- 13 2月, 2026 8 次提交
-
-
由 Will Chen 提交于
## Summary - Migrates all 16 `.claude/commands/` to `.claude/skills/` with proper SKILL.md frontmatter (name + description) - Moves supporting scripts (sanitize_issue_markdown.py, tests, goldens) into the fix-issue skill folder - Updates path references in `.prettierignore`, `.oxfmtrc.json`, and `.claude/README.md` - Eliminates spurious golden file "commands" (e.g., `dyad:scripts:goldens:*`) that were being registered as slash commands ## Test plan - Verify all skills are listed with `/` autocomplete - Invoke a skill (e.g., `/dyad:lint`) and confirm it works #skip-bugbot
🤖 Generated with [Claude Code](https://claude.com/claude-code) <!-- devin-review-badge-begin --> --- <a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2663" target="_blank"> <picture> <source media="(prefers-color-scheme: dark)" srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1"> <img src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1" alt="Open with Devin"> </picture> </a> <!-- devin-review-badge-end --> <!-- This is an auto-generated description by cubic. --> --- ## Summary by cubic Migrates all Claude Code commands to the new skills format with SKILL.md frontmatter and updates docs/paths. This standardizes slash usage (/dyad:<skill>), fixes autocomplete, and removes stray commands. - **Refactors** - Moved 16 items from .claude/commands to .claude/skills with name/description frontmatter. - Moved sanitize_issue_markdown.py, tests, and goldens under the fix-issue skill; updated path in SKILL.md. - Updated .claude/README.md to list skills and include fast-push, pr-screencast, feedback-to-issues, deflake-e2e-recent-commits, remember-learnings. - Updated .prettierignore and .oxfmtrc.json to new goldens path. - Removed golden file “commands” that were being registered as slash commands. - **Migration** - Use /dyad:<skill> instead of /dyad:<command>. - Verify skills show in autocomplete and run one (e.g., /dyad:lint). - Update any local scripts from .claude/commands/... to .claude/skills/.... <sup>Written for commit 31ae67f994cb704c223428e66455665ffd2454ff. Summary will update on new commits.</sup> <!-- End of auto-generated description by cubic. --> Co-authored-by:Claude Opus 4.6 <noreply@anthropic.com>
-
由 Will Chen 提交于
## Summary - Replace unreliable winget installation with NuGet installation for Azure Trusted Signing tools - Simplify DLL discovery logic to use direct NuGet installation path - Makes Windows signing step more robust and reliable ## Test plan - Verify that the release workflow still builds successfully on Windows runners - Confirm Azure Trusted Signing client is installed and used correctly
🤖 Generated with [Claude Code](https://claude.com/claude-code) <!-- devin-review-badge-begin --> --- <a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2661" target="_blank"> <picture> <source media="(prefers-color-scheme: dark)" srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1"> <img src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1" alt="Open with Devin"> </picture> </a> <!-- devin-review-badge-end --> <!-- This is an auto-generated description by cubic. --> --- ## Summary by cubic Switch the Windows release workflow to use NuGet for Azure Trusted Signing and simplify DLL discovery to the NuGet install path. This reduces CI flakiness and makes the signing step more reliable. - **Refactors** - Install Microsoft.Trusted.Signing.Client 1.0.95 to $RUNNER_TEMP\TrustedSigning from nuget.org. - Find Azure.CodeSigning.Dlib.dll (x64) by scanning the install directory only. <sup>Written for commit 0dd327769005b7890b31d782bf07f66a4912406b. Summary will update on new commits.</sup> <!-- End of auto-generated description by cubic. --> <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **Low Risk** > Workflow-only change that alters how Windows signing dependencies are installed and discovered; risk is limited to potential release pipeline breakage if the NuGet package layout/version changes. > > **Overview** > Improves the Windows portion of the release workflow by installing Azure Trusted Signing tooling via `nuget` (pinned to `Microsoft.Trusted.Signing.Client` `1.0.95`) instead of `winget`. > > Simplifies DLL discovery by searching only within the NuGet install directory for the x64 `Azure.CodeSigning.Dlib.dll`, then exporting `AZURE_CODE_SIGNING_DLIB` for subsequent signing steps. > > <sup>Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit 0dd327769005b7890b31d782bf07f66a4912406b. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).</sup> <!-- /CURSOR_SUMMARY --> Co-authored-by: -
由 Will Chen 提交于
## Summary - Windows CI builds intermittently fail during `npm ci` with `EBUSY`/`EPERM` errors caused by file locking (antivirus, indexing services) - Added a 3-attempt retry loop with 10s delay and `node_modules` cleanup between attempts - Applied to both the `build` and `e2e-tests` jobs in the CI workflow ## Test plan - [x] Lint passes - [x] Type checks pass - [x] Unit tests pass (810/810) - Verify the next Windows CI run completes the `npm ci` step successfully #skip-bugbot
🤖 Generated with [Claude Code](https://claude.com/claude-code) <!-- This is an auto-generated description by cubic. --> --- ## Summary by cubic Add retry logic to npm ci on Windows runners to handle intermittent EBUSY/EPERM file locks. This stabilizes the build and e2e-tests jobs. - **Bug Fixes** - Retry npm ci up to 3 times with a 10s delay. - Clean node_modules between attempts. - Implemented via scripts/npm-ci-retry.sh and applied to both build and e2e-tests jobs. <sup>Written for commit 79bc6ede3b90db4068369e59853144170547aaf0. Summary will update on new commits.</sup> <!-- End of auto-generated description by cubic. --> <!-- devin-review-badge-begin --> --- <a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2657" target="_blank"> <picture> <source media="(prefers-color-scheme: dark)" srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1"> <img src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1" alt="Open with Devin"> </picture> </a> <!-- devin-review-badge-end --> --------- Co-authored-by: -
由 Will Chen 提交于
#skip-bb <!-- devin-review-badge-begin --> --- <a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2660" target="_blank"> <picture> <source media="(prefers-color-scheme: dark)" srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1"> <img src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1" alt="Open with Devin"> </picture> </a> <!-- devin-review-badge-end -->
-
由 Will Chen 提交于
## Summary - Updated ChatInputControls component with new functionality - Enhanced settings page with improved search indexing - Updated schema definitions with new type support - Updated chat stream handlers for better data processing - Added comprehensive e2e tests for Settings component ## Test plan - Run `npm run test` to verify all unit tests pass - Run `npm run e2e` to verify end-to-end tests pass - Manually test Settings page UI and functionality - Verify schema changes don't break existing data handling
🤖 Generated with [Claude Code](https://claude.com/claude-code) <!-- devin-review-badge-begin --> --- <a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2659" target="_blank"> <picture> <source media="(prefers-color-scheme: dark)" srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1"> <img src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1" alt="Open with Devin"> </picture> </a> <!-- devin-review-badge-end --> <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **Medium Risk** > Changes the conditions under which MCP tools can be surfaced and executed in chat streaming, so mis-gating could unintentionally disable or enable tool execution paths; scope is limited to a new opt-in experiment flag. > > **Overview** > Introduces a new experimental setting, `enableMcpServersForBuildMode`, to gate MCP server usage outside Local Agent mode. > > When disabled, the MCP tools UI (`ChatInputControls`) and the MCP agent execution path in `chat_stream_handlers` no longer activate in Build mode; enabling the toggle re-enables MCP tools for Build/Agent behavior. > > Adds the toggle to the Settings "Experiments" section, indexes it for settings search, extends the settings schema to persist it, and updates MCP e2e tests/page objects to explicitly enable the experiment before exercising MCP tool calls. > > <sup>Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit 0b08d3da18e90fda6fc959a94e143df64249ad27. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).</sup> <!-- /CURSOR_SUMMARY --> <!-- This is an auto-generated description by cubic. --> --- ## Summary by cubic Adds an experiment toggle to allow MCP servers in Build mode and gates MCP tool usage behind it across the chat UI and stream handlers. Updates Settings and search to surface the toggle, and updates e2e tests to cover the new flow. - **New Features** - Settings: new “Enable MCP servers for Build mode” toggle under Experiments; added to search. - Chat: ChatInputControls and chat_stream_handlers now require this flag; Agent mode remains supported; Build mode also needs at least one enabled MCP server. - Schema: adds enableMcpServersForBuildMode to UserSettingsSchema. - Tests: Playwright specs enable the toggle before MCP tests; new Settings page-object helper. - **Migration** - To use MCP in Build mode, enable Settings → Experiments → “Enable MCP servers for Build mode”. <sup>Written for commit 0b08d3da18e90fda6fc959a94e143df64249ad27. Summary will update on new commits.</sup> <!-- End of auto-generated description by cubic. --> --------- Co-authored-by: -
由 Will Chen 提交于
## Summary - Updated node-version to node-version-file: package.json in release workflow - Allows the CI build to use Node >= 24 as required by project dependencies - Fixes the automated release build process ## Test plan - The release workflow will be tested on the next release trigger - Verify that the workflow can access the Node version from package.json
🤖 Generated with [Claude Code](https://claude.com/claude-code) <!-- devin-review-badge-begin --> --- <a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2658" target="_blank"> <picture> <source media="(prefers-color-scheme: dark)" srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1"> <img src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1" alt="Open with Devin"> </picture> </a> <!-- devin-review-badge-end --> <!-- This is an auto-generated description by cubic. --> --- ## Summary by cubic Fixes failing release CI by reading the Node version from package.json instead of hardcoding v20, so the workflow uses Node 24+ and the release build runs again. - **Bug Fixes** - Switched actions/setup-node to node-version-file: package.json in two release jobs. - Ensures CI uses the repo’s Node version (24+) and unblocks automated releases. <sup>Written for commit f062289452ced8dbb62b47530ad0e98299d80a10. Summary will update on new commits.</sup> <!-- End of auto-generated description by cubic. --> <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **Low Risk** > Workflow-only change that adjusts runtime version selection; low risk outside of potential CI environment differences if `package.json` engines is misconfigured. > > **Overview** > Updates the GitHub Release workflow to source the Node version from `package.json` (via `node-version-file`) instead of hardcoding `node-version: 20` for both the build matrix and the `verify-assets` job. > > This aligns release CI with the repo’s declared Node engine requirement and avoids failures when dependencies require a newer Node than the previously pinned value. > > <sup>Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit f062289452ced8dbb62b47530ad0e98299d80a10. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).</sup> <!-- /CURSOR_SUMMARY --> Co-authored-by: -
由 Will Chen 提交于
#skip-bb <!-- devin-review-badge-begin --> --- <a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2656" target="_blank"> <picture> <source media="(prefers-color-scheme: dark)" srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1"> <img src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1" alt="Open with Devin"> </picture> </a> <!-- devin-review-badge-end -->
-
由 wwwillchen-bot 提交于
## Summary - When a local agent ends its turn with incomplete todos (pending or in_progress), a reminder message is now injected telling it to continue and complete the remaining tasks - This only happens once per turn to avoid infinite loops - Added `hasIncompleteTodos()` and `buildTodoReminderMessage()` helpers to prepare_step_utils.ts - Added `TodoReminderState` to track whether a reminder has already been sent this turn Fixes #2600 ## Test plan - Unit tests added for: - `hasIncompleteTodos()` - correctly detects pending/in_progress todos - `buildTodoReminderMessage()` - builds proper reminder message listing incomplete todos - `prepareStepMessages()` with todoContext: - Injects reminder when agent finishes with incomplete todos - Does not inject reminder when already reminded this turn - Does not inject reminder when all todos are completed - Does not inject reminder when agent has pending tool calls - Combines reminder with existing injected messages🤖 Generated with [Claude Code](https://claude.com/claude-code) <!-- devin-review-badge-begin --> --- <a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2601" target="_blank"> <picture> <source media="(prefers-color-scheme: dark)" srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1"> <img src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1" alt="Open with Devin"> </picture> </a> <!-- devin-review-badge-end --> <!-- This is an auto-generated description by cubic. --> --- ## Summary by cubic Ensures the local agent completes remaining todos before ending a turn by running a one-time outer-loop follow-up pass that adds a reminder. The reminder is not persisted. Meets #2600. - **New Features** - Outer-loop detection via shouldRunTodoFollowUpPass: runs one follow-up pass when the final step has no tool calls and incomplete todos remain; skips in read-only and plan modes. - Helpers hasIncompleteTodos() and buildTodoReminderMessage(); multi-pass E2E fixture and test; fake LLM server scans all user messages and counts todo reminders to drive passes. - **Refactors** - Removed inner-loop reminder injection from prepareStepMessages; tests cleaned up. - Restructured local_agent_handler into a controlled pass loop with createdAt guards, baseMessageHistoryCount and compaction state reset each pass, AI messages persisted across passes, and synthetic todo reminders excluded from aiMessagesJson; updated compaction test to include toolCalls in mock steps. <sup>Written for commit 70b9c5a6595c5b024d25665e785d93dd77a3076f. Summary will update on new commits.</sup> <!-- End of auto-generated description by cubic. --> --------- Co-authored-by:Will Chen <willchen90@gmail.com> Co-authored-by:
-
- 12 2月, 2026 24 次提交
-
-
由 wwwillchen-bot 提交于
## Summary - Updates both `pr-push.md` and `fast-push.md` commands to automatically remove the `needs-human:review-issue` label after pushing - This label indicates the issue needed human review before work started, which is now complete once the PR is pushed ## Test plan - Run `/dyad:pr-push` on a PR with the `needs-human:review-issue` label and verify it gets removed - Run `/dyad:fast-push` and verify the same behavior
🤖 Generated with [Claude Code](https://claude.com/claude-code) <!-- devin-review-badge-begin --> --- <a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2654" target="_blank"> <picture> <source media="(prefers-color-scheme: dark)" srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1"> <img src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1" alt="Open with Devin"> </picture> </a> <!-- devin-review-badge-end --> <!-- This is an auto-generated description by cubic. --> --- ## Summary by cubic Automatically removes the needs-human:review-issue label after pushing in pr-push and fast-push, so issues reflect that human review is complete. Keeps PRs and labels in sync without manual cleanup. - **New Features** - pr-push and fast-push run gh pr edit --remove-label "needs-human:review-issue" after push, gracefully handling cases where the label doesn’t exist. <sup>Written for commit 5d9bd27c187502459b83bfde12b960a0f89c5cd5. Summary will update on new commits.</sup> <!-- End of auto-generated description by cubic. --> Co-authored-by: -
由 Will Chen 提交于
## Summary - Add `$(cat ...)` as a safe command substitution pattern in the gh permission hook, allowing commands like `gh api graphql -f query="$(cat /tmp/query.graphql)" > /tmp/output.json` to passthrough instead of being blocked - Add safe pipe and redirect handling to the python permission hook, allowing pytest commands with `2>&1 | tail` output formatting patterns - Move `| cat` from blocked to allowed in python hook tests since `cat` is a safe read-only command #skip-bugbot ## Test plan - [x] All gh permission hook tests pass (572 good commands, 406 bad commands) - [x] All python permission hook tests pass (good, bad, passthrough, security-blocked) - [x] npm test passes (803 tests)
🤖 Generated with [Claude Code](https://claude.com/claude-code) <!-- devin-review-badge-begin --> --- <a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2653" target="_blank"> <picture> <source media="(prefers-color-scheme: dark)" srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1"> <img src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1" alt="Open with Devin"> </picture> </a> <!-- devin-review-badge-end --> <!-- This is an auto-generated description by cubic. --> --- ## Summary by cubic Relaxed shell injection checks in GH and Python permission hooks to allow common read-only patterns like $(cat ...), pipes to safe tools, and simple redirects. This reduces false blocks while keeping unsafe substitutions and pipelines guarded. - **Bug Fixes** - GH hook: treat $(cat ...) as a safe command substitution and neutralize it before checks. - Python hook: allow pipes to common text tools (e.g., tail, grep, cat) and redirects like 2>&1 and >/dev/null. - Tests: move python `| cat` to allowed; add cases for gh `$(cat ...)` and pytest `2>&1 | tail`. <sup>Written for commit b1695c6e09bdc58288197ae2ab79745947fcca59. Summary will update on new commits.</sup> <!-- End of auto-generated description by cubic. --> Co-authored-by: -
由 wwwillchen-bot 提交于
## Summary - Adds a GitHub Actions workflow that reviews Claude rules files (AGENTS.md and .mcp.json) on pull requests - The workflow checks for proper formatting and content in configuration files - Helps maintain quality of agent configuration and rules ## Test plan - PR review workflow will run on this PR - Verify the workflow file is valid YAML and GitHub Actions syntax #skip-bugbot
🤖 Generated with [Claude Code](https://claude.com/claude-code) <!-- devin-review-badge-begin --> --- <a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2652" target="_blank"> <picture> <source media="(prefers-color-scheme: dark)" srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1"> <img src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1" alt="Open with Devin"> </picture> </a> <!-- devin-review-badge-end --> <!-- This is an auto-generated description by cubic. --> --- ## Summary by cubic Adds a weekly workflow that audits AGENTS.md and the rules/ directory and opens a single issue with keep/update/remove recommendations and proposed gaps. Keeps our agent guidance current and trims low‑value rules. - **New Features** - Adds .github/workflows/claude-rules-review.yml running Mondays at 13:00 UTC and via manual trigger. - Uses anthropics/claude-code-action@v1 in direct mode with restricted tools and a 30‑minute timeout (model set via claude_args). - Closes any prior agent-review issues before creating a new summary; ensures documentation and agent-review labels exist. - Requires CLAUDE_CODE_OAUTH_TOKEN; uses GITHUB_TOKEN; shallow clone to last 200 commits; minimal permissions (contents: read, issues: write). <sup>Written for commit 820abfb2c8cc30ece2743ac71f021e371d250c23. Summary will update on new commits.</sup> <!-- End of auto-generated description by cubic. --> --------- Co-authored-by:claude[bot] <41898282+claude[bot]@users.noreply.github.com> Co-authored-by:
cubic-dev-ai[bot] <191113872+cubic-dev-ai[bot]@users.noreply.github.com>
-
由 Will Chen 提交于
## Summary - Extend the nightly disk cleanup workflow to run on both ci1 and ci2 self-hosted macOS runners - Update the guard step to accept ci2 as a valid runner name ## Test plan - Verify the workflow file syntax is correct - The nightly cleanup will run on both ci1 and ci2 runners
🤖 Generated with [Claude Code](https://claude.com/claude-code) <!-- devin-review-badge-begin --> --- <a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2645" target="_blank"> <picture> <source media="(prefers-color-scheme: dark)" srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1"> <img src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1" alt="Open with Devin"> </picture> </a> <!-- devin-review-badge-end --> <!-- This is an auto-generated description by cubic. --> --- ## Summary by cubic Extend the nightly disk cleanup to run on both ci1 and ci2 using a strategy matrix with fail-fast: false so each runner executes independently. Removed the guard step and related conditions, and updated comments to reflect both runners. <sup>Written for commit d1a2a3d4d8d1392960aabf536afb152a9db89698. Summary will update on new commits.</sup> <!-- End of auto-generated description by cubic. --> <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **Low Risk** > Low risk CI workflow change that only affects scheduled cleanup execution on self-hosted runners; main risk is increased load or unexpected cleanup behavior now running on `ci2` as well. > > **Overview** > Expands the nightly macOS runner disk cleanup workflow to run on both self-hosted runners `ci1` and `ci2` by switching the job to a matrix strategy and targeting `runs-on: ${{ matrix.runner }}`. > > Removes the previous runner-name guard and conditional step execution so the cleanup script always runs for each matrix runner invocation. > > <sup>Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit d1a2a3d4d8d1392960aabf536afb152a9db89698. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).</sup> <!-- /CURSOR_SUMMARY --> --------- Co-authored-by: -
由 wwwillchen-bot 提交于
## Summary - Store Dyad Pro status in localStorage for telemetry access - Sample 10% of events for non-Pro users (error events always sent) - Pro users continue to send all events ## Test plan - Verify telemetry events are sampled correctly for non-Pro users - Confirm error events are always sent regardless of Pro status - Test Pro users still send all events
🤖 Generated with [Claude Code](https://claude.com/claude-code) <!-- devin-review-badge-begin --> --- <a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2642" target="_blank"> <picture> <source media="(prefers-color-scheme: dark)" srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1"> <img src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1" alt="Open with Devin"> </picture> </a> <!-- devin-review-badge-end --> <!-- This is an auto-generated description by cubic. --> --- ## Summary by cubic Adds telemetry sampling for non‑Pro users to reduce event volume while keeping error visibility. Stores Dyad Pro status in localStorage; Pro users keep sending all events. - **New Features** - Save Dyad Pro status in localStorage (dyadProStatus) and expose isDyadProUser(). - Sample PostHog events for non‑Pro: send 10% of non‑error events; always send errors. - No change for Pro users; all events continue to be sent. <sup>Written for commit 685922c99bc83c6c1d3c6e58a99761037894bc2b. Summary will update on new commits.</sup> <!-- End of auto-generated description by cubic. --> Co-authored-by: -
由 Mohamed Aziz Mejri 提交于
<!-- devin-review-badge-begin --> --- <a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2561" target="_blank"> <picture> <source media="(prefers-color-scheme: dark)" srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1"> <img src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1" alt="Open with Devin"> </picture> </a> <!-- devin-review-badge-end --> <!-- This is an auto-generated description by cubic. --> --- ## Summary by cubic Refreshes the chat input UI for a cleaner look and consistent controls. Adds per‑mode icons and clearer visual states across inputs, pickers, and actions. - **UI Improvements** - Unified control sizing (h-7, text-xs, rounded-lg); vertical align center; input row aligns to end; removed spacer divs. - Borderless triggers for Mode/Model/Tools/Pro with subtle hover; smaller icons; muted “Model:”; mode chips show icons for all modes; Ask/Plan get color accents. - Input boxes rounded-2xl with focus-within ring; home input gets hover border; context banner rounded-t-2xl. - Send/Cancel use text-color hovers with clearer disabled; Cancel turns destructive on hover; Auxiliary Actions is circular with gentle hover scale. - Increased input padding and 15px text with repositioned placeholder; trimmed outer and MessagesList padding for tighter alignment; home send icon switched to SendHorizontal. <sup>Written for commit 301875efc229e998e9ba52b2eeeac057bd017b16. Summary will update on new commits.</sup> <!-- End of auto-generated description by cubic. --> --------- Co-authored-by:
-
由 Will Chen 提交于
## Summary - Fix scroll behavior when switching between chats with existing messages - Use double `requestAnimationFrame` to wait for Virtuoso to render before scrolling to bottom when switching chats - Distinguish between chat switches and new message sends to handle scrolling appropriately - Avoid premature scrolling when switching to chats where messages haven't been fetched yet ## Test plan 1. Open Dyad and start a chat with some messages 2. Start another chat with messages 3. Switch between chats and verify scroll position stays at the bottom 4. Send a new message and verify it scrolls to show the new message
🤖 Generated with [Claude Code](https://claude.com/claude-code) <!-- devin-review-badge-begin --> --- <a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2643" target="_blank"> <picture> <source media="(prefers-color-scheme: dark)" srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1"> <img src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1" alt="Open with Devin"> </picture> </a> <!-- devin-review-badge-end --> <!-- This is an auto-generated description by cubic. --> --- ## Summary by cubic Fixes chat auto-scroll to keep the view anchored at the bottom when switching chats or sending messages. Prevents flicker and jumps before messages render. - **Bug Fixes** - Distinguish chat switches vs new sends; adjust scroll timing accordingly. - On chat switch with existing messages, wait for Virtuoso to render (double requestAnimationFrame), then scroll to bottom instantly. - On new message send, wait for the placeholder to render (double requestAnimationFrame) before scrolling; skip auto-scroll when switching to a chat with no messages yet. <sup>Written for commit 8814a601a9615b60efbfbff0aff5b7150a75fa63. Summary will update on new commits.</sup> <!-- End of auto-generated description by cubic. --> <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **Low Risk** > Scoped to `ChatPanel` scroll timing logic; risk is limited to possible UI regressions (missed/extra scroll) when switching chats or starting streams. > > **Overview** > Fixes `ChatPanel` auto-scroll behavior by **distinguishing chat switches from new stream starts** and delaying the scroll until after Virtuoso has rendered. > > On chat switch, it now scrolls to bottom *only after messages exist* (avoiding premature scroll before fetch/render) and uses a double `requestAnimationFrame` with `instant` scrolling; on new message sends (`streamCount` changes), it similarly waits for render before scrolling with the default behavior. > > <sup>Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit 8814a601a9615b60efbfbff0aff5b7150a75fa63. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).</sup> <!-- /CURSOR_SUMMARY --> --------- Co-authored-by: -
由 wwwillchen-bot 提交于
## Summary - Remove the unused `ChatActivity.tsx` component - Clean up all references including i18n translations (en, pt-BR, zh-CN) - Update e2e test helpers and concurrent chat spec to remove ChatActivity-related code ## Test plan - [x] Lint checks pass - [x] TypeScript compilation succeeds - [x] All 33 test files pass
🤖 Generated with [Claude Code](https://claude.com/claude-code) <!-- devin-review-badge-begin --> --- <a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2648" target="_blank"> <picture> <source media="(prefers-color-scheme: dark)" srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1"> <img src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1" alt="Open with Devin"> </picture> </a> <!-- devin-review-badge-end --> <!-- This is an auto-generated description by cubic. --> --- ## Summary by cubic Removed the unused ChatActivity component and the bell entry point. Updated tests and i18n; e2e now targets the chat tabs “in progress” indicator instead of the activity list. - **Refactors** - Deleted ChatActivity.tsx and removed ChatActivityButton from TitleBar and ActionHeader. - Removed related i18n keys in en, pt-BR, and zh-CN. - Dropped e2e helpers for the activity list and updated concurrent_chat.spec to select the “Chat in progress” tab. <sup>Written for commit b005943bc7b87c8dfe6375504fbbbca088b7aabb. Summary will update on new commits.</sup> <!-- End of auto-generated description by cubic. --> --------- Co-authored-by: -
由 wwwillchen-bot 提交于
## Summary - Changed `navigateToRoute()` to use `postMessage` + `location.replace()` pattern instead of direct `location.href` assignment - This matches the approach used by back/forward navigation buttons and provides smooth navigation without the black screen flicker and sidebar state reset - Also added proper `currentIframeUrlRef` and `preservedUrls` updates for HMR remount consistency Fixes #2428 ## Test plan - [x] Build succeeds - [x] Unit tests pass (784 tests) - [x] E2E tests pass for preview navigation (`npm run e2e -- --grep "preview navigation"`) - Manual testing: Open a multi-page app, use the route dropdown to navigate between routes - should no longer see black screen flicker or sidebar collapse
🤖 Generated with [Claude Code](https://claude.com/claude-code) <!-- devin-review-badge-begin --> --- <a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2610" target="_blank"> <picture> <source media="(prefers-color-scheme: dark)" srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1"> <img src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1" alt="Open with Devin"> </picture> </a> <!-- devin-review-badge-end --> <!-- This is an auto-generated description by cubic. --> --- ## Summary by cubic Fixes #2428: removes black screen flicker and sidebar collapse when selecting routes from the preview dropdown. Navigation now uses postMessage + location.replace and keeps the iframe src stable across SPA navigation and HMR. - **Bug Fixes** - Use postMessage + location.replace to navigate; prevents flicker and preserves sidebar state. - Freeze iframe src with useMemo and same-origin check so SPA nav/HMR don’t reset it; added e2e test to verify src remains unchanged. - Sync navigation state: history, canGoBack/canGoForward, currentIframeUrlRef, and per-app preservedUrls (clears on root). <sup>Written for commit 1bdd7635ea432c564fe77fea57062df1a9d2f56d. Summary will update on new commits.</sup> <!-- End of auto-generated description by cubic. --> --------- Co-authored-by: -
由 Mohamed Aziz Mejri 提交于
<!-- devin-review-badge-begin --> --- <a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2563" target="_blank"> <picture> <source media="(prefers-color-scheme: dark)" srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1"> <img src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1" alt="Open with Devin"> </picture> </a> <!-- devin-review-badge-end --> <!-- This is an auto-generated description by cubic. --> --- ## Summary by cubic Show a dialog after dragging or pasting files into chat to choose how to attach them—as chat context or upload to codebase. This makes intent explicit and blocks submit, drop, and paste until you choose. - **New Features** - Added FileAttachmentTypeDialog; integrated in ChatInput and HomeChatInput. i18n (en, pt-BR, zh-CN) with singular/plural titles and descriptions. - Updated useAttachments with pendingFiles and confirm/cancel. Drag/paste set pendingFiles; prevent attaching while pending; clearAttachments also clears pendingFiles; submit blocked when dialog is open. - Fixed e2e to select “Attach file as chat context”; dialog buttons use type="button" with focus-visible ring. - **Refactors** - confirmPendingFiles reuses addAttachments to deduplicate logic. <sup>Written for commit b625847b5ed5f82bea4616db27b87b16b5b33613. Summary will update on new commits.</sup> <!-- End of auto-generated description by cubic. --> --------- Co-authored-by:
-
由 Will Chen 提交于
## Summary - Extends the `deflake-e2e-recent-commits` command to also gather flaky tests from open PRs authored by `wwwillchen` and `wwwillchen-bot` - Parses Playwright Test Results comments on these PRs to extract flaky test names - Provides more comprehensive coverage for deflaking efforts by combining main branch CI runs with PR-reported flakes ## Test plan - Run `/dyad:deflake-e2e-recent-commits` and verify it now scans both main branch CI runs AND open PRs by the specified authors - Verify flaky tests from PR comments are correctly parsed and added to the deflake list
🤖 Generated with [Claude Code](https://claude.com/claude-code) <!-- devin-review-badge-begin --> --- <a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2647" target="_blank"> <picture> <source media="(prefers-color-scheme: dark)" srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1"> <img src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1" alt="Open with Devin"> </picture> </a> <!-- devin-review-badge-end --> <!-- This is an auto-generated description by cubic. --> --- ## Summary by cubic Extends deflake-e2e-recent-commits to also scan open PRs by wwwillchen and wwwillchen-bot for Playwright-reported flaky tests. This broadens coverage beyond main-branch CI and improves deflaking accuracy. - **New Features** - Lists recent open PRs by wwwillchen and wwwillchen-bot. - Parses the latest “Playwright Test Results” bot comment to extract flaky test titles. - Merges PR-derived flakes with main-branch results, de-duplicates, and notes PR sources in the summary. - Updates no-results message to include PRs (“recent commits or PRs”). <sup>Written for commit 32766d69227eb2454f45899e5784021161765019. Summary will update on new commits.</sup> <!-- End of auto-generated description by cubic. --> <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **Low Risk** > Documentation-only change that broadens the data sources described for collecting flaky tests; no runtime or production code is modified. > > **Overview** > Extends the `.claude` command `deflake-e2e-recent-commits` to **collect flaky Playwright tests from two sources**: recent `main` CI `html-report` artifacts *and* the latest “Playwright Test Results” bot comment on recent open PRs authored by `wwwillchen`/`wwwillchen-bot`. > > Updates the instructions to include the PR scanning/parsing workflow, to attribute flakes by source in the final report, and to change the no-flakes message to cover “recent commits or PRs.” > > <sup>Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit 32766d69227eb2454f45899e5784021161765019. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).</sup> <!-- /CURSOR_SUMMARY --> Co-authored-by: -
由 wwwillchen-bot 提交于
## Summary - Add error dialog handling in capacitor.spec.ts to gracefully dismiss sync errors that may occur in E2E environment due to missing CocoaPods/Xcode - Improve timing and wait logic in select_component.spec.ts for Next.js apps which take longer to compile and start the dev server - Update snapshot to use placeholder for system message instead of hardcoded content ## Test plan - Run `npm run test:e2e -- --grep "capacitor"` to verify the Capacitor test improvements - Run `npm run test:e2e -- --grep "select component next.js"` to verify the Next.js component selection test improvements - Verify that tests pass consistently without flakiness
🤖 Generated with [Claude Code](https://claude.com/claude-code) <!-- devin-review-badge-begin --> --- <a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2646" target="_blank"> <picture> <source media="(prefers-color-scheme: dark)" srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1"> <img src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1" alt="Open with Devin"> </picture> </a> <!-- devin-review-badge-end --> <!-- This is an auto-generated description by cubic. --> --- ## Summary by cubic Stabilizes E2E tests by handling Capacitor sync errors and improving Next.js component selection timing to reduce flakiness. Also updates the snapshot to use a system message placeholder. - **Bug Fixes** - Capacitor: wait for sync completion and dismiss error dialog when CocoaPods/Xcode are missing. - Next.js: wait for preview iframe and heading visibility; add retry with toPass() for component selection. - Snapshot: replace hardcoded system message with [[SYSTEM_MESSAGE]] placeholder. <sup>Written for commit 0e33279d8d18c124ca11e95818ce76b8d9b7b4de. Summary will update on new commits.</sup> <!-- End of auto-generated description by cubic. --> Co-authored-by: -
由 Will Chen 提交于
## Summary - Replace generic review prompts with three distinct reviewer personas (correctness, code-health, UX) - Each reviewer has a specialized focus area for more targeted feedback - Update workflow trigger to include skills directory changes ## Test plan - Verify the PR review workflow triggers correctly on PR changes - Confirm each reviewer persona produces relevant, focused feedback
🤖 Generated with [Claude Code](https://claude.com/claude-code) <!-- devin-review-badge-begin --> --- <a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2644" target="_blank"> <picture> <source media="(prefers-color-scheme: dark)" srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1"> <img src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1" alt="Open with Devin"> </picture> </a> <!-- devin-review-badge-end --> <!-- This is an auto-generated description by cubic. --> --- ## Summary by cubic Refactors multi-pr-review to use three specialized reviewer personas—Correctness, Code Health, and UX—for more focused, actionable PR feedback. Updates the GitHub workflow to call the new skill. - **Refactors** - Added persona templates: correctness-reviewer.md, code-health-reviewer.md, ux-reviewer.md. - Updated SKILL.md with persona roles, severity guidance, and new references. - Removed old generic prompts: review_prompt_default.md and review_prompt_code_health.md. - Switched workflow command to /dyad:multi-pr-review. <sup>Written for commit f761c88cec8a91be810ca55f66db39b5b7acfa4e. Summary will update on new commits.</sup> <!-- End of auto-generated description by cubic. --> <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **Medium Risk** > Changes affect the automated PR review pipeline and remove prompt files that the orchestrator may still reference, which could break CI-based reviews if not updated in lockstep. > > **Overview** > Updates the `dyad:multi-pr-review` documentation/spec to describe **three specialized sub-agent personas** (Correctness, Code Health, UX) and expands severity guidance to explicitly include UX blockers/degradations. > > Adds new persona reference docs (`correctness-reviewer.md`, `code-health-reviewer.md`, `ux-reviewer.md`) and removes the prior generic prompt templates (`review_prompt_default.md`, `review_prompt_code_health.md`). The PR review workflow is also updated to run `/dyad:multi-pr-review` instead of the previous command. > > <sup>Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit f761c88cec8a91be810ca55f66db39b5b7acfa4e. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).</sup> <!-- /CURSOR_SUMMARY --> Co-authored-by: -
由 Will Chen 提交于
## Summary - Extends the existing `gh pr` shell injection exemption to also cover `gh issue` commands in the permission hook - `gh issue create/comment/edit` frequently contain markdown in `--body` with backticks, pipes, `**bold**`, etc. that were incorrectly flagged as injection attempts - Added 50+ test cases covering `gh issue` and `gh pr` commands with rich markdown body content ## Test plan - [x] All 977 hook permission tests pass (`python .claude/hooks/tests/test_gh_permission_hook.py`) - [x] `npm run fmt && npm run lint:fix && npm run ts` passes - [x] `npm test` passes (33/33 test files) #skip-bugbot
🤖 Generated with [Claude Code](https://claude.com/claude-code) <!-- devin-review-badge-begin --> --- <a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2638" target="_blank"> <picture> <source media="(prefers-color-scheme: dark)" srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1"> <img src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1" alt="Open with Devin"> </picture> </a> <!-- devin-review-badge-end --> <!-- This is an auto-generated description by cubic. --> --- ## Summary by cubic Extend the shell injection exemption to gh issue commands to prevent false positives on markdown in --body (backticks, pipes, bold). Other gh commands remain protected by injection checks. - **Bug Fixes** - Exempted "gh issue ..." (and kept "gh pr ...") from shell injection checks in the permission hook. - Added 50+ tests for rich markdown bodies across gh issue and gh pr commands. - Moved six gh issue cases from bad_commands to good_commands to match the exemption. - Preserved injection checks for all other gh commands. <sup>Written for commit e168f9b81384568475cbcb81a92ef19a0963c7a6. Summary will update on new commits.</sup> <!-- End of auto-generated description by cubic. --> Co-authored-by: -
由 Will Chen 提交于
## Summary Adds a comprehensive GitHub Actions workflow that automatically responds to pull requests with AI-powered code reviews and automated fixes. The workflow handles PR labeling, manages retry logic (up to 3 retries), and integrates with Claude Code for automated problem resolution. ## Test plan - Verify the workflow is properly formatted and no syntax errors exist - Check that the workflow triggers on the correct events (pull_request_target with labels and workflow_run) - Verify that only trusted maintainers (wwwillchen, wwwillchen-bot) can trigger the workflow - Test the retry logic by checking label transitions (cc:request → cc:pending → cc:request:N) - Confirm the workflow creates meaningful git commits through Claude Code - Verify proper cleanup of labels when max retries (4 total) are reached
🤖 Generated with [Claude Code](https://claude.com/claude-code) <!-- devin-review-badge-begin --> --- <a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2641" target="_blank"> <picture> <source media="(prefers-color-scheme: dark)" srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1"> <img src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1" alt="Open with Devin"> </picture> </a> <!-- devin-review-badge-end --> <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **Low Risk** > Small workflow change, but it affects automation that can push to PR branches; failure modes are limited to CI/labeling behavior. > > **Overview** > The `PR Review Responder` workflow now runs an additional Claude Code step after `/dyad:pr-fix` to push any local commits that may have been created but not pushed (via a new `/dyad:fast-push` invocation). > > This reduces cases where the workflow would proceed to “check if commits were pushed” and label transitions without the PR branch actually being updated. > > <sup>Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit 27a3059357b5f2511abc39d1a7c3aedccd92b38c. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).</sup> <!-- /CURSOR_SUMMARY --> <!-- This is an auto-generated description by cubic. --> --- ## Summary by cubic Adds a GitHub Actions workflow that automatically reviews pull requests, manages labels/retry logic, and applies fixes via Claude Code. Adds a fallback step to push any unpushed commits to ensure downstream workflows run and PR labels update correctly. <sup>Written for commit 27a3059357b5f2511abc39d1a7c3aedccd92b38c. Summary will update on new commits.</sup> <!-- End of auto-generated description by cubic. --> -
由 Will Chen 提交于
## Summary Adds a new `/feedback-to-issues` command that converts customer feedback (usually emails or support tickets) into discrete GitHub issues. The command: - Parses feedback to extract concrete, actionable issues - Searches for existing duplicate issues on GitHub - Proposes new issues for user approval - Creates approved issues - Drafts a professional reply email to the customer ## Features - **Duplicate detection**: Searches GitHub with multiple keyword variations - **User approval workflow**: Shows proposed issues for review before creating - **Draft reply email**: Generates a response email acknowledging all items This is a useful tool for managing customer feedback and support tickets at scale. <!-- devin-review-badge-begin --> --- <a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2639" target="_blank"> <picture> <source media="(prefers-color-scheme: dark)" srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1"> <img src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1" alt="Open with Devin"> </picture> </a> <!-- devin-review-badge-end --> <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **Low Risk** > Documentation-only addition of a new Claude command; no application/runtime code paths change. > > **Overview** > Adds a new Claude command spec, `/.claude/commands/dyad/feedback-to-issues.md`, to turn pasted (or file-based) customer feedback into actionable GitHub issues. > > The workflow explicitly guides parsing feedback into discrete items, searching `gh issue list` for potential duplicates, presenting *already filed* vs *proposed* issues for **user approval**, then creating approved issues via `gh issue create` and drafting a reply email linking the resulting issues. > > <sup>Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit 546a1ace575909596613fa3b5863421bbafe1594. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).</sup> <!-- /CURSOR_SUMMARY --> <!-- This is an auto-generated description by cubic. --> --- ## Summary by cubic Adds a new /feedback-to-issues command that turns customer emails or tickets into actionable GitHub issues. It checks for duplicates, requires approval before creating issues, and drafts a reply email with links. - **New Features** - Parses feedback into discrete issues with clear titles, types, and priorities. - Searches GitHub for duplicates using multiple keyword variations (open and closed). - Presents a review report and creates only approved issues via gh. - Drafts a concise customer reply that references existing and newly created issues. <sup>Written for commit 546a1ace575909596613fa3b5863421bbafe1594. Summary will update on new commits.</sup> <!-- End of auto-generated description by cubic. -->
-
由 Will Chen 提交于
## Summary - Update claude-pr-review.yml with latest configuration - Adjust settings for improved PR review automation ## Changes - Modified `.github/workflows/claude-pr-review.yml` with updated configuration ## Test plan - Workflow configuration has been validated by lint checks - No breaking changes to existing functionality
🤖 Generated with [Claude Code](https://claude.com/claude-code) <!-- devin-review-badge-begin --> --- <a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2640" target="_blank"> <picture> <source media="(prefers-color-scheme: dark)" srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1"> <img src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1" alt="Open with Devin"> </picture> </a> <!-- devin-review-badge-end --> <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **Low Risk** > Workflow-only change that limits job runtime; low risk beyond possibly timing out unusually long review runs. > > **Overview** > Adds a 30-minute `timeout-minutes` to the `claude-review` job in `.github/workflows/claude-pr-review.yml` to prevent the automated PR review workflow from running indefinitely. > > <sup>Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit 75736d6b53a2104d2fe2a030dc0101aabc72f6c6. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).</sup> <!-- /CURSOR_SUMMARY --> <!-- This is an auto-generated description by cubic. --> --- ## Summary by cubic Set a 30-minute timeout for the Claude PR Review GitHub Actions job to prevent runaway runs and improve reliability. Added timeout-minutes: 30 to .github/workflows/claude-pr-review.yml; no functional changes to triggers or permissions. <sup>Written for commit 75736d6b53a2104d2fe2a030dc0101aabc72f6c6. Summary will update on new commits.</sup> <!-- End of auto-generated description by cubic. --> -
由 wwwillchen-bot 提交于
## Summary - Prefetch user budget on app initialization to ensure budget info is available immediately on load - Invalidate user budget query when Dyad Pro API key is saved to reflect updated subscription status immediately - Added documentation for React Query prefetch and invalidation patterns to AGENTS.md ## Test plan - Verify that user budget data loads on app startup - Test saving a Dyad Pro API key and confirm the budget information updates automatically - Check that the app continues to work correctly without a Dyad Pro subscription
🤖 Generated with [Claude Code](https://claude.com/claude-code) <!-- devin-review-badge-begin --> --- <a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2632" target="_blank"> <picture> <source media="(prefers-color-scheme: dark)" srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1"> <img src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1" alt="Open with Devin"> </picture> </a> <!-- devin-review-badge-end --> <!-- This is an auto-generated description by cubic. --> --- ## Summary by cubic Prefetches the user budget on app load and invalidates the budget query after saving a Dyad Pro API key, so subscription status and budget update instantly. Adds React Query docs for prefetch and invalidation patterns. <sup>Written for commit 92b15f29cda8b9b19ba04d281c6e3774ea3928c8. Summary will update on new commits.</sup> <!-- End of auto-generated description by cubic. --> Co-authored-by: -
由 Will Chen 提交于
## Summary - Update language model constants with latest model configurations and pricing - Add support for new model versions across multiple providers - Improve model descriptions and configuration parameters ## Test plan - Verify that the application loads with all model configurations - Test model selection in the UI - Confirm no TypeScript or lint errors
🤖 Generated with [Claude Code](https://claude.com/claude-code) <!-- devin-review-badge-begin --> --- <a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2633" target="_blank"> <picture> <source media="(prefers-color-scheme: dark)" srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1"> <img src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1" alt="Open with Devin"> </picture> </a> <!-- devin-review-badge-end --> <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **Low Risk** > Primarily updates configuration/constants for model selection; main behavioral change is the expanded free-model name matching which could alter which OpenRouter models are used in fallback. > > **Overview** > Adds the new Anthropic model `claude-opus-4-6` (with updated token limits/pricing metadata) to the selectable model options. > > Refreshes OpenRouter model options by introducing a generic `openrouter/free` entry, adding `z-ai/glm-5`, tweaking `glm-4.7` description, and removing older explicit free-model entries and `moonshotai/kimi-k2-0905`. Updates `FREE_OPENROUTER_MODEL_NAMES` to treat both `:free` and `/free` model names as free, which changes which models can be selected in the auto free fallback. > > <sup>Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit d192033357d87355a9d414269a19a348c3faef6d. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).</sup> <!-- /CURSOR_SUMMARY --> <!-- This is an auto-generated description by cubic. --> --- ## Summary by cubic Updated language model constants with the latest configs and pricing to keep model selection current. Adds new models and improves free model detection for OpenRouter. - **New Features** - Added Claude Opus 4.6 (1M context, 32k max output). - Added OpenRouter “free” model and Z‑AI GLM 5; updated GLM 4.7 description. - Updated context windows, temperatures, and pricing; removed deprecated free entries and Kimi K2 0905. - **Bug Fixes** - Free model detection now supports names ending with “/free” (not just “:free”). <sup>Written for commit d192033357d87355a9d414269a19a348c3faef6d. Summary will update on new commits.</sup> <!-- End of auto-generated description by cubic. --> -
由 Will Chen 提交于
#skip-bb <!-- devin-review-badge-begin --> --- <a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2628" target="_blank"> <picture> <source media="(prefers-color-scheme: dark)" srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1"> <img src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1" alt="Open with Devin"> </picture> </a> <!-- devin-review-badge-end --> <!-- This is an auto-generated description by cubic. --> --- ## Summary by cubic Improved the local agent system prompt for clarity, safety, and consistency across Pro/Basic/Ask modes. Added prompt snapshot tests and stabilized Playwright snapshots by masking system messages in both input and message dumps. - **Refactors** - Shared COMMON_GUIDELINES across all modes; strengthened security guidance; added concise-explanations and Help-button guidance. - Added Vitest snapshot tests for agent/basic/ask prompts and the e2e:p3 script (parallelism=3, retries=1). - **Bug Fixes** - Masked system messages in body.input and body.messages for all dump types to make Playwright snapshots deterministic; updated affected snapshots. <sup>Written for commit 162030ad2a8c1db3e3905b7d6ac30b518d05dbda. Summary will update on new commits.</sup> <!-- End of auto-generated description by cubic. -->
-
由 Will Chen 提交于
- Extract shared helpers (formatSettingsLines, formatSystemInfoSection, openGitHubIssue) to eliminate duplication between Report a Bug and Upload Chat Session flows - Extract reusable components (AnimatedScreen, ReviewDetailsSection, CopyButton) for modularity - Add smooth slide animations between dialog screens using framer-motion, with no animation on initial open - Collapse all review screen sections into accordions - Redesign upload complete screen: inline checkmark, animated copy button, Create GitHub Issue button above warning banner - Include error logs and system info in Upload Chat Session's GitHub issue (previously only in Report a Bug) - Add visual hierarchy to main screen: bordered cards for each report option, labeled divider separating self-help from issue reporting - Show clear "Open a chat first" warning when no chat is selected <!-- devin-review-badge-begin --> --- <a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2629" target="_blank"> <picture> <source media="(prefers-color-scheme: dark)" srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1"> <img src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1" alt="Open with Devin"> </picture> </a> <!-- devin-review-badge-end --> <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **Low Risk** > Primarily UI/UX refactoring and animation changes, plus expanded GitHub issue prefill content; low risk but could affect support/reporting flow behavior if screen navigation or issue URL construction regresses. > > **Overview** > Refactors `HelpDialog` into a 3-screen flow (`main` → `review` → `upload-complete`) with slide transitions via `framer-motion`, including reusable subcomponents (`AnimatedScreen`, `ReviewDetailsSection`, `CopyButton`) and a navigation helper. > > Unifies GitHub issue creation for both bug reports and session uploads with shared formatting helpers and `openGitHubIssue`, and **expands session-upload issues to include system info, settings, and recent logs** (plus a `v2:` session ID prefix). Updates the main screen layout into clearer “self-help” vs “report an issue” sections with card styling and a disabled-state warning when no chat is selected, and makes review sections collapsible plus redesigns the upload-complete screen with an animated copy affordance and a clearer call-to-action to create the GitHub issue. > > <sup>Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit a3b76962ec8796ce1a081dcfb8447d5da4d2e15b. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).</sup> <!-- /CURSOR_SUMMARY --> Co-authored-by:
Cursor <cursoragent@cursor.com>
-
由 Will Chen 提交于
<!-- devin-review-badge-begin --> --- <a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2619" target="_blank"> <picture> <source media="(prefers-color-scheme: dark)" srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1"> <img src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1" alt="Open with Devin"> </picture> </a> <!-- devin-review-badge-end --> <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **Medium Risk** > Introduces new cross-cutting chat navigation UI and new tab-state atoms that affect chat selection/creation/deletion flows; risk is mainly UX/state regressions and e2e flakiness rather than security. > > **Overview** > **Adds browser-like chat tabs in the title bar.** Introduces `ChatTabs` with draggable visible tabs, an overflow menu, per-tab close (incl. middle-click), streaming-in-progress indicator, and “new activity” dot, plus i18n strings for accessible labels. > > **Persists and coordinates tab state across navigation.** Adds `recentViewedChatIds`/`closedChatIds` atoms and helpers to keep MRU ordering, prevent explicitly closed tabs from reappearing, prune stale IDs, and choose an adjacent fallback chat when closing the active tab (navigating home if none). > > **Updates chat creation/selection flows and tests.** Refactors `useSelectChat` to optionally preserve tab order; updates Home/CreateApp/ChatHeader/ChatList to use it and invalidate chat queries so new chats appear in tabs immediately; adds stable `new-chat-button` test IDs, new unit tests for tab helpers/atoms, and new Playwright e2e coverage for tab render/switch/close behavior. > > **Build tooling/doc tweaks.** Bumps Node engine requirement to `>=24` and updates `rules/git-workflow.md` guidance for engine conflict resolution and stash handling. > > <sup>Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit 982cef98ff0d3c1552097a91f59196fd07d47602. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).</sup> <!-- /CURSOR_SUMMARY --> <!-- This is an auto-generated description by cubic. --> --- ## Summary by cubic Adds browser-like tabs to the chat title bar for fast multi-chat navigation. Refines tab behavior, accessibility, and creation/deletion flows so tabs stay accurate, responsive, and preserve tab order. - **New Features** - ChatTabs in TitleBar: MRU ordering; drag-to-reorder (visible tabs); overflow dropdown with live count; streaming spinner; post-stream notification dot; middle-click close; WCAG 24x24 close targets; tooltips; accessible labels and focus-visible rings; i18n labels for “Chat in progress” and “New activity” (en, pt-BR, zh-CN); unit + e2e tests (incl. closed-tab state). - Persistent tab state via Jotai: recentViewedChatIds (cap 100) and closedChatIds so explicitly closed tabs don’t reappear; ensureRecentViewedChatId to keep tab order on route changes; Node engine bumped to >=24. - **Bug Fixes** - Close/selection: adjacent-tab fallback; closing the last tab navigates home; selecting a closed tab re-opens it; clear notifications on close; guard unknown/stale IDs; resolve selection loop; prune stale closed IDs; deleting the selected chat also navigates home. - Flows/accessibility: new-chat in ChatHeader uses correct invalidate/select order so tabs render immediately; route changes use ensureRecentViewedChatId to preserve order; overflow ARIA label uses actual overflow count; ResizeObserver attaches with async loads; title truncation respects max length; stable e2e selectors via new-chat-button; fixed CI npm sync via encoding; updated git workflow docs on stash review and engine conflicts; internal refactor with removeFromClosedSet helper to reduce duplication. <sup>Written for commit 982cef98ff0d3c1552097a91f59196fd07d47602. Summary will update on new commits.</sup> <!-- End of auto-generated description by cubic. --> --------- Co-authored-by:
-
由 Will Chen 提交于
## Summary - Replaces the old `ChatLogsDataSchema` with a new `SessionDebugBundleSchema` (schema version 1) that captures all non-sensitive data needed for debugging chat sessions - Each message now includes AI SDK JSON (with base64 images stripped), model name, token usage, timestamps, commit hashes, request ID, and approval state - Adds non-sensitive user settings snapshot, app metadata, custom provider/model definitions, and MCP server configurations to the debug bundle - Updates HelpDialog to use the new schema and adds `Session Schema: v2.0` marker to GitHub issue templates ## Test plan - [ ] Verify `npm run ts` passes (type-check) - [ ] Verify `npm run lint` passes - [ ] Verify `npm test` passes (all 661 unit tests) - [ ] Manual: Open Help dialog → Upload Chat Session → verify the review modal shows messages, codebase, logs, and system info correctly - [ ] Manual: Complete upload and verify the GitHub issue template includes `Session Schema: v2.0` - [ ] Manual: Download uploaded JSON and verify it contains: `schemaVersion`, `system`, `settings`, `app`, `chat` (with `aiMessagesJson` per message), `providers`, `mcpServers`, `codebase`, `logs` - [ ] Manual: Verify no API keys, OAuth tokens, or MCP env vars appear in uploaded data
🤖 Generated with [Claude Code](https://claude.com/claude-code) <!-- devin-review-badge-begin --> --- <a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2488"> <picture> <source media="(prefers-color-scheme: dark)" srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1"> <img src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1" alt="Open with Devin"> </picture> </a> <!-- devin-review-badge-end --> <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **Medium Risk** > Expands what gets captured and uploaded for support sessions (settings/app metadata/providers/MCP and richer message data), so any sanitization or schema mismatch could leak data or break the support upload flow. > > **Overview** > Switches chat-session uploads from `ChatLogsData` to a new versioned `SessionDebugBundle` (`SESSION_DEBUG_SCHEMA_VERSION = 2`) and updates the IPC contract/exports accordingly. > > The main-process handler now assembles a comprehensive bundle (system/runtime info, sanitized settings snapshot, app metadata, full chat messages with stripped image/file blobs, custom provider/model summaries, MCP server configs without env/header secrets, codebase snapshot, and last ~1000 log lines), and `HelpDialog` is updated to fetch/review/upload this bundle and annotate created GitHub issues with `Session Schema: v2.0` (plus adds a settings section to the bug report template). > > <sup>Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit 7b94199939aa6963787e8fe69716e20cd6570b7d. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).</sup> <!-- /CURSOR_SUMMARY --> --------- Co-authored-by: -
由 wwwillchen-bot 提交于
## Summary - Move the Plan mode option outside the `isProEnabled` conditional so it's accessible to all users - Agent v2 remains Pro-only - Plan mode allows users to design and plan before building, which is valuable for all users ## Test plan - [ ] Verify Plan mode appears in the chat mode selector for non-Pro users - [ ] Verify Agent v2 only appears for Pro users - [ ] Verify both modes work correctly when selected
🤖 Generated with [Claude Code](https://claude.com/claude-code) <!-- devin-review-badge-begin --> --- <a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2625" target="_blank"> <picture> <source media="(prefers-color-scheme: dark)" srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1"> <img src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1" alt="Open with Devin"> </picture> </a> <!-- devin-review-badge-end --> <!-- This is an auto-generated description by cubic. --> --- ## Summary by cubic Made Plan mode available to all users in the chat mode selector, and allowed plan-only flows to run without Pro while Agent v2 remains Pro-only. Exiting Plan now requires explicit user confirmation before switching to implementation. <sup>Written for commit 7c2749bfbffca819792f962b99c5c4e13aba7c99. Summary will update on new commits.</sup> <!-- End of auto-generated description by cubic. --> --------- Co-authored-by:
-
- 11 2月, 2026 8 次提交
-
-
由 Will Chen 提交于
## Summary - Two mid-turn compaction tests in `local_agent_handler.test.ts` were failing because mock messages lacked `createdAt` fields - `buildChatMessageHistory` and `getMidTurnCompactionSummaryIds` call `createdAt.getTime()` to detect mid-turn compaction summaries, causing a silent TypeError inside the async generator - Added `createdAt` timestamps to all mock messages and compaction summary messages in both tests ## Test plan - [x] `npm test` passes (786/786 tests) - [x] Both previously-failing mid-turn compaction tests now pass - [x] Lint, formatting, and type checks all pass #skip-bugbot
🤖 Generated with [Claude Code](https://claude.com/claude-code) <!-- devin-review-badge-begin --> --- <a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2624" target="_blank"> <picture> <source media="(prefers-color-scheme: dark)" srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1"> <img src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1" alt="Open with Devin"> </picture> </a> <!-- devin-review-badge-end --> <!-- This is an auto-generated description by cubic. --> --- ## Summary by cubic Fix failing mid-turn compaction tests by adding createdAt timestamps to mocked chat and summary messages. This prevents a silent TypeError in the async generator and restores test reliability. - **Bug Fixes** - Added createdAt to all test messages (including compaction summaries) so buildChatMessageHistory and getMidTurnCompactionSummaryIds can safely call createdAt.getTime(). - Documented the createdAt requirement for compaction tests in AGENTS.md. <sup>Written for commit c8f0acb09058c5e3313f1423c585857ea61416f4. Summary will update on new commits.</sup> <!-- End of auto-generated description by cubic. --> --------- Co-authored-by: -
由 Will Chen 提交于
<!-- devin-review-badge-begin --> --- <a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2524" target="_blank"> <picture> <source media="(prefers-color-scheme: dark)" srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1"> <img src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1" alt="Open with Devin"> </picture> </a> <!-- devin-review-badge-end --> <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **Medium Risk** > Changes local-agent streaming/history rebuilding and compaction timing/persistence, which can impact message ordering, UI rendering, and tool-loop continuity if edge cases are missed. > > **Overview** > **Enables mid-turn context compaction in local-agent mode** by triggering compaction between AI SDK steps (when token usage crosses the threshold and the step included tool calls) so the agent can finish the same user turn. > > Updates `handleLocalAgentStream` to rebuild message history after compaction while preserving in-flight tool-loop messages, inline the compaction indicator into the active assistant response, hide newly-inserted compaction-summary DB rows from streamed message lists, and persist only the post-compaction `aiMessagesJson` slice. Also hardens compaction output by XML-escaping the stored summary, adds `createdAtStrategy` handling for compaction insertion timing, and includes new unit/E2E coverage (fixture + snapshots) plus expanded git workflow documentation. > > <sup>Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit ac3ccb6e1221012141954ba6560ef2426bf07253. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).</sup> <!-- /CURSOR_SUMMARY --> <!-- This is an auto-generated description by cubic. --> --- ## Summary by cubic Enables mid-turn context compaction in local-agent tool loops so the agent can finish the same user turn. Improves history rebuilding, inline compaction messaging, streaming behavior, scheduling, and safe persistence. - **New Features** - Triggers mid-turn compaction when per-step tokens cross the threshold and tool calls exist; schedules in onStepFinish and applies before the next step. - Centralizes history via buildChatMessageHistory, preserving in-flight assistant/tool messages, hiding mid-turn compaction DB rows from streaming, and placing the summary after the triggering user. - Streams a compaction preview over current content and inlines the final compaction summary into the current assistant turn; selects createdAtStrategy ("now" mid-turn, "before-latest-user" pre-turn) with a 1-second margin to keep turn order. - Persists only post-compaction AI messages when compaction happens mid-turn, slicing correctly with 0-indexed stepNumber. - **Bug Fixes** - Escapes compaction summary in both the live preview and the persisted DB message to prevent XSS. - Re-queries chat only on successful compaction and filters hidden compaction summaries out of streaming payloads. - Clears injected messages after mid-turn compaction to avoid stale insertion indices; prevents repeat attempts and skips further compaction checks in the same turn after success. - Always runs checkAndMarkForCompaction in onStepFinish to mark next-turn compaction when appropriate. <sup>Written for commit ac3ccb6e1221012141954ba6560ef2426bf07253. Summary will update on new commits.</sup> <!-- End of auto-generated description by cubic. --> --------- Co-authored-by:
-
由 Will Chen 提交于
## Summary - Add safe pattern for `$(gh ...)` subcommands in the shell injection checker, allowing common patterns like dynamically constructing API endpoint URLs using `gh repo view` output - The inner content must not contain shell metacharacters to prevent nested injection - Add two new test cases to `good_commands.txt` covering `$(gh repo view ...)` and `REPO=$(gh repo view ...) &&` patterns ## Test plan - [x] All 923 hook permission tests pass (516 good + 407 bad) - [x] Unit tests pass (31 test files) - [x] Lint/format/type checks pass
🤖 Generated with [Claude Code](https://claude.com/claude-code) <!-- devin-review-badge-begin --> --- <a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2622" target="_blank"> <picture> <source media="(prefers-color-scheme: dark)" srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1"> <img src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1" alt="Open with Devin"> </picture> </a> <!-- devin-review-badge-end --> <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **Medium Risk** > Touches shell-injection detection logic in a security gate; a too-permissive regex could allow malicious command substitution, though it is constrained to read-only subcommands and covered by new tests. > > **Overview** > **Permission hook now permits a constrained form of `$(gh ...)` substitution.** `gh-permission-hook.py` adds `SAFE_GH_SUBCOMMAND_PATTERN` and neutralizes matching read-only `$(gh …)` subcommands before running shell-metacharacter checks, enabling dynamic `gh api` paths built from `gh repo view`/similar. > > **Tests updated to validate both sides.** `good_commands.txt` adds allowed examples using `$(gh repo view …)` (including a var-assignment pattern that remains passthrough), and `bad_commands.txt` adds cases ensuring destructive subcommands inside `$(...)` are still blocked. `package-lock.json` also changes peer metadata for multiple dependencies (lockfile-only churn). > > <sup>Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit 8bcb142513e4dfab4689e0160d581f44f7b24e95. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).</sup> <!-- /CURSOR_SUMMARY --> <!-- This is an auto-generated description by cubic. --> --- ## Summary by cubic Enabled safe $(gh ...) command substitution in the permission hook for dynamic GitHub API paths, limited to read-only gh subcommands. Tightened validation to block nested injection and newline/CR bypass. - **New Features** - Treat $(gh ...) as safe when the inner command has no shell metacharacters and uses an allowed read-only subcommand (repo/pr/issue/run/release/gist view, search, status, auth status, config get/list), and neutralize it before checks. - Added two good-command tests for gh api with $(gh repo view ...) and REPO=$(gh repo view ...) && patterns. - **Bug Fixes** - Fixed regex to prevent newline/CR bypass by using [ \t] and excluding \n\r in the inner content. - Added five bad-command tests to ensure destructive subcommands inside $(...) are blocked. <sup>Written for commit 8bcb142513e4dfab4689e0160d581f44f7b24e95. Summary will update on new commits.</sup> <!-- End of auto-generated description by cubic. --> --------- Co-authored-by: -
由 wwwillchen-bot 提交于
## Summary - Add support for showing line number ranges (e.g., ":L3-L5") in the Read file display - Pass `start_line` and `end_line` attributes from the markdown parser to the DyadRead component - Display line number suffix in the file path to provide better context when viewing partial file reads ## Test plan - [x] Verify line numbers appear correctly when a file read includes start/end lines - [x] Verify files read without line numbers display normally - [x] All tests pass
🤖 Generated with [Claude Code](https://claude.com/claude-code) <!-- devin-review-badge-begin --> --- <a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2615" target="_blank"> <picture> <source media="(prefers-color-scheme: dark)" srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1"> <img src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1" alt="Open with Devin"> </picture> </a> <!-- devin-review-badge-end --> <!-- This is an auto-generated description by cubic. --> --- ## Summary by cubic Show line numbers in the Read file path for partial file reads. Start and end lines are parsed from markdown and rendered as a :L suffix (e.g., :L3-L5) for clearer context. - **New Features** - Parse start_line and end_line in DyadMarkdownParser and pass to DyadRead. - DyadRead builds and displays line suffix (:L3, :L3-L5, or :L1-L5) next to the filename; tooltip shows full path with suffix. - Files without line numbers render unchanged. <sup>Written for commit 301bd200f245d934974c8d09ab0edf6ae42d7e9c. Summary will update on new commits.</sup> <!-- End of auto-generated description by cubic. --> Co-authored-by: -
由 Will Chen 提交于
## Summary - Switch `claude-pr-review` workflow from `multi-pr-review` to `swarm-pr-review` skill - Add warnings in both skill SKILL.md files to save intermediate files to the working directory (`./pr_diff.patch`) instead of `/tmp/`, which is blocked by `claude-code-action` security sandboxing in CI - Document the CI file access restriction in `rules/git-workflow.md` Fixes the `cat in '/tmp/pr_*_diff.patch' was blocked` error: https://github.com/dyad-sh/dyad/actions/runs/21896099089?pr=2524 #skip-bugbot ## Test plan - [ ] Verify PR review workflow triggers on a new PR and doesn't hit the `/tmp/` file access error - [ ] Confirm the swarm-pr-review skill posts a review summary comment
🤖 Generated with [Claude Code](https://claude.com/claude-code) <!-- devin-review-badge-begin --> --- <a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2623" target="_blank"> <picture> <source media="(prefers-color-scheme: dark)" srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1"> <img src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1" alt="Open with Devin"> </picture> </a> <!-- devin-review-badge-end --> <!-- This is an auto-generated description by cubic. --> --- ## Summary by cubic Switched the CI PR review workflow to use swarm-pr-review and fixed the /tmp file access block in claude-code-action. Updated skill docs and git workflow rules to save PR diffs in the repo working directory (e.g., ./pr_diff.patch) instead of /tmp, resolving the “cat in '/tmp/pr_*_diff.patch' was blocked” error. <sup>Written for commit 449c7b02b4bacad12a659177d1f6a4db949fc7ab. Summary will update on new commits.</sup> <!-- End of auto-generated description by cubic. --> Co-authored-by: -
由 Will Chen 提交于
## Summary - Adds `pull_request: types: [labeled]` trigger to `pr-review-responder.yml` so that adding the `cc:request:now` label immediately runs the pr-fix flow without waiting for CI to complete - Refactors the script to handle both `pull_request` and `workflow_run` event types, extracting `head_repo`, `head_branch`, and `ci_conclusion` as shared step outputs - Gates the `needs-human` labeler steps on `ci_conclusion` availability (only from `workflow_run` events) since CI status is unknown for immediate triggers ## Test plan - [ ] Add `cc:request:now` label to a test PR and verify the workflow triggers immediately - [ ] Verify existing `cc:request` / `cc:request:N` labels still work via the `workflow_run` path - [ ] Verify the retry loop works: if Claude pushes commits from a `cc:request:now` trigger, confirm it sets `cc:request:1` and subsequent retries go through the normal CI-waiting flow - [ ] Verify the job-level `if` filter prevents unnecessary runs for unrelated label additions
🤖 Generated with [Claude Code](https://claude.com/claude-code) <!-- devin-review-badge-begin --> --- <a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2618" target="_blank"> <picture> <source media="(prefers-color-scheme: dark)" srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1"> <img src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1" alt="Open with Devin"> </picture> </a> <!-- devin-review-badge-end --> <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **Medium Risk** > Adds a new `pull_request_target` label-triggered path to a high-permission workflow; while gated by allowed actors and PR author, mistakes here could expand when privileged automation runs or what code gets checked out/pushed. > > **Overview** > **Adds an immediate trigger for PR fix loops.** `pr-review-responder.yml` now runs not only after `CI` completes, but also when a trusted actor applies the `cc:request:now` label, so the automation can start without waiting for CI. > > **Refactors the workflow to support both event types safely.** The PR-info step now branches on event type to derive `pr_number`, `head_repo`, `head_branch`, and (only for `workflow_run`) `ci_conclusion`, uses these outputs for checkout and retry detection, and skips the needs-human labeler steps when CI conclusion is unavailable. > > **Docs/process updates.** Updates the workflows README to document the new trigger and removes outdated guidance about auto-adding `cc:request` from the `pr-push` command; adds a small rebase-conflict tip for documentation table merges. > > <sup>Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit 7fa3a013b815dda47ab643fd9b23f51f6feac59b. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).</sup> <!-- /CURSOR_SUMMARY --> <!-- This is an auto-generated description by cubic. --> --- ## Summary by cubic Enable immediate PR review runs via the cc:request:now label, using pull_request_target with strict labeler and author gating. The existing cc:request/cc:request:N CI-driven flow stays the same. - **New Features** - Trigger pr-review-responder on pull_request_target labeled when the label is cc:request:now. - Guarded start with a job-level filter; only labels applied by wwwillchen, wwwillchen-bot, azizmejri1, or princeaden1 are allowed, and only PRs authored by wwwillchen/wwwillchen-bot are eligible. - **Refactors** - Support both pull_request_target and workflow_run; expose pr_number, head_repo, head_branch, and ci_conclusion as shared outputs and use them for checkout/status. - Gate needs-human labeling on ci_conclusion (workflow_run only); cc:request:now skips it. Add null checks for head_repository and exclude cc:request:now in workflow_run label checks to avoid race conditions. - Docs: update workflow trigger README, remove outdated label instructions in .claude/commands/dyad/pr-push.md, and add rebase guidance to keep both additions in README tables. <sup>Written for commit 7fa3a013b815dda47ab643fd9b23f51f6feac59b. Summary will update on new commits.</sup> <!-- End of auto-generated description by cubic. --> --------- Co-authored-by: -
由 Will Chen 提交于
Adds a scheduled GitHub Actions workflow that safely frees disk space on self-hosted macOS runner `ci1` at 4:00 AM PST to prevent CI from running out of space. ## Changes - **New workflow** `.github/workflows/nightly-runner-cleanup.yml`: Runs daily at 4 AM PST; only executes on runner `ci1` - **Extended cleanup script** `scripts/ci-cleanup-macos.sh`: `CI_NIGHTLY_CLEANUP=1` enables host-level cleanup: - `~/Library/Caches` subdirs (Homebrew, Xcode, LLVM) - npm cache - Runner `_work` dirs older than 2 days - **Documentation** in workflows README with validation steps ## Safety - Only allowlisted paths are deleted - Never removes runner binaries, config, or user data - Manual run via `workflow_dispatch` for testing Made with [Cursor](https://cursor.com) <!-- devin-review-badge-begin --> --- <a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2620" target="_blank"> <picture> <source media="(prefers-color-scheme: dark)" srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1"> <img src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1" alt="Open with Devin"> </picture> </a> <!-- devin-review-badge-end --> <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **Medium Risk** > Primarily CI automation changes, but it introduces scheduled `rm -rf` cleanup on a self-hosted runner; an allowlist/guard is present, yet mistakes could still delete useful caches or workspaces and disrupt builds. > > **Overview** > Adds a scheduled `Nightly Runner Cleanup` GitHub Actions workflow that runs daily (and via `workflow_dispatch`) on self-hosted macOS runners, guarded to execute only when `RUNNER_NAME` is `ci1`. > > Extends `scripts/ci-cleanup-macos.sh` with a `CI_NIGHTLY_CLEANUP=1` mode that additionally purges allowlisted `~/Library/Caches` subdirectories and removes stale runner `actions-runner/_work` directories older than 2 days, and updates the workflows README with the new workflow and manual validation steps. > > <sup>Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit 0b108a8a7969060614311f54cd694f0454a6839b. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).</sup> <!-- /CURSOR_SUMMARY --> <!-- This is an auto-generated description by cubic. --> --- ## Summary by cubic Adds a nightly GitHub Actions workflow to free disk on self-hosted macOS runner ci1 at 4:00 AM PST. Extends the cleanup script with a guarded nightly mode to remove allowlisted caches and stale work dirs so CI doesn’t run out of space. - **New Features** - Added nightly-runner-cleanup.yml: runs daily at 4 AM PST; only executes on runner ci1; supports manual workflow_dispatch. - Updated scripts/ci-cleanup-macos.sh: CI_NIGHTLY_CLEANUP=1 cleans Library/Caches subdirs (Homebrew, Xcode, org.llvm.clang*), npm cache, Playwright browsers, and runner _work dirs older than 2 days; prints mode and disk before/after. - Updated README with manual validation steps. <sup>Written for commit 0b108a8a7969060614311f54cd694f0454a6839b. Summary will update on new commits.</sup> <!-- End of auto-generated description by cubic. --> --------- Co-authored-by:
devin-ai-integration[bot] <158243242+devin-ai-integration[bot]@users.noreply.github.com>
-
由 Will Chen 提交于
## Summary - Add .npmrc configuration file for npm package manager settings - Update package.json to specify npm version constraint (11.8.0) - Update CI/CD workflow files for npm compatibility - Add fast-push command documentation ## Test plan - Verify npm builds correctly with the new .npmrc configuration - Check CI workflows execute successfully with updated configuration - Ensure package.json constraints are properly honored
🤖 Generated with [Claude Code](https://claude.com/claude-code) <!-- devin-review-badge-begin --> --- <a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2621" target="_blank"> <picture> <source media="(prefers-color-scheme: dark)" srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1"> <img src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1" alt="Open with Devin"> </picture> </a> <!-- devin-review-badge-end --> <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **Low Risk** > Mostly tooling and workflow changes; primary risk is CI/build failures if npm 11.8.0 or strict engine checks conflict with some environments. > > **Overview** > **Standardizes npm version/engine enforcement.** Adds `.npmrc` with `engine-strict=true` and updates `package.json`/`package-lock.json` `engines` to require `npm` `11.8.0`. > > **Updates automation to match.** CI, release, and deflake workflows now install `npm@11.8.0` before running `npm ci`, and a new `.claude` command (`fast-push`) documents an autonomous commit/lint/amend/push/PR flow. > > <sup>Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit 391bd1deb4c07dae590444cdda77cfc2cb85482a. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).</sup> <!-- /CURSOR_SUMMARY --> <!-- This is an auto-generated description by cubic. --> --- ## Summary by cubic Standardizes on npm 11.8.0 across local dev and CI to ensure consistent installs/builds, and adds documentation for the dyad fast-push command. - **Dependencies** - Add .npmrc with engine-strict=true - Set engines.npm to 11.8.0 in package.json - CI workflows install npm@11.8.0 before npm ci - **Migration** - Upgrade local npm: npm install -g npm@11.8.0 - Reinstall deps with Node >= 20: npm ci <sup>Written for commit 391bd1deb4c07dae590444cdda77cfc2cb85482a. Summary will update on new commits.</sup> <!-- End of auto-generated description by cubic. --> Co-authored-by:
-
