chore: update deps for security (#2)

* chore: pin deps

* chore: pnpm import

* chore: add build command

* chore: upgrade discord.js, add axios peer dep

* move from langchain to ai sdk

* remove unused axios package

* move to bun, update eslint and prettier dependencies

* run lint and prettier

* fix build

* back to pnpm, as bun does not have audit command. fix dockerfile

---------

Co-authored-by: Alessio Gravili <[email protected]>

Author: denolfe

.prettierignore

@@ -1,2 +1,13 @@
-dist/
-build/
+.tmp
+**/.git
+**/.hg
+**/.pnp.*
+**/.svn
+**/.yarn/**
+**/build
+**/dist/**
+**/node_modules
+**/temp
+tsconfig.json
+payload-types.ts
+tsconfig.tsbuildinfo

.prettierrc.json

@@ -1,5 +1,6 @@
 {
   "singleQuote": true,
   "trailingComma": "all",
-  "printWidth": 100
+  "printWidth": 100,
+  "semi": false
 }

.vscode/extensions.json

@@ -1,3 +1,3 @@
 {
-  "recommendations": ["dbaeumer.vscode-eslint", "esbenp.prettier-vscode"]
+  "recommendations": ["esbenp.prettier-vscode", "dbaeumer.vscode-eslint"]
 }

.vscode/launch.json

@@ -1,4 +1,5 @@
 {
+  "npm.packageManager": "bun",
   "editor.defaultFormatter": "esbenp.prettier-vscode",
   "[typescript]": {
     "editor.defaultFormatter": "esbenp.prettier-vscode",
@@ -14,6 +15,13 @@
       "source.fixAll.eslint": "explicit"
     }
   },
+  "[javascript]": {
+    "editor.defaultFormatter": "esbenp.prettier-vscode",
+    "editor.formatOnSave": true,
+    "editor.codeActionsOnSave": {
+      "source.fixAll.eslint": "explicit"
+    }
+  },
   "[json]": {
     "editor.defaultFormatter": "esbenp.prettier-vscode",
     "editor.formatOnSave": true
@@ -23,6 +31,10 @@
     "editor.formatOnSave": true
   },
   "editor.formatOnSaveMode": "file",
-  "eslint.rules.customizations": [{ "rule": "*", "severity": "warn" }],
-  "typescript.tsdk": "node_modules/typescript/lib"
+  "typescript.tsdk": "node_modules/typescript/lib",
+  "[javascript][typescript][typescriptreact]": {
+    "editor.codeActionsOnSave": {
+      "source.fixAll.eslint": "explicit"
+    }
+  }
 }

.vscode/settings.json

@@ -1,14 +1,36 @@
-FROM node:20-alpine AS builder
+# use the official Bun image
+# see all versions at https://hub.docker.com/r/oven/bun/tags
+FROM oven/bun:1 AS base
+WORKDIR /usr/src/app
 
-RUN mkdir -p /app
-WORKDIR /app
+# Install pnpm globally
+RUN bun install -g pnpm
 
-COPY package.json  .
-COPY yarn.lock .
+# install dependencies into temp directory
+# this will cache them and speed up future builds
+FROM base AS install
+RUN mkdir -p /temp/dev
+COPY package.json pnpm-lock.yaml /temp/dev/
+RUN cd /temp/dev && pnpm install --frozen-lockfile
 
-RUN yarn install
+# install with --production (exclude devDependencies)
+RUN mkdir -p /temp/prod
+COPY package.json pnpm-lock.yaml /temp/prod/
+RUN cd /temp/prod && pnpm install --frozen-lockfile --production
 
+# copy node_modules from temp directory
+# then copy all (non-ignored) project files into the image
+FROM base AS prerelease
+COPY --from=install /temp/dev/node_modules node_modules
 COPY . .
 
-EXPOSE 3000
-CMD [ "yarn", "run", "start" ]
+# copy production dependencies and source code into final image
+FROM base AS release
+COPY --from=install /temp/prod/node_modules node_modules
+COPY --from=prerelease /usr/src/app/package.json .
+COPY --from=prerelease /usr/src/app/src src
+
+# run the app
+USER bun
+EXPOSE 3000/tcp
+ENTRYPOINT [ "bun", "start" ]

Dockerfile

@@ -0,0 +1,56 @@
+import payloadEsLintConfig from '@payloadcms/eslint-config';
+import payloadPlugin from '@payloadcms/eslint-plugin';
+
+export const defaultESLintIgnores = [
+  '**/.temp',
+  '**/.*', // ignore all dotfiles
+  '**/.git',
+  '**/.hg',
+  '**/.pnp.*',
+  '**/.svn',
+  '**/playwright.config.ts',
+  '**/jest.config.js',
+  '**/tsconfig.tsbuildinfo',
+  '**/README.md',
+  '**/eslint.config.js',
+  '**/payload-types.ts',
+  '**/dist/',
+  '**/.yarn/',
+  '**/build/',
+  '**/node_modules/',
+  '**/temp/',
+];
+
+/** @typedef {import('eslint').Linter.Config} Config */
+
+export const rootParserOptions = {
+  sourceType: 'module',
+  ecmaVersion: 'latest',
+  projectService: true,
+};
+
+/** @type {Config[]} */
+export const rootEslintConfig = [
+  ...payloadEsLintConfig,
+  {
+    plugins: {
+      payload: payloadPlugin,
+    },
+    rules: {
+      'payload/no-jsx-import-statements': 'warn',
+    },
+  },
+];
+
+export default [
+  ...rootEslintConfig,
+  {
+    languageOptions: {
+      parserOptions: {
+        ...rootParserOptions,
+        projectService: true,
+        tsconfigRootDir: import.meta.dirname,
+      },
+    },
+  },
+];

eslint.config.js

@@ -1,31 +1,26 @@
 {
   "name": "payloadbot",
   "version": "1.0.0",
-  "main": "index.js",
+  "main": "src/Bot.ts",
   "license": "MIT",
+  "type": "module",
   "scripts": {
-    "dev": "nodemon",
-    "start": "ts-node src/Bot.ts"
+    "build": "tsc",
+    "dev": "bun --watch src/Bot.ts",
+    "start": "bun src/Bot.ts"
   },
   "dependencies": {
-    "algoliasearch": "^4.19.1",
-    "discord.js": "14.14.1",
-    "dotenv": "^16.3.1",
-    "langchain": "^0.0.118",
-    "node-fetch": "^3.3.2",
-    "ts-node": "^10.9.1"
+    "@ai-sdk/openai": "1.2.5",
+    "ai": "4.1.61",
+    "algoliasearch": "4.19.1",
+    "discord.js": "14.18.0"
   },
   "devDependencies": {
-    "@types/node": "^20.4.5",
-    "@typescript-eslint/eslint-plugin": "6.2.0",
-    "@typescript-eslint/parser": "6.2.0",
-    "eslint": "^8.45.0",
-    "eslint-plugin-jsonc": "^2.8.0",
-    "eslint-plugin-simple-import-sort": "^10.0.0",
-    "eslint-plugin-typescript-sort-keys": "^2.3.0",
-    "jsonc-eslint-parser": "^2.3.0",
-    "nodemon": "^3.0.1",
-    "prettier": "^3.0.0",
-    "typescript": "^5.1.6"
+    "@types/bun": "1.2.5",
+    "@payloadcms/eslint-config": "3.28.0",
+    "@payloadcms/eslint-plugin": "3.28.0",
+    "eslint": "9.22.0",
+    "prettier": "3.5.3",
+    "typescript": "5.7.3"
   }
 }