<!-- CURSOR_SUMMARY -->
> [!NOTE]
> Adds `gemini-3-pro-preview` to Google model options with 1,048,576
context window and 65,535 max output tokens.
> 
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
6aefc4449908e862476f61c0bcb2a625111256a3. This will update automatically
on new commits. Configure
[here](https://cursor.com/dashboard?tab=bugbot).</sup>
<!-- /CURSOR_SUMMARY -->

<!-- This is an auto-generated description by cubic. -->
## Summary by cubic
Added Gemini 3 Pro (Preview) to the Google model list so users can
select it in the app. Sets a 1,048,576-token context window and a safe
max output of 65,535 tokens, with temperature 1.0.

<sup>Written for commit 6aefc4449908e862476f61c0bcb2a625111256a3.
Summary will update automatically on new commits.</sup>

<!-- End of auto-generated description by cubic. -->

Added to OpenAI and Azure

GPT-5.1: adaptive reasoning 
GPT-5.1-codex: advanced coding workflows
GPT-5.1-codex-mini: compact and efficient








<!-- This is an auto-generated description by cubic. -->
---
## Summary by cubic
Added support for OpenAI and Azure GPT-5.1, including GPT-5.1 Codex and
Codex Mini, for smarter conversations and better coding tasks. All
models use a 400k context window, require temperature 1, and leave max
output tokens unspecified to align with API behavior.

<sup>Written for commit 9788541c88732aa7d522fc70bfb20f22c3544982.
Summary will update automatically on new commits.</sup>

<!-- End of auto-generated description by cubic. -->








<!-- CURSOR_SUMMARY -->
---

> [!NOTE]
> Adds GPT-5.1, GPT-5.1 Codex, and Codex Mini to OpenAI and Azure model
catalogs with 400k context and temperature 1 (max output tokens
unspecified).
> 
> - **Model registry updates
(`src/ipc/shared/language_model_constants.ts`)**:
>   - **OpenAI**:
> - Add `gpt-5.1`, `gpt-5.1-codex`, `gpt-5.1-codex-mini` (400k
`contextWindow`, `temperature: 1`, `maxOutputTokens: undefined`).
> - Keep existing `gpt-5`, `gpt-5-codex`, `gpt-5-mini`, `gpt-5-nano`,
`o4-mini`.
>   - **Azure**:
> - Add `gpt-5.1`, `gpt-5.1-codex`, `gpt-5.1-codex-mini` with matching
settings (400k `contextWindow`, `temperature: 1`).
> 
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
9788541c88732aa7d522fc70bfb20f22c3544982. This will update automatically
on new commits. Configure
[here](https://cursor.com/dashboard?tab=bugbot).</sup>
<!-- /CURSOR_SUMMARY -->

---------
Co-authored-by: Will Chen <willchen90@gmail.com>

<!-- CURSOR_SUMMARY -->
> [!NOTE]
> Bumps `package.json` version from `0.27.1` to `0.28.0-beta.1`.
> 
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
767e200f378205413e8a23fff7674149239a92d5. This will update automatically
on new commits. Configure
[here](https://cursor.com/dashboard?tab=bugbot).</sup>
<!-- /CURSOR_SUMMARY -->

#1784 

<!-- CURSOR_SUMMARY -->
> [!NOTE]
> After reverting to a previous version, automatically deploy all
Supabase edge functions; failures are logged as warnings without
blocking the revert.
> 
> - **Version Revert Flow (`src/ipc/handlers/version_handlers.ts`)**:
> - After revert, re-deploy all Supabase edge functions when
`app.supabaseProjectId` is present via `deployAllSupabaseFunctions`.
> - Aggregate deployment errors into `warningMessage` (non-blocking);
logs successes/failures.
>   - Initialize `warningMessage` to an empty string.
> - **Supabase Utilities (`src/supabase_admin/supabase_utils.ts`)**:
> - Add `deployAllSupabaseFunctions`: scans `supabase/functions/*`,
ensures `index.ts`, reads content, calls `deploySupabaseFunctions`,
logs, collects errors; skips if directory missing.
> 
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
c29333c0f951b60b4e80da0b46cf0287d03bdae1. This will update automatically
on new commits. Configure
[here](https://cursor.com/dashboard?tab=bugbot).</sup>
<!-- /CURSOR_SUMMARY -->





<!-- This is an auto-generated description by cubic. -->
---
## Summary by cubic
Automatically re-deploys Supabase edge functions after restoring a
previous app version to keep functions in sync with reverted code.
Deployment failures surface as warnings and do not block the revert.

- **New Features**
- Re-deploy all Supabase edge functions on version revert when an app
has a Supabase project ID.
- Added deployAllSupabaseFunctions: scans supabase/functions, deploys
each index.ts sequentially, skips missing files, collects errors, and
logs warnings.

<sup>Written for commit c29333c0f951b60b4e80da0b46cf0287d03bdae1.
Summary will update automatically on new commits.</sup>

<!-- End of auto-generated description by cubic. -->

<!-- This is an auto-generated description by cubic. -->
## Summary by cubic
Adds multi-component selection in the preview and sends all selected
components to chat for targeted edits. Updates overlays, UI, and IPC to
support arrays, smarter context focusing, and cross-platform path
normalization.

- **New Features**
- Select multiple components in the iframe; selection mode stays active
until you deactivate it.
- Show a scrollable list of selections with remove buttons and a Clear
all; remove from the list or click an overlay in the preview to
deselect. Sending clears all overlays.
- Separate hover vs selected overlays with labels on hover; overlays
persist after deactivation and re-position on layout changes/resizes.
- Chat input and streaming now send selectedComponents; server builds
per-component snippets and focuses their files in smart context.

- **Migration**
- Replace selectedComponentPreviewAtom with
selectedComponentsPreviewAtom (ComponentSelection[]).
- ChatStreamParams now uses selectedComponents; migrate any
single-selection usages.
  - previewIframeRefAtom added for clearing overlays from the parent.

<sup>Written for commit da0d64cc9e9f83fbf4b975278f6c869f0d3a8c7d.
Summary will update automatically on new commits.</sup>

<!-- End of auto-generated description by cubic. -->

<!-- CURSOR_SUMMARY -->
> [!NOTE]
> Bumps app to version 0.27.1 and updates
`@dyad-sh/supabase-management-js` to 1.0.1.
> 
> - **Release**:
>   - Set application version to `0.27.1` in `package.json`.
> - **Dependencies**:
> - Update `@dyad-sh/supabase-management-js` from `v1.0.0` to `v1.0.1`.
> 
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
a6d43949556f1b3da905b02e5c84a05bd30539b4. This will update automatically
on new commits. Configure
[here](https://cursor.com/dashboard?tab=bugbot).</sup>
<!-- /CURSOR_SUMMARY -->

<!-- This is an auto-generated description by cubic. -->
---
## Summary by cubic
Release 0.27.1: update app version and lockfile. Also bump the Supabase
management client to v1.0.1.

- **Dependencies**
  - @dyad-sh/supabase-management-js: v1.0.0 → v1.0.1

<sup>Written for commit a6d43949556f1b3da905b02e5c84a05bd30539b4.
Summary will update automatically on new commits.</sup>

<!-- End of auto-generated description by cubic. -->

<img width="496" height="470" alt="Screenshot 2025-10-24 200100"
src="https://github.com/user-attachments/assets/e64ee081-dc08-4b54-94a6-9ed41453cfcf"
/>

This PR adds settings for text size, small, medium (default), large and
extra large.

This should help more people use Dyad more productively.

Closes #1482 
    






<!-- This is an auto-generated description by cubic. -->
---
## Summary by cubic
Adds adjustable workspace zoom levels (90%, 100%, 110%, 125%, 150%) to
improve readability and accessibility. Changes apply instantly and
persist per user, addressing issue #1482.

- **New Features**
  - Zoom selector in Settings → General.
  - Persists zoomLevel in user settings and schema.
  - Applies zoom via Electron webFrame for consistent app scaling.

- **Refactors**
  - Removed deprecated workspaceTextSize setting.
  - Removed root font-size from globals.css.

<sup>Written for commit 54bad25f016a83e9f414025a07e80fdbad859366.
Summary will update automatically on new commits.</sup>

<!-- End of auto-generated description by cubic. -->








<!-- CURSOR_SUMMARY -->
---

> [!NOTE]
> Adds adjustable app zoom levels (90–150%) with a Settings selector,
persisted in user settings, and applied via Electron webFrame.
> 
> - **UI/Settings**:
> - Add `ZoomSelector` component and surface it in `Settings → General`
(`src/components/ZoomSelector.tsx`, `src/pages/settings.tsx`).
> - **Schema/Persistence**:
> - Introduce `ZoomLevelSchema` and optional `zoomLevel` in
`UserSettingsSchema` (`src/lib/schemas.ts`).
> - **Electron Integration**:
> - Expose `webFrame.setZoomFactor/getZoomFactor` in `window.electron`
(`src/preload.ts`).
> - **App Behavior**:
> - Apply zoom factor on load and when settings change with default
`100%` (`src/app/layout.tsx`).
> 
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
54bad25f016a83e9f414025a07e80fdbad859366. This will update automatically
on new commits. Configure
[here](https://cursor.com/dashboard?tab=bugbot).</sup>
<!-- /CURSOR_SUMMARY -->

---------
Co-authored-by: Devforschool <138079274+Devforschool@users.noreply.github.com>
Co-authored-by: Will Chen <willchen90@gmail.com>

Pull request summary from GitHub Copilot:

> This pull request updates the `README.md` file to use secure HTTPS
links instead of HTTP for the Dyad website. This improves security and
ensures users are directed to the correct, secure version of the site.
> 
> - Documentation improvements:
> * Changed all `http://dyad.sh/` links to `https://dyad.sh/` in the
`README.md` file.

<!-- This is an auto-generated description by cubic. -->
---
## Summary by cubic
Updated README links from http to https for dyad.sh to ensure secure,
correct navigation.
This avoids insecure redirects and aligns with best practices.

<sup>Written for commit fbfd253f49495e6e9c1f72cca28213eb65303b5b.
Summary will update automatically on new commits.</sup>

<!-- End of auto-generated description by cubic. -->

<!-- This is an auto-generated description by cubic. -->
## Summary by cubic
Fix incorrect "Created" and "Last Updated" timestamps in App Details.
The page now uses selectedApp.createdAt and selectedApp.updatedAt
instead of the current time.

<sup>Written for commit 4b2459b23b4c3e6592c45076276d50070d8df749.
Summary will update automatically on new commits.</sup>

<!-- End of auto-generated description by cubic. -->
Co-authored-by: hlong24082k <hlong24082k@gmail.com>

<!-- CURSOR_SUMMARY -->
> [!NOTE]
> <sup>[Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) is
generating a summary for commit
25259c081a10b92eb4e9da76f868eaf18cab1766. Configure
[here](https://cursor.com/dashboard?tab=bugbot).</sup>
<!-- /CURSOR_SUMMARY -->

<!-- CURSOR_SUMMARY -->
> [!NOTE]
> Introduce a new "deep" Smart Context mode that supplies versioned
files (by commit) to the engine, adds code search rendering, stores
source commit hashes, improves search-replace recovery, and updates
UI/tests.
> 
> - **Smart Context (deep)**:
> - Replace `conservative` with `deep`; limit context to ~200 turns;
send `sourceCommitHash` per message.
> - Build and pass `versioned_files` (hash-id map + per-message file
refs) and `app_id` to engine.
> - **DB**:
>   - Add `messages.source_commit_hash` (+ migration/snapshot).
> - **Engine/Processing**:
> - Retry Turbo Edits v2: first re-read then fallback to `dyad-write` if
search-replace fails.
> - Include provider options and versioned files in requests; add
`getCurrentCommitHash`/`getFileAtCommit`.
> - **UI**:
>   - Pro mode selector: new `deep` option; tooltips polish.
> - Add `DyadCodeSearch` and `DyadCodeSearchResult` components; parser
supports new tags.
> - **Tests/E2E**:
> - New `smart_context_deep` e2e; update snapshots to include `app_id`
and deep mode; adjust Playwright timeout.
>   - Unit tests for versioned codebase context.
> 
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
e3d3bffabb2bc6caf52103461f9d6f2d5ad39df8. This will update automatically
on new commits. Configure
[here](https://cursor.com/dashboard?tab=bugbot).</sup>
<!-- /CURSOR_SUMMARY -->

<!-- CURSOR_SUMMARY -->
> [!NOTE]
> Makes search-replace tolerant to typos/whitespace via two-pass fuzzy
matching with Levenshtein and smart-quote normalization, with clearer
errors and tests.
> 
> - **Search/Replace Processor
(`src/pro/main/ipc/processors/search_replace_processor.ts`)**
> - Add two-pass fuzzy matching: quick exact-line prefilter +
Levenshtein scoring (`fastest-levenshtein`).
> - Match flow: exact > whitespace-insensitive > fuzzy; detect ambiguity
and improve error messages with similarity %.
> - Introduce thresholds and limits: `FUZZY_MATCH_THRESHOLD=0.9`,
`EARLY_STOP_THRESHOLD=0.95`, `MAX_FUZZY_SEARCH_TIME_MS=10000`.
> - Normalize text before scoring using `normalizeString` (handles
quotes, dashes, ellipsis, NBSP, soft hyphen, BOM).
> - Preserve indentation for replacements; keep existing
unescape/validation logic.
> - **Utils (`src/utils/text_normalization.ts`)**
> - New `normalizeString` helper for Unicode normalization used by fuzzy
matching.
> - **Tests
(`src/pro/main/ipc/processors/search_replace_processor.test.ts`)**
> - Add cases for typos, smart quotes, below-threshold failure,
exact-over-fuzzy preference, whitespace differences, and ambiguity.
> - **Dependencies**
>   - Add `fastest-levenshtein` to `package.json`.
> 
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
289dab915c37bc4f9ab4bf0209ff3f95a57341fc. This will update automatically
on new commits. Configure
[here](https://cursor.com/dashboard?tab=bugbot).</sup>
<!-- /CURSOR_SUMMARY -->



<!-- This is an auto-generated description by cubic. -->
---
## Summary by cubic
Makes applySearchReplace more tolerant by preferring exact and
whitespace-insensitive matches, then falling back to fast two-pass
Levenshtein-based fuzzy matching with Unicode normalization. Improves
failure messages and adds tests to cover common edit scenarios.

- **New Features**
- Exact > whitespace-insensitive > fuzzy matching flow (threshold 0.9).
- Two-pass fuzzy search with exact-line prefilter; early stop at 0.95
and 10s timeout.
- normalizeString handles smart quotes, dashes, ellipsis, NBSPs, soft
hyphen, and BOM.
  - Errors now report best fuzzy similarity when below threshold.
- Tests for typos, smart quotes, below-threshold cases,
exact-over-fuzzy, whitespace differences, and ambiguity.

- **Dependencies**
  - Add fastest-levenshtein.

<sup>Written for commit 289dab915c37bc4f9ab4bf0209ff3f95a57341fc.
Summary will update automatically on new commits.</sup>

<!-- End of auto-generated description by cubic. -->

See #1692

<!-- CURSOR_SUMMARY -->
> [!NOTE]
> Adds multi-select with a "Fix X Issues" bulk action to Security Review
(severity-sorted, with animated header button), clears selections on
refresh, and improves streaming error logs; includes e2e coverage.
> 
> - **Security Review UI
(`src/components/preview_panel/SecurityPanel.tsx`)**:
>   - **Multi-select & Bulk Fix**:
> - Add per-row checkboxes and a "Select all" checkbox in
`FindingsTable`; sort by severity; ARIA labels.
> - Track `selectedFindings`; clear on new data; header shows animated
"Fix X Issues" button (`Wrench` icon) that creates one chat with a
combined prompt for selected issues.
> - **Fix Single Issue**: Preserve existing per-row "Fix Issue" flow
with loading states.
> - **Tests**:
> - Add e2e test `security review - multi-select and fix issues` and
snapshots for selection table and combined prompt.
> - **IPC (`src/ipc/ipc_client.ts`)**:
> - Enhance error logging (`console.error`) in `streamMessage` paths;
simplify `cancelChatStream` (remove stale cleanup).
> 
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
08b9f92814e2a676d0a8de1badf7dc79cd82a14a. This will update automatically
on new commits. Configure
[here](https://cursor.com/dashboard?tab=bugbot).</sup>
<!-- /CURSOR_SUMMARY -->



<!-- This is an auto-generated description by cubic. -->
---
## Summary by cubic
Add multi-select to the Security Review so you can select issues and fix
them in one go. Improves error handling in chat streaming and adds an
e2e test for the new flow.

- New Features
- Checkboxes per finding and a “Select all” checkbox, with
severity-sorted rows.
- Header shows an animated “Fix X Issues” button when items are
selected; creates one chat with a combined prompt; clears selection
after.
  - New e2e test: multi-select and bulk fix.

- Bug Fixes
  - Clear selections when new review results load.
- Better error logging in IpcClient for streaming failures; simplify
cancelChatStream to avoid false errors.

<sup>Written for commit 08b9f92814e2a676d0a8de1badf7dc79cd82a14a.
Summary will update automatically on new commits.</sup>

<!-- End of auto-generated description by cubic. -->

<!-- CURSOR_SUMMARY -->
> [!NOTE]
> Enhances AI stream error logging to include request ID and detailed
error info in `chat_stream_handlers.ts`.
> 
> - **Backend**
> - **Logging**: In `src/ipc/handlers/chat_stream_handlers.ts` `onError`
handler for `streamText` now logs a detailed message including request
ID and `errorMessage`, replacing the previous generic error log.
> 
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
3519f494e8e400403973f014cede9ff771d5a9ad. This will update automatically
on new commits. Configure
[here](https://cursor.com/dashboard?tab=bugbot).</sup>
<!-- /CURSOR_SUMMARY -->

<!-- This is an auto-generated description by cubic. -->
---
## Summary by cubic
Improve error logging in chat text streaming by replacing the generic
log with a structured entry that includes the request ID (when
available), the parsed error message, and the full error object. This
makes failures easier to trace and correlate with backend requests.

<sup>Written for commit 3519f494e8e400403973f014cede9ff771d5a9ad.
Summary will update automatically on new commits.</sup>

<!-- End of auto-generated description by cubic. -->

<!-- This is an auto-generated description by cubic. -->
## Summary by cubic
Added support for the dyad-web-crawl tag to render a Web Crawl UI in
chat, enabling website replication flows. Messages with <dyad-web-crawl>
now show a styled card with crawl details.

- **New Features**
  - Added DyadWebCrawl component with label and updated icon.
  - Updated DyadMarkdownParser to parse and render dyad-web-crawl.

<sup>Written for commit 45903364b5d6cbdcfc5c3a37579e9eda05e01db3.
Summary will update automatically on new commits.</sup>

<!-- End of auto-generated description by cubic. -->

<!-- CURSOR_SUMMARY -->
> [!NOTE]
> <sup>[Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) is
generating a summary for commit
5e44056b5644e60784f6be0085519d9fb533f0ce. Configure
[here](https://cursor.com/dashboard?tab=bugbot).</sup>
<!-- /CURSOR_SUMMARY -->

<!-- CURSOR_SUMMARY -->
> [!NOTE]
> Show the upgrade button only for AI streaming errors by checking a
shared error prefix; introduce and use a shared constant for consistent
error messages.
> 
> - **Chat UI**
> - Update `ChatErrorBox.tsx` to display "Upgrade to Dyad Pro" only when
`error` includes `AI_STREAMING_ERROR_MESSAGE_PREFIX` and user is not Pro
(still hides on `TypeError: terminated`).
> - **IPC/Streaming**
> - In `chat_stream_handlers.ts`, prefix emitted streaming errors with
`AI_STREAMING_ERROR_MESSAGE_PREFIX` instead of hardcoded text for
consistency.
> - **Shared**
> - Add `AI_STREAMING_ERROR_MESSAGE_PREFIX` in `src/shared/texts.ts` and
import where needed.
> 
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
83b1aa3555a3c1e710ee644f7bfb64cabc0ff5e6. This will update automatically
on new commits. Configure
[here](https://cursor.com/dashboard?tab=bugbot).</sup>
<!-- /CURSOR_SUMMARY -->

This PR solves the issue #1666 
To solve this i removed the upgrade link from the general case since
errors related to pro mode are already handled in the specific if-blocks



<!-- This is an auto-generated description by cubic. -->
---
## Summary by cubic
Hide the Dyad Pro upgrade banner on termination errors to reduce
confusion. The generic upgrade link in ChatErrorBox is now suppressed
when the error includes "TypeError: terminated" and only shows when Pro
is disabled otherwise.

<sup>Written for commit 1edf665. Summary will update automatically on
new commits.</sup>

<!-- End of auto-generated description by cubic. -->

Example:
open
"dyad://add-prompt?data=eyJ0aXRsZSI6IlRlc3QgUHJvbXB0IiwiZGVzY3JpcHRpb24iOiJBIHRlc3QgcHJvbXB0IGZyb20gZGVlcCBsaW5rIiwiY29udGVudCI6IlRoaXMgaXMgdGhlIGNvbnRlbnQgb2YgdGhlIHByb21wdC4ifQ%3D%3D"

<!-- CURSOR_SUMMARY -->
---

> [!NOTE]
> Adds dyad://add-prompt deep link that navigates to Library and opens a
prefilled Create Prompt dialog from base64 JSON.
> 
> - **Deep Link Handling**
> - Parse `dyad://add-prompt?data=<base64-json>` in `src/main.ts`;
validate with `AddPromptDataSchema` and send `deep-link-received` with
payload.
> - Extend `DeepLinkContext` to navigate to `/library` on `add-prompt`.
> - **Library/Dialogs**
> - Add controlled open state and `prefillData` support to
`CreateOrEditPromptDialog` and `CreatePromptDialog`
(`src/components/CreatePromptDialog.tsx`).
> - In `src/pages/library.tsx`, listen for `add-prompt` deep link,
prefill form, open dialog, and clear deep-link state.
> - **Schemas**
> - Define `AddPromptDataSchema`, `AddPromptPayload`, and
`AddPromptDeepLinkData` in `src/ipc/deep_link_data.ts` and include in
`DeepLinkData` union.
> - **E2E Tests**
> - Add Playwright test `e2e-tests/add_prompt_deep_link.spec.ts` and
ARIA snapshot to verify deep link opens prefilled dialog and saves
prompt.
> 
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
1ddb12306cfca195682c8a1b719f60093b858d54. This will update automatically
on new commits. Configure
[here](https://cursor.com/dashboard?tab=bugbot).</sup>
<!-- /CURSOR_SUMMARY -->

Adds AGENTS.md for Claude Code, Gemini CLI and Codex.

<!-- This is an auto-generated description by cubic. -->
---
## Summary by cubic
Adds AGENTS.md with clear guidelines for working in this Electron +
React repo. It standardizes IPC patterns and React/TanStack Query usage
to keep code consistent and secure.

- **New Features**
- Documents IPC architecture: renderer IpcClient, preload allowlist,
host handlers, and throwing errors on failure.
- Defines React integration: useQuery for reads, useMutation for writes,
invalidate related queries, optional global state sync.
- Notes security practices: avoid remote, validate/lock by appId on
mutations.
- Encourages descriptive names that mirror IPC channels and colocated
tests/stories.

<!-- End of auto-generated description by cubic. -->

<!-- CURSOR_SUMMARY -->
> [!NOTE]
> <sup>[Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) is
generating a summary for commit
abe012e8d2a7c072dfa3c7632f80611e7b77fdd8. Configure
[here](https://cursor.com/dashboard?tab=bugbot).</sup>
<!-- /CURSOR_SUMMARY -->

TODOs:

- [x] Add documentation
- [x] e2e tests: run security review, update knowledge, and fix issue
- [x] more stringent risk rating


<!-- CURSOR_SUMMARY -->
---

> [!NOTE]
> Introduces a new Security mode with a Security Review panel that runs
reviews, edits rules, parses findings via IPC, and supports fixing
issues, with tests and prompt/runtime support.
> 
> - **UI/Preview Panel**:
> - Add `security` preview mode to `previewModeAtom` and ActionHeader
(Shield button).
> - New `SecurityPanel` showing findings table (sorted by severity), run
review, fix issue flow, and edit `SECURITY_RULES.md` dialog.
>   - Wire into `PreviewPanel` content switch.
> - **Hooks**:
>   - `useSecurityReview(appId)`: fetch latest review via IPC.
> - `useStreamChat`: add `onSettled` callback to invoke refreshes after
streams.
> - **IPC/Main**:
> - `security_handlers`: `get-latest-security-review` parses
`<dyad-security-finding>` from latest assistant message.
>   - Register handler in `ipc_host`; expose channel in `preload`.
>   - `ipc_client`: add `getLatestSecurityReview(appId)`.
> - `chat_stream_handlers`: detect `/security-review`, use dedicated
system prompt, optionally append `SECURITY_RULES.md`, suppress
Supabase-not-available note in this mode.
> - **Prompts**:
> - Add `SECURITY_REVIEW_SYSTEM_PROMPT` with structured finding output.
> - **Supabase**:
> - Enhance schema query to include `rls_enabled`, split policy
`using_clause`/`with_check_clause`.
> - **E2E Tests**:
> - New `security_review.spec.ts` plus snapshots and fixture findings;
update test helper for `security` mode and findings table snapshot.
> - Fake LLM server streams security findings for `/security-review` and
increases batch size.
> 
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
5022d01e22a2dd929a968eeba0da592e0aeece01. This will update automatically
on new commits. Configure
[here](https://cursor.com/dashboard?tab=bugbot).</sup>
<!-- /CURSOR_SUMMARY -->

I implemented file referencing feature mentioned in issue #1591 

<!-- This is an auto-generated description by cubic. -->
---
## Summary by cubic
Adds support for referencing app files in chat using @file:<path>. The
input now autocompletes files, and the backend validates and surfaces
referenced files in the chat context as read-only.

- **New Features**
  - Chat input autocompletes @ mentions for apps, prompts, and files.
- Recognizes @file:<path> and converts it to a structured mention on
submit.
- Backend parses @file mentions, checks file existence, and adds a
“Referenced Files” section to the system message.
- New get-app-files IPC handler and useAppFiles hook to load file paths
for the selected app (appFilesAtom added).
  - e2e test for mentioning a file and capturing server dump.

<!-- End of auto-generated description by cubic. -->

Fixes #1222 #1646 

TODOs
- [x] description?
- [x] collect errors across all files for turbo edits
- [x] be forgiving around whitespaces
- [x] write e2e tests
- [x] do more manual testing across different models



<!-- CURSOR_SUMMARY -->
---

> [!NOTE]
> Adds Turbo Edits v2 search-replace flow with settings/UI selector,
parser/renderer, dry-run validation + fallback, proposal integration,
and comprehensive tests; updates licensing.
> 
> - **Engine/Processing**:
> - Add `dyad-search-replace` end-to-end: parsing
(`getDyadSearchReplaceTags`), markdown rendering (`DyadSearchReplace`),
and application (`applySearchReplace`) with dry-run validation and
fallback to `dyad-write`.
> - Inject Turbo Edits v2 system prompt; toggle via
`isTurboEditsV2Enabled`; disable classic lazy edits when v2 is on.
> - Include search-replace edits in proposals and full-response
processing.
> - **Settings/UI**:
> - Introduce `proLazyEditsMode` (`off`|`v1`|`v2`) and helper selectors;
update `ProModeSelector` with Turbo Edits and Smart Context selectors
(`data-testid`s).
> - **LLM/token flow**:
> - Construct system prompt conditionally; update token counting and
chat stream to validate and repair search-replace responses.
> - **Tests**:
> - Add unit tests for search-replace processor; e2e tests for Turbo
Edits v2 and options; fixtures and snapshots.
> - **Licensing/Docs**:
> - Add `src/pro/LICENSE` (FSL 1.1 ALv2 future), update root `LICENSE`
and README license section.
> - **Tooling**:
> - Update `.prettierignore`; enhance test helpers (selectors, path
normalization, snapshot filtering).
> 
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
7aefa02bfae2fe22a25c7d87f3c4c326f820f1e6. This will update automatically
on new commits. Configure
[here](https://cursor.com/dashboard?tab=bugbot).</sup>
<!-- /CURSOR_SUMMARY -->

<!-- CURSOR_SUMMARY -->
> [!NOTE]
> Make preview header buttons more horizontally dense by stacking
label/badge under smaller icons and standardizing icon size.
> 
> - **UI (ActionHeader)**:
>   - **Button layout**:
> - Replace shared `BUTTON_CLASS_NAME` with inline classes to reduce
padding, gap, and font size; use `flex-col` for stacked icon/label.
> - Wrap label and badge in a single `span` for tighter vertical
grouping.
>   - **Icons**:
> - Introduce `iconSize = 15` and apply to `Eye`, `AlertTriangle`,
`Code`, `Wrench`, `Globe` for consistent sizing.
> 
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
9cfe3ba52b79c9176289d077ffcbaf57b1613f44. This will update automatically
on new commits. Configure
[here](https://cursor.com/dashboard?tab=bugbot).</sup>
<!-- /CURSOR_SUMMARY -->

# Description

This is a small fix to make the settings aligned with the sidebar. It
closes #1375
    
<!-- This is an auto-generated description by cubic. -->
---

## Summary by cubic
Aligned the Settings page with the sidebar. The page now sets the active
section to "general-settings" on mount, so the content matches the
selected sidebar on first load.

<!-- End of auto-generated description by cubic. -->

# Description

This pull request ignore `venv` directories and closes #1415
    
<!-- This is an auto-generated description by cubic. -->
---

## Summary by cubic
Exclude Python virtual environment directories (.venv, venv) from
codebase scanning to reduce noise and avoid indexing dependencies. This
aligns with existing excludes like node_modules and build outputs.

<!-- End of auto-generated description by cubic. -->

<!-- CURSOR_SUMMARY -->
> [!NOTE]
> Broaden injection to extensionless and .html routes, gate by
Content-Type, and conditionally strip caching/compression headers only
when injecting.
> 
> - **Proxy HTML injection**:
> - Update `needsInjection(pathname)` to inject for routes without
extensions and `.html` files (e.g., `/`, `/foo`, `/foo/bar`, `*.html`).
> - Only request uncompressed content and remove `if-none-match` when
`needsInjection(target.pathname)` is true.
> - During upstream response, inject only if `Content-Type` includes
`text/html`; otherwise pass through without modification.
> 
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
2986ceccea64e7881a2197a2a0b202216f21d27d. This will update automatically
on new commits. Configure
[here](https://cursor.com/dashboard?tab=bugbot).</sup>
<!-- /CURSOR_SUMMARY -->

<!-- CURSOR_SUMMARY -->
> [!NOTE]
> <sup>[Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) is
generating a summary for commit
b2949af5e7b03ee7a78456840a6296f2d861a5a7. Configure
[here](https://cursor.com/dashboard?tab=bugbot).</sup>
<!-- /CURSOR_SUMMARY -->

@princeaden1 can you take a look at why this test is flaking often
later? for now, i think we can just skip it since it's not a super
critical feature (users can always edit the file using the regular code
panel)

<!-- CURSOR_SUMMARY -->
---

> [!NOTE]
> <sup>[Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) is
generating a summary for commit
12de571a1a5d2f9c6c98e90ae19fd67a3fb2e6b5. Configure
[here](https://cursor.com/dashboard?tab=bugbot).</sup>
<!-- /CURSOR_SUMMARY -->

<!-- CURSOR_SUMMARY -->
> [!NOTE]
> Removes Smart Auto labels/tooltip and related checks from the model
picker, showing standard model names and descriptions only.
> 
> - **UI (Model Picker)**: `src/components/ModelPicker.tsx`
> - Remove Smart Auto-specific labeling and tooltip logic for `auto`
models.
>   - Drop "Pro only" badge tied to Smart Auto state.
> - Always render `model.displayName` and `model.description` without
Smart Auto overrides.
> - Remove Smart Auto enablement check previously derived from settings.
> 
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
211be087933f3f240a78c017b26a37633f1228d6. This will update automatically
on new commits. Configure
[here](https://cursor.com/dashboard?tab=bugbot).</sup>
<!-- /CURSOR_SUMMARY -->

<!-- CURSOR_SUMMARY -->
> [!NOTE]
> Bumps `package.json` version from `0.25.0-beta.1` to `0.26.0-beta.1`.
> 
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
6433fcc2777bee825db6e330a0d135e8477d7d8f. This will update automatically
on new commits. Configure
[here](https://cursor.com/dashboard?tab=bugbot).</sup>
<!-- /CURSOR_SUMMARY -->

Fixes #672 


<!-- CURSOR_SUMMARY -->
---

> [!NOTE]
> Add selectable problem rows with Select all/Clear all and Fix N
selected, and update tests to cover selection behavior.
> 
> - **UI (Problems panel)**:
> - Add checkbox selection for each problem row (`ProblemItem`) with row
click-to-toggle, `data-testid="problem-row"`, and accessibility
attributes.
> - Introduce selection state in `_Problems` with auto-select-all on
report load; provide Select all / Clear all controls.
> - Change Fix button to operate on selected problems only, showing
dynamic label `Fix N problem(s)` and disabled when none selected.
> - Wire `RecheckButton` to clear selection before rechecking; minor
hover style tweaks; add `Checkbox` component.
> - **E2E Tests**:
> - New test: selecting specific problems and fixing only selected; add
snapshots for prompt content.
> - Update manual edit tests (React/Vite, Next.js) to assert Fix button
enabled/disabled and counts; remove old ARIA snapshots.
>   - Minor import addition for `Timeout` and related expectations.
> 
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
8324e26f9d2d265e7e0d1f1b7538e2a8db40f674. This will update automatically
on new commits. Configure
[here](https://cursor.com/dashboard?tab=bugbot).</sup>
<!-- /CURSOR_SUMMARY -->

Implement the feature requested in issue #251 that allows users to
toggle between screen sizes

Add ability to manually configure Node.js path for users who have
Node.js
installed but not in their system PATH.

Features:
- Browse and select custom Node.js installation folder
- Visual status indicator showing Node.js version or "Not found"
- Reset to system default PATH option
- Manual configuration option in setup banner
- Real-time Node.js status checking

closes #1050

    
<!-- This is an auto-generated description by cubic. -->
---

## Summary by cubic
Adds manual Node.js path configuration so the app works even when Node
isn’t on PATH, fulfilling #1050. Users can browse to their install,
reset to default, and see real-time status in Settings and during setup.

- New Features
- Settings: NodePathSelector to browse a Node.js folder, show
version/“Not found” status, and reset to system PATH (persists
customNodePath).
- Setup banner: manual config flow with a folder picker if Node is
already installed.
- IPC: select-node-folder, set-node-path, get-node-path; reloads env and
prepends custom path to PATH.
- Real-time Node.js status check with visual indicator (CheckCircle on
valid).
  - E2E tests for browse, reset, and valid-status display.

<!-- End of auto-generated description by cubic. -->

<!-- CURSOR_SUMMARY -->
> [!NOTE]
> Bumps app to 0.25.0-beta.1 and upgrades better-sqlite3 to 12.4.1 with
updated engine constraints.
> 
> - **Versioning**: Set `package.json` and lockfile version to
`0.25.0-beta.1`.
> - **Dependencies**:
> - Upgrade `better-sqlite3` from `^11.9.1` to `^12.4.1` (lockfile
resolves to `12.4.1`).
> - Add/update `better-sqlite3` engine constraints to `node: 20.x ||
22.x || 23.x || 24.x`.
> 
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
e45156ac3a3340c68ef61200416860a0175eb4b6. This will update automatically
on new commits. Configure
[here](https://cursor.com/dashboard?tab=bugbot).</sup>
<!-- /CURSOR_SUMMARY -->

Previously, the chat auto-scrolled whenever messages changed, even when
not streaming. This caused unwanted scrolling when switching chats or
loading messages from the database.

Now auto-scroll only triggers when:
- Messages are actively streaming (isStreaming is true)
- User hasn't manually scrolled away
- User is near the bottom of the chat

Changes:
- Added isStreamingByIdAtom to track streaming state
- Modified auto-scroll useEffect to check isStreaming before scrolling
- Preserved streamCount effect for initial scroll on stream start

🤖 Generated with [Claude Code](https://claude.com/claude-code)
    
<!-- This is an auto-generated description by cubic. -->
---

## Summary by cubic
Fixes chat auto-scroll so it only runs during active streaming,
preventing jumps when switching chats or loading message history.

- **Bug Fixes**
- Added isStreamingByIdAtom and gated the auto-scroll effect by per-chat
streaming state (updated effect deps).
  - Preserved the initial scroll on stream start via streamCount.

<!-- End of auto-generated description by cubic. -->

<!-- CURSOR_SUMMARY -->
---

> [!NOTE]
> Limits chat auto-scroll to when a conversation is actively streaming
and the user is near the bottom.
> 
> - **Frontend**
> - **Chat auto-scroll behavior**: Only auto-scrolls during active
streaming.
> - Adds `isStreamingByIdAtom` and reads per-chat `isStreaming` state.
> - Updates auto-scroll `useEffect` to require `isStreaming` and adds it
to dependencies.
> 
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
6580601cd974c2c01ddffdef78ed0ddbb2b2fa8d. This will update automatically
on new commits. Configure
[here](https://cursor.com/dashboard?tab=bugbot).</sup>
<!-- /CURSOR_SUMMARY -->
Co-authored-by: Claude <noreply@anthropic.com>

<!-- CURSOR_SUMMARY -->
> [!NOTE]
> Adds `z-ai/glm-4.6` (GLM 4.6) to OpenRouter model options.
> 
> - **Models**:
> - **OpenRouter**: Add `z-ai/glm-4.6` ("GLM 4.6") with
`maxOutputTokens: 32_000`, `contextWindow: 200_000`, `temperature: 0`,
`dollarSigns: 2`.
> 
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
5e434b7d049c839504c726b096bf5fa4c22f162b. This will update automatically
on new commits. Configure
[here](https://cursor.com/dashboard?tab=bugbot).</sup>
<!-- /CURSOR_SUMMARY -->