Merge branch 'next' into nv-5616-do-not-create-pill-for-payload-or-stepsdigesteventspayload-pill

Author: BiswaViraj

.github/workflows/check-submodule-sync-merge.yaml

@@ -0,0 +1,61 @@
+name: Validate Submodule Sync Post-Merge
+
+# This workflow validates submodule synchronization specifically after merges to main branches
+# It runs separately from the PR/push validation to provide dedicated post-merge verification
+# Logic:
+# 1. Triggers only on successful merges (push events with merged PRs)
+# 2. Checks if SUBMODULES_TOKEN secret exists
+# 3. If token exists, validates that submodules are properly synchronized
+# 4. Can provide notifications or take corrective actions if issues are found
+
+on:
+  push:
+    branches:
+      - next
+      - main
+      - prod
+
+jobs:
+  check_submodule_token:
+    name: Check if submodule token exists
+    runs-on: ubuntu-latest
+    outputs:
+      has_token: ${{ steps.secret-check.outputs.has_token }}
+    steps:
+      - name: Check if secret exists
+        id: secret-check
+        run: |
+          if [[ -n "${{ secrets.SUBMODULES_TOKEN }}" ]]; then
+            echo "has_token=true" >> $GITHUB_OUTPUT
+          else
+            echo "has_token=false" >> $GITHUB_OUTPUT
+          fi
+
+  validate-submodule-sync:
+    runs-on: ubuntu-latest
+    needs: [check_submodule_token]
+    if: needs.check_submodule_token.outputs.has_token == 'true'
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+          submodules: true
+          token: ${{ secrets.SUBMODULES_TOKEN }}
+
+      - name: Run validation script
+        run: |
+          # Ensure the script is executable
+          chmod +x .github/workflows/scripts/validate-submodule-sync.sh
+
+          # Run the script with the current branch as reference
+          .github/workflows/scripts/validate-submodule-sync.sh ${GITHUB_REF#refs/heads/}
+        env:
+          SUBMODULES_TOKEN: ${{ secrets.SUBMODULES_TOKEN }}
+
+      - name: Send Slack notification on failure
+        if: failure()
+        uses: ./.github/actions/slack-notify-on-failure
+        with:
+          slackWebhookURL: ${{ secrets.SLACK_WEBHOOK_URL_ENG_FEED_GITHUB }}

.github/workflows/validate-submodule-sync.yaml renamed to .github/workflows/check-submodule-sync-pr.yaml

@@ -24,7 +24,7 @@ on:
 
 jobs:
   check_submodule_token:
-    name: Check if the secret exists or not.
+    name: Check if submodule token exists
     runs-on: ubuntu-latest
     outputs:
       has_token: ${{ steps.secret-check.outputs.has_token }}

apps/api/package.json

@@ -27,7 +27,7 @@
     "generate:sdk": " (cd ../../libs/internal-sdk && speakeasy run --skip-compile --minimal --skip-versioning) && (cd ../../libs/internal-sdk && pnpm build) ",
     "test": "cross-env TS_NODE_COMPILER_OPTIONS='{\"strictNullChecks\": false}' NODE_ENV=test mocha --timeout 5000 --require ts-node/register --exit 'src/**/*.spec.ts'",
     "test:e2e:novu-v0": "cross-env TS_NODE_COMPILER_OPTIONS='{\"strictNullChecks\": false}' NODE_ENV=test mocha --timeout 5000 --retries 3 --grep '#novu-v0' --require ts-node/register --exit --file e2e/setup.ts src/**/*.e2e{,-ee}.ts",
-    "test:e2e:novu-v2": "cross-env TS_NODE_COMPILER_OPTIONS='{\"strictNullChecks\": false}' NODE_ENV=test CI_EE_TEST=true CLERK_ENABLED=true NODE_OPTIONS=--max_old_space_size=8192 mocha --bail --timeout 5000 --retries 3 --grep '#novu-v2' --require ts-node/register --exit --file e2e/setup.ts src/**/*.e2e{,-ee}.ts",
+    "test:e2e:novu-v2": "cross-env TS_NODE_COMPILER_OPTIONS='{\"strictNullChecks\": false}' NODE_ENV=test CI_EE_TEST=true CLERK_ENABLED=true NODE_OPTIONS=--max_old_space_size=8192 mocha --bail --timeout 10000 --retries 3 --grep '#novu-v2' --require ts-node/register --exit --file e2e/setup.ts src/**/*.e2e{,-ee}.ts",
     "migration": "cross-env NODE_ENV=local MIGRATION=true ts-node --transpileOnly",
     "link:submodules": "pnpm link ../../enterprise/packages/auth && pnpm link ../../enterprise/packages/translation && pnpm link ../../enterprise/packages/billing",
     "admin:remove-user-account": "cross-env NODE_ENV=local MIGRATION=true ts-node --transpileOnly ./admin/remove-user-account.ts",
@@ -128,6 +128,7 @@
     "@types/supertest": "^2.0.8",
     "async": "^3.2.0",
     "chai": "^4.2.0",
+    "chai-subset": "^1.6.0",
     "express": "^5.0.1",
     "get-port": "^5.1.1",
     "mocha": "^10.2.0",

apps/api/src/app/auth/auth.controller.ts

@@ -33,7 +33,6 @@ import { PasswordResetRequestCommand } from './usecases/password-reset-request/p
 import { PasswordResetRequest } from './usecases/password-reset-request/password-reset-request.usecase';
 import { PasswordResetCommand } from './usecases/password-reset/password-reset.command';
 import { PasswordReset } from './usecases/password-reset/password-reset.usecase';
-import { ApiException } from '../shared/exceptions/api.exception';
 import { PasswordResetBodyDto, PasswordResetRequestBodyDto } from './dtos/password-reset.dto';
 import { ApiCommonResponses } from '../shared/framework/response.decorator';
 import { UpdatePasswordBodyDto } from './dtos/update-password.dto';
@@ -70,7 +69,7 @@ export class AuthController {
     Logger.verbose('Checking Github Auth');
 
     if (!process.env.GITHUB_OAUTH_CLIENT_ID || !process.env.GITHUB_OAUTH_CLIENT_SECRET) {
-      throw new ApiException(
+      throw new BadRequestException(
         'GitHub auth is not configured, please provide GITHUB_OAUTH_CLIENT_ID and GITHUB_OAUTH_CLIENT_SECRET as env variables'
       );
     }

apps/api/src/app/auth/services/community.auth.service.ts

@@ -1,5 +1,12 @@
 import { createHash } from 'crypto';
-import { forwardRef, Inject, Injectable, NotFoundException, UnauthorizedException } from '@nestjs/common';
+import {
+  forwardRef,
+  Inject,
+  Injectable,
+  NotFoundException,
+  UnauthorizedException,
+  BadRequestException,
+} from '@nestjs/common';
 import { JwtService } from '@nestjs/jwt';
 
 import {
@@ -25,7 +32,6 @@ import {
 
 import {
   AnalyticsService,
-  ApiException,
   buildSubscriberKey,
   buildUserKey,
   CachedResponse,
@@ -147,7 +153,7 @@ export class CommunityAuthService implements IAuthService {
       );
 
       const dbUser = await this.userRepository.findById(user._id);
-      if (!dbUser) throw new ApiException('User not found');
+      if (!dbUser) throw new BadRequestException('User not found');
       // eslint-disable-next-line no-param-reassign
       user = dbUser;
     }

apps/api/src/app/auth/usecases/login/login.usecase.ts

@@ -1,12 +1,11 @@
 import bcrypt from 'bcrypt';
-import { Injectable, UnauthorizedException } from '@nestjs/common';
+import { Injectable, UnauthorizedException, BadRequestException } from '@nestjs/common';
 import { differenceInMinutes, parseISO } from 'date-fns';
 import { UserRepository, UserEntity, OrganizationRepository } from '@novu/dal';
 import { AnalyticsService, createHash } from '@novu/application-generic';
 import { normalizeEmail } from '@novu/shared';
 import { AuthService } from '../../services/auth.service';
 import { LoginCommand } from './login.command';
-import { ApiException } from '../../../shared/exceptions/api.exception';
 
 @Injectable()
 export class Login {
@@ -44,7 +43,7 @@ export class Login {
     }
 
     // TODO: Trigger a password reset flow automatically for existing OAuth users instead of throwing an error
-    if (!user.password) throw new ApiException('Please sign in using Github.');
+    if (!user.password) throw new BadRequestException('Please sign in using Github.');
 
     const isMatching = await bcrypt.compare(command.password, user.password);
     if (!isMatching) {

apps/api/src/app/auth/usecases/password-reset/password-reset.usecase.ts

@@ -1,11 +1,10 @@
-import { Injectable } from '@nestjs/common';
+import { Injectable, BadRequestException } from '@nestjs/common';
 import { hash } from 'bcrypt';
 import { isBefore, subDays } from 'date-fns';
 import { UserRepository } from '@novu/dal';
 import { InvalidateCacheService, buildUserKey } from '@novu/application-generic';
 import { AuthService } from '../../services/auth.service';
 import { PasswordResetCommand } from './password-reset.command';
-import { ApiException } from '../../../shared/exceptions/api.exception';
 
 @Injectable()
 export class PasswordReset {
@@ -18,11 +17,11 @@ export class PasswordReset {
   async execute(command: PasswordResetCommand): Promise<{ token: string }> {
     const user = await this.userRepository.findUserByToken(command.token);
     if (!user) {
-      throw new ApiException('Bad token provided');
+      throw new BadRequestException('Bad token provided');
     }
 
     if (user.resetTokenDate && isBefore(new Date(user.resetTokenDate), subDays(new Date(), 7))) {
-      throw new ApiException('Token has expired');
+      throw new BadRequestException('Token has expired');
     }
 
     const passwordHash = await hash(command.password, 10);

apps/api/src/app/auth/usecases/register/user-register.usecase.ts

@@ -1,11 +1,10 @@
-import { Injectable } from '@nestjs/common';
+import { Injectable, BadRequestException } from '@nestjs/common';
 import { OrganizationEntity, UserRepository } from '@novu/dal';
 import { hash } from 'bcrypt';
 import { SignUpOriginEnum, normalizeEmail } from '@novu/shared';
 import { AnalyticsService, createHash } from '@novu/application-generic';
 import { AuthService } from '../../services/auth.service';
 import { UserRegisterCommand } from './user-register.command';
-import { ApiException } from '../../../shared/exceptions/api.exception';
 import { CreateOrganization } from '../../../organization/usecases/create-organization/create-organization.usecase';
 import { CreateOrganizationCommand } from '../../../organization/usecases/create-organization/create-organization.command';
 
@@ -19,11 +18,11 @@ export class UserRegister {
   ) {}
 
   async execute(command: UserRegisterCommand) {
-    if (process.env.DISABLE_USER_REGISTRATION === 'true') throw new ApiException('Account creation is disabled');
+    if (process.env.DISABLE_USER_REGISTRATION === 'true') throw new BadRequestException('Account creation is disabled');
 
     const email = normalizeEmail(command.email);
     const existingUser = await this.userRepository.findByEmail(email);
-    if (existingUser) throw new ApiException('User already exists');
+    if (existingUser) throw new BadRequestException('User already exists');
 
     const passwordHash = await hash(command.password, 10);
     const user = await this.userRepository.create({

apps/api/src/app/auth/usecases/switch-organization/switch-organization.usecase.ts

@@ -1,6 +1,5 @@
-import { Injectable, UnauthorizedException } from '@nestjs/common';
+import { Injectable, UnauthorizedException, BadRequestException } from '@nestjs/common';
 import { MemberRepository, UserRepository } from '@novu/dal';
-import { ApiException } from '../../../shared/exceptions/api.exception';
 import { AuthService } from '../../services/auth.service';
 import { SwitchOrganizationCommand } from './switch-organization.command';
 
@@ -22,10 +21,10 @@ export class SwitchOrganization {
     }
 
     const member = await this.memberRepository.findMemberByUserId(command.newOrganizationId, command.userId);
-    if (!member) throw new ApiException('Member not found');
+    if (!member) throw new BadRequestException('Member not found');
 
     const user = await this.userRepository.findById(command.userId);
-    if (!user) throw new ApiException(`User ${command.userId} not found`);
+    if (!user) throw new BadRequestException(`User ${command.userId} not found`);
 
     const token = await this.authService.getSignedToken(user, command.newOrganizationId, member);
 

apps/api/src/app/auth/usecases/update-password/update-password.usecase.ts

@@ -1,9 +1,8 @@
-import { Injectable, UnauthorizedException } from '@nestjs/common';
+import { Injectable, UnauthorizedException, BadRequestException } from '@nestjs/common';
 import { buildUserKey, InvalidateCacheService } from '@novu/application-generic';
 import { UserRepository } from '@novu/dal';
 import { hash, compare } from 'bcrypt';
 
-import { ApiException } from '../../../shared/exceptions/api.exception';
 import { UpdatePasswordCommand } from './update-password.command';
 
 @Injectable()
@@ -15,15 +14,15 @@ export class UpdatePassword {
 
   async execute(command: UpdatePasswordCommand) {
     if (command.newPassword !== command.confirmPassword) {
-      throw new ApiException('Passwords do not match.');
+      throw new BadRequestException('Passwords do not match.');
     }
 
     const user = await this.userRepository.findById(command.userId);
     if (!user) {
       throw new UnauthorizedException();
     }
     if (!user.password) {
-      throw new ApiException('OAuth user cannot change password.');
+      throw new BadRequestException('OAuth user cannot change password.');
     }
 
     const isAuthorized = await compare(command.currentPassword, user.password);

apps/api/src/app/change/usecases/get-changes/get-changes.usecase.ts

@@ -1,5 +1,5 @@
 /* eslint-disable global-require */
-import { Injectable, Logger } from '@nestjs/common';
+import { Injectable, Logger, BadRequestException } from '@nestjs/common';
 import {
   ChangeEntity,
   ChangeRepository,
@@ -13,7 +13,6 @@ import { ChangeEntityTypeEnum } from '@novu/shared';
 import { ModuleRef } from '@nestjs/core';
 import { ChangesResponseDto } from '../../dtos/change-response.dto';
 import { GetChangesCommand } from './get-changes.command';
-import { ApiException } from '../../../shared/exceptions/api.exception';
 
 interface IViewEntity {
   templateName: string;
@@ -151,7 +150,7 @@ export class GetChanges {
     try {
       if (process.env.NOVU_ENTERPRISE === 'true' || process.env.CI_EE_TEST === 'true') {
         if (!require('@novu/ee-shared-services')?.TranslationsService) {
-          throw new ApiException('Translation module is not loaded');
+          throw new BadRequestException('Translation module is not loaded');
         }
         const service = this.moduleRef.get(require('@novu/ee-shared-services')?.TranslationsService, { strict: false });
         const { name, identifier } = await service.getTranslationGroupData(environmentId, entityId);
@@ -175,7 +174,7 @@ export class GetChanges {
     try {
       if (process.env.NOVU_ENTERPRISE === 'true' || process.env.CI_EE_TEST === 'true') {
         if (!require('@novu/ee-shared-services')?.TranslationsService) {
-          throw new ApiException('Translation module is not loaded');
+          throw new BadRequestException('Translation module is not loaded');
         }
         const service = this.moduleRef.get(require('@novu/ee-shared-services')?.TranslationsService, { strict: false });
         const { name, group } = await service.getTranslationData(environmentId, entityId);

apps/api/src/app/content-templates/content-templates.controller.ts

@@ -1,11 +1,10 @@
 /* eslint-disable global-require */
-import { Body, Controller, Logger, Post } from '@nestjs/common';
+import { Body, Controller, Logger, Post, BadRequestException } from '@nestjs/common';
 import { ApiExcludeController } from '@nestjs/swagger';
 import { format } from 'date-fns';
 import i18next from 'i18next';
 import { ModuleRef } from '@nestjs/core';
 import {
-  ApiException,
   CompileEmailTemplate,
   CompileEmailTemplateCommand,
   CompileInAppTemplate,
@@ -152,7 +151,7 @@ export class ContentTemplatesController {
     try {
       if (process.env.NOVU_ENTERPRISE === 'true' || process.env.CI_EE_TEST === 'true') {
         if (!require('@novu/ee-shared-services')?.TranslationsService) {
-          throw new ApiException('Translation module is not loaded');
+          throw new BadRequestException('Translation module is not loaded');
         }
         const service = this.moduleRef.get(require('@novu/ee-shared-services')?.TranslationsService, { strict: false });
         const { namespaces, resources, defaultLocale } = await service.getTranslationsList(

apps/api/src/app/environments-v1/usecases/construct-framework-workflow/construct-framework-workflow.usecase.ts

@@ -2,7 +2,7 @@ import { Injectable, InternalServerErrorException } from '@nestjs/common';
 import { workflow } from '@novu/framework/express';
 import { ActionStep, ChannelStep, JsonSchema, Step, StepOptions, StepOutput, Workflow } from '@novu/framework/internal';
 import { NotificationStepEntity, NotificationTemplateEntity, NotificationTemplateRepository } from '@novu/dal';
-import { JSONSchemaDefinition, StepTypeEnum, WorkflowOriginEnum } from '@novu/shared';
+import { JSONSchemaDefinition, StepTypeEnum } from '@novu/shared';
 import { Instrument, InstrumentUsecase, PinoLogger } from '@novu/application-generic';
 import { AdditionalOperation, RulesLogic } from 'json-logic-js';
 import _ from 'lodash';

apps/api/src/app/environments-v1/usecases/regenerate-api-keys/regenerate-api-keys.usecase.ts

@@ -1,10 +1,9 @@
 import { createHash } from 'crypto';
-import { Injectable } from '@nestjs/common';
+import { Injectable, BadRequestException } from '@nestjs/common';
 
 import { EnvironmentRepository } from '@novu/dal';
 import { decryptApiKey, encryptApiKey } from '@novu/application-generic';
 
-import { ApiException } from '../../../shared/exceptions/api.exception';
 import { GenerateUniqueApiKey } from '../generate-unique-api-key/generate-unique-api-key.usecase';
 import { GetApiKeysCommand } from '../get-api-keys/get-api-keys.command';
 
@@ -21,7 +20,7 @@ export class RegenerateApiKeys {
     const environment = await this.environmentRepository.findOne({ _id: command.environmentId });
 
     if (!environment) {
-      throw new ApiException(`Environment id: ${command.environmentId} not found`);
+      throw new BadRequestException(`Environment id: ${command.environmentId} not found`);
     }
 
     const key = await this.generateUniqueApiKey.execute();

apps/api/src/app/events/usecases/parse-event-request/parse-event-request.usecase.ts

@@ -38,7 +38,6 @@ import { addBreadcrumb } from '@sentry/node';
 import { randomBytes } from 'crypto';
 import { merge } from 'lodash';
 import { v4 as uuidv4 } from 'uuid';
-import { ApiException } from '../../../shared/exceptions/api.exception';
 import { RecipientSchema, RecipientsSchema } from '../../utils/trigger-recipient-validation';
 import { VerifyPayload, VerifyPayloadCommand } from '../verify-payload';
 import {
@@ -327,7 +326,7 @@ export class ParseEventRequest {
     }
 
     if (invalidKeys.length) {
-      throw new ApiException(`Trigger is missing: ${invalidKeys.join(', ')}`);
+      throw new BadRequestException(`Trigger is missing: ${invalidKeys.join(', ')}`);
     }
   }
 

apps/api/src/app/events/usecases/send-test-email/send-test-email.usecase.ts

@@ -5,7 +5,6 @@ import { ChannelTypeEnum, EmailProviderIdEnum, IEmailOptions, WorkflowOriginEnum
 
 import {
   AnalyticsService,
-  ApiException,
   CompileEmailTemplate,
   CompileEmailTemplateCommand,
   GetNovuProviderCredentials,
@@ -51,7 +50,7 @@ export class SendTestEmail {
     );
 
     if (!integration) {
-      throw new ApiException(`Missing an active email integration`);
+      throw new BadRequestException(`Missing an active email integration`);
     }
 
     if (integration.providerId === EmailProviderIdEnum.Novu) {
@@ -107,7 +106,7 @@ export class SendTestEmail {
       );
 
       if (!data.outputs) {
-        throw new ApiException('Could not retrieve content from edge');
+        throw new BadRequestException('Could not retrieve content from edge');
       }
 
       html = data.outputs.body as string;
@@ -149,7 +148,7 @@ export class SendTestEmail {
         providerId,
       });
     } catch (error) {
-      throw new ApiException(`Unexpected provider error`);
+      throw new BadRequestException(`Unexpected provider error`);
     }
   }