Add Full Medication Information Call - Fix Vulns (#29)

* Add Full Medication Information Call - Fix Vulns * Update .gitignore * Delete api/package-lock.json * Delete web/package-lock.json * Push package-locks * Update * Update * Update api-deploy-nonprod.yml * Missed a ' * Update pipelines
2026-01-23 00:33:18 -05:00 · 2026-01-23 00:33:18 -05:00 · 2a87dd5954
commit 2a87dd5954
parent 4f66a0169b
15 changed files with 109 additions and 5228 deletions
--- a/.github/workflows/api-deploy-nonprod.yml
+++ b/.github/workflows/api-deploy-nonprod.yml
@ -90,5 +90,5 @@ jobs:
    steps:
      - name: Deploy to Coolify
        run: |
-          curl -X --request GET '${{ secrets.COOLIFY_WEBHOOK_API }}' --header 'Authorization: Bearer ${{ secrets.COOLIFY_TOKEN }}'
+          curl '${{ secrets.COOLIFY_WEBHOOK_API }}' --header 'Authorization: Bearer ${{ secrets.COOLIFY_TOKEN }}'
--- a/.github/workflows/api-deploy-prod.yml
+++ b/.github/workflows/api-deploy-prod.yml
@ -90,5 +90,5 @@ jobs:
    steps:
      - name: Deploy to Coolify
        run: |
-          curl --request GET '${{ secrets.COOLIFY_WEBHOOK_API }}' --header 'Authorization: Bearer ${{ secrets.COOLIFY_TOKEN }}'
+          curl '${{ secrets.COOLIFY_WEBHOOK_API }}' --header 'Authorization: Bearer ${{ secrets.COOLIFY_TOKEN }}'
--- a/.github/workflows/web-deploy-nonprod.yml
+++ b/.github/workflows/web-deploy-nonprod.yml
@ -90,5 +90,5 @@ jobs:
    steps:
      - name: Deploy to Coolify
        run: |
-          curl --request GET '${{ secrets.COOLIFY_WEBHOOK_WEB }}' --header 'Authorization: Bearer ${{ secrets.COOLIFY_TOKEN }}'
+          curl '${{ secrets.COOLIFY_WEBHOOK_WEB }}' --header 'Authorization: Bearer ${{ secrets.COOLIFY_TOKEN }}'
--- a/.github/workflows/web-deploy-prod.yml
+++ b/.github/workflows/web-deploy-prod.yml
@ -90,5 +90,5 @@ jobs:
    steps:
      - name: Deploy to Coolify
        run: |
-          curl --request GET '${{ secrets.COOLIFY_WEBHOOK_WEB }}' --header 'Authorization: Bearer ${{ secrets.COOLIFY_TOKEN }}'
+          curl '${{ secrets.COOLIFY_WEBHOOK_WEB }}' --header 'Authorization: Bearer ${{ secrets.COOLIFY_TOKEN }}'
--- a/.gitignore
+++ b/.gitignore
@ -23,4 +23,7 @@ dist-ssr
 *.ntvs*
 *.njsproj
 *.sln
-*.sw?
+*.sw?
 api/package-lock.json
 web/package-lock.json
--- a/api/Dockerfile
+++ b/api/Dockerfile
@ -4,7 +4,7 @@ WORKDIR /app
 COPY ./package*.json ./
-RUN npm ci
+RUN npm cache clean --force && npm install --no-audit --no-fund
 COPY . ./
--- a/api/package-lock.json
+++ b/api/package-lock.json
--- a/api/package.json
+++ b/api/package.json
@ -12,7 +12,8 @@
    "cors": "^2.8.5",
    "dotenv": "^16.5.0",
    "express": "^5.2.0",
-    "pg": "^8.17.1"
+    "pg": "^8.17.1",
    "yup": "^1.7.1"
  },
  "devDependencies": {
    "nodemon": "^3.1.10"
--- a/api/services/medications/index.js
+++ b/api/services/medications/index.js
@ -1,5 +1,6 @@
 import express from 'express';
 import { databaseServices } from '../index.js';
 import { fullMedicationInformationSchema } from '../validations/medications.js';
 export const medicationRouter = express.Router();
@ -27,4 +28,19 @@ medicationRouter.get('/base/', async (req, res) => {
  } finally {
    res.send(data);
  }
 });
 medicationRouter.post('/full/', async (req, res) => {
  let data;
  const body = req?.body;
  try {
    await fullMedicationInformationSchema.validate(body);
    data = await databaseServices.getFullMedicationInformation(body?.drugId);
    res.status(200);
  } catch (err) {
    data = { Error: err?.message };
    res.status(500);
  } finally {
    res.send(data);
  }
 });
--- a/api/services/operations/helpers/medications.js
+++ b/api/services/operations/helpers/medications.js
@ -64,5 +64,66 @@ export const medicationHelpers = {
        const fullMedList = Object.values(medMap);
        return fullMedList;
    },
    getFullMedicationInformation: async (drugId) => {
        const [medInformation, medRoutes] = await Promise.all([
            paramyxRunQuery(
                `select
                    m.id,
                    m.generic,
                    m.trade,
                    m.system,
                    mi.class,
                    mi.indications,
                    mi.contraindications,
                    mi.precautions,
                    mi.adverse,
                    mi.onset,
                    mi.duration,
                    mi.tip,
                    mi.action
                from medications m inner join medication_information mi on m.id = mi.id where m.id = $1;`,
                [drugId]
            ),
            paramyxRunQuery(`select * from medication_routes mr where medication_id = $1;`, [drugId])
        ]);
        const fullMedicationInformation = {
            ...medInformation
        };
        medRoutes?.forEach((row) => {
            if (row?.is_adult) {
                fullMedicationInformation.adult = {
                    totalMax: row.total_max,
                    iv: row.intravenous,
                    io: row.intraosseous,
                    im: row.intramuscular,
                    in: row.intranasal,
                    po: row.oral,
                    sl: row.sublingual,
                    pr: row.rectal,
                    neb: row.nebulizer,
                    et: row.endotracheal,
                    sga: row.supraglottic
                }
            } else {
                fullMedicationInformation.pediatric = {
                    totalMax: row.total_max,
                    iv: row.intravenous,
                    io: row.intraosseous,
                    im: row.intramuscular,
                    in: row.intranasal,
                    po: row.oral,
                    sl: row.sublingual,
                    pr: row.rectal,
                    neb: row.nebulizer,
                    et: row.endotracheal,
                    sga: row.supraglottic
                }
            }
        });
        return fullMedicationInformation;
    }
 };
--- a/api/services/operations/medications.js
+++ b/api/services/operations/medications.js
@ -21,7 +21,18 @@ const getBaseMedications = async () => {
  }
 }
 const getFullMedicationInformation = async (drugId) => {
  try {
    const dataResp = medicationHelpers.getFullMedicationInformation(drugId);
    return dataResp;
  } catch (err) {
    console.log('GET FULL MEDICATION INFORMATION ERROR: ', err);
    throw err;
  }
 }
 export const medicationOperations = {
  getMedications,
-  getBaseMedications
+  getBaseMedications,
  getFullMedicationInformation
 }
--- a/api/services/validations/medications.js
+++ b/api/services/validations/medications.js
@ -0,0 +1,5 @@
 import * as Yup from 'yup';
 export const fullMedicationInformationSchema = Yup.object().shape({
   drugId: Yup.string().required("drugId is required"),
 });
--- a/package-lock.json
+++ b/package-lock.json
@ -809,9 +809,9 @@
      "license": "MIT"
    },
    "node_modules/lodash": {
-      "version": "4.17.21",
+      "version": "4.17.23",
-      "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz",
+      "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.23.tgz",
-      "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==",
+      "integrity": "sha512-LgVTMpQtIopCi79SJeDiP0TfWi5CNEc/L/aRdTh3yIvmZXTnheWpKjSZhnvMl8iXbC1tFg9gdHHDMLoV7CnG+w==",
      "dev": true,
      "license": "MIT"
    },
--- a/web/Dockerfile
+++ b/web/Dockerfile
@ -4,7 +4,7 @@ WORKDIR /app
 COPY ./package*.json ./
-RUN npm ci
+RUN npm cache clean --force && npm install --no-audit --no-fund
 COPY . ./
--- a/web/package-lock.json
+++ b/web/package-lock.json