chore(deps): bump pdfkit from 0.15.2 to 0.18.0#12
Closed
dependabot[bot] wants to merge 14 commits into
Closed
Conversation
Set up the OpenNota monorepo foundation: - Turborepo + pnpm workspaces (apps/*, packages/*) - Shared @opennota/config package (ESLint, Prettier, TypeScript, Tailwind) - Root tooling: ESLint 9 flat config, Prettier, EditorConfig - Conventional Commits enforced via commitlint + husky + lint-staged - .env.example with zero-install defaults (SQLite, local dirs) - Gitignored data/, emails/, uploads/, generated/ directories Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Add the @opennota/shared package: - Domain enums (roles, term/evaluation types, grade scales) - Zod validation schemas for every input DTO - CacheStore abstraction with an in-memory implementation - JobRunner abstraction with an in-process implementation Add the @opennota/db package: - Prisma SQLite schema covering all domain entities - Initial migration - Idempotent seed for Colegio San Martin (5 teachers, 30 students, 30 guardians, 24 evaluations, 360 grades) The cache, job runner and mailer are kept behind interfaces so Redis, BullMQ or a real SMTP transport can replace them without touching business code. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Stand up the @opennota/api backend: - Zod-validated environment and typed AppConfig - Pino structured logging, helmet, CORS and global rate limiting - Global exception filter with the consistent ApiErrorResponse shape - Per-route Zod validation pipe - JWT auth: register/login/refresh/logout/me with bcrypt (cost 12), rotating refresh tokens stored hashed for revocation - Global JwtAuthGuard (with @public) and RolesGuard (with @roles) - Prisma, cache, job-runner and file-based mailer wired behind their shared abstractions Disable consistent-type-imports for the API: NestJS reads constructor parameter types at runtime, so injected classes must be value imports. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
- Institutions module (ADMIN): institutions, academic years, terms; activating an academic year deactivates the others in a transaction - Academic module (ADMIN/PRINCIPAL): class groups, subjects, teacher-subject assignments and student enrollments - Users module (ADMIN): user CRUD, teacher/student/guardian profiles and guardian-student links; passwordHash never leaves the API Soft delete for institutions, class groups, subjects and users; hard delete for years, terms, enrollments and assignments. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
- Evaluations module: evaluation CRUD and per-subject/term grading
weight configuration (weights validated to sum to 100)
- Grades module: single and batch grade entry, editable only while
the evaluation is published and the term is open
- GradeCalculationService: pure weighted-average engine that
normalizes mixed scales to 0-10, applies type weights, renormalizes
for partially graded terms; results cached in-memory keyed
term-average:{studentId}:{subjectId}:{termId} and refreshed on change
- Reports module: report card JSON, PDFKit PDF (copy saved to
./generated via the job runner) and the class-group average view
Teachers can only manage subjects they are assigned to; students and
guardians can only read their own report cards.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
- Next.js 15 App Router with Tailwind and shadcn/ui components - next-intl wired up with Spanish messages (English/Portuguese ready) - Auth.js v5 credentials provider backed by the NestJS API, with access-token refresh and route-protecting middleware - TanStack Query and toast providers - Typed API client for the browser - Login page and role-aware dashboard shell (sidebar + topbar) The end-to-end auth flow is verified: NextAuth login through the API, session callbacks and middleware redirects all work. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
- Token-aware browser API client and TanStack Query data layer - shadcn table, dialog, select, textarea, switch and alert-dialog - Reusable CRUD building blocks (page header, row actions, data states, confirm-delete dialog) - Six management screens for Admin/Principal: institutions, academic years (with nested term management), class groups, subjects (with teacher assignments), enrollments and users Forms reuse the shared Zod schemas; all visible text comes from the Spanish i18n messages. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Returns the subjects the current user can work with: a teacher's assigned subjects, or every subject for staff. The grade-entry and evaluation screens need this so teachers can discover their subjects without access to the admin-only class-group listing. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
- GET /terms is now readable by every authenticated role (teachers, students and guardians need to pick a term); mutations stay ADMIN - Add GET /reports/students returning the students whose report cards the current user may view: their own, their linked students, or all Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
- Evaluations CRUD screen with subject/term filters and a published/draft state - Grade entry sheet: students-by-evaluations matrix with debounced per-cell autosave, per-cell save indicators, an absent toggle, and conceptual-scale selects; weight configuration dialog - Report card viewer with per-subject averages, pass/fail badges, per-evaluation drilldown and PDF download - Teacher dashboard card listing assigned subjects Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
- 26 Vitest unit tests for the grade calculation engine, covering weight scenarios, absences, missing config, mixed scales, conceptual grades, the pass threshold and rounding - 6 integration tests exercising GradeCalculationService against a temporary SQLite database created and torn down per suite - 13 unit tests for the in-memory cache and in-process job runner - Playwright E2E covering the critical flow: teacher login to grade sheet, then student login to report card Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Bumps [pdfkit](https://github.com/foliojs/pdfkit) from 0.15.2 to 0.18.0. - [Release notes](https://github.com/foliojs/pdfkit/releases) - [Changelog](https://github.com/foliojs/pdfkit/blob/master/CHANGELOG.md) - [Commits](foliojs/pdfkit@v0.15.2...v0.18.0) --- updated-dependencies: - dependency-name: pdfkit dependency-version: 0.18.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Author
LabelsThe following labels could not be found: Please fix the above issues or remove invalid values from |
Author
|
OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting If you change your mind, just re-open this PR and I'll resolve any conflicts on it. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps pdfkit from 0.15.2 to 0.18.0.
Release notes
Sourced from pdfkit's releases.
Changelog
Sourced from pdfkit's changelog.
Commits
6e3727fv0.18.01dda5aeadded Node.js version 24 LTS7216cc8BUGFIX: (#1686)a2f240erefactor: replace crypto-js (#1681)75b978cfix(jpeg) robust and minimal JPEG EXIF parser (#1680)713ac8ffix(svg): parse arc flags without separators correctly (#1679)edcbd4bfeat(page): add userUnit option for custom page units (PDF 1.6) (#1676)d2d3720feat(document): Add pageLayout option to control how pages are displayed in P...171042afeat(outline): add pageNumber option and XYZ destination support (#1674)b27f9f2fix: handle interlaced PNG with indexed transparency (#1673)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)