fix(people): address cubic review findings for offboarding feature#2884
Merged
Conversation
- prevent CSV formula injection in export by prefixing dangerous chars - sanitize filenames in ZIP paths to prevent path traversal - add member ID to export folder names to prevent collisions - scope revocation lookup by organizationId to prevent cross-tenant access - rollback completion record if evidence upload fails - filter completion counts to enabled template items only - use @ISINT() for sortOrder DTO validation - validate date query params before building DB filters - scope attachment deletion to member and event type - show "Until {date}" when only end date is set in filter - clear file input in finally block for retry support - validate tab param against dynamically available tabs - show error state in TodosOverview on fetch failure Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
![cubic-dev-ai[bot]](https://avatars.githubusercontent.com/in/1082092?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
cubic analysis
No issues found across 9 files
Confidence score: 5/5
- Automated review surfaced no issues in the provided summaries.
- No files require special attention.
Linked issue analysis
Linked issue: CS-312: [Feature] Add personnel Employment events date tracking + supporting evidence upload section
| Status | Acceptance criteria | Notes |
|---|---|---|
| ✅ | Prevent CSV formula injection in offboarding export by prefixing dangerous leading characters | escapeCsvField now prefixes dangerous leading characters to make CSV fields formula-safe. |
| ✅ | Sanitize attachment filenames in ZIP paths to prevent path traversal / unsafe names | Added sanitizeFileName and used safeName when appending files into archive paths. |
| ✅ | Scope revocation lookup by organizationId to prevent cross-tenant deletion | Replaced findUnique lookup with findFirst and included organizationId in where clause. |
| ✅ | Rollback offboarding checklist completion if evidence upload fails | Upload is wrapped in try/catch and deletes the completion on error, then rethrows the error. |
| ✅ | Scope attachment deletion to member and event type (not just org + attachmentId) | Controller resolves the event entity type and verifies the attachment belongs to that member and event type before deletion. |
| ✅ | Make bulk export folder names unique by including member ID to prevent name collisions | Export prefix now includes member.id when building offboarded-employees folder name. |
| ✅ | Filter pending offboarding completion counts to enabled template items only | Query for offboardingChecklistCompletions includes a where clause restricting templateItem to isEnabled: true. |
| ✅ | Validate date query params before applying DB filters (prevent 500s on invalid dates) | Added parseDateParam that throws BadRequestException for invalid date strings and used it for onboard/offboard date params. |
| ✅ | Use integer validation for sortOrder DTO | Replaced @IsNumber with @ISINT for sortOrder and adjusted imports. |
| ✅ | Show "Until {date}" when only end date is set in date range filter UI | DateRangeFilter formatting now returns an "Until {date}" label when only end date is present. |
| ✅ | Clear file input in finally so failed uploads can be retried | File input clearing moved into a finally block to ensure it always resets after upload attempts. |
| ✅ | Validate tab query param against dynamically available tabs and only expose offboarding tab when appropriate | Replaced static VALID_TABS with availableTabs computed from feature flags and employee.offboardDate, and uses it for tab resolution. |
| ✅ | Show error state in TodosOverview when fetch of pending offboarding fails | TodosOverview now checks error from SWR and displays a failed-to-load message instead of assuming success. |
claudfuen
pushed a commit
that referenced
this pull request
May 21, 2026
# [3.60.0](v3.59.2...v3.60.0) (2026-05-21) ### Bug Fixes * **cloud-tests:** show meaningful Auto-Remediate diff for configure-only plans ([90c95f6](90c95f6)) * **evidence-export:** load automations one at a time to prevent OOM ([07f02e4](07f02e4)) * **people:** address cubic review findings for offboarding feature ([#2884](#2884)) ([9d43a6b](9d43a6b)) * **people:** address fifth round of cubic review findings ([#2893](#2893)) ([dbc364c](dbc364c)) * **people:** address fourth round of cubic review findings ([#2892](#2892)) ([ca9d9a5](ca9d9a5)) * **people:** address remaining cubic review findings for offboarding ([#2890](#2890)) ([8026352](8026352)) * **people:** address third round of cubic review findings ([#2891](#2891)) ([8ec5214](8ec5214)) * **people:** ds component compatibility fixes for offboarding UI ([200b112](200b112)) * **ui:** close MultipleSelector dropdown on blur so it stops blocking sibling form controls ([b9d08c8](b9d08c8)) ### Features * **api:** unblock cloud-tests mutations for API key + service token callers ([26e53da](26e53da)) * **cloud-tests:** add deterministic AWS plan normalizer for SLR params ([e0ec0f7](e0ec0f7)) * **cloud-tests:** fail fast on missing required AWS command params ([5f2d342](5f2d342)) * **cloud-tests:** universal AI step-repair on AWS validation errors ([8adf505](8adf505)) * **frameworks:** show controls as default tab with requirement column ([e41365d](e41365d)) * **people:** add employment events tracking and offboarding checklist ([5e15a73](5e15a73))
Contributor
|
🎉 This PR is included in version 3.60.0 🎉 The release is available on GitHub release Your semantic-release bot 📦🚀 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Fixes all valid Cubic review findings from #2878:
Security (P1):
=,+,-,@,\t,\r)organizationIdto prevent cross-tenant deletionBug fixes (P2):
@IsInt()forsortOrderDTO validationfinallyblock so failed uploads can be retriedTest plan
?tab=offboardingfor non-offboarded employee — should fallback to details🤖 Generated with Claude Code
Summary by cubic
Strengthens the offboarding workflow with key security fixes and UX/validation improvements across exports, evidence uploads, and filters. Aligns with CS-312 by making employment event filtering and evidence collection safer and more reliable.
Security
Bug Fixes
@IsInt()for sortOrder.Written for commit 7414aca. Summary will update on new commits. Review in cubic