v0.6.7: kb improvements, edge z index fix, captcha, new trust center, block classifications#3704
Merged
waleedlatif1 merged 7 commits intomainfrom Mar 21, 2026
Merged
v0.6.7: kb improvements, edge z index fix, captcha, new trust center, block classifications#3704waleedlatif1 merged 7 commits intomainfrom
waleedlatif1 merged 7 commits intomainfrom
Conversation
Collaborator
waleedlatif1
commented
Mar 21, 2026
waleedlatif1
commented
- feat(loading) show route specific skeleton UI (feat(loading) show route specific skeleton UI #3671)
- fix(kb): max depth exceeded chunks page error (fix(kb): max depth exceeded chunks page error #3695)
- feat(kb): harden sync engine and add connector audit logging (feat(kb): harden sync engine and add connector audit logging #3697)
- fix(canvas): correct z-index layering for selected blocks and connected edges (fix(canvas): correct z-index layering for selected blocks and connected edges #3698)
- chore(trust): replace Delve trust center with Vanta (chore(trust): replace Delve trust center with Vanta #3701)
- feat(auth): add Turnstile captcha + harmony disposable email blocking (feat(auth): add Turnstile captcha + harmony disposable email blocking #3699)
- feat(integrations): add integrationType and tags classification to all blocks (feat(integrations): add integrationType and tags classification to all blocks #3702)
* chore: fix conflicts * chore: updated loading states
* feat(kb): harden sync engine and add connector audit logging - Fix stuck syncing status: added finally block in executeSync + stale lock recovery in cron scheduler (2hr TTL) - Fix token expiry mid-sync: refresh OAuth token between pagination pages and before deferred content hydration - GitHub deferred content loading: use Git blob SHA for change detection, only fetch content for new/changed docs - Add network error keywords to isRetryableError (fetch failed, econnreset, etc.) - Extract sanitizeStorageTitle helper to fix S3 key length limit issues - Add audit logging for connector CRUD, sync triggers, document exclude/restore, and resource restoration paths * lint * fix(tests): update audit mock and route tests for new audit actions * fix(kb): address PR review - finally block race, contentHash propagation, resourceName - Replace DB-read finally block with local syncExitedCleanly flag to avoid race condition - Propagate fullDoc.contentHash during deferred content hydration - Add resourceName to file restore audit record * fix(audit): include fileId in file restore audit description
…ed edges (#3698) * fix(canvas): correct z-index layering for selected blocks and connected edges * fix(canvas): derive subflow edge z-index from connected node z-index * fix(canvas): fix nodesForRender early-return guard for regular blocks * lint * fix(canvas): ensure elevated edges and last-interacted nodes sit above siblings at same base z-index
* chore(trust): replace Delve trust center with Vanta * lint
…#3699) * feat(turnstile): conditionally added CF turnstile to signup * feat(auth): add execute-on-submit Turnstile, conditional harmony, and feature flag - Switch Turnstile to execution: 'execute' mode so challenge runs on form submit (fresh token every time, no expiry issues) - Make emailHarmony conditional via SIGNUP_EMAIL_VALIDATION_ENABLED feature flag so self-hosted users can opt out - Add isSignupEmailValidationEnabled to feature-flags.ts following existing pattern - Add better-auth-harmony to Next.js transpilePackages (required for validator.js ESM compatibility) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * refactor(validation): remove dead validateEmail and checkMXRecord Server-side disposable email blocking is now handled by better-auth-harmony. The async validateEmail (with MX check) had no remaining callers. Only quickValidateEmail remains for client-side form feedback. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * fix(auth): add 15s timeout to Turnstile captcha promise Prevents form from hanging indefinitely if Turnstile never fires onSuccess/onError (e.g. script fails to load, network drop). Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * chore(helm): add Turnstile and harmony env vars to values.yaml Adds TURNSTILE_SECRET_KEY, NEXT_PUBLIC_TURNSTILE_SITE_KEY, and SIGNUP_EMAIL_VALIDATION_ENABLED to the helm chart so self-hosted deployments can configure captcha and disposable email blocking. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * fix(auth): reject captcha promise on token expiry onExpire now rejects the pending promise so the form doesn't hang if the Turnstile token expires mid-challenge. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * refactor(login): replace useEffect keydown listener with form onSubmit The forgot-password modal used a global window keydown listener in a useEffect to handle Enter key — a "you might not need an effect" anti-pattern with a stale closure risk. Replaced with a native <form onSubmit> wrapper which handles Enter natively, eliminating the useEffect, the global listener, and the stale closure. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * fix(auth): clear dangling timeout after captcha promise settles Use .finally(() => clearTimeout(timeoutId)) to clean up the 15s timeout timer when the captcha resolves before the deadline. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * refactor(auth): use getResponsePromise() for Turnstile token retrieval Replace the manual Promise + refs + timeout pattern with the documented getResponsePromise(timeout) API from @marsidev/react-turnstile. This eliminates captchaToken state, captchaResolveRef, captchaRejectRef, and all callback wiring on the Turnstile component. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * fix(auth): show captcha errors as form-level message, not password error Captcha failures were misleadingly displayed under the password field. Added a dedicated formError state that renders above the submit button, making it clear the issue is with verification, not the password. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> --------- Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
…l blocks (#3702) * feat(integrations): add integrationType and tags classification to all blocks * improvement(integrations): replace generic api/oauth tags with use-case-oriented tags * lint * upgrade turbo
|
The latest updates on your projects. Learn more about Vercel for GitHub. |
PR SummaryMedium Risk Overview Improves knowledge base connector observability by recording audit log events for connector create/update/delete/manual sync and document exclude/restore operations, and updates the corresponding route tests/mocks to include actor and workspace context. Enhances the integrations catalog by adding Also adds route-level loading skeleton UIs for several auth and landing pages, and updates trust/compliance links from Delve to Vanta. Written by Cursor Bugbot for commit 951c8fd. Configure here. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.