Conversation
…s, and SonarCloud configuration
chore(ci): harden code quality, CI/CD workflows, and refactor core components
Bumps [react-resizable-panels](https://github.com/bvaughn/react-resizable-panels) from 2.1.9 to 4.10.0. - [Release notes](https://github.com/bvaughn/react-resizable-panels/releases) - [Changelog](https://github.com/bvaughn/react-resizable-panels/blob/main/CHANGELOG.md) - [Commits](bvaughn/react-resizable-panels@2.1.9...4.10.0) --- updated-dependencies: - dependency-name: react-resizable-panels dependency-version: 4.10.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 22.19.17 to 25.6.0. - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) --- updated-dependencies: - dependency-name: "@types/node" dependency-version: 25.6.0 dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [tailwind-merge](https://github.com/dcastil/tailwind-merge) from 2.6.1 to 3.5.0. - [Release notes](https://github.com/dcastil/tailwind-merge/releases) - [Commits](dcastil/tailwind-merge@v2.6.1...v3.5.0) --- updated-dependencies: - dependency-name: tailwind-merge dependency-version: 3.5.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
… dependency management
chore: add CI/CD workflows and Dependabot configuration for automated…
…ailwind-merge-3.5.0 chore(deps): bump tailwind-merge from 2.6.1 to 3.5.0
…eact-resizable-panels-4.10.0 chore(deps): bump react-resizable-panels from 2.1.9 to 4.10.0
Bumps [vaul](https://github.com/emilkowalski/vaul) from 0.9.9 to 1.1.2. - [Release notes](https://github.com/emilkowalski/vaul/releases) - [Commits](https://github.com/emilkowalski/vaul/commits/v1.1.2) --- updated-dependencies: - dependency-name: vaul dependency-version: 1.1.2 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
…ypes/node-25.6.0 chore(deps-dev): bump @types/node from 22.19.17 to 25.6.0
…aul-1.1.2 chore(deps): bump vaul from 0.9.9 to 1.1.2
…e-v8 chore(deps): upgrade to Tailwind CSS v4 and Vite v8
…ase Edge Functions for GitHub integration
feat: integrate all-contributors and add community automation workflows
…lobals-17.5.0 chore(deps-dev): bump globals from 15.15.0 to 17.5.0
…eact-router-dom-7.14.0 chore(deps): bump react-router-dom from 6.30.3 to 7.14.0
…ate-fns-4.1.0 chore(deps): bump date-fns from 3.6.0 to 4.1.0
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
![github-code-quality[bot]](https://avatars.githubusercontent.com/u/9919?s=60&v=4){kind=small}
![cubic-dev-ai[bot]](https://avatars.githubusercontent.com/in/1082092?s=60&v=4){kind=small}
There was a problem hiding this comment.
1 issue found across 225 files
Note: This PR contains a large number of files. cubic only reviews up to 75 files per PR, so some files may not have been reviewed. cubic prioritises the most important files to review.
Prompt for AI agents (unresolved issues)
Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.
<file name=".github/workflows/agents-sync-check.yml">
<violation number="1" location=".github/workflows/agents-sync-check.yml:59">
P1: The final sync check does not fail when generated files are out of sync, so this workflow can pass despite mismatch.</violation>
</file>
Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.
|
|
||
| - name: Final sync check (fail-safe) | ||
| run: | | ||
| if ! git diff --quiet; then |
There was a problem hiding this comment.
P1: The final sync check does not fail when generated files are out of sync, so this workflow can pass despite mismatch.
Prompt for AI agents
Check if this issue is valid — if so, understand the root cause and fix it. At .github/workflows/agents-sync-check.yml, line 59:
<comment>The final sync check does not fail when generated files are out of sync, so this workflow can pass despite mismatch.</comment>
<file context>
@@ -0,0 +1,62 @@
+
+ - name: Final sync check (fail-safe)
+ run: |
+ if ! git diff --quiet; then
+ echo "✓ Auto-sync attempted. If this is a fork, please run 'npm run sync-agents' locally."
+ fi
</file context>
github-actions
Bot
added
documentation
Changelog previewThis is what the changelog entry will look like once this PR is merged. 0.0.0 (2026-04-13)Bug Fixes
Features
|
|
jlc254
approved these changes
Apr 13, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary by cubic
Promotes dev to main with hardened CI/CD, automated releases, and a broad docs/tooling refresh. Adds single‑source agent rules with auto‑sync, a new landing
HeaderandInteractiveDemoSection, and stricter format/lint/type checks.CI/CD & Security
gitleaks, andnpm auditon PRs and weekly; added SonarCloud analysis.release-pleasewithrelease-please-config.jsonand changelog atdocs/CHANGELOG.md.devwith grouped updates; added labeler, community automation, and all-contributors.scripts/sync-agents.jsto keep IDE rules in sync; improved PR/issue templates.Dependencies
tailwindcssto v4 andviteto v8; switched PostCSS to@tailwindcss/postcss.react-router-domto v7 anddate-fnsto v4; bumpedreact-resizable-panelsv4,vaulv1.1.2, andtailwind-mergev3.5.0.check,format[:check],lint:fix,type-check, andsync-agentsscripts.GitHubIntegration,CreateProjectDialog,CreateGigDialog) and expanded docs (architecture, data, GitHub, setup, security).Written for commit ef3c105. Summary will update on new commits.