Pull Request Explorer

Summary

Use Node for Cube Compose Healthcheck

Replaces the Cube Docker Compose healthcheck to use a Node-based /readyz endpoint, improving reliability and documenting older compose file issues.

Health Assessment

• • Quick, single-commit fix with fast review and merge, indicating low complexity and minimal risk.

Summary

Add MCP v3 Surveys Server

Adds a new MCP v3 survey server that enables API-key authenticated tools to list, create, validate, patch, and delete surveys, enhancing automation and integration with external AI tools.

Health Assessment

• • The PR required over 7 days to merge, involved multiple review cycles, and introduced a large code footprint, indicating significant complexity and potential risk.

Summary

Strip inline styles for CSP compatibility

Removes inline style attributes from survey UI components, replacing them with Tailwind classes to comply with strict CSP, ensuring no visual changes while improving security.

Health Assessment

• • Quick review cycle (0.1h) and minimal rework (one commit after review) indicate a smooth process; the small code change (<50 lines) and lack of functional impact keep risk low.

Summary

Fix cross-tenant attribute value read vulnerability

Removes a security flaw that allowed users to read sensitive attribute values from other workspaces by deriving workspace scope from the attribute key ID, preventing cross-tenant data leakage.

Health Assessment

• • Security fix required a single review and moderate changes; the process was straightforward with quick merge after addressing authorization logic.

Summary

Rename Connector to FeedbackSource in Unify Feedback

Standardizes terminology across the platform, reducing confusion and aligning the data model with future feature plans.

Health Assessment

• • The PR involves a large-scale rename across 20 files and 4,486 lines, requiring extensive testing and careful migration handling. The long cycle and review times suggest significant coordination effort, but the thorough test suite and migration safeguards mitigate risk.

Summary

Add pagination to topics/subtopics search

Enables users to view more than 10 results for topics/subtopics, improving data visibility and user experience.

Health Assessment

• • Fast review cycle with minimal rework; AI-assisted review comments streamlined the process.

Summary

Fix Connect Your App Learn More link

Corrects the documentation URL for the 'Learn more' button in the Connect Your App settings, ensuring users are directed to the proper framework guides instead of the docs home page.

Health Assessment

• • The PR was reviewed and merged within 15 hours, with a single comment and minimal code changes, indicating a straightforward bug fix with low risk.

Summary

Support Gemini 3.5 Flash multi-region endpoints

Adds correct base URL handling for Gemini 3.5 Flash in Vertex AI’s US and EU multi‑region locations, ensuring reliable model access across global deployments.

Health Assessment

• • Fast review (1.9h) and minimal rework (one commit after review) indicate a straightforward, low‑risk change with clear documentation and testing.

Summary

Fix color picker layout in logo settings

Ensures the color picker fills its container, improving UI consistency for logo background color toggles in workspace and survey editor settings.

Health Assessment

• • Quick, single-commit fix with minimal code changes and no regressions expected.

Summary

Refactor nested PascalCase component definitions

Improves React component performance by eliminating nested component definitions, preserving memoization and state, and updating translations across locales.

Health Assessment

• • PR had a quick initial review but required a couple of refactor commits; overall low risk and small scope.

Summary

Add PATCH endpoint for v3 surveys

Introduces a partial update API for surveys, allowing clients to modify only changed fields, reducing payload size and improving developer experience.

Health Assessment

• • PR required multiple merges and reverts, indicating significant rework; review was quick but overall cycle time was long due to integration complexity.

Summary

Add connect app snippet card

Adds a copy‑ready HTML setup snippet card to the Connect Your App settings page, enabling users to easily copy and paste the snippet into their app or website.

Health Assessment

• • PR had a long review time but minimal changes and quick approval after a single review round.

Summary

Fix survey path revalidation in response mutations

Ensures secure cache busting by moving revalidation to mutation actions, eliminating unauthenticated calls and reducing unnecessary auth round‑trips, improving performance and security for survey analytics.

Health Assessment

• • The PR was reviewed quickly and required no rework, but the overall cycle time was long due to scheduling; the change is low risk and improves security and performance.

Summary

Fix Dependabot pagination and add dry‑run

Corrects Dependabot alerts sync to Linear, eliminating HTTP 400 errors and enabling safe preview of changes without affecting production data.

Health Assessment

• • Rapid, AI‑assisted fix with minimal code changes and a single review round, resulting in a quick merge and low risk.

Summary

Disable video uploads on welcome card logo uploader

Prevents users from uploading videos as company logos in the welcome card, ensuring only images are used and simplifying the upload flow.

Health Assessment

• • Fast review cycle with minimal changes; AI review comments helped streamline the process.

Summary

Fix empty 'Other' validation in optional multi-select

Ensures respondents cannot proceed with an empty 'Other' option, improving data integrity and user experience.

Health Assessment

• • PR resolved a validation bug with minimal rework and a single review cycle, indicating efficient collaboration and low risk to production.

Summary

Fix email embed UI for rating questions

This PR corrects the rendering of rating-style questions in email previews, ensuring larger smiley icons and proper label alignment, improving user experience across email clients.

Health Assessment

• • The PR had a single review cycle with a 24‑hour delay before first review, but the changes were straightforward and merged within a day, indicating low complexity and minimal risk.

Summary

Fix S3 500 error for legacy images

Prevents 500 errors when accessing legacy images, improving reliability for users on older environments.

Health Assessment

• • Quick fix with minimal changes, merged within minutes, indicating low complexity and high confidence.

Summary

Fix S3 internal server error for older images

Fixes legacy S3 key lookup to return 404 instead of 500, enabling fallback to legacy environmentId key for older images.

Health Assessment

• • Quick fix with minimal changes, resolved in under 2 hours, indicating efficient review and low complexity.

Summary

Restore Microsoft SSO account lookup

Fixes Microsoft SSO login by normalizing provider IDs, ensuring users can link and log in with Microsoft accounts, improving reliability and user experience.

Health Assessment

• • Quick review and minimal rework; only a few comments were needed and the PR was merged within a day.

Summary

Move Create Organization CTA to Settings Page

Repositions the organization creation button to the settings page, reducing user confusion and preventing accidental organization creation.

Health Assessment

• • Quick, single‑commit fix with fast review turnaround; moderate code changes focused on UI UX improvement.

Summary

Fix rating question email embed UI

Corrects UI rendering of rating question in email previews, improving user experience.

Health Assessment

• • Quick fix with minimal changes, AI review helped streamline process.

Summary

Resolve pnpm audit vulnerabilities

Removes remaining vulnerable dependency versions, ensuring a clean audit and maintaining application security without altering functionality.

Health Assessment

• • Quick resolution with minimal rework, indicating a straightforward security fix.

Summary

Resolve pnpm audit vulnerabilities for release

Removes 11 known vulnerabilities from dependencies, ensuring a clean audit and improving security posture without affecting application behavior.

Health Assessment

• • Fast review and merge with minimal changes, indicating low complexity and risk.

Summary

Align main and settings navigation icon styling

Ensures consistent icon sizing across navigation, improving UI consistency and reducing visual confusion for users.

Health Assessment

• • Quick review and merge with minimal changes, indicating low complexity and high confidence.

Summary

Pin minimatch@10 to 10.2.5 to fix ReDoS

This PR resolves a critical ReDoS vulnerability in a transitive dependency, eliminating security alerts and preventing potential denial‑of‑service attacks.

Health Assessment

• • Rapid resolution of a critical security issue with minimal code changes and quick review turnaround.

Summary

Add POST /api/v3/surveys endpoint

Introduces a new API endpoint for creating block‑based v3 surveys, enabling customers to programmatically create surveys with comprehensive validation and language handling.

Health Assessment

• • The PR had a long cycle time (~8 days) and large code changes (~6000 lines), with a single review cycle and AI‑assisted comments, indicating high risk and potential integration challenges.

Summary

Add response IDs and contact activity improvements

Enhances survey response UI by adding response IDs, a new card for contact details, and a refetch button, improving data visibility and user experience.

Health Assessment

• • The PR had a long cycle time but minimal review friction, indicating a straightforward UI change that required only a single round of changes requested.

Summary

Create Helm update PRs with app token

Automates Helm chart version updates using a GitHub App token to trigger full CI workflows, ensuring checks run on automated PRs.

Health Assessment

• • Quick approval with minimal changes indicates a straightforward update to the CI workflow.

Summary

Enable ENTER key to submit login and signup forms

Improves user experience by allowing form submission via ENTER key, reducing friction during authentication.

Health Assessment

• • Initial review was quick, but multiple commits were needed to address feedback, leading to a moderate review cycle and a final merge after about 3 days.

Summary

Fix pending invite deletion before account removal

Ensures users with pending invites can delete their accounts without database errors by removing those invites first.

Health Assessment

• • The change resolves a critical FK violation that blocked account deletion, adding a concise cleanup step before user removal. The review cycle was longer than typical, but the modification was small and low risk.

Summary

Add GET /api/v3/surveys/{surveyId} endpoint

Introduces a read endpoint for single surveys with multilingual support and robust authorization, enhancing API consistency and developer experience.

Health Assessment

• • Large API change with extensive test coverage; review was quick but overall cycle time long, indicating possible blockers or slow merge process.

Summary

chore(deps): bump npm_and_yarn group

Updates turbo and ws to newer versions, addressing security fixes and bug improvements.

Health Assessment

• • Long review cycle indicates slow process, but minimal changes and low risk.

Summary

Resolve SonarQube blockers and high issues

Fixes 23 SonarQube blocker/high issues, improving code quality and reducing technical debt.

Health Assessment

• • The PR received a quick review with minimal comments, but the overall cycle time was long due to backlog. The changes are extensive yet focused on code quality, posing low risk to functionality.

Summary

Automate Linear issue creation from Dependabot alerts

Automates triaging GitHub Dependabot security alerts into Linear, replacing manual process. This reduces manual triage and ensures timely issue tracking.

Health Assessment

• • The PR was merged quickly with minimal rework, indicating efficient review and clear automation of Dependabot alerts into Linear.

Summary

Fix CSV delimiter handling for contacts upload

Ensures contacts CSV uploads accept European Excel defaults, reducing upload errors and improving user experience.

Health Assessment

• • Quick turnaround with minimal rework; AI review helped catch issues early.

Summary

Prevent client environment cache null crash

Fixes a cache race that caused client environment endpoints to crash, improving reliability and uptime for users.

Health Assessment

• • The PR had a single review with a comment and quick approval, resulting in a moderate review friction and a 63‑hour cycle time.

Summary

Fix Helm chart to wire bundled Cube env

The Helm chart now automatically injects the required CUBEJS_API_URL and sets Cube's port, eliminating startup failures. This improves reliability for production deployments.

Health Assessment

• • Quick single-review fix with minimal changes, indicating low complexity and high confidence.

Summary

Fix rate limiting for survey actions

Adds IP rate limiting and server‑side guard to prevent enumeration and brute‑force attacks, improving security for survey responses.

Health Assessment

• • Security fix with minimal changes, quick review, no rework.

Summary

Refactor React components to remove react-doctor warnings

Clears ~930 react-doctor warnings, improving code quality and score without changing behavior.

Health Assessment

• • Large mechanical sweep required multiple review rounds; review time high; risk moderate due to potential UI regressions but mitigated by comprehensive tests.

Summary

Fix Linear release version stamping

Ensures scheduled pipeline completes without manual renaming by stamping release tag before completion, improving release automation.

Health Assessment

• • Fast cycle time, single review, minimal changes, low risk.

Summary

Fix Feedback Records nav highlight on sub-tabs

Ensures consistent navigation highlighting for the Feedback Records section, improving user experience when switching sub-tabs.

Health Assessment

• • Quick fix with minimal changes, resolved within 1.6 hours, indicating efficient review and low complexity.

Summary

Reject reCAPTCHA-protected requests when server keys are unconfigured

Fixes an open verification bug, ensuring self-hosted instances cannot bypass reCAPTCHA protection and operators receive clear error logs.

Health Assessment

• • Quick AI-assisted fix resolved a critical security issue with minimal code changes.

Summary

Resolve SonarQube warnings in survey UI

Improves code quality and maintainability by reducing cognitive complexity and eliminating linting issues, lowering future technical debt and ensuring a cleaner codebase for the survey UI.

Health Assessment

• • The PR fixed five SonarQube issues with a single review round and moderate review time, indicating focused effort, but the large number of lines changed suggests a significant refactor that may impact future maintenance.

Summary

Restore Microsoft SSO account lookup backport

Fixes Microsoft SSO login failures on release 5.0 by normalizing provider IDs, ensuring users can authenticate seamlessly.

Health Assessment

• • Quick single-commit fix with fast review, minimal risk to production.

Summary

Fix language alias handling for survey link previews

Ensures shared survey links display correct language metadata, improving user experience and preventing fallback to default language.

Health Assessment

• • Single commit resolved issue quickly with minimal changes, indicating efficient review and low complexity.

Summary

Fix back button visibility on dark backgrounds

Ensures the back button is readable on dark survey backgrounds, improving user navigation and reducing confusion.

Health Assessment

• • Quick review with AI assistance, minimal changes, low risk.

Summary

Fix survey card scroll and segment modal width

Improves UI stability for survey editors and segment modals, enhancing user experience.

Health Assessment

• • Quick review and minimal changes led to a smooth merge with low risk.

Summary

Fix Linear release version stamping before completion

Ensures Linear releases are correctly stamped with version tags, preventing pipeline failures and ensuring smooth release rollouts.

Health Assessment

• • Quick fix with minimal changes, fast review and merge, low risk.

Summary

Remove hardcoded plan names from upgrade banners

This change removes hardcoded plan names from upgrade banners, decoupling UI copy from specific plan tiers. It reduces maintenance overhead and ensures consistency with Stripe's entitlement model.

Health Assessment

• • Single commit, fast review, minimal scope, low risk.