Pull Request Explorer

Summary

Release version 1.700.0 with updated dependencies

This release updates dependencies, adds new CLI features, and includes bug fixes, improving stability and performance for users.

Health Assessment

• • Release was approved quickly with AI review, minimal changes, and merged within 2.5 days.

Summary

Mask OAuth client secrets in instance settings

Ensures sensitive OAuth client secrets are masked by default in the UI, improving security and user experience.

Health Assessment

• • Rapid review and quick fixes indicate a straightforward security improvement with minimal impact.

Summary

Add offline URL-bound license keys

Enables air‑gapped customers to use offline license keys that embed seat and compute‑unit caps and are bound to the instance, allowing full offline validation without phone‑home.

Health Assessment

• • The PR took over three days to merge and had a long review time with multiple comments, reflecting significant complexity and potential risk to stability.

Summary

Add max-iterations to OpenAPI spec

Adds a max_iterations parameter to the AI Agent request schema, enabling OpenAPI clients to configure iteration limits consistently with the WebUI and server.

Health Assessment

• • Merged within 8.5 hours with a single review comment, indicating a straightforward, low-risk change.

Summary

Add configurable Vault JWT mount path and docs

This PR adds support for custom Vault JWT auth mount paths, allowing deployments to use non-default mount points without authentication failures. It also corrects the setup documentation, ensuring accurate configuration guidance for users.

Health Assessment

• • Fast review and moderate iteration with a single review round; documentation and code changes were quickly addressed.

Summary

Pin tokio-postgres fork to fix deadlock

Removes a critical deadlock in database query handling, ensuring reliable data access for users and preventing potential service interruptions.

Health Assessment

• • Fast cycle time of 5.3 hours and zero review lag indicate a straightforward, low-risk change; the AI-generated patch was reviewed quickly and merged without further iterations.

Summary

Enable token‑authenticated file downloads

Adds support for authenticated downloads via the OpenAPI client when a token is set, preserving native link behavior for cookie‑auth sessions and fixing 401 errors for cross‑origin embeds.

Health Assessment

• • Fast cycle time and minimal review rounds indicate a smooth process; AI review helped surface issues early.

Summary

Update deno and swc dependencies to goldilocks set

Bumps deno and swc crates to a stable set that removes the serde ceiling, resolves dependency conflicts, and updates runtime APIs, ensuring compatibility and stability.

Health Assessment

• • Rapid merge with minimal review indicates low complexity and high confidence in dependency updates.

Summary

Remove deno_runtime dependency and inline transpiler

Eliminates a large transitive dependency chain, resolving SQLite library conflicts and enabling future crate upgrades without affecting runtime behavior.

Health Assessment

• • The PR was merged within 42 minutes of opening, with a single review comment and no additional commits, indicating a smooth process despite the large code churn.

Summary

Fix reserved flow step IDs for Input, Result, Trigger

Prevents flow editor UI corruption by blocking reserved step IDs. Ensures users cannot rename steps to Input, Result, or Trigger, maintaining editor stability.

Health Assessment

• • Quick review and merge with minimal changes, indicating straightforward bug fix.

Summary

Add ignored smoke tests for deno_core bump

Adds a suite of ignored integration tests to validate the V8 runtime against deno_core, deno_ast, and swc updates, ensuring regressions are caught before deployment.

Health Assessment

• • The PR was reviewed and merged within minutes, indicating low friction. The addition of 10 ignored tests provides a safety net for future deno_core upgrades without impacting CI performance.

Summary

Add assets access for operators

Operators can now access the assets page by default, with a new setting added to workspace operator settings.

Health Assessment

• • The PR was merged quickly, with a cycle time of 10.8 hours, indicating efficient review and approval.

Summary

Lazy-load script editor history and improve query performance

The script editor now loads history lazily, preventing unnecessary database queries. This reduces load times and improves user experience in large workspaces.

Health Assessment

• • Quick review and merge with minimal changes, indicating a low-risk performance enhancement.

Summary

Refactor AI image handling to windmill-ai

Moves image upload/download logic into a dedicated module, decoupling worker code from queue dependencies and simplifying provider implementations.

Health Assessment

• • Fast cycle time (3h) and single review with no rework indicate a smooth, low-risk refactor.

Summary

Add PR author ping for non‑good auto‑review

Adds notification to PR author when auto‑review verdict is not 'Good to merge', improving visibility and reducing merge delays. This ensures reviewers are promptly informed of required changes.

Health Assessment

• • Fast merge with minimal changes indicates low complexity and quick approval.

Summary

Populate raw_code for flowscript and appscript runs

Ensures code visibility for flowscript and appscript runs, improving developer experience by displaying source code and enabling code preview.

Health Assessment

• • Quick fix with minimal changes, fast review and merge, indicating low complexity and high confidence.

Summary

Add delete forked children confirmation toggle

Provides users with an option to delete all descendant workspaces when removing a fork, giving better control over workspace cleanup.

Health Assessment

• • Merged within 2.4 hours with no review comments, indicating a straightforward, low-risk change.

Summary

Refactor AI SSE plumbing to windmill-ai

This refactor moves provider‑independent SSE parsing and AI utilities into the windmill‑ai crate, simplifying imports and clarifying ownership.

Health Assessment

• • The PR had a long cycle time and review delay, indicating bottlenecks in the review process.
• • The refactor touches many modules, raising the risk of regressions despite AI review support.

Summary

Fix Path dirty flag on folder picker changes

Users can now save changes after moving items between folders without extra steps, improving workflow efficiency.

Health Assessment

• • Quick fix with minimal changes, reviewed and merged within 30 minutes, indicating low complexity and high confidence.

Summary

Fix variable rename and bulk delete issues

Improves data integrity by ensuring linked variables are properly archived during bulk deletions and resolves UI gaps in variable renaming, enhancing user experience and preventing accidental data loss.

Health Assessment

• • The PR addressed critical data integrity issues with minimal code changes, but required a few iterations to resolve UI gaps, resulting in a moderate review friction and a 3.7‑day cycle time.

Summary

Tighten Log Viewer Top Bar

Improves log viewer usability by saving space and preventing accidental horizontal scrolling, enhancing developer experience.

Health Assessment

• • Fast review and merge with minimal changes; AI-assisted code generation streamlined the process.

Summary

Auto-infer args for wmill app push

Enables developers to push apps without specifying paths, improving ergonomics and reducing errors.

Health Assessment

• • Rapid approval with minimal review indicates high confidence and low complexity.

Summary

Release version 1.699.0

This PR publishes a new release with bug fixes and performance improvements, ensuring stability and enhanced user experience.

Health Assessment

• • Fast release cycle with minimal review, indicating a streamlined release process.

Summary

Fix wheel RECORD verification in Python cache

Prevents corrupted Python wheel caches from propagating, ensuring reliable dependency installs and avoiding runtime ImportErrors for customers.

Health Assessment

• • Fast turnaround with a single commit and minimal code changes indicates low complexity and risk.

Summary

Fix error handler input args initialization

Ensures error handler inputs in flow editor resolve correctly, improving debugging and user experience. This fixes a bug that prevented error details from being displayed.

Health Assessment

• • Merged within 24 minutes with minimal changes and no blockers.

Summary

Hide internal entrypoint override jobs from history

Prevents internal helper runs from cluttering user history, improving clarity for users.

Health Assessment

• • Quick fix with minimal changes, single review, no rework.

Summary

Add windmill_failure parsing to mark runs as failure

Enables explicit failure tagging in job results, ensuring runs are correctly marked as failures and error handling flows are triggered. This improves reliability by allowing scripts to signal failures without causing runtime errors.

Health Assessment

• • The PR had a quick initial review and a few follow-up commits, indicating efficient collaboration. The use of AI review helped identify issues early, reducing iteration time.

Summary

Optimize flow_env resolution and caching

Reduces memory pressure and prevents OOM by gating flow_env resolution and sharing cache, improving performance for flow execution.

Health Assessment

• • Fast review cycle with no rework, indicating high confidence in changes.

Summary

Bump Svelte version in CLI template

Updates Svelte dependency to match compiler, preventing runtime errors and improving developer experience.

Health Assessment

• • Quick fix with minimal changes, no back‑and‑forth, merged within 6 hours.

Summary

Serialize Google channel renewal across replicas

Fixes a race condition where multiple replicas rotate Google webhook tokens, causing duplicate channels and orphaned tokens. Adds pessimistic locking and token label changes to ensure only one renewal per trigger, improving reliability and reducing orphaned resources.

Health Assessment

• • The PR required multiple rounds of review and fixup commits, indicating significant rework. AI‑assisted code generation helped address race conditions and improve reliability.

Summary

Fix Windows path validation in Ansible executor

Prevents potential security vulnerability where Windows paths could escape repository boundaries, ensuring safer Ansible playbook execution.

Health Assessment

• • Quick fix with minimal changes, merged immediately after commit, indicating low complexity and high confidence.

Summary

Release version 1.698.0

This PR publishes a new release, bumping the version and updating dependencies, enabling users to access the latest features and bug fixes.

Health Assessment

• • Release generated automatically with Release Please, minimal review, quick merge.

Summary

Cache resolved flow_env per flow execution

Reduces redundant API calls and memory usage during flow execution, preventing resource leaks and improving system stability.

Health Assessment

• • Fast review and merge cycle, minimal code churn, and a small scope indicate a low-risk performance enhancement.

Summary

Stabilize CLI tests: flow lock‑gen race and Windows path

Fixes flaky CLI tests by adding a wait for flow dependency jobs and correcting Windows path handling, improving reliability for Windows users.

Health Assessment

• • Quick, single‑commit fix with minimal code changes and fast review turnaround, indicating low risk and high confidence in stability.

Summary

Performance: Skip flow_env DB work when no resolution

Reduces database roundtrips and memory usage for flows that don’t need environment resolution, improving performance for heavy predicate flows.

Health Assessment

• • Quick review and merge with minimal changes, indicating low complexity and risk.

Summary

Add --parallel flag to generate-metadata

Adds a parallel execution option to the generate-metadata CLI command, enabling concurrent processing of stale items and significantly improving performance on large workspaces.

Health Assessment

• • The PR was reviewed quickly with minimal comments, indicating a straightforward change that was well understood by reviewers.

Summary

Fix CLI header forwarding for backend fetches

Ensures CLI commands correctly forward custom headers to backend APIs, preventing failures behind auth gateways like Cloudflare Access and improving reliability of sync, docs, and preview operations. Adds comprehensive integration tests to guard against regressions.

Health Assessment

• • Rapid merge with minimal review and extensive tests indicates high confidence and low risk.

Summary

Release version 1.697.0

Publishes a new release, bumping version and updating dependencies across backend, frontend, and client libraries.

Health Assessment

• • Release PR merged quickly with minimal review, indicating automated release process and low complexity.

Summary

Add length validation to fork workspace ID and fix CLI name field

Prevents database errors caused by overly long forked workspace IDs and ensures the user‑supplied workspace name is used, improving reliability and user experience.

Health Assessment

• • Quick review with no rework; minimal changes resolved a database error and a CLI bug.

Summary

Add Workload Identity Federation for Azure Key Vault

Adds Azure Workload Identity Federation as an alternative to client_secret for Azure Key Vault secret backend, enabling secure token exchange via Kubernetes service‑account JWT and reducing reliance on long‑lived secrets.

Health Assessment

• • PR introduced large code changes (over 700 lines) in a short cycle, with multiple commits after the initial review to resolve conflicts and update EE references, indicating moderate complexity and potential integration risk.

Summary

Add trigger and schedule handling to wmill workspace merge

Brings CLI parity with the merge UI by routing trigger and schedule diffs through the existing workspace_diff tally infrastructure

Health Assessment

• • The PR has a large scope with many files changed, indicating significant changes to the codebase. The review process took around 28 hours, which is relatively fast. However, the PR has a high number of commits and review rounds, indicating some complexity and potential for errors.

Summary

Fix deterministic inline-script naming in app pulls

Ensures consistent filenames for inline scripts during app pulls, eliminating unnecessary git churn and improving developer experience.

Health Assessment

• • The PR was merged immediately after a single commit with no review friction, indicating a straightforward bug fix that stabilizes inline-script naming across pulls.

Summary

Add OAuthBearer SASL_SSL support for Kafka triggers

Enables OAuth2 OIDC authentication for Kafka triggers, allowing secure connections to Confluent Cloud and other services.

Health Assessment

• • Fast review and minimal changes indicate low complexity and risk.

Summary

Add external domain override for user-facing links

Enables SDK consumers to point user-facing links to a custom domain, allowing embedded UIs to use a different origin while preserving same-origin behavior by default.

Health Assessment

• • Fast cycle time with a single review and no requested changes; minimal rework and small to medium scope indicate a low-risk, high-efficiency PR.

Summary

Health Assessment

Summary

Fix dev server CSS reset layering for Tailwind

Ensures Tailwind utilities work correctly in the dev preview, preventing layout issues for developers using Tailwind v4.

Health Assessment

• • Quick, single‑commit fix with AI‑assisted review; minimal code changes and fast turnaround.

Summary

Fix concurrency lock storm with two‑phase admit

Reduces database lock contention for concurrent job pulls, preventing long outages and improving throughput for high‑parallel workloads.

Health Assessment

• • Fast cycle time (10h) with a single AI‑reviewed comment and no major blockers; large code change but well‑tested and reviewed quickly.

Summary

Fix SingleStepFlow zombie handling and runs filter

Ensures SingleStepFlow jobs are correctly cleaned up and visible on the runs page, preventing orphaned jobs and improving user visibility.

Health Assessment

• • The PR resolved a complex bug involving orphaned SingleStepFlow jobs, required multiple iterations and extensive testing, but was merged quickly due to its clear impact on job lifecycle and user visibility.

Summary

Release 1.696.2

Automated release with bug fixes and improvements

Health Assessment

• • Automated release with minimal review time
• • Several bug fixes and improvements included

Summary

Fix CLI auth‑gateway detection and polling heartbeat

Improves CLI resilience by detecting auth‑proxy HTML responses and adding a heartbeat to long‑running polls, preventing silent failures and providing clearer error context.

Health Assessment

• • Rapid 0.3‑hour cycle with no review delays and minimal rework indicates a smooth, low‑risk bugfix. AI assistance accelerated code and documentation creation.