topcoder-platform · kkartunov · Oct 30, 2025 · Oct 9, 2025 · Oct 10, 2025 · Oct 12, 2025
diff --git a/.circleci/config.yml b/.circleci/config.yml
@@ -77,6 +77,7 @@ workflows:
                               - feat/ai-workflows
                               - pm-1955_2
                               - re-try-failed-jobs
+                              - pm-2539
 
 
             - 'build-prod':

diff --git a/.env.sample b/.env.sample
@@ -73,3 +73,5 @@ SENDGRID_ACCEPT_REVIEW_APPLICATION="d-2de72880bd69499e9c16369398d34bb9"
 SENDGRID_REJECT_REVIEW_APPLICATION="d-82ed74e778e84d8c9bc02eeda0f44b5e"
 # For pulling payment details (used by platform-ui)
 FINANCE_DB_URL=
+#Prisma timeout
+REVIEW_SERVICE_PRISMA_TIMEOUT=10000
diff --git a/.github/workflows/trivy.yaml b/.github/workflows/trivy.yaml
@@ -0,0 +1,34 @@
+name: Trivy Scanner
+
+permissions:
+  contents: read
+  security-events: write
+on:
+  push:
+    branches:
+      - main
+      - dev
+  pull_request:
+jobs:
+  trivy-scan:
+    name: Use Trivy
+    runs-on: ubuntu-24.04
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Run Trivy scanner in repo mode
+        uses: aquasecurity/trivy-action@0.33.1
+        with:
+          scan-type: "fs"
+          ignore-unfixed: true
+          format: "sarif"
+          output: "trivy-results.sarif"
+          severity: "CRITICAL,HIGH,UNKNOWN"
+          scanners: vuln,secret,misconfig,license
+          github-pat: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Upload Trivy scan results to GitHub Security tab
+        uses: github/codeql-action/upload-sarif@v3
+        with:
+          sarif_file: "trivy-results.sarif"
diff --git a/package.json b/package.json
@@ -19,6 +19,7 @@
     "test:cov": "jest --coverage",
     "test:debug": "node --inspect-brk -r tsconfig-paths/register -r ts-node/register node_modules/.bin/jest --runInBand",
     "test:e2e": "jest --config ./test/jest-e2e.json",
+    "db:migrate": "ts-node prisma/migrate.ts",
     "postinstall": "pnpm exec prisma generate && pnpm exec prisma generate --schema=prisma/challenge-schema.prisma && pnpm exec prisma generate --schema=prisma/resource-schema.prisma && pnpm exec prisma generate --schema=prisma/member-schema.prisma"
   },
   "dependencies": {
@@ -34,7 +35,7 @@
     "@prisma/client": "^6.3.1",
     "@types/jsonwebtoken": "^9.0.9",
     "archiver": "^6.0.2",
-    "axios": "^1.9.0",
+    "axios": "^1.12.0",
     "class-transformer": "^0.5.1",
     "class-validator": "^0.14.1",
     "cors": "^2.8.5",
@@ -81,7 +82,7 @@
     "winston": "^3.17.0"
   },
   "prisma": {
-    "seed": "ts-node prisma/migrate.ts",
+    "seed": "pnpm run db:migrate",
     "seed222": "ts-node prisma/seed.ts"
   },
   "jest": {
@@ -104,4 +105,4 @@
     "coverageDirectory": "../coverage",
     "testEnvironment": "node"
   }
-}
+}
diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml
diff --git a/prisma/challenge-schema.prisma b/prisma/challenge-schema.prisma
@@ -589,8 +589,9 @@ model ChallengeReviewer {
   isMemberReview      Boolean
   memberReviewerCount Int?
   phaseId             String
-  basePayment         Float?
-  incrementalPayment  Float?
+  fixedAmount           Float? @default(0)
+  baseCoefficient           Float?
+  incrementalCoefficient    Float?
   type                ReviewOpportunityTypeEnum?
   aiWorkflowId        String?                    @db.VarChar(14)
 
@@ -622,8 +623,9 @@ model DefaultChallengeReviewer {
   isMemberReview      Boolean
   memberReviewerCount Int?
   phaseName           String
-  basePayment         Float?
-  incrementalPayment  Float?
+  fixedAmount           Float? @default(0)
+  baseCoefficient           Float?
+  incrementalCoefficient    Float?
   opportunityType     ReviewOpportunityTypeEnum?
   isAIReviewer        Boolean