topcoder-platform · jmgasper · Mar 10, 2026 · Feb 20, 2026 · Feb 20, 2026 · Feb 20, 2026
diff --git a/.circleci/config.yml b/.circleci/config.yml
@@ -9,10 +9,6 @@ defaults: &defaults
   docker:
     - image: cimg/python:3.13.2-browsers
 
-node_defaults: &node_defaults
-  docker:
-    - image: cimg/node:22.13
-
 install_dependency: &install_dependency
   name: Installation of build and deployment dependencies.
   command: |
@@ -63,42 +59,6 @@ jobs:
       DEPLOYMENT_ENVIRONMENT: "prod"
     steps: *builddeploy_steps
 
-  deployment-validation-dev:
-    <<: *node_defaults
-    environment:
-      DEPLOYMENT_VALIDATION_ENABLED: "true"
-      DEPLOYMENT_SMOKE_ENABLED: "false"
-      V6_BASE_URL: "${DEPLOYMENT_VALIDATION_DEV_BASE_URL}"
-    steps:
-      - checkout
-      - run:
-          name: Enable pnpm
-          command: corepack enable
-      - run:
-          name: Install dependencies
-          command: pnpm install --frozen-lockfile
-      - run:
-          name: Run deployment validation tests
-          command: pnpm test:deployment
-
-  deployment-validation-prod:
-    <<: *node_defaults
-    environment:
-      DEPLOYMENT_VALIDATION_ENABLED: "true"
-      DEPLOYMENT_SMOKE_ENABLED: "false"
-      V6_BASE_URL: "${DEPLOYMENT_VALIDATION_PROD_BASE_URL}"
-    steps:
-      - checkout
-      - run:
-          name: Enable pnpm
-          command: corepack enable
-      - run:
-          name: Install dependencies
-          command: pnpm install --frozen-lockfile
-      - run:
-          name: Run deployment validation tests
-          command: pnpm test:deployment
-
 workflows:
   version: 2
   build-dev:
@@ -109,14 +69,6 @@ workflows:
             branches:
               only:
                 - dev
-      - deployment-validation-dev:
-          context: org-global
-          requires:
-            - build-dev
-          filters:
-            branches:
-              only:
-                - dev
 
   build-prod:
     jobs:
@@ -126,11 +78,3 @@ workflows:
             branches:
               only:
                 - master
-      - deployment-validation-prod:
-          context: org-global
-          requires:
-            - build-prod
-          filters:
-            branches:
-              only:
-                - master
diff --git a/.env.example b/.env.example
@@ -12,15 +12,19 @@ AUTH0_PROXY_SERVER_URL="https://auth0proxy.topcoder-dev.com"
 AUTH0_CLIENT_ID=""
 AUTH0_CLIENT_SECRET=""
 
-# Kafka Event Bus
+# Bus API client configuration (via tc-bus-api-wrapper)
+# KAFKA_URL is retained only for compatibility with shared env packs;
+# current wrapper initialization does not use it.
 KAFKA_URL="localhost:9092"
+KAFKA_ERROR_TOPIC="common.error.reporting"
 KAFKA_CLIENT_CERT=""
 KAFKA_CLIENT_CERT_KEY=""
 BUSAPI_URL="https://api.topcoder-dev.com/v5"
 
-# Project event topics (only active topics)
+# Project event topics
 KAFKA_PROJECT_CREATED_TOPIC="project.created"
 KAFKA_PROJECT_UPDATED_TOPIC="project.updated"
+KAFKA_PROJECT_BILLING_ACCOUNT_UPDATED_TOPIC="project.action.billingAccount.update"
 KAFKA_PROJECT_DELETED_TOPIC="project.deleted"
 KAFKA_PROJECT_MEMBER_ADDED_TOPIC="project.member.added"
 KAFKA_PROJECT_MEMBER_REMOVED_TOPIC="project.member.removed"
@@ -55,9 +59,17 @@ INVITE_EMAIL_SECTION_TITLE=""
 COPILOT_PORTAL_URL=""
 WORK_MANAGER_URL=""
 ACCOUNTS_APP_URL=""
+# Dedicated project-invite templates:
+# - known user (Join/Decline flow): SENDGRID_PROJECT_INVITATION_KNOWN_USER_TEMPLATE_ID
+# - unknown email (Register flow): SENDGRID_PROJECT_INVITATION_UNKNOWN_USER_TEMPLATE_ID
+# Legacy fallback for both invite types:
 SENDGRID_TEMPLATE_PROJECT_MEMBER_INVITED=""
+SENDGRID_PROJECT_INVITATION_KNOWN_USER_TEMPLATE_ID=""
+SENDGRID_PROJECT_INVITATION_UNKNOWN_USER_TEMPLATE_ID=""
 SENDGRID_TEMPLATE_COPILOT_ALREADY_PART_OF_PROJECT=""
 SENDGRID_TEMPLATE_INFORM_PM_COPILOT_APPLICATION_ACCEPTED=""
+SENDGRID_TEMPLATE_COPILOT_REQUEST_CREATED=""
+COPILOTS_SLACK_EMAIL=""
 UNIQUE_GMAIL_VALIDATION=false
 
 # API Configuration

diff --git a/.github/workflows/code_reviewer.yml b/.github/workflows/code_reviewer.yml
@@ -0,0 +1,22 @@
+name: AI PR Reviewer
+
+on:
+  pull_request:
+    types:
+      - opened
+      - synchronize
+permissions:
+  pull-requests: write
+jobs:
+  tc-ai-pr-review:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout Repo
+        uses: actions/checkout@v3
+
+      - name: TC AI PR Reviewer
+        uses: topcoder-platform/tc-ai-pr-reviewer@master
+        with:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # The GITHUB_TOKEN is there by default so you just need to keep it like it is and not necessarily need to add it as secret as it will throw an error. [More Details](https://docs.github.com/en/actions/security-guides/automatic-token-authentication#about-the-github_token-secret)
+          LAB45_API_KEY: ${{ secrets.LAB45_API_KEY }}
+          exclude: '**/*.json, **/*.md, **/*.jpg, **/*.png, **/*.jpeg, **/*.bmp, **/*.webp' # Optional: exclude patterns separated by commas
diff --git a/.github/workflows/trivy.yaml b/.github/workflows/trivy.yaml
@@ -0,0 +1,35 @@
+name: Trivy Scanner
+
+permissions:
+  contents: read
+  security-events: write
+
+on:
+  push:
+    branches:
+      - dev
+  pull_request:
+
+jobs:
+  trivy-scan:
+    name: Use Trivy
+    runs-on: ubuntu-24.04
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Run Trivy scanner in repo mode
+        uses: aquasecurity/trivy-action@0.34.0
+        with:
+          scan-type: fs
+          ignore-unfixed: true
+          format: sarif
+          output: trivy-results.sarif
+          severity: CRITICAL,HIGH,UNKNOWN
+          scanners: vuln,secret,misconfig,license
+          github-pat: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Upload Trivy scan results to GitHub Security tab
+        uses: github/codeql-action/upload-sarif@v3
+        with:
+          sarif_file: trivy-results.sarif
diff --git a/Dockerfile b/Dockerfile
@@ -2,7 +2,7 @@
 
 FROM node:22.13.1-alpine
 
-RUN apk add --no-cache bash
+RUN apk add --no-cache bash git
 RUN apk update
 
 ARG RESET_DB_ARG=false
@@ -17,4 +17,4 @@ RUN npm install pnpm -g
 RUN pnpm install
 RUN pnpm run build
 RUN chmod +x appStartUp.sh
-CMD ./appStartUp.sh
+CMD ./appStartUp.sh
diff --git a/LISTENERS.md b/LISTENERS.md
@@ -1,13 +1,14 @@
 # Kafka Listener Audit for `projects-api-v6` Topics
 
-Date: 2026-02-08  
+Date: 2026-03-04  
 Scope: all top-level services/apps in this monorepo.  
 Excluded per request: `projects-api-v6`, `tc-project-service`.
 
 ## Active topics in `projects-api-v6/.env.example`
 
 - `project.created`
 - `project.updated`
+- `project.action.billingAccount.update`
 - `project.deleted`
 - `project.member.added`
 - `project.member.removed`
@@ -22,6 +23,7 @@ No non-excluded service in this monorepo statically subscribes to these topics.
 |---|---|---|---|
 | `KAFKA_PROJECT_CREATED_TOPIC` | `project.created` | None found | N/A |
 | `KAFKA_PROJECT_UPDATED_TOPIC` | `project.updated` | None found | N/A |
+| `KAFKA_PROJECT_BILLING_ACCOUNT_UPDATED_TOPIC` | `project.action.billingAccount.update` | None found | N/A |
 | `KAFKA_PROJECT_DELETED_TOPIC` | `project.deleted` | None found | N/A |
 | `KAFKA_PROJECT_MEMBER_ADDED_TOPIC` | `project.member.added` | None found | N/A |
 | `KAFKA_PROJECT_MEMBER_REMOVED_TOPIC` | `project.member.removed` | None found | N/A |