coronasafe / journal Goto Github PK
View Code? Open in Web Editor NEWLicense: MIT License
License: MIT License
Verify working of:
Rails
Active Admin
React
Tailwind UI
Vulnerabilities
DepShield reports that this application's usage of kind-of:3.2.2 results in the following vulnerability(s):
Occurrences
kind-of:3.2.2 is a transitive dependency introduced by the following direct dependency(s):
• @rails/webpacker:4.3.0
└─ webpack:4.44.2
└─ micromatch:3.1.10
└─ snapdragon:0.8.2
└─ base:0.11.2
└─ cache-base:1.0.1
└─ to-object-path:0.3.0
└─ kind-of:3.2.2
└─ class-utils:0.3.6
└─ static-extend:0.1.2
└─ object-copy:0.1.0
└─ kind-of:3.2.2
└─ define-property:0.2.5
└─ is-descriptor:0.1.6
└─ is-accessor-descriptor:0.1.6
└─ kind-of:3.2.2
└─ is-data-descriptor:0.1.4
└─ kind-of:3.2.2
• webpack-dev-server:3.11.0
└─ chokidar:2.1.8
└─ braces:2.3.2
└─ fill-range:4.0.0
└─ is-number:3.0.0
└─ kind-of:3.2.2
└─ snapdragon-node:2.1.1
└─ snapdragon-util:3.0.1
└─ kind-of:3.2.2
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
Change the signup image to open source SVG
Vulnerabilities
DepShield reports that this application's usage of kind-of:5.1.0 results in the following vulnerability(s):
Occurrences
kind-of:5.1.0 is a transitive dependency introduced by the following direct dependency(s):
• @rails/webpacker:4.3.0
└─ webpack:4.44.2
└─ micromatch:3.1.10
└─ snapdragon:0.8.2
└─ define-property:0.2.5
└─ is-descriptor:0.1.6
└─ kind-of:5.1.0
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
Ref: #4
Add a background service to delete all user journal data which is older than 30 days.
On user sign up page, the phone number entered by user has to be verified first.
@bodhish for docs on existing service to do that.
Sign up collects following details from the user:
Authentication enforces uniqueness of phone number + date of birth on the backend.
Ref: #1
Returns a token (cookie or otherwise) stored locally on the device.
Vulnerabilities
DepShield reports that this application's usage of lodash.memoize:4.1.2 results in the following vulnerability(s):
Occurrences
lodash.memoize:4.1.2 is a transitive dependency introduced by the following direct dependency(s):
• @rails/webpacker:4.3.0
└─ optimize-css-assets-webpack-plugin:5.0.4
└─ cssnano:4.1.10
└─ cssnano-preset-default:4.0.7
└─ postcss-merge-rules:4.0.3
└─ caniuse-api:3.0.0
└─ lodash.memoize:4.1.2
• postcss-cssnext:3.1.0
└─ caniuse-api:2.0.0
└─ lodash.memoize:4.1.2
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
From the main page, user should be able to scan a QR code.
Checkout libraries like Instascan
Scanning a QR code successfully, shows a small microinteraction indicating success and returns the user to the main page.
Seems like
Apis /api/v1/visits/ongoing
and /api/v1/visits
not working for some scenarios.
user has no visit - api is working
user has 1 visit - api is working
user has 2 visit - api is not working
user has more than 2 visits - api is not working
Originally posted by @amaljosea in #45 (comment)
Vulnerabilities
DepShield reports that this application's usage of kind-of:4.0.0 results in the following vulnerability(s):
Occurrences
kind-of:4.0.0 is a transitive dependency introduced by the following direct dependency(s):
• @rails/webpacker:4.3.0
└─ webpack:4.44.2
└─ micromatch:3.1.10
└─ snapdragon:0.8.2
└─ base:0.11.2
└─ cache-base:1.0.1
└─ has-value:1.0.0
└─ has-values:1.0.0
└─ kind-of:4.0.0
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
Why do we have to delete the QR Code after a month?
Logging a visit as of now doesn't change the user's updated_at
field. User's updated_at
remains the same as his created_at
. So deleting a user based on his updated_at
will just remove the user and ALL HIS VISITS from the system after 30 days of his first login.
Shouldn't we be deleting all visits which are older than 30 days? And also delete the user if his last visit was logged more than 30 days ago?
Vulnerabilities
DepShield reports that this application's usage of lodash.toarray:4.4.0 results in the following vulnerability(s):
Occurrences
lodash.toarray:4.4.0 is a transitive dependency introduced by the following direct dependency(s):
• tailwindcss:1.8.10
└─ node-emoji:1.10.0
└─ lodash.toarray:4.4.0
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
Vulnerabilities
DepShield reports that this application's usage of lodash._reinterpolate:3.0.0 results in the following vulnerability(s):
Occurrences
lodash._reinterpolate:3.0.0 is a transitive dependency introduced by the following direct dependency(s):
• postcss-cssnext:3.1.0
└─ postcss-initial:2.0.0
└─ lodash.template:4.5.0
└─ lodash._reinterpolate:3.0.0
└─ lodash.templatesettings:4.2.0
└─ lodash._reinterpolate:3.0.0
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
To mark exit on an ongoing visit as specified in the doc, field visit_id
is needed.
Seems like the field visit_id
is now not present in the response of these apis.
Log a new visit
Get all visits of a user
Get ongoing visits of a user
Vulnerabilities
DepShield reports that this application's usage of lodash.uniq:4.5.0 results in the following vulnerability(s):
Occurrences
lodash.uniq:4.5.0 is a transitive dependency introduced by the following direct dependency(s):
• @rails/webpacker:4.3.0
└─ optimize-css-assets-webpack-plugin:5.0.4
└─ cssnano:4.1.10
└─ cssnano-preset-default:4.0.7
└─ postcss-merge-rules:4.0.3
└─ caniuse-api:3.0.0
└─ lodash.uniq:4.5.0
• postcss-cssnext:3.1.0
└─ caniuse-api:2.0.0
└─ lodash.uniq:4.5.0
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
Admin should be able to generate a list of establishments visited by the user in case they test positive for the virus.
Generated admin credentials can be used to sign up to the application.
Possibility with Active admin generated page
If you can help
As per images
https://drive.google.com/file/d/1GvQfJhf8WSbvIKecCLCpKcN3hglqs0pQ/view?usp=sharing
I created in the workspace some releases
The IDE starts the application, until I show the return in chrome
The problem is that the variable pointed at the breakpoint is not being returned
Can anyone help?
As per images
https://drive.google.com/file/d/1M6mhdvItbj2cu0Zqool6D5VZzhJHpM72/view?usp=sharing
The IDE starts the application, until I show the return in chrome
The problem is that the error is being returned when trying to debug the application
Can anyone help?
Vulnerabilities
DepShield reports that this application's usage of debug:2.6.9 results in the following vulnerability(s):
Occurrences
debug:2.6.9 is a transitive dependency introduced by the following direct dependency(s):
• @rails/webpacker:4.3.0
└─ webpack:4.44.2
└─ micromatch:3.1.10
└─ extglob:2.0.4
└─ expand-brackets:2.1.4
└─ debug:2.6.9
└─ snapdragon:0.8.2
└─ debug:2.6.9
• webpack-dev-server:3.11.0
└─ compression:1.7.4
└─ debug:2.6.9
└─ express:4.17.1
└─ body-parser:1.19.0
└─ debug:2.6.9
└─ debug:2.6.9
└─ finalhandler:1.1.2
└─ debug:2.6.9
└─ send:0.17.1
└─ debug:2.6.9
└─ serve-index:1.9.1
└─ debug:2.6.9
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
Label each page by their application.
Currently all pages are named Journal - Coronasafe. Keeping the same template, add the page name in front.
Use react-helmet
The homepage should have a listing of ongoing visits of the user.
Ongoing visits are those that do not have an exit time (#30)
User should be able to mark as Exit from a visit from the same list.
When user scans a QR code (#3), the details from QR code (#5) needs to be send to the backend.
Here a "Visit" is created with details of:
For expansion purposes, would like to have Visit to have polymorphic link to Establishment as other types could be added in the future.
On the user end, the application is to be used by the most common of people. This design has to be kept as simple and bare bones as possible.
This is why we are skipping detailed password based authentication on user. User will have a sign up page where they can enter minimal details of themselves, this will be saved to the backend with a token generated ending the user on main page.
If this token ever gets cleared (assuming that the possibility of this happening is rare), user will be redirected back to the sign up page.
Uniqueness of date of birth + phone number is enforced, so as communicate with other Coronasafe projects easier in the future.
This is to be used by district officials, the emphasis here is on the functionality rather than the UI.
Related to #8
API: https://github.com/coronasafe/journal/blob/develop/doc/api.md#routemap-for-a-user
Backend defaults to last 7 days, but date can be customized. Requires two date pickers for start and end date, end date needs to be validated to be less than start date.
Name of the user is not provided on searching the user from admin.
Hence cannot display the name of the user in the admin dashboard for routemap
For MVP, merchant does not need to have a login to application.
The merchant page should enable to collect:
This has to be saved on to the database and a QR code is generated.
QR code contains following details:
List of local bodies as available here: https://github.com/coronasafe/datastore/tree/master/JSON
Merchant can select one local body off the list that is saved to the database at the time of registration
Vulnerabilities
DepShield reports that this application's usage of q:1.5.1 results in the following vulnerability(s):
Occurrences
q:1.5.1 is a transitive dependency introduced by the following direct dependency(s):
• @rails/webpacker:4.3.0
└─ optimize-css-assets-webpack-plugin:5.0.4
└─ cssnano:4.1.10
└─ cssnano-preset-default:4.0.7
└─ postcss-svgo:4.0.2
└─ svgo:1.3.2
└─ coa:2.0.2
└─ q:1.5.1
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
I have seen a use case for journal for a different way.
In our church due to covid, daily entry of all the people visited is being made. Info collected are Name, Phone number, Age, Address. Currently they are logging the register manually.
I thought of suggesting journal to the officials, but the issue is that the crowd come to the church in a rural village like ours doesn't have internet and smart phone.
So the idea is to print QR codes, register the user and assign and give a QR code per person and they bring it daily and we could scan and log their entry. I am sure that the individual elements (like scanner, QR generator, databases etc) for making this work is present inside journal project.
Do we have any scope of accompanying something like this in our current project or a new fork/fresh will be appropriate?
Thoughts?
Vulnerabilities
DepShield reports that this application's usage of http-proxy:1.18.1 results in the following vulnerability(s):
Occurrences
http-proxy:1.18.1 is a transitive dependency introduced by the following direct dependency(s):
• webpack-dev-server:3.11.0
└─ http-proxy-middleware:0.19.1
└─ http-proxy:1.18.1
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
Vulnerabilities
DepShield reports that this application's usage of acorn:6.4.1 results in the following vulnerability(s):
Occurrences
acorn:6.4.1 is a transitive dependency introduced by the following direct dependency(s):
• @rails/webpacker:4.3.0
└─ webpack:4.44.2
└─ acorn:6.4.1
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
Vulnerabilities
DepShield reports that this application's usage of lodash.get:4.4.2 results in the following vulnerability(s):
Occurrences
lodash.get:4.4.2 is a transitive dependency introduced by the following direct dependency(s):
• @rails/webpacker:4.3.0
└─ webpack-assets-manifest:3.1.1
└─ lodash.get:4.4.2
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
Api required to list all establishments in admin.
Related to #9
Admin should be able to enter an establishment name, a particular date and time and receive filtered details on users who have been in and out during the particular time period.
This happens because User schema has been changed. It has no email
now, but has phone_number
, date_of_birth
etc instead. But this change is not reflected while loading sample data.
Vulnerabilities
DepShield reports that this application's usage of express:4.17.1 results in the following vulnerability(s):
Occurrences
express:4.17.1 is a transitive dependency introduced by the following direct dependency(s):
• webpack-dev-server:3.11.0
└─ express:4.17.1
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.