Pull Request Explorer

Summary

Bump Recouse/EventSource dependency to 0.1.8

Updates a critical dependency to fix a performance issue in event parsing, improving app responsiveness.

Health Assessment

• • Quick dependency bump with minimal changes and fast review, indicating low risk.

Summary

Bump rspack dependency to latest version

Updates build tooling to newer rspack version, improving build performance and compatibility.

Health Assessment

• • Merged within 4.2 hours with minimal review friction; AI‑assisted review helped identify issues quickly.

Summary

Add Gemini Embedding 2 support to server

Enables the server to use Gemini Embedding 2 for AI embeddings, improving model resolution and Google Vertex integration.

Health Assessment

• • Fast 4.4‑hour cycle time and a single commit indicate minimal review friction and a straightforward implementation.

Summary

Update NestJS dependencies

Bumps NestJS packages to newer versions to keep the application up-to-date and secure.

Health Assessment

• • Dependency update took over 5 days to get first review, indicating a bottleneck in the review process for automated PRs.

Summary

Extract chat runtime for editor

Adds a centralized runtime for AI chat sessions, improving UI consistency and state management.

Health Assessment

• • The PR received a quick initial review but required two subsequent test fixes, indicating moderate review friction. The large code churn (≈10k lines) and many files raise the risk level, though the AI-assisted review helped keep the process efficient.

Summary

Migrate legacy permission tables to new schema

Updates database schema to support new permission model, improving security and data consistency.

Health Assessment

• • Quick migration with minimal review comments, AI‑assisted review streamlined the process.

Summary

Bump @opentelemetry/sdk-node to 0.217.0

Update OpenTelemetry SDK to address CVE-2026-44902, preventing potential denial‑of‑service via malformed HTTP requests.

Health Assessment

• • Fast review and merge within 16 hours, minimal changes, low risk.

Summary

Fix realtime module loading issue

Resolves a bug where the realtime module was not loaded, improving real‑time collaboration reliability.

Health Assessment

• • The PR was merged within an hour of opening, with a single review comment and no rework, indicating a straightforward fix. AI‑assisted review helped streamline the process.

Summary

Bump OpenTelemetry Prometheus exporter to secure version

This PR updates the OpenTelemetry Prometheus exporter to address a critical CVE that could cause denial of service by crashing the Node.js process on malformed HTTP requests.

Health Assessment

• • Merged within 14 hours with a single commit and no review comments, reflecting a low-risk, straightforward dependency update.

Summary

chore: bump up mermaid version to v11.15.0 [SECURITY]

Updates the Mermaid diagram library to the latest secure version, addressing multiple XSS and DoS vulnerabilities that could compromise user data and application stability.

Health Assessment

• • Fast review and merge within 11 hours, minimal code changes, and a critical security update with negligible risk to existing functionality.

Summary

Add historical date support to date picker

Enables users to select dates from year 1000 onward, expanding historical and genealogical research capabilities.

Health Assessment

• • Quick review and single commit indicate a straightforward change with minimal risk.

Summary

Migrate more pull to realtime

Enables real‑time synchronization for comments, notifications, and transcripts, improving collaboration speed and reducing latency for users.

Health Assessment

• • Fast review and merge with minimal back‑and‑forth, but the large number of lines added and removed indicates moderate risk for integration issues.

Summary

Add realtime notifications and task status

Enables live updates for comments and task progress, improving user engagement and reducing polling overhead.

Health Assessment

• • Rapid review cycle with AI‑assisted feedback resolved many nitpicks quickly, but the large code changes and numerous comments increase integration risk.

Summary

Fix UI state handling in AI chat components

Improves stability and user experience of AI chat by preventing duplicate sessions, preserving history, and adding draft tab.

Health Assessment

• • Rapid review and merge indicate a straightforward UI bug fix with minimal impact on overall system.

Summary

Fix CalDAV compatibility in server

Improves CalDAV server compatibility by handling non‑standard responses and returning discovered calendar counts. Ensures smoother calendar integration for users.

Health Assessment

• • Quick fix with minimal changes, merged within 2.3 hours, indicating low complexity and high confidence in stability.

Summary

Add native safe fetch API

Provides a secure, validated fetch mechanism for server-side operations, improving security and reliability for remote content retrieval.

Health Assessment

• • Rapid merge after minimal review indicates high confidence but the large code change (842 lines) carries a higher risk of undiscovered issues; extensive testing mitigates this risk.

Summary

Bump link-preview-js to v4.0.1 for security

Updates link-preview-js to address IPv6 and internal loopback vulnerability, reducing potential data leaks.

Health Assessment

• • Fast merge with no review needed, typical automated dependency update.

Summary

Refactor server for BYOK

Adds Bring Your Own Key support, enabling secure key management, provider routing, quota integration, and an admin UI, enhancing security and flexibility for users.

Health Assessment

• • Large refactor with extensive BYOK integration required multiple rounds of AI‑assisted review, resulting in high comment volume and extended iteration.