feat: Add Web IDE integration to file explorer #561

jeremyeder · 2026-01-30T05:03:34Z

Summary

Add "Open in Web IDE" button to file tree with hover visibility
Support GitHub.dev for GitHub repositories
Support GitLab Web IDE for GitLab repositories (including self-hosted instances like gitlab.cee.redhat.com)
Auto-detect GitLab instance from repository URL (zero configuration needed)

Changes

New utility: ide-urls.ts - Parses Git URLs (HTTPS/SSH) and generates IDE URLs
FileTree component: Add hover-visible IDE button with external link icon
RepoBrowser component: Thread repository context (repoUrl, currentBranch) to FileTree
Zero infrastructure: Uses URL-based IDE redirects, no backend changes required

Implementation Details

Supports HTTPS and SSH URL formats
Handles .git suffix removal
Automatically detects GitHub vs GitLab from URL
Falls back to environment variable for GitLab instance if needed
Opens IDE in new tab with security flags (noopener, noreferrer)

Test Plan

TypeScript compilation passes
Manual test: Hover over file in GitHub repository → IDE button appears
Manual test: Click button → GitHub.dev opens in new tab
Manual test: Test with GitLab.com repository
Manual test: Test with GitLab CEE (self-hosted) repository
Verify button only shows on hover (reduces UI clutter)
Verify tooltip shows correct IDE name (GitHub.dev vs GitLab Web IDE)

🤖 Generated with Claude Code

- Exclude langfuse credentials from version control - Ignore tar.gz build artifacts - Add example template for langfuse configuration Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

Complete SDK configuration system with documentation, tests, and UI: - Comprehensive SDK documentation (usage, reference, upgrade guides) - AG-UI optimization playbook - Amber skill for SDK expertise - Integration smoketest suite (8 test classes) - SDK configuration loader for runner - Backend API handlers for SDK configuration - Frontend configuration UI panel - Move all SDK docs to docs/sdk-expert/ and docs/claude-agent-sdk/ Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

Proposes implementing Amber background agent using LangGraph for: - Stateful workflow orchestration - Human-in-the-loop approvals - Error resilience with retry policies - Multi-mode operation (on-demand, background, scheduled, webhook) Architecture integrates with AgenticSession CRDs, PostgreSQL checkpointing, and GitHub API via MCP or PyGithub. Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

Analysis of 12 high-value skill opportunities for the platform: - Top 4 recommended skills (Operator, GitLab, Backend, Amber) - Quick wins from existing documentation - ROI calculation and success metrics - Implementation plan and resource requirements Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

Analysis of what makes the codebase LLM-friendly and improvement opportunities: - Rating: 9.2/10 for LLM-readiness - Strengths: .claude/ context, ADRs, skill system - Improvement opportunities: inline docs, trigger comments, task nav Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

…hes (#540) ## Problem Apple Silicon users running `make local-up` experienced: - Slow builds (15-20 min vs 4-6 min) - Crashes: `qemu: uncaught target signal 11 (Segmentation fault)` - Next.js build failures ## Root Cause The `_build-and-load` target was missing `$(PLATFORM_FLAG)` in build commands, causing: 1. Images built without platform → defaulted to amd64 2. On Apple Silicon, amd64 images run via QEMU emulation (4-6x slower) 3. Next.js builds crash under QEMU **Why other targets worked:** Public build targets (`build-frontend`, etc.) correctly included `$(PLATFORM_FLAG)`. Only `make local-up` was broken. ## The Fix Added `$(PLATFORM_FLAG)` to 4 build commands in `_build-and-load`: ```makefile # Before @$(CONTAINER_ENGINE) build -t $(BACKEND_IMAGE) components/backend # After @$(CONTAINER_ENGINE) build $(PLATFORM_FLAG) -t $(BACKEND_IMAGE) components/backend ``` ## Additional Improvements 1. **Auto-detect architecture** - Apple Silicon → `linux/arm64`, Intel → `linux/amd64` 2. **Diagnostic tool** - `make check-architecture` shows detected platform 3. **Documentation** - Troubleshooting guide in `docs/developer/local-development/kind.md` ## Impact **Before:** - Apple Silicon: 15-20 min builds with crashes - Had to manually set `PLATFORM=linux/arm64` (which `local-up` ignored anyway) **After:** - Apple Silicon: 4-6 min builds, no crashes - Auto-detects native architecture - Manual override supported: `make local-up PLATFORM=linux/amd64` ## Testing ```bash make check-architecture # Verify native builds make local-clean make local-up # Should complete in 4-6 min ``` ## Files Changed - `Makefile` - Auto-detect + fix bug - `docs/developer/local-development/kind.md` - Troubleshooting guide - `e2e/scripts/load-images.sh` - Architecture validation 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>

…ive sessions - Introduced a check for interactive sessions to determine how INITIAL_PROMPT is executed on startup. - For non-interactive sessions, INITIAL_PROMPT is auto-executed, while interactive sessions require user initiation. - Enhanced logging to clarify the behavior based on session type (interactive or resumed). These changes improve user experience by providing clearer session management and prompt execution behavior.

## Summary - Add `check-kind` and wire `kind-up` to fail fast when required local CLIs (`kind`, `kubectl`) are missing. ## Test plan - [ ] Run `make kind-up` with `kind` installed. - [ ] Temporarily remove `kind` from `PATH` and confirm `make kind-up` fails with a clear error. - [ ] Temporarily remove `kubectl` from `PATH` and confirm `make kind-up` fails with a clear error. Co-authored-by: bgregor <348865+bobbravo2@users.noreply.github.com>

Removed sleep delay before triggering workflow and updated greeting message to remove reference to systemPrompt. This was causing the agent to stumble around and look for ambient.json for no reason.

Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 4 to 5. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/codecov/codecov-action/releases">codecov/codecov-action's releases</a>.</em></p> <blockquote> <h2>v5.0.0</h2> <h2>v5 Release</h2> <p><code>v5</code> of the Codecov GitHub Action will use the <a href="https://github.com/codecov/wrapper">Codecov Wrapper</a> to encapsulate the <a href="https://github.com/codecov/codecov-cli">CLI</a>. This will help ensure that the Action gets updates quicker.</p> <h3>Migration Guide</h3> <p>The <code>v5</code> release also coincides with the opt-out feature for tokens for public repositories. In the <code>Global Upload Token</code> section of the settings page of an organization in codecov.io, you can set the ability for Codecov to receive a coverage reports from any source. This will allow contributors or other members of a repository to upload without needing access to the Codecov token. For more details see <a href="https://docs.codecov.com/docs/codecov-tokens#uploading-without-a-token">how to upload without a token</a>.</p> <blockquote> <p>[!WARNING]<br /> <strong>The following arguments have been changed</strong></p> <ul> <li><code>file</code> (this has been deprecated in favor of <code>files</code>)</li> <li><code>plugin</code> (this has been deprecated in favor of <code>plugins</code>)</li> </ul> </blockquote> <p>The following arguments have been added:</p> <ul> <li><code>binary</code></li> <li><code>gcov_args</code></li> <li><code>gcov_executable</code></li> <li><code>gcov_ignore</code></li> <li><code>gcov_include</code></li> <li><code>report_type</code></li> <li><code>skip_validation</code></li> <li><code>swift_project</code></li> </ul> <p>You can see their usage in the <code>action.yml</code> <a href="https://github.com/codecov/codecov-action/blob/main/action.yml">file</a>.</p> <h2>What's Changed</h2> <ul> <li>chore(deps): bump to eslint9+ and remove eslint-config-google by <a href="https://github.com/thomasrockhu-codecov"><code>@thomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1591">codecov/codecov-action#1591</a></li> <li>build(deps-dev): bump <code>@octokit/webhooks-types</code> from 7.5.1 to 7.6.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1595">codecov/codecov-action#1595</a></li> <li>build(deps-dev): bump typescript from 5.6.2 to 5.6.3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1604">codecov/codecov-action#1604</a></li> <li>build(deps-dev): bump <code>@typescript-eslint/parser</code> from 8.8.0 to 8.8.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1601">codecov/codecov-action#1601</a></li> <li>build(deps): bump <code>@actions/core</code> from 1.11.0 to 1.11.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1597">codecov/codecov-action#1597</a></li> <li>build(deps): bump github/codeql-action from 3.26.9 to 3.26.11 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1596">codecov/codecov-action#1596</a></li> <li>build(deps-dev): bump <code>@typescript-eslint/eslint-plugin</code> from 8.8.0 to 8.8.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1600">codecov/codecov-action#1600</a></li> <li>build(deps-dev): bump eslint from 9.11.1 to 9.12.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1598">codecov/codecov-action#1598</a></li> <li>build(deps): bump github/codeql-action from 3.26.11 to 3.26.12 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1609">codecov/codecov-action#1609</a></li> <li>build(deps): bump actions/checkout from 4.2.0 to 4.2.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1608">codecov/codecov-action#1608</a></li> <li>build(deps): bump actions/upload-artifact from 4.4.0 to 4.4.3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1607">codecov/codecov-action#1607</a></li> <li>build(deps-dev): bump <code>@typescript-eslint/parser</code> from 8.8.1 to 8.9.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1612">codecov/codecov-action#1612</a></li> <li>build(deps-dev): bump <code>@typescript-eslint/eslint-plugin</code> from 8.8.1 to 8.9.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1611">codecov/codecov-action#1611</a></li> <li>build(deps-dev): bump <code>@typescript-eslint/eslint-plugin</code> from 8.9.0 to 8.10.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1615">codecov/codecov-action#1615</a></li> <li>build(deps-dev): bump eslint from 9.12.0 to 9.13.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1618">codecov/codecov-action#1618</a></li> <li>build(deps): bump github/codeql-action from 3.26.12 to 3.26.13 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1617">codecov/codecov-action#1617</a></li> <li>build(deps-dev): bump <code>@typescript-eslint/parser</code> from 8.9.0 to 8.10.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1614">codecov/codecov-action#1614</a></li> <li>build(deps-dev): bump <code>@typescript-eslint/eslint-plugin</code> from 8.10.0 to 8.11.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1620">codecov/codecov-action#1620</a></li> <li>build(deps-dev): bump <code>@typescript-eslint/parser</code> from 8.10.0 to 8.11.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1619">codecov/codecov-action#1619</a></li> <li>build(deps-dev): bump <code>@types/jest</code> from 29.5.13 to 29.5.14 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1622">codecov/codecov-action#1622</a></li> <li>build(deps): bump actions/checkout from 4.2.1 to 4.2.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1625">codecov/codecov-action#1625</a></li> <li>build(deps): bump github/codeql-action from 3.26.13 to 3.27.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1624">codecov/codecov-action#1624</a></li> <li>build(deps-dev): bump <code>@typescript-eslint/eslint-plugin</code> from 8.11.0 to 8.12.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1626">codecov/codecov-action#1626</a></li> <li>build(deps-dev): bump <code>@typescript-eslint/eslint-plugin</code> from 8.12.1 to 8.12.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1629">codecov/codecov-action#1629</a></li> </ul>  </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md">codecov/codecov-action's changelog</a>.</em></p> <blockquote> <h3>v5 Release</h3> <p><code>v5</code> of the Codecov GitHub Action will use the <a href="https://github.com/codecov/wrapper">Codecov Wrapper</a> to encapsulate the <a href="https://github.com/codecov/codecov-cli">CLI</a>. This will help ensure that the Action gets updates quicker.</p> <h3>Migration Guide</h3> <p>The <code>v5</code> release also coincides with the opt-out feature for tokens for public repositories. In the <code>Global Upload Token</code> section of the settings page of an organization in codecov.io, you can set the ability for Codecov to receive a coverage reports from any source. This will allow contributors or other members of a repository to upload without needing access to the Codecov token. For more details see <a href="https://docs.codecov.com/docs/codecov-tokens#uploading-without-a-token">how to upload without a token</a>.</p> <blockquote> <p>[!WARNING] <strong>The following arguments have been changed</strong></p> <ul> <li><code>file</code> (this has been deprecated in favor of <code>files</code>)</li> <li><code>plugin</code> (this has been deprecated in favor of <code>plugins</code>)</li> </ul> </blockquote> <p>The following arguments have been added:</p> <ul> <li><code>binary</code></li> <li><code>gcov_args</code></li> <li><code>gcov_executable</code></li> <li><code>gcov_ignore</code></li> <li><code>gcov_include</code></li> <li><code>report_type</code></li> <li><code>skip_validation</code></li> <li><code>swift_project</code></li> </ul> <p>You can see their usage in the <code>action.yml</code> <a href="https://github.com/codecov/codecov-action/blob/main/action.yml">file</a>.</p> <h2>What's Changed</h2> <ul> <li>chore(deps): bump to eslint9+ and remove eslint-config-google by <a href="https://github.com/thomasrockhu-codecov"><code>@thomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1591">codecov/codecov-action#1591</a></li> <li>build(deps-dev): bump <code>@octokit/webhooks-types</code> from 7.5.1 to 7.6.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1595">codecov/codecov-action#1595</a></li> <li>build(deps-dev): bump typescript from 5.6.2 to 5.6.3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1604">codecov/codecov-action#1604</a></li> <li>build(deps-dev): bump <code>@typescript-eslint/parser</code> from 8.8.0 to 8.8.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1601">codecov/codecov-action#1601</a></li> <li>build(deps): bump <code>@actions/core</code> from 1.11.0 to 1.11.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1597">codecov/codecov-action#1597</a></li> <li>build(deps): bump github/codeql-action from 3.26.9 to 3.26.11 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1596">codecov/codecov-action#1596</a></li> <li>build(deps-dev): bump <code>@typescript-eslint/eslint-plugin</code> from 8.8.0 to 8.8.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1600">codecov/codecov-action#1600</a></li> <li>build(deps-dev): bump eslint from 9.11.1 to 9.12.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1598">codecov/codecov-action#1598</a></li> <li>build(deps): bump github/codeql-action from 3.26.11 to 3.26.12 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1609">codecov/codecov-action#1609</a></li> <li>build(deps): bump actions/checkout from 4.2.0 to 4.2.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1608">codecov/codecov-action#1608</a></li> <li>build(deps): bump actions/upload-artifact from 4.4.0 to 4.4.3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1607">codecov/codecov-action#1607</a></li> <li>build(deps-dev): bump <code>@typescript-eslint/parser</code> from 8.8.1 to 8.9.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1612">codecov/codecov-action#1612</a></li> <li>build(deps-dev): bump <code>@typescript-eslint/eslint-plugin</code> from 8.8.1 to 8.9.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1611">codecov/codecov-action#1611</a></li> <li>build(deps-dev): bump <code>@typescript-eslint/eslint-plugin</code> from 8.9.0 to 8.10.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1615">codecov/codecov-action#1615</a></li> <li>build(deps-dev): bump eslint from 9.12.0 to 9.13.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1618">codecov/codecov-action#1618</a></li> <li>build(deps): bump github/codeql-action from 3.26.12 to 3.26.13 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1617">codecov/codecov-action#1617</a></li> <li>build(deps-dev): bump <code>@typescript-eslint/parser</code> from 8.9.0 to 8.10.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1614">codecov/codecov-action#1614</a></li> <li>build(deps-dev): bump <code>@typescript-eslint/eslint-plugin</code> from 8.10.0 to 8.11.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1620">codecov/codecov-action#1620</a></li> <li>build(deps-dev): bump <code>@typescript-eslint/parser</code> from 8.10.0 to 8.11.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1619">codecov/codecov-action#1619</a></li> <li>build(deps-dev): bump <code>@types/jest</code> from 29.5.13 to 29.5.14 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1622">codecov/codecov-action#1622</a></li> <li>build(deps): bump actions/checkout from 4.2.1 to 4.2.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1625">codecov/codecov-action#1625</a></li> <li>build(deps): bump github/codeql-action from 3.26.13 to 3.27.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1624">codecov/codecov-action#1624</a></li> <li>build(deps-dev): bump <code>@typescript-eslint/eslint-plugin</code> from 8.11.0 to 8.12.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1626">codecov/codecov-action#1626</a></li> <li>build(deps-dev): bump <code>@typescript-eslint/eslint-plugin</code> from 8.12.1 to 8.12.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1629">codecov/codecov-action#1629</a></li> <li>build(deps-dev): bump <code>@typescript-eslint/parser</code> from 8.11.0 to 8.12.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1628">codecov/codecov-action#1628</a></li> </ul>  </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/codecov/codecov-action/commit/5a1091511ad55cbe89839c7260b706298ca349f7"><code>5a10915</code></a> chore(release): 5.5.1 (<a href="https://redirect.github.com/codecov/codecov-action/issues/1873">#1873</a>)</li> <li><a href="https://github.com/codecov/codecov-action/commit/3e0ce21cac10ce733041970012642db7029d6bde"><code>3e0ce21</code></a> fix: overwrite pr number on fork (<a href="https://redirect.github.com/codecov/codecov-action/issues/1871">#1871</a>)</li> <li><a href="https://github.com/codecov/codecov-action/commit/c4741c819783101819b507e39812c179d04d217a"><code>c4741c8</code></a> build(deps): bump actions/checkout from 4.2.2 to 5.0.0 (<a href="https://redirect.github.com/codecov/codecov-action/issues/1868">#1868</a>)</li> <li><a href="https://github.com/codecov/codecov-action/commit/17370e8added1529d3650d8f4ed93e6854c2a93e"><code>17370e8</code></a> build(deps): bump github/codeql-action from 3.29.9 to 3.29.11 (<a href="https://redirect.github.com/codecov/codecov-action/issues/1867">#1867</a>)</li> <li><a href="https://github.com/codecov/codecov-action/commit/18fdacf0ce3c929a03f3f6fe8e55d31dbf270cfe"><code>18fdacf</code></a> fix: update to use local app/ dir (<a href="https://redirect.github.com/codecov/codecov-action/issues/1872">#1872</a>)</li> <li><a href="https://github.com/codecov/codecov-action/commit/206148c4b8a51281182730813eeed9f6d6f3fb35"><code>206148c</code></a> docs: fix typo in README (<a href="https://redirect.github.com/codecov/codecov-action/issues/1866">#1866</a>)</li> <li><a href="https://github.com/codecov/codecov-action/commit/3cb13a12348ef4ffcf9783ac0f74954f92113e33"><code>3cb13a1</code></a> Document a <code>codecov-cli</code> version reference example (<a href="https://redirect.github.com/codecov/codecov-action/issues/1774">#1774</a>)</li> <li><a href="https://github.com/codecov/codecov-action/commit/a4803c1f8dbe35cac65c28a290b50a809965b471"><code>a4803c1</code></a> build(deps): bump github/codeql-action from 3.28.18 to 3.29.9 (<a href="https://redirect.github.com/codecov/codecov-action/issues/1861">#1861</a>)</li> <li><a href="https://github.com/codecov/codecov-action/commit/3139621497004e9dc1af906e47f2a634047e7bb3"><code>3139621</code></a> build(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 (<a href="https://redirect.github.com/codecov/codecov-action/issues/1833">#1833</a>)</li> <li><a href="https://github.com/codecov/codecov-action/commit/fdcc8476540edceab3de004e990f80d881c6cc00"><code>fdcc847</code></a> chore(release): 5.5.0 (<a href="https://redirect.github.com/codecov/codecov-action/issues/1865">#1865</a>)</li> <li>Additional commits viewable in <a href="https://github.com/codecov/codecov-action/compare/v4...v5">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=codecov/codecov-action&package-manager=github_actions&previous-version=4&new-version=5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> > **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days. Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4 to 6. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/upload-artifact/releases">actions/upload-artifact's releases</a>.</em></p> <blockquote> <h2>v6.0.0</h2> <h2>v6 - What's new</h2> <blockquote> <p>[!IMPORTANT] actions/upload-artifact@v6 now runs on Node.js 24 (<code>runs.using: node24</code>) and requires a minimum Actions Runner version of 2.327.1. If you are using self-hosted runners, ensure they are updated before upgrading.</p> </blockquote> <h3>Node.js 24</h3> <p>This release updates the runtime to Node.js 24. v5 had preliminary support for Node.js 24, however this action was by default still running on Node.js 20. Now this action by default will run on Node.js 24.</p> <h2>What's Changed</h2> <ul> <li>Upload Artifact Node 24 support by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/719">actions/upload-artifact#719</a></li> <li>fix: update <code>@actions/artifact</code> for Node.js 24 punycode deprecation by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/744">actions/upload-artifact#744</a></li> <li>prepare release v6.0.0 for Node.js 24 support by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/745">actions/upload-artifact#745</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/upload-artifact/compare/v5.0.0...v6.0.0">https://github.com/actions/upload-artifact/compare/v5.0.0...v6.0.0</a></p> <h2>v5.0.0</h2> <h2>What's Changed</h2> <p><strong>BREAKING CHANGE:</strong> this update supports Node <code>v24.x</code>. This is not a breaking change per-se but we're treating it as such.</p> <ul> <li>Update README.md by <a href="https://github.com/GhadimiR"><code>@GhadimiR</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/681">actions/upload-artifact#681</a></li> <li>Update README.md by <a href="https://github.com/nebuk89"><code>@nebuk89</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/712">actions/upload-artifact#712</a></li> <li>Readme: spell out the first use of GHES by <a href="https://github.com/danwkennedy"><code>@danwkennedy</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/727">actions/upload-artifact#727</a></li> <li>Update GHES guidance to include reference to Node 20 version by <a href="https://github.com/patrikpolyak"><code>@patrikpolyak</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/725">actions/upload-artifact#725</a></li> <li>Bump <code>@actions/artifact</code> to <code>v4.0.0</code></li> <li>Prepare <code>v5.0.0</code> by <a href="https://github.com/danwkennedy"><code>@danwkennedy</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/734">actions/upload-artifact#734</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/GhadimiR"><code>@GhadimiR</code></a> made their first contribution in <a href="https://redirect.github.com/actions/upload-artifact/pull/681">actions/upload-artifact#681</a></li> <li><a href="https://github.com/nebuk89"><code>@nebuk89</code></a> made their first contribution in <a href="https://redirect.github.com/actions/upload-artifact/pull/712">actions/upload-artifact#712</a></li> <li><a href="https://github.com/danwkennedy"><code>@danwkennedy</code></a> made their first contribution in <a href="https://redirect.github.com/actions/upload-artifact/pull/727">actions/upload-artifact#727</a></li> <li><a href="https://github.com/patrikpolyak"><code>@patrikpolyak</code></a> made their first contribution in <a href="https://redirect.github.com/actions/upload-artifact/pull/725">actions/upload-artifact#725</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/upload-artifact/compare/v4...v5.0.0">https://github.com/actions/upload-artifact/compare/v4...v5.0.0</a></p> <h2>v4.6.2</h2> <h2>What's Changed</h2> <ul> <li>Update to use artifact 2.3.2 package & prepare for new upload-artifact release by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/685">actions/upload-artifact#685</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> made their first contribution in <a href="https://redirect.github.com/actions/upload-artifact/pull/685">actions/upload-artifact#685</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/upload-artifact/compare/v4...v4.6.2">https://github.com/actions/upload-artifact/compare/v4...v4.6.2</a></p> <h2>v4.6.1</h2> <h2>What's Changed</h2> <ul> <li>Update to use artifact 2.2.2 package by <a href="https://github.com/yacaovsnc"><code>@yacaovsnc</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/673">actions/upload-artifact#673</a></li> </ul>  </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/upload-artifact/commit/b7c566a772e6b6bfb58ed0dc250532a479d7789f"><code>b7c566a</code></a> Merge pull request <a href="https://redirect.github.com/actions/upload-artifact/issues/745">#745</a> from actions/upload-artifact-v6-release</li> <li><a href="https://github.com/actions/upload-artifact/commit/e516bc8500aaf3d07d591fcd4ae6ab5f9c391d5b"><code>e516bc8</code></a> docs: correct description of Node.js 24 support in README</li> <li><a href="https://github.com/actions/upload-artifact/commit/ddc45ed9bca9b38dbd643978d88e3981cdc91415"><code>ddc45ed</code></a> docs: update README to correct action name for Node.js 24 support</li> <li><a href="https://github.com/actions/upload-artifact/commit/615b319bd27bb32c3d64dca6b6ed6974d5fbe653"><code>615b319</code></a> chore: release v6.0.0 for Node.js 24 support</li> <li><a href="https://github.com/actions/upload-artifact/commit/017748b48f8610ca8e6af1222f4a618e84a9c703"><code>017748b</code></a> Merge pull request <a href="https://redirect.github.com/actions/upload-artifact/issues/744">#744</a> from actions/fix-storage-blob</li> <li><a href="https://github.com/actions/upload-artifact/commit/38d4c7997f5510fcc41fc4aae2a6b97becdbe7fc"><code>38d4c79</code></a> chore: rebuild dist</li> <li><a href="https://github.com/actions/upload-artifact/commit/7d27270e0cfd253e666c44abac0711308d2d042f"><code>7d27270</code></a> chore: add missing license cache files for <code>@actions/core</code>, <code>@actions/io</code>, and mi...</li> <li><a href="https://github.com/actions/upload-artifact/commit/5f643d3c9475505ccaf26d686ffbfb71a8387261"><code>5f643d3</code></a> chore: update license files for <code>@actions/artifact</code><a href="https://github.com/5"><code>@5</code></a>.0.1 dependencies</li> <li><a href="https://github.com/actions/upload-artifact/commit/1df1684032c88614064493e1a0478fcb3583e1d0"><code>1df1684</code></a> chore: update package-lock.json with <code>@actions/artifact</code><a href="https://github.com/5"><code>@5</code></a>.0.1</li> <li><a href="https://github.com/actions/upload-artifact/commit/b5b1a918401ee270935b6b1d857ae66c85f3be6f"><code>b5b1a91</code></a> fix: update <code>@actions/artifact</code> to ^5.0.0 for Node.js 24 punycode fix</li> <li>Additional commits viewable in <a href="https://github.com/actions/upload-artifact/compare/v4...v6">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/upload-artifact&package-manager=github_actions&previous-version=4&new-version=6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> > **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days. Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…n group across 1 directory (#493) Bumps the npm_and_yarn group with 1 update in the /e2e directory: [qs](https://github.com/ljharb/qs). Updates `qs` from 6.14.0 to 6.14.1 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/ljharb/qs/blob/main/CHANGELOG.md">qs's changelog</a>.</em></p> <blockquote> <h2><strong>6.14.1</strong></h2> <ul> <li>[Fix] ensure arrayLength applies to <code>[]</code> notation as well</li> <li>[Fix] <code>parse</code>: when a custom decoder returns <code>null</code> for a key, ignore that key</li> <li>[Refactor] <code>parse</code>: extract key segment splitting helper</li> <li>[meta] add threat model</li> <li>[actions] add workflow permissions</li> <li>[Tests] <code>stringify</code>: increase coverage</li> <li>[Dev Deps] update <code>eslint</code>, <code>@ljharb/eslint-config</code>, <code>npmignore</code>, <code>es-value-fixtures</code>, <code>for-each</code>, <code>object-inspect</code></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/ljharb/qs/commit/3fa11a5f643c76896387bd2d86904a2d0141fdf7"><code>3fa11a5</code></a> v6.14.1</li> <li><a href="https://github.com/ljharb/qs/commit/a62670423c1ccab0dd83c621bfb98c7c024e314d"><code>a626704</code></a> [Dev Deps] update <code>npmignore</code></li> <li><a href="https://github.com/ljharb/qs/commit/3086902ecf7f088d0d1803887643ac6c03d415b9"><code>3086902</code></a> [Fix] ensure arrayLength applies to <code>[]</code> notation as well</li> <li><a href="https://github.com/ljharb/qs/commit/fc7930e86c2264c1568c9f5606830e19b0bc2af2"><code>fc7930e</code></a> [Dev Deps] update <code>eslint</code>, <code>@ljharb/eslint-config</code></li> <li><a href="https://github.com/ljharb/qs/commit/0b06aac566abee45ef0327667a7cc89e7aed8b58"><code>0b06aac</code></a> [Dev Deps] update <code>@ljharb/eslint-config</code></li> <li><a href="https://github.com/ljharb/qs/commit/64951f6200a1fb72cc003c6e8226dde3d2ef591f"><code>64951f6</code></a> [Refactor] <code>parse</code>: extract key segment splitting helper</li> <li><a href="https://github.com/ljharb/qs/commit/e1bd2599cdff4c936ea52fb1f16f921cbe7aa88c"><code>e1bd259</code></a> [Dev Deps] update <code>@ljharb/eslint-config</code></li> <li><a href="https://github.com/ljharb/qs/commit/f4b3d39709fef6ddbd85128d1ba4c6b566c4902e"><code>f4b3d39</code></a> [eslint] add eslint 9 optional peer dep</li> <li><a href="https://github.com/ljharb/qs/commit/6e94d9596ca50dffafcef40a5f64eca89962cf34"><code>6e94d95</code></a> [Dev Deps] update <code>eslint</code>, <code>@ljharb/eslint-config</code>, <code>npmignore</code></li> <li><a href="https://github.com/ljharb/qs/commit/973dc3c51c86da9f4e30edeb4b1725158d439102"><code>973dc3c</code></a> [actions] add workflow permissions</li> <li>Additional commits viewable in <a href="https://github.com/ljharb/qs/compare/v6.14.0...v6.14.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=qs&package-manager=npm_and_yarn&previous-version=6.14.0&new-version=6.14.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/ambient-code/platform/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/ambient-code/platform/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

## Automated Fix by Amber Agent This PR addresses issue #409 using the Amber background agent. ### Changes Summary - **Action Type:** auto-fix - **Commit:** 4e2b407 - **Triggered by:** Issue label/command ### Pre-merge Checklist - [ ] All linters pass - [ ] All tests pass - [ ] Changes follow project conventions (CLAUDE.md) - [ ] No scope creep beyond issue description ### Reviewer Notes This PR was automatically generated. Please review: 1. Code quality and adherence to standards 2. Test coverage for changes 3. No unintended side effects --- 🤖 Generated with [Amber Background Agent](https://github.com/ambient-code/platform/blob/main/docs/amber-automation.md) Closes #409 Co-authored-by: Amber Agent <amber@ambient-code.ai> Co-authored-by: Claude <noreply@anthropic.com>

…updates (#549) Bumps the npm_and_yarn group with 1 update in the /components/frontend directory: [next](https://github.com/vercel/next.js). Bumps the npm_and_yarn group with 1 update in the /e2e directory: [lodash](https://github.com/lodash/lodash). Updates `next` from 15.5.9 to 16.1.5 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/vercel/next.js/releases">next's releases</a>.</em></p> <blockquote> <h2>v16.1.5</h2> <p>Please refer the following changelogs for more information about this security release:</p> <p><a href="https://vercel.com/changelog/summaries-of-cve-2025-59471-and-cve-2025-59472">https://vercel.com/changelog/summaries-of-cve-2025-59471-and-cve-2025-59472</a> <a href="https://vercel.com/changelog/summary-of-cve-2026-23864">https://vercel.com/changelog/summary-of-cve-2026-23864</a></p> <h2>v16.1.4</h2> <blockquote> <p>[!NOTE] This release is backporting bug fixes. It does <strong>not</strong> include all pending features/changes on canary.</p> </blockquote> <h3>Core Changes</h3> <ul> <li>Only filter next config if experimental flag is enabled (<a href="https://redirect.github.com/vercel/next.js/issues/88733">#88733</a>)</li> </ul> <h3>Credits</h3> <p>Huge thanks to <a href="https://github.com/mischnic"><code>@mischnic</code></a> for helping!</p> <h2>v16.1.3</h2> <blockquote> <p>[!NOTE] This release is backporting bug fixes. It does <strong>not</strong> include all pending features/changes on canary.</p> </blockquote> <h3>Core Changes</h3> <ul> <li>Fix linked list bug in LRU deleteFromLru (<a href="https://redirect.github.com/vercel/next.js/issues/88652">#88652</a>)</li> <li>Fix relative same host redirects in node middleware (<a href="https://redirect.github.com/vercel/next.js/issues/88253">#88253</a>)</li> </ul> <h3>Credits</h3> <p>Huge thanks to <a href="https://github.com/acdlite"><code>@acdlite</code></a> and <a href="https://github.com/ijjk"><code>@ijjk</code></a> for helping!</p> <h2>v16.1.2</h2> <blockquote> <p>[!NOTE] This release is backporting bug fixes. It does <strong>not</strong> include all pending features/changes on canary.</p> </blockquote> <h3>Core Changes</h3> <ul> <li>Turbopack: Update to swc_core v50.2.3 (<a href="https://redirect.github.com/vercel/next.js/issues/87841">#87841</a>) (<a href="https://redirect.github.com/vercel/next.js/issues/88296">#88296</a>) <ul> <li>Fixes a crash when processing mdx files with multibyte characters. (<a href="https://redirect.github.com/vercel/next.js/issues/87713">#87713</a>)</li> </ul> </li> <li>Turbopack: <a href="https://microsoft.github.io/mimalloc/">mimalloc</a> upgrade and enabling it on musl (<a href="https://redirect.github.com/vercel/next.js/issues/88503">#88503</a>) (<a href="https://redirect.github.com/vercel/next.js/issues/87815">#87815</a>) (<a href="https://redirect.github.com/vercel/next.js/issues/88426">#88426</a>) <ul> <li>Fixes <a href="https://redirect.github.com/vercel/next.js/pull/88426">a significant performance issue</a> on musl-based Linux distributions (e.g. Alpine in Docker) related to musl's allocator.</li> <li>Other platforms have always used mimalloc, but we previously did not use mimalloc on musl because of compilation issues that have since been resolved.</li> </ul> </li> </ul> <h3>Credits</h3> <p>Huge thanks to <a href="https://github.com/mischnic"><code>@mischnic</code></a> for helping!</p> <h2>v16.1.1</h2> <blockquote> <p>[!NOTE] This release is backporting bug fixes. It does <strong>not</strong> include all pending features/changes on canary.</p> </blockquote>  </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/vercel/next.js/commit/acba4a6b9f48e0a067c592dac322410c0e122018"><code>acba4a6</code></a> v16.1.5</li> <li><a href="https://github.com/vercel/next.js/commit/e1d1fc6525ef74b2bf78149f1669c2eab437c06a"><code>e1d1fc6</code></a> Add maximum size limit for postponed body parsing (<a href="https://redirect.github.com/vercel/next.js/issues/88175">#88175</a>)</li> <li><a href="https://github.com/vercel/next.js/commit/500ec83743639addceaede95e95913398975156c"><code>500ec83</code></a> fetch(next/image): reduce maximumResponseBody from 300MB to 50MB (<a href="https://redirect.github.com/vercel/next.js/issues/88588">#88588</a>)</li> <li><a href="https://github.com/vercel/next.js/commit/1caaca3cdbd2da76698bb9e60ff07d21a6fb6e77"><code>1caaca3</code></a> feat(next/image)!: add <code>images.maximumResponseBody</code> config (<a href="https://redirect.github.com/vercel/next.js/issues/88183">#88183</a>)</li> <li><a href="https://github.com/vercel/next.js/commit/522ed840be26899bb88e73e2a5d3695f3c640d22"><code>522ed84</code></a> Sync DoS mitigations for React Flight</li> <li><a href="https://github.com/vercel/next.js/commit/8cad197c76dd9583b1a6d52f5e423e7075f6bee9"><code>8cad197</code></a> [backport][cna] Ensure created app is not considered the workspace root in pn...</li> <li><a href="https://github.com/vercel/next.js/commit/27186615d7c792f2c6627d3ac750d14951221e4c"><code>2718661</code></a> Backport/docs fixes (<a href="https://redirect.github.com/vercel/next.js/issues/89031">#89031</a>)</li> <li><a href="https://github.com/vercel/next.js/commit/53336250b3a4b2b23198aaa9cf9549f9fff1bb39"><code>5333625</code></a> Backport/docs fixes 16.1.5 (<a href="https://redirect.github.com/vercel/next.js/issues/88916">#88916</a>)</li> <li><a href="https://github.com/vercel/next.js/commit/60de6c21144a78622eb8c4763f364fcb59f7aa59"><code>60de6c2</code></a> v16.1.4</li> <li><a href="https://github.com/vercel/next.js/commit/5f75d22b804d444d6c27240f5f7af32aee4a8f92"><code>5f75d22</code></a> backport: Only filter next config if experimental flag is enabled (<a href="https://redirect.github.com/vercel/next.js/issues/88733">#88733</a>) (#...</li> <li>Additional commits viewable in <a href="https://github.com/vercel/next.js/compare/v15.5.9...v16.1.5">compare view</a></li> </ul> </details> <br /> Updates `lodash` from 4.17.21 to 4.17.23 <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/lodash/lodash/commit/dec55b7a3b382da075e2eac90089b4cd00a26cbb"><code>dec55b7</code></a> Bump main to v4.17.23 (<a href="https://redirect.github.com/lodash/lodash/issues/6088">#6088</a>)</li> <li><a href="https://github.com/lodash/lodash/commit/19c9251b3631d7cf220b43bc757eb33f1084f117"><code>19c9251</code></a> fix: setCacheHas JSDoc return type should be boolean (<a href="https://redirect.github.com/lodash/lodash/issues/6071">#6071</a>)</li> <li><a href="https://github.com/lodash/lodash/commit/b5e672995ae26929d111a6e94589f8d03fb8e578"><code>b5e6729</code></a> jsdoc: Add -0 and BigInt zeros to _.compact falsey values list (<a href="https://redirect.github.com/lodash/lodash/issues/6062">#6062</a>)</li> <li><a href="https://github.com/lodash/lodash/commit/edadd452146f7e4bad4ea684e955708931d84d81"><code>edadd45</code></a> Prevent prototype pollution on baseUnset function</li> <li><a href="https://github.com/lodash/lodash/commit/4879a7a7d0a4494b0e83c7fa21bcc9fc6e7f1a6d"><code>4879a7a</code></a> doc: fix autoLink function, conversion of source links (<a href="https://redirect.github.com/lodash/lodash/issues/6056">#6056</a>)</li> <li><a href="https://github.com/lodash/lodash/commit/9648f692b0fc7c2f6a7a763d754377200126c2e8"><code>9648f69</code></a> chore: remove <code>yarn.lock</code> file (<a href="https://redirect.github.com/lodash/lodash/issues/6053">#6053</a>)</li> <li><a href="https://github.com/lodash/lodash/commit/dfa407db0bf5b200f2c7a9e4f06830ceaf074be9"><code>dfa407d</code></a> ci: remove legacy configuration files (<a href="https://redirect.github.com/lodash/lodash/issues/6052">#6052</a>)</li> <li><a href="https://github.com/lodash/lodash/commit/156e1965ae78b121a88f81178ab81632304e8d64"><code>156e196</code></a> feat: add renovate setup (<a href="https://redirect.github.com/lodash/lodash/issues/6039">#6039</a>)</li> <li><a href="https://github.com/lodash/lodash/commit/933e1061b8c344d3fc742cdc400175d5ffc99bce"><code>933e106</code></a> ci: add pipeline for Bun (<a href="https://redirect.github.com/lodash/lodash/issues/6023">#6023</a>)</li> <li><a href="https://github.com/lodash/lodash/commit/072a807ff7ad8ffc7c1d2c3097266e815d138e20"><code>072a807</code></a> docs: update links related to Open JS Foundation (<a href="https://redirect.github.com/lodash/lodash/issues/5968">#5968</a>)</li> <li>Additional commits viewable in <a href="https://github.com/lodash/lodash/compare/4.17.21...4.17.23">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/ambient-code/platform/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Small usability fix. In 1/16 user test, user reported that lefthand column was not scrollable. The data they wanted to see was pushed out of the view and was inaccessible. <img width="496" height="790" alt="image" src="https://github.com/user-attachments/assets/55104858-4ab3-4531-bc4d-46eac87bc0ea" /> Now the column is scrollable... https://github.com/user-attachments/assets/83c443d8-485a-4e9c-a348-5ae0ccacdaba

## Summary Fixes e2e test failures by ensuring ANTHROPIC_API_KEY flows from GitHub secrets through to Cypress tests. ## Problem The e2e test suite was failing with: ``` Error: ANTHROPIC_API_KEY not set in e2e/.env - agent testing cannot proceed ``` Investigation revealed: - ✅ GitHub secret `ANTHROPIC_API_KEY` exists in repository (verified with `gh secret list`) - ✅ Workflow correctly passes it to the step (`.github/workflows/e2e.yml` line 205) - ✅ `deploy.sh` receives and uses it (lines 73-88) - ❌ **`run-tests.sh` was not passing it to the npm test process** ## Root Cause Environment variables in shell scripts must be explicitly passed to child processes. The `run-tests.sh` script had `ANTHROPIC_API_KEY` available in its environment but wasn't forwarding it to the `npm test` child process. ## Solution Added `ANTHROPIC_API_KEY` to the environment variables passed to `npm test` in `e2e/scripts/run-tests.sh`: ```bash # Before CYPRESS_TEST_TOKEN="$TEST_TOKEN" \ CYPRESS_BASE_URL="$CYPRESS_BASE_URL" \ npm test # After CYPRESS_TEST_TOKEN="$TEST_TOKEN" \ CYPRESS_BASE_URL="$CYPRESS_BASE_URL" \ ANTHROPIC_API_KEY="${ANTHROPIC_API_KEY:-}" \ npm test ``` ## Flow ``` GitHub Secret (✓ exists) → Workflow step (✓ receives it) → run-tests.sh (✓ has it) → npm test (✓ now explicitly passed) → cypress.config.ts (✓ receives it) → Test succeeds ✅ ``` ## Changes - Modified `e2e/scripts/run-tests.sh` line 68 - Added `ANTHROPIC_API_KEY="${ANTHROPIC_API_KEY:-}"` to npm test invocation ## Testing The agent interaction test will now run successfully when: - PR modifies component code (triggering e2e workflow) - `ANTHROPIC_API_KEY` GitHub secret is configured - Tests need to interact with the Claude API ## Related Issue Fixes: https://github.com/ambient-code/platform/actions/runs/21425660449 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>

## Summary This PR fixes RHOAIENG-46361 by making the chat window display messages in a monospace system font. ## Changes - Added `font-mono` class to the message content div in `components/frontend/src/components/ui/message.tsx:219` - The input box styling remains unchanged as requested - Both bot and user messages now display in monospace font ## Testing - ✅ Build passes - ✅ Linter passes - ✅ Change is minimal and focused ## Related - Jira: RHOAIENG-46361 --- 🤖 Generated with Claude Code Co-authored-by: Gkrumbach07 <gkrumbach07@users.noreply.github.com> Co-authored-by: Claude (claude-sonnet-4-5) <noreply@anthropic.com>

## Summary Fixes username display in the top-right corner to show clean username instead of `user@cluster.local` format. ## Problem The `X-Forwarded-Preferred-Username` header contains values like `gkrumbac@cluster.local`, and the frontend API endpoint was using this value directly for `displayName`, causing the UI to show `gkrumbac@cluster.local` instead of just `gkrumbac`. ## Solution Modified `components/frontend/src/app/api/me/route.ts` to strip everything after the `@` symbol from the displayName while preserving the original username field unchanged. ## Changes - Added logic to split displayName by `@` and take the first part - Handles edge cases: - Usernames without `@` symbol (passthrough) - Multiple `@` symbols (takes first part) - Email addresses (strips domain) - Empty/undefined values (fallback preserved) - Maintains backward compatibility ## Testing The fix handles all expected scenarios: - `gkrumbac@cluster.local` → displays as `gkrumbac` ✓ - `user@apps-crc.testing` → displays as `user` ✓ - `username` → displays as `username` ✓ - Email addresses → strips domain appropriately ✓ ## Related Issue Fixes: https://issues.redhat.com/browse/RHOAIENG-39110 Co-authored-by: Gkrumbach07 <gkrumbach07@users.noreply.github.com> Co-authored-by: Claude (claude-sonnet-4-5) <noreply@anthropic.com>

…440) ## Automated Fix by Amber Agent This PR addresses issue #439 using the Amber background agent. ### Changes Summary - **Action Type:** auto-fix - **Commit:** ab87ed5 - **Triggered by:** Issue label/command ### Pre-merge Checklist - [ ] All linters pass - [ ] All tests pass - [ ] Changes follow project conventions (CLAUDE.md) - [ ] No scope creep beyond issue description ### Reviewer Notes This PR was automatically generated. Please review: 1. Code quality and adherence to standards 2. Test coverage for changes 3. No unintended side effects --- 🤖 Generated with [Amber Background Agent](https://github.com/ambient-code/platform/blob/main/docs/amber-automation.md) Closes #439 Co-authored-by: Amber Agent <amber@ambient-code.ai> Co-authored-by: Claude <noreply@anthropic.com> Co-authored-by: Jeremy Eder <jeder@redhat.com>

…539) ## Summary Changes the Claude Code runner to use a hybrid system prompt approach that combines the built-in `claude_code` prompt from the Claude Agent SDK with workspace-specific context. ### Changes Made **Code Changes:** - Modified `adapter.py` (lines 508-511) to use array-based `system_prompt_config` - First element: `"claude_code"` (built-in SDK prompt with standard capabilities) - Second element: workspace context (repos, workflows, artifacts, branches, etc.) **Documentation:** - Added comprehensive `README.md` for the claude-code-runner component - Documented system prompt configuration approach and rationale - Included complete environment variables reference - Added development, testing, and API documentation - Documented recent changes section for historical context ### Benefits ✅ **Better SDK Alignment**: Uses the official Claude Code system prompt as intended ✅ **Maintains Context**: Preserves workspace-specific information (repos, workflows, branches) ✅ **No Breaking Changes**: Existing functionality continues to work ✅ **Improved Clarity**: Clear separation between standard and custom instructions ### Before ```python system_prompt_config = {"type": "text", "text": workspace_prompt} ``` ### After ```python system_prompt_config = [ "claude_code", {"type": "text", "text": workspace_prompt} ] ``` ### What Claude Now Receives 1. **Base Claude Code Prompt**: Standard instructions, tool definitions, and behavioral guidelines from the SDK 2. **Workspace Context**: Session-specific information including: - Repository locations and structure - Active workflow details - Artifacts and upload directories - Git branch information and auto-push instructions - MCP integration setup guidance - Custom workflow instructions from `ambient.json` ## Test Plan - [ ] Verify adapter.py changes don't break existing tests - [ ] Test that Claude receives both system prompts correctly - [ ] Confirm workspace context is still available to Claude - [ ] Validate no breaking changes in session behavior - [ ] Check that documentation builds correctly ## Files Changed - `components/runners/claude-code-runner/adapter.py` (4 lines modified) - `components/runners/claude-code-runner/README.md` (245 lines added - new file) 🤖 Generated with [Claude Code](https://claude.com/claude-code) --------- Co-authored-by: Claude Code <claude@ambient.run> Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>

## Summary Fixes URLs not being rendered as clickable hyperlinks in chat messages. ## Changes - Added custom anchor (`a`) component to `defaultComponents` in `message.tsx` - Configured links to open in new tab (`target="_blank"`) - Added security headers (`rel="noopener noreferrer"`) - Applied primary color styling with hover underline effect ## Technical Details The `remarkGfm` plugin auto-links URLs in markdown, but without a custom anchor component they weren't properly styled or configured for external links. This fix ensures all URLs are: - Clickable - Open in new tabs - Secure (with `noopener noreferrer`) - Styled consistently with the design system ## Testing Verified that: - ✅ Frontend builds successfully - ✅ Linter passes - ✅ URLs render as clickable links - ✅ Links open in new tab - ✅ Security headers are present ## Related Issue Fixes: https://issues.redhat.com/browse/RHOAIENG-39106 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-authored-by: Claude <claude@anthropic.com>

## Summary Fixes [RHOAIENG-39115](https://issues.redhat.com/browse/RHOAIENG-39115) - Slash commands now render in the order specified in the custom workflow template instead of alphabetically. ## Problem Slash commands were rendering alphabetically in the dashboard UI, ignoring the order specified in the custom workflow template. This occurred because the backend used `os.ReadDir()` which returns files in filesystem order (typically alphabetical), with no mechanism to preserve intentional ordering. ## Solution Added support for an `order` field in command frontmatter: - Backend parses `order` field from YAML frontmatter in `.claude/commands/*.md` files - Commands are sorted by the `order` field before being returned to the frontend - Commands without an `order` field default to MaxInt (appear at the end) - Alphabetical fallback when orders are equal ensures consistent ordering ## Changes **File Modified:** `components/backend/handlers/content.go` - Added `sort` and `strconv` imports - Modified `ContentWorkflowMetadata()` to parse `order` field from frontmatter - Implemented sorting logic for commands array based on order field - Added fallback logic for missing or equal order values ## Example Usage Commands can now specify order in their frontmatter: ```yaml --- displayName: "Create RFE" description: "Start RFE creation process" order: 1 --- ``` ## Backward Compatibility ✅ Fully backward compatible: - Existing workflows without `order` fields continue to work - Commands without order appear at the end (alphabetically sorted among themselves) - No breaking changes to existing API or data structures ## Testing Notes The implementation handles edge cases: - Invalid order values (non-numeric) are gracefully ignored - Empty order field defaults to MaxInt - Type assertions with proper fallbacks in sorting function - Alphabetical ordering when order values are equal 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-authored-by: Claude (claude-sonnet-4-5) <noreply@anthropic.com> Co-authored-by: Jeremy Eder <jeder@redhat.com>

## Summary Added comprehensive architecture diagrams to improve platform documentation: - **System Overview**: High-level view of all components and their interactions - **Session Lifecycle**: Detailed 17-step flow from session creation through cleanup - **Diagram Index**: Organized reference page for all architecture diagrams - **GitHub Actions Workflow**: Automated Mermaid syntax validation before releases ## Details ### Architecture Diagrams #### 1. System Overview (`system-overview.md` + `system-overview.mmd`) - Shows all major platform layers: User, Frontend, API, Kubernetes Control Plane, Execution, Storage - Uses neutral/grayscale theme for accessibility and printing - Documents 10-step data flow and key design principles - Recommended for onboarding, presentations, and deployment planning #### 2. Session Lifecycle (`session-lifecycle.md` + `session-lifecycle.mmd`) - Complete 17-step sequence from user request through results display - Includes error handling paths (execution errors, timeout scenarios) - Typical execution times documented for each phase - Recommended for troubleshooting, feature design, and understanding execution model #### 3. Diagram Index (`docs/architecture/diagrams/index.md`) - Centralized documentation for all architecture diagrams - Explains use cases, diagram conventions, and maintenance procedures - Cross-references existing diagrams (Platform Architecture, Component Structure, etc.) - Guides on when to reference each diagram ### GitHub Actions Workflow Added `.github/workflows/mermaid-lint.yml` for automated validation: - Validates Mermaid syntax on every PR and push to main - Checks for broken diagram references in documentation - Runs `mermaid-cli` to catch syntax errors before release - Includes markdown link validation ### Navigation Updates Updated `mkdocs.yml` to add Architecture section with Diagrams subsection: - `Architecture > Overview` - Main architecture documentation - `Architecture > Diagrams > Index` - Diagram reference guide - `Architecture > Diagrams > System Overview` - Component overview - `Architecture > Diagrams > Session Lifecycle` - Execution flow ## Design Decisions - **Neutral/Grayscale Theme**: Ensures high contrast, accessibility for color-blind users, and print-friendly output (vs. colored theme) - **Mermaid Format**: Enables version control, easy updates, and integration with documentation builds - **Separate .md files**: Descriptive documentation accompanies each diagram for context and guidance ## Testing - All Mermaid diagrams validated with `mermaid-cli` - MkDocs build succeeds with new diagrams and navigation - Cross-references between pages verified - Navigation hierarchy tested ## Checklist - [x] Architecture diagrams created with Mermaid (system-overview, session-lifecycle) - [x] Descriptive documentation pages for each diagram - [x] GitHub Actions workflow for Mermaid linting - [x] MkDocs navigation updated with Architecture section - [x] Neutral/grayscale theme applied for accessibility - [x] Cross-references between diagrams and documentation - [x] All builds and tests passing --- Generated with Claude Code --------- Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>

…it operations (#541) The 503 error when adding GitLab repositories occurred because session handlers only attached GitHub tokens, not GitLab tokens. This adds X-GitLab-Token header support throughout the git operation flow. - Add GetGitLabToken package variable and wire it in main.go - Update session handlers to attach both GitHub and GitLab tokens - Add getGitLabTokenFromContext and getGitTokenForURL helpers in content.go - Update content handlers to use provider-aware token selection - Update runner /repos/add endpoint to accept token headers --------- Co-authored-by: Ambient Session <ambient@anthropic.com> Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>

Add "Open in Web IDE" button to file tree with support for: - GitHub.dev for GitHub repositories - GitLab Web IDE for GitLab repositories (including self-hosted instances) Changes: - Create ide-urls.ts utility for parsing Git URLs and generating IDE URLs - Add hover-visible IDE button to file tree items - Thread repository context (repoUrl, currentBranch) through FileTree component - Support automatic GitLab instance detection from repository URLs Zero infrastructure setup required - uses URL-based IDE redirects. Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

github-actions · 2026-01-30T05:08:32Z

Claude Code Review

Summary

This PR adds Web IDE integration to the file explorer, along with significant backend SDK configuration infrastructure. The feature allows users to open files directly in GitHub.dev or GitLab Web IDE from the repository browser.

Main Components:

Frontend: Web IDE button in file tree with URL generation utilities
Backend: SDK configuration endpoints with database persistence (GORM)
Documentation: Extensive SDK expert system and architecture diagrams

Overall Assessment: The Web IDE integration feature is well-implemented and follows frontend standards. However, the backend SDK configuration system has critical security and architecture violations that must be addressed before merge.

Issues by Severity

Blocker Issues

Backend SDK Config: Missing User Token Authentication

File: components/backend/pkg/handlers/sdk_config.go
Lines: 43-70, 74-114, 117-133
Issue: All SDK configuration endpoints use c.GetString("user_id") from context WITHOUT validating user token via GetK8sClientsForRequest(c)
Violation: CLAUDE.md Critical Rule Outcome: Reduce Refinement Time with agent System #1 - User Token Authentication Required
Pattern: .claude/patterns/k8s-client-usage.md - Pattern 1
Security Risk: Unauthenticated users could access/modify SDK configs if user_id is spoofed

Backend SDK Config: Wrong Architecture Pattern

File: components/backend/pkg/handlers/sdk_config.go
Issue: Uses GORM database for user configuration storage
Violation: Platform uses Kubernetes Custom Resources for ALL configuration (see ProjectSettings CR)
Architecture: This breaks the Kubernetes-native pattern established in CLAUDE.md
Fix Required: Store SDK config in ProjectSettings CR spec.sdkConfiguration field, not a separate GORM database
Impact: Introduces database dependency that doesn't exist elsewhere in the platform

Frontend: any Type Violation

File: components/frontend/src/components/settings/SDKConfigurationPanel.tsx:320
Code: onValueChange={(value: any) => ...}
Violation: Frontend Development Standards - Critical Rule Outcome: Reduce Refinement Time with agent System #1 (Zero any Types)

Critical Issues

Backend SDK Config: Missing RBAC Validation

File: components/backend/pkg/handlers/sdk_config.go:43-70
Issue: No RBAC check before reading/writing SDK configuration
Violation: Security Standards - RBAC Enforcement Pattern 1

Backend Content Handler: GitLab Token Not Used in All Git Operations

File: components/backend/handlers/content.go:93-145
Issue: getGitTokenForURL function exists but only used in ContentGitPush
Impact: GitLab operations in other endpoints will fail or use wrong token

Frontend SDK Panel: No Error Handling for Failed Fetch

File: components/frontend/src/components/settings/SDKConfigurationPanel.tsx:74-88
Issue: loadConfiguration catches error but doesn't show user feedback
Pattern Violation: Frontend standards require error states

Backend SDK Config: Test Function is Placeholder

File: components/backend/pkg/handlers/sdk_config.go:265-269
Code: // TODO: Implement actual MCP server connectivity test
Impact: Users will see "connected" even if MCP server is unreachable

Major Issues

Frontend IDE Integration: Missing TypeScript Strict Null Checks

File: components/frontend/src/utils/ide-urls.ts:12-53
Issue: parseGitUrl returns RepoInfo | null but functions using it don't always check for null

Frontend File Tree: Prop Threading Could Use Context

File: components/frontend/src/components/file-tree.tsx:66-70
Better Pattern: Use React Context for repository information

Frontend SDK Panel: Manual Fetch Instead of React Query

File: components/frontend/src/components/settings/SDKConfigurationPanel.tsx:78-88
Violation: Frontend Critical Rule Epic: Data Source Integration #3 - React Query for ALL Data Operations

Documentation: Extensive Files Without Clear Integration Path

Files: docs/sdk-expert/, docs/claude-agent-sdk/, .ambient/skills/claude-sdk-expert/*
Issue: 2000+ lines of new documentation without clear links from main docs
Impact: Discoverability problem

Positive Highlights

✅ Web IDE Integration Design:

Clean separation of concerns: ide-urls.ts utility is pure, testable logic
Supports both GitHub and GitLab with auto-detection
Hover-only button reduces UI clutter
Opens in new tab with security flags (noopener,noreferrer)

✅ Frontend Code Quality:

File tree component follows Shadcn UI patterns consistently
Proper use of TypeScript types (except one any violation)
Good user experience with tooltips and visual feedback

✅ Git Provider Abstraction:

types.DetectProvider pattern in backend is clean
Multi-provider token selection function is reusable

✅ Documentation Depth:

Comprehensive SDK documentation
Clear architecture diagrams with Mermaid

✅ Security Awareness:

Path traversal protection in content.go
Token redaction patterns maintained
Window.open security flags

Recommendations

Must Fix Before Merge (Blockers + Critical)

Backend SDK Config - Security Rewrite:
- Add GetK8sClientsForRequest(c) to ALL endpoints
- Add RBAC validation checks
- Migrate from GORM to ProjectSettings CR
- Reference: components/backend/handlers/sessions.go:180-226 for proper pattern
Frontend any Type: Fix line 320 type annotation
Git Token Consistency: Use getGitTokenForURL in all git operation handlers
Frontend Data Fetching: Convert manual fetch to React Query hooks

Recommended Improvements

Testing: Add unit tests for ide-urls.ts and SDK config validation
Documentation: Link new SDK docs from main navigation
Code Organization: Move SDK config to components/backend/handlers/settings.go

Security Review Summary

Authentication: ❌ Missing user token validation (BLOCKER)
Authorization: ❌ Missing RBAC checks (CRITICAL)
Token Handling: ✅ Good token redaction patterns
Input Validation: ✅ Path traversal protection
Container Security: N/A (frontend-only feature)

Next Steps

For Approval: Fix blockers #1, #2, #3 and critical issues #4-7.

Architecture Decision Needed: Should SDK configuration:

A) Live in ProjectSettings CR (matches platform pattern) ✅ Recommended
B) Use separate GORM database (introduces new dependency) ❌ Not recommended

Estimated Effort: 4-6 hours to fix blockers and critical issues.

🤖 Generated with Claude Code (Sonnet 4.5) following CLAUDE.md standards and memory system context.

🔍 View AI decision process (logs available for 90 days)

📋 View memory system files loaded (click to expand)

What Amber Loaded for Code Review

Amber automatically loaded these repository standards from the memory system:

CLAUDE.md - Master project instructions, development standards
backend-development.md - Go backend, K8s integration patterns
frontend-development.md - NextJS, Shadcn UI, React Query patterns
security-standards.md - Auth, RBAC, token handling
k8s-client-usage.md - User token vs service account patterns
error-handling.md - Consistent error patterns
react-query-usage.md - Data fetching patterns

Impact: This review used your repository's specific code quality standards, security patterns, and best practices from the memory system (PRs #359, #360) - not just generic code review guidelines.

jeremyeder and others added 27 commits January 28, 2026 00:20

chore: Update .gitignore for credentials and build artifacts

01abef8

- Exclude langfuse credentials from version control - Ignore tar.gz build artifacts - Add example template for langfuse configuration Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

Refactor workflow trigger and update greeting message (#548)

55aca32

Removed sleep delay before triggering workflow and updated greeting message to remove reference to systemPrompt. This was causing the agent to stumble around and look for ambient.json for no reason.

bobbravo2 added this to the v0.0.20 milestone Jan 30, 2026

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

feat: Add Web IDE integration to file explorer #561

feat: Add Web IDE integration to file explorer #561

Uh oh!

jeremyeder commented Jan 30, 2026

Uh oh!

github-actions bot commented Jan 30, 2026 •

edited

Loading

What Amber Loaded for Code Review

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

6 participants

feat: Add Web IDE integration to file explorer #561

Are you sure you want to change the base?

feat: Add Web IDE integration to file explorer #561

Uh oh!

Conversation

jeremyeder commented Jan 30, 2026

Summary

Changes

Implementation Details

Test Plan

Uh oh!

github-actions bot commented Jan 30, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Claude Code Review

Summary

Issues by Severity

Blocker Issues

Critical Issues

Major Issues

Positive Highlights

Recommendations

Must Fix Before Merge (Blockers + Critical)

Recommended Improvements

Security Review Summary

Next Steps

What Amber Loaded for Code Review

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

6 participants

github-actions bot commented Jan 30, 2026 •

edited

Loading