Code Overlap With Siblings¶
With someli-api¶
Shared skeleton (file shapes match, contents differ)¶
| Concern | designer-api | someli-api | Status |
|---|---|---|---|
conf.js |
27 lines, smaller env surface | larger env surface | drifted |
server.js |
Express boot + Socket.IO + DB connect + routes mount | same shape, larger | drifted |
routes/routes.js |
13608 lines, 269 endpoints | ~22000 lines, ~728 endpoints | drifted (distinct domains) |
actions/actions.js |
older fork (per audit notes about null handling) | newer hardened version | designer-api lags |
modules/dbDriver/lib/mysql.js |
drifted | canonical | designer-api has different impl |
helper/index.js |
88 lines, thin | re-exports from 10+ helper files | designer-api is much smaller |
helper/ |
only index.js |
10+ files (aiLogics, helper, constants, tokenGenerator, etc.) |
designer-api has no aiLogics.js, no tokenGenerator.js, no constants.js |
Background jobs: zero filename overlap¶
108 jobs in someli-api, 57 in designer-api. No filenames in common. The two repos own distinct domains:
| someli-api jobs | designer-api jobs |
|---|---|
| social publishing (FB/IG/LI/TT) | industry content generation |
| token refresh | template validation |
| paddle webhooks | scheduler (template, organisation, variant) |
| post validation | approval workflow |
| insights aggregation | template cleanup |
Both repos use the same boilerplate pattern (cron + sync-mysql + isOnProcess guard). Extracting the pattern to a shared library would save code in both — see Recommendations.
Polotno usage¶
Both repos use polotno-node. Versions drift (designer-api: 2.10.4; Someli-admin-api: 2.9.30; someli-api: not in this audit). The Polotno license key location differs per repo — see security.md.
Unsplash, Pexels, Pixabay clients¶
Both repos initialise their own clients with API keys from conf.js (designer-api hardcodes the Unsplash key — see security.md). The clients themselves use the same packages.
With Someli-admin-api¶
helper/ overlap¶
Only helper/index.js exists in both. The 9 other helper files in Someli-admin-api (aiLogics.js, helper.js, constants.js, tokenGenerator.js, revokeToken.js, ragProcess.js, webScraping.js, stockImage.js, basic.js) do not exist in designer-api. So the byte-identical tokenGenerator.js / revokeToken.js / ragProcess.js / webScraping.js that are shared between Someli-admin-api and someli-api are not present here.
Auth pattern¶
Different schemes. Someli-admin-api uses an encrypted-token + a shared tokenGenerator.js. designer-api uses a custom inline token with no shared crypto utility. They are not interoperable.
aws-sdk v2¶
Both use v2. Neither has migrated to v3 yet.
Slack notifier¶
Both repos have a hardcoded Slack bot token in source. Different tokens (different channels):
| Repo | Channel | File |
|---|---|---|
Someli-admin-api |
C05TS9AHBH6 |
routes/auth.js:21 |
designer-api |
C05H25MDY3Z |
teamsnotification.js:2 |
Both should be rotated and moved to env.
With someli-dashboard-be¶
No code overlap. someli-dashboard-be is a slice of someli-api/dashboard/ and doesn't share files with designer-api.
Recommendations¶
| ID | Recommendation | Effort |
|---|---|---|
| O-1 | Sync actions/actions.js with someli-api's newer copy (null handling, recursive object stringification) |
Small |
| O-2 | Extract the cron-job boilerplate (conf, sync-mysql connect, isOnProcess guard) into a shared @someli/job-base package |
Medium |
| O-3 | Reconcile helper/index.js between designer-api and someli-api — pick which is canonical |
Small |
| O-4 | Adopt someli-api's tokenGenerator.js so all backends use the same crypto-token format |
Medium (also touches FE) |
| O-5 | Coordinate aws-sdk v2 → v3 across all backends |
Large |
| O-6 | Centralise Slack notification (move to one shared module imported by all backends; tokens from env) | Small |
| O-7 | Centralise prompt templates used by bots (currently inline OpenAI prompts; one shared registry would help) | Medium |