build(deps): Bump astral-sh/setup-uv from 5 to 7#1
Closed
dependabot[bot] wants to merge 1 commit into
Closed
Conversation
Bumps [astral-sh/setup-uv](https://github.com/astral-sh/setup-uv) from 5 to 7. - [Release notes](https://github.com/astral-sh/setup-uv/releases) - [Commits](astral-sh/setup-uv@v5...v7) --- updated-dependencies: - dependency-name: astral-sh/setup-uv dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Author
LabelsThe following labels could not be found: Please fix the above issues or remove invalid values from |
9 tasks
Author
|
OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting If you change your mind, just re-open this PR and I'll resolve any conflicts on it. |
5 tasks
hizrianraz
added a commit
that referenced
this pull request
May 18, 2026
…llback (#44) Ainfera `slug` is the canonical-for-us identifier (e.g., `claude-opus-4-7`). The provider's API expects its own canonical name (e.g., Anthropic's `claude-opus-4-20251110`). Currently routing.dispatch_inference passes `slug` directly to upstream, which works for AAMC 5 (slug == upstream name) but blocks the 43 deactivated non-AAMC slugs whose names diverge. ## Schema (migration 0016) - `models.provider_model_name TEXT NULL` - Forward-compatible add-column (no backfill) ## Routing fallback `upstream_model = model.provider_model_name or model_slug` - NULL = adapter receives Ainfera slug as-is (current AAMC 5 behavior preserved) - Populated = adapter receives the provider's canonical name ## Audit chain integrity Per "no stealth substitution" rule, audit events still record `model_slug` (Ainfera canonical). This change only affects what we send upstream. ## Deferred to follow-up - Piece #2: fix 4 provider base_urls (groq/fireworks/deepinfra/novita) — requires prod DB UPDATE against `providers` table - Piece #3: backfill provider_model_name for the 43 deactivated rows — requires per-provider /v1/models research + sacrificial test key access + T9 re-fanout Both pieces are Discipline #6 corollary territory (prod DB writes); file as separate sub-tickets for explicit founder auth. Co-authored-by: Claude <noreply@anthropic.com>
This was referenced May 19, 2026
hizrianraz
added a commit
that referenced
this pull request
May 19, 2026
…-1 .claude untrack (#45) Two safe pre-launch changes against the public surface of the api repo. 1. /v1/audit/public — explicit short-TTL Cache-Control. Live probe at 2026-05-19 09:08 UTC showed the route running with no Cache-Control header (cf-cache-status: DYNAMIC), meaning every hit lands on the Railway origin. At steady state this is fine — top events are ~minutes old, no staleness exists — but the prompt CC dispatched against this PR was diagnosed on an earlier transient; the underlying gap (no explicit launch-time cache policy on a public endpoint advertised as a live audit chain) is still real and worth closing before traffic spikes. public, max-age=10, s-maxage=10, stale-while-revalidate=60 gives: - 10s edge cache absorbs thundering-herd from Show HN / social - 60s SWR keeps the page responsive during upstream blips - advertised "live audit chain" lag stays ≤10s — well within what a reasonable observer would call "live" /v1/audit/{agent_id} is NOT touched — that route requires CurrentTenant auth and is not a public surface. 2. AIN-183 P0-1 remediation for the api repo. The 2026-05-19 11:59 commit on web/ (7bbb8a0) untracked .claude/CLAUDE.md on the marketing repo but the equivalent fix was never applied here. git ls-files .claude/ on this repo still returned .claude/CLAUDE.md — leaking founder Workspace email, internal agent fleet topology (Manwe/Namo/Aule/Tulkas), and brand v1.3 spec to anyone with read access to the public github.com/ainfera-ai/api repo. Fix is the same shape as the web/ fix: - Drop the !.claude/CLAUDE.md / !.claude/SKILL.md / !.claude/AGENTS.md whitelist lines from .gitignore. None of those three were ever needed tracked in a public repo; the whitelist was defense-in-the-wrong- direction. - git rm --cached .claude/CLAUDE.md removes from HEAD index. The file stays on disk so local Claude sessions in this checkout continue to load it as session memory. This commit only removes from HEAD; the file remains in git history and the founder will need a force-push or BFG sweep to scrub from history. That work is deferred to AIN-183 follow-up (PR F republish lane). Discipline: #1 (production claim ≤10s lag matches reality), #3 (founder PII off public surface), #11 (cache policy + advertised liveness align). Closes: AIN-179 child (audit feed launch hardening), AIN-183 P0-1 api-side Co-authored-by: Aule <aule@ainfera-internal.local>
hizrianraz
added a commit
that referenced
this pull request
May 19, 2026
* feat(api): AIN-183 P0-2 · flip aa_index_source for AAMC voters gemini-3-1-pro + mistral-large-3 Two of the five AAMC v1.0 voter slugs landed in prod with aa_index_source='estimate_2026_q2' because at the time the Artificial Analysis Intelligence Index didn't have a stable reading for either model. The other three (claude-opus-4-7, gpt-5-5, grok-4) shipped with 'aamc_v1_lock'. AA Index has since locked readings for both, and the marketing /models page calls out 'AAMC v1.0' across the whole 5-voter pool — leaving two on a provisional source label reads as a discipline #11 mismatch (spec / runtime / copy disagree). ## Migration `20260519_0017_aamc_voter_source_lock.py` runs a single UPDATE filtered on the current value, so re-applying is a no-op. The rowcount assertion (Memory #20: silent no-ops ship as green CI) accepts 0 (fresh DB / re-apply) or 2 (first prod apply) but raises on any other value. Downgrade reverses the flip — safe because no row-level dependency hangs on the source label. ## Invariant test `test_aamc_5_voters_use_v1_lock_source` lives next to the existing `test_aamc_5_canonical_voters_always_active` and asserts the same lock shape but for `aa_index_source`. Any future migration that regresses one of the five voters back onto a provisional source label fails CI here, with the discipline #11 reasoning surfaced in the assertion message. ## Friction The audit prompt called the column `aamc_index_source`. Actual ORM declaration is `aa_index_source` (api/ainfera_api/orm.py:332) and the public API response field is the same. Migration uses the real name. Closes: AIN-183 P0-2 (AAMC source label drift) Discipline: #1 (no-op no longer ships green), #11 (catalog labels align across DB / API / marketing), Memory #20 (rowcount assertion). * fix(api): AIN-183 P0-2 migration · drop updated_at clause (column does not exist) CI integration failed with: asyncpg.exceptions.UndefinedColumnError: column "updated_at" of relation "models" does not exist The models table has only created_at, not updated_at. My original sketch carried updated_at over from a generic timestamp-touch pattern that doesn't apply here. Drop the clause from both upgrade() and downgrade() — the aa_index_source flip is the only data change. Locally: alembic upgrade head succeeds; the data-integrity assertion (0 or 2 rows affected) still guards against silent no-ops. --------- Co-authored-by: Aule <aule@ainfera-internal.local>
2 tasks
hizrianraz
added a commit
that referenced
this pull request
May 19, 2026
…AAMC voters (#48) The invariant test test_aamc_5_voters_use_v1_lock_source landed in PR #46 (AAMC source-lock) and main's integration CI now fails because: 1. alembic upgrade head runs migration 20260516_0008 which inserts the T2/T3 catalog rows but NOT the 5 AAMC voters. 2. scripts.seed_dev then upserts the AAMC voter rows — without setting aa_index_source. Column lands NULL. 3. Migration 20260519_0017 (AAMC source-lock) only flips rows where aa_index_source='estimate_2026_q2'. NULL rows aren't touched. 4. Test asserts aa_index_source='aamc_v1_lock'. Fails for all 5 voters because they're NULL post-seed. Two-part fix: - PROVIDERS table declares aa_index_source='aamc_v1_lock' on each of the five AAMC voter model_specs. - _upsert_model reads model_spec.get('aa_index_source') and sets it on both insert and upsert. Idempotent — only writes when the seed declares a value, so re-running seed doesn't stomp the locked label with NULL on rows that came in from elsewhere. Net effect: CI's post-seed state for the 5 voters now matches prod's post-migration state (aa_index_source='aamc_v1_lock' on all of them). Test passes; the source-lock invariant is exercised every integration run. Discipline: #1 (CI state matches prod state), #11 (seed/migration/test all agree on the lock value). Co-authored-by: Aule <aule@ainfera-internal.local>
hizrianraz
pushed a commit
that referenced
this pull request
May 19, 2026
…tion C)
/v1/audit/public was building canonical URIs as
`ainfera.ai/{owner_handle}/{agent_name}` where owner_handle was read off
the agent row. For founder-owned agents (Varda, Yavanna) this surfaced
`ainfera.ai/hizrianraz/varda` on the most-trafficked public endpoint we
run — a discipline #3 leak of founder GitHub-handle / PII.
The Discipline #12 fix landed in the AIN-183 audit prompt is Option C: add
a public-facing handle on the `tenants` row that's decoupled from the
GitHub handles on agent rows, and project that on the public surface
instead.
Three-phase, all in one upgrade():
1. Add `tenant_handle TEXT NULL` to `tenants`.
2. Backfill in priority order:
a. Tenants that own at least one agent with `owner_handle='hizrianraz'`
→ `tenant_handle='ainfera-ai'` (founder tenant id is not hardcoded;
lifted from data).
b. Remaining tenants → MIN(owner_handle) across their agents (stable +
deterministic + matches the GitHub handle most users registered as).
c. Agent-less tenants → contact_email local part.
d. Conflict resolution: collisions append a 6-char id-slice suffix in
stable id order, so the first-by-id keeps the bare handle.
3. NOT NULL constraint + unique index. Pre-NOT-NULL the migration asserts
zero rows remain NULL (Memory #20 silent-no-op guard).
- `TenantORM.tenant_handle` declared NOT NULL UNIQUE String(64).
- `routers/audit.py` public_feed projection joins through TenantORM and
reads tenant_handle. The response key stays `owner_handle` — the public
API contract is unchanged, only the value source moves.
- All four TenantORM instantiation sites populate the new column:
- routers/signup.py (SDK-CLI signup → tenant_handle=owner_handle)
- routers/github_oauth.py (OAuth login → tenant_handle=github_login)
- routers/install.py (resolve-or-create on install → same as oauth)
- routers/tenants.py (/v1/tenants/register → contact_email local part)
```
curl -s https://api.ainfera.ai/v1/audit/public | \
jq -r '.events[].canonical_uri' | grep -c hizrianraz
curl -s https://api.ainfera.ai/v1/audit/public | \
jq -r '.events[].canonical_uri' | grep -c ainfera-ai/varda
```
Once this lands, the marketing AuditTicker widget (already filters
`ainfera-ai/varda` and `ainfera-ai/yavanna` on the web side) starts
matching real events — closes PR E without a web-side code change.
- Prompt said `tenants.tenant_handle` is a new column. Confirmed via ORM
read — column did not exist (only id/name/contact_email/api_key_hash/
created_at). Migration adds it.
- Public response field stays named `owner_handle` to avoid breaking the
API contract; only the underlying value changes. If a future PR wants
to rename the response field to `tenant_handle`, that's a separate
ContractDelta against the PublicAuditEvent Pydantic model.
Closes: AIN-183 P0-3 (founder PII on /v1/audit/public)
Discipline: #1 (claim "no founder PII on public" matches reality),
assertions on data migration).
hizrianraz
added a commit
that referenced
this pull request
May 19, 2026
…tion C) (#47) /v1/audit/public was building canonical URIs as `ainfera.ai/{owner_handle}/{agent_name}` where owner_handle was read off the agent row. For founder-owned agents (Varda, Yavanna) this surfaced `ainfera.ai/hizrianraz/varda` on the most-trafficked public endpoint we run — a discipline #3 leak of founder GitHub-handle / PII. The Discipline #12 fix landed in the AIN-183 audit prompt is Option C: add a public-facing handle on the `tenants` row that's decoupled from the GitHub handles on agent rows, and project that on the public surface instead. Three-phase, all in one upgrade(): 1. Add `tenant_handle TEXT NULL` to `tenants`. 2. Backfill in priority order: a. Tenants that own at least one agent with `owner_handle='hizrianraz'` → `tenant_handle='ainfera-ai'` (founder tenant id is not hardcoded; lifted from data). b. Remaining tenants → MIN(owner_handle) across their agents (stable + deterministic + matches the GitHub handle most users registered as). c. Agent-less tenants → contact_email local part. d. Conflict resolution: collisions append a 6-char id-slice suffix in stable id order, so the first-by-id keeps the bare handle. 3. NOT NULL constraint + unique index. Pre-NOT-NULL the migration asserts zero rows remain NULL (Memory #20 silent-no-op guard). - `TenantORM.tenant_handle` declared NOT NULL UNIQUE String(64). - `routers/audit.py` public_feed projection joins through TenantORM and reads tenant_handle. The response key stays `owner_handle` — the public API contract is unchanged, only the value source moves. - All four TenantORM instantiation sites populate the new column: - routers/signup.py (SDK-CLI signup → tenant_handle=owner_handle) - routers/github_oauth.py (OAuth login → tenant_handle=github_login) - routers/install.py (resolve-or-create on install → same as oauth) - routers/tenants.py (/v1/tenants/register → contact_email local part) ``` curl -s https://api.ainfera.ai/v1/audit/public | \ jq -r '.events[].canonical_uri' | grep -c hizrianraz curl -s https://api.ainfera.ai/v1/audit/public | \ jq -r '.events[].canonical_uri' | grep -c ainfera-ai/varda ``` Once this lands, the marketing AuditTicker widget (already filters `ainfera-ai/varda` and `ainfera-ai/yavanna` on the web side) starts matching real events — closes PR E without a web-side code change. - Prompt said `tenants.tenant_handle` is a new column. Confirmed via ORM read — column did not exist (only id/name/contact_email/api_key_hash/ created_at). Migration adds it. - Public response field stays named `owner_handle` to avoid breaking the API contract; only the underlying value changes. If a future PR wants to rename the response field to `tenant_handle`, that's a separate ContractDelta against the PublicAuditEvent Pydantic model. Closes: AIN-183 P0-3 (founder PII on /v1/audit/public) Discipline: #1 (claim "no founder PII on public" matches reality), assertions on data migration). Co-authored-by: Aule <aule@ainfera-internal.local>
4 tasks
4 tasks
hizrianraz
added a commit
that referenced
this pull request
May 19, 2026
…on signup (#50) Found during AIN-79 end-to-end smoke 2026-05-19 18:05 — second consecutive quickstart run with owner_handle="anonymous" failed with "signup violated a uniqueness constraint" because PR #47 (AIN-183 P0-3) shipped tenant_handle as NOT NULL UNIQUE but the four TenantORM instantiation sites just set tenant_handle=owner_handle with no conflict handling. ## services/tenant_handle.py New helper `allocate_tenant_handle(db, *, candidate, tenant_id=None)` that probes the unique index with a SELECT 1, returns the bare candidate if free, else suffixes with a 6-char uuid slice (mirrors migration 0018's conflict-resolution shape). Bounded to 3 attempts; falls back to `tenant-<slice>` if everything collides (vanishingly unlikely — 16M variants per base). Caller pre-allocates tenant_id and passes it to the helper so the suffix is stable across redeploys/replays. ## Four call sites updated - routers/signup.py — SDK-CLI signup (the smoke-test trigger) - routers/github_oauth.py — OAuth login user-create - routers/install.py — resolve-or-create on install - routers/tenants.py — /v1/tenants/register All four pre-allocate `tenant_id` then call the helper, then pass both into the TenantORM constructor. The UNIQUE constraint still fires as the final guard if a race slips through. Closes: AIN-186 Discipline: #1 (smoke that worked once works again the next morning), #11 (signup site behavior matches migration 0018's collision model). Co-authored-by: Aule <aule@ainfera-internal.local>
hizrianraz
pushed a commit
that referenced
this pull request
May 22, 2026
…nwe inclusion
Phase 3.A introduces a public brand catalog distinct from the inference
endpoint catalog: GET /v1/catalog/brands returns the 11 makers
(5 cleared+active, 6 pending+inactive) with per-brand model counts. The
existing /v1/models flat projection picks up a `brand` field so callers
can group on the maker without a second round-trip. providers.flat_router
gets a sibling catalog_router; ModelORM gains a nullable brand_id FK to
the new BrandORM.
Phase 2.A closes the dashboard "0 agents" bug: GET /v1/users/{handle}/agents
was 404-ing because the route never existed. Added a minimal Fleet list
projection (FleetAgentRow) that mirrors the web client's Agent shape and
filters by owner_handle + status='active', joined to wallets.
Phase 2.D updates audit.py so Manwe (Customer #1 per the 2026-05-22
founder lock) appears on /v1/audit/public and /v1/audit/height. A new
_public_owner_handle() helper normalizes any ainfera-ai* tenant_handle
to the brand-voice 'ainfera-ai' so no founder identity leaks regardless
of which org-side tenant emitted the event.
DB migrations applied separately via supabase apply_migration:
- phase1a_money_tables_append_only (search_path-locked)
- phase1e_rename_dead_routing_policy_table
- phase1c_brands_taxonomy_and_seed_v2 (11 brands, backfill)
- phase1d_catalog_dedup_repoint_alias_inferences
- phase1b_rls_enable_default_deny_on_public_tables
- phase2bc_revoke_fleet_ghosts_and_manwe_dupe
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
7 tasks
hizrianraz
pushed a commit
that referenced
this pull request
May 22, 2026
…nwe inclusion
Phase 3.A introduces a public brand catalog distinct from the inference
endpoint catalog: GET /v1/catalog/brands returns the 11 makers
(5 cleared+active, 6 pending+inactive) with per-brand model counts. The
existing /v1/models flat projection picks up a `brand` field so callers
can group on the maker without a second round-trip. providers.flat_router
gets a sibling catalog_router; ModelORM gains a nullable brand_id FK to
the new BrandORM.
Phase 2.A closes the dashboard "0 agents" bug: GET /v1/users/{handle}/agents
was 404-ing because the route never existed. Added a minimal Fleet list
projection (FleetAgentRow) that mirrors the web client's Agent shape and
filters by owner_handle + status='active', joined to wallets.
Phase 2.D updates audit.py so Manwe (Customer #1 per the 2026-05-22
founder lock) appears on /v1/audit/public and /v1/audit/height. A new
_public_owner_handle() helper normalizes any ainfera-ai* tenant_handle
to the brand-voice 'ainfera-ai' so no founder identity leaks regardless
of which org-side tenant emitted the event.
DB migrations applied separately via supabase apply_migration:
- phase1a_money_tables_append_only (search_path-locked)
- phase1e_rename_dead_routing_policy_table
- phase1c_brands_taxonomy_and_seed_v2 (11 brands, backfill)
- phase1d_catalog_dedup_repoint_alias_inferences
- phase1b_rls_enable_default_deny_on_public_tables
- phase2bc_revoke_fleet_ghosts_and_manwe_dupe
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
11 tasks
This was referenced May 23, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps astral-sh/setup-uv from 5 to 7.
Release notes
Sourced from astral-sh/setup-uv's releases.
... (truncated)
Commits
37802adFetch uv from Astral's mirror by default (#809)9f00d18chore(deps): bump zizmorcore/zizmor-action from 0.5.0 to 0.5.2 (#808)fd8f376Switch to ESM for source and test, use CommonJS for dist (#806)f9070deBump deps (#805)cadb67bchore: update known checksums for 0.10.10 (#804)e06108dUse astral-sh/versions as primary version provider (#802)0f6ec07docs: replace copilot instructions with AGENTS.md (#794)821e5c9docs: add cross-client dependabot rollup skill (#793)6ee6290chore(deps): bump versions (#792)9f332a1Add riscv64 architecture support to platform detection (#791)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)