Skip to content

Adding support of moesif integration #568

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
HiranyaKavishani wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Adding support of moesif integration #568

HiranyaKavishani wants to merge 1 commit into from

Conversation

@HiranyaKavishani
Copy link
Contributor

@HiranyaKavishani HiranyaKavishani commented Sep 23, 2025
edited by coderabbitai bot
Loading

Purpose

$Subject for Bijira growth hacking through moesif

Goals

Describe the solutions that this feature/fix will introduce to resolve the problems described above

Approach

Describe how you are implementing the solutions. Include an animated GIF or screenshot if the change affects the UI (email [email protected] to review all UI text). Include a link to a Markdown file or Google doc if the feature write-up is too long to paste here.

User stories

Summary of user stories addressed by this change>

Release note

Brief description of the new feature or bug fix as it will appear in the release notes

Documentation

Link(s) to product documentation that addresses the changes of this PR. If no doc impact, enter “N/A” plus brief explanation of why there’s no doc impact

Training

Link to the PR for changes to the training content in https://github.com/wso2/WSO2-Training, if applicable

Certification

Type “Sent” when you have provided new/updated certification questions, plus four answers for each question (correct answer highlighted in bold), based on this change. Certification questions/answers should be sent to [email protected] and NOT pasted in this PR. If there is no impact on certification exams, type “N/A” and explain why.

Marketing

Link to drafts of marketing content that will describe and promote this feature, including product page changes, technical articles, blog posts, videos, etc., if applicable

Automation tests

  • Unit tests

    Code coverage information

  • Integration tests

    Details about the test cases and coverage

Security checks

Samples

Provide high-level details about the samples related to this feature

Related PRs

List any other related PRs

Migrations (if applicable)

Describe migration steps and platforms on which migration has been tested

Test environment

List all JDK versions, operating systems, databases, and browser/versions on which this feature/fix was tested

Learning

Describe the research phase and any blog posts, patterns, libraries, or add-ons you used to solve the problem.

Summary by CodeRabbit

  • Chores
    • Updated project dependencies to include enhanced monitoring and analytics integration
    • Reorganized development dependencies for improved build and development workflow

✏️ Tip: You can customize this high-level summary in your review settings.

@CLAassistant
Copy link

CLAassistant commented Sep 23, 2025

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.

Hiranya Abeyrathne seems not to be a GitHub user. You need a GitHub account to be able to sign the CLA. If you have already a GitHub account, please add the email address used for this commit to your account.
You have signed the CLA already but the status is still pending? Let us recheck it.

@coderabbitai
Copy link

coderabbitai bot commented Dec 23, 2025
edited
Loading

Walkthrough

The pull request updates package dependencies by adding the moesif-nodejs monitoring library to production dependencies, removing the npm package as a dependency, and moving nodemon to devDependencies with a version upgrade.

Changes

Cohort / File(s) Summary
Dependency Management
package.json		 Added moesif-nodejs ^3.9.1 to dependencies for API monitoring. Removed npm ^11.2.0 from dependencies. Moved nodemon from dependencies (^3.1.4) to devDependencies with version bump to ^3.1.10.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Poem

🐰 Hopping through dependencies with glee,
Moesif joins us—monitoring, you see!
Nodemon moves to dev where tools belong,
Package harmony, oh so strong!

Pre-merge checks and finishing touches

❌ Failed checks (1 warning)
Check name Status Explanation Resolution
Description check ⚠️ Warning The description contains only template placeholders with minimal content. The Purpose section is vague ('$Subject for Bijira growth hacking through moesif'), and all other required sections are empty or contain only template guidance text with no actual information provided. Complete all required sections with concrete details: explain the purpose and goals of moesif integration, describe the implementation approach, provide test coverage information, document security checks, and include any relevant documentation or related PRs.
✅ Passed checks (2 passed)
Check name Status Explanation
Title check ✅ Passed The title clearly relates to the main changeset: adding moesif-nodejs dependency to enable moesif integration, which aligns with 'Adding support of moesif integration'.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
✨ Finishing touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

coderabbitai[bot]
coderabbitai bot reviewed Dec 23, 2025
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

📜 Review details

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between d8e1cbf and fd79a3c.

⛔ Files ignored due to path filters (1)
  • package-lock.json is excluded by !**/package-lock.json
📒 Files selected for processing (1)
  • package.json
🔇 Additional comments (1)
package.json (1)

100-100: Excellent refactoring: nodemon correctly moved to devDependencies.

The move of nodemon from dependencies to devDependencies with a version upgrade (^3.1.4 → ^3.1.10) is correct. Nodemon is a development tool and should not be a production dependency. The scripts referencing nodemon (lines 7-9) will continue to work as expected since devDependencies are available during development.

Additionally, removing npm from dependencies (per the AI summary) is good cleanup—npm is a global package manager and shouldn't be a project dependency.

package.json
"jsonwebtoken": "^9.0.2",
"marked": "^13.0.3",
"minimatch": "^10.0.1",
"moesif-nodejs": "^3.9.1",
Copy link

@coderabbitai coderabbitai bot Dec 23, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Check moesif-nodejs package information on npm
echo "=== Checking moesif-nodejs on npm ==="
curl -s https://registry.npmjs.org/moesif-nodejs | jq -r '{latest: .["dist-tags"].latest, versions: [.versions | keys | .[] | select(test("^3\\.9"))]}'

# Also get version-specific security info
echo -e "\n=== Latest 5 versions ==="
curl -s https://registry.npmjs.org/moesif-nodejs | jq -r '.versions | keys | .[-5:]'

Repository: wso2/api-developer-portal-core

Length of output: 267

🏁 Script executed:

#!/bin/bash
# Search for moesif-nodejs usage in codebase
echo "=== Searching for moesif imports and references ==="
rg -n "moesif" --type js --type ts --type json -C 2

# Also check for require statements specifically
echo -e "\n=== Checking for moesif-nodejs require/import ==="
rg "require.*moesif|import.*moesif" -C 3

Repository: wso2/api-developer-portal-core

Length of output: 2188

moesif-nodejs is declared but not integrated in the codebase.

While moesif-nodejs ^3.9.1 exists on npm (latest is 3.11.0), no integration code was found in the repository. The package appears only in package.json and package-lock.json with no require() or import statements. Either remove the dependency if it's not yet needed, or add the required integration code to use it.

🤖 Prompt for AI Agents 
In package.json around line 55, the dependency "moesif-nodejs" is declared but
not used; either remove it from package.json (and package-lock.json) if not
needed, or integrate it by importing/require-ing moesif-nodejs in your server
entry (e.g., src/server.js or app.js), initializing the Moesif middleware with
the Moesif API key from env (process.env.MOESIF_APPLICATION_ID), attaching the
middleware to your Express/Koa/HTTP pipeline before routes, and add any needed
configuration (identify user, mask headers/body) so the package is actually
used; after changes run npm install to update package-lock.json and commit both
files.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

@DivyaPremanantha DivyaPremanantha Awaiting requested review from DivyaPremanantha DivyaPremanantha is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@HiranyaKavishani @CLAassistant