build: release v5.6.0

[karrui]

Release v5.6.0

This release includes quite a bit of Typescript migration and improvements, as well as first bits of API refactors from their current routes to clearer /api/v3/ rooted routes.

Features

• refactor(misc-api): duplicate misc endpoints to new /api/v3 router #1573
• refactor(user-api): duplicate user endpoints to new /api/v3 router #1553
• ref(auth-api): duplicate auth endpoints to new /api/v3 router #1551

Improvements

• chore: add createReqMeta to verification module logging #1562
• chore: disable no-await-without-trycatch in backend #1623
• chore: rearrange directory structure #1606
• feat: migrate EncryptSubmissionRouter to own router, remove unused forms.server.controller, remove jasmine #1592
• ref: migrate (most) /adminform endpoints to TypeScript, add integration tests #1567
• refactor: collapse email preview submission middleware #1561
• refactor: collapse encrypt preview submission middleware #1554
• refactor: convert Bounce module to use neverthrow #1591
• refactor: migrate admin-console client service to ts #1531
• refactor: migrate frontend routes and google analytics factory to ts #1405
• refactor: migrate public routes to TypeScript #1595
• refactor: Minor cleanup to avoid using res.locals #1621
• refactor: Refactor attachment upload into a service #1547
• refactor: remove typecasts and non-null assertions #1596
• refactor: update getPublicForm endpoint to typescript #1398
• refactor(admin-form/controller): changed if-else in admin-form controller into chains #1622
• refactor(webhook-services): migrate webhook services to neverthrow #1529
• test: fix flakiness (again) by hardcoding created dates #1604
• test: fix flaky form feedback test #1620
• test: migrate file-validation util tests to TypeScript #1578
• test: migrate logic.spec from javascript to typescript #1587
• test: publicform integration tests #1572

Fixes

• fix: /adminform integration tests being flakey by loosening some checks #1584
• fix: clear current worker pool on download #1590
• fix: convert bigint to string, not number to avoid losing fidelity #1577

Dependency changes

• chore: uninstall sinon and ts-mock-imports (forreal) #1611
• fix(deps): bump @opengovsg/spcp-auth-client from 1.4.4 to 1.4.5 [#1555 (https://github.com/fix(deps): bump @opengovsg/spcp-auth-client from 1.4.4 to 1.4.5 #1555)
• [Snyk] Security upgrade mongoose from 5.11.10 to 5.12.3 #1538
• fix(deps): bump aws-sdk from 2.879.0 to 2.880.0 #1570
• fix(deps): bump aws-sdk from 2.880.0 to 2.882.0 #1585
• fix(deps): bump aws-sdk from 2.882.0 to 2.883.0 #1609
• fix(deps): bump aws-sdk from 2.883.0 to 2.884.0 #1615
• fix(deps): bump libphonenumber-js from 1.9.14 to 1.9.16 #1569
• fix(deps): bump twilio from 3.59.0 to 3.60.0 #1601
• fix(deps): bump web-streams-polyfill from 3.0.2 to 3.0.3 #1618
• fix(deps): bump winston-cloudwatch from 2.5.0 to 2.5.1 #1614
• fix(deps): bump winston-cloudwatch from 2.5.1 to 2.5.2 #1626
• chore(deps-dev): bump @babel/core from 7.13.14 to 7.13.15 #1600
• chore(deps-dev): bump @babel/plugin-transform-runtime #1602
• chore(deps-dev): bump @babel/preset-env from 7.13.12 to 7.13.15 #1599
• chore(deps-dev): bump @types/bcrypt from 3.0.0 to 3.0.1 #1619
• chore(deps-dev): bump @types/mongodb from 3.6.10 to 3.6.12 #1557
• chore(deps-dev): bump @typescript-eslint/eslint-plugin #1556
• chore(deps-dev): bump @typescript-eslint/eslint-plugin #1625
• chore(deps-dev): bump @typescript-eslint/parser from 4.20.0 to 4.21.0 #1558
• chore(deps-dev): bump @typescript-eslint/parser from 4.21.0 to 4.22.0 #1627
• chore(deps-dev): bump concurrently from 6.0.0 to 6.0.1 #1568
• chore(deps-dev): bump core-js from 3.9.1 to 3.10.1 #1608
• chore(deps-dev): bump date-fns from 2.19.0 to 2.20.0 #1607
• chore(deps-dev): bump date-fns from 2.20.0 to 2.20.1 #1617
• chore(deps-dev): bump date-fns from 2.20.1 to 2.20.2 #1628
• chore(deps-dev): bump eslint from 7.23.0 to 7.24.0 #1613
• chore(deps-dev): bump eslint-plugin-jest from 24.3.3 to 24.3.4 #1559
• chore(deps-dev): bump eslint-plugin-jest from 24.3.4 to 24.3.5 #1616
• chore(deps-dev): bump ngrok from 4.0.0 to 4.0.1 #1560
• chore(deps-dev): bump testcafe from 1.13.0 to 1.14.0 #1580
• chore(deps-dev): bump typescript from 4.1.5 to 4.2.4 #1624

[karrui]

@karrui

Tests

/api/v3/user

• Updating user emergency contact should work; check network tab and ensure new endpoint is being used
  • 404'd, hitting wrong endpoint it seems. Will fix and recut release. Fixed in fix: call correct user update emergency contact endpoint #1631

/api/v3/statistics

• Viewing landing page statistics should work; check network tab and ensure new endpoint is being used

/api/v3/billings

• Retrieving billing info should work; check network tab and ensure new endpoint is being used

[karrui]

@mantariksh (sorry you are the only other person with GSIB)

Tests

Can probably do this alongside IE11/GSIB tests

/adminform refactor

All /adminform endpoints should work as is;

• view dashboard forms
• create email mode form
• create storage mode form
• view form builder
• update form fields
• update form logic
• delete form
• duplicate form
• transfer form ownership
• call /use-template on a form that does not belong to you; you may use https://staging.form.gov.sg/#!/6075052afcec600011922602
• go to examples tab and look at a form; should display successfully
• preview your own form
• submit and view admin form feedback
• download form feedback
• form feedback count should be correct
• storage mode responses count should be correct
• view storage mode responses list
• view individual storage mode response
• upload image to image field
• upload new form logo

EncryptSubmissionRouter

• Should submit storage mode form successfully. Go and view response; should decrypt successfully

fix double download of csv

• Attempt to download responses consecutively. The modal should not be stuck anymore and downloads should succeed. Try various combinations of csv-only, csv+attachments, etc.

Public form

• isIntranetUser should be true, should show warning in form that has auth

Intranet IE11 runthrough

• Create email mode form with all fields and custom start/end page. Activate and submit form. Check that you can receive responses in your intranet inbox.
• Collaborators can be added in email mode.
• Create storage mode form with all fields and custom start/end page. Activate and submit form.
• Response CSV can be downloaded for storage mode.
• Responses can be viewed in Data tab in storage mode.
• Attachments for individual fields can be downloaded from Data tab in storage mode.
• Attachment ZIP for submission can be downloaded from Data tab in storage mode.
• Submission IDs can be filtered in storage mode.
• Collaborators can be added and their collaborating rights edited in storage mode.

[karrui]

@tshuli

Tests

email preview submission middleware collapse

• Create an email mode form with an email field with email confirmation. Submit the form in preview mode. You should receive both the admin response and the email confirmation, but the data tab should still show 0 responses.
• Change the authType to SP and submit in preview mode. You should still receive the email confirmation and response email, with mock SingPass values.
• Repeat with CorpPass
• Add MyInfo fields and repeat with MyInfo. Additionally, all MyInfo fields should be shown with the [MyInfo] prefix in the response email.

encrypt preview submission middleware collapse

• Create a storage mode form and add an email field with email confirmation. Submit it in preview mode. You should not be able to see the response in the data tab, but you should receive the email confirmation.
• Change the authType to SP and submit in preview mode.
• Change the authType to CP and submit in preview mode.

[karrui]

@karrui

Tests

Bounce neverthrow

• Create an email mode form. Add a valid collaborator with a registered contact number, and add a non-existent email as one of the email recipients. Submit the form. The form should NOT be deactivated, and the valid email recipient should not receive any emails/SMSes (other than the response itself). Check the document in the Bounces collection corresponding to the form ID. The bounces array should contain the correct hasBounced key for each email address.
• Remove all valid email recipients and leave only non-existent emails. Submit the form. The form should be deactivated, and the form admin + collaborators should receive ONE email and TWO smses each, informing them of the bounce and form deactivation.

[karrui]

@tshuli

Tests

admin-console client service

• Click on examples after logging in - there should be multiple examples loaded
• Login and create a form. Navigate to share and then click copy on Share Template. Open the copied url in another tab - the form should open as a template.
• Login and navigate to billing.
  1. entering an invalid eserviceId should have 0 logins
  2. entering a valid eserviceId should have the logins for the specified time period.

[karrui]

@tshuli

Tests

/frontend route refactor

• Create a form. Open. Submit. Check that event shows up correctly on google analytics
• Check that /frontend/environment endpoint displays the envvars
• Check that /frontend/features endpoint displays the list of features and their activation state

[karrui]

@karrui

Tests

public form api refactor

storage mode

• create a form without authentication and share it. form should be viewable
• create a SP authenticated form and share it. form should be viewable before/after signing in
• create a CP authenticated form and share it. form should be viewable before/after signing in
• for SP and CP forms, refresh the form after signing in and ensure that you are still signed in
• for SP and CP forms, go to another SP/CP form after signing in and ensure that you are still signed in

email mode

• create a form without authentication and share it. form should be viewable
• create a SP authenticated form and share it. form should be viewable before/after signing in
• create a CP authenticated form and share it. form should be viewable before/after signing in
• create a myInfo authenticated form and share it. form should be viewable before/after signing in.
• create a myInfo authenticated form and share it. reject the signin attempt on mockpass. form should have MyInfoError
• for SP and CP forms, refresh the form after signing in and ensure that you are still signed in
• for SP and CP forms, go to another SP/CP form after signing in and ensure that you are still signed in
• for MyInfo forms, refresh the form after signing in and ensure that you are NOT still signed in and MyInfo cookie is cleared

[karrui]

@mantariksh

Tests

webhook server service neverthrow

• Use ngrok to setup a webhook endpoint and setup a form with it
• Set up the recieving server to return a 200 status code with some data and headers
• Check that POST requests are recieved at the endpoint when the form is submitted
• Check that the body and headers of the request are saved to the database correctly
• Set up the receiving server to return a 400 status code with some data and headers
• Check that an error is logged with the appropriate status code and data
• Shut down the receiving server but keep ngrok running
• Check that an error is logged with a 5xx status code and data