Skip to content

v0.2.20

Choose a tag to compare

View all tags
@chraltro chraltro released this 09 Jun 17:42
· 9 commits to main since this release
v0.2.20
031e631
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Bug-fix and security release.

Fixes

  • #28: a fresh havn init project failed on "Run All" with ModuleNotFoundError: No module named 'pandas'. The starter ingest notebook now loads data with pure DuckDB (zero extra installs), and notebook/script ModuleNotFoundErrors now show an install hint matched to your install method (uv / pipx / pip). Adding Python libraries is documented in the README, CLAUDE.md, and havn init output.

Security

  • Fixed an unauthenticated path-traversal / arbitrary file read in the SPA catch-all route.
  • Closed a notebook sandbox escape that allowed reading _havn (auth tokens/users) and running ATTACH/INSTALL/LOAD/COPY TO via SQL aliasing or runtime-built strings.

Other fixes

  • DAG active-node glow now matches the node's schema color.
  • Query Cancel button now aborts the running query.
  • Wiki internal links and "Open in New Tab" now navigate/render correctly.
  • Run-summary success card auto-dismisses; DAG redraw churn reduced.
  • Resource-manager cancel-callback leak, stale model_state on delete, empty-feed pipeline abort, catalog-qualified table-name parsing, autocomplete race, and several smaller correctness fixes.

Full test suite: 1345 passing.

Assets 2
Loading