[PROD RELEASE V6]

.circleci/config.yml

@@ -221,6 +221,7 @@ workflows:
                 - dev
                 - TOP-2044_show-signin-modal
                 - maintenance
+                - review-app
 
       - deployProd:
           context: org-global

.github/workflows/trivy.yaml

@@ -0,0 +1,34 @@
+name: Trivy Scanner
+
+permissions:
+  contents: read
+  security-events: write
+on:
+  push:
+    branches:
+      - main
+      - dev
+  pull_request:
+jobs:
+  trivy-scan:
+    name: Use Trivy
+    runs-on: ubuntu-24.04
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Run Trivy scanner in repo mode
+        uses: aquasecurity/trivy-action@0.33.1
+        with:
+          scan-type: "fs"
+          ignore-unfixed: true
+          format: "sarif"
+          output: "trivy-results.sarif"
+          severity: "CRITICAL,HIGH,UNKNOWN"
+          scanners: vuln,secret,misconfig,license
+          github-pat: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Upload Trivy scan results to GitHub Security tab
+        uses: github/codeql-action/upload-sarif@v3
+        with:
+          sarif_file: "trivy-results.sarif"

src/lib/config/hosts.ts

@@ -23,10 +23,10 @@ export const THRIVE_HOST: string = {
 }[HOST_ENV] || `https://www.${TC_DOMAIN}`;
 
 export const APP_AUTH_CONNECTOR: string = `https://accounts-auth0.${TC_DOMAIN}`;
-export const ONLINE_REVIEW_HOST: string = `https://software.${TC_DOMAIN}`;
+export const REVIEW_APP_HOST: string = `https://review.${TC_DOMAIN}`;
 export const TCACADEMY_HOST: string = `https://academy.${TC_DOMAIN}`;
 export const SELF_SERVICE_HOST: string = `https://work.${TC_DOMAIN}`;
-export const TC_API_V5_HOST: string = `https://api.${TC_DOMAIN}/v5`;
+export const TC_API_HOST: string = `https://api.${TC_DOMAIN}/v6`;
 export const CONNECT_HOST: string = `https://connect.${TC_DOMAIN}`;
 export const WORK_MANAGER_HOST: string = `https://challenges.${TC_DOMAIN}`;
 export const PROFILE_HOST: string = `https://profiles.${TC_DOMAIN}`;

src/lib/config/nav-menu/all-nav-items.config.ts

@@ -6,7 +6,7 @@ import {
     COMMUNITY_HOST,
     CONNECT_HOST,
     COPILOT_PORTAL_HOST,
-    ONLINE_REVIEW_HOST,
+    REVIEW_APP_HOST,
     TALENT_SEARCH_HOST,
     TCACADEMY_HOST,
     PLATFORM_APP_HOST,
@@ -142,7 +142,7 @@ export const allNavItems: {[key: string]: NavMenuItem} = {
     },
     review: {
         label: 'Review',
-        url: ONLINE_REVIEW_HOST,
+        url: REVIEW_APP_HOST,
         icon: 'review',
         description: 'Review submissions',
     },

src/lib/functions/profile-nudges.ts

@@ -1,4 +1,4 @@
-import { TC_API_V5_HOST } from "lib/config";
+import { TC_API_HOST } from "lib/config";
 import type { AuthUser } from "lib/app-context";
 import { DISABLE_NUDGES, NUDGES_DISABLED_HOSTS } from "lib/config/profile-toasts.config";
 
@@ -51,7 +51,7 @@ export const fetchUserProfileCompletedness = async (user: AuthUser, force = fals
   // for QA purpose only
   const toastOverrideFlagParam = (window?.location.search.match(/[?&]+toast=(\w+)/i) ?? [])[1];
   const toastOverrideFlag = toastOverrideFlagParam ? `?toast=${toastOverrideFlagParam}` : '';
-  const requestUrl: string = `${TC_API_V5_HOST}/members/${userHandle}/profileCompleteness${toastOverrideFlag}`;
+  const requestUrl: string = `${TC_API_HOST}/members/${userHandle}/profileCompleteness${toastOverrideFlag}`;
   const request = fetch(requestUrl, {headers: {...getRequestAuthHeaders()}});
 
   const response = await (await request).json();

src/lib/functions/support/support.service.ts

@@ -1,8 +1,8 @@
-import { TC_API_V5_HOST } from 'lib/config';
+import { TC_API_HOST } from 'lib/config';
 import type { ContactSupportRequest } from './contact-support-request.model'
 
 export async function sendSupportRequest(request: ContactSupportRequest): Promise<any> {
-  const url: string = `${TC_API_V5_HOST}/challenges/support-requests`
+  const url: string = `${TC_API_HOST}/challenges/support-requests`
 
   return fetch(url, {
     method: 'POST',

src/lib/functions/user-profile.provider.ts

@@ -1,6 +1,6 @@
 import type { AuthUser } from '../../main';
 import { AUTH_USER_ROLE, AUTH_USER_ROLE_VALUES } from '../config/auth';
-import { TC_API_V5_HOST } from '../config';
+import { TC_API_HOST } from '../config';
 import { getAuthJwtDomainProp, getRequestAuthHeaders } from './auth-jwt';
 
 export type fetchUserProfileFn = () => AuthUser | null;
@@ -46,7 +46,7 @@ export const fetchUserProfile = async (): Promise<AuthUser> => {
   let resolve: (value: AuthUser) => void;
   localCache[userHandle] = new Promise((r) => {resolve = r});
 
-  const requestUrl: string = `${TC_API_V5_HOST}/members/${userHandle}`;
+  const requestUrl: string = `${TC_API_HOST}/members/${userHandle}`;
   const request = fetch(requestUrl, {headers: {...getRequestAuthHeaders()}});
 
   const response = await (await request).json();

types/src/lib/config/hosts.d.ts

@@ -6,10 +6,10 @@ export declare const CHALLENGE_HOST: string;
 export declare const COMMUNITY_HOST: string;
 export declare const THRIVE_HOST: string;
 export declare const APP_AUTH_CONNECTOR: string;
-export declare const ONLINE_REVIEW_HOST: string;
+export declare const REVIEW_APP_HOST: string;
 export declare const TCACADEMY_HOST: string;
 export declare const SELF_SERVICE_HOST: string;
-export declare const TC_API_V5_HOST: string;
+export declare const TC_API_HOST: string;
 export declare const CONNECT_HOST: string;
 export declare const WORK_MANAGER_HOST: string;
 export declare const PROFILE_HOST: string;