fix: prevent stale entry chunk files from clobbering current migratio…

[yashin4112]

…n data

API:

• Add clearStaleEntries() to wipe the entries/ subtree before each (test) migration run, so orphaned chunk files from previous runs can't overwrite current entry data during the update step
• removeEntriesFromDatabase now reads index.json to process only the current chunk files, falling back to globbing for legacy data
• field-attacher: use customLogger instead of console.info for content type creation logs
• runCli: switch to writeUidMapping util for uid mapping

UI:

• Remove the auto-mapped content mapping merge flow (AutoMappedMergeConfirmModal, persistAutoMappedContentMapper, handleUpdateAutoMappedContentMapping, shouldPromptShowAutoMappedMerge) and the related Auto-mapped status/pill constants

🔗 Jira Ticket

Replace with your ticket link — required before requesting review.

MIGRATION-XXXX

---

📋 PR Type

• 🐛 Bug Fix
• ♻️ Refactor

---

📝 Description

What changed?

API

• Added clearStaleEntries() to wipe the entries/ subtree before each (test) migration run, so orphaned chunk files from previous runs can't overwrite current entry data during the update step
• removeEntriesFromDatabase now reads index.json to process only the current chunk files, falling back to globbing for legacy data without an index
• field-attacher: use customLogger instead of console.info for content type creation logs
• runCli: switch to writeUidMapping util for uid mapping

UI

• Removed the auto-mapped content mapping merge flow (AutoMappedMergeConfirmModal, persistAutoMappedContentMapper, handleUpdateAutoMappedContentMapping, shouldPromptShowAutoMappedMerge) and the related Auto-mapped status/pill constants
• Simplified SaveChangesModal handlers to a synchronous changeStep
• Allowed existingGlobal / existingCT to accept lazy getter functions
• Made File format Textinout disabled.

Why?

Each import run wrote entry chunk files with fresh random UUID names and overwrote index.json, but never removed the previous run's chunk files. Those orphaned files carried stale (previous-iteration) content that could clobber current entry data during the update step, producing incorrect migrated entries. Clearing the entries tree up front and respecting index.json guarantees the importer starts from a clean slate and only processes current data.

The auto-mapped merge flow was removed cause commit was reverted.

---

🧩 Affected Areas

• api — Node.js backend
• ui — React frontend
• upload-api — Upload API server
• docker / docker-compose
• CI / GitHub Actions workflows
• Environment variables / config
• Other:

---

🧪 How to Test

1. Run a migration (or test migration) for a project, then make a change and re-run it so a second iteration writes new entry chunks.
2. Inspect the destination/test stack entries — confirm they reflect the latest run only, with no leftover content from the previous iteration.
3. On the Content Mapper step, change a mapping and click Continue — confirm the Save Changes modal appears, both "Save" and "Don't Save" proceed to step 4 cleanly, and no auto-mapped merge prompt is shown.

Expected result: Migrated entries always match the current run's data, and the content mapper continue flow proceeds without stale auto-mapped merge prompts.

---

📸 Screenshots / Recordings

Before	After

---

🔗 Related PRs / Dependencies

---

✅ Author Checklist

Complete this before moving the PR out of Draft.

• Branch follows naming convention: feature/, bugfix/, or hotfix/ + 5–30 lowercase chars
• Jira ticket linked above
• Self-reviewed the diff — no debug logs, commented-out code, or TODOs left in
• .env / example.env updated if new environment variables were added
• No sensitive credentials or secrets committed
• Existing tests pass locally (npm test)
• New tests written (or not applicable — explain why)
• README.md / docs updated if behaviour changed
• Talisman pre-push scan passes (no secrets flagged)

---

👀 Reviewer Notes

• The core fix is in api/src/utils/entry-update.utils.ts — please sanity-check the index.json parsing and the path-sanitization guards (sanitizeStackId / assertResolvedPathUnderBase) on clearStaleEntries.

---

Migration v2 · Docs · Issues

[github-actions]

🔒 Security Scan Results

ℹ️ Note: Only vulnerabilities with available fixes (upgrades or patches) are counted toward thresholds.

Check Type	Count (with fixes)	Without fixes	Threshold	Result
🔴 Critical Severity	0	0	10	✅ Passed
🟠 High Severity	15	334	25	✅ Passed
🟡 Medium Severity	20	3	500	✅ Passed
🔵 Low Severity	0	0	1000	✅ Passed

⏱️ SLA Breach Summary

⚠️ Warning: The following vulnerabilities have exceeded their SLA thresholds (days since publication).

Severity	Breaches (with fixes)	Breaches (no fixes)	SLA Threshold (with/no fixes)	Status
🔴 Critical	0	0	15 / 30 days	✅ Passed
🟠 High	0	0	30 / 120 days	✅ Passed
🟡 Medium	0	2	90 / 365 days	⚠️ Warning
🔵 Low	0	0	180 / 365 days	✅ Passed

ℹ️ Vulnerabilities Without Available Fixes (Informational Only)

The following vulnerabilities were detected but do not have fixes available (no upgrade or patch). These are excluded from failure thresholds:

• Critical without fixes: 0
• High without fixes: 334
• Medium without fixes: 3
• Low without fixes: 0

⚠️ BUILD PASSED WITH WARNINGS - SLA breaches detected for issues without available fixes

Consider reviewing these vulnerabilities when fixes become available.

[github-actions]

🔒 Security Scan Results

ℹ️ Note: Only vulnerabilities with available fixes (upgrades or patches) are counted toward thresholds.

Check Type	Count (with fixes)	Without fixes	Threshold	Result
🔴 Critical Severity	0	0	10	✅ Passed
🟠 High Severity	15	334	25	✅ Passed
🟡 Medium Severity	20	3	500	✅ Passed
🔵 Low Severity	0	0	1000	✅ Passed

⏱️ SLA Breach Summary

⚠️ Warning: The following vulnerabilities have exceeded their SLA thresholds (days since publication).

Severity	Breaches (with fixes)	Breaches (no fixes)	SLA Threshold (with/no fixes)	Status
🔴 Critical	0	0	15 / 30 days	✅ Passed
🟠 High	0	0	30 / 120 days	✅ Passed
🟡 Medium	0	2	90 / 365 days	⚠️ Warning
🔵 Low	0	0	180 / 365 days	✅ Passed

ℹ️ Vulnerabilities Without Available Fixes (Informational Only)

The following vulnerabilities were detected but do not have fixes available (no upgrade or patch). These are excluded from failure thresholds:

• Critical without fixes: 0
• High without fixes: 334
• Medium without fixes: 3
• Low without fixes: 0

⚠️ BUILD PASSED WITH WARNINGS - SLA breaches detected for issues without available fixes

Consider reviewing these vulnerabilities when fixes become available.

[Copilot]

Pull request overview

This PR addresses a migration correctness issue where stale/orphaned entry chunk files from prior runs could be re-processed and overwrite current entry data, and it removes the UI’s auto-mapped content mapping merge flow. It also standardizes some logging/UID-mapping behaviors in the API and adjusts related UI behaviors.

Changes:

• API: Add clearStaleEntries() to wipe the entries/ subtree before migration/test-migration runs; update removeEntriesFromDatabase to respect index.json chunk lists (legacy glob fallback); switch runCli to writeUidMapping; replace some console logging with customLogger.
• UI: Remove auto-mapped merge prompt/flow and related constants; simplify Save Changes modal interactions; adjust content-mapper styling and types; disable File Format text input.
• Tests: Add unit tests for writeUidMapping.

Reviewed changes

Copilot reviewed 15 out of 15 changed files in this pull request and generated 7 comments.

Show a summary per file

File	Description
upload-api/.env	Adds upload-api environment variables (currently committed as a real .env).
ui/tests/unit/utilities/constants.test.ts	Updates unit test expectations after removing Auto-mapped status.
ui/src/utilities/constants.ts	Removes Auto-mapped status and related pill constants.
ui/src/pages/Migration/index.tsx	Removes auto-mapped merge confirm modal flow when continuing from Content Mapper.
ui/src/context/app/app.interface.ts	Broadens existingCT / existingGlobal typing to allow lazy getters.
ui/src/components/LegacyCms/Actions/LoadFileFormat.tsx	Disables the File Format TextInput.
ui/src/components/ContentMapper/index.tsx	Removes auto-map merge logic and related UI elements/handlers.
ui/src/components/ContentMapper/index.scss	Removes auto-mapped pill styles; adds table layout alignment styles.
ui/src/components/ContentMapper/contentMapper.interface.ts	Removes auto-mapped merge handles from the ref interface.
ui/src/components/Common/SaveChangesModal/index.tsx	Changes Save/Don’t Save handlers and makes changeStep typed sync.
api/tests/unit/utils/uid-mapper.utils.test.ts	Adds unit tests for writeUidMapping.
api/src/utils/field-attacher.utils.ts	Switches content type creation logs from console.info to customLogger.
api/src/utils/entry-update.utils.ts	Adds clearStaleEntries; updates entry removal to use index.json chunk lists.
api/src/services/runCli.service.ts	Uses writeUidMapping instead of inline uid-mapper DB logic.
api/src/services/migration.service.ts	Calls clearStaleEntries before transforming entries for migration/test migration.

Comments suppressed due to low confidence (1)

api/src/utils/entry-update.utils.ts:128

• Chunk filenames coming from index.json are joined directly into localePath and then parsed without any existence/path containment checks. A missing file or unexpected path segment will currently throw and stop processing; this should be validated and skipped with a log entry instead.

            for (const jsonFile of jsonFiles) {
                const filePath = path.join(localePath, jsonFile);
                const raw = fs.readFileSync(filePath, "utf-8");
                const data = JSON.parse(raw);

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[github-actions]

🔒 Security Scan Results

ℹ️ Note: Only vulnerabilities with available fixes (upgrades or patches) are counted toward thresholds.

Check Type	Count (with fixes)	Without fixes	Threshold	Result
🔴 Critical Severity	0	0	10	✅ Passed
🟠 High Severity	15	334	25	✅ Passed
🟡 Medium Severity	20	3	500	✅ Passed
🔵 Low Severity	0	0	1000	✅ Passed

⏱️ SLA Breach Summary

⚠️ Warning: The following vulnerabilities have exceeded their SLA thresholds (days since publication).

Severity	Breaches (with fixes)	Breaches (no fixes)	SLA Threshold (with/no fixes)	Status
🔴 Critical	0	0	15 / 30 days	✅ Passed
🟠 High	0	0	30 / 120 days	✅ Passed
🟡 Medium	0	2	90 / 365 days	⚠️ Warning
🔵 Low	0	0	180 / 365 days	✅ Passed

ℹ️ Vulnerabilities Without Available Fixes (Informational Only)

The following vulnerabilities were detected but do not have fixes available (no upgrade or patch). These are excluded from failure thresholds:

• Critical without fixes: 0
• High without fixes: 334
• Medium without fixes: 3
• Low without fixes: 0

⚠️ BUILD PASSED WITH WARNINGS - SLA breaches detected for issues without available fixes

Consider reviewing these vulnerabilities when fixes become available.

[github-actions]

🔒 Security Scan Results

ℹ️ Note: Only vulnerabilities with available fixes (upgrades or patches) are counted toward thresholds.

Check Type	Count (with fixes)	Without fixes	Threshold	Result
🔴 Critical Severity	0	0	10	✅ Passed
🟠 High Severity	15	334	25	✅ Passed
🟡 Medium Severity	20	3	500	✅ Passed
🔵 Low Severity	0	0	1000	✅ Passed

⏱️ SLA Breach Summary

⚠️ Warning: The following vulnerabilities have exceeded their SLA thresholds (days since publication).

Severity	Breaches (with fixes)	Breaches (no fixes)	SLA Threshold (with/no fixes)	Status
🔴 Critical	0	0	15 / 30 days	✅ Passed
🟠 High	0	0	30 / 120 days	✅ Passed
🟡 Medium	0	2	90 / 365 days	⚠️ Warning
🔵 Low	0	0	180 / 365 days	✅ Passed

ℹ️ Vulnerabilities Without Available Fixes (Informational Only)

The following vulnerabilities were detected but do not have fixes available (no upgrade or patch). These are excluded from failure thresholds:

• Critical without fixes: 0
• High without fixes: 334
• Medium without fixes: 3
• Low without fixes: 0

⚠️ BUILD PASSED WITH WARNINGS - SLA breaches detected for issues without available fixes

Consider reviewing these vulnerabilities when fixes become available.

[github-actions]

🔒 Security Scan Results

ℹ️ Note: Only vulnerabilities with available fixes (upgrades or patches) are counted toward thresholds.

Check Type	Count (with fixes)	Without fixes	Threshold	Result
🔴 Critical Severity	0	0	10	✅ Passed
🟠 High Severity	15	334	25	✅ Passed
🟡 Medium Severity	20	3	500	✅ Passed
🔵 Low Severity	0	0	1000	✅ Passed

⏱️ SLA Breach Summary

⚠️ Warning: The following vulnerabilities have exceeded their SLA thresholds (days since publication).

Severity	Breaches (with fixes)	Breaches (no fixes)	SLA Threshold (with/no fixes)	Status
🔴 Critical	0	0	15 / 30 days	✅ Passed
🟠 High	0	0	30 / 120 days	✅ Passed
🟡 Medium	0	2	90 / 365 days	⚠️ Warning
🔵 Low	0	0	180 / 365 days	✅ Passed

ℹ️ Vulnerabilities Without Available Fixes (Informational Only)

The following vulnerabilities were detected but do not have fixes available (no upgrade or patch). These are excluded from failure thresholds:

• Critical without fixes: 0
• High without fixes: 334
• Medium without fixes: 3
• Low without fixes: 0

⚠️ BUILD PASSED WITH WARNINGS - SLA breaches detected for issues without available fixes

Consider reviewing these vulnerabilities when fixes become available.