WORKING -Image GPT and Grok #995

lmarcelinoc · 2025-05-08T18:02:00Z

No description provided.

vercel · 2025-05-08T18:02:03Z

@lmarcelinoc is attempting to deploy a commit to the Vercel Team on Vercel.

A member of the Team first needs to authorize it.

socket-security · 2025-05-08T18:02:31Z

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance
	next@15.3.0-canary.31 ⏵ 14.2.5	⁺¹	^-75	⁺⁵
	@types/next-auth@3.15.0
	@radix-ui/react-label@2.1.2 ⏵ 2.1.6			^-3
	@radix-ui/react-separator@1.1.2 ⏵ 1.1.6			^-3
	@radix-ui/react-visually-hidden@1.1.2 ⏵ 1.2.2			^-3
	@radix-ui/react-slot@1.1.2 ⏵ 1.2.2			^-3
	@radix-ui/react-switch@1.2.4
	@radix-ui/react-tabs@1.1.11
	@radix-ui/react-dropdown-menu@2.1.6 ⏵ 2.1.14			^-3
	@radix-ui/react-alert-dialog@1.1.6 ⏵ 1.1.13			^-4
	@radix-ui/react-dialog@1.1.6 ⏵ 1.1.13			^-3
	@types/bcrypt@5.0.2
	@radix-ui/react-tooltip@1.1.8 ⏵ 1.2.6			^-3
	@radix-ui/react-collapsible@1.0.3
	@vercel/functions@2.0.0 ⏵ 2.0.3	⁺¹		⁺¹	⁺⁸
	@radix-ui/react-select@2.1.6 ⏵ 2.2.4			^-3
	@types/pdf-parse@1.1.4 ⏵ 1.1.5			⁺²
See 34 more rows in the dashboard

View full report

- Added public route handling in middleware for login, register, and guest access. - Implemented role management for users, allowing differentiation between 'user' and 'admin'. - Introduced registration status check in the registration page to conditionally allow new user sign-ups. - Enhanced profile dialog to display user roles and added admin dialog for admin users. - Updated database schema to include provider and system settings management. - Added utility function to generate random passwords. - Improved user settings form to handle optional fields and default values.

- Added Brave Search API integration for web search capabilities in the chatbot. - Updated README with setup instructions for Brave Search API. - Introduced new migration scripts to add `braveSearchApiKey` to the system settings. - Enhanced chat API to support new AI SDK formats and improved error handling. - Added new components for displaying search results and handling search queries. - Updated model selection and provider management to accommodate new AI models. - Refactored existing code for better organization and maintainability.

- Implemented a new user profile page that fetches and displays user documents. - Added functionality to delete documents with confirmation. - Introduced tabs for navigating between saved memories and profile settings. - Updated database schema to ensure document IDs are unique. - Integrated new UI components for better user experience.

- Updated TypeScript configuration reference link for better clarity. - Removed deprecated `next.config.ts` file and adjusted package dependencies. - Downgraded React and Next.js versions for compatibility. - Refactored authentication components to streamline imports and improve code organization. - Updated form handling in `AuthForm` and `SignOutForm` components for better user experience. - Adjusted dummy password generation logic in constants for server-side rendering.

socket-security · 2025-05-10T01:16:59Z

Caution

Review the following alerts detected in dependencies.

According to your organization's Security Policy, you must resolve all "Block" alerts before proceeding. Learn more about Socket for GitHub.

Action	Severity	Alert (click for details)
Block		`next@14.2.5` has a Critical CVE. CVE: GHSA-f82v-jwr5-mffw Authorization Bypass in Next.js Middleware (CRITICAL) Affected versions: >= 14.0.0, < 14.2.25 Patched version: 14.2.25 From: package.json → `npm/next@14.2.5` ℹ Read more on: This package \| This alert \| What is a critical CVE? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Remove or replace dependencies that include known critical CVEs. Consumers can use dependency overrides or npm audit fix --force to remove vulnerable dependencies. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/next@14.2.5`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		`next@14.2.5` has a High CVE. CVE: GHSA-gp8f-8m3g-qvj9 Next.js Cache Poisoning (HIGH) Affected versions: >= 14.0.0, < 14.2.10 Patched version: 14.2.10 From: package.json → `npm/next@14.2.5` ℹ Read more on: This package \| This alert \| What is a CVE? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Remove or replace dependencies that include known high severity CVEs. Consumers can use dependency overrides or npm audit fix --force to remove vulnerable dependencies. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/next@14.2.5`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		`next@14.2.5` has a High CVE. CVE: GHSA-7gfc-8cq8-jh5f Next.js authorization bypass vulnerability (HIGH) Affected versions: >= 9.5.5, < 14.2.15 Patched version: 14.2.15 From: package.json → `npm/next@14.2.5` ℹ Read more on: This package \| This alert \| What is a CVE? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Remove or replace dependencies that include known high severity CVEs. Consumers can use dependency overrides or npm audit fix --force to remove vulnerable dependencies. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/next@14.2.5`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

…ndling - Added new ESLint rules for improved code quality and error detection. - Updated Next.js configuration to ignore ESLint and TypeScript errors during production builds. - Refactored login and registration actions to handle errors more gracefully and provide user feedback. - Enhanced login and registration pages with loading states and error messages for better user experience. - Updated TypeScript configuration to include additional types for improved type safety.

- Added detailed logging throughout the authentication process for better debugging and monitoring. - Updated the .env.example file to correct the Redis URL format. - Introduced dynamic routing for several API endpoints to improve performance. - Enhanced error handling in login actions and middleware for improved user feedback. - Refactored authentication configuration to log settings on startup for easier troubleshooting.

WORKING -Image GPT and Grok

e3614f9

lmarcelinoc added 5 commits May 8, 2025 21:38

Personl profile working

b980685

lmarcelinoc added 2 commits May 10, 2025 02:47

lmarcelinoc marked this pull request as draft May 12, 2025 03:07

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

WORKING -Image GPT and Grok #995

WORKING -Image GPT and Grok #995

lmarcelinoc commented May 8, 2025

Uh oh!

vercel bot commented May 8, 2025

Uh oh!

socket-security bot commented May 8, 2025 •

edited

Loading

Uh oh!

socket-security bot commented May 10, 2025 •

edited

Loading

Uh oh!

Uh oh!

WORKING -Image GPT and Grok #995

Are you sure you want to change the base?

WORKING -Image GPT and Grok #995

Conversation

lmarcelinoc commented May 8, 2025

Uh oh!

vercel bot commented May 8, 2025

Uh oh!

socket-security bot commented May 8, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

socket-security bot commented May 10, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

Uh oh!

socket-security bot commented May 8, 2025 •

edited

Loading

socket-security bot commented May 10, 2025 •

edited

Loading