enhancement(audit log): skip audit for session keep-alive writes

Added logic to bypass auditing for updates that only modify the lastActiveAt field, reducing unnecessary log entries for session keep-alive pings. This change improves performance and log clarity without compromising security.

Update prettier scripts and .gitignore

Author: therealbrad

testplanit/.gitignore

@@ -1,38 +1,38 @@
 # See https://help.github.com/articles/ignoring-files/ for more about ignoring files.
 
 # dependencies
-./node_modules
-./.pnp
-./.pnp.js
-./.yarn/install-state.gz
+node_modules/
+.pnp
+.pnp.js
+.yarn/install-state.gz
 
 # testing
-./coverage
+coverage/
 
 # next.js
 **/.next/
-./out/
+out/
 
 # production
-./build
+build/
 dist/
 
 # misc
-./.DS_Store
-./*.pem
+.DS_Store
+*.pem
 
 # debug
-./npm-debug.log*
-./yarn-debug.log*
-./yarn-error.log*
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*
 
 # local env files
-./.env*.local
+.env*.local
 .env.production
 .env.production.*
 
 # vercel
-./.vercel
+.vercel
 
 # customer-specific docker configurations
 docker-compose.*.yml
@@ -43,10 +43,10 @@ nginx.*.conf
 !nginx.conf
 
 # typescript
-./*.tsbuildinfo
-./next-env.d.ts
-./.env
-./test/reports/*
+*.tsbuildinfo
+next-env.d.ts
+.env
+test/reports/*
 
 # next-intl
 messages/*.d.json.ts
@@ -59,4 +59,7 @@ public/version.json
 e2e/.auth/
 e2e/playwright-report/
 e2e/test-results/
-.env.e2e
+.env.e2e
+
+# DB backups
+backups/

testplanit/lib/prisma.ts

@@ -685,6 +685,16 @@ function createPrismaClient(errorFormat: "pretty" | "colorless") {
           return result;
         },
         async update({ args, query }: any) {
+          // Skip audit for session keep-alive writes (throttled lastActiveAt
+          // pings from the session callback). Auditing these produces a log
+          // entry every 5 minutes per active user with no security value.
+          const dataKeys = args.data ? Object.keys(args.data) : [];
+          const isLastActiveOnly =
+            dataKeys.length === 1 && dataKeys[0] === "lastActiveAt";
+          if (isLastActiveOnly) {
+            return query(args);
+          }
+
           // Fetch old state for audit diff, especially for role changes
           const oldEntity = args.where
             ? await baseClient.user.findUnique({ where: args.where })

testplanit/package.json

@@ -11,8 +11,8 @@
     "postinstall": "NODE_OPTIONS='--max-old-space-size=12288' zenstack generate && node scripts/fix-zenstack-symlink.js",
     "lint": "eslint . && tsc --noEmit",
     "type-check": "tsc --noEmit",
-    "format": "prettier --write .",
-    "format:check": "prettier --check .",
+    "format": "prettier --write --ignore-path .gitignore --ignore-path .prettierignore .",
+    "format:check": "prettier --check --ignore-path .gitignore --ignore-path .prettierignore .",
     "check:modal-pattern": "bash scripts/check-modal-pattern.sh",
     "start": "next start",
     "test": "vitest --config vitest.config.mts",