chore(main): release 0.7.8

[synthorg-repo-bot]

Highlights

AI-generated summary (model: openai/gpt-4.1-mini via GitHub Models). Commit-based changelog below.

What you'll notice

• Frontend and UX polishing improves user interface responsiveness and visual consistency.
• API hygiene and validation enhancements provide smoother and more reliable interactions.

What's new

• Introduced typed-boundary helpers enabling better type safety and parse_typed workflows.
• Added codebase-audit skill prompt tuning for improved project auditing.

Under the hood

• Eliminated flaky tests caused by module-level state for more stable test outcomes.
• Unified image tag management under CLI and Renovate for consistent dependency updates.
• Added cross-PR file-overlap analysis to the review dependency pull request skill.
• Updated multiple dependencies including Python, Web, CLI, and container libraries.
• Improved CI tooling and lock file maintenance for better build reliability.

🤖 I have created a release beep boop

0.7.8 (2026-05-03)

Features

• api: typed-boundary helper + codebase-audit skill prompt tuning (#1712) (40ee65b)
• boundary: RFC #1711 Phases 2 + 3 — typed boundaries via parse_typed (#1720) (7b9f409)

Bug Fixes

• api: audit cleanup B -- API hygiene & validation (#1719) (3d790d9)
• audit cleanup C - persistence, concurrency & data integrity (#1708) (#1717) (bcce097)
• test: exterminate xdist-flaky tests with module-level state (#1713) (#1721) (8d258dd)
• web: audit cleanup E -- frontend & UX polish (#1710) (#1718) (3a3591a)

Refactoring

• cli: single source of truth for DHI image tags + Renovate manager (#1723) (57980a2)

Documentation

• audit cleanup D -- public-facing & docs sync (#1709) (#1715) (ade03b7)

Tests

• engine: make TestDrainTimeout deterministic + preserve subclass type in @ontology_entity (#1729) (b00fb05)

CI/CD

• Update CI tool dependencies (#1703) (355a9ff)

Maintenance

• add cross-PR file-overlap analysis to review-dep-pr skill (#1722) (3861d8a)
• ci: unify apko-version under workflow env so Renovate manages it everywhere (#1724) (9c0a7fd)
• consolidate DHI image-pin custom regex managers (#1726) (b8b0cba)
• deps: update dependency chainguard-dev/melange to v0.50.4 (#1701) (8cbf83a)
• Lock file maintenance (#1705) (414cfea)
• Lock file maintenance (#1727) (5cb1212)
• Update CLI dependencies (#1702) (9fb57b9)
• Update Container dependencies (#1698) (6d24fd6)
• Update dependency @eslint-react/eslint-plugin to v5 (#1704) (1cb1294)
• Update Python dependencies (#1699) (8e7af3a)
• Update Python dependencies to v4.15.0 (#1725) (69164c8)
• Update Web dependencies (#1700) (715300d)

---

This PR was generated with Release Please. See documentation.

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

Scanned Files

None

[codspeed-hq]

Merging this PR will not alter performance

✅ 54 untouched benchmarks

---

_{Comparing release-please--branches--main--components--synthorg (d6fb650) with main (b00fb05)}

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	npm/​@​types/​grecaptcha@​3.0.9
	npm/​vitest@​4.1.5
	npm/​@​astrojs/​sitemap@​3.7.2
	npm/​@​astrojs/​react@​5.0.4
	npm/​astro@​6.2.1
	npm/​wrangler@​4.87.0

View full report

[socket-security]

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action	Severity	Alert  (click "▶" to expand/collapse)
Warn		Obfuscated code: npm entities is 91.0% likely obfuscated Confidence: 0.91 Location: Package overview From: site/package-lock.json → npm/astro@6.2.1 → npm/entities@4.5.0 ℹ Read more on: This package | This alert | What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/entities@4.5.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: npm entities is 91.0% likely obfuscated Confidence: 0.91 Location: Package overview From: site/package-lock.json → npm/astro@6.2.1 → npm/entities@6.0.1 ℹ Read more on: This package | This alert | What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/entities@6.0.1. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

[synthorg-repo-bot]

🤖 Created releases:

• v0.7.8

🌻