feat: modernize API boilerplate with Node 22, ESLint 9, and production-grade features

[arifintahu]

Summary

This PR performs a major overhaul of the API boilerplate, upgrading the core runtime to Node.js 22 and TypeScript 5.7 while introducing production-ready features such as security hardening, structured logging, request tracing, and standardized API responses.

Key Changes

• Core Tooling & Runtime: Upgraded the project environment to modern standards
  • Updated to Node.js 22 and TypeScript 5.7
  • Migrated ESLint to version 9 with Flat Config (eslint.config.js)
  • Updated GitHub Actions CI to use Node 22 and v4 actions
• Infrastructure & DevOps: Enhanced containerization and deployment readiness
  • Implemented multi-stage Dockerfile with non-root user and healthchecks
  • Updated docker-compose.yml with PostgreSQL healthchecks and configurable environment variables
• Security & Reliability: Added production-grade safety layers
  • Integrated helmet for security headers and express-rate-limit for DDoS protection
  • Implemented graceful shutdown handling for SIGTERM/SIGINT signals
  • Added a /health check endpoint with database connectivity validation
• Standardization & Observability: Improved consistency and debugging capabilities
  • Introduced ApiResponse and AppError utilities for uniform JSON responses and error handling
  • Added requestIdMiddleware to trace requests via X-Request-Id headers
  • Enhanced Morgan middleware with custom tokens and JSON logging for production
• Database & Business Logic: Refined data handling patterns
  • Added offset-based pagination to UserRepository
  • Integrated automatic bcrypt password hashing via Sequelize model hooks
  • Decoupled repository interfaces into dedicated files

Testing

• Automated Tests: Updated Jest test suites for UserRepository and RoleRepository to validate new pagination logic and mocking strategies. Run via npm test.
• Manual Verification: Spun up services via docker-compose up to verify container health and environment variable injection.
• API Testing: Verified the standardized response format using the updated Swagger documentation at the /docs endpoint.

Notable Implementation Details

• The project now strictly uses ESLint's new Flat Config system, replacing the deprecated .eslintrc format.
• Docker builds use node:22-alpine to minimize image size and attack surface.
• Password hashing is handled at the model level (beforeCreate, beforeUpdate) to ensure security regardless of which service creates the user.

Out of Scope

• Implementation of Refresh Tokens (currently only standard JWT is supported).
• Comprehensive integration tests for all controller endpoints.

Impact

These changes provide a robust, secure, and highly observable foundation for building RESTful APIs. It reduces technical debt by adopting the latest ecosystem standards and ensures that new features can be built on top of a production-hardened architecture.