Enhance product management features and update dependencies by agabaarnold · Pull Request #4 · agabaarnold/ims-app

agabaarnold · 2026-06-17T11:43:27Z

Summary

Introduces a complete product management feature including database schema definitions,
server-side CRUD functions, TanStack Query hooks, a feature-rich product table, and
route pages for listing, creating, and editing products.

Changes

Schema — Zod and type schemas for product CRUD operations and search
Server functions — getProductsQuery and CRUD utilities in functions/
ProductTable — Reusable table component with:
- Pagination controls (page size, navigation, page info)
- Row selection via checkboxes
- Search integration
ProductColumns — Column definitions with view/edit action links
Routes
- products/index.tsx — Product listing page with search, pagination, and "New Product" button
- products/new.tsx — New product form page (scaffold)
- products/$productId/edit.tsx — Edit product page (scaffold)
- products/$productId/index.tsx — Product detail page (scaffold)
TablePagination — Extracted shared pagination component replacing the old PageSizeSelector
Cleanup: removed PageSizeSelector, added seed.ts to .gitignore

Files Changed

11 files, +748 lines — all product-related, no side effects on other features.

- upgraded @tailwindcss/vite from ^4.1.18 to ^4.3.1 - upgraded @tanstack/react-router from latest to 1.170.16 - upgraded @tanstack/react-start from latest to 1.168.26 - upgraded better-auth from ^1.6.17 to ^1.6.19 - upgraded nodemailer from ^8.0.11 to ^9.0.0 - upgraded react-email from ^6.6.0 to ^6.6.3 - upgraded recharts from 3.8.0 to 3.8.1 - upgraded tailwindcss from ^4.1.18 to ^4.3.1 - upgraded @biomejs/biome from 2.4.16 to 2.5.0 - upgraded @types/node from ^22.19.21 to ^25.9.3 - upgraded jsdom from ^28.1.0 to ^29.1.1 - upgraded react-doctor from ^0.5.1 to ^0.5.6 - upgraded vitest from ^4.1.5 to ^4.1.9

…ing products

…ctionality

…h capabilities

…gination

…oduct button

… adjustments

coderabbitai · 2026-06-17T11:43:41Z

Caution

Review failed

The pull request is closed.

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro Plus

Run ID: 6d2b6075-5c57-4f06-8ec5-47184a69d02a

📥 Commits

Reviewing files that changed from the base of the PR and between 26be306 and 9614d00.

⛔ Files ignored due to path filters (7)

src/generated/prisma/commonInputTypes.ts is excluded by !**/generated/**
src/generated/prisma/enums.ts is excluded by !**/generated/**
src/generated/prisma/internal/class.ts is excluded by !**/generated/**
src/generated/prisma/internal/prismaNamespace.ts is excluded by !**/generated/**
src/generated/prisma/internal/prismaNamespaceBrowser.ts is excluded by !**/generated/**
src/generated/prisma/models/AuditLog.ts is excluded by !**/generated/**
src/generated/prisma/models/User.ts is excluded by !**/generated/**

📒 Files selected for processing (10)

prisma/schema.prisma
src/components/shared/table-pagination.tsx
src/features/products/components/product-columns.tsx
src/features/products/components/product-table.tsx
src/features/products/functions/index.ts
src/features/products/functions/queries.ts
src/features/products/schema/index.ts
src/hooks/use-debounce.ts
src/lib/utils.ts
src/routes/_app/products/index.tsx

📝 Walkthrough

Release Notes

Product Management System

Product CRUD Operations: Implemented comprehensive server-side functions for creating, reading, updating, and archiving products with full Zod/TypeScript schema validation
Product Listing Page: Added products index page with integrated search, pagination controls, and quick access "New Product" button
Product Detail Pages: Scaffolded product detail, edit, and creation pages for full CRUD workflow
Product Table Component: Created reusable ProductTable with debounced search, row selection via checkboxes, integrated pagination, and sortable columns
Column Definitions: Implemented ProductColumns with formatted currency display for pricing fields and action links for viewing/editing products
Pagination Component: Extracted reusable TablePagination component with page size selection and navigation controls

Data Management & Validation

Product Schemas: Added Zod schemas for product listing, retrieval, creation, updating, and archiving with field validation and cross-field constraints (e.g., selling price ≥ cost price)
Audit Logging: Enhanced audit system with strongly-typed enums (AuditAction, AuditEntityType), metadata tracking, user agent logging, and indexed lookups
Query Utilities: Implemented React Query integration via getProductsQuery with automatic data caching and pagination support

UI/UX Improvements

Search Functionality: Added debounced search with optimized performance during product filtering
Accessibility Enhancements: Implemented aria-labels for search inputs and improved dropdown menu button accessibility
Header Styling: Updated AppHeader with sticky positioning, enhanced backdrop blur, and smooth transitions
Currency Formatting: Added formatCurrency utility for consistent UGX currency display across product tables

Dependencies & Code Quality

Updated multiple dependencies including @tanstack/react-router, @tanstack/react-start, better-auth, tailwindcss, and testing tools
Cleaned up obsolete PageSizeSelector component
Added seed.ts to .gitignore

Contribution Summary

Author	Lines Added	Lines Removed
Agaba Arnold	48,849	0

Walkthrough

Adds a complete products feature module: Zod schemas for all CRUD operations with pricing validation, five authenticated Prisma-backed server functions with audit logging, a React Query options wrapper, product column definitions with selection and actions, a paginated ProductTable component with search/sort support, a reusable TablePagination component, and four TanStack Router file routes. Updates the database schema with strongly-typed audit enums and relations. Also adds formatCurrency utility, useDebounce hook, bumps dependencies, updates AppHeader styling, and scaffolds NavMain sidebar structure.

Changes

Products Module

Layer / File(s)	Summary
Product schemas, utilities, and hooks `src/features/products/schema/index.ts`, `src/lib/utils.ts`, `src/hooks/use-debounce.ts`	Defines Zod schemas for list (paginated with search), fetch, create (with `sellingPrice >= costPrice` refinement), update, and archive operations; adds `formatCurrency` utility for UGX locale-aware formatting; adds `useDebounce` hook for 300ms debounce of input values.
Database schema and audit system `prisma/schema.prisma`	Refactors `AuditLog` with strongly-typed `AuditAction` and `AuditEntityType` enums, adds optional `metadata` and `userAgent` fields, renames `ip` to `ipAddress`, introduces `user` relation, and adds comprehensive indexing; adds `auditLogs` one-to-many relation to User.
Authenticated server functions `src/features/products/functions/index.ts`	Implements `getProducts` (with transaction pagination), `getProduct`, `createProduct` (with audit log), `updateProduct`, and `archiveProduct` as authenticated TanStack server functions; all convert Decimal prices to number via `.toNumber()` in responses.
React Query integration `src/features/products/functions/queries.ts`	Provides `getProductsQuery` helper with parameterized queryKey (page, pageSize, search), default values, and `keepPreviousData` placeholder to retain previous results during pagination changes.
Product column definitions `src/features/products/components/product-columns.tsx`	Exports `Products` and `Product` types from server response; defines `productColumns` with row selection (header/row checkboxes), data columns (sku, name, category, unit, currency-formatted prices, active/archived status), and actions column with View/Edit links.
Shared pagination component `src/components/shared/table-pagination.tsx`	Creates generic `TablePagination<TData>` component rendering row-range text, rows-per-page Select, and first/prev/next/last buttons wired to `onPageChange` callback (no internal routing).
ProductTable component `src/features/products/components/product-table.tsx`	Implements generic `ProductTable` with controlled sorting and manual pagination, local debounced search (500ms), TanStack Table integration, URL search param navigation, and empty-state row; coordinates with `TablePagination`.
Products routes and route tree `src/routes/_app/products/index.tsx`, `src/routes/_app/products/new.tsx`, `src/routes/_app/products/$productId/...`, `src/routeTree.gen.ts`	Adds products listing page (search validation, prefetch loader, ProductTable), new-product page with TanStack Form card, and placeholder routes for detail/edit; updates generated route tree with all four routes under _app.
Shared UI tweaks and configuration `src/components/shared/app-header.tsx`, `src/components/sidebar/nav-main.tsx`, `.gitignore`, `package.json`	Updates `AppHeader` to sticky top-0, z-50, and backdrop-blur-lg; scaffolds `SidebarMenu` with typed Dashboard NavItems in `NavMain`; adds seed.ts to .gitignore; bumps dependency versions across runtime and dev tools.

Sequence Diagram(s)

sequenceDiagram
  participant Browser
  participant ProductsRoute
  participant ReactQuery
  participant getProducts
  participant Prisma
  Browser->>ProductsRoute: navigate to /products?page=1&pageSize=10&search=""
  ProductsRoute->>ReactQuery: ensureQueryData(getProductsQuery)
  ReactQuery->>getProducts: { page: 1, pageSize: 10, search: "" }
  getProducts->>Prisma: $transaction([findMany(...), count(...)])
  Prisma-->>getProducts: products[], total
  getProducts-->>ReactQuery: { products, total, page, pageSize, pageCount }
  ReactQuery-->>ProductsRoute: cached data
  ProductsRoute->>Browser: render ProductPage with ProductTable + TablePagination
  Browser->>ProductsRoute: type search or change page
  ProductsRoute->>Browser: navigate URL with updated search/page params

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~60 minutes

Possibly related PRs

agabaarnold/ims-app#3: Both PRs modify src/components/shared/app-header.tsx; the earlier PR introduced the component and this PR adjusts its sticky positioning and backdrop blur styling.
agabaarnold/ims-app#1: Both PRs modify prisma/schema.prisma by refactoring the AuditLog model with enums and adding relations, overlapping on the audit system schema.
agabaarnold/ims-app#5: The main PR's src/components/sidebar/nav-main.tsx changes overlap with the retrieved PR's navigation implementation, both affecting sidebar structure and NavItems wiring.

Poem

🐰 Products now bloom in columns and rows,
Pagination hops where the data flows,
Currency formatted in UGX so bright,
Sticky headers blur through the night,
Audit logs track each CREATE and more,
The products feature opens the door! 🚪

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately captures the main changes: introducing product management features and updating project dependencies.
Description check	✅ Passed	The description comprehensively covers the product management feature implementation, schema definitions, routes, components, and dependency updates that match the changeset.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

Create stacked PR
Commit on current branch

🧪 Generate unit tests (beta)

Create PR with unit tests
Commit unit tests in branch feat/app-layout

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

github-actions · 2026-06-17T11:43:56Z

React Doctor found 7 issues in 3 files · 2 errors & 5 warnings · score 66 / 100 (Needs work) · vs main

Errors

❌ src/features/products/components/product-table.tsx:100 React Compiler can't optimize this incompatible-library
❌ src/routes/_app/products/index.tsx:11 Route property order breaks type inference tanstack-start-route-property-order

5 warnings

src/features/products/components/product-table.tsx

⚠️ L48 Prop derived into useState no-derived-useState
⚠️ L52 Prop mirrored into state via effect no-mirror-prop-effect
⚠️ L52 Derived state stored in an effect no-derived-state-effect
⚠️ L53 Derived value copied into state no-derived-state

src/routes/_app/products/new.tsx

⚠️ L40 preventDefault on a form or link no-prevent-default

_{Reviewed by React Doctor for commit 9614d00. See inline comments for fixes.}

socket-security · 2026-06-17T11:44:06Z

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Package	Supply Chain Security	Quality	Maintenance
@tanstack/react-router@1.170.15 ⏵ 1.170.16	^-1
vitest@4.1.8 ⏵ 4.1.9	⁺¹	⁺¹
recharts@3.8.0 ⏵ 3.8.1		⁺¹
@types/node@22.19.21 ⏵ 25.9.3
react-doctor@0.5.1 ⏵ 0.5.6	⁺²	⁺¹
jsdom@28.1.0 ⏵ 29.1.1		⁺¹
@tanstack/react-start@1.168.25 ⏵ 1.168.26			⁺²
tailwindcss@4.3.0 ⏵ 4.3.1	⁺¹	⁺¹
better-auth@1.6.17 ⏵ 1.6.19		⁺¹
react-email@6.6.0 ⏵ 6.6.3	^-10	⁺¹	⁺¹
@tailwindcss/vite@4.3.0 ⏵ 4.3.1
nodemailer@8.0.11 ⏵ 9.0.0	⁺¹	⁺¹
@biomejs/biome@2.4.16 ⏵ 2.5.0	⁺¹

View full report

socket-security · 2026-06-17T11:44:08Z

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action	Severity	Alert (click "▶" to expand/collapse)
Warn		Obfuscated code: npm `jsdom` is 90.0% likely obfuscated Confidence: 0.90 Location: Package overview From: package.json → `npm/jsdom@29.1.1` ℹ Read more on: This package \| This alert \| What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/jsdom@29.1.1`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: npm `jsdom` is 90.0% likely obfuscated Confidence: 0.90 Location: Package overview From: package.json → `npm/jsdom@29.1.1` ℹ Read more on: This package \| This alert \| What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/jsdom@29.1.1`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

coderabbitai

Actionable comments posted: 17

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@package.json`:
- Line 29: Nodemailer v9.0.0 enforces strict TLS certificate validation for SMTP
connections, which may cause failures if your SMTP server uses self-signed,
expired, or mismatched certificates. Verify your SMTP server certificate is
valid first; if certificate validation issues occur during testing, locate the
SMTP transport configuration in the email transport initialization (around lines
23-34 in src/features/email/functions/index.tsx) and add a tls configuration
object with rejectUnauthorized set to false to disable strict certificate
validation for development/testing purposes.

In `@src/components/shared/table-pagination.tsx`:
- Around line 35-44: When the dataset is empty (total === 0), the current
calculation produces incorrect display text "1–0 of 0 rows". Modify the from and
to variable calculations in the table-pagination component to clamp both values
to 0 when total is 0. Check if total equals 0 at the beginning of the
calculation and set from and to to 0 in that case, otherwise use the existing
logic to compute from as (page - 1) * pageSize + 1 and to as Math.min(from +
pageSize - 1, total). This will display "0–0 of 0 rows" for empty datasets
instead of the incorrect range.
- Around line 76-136: The four pagination buttons in the table-pagination
component lack accessible labels for screen readers. Add aria-label attributes
to each Button element: the button containing IconChevronsLeft should have
aria-label="First page", the button with IconChevronLeft should have
aria-label="Previous page", the button with IconChevronRight should have
aria-label="Next page", and the button with IconChevronsRight should have
aria-label="Last page". This will enable screen readers to properly announce the
purpose of each icon-only button.
- Around line 60-64: Extract the inline array [10, 20, 50, 100] from the map
function in the table-pagination component into a named constant called
PAGE_SIZE_OPTIONS defined at the top of the component file. Then replace the
hardcoded array in the map call with a reference to this new constant to
centralize the configuration and improve maintainability.
- Around line 26-34: The TablePagination component hardcodes route-specific
navigation with useNavigate({ from: "/products/" }), making it unusable across
different routes. Remove the useNavigate hook from the component and instead add
a callback prop (such as onPageChange) to the TablePaginationProps interface
that accepts page number changes. Update all navigation button implementations
throughout the component (in the lines around 79-130 where pagination controls
are rendered) to call this callback prop instead of using the hardcoded
useNavigate. This allows parent components to handle navigation according to
their own routes.

In `@src/components/sidebar/nav-main.tsx`:
- Line 20: The SidebarMenu component on line 20 is currently rendering an empty
object instead of displaying the available menu items. Replace the empty braces
in SidebarMenu with a map function that iterates through the items array and
creates a SidebarMenuItem component for each item, passing the appropriate
properties (title, url, icon) from each item object. Additionally, ensure that
SidebarMenuItem is imported from the sidebar UI component library at the top of
the nav-main.tsx file.

In `@src/features/products/components/product-columns.tsx`:
- Around line 69-74: The icon-only Button within the DropdownMenuTrigger render
prop lacks an accessible label for assistive technologies. Add the aria-label
attribute with the value "Open product actions" to the Button component to
provide an accessible name for the interactive control. Additionally, add
aria-hidden="true" to the IconDots icon component to hide it from assistive
technologies since the accessible name is provided by the button's aria-label.

In `@src/features/products/components/product-table.tsx`:
- Around line 93-98: The Input component in the product-table.tsx file that
handles the global filter (where onChange calls setGlobalFilter) currently
relies only on placeholder text for accessibility. Add an aria-label attribute
to this Input component with an appropriate descriptive label such as "Search
products" to ensure screen readers can properly announce the input's purpose to
users with assistive technology.
- Around line 76-88: The table currently filters only the current page of data
due to manualPagination: true, so searching does not find products on other
pages. Remove getFilteredRowModel() from the useReactTable configuration and
remove the globalFilter state along with the onGlobalFilterChange handler that
wires local filtering. Instead, wire the search input to call the
searchProducts() server function directly when the filter value changes, fetch
the full search results, reset pagination to page 1, and set the new data
accordingly so that search works across the entire product dataset rather than
just the current page.

In `@src/features/products/functions/index.ts`:
- Around line 66-67: The create and update product operations in the products
functions file use inconsistent field names for the reorder quantity: line 67
references `reorderQuantity` in the raw data object passed to
prisma.product.create(), while line 91 references `reorderQty`. Normalize these
field names by choosing one consistent naming convention (either
`reorderQuantity` or `reorderQty`) and ensure both the create operation starting
at line 66 and the update operation at line 91 use the same field name when
mapping the data to be persisted.
- Around line 83-95: The updateProduct function validates sellingPrice in the
input schema but fails to include it in the data object being persisted to the
database (lines 83-95). Add the sellingPrice field to the data object that is
passed to the update operation to ensure selling prices are properly persisted
when products are updated. Include sellingPrice: data.sellingPrice in the data
object alongside the other fields like categoryId, costPrice, and name.

In `@src/features/products/schema/index.ts`:
- Around line 3-6: The page and pageSize fields in the getProductsSchema object
use basic z.number() which accepts decimals, zero, and negative values. Modify
both the page and pageSize field definitions to use z.number().int().positive()
(or equivalently .min(1)) to enforce that these pagination inputs must be
positive integers, preventing invalid skip values and broken pagination
metadata.
- Around line 29-30: The refine predicate condition on line 29 uses the <=
operator to check that sellingPrice is less than or equal to costPrice, but the
error message on line 30 states that selling price must be greater than or equal
to cost price. These are contradictory - fix the condition operator from <= to
>= so that the validation correctly ensures sellingPrice is at least as much as
costPrice, aligning the predicate logic with the error message.

In `@src/lib/utils.ts`:
- Around line 26-30: The formatCurrency function accepts non-numeric string
inputs and passes them to Number() which returns NaN, causing the format method
to output "NaN" and breaking the UI. Add validation at the start of the
formatCurrency function to check if the converted number value is valid (not
NaN) before formatting it. If the value is not a valid number, either return a
default fallback value like "0" or throw an appropriate error to prevent invalid
currency display.

In `@src/routes/_app/products/index.tsx`:
- Around line 17-24: The loader function calls queryClient.ensureQueryData() but
doesn't return the promise it generates, so React Router doesn't wait for the
data prefetch to complete before rendering. Add a return statement before the
queryClient.ensureQueryData() call in the loader function to ensure React Router
waits for the prefetch to finish and caches the data before the component
renders, preventing unnecessary suspense on page load.
- Around line 42-49: The nested Button and Link components in the products index
route create invalid HTML with nested interactive elements. Remove the Button
wrapper and instead apply button styling directly to the Link component with
appropriate className attributes and styling to maintain the visual appearance,
or if the Button component supports a to prop or asChild pattern, refactor to
render the Button as the primary interactive element that handles the navigation
to /products/new instead of nesting Link inside it.

In `@src/routes/_app/products/new.tsx`:
- Line 46: The FieldGroup component on line 46 contains an empty object literal
{} as a child, which React cannot render. Remove the empty object literal and
either convert FieldGroup to a self-closing tag (FieldGroup />) if no children
are needed, or replace it with valid child content if children are required.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

Push a commit to this branch (recommended)
Create a new PR with the fixes

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro Plus

Run ID: 22a0e5a8-4675-4573-95c8-01af7afeefca

📥 Commits

Reviewing files that changed from the base of the PR and between 8d9e192 and 26be306.

⛔ Files ignored due to path filters (1)

bun.lock is excluded by !**/*.lock

📒 Files selected for processing (16)

.gitignore
package.json
src/components/shared/app-header.tsx
src/components/shared/table-pagination.tsx
src/components/sidebar/nav-main.tsx
src/features/products/components/product-columns.tsx
src/features/products/components/product-table.tsx
src/features/products/functions/index.ts
src/features/products/functions/queries.ts
src/features/products/schema/index.ts
src/lib/utils.ts
src/routeTree.gen.ts
src/routes/_app/products/$productId/edit.tsx
src/routes/_app/products/$productId/index.tsx
src/routes/_app/products/index.tsx
src/routes/_app/products/new.tsx

📜 Review details

🧰 Additional context used

📓 Path-based instructions (6)

**/*.{ts,tsx}