chore(deps): bump the production-deps group in /worker with 3 updates#9
Closed
dependabot[bot] wants to merge 1273 commits intodevelopfrom
Closed
chore(deps): bump the production-deps group in /worker with 3 updates#9dependabot[bot] wants to merge 1273 commits intodevelopfrom
dependabot[bot] wants to merge 1273 commits intodevelopfrom
Conversation
Migrate all AI services from direct Ai::Llm::Client / ProviderClientService calls to WorkerLlmClient and WorkerEmbeddingClient. Services now delegate LLM completions and embeddings to the worker process via HTTP.
…Service Delete all server/app/jobs/ai/ job classes and their specs. These jobs now run in the worker process; the server dispatches them via WorkerJobService HTTP API calls.
Add internal API controllers for self-healing, ralph loops, trajectory, and worktree sessions (worker → server callbacks). Update LLM proxy controller to remove direct completion endpoints. Add provider_config and embedding_config routes for worker credential resolution.
Add 12 AI job classes relocated from server (conversation, worktree, ralph, self-healing, trajectory, merge, conflict detection). Expand LlmProxyClient with direct provider calls using CredentialResolver. Add AI service layer for worker-side LLM operations. Update Sidekiq config with AI-specific queues and scheduled jobs.
Update test helpers, factories, and specs to use WorkerLlmClient stubs instead of direct LLM client mocks. Add WorkerJobService stub helpers. Update AI service specs for proxy-based LLM calls. Add MCP client identity service spec.
…se submodule Minor StepPlanReview UI adjustment, add AI utility agents seed, update maintenance page, and update enterprise submodule pointer.
Use the repository's default_branch instead of the hardcoded column default of "main" when creating missions. Prevents branch creation failures on repos that use master or other default branches.
Add server/config/database.yml.example with pool default of 30. Track .env.mcp.example, .env.production.example, and .env.staging.example by adding !.env.*.example negation to .gitignore. Update RAILS_MAX_THREADS to 10 in all env examples.
…r handling ExtractionService called client.provider.name on WorkerLlmClient which has nil provider when initialized with agent_id only — use provider_name safe accessor instead. StreamableHttpController rescue ArgumentError was catching parameter validation errors and silently returning null via introspection fallback — scope to only catch unknown tool errors.
…alidation Expand .gitleaks.toml allowlist from 12 to 21 path rules and 9 to 18 content regexes to suppress false positives from CI workflows, test fixtures, seed data, and Docker configs. Add gitleaks as step 4/4 in validate.sh with --skip-secrets flag. Add on-demand full-history scan script for security audits across main repo and submodules.
Navigate to mission page with openApproval state flag so the ApprovalGateModal auto-opens instead of just showing the mission detail
…reject When a mission is approved or rejected, dismiss all pending ai_plan_review notifications for that mission so they don't linger in the notification bell
Sessions revoked during server restarts can now be reactivated within a 10-minute grace window. Agent archival and workspace team membership destruction is deferred during this period. McpClientIdentityService reuses existing active agents by OAuth application ID instead of always creating new ones, ensuring stable identity across reconnections.
…nup endpoint StreamableHttpController and McpTokenAuthentication now detect recently- revoked sessions and reactivate them on reconnect. GET requests no longer touch last_activity_at to prevent SSE daemons from masking stale CLI sessions. Adds cleanup_auth_artifacts maintenance endpoint for daily purge of expired sessions, orphaned agents, and stale tokens.
…ool lookup ConciergeService now checks send_message result_preview for success before suppressing the LLM text response, preventing silent failures. WorkspaceTool adds ILIKE partial match fallback for when LLMs pass team names instead of conversation UUIDs. Concierge seed uses dynamic agent names in delegation examples instead of hardcoded values.
Streaming chunks use temporary 'streaming-{id}' IDs that never match
the final message's UUID, causing both to persist in the message list
and display phantom 'N tokens' entries. Now purges all streaming-*
messages when ai_response_complete arrives.
…nup job SSE daemon now discovers sessions by OAuth application ID (stable across agent recreation) with agent ID fallback. Syncs agent ID cache from session state on reconnect. Adds powernode MCP server and statusline to project settings. Adds AuthCleanupJob to worker for daily purge of stale auth artifacts at 3:00 AM UTC.
statusline.sh displays MCP daemon status, context usage, and cost in the Claude Code TUI status bar. mcp-status-tmux.sh provides a tmux status-right integration showing daemon state and active Claude session.
Add 10 migrations for the AI autonomy subsystem: kill switch events, agent goals, observations, intervention policies, duty cycle config, proposals, escalations, feedback, notification priority, and account AI suspension flag.
Add new models: AgentEscalation, AgentFeedback, AgentGoal, AgentObservation, AgentProposal, InterventionPolicy, KillSwitchEvent. Update Account (AI suspension), MemoryPool, RalphLoop (duty cycle), McpSession, and Notification (priority) with autonomy associations.
Add kill switch, duty cycle, observation pipeline, work claim, session discovery, escalation, feedback loop, intervention policy, proposal, and agent outreach services. Add 8 sensor classes for observing agent behavior. Add autonomy and kill switch MCP tools. Update capability matrix, execution gate, context injector, and A2A service for autonomy integration.
Add public API controllers for goals, proposals, escalations, feedback, intervention policies, and kill switch. Add internal controllers for autonomy metrics and kill switch activation. Update ralph loops controller and routes with autonomy endpoints.
Add autonomy dashboard with panels for goals, proposals, escalations, feedback, intervention policies, and kill switch. Update agent list/detail views with enhanced status and autonomy controls. Update navigation, sidebar, and routing for new autonomy section.
Fix and update backend specs for pipeline schedules, AI orchestration, security integration, MCP session, and parallel execution. Update frontend tests for notification bell, account switcher, agent modal, chat channels, floating widget, monitoring, login, and sidebar.
Add jobs for escalation timeout, goal maintenance, intervention policy tuning, observation pipeline/cleanup, and proposal expiry. Add AiSuspensionCheckConcern to guard all AI execution jobs. Update sidekiq.yml with autonomy job schedules.
Add autonomy permissions seed, update utility agents seed with autonomy-aware agents, update autonomy data seed. Update maintenance page branding.
…chain, and system ops
…, supply chain, reconciliation
Author
LabelsThe following labels could not be found: Please fix the above issues or remove invalid values from |
Rename Gitea repository, reconfigure submodule path from extensions/enterprise to extensions/business, update .gitmodules with new URL, and update supply-chain submodule pointer.
Update FeatureGateService methods (enterprise_loaded? -> business_loaded?), rename EnterpriseAware concern to BusinessAware, update all PowernodeEnterprise::Engine checks to PowernodeBusiness::Engine, rename tier enum values, update Flipper flag names, factories, and specs.
Add migration to update CHECK constraints and existing data rows from enterprise to business across accounts, templates, credit packs, tenants, and webhook endpoints. Rename Flipper feature flags and update seed data.
Update extension slug checks from 'enterprise' to 'business', rename admin settings API fields, navigation extensionSlug values, skill categories, marketplace types, and dynamic import paths.
Rename ci-enterprise.yml workflow to ci-business.yml, update all documentation references, CLAUDE.md configuration sections, commit skill, and knowledge base entries.
Update supply-chain submodule to include enterprise→business factory trait and test string renames.
…ments - Add model_suitable_for_agent_type validation warning when lightweight models are used for reasoning-intensive agent types (monitor, data_analyst) - Fix model_matches_provider to properly handle Grok provider - Add ralph iteration/task fields for repeating tasks and scheduling
…ents Update ralph task executor for repeating tasks, improve trading context resolution, expand portfolio tool actions, and execution service refinements.
Add worker data and tool dispatch channels for real-time worker communication. Update conversation AI generation and ralph loops controller.
Remove AI and supply chain job classes from server — jobs belong in the worker service. Includes removal of corresponding specs.
Add new gems, update schema for ralph loop scheduling, remove legacy recurring job entries, and update test helpers and task executor spec.
…xy improvements - Add balance sync, confirmation poller, and on-chain transfer jobs - Fix TradingRiskMonitorJob timeout handling with per-call Timeout wrapping - Add ActionCable client service for real-time worker communication - Improve LLM proxy concern and training session job execution - Add chain signer service for on-chain transactions
…loop schedule updates - Fix ChatWindowTabs test mock with missing required fields - Increase floating chat default size from 420x520 to 480x640 - Update ralph loop schedule config and status components
Includes overseer settings panel, activity feed, agent roster, compounding display fix, and trading infrastructure improvements.
Auto-generated updates to learnings, knowledge, skills, and graph docs.
Bumps the production-deps group in /worker with 3 updates: [oj](https://github.com/ohler55/oj), [stripe](https://github.com/stripe/stripe-ruby) and [googleauth](https://github.com/googleapis/google-auth-library-ruby). Updates `oj` from 3.16.15 to 3.16.16 - [Release notes](https://github.com/ohler55/oj/releases) - [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md) - [Commits](ohler55/oj@v3.16.15...v3.16.16) Updates `stripe` from 18.3.1 to 18.4.2 - [Release notes](https://github.com/stripe/stripe-ruby/releases) - [Changelog](https://github.com/stripe/stripe-ruby/blob/master/CHANGELOG.md) - [Commits](stripe/stripe-ruby@v18.3.1...v18.4.2) Updates `googleauth` from 1.16.1 to 1.16.2 - [Release notes](https://github.com/googleapis/google-auth-library-ruby/releases) - [Changelog](https://github.com/googleapis/google-auth-library-ruby/blob/main/CHANGELOG.md) - [Commits](googleapis/google-auth-library-ruby@googleauth/v1.16.1...googleauth/v1.16.2) --- updated-dependencies: - dependency-name: oj dependency-version: 3.16.16 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: production-deps - dependency-name: stripe dependency-version: 18.4.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: production-deps - dependency-name: googleauth dependency-version: 1.16.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: production-deps ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
Bot
force-pushed
the
dependabot/bundler/worker/production-deps-f031010648
branch
from
0f061e3 to
334f81f
Compare
Author
|
This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests. To ignore these dependencies, configure ignore rules in dependabot.yml |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps the production-deps group in /worker with 3 updates: oj, stripe and googleauth.
Updates
ojfrom 3.16.15 to 3.16.16Changelog
Sourced from oj's changelog.
Commits
f8e8af1Release prep780818fCleanup7abe5dbFix new parser stack consistency error (#997)c7fd915Specify static and OJ_TARGET_SSE42 on _mm_sum_epu8 (#996)77f407dAdd an ARM Neon string scanning implementation. (#994)Updates
stripefrom 18.3.1 to 18.4.2Release notes
Sourced from stripe's releases.
... (truncated)
Changelog
Sourced from stripe's changelog.
Commits
1fa9027Bump version to 18.4.21155526Retry on Net::HTTPFatalError (#1811)1a8a9f0Bump version to 18.4.15b1fc8fadd new agent keys (#1807)e6fa778Add Stripe-Request-Trigger header (#1805)ae4dec7Add agent information to UserAgent (#1803)42db802Add.claudedirectory (#1800)a66dacdBump version to 18.4.0d619437Update generated code (#1797)611ecf0Ignore unset properties of V2 Request param classes when making requests (#1796)Updates
googleauthfrom 1.16.1 to 1.16.2Release notes
Sourced from googleauth's releases.
Changelog
Sourced from googleauth's changelog.
Commits
1ef191bchore(main): release googleauth 1.16.2 (#565)fb5b797fix: return response body from revoke! for logging pipeline (#562)b0ec7d8fix: initialize the JWT credentials without JSON roundtrip (#564)5c4ab1cchore: replace old ruby teams with cloud-sdk-ruby-team (#560)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditions