Skip to content

fix(app): bunch-of-fixes#2977

Merged
tofikwest merged 2 commits into
mainfrom
tofik/sast-search-heading-botid
May 30, 2026
Merged

fix(app): bunch-of-fixes#2977
tofikwest merged 2 commits into
mainfrom
tofik/sast-search-heading-botid

Conversation

@github-actions
Copy link
Copy Markdown
Contributor

@github-actions github-actions Bot commented May 30, 2026
edited by tofikwest
Loading

Summary:

  • Fixes CS-393 by removing the duplicate Requirements heading from the grouped framework requirements tab.
  • Fixes CS-381 by limiting integration marketplace search to integration/provider names only, so SAST no longer matches Datto text from descriptions.
  • Fixes ENG-226 by removing dead cross-origin BotID protected routes and keeping only the same-origin chat route.

Validation:

  • PASS: bunx vitest run "src/app/(app)/[orgId]/integrations/components/integration-search.test.ts"
  • BASELINE FAIL: PlatformIntegrations.test.tsx has the same 3 failures on main and on this branch.
  • BASELINE FAIL: bunx turbo run typecheck --filter=@trycompai/app fails on unrelated existing app type errors.

@vercel
Copy link
Copy Markdown

vercel Bot commented May 30, 2026
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
app Ready Ready Preview, Comment May 30, 2026 7:38pm
comp-framework-editor Ready Ready Preview, Comment May 30, 2026 7:38pm
1 Skipped Deployment
Project Deployment Actions Updated (UTC)
portal Skipped Skipped May 30, 2026 7:38pm

Request Review

@tofikwest tofikwest changed the title [dev] [tofikwest] tofik/sast-search-heading-botid fix(app): small Linear wins May 30, 2026
@linear
Copy link
Copy Markdown

linear Bot commented May 30, 2026

CS-393

CS-381

ENG-226

@tofikwest tofikwest changed the title fix(app): small Linear wins fix(app): sast-search May 30, 2026
cubic-dev-ai[bot]
cubic-dev-ai Bot reviewed May 30, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@cubic-dev-ai cubic-dev-ai Bot left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

1 issue found across 5 files

Confidence score: 2/5

  • There is a concrete high-severity regression risk in apps/app/src/instrumentation-client.ts: BotId protection appears to be removed for enterprise automation chat requests, which can weaken request validation/security controls.
  • Because client calls to ${NEXT_PUBLIC_ENTERPRISE_API_URL}/api/tasks-automations/chat still remain, this change likely impacts real user-facing automation flows rather than being a dead-code refactor.
  • Given severity (7/10) and strong confidence (8/10), this is not a minor uncertainty; it is a likely behavior change that should be addressed before merge.
  • Pay close attention to apps/app/src/instrumentation-client.ts - BotId protection for enterprise automation chat requests appears to have been dropped.

Reply with feedback, questions, or to request a fix.

Fix all with cubic | Re-trigger cubic

Comment thread apps/app/src/instrumentation-client.ts
@vercel vercel Bot temporarily deployed to Preview – portal May 30, 2026 19:34 Inactive
@tofikwest tofikwest changed the title fix(app): sast-search fix(app): bunch-of-fixes May 30, 2026
@tofikwest tofikwest merged commit 77a961a into main May 30, 2026
11 checks passed
@tofikwest tofikwest deleted the tofik/sast-search-heading-botid branch May 30, 2026 19:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@tofikwest tofikwest tofikwest left review comments

@cubic-dev-ai cubic-dev-ai[bot] cubic-dev-ai[bot] left review comments

Assignees

No one assigned

Labels

automated-pr

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@tofikwest