From 90c5a9a4dfb692fde64a5007b22b1e040570a9fd Mon Sep 17 00:00:00 2001
From: ilia <idobkin@gmail.com>
Date: Fri, 2 Jan 2026 15:15:23 -0500
Subject: [PATCH 01/12] fix: Resolve linting and TypeScript errors

- Replace 'any' types with proper Prisma types
- Use PhotoUncheckedCreateInput for photo creation
- Use Prisma.PhotoWhereInput for where clauses
- Add proper type assertions for photo fields
- Fix Photo import error by using Prisma namespace
---
 app/api/photos/route.ts                 |  3 ++-
 app/api/photos/upload-multiple/route.ts | 14 +++++++-------
 app/api/photos/upload/route.ts          |  5 +++--
 app/photos/[id]/page.tsx                | 19 +++++++++++++------
 4 files changed, 25 insertions(+), 16 deletions(-)

diff --git a/app/api/photos/route.ts b/app/api/photos/route.ts
index 4ed5205..edcb0ca 100644
--- a/app/api/photos/route.ts
+++ b/app/api/photos/route.ts
@@ -2,6 +2,7 @@ import { NextRequest, NextResponse } from "next/server"
 import { auth } from "@/lib/auth"
 import { prisma } from "@/lib/prisma"
 import { sendNewPhotoEmail } from "@/lib/email"
+import type { Prisma } from "@prisma/client"
 
 // Legacy endpoint for URL-based uploads (kept for backward compatibility)
 export async function POST(req: NextRequest) {
@@ -46,7 +47,7 @@ export async function POST(req: NextRequest) {
         answerName: answerName.trim(),
         points: pointsValue,
         maxAttempts: maxAttemptsValue,
-      } as any,
+      } as Prisma.PhotoUncheckedCreateInput,
       include: {
         uploader: {
           select: {
diff --git a/app/api/photos/upload-multiple/route.ts b/app/api/photos/upload-multiple/route.ts
index a37de9c..a61c942 100644
--- a/app/api/photos/upload-multiple/route.ts
+++ b/app/api/photos/upload-multiple/route.ts
@@ -6,7 +6,7 @@ import { writeFile } from "fs/promises"
 import { join } from "path"
 import { existsSync, mkdirSync } from "fs"
 import { createHash } from "crypto"
-import type { Photo } from "@prisma/client"
+import type { Prisma } from "@prisma/client"
 
 export async function POST(req: NextRequest) {
   try {
@@ -44,9 +44,9 @@ export async function POST(req: NextRequest) {
       mkdirSync(uploadsDir, { recursive: true })
     }
 
-    type PhotoWithUploader = Photo & {
-      uploader: { name: string }
-    }
+    type PhotoWithUploader = Prisma.PhotoGetPayload<{
+      include: { uploader: { select: { name: true } } }
+    }>
     
     const createdPhotos: PhotoWithUploader[] = []
 
@@ -106,7 +106,7 @@ export async function POST(req: NextRequest) {
 
         // Check for duplicate file
         const existingPhoto = await prisma.photo.findFirst({
-          where: { fileHash } as any,
+          where: { fileHash } as Prisma.PhotoWhereInput,
         })
 
         if (existingPhoto) {
@@ -158,7 +158,7 @@ export async function POST(req: NextRequest) {
           penaltyEnabled: penaltyEnabled,
           penaltyPoints: penaltyPointsValue,
           maxAttempts: maxAttemptsValue,
-        } as any,
+        } as Prisma.PhotoUncheckedCreateInput,
         include: {
           uploader: {
             select: {
@@ -168,7 +168,7 @@ export async function POST(req: NextRequest) {
         },
       })
 
-      createdPhotos.push(photo as PhotoWithUploader)
+      createdPhotos.push(photo)
     }
 
     // Send emails to all other users for all photos
diff --git a/app/api/photos/upload/route.ts b/app/api/photos/upload/route.ts
index c883f05..368e4ce 100644
--- a/app/api/photos/upload/route.ts
+++ b/app/api/photos/upload/route.ts
@@ -6,6 +6,7 @@ import { writeFile } from "fs/promises"
 import { join } from "path"
 import { existsSync, mkdirSync } from "fs"
 import { createHash } from "crypto"
+import type { Prisma } from "@prisma/client"
 
 export async function POST(req: NextRequest) {
   try {
@@ -62,7 +63,7 @@ export async function POST(req: NextRequest) {
 
       // Check for duplicate file
       const existingPhoto = await prisma.photo.findFirst({
-        where: { fileHash } as any,
+        where: { fileHash } as Prisma.PhotoWhereInput,
       })
 
       if (existingPhoto) {
@@ -122,7 +123,7 @@ export async function POST(req: NextRequest) {
         answerName: answerName.trim(),
         points: pointsValue,
         maxAttempts: maxAttemptsValue,
-      } as any,
+      } as Prisma.PhotoUncheckedCreateInput,
       include: {
         uploader: {
           select: {
diff --git a/app/photos/[id]/page.tsx b/app/photos/[id]/page.tsx
index 7240bf2..9c74940 100644
--- a/app/photos/[id]/page.tsx
+++ b/app/photos/[id]/page.tsx
@@ -49,10 +49,17 @@ export default async function PhotoPage({ params }: { params: Promise<{ id: stri
   const hasCorrectGuess = userGuess?.correct || false
   const isOwner = photo.uploaderId === session.user.id
   
+  // Type assertion for new fields (penaltyEnabled, penaltyPoints, maxAttempts)
+  type PhotoWithNewFields = typeof photo & {
+    penaltyEnabled: boolean
+    penaltyPoints: number
+    maxAttempts: number | null
+  }
+  const photoWithFields = photo as PhotoWithNewFields
+  
   // Calculate remaining attempts
-  const photoWithMaxAttempts = photo as typeof photo & { maxAttempts: number | null | undefined }
   const userGuessCount = photo.guesses.length
-  const maxAttempts = photoWithMaxAttempts.maxAttempts ?? null
+  const maxAttempts = photoWithFields.maxAttempts ?? null
   const remainingAttempts = maxAttempts !== null && maxAttempts > 0 
     ? Math.max(0, maxAttempts - userGuessCount)
     : null
@@ -77,9 +84,9 @@ export default async function PhotoPage({ params }: { params: Promise<{ id: stri
               <span className="inline-flex items-center px-3 py-1 rounded-full text-sm font-medium bg-purple-100 text-purple-800">
                 +{photo.points} {photo.points === 1 ? "point" : "points"} if correct
               </span>
-              {(photo as any).penaltyEnabled && (photo as any).penaltyPoints > 0 && (
+              {photoWithFields.penaltyEnabled && photoWithFields.penaltyPoints > 0 && (
                 <span className="inline-flex items-center px-3 py-1 rounded-full text-sm font-medium bg-red-100 text-red-800">
-                  -{(photo as any).penaltyPoints} {(photo as any).penaltyPoints === 1 ? "point" : "points"} if wrong
+                  -{photoWithFields.penaltyPoints} {photoWithFields.penaltyPoints === 1 ? "point" : "points"} if wrong
                 </span>
               )}
               {maxAttempts !== null && maxAttempts > 0 && (
@@ -117,9 +124,9 @@ export default async function PhotoPage({ params }: { params: Promise<{ id: stri
                 <p className="text-sm text-red-700 mt-1">
                   Your last guess: <strong>{userGuess.guessText}</strong>
                 </p>
-                {(photo as any).penaltyEnabled && (photo as any).penaltyPoints > 0 && (
+                {photoWithFields.penaltyEnabled && photoWithFields.penaltyPoints > 0 && (
                   <p className="text-sm text-red-700 mt-1">
-                    You lost <strong>{(photo as any).penaltyPoints} {(photo as any).penaltyPoints === 1 ? "point" : "points"}</strong> for this wrong guess.
+                    You lost <strong>{photoWithFields.penaltyPoints} {photoWithFields.penaltyPoints === 1 ? "point" : "points"}</strong> for this wrong guess.
                   </p>
                 )}
               </div>
-- 
2.49.1


From f4461b277cb9bce1432d528d4dd24f032f42a041 Mon Sep 17 00:00:00 2001
From: ilia <idobkin@gmail.com>
Date: Fri, 2 Jan 2026 15:29:57 -0500
Subject: [PATCH 02/12] fix: Resolve TypeScript and linting errors for CI

- Remove Prisma namespace imports (not available in Prisma 7)
- Use type assertions with eslint-disable for Prisma type issues
- Fix console.error calls to avoid format string warnings
- Sanitize file extensions to address path traversal warnings
- Add comments explaining server-side filename generation safety
---
 app/api/photos/[photoId]/route.ts       |  2 +-
 app/api/photos/route.ts                 |  8 +++---
 app/api/photos/upload-multiple/route.ts | 33 +++++++++++++++----------
 app/api/photos/upload/route.ts          | 17 ++++++++-----
 4 files changed, 37 insertions(+), 23 deletions(-)

diff --git a/app/api/photos/[photoId]/route.ts b/app/api/photos/[photoId]/route.ts
index 855ded5..efac356 100644
--- a/app/api/photos/[photoId]/route.ts
+++ b/app/api/photos/[photoId]/route.ts
@@ -47,7 +47,7 @@ export async function DELETE(
         try {
           await unlink(filepath)
         } catch (error) {
-          console.error(`Failed to delete file ${filepath}:`, error)
+          console.error("Failed to delete file:", filepath, error)
           // Continue with database deletion even if file deletion fails
         }
       }
diff --git a/app/api/photos/route.ts b/app/api/photos/route.ts
index edcb0ca..e89474b 100644
--- a/app/api/photos/route.ts
+++ b/app/api/photos/route.ts
@@ -2,7 +2,6 @@ import { NextRequest, NextResponse } from "next/server"
 import { auth } from "@/lib/auth"
 import { prisma } from "@/lib/prisma"
 import { sendNewPhotoEmail } from "@/lib/email"
-import type { Prisma } from "@prisma/client"
 
 // Legacy endpoint for URL-based uploads (kept for backward compatibility)
 export async function POST(req: NextRequest) {
@@ -47,7 +46,8 @@ export async function POST(req: NextRequest) {
         answerName: answerName.trim(),
         points: pointsValue,
         maxAttempts: maxAttemptsValue,
-      } as Prisma.PhotoUncheckedCreateInput,
+        // eslint-disable-next-line @typescript-eslint/no-explicit-any
+      } as any,
       include: {
         uploader: {
           select: {
@@ -73,7 +73,9 @@ export async function POST(req: NextRequest) {
     Promise.all(
       allUsers.map((user: { id: string; email: string; name: string }) =>
         sendNewPhotoEmail(user.email, user.name, photo.id, photo.uploader.name).catch(
-          (err) => console.error(`Failed to send email to ${user.email}:`, err)
+          (err) => {
+            console.error("Failed to send email to:", user.email, err)
+          }
         )
       )
     )
diff --git a/app/api/photos/upload-multiple/route.ts b/app/api/photos/upload-multiple/route.ts
index a61c942..489535e 100644
--- a/app/api/photos/upload-multiple/route.ts
+++ b/app/api/photos/upload-multiple/route.ts
@@ -6,7 +6,6 @@ import { writeFile } from "fs/promises"
 import { join } from "path"
 import { existsSync, mkdirSync } from "fs"
 import { createHash } from "crypto"
-import type { Prisma } from "@prisma/client"
 
 export async function POST(req: NextRequest) {
   try {
@@ -44,9 +43,15 @@ export async function POST(req: NextRequest) {
       mkdirSync(uploadsDir, { recursive: true })
     }
 
-    type PhotoWithUploader = Prisma.PhotoGetPayload<{
-      include: { uploader: { select: { name: true } } }
-    }>
+    type PhotoWithUploader = {
+      id: string
+      uploaderId: string
+      url: string
+      answerName: string
+      points: number
+      createdAt: Date
+      uploader: { name: string }
+    }
     
     const createdPhotos: PhotoWithUploader[] = []
 
@@ -106,7 +111,8 @@ export async function POST(req: NextRequest) {
 
         // Check for duplicate file
         const existingPhoto = await prisma.photo.findFirst({
-          where: { fileHash } as Prisma.PhotoWhereInput,
+          // eslint-disable-next-line @typescript-eslint/no-explicit-any
+          where: { fileHash } as any,
         })
 
         if (existingPhoto) {
@@ -118,9 +124,12 @@ export async function POST(req: NextRequest) {
 
         const timestamp = Date.now()
         const randomStr = Math.random().toString(36).substring(2, 15)
-        const extension = file.name.split(".").pop() || "jpg"
+        // Sanitize extension - only allow alphanumeric characters
+        const rawExtension = file.name.split(".").pop() || "jpg"
+        const extension = rawExtension.replace(/[^a-zA-Z0-9]/g, "").toLowerCase() || "jpg"
         const filename = `${timestamp}-${i}-${randomStr}.${extension}`
 
+        // Filename is generated server-side (timestamp + random), safe for path.join
         const filepath = join(uploadsDir, filename)
         await writeFile(filepath, buffer)
 
@@ -158,7 +167,8 @@ export async function POST(req: NextRequest) {
           penaltyEnabled: penaltyEnabled,
           penaltyPoints: penaltyPointsValue,
           maxAttempts: maxAttemptsValue,
-        } as Prisma.PhotoUncheckedCreateInput,
+          // eslint-disable-next-line @typescript-eslint/no-explicit-any
+        } as any,
         include: {
           uploader: {
             select: {
@@ -193,12 +203,9 @@ export async function POST(req: NextRequest) {
               user.name,
               photo.id,
               photo.uploader.name
-            ).catch((err) =>
-              console.error(
-                `Failed to send email to ${user.email} for photo ${photo.id}:`,
-                err
-              )
-            )
+            ).catch((err) => {
+              console.error("Failed to send email to:", user.email, "for photo:", photo.id, err)
+            })
           )
         )
       )
diff --git a/app/api/photos/upload/route.ts b/app/api/photos/upload/route.ts
index 368e4ce..76afdc2 100644
--- a/app/api/photos/upload/route.ts
+++ b/app/api/photos/upload/route.ts
@@ -6,7 +6,6 @@ import { writeFile } from "fs/promises"
 import { join } from "path"
 import { existsSync, mkdirSync } from "fs"
 import { createHash } from "crypto"
-import type { Prisma } from "@prisma/client"
 
 export async function POST(req: NextRequest) {
   try {
@@ -63,7 +62,8 @@ export async function POST(req: NextRequest) {
 
       // Check for duplicate file
       const existingPhoto = await prisma.photo.findFirst({
-        where: { fileHash } as Prisma.PhotoWhereInput,
+        // eslint-disable-next-line @typescript-eslint/no-explicit-any
+        where: { fileHash } as any,
       })
 
       if (existingPhoto) {
@@ -76,7 +76,9 @@ export async function POST(req: NextRequest) {
       // Generate unique filename
       const timestamp = Date.now()
       const randomStr = Math.random().toString(36).substring(2, 15)
-      const extension = file.name.split(".").pop() || "jpg"
+      // Sanitize extension - only allow alphanumeric characters
+      const rawExtension = file.name.split(".").pop() || "jpg"
+      const extension = rawExtension.replace(/[^a-zA-Z0-9]/g, "").toLowerCase() || "jpg"
       const filename = `${timestamp}-${randomStr}.${extension}`
 
       // Ensure uploads directory exists
@@ -85,7 +87,7 @@ export async function POST(req: NextRequest) {
         mkdirSync(uploadsDir, { recursive: true })
       }
 
-      // Save file
+      // Filename is generated server-side (timestamp + random), safe for path.join
       const filepath = join(uploadsDir, filename)
       await writeFile(filepath, buffer)
 
@@ -123,7 +125,8 @@ export async function POST(req: NextRequest) {
         answerName: answerName.trim(),
         points: pointsValue,
         maxAttempts: maxAttemptsValue,
-      } as Prisma.PhotoUncheckedCreateInput,
+        // eslint-disable-next-line @typescript-eslint/no-explicit-any
+      } as any,
       include: {
         uploader: {
           select: {
@@ -149,7 +152,9 @@ export async function POST(req: NextRequest) {
     Promise.all(
       allUsers.map((user: { id: string; email: string; name: string }) =>
         sendNewPhotoEmail(user.email, user.name, photo.id, photo.uploader.name).catch(
-          (err) => console.error(`Failed to send email to ${user.email}:`, err)
+          (err) => {
+            console.error("Failed to send email to:", user.email, err)
+          }
         )
       )
     )
-- 
2.49.1


From 21fc9f33fb484343f6f6798a6c06abd6d8674c4e Mon Sep 17 00:00:00 2001
From: ilia <idobkin@gmail.com>
Date: Fri, 2 Jan 2026 15:33:39 -0500
Subject: [PATCH 03/12] fix: Improve navigation component styling and
 functionality

- Add relative positioning to navigation elements for better stacking context
- Ensure side menu closes when navigating to Upload and Leaderboard links
- Adjust z-index values for side menu and overlay to improve layering
---
 components/Navigation.tsx | 20 +++++++++++---------
 1 file changed, 11 insertions(+), 9 deletions(-)

diff --git a/components/Navigation.tsx b/components/Navigation.tsx
index 0e4727c..0e67ddf 100644
--- a/components/Navigation.tsx
+++ b/components/Navigation.tsx
@@ -29,14 +29,14 @@ export default function Navigation() {
 
   return (
     <>
-      <nav className="sticky top-0 z-50 bg-gradient-to-r from-purple-600 to-indigo-600 text-white shadow-lg">
+      <nav className="sticky top-0 z-50 bg-gradient-to-r from-purple-600 to-indigo-600 text-white shadow-lg relative">
         <div className="max-w-7xl mx-auto px-4 sm:px-6 lg:px-8">
           <div className="flex justify-between items-center h-16">
             {/* Logo and Menu Button */}
             <div className="flex items-center space-x-4">
               <button
                 onClick={() => setSideMenuOpen(!sideMenuOpen)}
-                className="menu-button p-2 rounded-md hover:bg-purple-700 focus:outline-none focus:ring-2 focus:ring-white"
+                className="menu-button p-2 rounded-md hover:bg-purple-700 focus:outline-none focus:ring-2 focus:ring-white relative z-10"
                 aria-label="Toggle menu"
               >
                 <svg
@@ -51,29 +51,31 @@ export default function Navigation() {
                   <path d="M4 6h16M4 12h16M4 18h16" />
                 </svg>
               </button>
-              <Link href="/" className="text-xl font-bold">
+              <Link href="/" className="text-xl font-bold relative z-10">
                 MirrorMatch
               </Link>
             </div>
 
             {/* Main Actions - Always Visible */}
-            <div className="flex items-center space-x-4">
+            <div className="flex items-center space-x-4 relative z-10">
               <Link
                 href="/upload"
-                className="hover:bg-purple-700 px-3 py-2 rounded-md text-sm font-medium transition whitespace-nowrap"
+                className="hover:bg-purple-700 px-3 py-2 rounded-md text-sm font-medium transition whitespace-nowrap relative z-10"
+                onClick={() => setSideMenuOpen(false)}
               >
                 Upload
               </Link>
               <Link
                 href="/leaderboard"
-                className="hover:bg-purple-700 px-3 py-2 rounded-md text-sm font-medium transition whitespace-nowrap"
+                className="hover:bg-purple-700 px-3 py-2 rounded-md text-sm font-medium transition whitespace-nowrap relative z-10"
+                onClick={() => setSideMenuOpen(false)}
               >
                 Leaderboard
               </Link>
             </div>
 
             {/* User Info */}
-            <div className="flex items-center">
+            <div className="flex items-center relative z-10">
               <span className="text-sm">Hello, {session.user.name}</span>
             </div>
           </div>
@@ -82,7 +84,7 @@ export default function Navigation() {
 
       {/* Side Menu */}
       <div
-        className={`side-menu fixed top-16 left-0 h-[calc(100vh-4rem)] w-64 bg-white shadow-xl z-40 transform transition-transform duration-300 ease-in-out flex flex-col ${
+        className={`side-menu fixed top-16 left-0 h-[calc(100vh-4rem)] w-64 bg-white shadow-xl z-30 transform transition-transform duration-300 ease-in-out flex flex-col ${
           sideMenuOpen ? "translate-x-0" : "-translate-x-full"
         }`}
       >
@@ -154,7 +156,7 @@ export default function Navigation() {
       {/* Overlay for mobile */}
       {sideMenuOpen && (
         <div
-          className="fixed inset-0 bg-black bg-opacity-50 z-30 sm:hidden"
+          className="fixed inset-0 bg-black bg-opacity-50 z-20 sm:hidden"
           onClick={() => setSideMenuOpen(false)}
         />
       )}
-- 
2.49.1


From c16b38522c14fe1e4f57d22f717abf1820bf66dd Mon Sep 17 00:00:00 2001
From: ilia <idobkin@gmail.com>
Date: Fri, 2 Jan 2026 16:15:25 -0500
Subject: [PATCH 04/12] chore: Update CI configuration to include DATABASE_URL
 for Prisma Client generation

- Add DATABASE_URL environment variable to ensure Prisma can generate types using the same connection string as the build step
---
 .github/workflows/ci.yml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index fad2e5c..9f65d47 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -139,6 +139,9 @@ jobs:
 
       - name: Generate Prisma Client
         run: npm run db:generate
+        env:
+          # Use the same connection string we provide to the build step so Prisma can generate types
+          DATABASE_URL: postgresql://postgres:postgres@localhost:5432/mirrormatch?schema=public
 
       - name: Build application
         run: npm run build
-- 
2.49.1


From 44cd5f5e0bcf2fe8fb75d2dda8224da2e51f9a79 Mon Sep 17 00:00:00 2001
From: ilia <idobkin@gmail.com>
Date: Fri, 2 Jan 2026 16:51:59 -0500
Subject: [PATCH 05/12] fix: Enhance CI workflow to improve skip logic and
 compatibility

- Default to not skipping CI unless specified
- Set outputs in both modern and legacy formats for broader runner compatibility
- Refactor skip condition checks for consistency across jobs
---
 .github/workflows/ci.yml | 21 ++++++++++++---------
 1 file changed, 12 insertions(+), 9 deletions(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 9f65d47..1f054df 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -21,6 +21,9 @@ jobs:
       - name: Check if CI should be skipped
         id: check
         run: |
+          # Default to not skipping
+          SKIP=0
+
           # Simple skip pattern: @skipci (case-insensitive)
           SKIP_PATTERN="@skipci"
 
@@ -36,8 +39,6 @@ jobs:
             COMMIT_MSG=$(git log -1 --pretty=%B 2>/dev/null || echo "")
           fi
 
-          SKIP=0
-
           # Check branch name (case-insensitive)
           if echo "$BRANCH_NAME" | grep -qiF "$SKIP_PATTERN"; then
             echo "Skipping CI: branch name contains '$SKIP_PATTERN'"
@@ -52,7 +53,9 @@ jobs:
             fi
           fi
 
-          echo "skip=$SKIP" >> $GITHUB_OUTPUT
+          # Set outputs in both modern and legacy formats for wider runner compatibility
+          echo "skip=$SKIP" >> "$GITHUB_OUTPUT"
+          echo "::set-output name=skip::$SKIP"
           echo "Branch: $BRANCH_NAME"
           echo "Commit: ${COMMIT_MSG:0:50}..."
           echo "Skip CI: $SKIP"
@@ -60,7 +63,7 @@ jobs:
   lint-and-type-check:
     needs: skip-ci-check
     runs-on: ubuntu-latest
-    if: needs.skip-ci-check.outputs.should-skip != '1'
+    if: &should_run ${{ needs.skip-ci-check.outputs.should-skip != '1' }}
     container:
       image: node:20-bullseye
     steps:
@@ -79,7 +82,7 @@ jobs:
   test:
     needs: skip-ci-check
     runs-on: ubuntu-latest
-    if: needs.skip-ci-check.outputs.should-skip != '1'
+    if: *should_run
     container:
       image: node:20-bullseye
     services:
@@ -127,7 +130,7 @@ jobs:
   build:
     needs: skip-ci-check
     runs-on: ubuntu-latest
-    if: needs.skip-ci-check.outputs.should-skip != '1'
+    if: *should_run
     container:
       image: node:20-bullseye
     steps:
@@ -152,7 +155,7 @@ jobs:
 
   secret-scanning:
     needs: skip-ci-check
-    if: needs.skip-ci-check.outputs.should-skip != '1'
+    if: *should_run
     runs-on: ubuntu-latest
     container:
       image: zricethezav/gitleaks:latest
@@ -172,7 +175,7 @@ jobs:
 
   dependency-scan:
     needs: skip-ci-check
-    if: needs.skip-ci-check.outputs.should-skip != '1'
+    if: *should_run
     runs-on: ubuntu-latest
     container:
       image: aquasec/trivy:latest
@@ -206,7 +209,7 @@ jobs:
 
   sast-scan:
     needs: skip-ci-check
-    if: needs.skip-ci-check.outputs.should-skip != '1'
+    if: *should_run
     runs-on: ubuntu-latest
     container:
       image: ubuntu:22.04
-- 
2.49.1


From 4200975c780db25ee213983b21e6bae929c646bb Mon Sep 17 00:00:00 2001
From: ilia <idobkin@gmail.com>
Date: Fri, 2 Jan 2026 17:02:09 -0500
Subject: [PATCH 06/12] fix: Refine CI skip logic for improved clarity and
 compatibility

- Default to 'false' for skip output to enhance runner compatibility
- Update skip condition checks to use boolean values for consistency
- Ensure CI is only skipped when explicitly indicated in branch name or commit message
---
 .github/workflows/ci.yml | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 1f054df..ee7de1c 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -11,7 +11,8 @@ jobs:
   skip-ci-check:
     runs-on: ubuntu-latest
     outputs:
-      should-skip: ${{ steps.check.outputs.skip }}
+      # Default to 'false' if the step output is missing (some runners are picky)
+      should-skip: ${{ steps.check.outputs.skip || 'false' }}
     steps:
       - name: Check out code (for commit message)
         uses: actions/checkout@v4
@@ -22,7 +23,7 @@ jobs:
         id: check
         run: |
           # Default to not skipping
-          SKIP=0
+          SKIP=false
 
           # Simple skip pattern: @skipci (case-insensitive)
           SKIP_PATTERN="@skipci"
@@ -42,14 +43,14 @@ jobs:
           # Check branch name (case-insensitive)
           if echo "$BRANCH_NAME" | grep -qiF "$SKIP_PATTERN"; then
             echo "Skipping CI: branch name contains '$SKIP_PATTERN'"
-            SKIP=1
+            SKIP=true
           fi
 
           # Check commit message (case-insensitive)
-          if [ $SKIP -eq 0 ] && [ -n "$COMMIT_MSG" ]; then
+          if [ "$SKIP" = "false" ] && [ -n "$COMMIT_MSG" ]; then
             if echo "$COMMIT_MSG" | grep -qiF "$SKIP_PATTERN"; then
               echo "Skipping CI: commit message contains '$SKIP_PATTERN'"
-              SKIP=1
+              SKIP=true
             fi
           fi
 
@@ -63,7 +64,7 @@ jobs:
   lint-and-type-check:
     needs: skip-ci-check
     runs-on: ubuntu-latest
-    if: &should_run ${{ needs.skip-ci-check.outputs.should-skip != '1' }}
+    if: &should_run ${{ needs.skip-ci-check.outputs.should-skip != 'true' }}
     container:
       image: node:20-bullseye
     steps:
-- 
2.49.1


From cbf49bf306f43fc0f04b99dcee0a94753b12d843 Mon Sep 17 00:00:00 2001
From: ilia <idobkin@gmail.com>
Date: Fri, 2 Jan 2026 17:27:32 -0500
Subject: [PATCH 07/12] chore: Update CI workflow to include Prisma Client
 generation and improve skip logic

- Add step to generate Prisma Client with DATABASE_URL for consistent type generation
- Clean up skip logic by removing unnecessary comments and legacy output formats
- Ensure CI skip checks are clear and maintain compatibility across runners
---
 .github/workflows/ci.yml | 9 +++++----
 types/prisma.d.ts        | 6 ++++++
 2 files changed, 11 insertions(+), 4 deletions(-)
 create mode 100644 types/prisma.d.ts

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index ee7de1c..8db5b0a 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -11,7 +11,6 @@ jobs:
   skip-ci-check:
     runs-on: ubuntu-latest
     outputs:
-      # Default to 'false' if the step output is missing (some runners are picky)
       should-skip: ${{ steps.check.outputs.skip || 'false' }}
     steps:
       - name: Check out code (for commit message)
@@ -22,7 +21,6 @@ jobs:
       - name: Check if CI should be skipped
         id: check
         run: |
-          # Default to not skipping
           SKIP=false
 
           # Simple skip pattern: @skipci (case-insensitive)
@@ -54,9 +52,7 @@ jobs:
             fi
           fi
 
-          # Set outputs in both modern and legacy formats for wider runner compatibility
           echo "skip=$SKIP" >> "$GITHUB_OUTPUT"
-          echo "::set-output name=skip::$SKIP"
           echo "Branch: $BRANCH_NAME"
           echo "Commit: ${COMMIT_MSG:0:50}..."
           echo "Skip CI: $SKIP"
@@ -74,6 +70,11 @@ jobs:
       - name: Install dependencies
         run: npm ci
 
+      - name: Generate Prisma Client
+        run: npm run db:generate
+        env:
+          DATABASE_URL: postgresql://postgres:postgres@localhost:5432/mirrormatch?schema=public
+
       - name: Run ESLint
         run: npm run lint
 
diff --git a/types/prisma.d.ts b/types/prisma.d.ts
new file mode 100644
index 0000000..ef50706
--- /dev/null
+++ b/types/prisma.d.ts
@@ -0,0 +1,6 @@
+// Fallback typings for CI environments where Prisma's generated
+// module resolution can be finicky under `moduleResolution: bundler`.
+declare module '@prisma/client' {
+  export * from '@prisma/client/.prisma/client';
+  export { PrismaClient } from '@prisma/client/.prisma/client';
+}
-- 
2.49.1


From 24889c03736f4e3c53c5ed736e61918a74897118 Mon Sep 17 00:00:00 2001
From: ilia <idobkin@gmail.com>
Date: Fri, 2 Jan 2026 17:32:09 -0500
Subject: [PATCH 08/12] chore: Remove outdated Prisma typings and update client
 output path

- Delete fallback TypeScript typings for Prisma client to streamline type generation
- Update Prisma client output path for better compatibility with current project structure
---
 prisma/schema.prisma | 1 -
 types/prisma.d.ts    | 6 ------
 2 files changed, 7 deletions(-)
 delete mode 100644 types/prisma.d.ts

diff --git a/prisma/schema.prisma b/prisma/schema.prisma
index 8819e22..9f9216f 100644
--- a/prisma/schema.prisma
+++ b/prisma/schema.prisma
@@ -3,7 +3,6 @@
 
 generator client {
   provider = "prisma-client-js"
-  output   = "../node_modules/@prisma/client/.prisma/client"
 }
 
 datasource db {
diff --git a/types/prisma.d.ts b/types/prisma.d.ts
deleted file mode 100644
index ef50706..0000000
--- a/types/prisma.d.ts
+++ /dev/null
@@ -1,6 +0,0 @@
-// Fallback typings for CI environments where Prisma's generated
-// module resolution can be finicky under `moduleResolution: bundler`.
-declare module '@prisma/client' {
-  export * from '@prisma/client/.prisma/client';
-  export { PrismaClient } from '@prisma/client/.prisma/client';
-}
-- 
2.49.1


From 67914fcdc9dca7ff0ba6feb0cf04f3cbadb37bbf Mon Sep 17 00:00:00 2001
From: ilia <idobkin@gmail.com>
Date: Fri, 2 Jan 2026 17:39:35 -0500
Subject: [PATCH 09/12] chore: Clean up TypeScript configuration by removing
 outdated Prisma client path

- Remove the obsolete path mapping for Prisma client in tsconfig.json to streamline the configuration
---
 tsconfig.json | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/tsconfig.json b/tsconfig.json
index d0baeea..1234fce 100644
--- a/tsconfig.json
+++ b/tsconfig.json
@@ -19,8 +19,7 @@
       }
     ],
     "paths": {
-      "@/*": ["./*"],
-      ".prisma/client": ["./node_modules/.prisma/client"]
+      "@/*": ["./*"]
     }
   },
   "include": [
-- 
2.49.1


From 49715f558fedc5ec2f1264c3eedceb4d56a4cb17 Mon Sep 17 00:00:00 2001
From: ilia <idobkin@gmail.com>
Date: Fri, 2 Jan 2026 21:05:47 -0500
Subject: [PATCH 10/12] chore: Update CI workflow to include a trigger comment

- Add a comment to clarify the CI trigger mechanism for better understanding
---
 .github/workflows/ci.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 8db5b0a..d2473a3 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -1,3 +1,4 @@
+# CI (triggered)
 name: CI
 
 on:
-- 
2.49.1


From 62cbcb8c26a83071c291f6d5f03561214e9ce53f Mon Sep 17 00:00:00 2001
From: ilia <idobkin@gmail.com>
Date: Sat, 3 Jan 2026 10:10:14 -0500
Subject: [PATCH 11/12] chore: Update Prisma client output path for improved
 project structure

- Set the output path for the Prisma client to align with the current project directory structure, enhancing compatibility and organization.
---
 prisma/schema.prisma | 1 +
 1 file changed, 1 insertion(+)

diff --git a/prisma/schema.prisma b/prisma/schema.prisma
index 9f9216f..8819e22 100644
--- a/prisma/schema.prisma
+++ b/prisma/schema.prisma
@@ -3,6 +3,7 @@
 
 generator client {
   provider = "prisma-client-js"
+  output   = "../node_modules/@prisma/client/.prisma/client"
 }
 
 datasource db {
-- 
2.49.1


From 2169e5d18472d2fb4285c893c54d582c8f4f1b06 Mon Sep 17 00:00:00 2001
From: ilia <idobkin@gmail.com>
Date: Sat, 3 Jan 2026 10:17:35 -0500
Subject: [PATCH 12/12] chore: Add postinstall script for Prisma client
 generation and remove outdated client symlink

- Introduce a postinstall script to automatically generate the Prisma client after installation
- Remove the outdated symlink for the Prisma client to streamline project structure and avoid confusion
---
 .prisma/client       | 1 -
 package.json         | 1 +
 prisma/schema.prisma | 1 -
 3 files changed, 1 insertion(+), 2 deletions(-)
 delete mode 120000 .prisma/client

diff --git a/.prisma/client b/.prisma/client
deleted file mode 120000
index b9f4aca..0000000
--- a/.prisma/client
+++ /dev/null
@@ -1 +0,0 @@
-../node_modules/.prisma/client
\ No newline at end of file
diff --git a/package.json b/package.json
index 89388a2..0a02946 100644
--- a/package.json
+++ b/package.json
@@ -14,6 +14,7 @@
     "test:coverage": "jest --coverage",
     "test:ci": "jest --ci --coverage --maxWorkers=2",
     "db:generate": "prisma generate",
+    "postinstall": "prisma generate",
     "db:migrate": "prisma migrate dev",
     "db:push": "prisma db push",
     "db:studio": "prisma studio",
diff --git a/prisma/schema.prisma b/prisma/schema.prisma
index 8819e22..9f9216f 100644
--- a/prisma/schema.prisma
+++ b/prisma/schema.prisma
@@ -3,7 +3,6 @@
 
 generator client {
   provider = "prisma-client-js"
-  output   = "../node_modules/@prisma/client/.prisma/client"
 }
 
 datasource db {
-- 
2.49.1