Conversation
- Introduced essential files including `README.md`, `LICENSE`, `CONTRIBUTING.md`, `CODE_OF_CONDUCT.md`, and `SECURITY.md` to establish project guidelines and community standards. - Updated `.gitignore` to include `.npm-cache/` for improved environment management. - Enhanced security posture by detailing vulnerability reporting processes and hardening practices in `SECURITY.md`.
- Introduced a new workflow in `.github/workflows/security.yml` to automate security checks on push and pull request events for the `develop` and `main` branches. - The workflow includes steps for checking out the repository, setting up Node.js, installing dependencies, running an NPM audit, and scanning the git history for secrets using Trufflehog.
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
|
This pull request has been ignored for the connected project Preview Branches by Supabase. |
- Update security.yml to use official trufflehog GitHub Action instead of incorrect npm package - Add section 4 to CONTRIBUTING.md with local security scanning setup - Update open-source-preparedness.md with current workflow status Local scan: brew install trufflehog && trufflehog git file://. --no-update --json Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- SECURITY.md: Add CI security checks section and local scanning guide - open-source-preparedness.md: Update task status to reflect working local scans, add detailed local TruffleHog setup instructions - CONTRIBUTING.md: Add cross-reference to detailed security docs All three docs now consistently document: - Homebrew installation: brew install trufflehog - Local scan command: trufflehog git file://. --no-update --json - CI uses TruffleHog GitHub Action Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Generalize Agents.md: remove personal Supabase refs, test creds, and workflow journal preferences - Create CLAUDE.md: references Agents.md for Claude Code users - Create CLAUDE.local.example.md: template for personal config - Add CLAUDE.local.md and .claude/settings.local.json to .gitignore Structure: - Agents.md: General instructions (any AI agent) - committed - CLAUDE.md: Points to Agents.md - committed - CLAUDE.local.md: Personal config - gitignored Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Remove docs/WorkflowJournal.md from version control - Add docs/WorkflowJournal.md to .gitignore - Create docs/WorkflowJournal.example.md as template for contributors Personal workflow journals contain project-specific decisions and learnings that aren't relevant to the open source project. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Simplify proposed architecture for GitLab/Bitbucket integration: - Extend github_accounts → platform_connections instead of new table - Use derived views instead of denormalized display columns - Unified OAuth routes with dynamic [provider] parameter - Minimal platform client interfaces with AsyncGenerator pattern - Add implementation tracker with 7 phases Co-Authored-By: Claude <noreply@anthropic.com>
Reflect PRD changes: - Add platform_email column and unique constraint (platform, platform_user_id) - Add file_paths extraction requirement for GitLab/Bitbucket clients - Add primary identity enforcement rules - Reference PRD Risks and Tradeoffs section Co-Authored-By: Claude <noreply@anthropic.com>
Add a new Risks and Tradeoffs section to the multi-platform integration PRD, detailing key decisions and their implications. Also includes updates to the data model (adding platform_email column and unique constraint) and API documentation (primary identity rules and file_paths mapping).
P1 implementation for multi-platform integration: - Add PlatformType, NormalizedCommit, PlatformRepo types - Add CommitFetcher and RepoLister interfaces with AsyncGenerator - Implement GitHubClient with full commit/repo fetching - Add GitLab and Bitbucket client stubs - Add factory functions: createCommitFetcher, createRepoLister - Add platform client tests with mocked fetch Co-Authored-By: Claude <noreply@anthropic.com>
Add factory functions to create commit fetchers and repo listers for supported platforms. Implement BitbucketClient with paginated repository listing and commit fetching including diffstat. Implement GitLabClient with paginated project listing and commit fetching with diff support. Update existing tests to verify platform-specific normalization.
- Rename github_accounts table to platform_connections and add platform-specific fields - Add platform column to repos table with updated constraints and indexes - Add platform column to analysis_jobs table with validation - Backfill existing GitHub connections with user data - Update RLS policies for renamed table
- Rename github_accounts to platform_connections to support multiple platforms - Add platform field to repos, analysis_jobs, and users tables - Add llm_configs table for managing LLM provider configurations - Add llm_usage table for tracking token consumption and costs - Add pull_requests table for storing PR data from platforms - Add LLM token tracking fields to analysis_narratives - Add new RPC function count_free_llm_analyses
Update database queries to use the new platform_connections table with a platform column. This enables support for multiple Git platforms (GitHub, GitLab, Bitbucket) by moving away from GitHub-specific tables. - Replace github_accounts table references with platform_connections - Add platform column to queries and upsert operations - Update unique constraints to include platform - Create reusable getPlatformAccessToken utility - Update error messages and documentation
Implement unified OAuth flow for GitHub, GitLab, and Bitbucket providers. Add environment variables, OAuth configuration, parameterized LoginButton component, and unified API routes for authentication initiation and callback handling. Update documentation tracker to reflect completed implementation.
…ctions Add RESTful API endpoints for listing, deleting, and setting primary platform connections. Implement a React component to display connected platforms (GitHub, GitLab, Bitbucket) with options to connect new platforms, disconnect existing ones, and set a primary platform. Includes validation to prevent disconnecting the last or primary connection.
- Replace GitHub-specific sync API with a generic endpoint that supports GitHub, GitLab, and Bitbucket - Update settings page to use the shared ReposClient component for all platforms - Add platform selection UI and platform icons to repo management interface - Include platform information in connected repos and sync operations - Remove deprecated GitHub-specific sync API and RepoSettingsClient component
The factory functions (createCommitFetcher and createRepoLister) and type exports have been moved from individual platform files to a centralized factory module. This simplifies the import structure for consumers, allowing them to import from "@vibed/core" instead of "@vibed/core/platforms/factory" and "@vibed/core/platforms/types". Updated the web app's API route to use the consolidated imports, improving maintainability and reducing import path complexity.
Add comprehensive unit tests for GitLab and Bitbucket clients to ensure they properly normalize commit details including platform identification, file paths, author information, and commit statistics. These tests verify the integration between API responses and the normalized data structure used by the application.
…rsions Remove complex GitHub API types and fetch utilities, replacing them with simpler interfaces and functions. Update token fetching to use new platform-agnostic helper with fallback for legacy GitHub tokens. Add platform check to skip PR sync for non-GitHub repos.
- Create new SettingsTabs component to avoid duplication across settings pages - Add platforms settings page for managing code hosting platform connections - Update existing settings pages to use the shared component - Fix import in retry tests to use consolidated error exports
Add platform field to repo query and check platform compatibility. Add GitLab and Bitbucket token scope fetching in auth callback. Default to GitHub for legacy repos and throw error for unsupported platforms.
Add support for GitLab and Bitbucket alongside GitHub for repository analysis. - Platform client abstraction with unified interfaces - OAuth support for all three platforms - Platform-agnostic commit fetching with time-bucketed sampling - Rate limit handling with exponential backoff - Token expiry detection and user-friendly error messages - Unified repo sync and management UI BREAKING CHANGE: The `github_accounts` table has been renamed to `platform_connections`. All queries referencing `github_accounts` must be updated to use `platform_connections` with the additional `platform` column filter. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
chore: release develop
…te and update their deliverables.
- Add explicit check for accounts already linked to other users in OAuth callback - Change GitLab client to use standard Bearer auth header for OAuth consistency - Update implementation tracker to mark P1 deliverables complete - Add note about Bitbucket date filtering limitation
Radix UI Popover generates random IDs that differ between server and client. Added client-only mount check to render static placeholder during SSR.
…ection
- Updated UnifiedInsightSection to accept highlights as either strings or objects with {label, value, interpretation}
- Fixed type definitions in page.tsx to match the actual LLM output format
- Added renderHighlight helper function to format object highlights nicely
…ed view
- Add mode prop to ReposClient ('settings' vs 'vibes')
- In settings mode, hide View vibe/Re-run buttons (those belong in /vibes)
- Add connectedPlatforms prop to disable unconnected platform tabs
- Show tooltip on hover for disabled platforms: 'Connect X from Settings → Platforms'
- Filter connected repos list by selected platform
- Update page subtitle to be platform-agnostic
- Added auth.external.gitlab and auth.external.bitbucket to config.toml - Created supabase/.env for OAuth credentials (gitignored) - Follows same pattern as existing GitHub OAuth config
chore: release develop
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Type of Change
Changes
Testing
Database Migrations
00XXX_name.sqlChecklist
npm run lint)npm run type-check)npm run build)Screenshots
Related Issues