Production deploy

.github/workflows/pull-request.yml

@@ -470,7 +470,7 @@ jobs:
         working-directory: e2e
       - name: Archive Playwright Test Results
         if: ${{ failure() }}
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
         with:
           name: playwright-report
           path: e2e/tests/ui-driven/test-results/

.github/workflows/push-main.yml

@@ -61,7 +61,7 @@ jobs:
           REACT_APP_AIRBRAKE_PROJECT_KEY: ${{ secrets.AIRBRAKE_PROJECT_KEY }}
           REACT_APP_ENV: staging
       - name: Upload Build Artifact
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
         with:
           name: build
           path: ./editor.planx.uk/build
@@ -87,7 +87,7 @@ jobs:
       - run: pnpm install --frozen-lockfile
         working-directory: infrastructure/application
       - name: Download Build Artifact
-        uses: actions/download-artifact@v3
+        uses: actions/download-artifact@v4
         with:
           name: build
           path: ./editor.planx.uk/build

.github/workflows/push-production.yml

@@ -61,7 +61,7 @@ jobs:
           REACT_APP_AIRBRAKE_PROJECT_KEY: ${{ secrets.AIRBRAKE_PROJECT_KEY }}
           REACT_APP_ENV: production
       - name: Upload Build Artifact
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
         with:
           name: build
           path: ./editor.planx.uk/build
@@ -89,7 +89,7 @@ jobs:
       - run: pnpm install --frozen-lockfile
         working-directory: infrastructure/application
       - name: Download Build Artifact
-        uses: actions/download-artifact@v3
+        uses: actions/download-artifact@v4
         with:
           name: build
           path: ./editor.planx.uk/build

.github/workflows/regression-tests.yml

@@ -164,7 +164,7 @@ jobs:
         working-directory: e2e
       - name: Archive Playwright Test Results
         if: ${{ failure() }}
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
         with:
           name: playwright-report
           path: e2e/tests/ui-driven/test-results/

api.planx.uk/helpers.ts

@@ -2,7 +2,7 @@ import { gql } from "graphql-request";
 import { capitalize } from "lodash";
 import { Flow, Node } from "./types";
 import { ComponentType, FlowGraph } from "@opensystemslab/planx-core/types";
-import { $api, $public, getClient } from "./client";
+import { $public, getClient } from "./client";
 
 // Get a flow's data (unflattened, without external portal nodes)
 const getFlowData = async (id: string): Promise<Flow> => {
@@ -28,6 +28,7 @@ interface InsertFlow {
     id: string;
   };
 }
+
 // Insert a new flow into the `flows` table
 const insertFlow = async (
   teamId: number,
@@ -45,13 +46,15 @@ const insertFlow = async (
         mutation InsertFlow(
           $team_id: Int!
           $slug: String!
+          $data: jsonb = {}
           $creator_id: Int
           $copied_from: uuid
         ) {
           flow: insert_flows_one(
             object: {
               team_id: $team_id
               slug: $slug
+              data: $data
               version: 1
               creator_id: $creator_id
               copied_from: $copied_from
@@ -64,35 +67,17 @@ const insertFlow = async (
       {
         team_id: teamId,
         slug: slug,
+        data: flowData,
         creator_id: creatorId,
         copied_from: copiedFrom,
       },
     );
 
-    // Populate flow data using API role now that we know user has permission to insert flow
-    // Access to flow.data column is restricted to limit unsafe content that could be inserted
-    await $api.client.request<InsertFlow>(
-      gql`
-        mutation UpdateFlowData($data: jsonb = {}, $id: uuid!) {
-          flow: update_flows_by_pk(
-            pk_columns: { id: $id }
-            _set: { data: $data }
-          ) {
-            id
-          }
-        }
-      `,
-      {
-        id: id,
-        data: flowData,
-      },
-    );
-
     await createAssociatedOperation(id);
     return { id };
   } catch (error) {
     throw Error(
-      `User ${creatorId} failed to insert flow to teamId ${teamId}. Please check permissions.`,
+      `User ${creatorId} failed to insert flow to teamId ${teamId}. Please check permissions. Error: ${error}`,
     );
   }
 };

api.planx.uk/modules/flows/copyFlow/copyFlow.test.ts

@@ -27,16 +27,6 @@ beforeEach(() => {
     },
   });
 
-  queryMock.mockQuery({
-    name: "UpdateFlowData",
-    matchOnVariables: false,
-    data: {
-      flow: {
-        id: 2,
-      },
-    },
-  });
-
   queryMock.mockQuery({
     name: "InsertOperation",
     matchOnVariables: false,

api.planx.uk/modules/flows/findReplace/controller.ts

@@ -4,12 +4,6 @@ import { z } from "zod";
 import { ServerError } from "../../../errors";
 import { findAndReplaceInFlow } from "./service";
 import { FlowGraph } from "@opensystemslab/planx-core/types";
-import { JSDOM } from "jsdom";
-import createDOMPurify from "dompurify";
-
-// Setup JSDOM and DOMPurify
-const window = new JSDOM("").window;
-const DOMPurify = createDOMPurify(window);
 
 interface FindAndReplaceResponse {
   message: string;
@@ -23,12 +17,7 @@ export const findAndReplaceSchema = z.object({
   }),
   query: z.object({
     find: z.string(),
-    replace: z
-      .string()
-      .optional()
-      .transform(
-        (val) => val && DOMPurify.sanitize(val, { ADD_ATTR: ["target"] }),
-      ),
+    replace: z.string().optional(),
   }),
 });