Pull Request Explorer

Summary

Add row selection toggle to table component

Allows users to hide row checkboxes in tables, improving UI clarity while maintaining delete functionality.

Health Assessment

• • Quick review and merge with minimal changes indicates low complexity and high confidence.

Summary

Minor UI Updates

Improved UI elements for better user experience, including the set live button and breadcrumbs.

Health Assessment

• • Quick review and merge process, minimal changes and low risk.

Summary

Fix SharePoint connection redirect

Ensures users are directed to the SharePoint connection screen when adding a knowledge source, improving onboarding flow.

Health Assessment

• • Quick fix with minimal changes and immediate approval, indicating low complexity and high confidence.

Summary

Health Assessment

Summary

Restrict public API global role changes

Adds security checks to prevent unauthorized global role modifications via public API, addressing identified vulnerabilities.

Health Assessment

• • Security fix with moderate review time and several commits, indicating iterative refinement.

Summary

Fix automation node drag/drop and backend log errors

This PR corrects node dragging behavior in automation workflows and ensures backend log errors surface properly, improving reliability and user experience.

Health Assessment

• • Quick turnaround with minimal rework; single review cycle and fast merge indicate high confidence in changes.

Summary

Require auth for webhook schema updates

Adds route authorization to secure webhook schema updates, protecting against unauthorized changes.

Health Assessment

• • Security fix with quick review and minimal rework, moderate scope and risk.

Summary

Harden OAuth2 token fetching for SSRF protection

Secures OAuth2 token requests by routing them through a shared outbound fetch guard, preventing SSRF attacks and ensuring safe token acquisition.

Health Assessment

• • The PR had a moderate review time but minimal rework, indicating a straightforward security fix with low complexity.

Summary

Add actions breakdown modal to usage and home metrics

Users can now view detailed action usage breakdown in settings and home metrics, improving transparency and helping optimize usage.

Health Assessment

• • Fast cycle time with minimal review comments indicates a straightforward UI enhancement.

Summary

Mask long-form datasource secrets

Prevents accidental exposure of sensitive datasource values in API responses, enhancing security compliance.

Health Assessment

• • Quick resolution with single review and minimal changes, indicating a straightforward bug fix.

Summary

Upgrade protobufjs to 7.5.8

Bumps protobufjs to 7.5.8, adding parser hardening and namespace lookup fixes, improving robustness of .proto parsing.

Health Assessment

• • Quick dependency update with automated review, no issues found.

Summary

Add breakdown by action type to the actions quota

Extends the monthly actions quota to track per‑type usage (automation step, CRUD, AI agent), enabling more granular billing and monitoring.

Health Assessment

• • Fast review and single rework commit indicate a straightforward, low‑risk enhancement.

Summary

Block active content attachment uploads

Prevents authenticated users from uploading executable content, mitigating stored XSS attacks.

Health Assessment

• • Quick resolution of a critical security issue with minimal changes and no back‑and‑forth discussion.

Summary

Show context usage indicator in agent chat

Adds a visual indicator in the agent chat that displays token usage breakdown, enabling users to monitor and optimize model context consumption.

Health Assessment

• • The PR had a long cycle time with multiple merges and rework, but the first review was quick. Automated review and description generation by cubic helped streamline the process, though the large scope and many review rounds indicate high risk.

Summary

Require admin access for SCIM routes

This change restricts SCIM provisioning endpoints to tenant admins, preventing unauthorized API key usage and addressing a security vulnerability. It ensures only privileged users can provision resources, mitigating potential data exposure.

Health Assessment

• • The PR was merged quickly with minimal rework, indicating a straightforward security fix with low complexity.

Summary

Invalidate user cache after bulk role updates

Ensures role changes are reflected immediately by clearing cached user data after bulk updates, improving security and user experience.

Health Assessment

• • Fast cycle time with minimal review iterations indicates a straightforward, low‑risk security fix.

Summary

Mark packages private and add build script

Prevents accidental publishing of internal packages and streamlines the build process for selected packages.

Health Assessment

• • Fast cycle time, single review, minimal changes, low risk.

Summary

Harden REST datasource redirect handling

Improves security by validating redirects against a blacklist, preventing SSRF attacks while preserving normal redirect behavior.

Health Assessment

• • The PR had rapid iteration with multiple commits after the initial review, indicating active rework to address security concerns. The review process was quick, but the number of changes suggests moderate complexity.

Summary

Validate legacy view calculations

Fixes a prototype‑pollution bypass in view calculation validation, preventing invalid reduce functions from being stored and ensuring data integrity for legacy views.

Health Assessment

• • Merged within 4.2 hours after a single comment, indicating a smooth review process; the security fix is small in scope but critical for data integrity.

Summary

Require builder access for datasource updates

This change restricts datasource updates to builder users only, preventing unauthorized modifications by production users and enhancing security. A regression test confirms that non-builder attempts receive a 403 response and no data is persisted.

Health Assessment

• • Fast cycle time with minimal rework and a single review indicates a straightforward security fix with low risk.

Summary

Enforce view scope for row action triggers

Ensures row actions only run on rows visible in the triggering view, preventing unauthorized automation execution.

Health Assessment

• • The PR was merged within 4 hours of opening, indicating a smooth review process.
• • The security fix was small in scope and required minimal rework, reducing risk.

Summary

Add increment decrement controls for number input fields

Adds optional step controls for number inputs, improving user experience and reducing input errors by allowing precise value adjustments and debounced actions.

Health Assessment

• • The PR was reviewed quickly but required several commits to address AI-generated feedback, indicating moderate complexity and some friction in the review process.

Summary

Remove unused global user onboarding endpoint

Eliminates a privilege escalation vector by removing an unused API endpoint, improving security posture.

Health Assessment

• • Fast cycle time with minimal rework; AI-assisted code removal improved security posture.

Summary

Emit error events for action failures

Adds comprehensive telemetry for automation step failures, enabling faster diagnostics and improved reliability for users.

Health Assessment

• • The PR was merged within 2.5 hours with only a single review comment, indicating a smooth review process. The addition of detailed failure events enhances observability without introducing significant risk.

Summary

Enable per-app themes and font selection

Allows each app in a workspace to have its own theme and font, improving brand consistency and user experience.

Health Assessment

• • Large scope with many commits and a late review request indicates moderate complexity; automated AI review helped catch issues early.

Summary

Handle SharePoint file deletion

Ensures deleted SharePoint files are removed from the knowledge base, improving data consistency and user experience.

Health Assessment

• • PR required extensive rework after initial AI review, with multiple commits to address feedback and linting, indicating high complexity and potential risk.

Summary

Add searchable state selector for state variables

Enables users to quickly locate state variables in the actions drawer, improving efficiency and reducing time spent searching. Also cleans up header search for consistency.

Health Assessment

• • Fast review and merge with minimal changes, indicating low complexity and high confidence.

Summary

Fix prototype pollution bypass in view calculation validation

Prevents prototype pollution bypass by ensuring only valid calculation keys are accepted, rejecting inherited Object.prototype keys and improving security.

Health Assessment

• • Rapid, single‑commit fix with no review needed, merged immediately.

Summary

Bump security dependencies across directory

Updates three indirect dependencies for security and stability, improving URI parsing safety, XML name handling, and SystemJS module transform behavior.

Health Assessment

• • Rapid merge with minimal changes and no review comments indicates low complexity and high confidence in the dependency updates.

Summary

Update hono dependency to 4.12.18

Applies security fixes to hono, improving cache handling, JSX safety, and JWT validation.

Health Assessment

• • Fast review and merge, minimal changes, no blockers.

Summary

Display query usage in automations

Adds a counter showing how many automations reference a query, improving query management and automation insights.

Health Assessment

• • The PR had multiple review rounds and commits, indicating some complexity and iteration.

Summary

Recover exited SQS in single CouchDB image

Ensures SQS restarts automatically and handles downtime gracefully, improving reliability for search operations.

Health Assessment

• • Fast review and minimal changes indicate low risk and quick resolution of SQS reliability issue.

Summary

Add async polling for agent test runs

Enables background execution of agent tests, reducing timeouts and improving reliability for users.

Health Assessment

• • Large-scale change with asynchronous queue integration required multiple review cycles; review took over 2 days, indicating significant complexity and potential impact on stability.

Summary

Fix mime type display in agent knowledge builder

Prevents overflows caused by long mime types in the agent knowledge builder.

Health Assessment

• • The PR was reviewed and merged quickly, indicating a smooth development process.

Summary

Stop processing attachments on workspace update

Prevents accidental deletion of existing attachment files when importing exports that omit rows, ensuring data integrity and reducing unnecessary processing during workspace updates.

Health Assessment

• • Fast review and minimal changes led to a smooth merge with no blockers.

Summary

Fix regression in Budibase AI settings

Restores correct routing and prefilled parameters for AI completion settings, preventing broken configuration and improving user experience.

Health Assessment

• • Fast turnaround with a single review cycle and minimal rework indicates low complexity and high confidence in the fix.

Summary

Fix blacklist parsing errors

Ensures malformed URLs are blocked, preventing DNS rebinding attacks and improving security.

Health Assessment

• • Minimal changes, quick review, no blockers.

Summary

Add SharePoint knowledge base via client credentials

Enables agents to connect to SharePoint using OAuth2 client credentials, adding site discovery, improved error handling, and a streamlined UI flow for knowledge base integration.

Health Assessment

• • The PR involved extensive code changes across 20 files, multiple review rounds, and a long cycle time, indicating significant rework and a high-impact feature that required careful validation.

Summary

Fix Svelte check warnings across builder and client

Cleaned up Svelte templates, styles, and test mocks to eliminate svelte‑check warnings, ensuring code quality across builder, client, and frontend‑core.

Health Assessment

• • Rapid review and merge with minimal changes indicates low complexity and high confidence in code quality.

Summary

Fix SharePoint shape drift

Corrects shape validation for SharePoint integration, preventing errors when selecting options.

Health Assessment

• • Rapid resolution with minimal changes and AI review, indicating low complexity and high confidence.

Summary

Fix zero files on fetch error

Resolves SharePoint sync errors by handling fetch failures and adding retry logic, improving reliability.

Health Assessment

• • PR addressed a SharePoint sync issue with retries, required multiple commits after review, but merged quickly within 23 hours.

Summary

Add Teams streaming responses for agent webhooks

Enables real‑time streaming of assistant replies to Microsoft Teams, improving user experience by showing progress indicators and reducing wait times. This feature also removes hardcoded API keys, enhancing security.

Health Assessment

• • Fast cycle with minimal review comments indicates smooth integration.

Summary

Add REST endpoint labels and new templates

Introduces human‑friendly display labels for REST endpoints and adds several new API templates with icons and operation counts, enhancing the API Explorer experience.

Health Assessment

• • The PR had a moderate review cycle with two review rounds and three commits after the first review, indicating some rework but a relatively quick overall turnaround. The addition of 285 lines across 13 files suggests a sizable feature addition, but the process remained efficient with a fast first review and no major blockers.

Summary

Fix settings config creation for missing tenants

Prevents crashes when locking or activating tenants without a settings config, enabling free tier migration.

Health Assessment

• • Rapid, single‑commit fix with AI‑assisted review; minimal code churn and no major risk.

Summary

Add OAuth reconnect for SharePoint connections

Enables users to refresh SharePoint credentials without recreating connections, improving workflow continuity and reducing support overhead.

Health Assessment

• • The PR was reviewed quickly with AI assistance, but required several iterations before final approval, indicating moderate rework but overall efficient process.

Summary

Add SharePoint connection management to builder

Enables users to connect SharePoint sites directly within the builder, streamlining data ingestion and knowledge base creation. This reduces manual configuration steps and speeds up content onboarding.

Health Assessment

• • The PR involved extensive changes across frontend and backend, with a prolonged review cycle and AI review flagged issues, indicating high complexity and potential risk.

Summary

Fix failing test due to DNS issues

Disables IP blacklist lookups in plugin tests to avoid DNS failures, improving test reliability and CI speed.

Health Assessment

• • Quick fix with minimal changes, AI-assisted review, no blockers.

Summary

Add exponential backoff for Gemini file search

Adds exponential backoff retries to Gemini file search, reducing flaky failures and improving reliability for users accessing file search features.

Health Assessment

• • Fast merge cycle but multiple commits after the initial review suggest quick iteration to resolve identified issues.

Summary

Add tablet view to preview

Enhances preview functionality with tablet support and streamlined device-toggle logic.

Health Assessment

• • The PR had a fast review time and received approval after addressing minor feedback.

Summary

Fix automation step error handling

Ensures automation workflows halt on step failures by default, adding an optional continue‑on‑error toggle for API Request, Execute Query, and Trigger Automation steps, improving reliability and giving users control over error handling.

Health Assessment

• • The PR had a slow overall cycle time but a rapid first review, with several commits made to address AI‑generated review feedback, indicating moderate complexity and a need for thorough testing of automation error handling.