Skip to content

chore: release 1.5.0#137

Closed
github-actions[bot] wants to merge 1 commit into
mainfrom
release-please--branches--main--components--noted
Closed

chore: release 1.5.0#137
github-actions[bot] wants to merge 1 commit into
mainfrom
release-please--branches--main--components--noted

Conversation

@github-actions
Copy link
Copy Markdown
Contributor

@github-actions github-actions Bot commented May 10, 2026

Shipped changes on main since the last tag. For a fuller, narrative history (motivation and context), see CHANGELOG.md in the repo.

1.5.0 (2026-05-10)

Features

  • ai: tighter product prompt + loading spinner on AI buttons (02744b4)
  • collaborative group gift contributors with invite flow (#115) (ad321e4)
  • in-app accept/decline for invited users + register flow for new users (#125) (d104d85)
  • per-email-type from addresses with shared fallback (#121) (dde12a8)
  • phase 8 — group gifts (#111) (1247ec3)
  • phase 8 — group gifts + bundled enhancements (#108 #109 #110 #112) (#113) (a72d112)
  • Phase 8 group gifts (#130) (dde9a44)

Bug Fixes

  • address Codacy security findings and esbuild advisory (bf475e4)
  • address CodeRabbit comprehensive feedback (1865c61)
  • address final PR #130 review comments (Round 2) (a56c581)
  • address PR #130 review comments from Codacy and CodeRabbit (5c5fc36)
  • bump drizzle-orm to 0.45.2 (SQL injection security fix) (#61) (05d1db5)
  • bump trivy-action to v0.36.0 — 0.31.0 tag does not exist (#86) (#87) (aa583f9)
  • docker: drive drizzle-kit through an expect script (e1d2272)
  • docker: give drizzle-kit a pseudo-TTY so piped newlines reach prompts (23feb35)
  • docker: unblock migrator when drizzle-kit prompts despite --force (0604b68)
  • docker: unblock migrator when drizzle-kit prompts despite --force (560ec6f)
  • duplicate authorization header with create-pull-request (c665869)
  • generate inviteToken in app code to guarantee invite emails are sent (#117) (8646566)
  • harden gift-group contributor email edits (b887bc6)
  • harden register, occasions, and gift-group review findings (ed64dec)
  • include wishlist items in reminder email shortlist (#129) (bb33681), closes #128
  • log email errors in gift group actions (#119) (609608e)
  • re-apply: restore security fixes (c5b0fa3)
  • remove from sync-gemini to unblock Actions on main (#70) (e7ed402), closes #69
  • remove from sync-gemini to unblock Actions on main (#71) (818904c)
  • resolve npm security vulnerabilities (Next.js CVEs + PostCSS XSS) (#102) (d83a9e9)
  • resolve package-lock.json conflict markers and sync version to 1.3.5 (64320c5)
  • restore missing occasionKind enum in schema (0e563c2)
  • revert erroneous commits and restore stable 1865c61 (a6e7fda)
  • revert server action arrow wrappers causing serialization crash (849cc8e)
  • satisfy Codacy object-injection rule in parsePence (2840025)
  • sender display name and digest promotional classification (#127) (aa87df1)
  • strip esbuild binaries from runner image (CVE-2024-24790, CVE-2025-68121) (#91) (a8ec880)
  • ui: move iCal URL onFocus handler into a client component (7489701)
  • upgrade Next.js, next-auth, drizzle-kit to resolve CVEs (#93) (690833a)
  • use PRs for bot branch updates and setup-node v6 (3dd9657)
  • wrap useSearchParams in Suspense boundary on /login/register (27e919d)

Performance

  • DB indexes, connection pool, request caching, SQL reminders filter (e05f11d)

Miscellaneous

  • add app health check endpoint and Docker healthcheck (#89) (cf413ed)
  • add CODEOWNERS, Dependabot, CodeQL, SECURITY.md, CONTRIBUTING.md (f726f11)
  • add concurrency groups to pr-checks and docker-publish (#95) (90b34b7)
  • add Dependabot auto-merge for patch and minor updates (#81) (1f451dd)
  • add Docker memory limits and wire Sentry env vars (#85) (19b5719)
  • add husky + lint-staged + commitlint pre-commit enforcement (#77) (26ff8d3)
  • add PR auto-labeller (area from file paths, type from title prefix) (a639a36)
  • add release helper workflow (#97) (ffadf14)
  • add Release Please and Codecov automation (#105) (063d7a3)
  • add Sentry error tracking (#79) (8660a23)
  • add Trivy container image vulnerability scan (#83) (04a6508)
  • add Vitest unit tests (repo advisory item 1) (#75) (a62dca4)
  • allow Release Please to use optional PAT for PR creation (6ca0401)
  • archive old CHANGELOG entries [changelog-archive] (#132) (99d856c)
  • bump version to 1.3.2 for CI and Docker registry fixes (5b9cb0c)
  • bump version to 1.3.2 for CI and Docker registry fixes (#72) (9418805)
  • bump version to 1.3.3 (a088869)
  • bump version to 1.3.4 and compact CHANGELOG (ebc1629)
  • bump version to 1.3.5 (85aee71)
  • Development → main (v1.3.3) (#73) (b984d14)
  • Development → main (v1.3.4) (#98) (15149f8)
  • Development → main (v1.3.5) (#103) (1a04ec6)
  • disable auto-delete branches; clean up dependabot branches on merge (94e0c38)
  • migrate Docker registry to GHCR with docs-only skip (#63) (ffe52f5), closes #62
  • migrate Docker registry to GHCR with docs-only skip (#65) (27b19b9)
  • phase 8 docs and changelog archive workflow (d965bd7)
  • release 1.4.0 (#131) (f983acc)
  • replace Closes with Related to in PR template to prevent auto-close (e148ae5)
  • revert all PR review fixes to restore stable 4bcb6fc (87b9c46)
  • sync Development → main (v1.3.5) (#106) (b3ba051)
  • sync GEMINI.md from CLAUDE.md (abbc322)
  • sync GEMINI.md from CLAUDE.md (95b2a74)
  • tune Release Please (skip root changelog, sync Dev, docs) (e2c5f0d)
  • wire Release Please manifest config in workflow (47e19ec)

Documentation

  • add bot-comment review step to PR workflow memory (3b43e47)
  • add MIT licence (93adf22)
  • add version numbers to V2 phase table (f07742b)
  • overhaul CLAUDE.md, memory files, CI checks, and GEMINI mirror (a27190d)
  • refresh README for public launch (#68) (c1497cb)
  • refresh README for public launch with screenshots and badges (#67) (66f2a93)
  • releases only required for code changes, not docs-only pushes (9229760)

This PR was generated with Release Please. See documentation.

@github-actions github-actions Bot requested a review from dbwg2009 as a code owner May 10, 2026 22:37
@codacy-production
Copy link
Copy Markdown

codacy-production Bot commented May 10, 2026

Up to standards ✅

🟢 Issues 0 issues

Results:
0 new issues

View in Codacy

🟢 Metrics 0 complexity · 0 duplication

Metric Results
Complexity 0
Duplication 0

View in Codacy

AI Reviewer: first review requested successfully. AI can make mistakes. Always validate suggestions.

Run reviewer

TIP This summary will be updated as you push new changes.

codacy-production[bot]
codacy-production Bot reviewed May 10, 2026
View reviewed changes
Copy link
Copy Markdown

@codacy-production codacy-production Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR successfully updates the project version to 1.5.0 across all necessary manifest files. Codacy analysis reports that the changes are up to standards, with no new issues, clones, or complexity increases. The update aligns perfectly with the intended release chore.

TIP Improve review quality by adding custom instructions
TIP How was this review? Give us feedback

@dbwg2009
Copy link
Copy Markdown
Owner

dbwg2009 commented May 10, 2026

no changes

@dbwg2009 dbwg2009 closed this May 10, 2026
@dbwg2009 dbwg2009 deleted the release-please--branches--main--components--noted branch May 10, 2026 22:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@dbwg2009 dbwg2009 Awaiting requested review from dbwg2009 dbwg2009 is a code owner

1 more reviewer

@codacy-production codacy-production[bot] codacy-production[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

autorelease: pending

Projects

None yet

Milestone

No milestone

1 participant

@dbwg2009