.have.property('email'); + }); + done(); + }); + }); + }); + + describe('GET /info', function() { + it('should return system information', function(done) { + request(app) + .get('/info') + .expect(200) + .end(function(err, res) { + if (err) return done(err); + expect(res.body).to.have.property('uptime'); + expect(res.body).to.have.property('memory'); + expect(res.body).to.have.property('nodeVersion'); + expect(res.body).to.have.property('platform'); + expect(res.body).to.have.property('dependencies'); + expect(res.body.dependencies).to.be.an('array'); + expect(res.body.dependencies.length).to.be.above(50); + done(); + }); + }); + }); + + describe('GET /external-data', function() { + it('should return external data with timestamp', function(done) { + this.timeout(5000); // Allow more time for external API call + request(app) + .get('/external-data') + .expect(200) + .end(function(err, res) { + if (err) return done(err); + expect(res.body).to.have.property('timestamp'); + expect(res.body).to.have.property('data'); + expect(res.body.data).to.be.an('array'); + done(); + }); + }); + }); +});