Releases: stevenfackley/StackAlchemist
Releases · stevenfackley/StackAlchemist
Release list
Release d02c3621932732ecf67d17a27eedc096aa3a57d9
Changelog
All notable changes to this project will be documented in this file.
[unreleased]
Bug Fixes
- Harden deploy pipeline for zero-downtime and reboot resilience
- Add git to builder and wget to runtime for sa-web health checks
- Fix Dockerfile syntax and sync frontend lockfile
- Ensure Docker network exists and robustify fallback logic
- Deploy engine and worker alongside web and add health checks
- Add git to web-builder, set engine port, fix healthz endpoint
- Copy .env to Next.js project dir so E2E tests get env vars
- Stabilize e2e contracts and enforce hybrid github actions gates
- Stabilize test environment integration workflow
- Correct secret mapping for e2e and deploy workflows
- Skip E2E integration gracefully when secrets are placeholder values
- Pin test deploy to x64 self-hosted runner
- Stabilize infrastructure and switch to npm
- Complete transition to npm and stabilize deployments
- Prevent port conflicts in test deployment by removing all standalone containers
- Ensure consistent container names in test deployment for health checks
- Complete transition to npm and stabilize deployments
- Prevent port conflicts in test deployment by removing all standalone containers
- Ensure consistent container names in test deployment for health checks
- Build production images sequentially to reduce runner resource pressure
- Build production images sequentially to reduce runner resource pressure
- Harden self-hosted deploy workflows
- Force-recreate on prod deploy to handle restart=always containers after reboot
- Eliminate band-aids with permanent root-cause fixes
- Fix prod deploy cancellation and test tunnel network disconnect
- Force-recreate on prod deploy to handle restart=always containers after reboot
- Rm named containers before compose-up; add maintenance page for both envs
- Rm named containers before compose-up; add maintenance page for both envs
- Harden tunnel, CI/CD runner, and LLM error surfacing
- Use 127.0.0.1 in nginx healthcheck (localhost resolves to IPv6 in alpine)
- Add ANTHROPIC_MODEL env var to prod compose; switch to claude-sonnet-4-5-20250929
- Deserialize ProjectType enum from JSON string + add ANTHROPIC_MODEL to prod compose
- Rename simple-mode-schema.ts → .tsx (contains JSX, lint parse error)
- Correct secret mapping for e2e and deploy workflows
- Skip E2E integration gracefully when secrets are placeholder values
- Align @ alias with Next.js tsconfig paths
- Add missing files that were never committed
- Harden CF tunnel routing + close SEO/a11y audit gaps
- Add parserOptions.ecmaFeatures.jsx to eslintrc — fix parse error in .tsx files
- Batch A — SSR h1s, landmarks, metadata, docs/content COPY
- Un-ignore docs/ and scope *.md to repo root
- Drop generateImageMetadata — 404'd with id-keyed URL
- Unblock CA2007 analyzer + vitest IntersectionObserver constructor
- Unblock CI — dedupe h1s, scope test CA2007
- Suppress CA2007 in Worker.Tests (symmetry with Engine.Tests)
- Migrate PostCSS pipeline to Tailwind v4 (#46)
- Unbreak CI — pin eslint ^9, complete eslint-config-next 16, migrate to flat config (#65)
- Re-pin eslint ^9, ignore eslint majors in dependabot.yml (#73)
- Close 10 code-scanning alerts
- Mask email PII in logs + bump postcss to ^8.5.10 (#78)
- Wire ITierGatingService into orchestrator + skip codegen on Tier 1 (#84)
- Serialize Release workflow to prevent changelog-commit race (#87)
- Clear three engine errors blocking nightly simple-mode-flow E2E (#92) (#94)
- Pin .NET base images to :10.0-resolute (#95)
- Derive SUPABASE_DB_PASSWORD from CI_SUPABASE_DB_URL (#96)
- Unbreak test-site noindex, correct FAQ AI model, noindex auth pages
- Persist status + inline NEXT_PUBLIC into web image
- Reject placeholder anon keys so misconfig fails loud
- Deliver Tier-0 Spark preview end-to-end in prod
- Ship template sets into the engine image so prod codegen resolves them
- Cross-origin isolate /generate so StackBlitz embed runs
- Re-fetch generation status after subscribe to close tier-0 redirect race
- Close tier-0 redirect race in advanced-mode subscription
- Persist purchased tier on paid upgrade so download unlocks
- Drop dead "continue without account" link on login
- Register IEmailService so CompileWorkerService can start
- Resolve upstreams at request time to stop prod 502s (#119)
- Fill the homepage prompt builder and clean launch-console copy (#120)
- Match deploy page to brand (logo + blue accent) (#121)
- Auto-return visitors to the app once the deploy finishes (#122)
- Return 503 from deploy shim so recovery poll works (#125)
- Atomic Stripe webhook, error taxonomy, and tier-race fix (#138)
- Periodic reconciler with re-enqueue, delivery hardening, input limits (#139)
- A11y completion (F9) (#148)
- Recover maintenance page on tab refocus and bfcache restore (#167)
- Repair E2E Smoke — Playwright getByPlaceholder, not Testing-Library getByDisplayValue (#171)
- UX integrity pass — sanitized error boundaries, mobile content nav (#181)
- Lock down generations SELECT and harden security-definer RPCs (#183)
- Provision build toolchain in prod image and restore before build (#185)
- Apply Supabase migrations in the prod deploy pipeline (#186)
- Require authentication and ownership in retryGeneration (#189)
- Make prod migration gate skip (not brick deploys) when secret unset (#191)
- Deliver BYOK_ENCRYPTION_KEY to prod/test containers (#193)
- Paginate dashboard, accurate stats, validate advanced schema in demo mode (#194)
- Resolve ws advisory (#43) in root lockfile (#195)
- Zero-downtime prod deploys, migration drift guard, external healthwatch (#209)
- Auth callback redirects to public origin + failure-reason surfacing (#212)
- Raise nginx proxy buffers — Supabase session headers overflow defaults and 503 signed-in users (#213)
Dependencies
- Bump softprops/action-gh-release from 2 to 3 (#25)
- Bump actions/setup-node from 5 to 6 (#27)
- Bump aws-actions/configure-aws-credentials from 5 to 6 (#29)
- Bump actions/checkout from 5 to 6 (#26)
- Bump styled-jsx in /src/StackAlchemist.Web (#16)
- Bump @supabase/supabase-js in /src/StackAlchemist.Web (#14)
- Bump pytest 8.3.3 -> 9.0.3 in V1-Python-React template
- Bump @supabase/supabase-js in /src/StackAlchemist.Web (#43)
- Bump @supabase/ssr in /src/StackAlchemist.Web (#39)
- Bump docker/build-push-action from 6 to 7 (#35)
- Bump docker/setup-buildx-action from 3 to 4 (#34)
- Bump actions/upload-artifact from 4 to 7 (#33)
- Bump python-dotenv (#52)
- Bump lucide-react in /src/StackAlchemist.Web (#55)
- Bump @supabase/supabase-js in /src/StackAlchemist.Web (#60)
- Bump the next-react group across 1 directory with 4 updates (#53)
- Bump Node 20 → 22 (Node 20 LTS ended 2026-04-30)
- Bump Node 22 → 24 (skip the layover, latest LTS)
- Bump @supabase/supabase-js in /src/StackAlchemist.Web (#71)
- Bump lucide-react in /src/StackAlchemist.Web (#70)
- Bump @supabase/supabase-js in /src/Stac...
Release 9ebdd52b726211f567a6e79590225dd8df0f895a
Changelog
All notable changes to this project will be documented in this file.
[unreleased]
Bug Fixes
- Harden deploy pipeline for zero-downtime and reboot resilience
- Add git to builder and wget to runtime for sa-web health checks
- Fix Dockerfile syntax and sync frontend lockfile
- Ensure Docker network exists and robustify fallback logic
- Deploy engine and worker alongside web and add health checks
- Add git to web-builder, set engine port, fix healthz endpoint
- Copy .env to Next.js project dir so E2E tests get env vars
- Stabilize e2e contracts and enforce hybrid github actions gates
- Stabilize test environment integration workflow
- Correct secret mapping for e2e and deploy workflows
- Skip E2E integration gracefully when secrets are placeholder values
- Pin test deploy to x64 self-hosted runner
- Stabilize infrastructure and switch to npm
- Complete transition to npm and stabilize deployments
- Prevent port conflicts in test deployment by removing all standalone containers
- Ensure consistent container names in test deployment for health checks
- Complete transition to npm and stabilize deployments
- Prevent port conflicts in test deployment by removing all standalone containers
- Ensure consistent container names in test deployment for health checks
- Build production images sequentially to reduce runner resource pressure
- Build production images sequentially to reduce runner resource pressure
- Harden self-hosted deploy workflows
- Force-recreate on prod deploy to handle restart=always containers after reboot
- Eliminate band-aids with permanent root-cause fixes
- Fix prod deploy cancellation and test tunnel network disconnect
- Force-recreate on prod deploy to handle restart=always containers after reboot
- Rm named containers before compose-up; add maintenance page for both envs
- Rm named containers before compose-up; add maintenance page for both envs
- Harden tunnel, CI/CD runner, and LLM error surfacing
- Use 127.0.0.1 in nginx healthcheck (localhost resolves to IPv6 in alpine)
- Add ANTHROPIC_MODEL env var to prod compose; switch to claude-sonnet-4-5-20250929
- Deserialize ProjectType enum from JSON string + add ANTHROPIC_MODEL to prod compose
- Rename simple-mode-schema.ts → .tsx (contains JSX, lint parse error)
- Correct secret mapping for e2e and deploy workflows
- Skip E2E integration gracefully when secrets are placeholder values
- Align @ alias with Next.js tsconfig paths
- Add missing files that were never committed
- Harden CF tunnel routing + close SEO/a11y audit gaps
- Add parserOptions.ecmaFeatures.jsx to eslintrc — fix parse error in .tsx files
- Batch A — SSR h1s, landmarks, metadata, docs/content COPY
- Un-ignore docs/ and scope *.md to repo root
- Drop generateImageMetadata — 404'd with id-keyed URL
- Unblock CA2007 analyzer + vitest IntersectionObserver constructor
- Unblock CI — dedupe h1s, scope test CA2007
- Suppress CA2007 in Worker.Tests (symmetry with Engine.Tests)
- Migrate PostCSS pipeline to Tailwind v4 (#46)
- Unbreak CI — pin eslint ^9, complete eslint-config-next 16, migrate to flat config (#65)
- Re-pin eslint ^9, ignore eslint majors in dependabot.yml (#73)
- Close 10 code-scanning alerts
- Mask email PII in logs + bump postcss to ^8.5.10 (#78)
- Wire ITierGatingService into orchestrator + skip codegen on Tier 1 (#84)
- Serialize Release workflow to prevent changelog-commit race (#87)
- Clear three engine errors blocking nightly simple-mode-flow E2E (#92) (#94)
- Pin .NET base images to :10.0-resolute (#95)
- Derive SUPABASE_DB_PASSWORD from CI_SUPABASE_DB_URL (#96)
- Unbreak test-site noindex, correct FAQ AI model, noindex auth pages
- Persist status + inline NEXT_PUBLIC into web image
- Reject placeholder anon keys so misconfig fails loud
- Deliver Tier-0 Spark preview end-to-end in prod
- Ship template sets into the engine image so prod codegen resolves them
- Cross-origin isolate /generate so StackBlitz embed runs
- Re-fetch generation status after subscribe to close tier-0 redirect race
- Close tier-0 redirect race in advanced-mode subscription
- Persist purchased tier on paid upgrade so download unlocks
- Drop dead "continue without account" link on login
- Register IEmailService so CompileWorkerService can start
- Resolve upstreams at request time to stop prod 502s (#119)
- Fill the homepage prompt builder and clean launch-console copy (#120)
- Match deploy page to brand (logo + blue accent) (#121)
- Auto-return visitors to the app once the deploy finishes (#122)
- Return 503 from deploy shim so recovery poll works (#125)
- Atomic Stripe webhook, error taxonomy, and tier-race fix (#138)
- Periodic reconciler with re-enqueue, delivery hardening, input limits (#139)
- A11y completion (F9) (#148)
- Recover maintenance page on tab refocus and bfcache restore (#167)
- Repair E2E Smoke — Playwright getByPlaceholder, not Testing-Library getByDisplayValue (#171)
- UX integrity pass — sanitized error boundaries, mobile content nav (#181)
- Lock down generations SELECT and harden security-definer RPCs (#183)
- Provision build toolchain in prod image and restore before build (#185)
- Apply Supabase migrations in the prod deploy pipeline (#186)
- Require authentication and ownership in retryGeneration (#189)
- Make prod migration gate skip (not brick deploys) when secret unset (#191)
- Deliver BYOK_ENCRYPTION_KEY to prod/test containers (#193)
- Paginate dashboard, accurate stats, validate advanced schema in demo mode (#194)
- Resolve ws advisory (#43) in root lockfile (#195)
- Zero-downtime prod deploys, migration drift guard, external healthwatch (#209)
- Auth callback redirects to public origin + failure-reason surfacing (#212)
- Raise nginx proxy buffers — Supabase session headers overflow defaults and 503 signed-in users (#213)
Dependencies
- Bump softprops/action-gh-release from 2 to 3 (#25)
- Bump actions/setup-node from 5 to 6 (#27)
- Bump aws-actions/configure-aws-credentials from 5 to 6 (#29)
- Bump actions/checkout from 5 to 6 (#26)
- Bump styled-jsx in /src/StackAlchemist.Web (#16)
- Bump @supabase/supabase-js in /src/StackAlchemist.Web (#14)
- Bump pytest 8.3.3 -> 9.0.3 in V1-Python-React template
- Bump @supabase/supabase-js in /src/StackAlchemist.Web (#43)
- Bump @supabase/ssr in /src/StackAlchemist.Web (#39)
- Bump docker/build-push-action from 6 to 7 (#35)
- Bump docker/setup-buildx-action from 3 to 4 (#34)
- Bump actions/upload-artifact from 4 to 7 (#33)
- Bump python-dotenv (#52)
- Bump lucide-react in /src/StackAlchemist.Web (#55)
- Bump @supabase/supabase-js in /src/StackAlchemist.Web (#60)
- Bump the next-react group across 1 directory with 4 updates (#53)
- Bump Node 20 → 22 (Node 20 LTS ended 2026-04-30)
- Bump Node 22 → 24 (skip the layover, latest LTS)
- Bump @supabase/supabase-js in /src/StackAlchemist.Web (#71)
- Bump lucide-react in /src/StackAlchemist.Web (#70)
- Bump @supabase/supabase-js in /src/Stac...
Release 6c776decb0afc7864d60e5f734382ea4886aef28
Changelog
All notable changes to this project will be documented in this file.
[unreleased]
Bug Fixes
- Harden deploy pipeline for zero-downtime and reboot resilience
- Add git to builder and wget to runtime for sa-web health checks
- Fix Dockerfile syntax and sync frontend lockfile
- Ensure Docker network exists and robustify fallback logic
- Deploy engine and worker alongside web and add health checks
- Add git to web-builder, set engine port, fix healthz endpoint
- Copy .env to Next.js project dir so E2E tests get env vars
- Stabilize e2e contracts and enforce hybrid github actions gates
- Stabilize test environment integration workflow
- Correct secret mapping for e2e and deploy workflows
- Skip E2E integration gracefully when secrets are placeholder values
- Pin test deploy to x64 self-hosted runner
- Stabilize infrastructure and switch to npm
- Complete transition to npm and stabilize deployments
- Prevent port conflicts in test deployment by removing all standalone containers
- Ensure consistent container names in test deployment for health checks
- Complete transition to npm and stabilize deployments
- Prevent port conflicts in test deployment by removing all standalone containers
- Ensure consistent container names in test deployment for health checks
- Build production images sequentially to reduce runner resource pressure
- Build production images sequentially to reduce runner resource pressure
- Harden self-hosted deploy workflows
- Force-recreate on prod deploy to handle restart=always containers after reboot
- Eliminate band-aids with permanent root-cause fixes
- Fix prod deploy cancellation and test tunnel network disconnect
- Force-recreate on prod deploy to handle restart=always containers after reboot
- Rm named containers before compose-up; add maintenance page for both envs
- Rm named containers before compose-up; add maintenance page for both envs
- Harden tunnel, CI/CD runner, and LLM error surfacing
- Use 127.0.0.1 in nginx healthcheck (localhost resolves to IPv6 in alpine)
- Add ANTHROPIC_MODEL env var to prod compose; switch to claude-sonnet-4-5-20250929
- Deserialize ProjectType enum from JSON string + add ANTHROPIC_MODEL to prod compose
- Rename simple-mode-schema.ts → .tsx (contains JSX, lint parse error)
- Correct secret mapping for e2e and deploy workflows
- Skip E2E integration gracefully when secrets are placeholder values
- Align @ alias with Next.js tsconfig paths
- Add missing files that were never committed
- Harden CF tunnel routing + close SEO/a11y audit gaps
- Add parserOptions.ecmaFeatures.jsx to eslintrc — fix parse error in .tsx files
- Batch A — SSR h1s, landmarks, metadata, docs/content COPY
- Un-ignore docs/ and scope *.md to repo root
- Drop generateImageMetadata — 404'd with id-keyed URL
- Unblock CA2007 analyzer + vitest IntersectionObserver constructor
- Unblock CI — dedupe h1s, scope test CA2007
- Suppress CA2007 in Worker.Tests (symmetry with Engine.Tests)
- Migrate PostCSS pipeline to Tailwind v4 (#46)
- Unbreak CI — pin eslint ^9, complete eslint-config-next 16, migrate to flat config (#65)
- Re-pin eslint ^9, ignore eslint majors in dependabot.yml (#73)
- Close 10 code-scanning alerts
- Mask email PII in logs + bump postcss to ^8.5.10 (#78)
- Wire ITierGatingService into orchestrator + skip codegen on Tier 1 (#84)
- Serialize Release workflow to prevent changelog-commit race (#87)
- Clear three engine errors blocking nightly simple-mode-flow E2E (#92) (#94)
- Pin .NET base images to :10.0-resolute (#95)
- Derive SUPABASE_DB_PASSWORD from CI_SUPABASE_DB_URL (#96)
- Unbreak test-site noindex, correct FAQ AI model, noindex auth pages
- Persist status + inline NEXT_PUBLIC into web image
- Reject placeholder anon keys so misconfig fails loud
- Deliver Tier-0 Spark preview end-to-end in prod
- Ship template sets into the engine image so prod codegen resolves them
- Cross-origin isolate /generate so StackBlitz embed runs
- Re-fetch generation status after subscribe to close tier-0 redirect race
- Close tier-0 redirect race in advanced-mode subscription
- Persist purchased tier on paid upgrade so download unlocks
- Drop dead "continue without account" link on login
- Register IEmailService so CompileWorkerService can start
- Resolve upstreams at request time to stop prod 502s (#119)
- Fill the homepage prompt builder and clean launch-console copy (#120)
- Match deploy page to brand (logo + blue accent) (#121)
- Auto-return visitors to the app once the deploy finishes (#122)
- Return 503 from deploy shim so recovery poll works (#125)
- Atomic Stripe webhook, error taxonomy, and tier-race fix (#138)
- Periodic reconciler with re-enqueue, delivery hardening, input limits (#139)
- A11y completion (F9) (#148)
- Recover maintenance page on tab refocus and bfcache restore (#167)
- Repair E2E Smoke — Playwright getByPlaceholder, not Testing-Library getByDisplayValue (#171)
- UX integrity pass — sanitized error boundaries, mobile content nav (#181)
- Lock down generations SELECT and harden security-definer RPCs (#183)
- Provision build toolchain in prod image and restore before build (#185)
- Apply Supabase migrations in the prod deploy pipeline (#186)
- Require authentication and ownership in retryGeneration (#189)
- Make prod migration gate skip (not brick deploys) when secret unset (#191)
- Deliver BYOK_ENCRYPTION_KEY to prod/test containers (#193)
- Paginate dashboard, accurate stats, validate advanced schema in demo mode (#194)
- Resolve ws advisory (#43) in root lockfile (#195)
- Zero-downtime prod deploys, migration drift guard, external healthwatch (#209)
- Auth callback redirects to public origin + failure-reason surfacing (#212)
- Raise nginx proxy buffers — Supabase session headers overflow defaults and 503 signed-in users (#213)
Dependencies
- Bump softprops/action-gh-release from 2 to 3 (#25)
- Bump actions/setup-node from 5 to 6 (#27)
- Bump aws-actions/configure-aws-credentials from 5 to 6 (#29)
- Bump actions/checkout from 5 to 6 (#26)
- Bump styled-jsx in /src/StackAlchemist.Web (#16)
- Bump @supabase/supabase-js in /src/StackAlchemist.Web (#14)
- Bump pytest 8.3.3 -> 9.0.3 in V1-Python-React template
- Bump @supabase/supabase-js in /src/StackAlchemist.Web (#43)
- Bump @supabase/ssr in /src/StackAlchemist.Web (#39)
- Bump docker/build-push-action from 6 to 7 (#35)
- Bump docker/setup-buildx-action from 3 to 4 (#34)
- Bump actions/upload-artifact from 4 to 7 (#33)
- Bump python-dotenv (#52)
- Bump lucide-react in /src/StackAlchemist.Web (#55)
- Bump @supabase/supabase-js in /src/StackAlchemist.Web (#60)
- Bump the next-react group across 1 directory with 4 updates (#53)
- Bump Node 20 → 22 (Node 20 LTS ended 2026-04-30)
- Bump Node 22 → 24 (skip the layover, latest LTS)
- Bump @supabase/supabase-js in /src/StackAlchemist.Web (#71)
- Bump lucide-react in /src/StackAlchemist.Web (#70)
- Bump @supabase/supabase-js in /src/Stac...
Release 809f8758a183ffd6945ad8ce45356ae95e8a2086
Changelog
All notable changes to this project will be documented in this file.
[unreleased]
Bug Fixes
- Harden deploy pipeline for zero-downtime and reboot resilience
- Add git to builder and wget to runtime for sa-web health checks
- Fix Dockerfile syntax and sync frontend lockfile
- Ensure Docker network exists and robustify fallback logic
- Deploy engine and worker alongside web and add health checks
- Add git to web-builder, set engine port, fix healthz endpoint
- Copy .env to Next.js project dir so E2E tests get env vars
- Stabilize e2e contracts and enforce hybrid github actions gates
- Stabilize test environment integration workflow
- Correct secret mapping for e2e and deploy workflows
- Skip E2E integration gracefully when secrets are placeholder values
- Pin test deploy to x64 self-hosted runner
- Stabilize infrastructure and switch to npm
- Complete transition to npm and stabilize deployments
- Prevent port conflicts in test deployment by removing all standalone containers
- Ensure consistent container names in test deployment for health checks
- Complete transition to npm and stabilize deployments
- Prevent port conflicts in test deployment by removing all standalone containers
- Ensure consistent container names in test deployment for health checks
- Build production images sequentially to reduce runner resource pressure
- Build production images sequentially to reduce runner resource pressure
- Harden self-hosted deploy workflows
- Force-recreate on prod deploy to handle restart=always containers after reboot
- Eliminate band-aids with permanent root-cause fixes
- Fix prod deploy cancellation and test tunnel network disconnect
- Force-recreate on prod deploy to handle restart=always containers after reboot
- Rm named containers before compose-up; add maintenance page for both envs
- Rm named containers before compose-up; add maintenance page for both envs
- Harden tunnel, CI/CD runner, and LLM error surfacing
- Use 127.0.0.1 in nginx healthcheck (localhost resolves to IPv6 in alpine)
- Add ANTHROPIC_MODEL env var to prod compose; switch to claude-sonnet-4-5-20250929
- Deserialize ProjectType enum from JSON string + add ANTHROPIC_MODEL to prod compose
- Rename simple-mode-schema.ts → .tsx (contains JSX, lint parse error)
- Correct secret mapping for e2e and deploy workflows
- Skip E2E integration gracefully when secrets are placeholder values
- Align @ alias with Next.js tsconfig paths
- Add missing files that were never committed
- Harden CF tunnel routing + close SEO/a11y audit gaps
- Add parserOptions.ecmaFeatures.jsx to eslintrc — fix parse error in .tsx files
- Batch A — SSR h1s, landmarks, metadata, docs/content COPY
- Un-ignore docs/ and scope *.md to repo root
- Drop generateImageMetadata — 404'd with id-keyed URL
- Unblock CA2007 analyzer + vitest IntersectionObserver constructor
- Unblock CI — dedupe h1s, scope test CA2007
- Suppress CA2007 in Worker.Tests (symmetry with Engine.Tests)
- Migrate PostCSS pipeline to Tailwind v4 (#46)
- Unbreak CI — pin eslint ^9, complete eslint-config-next 16, migrate to flat config (#65)
- Re-pin eslint ^9, ignore eslint majors in dependabot.yml (#73)
- Close 10 code-scanning alerts
- Mask email PII in logs + bump postcss to ^8.5.10 (#78)
- Wire ITierGatingService into orchestrator + skip codegen on Tier 1 (#84)
- Serialize Release workflow to prevent changelog-commit race (#87)
- Clear three engine errors blocking nightly simple-mode-flow E2E (#92) (#94)
- Pin .NET base images to :10.0-resolute (#95)
- Derive SUPABASE_DB_PASSWORD from CI_SUPABASE_DB_URL (#96)
- Unbreak test-site noindex, correct FAQ AI model, noindex auth pages
- Persist status + inline NEXT_PUBLIC into web image
- Reject placeholder anon keys so misconfig fails loud
- Deliver Tier-0 Spark preview end-to-end in prod
- Ship template sets into the engine image so prod codegen resolves them
- Cross-origin isolate /generate so StackBlitz embed runs
- Re-fetch generation status after subscribe to close tier-0 redirect race
- Close tier-0 redirect race in advanced-mode subscription
- Persist purchased tier on paid upgrade so download unlocks
- Drop dead "continue without account" link on login
- Register IEmailService so CompileWorkerService can start
- Resolve upstreams at request time to stop prod 502s (#119)
- Fill the homepage prompt builder and clean launch-console copy (#120)
- Match deploy page to brand (logo + blue accent) (#121)
- Auto-return visitors to the app once the deploy finishes (#122)
- Return 503 from deploy shim so recovery poll works (#125)
- Atomic Stripe webhook, error taxonomy, and tier-race fix (#138)
- Periodic reconciler with re-enqueue, delivery hardening, input limits (#139)
- A11y completion (F9) (#148)
- Recover maintenance page on tab refocus and bfcache restore (#167)
- Repair E2E Smoke — Playwright getByPlaceholder, not Testing-Library getByDisplayValue (#171)
- UX integrity pass — sanitized error boundaries, mobile content nav (#181)
- Lock down generations SELECT and harden security-definer RPCs (#183)
- Provision build toolchain in prod image and restore before build (#185)
- Apply Supabase migrations in the prod deploy pipeline (#186)
- Require authentication and ownership in retryGeneration (#189)
- Make prod migration gate skip (not brick deploys) when secret unset (#191)
- Deliver BYOK_ENCRYPTION_KEY to prod/test containers (#193)
- Paginate dashboard, accurate stats, validate advanced schema in demo mode (#194)
- Resolve ws advisory (#43) in root lockfile (#195)
- Zero-downtime prod deploys, migration drift guard, external healthwatch (#209)
- Auth callback redirects to public origin + failure-reason surfacing (#212)
Dependencies
- Bump softprops/action-gh-release from 2 to 3 (#25)
- Bump actions/setup-node from 5 to 6 (#27)
- Bump aws-actions/configure-aws-credentials from 5 to 6 (#29)
- Bump actions/checkout from 5 to 6 (#26)
- Bump styled-jsx in /src/StackAlchemist.Web (#16)
- Bump @supabase/supabase-js in /src/StackAlchemist.Web (#14)
- Bump pytest 8.3.3 -> 9.0.3 in V1-Python-React template
- Bump @supabase/supabase-js in /src/StackAlchemist.Web (#43)
- Bump @supabase/ssr in /src/StackAlchemist.Web (#39)
- Bump docker/build-push-action from 6 to 7 (#35)
- Bump docker/setup-buildx-action from 3 to 4 (#34)
- Bump actions/upload-artifact from 4 to 7 (#33)
- Bump python-dotenv (#52)
- Bump lucide-react in /src/StackAlchemist.Web (#55)
- Bump @supabase/supabase-js in /src/StackAlchemist.Web (#60)
- Bump the next-react group across 1 directory with 4 updates (#53)
- Bump Node 20 → 22 (Node 20 LTS ended 2026-04-30)
- Bump Node 22 → 24 (skip the layover, latest LTS)
- Bump @supabase/supabase-js in /src/StackAlchemist.Web (#71)
- Bump lucide-react in /src/StackAlchemist.Web (#70)
- Bump @supabase/supabase-js in /src/StackAlchemist.Web (#74)
- Bump node from 24-alpine to 26-alpine ([#98](https://github.com/stevenfackley/Stac...
Release 20995fefb0e6176d2bcad2427ec1c567e86fe64f
Changelog
All notable changes to this project will be documented in this file.
[unreleased]
Bug Fixes
- Harden deploy pipeline for zero-downtime and reboot resilience
- Add git to builder and wget to runtime for sa-web health checks
- Fix Dockerfile syntax and sync frontend lockfile
- Ensure Docker network exists and robustify fallback logic
- Deploy engine and worker alongside web and add health checks
- Add git to web-builder, set engine port, fix healthz endpoint
- Copy .env to Next.js project dir so E2E tests get env vars
- Stabilize e2e contracts and enforce hybrid github actions gates
- Stabilize test environment integration workflow
- Correct secret mapping for e2e and deploy workflows
- Skip E2E integration gracefully when secrets are placeholder values
- Pin test deploy to x64 self-hosted runner
- Stabilize infrastructure and switch to npm
- Complete transition to npm and stabilize deployments
- Prevent port conflicts in test deployment by removing all standalone containers
- Ensure consistent container names in test deployment for health checks
- Complete transition to npm and stabilize deployments
- Prevent port conflicts in test deployment by removing all standalone containers
- Ensure consistent container names in test deployment for health checks
- Build production images sequentially to reduce runner resource pressure
- Build production images sequentially to reduce runner resource pressure
- Harden self-hosted deploy workflows
- Force-recreate on prod deploy to handle restart=always containers after reboot
- Eliminate band-aids with permanent root-cause fixes
- Fix prod deploy cancellation and test tunnel network disconnect
- Force-recreate on prod deploy to handle restart=always containers after reboot
- Rm named containers before compose-up; add maintenance page for both envs
- Rm named containers before compose-up; add maintenance page for both envs
- Harden tunnel, CI/CD runner, and LLM error surfacing
- Use 127.0.0.1 in nginx healthcheck (localhost resolves to IPv6 in alpine)
- Add ANTHROPIC_MODEL env var to prod compose; switch to claude-sonnet-4-5-20250929
- Deserialize ProjectType enum from JSON string + add ANTHROPIC_MODEL to prod compose
- Rename simple-mode-schema.ts → .tsx (contains JSX, lint parse error)
- Correct secret mapping for e2e and deploy workflows
- Skip E2E integration gracefully when secrets are placeholder values
- Align @ alias with Next.js tsconfig paths
- Add missing files that were never committed
- Harden CF tunnel routing + close SEO/a11y audit gaps
- Add parserOptions.ecmaFeatures.jsx to eslintrc — fix parse error in .tsx files
- Batch A — SSR h1s, landmarks, metadata, docs/content COPY
- Un-ignore docs/ and scope *.md to repo root
- Drop generateImageMetadata — 404'd with id-keyed URL
- Unblock CA2007 analyzer + vitest IntersectionObserver constructor
- Unblock CI — dedupe h1s, scope test CA2007
- Suppress CA2007 in Worker.Tests (symmetry with Engine.Tests)
- Migrate PostCSS pipeline to Tailwind v4 (#46)
- Unbreak CI — pin eslint ^9, complete eslint-config-next 16, migrate to flat config (#65)
- Re-pin eslint ^9, ignore eslint majors in dependabot.yml (#73)
- Close 10 code-scanning alerts
- Mask email PII in logs + bump postcss to ^8.5.10 (#78)
- Wire ITierGatingService into orchestrator + skip codegen on Tier 1 (#84)
- Serialize Release workflow to prevent changelog-commit race (#87)
- Clear three engine errors blocking nightly simple-mode-flow E2E (#92) (#94)
- Pin .NET base images to :10.0-resolute (#95)
- Derive SUPABASE_DB_PASSWORD from CI_SUPABASE_DB_URL (#96)
- Unbreak test-site noindex, correct FAQ AI model, noindex auth pages
- Persist status + inline NEXT_PUBLIC into web image
- Reject placeholder anon keys so misconfig fails loud
- Deliver Tier-0 Spark preview end-to-end in prod
- Ship template sets into the engine image so prod codegen resolves them
- Cross-origin isolate /generate so StackBlitz embed runs
- Re-fetch generation status after subscribe to close tier-0 redirect race
- Close tier-0 redirect race in advanced-mode subscription
- Persist purchased tier on paid upgrade so download unlocks
- Drop dead "continue without account" link on login
- Register IEmailService so CompileWorkerService can start
- Resolve upstreams at request time to stop prod 502s (#119)
- Fill the homepage prompt builder and clean launch-console copy (#120)
- Match deploy page to brand (logo + blue accent) (#121)
- Auto-return visitors to the app once the deploy finishes (#122)
- Return 503 from deploy shim so recovery poll works (#125)
- Atomic Stripe webhook, error taxonomy, and tier-race fix (#138)
- Periodic reconciler with re-enqueue, delivery hardening, input limits (#139)
- A11y completion (F9) (#148)
- Recover maintenance page on tab refocus and bfcache restore (#167)
- Repair E2E Smoke — Playwright getByPlaceholder, not Testing-Library getByDisplayValue (#171)
- UX integrity pass — sanitized error boundaries, mobile content nav (#181)
- Lock down generations SELECT and harden security-definer RPCs (#183)
- Provision build toolchain in prod image and restore before build (#185)
- Apply Supabase migrations in the prod deploy pipeline (#186)
- Require authentication and ownership in retryGeneration (#189)
- Make prod migration gate skip (not brick deploys) when secret unset (#191)
- Deliver BYOK_ENCRYPTION_KEY to prod/test containers (#193)
- Paginate dashboard, accurate stats, validate advanced schema in demo mode (#194)
- Resolve ws advisory (#43) in root lockfile (#195)
- Zero-downtime prod deploys, migration drift guard, external healthwatch (#209)
- Auth callback redirects to public origin + failure-reason surfacing (#212)
- Raise nginx proxy buffers — Supabase session headers overflow defaults and 503 signed-in users (#213)
Dependencies
- Bump softprops/action-gh-release from 2 to 3 (#25)
- Bump actions/setup-node from 5 to 6 (#27)
- Bump aws-actions/configure-aws-credentials from 5 to 6 (#29)
- Bump actions/checkout from 5 to 6 (#26)
- Bump styled-jsx in /src/StackAlchemist.Web (#16)
- Bump @supabase/supabase-js in /src/StackAlchemist.Web (#14)
- Bump pytest 8.3.3 -> 9.0.3 in V1-Python-React template
- Bump @supabase/supabase-js in /src/StackAlchemist.Web (#43)
- Bump @supabase/ssr in /src/StackAlchemist.Web (#39)
- Bump docker/build-push-action from 6 to 7 (#35)
- Bump docker/setup-buildx-action from 3 to 4 (#34)
- Bump actions/upload-artifact from 4 to 7 (#33)
- Bump python-dotenv (#52)
- Bump lucide-react in /src/StackAlchemist.Web (#55)
- Bump @supabase/supabase-js in /src/StackAlchemist.Web (#60)
- Bump the next-react group across 1 directory with 4 updates (#53)
- Bump Node 20 → 22 (Node 20 LTS ended 2026-04-30)
- Bump Node 22 → 24 (skip the layover, latest LTS)
- Bump @supabase/supabase-js in /src/StackAlchemist.Web (#71)
- Bump lucide-react in /src/StackAlchemist.Web (#70)
- Bump @supabase/supabase-js in /src/Stac...
Release b1a08c2b1d203fc8cafb9257b965047374189ec8
Changelog
All notable changes to this project will be documented in this file.
[unreleased]
Bug Fixes
- Harden deploy pipeline for zero-downtime and reboot resilience
- Add git to builder and wget to runtime for sa-web health checks
- Fix Dockerfile syntax and sync frontend lockfile
- Ensure Docker network exists and robustify fallback logic
- Deploy engine and worker alongside web and add health checks
- Add git to web-builder, set engine port, fix healthz endpoint
- Copy .env to Next.js project dir so E2E tests get env vars
- Stabilize e2e contracts and enforce hybrid github actions gates
- Stabilize test environment integration workflow
- Correct secret mapping for e2e and deploy workflows
- Skip E2E integration gracefully when secrets are placeholder values
- Pin test deploy to x64 self-hosted runner
- Stabilize infrastructure and switch to npm
- Complete transition to npm and stabilize deployments
- Prevent port conflicts in test deployment by removing all standalone containers
- Ensure consistent container names in test deployment for health checks
- Complete transition to npm and stabilize deployments
- Prevent port conflicts in test deployment by removing all standalone containers
- Ensure consistent container names in test deployment for health checks
- Build production images sequentially to reduce runner resource pressure
- Build production images sequentially to reduce runner resource pressure
- Harden self-hosted deploy workflows
- Force-recreate on prod deploy to handle restart=always containers after reboot
- Eliminate band-aids with permanent root-cause fixes
- Fix prod deploy cancellation and test tunnel network disconnect
- Force-recreate on prod deploy to handle restart=always containers after reboot
- Rm named containers before compose-up; add maintenance page for both envs
- Rm named containers before compose-up; add maintenance page for both envs
- Harden tunnel, CI/CD runner, and LLM error surfacing
- Use 127.0.0.1 in nginx healthcheck (localhost resolves to IPv6 in alpine)
- Add ANTHROPIC_MODEL env var to prod compose; switch to claude-sonnet-4-5-20250929
- Deserialize ProjectType enum from JSON string + add ANTHROPIC_MODEL to prod compose
- Rename simple-mode-schema.ts → .tsx (contains JSX, lint parse error)
- Correct secret mapping for e2e and deploy workflows
- Skip E2E integration gracefully when secrets are placeholder values
- Align @ alias with Next.js tsconfig paths
- Add missing files that were never committed
- Harden CF tunnel routing + close SEO/a11y audit gaps
- Add parserOptions.ecmaFeatures.jsx to eslintrc — fix parse error in .tsx files
- Batch A — SSR h1s, landmarks, metadata, docs/content COPY
- Un-ignore docs/ and scope *.md to repo root
- Drop generateImageMetadata — 404'd with id-keyed URL
- Unblock CA2007 analyzer + vitest IntersectionObserver constructor
- Unblock CI — dedupe h1s, scope test CA2007
- Suppress CA2007 in Worker.Tests (symmetry with Engine.Tests)
- Migrate PostCSS pipeline to Tailwind v4 (#46)
- Unbreak CI — pin eslint ^9, complete eslint-config-next 16, migrate to flat config (#65)
- Re-pin eslint ^9, ignore eslint majors in dependabot.yml (#73)
- Close 10 code-scanning alerts
- Mask email PII in logs + bump postcss to ^8.5.10 (#78)
- Wire ITierGatingService into orchestrator + skip codegen on Tier 1 (#84)
- Serialize Release workflow to prevent changelog-commit race (#87)
- Clear three engine errors blocking nightly simple-mode-flow E2E (#92) (#94)
- Pin .NET base images to :10.0-resolute (#95)
- Derive SUPABASE_DB_PASSWORD from CI_SUPABASE_DB_URL (#96)
- Unbreak test-site noindex, correct FAQ AI model, noindex auth pages
- Persist status + inline NEXT_PUBLIC into web image
- Reject placeholder anon keys so misconfig fails loud
- Deliver Tier-0 Spark preview end-to-end in prod
- Ship template sets into the engine image so prod codegen resolves them
- Cross-origin isolate /generate so StackBlitz embed runs
- Re-fetch generation status after subscribe to close tier-0 redirect race
- Close tier-0 redirect race in advanced-mode subscription
- Persist purchased tier on paid upgrade so download unlocks
- Drop dead "continue without account" link on login
- Register IEmailService so CompileWorkerService can start
- Resolve upstreams at request time to stop prod 502s (#119)
- Fill the homepage prompt builder and clean launch-console copy (#120)
- Match deploy page to brand (logo + blue accent) (#121)
- Auto-return visitors to the app once the deploy finishes (#122)
- Return 503 from deploy shim so recovery poll works (#125)
- Atomic Stripe webhook, error taxonomy, and tier-race fix (#138)
- Periodic reconciler with re-enqueue, delivery hardening, input limits (#139)
- A11y completion (F9) (#148)
- Recover maintenance page on tab refocus and bfcache restore (#167)
- Repair E2E Smoke — Playwright getByPlaceholder, not Testing-Library getByDisplayValue (#171)
- UX integrity pass — sanitized error boundaries, mobile content nav (#181)
- Lock down generations SELECT and harden security-definer RPCs (#183)
- Provision build toolchain in prod image and restore before build (#185)
- Apply Supabase migrations in the prod deploy pipeline (#186)
- Require authentication and ownership in retryGeneration (#189)
- Make prod migration gate skip (not brick deploys) when secret unset (#191)
- Deliver BYOK_ENCRYPTION_KEY to prod/test containers (#193)
- Paginate dashboard, accurate stats, validate advanced schema in demo mode (#194)
- Resolve ws advisory (#43) in root lockfile (#195)
Dependencies
- Bump softprops/action-gh-release from 2 to 3 (#25)
- Bump actions/setup-node from 5 to 6 (#27)
- Bump aws-actions/configure-aws-credentials from 5 to 6 (#29)
- Bump actions/checkout from 5 to 6 (#26)
- Bump styled-jsx in /src/StackAlchemist.Web (#16)
- Bump @supabase/supabase-js in /src/StackAlchemist.Web (#14)
- Bump pytest 8.3.3 -> 9.0.3 in V1-Python-React template
- Bump @supabase/supabase-js in /src/StackAlchemist.Web (#43)
- Bump @supabase/ssr in /src/StackAlchemist.Web (#39)
- Bump docker/build-push-action from 6 to 7 (#35)
- Bump docker/setup-buildx-action from 3 to 4 (#34)
- Bump actions/upload-artifact from 4 to 7 (#33)
- Bump python-dotenv (#52)
- Bump lucide-react in /src/StackAlchemist.Web (#55)
- Bump @supabase/supabase-js in /src/StackAlchemist.Web (#60)
- Bump the next-react group across 1 directory with 4 updates (#53)
- Bump Node 20 → 22 (Node 20 LTS ended 2026-04-30)
- Bump Node 22 → 24 (skip the layover, latest LTS)
- Bump @supabase/supabase-js in /src/StackAlchemist.Web (#71)
- Bump lucide-react in /src/StackAlchemist.Web (#70)
- Bump @supabase/supabase-js in /src/StackAlchemist.Web (#74)
- Bump node from 24-alpine to 26-alpine (#98)
- Bump tailwind-merge in /src/StackAlchemist.Web (#103)
- Bump the next-react group (#99)
- Bump @supabase/ssr in /src/StackAlchemist.We...
Release 442bef672c600f05f5bb2efac99f50b4c740a75c
Changelog
All notable changes to this project will be documented in this file.
[unreleased]
Bug Fixes
- Harden deploy pipeline for zero-downtime and reboot resilience
- Add git to builder and wget to runtime for sa-web health checks
- Fix Dockerfile syntax and sync frontend lockfile
- Ensure Docker network exists and robustify fallback logic
- Deploy engine and worker alongside web and add health checks
- Add git to web-builder, set engine port, fix healthz endpoint
- Copy .env to Next.js project dir so E2E tests get env vars
- Stabilize e2e contracts and enforce hybrid github actions gates
- Stabilize test environment integration workflow
- Correct secret mapping for e2e and deploy workflows
- Skip E2E integration gracefully when secrets are placeholder values
- Pin test deploy to x64 self-hosted runner
- Stabilize infrastructure and switch to npm
- Complete transition to npm and stabilize deployments
- Prevent port conflicts in test deployment by removing all standalone containers
- Ensure consistent container names in test deployment for health checks
- Complete transition to npm and stabilize deployments
- Prevent port conflicts in test deployment by removing all standalone containers
- Ensure consistent container names in test deployment for health checks
- Build production images sequentially to reduce runner resource pressure
- Build production images sequentially to reduce runner resource pressure
- Harden self-hosted deploy workflows
- Force-recreate on prod deploy to handle restart=always containers after reboot
- Eliminate band-aids with permanent root-cause fixes
- Fix prod deploy cancellation and test tunnel network disconnect
- Force-recreate on prod deploy to handle restart=always containers after reboot
- Rm named containers before compose-up; add maintenance page for both envs
- Rm named containers before compose-up; add maintenance page for both envs
- Harden tunnel, CI/CD runner, and LLM error surfacing
- Use 127.0.0.1 in nginx healthcheck (localhost resolves to IPv6 in alpine)
- Add ANTHROPIC_MODEL env var to prod compose; switch to claude-sonnet-4-5-20250929
- Deserialize ProjectType enum from JSON string + add ANTHROPIC_MODEL to prod compose
- Rename simple-mode-schema.ts → .tsx (contains JSX, lint parse error)
- Correct secret mapping for e2e and deploy workflows
- Skip E2E integration gracefully when secrets are placeholder values
- Align @ alias with Next.js tsconfig paths
- Add missing files that were never committed
- Harden CF tunnel routing + close SEO/a11y audit gaps
- Add parserOptions.ecmaFeatures.jsx to eslintrc — fix parse error in .tsx files
- Batch A — SSR h1s, landmarks, metadata, docs/content COPY
- Un-ignore docs/ and scope *.md to repo root
- Drop generateImageMetadata — 404'd with id-keyed URL
- Unblock CA2007 analyzer + vitest IntersectionObserver constructor
- Unblock CI — dedupe h1s, scope test CA2007
- Suppress CA2007 in Worker.Tests (symmetry with Engine.Tests)
- Migrate PostCSS pipeline to Tailwind v4 (#46)
- Unbreak CI — pin eslint ^9, complete eslint-config-next 16, migrate to flat config (#65)
- Re-pin eslint ^9, ignore eslint majors in dependabot.yml (#73)
- Close 10 code-scanning alerts
- Mask email PII in logs + bump postcss to ^8.5.10 (#78)
- Wire ITierGatingService into orchestrator + skip codegen on Tier 1 (#84)
- Serialize Release workflow to prevent changelog-commit race (#87)
- Clear three engine errors blocking nightly simple-mode-flow E2E (#92) (#94)
- Pin .NET base images to :10.0-resolute (#95)
- Derive SUPABASE_DB_PASSWORD from CI_SUPABASE_DB_URL (#96)
- Unbreak test-site noindex, correct FAQ AI model, noindex auth pages
- Persist status + inline NEXT_PUBLIC into web image
- Reject placeholder anon keys so misconfig fails loud
- Deliver Tier-0 Spark preview end-to-end in prod
- Ship template sets into the engine image so prod codegen resolves them
- Cross-origin isolate /generate so StackBlitz embed runs
- Re-fetch generation status after subscribe to close tier-0 redirect race
- Close tier-0 redirect race in advanced-mode subscription
- Persist purchased tier on paid upgrade so download unlocks
- Drop dead "continue without account" link on login
- Register IEmailService so CompileWorkerService can start
- Resolve upstreams at request time to stop prod 502s (#119)
- Fill the homepage prompt builder and clean launch-console copy (#120)
- Match deploy page to brand (logo + blue accent) (#121)
- Auto-return visitors to the app once the deploy finishes (#122)
- Return 503 from deploy shim so recovery poll works (#125)
- Atomic Stripe webhook, error taxonomy, and tier-race fix (#138)
- Periodic reconciler with re-enqueue, delivery hardening, input limits (#139)
- A11y completion (F9) (#148)
- Recover maintenance page on tab refocus and bfcache restore (#167)
- Repair E2E Smoke — Playwright getByPlaceholder, not Testing-Library getByDisplayValue (#171)
- UX integrity pass — sanitized error boundaries, mobile content nav (#181)
- Lock down generations SELECT and harden security-definer RPCs (#183)
- Provision build toolchain in prod image and restore before build (#185)
- Apply Supabase migrations in the prod deploy pipeline (#186)
- Require authentication and ownership in retryGeneration (#189)
- Make prod migration gate skip (not brick deploys) when secret unset (#191)
- Deliver BYOK_ENCRYPTION_KEY to prod/test containers (#193)
- Paginate dashboard, accurate stats, validate advanced schema in demo mode (#194)
- Resolve ws advisory (#43) in root lockfile (#195)
- Zero-downtime prod deploys, migration drift guard, external healthwatch (#209)
Dependencies
- Bump softprops/action-gh-release from 2 to 3 (#25)
- Bump actions/setup-node from 5 to 6 (#27)
- Bump aws-actions/configure-aws-credentials from 5 to 6 (#29)
- Bump actions/checkout from 5 to 6 (#26)
- Bump styled-jsx in /src/StackAlchemist.Web (#16)
- Bump @supabase/supabase-js in /src/StackAlchemist.Web (#14)
- Bump pytest 8.3.3 -> 9.0.3 in V1-Python-React template
- Bump @supabase/supabase-js in /src/StackAlchemist.Web (#43)
- Bump @supabase/ssr in /src/StackAlchemist.Web (#39)
- Bump docker/build-push-action from 6 to 7 (#35)
- Bump docker/setup-buildx-action from 3 to 4 (#34)
- Bump actions/upload-artifact from 4 to 7 (#33)
- Bump python-dotenv (#52)
- Bump lucide-react in /src/StackAlchemist.Web (#55)
- Bump @supabase/supabase-js in /src/StackAlchemist.Web (#60)
- Bump the next-react group across 1 directory with 4 updates (#53)
- Bump Node 20 → 22 (Node 20 LTS ended 2026-04-30)
- Bump Node 22 → 24 (skip the layover, latest LTS)
- Bump @supabase/supabase-js in /src/StackAlchemist.Web (#71)
- Bump lucide-react in /src/StackAlchemist.Web (#70)
- Bump @supabase/supabase-js in /src/StackAlchemist.Web (#74)
- Bump node from 24-alpine to 26-alpine (#98)
- Bump tailwind-merge in /src/StackAlchemist.Web (#103...
Release 87168cfe3f457eaeca3d10965509b1d424d7dd84
Changelog
All notable changes to this project will be documented in this file.
[unreleased]
Bug Fixes
- Harden deploy pipeline for zero-downtime and reboot resilience
- Add git to builder and wget to runtime for sa-web health checks
- Fix Dockerfile syntax and sync frontend lockfile
- Ensure Docker network exists and robustify fallback logic
- Deploy engine and worker alongside web and add health checks
- Add git to web-builder, set engine port, fix healthz endpoint
- Copy .env to Next.js project dir so E2E tests get env vars
- Stabilize e2e contracts and enforce hybrid github actions gates
- Stabilize test environment integration workflow
- Correct secret mapping for e2e and deploy workflows
- Skip E2E integration gracefully when secrets are placeholder values
- Pin test deploy to x64 self-hosted runner
- Stabilize infrastructure and switch to npm
- Complete transition to npm and stabilize deployments
- Prevent port conflicts in test deployment by removing all standalone containers
- Ensure consistent container names in test deployment for health checks
- Complete transition to npm and stabilize deployments
- Prevent port conflicts in test deployment by removing all standalone containers
- Ensure consistent container names in test deployment for health checks
- Build production images sequentially to reduce runner resource pressure
- Build production images sequentially to reduce runner resource pressure
- Harden self-hosted deploy workflows
- Force-recreate on prod deploy to handle restart=always containers after reboot
- Eliminate band-aids with permanent root-cause fixes
- Fix prod deploy cancellation and test tunnel network disconnect
- Force-recreate on prod deploy to handle restart=always containers after reboot
- Rm named containers before compose-up; add maintenance page for both envs
- Rm named containers before compose-up; add maintenance page for both envs
- Harden tunnel, CI/CD runner, and LLM error surfacing
- Use 127.0.0.1 in nginx healthcheck (localhost resolves to IPv6 in alpine)
- Add ANTHROPIC_MODEL env var to prod compose; switch to claude-sonnet-4-5-20250929
- Deserialize ProjectType enum from JSON string + add ANTHROPIC_MODEL to prod compose
- Rename simple-mode-schema.ts → .tsx (contains JSX, lint parse error)
- Correct secret mapping for e2e and deploy workflows
- Skip E2E integration gracefully when secrets are placeholder values
- Align @ alias with Next.js tsconfig paths
- Add missing files that were never committed
- Harden CF tunnel routing + close SEO/a11y audit gaps
- Add parserOptions.ecmaFeatures.jsx to eslintrc — fix parse error in .tsx files
- Batch A — SSR h1s, landmarks, metadata, docs/content COPY
- Un-ignore docs/ and scope *.md to repo root
- Drop generateImageMetadata — 404'd with id-keyed URL
- Unblock CA2007 analyzer + vitest IntersectionObserver constructor
- Unblock CI — dedupe h1s, scope test CA2007
- Suppress CA2007 in Worker.Tests (symmetry with Engine.Tests)
- Migrate PostCSS pipeline to Tailwind v4 (#46)
- Unbreak CI — pin eslint ^9, complete eslint-config-next 16, migrate to flat config (#65)
- Re-pin eslint ^9, ignore eslint majors in dependabot.yml (#73)
- Close 10 code-scanning alerts
- Mask email PII in logs + bump postcss to ^8.5.10 (#78)
- Wire ITierGatingService into orchestrator + skip codegen on Tier 1 (#84)
- Serialize Release workflow to prevent changelog-commit race (#87)
- Clear three engine errors blocking nightly simple-mode-flow E2E (#92) (#94)
- Pin .NET base images to :10.0-resolute (#95)
- Derive SUPABASE_DB_PASSWORD from CI_SUPABASE_DB_URL (#96)
- Unbreak test-site noindex, correct FAQ AI model, noindex auth pages
- Persist status + inline NEXT_PUBLIC into web image
- Reject placeholder anon keys so misconfig fails loud
- Deliver Tier-0 Spark preview end-to-end in prod
- Ship template sets into the engine image so prod codegen resolves them
- Cross-origin isolate /generate so StackBlitz embed runs
- Re-fetch generation status after subscribe to close tier-0 redirect race
- Close tier-0 redirect race in advanced-mode subscription
- Persist purchased tier on paid upgrade so download unlocks
- Drop dead "continue without account" link on login
- Register IEmailService so CompileWorkerService can start
- Resolve upstreams at request time to stop prod 502s (#119)
- Fill the homepage prompt builder and clean launch-console copy (#120)
- Match deploy page to brand (logo + blue accent) (#121)
- Auto-return visitors to the app once the deploy finishes (#122)
- Return 503 from deploy shim so recovery poll works (#125)
- Atomic Stripe webhook, error taxonomy, and tier-race fix (#138)
- Periodic reconciler with re-enqueue, delivery hardening, input limits (#139)
- A11y completion (F9) (#148)
- Recover maintenance page on tab refocus and bfcache restore (#167)
- Repair E2E Smoke — Playwright getByPlaceholder, not Testing-Library getByDisplayValue (#171)
- UX integrity pass — sanitized error boundaries, mobile content nav (#181)
- Lock down generations SELECT and harden security-definer RPCs (#183)
- Provision build toolchain in prod image and restore before build (#185)
- Apply Supabase migrations in the prod deploy pipeline (#186)
- Require authentication and ownership in retryGeneration (#189)
- Make prod migration gate skip (not brick deploys) when secret unset (#191)
- Deliver BYOK_ENCRYPTION_KEY to prod/test containers (#193)
- Paginate dashboard, accurate stats, validate advanced schema in demo mode (#194)
- Resolve ws advisory (#43) in root lockfile (#195)
Dependencies
- Bump softprops/action-gh-release from 2 to 3 (#25)
- Bump actions/setup-node from 5 to 6 (#27)
- Bump aws-actions/configure-aws-credentials from 5 to 6 (#29)
- Bump actions/checkout from 5 to 6 (#26)
- Bump styled-jsx in /src/StackAlchemist.Web (#16)
- Bump @supabase/supabase-js in /src/StackAlchemist.Web (#14)
- Bump pytest 8.3.3 -> 9.0.3 in V1-Python-React template
- Bump @supabase/supabase-js in /src/StackAlchemist.Web (#43)
- Bump @supabase/ssr in /src/StackAlchemist.Web (#39)
- Bump docker/build-push-action from 6 to 7 (#35)
- Bump docker/setup-buildx-action from 3 to 4 (#34)
- Bump actions/upload-artifact from 4 to 7 (#33)
- Bump python-dotenv (#52)
- Bump lucide-react in /src/StackAlchemist.Web (#55)
- Bump @supabase/supabase-js in /src/StackAlchemist.Web (#60)
- Bump the next-react group across 1 directory with 4 updates (#53)
- Bump Node 20 → 22 (Node 20 LTS ended 2026-04-30)
- Bump Node 22 → 24 (skip the layover, latest LTS)
- Bump @supabase/supabase-js in /src/StackAlchemist.Web (#71)
- Bump lucide-react in /src/StackAlchemist.Web (#70)
- Bump @supabase/supabase-js in /src/StackAlchemist.Web (#74)
- Bump node from 24-alpine to 26-alpine (#98)
- Bump tailwind-merge in /src/StackAlchemist.Web (#103)
- Bump the next-react group (#99)
- Bump @supabase/ssr in /src/StackAlchemist.We...
Release 7f41359b60872643cbd584cf5b788695975a3a4b
Changelog
All notable changes to this project will be documented in this file.
[unreleased]
Bug Fixes
- Harden deploy pipeline for zero-downtime and reboot resilience
- Add git to builder and wget to runtime for sa-web health checks
- Fix Dockerfile syntax and sync frontend lockfile
- Ensure Docker network exists and robustify fallback logic
- Deploy engine and worker alongside web and add health checks
- Add git to web-builder, set engine port, fix healthz endpoint
- Copy .env to Next.js project dir so E2E tests get env vars
- Stabilize e2e contracts and enforce hybrid github actions gates
- Stabilize test environment integration workflow
- Correct secret mapping for e2e and deploy workflows
- Skip E2E integration gracefully when secrets are placeholder values
- Pin test deploy to x64 self-hosted runner
- Stabilize infrastructure and switch to npm
- Complete transition to npm and stabilize deployments
- Prevent port conflicts in test deployment by removing all standalone containers
- Ensure consistent container names in test deployment for health checks
- Complete transition to npm and stabilize deployments
- Prevent port conflicts in test deployment by removing all standalone containers
- Ensure consistent container names in test deployment for health checks
- Build production images sequentially to reduce runner resource pressure
- Build production images sequentially to reduce runner resource pressure
- Harden self-hosted deploy workflows
- Force-recreate on prod deploy to handle restart=always containers after reboot
- Eliminate band-aids with permanent root-cause fixes
- Fix prod deploy cancellation and test tunnel network disconnect
- Force-recreate on prod deploy to handle restart=always containers after reboot
- Rm named containers before compose-up; add maintenance page for both envs
- Rm named containers before compose-up; add maintenance page for both envs
- Harden tunnel, CI/CD runner, and LLM error surfacing
- Use 127.0.0.1 in nginx healthcheck (localhost resolves to IPv6 in alpine)
- Add ANTHROPIC_MODEL env var to prod compose; switch to claude-sonnet-4-5-20250929
- Deserialize ProjectType enum from JSON string + add ANTHROPIC_MODEL to prod compose
- Rename simple-mode-schema.ts → .tsx (contains JSX, lint parse error)
- Correct secret mapping for e2e and deploy workflows
- Skip E2E integration gracefully when secrets are placeholder values
- Align @ alias with Next.js tsconfig paths
- Add missing files that were never committed
- Harden CF tunnel routing + close SEO/a11y audit gaps
- Add parserOptions.ecmaFeatures.jsx to eslintrc — fix parse error in .tsx files
- Batch A — SSR h1s, landmarks, metadata, docs/content COPY
- Un-ignore docs/ and scope *.md to repo root
- Drop generateImageMetadata — 404'd with id-keyed URL
- Unblock CA2007 analyzer + vitest IntersectionObserver constructor
- Unblock CI — dedupe h1s, scope test CA2007
- Suppress CA2007 in Worker.Tests (symmetry with Engine.Tests)
- Migrate PostCSS pipeline to Tailwind v4 (#46)
- Unbreak CI — pin eslint ^9, complete eslint-config-next 16, migrate to flat config (#65)
- Re-pin eslint ^9, ignore eslint majors in dependabot.yml (#73)
- Close 10 code-scanning alerts
- Mask email PII in logs + bump postcss to ^8.5.10 (#78)
- Wire ITierGatingService into orchestrator + skip codegen on Tier 1 (#84)
- Serialize Release workflow to prevent changelog-commit race (#87)
- Clear three engine errors blocking nightly simple-mode-flow E2E (#92) (#94)
- Pin .NET base images to :10.0-resolute (#95)
- Derive SUPABASE_DB_PASSWORD from CI_SUPABASE_DB_URL (#96)
- Unbreak test-site noindex, correct FAQ AI model, noindex auth pages
- Persist status + inline NEXT_PUBLIC into web image
- Reject placeholder anon keys so misconfig fails loud
- Deliver Tier-0 Spark preview end-to-end in prod
- Ship template sets into the engine image so prod codegen resolves them
- Cross-origin isolate /generate so StackBlitz embed runs
- Re-fetch generation status after subscribe to close tier-0 redirect race
- Close tier-0 redirect race in advanced-mode subscription
- Persist purchased tier on paid upgrade so download unlocks
- Drop dead "continue without account" link on login
- Register IEmailService so CompileWorkerService can start
- Resolve upstreams at request time to stop prod 502s (#119)
- Fill the homepage prompt builder and clean launch-console copy (#120)
- Match deploy page to brand (logo + blue accent) (#121)
- Auto-return visitors to the app once the deploy finishes (#122)
- Return 503 from deploy shim so recovery poll works (#125)
- Atomic Stripe webhook, error taxonomy, and tier-race fix (#138)
- Periodic reconciler with re-enqueue, delivery hardening, input limits (#139)
- A11y completion (F9) (#148)
- Recover maintenance page on tab refocus and bfcache restore (#167)
- Repair E2E Smoke — Playwright getByPlaceholder, not Testing-Library getByDisplayValue (#171)
- UX integrity pass — sanitized error boundaries, mobile content nav (#181)
- Lock down generations SELECT and harden security-definer RPCs (#183)
- Provision build toolchain in prod image and restore before build (#185)
- Apply Supabase migrations in the prod deploy pipeline (#186)
- Require authentication and ownership in retryGeneration (#189)
- Make prod migration gate skip (not brick deploys) when secret unset (#191)
- Deliver BYOK_ENCRYPTION_KEY to prod/test containers (#193)
- Paginate dashboard, accurate stats, validate advanced schema in demo mode (#194)
- Resolve ws advisory (#43) in root lockfile (#195)
Dependencies
- Bump softprops/action-gh-release from 2 to 3 (#25)
- Bump actions/setup-node from 5 to 6 (#27)
- Bump aws-actions/configure-aws-credentials from 5 to 6 (#29)
- Bump actions/checkout from 5 to 6 (#26)
- Bump styled-jsx in /src/StackAlchemist.Web (#16)
- Bump @supabase/supabase-js in /src/StackAlchemist.Web (#14)
- Bump pytest 8.3.3 -> 9.0.3 in V1-Python-React template
- Bump @supabase/supabase-js in /src/StackAlchemist.Web (#43)
- Bump @supabase/ssr in /src/StackAlchemist.Web (#39)
- Bump docker/build-push-action from 6 to 7 (#35)
- Bump docker/setup-buildx-action from 3 to 4 (#34)
- Bump actions/upload-artifact from 4 to 7 (#33)
- Bump python-dotenv (#52)
- Bump lucide-react in /src/StackAlchemist.Web (#55)
- Bump @supabase/supabase-js in /src/StackAlchemist.Web (#60)
- Bump the next-react group across 1 directory with 4 updates (#53)
- Bump Node 20 → 22 (Node 20 LTS ended 2026-04-30)
- Bump Node 22 → 24 (skip the layover, latest LTS)
- Bump @supabase/supabase-js in /src/StackAlchemist.Web (#71)
- Bump lucide-react in /src/StackAlchemist.Web (#70)
- Bump @supabase/supabase-js in /src/StackAlchemist.Web (#74)
- Bump node from 24-alpine to 26-alpine (#98)
- Bump tailwind-merge in /src/StackAlchemist.Web (#103)
- Bump the next-react group (#99)
- Bump @supabase/ssr in /src/StackAlchemist.We...
Release 6c8abf8f6027d98b8d6061019e8cf411ddf391fb
Changelog
All notable changes to this project will be documented in this file.
[unreleased]
Bug Fixes
- Harden deploy pipeline for zero-downtime and reboot resilience
- Add git to builder and wget to runtime for sa-web health checks
- Fix Dockerfile syntax and sync frontend lockfile
- Ensure Docker network exists and robustify fallback logic
- Deploy engine and worker alongside web and add health checks
- Add git to web-builder, set engine port, fix healthz endpoint
- Copy .env to Next.js project dir so E2E tests get env vars
- Stabilize e2e contracts and enforce hybrid github actions gates
- Stabilize test environment integration workflow
- Correct secret mapping for e2e and deploy workflows
- Skip E2E integration gracefully when secrets are placeholder values
- Pin test deploy to x64 self-hosted runner
- Stabilize infrastructure and switch to npm
- Complete transition to npm and stabilize deployments
- Prevent port conflicts in test deployment by removing all standalone containers
- Ensure consistent container names in test deployment for health checks
- Complete transition to npm and stabilize deployments
- Prevent port conflicts in test deployment by removing all standalone containers
- Ensure consistent container names in test deployment for health checks
- Build production images sequentially to reduce runner resource pressure
- Build production images sequentially to reduce runner resource pressure
- Harden self-hosted deploy workflows
- Force-recreate on prod deploy to handle restart=always containers after reboot
- Eliminate band-aids with permanent root-cause fixes
- Fix prod deploy cancellation and test tunnel network disconnect
- Force-recreate on prod deploy to handle restart=always containers after reboot
- Rm named containers before compose-up; add maintenance page for both envs
- Rm named containers before compose-up; add maintenance page for both envs
- Harden tunnel, CI/CD runner, and LLM error surfacing
- Use 127.0.0.1 in nginx healthcheck (localhost resolves to IPv6 in alpine)
- Add ANTHROPIC_MODEL env var to prod compose; switch to claude-sonnet-4-5-20250929
- Deserialize ProjectType enum from JSON string + add ANTHROPIC_MODEL to prod compose
- Rename simple-mode-schema.ts → .tsx (contains JSX, lint parse error)
- Correct secret mapping for e2e and deploy workflows
- Skip E2E integration gracefully when secrets are placeholder values
- Align @ alias with Next.js tsconfig paths
- Add missing files that were never committed
- Harden CF tunnel routing + close SEO/a11y audit gaps
- Add parserOptions.ecmaFeatures.jsx to eslintrc — fix parse error in .tsx files
- Batch A — SSR h1s, landmarks, metadata, docs/content COPY
- Un-ignore docs/ and scope *.md to repo root
- Drop generateImageMetadata — 404'd with id-keyed URL
- Unblock CA2007 analyzer + vitest IntersectionObserver constructor
- Unblock CI — dedupe h1s, scope test CA2007
- Suppress CA2007 in Worker.Tests (symmetry with Engine.Tests)
- Migrate PostCSS pipeline to Tailwind v4 (#46)
- Unbreak CI — pin eslint ^9, complete eslint-config-next 16, migrate to flat config (#65)
- Re-pin eslint ^9, ignore eslint majors in dependabot.yml (#73)
- Close 10 code-scanning alerts
- Mask email PII in logs + bump postcss to ^8.5.10 (#78)
- Wire ITierGatingService into orchestrator + skip codegen on Tier 1 (#84)
- Serialize Release workflow to prevent changelog-commit race (#87)
- Clear three engine errors blocking nightly simple-mode-flow E2E (#92) (#94)
- Pin .NET base images to :10.0-resolute (#95)
- Derive SUPABASE_DB_PASSWORD from CI_SUPABASE_DB_URL (#96)
- Unbreak test-site noindex, correct FAQ AI model, noindex auth pages
- Persist status + inline NEXT_PUBLIC into web image
- Reject placeholder anon keys so misconfig fails loud
- Deliver Tier-0 Spark preview end-to-end in prod
- Ship template sets into the engine image so prod codegen resolves them
- Cross-origin isolate /generate so StackBlitz embed runs
- Re-fetch generation status after subscribe to close tier-0 redirect race
- Close tier-0 redirect race in advanced-mode subscription
- Persist purchased tier on paid upgrade so download unlocks
- Drop dead "continue without account" link on login
- Register IEmailService so CompileWorkerService can start
- Resolve upstreams at request time to stop prod 502s (#119)
- Fill the homepage prompt builder and clean launch-console copy (#120)
- Match deploy page to brand (logo + blue accent) (#121)
- Auto-return visitors to the app once the deploy finishes (#122)
- Return 503 from deploy shim so recovery poll works (#125)
- Atomic Stripe webhook, error taxonomy, and tier-race fix (#138)
- Periodic reconciler with re-enqueue, delivery hardening, input limits (#139)
- A11y completion (F9) (#148)
- Recover maintenance page on tab refocus and bfcache restore (#167)
- Repair E2E Smoke — Playwright getByPlaceholder, not Testing-Library getByDisplayValue (#171)
- UX integrity pass — sanitized error boundaries, mobile content nav (#181)
- Lock down generations SELECT and harden security-definer RPCs (#183)
- Provision build toolchain in prod image and restore before build (#185)
- Apply Supabase migrations in the prod deploy pipeline (#186)
- Require authentication and ownership in retryGeneration (#189)
- Make prod migration gate skip (not brick deploys) when secret unset (#191)
- Deliver BYOK_ENCRYPTION_KEY to prod/test containers (#193)
- Paginate dashboard, accurate stats, validate advanced schema in demo mode (#194)
- Resolve ws advisory (#43) in root lockfile (#195)
Dependencies
- Bump softprops/action-gh-release from 2 to 3 (#25)
- Bump actions/setup-node from 5 to 6 (#27)
- Bump aws-actions/configure-aws-credentials from 5 to 6 (#29)
- Bump actions/checkout from 5 to 6 (#26)
- Bump styled-jsx in /src/StackAlchemist.Web (#16)
- Bump @supabase/supabase-js in /src/StackAlchemist.Web (#14)
- Bump pytest 8.3.3 -> 9.0.3 in V1-Python-React template
- Bump @supabase/supabase-js in /src/StackAlchemist.Web (#43)
- Bump @supabase/ssr in /src/StackAlchemist.Web (#39)
- Bump docker/build-push-action from 6 to 7 (#35)
- Bump docker/setup-buildx-action from 3 to 4 (#34)
- Bump actions/upload-artifact from 4 to 7 (#33)
- Bump python-dotenv (#52)
- Bump lucide-react in /src/StackAlchemist.Web (#55)
- Bump @supabase/supabase-js in /src/StackAlchemist.Web (#60)
- Bump the next-react group across 1 directory with 4 updates (#53)
- Bump Node 20 → 22 (Node 20 LTS ended 2026-04-30)
- Bump Node 22 → 24 (skip the layover, latest LTS)
- Bump @supabase/supabase-js in /src/StackAlchemist.Web (#71)
- Bump lucide-react in /src/StackAlchemist.Web (#70)
- Bump @supabase/supabase-js in /src/StackAlchemist.Web (#74)
- Bump node from 24-alpine to 26-alpine (#98)
- Bump tailwind-merge in /src/StackAlchemist.Web (#103)
- Bump the next-react group (#99)
- Bump @supabase/ssr in /src/StackAlchemist.We...