chore: sync main into alpha (manual merge)

[markturansky]

Summary

• Manually merges main into alpha, resolving 13 conflicted files
• Brings alpha up to date with 109 commits from main (observability dashboard, gh wrapper, session creation docs, etc.)
• Preserves all alpha-only features (control-plane, MCP, kubeconfig credential provider, gRPC runner)

Conflict Resolution Strategy

< /dev/null | File | Strategy |
|------|----------|
| Makefile | Combined all targets: control-plane + mcp (alpha) + observability-dashboard (main) |
| auth.py | Kept kubeconfig block (alpha) + gh wrapper install (main) |
| bridge.py | Kept both asyncio (alpha) + json (main) imports |
| pyproject.toml | Main's tighter versions + alpha's grpc/protobuf/cryptography |
| observability.py | Main's refactored end_turn with null checks |
| model.go | Main's full agent fields + BeforeCreate defaults |
| kustomization.yaml | Both control_plane (alpha) + observability (main) images |
| frontend/DEVELOPMENT.md | Both session stream (alpha) + session creation (main) docs |
| test file | Both bot token (alpha) + gh wrapper (main) tests |
| uv.lock | Taken from main |
| SKILL.md, build-deploy.yml, backend/DEVELOPMENT.md | Minor header/path differences resolved |

Test plan

• CI passes on the PR
• Verify no conflict markers remain (rg '<<<<<<')
• Spot-check merged Makefile targets work

🤖 Generated with Claude Code

Summary by CodeRabbit

• New Features

  • Pre-upload workspace files (before session pod start), live model switching, scheduled sessions with edit, MCP server config at project/session, Advanced SDK options UI, new agent/skill automations (align, amber-review, pr-fixer, cypress-demo, scaffold, etc.), LDAP SRV + bind auth.

• Improvements

  • Session status caching and SSAR caching for performance, polling gated by tab visibility, stricter token/expiration validation, improved error handling, CI/workflow and docs automation, image metadata includes commit info.

[netlify]

✅ Deploy Preview for cheerful-kitten-f556a0 canceled.

Name	Link
🔨 Latest commit	6a1743c
🔍 Latest deploy log	https://app.netlify.com/projects/cheerful-kitten-f556a0/deploys/69e28167e28a3a0009f0302e

[coderabbitai]

📝 Walkthrough

Walkthrough

Adds repository-wide agent/skill definitions and CI automations; introduces S3-backed session pre-uploads, model-switching, MCP server config, SDK options UI, scheduled sessions, LDAP SRV/bind support, SSAR and agent-status caching, observability build targets, and multiple frontend/backend API and tests.

Changes

Cohort / File(s)	Summary
Agent/Skill & Command Specs .claude/agents/..., .claude/skills/..., .claude/commands/*.md	Added multiple agent/skill spec files (convention-eval, backend-review, frontend-review, operator-review, runner-review, security-review, align, amber-review, cypress-demo, dev-cluster, memory, pr-fixer, scaffold, unleash-flag, etc.) and eval fixtures. Removed legacy speckit and several command docs.
Assistant Hooks & Settings .claude/settings.json, .claude/agents (removed)	Added assistant hooks (PreToolUse/PostToolUse/Stop) and removed the .claude/agents pointer file.
Backend: Session & File Uploads components/backend/handlers/file_uploads.go, .../file_uploads_test.go, components/backend/storage/s3.go, .../s3_test.go, components/backend/types/session.go, components/backend/routes.go	Implemented S3 client, S3-backed pre-upload PUT/GET/DELETE handlers with RBAC/size/path checks, unit tests, session types extended for MCP/SdkOptions/stop-on-run-finished, and new routes.
Backend: Sessions & Model Switching components/backend/handlers/sessions.go, sessions_sdk_options_test.go	Added SDK option validation/filtering, caching for agent status derivation, Create/UpdateSession MCPServers handling, SwitchModel runtime handler (CR patch + runner sync) and related tests.
Backend: MCP Server Management components/backend/handlers/project_mcp.go	Added handlers for project-scoped MCP server GET/PUT to store/read ProjectSettings.spec.mcpServers.
Backend: SSAR Cache & Middleware components/backend/handlers/ssar_cache.go, middleware.go, ssar_cache_bench_test.go	Added concurrent, TTLed SSAR cache with eviction, middleware consults cache for K8s SSAR checks, and benchmarks/tests.
Backend: LDAP & S3 Integration components/backend/ldap/*, components/backend/main.go	Refactored LDAP client for SRV discovery, bind DN/password, custom CA; startup guards on missing credentials. Added S3 config loading and startup initialization.
Backend: Agent Model & Events components/ambient-api-server/plugins/agents/model.go, plugins/sessions/model.go, plugins/sessions/integration_test.go, agui_store.go	Extended Agent and Session LLM defaults/fields (model, temp, max tokens, metadata). Changed defaults to claude-sonnet-4-6. Bounded tail-reading of large session event logs (2MB).
Frontend: Scheduled Sessions & Forms components/frontend/src/app/projects/.../scheduled-sessions/*	Added ScheduledSessionForm, create/edit pages, cron preview/next-run, validation, workflows, repo autoPush/branch support, stop-on-run-finished toggle, and related UI.
Frontend: Live Model & Session UI components/frontend/src/app/.../sessions/*, components/frontend/src/components/live-model-selector.tsx, file-viewer.tsx, task-transcript-viewer.tsx	Added LiveModelSelector component and integration, polling gated by isActive, queued-message/run-active gating, kept tabs mounted to preserve state, and multiple UI adjustments.
Frontend: Advanced SDK Options & Editors components/frontend/src/components/claude-agent-options/*, advanced-sdk-options.tsx	Comprehensive agent options form and sub-editors (agents, hooks, MCP servers editor, key/value, string list, thinking, sandbox, plugins, output format), dirty-tracking and save/discard flows, and tests.
Frontend: File Upload Flow components/frontend/src/app/api/.../upload/route.ts, components/frontend/src/components/__tests__/create-session-dialog-files.test.tsx	Added preUploadFileToS3 helper and upload fallback for 409 Conflict to call backend pre-upload endpoint; tests for file attach behavior and size limit.
Docker & Build Makefile, components/*/Dockerfile	Added GIT_COMMIT build-arg and org.opencontainers.image.revision label across images; Makefile additions for observability dashboard, screenshots, docs-lint targets, and kind install improvements.
CI/CD Workflows .github/workflows/*.yml, .github/scripts/*	Large workflow refactor: added sdd-preflight, sdk-version-bump, runner-tool-versions, pr-merge-review, pull-reviews, screenshots, docs-lint, stale, test-local-dev changes; removed several legacy workflows; added model manifest validation script and adjusted model discovery path.
Repo Config & Tooling .coderabbit.yaml, .mergify.yml, .github/dependabot.yml, .mcp.json, .gitignore	Updated CodeRabbit review rules, Mergify gates, Dependabot ignores, added MCP server entries, and expanded .gitignore for Claude worktrees and sdk-bump output.
Docs & Governance CLAUDE.md, BOOKMARKS.md, .specify/*, components/*/DEVELOPMENT.md	Added runner constitution/spec, SDD manifest, updated CLAUDE.md conventions and BOOKMARKS, documented feature-flag and OOTB workflows, and simplified memory constitution.
Testing & Validation components/backend/handlers/*_test.go, components/frontend/src/**/__tests__/*, .github/scripts/validate-model-manifest.py	Added benchmarks/tests for agent-status, SSAR cache, file-upload keys, permissions validation, sessions SDK options; frontend unit tests updated/added; added manifest validator script.
Deps & Tooling Versions components/frontend/package.json, .github/scripts/model-discovery.py, components/*/go.mod	Updated Next.js/dompurify/file-type, moved model manifest path to components/manifests/base/core/models.json, bumped multiple Go deps (grpc/protobuf/genproto) and Go toolchain to 1.25 in components.ambient-* modules.

Sequence Diagram(s)

sequenceDiagram
    participant Client as Frontend
    participant Backend as Backend API
    participant K8s as Kubernetes API
    participant S3 as S3 (MinIO)
    participant Runner as Runner Service

    rect rgba(100, 200, 100, 0.5)
    Note over Client,Backend: Pre-upload file (PUT) with SSAR
    Client->>Backend: PUT /agentic-sessions/:sessionName/file-uploads/*path (body)
    Backend->>Backend: compute SSAR cache key
    Backend->>K8s: SelfSubjectAccessReview (if cache miss)
    K8s-->>Backend: allowed / denied
    alt allowed
        Backend->>Backend: validate path, size
        Backend->>S3: PutObject(namespace/session/key)
        S3-->>Backend: success
        Backend-->>Client: 200 OK (filename,size)
    else denied
        Backend-->>Client: 403 Forbidden
    end
    end

Loading

sequenceDiagram
    participant Client as Frontend
    participant Backend as Backend API
    participant K8s as Kubernetes API
    participant Runner as Runner Pod

    rect rgba(100, 150, 200, 0.5)
    Note over Client,Runner: Model switch flow
    Client->>Backend: POST /agentic-sessions/:sessionName/model { model }
    Backend->>K8s: GET AgenticSession CR
    K8s-->>Backend: spec.llmSettings.model
    Backend->>K8s: PATCH AgenticSession CR (set new model)
    K8s-->>Backend: patched
    Backend->>Runner: POST /model (runner endpoint)
    alt Runner accepts
        Runner-->>Backend: 200 OK
        Backend-->>Client: 200 OK
    else Runner rejects/fails
        Backend->>K8s: PATCH AgenticSession CR (revert model)
        Backend-->>Client: 500 Error
    end
    end

Loading

sequenceDiagram
    participant Runner as Runner Pod
    participant Backend as Backend API
    participant K8s as Kubernetes API

    rect rgba(200, 150, 100, 0.5)
    Note over Runner,Backend: Run-finished -> optional stop
    Runner->>Backend: stream event RUN_FINISHED
    Backend->>Backend: persistStreamedEvent -> update last-activity
    Backend->>Backend: check stopOnRunFinished cache
    alt cache miss or true
        Backend->>K8s: GET AgenticSession CR
        K8s-->>Backend: spec.stopOnRunFinished: true
        Backend->>K8s: PATCH annotations (desired-phase=Stopped)
        K8s-->>Backend: patched
        Backend->>Backend: cache stopOnRunFinished=true
    else cached false
        Backend-->>Runner: no action
    end
    end

Loading

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch chore/rebase-main-to-alpha-manual

✨ Simplify code

• Create PR with simplified code
• Commit simplified code in branch chore/rebase-main-to-alpha-manual

[coderabbitai]

Actionable comments posted: 8

Note

Due to the large number of review comments, Critical severity comments were prioritized as inline comments.

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (6)

.github/workflows/unit-tests.yml (1)

1-47: ⚠️ Potential issue | 🟠 Major

Add explicit permissions block to scope workflow privileges.

No permissions key is defined, so the workflow inherits the repository default (often write-all). These jobs only need contents: read (checkout) and actions: write (artifact upload). Scoping permissions limits blast radius if a dependency is compromised.

🔒 Suggested fix

 name: Unit Tests

 on:
   push:
     branches: [main]
     # ...
+
+permissions:
+  contents: read
+  actions: write

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/unit-tests.yml around lines 1 - 47, Add a top-level
permissions block to the Unit Tests workflow to explicitly scope privileges: set
permissions.contents to read (for actions/checkout) and permissions.actions to
write (for artifact upload), and keep other permissions at minimal required
(omit or set to none). Place this permissions mapping at the root of the
workflow YAML (alongside name, on, concurrency) so it applies to all jobs;
reference the workflow "Unit Tests" and the existing inputs
test_label/default_namespace and concurrency group to locate where to insert it.

.github/workflows/docs.yml (1)

23-61: ⚠️ Potential issue | 🟠 Major

Pin action versions to commit SHAs.

All actions in this workflow use semantic version tags (@v4, @v5, @v6) instead of immutable commit SHAs. As per coding guidelines, action versions must be pinned to SHA to prevent supply-chain attacks.

🔒 Recommended SHA pins for current action versions

       - name: Checkout
-        uses: actions/checkout@v6
+        uses: actions/checkout@a81bbbf8298c0fa03ea29cdc473d45769f953675  # v6.0.0
 
       - name: Setup Node.js
-        uses: actions/setup-node@v4
+        uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af  # v4.1.0
 
       - name: Setup Pages
-        uses: actions/configure-pages@v5
+        uses: actions/configure-pages@983d7736d9b0ae728b81ab479565c72886d7745b  # v5.0.0
 
       - name: Upload artifact
-        uses: actions/upload-pages-artifact@v4
+        uses: actions/upload-pages-artifact@56afc609e74202658d3ffba0e8f6dda462b719fa  # v4.0.0
 
       - name: Deploy to GitHub Pages
-        uses: actions/deploy-pages@v4
+        uses: actions/deploy-pages@d6db90164ac5ed86f2b6aed7e0febac5b3c0c03e  # v4.0.5

Note: Verify these SHAs match your desired versions before applying.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/docs.yml around lines 23 - 61, Replace the mutable
semantic tags with immutable commit SHAs for each GitHub Action usage to satisfy
pinning policy: update actions/checkout@v6, actions/setup-node@v4,
actions/configure-pages@v5, actions/upload-pages-artifact@v4, and
actions/deploy-pages@v4 to their corresponding commit SHA pins (e.g.,
actions/checkout@<sha>), ensuring you fetch and verify the correct SHAs from
each action’s repository and replace only the tag portion while leaving the rest
of the step (inputs like node-version, cache, working-directory, paths, and step
ids) unchanged.

.github/workflows/lint.yml (2)

145-149: ⚠️ Potential issue | 🟠 Major

Pin golangci-lint binary version instead of using latest.

The action itself is pinned to a SHA, but version: latest still allows the golangci-lint binary to drift, breaking unrelated PRs without any workflow change. Use an explicit version (e.g., version: v1.60.3) instead.

This applies to all four occurrences in the file (lines 145-149, 184-188, 223-227, 262-266).

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/lint.yml around lines 145 - 149, Replace the unstable
"version: latest" entries for the golangci-lint action with a pinned release
(for example "version: v1.60.3") wherever the action is used; locate the
golangci/golangci-lint-action@1e7e51e77 blocks (the four occurrences) and change
their "version:" keys from "latest" to the chosen explicit version string so the
golangci-lint binary no longer drifts across runs.

---

144-149: ⚠️ Potential issue | 🟠 Major

Restore separate lint passes for default and test-tagged builds.

The --build-tags=test single-pass approach excludes components/backend/handlers/k8s_clients_for_request_prod.go, which is constrained with //go:build !test. Keep both the default build and the --build-tags=test passes to ensure all production and test code paths are linted.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/lint.yml around lines 144 - 149, The lint workflow
currently runs a single golangci-lint step with args "--build-tags=test", which
skips files guarded by "//go:build !test" (e.g.,
k8s_clients_for_request_prod.go); restore two separate lint passes instead: add
one step (keep the existing name Run golangci-lint or similar) that omits
"--build-tags" (default build) and a second step that includes "args:
--timeout=5m --build-tags=test" so both default and test-tagged builds are
linted; ensure both steps use the same uses/version and working-directory
settings as the current step.

components/frontend/src/components/chat/ChatInputBox.tsx (1)

619-650: ⚠️ Potential issue | 🟠 Major

Keep an accessible name when the labels collapse on mobile.

On small screens, the Agents / Commands text is display: none, so these controls degrade into icon-only buttons with no stable accessible label. Add aria-label (and ideally title) to both buttons before hiding the text.

Suggested fix

-                      <Button variant="outline" size="sm" className="h-7 gap-1.5" disabled={agents.length === 0}>
+                      <Button
+                        variant="outline"
+                        size="sm"
+                        className="h-7 gap-1.5"
+                        disabled={agents.length === 0}
+                        aria-label={`Agents${agents.length > 0 ? ` (${agents.length})` : ""}`}
+                        title="Agents"
+                      >
                         <Users className="h-3.5 w-3.5" />
                         <span className="hidden sm:inline">Agents</span>
@@
-                      <Button variant="outline" size="sm" className="h-7 gap-1.5" disabled={commands.length === 0}>
+                      <Button
+                        variant="outline"
+                        size="sm"
+                        className="h-7 gap-1.5"
+                        disabled={commands.length === 0}
+                        aria-label={`Commands${commands.length > 0 ? ` (${commands.length})` : ""}`}
+                        title="Commands"
+                      >
                         <Terminal className="h-3.5 w-3.5" />
                         <span className="hidden sm:inline">Commands</span>

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@components/frontend/src/components/chat/ChatInputBox.tsx` around lines 619 -
650, The Agents and Commands popover Buttons lose their visible labels on small
screens, so add stable accessible names: add aria-label and title props to the
two Button elements used as PopoverTrigger (the Button with Users icon that
checks agents.length and the Button with Terminal icon that checks
commands.length). Use descriptive labels like "Open agents menu" and "Open
commands menu" (or similar), ensuring you add them to the Button components that
control agentsPopoverOpen and commandsPopoverOpen so the icon-only buttons
remain accessible when the span text is hidden.

components/frontend/src/app/projects/[name]/sessions/[sessionName]/page.tsx (1)

340-365: ⚠️ Potential issue | 🟠 Major

Drain queued messages one run at a time.

After Line 352, the first aguiSendMessage() can start a new run, but this loop keeps sending the rest of unsentMessages immediately. That bypasses the new isRunActive guard in sendChat() and can reorder or reject queued follow-ups.

Suggested fix

   useEffect(() => {
     const phase = session?.status?.phase;
     const unsentMessages = sessionQueue.messages.filter(m => !m.sentAt);

     if (phase === "Running" && !isRunActive && unsentMessages.length > 0) {
       const processMessages = async () => {
-        for (const messageItem of unsentMessages) {
-          try {
-            await aguiSendMessage(messageItem.content);
-            sessionQueue.markMessageSent(messageItem.id);
-            // Small delay between messages to avoid overwhelming the system
-            await new Promise(resolve => setTimeout(resolve, 100));
-          } catch (err) {
-            toast.error(err instanceof Error ? err.message : "Failed to send queued message");
-          }
-        }
+        const [messageItem] = unsentMessages;
+        try {
+          await aguiSendMessage(messageItem.content);
+          sessionQueue.markMessageSent(messageItem.id);
+        } catch (err) {
+          toast.error(err instanceof Error ? err.message : "Failed to send queued message");
+        }
       };

       processMessages();
     }

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@components/frontend/src/app/projects/`[name]/sessions/[sessionName]/page.tsx
around lines 340 - 365, The current useEffect drains all unsentMessages in a
loop which allows the first aguiSendMessage() to start a run and then
immediately sends subsequent queued messages, bypassing the isRunActive guard in
sendChat(); change the logic to only process the next single unsent message
(e.g. take unsentMessages[0]), await aguiSendMessage(message.content), call
sessionQueue.markMessageSent(message.id), handle errors as before, and do not
loop—allow the effect to re-run when isRunActive or sessionQueue.messages
changes so each run is drained one-at-a-time; reference functions/variables:
useEffect, aguiSendMessage, sessionQueue.markMessageSent, sendChat, isRunActive,
unsentMessages.

🟠 Major comments (22)

.github/dependabot.yml-9-11 (1)

9-11: ⚠️ Potential issue | 🟠 Major

Avoid blanket-ignore for core SDK dependencies

Ignoring anthropic and claude-agent-sdk entirely means Dependabot will never surface security/compatibility fixes for them. Prefer ignoring only major updates if noise control is the goal.

Suggested safer Dependabot config

-    ignore:
-      - dependency-name: "anthropic"
-      - dependency-name: "claude-agent-sdk"
+    ignore:
+      - dependency-name: "anthropic"
+        update-types:
+          - "version-update:semver-major"
+      - dependency-name: "claude-agent-sdk"
+        update-types:
+          - "version-update:semver-major"

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/dependabot.yml around lines 9 - 11, The dependabot config currently
blanket-ignores the core SDK dependencies "anthropic" and "claude-agent-sdk",
which suppresses all security and minor/patch updates; change the ignore entries
to only ignore major version updates (e.g., add update-types:
["version-update:semver-major"]) for the dependency-name values "anthropic" and
"claude-agent-sdk" so Dependabot will still surface patch and
minor/compatibility/security fixes while avoiding noisy major-version bumps.

components/backend/handlers/oauth.go-74-80 (1)

74-80: ⚠️ Potential issue | 🟠 Major

Broadened Gmail scopes are over-privileged by default

Line 74–80 now requests read/modify/compose scopes for all Google OAuth flows. That’s a significant privilege expansion versus send-only and should not be unconditional. Please gate expanded scopes behind a feature flag/config and keep the default to minimum required scopes.

Proposed direction (default minimal scopes + opt-in expanded scopes)

@@
 		return &OAuthProvider{
@@
-			Scopes: []string{
+			scopes := []string{
 				"openid",
 				"https://www.googleapis.com/auth/userinfo.email",
 				"https://www.googleapis.com/auth/userinfo.profile",
 				"https://www.googleapis.com/auth/drive",
 				"https://www.googleapis.com/auth/drive.readonly",
 				"https://www.googleapis.com/auth/drive.file",
-				// Gmail scopes for gmail:send permission level (cumulative in workspace-mcp)
-				// Includes: readonly, organize (labels+modify), drafts (compose), and send
-				"https://www.googleapis.com/auth/gmail.readonly",
-				"https://www.googleapis.com/auth/gmail.labels",
-				"https://www.googleapis.com/auth/gmail.modify",
-				"https://www.googleapis.com/auth/gmail.compose",
 				"https://www.googleapis.com/auth/gmail.send",
-			},
+			}
+			if os.Getenv("GOOGLE_GMAIL_EXPANDED_SCOPES") == "true" {
+				scopes = append(scopes,
+					"https://www.googleapis.com/auth/gmail.readonly",
+					"https://www.googleapis.com/auth/gmail.labels",
+					"https://www.googleapis.com/auth/gmail.modify",
+					"https://www.googleapis.com/auth/gmail.compose",
+				)
+			}
+			return &OAuthProvider{
+				Name:         "google",
+				ClientID:     clientID,
+				ClientSecret: clientSecret,
+				TokenURL:     "https://oauth2.googleapis.com/token",
+				Scopes:       scopes,
+			}, nil
-		}, nil

Based on learnings: "Gate new features behind Unleash feature flags; use /unleash-flag to set up new flags" and "Separate configuration from code; externalize via env vars, ConfigMaps, manifests, or feature flags; if a value varies across environments or changes over time, it is config, not code".

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@components/backend/handlers/oauth.go` around lines 74 - 80, The Gmail OAuth
scope list in components/backend/handlers/oauth.go is currently requesting broad
read/modify/compose scopes unconditionally; change the code that constructs the
Gmail scopes (the slice containing
"https://www.googleapis.com/auth/gmail.readonly", "gmail.labels",
"gmail.modify", "gmail.compose", "gmail.send") so the default set is the minimal
send-only scopes and the expanded readonly/labels/modify/compose scopes are only
appended when an explicit opt-in config/feature flag is enabled (use Unleash via
the existing /unleash-flag integration or an env var). Locate the scope
construction in the OAuth handler (where the Gmail scope slice is defined) and
implement gating logic: read the flag/env var, and only include the extra scopes
when enabled; ensure logging notes when expanded scopes are granted.

components/backend/handlers/integration_validation.go-137-141 (1)

137-141: ⚠️ Potential issue | 🟠 Major

Return a generic request-construction error to clients (don’t expose wrapped parse details).

At Line 140, %w can surface raw URL parse internals to user-facing responses via TestJiraConnection. Keep the external error generic.

Suggested fix

-	if !sawHTTPResponse && lastReqErr != nil {
-		return false, fmt.Errorf("failed to create request: %w", lastReqErr)
-	}
+	if !sawHTTPResponse && lastReqErr != nil {
+		return false, fmt.Errorf("failed to create request")
+	}

As per coding guidelines: "Do not log, error, or return tokens in responses; use len(token) for logging and provide generic messages to users".

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@components/backend/handlers/integration_validation.go` around lines 137 -
141, The current return in the block checking sawHTTPResponse and lastReqErr
uses fmt.Errorf("%w") which can expose internal parse details to callers (e.g.
TestJiraConnection); change it to return a generic error message (e.g.
fmt.Errorf("failed to create request")) without wrapping lastReqErr, and if you
need the underlying error for diagnostics, log lastReqErr internally (using the
existing logger) rather than returning it. Update the code around the
sawHTTPResponse/lastReqErr check to remove the %w wrapping and perform internal
logging of lastReqErr instead.

.mcp.json-5-5 (1)

5-5: ⚠️ Potential issue | 🟠 Major

Pin MCP server package versions; avoid @latest in committed config.

Lines 5 and 9 use floating package tags (@upstash/context7-mcp@latest and deepwiki-mcp@latest). This weakens reproducibility and increases supply-chain risk because upstream changes can alter behavior without any change to this repository.

Recommend pinning to specific versions:

Proposed changes

-      "args": ["-y", "@upstash/context7-mcp@latest"]
+      "args": ["-y", "@upstash/context7-mcp@<pinned-version>"]

-      "args": ["-y", "deepwiki-mcp@latest"]
+      "args": ["-y", "deepwiki-mcp@<pinned-version>"]

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.mcp.json at line 5, Replace floating `@latest` tags in the .mcp.json "args"
array with explicit, pinned versions to ensure reproducible builds: update the
entries referencing "@upstash/context7-mcp@latest" and "deepwiki-mcp@latest" to
specific semver pins (e.g., `@upstash/context7-mcp`@x.y.z and deepwiki-mcp@a.b.c),
verify those versions exist and run any install/test commands to confirm
compatibility, then commit the updated .mcp.json.

.github/workflows/stale.yml-16-16 (1)

16-16: 🛠️ Refactor suggestion | 🟠 Major

Pin actions/stale to commit SHA 5bef64f19d7facfb25b37b414482c7164d639639.

Change uses: actions/stale@v9 to uses: actions/stale@5bef64f19d7facfb25b37b414482c7164d639639 for supply-chain security and reproducibility.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/stale.yml at line 16, Update the GitHub Actions workflow
step referencing the stale action by replacing the floating tag
"actions/stale@v9" with the specific commit SHA
"actions/stale@5bef64f19d7facfb25b37b414482c7164d639639" to pin the dependency;
locate the usage of actions/stale in the workflow (the line containing uses:
actions/stale@v9) and change it to uses:
actions/stale@5bef64f19d7facfb25b37b414482c7164d639639 to ensure supply-chain
stability and reproducible runs.

components/ambient-api-server/plugins/agents/model.go-46-51 (1)

46-51: ⚠️ Potential issue | 🟠 Major

Zero-value check can override intentional user settings.

LlmTemperature == 0 is indistinguishable from "temperature explicitly set to 0" (valid for deterministic output). Same issue with LlmMaxTokens.

Consider using pointer fields (*float64, *int32) to distinguish nil (unset) from zero (explicit), or move defaults entirely to GORM's default tag and remove the BeforeCreate logic for these fields.

🛠️ Option: use pointers to distinguish unset from zero

 type Agent struct {
     // ...
-    LlmTemperature       float64 `json:"llm_temperature"        gorm:"default:0.7"`
-    LlmMaxTokens         int32   `json:"llm_max_tokens"         gorm:"default:4000"`
+    LlmTemperature       *float64 `json:"llm_temperature"        gorm:"default:0.7"`
+    LlmMaxTokens         *int32   `json:"llm_max_tokens"         gorm:"default:4000"`
 }

 func (d *Agent) BeforeCreate(tx *gorm.DB) error {
     d.ID = api.NewID()
     if d.LlmModel == "" {
         d.LlmModel = "claude-sonnet-4-6"
     }
-    if d.LlmTemperature == 0 {
-        d.LlmTemperature = 0.7
-    }
-    if d.LlmMaxTokens == 0 {
-        d.LlmMaxTokens = 4000
-    }
+    // Let GORM default tag handle nil→default conversion
     return nil
 }

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@components/ambient-api-server/plugins/agents/model.go` around lines 46 - 51,
The current zero-value checks in the model (checking LlmTemperature == 0 and
LlmMaxTokens == 0) can overwrite an explicit user-provided 0; update the model
to distinguish "unset" from explicit zero by changing the field types to
pointers (e.g., LlmTemperature *float64, LlmMaxTokens *int) and adjust any
constructor/BeforeCreate logic to check for nil instead of zero, assign the
desired defaults when nil, and update any usages of LlmTemperature/LlmMaxTokens
elsewhere to dereference safely; alternatively, if you prefer DB-side defaults,
remove the BeforeCreate defaulting code and add GORM `default` tags to the
LlmTemperature and LlmMaxTokens fields so explicit zeros are preserved.

.github/workflows/sdk-version-bump.yml-52-63 (1)

52-63: ⚠️ Potential issue | 🟠 Major

Exit code capture fails due to shell default behavior.

GitHub Actions run: steps use set -e by default. If python scripts/sdk-version-bump.py returns exit code 2 (updates available), the step fails before EXIT_CODE=$? executes.

🐛 Proposed fix

       run: |
-          python scripts/sdk-version-bump.py --check-only --package "$PACKAGE_ARG"
-          EXIT_CODE=$?
+          EXIT_CODE=0
+          python scripts/sdk-version-bump.py --check-only --package "$PACKAGE_ARG" || EXIT_CODE=$?
 
           if [ "$EXIT_CODE" -eq 2 ]; then

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/sdk-version-bump.yml around lines 52 - 63, The step fails
to capture non-zero exit codes because GitHub Actions uses set -e; update the
run block so the python invocation doesn't abort the script (e.g., run the
command with "|| true" or insert "set +e" before it), then assign EXIT_CODE=$?
and keep the existing logic that writes "updates_available=true/false" to
GITHUB_OUTPUT; ensure you reference the python script name
(scripts/sdk-version-bump.py), the EXIT_CODE variable and the existing
conditional branch that echoes to "$GITHUB_OUTPUT" so the step can inspect and
act on the script's exit code instead of being terminated early.

.github/workflows/docs-lint.yml-8-12 (1)

8-12: ⚠️ Potential issue | 🟠 Major

Scope the job token explicitly.

This job only reads repo contents, but without an explicit permissions: block it inherits the default GITHUB_TOKEN scope. Please lock it down to read-only here.

Suggested fix

 jobs:
   lint:
     name: Lint Documentation
     runs-on: ubuntu-latest
     timeout-minutes: 5
+    permissions:
+      contents: read

As per coding guidelines, ".github/workflows/**/*.{yml,yaml}: Pin action versions to SHA. Verify secrets are not exposed and permissions are scoped."

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/docs-lint.yml around lines 8 - 12, The lint job (jobs.lint
/ name: Lint Documentation) is inheriting full GITHUB_TOKEN scope; add an
explicit permissions block to restrict the token to read-only repository
contents (e.g., permissions: contents: read) and ensure the job-level
GITHUB_TOKEN uses that scoped permission; also review any referenced actions in
this workflow and pin them to SHA to comply with the repository policy.

components/frontend/src/components/claude-agent-options/_components/plugins-editor.tsx-22-25 (1)

22-25: ⚠️ Potential issue | 🟠 Major

Add an accessible name to the remove button.

This icon-only control has no label, so screen-reader users won't know what it does.

Suggested fix

-          <Button type="button" variant="ghost" size="icon" className="h-8 w-8 shrink-0" onClick={() => { ids.current.splice(i, 1); onChange(value.filter((_, j) => j !== i)); }}><Trash2 className="h-3 w-3" /></Button>
+          <Button
+            type="button"
+            variant="ghost"
+            size="icon"
+            className="h-8 w-8 shrink-0"
+            aria-label={plugin.path ? `Remove plugin ${plugin.path}` : "Remove plugin"}
+            onClick={() => {
+              ids.current.splice(i, 1);
+              onChange(value.filter((_, j) => j !== i));
+            }}
+          >
+            <Trash2 className="h-3 w-3" />
+          </Button>

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In
`@components/frontend/src/components/claude-agent-options/_components/plugins-editor.tsx`
around lines 22 - 25, The remove Button (the Button element wrapping the Trash2
icon) is missing an accessible name; add an aria-label (or title) to that Button
— e.g., aria-label="Remove plugin" or a dynamic label like aria-label={`Remove
plugin ${i + 1}`} — so screen readers announce its purpose, and keep the
existing onClick handler and classes (the Button with onClick that splices
ids.current and calls onChange).

components/backend/main.go-147-155 (1)

147-155: ⚠️ Potential issue | 🟠 Major

Don't bake an environment-specific LDAP base DN into the binary.

Falling back to cn=users,cn=accounts,dc=ipa,dc=redhat,dc=com makes LDAP resolution silently wrong anywhere outside that exact directory layout. This should be explicit config, not a code default.

Suggested fix

-		ldapBaseDN := getEnvOrDefault("LDAP_BASE_DN", "cn=users,cn=accounts,dc=ipa,dc=redhat,dc=com")
+		ldapBaseDN := os.Getenv("LDAP_BASE_DN")
 		ldapGroupBaseDN := os.Getenv("LDAP_GROUP_BASE_DN") // optional, derived from LDAP_BASE_DN if empty
 		ldapBindDN := os.Getenv("LDAP_BIND_DN")
 		ldapBindPassword := os.Getenv("LDAP_BIND_PASSWORD")
 		ldapCACertPath := os.Getenv("LDAP_CA_CERT_PATH")
-		if ldapBindDN == "" || ldapBindPassword == "" {
+		if ldapBaseDN == "" {
+			log.Printf("LDAP disabled: missing LDAP_BASE_DN")
+		} else if ldapBindDN == "" || ldapBindPassword == "" {
 			log.Printf("LDAP disabled: missing bind credentials")
 		} else if ldapClient, err := ldap.NewClient(ldapURL, ldapSRVDomain, ldapBaseDN, ldapGroupBaseDN, ldapBindDN, ldapBindPassword, ldapCACertPath); err != nil {

Based on learnings: Separate configuration from code; externalize via env vars, ConfigMaps, manifests, or feature flags; if a value varies across environments or changes over time, it is config, not code

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@components/backend/main.go` around lines 147 - 155, The code currently
hardcodes a fallback LDAP base DN via getEnvOrDefault("LDAP_BASE_DN",
"cn=users,cn=accounts,dc=ipa,dc=redhat,dc=com"), which bakes
environment-specific config into the binary; replace this by removing the
hardcoded default and forcing explicit configuration: change the logic around
ldapBaseDN to read LDAP_BASE_DN without a baked fallback (use os.Getenv or a
config loader), validate that ldapBaseDN is non-empty at startup and fail fast
with a clear log/error if missing, and update any places referencing ldapBaseDN,
ldapGroupBaseDN, and NewClient(...) to rely on the explicit config provided at
runtime (or document/require LDAP_BASE_DN via env/ConfigMap/manifest) so
different environments supply their own DN.

.github/workflows/test-local-dev.yml-278-294 (1)

278-294: ⚠️ Potential issue | 🟠 Major

Local Dev CI Gate can pass when prerequisites never ran successfully.

The gate does not include detect-changes in needs, and it only blocks on failure. If detect-changes errors, test-local-dev-simulation becomes skipped and this required gate still goes green; cancelled upstream results also pass today.

Suggested fix

   ci-gate:
     name: Local Dev CI Gate
     runs-on: ubuntu-latest
-    needs: [validate-manifests, test-local-dev-simulation]
+    needs: [detect-changes, validate-manifests, test-local-dev-simulation]
     if: always()
     timeout-minutes: 1
     steps:
       - name: Check results
         run: |
+          echo "detect-changes: ${{ needs.detect-changes.result }}"
           echo "validate-manifests: ${{ needs.validate-manifests.result }}"
           echo "test-local-dev-simulation: ${{ needs.test-local-dev-simulation.result }}"
-          if [ "${{ needs.validate-manifests.result }}" == "failure" ] || \
-             [ "${{ needs.test-local-dev-simulation.result }}" == "failure" ]; then
+          if [ "${{ needs.detect-changes.result }}" != "success" ] || \
+             [ "${{ needs.validate-manifests.result }}" != "success" ] || \
+             { [ "${{ needs.test-local-dev-simulation.result }}" != "success" ] && \
+               [ "${{ needs.test-local-dev-simulation.result }}" != "skipped" ]; }; then
             echo "One or more required checks failed"
             exit 1
           fi
           echo "All checks passed or were appropriately skipped"

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/test-local-dev.yml around lines 278 - 294, The CI gate job
ci-gate should also depend on detect-changes and must treat any non-success
upstream result as a failure; update the needs array to include detect-changes
and modify the "Check results" step (the shell logic in that step) to fail when
any of the required jobs' results is not "success" (or explicitly check for
"failure", "skipped", or "cancelled") instead of only checking for "failure" so
skipped/cancelled upstream jobs can't silently let the gate pass.

.github/workflows/test-local-dev.yml-22-26 (1)

22-26: ⚠️ Potential issue | 🟠 Major

Pin the new action refs to immutable SHAs.

This adds mutable refs for required CI (actions/checkout@v6 and dorny/paths-filter@v4). Version tags can change behavior without diff visibility. GitHub Actions must be pinned to commit SHAs per .github/workflows/**/*.{yml,yaml} requirements.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/test-local-dev.yml around lines 22 - 26, Replace the
mutable action tags with immutable commit SHAs: locate the uses entries
referencing actions/checkout@v6 and dorny/paths-filter@v4 and change them to the
corresponding full commit SHAs (e.g., actions/checkout@<commit-sha> and
dorny/paths-filter@<commit-sha>), ensuring you pick the SHA for the exact
version you expect; commit the change so the workflow uses those pinned SHAs
instead of the floating tags.

.github/workflows/screenshots.yml-24-30 (1)

24-30: ⚠️ Potential issue | 🟠 Major

Pin actions to commit SHAs for supply-chain security.

Mutable version tags and branches expose workflows to upstream compromise. Per coding guidelines, all action versions must be pinned to SHA:

• Line 24: actions/checkout@v6 → actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• Line 27: kubeflow/pipelines/.github/actions/github-disk-cleanup@master → kubeflow/pipelines/.github/actions/github-disk-cleanup@ab1231a5c32c688bcb62314e467011b586aee796
• Line 30: actions/setup-node@v6 → actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f
• Line 118: actions/upload-artifact@v6 → actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/screenshots.yml around lines 24 - 30, Replace mutable
action version tags with the provided commit SHAs to pin dependencies: update
"actions/checkout@v6" to
"actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd", update
"kubeflow/pipelines/.github/actions/github-disk-cleanup@master" to
"kubeflow/pipelines/.github/actions/github-disk-cleanup@ab1231a5c32c688bcb62314e467011b586aee796",
update "actions/setup-node@v6" to
"actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f", and also pin
"actions/upload-artifact@v6" to
"actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f" wherever it
appears.

Makefile-233-236 (1)

233-236: ⚠️ Potential issue | 🟠 Major

This target now depends on a directory outside the checkout.

Line 235 uses cd ../observability/dashboard, which escapes the repo root. make build-observability-dashboard will fail in CI and fresh clones unless everyone also has a sibling observability checkout. Point this at the in-repo dashboard path instead.

Based on learnings Verify contracts and references before building on assumptions (env vars exist, paths are correct, URLs are reachable); after moving anything, grep scripts, workflows, manifests, and configs

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@Makefile` around lines 233 - 236, The Makefile target
build-observability-dashboard currently cd's to a sibling repo path
("../observability/dashboard"), which escapes the checkout; change the target to
use the in-repo dashboard directory (replace the "../observability/dashboard"
reference used in the command under the build-observability-dashboard target
with the repository-local path like "observability/dashboard" or
"./observability/dashboard") so CI and fresh clones don’t require an external
checkout, and then grep/update any scripts, workflows or manifests that assumed
the old path to ensure consistency.

.github/workflows/sdd-preflight.yml-82-94 (1)

82-94: ⚠️ Potential issue | 🟠 Major

Don’t stop at the first matching managed path.

Line 92 makes the first matching glob authoritative. If a file matches both a warn component and an enforce component, the earlier match wins and the violation is silently downgraded. Please collect all matches, or at least let enforce take precedence over warn.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/sdd-preflight.yml around lines 82 - 94, The current inner
loop breaks on the first match, making the first matching pattern in
PATTERN_FILE authoritative and allowing an enforce to be silently downgraded by
an earlier warn; update the logic in the inner while that reads regex/comp/mode
(the loop using regex, comp, mode and reading PATTERN_FILE) to collect all
matches for a given changed_file rather than breaking on the first match: either
remove the break and append a row for every match (adding to VIOLATIONS when
mode="enforce" and to WARNINGS when mode!="enforce"), or track booleans (e.g.,
found_enforce/found_warn) during the inner loop and after it finishes, if
found_enforce is true add an enforce VIOLATION row (taking precedence), else if
found_warn add a WARNING row; ensure you still skip empty changed_file entries
and preserve the existing row formatting logic.

Makefile-1283-1283 (1)

1283-1283: ⚠️ Potential issue | 🟠 Major

kind local image sync still skips the control-plane image.

Line 1283 adds the dashboard image, but $(CONTROL_PLANE_IMAGE) is still missing from _kind-load-images. make kind-up LOCAL_IMAGES=true / kind-rebuild will keep using the stale control-plane image, so local testing won’t exercise control-plane changes from this merge.

Minimal fix

-	`@for` img in $(BACKEND_IMAGE) $(FRONTEND_IMAGE) $(OPERATOR_IMAGE) $(RUNNER_IMAGE) $(STATE_SYNC_IMAGE) $(PUBLIC_API_IMAGE) $(API_SERVER_IMAGE) $(MCP_IMAGE) $(OBSERVABILITY_DASHBOARD_IMAGE); do \
+	`@for` img in $(BACKEND_IMAGE) $(FRONTEND_IMAGE) $(OPERATOR_IMAGE) $(RUNNER_IMAGE) $(STATE_SYNC_IMAGE) $(PUBLIC_API_IMAGE) $(API_SERVER_IMAGE) $(CONTROL_PLANE_IMAGE) $(MCP_IMAGE) $(OBSERVABILITY_DASHBOARD_IMAGE); do \

Based on learnings Image references must match across the stack; after changing an image name or tag, grep all overlays, workflows, and ConfigMaps

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@Makefile` at line 1283, The for-loop that populates images for the
_kind-load-images target omits $(CONTROL_PLANE_IMAGE), so local kind image sync
still uses a stale control-plane image; update the loop in the Makefile (the
invocation listing $(BACKEND_IMAGE) $(FRONTEND_IMAGE) ...
$(OBSERVABILITY_DASHBOARD_IMAGE)) to also include $(CONTROL_PLANE_IMAGE) so that
_kind-load-images (and make kind-up LOCAL_IMAGES=true / kind-rebuild) loads the
control-plane image from local builds.

.github/workflows/components-build-deploy.yml-209-215 (1)

209-215: ⚠️ Potential issue | 🟠 Major

Pin action versions to SHAs across all workflow jobs.

Four locations use floating tags (actions/checkout@v6, redhat-actions/openshift-tools-installer@v1) instead of pinned SHAs. Per repo policy, replace:

• actions/checkout@v6 → de0fac2e4500dabe0009e67214ff5f5447ce83dd
• redhat-actions/openshift-tools-installer@v1 → 144527c7d98999f2652264c048c7a9bd103f8a82

Locations: 209–215, 330–336, 357–363, 435–440

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/components-build-deploy.yml around lines 209 - 215,
Replace the floating GitHub Action tags with the provided SHAs wherever they
appear in this workflow: change uses: actions/checkout@v6 to uses:
actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd and change uses:
redhat-actions/openshift-tools-installer@v1 to uses:
redhat-actions/openshift-tools-installer@144527c7d98999f2652264c048c7a9bd103f8a82;
update each occurrence (the four blocks that currently reference
actions/checkout and redhat-actions/openshift-tools-installer) so all jobs use
the pinned SHAs instead of floating tags.

components/backend/handlers/sessions.go-543-546 (1)

543-546: ⚠️ Potential issue | 🟠 Major

Namespace the agent-status cache key.

This cache is keyed only by session.Metadata["name"]. Two namespaces can have the same session name, so one project can receive another project's cached AgentStatus.

Suggested fix

 func enrichAgentStatus(session *types.AgenticSession) {
@@
 	name, _ := session.Metadata["name"].(string)
 	if name == "" {
 		return
 	}
+	project := session.Spec.Project
+	if project == "" {
+		if ns, ok := session.Metadata["namespace"].(string); ok {
+			project = ns
+		}
+	}
+	cacheKey := fmt.Sprintf("%s/%s", project, name)

 	// Check cache
 	agentStatusCache.RLock()
-	if entry, ok := agentStatusCache.entries[name]; ok && time.Now().Before(entry.expiresAt) {
+	if entry, ok := agentStatusCache.entries[cacheKey]; ok && time.Now().Before(entry.expiresAt) {
 		agentStatusCache.RUnlock()
 		if entry.status != "" {
 			session.Status.AgentStatus = types.StringPtr(entry.status)
@@
 	// Store in cache
 	agentStatusCache.Lock()
-	agentStatusCache.entries[name] = agentStatusCacheEntry{
+	agentStatusCache.entries[cacheKey] = agentStatusCacheEntry{
 		status:    derived,
 		expiresAt: time.Now().Add(agentStatusCacheTTL),
 	}

As per coding guidelines: Namespace-scope shared state keys by including namespace/project prefix in cache keys and status entries

Also applies to: 582-605

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@components/backend/handlers/sessions.go` around lines 543 - 546, The cache
currently keys agentStatusCache.entries only by session.Metadata["name"],
causing cross-namespace collisions; change all places that read/write
agentStatusCache (the entries map and any helpers around agentStatusCacheEntry)
to use a namespaced key like namespace + "/" + name (e.g.,
session.Metadata["namespace"] + "/" + session.Metadata["name"]) and update
agentStatusCacheEntry to include a Namespace field if needed so stored entries
carry their namespace; ensure every lookup, set, and delete (including the code
blocks that build and access keys around agentStatusCache and
agentStatusCacheEntry) uses this composite key to prevent cross-project leaks.

components/frontend/src/app/projects/[name]/sessions/[sessionName]/components/settings/mcp-servers-panel.tsx-69-72 (1)

69-72: ⚠️ Potential issue | 🟠 Major

These MCP writes can clobber each other.

Every handler rebuilds the next payload from session?.spec?.mcpServers, which is stale until the parent session query catches up. A quick disable/add/remove sequence can therefore drop the previous change because each PUT sends a full config object.

Use an optimistic local config (or the latest mutation variables) as the write base, and block further edits while the mutation is pending.

Also applies to: 89-137

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In
`@components/frontend/src/app/projects/`[name]/sessions/[sessionName]/components/settings/mcp-servers-panel.tsx
around lines 69 - 72, Current handlers build PUT payloads from the stale
session?.spec?.mcpServers (via currentConfig/customServers/disabledServers),
which lets concurrent edits clobber each other; fix by introducing an optimistic
local state (e.g., mcpLocalConfig state) that mirrors MCPServersConfig and
update that state synchronously inside your add/remove/toggle handlers before
calling the mutation, use that local state as the base for the mutation payload
instead of session?.spec?.mcpServers, and disable further edits while the
mutation is pending (track mutation status) so handlers like the
addCustomServer/removeCustomServer/toggleDisabledServer use and update
mcpLocalConfig and pending flag to avoid races.

components/frontend/src/app/projects/[name]/scheduled-sessions/_components/scheduled-session-form.tsx-184-198 (1)

184-198: ⚠️ Potential issue | 🟠 Major

Re-run the default-model effect when the runner changes.

handleRunnerTypeChange() resets model, but this effect only watches modelsData?.defaultModel. If the next runner/provider resolves to the same default model id, the effect does not fire and the form stays blank.

Suggested fix

-  }, [modelsData?.defaultModel, form, isEdit, initialData]);
+  }, [selectedRunnerType, modelsData, form, isEdit, initialData]);

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In
`@components/frontend/src/app/projects/`[name]/scheduled-sessions/_components/scheduled-session-form.tsx
around lines 184 - 198, The default-model useEffect (the block that reads
modelsData?.defaultModel and calls form.setValue("model", ...)) must also re-run
when the selected runner/provider changes because handleRunnerTypeChange()
resets the model; update the effect's dependency array to include the
runner/runnerType state used by handleRunnerTypeChange (or the provider id) so
the effect will run after runner changes and re-apply modelsData.defaultModel or
the preserved initialData value via form.setValue; keep the existing edit-mode
check (isEdit and initialData.sessionTemplate.llmSettings?.model) and the model
existence check when adding this dependency.

.github/workflows/prod-release-deploy.yaml-577-579 (1)

577-579: ⚠️ Potential issue | 🟠 Major

Add deploy-rhoai-mlflow to the deploy chain.

Line 579 leaves the new prerequisite job out of deploy-to-openshift.needs, so the main deployment can start before the RHOAI/MLflow operators, CRDs, and secret are ready. That makes the new ordering ineffective and introduces a race.

Suggested fix

-    needs: [release, merge-manifests, pre-pull-images]
+    needs: [release, merge-manifests, pre-pull-images, deploy-rhoai-mlflow]

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/prod-release-deploy.yaml around lines 577 - 579, The
deploy-to-openshift job's needs list is missing the new prerequisite job
deploy-rhoai-mlflow; update the deploy-to-openshift job definition so its needs
array includes deploy-rhoai-mlflow (alongside release, merge-manifests,
pre-pull-images) to ensure deploy-rhoai-mlflow completes before
deploy-to-openshift runs. Ensure you reference the deploy-to-openshift job block
and add the string "deploy-rhoai-mlflow" into its needs array.

.github/workflows/prod-release-deploy.yaml-459-467 (1)

459-467: ⚠️ Potential issue | 🟠 Major

Pin action versions to SHA instead of moving tags.

Lines 460, 465, and 587 use unpinned tags (v6, v1) that can change without notice, weakening supply-chain integrity and violating the workflow policy. Replace with immutable SHAs (e.g., actions/checkout@a5ac7e51b41094c7423fa3007db8d8cda0e50436 for v6).

• actions/checkout@v6 → checkout by SHA
• redhat-actions/openshift-tools-installer@v1 → install by SHA

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/prod-release-deploy.yaml around lines 459 - 467, The
workflow uses mutable action tags (actions/checkout@v6 and
redhat-actions/openshift-tools-installer@v1); replace each occurrence with the
corresponding immutable commit SHAs (e.g., actions/checkout@<checkout_SHA> and
redhat-actions/openshift-tools-installer@<installer_SHA>) so the workflow pins
exact revisions; update every place these actions are referenced (including the
checkout step and the oc installer step and the other occurrence near line 587)
and keep the existing with: blocks (ref: ${{ needs.release.outputs.new_tag }}
and oc: latest) unchanged.

🟡 Minor comments (4)

components/frontend/src/components/__tests__/create-session-dialog-files.test.tsx-126-135 (1)

126-135: ⚠️ Potential issue | 🟡 Minor

Fragile selector and silent pass if button not found.

The remove button lookup relies on a CSS class (.bg-muted\\/50) which may change with styling. More critically, wrapping the click in if (removeButtons.length > 0) silently passes if the button isn't found—test won't catch a regression.

Suggested fix

-    const removeButtons = screen.getAllByRole('button').filter(
-      btn => btn.querySelector('svg') && btn.closest('.bg-muted\\/50')
-    );
-    if (removeButtons.length > 0) {
-      fireEvent.click(removeButtons[0]);
-      await waitFor(() => {
-        expect(screen.queryByText(/removeme\.txt/)).toBeNull();
-      });
-    }
+    // Use accessible name or test-id for the remove button
+    const removeButton = screen.getByRole('button', { name: /remove/i });
+    fireEvent.click(removeButton);
+    await waitFor(() => {
+      expect(screen.queryByText(/removeme\.txt/)).toBeNull();
+    });

If the component lacks an accessible name, consider adding aria-label="Remove file" to the remove button.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In
`@components/frontend/src/components/__tests__/create-session-dialog-files.test.tsx`
around lines 126 - 135, The test uses a fragile CSS-based filter and silently
skips the click when no button is found; update the test to assert and target
the remove button via accessibility instead: replace the
screen.getAllByRole(...).filter(...) logic with a role query that matches an
accessible name (e.g. getByRole('button', { name: /remove file|remove/i }) or
getAllByRole and find by name), remove the if (removeButtons.length > 0) guard
so the test fails if the button is missing, then call fireEvent.click on the
found button and await the existing waitFor(...) that asserts the file text is
gone; if the component lacks an accessible name, add aria-label="Remove file" to
the remove button in the component so the test can reliably select it.

components/backend/websocket/agui_proxy.go-1010-1015 (1)

1010-1015: ⚠️ Potential issue | 🟡 Minor

Cache doesn't invalidate on spec changes.

If stopOnRunFinished is initially false and gets cached, subsequent updates to enable it won't take effect until the cache entry expires (~1hr via cleanupStaleSessions). Edge case, but could be confusing if users toggle the setting mid-session.

Consider clearing the cache entry when the session spec is updated, or accepting this as intentional behavior to avoid API churn.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@components/backend/websocket/agui_proxy.go` around lines 1010 - 1015, The
cache check in agui_proxy.go (stopOnRunFinishedCache.Load(sessionName)) can
block updates to the session spec from taking effect; modify the session
update/watch logic to invalidate the cached entry when the session's spec
changes by calling stopOnRunFinishedCache.Delete(sessionName) (or equivalent)
whenever the Session resource is updated (e.g., in your session update handler
or k8s watch event processing path), so toggling stopOnRunFinished mid-session
will be honored immediately.

.github/workflows/amber-issue-handler.yml-91-91 (1)

91-91: ⚠️ Potential issue | 🟡 Minor

Pin action to commit SHA to prevent tag hijacking.

ambient-code/ambient-action@v0.0.5 at lines 91, 294, 365, 445 uses a mutable tag. Per coding guidelines, pin to commit SHA: 3f01516d00ba5628f210f9390a98970b5567c835

Replace with: ambient-code/ambient-action@3f01516d00ba5628f210f9390a98970b5567c835

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/amber-issue-handler.yml at line 91, Replace the mutable
tag reference "ambient-code/ambient-action@v0.0.5" with the provided commit SHA
"ambient-code/ambient-action@3f01516d00ba5628f210f9390a98970b5567c835" wherever
it appears (e.g., the usages currently showing
"ambient-code/ambient-action@v0.0.5"); update all occurrences to pin to the
commit SHA to prevent tag hijacking.

components/frontend/src/app/projects/[name]/scheduled-sessions/[scheduledSessionName]/edit/page.tsx-13-29 (1)

13-29: ⚠️ Potential issue | 🟡 Minor

Missing error state handling.

The component checks isLoading and !scheduledSession but doesn't handle the error state from useScheduledSession. A failed fetch will show "Scheduled session not found" instead of an appropriate error message.

Proposed fix

-  const { data: scheduledSession, isLoading } = useScheduledSession(projectName, scheduledSessionName);
+  const { data: scheduledSession, isLoading, error } = useScheduledSession(projectName, scheduledSessionName);

   if (isLoading) {
     return (
       <div className="flex items-center justify-center min-h-[400px]">
         <Loader2 className="h-8 w-8 animate-spin text-muted-foreground" />
       </div>
     );
   }

+  if (error) {
+    return (
+      <div className="flex items-center justify-center min-h-[400px]">
+        <p className="text-destructive">Failed to load scheduled session</p>
+      </div>
+    );
+  }
+
   if (!scheduledSession) {

As per coding guidelines: "Verify loading/error states and error handling in React Query hooks."

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In
`@components/frontend/src/app/projects/`[name]/scheduled-sessions/[scheduledSessionName]/edit/page.tsx
around lines 13 - 29, The component currently only handles isLoading and a
missing scheduledSession, but ignores the error returned by useScheduledSession;
update the hook destructuring to include error (e.g., const { data:
scheduledSession, isLoading, error } = useScheduledSession(...)) and add an
early render branch that checks error and displays an appropriate error message
(use error.message or a friendly fallback) before falling back to the "Scheduled
session not found" case so failed fetches show the actual error rather than the
not-found UI.

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

Gate deploy-rhoai-mlflow on successful build/deploy prerequisites.

With needs: [build-matrix] plus always(), this job can still oc apply, oc exec, create the MLflow DB, and patch secrets after build or merge-manifests fail. That turns a broken push into a partial cluster mutation.

Minimal fix

-  deploy-rhoai-mlflow:
-    runs-on: ubuntu-latest
-    needs: [build-matrix]
-    if: always() && !cancelled() && (github.event_name == 'push' && github.ref == 'refs/heads/main' || github.event_name == 'workflow_dispatch')
+  deploy-rhoai-mlflow:
+    runs-on: ubuntu-latest
+    needs: [merge-manifests]
+    if: !cancelled() && (github.event_name == 'push' && github.ref == 'refs/heads/main' || github.event_name == 'workflow_dispatch')

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/components-build-deploy.yml around lines 204 - 207, The
deploy-rhoai-mlflow job is currently guarded by always() which lets it run even
when its prerequisite job(s) fail; update the job conditional to require
successful prerequisites instead of always(): remove always() and add a check
that the needed job(s) succeeded (e.g., require needs.build-matrix.result ==
'success' or include any other prerequisite like needs.merge-manifests.result ==
'success' if applicable) while keeping the existing event checks
(github.event_name == 'push' && github.ref == 'refs/heads/main' ||
github.event_name == 'workflow_dispatch'); reference the job name
deploy-rhoai-mlflow and the existing needs: [build-matrix] / if: condition to
locate where to change the condition.

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

Pin the reusable workflow to a SHA.

The workflow reference uses @main instead of a pinned SHA. As per coding guidelines, action versions must be pinned to SHA for security and reproducibility.

🔒 Proposed fix to pin workflow reference

Example (replace with actual SHA):

-    uses: ambient-code/pull-reviews/.github/workflows/review.yml@main
+    uses: ambient-code/pull-reviews/.github/workflows/review.yml@abc123def456...

To get the current SHA of main:

#!/bin/bash
gh api repos/ambient-code/pull-reviews/commits/main --jq '.sha'

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/pull-reviews.yml at line 14, The reusable workflow
reference currently uses the floating tag "uses:
ambient-code/pull-reviews/.github/workflows/review.yml@main"; replace the
"@main" suffix with the repository commit SHA for the desired revision (pin the
workflow to that SHA) so the action is immutable and reproducible—obtain the SHA
from the remote (e.g., the repo's main branch commit) and update the string
"uses: ambient-code/pull-reviews/.github/workflows/review.yml@<SHA>"
accordingly.

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Fetch and display the reusable workflow definition
gh api repos/ambient-code/pull-reviews/contents/.github/workflows/review.yml \
  --jq '.content' | base64 -d

Repository: ambient-code/platform

Length of output: 3763

---

Fix parameter mismatch and remove unused S3 secrets; pin external workflow to commit SHA.

The external workflow accepts gcs_bucket (not s3_bucket) and uses Google Cloud Storage with Vertex AI, not S3. The S3 secrets passed here—S3_ENDPOINT, S3_ACCESS_KEY_ID, S3_SECRET_ACCESS_KEY, CDN_BASE_URL—are unused by the external workflow and should be removed. Additionally, pin the external workflow call to a commit SHA instead of @main, and verify that the external workflow's action versions are similarly pinned per security guidelines.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/pull-reviews.yml around lines 14 - 24, Change the workflow
invocation to pass the correct storage parameter and remove unused S3 secrets:
replace the input key s3_bucket with gcs_bucket (matching the external
workflow’s expected input), drop the unused secrets S3_ENDPOINT,
S3_ACCESS_KEY_ID, S3_SECRET_ACCESS_KEY, and CDN_BASE_URL from the secrets block,
and pin the external workflow referenced by uses:
ambient-code/pull-reviews/.github/workflows/review.yml@main to a specific commit
SHA (and ensure action versions referenced inside that external workflow are
likewise pinned).

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

Normalize separators before validating the upload path.

Line 82 and Line 270 convert backslashes after the traversal check. On Linux, filepath treats ..\foo as a normal filename during validation, so this can pass IsPathWithinBase and then become ../foo in the stored key. That opens a traversal bypass for any downstream hydration that uses slash-separated paths.

Suggested fix

-	sub := strings.TrimPrefix(c.Param("path"), "/")
+	sub := strings.TrimPrefix(strings.ReplaceAll(c.Param("path"), "\\", "/"), "/")
 	if sub == "" {
 		c.JSON(http.StatusBadRequest, gin.H{"error": "File path required"})
 		return
 	}
-	workspaceBase := "/workspace/file-uploads"
-	validationPath := filepath.Join(workspaceBase, sub)
-	if !pathutil.IsPathWithinBase(validationPath, workspaceBase) {
+	filePath := path.Clean(sub)
+	if filePath == "." || filePath == ".." || strings.HasPrefix(filePath, "../") {
 		log.Printf("PreUploadFile: path traversal attempt detected - path=%q", sub)
 		c.JSON(http.StatusBadRequest, gin.H{"error": "Invalid path: must be within file-uploads directory"})
 		return
 	}
-	filePath := filepath.ToSlash(sub)

Add path to the imports and apply the same normalization in DeletePreUploadedFile.

Also applies to: 257-270

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@components/backend/handlers/file_uploads.go` around lines 69 - 82, Normalize
and clean the requested path before doing the traversal check: in the
PreUploadFile handler (and likewise in DeletePreUploadedFile) convert
backslashes to slashes and run path.Clean on the trimmed param (use the path
package), then trim any leading "/" from that cleaned value into the variable
sub before composing validationPath and calling pathutil.IsPathWithinBase;
ensure filePath is derived from the same cleaned sub. Add the path import and
apply the identical normalization logic in both PreUploadFile and
DeletePreUploadedFile so validation and stored keys use the same canonical path.

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

Do not authorize requests from a stale global SSAR cache.

A cache-hit true now bypasses the live SSAR completely, so RBAC revokes or token expiry/revocation can keep passing middleware until the cache entry ages out. A cache-hit false has the opposite problem and can keep newly granted users locked out. This needs invalidation tied to authz changes, or the cache cannot be the sole gate here.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@components/backend/handlers/middleware.go` around lines 313 - 349, The
current logic trusts globalSSARCache.check(cacheKey) unconditionally, which
allows stale allow/deny decisions to bypass live RBAC checks; fix by making
cache entries time-bound and validating freshness before skipping the live SSAR:
change globalSSARCache to store a timestamp with each entry and update the
middleware call (where ssarCacheKey, extractRequestToken, globalSSARCache.check,
and globalSSARCache.store are used) to treat stale entries as misses (i.e.,
perform reqK8s.AuthorizationV1().SelfSubjectAccessReviews().Create and then
store the new allowed value plus timestamp); ensure the cacheKey still includes
the request token so per-token entries are kept distinct.

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

🏁 Script executed:

# First, let's examine the full ldap/client.go file to understand initialization and validation
fd -name "client.go" components/backend/ldap/

Repository: ambient-code/platform

Length of output: 295

---

🏁 Script executed:

# Find the complete file
find components/backend -name "client.go" -path "*ldap*"

Repository: ambient-code/platform

Length of output: 98

---

🏁 Script executed:

# Search more broadly
find . -name "*.go" -path "*ldap*" | head -20

Repository: ambient-code/platform

Length of output: 179

---

🏁 Script executed:

# Check for ldap files in backend
find components/backend -type f -name "*.go" | grep -i ldap

Repository: ambient-code/platform

Length of output: 173

---

🏁 Script executed:

# Read the full ldap/client.go file
cat -n components/backend/ldap/client.go

Repository: ambient-code/platform

Length of output: 15113

---

🏁 Script executed:

# Also check the test file to understand expected behavior
cat -n components/backend/ldap/client_test.go

Repository: ambient-code/platform

Length of output: 10950

---

🏁 Script executed:

# Check how the LDAP client is used in handlers
cat -n components/backend/handlers/ldap.go

Repository: ambient-code/platform

Length of output: 3643

---

🌐 Web query:

go-ldap library DialURL ldap:// vs ldaps:// scheme handling TLS enforcement

💡 Result:

The go-ldap library (github.com/go-ldap/ldap/v3, latest v3.4.13 as of 2026-03) handles ldap:// and ldaps:// schemes in DialURL as follows: - ldap:// uses plain TCP connection (port 389 by default), no TLS enforced. Dial("tcp", host:port). - ldaps:// uses TLS connection from the start (port 636 by default), with a default tls.Config{ServerName: host} passed to DialTLS. TLS is enforced by the scheme. DialURL signature: func DialURL(addr string, opts ...DialOpt) (*Conn, error). Options like DialWithTLSConfig allow custom TLS config for ldaps:// or forcing TLS on ldap://. No automatic STARTTLS on ldap://; use Conn.StartTLS manually after plain connect for opportunistic TLS upgrade. Source code confirms scheme-based routing to Dial vs DialTLS (v3.0.3+ unchanged in recent versions). Custom dialers/options added in v3.1.4+ (PR#249). Default ldaps:// enforces TLS but uses system cert pool (InsecureSkipVerify=false implicitly); customize via opts for CA/client certs.

Citations:

• 1: https://pkg.go.dev/github.com/go-ldap/ldap/v3
• 2: https://stackoverflow.com/questions/61922362/how-does-golangs-ldap-client-library-work-with-certificates
• 3: https://pkg.go.dev/github.com/go-ldap/ldap/v3@v3.4.3
• 4: https://cybernetist.com/2020/05/18/getting-started-with-go-ldap/
• 5: https://github.com/go-ldap/ldap/blob/v3.0.3/conn.go
• 6: https://github.com/go-ldap/ldap/blob/v3.1.0/conn.go
• 7: DialURL supports options to configure net.Dialer and tls.Config go-ldap/ldap#249

---

Require secure transport before bind, and respect SRV-discovered endpoints.

If bindDN is set and the fallback url is plain ldap:// (not ldaps://), conn.Bind() executes over unencrypted TCP, exposing credentials in cleartext. The DialWithTLSConfig option does not enforce TLS on the ldap:// scheme alone—you would need to call StartTLS() first.

Additionally, the SRV discovery path ignores the returned port (typically 389) and forces ldaps://host:636, which breaks standard LDAP SRV deployments that use StartTLS on port 389 (e.g., IPA).

Either require LDAPS for authenticated binds (validate url scheme or reject plain LDAP when bindDN is set), or respect the SRV port and use StartTLS for plain LDAP.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@components/backend/ldap/client.go` around lines 113 - 171, The connect/dial
logic must ensure binds never occur over plain LDAP and must respect SRV ports:
update dial() to use the actual SRV record Port instead of always forcing :636
and to choose ldaps:// when the SRV port is 636 (or when c.url has scheme
ldaps), otherwise dial plain ldap://host:port and return that connection; then
in connect() before calling conn.Bind() detect if the connection is plain LDAP
(scheme ldap or port 389) and either perform conn.StartTLS(c.tlsConfig) and
check for error, or if StartTLS is unsupported and c.bindDN != "" reject with an
error requiring LDAPS; also when using goldap.DialURL only pass
DialWithTLSConfig for ldaps:// connections (use StartTLS for plain ldap://) so
credentials are never sent in cleartext.

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
set -euo pipefail

python - <<'PY'
import json, re, pathlib
p = pathlib.Path("components/frontend/package.json")
data = json.loads(p.read_text())

next_v = data["dependencies"].get("next", "")
eslint_v = data["devDependencies"].get("eslint-config-next", "")

def major(v: str):
    m = re.search(r"\d+", v)
    return int(m.group()) if m else None

nmaj, emaj = major(next_v), major(eslint_v)
print(f"next={next_v} (major={nmaj})")
print(f"eslint-config-next={eslint_v} (major={emaj})")
print("RESULT=MATCH" if nmaj == emaj else "RESULT=MISMATCH")
PY

Repository: ambient-code/platform

Length of output: 140

---

🏁 Script executed:

# Check if there are CI configuration files indicating build status
fd -t f '\.(yml|yaml|json)$' -E node_modules -E dist | grep -E '(github|gitlab|circle|travis|jenkinsfile|tsconfig|eslintrc|next\.config)'

Repository: ambient-code/platform

Length of output: 292

---

🌐 Web query:

Next.js 16 eslint-config-next 15 compatibility

💡 Result:

eslint-config-next version 15 is not compatible with Next.js 16. Next.js 16 requires eslint-config-next version 16.x, which uses ESLint's new flat config format by default. Legacy (v15) configs are not backwards compatible in v16. Key changes in Next.js 16: - next lint command removed; use ESLint CLI directly (e.g., npx eslint .). - eslint option removed from next.config.js. - eslint-config-next v16 defaults to flat config (eslint.config.js/mjs), no longer supports legacy .eslintrc format without migration. To use with Next.js 16: 1. Upgrade to eslint-config-next@16 (latest 16.2.3 as of 2026-04-17). 2. Migrate config using codemod: npx @next/codemod@latest next-lint-to-eslint-cli . 3. Example flat config: import coreWebVitals from 'eslint-config-next/core-web-vitals'; import typescript from 'eslint-config-next/typescript'; const eslintConfig = [ ...coreWebVitals, ...typescript, ]; export default eslintConfig; Issue #84772 shows a Next.js 16 beta project with eslint-config-next 15.5.4, but post-release, v16 config is required for full compatibility, especially with flat config migration.

Citations:

• 1: ESLint config missing in next.config after upgrading to 16.0.0-beta.0 vercel/next.js#84772
• 2: [eslint-config] [Breaking] Use Flat config by default vercel/next.js#84874
• 3: https://nextjs.org/docs/app/api-reference/config/eslint
• 4: https://www.npmjs.com/package/eslint-config-next
• 5: https://nextjs.org/blog/next-16
• 6: https://github.com/vercel/next.js/releases

---

🏁 Script executed:

# Check the actual Next.js version requirements for eslint-config-next
if [ -f components/frontend/package.json ]; then
  echo "=== package.json devDependencies context ===" && \
  sed -n '70,85p' components/frontend/package.json
fi

Repository: ambient-code/platform

Length of output: 588

---

🏁 Script executed:

# Look for build scripts and lint configuration
if [ -f components/frontend/package.json ]; then
  echo "=== Build scripts ===" && \
  jq '.scripts | select(. != null)' components/frontend/package.json 2>/dev/null || \
  grep -A 5 '"scripts"' components/frontend/package.json
fi

Repository: ambient-code/platform

Length of output: 320

---

🏁 Script executed:

# Check for ESLint configuration
fd -t f '\.eslintrc*' components/frontend/ 2>/dev/null || echo "No .eslintrc found"

Repository: ambient-code/platform

Length of output: 47

---

Upgrade eslint-config-next to v16 and migrate ESLint configuration for Next.js 16 compatibility.

Next.js 16 introduced a breaking change: eslint-config-next v15 is incompatible with Next.js 16. Line 47 upgrades next to 16.2.3, but Line 79 keeps eslint-config-next at 15.5.2. Version 15 uses legacy .eslintrc format; version 16 requires flat config (eslint.config.js). This mismatch will cause lint failures.

Required changes:

1. Upgrade eslint-config-next to 16.2.3 (Line 79)
2. Migrate ESLint config using: npx @next/codemod@latest next-lint-to-eslint-cli .
3. Ensure eslint.config.js exists with flat config format

Proposed fix

-    "eslint-config-next": "15.5.2",
+    "eslint-config-next": "16.2.3",

Then run ESLint flat config migration codemod.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@components/frontend/package.json` at line 47, Package.json currently upgrades
"next" to 16.2.3 but leaves "eslint-config-next" at 15.5.2; update the
dependency "eslint-config-next" to 16.2.3 in package.json, then migrate the
project's ESLint setup from legacy .eslintrc to the flat config required by
Next.js 16 by running the codemod npx `@next/codemod`@latest
next-lint-to-eslint-cli . and create an eslint.config.js flat config (ensure
rules/plugins from the old .eslintrc are ported into the new eslint.config.js)
so linting aligns with Next 16.

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
set -euo pipefail

FILE='components/frontend/src/components/claude-agent-options/_components/section.tsx'

printf '== file header ==\n'
sed -n '1,30p' "$FILE"

printf '\n== React namespace usages ==\n'
rg -n 'React\.(ElementType|ReactNode)' "$FILE"

printf '\n== react imports ==\n'
rg -n 'from "react"' "$FILE" || true

Repository: ambient-code/platform

Length of output: 1019

---

Import the React types or TypeScript will fail to compile.

React.ElementType and React.ReactNode reference a namespace that isn't imported. With only import { useState } from "react", this will break the build.

Suggested fix

-import { useState } from "react";
+import { useState, type ElementType, type ReactNode } from "react";
@@
 }: {
   title: string;
-  icon: React.ElementType;
+  icon: ElementType;
   defaultOpen?: boolean;
   badge?: string;
-  children: React.ReactNode;
+  children: ReactNode;

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In
`@components/frontend/src/components/claude-agent-options/_components/section.tsx`
around lines 20 - 25, The props type uses React.ElementType and React.ReactNode
but only useState is imported; add the React type imports so TypeScript
compiles. Update the top import to include the types (e.g., import type {
ElementType, ReactNode } from "react") or import React itself, and then change
the prop annotations to reference ElementType and ReactNode (the symbols to look
for: React.ElementType, React.ReactNode in the section component props
definition and the useState import).

[markturansky]

strange test failure:

go: module ../ambient-api-server requires go >= 1.25.0 (running go 1.24.4; GOTOOLCHAIN=local)
Error: Process completed with exit code 1.

when the existing main branch go version is 1.25

https://github.com/ambient-code/platform/blob/main/components/ambient-api-server/go.mod#L3

[coderabbitai]

Actionable comments posted: 5

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (2)

Makefile (2)

1283-1293: ⚠️ Potential issue | 🟠 Major

Load the control-plane image into kind here too.

build-all and push-all include $(CONTROL_PLANE_IMAGE), but _kind-load-images does not. With LOCAL_IMAGES=true or make kind-rebuild, the cluster can keep running a stale control-plane image even after a local rebuild.

💡 Suggested fix

-	`@for` img in $(BACKEND_IMAGE) $(FRONTEND_IMAGE) $(OPERATOR_IMAGE) $(RUNNER_IMAGE) $(STATE_SYNC_IMAGE) $(PUBLIC_API_IMAGE) $(API_SERVER_IMAGE) $(MCP_IMAGE) $(OBSERVABILITY_DASHBOARD_IMAGE); do \
+	`@for` img in $(BACKEND_IMAGE) $(FRONTEND_IMAGE) $(OPERATOR_IMAGE) $(RUNNER_IMAGE) $(STATE_SYNC_IMAGE) $(PUBLIC_API_IMAGE) $(API_SERVER_IMAGE) $(CONTROL_PLANE_IMAGE) $(MCP_IMAGE) $(OBSERVABILITY_DASHBOARD_IMAGE); do \

Based on learnings: Image references must match across the stack; after changing an image name or tag, grep all overlays, workflows, and ConfigMaps.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@Makefile` around lines 1283 - 1293, The kind image-loading loop omits
$(CONTROL_PLANE_IMAGE) so local rebuilds can leave the cluster running a stale
control-plane image; update the image list used by the loop (the list containing
$(BACKEND_IMAGE) $(FRONTEND_IMAGE) ... $(OBSERVABILITY_DASHBOARD_IMAGE)) to also
include $(CONTROL_PLANE_IMAGE), or add an explicit load step for
$(CONTROL_PLANE_IMAGE) in the same `_kind-load-images` flow, ensuring the same
tag/name semantics and the same save/tag/load logic are applied to
`$(CONTROL_PLANE_IMAGE)`.

---

690-705: ⚠️ Potential issue | 🟠 Major

Makefile preflight gate is out of sync with module requirements.

Multiple modules require Go 1.25.0 (operator, public-api, ambient-control-plane, ambient-api-server, ambient-cli), but the preflight check only gates >= 1.21. This allows make preflight and make dev COMPONENT=backend to pass on Go 1.24, then fail immediately when building components requiring 1.25.

Update the Makefile threshold from 1.21 to 1.25 (or derive it from the maximum go directive across all go.mod files to stay in sync automatically).

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@Makefile` around lines 690 - 705, The Makefile preflight Go-version check
(the shell block gated by NEED_GO that computes GVER, GMAJ, GMIN and sets
FAILED) is using a 1.21 minimum; update it to require Go >= 1.25 by changing the
comparison logic (the test that currently checks GMAJ/GMIN against 1 and 21) to
check against 1 and 25, or better yet introduce a MIN_GO_MAJOR/MIN_GO_MINOR
constant and compare GMAJ/GMIN to those so the threshold (used by the
NEED_GO/GVER/GMAJ/GMIN/FAILED block) can be kept in sync or derived from go.mod
files automatically. Ensure the error messages and install hints still show the
required version (>= 1.25) when printing the red failure strings.

🧹 Nitpick comments (4)

.github/workflows/prod-release-deploy.yaml (4)

760-770: Add error handling for triage scripts.

If any script (fetch.sh, parse.py, analyze.py, report.py) fails, subsequent steps proceed with missing/corrupt data. Add set -e or explicit error checks:

        run: |
+         set -euo pipefail
          PREV_TAG=$(git tag --list 'v*.*.*' --sort=-version:refname | grep -v "^${NEW_TAG}$" | head -1)

          echo "Analyzing CodeRabbit reviews for ${NEW_TAG} (since ${PREV_TAG})..."
          bash fetch.sh --repo "${REPO}" --release "${NEW_TAG}" --since "${PREV_TAG}"

Also consider adding || exit 1 after critical commands if set -e isn't desired.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/prod-release-deploy.yaml around lines 760 - 770, Add
strict error handling so failures in fetch.sh, parse.py, analyze.py or report.py
stop the job: enable "set -euo pipefail" at the top of the run block (or add
"set -e" at minimum) and/or append "|| exit 1" to each critical command that
uses PREV_TAG/NEW_TAG (the PREV_TAG computation, bash fetch.sh --repo "${REPO}"
--release "${NEW_TAG}" --since "${PREV_TAG}", python3 parse.py
"data/${NEW_TAG}", python3 analyze.py "data/${NEW_TAG}" metrics/, python3
report.py metrics/ --release "${NEW_TAG}" > ../../triage-summary.md) so any
nonzero exit aborts the workflow and prevents downstream steps from running with
missing/corrupt data.

---

455-458: Add explicit permissions block.

This job lacks a permissions block, inheriting workflow defaults. Scope it minimally:

  deploy-rhoai-mlflow:
    runs-on: ubuntu-latest
    needs: [release]
+   permissions:
+     contents: read
    steps:

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/prod-release-deploy.yaml around lines 455 - 458, The
deploy-rhoai-mlflow job currently inherits workflow defaults and must declare an
explicit permissions block: add a minimal permissions mapping under the job name
deploy-rhoai-mlflow that grants only the specific GitHub token scopes required
for deployment (e.g., contents: read or write, id-token: write, packages:
read/write, or other minimal scopes your deploy steps use) and set all other
permissions to none; update the job definition around the deploy-rhoai-mlflow
block to include this permissions: { ... } entry so the workflow no longer
relies on inherited defaults.

---

796-804: Shell variable expansion in release notes may corrupt formatting.

The heredoc uses unquoted ${TRIAGE} which can break if the triage summary contains special characters, backticks, or unbalanced quotes. Consider using a temp file approach:

      - name: Append triage summary to release notes
        env:
          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          NEW_TAG: ${{ needs.release.outputs.new_tag }}
        run: |
          EXISTING_BODY=$(gh release view "${NEW_TAG}" --json body -q .body)
-         TRIAGE=$(cat triage-summary.md)
-
-         gh release edit "${NEW_TAG}" \
-           --notes "${EXISTING_BODY}
-
-         ---
-         ## CodeRabbit Triage Summary
-         ${TRIAGE}"
+         {
+           echo "$EXISTING_BODY"
+           echo ""
+           echo "---"
+           echo "## CodeRabbit Triage Summary"
+           cat triage-summary.md
+         } > combined-notes.md
+         gh release edit "${NEW_TAG}" --notes-file combined-notes.md

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/prod-release-deploy.yaml around lines 796 - 804, The
current approach injects ${TRIAGE} directly into --notes which risks corrupting
formatting; instead create a temporary file (via mktemp), write the combined
content (include EXISTING_BODY, a separator, "## CodeRabbit Triage Summary", and
the contents of triage-summary.md / TRIAGE) into that temp file without
additional shell expansion, then call gh release edit "${NEW_TAG}" --notes-file
"$TMP" (or equivalent) and remove the temp file; update the block that builds
EXISTING_BODY/TRIAGE and the gh release edit invocation to use the temp-file
approach so special characters/backticks/quotes in TRIAGE do not break the
release notes.

---

560-560: Document DB_HOST format expectation or add validation.

The code assumes DB_HOST from postgresql-credentials is a short service name (e.g., postgresql), correctly appending .ambient-code.svc.cluster.local to form the FQDN. Current manifests follow this pattern consistently. However, there's no validation or documentation preventing someone from storing a full FQDN in db.host, which would result in a malformed URI (e.g., postgresql.ambient-code.svc.cluster.local.ambient-code.svc.cluster.local). Either add a check to strip the suffix if present, or document the expected format explicitly.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/prod-release-deploy.yaml at line 560, The ENCODED_URI
construction currently appends ".ambient-code.svc.cluster.local" to DB_HOST
which breaks if DB_HOST already contains the full FQDN; update the workflow to
detect and normalize DB_HOST before building ENCODED_URI: if DB_HOST ends with
".ambient-code.svc.cluster.local" strip that suffix (or otherwise validate/exit)
so ENCODED_URI is always a correct FQDN, and also add a short comment
documenting that DB_HOST should be a short service name or a normalized host;
reference the ENCODED_URI variable and the DB_HOST input from
postgresql-credentials when implementing this check.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In @.github/workflows/prod-release-deploy.yaml:
- Around line 459-467: Replace the floating action versions with pinned SHAs:
update the two steps that use actions/checkout@v6 and
redhat-actions/openshift-tools-installer@v1 to reference the exact commit SHAs
(the same pinning style used in pre-pull-images and coderabbit-triage). Locate
the steps by the uses entries "actions/checkout" and
"redhat-actions/openshift-tools-installer" and replace the version tags with the
corresponding full SHA strings so the workflow pins those actions to immutable
commits.
- Around line 581-589: Replace the floating action versions with SHA-pinned refs
for the two steps: change uses: actions/checkout@v6 in the "Checkout code from
release tag" step to the corresponding commit SHA
(actions/checkout@<commit-sha>) and change uses:
redhat-actions/openshift-tools-installer@v1 in the "Install oc" step to that
action's specific commit SHA
(redhat-actions/openshift-tools-installer@<commit-sha>); update the workflow to
use those exact SHAs so the "Checkout code from release tag" and "Install oc"
steps no longer reference floating tags.
- Around line 173-192: The "Generate Loading Tips" step commits changes to
components/frontend/src/lib/loading-tips.ts but never pushes them, so the
subsequent tag created will not include that commit; after the git commit in the
Generate Loading Tips step, push the commit to the repository (e.g., git push
origin HEAD) so the new commit is on the branch before the workflow's "Create
Tag" step runs (or alternatively reorder to tag and push tags only after pushing
the commit); update the step that runs python3 scripts/generate-loading-tips.py
and the block that does git config/git add/git commit to include a git push of
HEAD so the tag created later includes the updated loading-tips.ts.
- Around line 416-421: The current oc patch uses inline JSON which can break if
image names contain quotes or backslashes; update the step that patches the
acp-image-puller-config ConfigMap to JSON-encode the IMAGES value safely (the
value from steps.image-list.outputs.images) using jq (or similar) and pass the
encoded payload to oc patch instead of embedding the raw string; specifically
change the oc patch invocation that sets data.IMAGES to build the JSON with jq
-n --arg v ... '{data:{IMAGES:$v}}' (or equivalent) so the IMAGES value is
properly escaped before calling oc patch.

In `@Makefile`:
- Around line 233-236: The build-all invocation pulls in the
build-observability-dashboard target which unconditionally cds into
../observability/dashboard (target build-observability-dashboard) that doesn't
exist in fresh clones; update the Makefile to either (A) provision the
observability/dashboard as a git submodule and document initializing it, or (B)
add a guard around inclusion/execution so build-all only depends on
build-observability-dashboard if the ../observability/dashboard directory exists
(check with test -d or an ifeq in the Makefile) and otherwise skip or emit a
clear info message—modify the build-all dependency list and the
build-observability-dashboard target to perform the existence check and avoid
failing on fresh clones.

---

Outside diff comments:
In `@Makefile`:
- Around line 1283-1293: The kind image-loading loop omits
$(CONTROL_PLANE_IMAGE) so local rebuilds can leave the cluster running a stale
control-plane image; update the image list used by the loop (the list containing
$(BACKEND_IMAGE) $(FRONTEND_IMAGE) ... $(OBSERVABILITY_DASHBOARD_IMAGE)) to also
include $(CONTROL_PLANE_IMAGE), or add an explicit load step for
$(CONTROL_PLANE_IMAGE) in the same `_kind-load-images` flow, ensuring the same
tag/name semantics and the same save/tag/load logic are applied to
`$(CONTROL_PLANE_IMAGE)`.
- Around line 690-705: The Makefile preflight Go-version check (the shell block
gated by NEED_GO that computes GVER, GMAJ, GMIN and sets FAILED) is using a 1.21
minimum; update it to require Go >= 1.25 by changing the comparison logic (the
test that currently checks GMAJ/GMIN against 1 and 21) to check against 1 and
25, or better yet introduce a MIN_GO_MAJOR/MIN_GO_MINOR constant and compare
GMAJ/GMIN to those so the threshold (used by the NEED_GO/GVER/GMAJ/GMIN/FAILED
block) can be kept in sync or derived from go.mod files automatically. Ensure
the error messages and install hints still show the required version (>= 1.25)
when printing the red failure strings.

---

Nitpick comments:
In @.github/workflows/prod-release-deploy.yaml:
- Around line 760-770: Add strict error handling so failures in fetch.sh,
parse.py, analyze.py or report.py stop the job: enable "set -euo pipefail" at
the top of the run block (or add "set -e" at minimum) and/or append "|| exit 1"
to each critical command that uses PREV_TAG/NEW_TAG (the PREV_TAG computation,
bash fetch.sh --repo "${REPO}" --release "${NEW_TAG}" --since "${PREV_TAG}",
python3 parse.py "data/${NEW_TAG}", python3 analyze.py "data/${NEW_TAG}"
metrics/, python3 report.py metrics/ --release "${NEW_TAG}" >
../../triage-summary.md) so any nonzero exit aborts the workflow and prevents
downstream steps from running with missing/corrupt data.
- Around line 455-458: The deploy-rhoai-mlflow job currently inherits workflow
defaults and must declare an explicit permissions block: add a minimal
permissions mapping under the job name deploy-rhoai-mlflow that grants only the
specific GitHub token scopes required for deployment (e.g., contents: read or
write, id-token: write, packages: read/write, or other minimal scopes your
deploy steps use) and set all other permissions to none; update the job
definition around the deploy-rhoai-mlflow block to include this permissions: {
... } entry so the workflow no longer relies on inherited defaults.
- Around line 796-804: The current approach injects ${TRIAGE} directly into
--notes which risks corrupting formatting; instead create a temporary file (via
mktemp), write the combined content (include EXISTING_BODY, a separator, "##
CodeRabbit Triage Summary", and the contents of triage-summary.md / TRIAGE) into
that temp file without additional shell expansion, then call gh release edit
"${NEW_TAG}" --notes-file "$TMP" (or equivalent) and remove the temp file;
update the block that builds EXISTING_BODY/TRIAGE and the gh release edit
invocation to use the temp-file approach so special characters/backticks/quotes
in TRIAGE do not break the release notes.
- Line 560: The ENCODED_URI construction currently appends
".ambient-code.svc.cluster.local" to DB_HOST which breaks if DB_HOST already
contains the full FQDN; update the workflow to detect and normalize DB_HOST
before building ENCODED_URI: if DB_HOST ends with
".ambient-code.svc.cluster.local" strip that suffix (or otherwise validate/exit)
so ENCODED_URI is always a correct FQDN, and also add a short comment
documenting that DB_HOST should be a short service name or a normalized host;
reference the ENCODED_URI variable and the DB_HOST input from
postgresql-credentials when implementing this check.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro Plus

Run ID: a1750a13-0e57-44d2-bb93-447108202ec5

📥 Commits

Reviewing files that changed from the base of the PR and between 717a0aa and 6a1743c.

⛔ Files ignored due to path filters (2)

• components/ambient-cli/go.sum is excluded by !**/*.sum, !**/go.sum
• components/ambient-control-plane/go.sum is excluded by !**/*.sum, !**/go.sum

📒 Files selected for processing (14)

• .github/workflows/components-build-deploy.yml
• .github/workflows/prod-release-deploy.yaml
• .gitignore
• Makefile
• components/ambient-api-server/Dockerfile
• components/ambient-api-server/plugins/agents/model.go
• components/ambient-api-server/plugins/sessions/integration_test.go
• components/ambient-api-server/plugins/sessions/model.go
• components/ambient-cli/go.mod
• components/ambient-control-plane/Dockerfile
• components/ambient-control-plane/go.mod
• components/ambient-sdk/go-sdk/go.mod
• components/backend/DEVELOPMENT.md
• components/frontend/DEVELOPMENT.md

✅ Files skipped from review due to trivial changes (5)

• components/ambient-control-plane/Dockerfile
• components/ambient-sdk/go-sdk/go.mod
• .gitignore
• components/backend/DEVELOPMENT.md
• .github/workflows/components-build-deploy.yml

🚧 Files skipped from review as they are similar to previous changes (6)

• components/ambient-api-server/plugins/sessions/integration_test.go
• components/ambient-api-server/plugins/sessions/model.go
• components/ambient-cli/go.mod
• components/ambient-api-server/Dockerfile
• components/frontend/DEVELOPMENT.md
• components/ambient-api-server/plugins/agents/model.go

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Loading tips commit is never pushed, so the tag won't include it.

The step commits the updated loading-tips.ts locally but never pushes. The subsequent "Create Tag" step tags the current HEAD, which on a fresh checkout is the branch tip—not your new commit. The frontend image build (which checks out the tag) will therefore miss these changes.

Either push before tagging or reorder to commit + push + tag:

          else
            git commit -m "chore(frontend): update loading tips for ${NEW_TAG}

          Auto-generated release tips highlighting contributors and changes."
+           git push origin HEAD
          fi

Alternatively, consider generating tips as a separate pre-release workflow that lands on main before the release runs.

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	- name: Generate Loading Tips
	run: |
	LATEST_TAG="${{ steps.get_latest_tag.outputs.latest_tag }}"
	NEW_TAG="${{ steps.next_version.outputs.new_tag }}"
	REPO="${{ github.repository }}"
	OUTPUT="components/frontend/src/lib/loading-tips.ts"
	python3 scripts/generate-loading-tips.py "$NEW_TAG" "$LATEST_TAG" "$REPO" "$OUTPUT"
	# Commit the updated loading tips so the frontend build includes them
	git config user.name "github-actions[bot]"
	git config user.email "github-actions[bot]@users.noreply.github.com"
	git add "$OUTPUT"
	if git diff --cached --quiet; then
	echo "No loading tips changes to commit"
	else
	git commit -m "chore(frontend): update loading tips for ${NEW_TAG}
	Auto-generated release tips highlighting contributors and changes."
	fi
	- name: Generate Loading Tips
	run: |
	LATEST_TAG="${{ steps.get_latest_tag.outputs.latest_tag }}"
	NEW_TAG="${{ steps.next_version.outputs.new_tag }}"
	REPO="${{ github.repository }}"
	OUTPUT="components/frontend/src/lib/loading-tips.ts"
	python3 scripts/generate-loading-tips.py "$NEW_TAG" "$LATEST_TAG" "$REPO" "$OUTPUT"
	# Commit the updated loading tips so the frontend build includes them
	git config user.name "github-actions[bot]"
	git config user.email "github-actions[bot]@users.noreply.github.com"
	git add "$OUTPUT"
	if git diff --cached --quiet; then
	echo "No loading tips changes to commit"
	else
	git commit -m "chore(frontend): update loading tips for ${NEW_TAG}
	Auto-generated release tips highlighting contributors and changes."
	git push origin HEAD
	fi

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/prod-release-deploy.yaml around lines 173 - 192, The
"Generate Loading Tips" step commits changes to
components/frontend/src/lib/loading-tips.ts but never pushes them, so the
subsequent tag created will not include that commit; after the git commit in the
Generate Loading Tips step, push the commit to the repository (e.g., git push
origin HEAD) so the new commit is on the branch before the workflow's "Create
Tag" step runs (or alternatively reorder to tag and push tags only after pushing
the commit); update the step that runs python3 scripts/generate-loading-tips.py
and the block that does git config/git add/git commit to include a git push of
HEAD so the tag created later includes the updated loading-tips.ts.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

JSON injection risk in ConfigMap patch.

If any image name/tag contains characters like " or \, the inline JSON will break. Use jq to safely encode the value:

      - name: Update image puller ConfigMap with new images
        run: |
-         oc patch configmap acp-image-puller-config \
-           -n acp-image-puller \
-           --type merge \
-           -p "{\"data\":{\"IMAGES\":\"${{ steps.image-list.outputs.images }}\"}}"
+         IMAGES='${{ steps.image-list.outputs.images }}'
+         PATCH=$(jq -n --arg images "$IMAGES" '{"data":{"IMAGES":$images}}')
+         oc patch configmap acp-image-puller-config \
+           -n acp-image-puller \
+           --type merge \
+           -p "$PATCH"

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/prod-release-deploy.yaml around lines 416 - 421, The
current oc patch uses inline JSON which can break if image names contain quotes
or backslashes; update the step that patches the acp-image-puller-config
ConfigMap to JSON-encode the IMAGES value safely (the value from
steps.image-list.outputs.images) using jq (or similar) and pass the encoded
payload to oc patch instead of embedding the raw string; specifically change the
oc patch invocation that sets data.IMAGES to build the JSON with jq -n --arg v
... '{data:{IMAGES:$v}}' (or equivalent) so the IMAGES value is properly escaped
before calling oc patch.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Pin actions to SHA per coding guidelines.

Both actions/checkout@v6 and redhat-actions/openshift-tools-installer@v1 should be pinned to SHA. Elsewhere in this file (e.g., pre-pull-images and coderabbit-triage), the same actions are properly pinned.

      - name: Checkout code from release tag
-       uses: actions/checkout@v6
+       uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          ref: ${{ needs.release.outputs.new_tag }}

      - name: Install oc
-       uses: redhat-actions/openshift-tools-installer@v1
+       uses: redhat-actions/openshift-tools-installer@144527c7d98999f2652264c048c7a9bd103f8a82 # v1
        with:
          oc: latest

As per coding guidelines: "Pin action versions to SHA."

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	- name: Checkout code from release tag
	uses: actions/checkout@v6
	with:
	ref: ${{ needs.release.outputs.new_tag }}
	- name: Install oc
	uses: redhat-actions/openshift-tools-installer@v1
	with:
	oc: latest
	- name: Checkout code from release tag
	uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
	with:
	ref: ${{ needs.release.outputs.new_tag }}
	- name: Install oc
	uses: redhat-actions/openshift-tools-installer@144527c7d98999f2652264c048c7a9bd103f8a82 # v1
	with:
	oc: latest

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/prod-release-deploy.yaml around lines 459 - 467, Replace
the floating action versions with pinned SHAs: update the two steps that use
actions/checkout@v6 and redhat-actions/openshift-tools-installer@v1 to reference
the exact commit SHAs (the same pinning style used in pre-pull-images and
coderabbit-triage). Locate the steps by the uses entries "actions/checkout" and
"redhat-actions/openshift-tools-installer" and replace the version tags with the
corresponding full SHA strings so the workflow pins those actions to immutable
commits.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Pin actions to SHA.

Same issue as deploy-rhoai-mlflow—use SHA-pinned versions:

      - name: Checkout code from release tag
-       uses: actions/checkout@v6
+       uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          ref: ${{ needs.release.outputs.new_tag }}

      - name: Install oc
-       uses: redhat-actions/openshift-tools-installer@v1
+       uses: redhat-actions/openshift-tools-installer@144527c7d98999f2652264c048c7a9bd103f8a82 # v1
        with:
          oc: latest

As per coding guidelines: "Pin action versions to SHA."

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	- name: Checkout code from release tag
	uses: actions/checkout@v6
	with:
	ref: ${{ needs.release.outputs.new_tag }}
	- name: Install oc
	uses: redhat-actions/oc-installer@v1
	uses: redhat-actions/openshift-tools-installer@v1
	with:
	oc_version: 'latest'
	oc: latest
	- name: Checkout code from release tag
	uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
	with:
	ref: ${{ needs.release.outputs.new_tag }}
	- name: Install oc
	uses: redhat-actions/openshift-tools-installer@144527c7d98999f2652264c048c7a9bd103f8a82 # v1
	with:
	oc: latest

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/prod-release-deploy.yaml around lines 581 - 589, Replace
the floating action versions with SHA-pinned refs for the two steps: change
uses: actions/checkout@v6 in the "Checkout code from release tag" step to the
corresponding commit SHA (actions/checkout@<commit-sha>) and change uses:
redhat-actions/openshift-tools-installer@v1 in the "Install oc" step to that
action's specific commit SHA
(redhat-actions/openshift-tools-installer@<commit-sha>); update the workflow to
use those exact SHAs so the "Checkout code from release tag" and "Install oc"
steps no longer reference floating tags.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
set -euo pipefail

printf 'Dashboard-related paths tracked in this repo:\n'
fd -td 'observability|dashboard' . | sort || true

printf '\nMakefile references:\n'
rg -n '\.\./observability/dashboard|build-observability-dashboard|build-all' Makefile

printf '\nPotential callers of build-all / dashboard build:\n'
rg -n 'build-all|build-observability-dashboard|kind-rebuild|LOCAL_IMAGES=true'

Repository: ambient-code/platform

Length of output: 5368

---

build-observability-dashboard requires external sibling checkout.

Makefile line 235 invokes cd ../observability/dashboard, which is not present in this repository. Since build-all (line 168) includes this target unconditionally, it will fail on fresh clones. This breaks documented workflows: make kind-up LOCAL_IMAGES=true (line 862) and make kind-rebuild (line 1062) both depend on build-all.

Either provision the external dashboard source as a git submodule/sibling, or conditionally include build-observability-dashboard in build-all with a guard checking for the directory's existence.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@Makefile` around lines 233 - 236, The build-all invocation pulls in the
build-observability-dashboard target which unconditionally cds into
../observability/dashboard (target build-observability-dashboard) that doesn't
exist in fresh clones; update the Makefile to either (A) provision the
observability/dashboard as a git submodule and document initializing it, or (B)
add a guard around inclusion/execution so build-all only depends on
build-observability-dashboard if the ../observability/dashboard directory exists
(check with test -d or an ifeq in the Makefile) and otherwise skip or emit a
clear info message—modify the build-all dependency list and the
build-observability-dashboard target to perform the existence check and avoid
failing on fresh clones.

[markturansky]

all builds fixed and all tests pass. the failure is boundary/file limit. merging.