Bump the critter-stack group with 1 update#15
Closed
dependabot[bot] wants to merge 1 commit into
Closed
Conversation
Bumps JasperFx.Events.SourceGenerator from 2.0.0 to 2.1.1 --- updated-dependencies: - dependency-name: JasperFx.Events.SourceGenerator dependency-version: 2.1.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: critter-stack ... Signed-off-by: dependabot[bot] <support@github.com>
Author
LabelsThe following labels could not be found: Please fix the above issues or remove invalid values from |
Contributor
|
Closing — bundled into the next local commit. |
Author
|
This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests. To ignore these dependencies, configure ignore rules in dependabot.yml |
windischb
added a commit
that referenced
this pull request
May 26, 2026
…nore Second wave that surfaced after the first bundled sweep — Dependabot ran again with the new scoping config and opened four more PRs. Bundling them the same way: GitHub Actions: - docker/login-action v3 → v4 (cd-release ×2, cd-deploy-staging) - docker/metadata-action v5 → v6 (cd-release, cd-deploy-staging) - dorny/paths-filter v3 → v4 (ci-develop, ci-pr-validation) JasperFx.Events.SourceGenerator pin (ignore-rule fix): - The previous `versions: ["2.1.x"]` glob is not a valid Dependabot semver range — silently ignored, which is why PR #15 still came in with the 2.1.1 bump that breaks PrincipalProjectionBase codegen. Switched to `versions: [">=2.1.0 <3.0.0"]` so the package stays pinned at 2.0.0 until the Evolve(...) collision is resolved. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
dependabot
Bot
deleted the
dependabot/nuget/src/dotnet/critter-stack-919ffc5c92
branch
windischb
added a commit
that referenced
this pull request
Jun 2, 2026
…48) A code-vs-docs audit (15-agent workflow) found the product surface is ahead of what the docs/comments claim: several merged features were still labelled "not started" / "stub" / "deferred". This corrects the framing so future audits don't re-litigate shipped work. Docs + code COMMENTS only — no runtime behavior changes. dev-docs status lines flipped to verified reality (all cited commits are ancestors of develop): - federation-v1-design / -implementation-plan → Shipped (PR #23 4fa3af0, PR #24 0b70b31); Phase 6 per-realm TTL + durable leased-membership v2 kept as the genuine remainder. - saml-federation + index → Shipped (PR #17 8fc3df0); SLO + SAML IdP-mode kept explicitly deferred. - versioning-publishing-conventions → Shipped (GHCR retention, moving Docker tags, NuGet feed-gate are live workflows). - app-resources-as-permissions → ID-anchored model shipped. - white-label-customization (index) → Phase 1 shipped (8c8dea5/2ec0e58/ ae2f9ca); page-builder runtime + custom-CSS kept deferred. - production-readiness-audit → SAML SP DONE (PR #17), rescored 1→3; LDAP/AD kept open. - identity-lifecycle-untangle → auto-membership externalClaims contradiction RESOLVED (PR #24); durable-lease piece kept open. - permission-modell §5 + userinfo-hybrid-flat-emission → corrected to "groups NOT emitted (IdP-internal)" — matches AuthorizationEndpoints.cs + UserInfoPerAudienceTests. (The line a future groups-claim decision would consciously lift; left at today's reality.) False in-code comments removed/corrected (comment-only): - SamlEndpoints.cs: dropped the false "handlers are 501 stubs" note — they delegate to the live SamlLoginFlow. - SamlSetup.cs: dropped the "still to come task #13/#14/#15" block. - Program.cs: SAML hook is wired, not a "placeholder". - AuthorizationEndpoints.cs: claims injection is shipped via IPermissionService, not "deferred / legacy IRoleRepository". - CI workflow comments: :staging → :beta (the tag actually pushed). Deliberately NOT touched: signing-key rotation-overlap docs — those belong to the separate rotation thread (implement-vs-document still open). Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
windischb
added a commit
that referenced
this pull request
Jun 9, 2026
…ize contract + overflow fix (waves 0–6) (#63) * feat(admin-ui): create-flow defect fixes + German i18n sweep (UI/UX wave 0+1) Wave 0 — three defects surfaced and live-verified by the UI/UX audit: - OAuth client create no longer dead-ends on a bare "HTTP 400 Bad Request": surface the server's actual message (e.g. "client_credentials must be linked to a ServiceAccount ...") in a top-of-modal error banner. Read the response body's `error`/`detail` field instead of the never-populated `Message`. - Roles: the Permissions tab + catalog picker now render in the *create* modal (previously edit-only), so an admin can assign permissions while creating a role. Backend/DTO already accepted PermissionIds on create — this only ungates the three isCreate template guards. - User create/update: reject malformed emails (e.g. "notanemail") client-side (inline error + disabled submit) and server-side (new DomainErrors.User. EmailInvalid + format guard in CreateUser/UpdateUser handlers). Wave 1 — German i18n sweep (de.json was missing ~190 used keys; their English fallbacks leaked into the German UI): - New useGridLocale() composable → German search placeholder ("Suchen…") and empty overlay ("Keine Einträge vorhanden") applied to all 10 list grids. - ~190 missing keys translated (OAuth client/scope/api modals + dual-list labels, roles, groups, apps, realm-settings DCR, profile, consent, login, bootstrap, logout, change-requests, …). - Modal-title verb order fixed ("Erstelle X" → "X erstellen") for user/role/group. - Dropped the "Keycloak-style" competitor reference from user-facing copy. - Reworded "(eine pro Zeile)" labels that actually sit over add-row grids. Verified live against ghcr.io/cocoar-dev/modgud:beta (local cold-start) through the dev server — all five changes confirmed in the browser. FE type-check and BE build both green. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> * feat(admin-ui): shared grid pass — empty-states, row-open cue, truncation tooltips (UI/UX wave 2) Wave 2 of the admin-UI UX remediation (REPORT.md §7 item 7): one shared change across all 14 admin list/log/queue grids instead of per-view fixes. useGridLocale() is extended into the single shared grid layer: - applyListGridDefaults(builder, { openable }) wires the German locale overlay, a shared defaultColDef, and (opt-in) the row-open affordance. - sharedDefaultColDef carries only tooltipValueGetter (full value on hover for truncated cells). flex/minWidth are deliberately NOT defaulted: in AG-Grid an inherited flex overrides explicit column widths and an inherited minWidth clamps narrow columns up, which would break the fixed/pinned identifier and icon columns. Flex priority is set per-column instead. - Icon columns opt out of the tooltip (() => null) so they never surface the raw lucide name ('check'). - Row-open cue is a pure-CSS pointer + hover class (admin-grid-row--openable), no behaviour change — keeps cell-double-click, selection and context menus. New GridEmptyState.vue renders an onboarding empty-state (icon + one-line concept definition + optional CTA) as a sibling to the grid, gated on the store's readiness flag AND zero *source* rows — so a search/filter-empty grid keeps the grid and its localized "Keine Einträge vorhanden" overlay rather than wrongly telling the user to create the first record. Log/queue views use the no-CTA variant. ServiceAccountsView + AuthLogView + AuditLogView + ChangeRequestsView adopt useGridLocale net-new, which also fixes their untranslated "Search..." / "No Rows To Show" overlays (finding 36). ~14 German emptyHint strings added to de.json with English fallbacks inline. Live-verified against the :beta container: empty-state + CTA→create modal, truncation tooltip, row-hover cue, icon cell shows no raw-token tooltip, German chrome on the net-new adopters. pnpm type-check green. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> * feat(admin-ui): modal-size contract + form-layout pass — kill the dead half (UI/UX wave 3) Wave 3 of the admin-UI UX remediation (REPORT.md Phase 3) — the owner's core complaint: cramped / unpredictable modals and stretched field arrangement. Modal-size contract (router/index.ts). Replace the per-modal one-off size constants with a named system (MODAL_MD / MODAL_LG / MODAL_FULL) using two height strategies: - cap-to-content (height:auto + maxHeight) for single forms, so the panel sizes to its content instead of forcing 90vh with a dead lower half. Proven by the old SERVICE_ACCOUNT size; drive the family toward ScopeDetails. - stable tall frame (height==minHeight==maxHeight) for tabbed / grid / editor modals whose flex:1 dual-listbox / AG-Grid / Monaco children need a definite ancestor height. Big sizes keep vw width + maxWidth cap and NO minWidth rem floor (the documented viewport-overflow gotcha). Remap: Scope/Realm/Role/ServiceAccount → MD; API → MD with a minHeight floor so selecting an App fills reserved space instead of jumping the frame; User → a cap-to-content fluid size (compact create, no dead half) with the Groups dual-listbox carrying its own explicit height so edit still works; Group keeps a tall frame (Monaco + two dual-listboxes); IdpClaims/LoginProvider/ScheduledJob/ ConsistencyCheck → LG; App/Client → FULL. Form layout: - UserDetails: the email-verified toggle moves OUT of the Email field to the form's end, so it no longer injects between Email and Username (the create layout-jump, #10). General form wrapped in the new max-width column. - main.css: app-level .modal-form-col (~720px form column) + per-field width caps (.field-name/.field-email/.field-enum/.field-num). Controls obey their container, so capping the CoarFormField parent suffices — no vue-ui fork. Applied to UserDetails and the LoginProvider General tab (which must stay wide for its Monaco / dual ClaimMapEditor tabs but should not stretch the form). - New ColorField.vue: hex/CSS-color text input + a swatch that doubles as a live preview and OS color-picker trigger + inline validity (#11). Replaces the raw hex inputs in BrandingView (PrimaryColor) and LoginProvider (Button-Farbe). Live-verified against the :beta container at 1440×900: User create is now cap-to-content (dead half gone) while edit's Groups dual-listbox renders at 50vh; Scope/API/Role compact; Client (FULL) and LoginProvider (LG) stable; confirm-email appears at the form end without shifting fields; ColorField preview updates live. pnpm type-check green. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> * feat(admin-ui): polish pass — AA primary contrast, header model, maintenance + dashboard a11y (UI/UX wave 4) Wave 4 of the admin-UI UX remediation (REPORT.md Phase 4 polish). Honest corrections to the brief's framing after re-verifying each claim: #12 Primary-button token / login contrast. Login and admin do NOT diverge — the login submit button omits `variant`, so it already renders the SAME default `coar-button--primary` as admin primaries. The real defect is the shared `--coar-accent` (#1183CD) giving only ~4.08:1 white-on-blue, below WCAG AA. One root override in main.css — `--coar-accent: #1077be` — lifts every primary button (login submit, admin variant=primary, the modal footer confirm) to 4.77:1 at once, keeping the hue and staying above the ramp's fixed hover/active lightness so buttons still darken on hover. The realm-create CTA and modal-confirm-as-footer-anchor were already satisfied by the wave-3 ModalLayout. #13 Header model. Converge the two breadcrumb-array outliers onto the app-wide string-subtitle model: ScheduledJobList (its leading "Administration" crumb only duplicated the title); PageEditorView keeps its hierarchy as text ("Pages · <name>"). The dashboard stays title-only (a landing page, deliberately exempt). #15 Maintenance + observability. The destructive "Rebuild Projections" fired immediately — now it sits behind a CoarPopconfirm and uses the danger variant so it no longer reads as a benign action (mirrors RealmSettings' rotate-key twin). The observability sparkline drew a blank chart on an empty window — now shows an empty-state message, like the activity/error feeds already do. #14 Dashboard. Measured a11y/affordance polish, NOT a redesign (tiles already navigate on click): tiles get role=button + tabindex + Enter/Space keyboard activation + a focus ring + a drill-down chevron revealed on hover/focus; the bad/warn KPI values pair their colour with an alert icon + an sr-only "Achtung" so status isn't colour-only; the Login-Provider rows pair the status dot with an "Aktiviert/Deaktiviert" text tag. (The subjective personal-vs-ops reorder was deliberately left out.) Live-verified against the :beta container: primary contrast 4.77:1 with correct hover darkening (resolved oklch ramp checked in-page); ScheduledJobs string subtitle; rebuild danger button + confirm popover; dashboard chevron on hover, role=button, "Achtung" status, provider text tag. pnpm type-check green. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> * feat(admin-ui): wave 5 — MD form width caps, group-modal cap-to-content, dashboard sections Closes the three deferred follow-ups from the UI/UX remediation (waves 0–4). #1 MD form per-field width caps (Realm/Scope/API/Role/ServiceAccount): tag the full-width single-line fields with the existing .field-* caps — .field-enum (18rem) on the Application selects, .field-name (24rem) on Description / Name / AccountName / Purpose. No new CSS, no .modal-form-col (a no-op at 42rem). Multi-line list editors (RealmDomains, EditableStringList, permission checklist) stay full-width. Also drop two dead ModalLayout width= props (Scope 40rem, ServiceAccount 48rem) — modal size is route-owned and the prop is ignored. #2 Group modal — kill the create "dead half": move GROUP_MODAL_SIZE off the fixed 82vh LG frame to cap-to-content (60vw / 52rem, minHeight 30rem floor) so the create-landing General tab collapses to its content. The heavy edit tabs carry their OWN explicit section height (.editor-section 50vh for Members/Roles/Script, .effective-section 32vh for the read-only Effective lists) so they survive cap-to-content instead of collapsing — .flex-section drops flex:1. Cap the General fields with .modal-form-col + .field-*. Drop the dead width=44rem prop. #3 Dashboard — labelled personal/ops sections: split the single KPI list into personalKpiTiles + opsKpiTiles, rendered under two labelled bands ("Mein Konto" / "Realm-Betrieb"). The ops band collapses entirely for viewers without ops perms. Extract the KPI card into KpiCard.vue (+ kpiTile.ts types) so both grids share it. The ops grid stays count-aware (centered for <=2 tiles) so a lone tile doesn't float alone in a 6-col row. Live-verified @1440x900 against the :beta backend; vue-tsc --build green. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> * feat(admin-ui): wave 6 — universal modal-overflow fix + form-layout redesign Modal overflow (owner blocker): cap-to-content modals (height:auto + max-height) could not internal-scroll once content exceeded the cap. The overlay panel's explicit height:100% resolved to auto against the auto-height host, escaping the max-height clamp — so tall forms laid out at full content height and overflowed the viewport, leaving the footer/Save button unreachable. Dropping height:100% lets the host's flex align-items:stretch size the panel to the *clamped* cross-size: short forms still cap to content (no dead space), tall forms scroll internally with the footer pinned. Definite-height modals (LG/FULL) are unaffected — align-stretch fills the definite height just as height:100% did, so Monaco / dual-listbox / AG-Grid keep a definite ancestor. Form-layout redesign (8 detail modals): one shared grid contract (.modal-form*) replaces content-arbitrary rem-width fields — labelled sections, paired short fields, full-width prose/lists, and visible inline field-hints (vue-ui's :hint is a hover popover only in 2.5.2). Applied to Group, Role, Scope, API, Realm, ServiceAccount, User (General) and LoginProvider (Allgemein); raw checkboxes → CoarCheckbox; German microcopy de-jargoned in de.json. Tab-switch resize fix: tabbed modals keep one fixed size across tabs (Role 33rem, Group 80vh, User-edit pins .user-edit-frame at 60vh). Verified live across all 11 modal types: footer reachable, correct scroll/cap behaviour, no inner-widget collapse. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Updated JasperFx.Events.SourceGenerator from 2.0.0 to 2.1.1.
Release notes
Sourced from JasperFx.Events.SourceGenerator's releases.
No release notes found for this version range.
Commits viewable in compare view.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditions