Upgrade to All Packages and EcmaVersions

.eslintrc.json

@@ -6,7 +6,7 @@
   "extends": ["airbnb-base", "plugin:jest/recommended", "plugin:security/recommended", "plugin:prettier/recommended"],
   "plugins": ["jest", "security", "prettier"],
   "parserOptions": {
-    "ecmaVersion": 2018
+    "ecmaVersion": 2022
   },
   "rules": {
     "no-console": "error",

package.json

@@ -52,44 +52,44 @@
     "bcryptjs": "^2.4.3",
     "compression": "^1.7.4",
     "cors": "^2.8.5",
-    "cross-env": "^7.0.0",
-    "dotenv": "^10.0.0",
-    "express": "^4.17.1",
-    "express-mongo-sanitize": "^2.0.0",
-    "express-rate-limit": "^5.0.0",
-    "helmet": "^4.1.0",
-    "http-status": "^1.4.0",
-    "joi": "^17.3.0",
-    "jsonwebtoken": "^8.5.1",
-    "moment": "^2.24.0",
-    "mongoose": "^5.7.7",
-    "morgan": "^1.9.1",
-    "nodemailer": "^6.3.1",
-    "passport": "^0.4.0",
-    "passport-jwt": "^4.0.0",
-    "pm2": "^5.1.0",
-    "swagger-jsdoc": "^6.0.8",
-    "swagger-ui-express": "^4.1.6",
-    "validator": "^13.0.0",
-    "winston": "^3.2.1",
+    "cross-env": "^7.0.3",
+    "dotenv": "^16.0.3",
+    "express": "^4.18.2",
+    "express-mongo-sanitize": "^2.2.0",
+    "express-rate-limit": "^6.7.0",
+    "helmet": "^6.0.1",
+    "http-status": "^1.6.2",
+    "joi": "^17.7.0",
+    "jsonwebtoken": "^9.0.0",
+    "moment": "^2.29.4",
+    "mongoose": "^6.8.3",
+    "morgan": "^1.10.0",
+    "nodemailer": "^6.9.0",
+    "passport": "^0.6.0",
+    "passport-jwt": "^4.0.1",
+    "pm2": "^5.2.2",
+    "swagger-jsdoc": "^6.2.8",
+    "swagger-ui-express": "^4.6.0",
+    "validator": "^13.7.0",
+    "winston": "^3.8.2",
     "xss-clean": "^0.1.1"
   },
   "devDependencies": {
-    "coveralls": "^3.0.7",
-    "eslint": "^7.0.0",
-    "eslint-config-airbnb-base": "^14.0.0",
-    "eslint-config-prettier": "^8.1.0",
-    "eslint-plugin-import": "^2.18.2",
-    "eslint-plugin-jest": "^24.0.1",
-    "eslint-plugin-prettier": "^3.1.1",
-    "eslint-plugin-security": "^1.4.0",
-    "faker": "^5.1.0",
-    "husky": "^7.0.0",
-    "jest": "^26.0.1",
-    "lint-staged": "^11.0.0",
-    "node-mocks-http": "^1.8.0",
-    "nodemon": "^2.0.0",
-    "prettier": "^2.0.5",
-    "supertest": "^6.0.1"
+    "@faker-js/faker": "^7.6.0",
+    "coveralls": "^3.1.1",
+    "eslint": "^8.32.0",
+    "eslint-config-airbnb-base": "^15.0.0",
+    "eslint-config-prettier": "^8.6.0",
+    "eslint-plugin-import": "^2.27.5",
+    "eslint-plugin-jest": "^27.2.1",
+    "eslint-plugin-prettier": "^4.2.1",
+    "eslint-plugin-security": "^1.6.0",
+    "husky": "^8.0.3",
+    "jest": "^29.3.1",
+    "lint-staged": "^13.1.0",
+    "node-mocks-http": "^1.12.1",
+    "nodemon": "^2.0.20",
+    "prettier": "^2.8.3",
+    "supertest": "^6.3.3"
   }
 }

src/config/config.js

@@ -38,7 +38,6 @@ module.exports = {
   mongoose: {
     url: envVars.MONGODB_URL + (envVars.NODE_ENV === 'test' ? '-test' : ''),
     options: {
-      useCreateIndex: true,
       useNewUrlParser: true,
       useUnifiedTopology: true,
     },

src/index.js

@@ -3,6 +3,9 @@ const app = require('./app');
 const config = require('./config/config');
 const logger = require('./config/logger');
 
+// Mongoose Strict Query Deprecation Warning suppression
+mongoose.set('strictQuery', false);
+
 let server;
 mongoose.connect(config.mongoose.url, config.mongoose.options).then(() => {
   logger.info('Connected to MongoDB');

src/middlewares/auth.js

@@ -20,12 +20,14 @@ const verifyCallback = (req, resolve, reject, requiredRights) => async (err, use
   resolve();
 };
 
-const auth = (...requiredRights) => async (req, res, next) => {
-  return new Promise((resolve, reject) => {
-    passport.authenticate('jwt', { session: false }, verifyCallback(req, resolve, reject, requiredRights))(req, res, next);
-  })
-    .then(() => next())
-    .catch((err) => next(err));
-};
+const auth =
+  (...requiredRights) =>
+  async (req, res, next) => {
+    return new Promise((resolve, reject) => {
+      passport.authenticate('jwt', { session: false }, verifyCallback(req, resolve, reject, requiredRights))(req, res, next);
+    })
+      .then(() => next())
+      .catch((err) => next(err));
+  };
 
 module.exports = auth;

tests/fixtures/user.fixture.js

@@ -1,6 +1,6 @@
 const mongoose = require('mongoose');
 const bcrypt = require('bcryptjs');
-const faker = require('faker');
+const { faker } = require('@faker-js/faker');
 const User = require('../../src/models/user.model');
 
 const password = 'password1';
@@ -9,7 +9,7 @@ const hashedPassword = bcrypt.hashSync(password, salt);
 
 const userOne = {
   _id: mongoose.Types.ObjectId(),
-  name: faker.name.findName(),
+  name: faker.name.fullName(),
   email: faker.internet.email().toLowerCase(),
   password,
   role: 'user',
@@ -18,7 +18,7 @@ const userOne = {
 
 const userTwo = {
   _id: mongoose.Types.ObjectId(),
-  name: faker.name.findName(),
+  name: faker.name.fullName(),
   email: faker.internet.email().toLowerCase(),
   password,
   role: 'user',
@@ -27,7 +27,7 @@ const userTwo = {
 
 const admin = {
   _id: mongoose.Types.ObjectId(),
-  name: faker.name.findName(),
+  name: faker.name.fullName(),
   email: faker.internet.email().toLowerCase(),
   password,
   role: 'admin',

tests/integration/auth.test.js

@@ -1,5 +1,5 @@
 const request = require('supertest');
-const faker = require('faker');
+const { faker } = require('@faker-js/faker');
 const httpStatus = require('http-status');
 const httpMocks = require('node-mocks-http');
 const moment = require('moment');
@@ -23,7 +23,7 @@ describe('Auth routes', () => {
     let newUser;
     beforeEach(() => {
       newUser = {
-        name: faker.name.findName(),
+        name: faker.name.fullName(),
         email: faker.internet.email().toLowerCase(),
         password: 'password1',
       };

tests/integration/user.test.js

@@ -1,5 +1,5 @@
 const request = require('supertest');
-const faker = require('faker');
+const { faker } = require('@faker-js/faker');
 const httpStatus = require('http-status');
 const app = require('../../src/app');
 const setupTestDB = require('../utils/setupTestDB');
@@ -15,7 +15,7 @@ describe('User routes', () => {
 
     beforeEach(() => {
       newUser = {
-        name: faker.name.findName(),
+        name: faker.name.fullName(),
         email: faker.internet.email().toLowerCase(),
         password: 'password1',
         role: 'user',
@@ -482,7 +482,7 @@ describe('User routes', () => {
     test('should return 200 and successfully update user if data is ok', async () => {
       await insertUsers([userOne]);
       const updateBody = {
-        name: faker.name.findName(),
+        name: faker.name.fullName(),
         email: faker.internet.email().toLowerCase(),
         password: 'newPassword1',
       };
@@ -510,14 +510,14 @@ describe('User routes', () => {
 
     test('should return 401 error if access token is missing', async () => {
       await insertUsers([userOne]);
-      const updateBody = { name: faker.name.findName() };
+      const updateBody = { name: faker.name.fullName() };
 
       await request(app).patch(`/v1/users/${userOne._id}`).send(updateBody).expect(httpStatus.UNAUTHORIZED);
     });
 
     test('should return 403 if user is updating another user', async () => {
       await insertUsers([userOne, userTwo]);
-      const updateBody = { name: faker.name.findName() };
+      const updateBody = { name: faker.name.fullName() };
 
       await request(app)
         .patch(`/v1/users/${userTwo._id}`)
@@ -528,7 +528,7 @@ describe('User routes', () => {
 
     test('should return 200 and successfully update user if admin is updating another user', async () => {
       await insertUsers([userOne, admin]);
-      const updateBody = { name: faker.name.findName() };
+      const updateBody = { name: faker.name.fullName() };
 
       await request(app)
         .patch(`/v1/users/${userOne._id}`)
@@ -539,7 +539,7 @@ describe('User routes', () => {
 
     test('should return 404 if admin is updating another user that is not found', async () => {
       await insertUsers([admin]);
-      const updateBody = { name: faker.name.findName() };
+      const updateBody = { name: faker.name.fullName() };
 
       await request(app)
         .patch(`/v1/users/${userOne._id}`)
@@ -550,7 +550,7 @@ describe('User routes', () => {
 
     test('should return 400 error if userId is not a valid mongo id', async () => {
       await insertUsers([admin]);
-      const updateBody = { name: faker.name.findName() };
+      const updateBody = { name: faker.name.fullName() };
 
       await request(app)
         .patch(`/v1/users/invalidId`)

tests/unit/models/user.model.test.js

@@ -1,12 +1,12 @@
-const faker = require('faker');
+const { faker } = require('@faker-js/faker');
 const { User } = require('../../../src/models');
 
 describe('User model', () => {
   describe('User validation', () => {
     let newUser;
     beforeEach(() => {
       newUser = {
-        name: faker.name.findName(),
+        name: faker.name.fullName(),
         email: faker.internet.email().toLowerCase(),
         password: 'password1',
         role: 'user',
@@ -46,7 +46,7 @@ describe('User model', () => {
   describe('User toJSON()', () => {
     test('should not return user password when toJSON is called', () => {
       const newUser = {
-        name: faker.name.findName(),
+        name: faker.name.fullName(),
         email: faker.internet.email().toLowerCase(),
         password: 'password1',
         role: 'user',

tests/utils/setupTestDB.js

@@ -1,6 +1,9 @@
 const mongoose = require('mongoose');
 const config = require('../../src/config/config');
 
+// Mongoose Strict Query Deprecation Warning suppression
+mongoose.set('strictQuery', false);
+
 const setupTestDB = () => {
   beforeAll(async () => {
     await mongoose.connect(config.mongoose.url, config.mongoose.options);