chore(deps): bump the development-deps group in /frontend with 9 updates#17
Closed
dependabot[bot] wants to merge 1257 commits into
Closed
chore(deps): bump the development-deps group in /frontend with 9 updates#17dependabot[bot] wants to merge 1257 commits into
dependabot[bot] wants to merge 1257 commits into
Conversation
Create ai_mission_templates with JSONB phases, approval_gates, rejection_mappings, skill_compositions columns. Add mission_template_id and custom_phases to ai_missions.
…solution Ai::MissionTemplate provides phase sequences, approval gates, rejection mappings, and gate names. Ai::Mission resolves phases from template with no hardcoded fallback. RalphTask broadcasts status changes via MissionChannel for real-time updates.
Orchestrator resolves job classes, gate names, and rejection targets from template phase config. New SkillCompositionService creates RalphLoop tasks from discovered skills matched to template phases.
…oints MissionTemplatesController with CRUD. Missions controller gains task_graph, save_as_template, and compose_plan actions. Routes registered in AI namespace.
…ase types Add React Flow task graph with RalphTaskNode/ApprovalGateNode, useMissionTaskGraph hook with real-time WebSocket updates. Clickable PhaseTimeline with phase filtering. Template selection step in NewMissionWizard. MissionPhase changed to string for template-driven phases. Workflow Builder demoted in navigation order.
…ites Add ai_mission_template factory with development/research/operations traits. Update ai_mission factory to auto-assign templates. Rewrite mission model and orchestrator specs for template-driven architecture. Stub WorkerJobService in orchestrator and request specs.
… integration Implement Situation-Task-Action-Result structured reasoning service that forces explicit goal articulation before reasoning begins, surfacing implicit constraints. Wire into AgentToolBridgeService alongside existing chain-of-thought and plan-and-execute modes. Enhance SkillCompositionService with STAR-refined phase queries for richer skill discovery. Fix pre-existing bugs in find_or_create_ralph_loop! (stale loop_type attribute, invalid status).
…composition specs
MCP client agents are now transient — always created fresh per session, archived on disconnect, and blocked from non-workspace teams. Fixes stale agent accumulation and prevents misuse in missions/teams.
SSE streams held a checked-out DB connection for their entire lifetime (hours/days), exhausting the pool and blocking all HTTP requests with ConnectionTimeoutError. Now releases the connection after setup and borrows briefly via with_connection for each keepalive ping.
Merge the separate Devops::Repository model into Devops::GitRepository via 4-stage migration (add columns, migrate data, update FKs, drop table). Update serializer, controllers, factories, and specs accordingly.
…lients Delete Ai::Llm::Client, adapter factory, all provider adapters, and Ai::ProviderClientService with its adapters. Replace with WorkerLlmClient and WorkerEmbeddingClient that proxy LLM calls through the worker service. Add AgentBackedService concern for shared proxy plumbing.
Migrate all AI services from direct Ai::Llm::Client / ProviderClientService calls to WorkerLlmClient and WorkerEmbeddingClient. Services now delegate LLM completions and embeddings to the worker process via HTTP.
…Service Delete all server/app/jobs/ai/ job classes and their specs. These jobs now run in the worker process; the server dispatches them via WorkerJobService HTTP API calls.
Add internal API controllers for self-healing, ralph loops, trajectory, and worktree sessions (worker → server callbacks). Update LLM proxy controller to remove direct completion endpoints. Add provider_config and embedding_config routes for worker credential resolution.
Add 12 AI job classes relocated from server (conversation, worktree, ralph, self-healing, trajectory, merge, conflict detection). Expand LlmProxyClient with direct provider calls using CredentialResolver. Add AI service layer for worker-side LLM operations. Update Sidekiq config with AI-specific queues and scheduled jobs.
Update test helpers, factories, and specs to use WorkerLlmClient stubs instead of direct LLM client mocks. Add WorkerJobService stub helpers. Update AI service specs for proxy-based LLM calls. Add MCP client identity service spec.
…se submodule Minor StepPlanReview UI adjustment, add AI utility agents seed, update maintenance page, and update enterprise submodule pointer.
Use the repository's default_branch instead of the hardcoded column default of "main" when creating missions. Prevents branch creation failures on repos that use master or other default branches.
Add server/config/database.yml.example with pool default of 30. Track .env.mcp.example, .env.production.example, and .env.staging.example by adding !.env.*.example negation to .gitignore. Update RAILS_MAX_THREADS to 10 in all env examples.
…r handling ExtractionService called client.provider.name on WorkerLlmClient which has nil provider when initialized with agent_id only — use provider_name safe accessor instead. StreamableHttpController rescue ArgumentError was catching parameter validation errors and silently returning null via introspection fallback — scope to only catch unknown tool errors.
…alidation Expand .gitleaks.toml allowlist from 12 to 21 path rules and 9 to 18 content regexes to suppress false positives from CI workflows, test fixtures, seed data, and Docker configs. Add gitleaks as step 4/4 in validate.sh with --skip-secrets flag. Add on-demand full-history scan script for security audits across main repo and submodules.
Navigate to mission page with openApproval state flag so the ApprovalGateModal auto-opens instead of just showing the mission detail
…io-scoped credentials Add enqueue_trading_training_session to WorkerJobService for immediate session dispatch. Update schema to reflect venue credentials scoped to portfolio instead of account.
…quest interceptor Lazy-load PortfolioSwitcherWrapper from trading extension into the Header when on trading routes. Add addRequestInterceptor to APIClient for extension-driven request modification (portfolio ID injection).
…odule Skip cooldown check in llm_probability, agent_ensemble, and sentiment_analysis when training? is true. Prevents false cooldown blocks in fast-tick training mode where tick_interval (8s) < cooldown_seconds (15-60s). Exit checks and position management remain unaffected. Update trading submodule: settlement bypass, fee deduction, compounding defaults, backtest pair registration, paper mode, category blacklist fix.
…cher, and job infrastructure
…te systemd config
… extraction, and evaluator concerns
…chain, and system ops
…, supply chain, reconciliation
Bumps the development-deps group in /frontend with 9 updates: | Package | From | To | | --- | --- | --- | | [@tailwindcss/postcss](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-postcss) | `4.2.0` | `4.2.1` | | [autoprefixer](https://github.com/postcss/autoprefixer) | `10.4.24` | `10.4.27` | | [cypress](https://github.com/cypress-io/cypress) | `15.10.0` | `15.12.0` | | [globals](https://github.com/sindresorhus/globals) | `17.3.0` | `17.4.0` | | [jest](https://github.com/jestjs/jest/tree/HEAD/packages/jest) | `30.2.0` | `30.3.0` | | [jest-environment-jsdom](https://github.com/jestjs/jest/tree/HEAD/packages/jest-environment-jsdom) | `30.2.0` | `30.3.0` | | [postcss](https://github.com/postcss/postcss) | `8.5.6` | `8.5.8` | | [tailwindcss](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/tailwindcss) | `4.2.0` | `4.2.1` | | [typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint) | `8.56.0` | `8.57.0` | Updates `@tailwindcss/postcss` from 4.2.0 to 4.2.1 - [Release notes](https://github.com/tailwindlabs/tailwindcss/releases) - [Changelog](https://github.com/tailwindlabs/tailwindcss/blob/main/CHANGELOG.md) - [Commits](https://github.com/tailwindlabs/tailwindcss/commits/v4.2.1/packages/@tailwindcss-postcss) Updates `autoprefixer` from 10.4.24 to 10.4.27 - [Release notes](https://github.com/postcss/autoprefixer/releases) - [Changelog](https://github.com/postcss/autoprefixer/blob/main/CHANGELOG.md) - [Commits](postcss/autoprefixer@10.4.24...10.4.27) Updates `cypress` from 15.10.0 to 15.12.0 - [Release notes](https://github.com/cypress-io/cypress/releases) - [Changelog](https://github.com/cypress-io/cypress/blob/develop/CHANGELOG.md) - [Commits](cypress-io/cypress@v15.10.0...v15.12.0) Updates `globals` from 17.3.0 to 17.4.0 - [Release notes](https://github.com/sindresorhus/globals/releases) - [Commits](sindresorhus/globals@v17.3.0...v17.4.0) Updates `jest` from 30.2.0 to 30.3.0 - [Release notes](https://github.com/jestjs/jest/releases) - [Changelog](https://github.com/jestjs/jest/blob/main/CHANGELOG.md) - [Commits](https://github.com/jestjs/jest/commits/v30.3.0/packages/jest) Updates `jest-environment-jsdom` from 30.2.0 to 30.3.0 - [Release notes](https://github.com/jestjs/jest/releases) - [Changelog](https://github.com/jestjs/jest/blob/main/CHANGELOG.md) - [Commits](https://github.com/jestjs/jest/commits/v30.3.0/packages/jest-environment-jsdom) Updates `postcss` from 8.5.6 to 8.5.8 - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](postcss/postcss@8.5.6...8.5.8) Updates `tailwindcss` from 4.2.0 to 4.2.1 - [Release notes](https://github.com/tailwindlabs/tailwindcss/releases) - [Changelog](https://github.com/tailwindlabs/tailwindcss/blob/main/CHANGELOG.md) - [Commits](https://github.com/tailwindlabs/tailwindcss/commits/v4.2.1/packages/tailwindcss) Updates `typescript-eslint` from 8.56.0 to 8.57.0 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.57.0/packages/typescript-eslint) --- updated-dependencies: - dependency-name: "@tailwindcss/postcss" dependency-version: 4.2.1 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: development-deps - dependency-name: autoprefixer dependency-version: 10.4.27 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: development-deps - dependency-name: cypress dependency-version: 15.12.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: development-deps - dependency-name: globals dependency-version: 17.4.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: development-deps - dependency-name: jest dependency-version: 30.3.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: development-deps - dependency-name: jest-environment-jsdom dependency-version: 30.3.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: development-deps - dependency-name: postcss dependency-version: 8.5.8 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: development-deps - dependency-name: tailwindcss dependency-version: 4.2.1 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: development-deps - dependency-name: typescript-eslint dependency-version: 8.57.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: development-deps ... Signed-off-by: dependabot[bot] <support@github.com>
Author
LabelsThe following labels could not be found: Please fix the above issues or remove invalid values from |
rett
deleted the
dependabot/npm_and_yarn/frontend/development-deps-ff77e8c994
branch
Author
|
This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests. To ignore these dependencies, configure ignore rules in dependabot.yml |
rett
added a commit
that referenced
this pull request
May 9, 2026
… plan Bumps the system extension pointer from 1eefe41a7 → 5de5d61ca, absorbing 13 submodule commits that land Phases 0–2 of the agent stub implementation plan plus the github.com/nodealchemy org migration: Phase 0 — Shared infrastructure: refactor(agent): consolidate atomic-write into internal/fsutil feat(agent): phase 0 building blocks for stub implementation plan feat(system/server): agent fleet events ingestion endpoint Phase 1 — Service-loop core (autonomous reconciliation + cert rotation + task lease): feat(agent): rewrite oci.Puller for HTTP-driven streaming pull feat(agent): add Verifier interface + seccomp drop-in writer feat(agent): module reconciler goroutine + service wiring feat(agent): cert rotation goroutine + K3s applier doc finalize feat(system/server): /enroll/refresh + modules OCI metadata exposure feat(agent): task lease loop + handler registry feat(system/server): /status/tasks/:id show endpoint Phase 2 — Operator CLI module lifecycle: feat(agent): phase 2 CLI module lifecycle (verify/update/sync/attach/detach/init) feat(system/server): /modules/:id/rsync_spec + module member routes Path migration: chore: rename Go module + docs paths to github.com/nodealchemy Stubs landed: 13 of 18 (#2 task lease, #3 cert rotation, #4 reconcile, #5 verify, #6 update, #7 sync, #8 OCI pull, #9 cosign Verifier, #10 seccomp drop-in, #11 attach, #12 detach, #15 init, #18 K3s finalize). Stubs remaining: #1 boot, #13 commit, #14 exec, #16 volume-setup, #17 puppet apply (all in Phase 3 + 4). Plan reference: ~/.claude/plans/find-stubs-in-powernde-agent-kind-lecun.md
rett
added a commit
that referenced
this pull request
May 9, 2026
Bumps the system extension pointer to absorb Phase 3 of the agent
stub implementation plan:
feat(agent): phase 3 boot orchestration + high-risk CLI
(boot/exec/volume-setup)
Stubs landed: #1 boot, #14 exec, #16 volume-setup. The agent now
has all three high-risk operator commands wired with hardened
defaults — privilege drop on exec, multi-layer safety guards on
volume-setup, claim-pending poll on boot.
16 of 18 stubs landed. Remaining (Phase 4): #13 commit (capture
upper-dir delta as new module version with secret-scan), #17
puppet apply (manifest cosign-verify + change-count caps).
Plan reference: ~/.claude/plans/find-stubs-in-powernde-agent-kind-lecun.md
rett
added a commit
that referenced
this pull request
May 9, 2026
Bumps the system extension pointer to absorb Phase 4 of the agent stub implementation plan: feat: phase 4 module authoring CLIs (commit/puppet apply) + server endpoints Stubs landed: #13 commit, #17 puppet apply. ═══ ALL 18 STUBS COMPLETE ═══ Phase 0 — Shared infrastructure (3 commits): fsutil consolidation, transport.SwappableClient + io.EOF fix, mount.Lock flock helper, runtime.FetchAuthorizedKeys extraction, internal/{manifest,fleetevent,systemd,cli/} new packages, server: agent fleet events ingestion endpoint. Phase 1 — Service-loop core (7 commits, autonomous reconciliation): oci.Puller HTTP-driven streaming pull, verify.Verifier interface, internal/runtime/{reconcile,cert_rotation}.go goroutines, internal/runtime/tasks/ loop + 9 handler files, K3s agent applier doc finalization, server: /enroll/refresh + /status/tasks/:id + modules OCI metadata. Phase 2 — CLI module lifecycle (2 commits): init/verify/update/sync/attach/detach CLI commands wired, server: /modules/:id/rsync_spec + module member route fix. Phase 3 — Boot orchestration + high-risk CLI (1 commit): internal/boot/ orchestrator (identity → enroll → mount → switch_root), exec CLI with privilege drop (drop_to_nobody/as_user/privileged-allowlist), volume-setup CLI with multi-layer safety guards, server: LUKS controller + disk_policy in /config. Phase 4 — Module authoring CLIs (1 commit): commit CLI (rsync delta + secret scan + tar.zst + stage-or-push), puppet apply CLI (--noop first + change-count cap + identity-file refuse), server: /modules/:id/versions endpoint + AgentModuleCommitService. Path migration (1 commit): Go module github.com/powernode/platform/extensions/system/agent → github.com/nodealchemy/powernode-system/agent + 49 import updates + docs/services/seeds/.gitmodules to nodealchemy org. Plan reference: ~/.claude/plans/find-stubs-in-powernde-agent-kind-lecun.md
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps the development-deps group in /frontend with 9 updates:
4.2.04.2.110.4.2410.4.2715.10.015.12.017.3.017.4.030.2.030.3.030.2.030.3.08.5.68.5.84.2.04.2.18.56.08.57.0Updates
@tailwindcss/postcssfrom 4.2.0 to 4.2.1Release notes
Sourced from
@tailwindcss/postcss's releases.Changelog
Sourced from
@tailwindcss/postcss's changelog.Commits
1dce64e4.2.1 (#19714)Updates
autoprefixerfrom 10.4.24 to 10.4.27Release notes
Sourced from autoprefixer's releases.
Changelog
Sourced from autoprefixer's changelog.
Commits
360f2d9Release 10.4.27 versionab5260cUpdate clean-publish09e9dd1Release 10.4.26 versionec75540Ignore local patches59601b8Update c8 and clean-publish06ea988Release 10.4.25 version47d8a5bUpdate dependencies and fix Node.js 2551c596eAdd Node.js 25 and 24 to CI5239823Fix CSS variables in gradients (#1515) (#1544)Updates
cypressfrom 15.10.0 to 15.12.0Release notes
Sourced from cypress's releases.
Commits
dbb806achore: release v15.12.0 (#33459)4931cf0chore: bootstrap AI agent context files (AGENTS.md + CLAUDE.md) (#33429)9546ee8chore: removes changelog entries for sigint-related fixes that are still unre...fec7088chore: updating v8 snapshot cache (#33453)9b7ac44chore: Update v8 snapshot cache - darwin (#33452)9c8afaachore: updating v8 snapshot cache (#33449)3d2ca8achore: Update Chrome (beta) to 146.0.7680.65 (#33443)abc6b2bfix: prevent hang when waiting on multiple intercepts and navigating (#33446)32e95edtest: update coming soon test from app (#33448)aa56256dependency: update fast-xml-parser to 4.5.4 (#33435)Updates
globalsfrom 17.3.0 to 17.4.0Release notes
Sourced from globals's releases.
Commits
a9cfd7417.4.0d43a051Update globals (2026-03-01) (#338)Updates
jestfrom 30.2.0 to 30.3.0Release notes
Sourced from jest's releases.
Changelog
Sourced from jest's changelog.
Commits
efb59c2v30.3.096c53d3feat(jest-config): adddefineConfigandmergeConfigfunctions (#15844)Updates
jest-environment-jsdomfrom 30.2.0 to 30.3.0Release notes
Sourced from jest-environment-jsdom's releases.
Changelog
Sourced from jest-environment-jsdom's changelog.
Commits
efb59c2v30.3.0b5b0220Remove unused dependencies from jest-environment-jsdom (#15928)Updates
postcssfrom 8.5.6 to 8.5.8Release notes
Sourced from postcss's releases.
Changelog
Sourced from postcss's changelog.
Commits
65de537Release 8.5.8 versionb2c6d97Run git hook register0ae0a49Update Processor#version6ee9f14Release 8.5.7 version3fbc951Fix uvu Node.js 25 support52db53eUpdate dependencies497daefSpeed up source map annotation cleaning by moving from RegExp41e739aRemove banner1329142chore: speed up space-only string check in lib/parser.js (#2064)23beff9Update dependenciesUpdates
tailwindcssfrom 4.2.0 to 4.2.1Release notes
Sourced from tailwindcss's releases.
Changelog
Sourced from tailwindcss's changelog.
Commits
1dce64e4.2.1 (#19714)d15d92cAllow trailing dash in functional utility names (#19696)Updates
typescript-eslintfrom 8.56.0 to 8.57.0Release notes
Sourced from typescript-eslint's releases.
Changelog
Sourced from typescript-eslint's changelog.
Commits
2c6aeeechore(release): publish 8.57.0f696dadchore: use pnpm catalog (#12047)a09921echore: update vitest to 4.x (#12071)96a04a9chore(release): publish 8.56.1Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditions