Trim frontend bloat#319
Conversation
Signed-off-by: betterclever <paliwal.pranjal83@gmail.com>
Signed-off-by: betterclever <paliwal.pranjal83@gmail.com>
Signed-off-by: betterclever <paliwal.pranjal83@gmail.com>
Signed-off-by: betterclever <paliwal.pranjal83@gmail.com>
Signed-off-by: betterclever <paliwal.pranjal83@gmail.com>
Signed-off-by: betterclever <paliwal.pranjal83@gmail.com>
Signed-off-by: betterclever <paliwal.pranjal83@gmail.com>
Signed-off-by: betterclever <paliwal.pranjal83@gmail.com>
Signed-off-by: betterclever <paliwal.pranjal83@gmail.com>
Signed-off-by: betterclever <paliwal.pranjal83@gmail.com>
Signed-off-by: betterclever <paliwal.pranjal83@gmail.com>
Signed-off-by: betterclever <paliwal.pranjal83@gmail.com>
Signed-off-by: betterclever <paliwal.pranjal83@gmail.com>
Signed-off-by: betterclever <paliwal.pranjal83@gmail.com>
Signed-off-by: betterclever <paliwal.pranjal83@gmail.com>
Signed-off-by: betterclever <paliwal.pranjal83@gmail.com>
Signed-off-by: betterclever <paliwal.pranjal83@gmail.com>
Signed-off-by: betterclever <paliwal.pranjal83@gmail.com>
Signed-off-by: betterclever <paliwal.pranjal83@gmail.com>
Signed-off-by: betterclever <paliwal.pranjal83@gmail.com>
Signed-off-by: betterclever <paliwal.pranjal83@gmail.com>
Signed-off-by: betterclever <paliwal.pranjal83@gmail.com>
Signed-off-by: betterclever <paliwal.pranjal83@gmail.com>
Signed-off-by: betterclever <paliwal.pranjal83@gmail.com>
Signed-off-by: betterclever <paliwal.pranjal83@gmail.com>
Signed-off-by: betterclever <paliwal.pranjal83@gmail.com>
Signed-off-by: betterclever <paliwal.pranjal83@gmail.com>
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 5599779408
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| "tag": "0032_add_security_threat_stories", | ||
| "breakpoints": true | ||
| } |
There was a problem hiding this comment.
The migration loader only reads entries from backend/drizzle/meta/_journal.json, so the newly added 0033_add_agent_skills.sql through 0038_seed_finding_assessment_skill.sql files are never applied. On a fresh or upgraded database, endpoints that use agent_skills or security_finding_assessments will hit missing-table errors and the seeded skills will not exist. Add journal entries for every committed migration file so deploys actually run them.
Useful? React with 👍 / 👎.
| or( | ||
| eq(agentSkills.organizationId, options.organizationId), | ||
| isNull(agentSkills.organizationId), | ||
| ), |
There was a problem hiding this comment.
Because the update predicate accepts rows where organization_id IS NULL, any organization that can see a seeded/global skill can PATCH or toggle it and change that shared row for every other organization; the delete path has the same predicate. The seed migrations create built-in skills with organization_id set to NULL, so this becomes cross-tenant/global state mutation rather than an org-scoped override. Restrict mutations to organization_id = options.organizationId or create an org-local copy before changing global skills.
Useful? React with 👍 / 👎.
|
Closing: opened against public main by mistake; changes are intended for a different repo/flow. |
1 participant
Summary
Validation
Note: direct push to main is blocked by branch protection, so this PR carries the already-pushed cleanup branch into main.