…ping bug

In the second phase of _processFullTables, the code incorrectly used
`doc.metadata.chunkId` when initializing a new table entry. `doc` was
a stale variable from the outer `for docKey, doc in documents.items()`
loop, not the current chunk being processed. Additionally, Doc() was
called with invalid constructor params (objectId, chunk) that don't
exist on the Pydantic model.

Fix mirrors the pattern used in _processFullDocuments: reset
page_content on the chunk itself and store it directly, so the
subsequent append builds the correct concatenated table content.

Resolves #776

…asing

Two follow-up fixes from code review:

1. Line 157: tableDocs[tableKey] = doc.score replaced the Doc object with
   a raw float, crashing Phase 2 with AttributeError when page_content
   was accessed. Fixed to tableDocs[tableKey].score = doc.score.

2. Lines 184-189: tableDocs[tableKey] and chunk aliased the same object,
   so clearing chunk.page_content then appending chunk.page_content
   accumulated empty string, silently dropping the first chunk's text.
   Fixed by saving original_content before clearing, restoring it after
   assignment, and continuing to skip the duplicate append below.

…mocks

Three test mocks mishandled falsy values, causing mock tests to pass
while real-service tests would fail:

psycopg2: bool is a subclass of int in Python, so isinstance(False, int)
returns True. SQL WHERE params like isDeleted=False were incorrectly
matched as LIMIT values. Fixed by adding not isinstance(p, bool) guards
in _handle_semantic_search and _extract_limit.

chromadb: 'if limit and ...' treated limit=0 as falsy, returning all
rows instead of zero rows. Fixed with explicit 'limit is not None' check.

weaviate: sort key 'distance if distance else 1.0' collapsed 0.0
(exact match, best possible distance) to 1.0, ranking perfect matches
last. Fixed with 'distance if distance is not None else 1.0'.

Resolves #748

…nnect

## Summary

<!-- Describe your changes in 1-3 bullet points -->

- Fix `RecursionError: maximum recursion depth exceeded` in `_GatheringFuture.cancel` during `/task/service` WebSocket teardown by breaking the cycle between an in-flight message-handler task and the disconnect-drain gather it waits on.
- Fix C — `dap_client.request()`'s `ConnectionError` handler now uses fire-and-forget `self._transport.disconnect()` instead of `await self.disconnect()`. Develop's `disconnect()` is sync-returns-`Task`, matching the documented carve-out at `transport_websocket.py:516-517`.
- Fix A — `_drain_message_tasks` walks each candidate's `_fut_waiter` chain and excludes tasks that transitively await the drainer itself, so the gather can never close back on itself even if a future caller awaits disconnect from a handler context.

## Type

<!-- What kind of change is this? (feature, fix, refactor, docs, chore, etc.) -->

fix

## Testing

- [x] Tests added or updated
- [x] Tested locally
- [ ] `./builder test` passes

`packages/client-python/tests/test_drain_cycle_regression.py` adds two regression tests, one pinning each fix:

- `test_drain_cycle_does_not_recurse` — builds the smallest task graph that exhibits the cycle (a handler awaiting `transport.disconnect()` while it is itself in `_message_tasks`); fails on pre-fix code via deadlock + recursion, passes after Fix A.
- `test_request_does_not_await_self_disconnect_on_connection_error` — asserts `dap_client.request()` does not call `self.disconnect()` on `ConnectionError`; fails pre-fix, passes after Fix C.

The pytest teardown after a pre-fix run reproduces the exact `tasks.py:721` recursion as the production trace, confirming the unit test covers the production bug rather than a similar-looking variant.

`./builder test` reports one unrelated failure on `test_node_cases[llm_openai:services:test2:openai-4o-mini]` — a live OpenAI call (`avoidMocks: true`, `requires: ['ROCKETRIDE_OPENAI_KEY']`) where the LLM produced no answer for `"What is 5*5?"`. Pre-existing flakiness in the real-API path, unrelated to these changes (transport-layer fixes don't touch LLM provider calls).

## Checklist

- [x] Commit messages follow [conventional commits](https://www.conventionalcommits.org/)
- [x] No secrets or credentials included
- [ ] Wiki updated (if applicable)
- [ ] Breaking changes documented (if applicable)

## Linked Issue

<!-- REQUIRED: Every PR must be linked to an issue. Use one of: -->
<!-- Fixes #123 / Closes #123 / Resolves #123 -->

Fixes #791

Updates the requirements on [requests](https://github.com/psf/requests) to permit the latest version.
- [Release notes](https://github.com/psf/requests/releases)
- [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md)
- [Commits](psf/requests@v2.34.0...v2.34.2)

---
updated-dependencies:
- dependency-name: requests
  dependency-version: 2.34.2
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

- index.html: inline script sets --rr-bg-default and body background
  synchronously before React renders, so the page starts dark for users
  who have a dark preference saved in localStorage (rr:home:theme).
- createShellConfig onInit: reads rr:home:theme then rr:theme to apply
  the user's saved theme instead of always defaulting to rocketride-light,
  eliminating the tan background during the 1.5s OAuth code-exchange
  loading window.

Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>

#878)

- index.html: inline script sets --rr-bg-default and body background
  synchronously before React renders, so the page starts dark for users
  who have a dark preference saved in localStorage (rr:home:theme).
- createShellConfig onInit: reads rr:home:theme then rr:theme to apply
  the user's saved theme instead of always defaulting to rocketride-light,
  eliminating the tan background during the 1.5s OAuth code-exchange
  loading window.

Co-authored-by: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>

Previously unpinned, leaving the resolved version subject to PyPI latest.
Three open Dependabot alerts all clear at 46.0.7:

  - GHSA-r6ph-v2qm-q3c2 (high)   subgroup attack on SECT curves
  - GHSA-p423-j2cm-9vmq (medium) buffer overflow on non-contiguous buffers
  - GHSA-m959-cc7f-wv43 (low)    incomplete DNS name constraint enforcement

Exact pin matches the sibling node db_mysql/requirements.txt (also pins
==46.0.7) for reproducible builds and consistent dependency policy across
nodes. Future bumps will arrive via Dependabot PRs.

…errides (#887)

Resolves 6 high-severity Dependabot alerts on root pnpm-lock.yaml.
(3 additional alerts on packages/shared-ui/pnpm-lock.yaml clear when
#886 lands, which deletes that dead sub-lockfile.)

Adds four bounded pnpm.overrides entries — one per major — so each
transitive caller stays on the API surface it expects, just patched:

  minimatch@<3.1.4 → >=3.1.4 <4    was 3.1.2, fix 3.1.4*
  minimatch@5      → >=5.1.8 <6    was 5.1.6, fix 5.1.8
  minimatch@9      → >=9.0.7 <10   was 9.0.5, fix 9.0.7
  minimatch@10     → >=10.2.3 <11  was 10.1.1, fix 10.2.3

  * 3.1.4 covers GHSA-23c5-xmqv-rm74 in the 3.x line (Dependabot
    only flagged 3.1.3 for GHSA-7r86-cg39-jmmj; the tighter bound
    pre-empts the second advisory too).

Post-install resolves to minimatch@3.1.5, 5.1.9, 9.0.9, 10.2.5.

Advisories cleared (all high):

  GHSA-3ppc-4f35-3m26  minimatch ReDoS: repeated wildcards with
                       non-matching literal in pattern (5.x)
  GHSA-23c5-xmqv-rm74  minimatch ReDoS: nested *() extglobs generate
                       catastrophically backtracking regex (3.x, 5.x)
  GHSA-7r86-cg39-jmmj  minimatch ReDoS: matchOne() combinatorial
                       backtracking via multiple non-adjacent GLOBSTAR
                       segments (3.x, 5.x, 9.x, 10.x)

A single high pin (e.g. minimatch>=10.2.3) was considered and rejected:
minimatch had breaking API changes across majors (default vs named
exports between 3→5→7); forcing all callers to 10.x risks breaking
deps that still rely on 3.x/5.x semantics. The bounded approach matches
the existing repo convention (handlebars: >=4.7.9 <5; protobufjs:
>=7.5.5 <8).

…file (#886)

Resolves all 16 open Dependabot alerts on dompurify (8 unique GHSAs, all
medium severity) ranging in fix versions 3.3.2 → 3.4.0.

Changes:
- packages/shared-ui/package.json: peerDependency dompurify ~3.2.5 → ~3.4.0
- package.json: add "dompurify": ">=3.4.0" to root pnpm.overrides,
  matching the existing security-bump convention (cross-spawn, glob,
  handlebars, js-yaml, postcss, protobufjs, qs).
- packages/shared-ui/pnpm-lock.yaml: deleted. This file was a dead
  artifact — last (and only) touched in the initial commit (8197744),
  zero references in CI, build scripts, or publish workflows. Its sole
  effect was duplicating dompurify alerts since Dependabot scans every
  pnpm-lock.yaml independently.
- pnpm-lock.yaml: regenerated. dompurify resolves to 3.4.3 (latest
  3.4.x available); no 3.2.x/3.3.x copies remain.

Advisories cleared (all medium):
  GHSA-cj63-jhhr-wcxv  GHSA-cjmm-f4jc-qw8r  GHSA-h8r8-wccr-v5f2
  GHSA-v2wj-7wpq-c8vv  GHSA-39q2-94rc-95cp  GHSA-crv5-9vww-q3g8
  GHSA-h7mw-gpvr-xq4m  GHSA-v9jr-rg53-9pgp

Call site (packages/shared-ui/src/components/canvas/util/helpers.tsx:228)
uses DOMPurify.sanitize(input, { ADD_ATTR: [...] }) — stable across the
3.x line; no API breakage.

* docs(agents): add observability & tracing integration guide

Documents how external services consume runtime logs, lifecycle events,
and pipeline traces over the WebSocket DAP channel so integrators have a
single source of truth on what the server actually exposes (no OTel,
Prometheus, or audit-log DB).

Wires the new doc into the .rocketride/docs sync list and lists it in
every agent stub (Claude Code, CLAUDE.md, AGENTS.md, Cursor, Windsurf,
Copilot) so installed workspaces surface it alongside the existing
README/quickstart/API references.

Co-Authored-By: Claude <noreply@anthropic.com>

* docs(agents): tag observability doc websocket fence with language

Adds the `text` language identifier to the WebSocket URL fenced code
block so markdownlint MD040 stops flagging it, per CodeRabbit review on
PR #716.

Co-Authored-By: Claude <noreply@anthropic.com>

* docs(agents): remove HTTP transport from observability guide

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

---------

Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: Dmitrii Karataev <dmitry.karataev@gmail.com>

)

This is from an already approved PR

Rebased onto current develop, dropping changes already merged separately
(redaction regex, CSS comment fix, PageStatus UI, upload math fix).

Only the signal handler work remains:
- SIGINT/SIGTERM handlers with proper exit codes (130/143)
- Double-signal force exit, 5s cleanup timeout
- Idempotent cleanupClient via dedup promise
- isCancelled guards on command actions to prevent exit races
- run()/main() shutdown awareness via awaitShutdown()

Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

…nodes/requests-gte-2.34.2

chore(deps)(deps): update requests requirement from >=2.34.0 to >=2.34.2 in /nodes/src/nodes

Resolves 16 open Dependabot alerts (6 undici, 5 lodash, 5 lodash-es)
in a single PR. Affected manifests: root pnpm-lock.yaml (8 alerts) and
packages/shared-ui/pnpm-lock.yaml (8 alerts, all clear once #886 lands
deleting that dead sub-lockfile).

Changes:
- package.json: add three bounded entries to pnpm.overrides
    "lodash":      ">=4.18.0 <5"   was 4.17.23
    "lodash-es":   ">=4.18.0 <5"   was 4.17.23
    "undici":      ">=7.24.0 <8"   was 7.20.0
- packages/shared-ui/package.json: bump lodash peerDep ~4.17.21 → ~4.18.0
  (declaration alignment; shared-ui has zero direct lodash imports in
  src/, so this is purely a doc-correctness fix).

Post-install resolves to lodash@4.18.1, lodash-es@4.18.1, undici@7.25.0.

Advisories cleared:

  undici (all in 7.0.0..<7.24.0):
    GHSA-f269-vfmq-vjvj  (high)   WebSocket 64-bit length parser overflow / crash
    GHSA-v9p9-hfj2-hcw8  (high)   WebSocket unhandled exception via server_max_win
    GHSA-vrm6-8vpv-qv8q  (high)   WebSocket permessage-deflate unbounded memory
    GHSA-2mjp-6q6p-2qxm  (medium) HTTP request/response smuggling
    GHSA-phc3-fgpg-7m6h  (medium) DeduplicationHandler unbounded memory
    GHSA-4992-7rv2-5pvq  (medium) CRLF injection via `upgrade` option

  lodash + lodash-es (<= 4.17.23):
    GHSA-r5fr-rjxr-66jc  (high)   Code injection via _.template imports key names
    GHSA-f23m-r3pf-42rh  (medium) Prototype pollution via _.unset / array path bypass

  Note: GHSA-xxjr-mmjv-4gpg (medium, fix=4.17.23) was already covered
  by the prior dependabot-bumped 4.17.23 and will auto-close when
  Dependabot rescans.

Bounded ranges match the existing repo convention (handlebars:
">=4.7.9 <5", protobufjs: ">=7.5.5 <8") and avoid pulling in unreleased
lodash 5.x or undici 8.x majors that would carry breaking changes.

- @rollup/plugin-commonjs 28.0.6 → 28.0.9
- @rollup/plugin-replace 6.0.2 → 6.0.3
- @rollup/plugin-typescript 12.1.4 → 12.3.0
- @types/react 18.2.21 → 18.3.28
- @types/react-dom 18.2.7 → 18.3.7
- rollup 4.59.0 → 4.60.4
- rollup-plugin-dts 6.2.3 → 6.4.1

Replaces Dependabot PR #881 which failed due to stale pnpm-lock.yaml.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

chore(deps): bump shared-ui devDependencies

fix(client-python): break drain cycle causing RecursionError on disconnect

Add a new QuestionType.EXECUTE value plus a `client.database.query()` namespace
on both the Python and TypeScript SDKs so trusted callers can issue raw SQL or
Cypher against database pipelines without paying the LLM-translation tax.
db_postgres / db_mysql / db_neo4j skip both the LLM call and the
is_sql_safe / _is_cypher_safe gating when the question arrives with type=EXECUTE.

End-to-end verified against local Postgres + Neo4j with the matching SDK on
both languages (8/8 cases pass; nodes contract suite 733/733).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

Addresses CodeRabbit review on PR #782:
- Gate QuestionType.EXECUTE behind opt-in allow_execute config (default off)
  on both SQL (DatabaseGlobalBase) and Neo4j (db_neo4j.IGlobal) backends so
  arbitrary write/admin SQL/Cypher cannot run without explicit operator consent.
- Bound _executeRawQuery SELECT results with fetchmany(max_execute_rows+1)
  to avoid memory blowups on large reads; normalize negative rowcount to 0.
- Wrap EXECUTE output blocks (SQL + Neo4j) in try/except so formatting and
  lane writes can't escape writeQuestions; serialize with default=str and
  sanitize SQL rows before json.dumps to handle non-serializable DB values.
- Validate non-empty token/sql in client.database.query() for both Python and
  TypeScript SDKs; raise ValueError / throw Error instead of dispatching.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

Addresses second CodeRabbit review on PR #782:
- _run_query_raw now caps result collection at max_execute_rows (default 25000),
  mirroring the SQL path, so a large EXECUTE MATCH...RETURN cannot exhaust the
  worker. Overflow raises ValueError, caught at the IInstance handler.
- allow_execute config now parses strings explicitly: only '1', 'true', 'yes',
  'on' (case-insensitive) enable EXECUTE. Plain bool() would have let 'false'
  or '0' weaken the opt-in gate.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

…nt per module

Replace the three repeated 25000 literals in each of db_global_base.py and
db_neo4j/IGlobal.py with a module-level DEFAULT_MAX_EXECUTE_ROWS constant.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

…mits

Replace the remaining 25000 literals in the get_data tool description and
_clamp_limit / inline limit clamp with the existing DEFAULT_MAX_EXECUTE_ROWS
constant. Single source of truth across the EXECUTE path and the non-EXECUTE
get_data path within each module.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

Lets SDK callers ask a database pipeline which engine it's connected to so
applications can branch on dialect-specific behavior (SQL syntax, type
coercion) or assert they aren't pointed at the wrong kind of database.

- New QuestionType.DIALECT in both Python and TypeScript client schemas.
- DatabaseInstanceBase: new abstract _db_dialect() method + DIALECT branch in
  writeQuestions that emits {'dialect': '...'} on the answers lane. No gate
  (the value is metadata, not data).
- db_postgres / db_mysql implement _db_dialect() -> 'postgres' / 'mysql'.
- db_neo4j handles DIALECT in writeQuestions and emits 'neo4j'.
- Python SDK: client.database.dialect(token=...) returns DatabaseDialect enum.
- TypeScript SDK: client.database.dialect({token}) returns DatabaseDialect enum;
  re-export from client/index.ts so callers can import from the package root.
- services.json: each db node now exposes a UI-toggleable allow_execute boolean
  (default false) so operators can opt-in to the EXECUTE path from the Dropper
  UI instead of hand-editing pipe JSON.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

Co-authored-by: Dmitrii Karataev <dmitry.karataev@gmail.com>

…iles. Input array in services*.jsons were duplicate of lane. Closes #629 (#728)

Co-authored-by: Dmitrii Karataev <dmitry.karataev@gmail.com>

fix: guard against falsy-value traps in psycopg2, chromadb, weaviate mocks

fix: resolve chunkId scoping bug in _processFullTables

feat(nodes): add gemini vision node

feat(nodes): add openai vision node