fix: more robust calculation of default location for code generation

[ymc9]

Summary by CodeRabbit

• New Features
  • Enhanced plugin support for JetBrains IDE by updating the plugin version.
  • Improved default output folder determination logic based on the testing environment.
  • Introduced a more efficient way to locate the node_modules folder with a fallback mechanism for runtime package paths.
  • Added pattern matching in utility functions for clearer code and additional package manager information.
• Refactor
  • Updated imports to use specific types across various modules for better clarity and maintenance.
  • Refined function signatures and type definitions for improved readability and functionality.

[coderabbitai]

Walkthrough

Walkthrough

The recent updates span across several packages, focusing on enhancing functionality, refining logic, and improving code clarity. Key changes include updating a JetBrains IDE plugin version, refining plugin and package utilities in the schema package, and improving default runtime load paths and module loading mechanisms in the server and test tools packages. These modifications aim to streamline development workflows, improve package management, and ensure more robust and maintainable codebases.

Changes

Files	Change Summary
packages/ide/jetbrains/build.gradle.kts	Updated the JetBrains IDE plugin version from "2.0.0-alpha.4" to "2.0.0-alpha.5".
.../schema/src/plugins/plugin-utils.ts .../schema/src/utils/pkg-utils.ts	- Added and refined utility functions for better package management. - Improved logic for determining default output folders and locating node_modules.
.../server/src/shared.ts .../testtools/src/schema.ts	- Modified imports for specific types and a default runtime load path. - Updated functions to utilize a default path for loading modules, enhancing the module loading mechanism and streamlining the handling of runtime dependencies.

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

Share

• X
• Mastodon
• Reddit
• LinkedIn

---

Tips

Chat

There are 3 ways to chat with CodeRabbit:

Note: Auto-reply has been disabled for this repository by the repository owner. The CodeRabbit bot will not respond to your replies unless it is explicitly tagged.

• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit tests for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai generate interesting stats about this repository and render them as a table.
  • @coderabbitai show all the console.log statements in this repository.
  • @coderabbitai read src/utils.ts and generate unit tests.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (invoked as PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger a review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai help to get help.

Additionally, you can add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.

CodeRabbit Configration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• The JSON schema for the configuration file is available here.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/coderabbit-overrides.v2.json

CodeRabbit Discord Community

Join our Discord Community to get help, request features, and share feedback.

[coderabbitai]

Review Status

Actionable comments generated: 4

Configuration used: CodeRabbit UI

Commits

Files that changed from the base of the PR and between d3629be and 63f5cbc.

Files ignored due to path filters (13)

• package.json is excluded by: !**/*.json
• packages/ide/jetbrains/package.json is excluded by: !**/*.json
• packages/language/package.json is excluded by: !**/*.json
• packages/misc/redwood/package.json is excluded by: !**/*.json
• packages/plugins/openapi/package.json is excluded by: !**/*.json
• packages/plugins/swr/package.json is excluded by: !**/*.json
• packages/plugins/tanstack-query/package.json is excluded by: !**/*.json
• packages/plugins/trpc/package.json is excluded by: !**/*.json
• packages/runtime/package.json is excluded by: !**/*.json
• packages/schema/package.json is excluded by: !**/*.json
• packages/sdk/package.json is excluded by: !**/*.json
• packages/server/package.json is excluded by: !**/*.json
• packages/testtools/package.json is excluded by: !**/*.json

Files selected for processing (5)

• packages/ide/jetbrains/build.gradle.kts (1 hunks)
• packages/schema/src/plugins/plugin-utils.ts (2 hunks)
• packages/schema/src/utils/pkg-utils.ts (4 hunks)
• packages/server/src/shared.ts (4 hunks)
• packages/testtools/src/schema.ts (2 hunks)

Additional comments: 7

packages/ide/jetbrains/build.gradle.kts (1)

• 12-12: The version update from "2.0.0-alpha.4" to "2.0.0-alpha.5" in the build.gradle.kts file is correctly implemented. Ensure that this version increment aligns with the intended changes and dependencies for the JetBrains IDE plugin.

packages/server/src/shared.ts (1)

• 2-2: The introduction of DEFAULT_RUNTIME_LOAD_PATH and specific type imports (ModelMeta, PolicyDef, ZodSchemas) from @zenstackhq/runtime is a good practice for clarity and maintainability.

packages/schema/src/plugins/plugin-utils.ts (1)

• 6-6: Importing getPackageManager from ../utils/pkg-utils is a good addition for enhancing the logic to determine the default output folder. This modular approach improves code readability and maintainability.

packages/schema/src/utils/pkg-utils.ts (3)

• 4-4: The introduction of match from 'ts-pattern' for pattern matching in the getPackageManager function is a good practice for improving code readability and maintainability.
• 16-16: Refining the FindUp type definition to handle boolean extensions and improve the function signature for findUp enhances the readability and usability of these utilities.
• 46-59: Refactoring the getPackageManager function to use pattern matching for determining the package manager provides a clearer and more informative approach. This change improves the function's readability and maintainability.

packages/testtools/src/schema.ts (1)

• 5-11: Reorganizing the imports for AuthUser, CrudContract, EnhancementKind, and EnhancementOptions from @zenstackhq/runtime to use type annotations and defining DEFAULT_RUNTIME_LOAD_PATH for module loading are good practices for improving code clarity and maintainability.

[coderabbitai]

📝 NOTE
This review was outside the diff hunks, and no overlapping diff hunk was found. Original lines [33-33]

Detected possible user input going into path.join or path.resolve functions in the getDefaultModelMeta, getDefaultPolicy, and getDefaultZodSchemas functions. This could potentially lead to a path traversal vulnerability. Ensure that the loadPath parameter is sanitized or validated before use to prevent unauthorized file system access.

Also applies to: 61-61, 92-92

[coderabbitai]

📝 NOTE
This review was outside the diff hunks, and no overlapping diff hunk was found. Original lines [17-17]

Detected possible user input going into path.join or path.resolve functions in several places within getNodeModulesFolder, ensureDefaultOutputFolder, and getDefaultOutputFolder functions. This could potentially lead to a path traversal vulnerability. Ensure that any user input or variable paths are sanitized or validated before use to prevent unauthorized file system access.

Also applies to: 18-18, 20-20, 31-31, 64-64, 77-77

[coderabbitai]

📝 NOTE
This review was outside the diff hunks, and no overlapping diff hunk was found. Original lines [46-46]

Detected a call to child_process from a function argument cmd in the run function. This could lead to a command injection if the input is user-controllable. Ensure that user input is correctly sanitized or sandboxed to prevent security vulnerabilities.

---

📝 NOTE
This review was outside the diff hunks, and no overlapping diff hunk was found. Original lines [70-70]

Detected possible user input going into path.join or path.resolve functions in getWorkspaceRoot and getWorkspaceNpmCacheFolder. This could potentially lead to a path traversal vulnerability. Ensure that any user input or variable paths are sanitized or validated before use to prevent unauthorized file system access.

Also applies to: 81-81