e53cd3a3b2
All checks were successful
Deploy SOLUTION_ERP / build-deploy (push) Successful in 2m45s
## Edit detail row inline (BE)
7 typed UpdateXxxDetailCommand handler trong ContractDetailsFeatures.cs
— pattern lặp giống Add commands, EnsureContractType guard + log
ChangelogAction.Update với summary "Sửa <hạng mục/SP/CV/...>".
7 PUT endpoints trong ContractsController:
- PUT /contracts/{id}/details/{thau-phu|giao-khoan|nha-cung-cap|dich-vu|
mua-ban|nguyen-tac-ncc|nguyen-tac-dv}/{detailId}
## Edit detail row inline (FE)
ContractDetailsTab.tsx refactor:
- DeleteBtn → ActionBtns (Pencil + Trash) với onEdit + onDelete callbacks
- 7 XxxTable signatures + onEdit prop + pass row data via callback
- New EditRowDialog component:
* useEffect populate form từ row data khi target thay đổi
* Reuse FIELDS_BY_TYPE config + buildPayload (compute thanhTien)
* Date field convert ISO → yyyy-MM-dd cho input[type=date]
* PUT /contracts/{id}/details/{slug}/{detailId}
- Parent state editTarget — open dialog, close khi save thành công
Mirror fe-admin (file copy).
## Deps audit helper script
scripts/deps-audit.ps1 — chạy thủ công hoặc CI integration:
- dotnet list package --vulnerable --include-transitive (BE)
- npm audit --audit-level=moderate (fe-admin + fe-user)
- Color-coded output (green/red), summary cuối
- -FailOnHigh switch để CI gate
Skill ref .claude/skills/dependency-audit-erp/SKILL.md (đã có) cho
pin constraints + workflow fix.
## Build
- BE: dotnet build pass (0 error)
- fe-user: tsc + vite pass (11.52s)
- fe-admin: tsc + vite pass (577ms)
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
104 lines
3.2 KiB
PowerShell
104 lines
3.2 KiB
PowerShell
#!/usr/bin/env pwsh
|
|
# Dependency vulnerability audit cho SOLUTION_ERP
|
|
# Usage: pwsh scripts/deps-audit.ps1 [-FailOnHigh]
|
|
#
|
|
# Scan:
|
|
# 1. NuGet vulnerable (BE) — dotnet list package --vulnerable --include-transitive
|
|
# 2. npm audit (fe-admin + fe-user) — level >= moderate
|
|
#
|
|
# Exit code:
|
|
# 0 — clean
|
|
# 1 — vulnerabilities found (only fail with -FailOnHigh)
|
|
#
|
|
# Skill reference: .claude/skills/dependency-audit-erp/SKILL.md
|
|
|
|
param(
|
|
[switch]$FailOnHigh
|
|
)
|
|
|
|
$ErrorActionPreference = "Continue"
|
|
$script:hasIssues = $false
|
|
|
|
function Write-Section($title) {
|
|
Write-Host ""
|
|
Write-Host "===== $title =====" -ForegroundColor Cyan
|
|
}
|
|
|
|
# ========= 1. NuGet =========
|
|
Write-Section "NuGet vulnerabilities (BE .NET 10)"
|
|
|
|
Push-Location $PSScriptRoot/..
|
|
try {
|
|
$output = dotnet list SolutionErp.slnx package --vulnerable --include-transitive 2>&1 | Out-String
|
|
Write-Host $output
|
|
if ($output -match 'has the following vulnerable packages') {
|
|
$script:hasIssues = $true
|
|
Write-Host "[!] NuGet vulnerable packages found" -ForegroundColor Red
|
|
} else {
|
|
Write-Host "[OK] No NuGet vulnerabilities" -ForegroundColor Green
|
|
}
|
|
} catch {
|
|
Write-Host "[!] dotnet list failed: $_" -ForegroundColor Red
|
|
$script:hasIssues = $true
|
|
}
|
|
Pop-Location
|
|
|
|
# ========= 2. npm fe-admin =========
|
|
Write-Section "npm audit fe-admin"
|
|
|
|
Push-Location $PSScriptRoot/../fe-admin
|
|
try {
|
|
if (-not (Test-Path node_modules)) {
|
|
Write-Host "node_modules missing — chạy npm install trước." -ForegroundColor Yellow
|
|
} else {
|
|
$auditOutput = npm audit --audit-level=moderate 2>&1 | Out-String
|
|
Write-Host $auditOutput
|
|
if ($LASTEXITCODE -ne 0) {
|
|
$script:hasIssues = $true
|
|
Write-Host "[!] fe-admin npm audit found issues" -ForegroundColor Red
|
|
} else {
|
|
Write-Host "[OK] fe-admin npm clean" -ForegroundColor Green
|
|
}
|
|
}
|
|
} catch {
|
|
Write-Host "[!] npm audit fe-admin failed: $_" -ForegroundColor Red
|
|
$script:hasIssues = $true
|
|
}
|
|
Pop-Location
|
|
|
|
# ========= 3. npm fe-user =========
|
|
Write-Section "npm audit fe-user"
|
|
|
|
Push-Location $PSScriptRoot/../fe-user
|
|
try {
|
|
if (-not (Test-Path node_modules)) {
|
|
Write-Host "node_modules missing — chạy npm install trước." -ForegroundColor Yellow
|
|
} else {
|
|
$auditOutput = npm audit --audit-level=moderate 2>&1 | Out-String
|
|
Write-Host $auditOutput
|
|
if ($LASTEXITCODE -ne 0) {
|
|
$script:hasIssues = $true
|
|
Write-Host "[!] fe-user npm audit found issues" -ForegroundColor Red
|
|
} else {
|
|
Write-Host "[OK] fe-user npm clean" -ForegroundColor Green
|
|
}
|
|
}
|
|
} catch {
|
|
Write-Host "[!] npm audit fe-user failed: $_" -ForegroundColor Red
|
|
$script:hasIssues = $true
|
|
}
|
|
Pop-Location
|
|
|
|
# ========= Summary =========
|
|
Write-Section "Summary"
|
|
if ($script:hasIssues) {
|
|
Write-Host "[!] Vulnerabilities or issues found." -ForegroundColor Red
|
|
Write-Host "Tham khao .claude/skills/dependency-audit-erp/SKILL.md cho workflow fix."
|
|
Write-Host "Nho check pin constraints (MediatR 12.4.1, Swashbuckle 6.9.0, Node 20) truoc khi npm audit fix."
|
|
if ($FailOnHigh) {
|
|
exit 1
|
|
}
|
|
} else {
|
|
Write-Host "[OK] All clean." -ForegroundColor Green
|
|
}
|