Merge branch 'main' into replace-clearbit-logos

Author: banushi-a

.github/workflows/migration.yml

@@ -28,9 +28,9 @@ jobs:
       POSTGRES_URL: ${{ secrets.POSTGRES_URL_STAGING }}
     steps:
       - uses: actions/checkout@v4
-      
+
       - name: Setup
         uses: ./tooling/github/setup
-        
+
       - name: Migrate Staging
         run: pnpm db:migrate

.vscode/launch.json

@@ -1,7 +1,6 @@
 {
   "version": "0.2.0",
   "configurations": [
-    
     {
       "name": "Next.js",
       "type": "node-terminal",

apps/web/package.json

@@ -24,6 +24,7 @@
     "@trpc/client": "11.0.0-rc.441",
     "@trpc/react-query": "11.0.0-rc.441",
     "@trpc/server": "11.0.0-rc.441",
+    "bad-words": "^4.0.0",
     "dayjs": "^1.11.13",
     "fuse.js": "^7.0.0",
     "geist": "^1.3.0",

apps/web/src/app/(pages)/(dashboard)/companies/page.tsx

@@ -1,8 +1,7 @@
 "use client";
 
-import { useRouter } from "next/navigation";
+import { useRouter, useSearchParams } from "next/navigation";
 
-import { useSearchParams } from "next/navigation";
 import { CompanyCardPreview } from "~/app/_components/companies/company-card-preview";
 import LoadingResults from "~/app/_components/loading-results";
 import NoResults from "~/app/_components/no-results";

apps/web/src/app/_components/form/review-form.tsx

@@ -3,6 +3,7 @@
 import { useState } from "react";
 import Image from "next/image";
 import { zodResolver } from "@hookform/resolvers/zod";
+import { Filter } from "bad-words";
 import dayjs from "dayjs";
 import { useForm } from "react-hook-form";
 import { animateScroll as scroll } from "react-scroll";
@@ -26,6 +27,7 @@ import { SubmissionConfirmation } from "~/app/_components/form/submission-confir
 import { api } from "~/trpc/react";
 import { SubmissionFailure } from "./submission-failure";
 
+const filter = new Filter();
 const formSchema = z.object({
   workTerm: z.nativeEnum(WorkTerm, {
     required_error: "You need to select a co-op cycle.",
@@ -78,20 +80,31 @@ const formSchema = z.object({
     })
     .min(1)
     .max(5),
-  interviewReview: z.string().optional(),
+  interviewReview: z
+    .string()
+    .optional()
+    .refine((val) => !filter.isProfane(val ?? ""), {
+      message: "The interview review cannot contain profane words.",
+    }),
   reviewHeadline: z
     .string({
       required_error: "You need to enter a Review Headline.",
     })
     .min(8, {
       message: "The review headline must be at least 8 characters.",
+    })
+    .refine((val) => !filter.isProfane(val), {
+      message: "The review headline cannot contain profane words.",
     }),
   textReview: z
     .string({
       required_error: "You need to enter a review for your co-op.",
     })
     .min(8, {
       message: "The review must be at least 8 characters.",
+    })
+    .refine((val) => !filter.isProfane(val), {
+      message: "The review cannot contain profane words.",
     }),
   locationId: z.string().optional(),
   hourlyPay: z.coerce

apps/web/src/app/_components/reviews/new-role-dialogue.tsx

@@ -1,5 +1,6 @@
 import { useState } from "react";
 import { zodResolver } from "@hookform/resolvers/zod";
+import { Filter } from "bad-words";
 import { useForm } from "react-hook-form";
 import { z } from "zod";
 
@@ -27,11 +28,15 @@ import { Textarea } from "@cooper/ui/textarea";
 
 import { api } from "~/trpc/react";
 
+const filter = new Filter();
 const roleSchema = z.object({
   title: z
     .string({ required_error: "You need to enter a role title." })
     .min(5, {
       message: "The role title must be at least 5 characters.",
+    })
+    .refine((val) => !filter.isProfane(val), {
+      message: "The title cannot contain profane words.",
     }),
   description: z
     .string()
@@ -40,6 +45,9 @@ const roleSchema = z.object({
     })
     .max(500, {
       message: "The description must be at most 500 characters.",
+    })
+    .refine((val) => !filter.isProfane(val), {
+      message: "The description cannot contain profane words.",
     }),
   companyId: z.string(),
   createdBy: z.string(),

packages/api/package.json

@@ -24,6 +24,7 @@
     "@cooper/db": "workspace:*",
     "@cooper/validators": "workspace:*",
     "@trpc/server": "11.0.0-rc.441",
+    "bad-words": "^4.0.0",
     "fuse.js": "^7.0.0",
     "superjson": "2.2.1",
     "zod": "catalog:"

packages/api/src/router/review.ts

@@ -1,5 +1,6 @@
 import type { TRPCRouterRecord } from "@trpc/server";
 import { TRPCError } from "@trpc/server";
+import { Filter } from "bad-words";
 import Fuse from "fuse.js";
 import { z } from "zod";
 
@@ -90,8 +91,40 @@ export const reviewRouter = {
           message: "You must be logged in to leave a review",
         });
       }
+
+      // Initialize bad words filter
+      const filter = new Filter();
+
+      if (filter.isProfane(input.reviewHeadline)) {
+        throw new TRPCError({
+          code: "PRECONDITION_FAILED",
+          message: "Review headline cannot contain profane words",
+        });
+      } else if (filter.isProfane(input.textReview)) {
+        throw new TRPCError({
+          code: "PRECONDITION_FAILED",
+          message: "Review text cannot contain profane words",
+        });
+      } else if (filter.isProfane(input.interviewReview ?? "")) {
+        throw new TRPCError({
+          code: "PRECONDITION_FAILED",
+          message: "Interview review cannot contain profane words",
+        });
+      }
+
+      // Create a clean version of the input with filtered strings
+      const cleanInput = {
+        ...input,
+        reviewHeadline: filter.clean(input.reviewHeadline),
+        textReview: filter.clean(input.textReview),
+        // Keep non-string fields as they are
+        profileId: input.profileId,
+        interviewReview: filter.clean(input.interviewReview ?? ""),
+      };
+
+      // Rest of the validation logic
       const reviews = await ctx.db.query.Review.findMany({
-        where: eq(Review.profileId, input.profileId),
+        where: eq(Review.profileId, cleanInput.profileId),
       });
       if (reviews.length >= 5) {
         throw new TRPCError({
@@ -101,8 +134,8 @@ export const reviewRouter = {
       }
       const reviewsInSameCycle = reviews.filter(
         (review) =>
-          review.workTerm === input.workTerm &&
-          review.workYear === input.workYear,
+          review.workTerm === cleanInput.workTerm &&
+          review.workYear === cleanInput.workYear,
       );
       if (reviewsInSameCycle.length >= 2) {
         throw new TRPCError({
@@ -129,7 +162,7 @@ export const reviewRouter = {
         }
       }
 
-      return ctx.db.insert(Review).values(input);
+      return ctx.db.insert(Review).values(cleanInput);
     }),
 
   delete: protectedProcedure.input(z.string()).mutation(({ ctx, input }) => {

packages/api/src/router/role.ts

@@ -1,4 +1,6 @@
 import type { TRPCRouterRecord } from "@trpc/server";
+import { TRPCError } from "@trpc/server";
+import { Filter } from "bad-words";
 import { z } from "zod";
 
 import type { ReviewType, RoleType } from "@cooper/db/schema";
@@ -134,7 +136,26 @@ export const roleRouter = {
   create: protectedProcedure
     .input(CreateRoleSchema)
     .mutation(({ ctx, input }) => {
-      return ctx.db.insert(Role).values(input);
+      const filter = new Filter();
+
+      if (filter.isProfane(input.title)) {
+        throw new TRPCError({
+          code: "PRECONDITION_FAILED",
+          message: "Title cannot contain profane words",
+        });
+      } else if (filter.isProfane(input.description ?? "")) {
+        throw new TRPCError({
+          code: "PRECONDITION_FAILED",
+          message: "Description cannot contain profane words",
+        });
+      }
+
+      const cleanInput = {
+        ...input,
+        title: filter.clean(input.title),
+        description: filter.clean(input.description ?? ""),
+      };
+      return ctx.db.insert(Role).values(cleanInput);
     }),
 
   delete: protectedProcedure.input(z.string()).mutation(({ ctx, input }) => {

packages/scraper/scraped/companyDetails_2025-03-06.json

@@ -24475,4 +24475,4 @@
     "description": "Zyoin Jobs offers comprehensive staffing and recruitment solutions in India, catering to both technical and non-technical talent. They serve over 300 partner organizations, addressing diverse hiring needs.",
     "website": "zyoin.com"
   }
-}
+}

packages/scraper/scraped/companyNames_2025-03-06.json

@@ -6143,4 +6143,4 @@
   "Zyston",
   "Zymeworks",
   "Zyoin Jobs"
-]
+]

packages/scraper/scraped/seed data/companies.json

@@ -30594,4 +30594,4 @@
     "website": "zyoin.com",
     "industry": "TECHNOLOGY"
   }
-}
+}