Skip to content

Comments

Server v1.2.0#2555

Merged
johngrimes merged 20 commits intomainfrom
release/server/1.2.0
Feb 20, 2026
Merged

Server v1.2.0#2555
johngrimes merged 20 commits intomainfrom
release/server/1.2.0

Conversation

@johngrimes
Copy link
Member

Summary

  • Add _typeFilter support to the bulk export operation, with corresponding UI for building type filter expressions in the export form.
  • Improve server module test coverage to 88% with comprehensive unit tests across bulk export, bulk import, bulk submit, CRUD operations, security, and async components.
  • Refactor UI components: extract reusable FieldLabel and FieldGuidance components, reorganise export options into dedicated ExportOptions component.
  • CI/CD improvements: scope Trivy scans per module, add SonarCloud integration for server, optimise workflows to skip core build when only server/UI files changed.
  • Tooling updates: add Claude Code skills and Trivy scan command, update Prettier version and reformat.

Test plan

  • Verify server builds and all tests pass in CI.
  • Verify UI builds, lints, and all unit and e2e tests pass.
  • Smoke test bulk export with _typeFilter parameter against a running instance.
  • Confirm Trivy and SonarCloud scans run correctly in CI workflows.

Implement the _typeFilter parameter from the FHIR Bulk Data Access
specification. Filters use FHIR search queries to select resources
during export, with multiple filters per type combined using OR
logic. Includes parsing, validation (strict/lenient), implicit type
inclusion, and integration with the export execution pipeline via
PathlingContext.searchToColumn().
Extract reusable SearchParamsInput component from the resources
page and add a structured type filter section to the export form.
Each entry allows selecting a resource type and configuring search
parameters from the CapabilityStatement. Type filters are serialised
as _typeFilter query parameters in the bulk export API request.
Consolidates type filter controls (add/remove entries, resource type
selection, search parameter rows) from ExportForm into ExportOptions,
making them available to all consumers. Extends ExportOptionsValues
with a typeFilters field and adds searchParams prop to ExportOptions.

Updates ImportPnpForm to pass searchParams through and serialise type
filters into the import request, enabling type filter support for
ping-and-pull imports.
Replace duplicated <Text size="1" color="gray"> pattern across 7
form components with a shared FieldGuidance component. Accepts
children and an optional mt prop (defaults to "1").
Add 140 unit tests across 24 new test classes covering
interceptors, providers, async job handling, security, config,
and core server infrastructure. Instruction coverage increases
from 64.4% to 88%, exceeding the 80% target.
Consolidates ~20 inline <Text as="label" size="2" weight="medium">
instances across 10 form components into a reusable FieldLabel
component, mirroring the FieldGuidance pattern. Adds support for
an optional marker suffix via the `optional` prop.
Add a path filter for core library modules so that the expensive
build-and-test job only runs when relevant files change. Decouple
test-ui from the core build, and allow test-server to run with
Maven Central artifacts when only server files changed.
Add scan-ref and skip-dirs inputs to the trivy-scan composite
action. Core library workflows now skip server, UI, site, and
other unrelated modules. Server workflows skip core library
modules. Add Trivy scan steps to the site and FHIRPath Lab API
workflows, each limited to their own module.
Adds a /trivy-scan command that determines which modules were modified
on the current branch, runs Trivy with scope-appropriate configuration
matching CI workflows, and analyses each vulnerability against the
codebase to assess exploitability.
Each scope (core-libraries, server, UI, site, FHIRPath Lab API) now
has its own .trivyignore file with scope-specific suppressions and
rationale. Scans run from within each scope's directory rather than
from the repo root with skip-dirs.

The composite action gains a trivyignore input parameter. Server
workflows split into separate server and UI scans. The default
skip-files is simplified to just **/target/**/* with core-library
workflows explicitly passing additional patterns. The site workflow
no longer skips bun.lock, enabling proper JS dependency scanning.
@github-project-automation github-project-automation bot moved this to Backlog in Pathling Feb 20, 2026
@johngrimes johngrimes added the new feature New feature or request label Feb 20, 2026
@johngrimes johngrimes moved this from Backlog to In progress in Pathling Feb 20, 2026
@johngrimes johngrimes self-assigned this Feb 20, 2026
@johngrimes johngrimes merged commit 0abfa72 into main Feb 20, 2026
5 checks passed
@johngrimes johngrimes deleted the release/server/1.2.0 branch February 20, 2026 06:52
@github-project-automation github-project-automation bot moved this from In progress to Done in Pathling Feb 20, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

new feature New feature or request

Projects

Status: Done

Development

Successfully merging this pull request may close these issues.

1 participant