Conversation
Bumps the minor-and-patch group with 3 updates: [openai](https://github.com/openai/openai-node), [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) and [eslint](https://github.com/eslint/eslint). Updates `openai` from 6.25.0 to 6.27.0 - [Release notes](https://github.com/openai/openai-node/releases) - [Changelog](https://github.com/openai/openai-node/blob/master/CHANGELOG.md) - [Commits](openai/openai-node@v6.25.0...v6.27.0) Updates `@types/node` from 25.3.3 to 25.3.5 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) Updates `eslint` from 10.0.2 to 10.0.3 - [Release notes](https://github.com/eslint/eslint/releases) - [Commits](eslint/eslint@v10.0.2...v10.0.3) --- updated-dependencies: - dependency-name: openai dependency-version: 6.27.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-and-patch - dependency-name: "@types/node" dependency-version: 25.3.5 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: eslint dependency-version: 10.0.3 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: minor-and-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps the actions group with 4 updates: [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action), [docker/login-action](https://github.com/docker/login-action), [docker/metadata-action](https://github.com/docker/metadata-action) and [docker/build-push-action](https://github.com/docker/build-push-action). Updates `docker/setup-buildx-action` from 3 to 4 - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](docker/setup-buildx-action@v3...v4) Updates `docker/login-action` from 3 to 4 - [Release notes](https://github.com/docker/login-action/releases) - [Commits](docker/login-action@v3...v4) Updates `docker/metadata-action` from 5 to 6 - [Release notes](https://github.com/docker/metadata-action/releases) - [Commits](docker/metadata-action@v5...v6) Updates `docker/build-push-action` from 6 to 7 - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](docker/build-push-action@v6...v7) --- updated-dependencies: - dependency-name: docker/setup-buildx-action dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: docker/login-action dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: docker/metadata-action dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: docker/build-push-action dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps the npm_and_yarn group with 1 update in the / directory: [express-rate-limit](https://github.com/express-rate-limit/express-rate-limit). Updates `express-rate-limit` from 8.2.1 to 8.3.0 - [Release notes](https://github.com/express-rate-limit/express-rate-limit/releases) - [Commits](express-rate-limit/express-rate-limit@v8.2.1...v8.3.0) --- updated-dependencies: - dependency-name: express-rate-limit dependency-version: 8.3.0 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore: rebase development features onto main (v1.3.0 baseline) (#375) Applies all development branch changes (MMR, Anthropic provider, EPUB/PPTX parsers, batch search, TTL, SDK, spider, webhooks, etc.) directly on top of main's v1.3.0 tip to create a clean linear history. This resolves the git ancestry divergence that caused persistent conflicts in the release PR. Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com> * feat: rebase development features onto main (v1.3.0 baseline) * fix(security): replace execSync with spawnSync and throw on DB path mismatch B1: The CLI update command now uses spawnSync instead of execSync to avoid shell injection risks when running npm commands. B2: getDatabase() now throws a DatabaseError when called with a different path than the already-open connection, instead of silently returning the cached connection. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * fix(security): remove timing side channel and enforce webhook secret encryption Remove the length pre-check before timingSafeEqual in API key validation, as the fixed-size COMPARE_LEN=256 buffers already handle mismatched lengths. The length check was a timing side channel that leaked key length info. Add validation in createWebhook and updateWebhook to require LIBSCOPE_SECRET_KEY env var when a webhook secret is provided, preventing plaintext secret storage. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * fix(security): strip API keys from saved config file Security: never persist API keys (openaiApiKey, anthropicApiKey) to config.json on disk. Keys are read from environment variables at runtime. Adds deprecation warning when keys are found in existing config files. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * ci: retarget to development branch --------- Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
* feat(db): add Zod-based row validation helpers * fix(types): validate DB query results in search.ts and analytics.ts * fix(types): concrete VersionMetadata type and log silent JSON.parse failures Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * test(db): add unit tests for Zod-based validateRow/validateRows helpers * fix(types): validate DB results in ratings/versioning/tags and fix applyMMR null safety Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * fix(types): correct avg_rating Zod schema to nullable (not optional) to match SearchResult type * fix(types): use nullable().optional() + ?? null mapping for conditional avg_rating column --------- Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
Vercel was skipping the docs build on releases because the ignore command only checked the docs directory, missing the version bump in package.json. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
../../package.json was outside the repo root from Vercel's working directory. Should be ../package.json since vercel.json lives in docs/. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.