chore(vendor): update @lightbasenl/backend

_This PR is created by sync and will be force-pushed daily. Overwriting any manual changes done to this PR._

- feat(backend): support passing user props to authTestCreateUser (lightbasenl/platform-components@a7f7fad)
- chore(deps): Bump @xmldom/xmldom from 0.9.4 to 0.9.5 in the production group (lightbasenl/platform-components#1348) (lightbasenl/platform-components@4204470)
- chore(deps): Bump rate-limiter-flexible from 5.0.3 to 5.0.4 in the production group (lightbasenl/platform-components#1346) (lightbasenl/platform-components@822c961)
- chore(deps): Bump @xmldom/xmldom from 0.9.3 to 0.9.4 in the production group (lightbasenl/platform-components#1344) (lightbasenl/platform-components@5e34679)
- fix(feature-flag): allow updating 'userValues' (lightbasenl/platform-components@bb290dd)
- fix(feature-flag): use correct sql connection for fetching session (lightbasenl/platform-components@33e27e8)
- chore(deps): bump xmldom (lightbasenl/platform-components@b1d5ba6)
- chore: replace lint setup with @lightbase/eslint-config (lightbasenl/platform-components@c8e7656)
- feat!(backend): feature flags per user (lightbasenl/platform-components#1341) (lightbasenl/platform-components@075e8cd)
- feat(backend): add hook to be called in `authRequireUser` on a successful check (lightbasenl/platform-components@90f5223)
- chore: make compatible with new and old lint configs (lightbasenl/platform-components@445035b)
- chore(deps): Bump @lightbase/pull-through-cache from 0.2.0 to 0.2.1 in the production group (lightbasenl/platform-components#1326) (lightbasenl/platform-components@83e6a49)
- chore(backend): remove duplicate check on `requiredPermissions` (lightbasenl/platform-components@387fa87)
- feat(backend): support `oneOfRequiredPermissions` (lightbasenl/platform-components@f78adcc)
- feat(feature-flag,multitenant): report cache events as Sentry metric (lightbasenl/platform-components@22ebc13)- Failed to execute `npx compas lint`. Sync is not able to correct this, so human checks and fixes are necessary for this PR.

gen/index.js

@@ -1,4 +1,10 @@
 import { storeGetStructure } from "@compas/store";
+import { featureFlagDefinition, permissions } from "../src/constants.js";
+import { extendWithAuthCustom } from "./auth.js";
+import { extendWithDatabase } from "./database.js";
+import { extendWithMail } from "./mail.js";
+import { extendWithScaffold } from "./scaffold.js";
+import { extendWithType } from "./type.js";
 import {
   authPermissions,
   extendWithAuthAnonymousBased,
@@ -9,12 +15,6 @@ import {
   extendWithFeatureFlag,
   extendWithManagement,
 } from "@lightbasenl/backend";
-import { featureFlagDefinition, permissions } from "../src/constants.js";
-import { extendWithAuthCustom } from "./auth.js";
-import { extendWithDatabase } from "./database.js";
-import { extendWithMail } from "./mail.js";
-import { extendWithScaffold } from "./scaffold.js";
-import { extendWithType } from "./type.js";
 
 /**
  * Extend with compas additional/optional package  structures

scripts/queue.js

@@ -10,12 +10,6 @@ import {
   queueWorkerCreate,
   queueWorkerRegisterCronJobs,
 } from "@compas/store";
-import {
-  authEventNames,
-  authJobNames,
-  authPasswordBasedInvalidateResetTokens,
-  managementInvalidateUsers,
-} from "@lightbasenl/backend";
 import {
   authAnonymousBasedUserRegisteredEvent,
   authPasswordBasedEmailUpdatedEvent,
@@ -29,6 +23,12 @@ import { injectServices } from "../src/service.js";
 import { serviceLogger } from "../src/services/logger.js";
 import { sql } from "../src/services/postgres.js";
 import { bucketName, s3Client } from "../src/services/s3.js";
+import {
+  authEventNames,
+  authJobNames,
+  authPasswordBasedInvalidateResetTokens,
+  managementInvalidateUsers,
+} from "@lightbasenl/backend";
 
 mainFn(import.meta, main);
 

src/auth/jobs.js

@@ -36,7 +36,7 @@ export async function authAnonymousBasedUserRegisteredEvent(
   }
 
   // TODO(platform): Act
-  // eslint-disable-next-line no-unused-vars
+
   const x = 5;
 
   eventStop(event);
@@ -87,7 +87,7 @@ export async function authPasswordBasedUserRegisteredEvent(
   }
 
   // TODO(platform): Act
-  // eslint-disable-next-line no-unused-vars
+
   const x = 5;
 
   eventStop(event);
@@ -139,7 +139,7 @@ export async function authPasswordBasedForgotPasswordEvent(
   }
 
   // TODO(platform): Act
-  // eslint-disable-next-line no-unused-vars
+
   const x = 5;
 
   eventStop(event);
@@ -180,7 +180,7 @@ export async function authPasswordBasedPasswordUpdatedEvent(
   }
 
   // TODO(platform): Act
-  // eslint-disable-next-line no-unused-vars
+
   const x = 5;
 
   eventStop(event);
@@ -228,7 +228,7 @@ export async function authPasswordBasedEmailUpdatedEvent(event, sql, { data }) {
   }
 
   // TODO(platform): Act
-  // eslint-disable-next-line no-unused-vars
+
   const x = 5;
 
   eventStop(event);
@@ -269,7 +269,7 @@ export async function authPasswordBasedLoginVerifiedEvent(
   }
 
   // TODO(platform): Act
-  // eslint-disable-next-line no-unused-vars
+
   const x = 5;
 
   eventStop(event);
@@ -310,7 +310,7 @@ export async function authPasswordBasedPasswordResetEvent(
   }
 
   // TODO(platform): Act
-  // eslint-disable-next-line no-unused-vars
+
   const x = 5;
 
   eventStop(event);

src/mail/events.js

@@ -42,7 +42,7 @@ export async function mailSendGeneric(event, email, payload) {
  * @param {function(MailAddressHeaders, T): MailTemplateResponse} template
  * @param {MailAddressHeaders} addresses
  * @param {T} [payload={}]
- * @param {import("@types/nodemailer").Attachment[]} [attachments]
+ * @param {Array<import("@types/nodemailer").Attachment>} [attachments]
  * @returns {Promise<void>}
  */
 async function mailSend(
@@ -92,9 +92,9 @@ async function mailSend(
  * Construct a mail header object for nodemailer
  *
  * @param {MailAddress} from
- * @param {MailAddress|MailAddress[]} to
- * @param {MailAddress[]|undefined} [cc]
- * @param {MailAddress[]|undefined} [bcc]
+ * @param {MailAddress | Array<MailAddress>} to
+ * @param {Array<MailAddress> | undefined} [cc]
+ * @param {Array<MailAddress> | undefined} [bcc]
  * @returns {MailAddressHeaders}
  */
 function constructMailAddressHeaders(from, to, cc, bcc) {

src/scaffold/controller.js

@@ -1,7 +1,7 @@
 import { newEventFromEvent } from "@compas/stdlib";
-import { authCreateUser, multitenantRequireTenant } from "@lightbasenl/backend";
 import { scaffoldHandlers } from "../generated/application/scaffold/controller.js";
 import { sql } from "../services/postgres.js";
+import { authCreateUser, multitenantRequireTenant } from "@lightbasenl/backend";
 
 // TODO(platform): remove this;
 scaffoldHandlers.createUser = async (ctx) => {

src/services/app.js

@@ -1,7 +1,7 @@
 import { createBodyParser, getApp } from "@compas/server";
-import { backendGetConfig } from "@lightbasenl/backend";
 import { router } from "../generated/application/common/router.js";
 import { serviceLogger } from "./logger.js";
+import { backendGetConfig } from "@lightbasenl/backend";
 
 /**
  * @type {Application}

src/services/core.js

@@ -5,7 +5,7 @@ import { AppError, environment } from "@compas/stdlib";
  * This method should be used as guard during startup to ensure non-unexpected
  * code paths are hit during runtime.
  *
- * @param {string[]} requiredEnvironmentVariables
+ * @param {Array<string>} requiredEnvironmentVariables
  * @returns {void}
  */
 export function ensureEnvironmentVars(requiredEnvironmentVariables) {

src/services/lpc.js

@@ -1,11 +1,11 @@
 import { newEvent } from "@compas/stdlib";
+import { buildMandatoryRoles, permissions } from "../constants.js";
+import { serviceLogger } from "./logger.js";
 import {
   authPermissions,
   backendInit,
   backendInitServices,
 } from "@lightbasenl/backend";
-import { buildMandatoryRoles, permissions } from "../constants.js";
-import { serviceLogger } from "./logger.js";
 
 /**
  * @returns {Promise<void>}

src/testing.js

@@ -4,10 +4,6 @@ import {
   cleanupTestPostgresDatabase,
   objectStorageRemoveBucket,
 } from "@compas/store";
-import {
-  authInjectTokenInterceptors,
-  multitenantInjectAxios,
-} from "@lightbasenl/backend";
 import axios from "axios";
 import { axiosInterceptErrorAndWrapWithAppError } from "./generated/application/common/api-client.js";
 import {
@@ -25,6 +21,10 @@ import {
   serviceS3EnsureBuckets,
   serviceS3Init,
 } from "./services/s3.js";
+import {
+  authInjectTokenInterceptors,
+  multitenantInjectAxios,
+} from "@lightbasenl/backend";
 
 /**
  * Initialize all services based on an empty database and fresh s3 bucket.

vendor/backend/README.md

@@ -200,6 +200,7 @@ erDiagram
         string description
         string name
         generic tenantValues
+        generic userValues
         date createdAt
         date updatedAt
     }

vendor/backend/package.json

@@ -13,10 +13,10 @@
   ],
   "scripts": {},
   "dependencies": {
-    "@lightbase/pull-through-cache": "0.1.2",
-    "@xmldom/xmldom": "0.8.10",
+    "@lightbase/pull-through-cache": "0.2.1",
+    "@xmldom/xmldom": "0.9.5",
     "bcrypt": "5.1.1",
-    "rate-limiter-flexible": "5.0.3",
+    "rate-limiter-flexible": "5.0.4",
     "speakeasy": "2.0.0",
     "xml-crypto": "6.0.0",
     "xpath": "0.0.34"
@@ -30,5 +30,5 @@
     "url": "https://github.com/lightbasenl/platform-components.git",
     "directory": "packages/backend"
   },
-  "gitHead": "b335a6c8aa6f5e14489b582b02b6fa45beda00b6"
+  "gitHead": "a7f7fad325e2fa24f779542a3aece0c5aee82f64"
 }

vendor/backend/src/auth/digid-based/events.js

@@ -15,7 +15,7 @@ import {
   uuid,
 } from "@compas/stdlib";
 import { queueWorkerAddJob } from "@compas/store";
-import xmldom from "@xmldom/xmldom";
+import xmldom, { MIME_TYPE } from "@xmldom/xmldom";
 import axios from "axios";
 import xmlCrypto from "xml-crypto";
 import xpath from "xpath";
@@ -362,7 +362,10 @@ export async function authDigidBasedResolveArtifact(
     );
   }
 
-  const doc = new xmldom.DOMParser().parseFromString(xmlResponse);
+  const doc = new xmldom.DOMParser().parseFromString(
+    xmlResponse,
+    MIME_TYPE.XML_APPLICATION,
+  );
   const [mainStatus, subStatus, subSubStatus] = xpath.select(
     "//*[local-name(.)='StatusCode']/@Value",
     doc,
@@ -534,7 +537,10 @@ async function authDigidBasedGetSignatureForPayload(
 async function authDigidBasedVerifySignaturesForXmlPayload(event, payload) {
   eventStart(event, "authDigidBased.verifySignaturesForXmlPayload");
 
-  const doc = new xmldom.DOMParser().parseFromString(payload);
+  const doc = new xmldom.DOMParser().parseFromString(
+    payload,
+    MIME_TYPE.XML_APPLICATION,
+  );
   const signatures = xpath.select("//*[local-name(.)='Signature']", doc);
   if (signatures.length === 0) {
     throw AppError.serverError({

vendor/backend/src/auth/events.js

@@ -104,7 +104,7 @@ function authVerifyServerSideRenderingHeader(ctx, headerKey) {
  *   };
  * ```
  * @param {import("@compas/server").Context<any, any, any>} ctx
- * @param {string[]} allowedIps
+ * @param {Array<string>} allowedIps
  */
 export function authIpCheck(ctx, allowedIps) {
   let trustedIp = ctx.ip;

vendor/backend/src/auth/keycloak-based/events.js

@@ -408,6 +408,8 @@ export async function authKeycloakBasedVerifyAndReadToken(
   } catch (e) {
     throw AppError.validationError(
       "authKeycloakBased.verifyAndReadToken.invalidToken",
+      {},
+      e,
     );
   }
 }

vendor/backend/src/auth/permissions/controller.js

@@ -1,3 +1,4 @@
+/* eslint-disable jsdoc/check-types */
 import { newEventFromEvent } from "@compas/stdlib";
 import { backendGetTenantAndUser } from "../../events.js";
 import { sql } from "../../services.js";
@@ -19,8 +20,8 @@ import {
 
 /**
  * @typedef {(tenants:
- *   QueryResultBackendTenant[]) =>
- *   PermissionMandatoryRole[]} PermissionBuildMandatoryRoles
+ *   Array<QueryResultBackendTenant>) =>
+ *   Array<PermissionMandatoryRole>} PermissionBuildMandatoryRoles
  */
 
 /**