Refactor: add API versioning prefix, adjust test DB, update scripts

Backend/package.json

@@ -17,7 +17,7 @@
     "test:watch": "jest --watch",
     "test:cov": "jest --coverage",
     "test:debug": "node --inspect-brk -r tsconfig-paths/register -r ts-node/register node_modules/.bin/jest --runInBand",
-    "test:e2e": "jest --config ./test/jest-e2e.json",
+    "test:e2e": "set NODE_ENV=test && jest --config ./test/jest-e2e.json",
     "migration:run": "ts-node -r tsconfig-paths/register ./node_modules/typeorm/cli.js -d src/database/data-source.ts migration:run",
     "migration:revert": "ts-node -r tsconfig-paths/register ./node_modules/typeorm/cli.js -d src/database/data-source.ts migration:revert",
     "migration:generate": "ts-node -r tsconfig-paths/register ./node_modules/typeorm/cli.js -d src/database/data-source.ts migration:generate"
@@ -43,7 +43,8 @@
     "reflect-metadata": "^0.2.2",
     "rxjs": "^7.8.1",
     "sanitize-html": "^2.13.1",
-    "typeorm": "^0.3.28"
+    "typeorm": "^0.3.28",
+    "sqlite3": "^5.0.2"
   },
   "devDependencies": {
     "@eslint/eslintrc": "^3.2.0",
@@ -67,7 +68,7 @@
     "prettier": "^3.4.2",
     "source-map-support": "^0.5.21",
     "supertest": "^7.0.0",
-    "ts-jest": "^29.2.5",
+    "ts-jest": "^29.4.11",
     "ts-loader": "^9.5.2",
     "ts-node": "^10.9.2",
     "tsconfig-paths": "^4.2.0",

Backend/src/database/database.module.ts

@@ -9,16 +9,18 @@ import { Gist } from '../gists/entities/gist.entity';
       imports: [ConfigModule],
       inject: [ConfigService],
       useFactory: (config: ConfigService) => ({
-        type: 'postgres',
+        type: config.get<string>('NODE_ENV') === 'test' ? 'sqlite' : 'postgres',
         host: config.get<string>('DATABASE_HOST', 'localhost'),
         port: config.get<number>('DATABASE_PORT', 5432),
         username: config.get<string>('DATABASE_USER', 'gist'),
         password: config.get<string>('DATABASE_PASSWORD', 'gist'),
         database: config.get<string>('DATABASE_NAME', 'gist'),
+        // Use SQLite in-memory DB for tests
+        ...(config.get<string>('NODE_ENV') === 'test' ? { database: ':memory:' } : {}),
         entities: [Gist],
         migrations: [__dirname + '/migrations/*{.ts,.js}'],
         migrationsRun: false,
-        synchronize: false,
+        synchronize: config.get<string>('NODE_ENV') === 'test',
         logging: config.get<string>('NODE_ENV') !== 'production',
         extra: {
           max: config.get<number>('DB_POOL_MAX', 10),

Backend/test/gists.e2e.spec.ts

@@ -46,7 +46,7 @@ describe('Gists (e2e)', () => {
   describe('POST /gists', () => {
     it('should reject POST /gists without CSRF token', async () => {
       await request(app.getHttpServer())
-        .post('/gists')
+        .post('/v1/gists')
         .send({ content: 'e2e test gist', lat: 9.0579, lon: 7.4951 })
         .expect(403);
     });
@@ -55,7 +55,7 @@ describe('Gists (e2e)', () => {
       const csrf = await getCsrfToken(app.getHttpServer());
 
       const res = await request(app.getHttpServer())
-        .post('/gists')
+        .post('/v1/gists')
         .set('Cookie', csrf.cookie)
         .set('x-csrf-token', csrf.token)
         .send({ content: 'e2e test gist', lat: 9.0579, lon: 7.4951 })
@@ -78,7 +78,7 @@ describe('Gists (e2e)', () => {
       const csrf = await getCsrfToken(app.getHttpServer());
 
       const res = await request(app.getHttpServer())
-        .post('/gists')
+        .post('/v1/gists')
         .set('Cookie', csrf.cookie)
         .set('x-csrf-token', csrf.token)
         .send({ content: 'bad lat', lat: 999, lon: 7.4951 })
@@ -92,7 +92,7 @@ describe('Gists (e2e)', () => {
       const csrf = await getCsrfToken(app.getHttpServer());
 
       const res = await request(app.getHttpServer())
-        .post('/gists')
+        .post('/v1/gists')
         .set('Cookie', csrf.cookie)
         .set('x-csrf-token', csrf.token)
         .send({ content: 'x'.repeat(281), lat: 9.0579, lon: 7.4951 })
@@ -105,7 +105,7 @@ describe('Gists (e2e)', () => {
       const csrf = await getCsrfToken(app.getHttpServer());
 
       await request(app.getHttpServer())
-        .post('/gists')
+        .post('/v1/gists')
         .set('Cookie', csrf.cookie)
         .set('x-csrf-token', csrf.token)
         .send({ content: 'missing coords' })
@@ -116,7 +116,7 @@ describe('Gists (e2e)', () => {
       const csrf = await getCsrfToken(app.getHttpServer());
 
       await request(app.getHttpServer())
-        .post('/gists')
+        .post('/v1/gists')
         .set('Cookie', csrf.cookie)
         .set('x-csrf-token', csrf.token)
         .send({ content: 'whitelist test', lat: 9.0579, lon: 7.4951, hack: 'injected' })
@@ -134,7 +134,7 @@ describe('Gists (e2e)', () => {
     });
     it('should return paginated response with data and pagination', async () => {
       const res = await request(app.getHttpServer())
-        .get('/gists')
+        .get('/v1/gists')
         .query({ lat: 9.0579, lon: 7.4951, radius: 1000 })
         .expect(200);
 
@@ -148,12 +148,12 @@ describe('Gists (e2e)', () => {
     });
 
     it('should return 400 when lat/lon are missing', async () => {
-      await request(app.getHttpServer()).get('/gists').expect(400);
+      await request(app.getHttpServer()).get('/v1/gists').expect(400);
     });
 
     it('should respect the limit parameter', async () => {
       const res = await request(app.getHttpServer())
-        .get('/gists')
+        .get('/v1/gists')
         .query({ lat: 9.0579, lon: 7.4951, limit: 2 })
         .expect(200);