chore: version packages#1989
Conversation
|
The latest updates on your projects. Learn more about Vercel for GitHub.
1 Skipped Deployment
|
e1b5530 to
89a6b42
Compare
89a6b42 to
eeaac0c
Compare
eeaac0c to
bc7fdcf
Compare
bc7fdcf to
4dcb152
Compare
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 4dcb152cb0
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
| { | ||
| "name": "@anticapture/client", | ||
| "version": "1.3.0", | ||
| "version": "1.4.0", |
There was a problem hiding this comment.
Publish the MCP auth removal as a major release
This release is still advertised as 1.4.0, but the same generated changelog for @anticapture/client says the MCP HTTP server removed ANTICAPTURE_MCP_API_KEY and no longer performs that inbound shared-key check. Any deployment pinned with a normal ^1.3.0 range can pick up this package automatically and lose its configured auth path, so this should be a major version bump (or the breaking auth removal should be deferred) before publishing.
Useful? React with 👍 / 👎.
4dcb152 to
3e3e1dc
Compare
3e3e1dc to
1550897
Compare
1550897 to
30e797c
Compare
30e797c to
1a3968d
Compare
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: b92342e907
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
| { | ||
| "name": "@anticapture/authful", | ||
| "version": "0.1.0", | ||
| "version": "0.2.0", |
There was a problem hiding this comment.
Mark Authful token removal as major
For Authful deployments that still seed a known TOKEN_PLAINTEXT or rely on the removed manual mint/plaintext-token path, this release removes the provisioning workflow while still advertising a normal 0.2.0 minor. The repo changeset guidance says breaking changes in 0.x packages should be treated as major, so this should either retain compatibility or be released as a major bump before the changeset is consumed.
Useful? React with 👍 / 👎.
b92342e to
a315897
Compare
a315897 to
5d92078
Compare
5d92078 to
c86b445
Compare
c86b445 to
4835d67
Compare
c4d6d6b to
2198a3b
Compare
2198a3b to
40d9355
Compare
40d9355 to
db64afb
Compare
db64afb to
24c1d21
Compare
24c1d21 to
bc60295
Compare
bc60295 to
c8a0494
Compare
c8a0494 to
39908f5
Compare
39908f5 to
d0f9154
Compare
This PR was opened by the Changesets release GitHub action. When you're ready to do a release, you can merge this and publish to npm yourself or setup this action to publish automatically. If you're not ready to do a release yet, that's fine, whenever you add more changesets to dev, this PR will be updated.
Releases
@anticapture/client@1.4.0
Minor Changes
#1971
4a85cf4Thanks @brunod-e! - Per-tenant API tokens (DEV-758): new Authful service issues, validates and revokes tenant tokens (sha256-only storage, manual minting); Gateful gains an optional token-auth middleware with Redis-cached validation, per-token rate limiting and per-tenant request metrics exposed on its/metricsendpoint (Prometheus countertenant_requests_total{tenant, route}), enabled viaTOKEN_SERVICE_URL(legacyBLOCKFUL_API_TOKENbehavior unchanged when unset). The MCP server can forward the caller'sAuthorizationheader to Gateful viaFORWARD_CLIENT_AUTH=true; in that mode the sharedANTICAPTURE_API_KEYis never attached, so unauthenticated requests get a per-tenant 401 instead of riding the shared key.#1971
e57bf06Thanks @brunod-e! - MCP server can now forward each caller's own Authorization header to the upstream Gateful API (enable withFORWARD_CLIENT_AUTH=true), laying the groundwork for per-tenant tokens with rate limiting and usage tracking. Disabled by default; existing shared-key behavior is unchanged.#1993
add9bd1Thanks @caveman-eth! - Surface ENS social records and EFP stats for addresses.address-enrichmentnow reads the EFP/detailsendpoint, capturing the ENScom.twitter,org.telegram,email, andcom.githubtext records plus EFP follower/following counts. These are exposed underens(socials) and a newefpobject, cached under the existing ENS TTL. EFP counts are returned even when the address has no primary ENS name.#1971
2dea74cThanks @brunod-e! - The MCP HTTP server no longer does an equality check against the sharedANTICAPTURE_MCP_API_KEY(now removed). Token validation is delegated to Gateful: callers present their own per-tenant token, which the MCP server forwards upstream (FORWARD_CLIENT_AUTH=true) for Gateful'stokenAuthMiddlewareto validate and attribute per tenant. Validation is intentionally not duplicated at the MCP layer — Gateful owns it, including the Redis cache and fail-open fallback that keep cache-warm tenants serving through an Authful restart.Patch Changes
#1971
51e110aThanks @brunod-e! - Standardize environment-variable handling to match the API module. The MCP server now loads.envvia dotenv and validatesPORT,HOST,ANTICAPTURE_API_URL,ANTICAPTURE_API_KEY, andFORWARD_CLIENT_AUTHthrough a single zod schema instead of ad-hocprocess.envreads. Authful's env parsing switches to the samesafeParse+ friendly-error pattern and foldsTOKEN_PLAINTEXTinto the schema so the mint script no longer readsprocess.envdirectly. Gateful now normalizesTOKEN_SERVICE_URL(trailing-slash trimming) in its zod env schema rather than manually insideAuthfulClient.#1995
172558cThanks @pikonha! - Resolve the Gateful OpenAPI spec from the matching PR-preview Gateful on Vercel previews (derived fromVERCEL_GIT_PULL_REQUEST_ID), so codegen-dependent builds (e.g. dashboard/storybook) no longer fail with "Config failed loading" when neitherANTICAPTURE_API_URLnorRAILWAY_ENVIRONMENT_NAMEis set.#1995
eaacf28Thanks @pikonha! - Drop the shared-dev-Gateful fallback for untrusted/fork Vercel PR previews. Those previews get no PR-scoped Railway service, so they can never reflect a PR's API/Gateful changes — pointing them atdev-gatefulonly produced a misleading preview. The dashboardnext.config.tsand the@anticapture/clientGateful OpenAPI spec resolver now rely solely on an explicitANTICAPTURE_API_URL(injected by CI for trusted PRs / set on dev & production) or a Railway PR-preview environment; anything else throws instead of silently falling back.#1994
d94129cThanks @PedroBinotto! - Remove the transitional single shared-token auth path now that per-tenant Authful auth is fully rolled out. Gateful drops the legacyBLOCKFUL_API_TOKENbearerAuthfallback (and theBLOCKFUL_API_TOKENenv var it read); per-tenant token auth viaTOKEN_SERVICE_URLis the only auth mode. The@anticapture/clientpackage drops an orphaned, never-importedAuthfulClient(MCP token validation is delegated to Gateful, not performed in-process).@anticapture/address-enrichment@1.1.0
Minor Changes
add9bd1Thanks @caveman-eth! - Surface ENS social records and EFP stats for addresses.address-enrichmentnow reads the EFP/detailsendpoint, capturing the ENScom.twitter,org.telegram,email, andcom.githubtext records plus EFP follower/following counts. These are exposed underens(socials) and a newefpobject, cached under the existing ENS TTL. EFP counts are returned even when the address has no primary ENS name.Patch Changes
325fccbThanks @pikonha! - Add committed Drizzle migrations and apply them at startup.@anticapture/api@1.5.0
Minor Changes
451db65Thanks @pikonha! - Integrate Tornado Cash DAO (TORN): custom stake-to-vote indexer (lock-based delegated supply, timestamp governance), timestamp-based proposal-status API client, and dashboard config/icon.Patch Changes
#2002
2f0aca6Thanks @pikonha! - Return unsupported-offchain errors consistently across offchain proposal and vote routes.#2002
873bb45Thanks @pikonha! - Normalize TORN lock/unlock transfer direction in voting-power history so the locker (not the custody contract) is shown as the delegator.#2002
2fc7174Thanks @pikonha! - Fix TORN historical voting power rows being rendered as bogus zero-address delegations. TORN derives voting power directly from Transfers, so each history row shares the Transfer's log index, which the generic repository's strict<join never matched. Added a dedicated TORN voting-power repository that links the causing event atlogIndex <= row logIndex. Dashboard also formats the auto-delegation fallback amount instead of dumping the raw delta.@anticapture/authful@0.2.0
Minor Changes
#2000
1e6c3fbThanks @PedroBinotto! - On Railway PR previews (RAILWAY_ENVIRONMENT_NAMEother thandev/production) the service now seeds a fixed token from the requiredSEED_TOKEN_PLAINTEXTenv var on boot — idempotently, so it survives restarts — giving the rest of the preview stack a known key to authenticate with. The seeding capability is internal only; the admin API still mints exclusively with server-generated values.#1971
4a85cf4Thanks @brunod-e! - Per-tenant API tokens (DEV-758): new Authful service issues, validates and revokes tenant tokens (sha256-only storage, manual minting); Gateful gains an optional token-auth middleware with Redis-cached validation, per-token rate limiting and per-tenant request metrics exposed on its/metricsendpoint (Prometheus countertenant_requests_total{tenant, route}), enabled viaTOKEN_SERVICE_URL(legacyBLOCKFUL_API_TOKENbehavior unchanged when unset). The MCP server can forward the caller'sAuthorizationheader to Gateful viaFORWARD_CLIENT_AUTH=true; in that mode the sharedANTICAPTURE_API_KEYis never attached, so unauthenticated requests get a per-tenant 401 instead of riding the shared key.Patch Changes
#1971
dd8756cThanks @brunod-e! - Add project-standard observability to Authful: structured Pino request logging, OpenTelemetry metrics/tracing via@anticapture/observability, an HTTP request-duration histogram, and a public/metricsPrometheus endpoint. Instrumentation is emitted as its own bundle entry and loaded withnode --importso it registers beforepg/httpare required.#1971
858d286Thanks @brunod-e! - Mark request bodies asrequiredon the AuthfulPOST /tokensand/validateroutes. Without it,@hono/zod-openapiskips validation and substitutes an empty body when a request omits the JSON content-type — lettingPOST /tokensmint a token with a nulltenant(NOT NULL violation / 500) instead of returning a 400. Malformed and empty bodies are now rejected with 400.#1971
51e110aThanks @brunod-e! - Standardize environment-variable handling to match the API module. The MCP server now loads.envvia dotenv and validatesPORT,HOST,ANTICAPTURE_API_URL,ANTICAPTURE_API_KEY, andFORWARD_CLIENT_AUTHthrough a single zod schema instead of ad-hocprocess.envreads. Authful's env parsing switches to the samesafeParse+ friendly-error pattern and foldsTOKEN_PLAINTEXTinto the schema so the mint script no longer readsprocess.envdirectly. Gateful now normalizesTOKEN_SERVICE_URL(trailing-slash trimming) in its zod env schema rather than manually insideAuthfulClient.@anticapture/dashboard@2.7.0
Minor Changes
#1997
8ed6328Thanks @brunod-e! - feat(create-proposal): recursive calldata builder covering every Solidity type (arrays, fixed/multidimensional, tuples/structs, nested) with two-way paste & decode and a live encoded-calldata preview; debounced contract-address validation; "Duplicate action" alongside edit/delete; and improved transfer UX — treasury "Max", always-visible helper text, per-token USD via CoinGecko, and a clearer selected-token state.#1993
add9bd1Thanks @caveman-eth! - Surface ENS social records and EFP stats for addresses.address-enrichmentnow reads the EFP/detailsendpoint, capturing the ENScom.twitter,org.telegram,email, andcom.githubtext records plus EFP follower/following counts. These are exposed underens(socials) and a newefpobject, cached under the existing ENS TTL. EFP counts are returned even when the address has no primary ENS name.#2009
36992d7Thanks @Zeugh-eth! - support Tornado Cash proposal creation#1990
5cb8a21Thanks @brunod-e! - Shareable proposal drafts: add an Editor/Preview toggle, a read-only draft preview, and a recipient flow for shared draft links — publish the draft on-chain or edit it to fork your own copy.#2012
3031315Thanks @PedroBinotto! - Render Tornado Cash proposal descriptions as Markdown (unwrapping the stringified-JSON body) and show a proposal Info card on the Actions tab for proposals without executable actions.#2002
412b9e8Thanks @pikonha! - Make TORN vote recasting reachable (show "Change your vote" on already-voted onchain proposals when the DAO allows changing votes) and hide the Abstain option for Tornado Cash, whose binary governor rejects abstain votes.#2002
451db65Thanks @pikonha! - Integrate Tornado Cash DAO (TORN): custom stake-to-vote indexer (lock-based delegated supply, timestamp governance), timestamp-based proposal-status API client, and dashboard config/icon.Patch Changes
#2015
196de31Thanks @pikonha! - Fix proposal descriptions rendering blank for DAOs (e.g. Compound) whose on-chain descriptions use escaped\nnewlines, by normalizing them to real line breaks for display.#1995
eaacf28Thanks @pikonha! - Drop the shared-dev-Gateful fallback for untrusted/fork Vercel PR previews. Those previews get no PR-scoped Railway service, so they can never reflect a PR's API/Gateful changes — pointing them atdev-gatefulonly produced a misleading preview. The dashboardnext.config.tsand the@anticapture/clientGateful OpenAPI spec resolver now rely solely on an explicitANTICAPTURE_API_URL(injected by CI for trusted PRs / set on dev & production) or a Railway PR-preview environment; anything else throws instead of silently falling back.#2011
acdaf82Thanks @brunod-e! - fix(dashboard): use dynamic viewport height (dvh) for the app/whitelabel shells so the sticky bottom action bar (e.g. create-proposal Publish/Save Draft) is no longer hidden behind the mobile browser's bottom toolbar.#2002
2fc7174Thanks @pikonha! - Fix TORN historical voting power rows being rendered as bogus zero-address delegations. TORN derives voting power directly from Transfers, so each history row shares the Transfer's log index, which the generic repository's strict<join never matched. Added a dedicated TORN voting-power repository that links the causing event atlogIndex <= row logIndex. Dashboard also formats the auto-delegation fallback amount instead of dumping the raw delta.Updated dependencies [
4a85cf4,e57bf06,add9bd1,51e110a,172558c,2dea74c,eaacf28,d94129c]:@anticapture/gateful@1.2.0
Minor Changes
#1971
4a85cf4Thanks @brunod-e! - Per-tenant API tokens (DEV-758): new Authful service issues, validates and revokes tenant tokens (sha256-only storage, manual minting); Gateful gains an optional token-auth middleware with Redis-cached validation, per-token rate limiting and per-tenant request metrics exposed on its/metricsendpoint (Prometheus countertenant_requests_total{tenant, route}), enabled viaTOKEN_SERVICE_URL(legacyBLOCKFUL_API_TOKENbehavior unchanged when unset). The MCP server can forward the caller'sAuthorizationheader to Gateful viaFORWARD_CLIENT_AUTH=true; in that mode the sharedANTICAPTURE_API_KEYis never attached, so unauthenticated requests get a per-tenant 401 instead of riding the shared key.#1995
4d7d667Thanks @pikonha! - Gateful/healthnow returns 503 unless every configured DAO API, relayer, and address-enrichment service responds on/health.#1996
f5b9f24Thanks @PedroBinotto! - Protect the public/metricsendpoint with a bearer token. When the optionalGATEFUL_METRICS_TOKENenv var is set, scrapes of/metricsmust present it as a bearer (constant-time compare; 401 otherwise); left open when unset for local dev. The Prometheus scraper reads the same variable name so it can be wired as a single shared Railway variable. This guard is independent of per-tenant Authful auth, so scrapes never consume a tenant token or appear in per-tenant usage metrics.#1994
d94129cThanks @PedroBinotto! - Remove the transitional single shared-token auth path now that per-tenant Authful auth is fully rolled out. Gateful drops the legacyBLOCKFUL_API_TOKENbearerAuthfallback (and theBLOCKFUL_API_TOKENenv var it read); per-tenant token auth viaTOKEN_SERVICE_URLis the only auth mode. The@anticapture/clientpackage drops an orphaned, never-importedAuthfulClient(MCP token validation is delegated to Gateful, not performed in-process).Patch Changes
#1971
51e110aThanks @brunod-e! - Standardize environment-variable handling to match the API module. The MCP server now loads.envvia dotenv and validatesPORT,HOST,ANTICAPTURE_API_URL,ANTICAPTURE_API_KEY, andFORWARD_CLIENT_AUTHthrough a single zod schema instead of ad-hocprocess.envreads. Authful's env parsing switches to the samesafeParse+ friendly-error pattern and foldsTOKEN_PLAINTEXTinto the schema so the mint script no longer readsprocess.envdirectly. Gateful now normalizesTOKEN_SERVICE_URL(trailing-slash trimming) in its zod env schema rather than manually insideAuthfulClient.#1995
69c4427Thanks @pikonha! - Gateful/healthprobes are now read-only: they reflect each upstream's circuit-breaker state but no longer run throughbreaker.execute(), so CI/orchestrator polling can't trip the real-traffic circuit (or steal its HALF_OPEN probe slot) and take routes offline.@anticapture/indexer@1.2.0
Minor Changes
#2002
0d2da65Thanks @pikonha! - TORN: route locked voting power to the locker's delegate and move it between delegates on Delegated/Undelegated. TORN emits no DelegateVotesChanged, so per-account voting power is now fully synthesized from lock/unlock Transfers plus delegation shifts.#2002
451db65Thanks @pikonha! - Integrate Tornado Cash DAO (TORN): custom stake-to-vote indexer (lock-based delegated supply, timestamp governance), timestamp-based proposal-status API client, and dashboard config/icon.Patch Changes
#2002
1454329Thanks @pikonha! - Fix TORN voting power going negative from treasury transfers. TORN derives per-account voting power from lock/unlock Transfers in/out of the governor, but TORN also flows through the governor for treasury purposes (proposal executions, batch grant payouts, the governor↔vault migration). Those were misread as user unlocks and subtracted voting power from recipients that never locked (e.g. proposal #6 funding a staking pool booked a -120k unlock against a contract with zero locked balance), producing negative voting power and phantom locked balances. A custody transfer is now only counted as a lock/unlock when its counterparty is the transaction sender, which is true for genuinelock()/unlock()calls and false for treasury flows.#2002
1a91eb5Thanks @pikonha! - Fix TORN votes not reflecting vote changes. TORN's governor lets a voter re-cast to change their vote, but theVotedhandler usedonConflictDoNothingon the unique(voter, proposal)row and dropped every subsequent cast — so a voter who switched from For to Against still showed as For and the proposal tally kept the stale vote. The handler now overwrites the existing row and moves the voting power between the for/against buckets on a change, while still treating an exact re-processed log (backfill/reorg) as a no-op. Requires a reindex to repopulate.@anticapture/offchain-indexer@1.1.0
Minor Changes
7f62a0eThanks @pikonha! - Remove proposals and votes from the offchain indexer database when proposals are deleted from Snapshot. Reconciliation is bounded to proposals created in the last two weeks, so it never deletes older proposals and avoids overwhelming the Snapshot API and the indexer.