minor cleanups

Author: isTravis

.oxlintrc.json

@@ -0,0 +1,9 @@
+{
+  "plugins": ["typescript", "react", "import", "oxc"],
+  "rules": {
+    "no-unused-vars": "error",
+    "no-console": "off",
+    "eqeqeq": ["error", "always", { "null": "ignore" }]
+  },
+  "ignorePatterns": ["node_modules", "dist"]
+}

oxlintrc.json

@@ -18,6 +18,7 @@
     "tool:backup": "tsx tools/backupDb.ts",
     "tool:restore": "tsx tools/restore.ts",
     "tool:pruneBackups": "tsx tools/pruneBackups.ts",
+    "tool:cleanupSessions": "tsx tools/cleanupSessions.ts",
     "tool:seed-mirror": "tsx tools/seedMirror.ts",
     "cli": "tsx src/cli/cli.ts",
     "test": "vitest run",

package.json

@@ -233,7 +233,7 @@ app.get('/api/blog/:slug', (c) => {
   const slug = c.req.param('slug')
   const mdPath = resolve('content/blog', `${slug}.md`)
   if (!existsSync(mdPath)) {
-    return c.json({ error: 'Not found' }, 404)
+    return c.json({ error: 'Not found', statusCode: 404 }, 404)
   }
   const raw = readFileSync(mdPath, 'utf-8')
   // Strip frontmatter

server.ts

@@ -344,8 +344,9 @@ const app = new Hono<AuthEnv>()
       try {
         const avatarKeys = await listS3Objects(`avatars/${defaultOrg.id}/`)
         if (avatarKeys.length > 0) await deleteS3Objects(avatarKeys)
-      } catch {
-        // Non-fatal
+      } catch (err) {
+        // Non-fatal — orphaned avatars are harmless
+        console.error(`[accounts] Failed to delete avatars for org ${defaultOrg.id}:`, err)
       }
 
       await db.delete(schema.apikey).where(eq(schema.apikey.referenceId, userId))
@@ -443,8 +444,9 @@ const app = new Hono<AuthEnv>()
       try {
         const avatarKeys = await listS3Objects(`avatars/${org.id}/`)
         if (avatarKeys.length > 0) await deleteS3Objects(avatarKeys)
-      } catch {
-        // Non-fatal
+      } catch (err) {
+        // Non-fatal — orphaned avatars are harmless
+        console.error(`[accounts] Failed to delete avatars for org ${org.id}:`, err)
       }
 
       await db.delete(schema.apikey).where(eq(schema.apikey.referenceId, org.id))

src/api/accounts.ts

@@ -22,11 +22,11 @@ import { type AuthEnv } from './auth.server.js'
 
 export async function resolve(c: Context<AuthEnv>) {
   const path = c.req.query('path')
-  if (!path) return c.json({ error: 'Missing path' }, 400)
+  if (!path) return c.json({ error: 'Missing path', statusCode: 400 }, 400)
 
   // path = "ark:NAAN/shoulder+collection..."
   const arkLabelIdx = path.indexOf('ark:')
-  if (arkLabelIdx === -1) return c.json({ error: 'Invalid ARK path' }, 400)
+  if (arkLabelIdx === -1) return c.json({ error: 'Invalid ARK path', statusCode: 400 }, 400)
 
   const afterLabel = path.slice(arkLabelIdx + 4) // strip "ark:"
   const slashIdx = afterLabel.indexOf('/')
@@ -322,11 +322,11 @@ export async function getArk(c: Context<AuthEnv>) {
     .innerJoin(schema.organization, eq(schema.collections.organizationId, schema.organization.id))
     .where(and(eq(schema.organization.slug, owner), eq(schema.collections.slug, slug)))
     .limit(1)
-  if (!coll) return c.json({ error: 'Collection not found' }, 404)
+  if (!coll) return c.json({ error: 'Collection not found', statusCode: 404 }, 404)
 
   // Must be owner/member
   const hasAccess = await checkCollectionAccess(coll.organizationId, c.get('userId')!)
-  if (!hasAccess) return c.json({ error: 'Forbidden' }, 403)
+  if (!hasAccess) return c.json({ error: 'Forbidden', statusCode: 403 }, 403)
 
   const naan = coll.ownerNaan ?? DEFAULT_NAAN
 
@@ -367,10 +367,10 @@ export async function updateArk(c: Context<AuthEnv>) {
     .innerJoin(schema.organization, eq(schema.collections.organizationId, schema.organization.id))
     .where(and(eq(schema.organization.slug, owner), eq(schema.collections.slug, slug)))
     .limit(1)
-  if (!coll) return c.json({ error: 'Collection not found' }, 404)
+  if (!coll) return c.json({ error: 'Collection not found', statusCode: 404 }, 404)
 
   const hasAccess = await checkCollectionAccess(coll.organizationId, c.get('userId')!)
-  if (!hasAccess) return c.json({ error: 'Forbidden' }, 403)
+  if (!hasAccess) return c.json({ error: 'Forbidden', statusCode: 403 }, 403)
 
   const [existing] = await db
     .select({ collectionId: schema.arkCollections.collectionId })
@@ -415,10 +415,10 @@ export async function getArkRecordTypes(c: Context<AuthEnv>) {
     .innerJoin(schema.organization, eq(schema.collections.organizationId, schema.organization.id))
     .where(and(eq(schema.organization.slug, owner), eq(schema.collections.slug, slug)))
     .limit(1)
-  if (!coll) return c.json({ error: 'Collection not found' }, 404)
+  if (!coll) return c.json({ error: 'Collection not found', statusCode: 404 }, 404)
 
   const hasAccess = await checkCollectionAccess(coll.organizationId, c.get('userId')!)
-  if (!hasAccess) return c.json({ error: 'Forbidden' }, 403)
+  if (!hasAccess) return c.json({ error: 'Forbidden', statusCode: 403 }, 403)
 
   const rows = await db
     .select({
@@ -436,18 +436,18 @@ export async function updateArkRecordTypes(c: Context<AuthEnv>) {
   const slug = c.req.param('slug')!
   const { recordType, redirectUrlField } = await c.req.json()
 
-  if (!recordType) return c.json({ error: 'recordType required' }, 400)
+  if (!recordType) return c.json({ error: 'recordType required', statusCode: 400 }, 400)
 
   const [coll] = await db
     .select({ id: schema.collections.id, organizationId: schema.collections.organizationId })
     .from(schema.collections)
     .innerJoin(schema.organization, eq(schema.collections.organizationId, schema.organization.id))
     .where(and(eq(schema.organization.slug, owner), eq(schema.collections.slug, slug)))
     .limit(1)
-  if (!coll) return c.json({ error: 'Collection not found' }, 404)
+  if (!coll) return c.json({ error: 'Collection not found', statusCode: 404 }, 404)
 
   const hasAccess = await checkCollectionAccess(coll.organizationId, c.get('userId')!)
-  if (!hasAccess) return c.json({ error: 'Forbidden' }, 403)
+  if (!hasAccess) return c.json({ error: 'Forbidden', statusCode: 403 }, 403)
 
   if (redirectUrlField === null) {
     await db
@@ -478,15 +478,15 @@ export async function updateAccountArk(c: Context<AuthEnv>) {
   const { naan } = await c.req.json()
 
   if (naan !== null && !/^\d{1,16}$/.test(naan)) {
-    return c.json({ error: 'NAAN must be numeric (up to 16 digits)' }, 400)
+    return c.json({ error: 'NAAN must be numeric (up to 16 digits)', statusCode: 400 }, 400)
   }
 
   const [org] = await db
     .select({ id: schema.organization.id })
     .from(schema.organization)
     .where(eq(schema.organization.slug, slug))
     .limit(1)
-  if (!org) return c.json({ error: 'Org not found' }, 404)
+  if (!org) return c.json({ error: 'Org not found', statusCode: 404 }, 404)
 
   // Must be owner/admin of the org
   const [membership] = await db
@@ -497,7 +497,7 @@ export async function updateAccountArk(c: Context<AuthEnv>) {
     )
     .limit(1)
   if (!membership || (membership.role !== 'owner' && membership.role !== 'admin')) {
-    return c.json({ error: 'Forbidden' }, 403)
+    return c.json({ error: 'Forbidden', statusCode: 403 }, 403)
   }
 
   await db

src/api/ark.ts

@@ -10,7 +10,7 @@ import { z } from 'zod'
 import { db, schema } from '../db/client.server.js'
 import { buildArkUrl, collectionToArkId, DEFAULT_NAAN, getOrMintShoulder } from '../lib/ark.js'
 import { downloadFromS3 } from '../lib/s3.js'
-import { getOrgRole, hasOrgAccess } from '../lib/version-helpers.server.js'
+import { getLatestReadyVersion, getOrgRole, hasOrgAccess } from '../lib/version-helpers.server.js'
 import { type AuthEnv } from './auth.server.js'
 import { requireAuth } from './auth.server.js'
 
@@ -206,8 +206,9 @@ const app = new Hono<AuthEnv>()
         const naan = org.arkNaan ?? DEFAULT_NAAN
         const arkUrl = buildArkUrl(naan, shoulder, arkId)
         return c.json({ id, owner, slug, name, ark: arkUrl }, 201)
-      } catch {
+      } catch (err) {
         // ARK minting failure is non-fatal
+        console.error(`[ark] Failed to mint ARK for new collection ${owner}/${slug}:`, err)
         return c.json({ id, owner, slug, name }, 201)
       }
     },
@@ -276,25 +277,7 @@ const app = new Hono<AuthEnv>()
       }
 
       // Get latest version info
-      const [latestVersion] = await db
-        .select({
-          id: schema.versions.id,
-          semver: schema.versions.semver,
-          recordCount: schema.versions.recordCount,
-          fileCount: schema.versions.fileCount,
-          totalBytes: schema.versions.totalBytes,
-          createdAt: schema.versions.createdAt,
-          message: schema.versions.message,
-          metadata: schema.versions.metadata,
-        })
-        .from(schema.versions)
-        .where(
-          and(eq(schema.versions.collectionId, result.id), eq(schema.versions.status, 'ready')),
-        )
-        .orderBy(
-          sql`${schema.versions.major} desc, ${schema.versions.minor} desc, ${schema.versions.patch} desc`,
-        )
-        .limit(1)
+      const latestVersion = await getLatestReadyVersion(result.id)
 
       // Get per-type record counts for latest version
       let typeCounts: { type: string; count: number }[] = []
@@ -342,8 +325,9 @@ const app = new Hono<AuthEnv>()
         if (arkRow?.enabled) {
           ark = buildArkUrl(arkRow.ownerNaan ?? DEFAULT_NAAN, arkRow.shoulder, arkRow.arkId)
         }
-      } catch {
-        // Non-fatal
+      } catch (err) {
+        // Non-fatal — ARK URL is decorative here
+        console.error(`[ark] Failed to load ARK info for collection ${owner}/${slug}:`, err)
       }
 
       const [vcRow] = await db
@@ -758,7 +742,8 @@ const app = new Hono<AuthEnv>()
 
       const schemasMap = Object.fromEntries(versionSchemaEntries.map((e) => [e.slug, e.schemaBody]))
 
-      // Add manifest.json
+      // Build manifest.json (packed last, so it can report any files that
+      // failed to download)
       const versionMeta = version.metadata as Record<string, unknown> | null
       const manifest = {
         collection: {
@@ -777,6 +762,7 @@ const app = new Hono<AuthEnv>()
           createdAt: version.createdAt,
         },
         schemas: schemasMap,
+        files_missing: [] as string[],
       }
 
       // Build tar.gz stream
@@ -785,10 +771,6 @@ const app = new Hono<AuthEnv>()
 
       const filename = `${owner}-${slug}-${version.semver}.tar.gz`
 
-      // Add manifest
-      const manifestBuf = Buffer.from(JSON.stringify(manifest, null, 2))
-      pack.entry({ name: 'manifest.json', size: manifestBuf.length }, manifestBuf)
-
       // Stream records per-type into tar — avoids loading all records at once
       const types = await db
         .selectDistinct({ type: schema.recordObjects.type })
@@ -843,11 +825,15 @@ const app = new Hono<AuthEnv>()
         try {
           const fileBuffer = await downloadFromS3(file.storageKey)
           pack.entry({ name: `files/${file.hash}`, size: fileBuffer.length }, fileBuffer)
-        } catch {
-          // Skip files that can't be downloaded (shouldn't happen in normal operation)
+        } catch (err) {
+          console.error(`[export] Failed to download file ${file.hash} (${file.storageKey}):`, err)
+          manifest.files_missing.push(file.hash)
         }
       }
 
+      const manifestBuf = Buffer.from(JSON.stringify(manifest, null, 2))
+      pack.entry({ name: 'manifest.json', size: manifestBuf.length }, manifestBuf)
+
       pack.finalize()
 
       // Pipe tar → gzip and collect into a ReadableStream
@@ -959,16 +945,7 @@ const app = new Hono<AuthEnv>()
       }
 
       // Get latest version of source
-      const [latestVersion] = await db
-        .select()
-        .from(schema.versions)
-        .where(
-          and(eq(schema.versions.collectionId, source.id), eq(schema.versions.status, 'ready')),
-        )
-        .orderBy(
-          sql`${schema.versions.major} desc, ${schema.versions.minor} desc, ${schema.versions.patch} desc`,
-        )
-        .limit(1)
+      const latestVersion = await getLatestReadyVersion(source.id)
 
       if (!latestVersion) {
         return c.json({ error: 'Source collection has no versions', statusCode: 422 }, 422)

src/api/collections.ts

@@ -13,14 +13,14 @@ import { db, schema } from '../db/client.server.js'
 export async function summary(c: Context) {
   const kfOrgId = c.req.query('kf_org_id')
   if (!kfOrgId) {
-    return c.json({ error: 'kf_org_id is required' }, 400)
+    return c.json({ error: 'kf_org_id is required', statusCode: 400 }, 400)
   }
 
   // Verify internal API key
   const authHeader = c.req.header('Authorization')
   const expectedKey = process.env.AUTH_INTERNAL_API_KEY
   if (!expectedKey || authHeader !== `Bearer ${expectedKey}`) {
-    return c.json({ error: 'Unauthorized' }, 401)
+    return c.json({ error: 'Unauthorized', statusCode: 401 }, 401)
   }
 
   const APP_URL = process.env.APP_URL ?? 'http://localhost:4100'