Version Packages by github-actions[bot] · Pull Request #213 · inkeep/agents

github-actions · 2025-09-15T16:30:21Z

This PR was opened by the Changesets release GitHub action. When you're ready to do a release, you can merge this and the packages will be published to npm automatically. If you're not ready to do a release yet, that's fine, whenever you add more changesets to main, this PR will be updated.

Releases

@inkeep/agents-cli@0.2.1

Patch Changes

56bb5ec: Inkeep add command
- @inkeep/agents-manage-ui@0.2.1
- @inkeep/agents-core@0.2.1

@inkeep/agents-manage-api@0.2.1

Patch Changes

@inkeep/agents-core@0.2.1

@inkeep/agents-manage-ui@0.2.1

Patch Changes

Updated dependencies [eb2c5f0]
- @inkeep/agents-run-api@0.2.1
- @inkeep/agents-manage-api@0.2.1
- @inkeep/agents-core@0.2.1

@inkeep/agents-run-api@0.2.1

Patch Changes

eb2c5f0: Add agent id to execution context.
- @inkeep/agents-core@0.2.1

@inkeep/agents-sdk@0.2.1

Patch Changes

@inkeep/agents-core@0.2.1

@inkeep/create-agents@0.2.1

Patch Changes

56bb5ec: Inkeep add command

@inkeep/agents-core@0.2.1

vercel · 2025-09-15T16:30:25Z

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Preview	Comments	Updated (UTC)
agents-manage-api	Ready	Preview	Comment	Sep 16, 2025 7:59pm
agents-manage-ui	Ready	Preview	Comment	Sep 16, 2025 7:59pm
agents-run-api	Ready	Preview	Comment	Sep 16, 2025 7:59pm

1 Skipped Deployment

Project	Deployment	Preview	Comments	Updated (UTC)
agents-docs	Skipped			Sep 16, 2025 7:59pm

claude · 2025-09-16T19:57:17Z

Claude finished @github-actions[bot]'s task —— View job

PR Review: Version Packages (v0.2.1)

Todo List:

Read repository guidelines and understand monorepo structure
Analyze version bump consistency across packages
Review changelog accuracy and completeness
Evaluate package dependency relationships
Provide architectural feedback on release process
Submit comprehensive review feedback

✅ Overall Assessment

This automated release PR is well-structured and ready for merge. The Changesets automation has correctly bumped versions and generated changelogs based on the two merged changesets.

📋 Key Findings

Version Bump Strategy ✅

Consistent patch bumps from 0.2.0 → 0.2.1 across all packages
Proper workspace dependency updates maintaining internal consistency
Fixed versioning strategy correctly applied per .changeset/config.json

Changelog Accuracy ✅

Two distinct features properly documented:

56bb5ec: Inkeep add command (affects CLI and create-agents packages)
eb2c5f0: Add agent id to execution context (affects run-api package)

Dependency Management ✅

All workspace dependencies (workspace:^) correctly updated
No version mismatches detected between internal packages
External dependencies remain stable

🎯 Release Process Strengths

Automation Reliability: Changesets correctly processed two separate feature commits
Monorepo Coordination: Fixed versioning ("fixed": [["@inkeep/**"]]) ensures all packages stay synchronized
Selective Publishing: Properly ignores examples, docs, and UI packages that shouldn't be published
Atomic Changes: Only touches version numbers and changelogs - no unexpected code modifications

🔍 Minor Observations

Commit References: Changelogs use short hashes (56bb5ec, eb2c5f0) which is standard for Changesets
CI Integration: Vercel deployments are building correctly for affected services
No Breaking Changes: Patch-level bumps indicate backward compatibility preserved

✨ Recommendation

APPROVE & MERGE - This is a textbook example of a well-managed automated release:

✅ No manual intervention required
✅ All packages properly versioned
✅ Changelogs accurately reflect changes
✅ Dependencies correctly updated
✅ Release automation working as designed

The release process demonstrates mature monorepo management and follows semantic versioning best practices.

* Version Packages * Trigger CI --------- Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: miles-kt-inkeep <miles.kamingthanassi@inkeep.com>

Fixes IPv4-mapped IPv6 rate limit bypass (CVE-2026-30827) in transitive express-rate-limit dependency. Closes dependabot alert #213. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

Fixes IPv4-mapped IPv6 rate limit bypass (CVE-2026-30827) in transitive express-rate-limit dependency. Closes dependabot alert #213. Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>

…llution fix (#2643) * fix(security): add lodash/lodash-es override >=4.17.23 Fixes prototype pollution in _.unset and _.omit (CVE-2025-13465) in transitive lodash dependencies. Closes dependabot alerts #120, #123. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix(security): add express-rate-limit override >=8.2.2 (#2644) Fixes IPv4-mapped IPv6 rate limit bypass (CVE-2026-30827) in transitive express-rate-limit dependency. Closes dependabot alert #213. Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>

* fix(security): add minimatch override >=5.1.8 Fixes multiple ReDoS vulnerabilities (CVE-2026-26996, CVE-2026-27903, CVE-2026-27904) in transitive minimatch@5.x dependency. Closes dependabot alerts #188, #199, #200. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix(security): add lodash/lodash-es override >=4.17.23 — prototype pollution fix (#2643) * fix(security): add lodash/lodash-es override >=4.17.23 Fixes prototype pollution in _.unset and _.omit (CVE-2025-13465) in transitive lodash dependencies. Closes dependabot alerts #120, #123. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix(security): add express-rate-limit override >=8.2.2 (#2644) Fixes IPv4-mapped IPv6 rate limit bypass (CVE-2026-30827) in transitive express-rate-limit dependency. Closes dependabot alert #213. Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>

* fix(security): add dompurify override >=3.3.2 Fixes XSS bypass vulnerability (CVE-2026-0540) in transitive dompurify dependency by adding pnpm override. Closes dependabot alerts #210, #211. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix(security): add fast-xml-parser override >=5.3.8 Fixes stack overflow with preserveOrder (CVE-2026-27942) in transitive fast-xml-parser dependency. Closes dependabot alert #205. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix(security): add serialize-javascript override >=7.0.3 Fixes RCE vulnerability via RegExp.flags and Date.prototype.toISOString() in transitive serialize-javascript dependency (build-time only). Closes dependabot alert #203. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix(security): add svgo override >=3.3.3 Fixes DoS via entity expansion in DOCTYPE (CVE-2026-29074) in transitive svgo dependency (build-time only). Closes dependabot alert #212. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix(security): add minimatch override >=5.1.8 — ReDoS fix (#2642) * fix(security): add minimatch override >=5.1.8 Fixes multiple ReDoS vulnerabilities (CVE-2026-26996, CVE-2026-27903, CVE-2026-27904) in transitive minimatch@5.x dependency. Closes dependabot alerts #188, #199, #200. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix(security): add lodash/lodash-es override >=4.17.23 — prototype pollution fix (#2643) * fix(security): add lodash/lodash-es override >=4.17.23 Fixes prototype pollution in _.unset and _.omit (CVE-2025-13465) in transitive lodash dependencies. Closes dependabot alerts #120, #123. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix(security): add express-rate-limit override >=8.2.2 (#2644) Fixes IPv4-mapped IPv6 rate limit bypass (CVE-2026-30827) in transitive express-rate-limit dependency. Closes dependabot alert #213. Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com> * fix(security): add security overrides to create-agents-template Ensures self-hosted deployments using the template also get patched transitive dependency versions. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix(security): sync overrides between root and create-agents-template Makes pnpm.overrides identical in both package.json files so the monorepo and self-hosted template have the same security floor. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>

…from PR #213

vercel Bot deployed to Preview – agents-manage-api September 15, 2025 16:31 View deployment

vercel Bot deployed to Preview – agents-run-api September 15, 2025 16:31 View deployment

vercel Bot deployed to Preview – agents-manage-ui September 15, 2025 16:32 View deployment

vercel Bot deployed to Preview – agents-docs September 15, 2025 16:34 View deployment

github-actions Bot force-pushed the changeset-release/main branch from 7b42424 to d714bd9 Compare September 15, 2025 19:09

vercel Bot deployed to Preview – agents-manage-api September 15, 2025 19:10 View deployment

vercel Bot deployed to Preview – agents-run-api September 15, 2025 19:10 View deployment

vercel Bot deployed to Preview – agents-manage-ui September 15, 2025 19:12 View deployment

vercel Bot deployed to Preview – agents-docs September 15, 2025 19:13 View deployment

github-actions Bot force-pushed the changeset-release/main branch from d714bd9 to 1e21e58 Compare September 15, 2025 20:29

vercel Bot deployed to Preview – agents-manage-api September 15, 2025 20:30 View deployment

vercel Bot deployed to Preview – agents-run-api September 15, 2025 20:30 View deployment

vercel Bot deployed to Preview – agents-manage-ui September 15, 2025 20:31 View deployment

vercel Bot deployed to Preview – agents-docs September 15, 2025 20:33 View deployment

github-actions Bot force-pushed the changeset-release/main branch from 1e21e58 to a4bf8ec Compare September 16, 2025 01:52

vercel Bot deployed to Preview – agents-manage-api September 16, 2025 01:53 View deployment

vercel Bot deployed to Preview – agents-run-api September 16, 2025 01:53 View deployment

vercel Bot deployed to Preview – agents-manage-ui September 16, 2025 01:55 View deployment

vercel Bot deployed to Preview – agents-docs September 16, 2025 01:55 View deployment

github-actions Bot force-pushed the changeset-release/main branch from a4bf8ec to a9e813b Compare September 16, 2025 18:40

vercel Bot deployed to Preview – agents-manage-api September 16, 2025 18:41 View deployment

vercel Bot deployed to Preview – agents-run-api September 16, 2025 18:41 View deployment

vercel Bot deployed to Preview – agents-docs September 16, 2025 18:42 View deployment

vercel Bot deployed to Preview – agents-manage-ui September 16, 2025 18:42 View deployment

github-actions Bot force-pushed the changeset-release/main branch from a9e813b to 70f6303 Compare September 16, 2025 19:00

vercel Bot deployed to Preview – agents-manage-api September 16, 2025 19:01 View deployment

vercel Bot deployed to Preview – agents-run-api September 16, 2025 19:01 View deployment

vercel Bot deployed to Preview – agents-docs September 16, 2025 19:02 View deployment

vercel Bot deployed to Preview – agents-manage-ui September 16, 2025 19:02 View deployment

github-actions Bot force-pushed the changeset-release/main branch from 70f6303 to db7a16c Compare September 16, 2025 19:22

vercel Bot deployed to Preview – agents-manage-api September 16, 2025 19:23 View deployment

vercel Bot deployed to Preview – agents-run-api September 16, 2025 19:23 View deployment

vercel Bot deployed to Preview – agents-docs September 16, 2025 19:24 View deployment

vercel Bot deployed to Preview – agents-manage-ui September 16, 2025 19:24 View deployment

miles-kt-inkeep enabled auto-merge September 16, 2025 19:35

miles-kt-inkeep disabled auto-merge September 16, 2025 19:50

Trigger CI

1010b9d

vercel Bot temporarily deployed to Preview – agents-docs September 16, 2025 19:57 Inactive

vercel Bot deployed to Preview – agents-manage-api September 16, 2025 19:58 View deployment

vercel Bot deployed to Preview – agents-run-api September 16, 2025 19:58 View deployment

vercel Bot deployed to Preview – agents-manage-ui September 16, 2025 19:59 View deployment

miles-kt-inkeep added this pull request to the merge queue Sep 16, 2025

Merged via the queue into main with commit ca993b8 Sep 16, 2025
7 checks passed

miles-kt-inkeep deleted the changeset-release/main branch September 16, 2025 20:06

amikofalvy mentioned this pull request Mar 11, 2026

fix(security): add express-rate-limit override >=8.2.2 — rate limit bypass fix #2644

Merged

3 tasks

claude Bot mentioned this pull request Mar 11, 2026

fix(security): add lodash/lodash-es override >=4.17.23 — prototype pollution fix #2643

Merged

3 tasks

inkeep Bot added a commit that referenced this pull request May 5, 2026

docs: update supported file types to reflect expanded format support …

38be9d7

…from PR #213

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Version Packages#213

Version Packages#213
miles-kt-inkeep merged 2 commits into
mainfrom
changeset-release/main

github-actions Bot commented Sep 15, 2025 •

edited

Loading

Uh oh!

vercel Bot commented Sep 15, 2025 •

edited

Loading

Uh oh!

claude Bot commented Sep 16, 2025 •

edited

Loading

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Conversation

github-actions Bot commented Sep 15, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Releases

@inkeep/agents-cli@0.2.1

Patch Changes

@inkeep/agents-manage-api@0.2.1

Patch Changes

@inkeep/agents-manage-ui@0.2.1

Patch Changes

@inkeep/agents-run-api@0.2.1

Patch Changes

@inkeep/agents-sdk@0.2.1

Patch Changes

@inkeep/create-agents@0.2.1

Patch Changes

@inkeep/agents-core@0.2.1

Uh oh!

vercel Bot commented Sep 15, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

claude Bot commented Sep 16, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

PR Review: Version Packages (v0.2.1)

✅ Overall Assessment

📋 Key Findings

Version Bump Strategy ✅

Changelog Accuracy ✅

Dependency Management ✅

🎯 Release Process Strengths

🔍 Minor Observations

✨ Recommendation

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

github-actions Bot commented Sep 15, 2025 •

edited

Loading

vercel Bot commented Sep 15, 2025 •

edited

Loading

claude Bot commented Sep 16, 2025 •

edited

Loading