Bump version to v5.41.1 [merge now]#2817
Merged
Merged
Conversation
piyalbasu
added a commit
that referenced
this pull request
May 29, 2026
* bump versions to 5.41.1 (#2817) Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> * Add CTA to let users know they can paste mnemonic phrase into box (#2803) * add subtext copy to paste mnemonic phrase * update snapshots for import screen * Restore submitProduction Sentry secrets fix on master (re-apply #2783) (#2819) * Fix submitProduction workflow secrets references The Sentry env-var guards used the `secrets` context inside step-level `if:` expressions, which GitHub Actions does not allow ("Unrecognized named-value: 'secrets'"). Map the Sentry secrets into the workflow-level `env:` block and check them via `env.*`, matching the existing `INDEXER_*` pattern. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> * Scope Sentry secrets to the validation step only Drop the workflow-level env entries for SENTRY_ORG / SENTRY_PROJECT / SENTRY_AUTH_TOKEN and collapse the three separate guard steps into one "Validate Sentry secrets" step with a local env: block. This keeps the credentials out of every other step's process environment (including third-party actions in the job) and replaces the gh-run-cancel dance with a plain exit 1. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> --------- Co-authored-by: Cássio Marcos Goulart <cassiomgoulart@gmail.com> Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com> * Truncate long memos dynamically (#2812) * adjust long memo truncation * simplify logic of memo truncation centralized * cleanup ellipsize logic from claude review * Strip Amplitude autocapture remote-code from extension bundle The Chrome Web Store / Firefox AMO rejected the build for shipping remotely-hosted code: https://cdn.amplitude.com/libs/visual-tagging-selector-1.0.0-alpha.js.gz This URL (and a sibling background-capture URL) comes from @amplitude/plugin-autocapture-browser, which @amplitude/analytics-browser imports statically. We initialize Amplitude with `autocapture: false`, so the code never runs — but the runtime flag does not remove the URLs from the bundle, and store review scans the static bundle. Alias the autocapture plugin to a no-op stub via webpack resolve.alias. This removes the visual-tagging-selector URL directly; because nothing else imports getOrCreateWindowMessenger / enableBackgroundCapture from @amplitude/analytics-core, tree-shaking also drops the core messenger code holding the background-capture URL. Verified against a clean production build: zero matches for cdn.amplitude.com, visual-tagging-selector, background-capture, or loadScriptOnce in the emitted .js, with the Amplitude analytics/experiment SDKs otherwise intact. The autocapture SDK first shipped in 5.39.0 (commit a3b2b50, PR #2659). Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> * Order transactions by date (#2810) * add transaction date ordering * cleanup mocks and sort logic * adjust comment to reflect ordering reason * Don't embed literal blocked CDN URLs in stub comment Addresses review feedback: the production build emits source maps with sourcesContent and the store submission zips the build dir recursively, so a literal blocked remote-code URL in this comment could ride into the shipped .map artifact and re-trigger the store rejection. Describe the libs by name instead of writing the full fetchable URLs. (Verified the stub's source is currently DCE'd out of all emitted maps, so this is defense-in-depth against future config/bundler changes.) Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> --------- Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: leofelix077 <leonardoaalf077@hotmail.com> Co-authored-by: Cássio Marcos Goulart <cassiomgoulart@gmail.com> Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Merged
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumping version on
masterbranch tov5.41.1.