Preflight Checklist

• I have read the Contributions.md for this project.
• I agree to follow the Code of Conduct that this project adheres to.
• I have searched the feature for a feature request that matches the one I want to file, without success.

Problem Description

The certificate generated doesn't contain the date it was issued on.

Proposed Solution

Adding the issued date to the certificate.

Alternatives Considered

None

Additional Information

No response

Preflight Checklist

• I have read the Contribution.md for this project.
• I agree to follow the Code of Conduct that this project adheres to.
• I have searched the issue for a feature request that matches the one I want to file, without success.

Version

0.0.1

Current Behavior

All code related to clustering exists in bin/www file making it a total mess.

Expected Behavior

Code related to clustering should be in helpers/cluster.helper.js which should be imported in bin/www.
Thus streamlining the entire process.

Additional Information

No response

Preflight Checklist

• I have read the Contributions.md for this project.
• I agree to follow the Code of Conduct that this project adheres to.
• I have searched the feature for a feature request that matches the one I want to file, without success.

Problem Description

The certificate chooses images of the user and the project owner with no way to remove it if needed.

Proposed Solution

Add an options to toggle the images to be used in the certificate.

Alternatives Considered

None

Additional Information

No response

Preflight Checklist

• I have read the Contribution.md for this project.
• I agree to follow the Code of Conduct that this project adheres to.
• I have searched the issue for a feature request that matches the one I want to file, without success.

Version

0.0.1

Current Behavior

Passport error is treated as a unexpected error and a JSON is displayed on the webpage.

Expected Behavior

We should have a PassportError which extends CustomError.

And on handleError it should redirect it to frontend as :

const url = new URL( `${process.env.FRONTEND_URL}/recievedToken.html`)
// put getResponse as query params
res.redirect(
    `${process.env.FRONTEND_URL}/recievedToken.html?errorType=.........`
);

Additional Information

NA

Preflight Checklist

• I have read the Contribution.md for this project.
• I agree to follow the Code of Conduct that this project adheres to.
• I have searched the issue for a feature request that matches the one I want to file, without success.

Version

0.0.1

Current Behavior

Tests for jwt.helper.js is missing

Expected Behavior

jwt.helper.js should have test cases.

Additional Information

NA

Preflight Checklist

• I have read the Contributions.md for this project.
• I agree to follow the Code of Conduct that this project adheres to.
• I have searched the feature for a feature request that matches the one I want to file, without success.

Problem Description

The certificate doesn't show when the last contribution was made by the user.

Proposed Solution

Add the last contribution date to the certificate.

Alternatives Considered

None

Additional Information

No response

Preflight Checklist

• I have read the Contributions.md for this project.
• I agree to follow the Code of Conduct that this project adheres to.
• I have searched the feature for a feature request that matches the one I want to file, without success.

Problem Description

Anyone with a public repository and a few commits is able to generate a certificate.

Proposed Solution

Create an entry barrier that allows only open-source repositories with some reputation to be used for creating certificates.

Alternatives Considered

None

Additional Information

No response

Preflight Checklist

• I have read the Contributions.md for this project.
• I agree to follow the Code of Conduct that this project adheres to.
• I have searched the feature for a feature request that matches the one I want to file, without success.

Problem Description

No helper file present to fetch repo, user's commits, user's pull_requests, etc for a BitBucket repo.

Proposed Solution

Create a bitbucket.helper.js using this package.

Docs : https://www.npmjs.com/package/bitbucket

Alternatives Considered

NA

Additional Information

No response

Preflight Checklist

• I have read the Contribution.md for this project.
• I agree to follow the Code of Conduct that this project adheres to.
• I have searched the issue for a feature request that matches the one I want to file, without success.

Version

0.0.1

Current Behavior

Test should return certificate details when valid certificate id is provided randomly fails when there is no certificates already generated in the DB.

Expected Behavior

This test should always create a new test certificate and test for that.

Additional Information

NA

Preflight Checklist

• I have read the Contributions.md for this project.
• I agree to follow the Code of Conduct that this project adheres to.
• I have searched the feature for a feature request that matches the one I want to file, without success.

Problem Description

There is no validation for the post request, which contains includeRepositoryImage and includeUserImage, and has boolean values.

Proposed Solution

Add validation check so that their is no scope of misconfiguration of API in front-end.

Alternatives Considered

None

Additional Information

No response

Preflight Checklist

• I have read the Contribution.md for this project.
• I agree to follow the Code of Conduct that this project adheres to.
• I have searched the issue for a feature request that matches the one I want to file, without success.

Version

0.0.1

Current Behavior

If I try to decode the user-token using JWT Decode .

I get user's public data but along with it I also get the third-party Oauth Token.
This could cause potential vulnerability.

Expected Behavior

Third-party Oauth Token should be stored in a encrypted way and can be decrypted while validating user-token.

Additional Information

You may use https://www.npmjs.com/package/aes256

Preflight Checklist

• I have read the Contributions.md for this project.
• I agree to follow the Code of Conduct that this project adheres to.
• I have searched the feature for a feature request that matches the one I want to file, without success.

Problem Description

Need documentation regarding generating Github client ID to be used in the open-certs backend.

Proposed Solution

Writing a technical documentation regarding github client ID.

Alternatives Considered

N/A

Additional Information

No response

Preflight Checklist

• I have read the Contributions.md for this project.
• I agree to follow the Code of Conduct that this project adheres to.
• I have searched the feature for a feature request that matches the one I want to file, without success.

Problem Description

No helper file present to fetch repo, user's commits, user's pull_requests, etc for a Gitlab repo.

Proposed Solution

Create a gitlab.helper.js using this package.

Docs : https://github.com/jdalrymple/gitbeaker#readme

Alternatives Considered

NA

Additional Information

Follow the format of github.helper.js

Preflight Checklist

• I have read the Contributions.md for this project.
• I agree to follow the Code of Conduct that this project adheres to.
• I have searched the feature for a feature request that matches the one I want to file, without success.

Problem Description

Some one can write a simple script using puppeteer to continuously keep creating certificate for a single project.

Proposed Solution

Use Recaptcha v2 to prevent the above.

Alternatives Considered

Caching

Additional Information

No response

Preflight Checklist

• I have read the Contribution.md for this project.
• I agree to follow the Code of Conduct that this project adheres to.
• I have searched the issue for a feature request that matches the one I want to file, without success.

Version

0.0.1

Current Behavior

We are handling response for CustomError in the errorhandler.helper.js so in future if we multiple CustomError which needs to be handled differently then we will had to increase the if-else ladder in errorhandler.helper.js.

Expected Behavior

CustomError should have a handleError which will take res as parameter and abstracts :

res.status(err.status).json({
   error: err.getResponse()
});

And this err.handleError(res) should be called in errorhandler.helper.js.

Additional Information

NA

Preflight Checklist

• I have read the Contributions.md for this project.
• I agree to follow the Code of Conduct that this project adheres to.
• I have searched the feature for a feature request that matches the one I want to file, without success.

Problem Description

For validating the authenticity of the certificate there is already a QR code in the certificate but for a more handly way for quick validation, we can also give unique IDs printed on the certificates, for one-click verification, on the website.

Proposed Solution

Add a unique ID on the certificate maintaining the proper design, unique ID can be the Object ID of the certificate itself.

Alternatives Considered

NA

Additional Information

NA

Preflight Checklist

• I have read the Contribution.md for this project.
• I agree to follow the Code of Conduct that this project adheres to.
• I have searched the issue for a feature request that matches the one I want to file, without success.

Version

0.0.1

Current Behavior

We need to give BITBUCKET_CLIENT_ID and BITBUCKET_CLIENT_SECRET in the .env file but there is no docs how to obtain them.

Expected Behavior

There should be a /docs folder.
It should have a BITBUCKET_SETUP.md containing steps to obtain BITBUCKET_CLIENT_ID and BITBUCKET_CLIENT_SECRET .

Additional Information

Also mention link to this file in the setup section of README.md

Preflight Checklist

• I have read the Contributions.md for this project.
• I agree to follow the Code of Conduct that this project adheres to.
• I have searched the feature for a feature request that matches the one I want to file, without success.

Problem Description

There is no API to fetch the certificate details based on certificate ID.

Proposed Solution

Make a API to get certificate details based on Certificate ID.

Alternatives Considered

NA

Additional Information

No response

Preflight Checklist

• I have read the Contributions.md for this project.
• I agree to follow the Code of Conduct that this project adheres to.
• I have searched the feature for a feature request that matches the one I want to file, without success.

Problem Description

Bitbucket Login doesn't exist but many open source softwares are still maintained on Bitbucket.
Thus Bitbucket should be supported.

Proposed Solution

We can use passport-bitbucket-oauth2 as we are already using passport

Alternatives Considered

None

Additional Information

No response

Preflight Checklist

• I have read the Contribution.md for this project.
• I agree to follow the Code of Conduct that this project adheres to.
• I have searched the issue for a feature request that matches the one I want to file, without success.

Version

0.01

Current Behavior

Shows error when trying to generate certificate from project token created using a GitLab Project

Expected Behavior

Should generate Certificate

Additional Information

No response

Preflight Checklist

• I have read the Contribution.md for this project.
• I agree to follow the Code of Conduct that this project adheres to.
• I have searched the issue for a feature request that matches the one I want to file, without success.

Version

0.0.1

Current Behavior

We need to give GITHUB_CLIENT_ID and GITHUB_CLIENT_SECRET in the .env file but there is no docs how to obtain them.

Expected Behavior

There should be a /docs folder.
It should have a GITHUB_SETUP.md containing steps to obtain GITHUB_CLIENT_ID and GITHUB_CLIENT_SECRET .

Additional Information

Also mention link to this file in the setup section of README.md

Preflight Checklist

• I have read the Contribution.md for this project.
• I agree to follow the Code of Conduct that this project adheres to.
• I have searched the issue for a feature request that matches the one I want to file, without success.

Version

0.0.1

Current Behavior

Once a user is authenticated, then it can access any user specific api.

But a user authenticated with Github should not be able to access Gitlab or Bitbucket specific apis.

Expected Behavior

There should be a middleware in provider.helper.js which should take a provider as parameter and restricts the users accordingly.

Additional Information

NA

Preflight Checklist

• I have read the Contributions.md for this project.
• I agree to follow the Code of Conduct that this project adheres to.
• I have searched the feature for a feature request that matches the one I want to file, without success.

Problem Description

When ever there is a authentication error api throws a CustomError.

Proposed Solution

Instead it should throw a AuthError which extends the CustomError and has a extra field logout: true to tell the frontend to logout the user.

Alternatives Considered

NA

Additional Information

No response

Preflight Checklist

• I have read the Contribution.md for this project.
• I agree to follow the Code of Conduct that this project adheres to.
• I have searched the issue for a feature request that matches the one I want to file, without success.

Version

0.0.1

Current Behavior

If some data required to generate the certificate is not cached on github's end, the github api returns a 202 status along with empty data. Current implementation doesn't have a check for this case and results in incorrect data of project.

Expected Behavior

Return an appropriate error in case the github api returns 202 status.

Additional Information

Open this link to understand how github handles un-cached data.

Preflight Checklist

• I have read the Contributions.md for this project.
• I agree to follow the Code of Conduct that this project adheres to.
• I have searched the feature for a feature request that matches the one I want to file, without success.

Problem Description

When ever Re-captcha fails it should throw CustomError

Proposed Solution

Ideally it should throw ReCaptchaError which extends CustomError for better error management.

Alternatives Considered

NA

Additional Information

No response

Preflight Checklist

• I have read the Contributions.md for this project.
• I agree to follow the Code of Conduct that this project adheres to.
• I have searched the feature for a feature request that matches the one I want to file, without success.

Problem Description

We don't have a global error handler in the code base right now.

Proposed Solution

Use proper error handler which can be replaced by default express error handler.

Also need all catch blocks to redirect to that error handler.

And have multiple error classes for different errors like validation error, Login Error, etc.

Alternatives Considered

NA

Additional Information

No response

Preflight Checklist

• I have read the Contributions.md for this project.
• I agree to follow the Code of Conduct that this project adheres to.
• I have searched the feature for a feature request that matches the one I want to file, without success.

Problem Description

There is no configuration steps of mongo_db url in sample.env file

Proposed Solution

Create doc contains the configuration steps for mongo_db url

Alternatives Considered

No

Additional Information

mention link to this file in the setup section of README.md

Preflight Checklist

• I have read the Contributions.md for this project.
• I agree to follow the Code of Conduct that this project adheres to.
• I have searched the feature for a feature request that matches the one I want to file, without success.

Problem Description

Project controller is missing for gitlab which can take gitlab project id from request and generate project token accordingly with accumulated data.

Proposed Solution

Create a gitlab project controller in project.controller.js

Alternatives Considered

NA

Additional Information

No response

Preflight Checklist

• I have read the Contribution.md for this project.
• I agree to follow the Code of Conduct that this project adheres to.
• I have searched the issue for a feature request that matches the one I want to file, without success.

Version

0.0.1

Current Behavior

Event based mongoDB connection

Expected Behavior

Promised based mongoDB connection

Additional Information

No response

Preflight Checklist

• I have read the Contributions.md for this project.
• I agree to follow the Code of Conduct that this project adheres to.
• I have searched the feature for a feature request that matches the one I want to file, without success.

Problem Description

Gitlab Login doesn't exist but many open source softwares are still maintained on gitlab.
Thus gitlab should be supported.

Proposed Solution

Use passport-gitlab2 to integrate gitlab auth.

Alternatives Considered

None

Additional Information

No response

Preflight Checklist

• I have read the Contributions.md for this project.
• I agree to follow the Code of Conduct that this project adheres to.
• I have searched the feature for a feature request that matches the one I want to file, without success.

Problem Description

Have links associated with all icons for easy access to relevant webpages

Proposed Solution

surround image tags with anchor tags that contains links to corresponding webpages

Alternatives Considered

None

Additional Information

No response

Preflight Checklist

• I have read the Contribution.md for this project.
• I agree to follow the Code of Conduct that this project adheres to.
• I have searched the issue for a feature request that matches the one I want to file, without success.

Version

0.0.1

Current Behavior

If there is any error from github api it comes as "Http-error..." which doesn't reveals anything.

Expected Behavior

We should have a proper GithubError extending CustomError which properly formats the error and reveals intent.

Additional Information

No response

Preflight Checklist

• I have read the Contribution.md for this project.
• I agree to follow the Code of Conduct that this project adheres to.
• I have searched the issue for a feature request that matches the one I want to file, without success.

Version

0.0.1

Current Behavior

README.md doesn't contain the steps to setup the project in a local machine.

Expected Behavior

README.md should contain setup instructions.

Additional Information

Bug in File : README.md

Preflight Checklist

• I have read the Contribution.md for this project.
• I agree to follow the Code of Conduct that this project adheres to.
• I have searched the issue for a feature request that matches the one I want to file, without success.

Version

0.0.1

Current Behavior

Currently PR and issues are missing for bitbucket Oauth scopes.

Both is code and docs.

Expected Behavior

Scopes should be :

['repository', 'account', 'email', 'issue', 'pullrequest']

Additional Information

No response

Preflight Checklist

• I have read the Contribution.md for this project.
• I agree to follow the Code of Conduct that this project adheres to.
• I have searched the issue for a feature request that matches the one I want to file, without success.

Version

0.0.1

Current Behavior

We need to give GITLAB_CLIENT_ID and GITLAB_CLIENT_SECRET in the .env file but there is no docs how to obtain them.

Expected Behavior

/docs folder should have a GITLAB_SETUP.md containing steps to obtain GITLAB_CLIENT_ID and GITLAB_CLIENT_SECRET .

Additional Information

No response