Skip to content

WEB-389: Fix date format issue when editing holidays #2741

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 1 commit into
base: dev
Choose a base branch
from
+23 −16
Open

WEB-389: Fix date format issue when editing holidays #2741

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
###############
### STAGE 1: Build app
###############
ARG BUILDER_IMAGE=node:22.9.0-alpine
ARG NGINX_IMAGE=nginx:1.27.4-alpine3.21-slim
ARG BUILDER_IMAGE=node:24-alpine3.22
ARG NGINX_IMAGE=nginx:1.29-alpine3.22-slim
Comment on lines +4 to +5
Copy link

@coderabbitai coderabbitai bot Nov 7, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

Verify that Docker image version updates align with PR objectives and are secure.

The Dockerfile updates the base images (node:24-alpine3.22 and nginx:1.29-alpine3.22-slim), but the PR description focuses on date formatting fixes for holiday components and does not mention Docker changes. This appears to be either an accidental inclusion or an undocumented infrastructure update.

Additionally, since the knowledge cutoff is March 2025 and today is November 2025, I need to verify that these specific versions are current, stable, and free of security vulnerabilities.

Please confirm:

  1. Whether these Docker image version updates are intentional and related to the holiday editing fix.
  2. Whether there are newer, more secure versions of these images available as of November 2025.

Run the following script to check for known security advisories:

🏁 Script executed:

#!/bin/bash
# Description: Check if node:24-alpine3.22 and nginx:1.29-alpine3.22-slim have known vulnerabilities

# Query Node.js image security advisories (using Docker image metadata)
echo "=== Checking Node 24 Alpine 3.22 ==="
curl -s "https://registry.hub.docker.com/v2/library/node/manifests/24-alpine3.22" \
  -H "Accept: application/vnd.docker.distribution.manifest.v2+json" 2>/dev/null | head -20

echo ""
echo "=== Checking Nginx 1.29 Alpine 3.22 Slim ==="
curl -s "https://registry.hub.docker.com/v2/library/nginx/manifests/1.29-alpine3.22-slim" \
  -H "Accept: application/vnd.docker.distribution.manifest.v2+json" 2>/dev/null | head -20

Length of output: 393

I need to verify the stability and security of these image versions through web search rather than direct registry queries.

Consider using nginx stable branch (1.28) instead of mainline (1.29).

The Docker image updates introduce security and stability considerations:

Node.js 24 has officially entered Long-Term Support (LTS) as of October 31, 2025 and will receive maintenance and security updates through April 2028, making node:24-alpine3.22 a secure choice for production builds.

However, nginx 1.29 is the mainline branch where latest features and bug fixes get added, denoted by an odd second version number, whereas the stable branch uses even version numbers (e.g., 1.28) and receives only high-severity bug fixes without new features. For a production SPA server, the stable branch is more appropriate. Additionally, nginx 1.29.1+ patches CVE-2025-53859 but versions prior are vulnerable, so pinning to 1.29 without a patch version carries security risk.

Alpine 3.22 is supported for 2 years, making it a stable base image.

The PR description mentions date formatting fixes for holiday components—verify whether Docker changes are intentional or incidental infrastructure updates.

🤖 Prompt for AI Agents 
Dockerfile lines 4-5: the PR pins node:24-alpine3.22 and
nginx:1.29-alpine3.22-slim; update instructions: keep node:24-alpine3.22 (Node
24 is LTS) but replace or pin the nginx image to a stable, patched release —
preferably nginx:1.28-alpine3.22-slim for production, or if you must stay on
mainline use nginx:1.29.<patched>-alpine3.22-slim with the specific patch that
fixes CVE-2025-53859; also perform a quick web search to confirm the chosen
nginx tag includes the security fix and that Alpine 3.22 support matches your
policy, and verify the Docker image version change was intentional and not an
incidental infra change related to the date-formatting holiday fixes.


FROM $BUILDER_IMAGE AS builder
ARG NPM_REGISTRY_URL=https://registry.npmjs.org/
Expand Down
5 changes: 3 additions & 2 deletions src/app/loans/loans-view/repayment-schedule-tab/repayment-schedule-tab.component.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,8 +11,8 @@ import { InputBase } from 'app/shared/form-dialog/formfield/model/input-base';

import { jsPDF, jsPDFOptions } from 'jspdf';
import autoTable from 'jspdf-autotable';
import { NgIf, NgClass, CurrencyPipe } from '@angular/common';
import { MatButton, MatIconButton } from '@angular/material/button';
import { NgClass, CurrencyPipe } from '@angular/common';
import { MatIconButton } from '@angular/material/button';
import { FaIconComponent } from '@fortawesome/angular-fontawesome';
import {
MatTable,
Expand Down Expand Up @@ -172,6 +172,7 @@ export class RepaymentScheduleTabComponent implements OnInit, OnChanges {
if (!installment.fromDate) {
return '';
} else {
this.businessDate = this.settingsService.businessDate;
const fromDate = this.dateUtils.parseDate(installment.fromDate);
const dueDate = this.dateUtils.parseDate(installment.dueDate);
if (fromDate <= this.businessDate && this.businessDate < dueDate) {
Expand Down
9 changes: 6 additions & 3 deletions src/app/organization/holidays/create-holiday/create-holiday.component.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -332,11 +332,14 @@ export class CreateHolidayComponent implements OnInit {
const locale = this.settings.language.code;
const prevFromDate: Date = this.holidayForm.value.fromDate;
const prevToDate: Date = this.holidayForm.value.toDate;
holidayFormData.fromDate = this.dateUtils.formatDate(prevFromDate, dateFormat);
holidayFormData.toDate = this.dateUtils.formatDate(prevToDate, dateFormat);
holidayFormData.fromDate = this.dateUtils.formatDateAsString(prevFromDate, dateFormat);
holidayFormData.toDate = this.dateUtils.formatDateAsString(prevToDate, dateFormat);
if (this.holidayForm.contains('repaymentsRescheduledTo')) {
const prevRepaymentsRescheduledTo: Date = this.holidayForm.value.repaymentsRescheduledTo;
holidayFormData.repaymentsRescheduledTo = this.dateUtils.formatDate(prevRepaymentsRescheduledTo, dateFormat);
holidayFormData.repaymentsRescheduledTo = this.dateUtils.formatDateAsString(
prevRepaymentsRescheduledTo,
dateFormat
);
}
const offices = this.holidayForm.value.offices.map((office: string) => {
return { officeId: Number.parseInt(office, 10) };
Expand Down
21 changes: 12 additions & 9 deletions src/app/organization/holidays/edit-holiday/edit-holiday.component.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -134,17 +134,20 @@ export class EditHolidayComponent implements OnInit {
const locale = this.settingsService.language.code;
const dateFormat = this.settingsService.dateFormat;
if (!this.isActiveHoliday) {
if (this.reSchedulingType === 2) {
const repaymentScheduledTo: Date = this.holidayForm.value.repaymentsRescheduledTo;
holidayFormData.repaymentsRescheduledTo = this.dateUtils.formatDate(repaymentScheduledTo, dateFormat);
const prevFromDate = this.holidayForm.value.fromDate;
const prevToDate = this.holidayForm.value.toDate;

if (prevFromDate instanceof Date) {
holidayFormData.fromDate = this.dateUtils.formatDateAsString(prevFromDate, dateFormat);
}
const prevFromDate: Date = this.holidayForm.value.fromDate;
const prevToDate: Date = this.holidayForm.value.toDate;
if (holidayFormData.closureDate instanceof Date) {
holidayFormData.fromDate = this.dateUtils.formatDate(prevFromDate, dateFormat);
if (prevToDate instanceof Date) {
holidayFormData.toDate = this.dateUtils.formatDateAsString(prevToDate, dateFormat);
}
if (holidayFormData.closureDate instanceof Date) {
holidayFormData.toDate = this.dateUtils.formatDate(prevToDate, dateFormat);
if (this.reSchedulingType === 2) {
const repaymentScheduledTo = this.holidayForm.value.repaymentsRescheduledTo;
if (repaymentScheduledTo instanceof Date) {
holidayFormData.repaymentsRescheduledTo = this.dateUtils.formatDateAsString(repaymentScheduledTo, dateFormat);
}
}
}
const data = {
Expand Down