chore(main): release 3.1.2#177
Merged
Merged
Conversation
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: acd5a468fe
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| version: 3.1.1 | ||
| appVersion: "3.1.1" | ||
| version: 3.1.2 | ||
| appVersion: 3.1.1 |
There was a problem hiding this comment.
This release bumps the chart/package version to 3.1.2 but leaves appVersion at 3.1.1, so Helm metadata and the app.kubernetes.io/version label rendered from .Chart.AppVersion will incorrectly advertise the previous release after deployment. That makes release tracking and downstream consumers (e.g., artifact metadata) inconsistent for v3.1.2 and should be corrected as part of the release commit.
Useful? React with 👍 / 👎.
buremba
force-pushed
the
release-please--branches--main
branch
from
acd5a46 to
ca164c5
Compare
buremba
added a commit
that referenced
this pull request
Apr 16, 2026
The canonical `chore${scope}: release${component} ${version}` pattern
trips release-please v4's own "miss the part of '${scope}'" warnings
and falls back to `chore: release ${branch}` — which leaves the merged
PR title with no version, breaking the post-merge component match and
blocking tag creation.
Use the simpler `chore(main): release ${version}` pattern that actually
produced working titles in #175 / #177 (e.g. `chore(main): release 3.1.1`).
buremba
added a commit
that referenced
this pull request
Apr 16, 2026
…#188) * fix(ci): restore release-please pull-request-title-pattern Without an explicit title pattern, release-please v4 generates "chore: release main" and the PR title carries no ${component}. When the PR is merged, createReleases then fails its post-merge match check: ⚠ PR component: undefined does not match configured component: gateway so the tag + GitHub release are never cut. The candidate-PR phase then aborts with "There are untagged, merged release PRs outstanding", blocking every subsequent release until the label is manually fixed. That regression was introduced in #179 (dropped the pattern added in #178). v3.3.0 and v3.4.0 both required a manual recovery (tag + release + relabel + workflow_dispatch publish). Restore the canonical pattern so release-please produces titles like "chore(main): release 3.4.1" which it can parse back after merge. * fix(ci): use simpler release-please title pattern that actually works The canonical `chore${scope}: release${component} ${version}` pattern trips release-please v4's own "miss the part of '${scope}'" warnings and falls back to `chore: release ${branch}` — which leaves the merged PR title with no version, breaking the post-merge component match and blocking tag creation. Use the simpler `chore(main): release ${version}` pattern that actually produced working titles in #175 / #177 (e.g. `chore(main): release 3.1.1`).
buremba
added a commit
that referenced
this pull request
May 18, 2026
Codex review of the v1 PR pair surfaced architectural gaps. This addresses the lobu-side items (the extension-side items land in lobu-ai/owletto PR #177 same-name branch). - packages/connectors/src/chrome.ts: add actions.close_tab. Required at the end of any multi-step session — the extension no longer auto- disposes scratch tabs between tool calls (that broke the natural navigate → get_accessibility_tree → click_ref flow). - packages/connectors/src/chrome.ts: relax ref schema. document_epoch + ref_id required; frame_id reserved for v2 iframe support but not required in v1 (we don't emit it). - packages/server/src/worker-api.ts: completeActionRun now runs through authorizeRunForWorker, matching the /complete and /stream endpoints. Without this, a leaked worker token could overwrite action_output on arbitrary runs.
buremba
added a commit
that referenced
this pull request
May 18, 2026
* feat(connectors): chrome connector — tool dispatcher v1
Replace four standalone connectors (chrome.tabs / browser.evaluate /
browser.page_text / browser.fill_form) with a single `chrome` connector
exposing:
feeds.open_tabs
Auto-wired tab snapshot. Unchanged semantics.
actions.{ navigate, get_accessibility_tree, click_ref, type_ref,
wait_for_selector, screenshot, evaluate }
A fixed enumeration of typed browser tools. The extension dispatches
each via chrome.debugger; new connectors compose on these without
shipping per-connector code into the extension. The set is modeled
on Claude in Chrome's tool surface (reverse-engineered from the
shipping extension) — same principle: narrow, auditable, no
interpreter for gateway-supplied code.
The cloud-side ConnectorDefinition is pure metadata; sync() / execute()
throw — actual work runs in apps/chrome/tools.js in the extension.
Deletes:
packages/connectors/src/chrome_tabs.ts
packages/connectors/src/browser/{evaluate,fill_form,page_text}.ts
The matching extension-side dispatch lives in lobu-ai/owletto PR #TBD
(Owletto for Chrome 0.4.0). No DB migration in this PR — the prior
shape was never deployed to production users.
* fix(connectors+server): post-codex hardening for chrome v1
Codex review of the v1 PR pair surfaced architectural gaps. This addresses
the lobu-side items (the extension-side items land in lobu-ai/owletto
PR #177 same-name branch).
- packages/connectors/src/chrome.ts: add actions.close_tab. Required at
the end of any multi-step session — the extension no longer auto-
disposes scratch tabs between tool calls (that broke the natural
navigate → get_accessibility_tree → click_ref flow).
- packages/connectors/src/chrome.ts: relax ref schema. document_epoch +
ref_id required; frame_id reserved for v2 iframe support but not
required in v1 (we don't emit it).
- packages/server/src/worker-api.ts: completeActionRun now runs through
authorizeRunForWorker, matching the /complete and /stream endpoints.
Without this, a leaked worker token could overwrite action_output on
arbitrary runs.
* fix(server): allow /complete-action for user-scoped workers
Codex re-review: user-scoped workers (chrome-extension) couldn't reach
/api/workers/complete-action — that endpoint wasn't in
allowedPathsForUserWorker. Action runs from the chrome extension would
get a 403 on completion, the run would stay in 'running' forever, and
action_output never landed. Adds the path. authorizeRunForWorker still
gates ownership, so a user worker can only finalize runs it claimed.
* feat(connectors): chrome.tab_events + chrome.history / .bookmarks / .downloads
Four ambient feeds beyond the open_tabs snapshot:
1. chrome.feeds.tab_events — live stream of tab create/close/url-change/
activate events. No new permission (uses baseline 'tabs'). Companion
to open_tabs: snapshot tells you 'what's open right now', tab_events
gives the lossless timeline.
2. chrome.history connector — one event per page visit. Opt-in via the
user granting the optional 'history' Chrome permission in the
sidepanel Permissions panel. Backfills ~90 days of history on first
sync (chrome.history.search), then streams chrome.history.onVisited
thereafter.
3. chrome.bookmarks connector — one event per bookmark with folder path.
Opt-in via 'bookmarks' permission. Backfills the full tree, then
streams onCreated/Removed/Changed/Moved.
4. chrome.downloads connector — one event per file downloaded with its
source URL. Opt-in via 'downloads' permission (new optional perm —
add to manifest in the matching owletto PR). Backfills recent
downloads via chrome.downloads.search, then streams onCreated +
onChanged (state=complete).
Auto-wire: the extension already advertises the corresponding
browser.history / browser.bookmarks / browser.downloads capabilities
when the user grants the optional permissions; device-reconcile.ts
auto-creates the connection per (org × device × connector) as soon as
the capability shows up.
* fix(core): add browser.downloads to BROWSER_CAPABILITIES allowlist
Final codex pre-merge: the extension advertises browser.downloads when
the user grants the downloads permission, but pollWorkerJob in the
gateway drops any capability outside BROWSER_CAPABILITIES before
reconcileDeviceCapabilities runs. The chrome.downloads connector would
never auto-wire. Adding it.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
🤖 I have created a release beep boop
3.1.2
3.1.2 (2026-04-11)
Bug Fixes
This PR was generated with Release Please. See documentation.