Conversation
…contractor roles * chore(api): update Dockerfile to use non-root user for file ownership in production * fix(organization): disable non-portal notifications for employee and contractor roles * fix(email): implement default notification settings for portal-only roles * fix(db): update role notification settings to include all built-in roles for complete data coverage --------- Co-authored-by: Mariano Fuentes <marfuen98@gmail.com>
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
PR SummaryMedium Risk Overview Refactors questionnaire/vector-store Excel handling and export generation. Replaces Adjusts notification defaults for portal-only roles. Employee/contractor role notification defaults are changed to disable task/mention/digest/finding notifications, backed by a new Prisma migration to update/seed Also bumps Written by Cursor Bugbot for commit 64cbd78. This will update automatically on new commits. Configure here. |
* perf(docker): optimize API build — strip unused deps, remove duplicate prisma generate - Strip root package.json of frontend deps before bun install (~650 fewer packages) - Use --ignore-scripts to skip husky and other lifecycle scripts - Remove duplicate prisma generate in production stage (builder already generates it) - Combine sequential RUN commands into fewer layers - Use COPY --chown instead of recursive chown -R (eliminates 311s step) - Fix .dockerignore to exclude nested node_modules (**/ instead of */) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * perf(docker): enable ECR layer caching for CodeBuild Pull previous image before building and use --cache-from so Docker can reuse unchanged layers. Most builds will only rebuild from the source COPY step onwards, skipping bun install entirely. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix(docker): use denylist for root package.json stripping Delete only dependencies/devDependencies/scripts instead of allowlisting fields. Preserves overrides, resolutions, patchedDependencies, and any other fields that affect dependency resolution. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix(security): upgrade jspdf v3→v4, replace xlsx with exceljs - jspdf 3.x → 4.2.0: fixes 21 vulnerabilities (PDF injection, DoS, XSS). Zero code changes needed — API is fully compatible. - xlsx → exceljs: fixes 7 vulnerabilities (ReDoS, prototype pollution). xlsx is abandoned with no patched version. exceljs was already a dependency. Migrated 3 files, updated callers to async. - Added unit tests for PDF generation (training cert, policy renderer) and Excel read/write (content extractor, export generator, vector store) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> --------- Co-authored-by: Mariano Fuentes <marfuen98@gmail.com> Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.
|
🎉 This PR is included in version 3.7.1 🎉 The release is available on GitHub release Your semantic-release bot 📦🚀 |
2 participants
This is an automated pull request to release the candidate branch into production, which will trigger a deployment.
It was created by the [Production PR] action.