chore(deps): bump web-vitals from 2.1.4 to 5.1.0 in /frontend#21
Closed
dependabot[bot] wants to merge 1257 commits into
Closed
chore(deps): bump web-vitals from 2.1.4 to 5.1.0 in /frontend#21dependabot[bot] wants to merge 1257 commits into
dependabot[bot] wants to merge 1257 commits into
Conversation
Create ai_mission_templates with JSONB phases, approval_gates, rejection_mappings, skill_compositions columns. Add mission_template_id and custom_phases to ai_missions.
…solution Ai::MissionTemplate provides phase sequences, approval gates, rejection mappings, and gate names. Ai::Mission resolves phases from template with no hardcoded fallback. RalphTask broadcasts status changes via MissionChannel for real-time updates.
Orchestrator resolves job classes, gate names, and rejection targets from template phase config. New SkillCompositionService creates RalphLoop tasks from discovered skills matched to template phases.
…oints MissionTemplatesController with CRUD. Missions controller gains task_graph, save_as_template, and compose_plan actions. Routes registered in AI namespace.
…ase types Add React Flow task graph with RalphTaskNode/ApprovalGateNode, useMissionTaskGraph hook with real-time WebSocket updates. Clickable PhaseTimeline with phase filtering. Template selection step in NewMissionWizard. MissionPhase changed to string for template-driven phases. Workflow Builder demoted in navigation order.
…ites Add ai_mission_template factory with development/research/operations traits. Update ai_mission factory to auto-assign templates. Rewrite mission model and orchestrator specs for template-driven architecture. Stub WorkerJobService in orchestrator and request specs.
… integration Implement Situation-Task-Action-Result structured reasoning service that forces explicit goal articulation before reasoning begins, surfacing implicit constraints. Wire into AgentToolBridgeService alongside existing chain-of-thought and plan-and-execute modes. Enhance SkillCompositionService with STAR-refined phase queries for richer skill discovery. Fix pre-existing bugs in find_or_create_ralph_loop! (stale loop_type attribute, invalid status).
…composition specs
MCP client agents are now transient — always created fresh per session, archived on disconnect, and blocked from non-workspace teams. Fixes stale agent accumulation and prevents misuse in missions/teams.
SSE streams held a checked-out DB connection for their entire lifetime (hours/days), exhausting the pool and blocking all HTTP requests with ConnectionTimeoutError. Now releases the connection after setup and borrows briefly via with_connection for each keepalive ping.
Merge the separate Devops::Repository model into Devops::GitRepository via 4-stage migration (add columns, migrate data, update FKs, drop table). Update serializer, controllers, factories, and specs accordingly.
…lients Delete Ai::Llm::Client, adapter factory, all provider adapters, and Ai::ProviderClientService with its adapters. Replace with WorkerLlmClient and WorkerEmbeddingClient that proxy LLM calls through the worker service. Add AgentBackedService concern for shared proxy plumbing.
Migrate all AI services from direct Ai::Llm::Client / ProviderClientService calls to WorkerLlmClient and WorkerEmbeddingClient. Services now delegate LLM completions and embeddings to the worker process via HTTP.
…Service Delete all server/app/jobs/ai/ job classes and their specs. These jobs now run in the worker process; the server dispatches them via WorkerJobService HTTP API calls.
Add internal API controllers for self-healing, ralph loops, trajectory, and worktree sessions (worker → server callbacks). Update LLM proxy controller to remove direct completion endpoints. Add provider_config and embedding_config routes for worker credential resolution.
Add 12 AI job classes relocated from server (conversation, worktree, ralph, self-healing, trajectory, merge, conflict detection). Expand LlmProxyClient with direct provider calls using CredentialResolver. Add AI service layer for worker-side LLM operations. Update Sidekiq config with AI-specific queues and scheduled jobs.
Update test helpers, factories, and specs to use WorkerLlmClient stubs instead of direct LLM client mocks. Add WorkerJobService stub helpers. Update AI service specs for proxy-based LLM calls. Add MCP client identity service spec.
…se submodule Minor StepPlanReview UI adjustment, add AI utility agents seed, update maintenance page, and update enterprise submodule pointer.
Use the repository's default_branch instead of the hardcoded column default of "main" when creating missions. Prevents branch creation failures on repos that use master or other default branches.
Add server/config/database.yml.example with pool default of 30. Track .env.mcp.example, .env.production.example, and .env.staging.example by adding !.env.*.example negation to .gitignore. Update RAILS_MAX_THREADS to 10 in all env examples.
…r handling ExtractionService called client.provider.name on WorkerLlmClient which has nil provider when initialized with agent_id only — use provider_name safe accessor instead. StreamableHttpController rescue ArgumentError was catching parameter validation errors and silently returning null via introspection fallback — scope to only catch unknown tool errors.
…alidation Expand .gitleaks.toml allowlist from 12 to 21 path rules and 9 to 18 content regexes to suppress false positives from CI workflows, test fixtures, seed data, and Docker configs. Add gitleaks as step 4/4 in validate.sh with --skip-secrets flag. Add on-demand full-history scan script for security audits across main repo and submodules.
Navigate to mission page with openApproval state flag so the ApprovalGateModal auto-opens instead of just showing the mission detail
…valuators Switch evaluators from market orders to limit orders to reduce adverse spread costs, add stop-loss and take-profit exits across all strategies, cap spread cost estimate at 2%, and return numeric strength from classify_spread_strength.
Disable Sidekiq retry to prevent duplicate execution races, add dispatch sentinel lock to prevent cron/immediate dispatch overlap, check JID liveness before rejecting locks, and only release locks still owned by current JID.
…io-scoped credentials Add enqueue_trading_training_session to WorkerJobService for immediate session dispatch. Update schema to reflect venue credentials scoped to portfolio instead of account.
…quest interceptor Lazy-load PortfolioSwitcherWrapper from trading extension into the Header when on trading routes. Add addRequestInterceptor to APIClient for extension-driven request modification (portfolio ID injection).
…odule Skip cooldown check in llm_probability, agent_ensemble, and sentiment_analysis when training? is true. Prevents false cooldown blocks in fast-tick training mode where tick_interval (8s) < cooldown_seconds (15-60s). Exit checks and position management remain unaffected. Update trading submodule: settlement bypass, fee deduction, compounding defaults, backtest pair registration, paper mode, category blacklist fix.
…cher, and job infrastructure
…te systemd config
… extraction, and evaluator concerns
…chain, and system ops
…, supply chain, reconciliation
Bumps [web-vitals](https://github.com/GoogleChrome/web-vitals) from 2.1.4 to 5.1.0. - [Changelog](https://github.com/GoogleChrome/web-vitals/blob/main/CHANGELOG.md) - [Commits](GoogleChrome/web-vitals@v2.1.4...v5.1.0) --- updated-dependencies: - dependency-name: web-vitals dependency-version: 5.1.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Author
LabelsThe following labels could not be found: Please fix the above issues or remove invalid values from |
Author
|
OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting If you change your mind, just re-open this PR and I'll resolve any conflicts on it. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps web-vitals from 2.1.4 to 5.1.0.
Changelog
Sourced from web-vitals's changelog.
... (truncated)
Commits
1b872cfRelease v5.1.0f6cb466Update CHANGELOG for 5.1.0e5f6e2dRegister visibility-change early (#637)1852851Only finalize LCP on user events (isTrusted=true) (#635)f16c4b4Fallback to default getSelector if custom function is null or undefined (#634)8a54167Release v5.0.361f7c36Update CHANGELOG for 5.0.3e22d23bRemove visibiliytchange event listeners when no longer required (#627)1509d64Upgrade examples in README to v5 (#626)463abbdRelease v5.0.2Maintainer changes
This version was pushed to npm by tunetheweb, a new releaser for web-vitals since your current version.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)