Conversation
perf(onboarding): optimize onboarding pipeline from ~5min to ~2min
|
The latest updates on your projects. Learn more about Vercel for GitHub.
1 Skipped Deployment
|
![cubic-dev-ai[bot]](https://avatars.githubusercontent.com/in/1082092?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
4 issues found across 25 files
Confidence score: 3/5
- There are concrete medium-to-high severity risks (6–7/10 with high confidence) in onboarding flow logic, so this is not a low-risk merge despite being fixable.
- In
apps/app/src/trigger/tasks/onboarding/onboard-organization.ts,metadata.set('policies', true)is never written afterupdateOrganizationPolicies, which can leave real-time progress stuck and misrepresent step completion to users. - In
apps/app/src/trigger/tasks/onboarding/generate-vendor-mitigation.ts, unhandledbatchTriggerAndWaitchild failures can be silently ignored, and inapps/app/src/trigger/tasks/onboarding/process-policy-template.ts, conditional parsing may remove non-conditional text when markers share a node. - Pay close attention to
apps/app/src/trigger/tasks/onboarding/onboard-organization.ts,apps/app/src/trigger/tasks/onboarding/generate-vendor-mitigation.ts,apps/app/src/trigger/tasks/onboarding/process-policy-template.ts, andapps/app/src/app/(app)/[orgId]/policies/all/components/policies-table.tsx- onboarding correctness and polling behavior need targeted validation before merge.
Prompt for AI agents (unresolved issues)
Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.
<file name="apps/app/src/trigger/tasks/onboarding/onboard-organization.ts">
<violation number="1" location="apps/app/src/trigger/tasks/onboarding/onboard-organization.ts:108">
P1: Missing `metadata.set('policies', true)` after `updateOrganizationPolicies` completes. The policies step will never be marked as finished in real-time tracking metadata, since only the initialization to `false` remains.</violation>
</file>
<file name="apps/app/src/trigger/tasks/onboarding/generate-vendor-mitigation.ts">
<violation number="1" location="apps/app/src/trigger/tasks/onboarding/generate-vendor-mitigation.ts:119">
P1: Handle `batchTriggerAndWait` results and fail the parent task when any child run fails; otherwise mitigation failures are silently ignored.</violation>
</file>
<file name="apps/app/src/trigger/tasks/onboarding/process-policy-template.ts">
<violation number="1" location="apps/app/src/trigger/tasks/onboarding/process-policy-template.ts:136">
P2: Conditional block traversal can delete non-conditional text when `{{#if}}`/`{{/if}}` markers share a node with normal content.</violation>
</file>
<file name="apps/app/src/app/(app)/[orgId]/policies/all/components/policies-table.tsx">
<violation number="1" location="apps/app/src/app/(app)/[orgId]/policies/all/components/policies-table.tsx:35">
P2: Gate polling by `shouldSubscribeToRun`; otherwise this will continue revalidating every second even when there is no onboarding run id.</violation>
</file>
Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review, or fix all with cubic.
…ntext (#2780) useRun requires a TriggerProvider with an access token. When there's no active onboarding (no triggerJobId), the TriggerTokenProvider renders children without a TriggerProvider, causing useRun to throw "Missing accessToken in TriggerAuthContext." Reverted policies-table, use-policy-onboarding-status, and use-onboarding-status back to useRealtimeRun which gracefully handles missing auth context via the enabled flag. For ToDoOverview, removed the trigger hook entirely — it only needs a boolean "is onboarding running" which can be derived from the triggerJobId prop. Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Contributor
There was a problem hiding this comment.
1 issue found across 4 files (changes from recent commits).
Prompt for AI agents (unresolved issues)
Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.
<file name="apps/app/src/app/(app)/[orgId]/overview/components/ToDoOverview.tsx">
<violation number="1" location="apps/app/src/app/(app)/[orgId]/overview/components/ToDoOverview.tsx:51">
P2: Using `!!onboardingTriggerJobId` as the in-progress check can lock the publish action after failed/stuck onboarding runs, because stale job IDs are treated as active forever.</violation>
</file>
Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review, or fix all with cubic.
…#2781) Roll out framework versioning to all organizations by removing the PostHog feature flag gate. The History tab and update banner now render unconditionally. Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…check (#2782) Build optimizations (~110s savings): - typescript.ignoreBuildErrors: true — skips the 79s TypeScript check during next build. Type errors are now caught by the check-types CI workflow instead. - widenClientFileUpload: false — reduces Sentry source map upload scope, saving ~30-40s of scanning/uploading client-side files. CI: - Added pull_request trigger to check-types.yml so typecheck runs on every PR, replacing the in-build check. Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
5 tasks
* fix: address cubic review findings on onboarding PR
P1: Add metadata.set('policies', true) after policy fan-out so the
tracker boolean flag is set.
P1: Log batchTriggerAndWait failures in vendor/risk mitigation fan-outs
instead of silently ignoring them.
P2: Strip {{#if}}/{{/if}} markers from mixed-content nodes so template
syntax doesn't leak into rendered policies.
P2: Fix stale onboardingTriggerJobId locking publish button in
ToDoOverview.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
* fix: strip only first marker occurrence to preserve nested conditionals
The global regex flag in stripMarkerText would remove ALL matching
{{#if}}/{{/if}} markers in a subtree, corrupting boundaries of nested
conditional blocks. Removed the g flag so only the first occurrence
(the one that triggered the match) is stripped.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Contributor
|
@cubic-dev-ai re-review |
Contributor
@Marfuen I have started the AI code review. It will take a few minutes to complete. |
Contributor
There was a problem hiding this comment.
2 issues found across 28 files
Confidence score: 3/5
- There is concrete user-facing risk in
apps/app/src/app/(app)/[orgId]/components/OnboardingTracker.tsx: zero-item steps are treated as incomplete, which can leave onboarding progress stuck even when there is nothing to do. apps/app/src/trigger/tasks/onboarding/onboard-organization.tscurrently awaitsupdateOrganizationPoliciesimmediately, reducing intended parallelism and potentially slowing onboarding task completion.- Given two medium-severity issues with high confidence (both 9/10), this looks like a moderate merge risk rather than a merge-blocker.
- Pay close attention to
apps/app/src/app/(app)/[orgId]/components/OnboardingTracker.tsxandapps/app/src/trigger/tasks/onboarding/onboard-organization.ts- step completion logic can block progress, and serialized async work can degrade onboarding performance.
Prompt for AI agents (unresolved issues)
Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.
<file name="apps/app/src/trigger/tasks/onboarding/onboard-organization.ts">
<violation number="1" location="apps/app/src/trigger/tasks/onboarding/onboard-organization.ts:108">
P2: `updateOrganizationPolicies` is awaited immediately, which serializes policy work before vendor/risk creation and defeats the intended parallel execution.</violation>
</file>
<file name="apps/app/src/app/(app)/[orgId]/components/OnboardingTracker.tsx">
<violation number="1" location="apps/app/src/app/(app)/[orgId]/components/OnboardingTracker.tsx:200">
P2: Zero-item steps are marked incomplete, so progress can get stuck on steps that have nothing to process.</violation>
</file>
Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review, or fix all with cubic.
1 task
* fix: address cubic review findings on onboarding PR
P1: Add metadata.set('policies', true) after policy fan-out so the
tracker boolean flag is set.
P1: Log batchTriggerAndWait failures in vendor/risk mitigation fan-outs
instead of silently ignoring them.
P2: Strip {{#if}}/{{/if}} markers from mixed-content nodes so template
syntax doesn't leak into rendered policies.
P2: Fix stale onboardingTriggerJobId locking publish button in
ToDoOverview.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
* fix: strip only first marker occurrence to preserve nested conditionals
The global regex flag in stripMarkerText would remove ALL matching
{{#if}}/{{/if}} markers in a subtree, corrupting boundaries of nested
conditional blocks. Removed the g flag so only the first occurrence
(the one that triggered the match) is stripped.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
* test(onboarding): add comprehensive tests for policy template processor
Covers placeholder replacement, inline/multi-node/nested conditionals,
mixed content nodes, edge cases, buildVariables, buildFlags, processTemplate.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* fix(onboarding): treat zero-item steps as complete in tracker
When an org has no vendors or risks, `total > 0 && completed >= total`
evaluates to false, causing those steps to appear stuck forever.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Contributor
|
@cubic-dev-ai review this |
Contributor
@Marfuen I have started the AI code review. It will take a few minutes to complete. |
Contributor
|
🎉 This PR is included in version 3.45.0 🎉 The release is available on GitHub release Your semantic-release bot 📦🚀 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This is an automated pull request to release the candidate branch into production, which will trigger a deployment.
It was created by the [Production PR] action.
Summary by cubic
Cuts organization onboarding time from ~5 minutes to ~2 minutes by parallelizing mitigations, switching rerank/onboarding to gateway-backed Google models, and simplifying progress tracking; also enables framework versioning for all orgs. Adds reliability fixes for onboarding completion (including zero-item steps) and cleans up policy template artifacts with a tested processor.
Performance
tasks.batchTriggerAndWaitand log failures.google/*models via@ai-sdk/gateway; improve prompts with framework flags.readyForDashboardredirect, and clear staleonboardingTriggerJobId.{{#if}}markers while preserving nested conditionals; include comprehensive tests.useRunwhere aTriggerProviderexists; revert page-level touseRealtimeRun; remove theToDoOverviewtrigger hook.Dependencies
aito^6.0.175; upgrade@ai-sdk/*to^3.x; add@ai-sdk/gatewayand@ai-sdk/google.convertToModelMessages; update types toLanguageModelV3.@floating-ui/dom; alignbun.lockand package versions across workspaces.Written for commit a196339. Summary will update on new commits.