Skip to content

Release: 5 features, 5 fixes, 1 test, 3 chores → Main#9729

Merged
h0lybyte merged 18 commits intomainfrom
dev
Apr 6, 2026
Merged

Release: 5 features, 5 fixes, 1 test, 3 chores → Main#9729
h0lybyte merged 18 commits intomainfrom
dev

Conversation

@github-actions
Copy link
Copy Markdown
Contributor

@github-actions github-actions Bot commented Apr 6, 2026
edited
Loading

Release: Dev → Main

17 atomic commits ready for main

Features

Bug Fixes

Tests

Chores

Other Changes

This PR is automatically maintained by CI — KBVE Studio

@github-actions
deploy(isometric): update WASM build assets (#9726)
f033668 
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
@github-project-automation github-project-automation Bot moved this to Review in KBVE Apr 6, 2026
@github-actions
Copy link
Copy Markdown
Contributor Author

github-actions Bot commented Apr 6, 2026
edited
Loading

Dependency Review

The following issues were found:
  • ✅ 0 vulnerable package(s)
  • ✅ 0 package(s) with incompatible licenses
  • ✅ 0 package(s) with invalid SPDX license definitions
  • ⚠️ 11 package(s) with unknown licenses.
  • ⚠️ 1 packages with OpenSSF Scorecard issues.
See the Details below.

Snapshot Warnings

⚠️: No snapshots were found for the head SHA 62f06ff.
Ensure that dependencies are being submitted on PR branches and consider enabling retry-on-snapshot-warnings. See the documentation for more information and troubleshooting advice.

License Issues

packages/rust/bevy/bevy_db/Cargo.toml

PackageVersionLicenseIssue Type
bevy>= 0.18.0, < 0.19.0NullUnknown License
bevy_tasker>= 0.1.0, < 0.2.0NullUnknown License
bincode>= 1.0.0, < 2.0.0NullUnknown License
crossbeam-channel>= 0.5.0, < 0.6.0NullUnknown License
dirs>= 6.0.0, < 7.0.0NullUnknown License
js-sys>= 0.3.0, < 0.4.0NullUnknown License
redb>= 2.0.0, < 3.0.0NullUnknown License
rexie>= 0.6.0, < 0.7.0NullUnknown License
serde>= 1.0.0, < 2.0.0NullUnknown License
wasm-bindgen>= 0.2.0, < 0.3.0NullUnknown License
wasm-bindgen-futures>= 0.4.0, < 0.5.0NullUnknown License

OpenSSF Scorecard

Scorecard details
PackageVersionScoreDetails
cargo/idb 0.6.5 UnknownUnknown
cargo/redb 2.6.3 🟢 5.2
Details
CheckScoreReason
Code-Review⚠️ 2Found 6/28 approved changesets -- score normalized to 2
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Packaging⚠️ -1packaging workflow not detected
Maintained🟢 108 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10
Binary-Artifacts🟢 10no binaries found in the repo
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Security-Policy⚠️ 0security policy file not detected
Fuzzing🟢 10project is fuzzed
License🟢 10license file detected
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
cargo/rexie 0.6.2 UnknownUnknown
npm/@codemirror/lang-javascript 6.2.5 🟢 3.3
Details
CheckScoreReason
Code-Review⚠️ 1Found 4/30 approved changesets -- score normalized to 1
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Packaging⚠️ -1packaging workflow not detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Maintained🟢 45 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 4
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Security-Policy⚠️ 0security policy file not detected
Fuzzing⚠️ 0project is not fuzzed
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
npm/@codemirror/legacy-modes 6.5.2 🟢 3.1
Details
CheckScoreReason
Code-Review⚠️ 2Found 6/30 approved changesets -- score normalized to 2
Maintained⚠️ 12 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 1
Packaging⚠️ -1packaging workflow not detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Security-Policy⚠️ 0security policy file not detected
License🟢 10license file detected
Fuzzing⚠️ 0project is not fuzzed
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
npm/@lezer/javascript 1.5.4 ⚠️ 2
Details
CheckScoreReason
Code-Review⚠️ 0Found 0/30 approved changesets -- score normalized to 0
Token-Permissions⚠️ -1No tokens found
Binary-Artifacts🟢 10no binaries found in the repo
Packaging⚠️ -1packaging workflow not detected
SAST⚠️ 0no SAST tool detected
Dangerous-Workflow⚠️ -1no workflows found
Maintained⚠️ 00 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Pinned-Dependencies⚠️ -1no dependencies found
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Security-Policy⚠️ 0security policy file not detected
Fuzzing⚠️ 0project is not fuzzed
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
cargo/bevy >= 0.18.0, < 0.19.0 UnknownUnknown
cargo/bevy_tasker >= 0.1.0, < 0.2.0 UnknownUnknown
cargo/bincode >= 1.0.0, < 2.0.0 UnknownUnknown
cargo/crossbeam-channel >= 0.5.0, < 0.6.0 UnknownUnknown
cargo/dirs >= 6.0.0, < 7.0.0 UnknownUnknown
cargo/js-sys >= 0.3.0, < 0.4.0 UnknownUnknown
cargo/redb >= 2.0.0, < 3.0.0 UnknownUnknown
cargo/rexie >= 0.6.0, < 0.7.0 UnknownUnknown
cargo/serde >= 1.0.0, < 2.0.0 UnknownUnknown
cargo/wasm-bindgen >= 0.2.0, < 0.3.0 UnknownUnknown
cargo/wasm-bindgen-futures >= 0.4.0, < 0.5.0 UnknownUnknown

Scanned Files

  • Cargo.lock
  • packages/rust/bevy/bevy_db/Cargo.toml
  • pnpm-lock.yaml

@github-actions github-actions Bot changed the title Release: 1 commit → Main Release: 1 chore → Main Apr 6, 2026
h0lybyte added 2 commits April 6, 2026 15:33
@h0lybyte
fix(kong): add Content-Profile to CORS allowed headers (#9730)
3151cbf 
The Supabase JS client sends a Content-Profile header on RPC calls
(e.g. staff_permissions). Kong's CORS plugin had Accept-Profile but
was missing Content-Profile, causing the browser to block the preflight
request with "Request header field content-profile is not allowed".

Also add config-hash annotation to trigger a pod rollout when the
ConfigMap changes, since Kong loads kong.yml at startup.
@h0lybyte
chore(isometric): auto-commit built WASM assets in deploy target (#9731)
2f83762 
Deploy target now git adds and commits the isometric build output
after copying to astro-kbve/public so a single nx run isometric:deploy
handles the full build-copy-commit pipeline.
@github-actions github-actions Bot changed the title Release: 1 chore → Main Release: 1 fix, 2 chores → Main Apr 6, 2026
h0lybyte added 2 commits April 6, 2026 15:34
@h0lybyte
chore|build(isometric): adding the latest build files.
cebae02
@h0lybyte
fix(firecracker): rewrite rootfs init Job to build ext4 images in-clu…
3fe4227 
…ster (#9732)

The previous init Job only downloaded vmlinux and used curlimages/curl
which can't build ext4 filesystems. Rewrite to use alpine:3.21 with
e2fsprogs to build rootfs images directly:

- Download vmlinux 5.10 kernel from Firecracker GitHub releases
- Build alpine-minimal.ext4 (~8MB) — busybox only
- Build alpine-python.ext4 (~45MB) — Python 3
- Build alpine-node.ext4 (~40MB) — Node.js

Each rootfs includes an /init script that mounts proc/sys/dev and
execs the entrypoint. Images are idempotent — skipped if already present.
@github-actions github-actions Bot changed the title Release: 1 fix, 2 chores → Main Release: 2 fixes, 2 chores → Main Apr 6, 2026
@h0lybyte
fix(kasm): increase gluetun CPU/memory limits and probe timeouts (#9734)
97f5cd3 
Gluetun VPN sidecar was CrashLooping (541 restarts over 2 days) because
the 200m CPU limit starved the health check HTTP server — probes timed
out at 5s, liveness killed the container despite WireGuard being connected.

Changes:
- CPU: 200m → 500m limit, 50m → 100m request
- Memory: 256Mi → 384Mi limit, 64Mi → 128Mi request
- Probe timeout: 5s → 10s (WireGuard can have brief stalls)
- Readiness period: 10s → 15s (reduce probe frequency under load)
@github-actions github-actions Bot changed the title Release: 2 fixes, 2 chores → Main Release: 3 fixes, 2 chores → Main Apr 6, 2026
@h0lybyte
test(e2e): isometric WASM asset integrity smoke tests (#9733)
4809df9 
* test(axum-kbve-e2e): add isometric WASM asset integrity smoke tests

Verifies after Docker build that all WASM deployment artifacts are
present and consistent: isometric_game.js glue, inline snippet imports
resolve, WASM binary serves precompressed, wasm-worker.js exists,
and index.js entry point is reachable.

* test(e2e): add full game load chain smoke test

Verifies the complete asset chain resolves: HTML page → index.js →
isometric_game.js → WASM binary → inline snippets → wasm-worker.js →
safari-shim.js. Catches stale/mismatched deploys where any link in
the chain is missing or 404.
@github-actions github-actions Bot changed the title Release: 3 fixes, 2 chores → Main Release: 3 fixes, 1 test, 2 chores → Main Apr 6, 2026
@github-actions github-actions Bot changed the title Release: 3 fixes, 1 test, 2 chores → Main Release: 3 fixes, 1 test, 3 chores → Main Apr 6, 2026
@h0lybyte
fix(creatures): only sync idle creatures to prevent teleporting (#9735)
bc640ea 
Airborne/moving creatures now finish their hop animation naturally
instead of being yanked to the server position mid-flight. Patrol_step
is always synced so the next decision aligns. Force-snap only for
large drift (>15u, creature recycled on server). Idle creatures get
50% lerp toward server anchor for smooth correction.
@github-actions github-actions Bot changed the title Release: 3 fixes, 1 test, 3 chores → Main Release: 4 fixes, 1 test, 3 chores → Main Apr 6, 2026
h0lybyte added 2 commits April 6, 2026 16:14
@h0lybyte
feat(dashboard/ide): language switching, execution history, DESIGN.md…
e303e53 
… cleanup (#9737)

IDE improvements:
- CodeMirror Compartment-based language switching (Python/JS/Shell)
- Add @codemirror/lang-javascript for Node.js preset support
- Execution history panel (last 20 runs, click-to-reload code)
- History tracks preset, code, result, timestamp

DESIGN.md:
- Complete rewrite reflecting all 9 completed phases
- Updated architecture diagram with IDE + dashboard flow
- Consolidated component reference (firecracker-ctl, K8s, rootfs, IDE, VM panel, edge, observability, CI)
- Security section reflects current NetworkPolicy (default-deny, egress DNS-only)
- Remaining work: TAP networking, warm pool, multi-node, streaming output
@h0lybyte
feat(bevy_db): cross-platform async key-value persistence crate (#9736)
ee9df87 
New bevy_db crate providing async key-value persistence for Bevy games:

- Unified API: Db resource with get/put/delete/list_keys/batch operations
- Off-thread I/O via bevy_tasker — game thread never blocks on database ops
- DbRequest<T> polling pattern (same as nav_systems.rs PendingPatrolCompute)
- WriteBatch builder for atomic multi-key transactions
- bincode serialization for compact binary storage

Backends:
- Native (redb): pure Rust B+tree embedded DB, single-file, ACID transactions
- WASM (rexie): IndexedDB wrapper with lazy-init, composite keys ("table\0key")

Both backends implement the internal DbStore trait with identical semantics.
BevyDbPlugin auto-selects backend at compile time via cfg(target_arch).
@github-actions github-actions Bot changed the title Release: 4 fixes, 1 test, 3 chores → Main Release: 2 features, 4 fixes, 1 test, 3 chores → Main Apr 6, 2026
h0lybyte added 2 commits April 6, 2026 16:21
@h0lybyte
chore|build: isometric client.
2320bf0
@h0lybyte
feat(dashboard/ide): keyboard shortcut, elapsed timer, clear button (#…
f9546c9 
…9738)

- Ctrl/Cmd+Enter runs code from inside the editor (CodeMirror keymap)
- Elapsed timer ticks every 100ms during VM creation and execution
- Clear button appears after run to reset output panel
- Phase indicator shows live elapsed time (e.g. "Running... 2.4s")
- Hint text shows keyboard shortcut
- Add @codemirror/lang-javascript, @codemirror/view for keymap support
@github-actions github-actions Bot changed the title Release: 2 features, 4 fixes, 1 test, 3 chores → Main Release: 3 features, 4 fixes, 1 test, 3 chores → Main Apr 6, 2026
h0lybyte added 2 commits April 6, 2026 16:33
@h0lybyte
fix(creatures): hop to server position instead of teleporting (#9739)
9328fcb 
* fix(creatures): use MoveTo hop instead of teleporting for sync corrections

When server position differs from client, inject a MoveTo intent so the
creature naturally hops to the correct position using its run animation
instead of snapping the anchor. Drift <0.5u ignored, >15u force-snaps.

* fix(creatures): use JumpWindup for type-correct sync animations

Use JumpWindup instead of MoveTo — simulate looks up the correct
anim name and speed from each creature type's behavior definition.
Frogs hop (jump anim), stags/wolves run (run anim), etc.
@h0lybyte
feat(dashboard/ide): add code examples dropdown and copy-to-clipboard (
2531ebd 
…#9740)

Add 5 pre-built code examples (Fibonacci, System Info, Prime Sieve,
JSON Parser, VM Inspection) filtered by current language preset.
Add copy-to-clipboard button on output panel.
@github-actions github-actions Bot changed the title Release: 3 features, 4 fixes, 1 test, 3 chores → Main Release: 4 features, 5 fixes, 1 test, 3 chores → Main Apr 6, 2026
@h0lybyte
feat(creatures): ambient creature simulation (fireflies + butterflies) (
2a9631a 
#9741)

* feat(bevy_kbve_net): add ambient creature types + simulation systems

New shared modules for fireflies and butterflies:
- ambient_types.rs: FireflySimState, ButterflySimState, ButterflyFlightState
- spawn_ambient.rs: headless spawn for both types
- simulate_firefly.rs: chunk-based slot assignment + orbital motion
- simulate_butterfly.rs: full flight state machine (Idle/Entering/Active/Exiting)
- flutter_offset added to shared common.rs

All headless (no rendering). Server and client share identical simulation.

* feat(server): register ambient creature spawn/simulate + extend sync broadcast

Server now spawns and simulates fireflies (chunk-based slots + orbital
motion) and butterflies (flight state machine) alongside sprite creatures.
Broadcast extends to include ambient creatures grouped by npc_ref.
@github-actions github-actions Bot changed the title Release: 4 features, 5 fixes, 1 test, 3 chores → Main Release: 5 features, 5 fixes, 1 test, 3 chores → Main Apr 6, 2026
@h0lybyte
feat(isometric): add ambient creature position sync reception (#9742)
62f06ff 
Client now receives CreaturePositionSync for fireflies and butterflies
from the server and snaps their anchors. Ambient creatures use a
separate query (no SpriteCreatureMarker) matched by RenderKind.
@h0lybyte h0lybyte merged commit 9f76b09 into main Apr 6, 2026
4 checks passed
@github-project-automation github-project-automation Bot moved this from Review to Done in KBVE Apr 6, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

auto-pr dev→main

Projects

KBVE
Archived in project

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@h0lybyte