Skip to content

Merge the dev branch to the main.#286

Open
pradeeban wants to merge 88 commits intomainfrom
dev
Open

Merge the dev branch to the main.#286
pradeeban wants to merge 88 commits intomainfrom
dev

Conversation

@pradeeban
Copy link
Member

@pradeeban pradeeban commented Feb 12, 2026

The dev branch as of now is the one that is currently deployed at https://controlcore-project.github.io/concore-editor/

saksham-gera and others added 30 commits March 22, 2025 01:26
@saksham-gera
Integrated Monaco Code Editor, Completing Issue #192
840836d
@saksham-gera
Fixing Issue #209, label must contain some text
c55d9de
@saksham-gera
Fixing Issue #208, Unknown Property ‘directory’ in React File Input i…
2a60f4f 
…n fileBrowser.jsx
@pradeeban
Merge pull request #212 from saksham-gera/issue209
c76910a 
Fixed Unknown Property ‘directory’ in React File Input in fileBrowser.jsx
@pradeeban
Merge pull request #211 from saksham-gera/issue208
f35acd4 
Fixed ESLint Error because of empty accessible text in label
@pradeeban
Merge pull request #210 from saksham-gera/issue192
91cc8fe 
Integrated Monaco Code Editor, removed unwanted upper save and save as buttons, as now only editor window scrolls not the whole screen.
@pradeeban
Update README.md
804d55b 
Remove some unnecessary details.
@saksham-gera
fixed workflow failure
0604c8e
@pradeeban
Merge pull request #215 from saksham-gera/issue192
a45405e 
fixed workflow failure
@saksham-gera
Workflow Issue Fixed
96d109c
@saksham-gera
Alert Issue Fixed #217
8e52f16
@saksham-gera
Prompt Issue Fixed #218
655aef0
@saksham-gera
Import order fixed
0898a3d
@pradeeban
Merge pull request #219 from saksham-gera/update_workflow
767865e 
Workflow Issue Fixed
@pradeeban
Merge pull request #221 from saksham-gera/alert_issue
b69af74 
Alert Issue Fixed #217
@pradeeban
Merge pull request #222 from saksham-gera/prompt_issue
3b1dc24 
Prompt issue fixed
@saksham-gera
Fixed Order Of Imports in FileEdit.jsx
15bdf88
@pradeeban
Merge pull request #223 from saksham-gera/dev
fad247a 
Fixed Order Of Imports in FileEdit.jsx
@pradeeban
Merge pull request #224 from ControlCore-Project/dev
0b787f1 
Merge Dev to Main.
@dependabot
Bump the pip group across 1 directory with 5 updates
f80c895 
Bumps the pip group with 5 updates in the /server directory:

| Package | From | To |
| --- | --- | --- |
| [dnspython](https://github.com/rthalley/dnspython) | `2.1.0` | `2.6.1` |
| [flask](https://github.com/pallets/flask) | `2.0.1` | `2.2.5` |
| [pymongo](https://github.com/mongodb/mongo-python-driver) | `3.12.0` | `4.6.3` |
| [gunicorn](https://github.com/benoitc/gunicorn) | `20.0.4` | `22.0.0` |
| [flask-cors](https://github.com/corydolphin/flask-cors) | `3.0.10` | `4.0.2` |



Updates `dnspython` from 2.1.0 to 2.6.1
- [Release notes](https://github.com/rthalley/dnspython/releases)
- [Changelog](https://github.com/rthalley/dnspython/blob/main/doc/whatsnew.rst)
- [Commits](rthalley/dnspython@v2.1.0...v2.6.1)

Updates `flask` from 2.0.1 to 2.2.5
- [Release notes](https://github.com/pallets/flask/releases)
- [Changelog](https://github.com/pallets/flask/blob/main/CHANGES.rst)
- [Commits](pallets/flask@2.0.1...2.2.5)

Updates `pymongo` from 3.12.0 to 4.6.3
- [Release notes](https://github.com/mongodb/mongo-python-driver/releases)
- [Changelog](https://github.com/mongodb/mongo-python-driver/blob/master/doc/changelog.rst)
- [Commits](mongodb/mongo-python-driver@3.12.0...4.6.3)

Updates `gunicorn` from 20.0.4 to 22.0.0
- [Release notes](https://github.com/benoitc/gunicorn/releases)
- [Commits](benoitc/gunicorn@20.0.4...22.0.0)

Updates `flask-cors` from 3.0.10 to 4.0.2
- [Release notes](https://github.com/corydolphin/flask-cors/releases)
- [Changelog](https://github.com/corydolphin/flask-cors/blob/main/CHANGELOG.md)
- [Commits](corydolphin/flask-cors@3.0.10...4.0.2)

---
updated-dependencies:
- dependency-name: dnspython
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: flask
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: pymongo
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: gunicorn
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: flask-cors
  dependency-type: direct:production
  dependency-group: pip
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
Bump the npm_and_yarn group across 1 directory with 14 updates
aa4bb34 
Bumps the npm_and_yarn group with 2 updates in the / directory: [react-scripts](https://github.com/facebook/create-react-app/tree/HEAD/packages/react-scripts) and [xml2js](https://github.com/Leonidas-from-XIV/node-xml2js).


Updates `react-scripts` from 4.0.3 to 5.0.1
- [Release notes](https://github.com/facebook/create-react-app/releases)
- [Changelog](https://github.com/facebook/create-react-app/blob/main/CHANGELOG-4.x.md)
- [Commits](https://github.com/facebook/create-react-app/commits/react-scripts@5.0.1/packages/react-scripts)

Updates `xml2js` from 0.4.23 to 0.5.0
- [Commits](https://github.com/Leonidas-from-XIV/node-xml2js/commits/0.5.0)

Updates `ansi-html` from 0.0.7 to 0.0.9
- [Commits](https://github.com/Tjatse/ansi-html/commits)

Updates `ansi-regex` from 2.1.1 to 5.0.1
- [Release notes](https://github.com/chalk/ansi-regex/releases)
- [Commits](chalk/ansi-regex@2.1.1...v5.0.1)

Updates `loader-utils` from 1.4.2 to 2.0.4
- [Release notes](https://github.com/webpack/loader-utils/releases)
- [Changelog](https://github.com/webpack/loader-utils/blob/v2.0.4/CHANGELOG.md)
- [Commits](webpack/loader-utils@v1.4.2...v2.0.4)

Updates `browserslist` from 4.14.2 to 4.24.4
- [Release notes](https://github.com/browserslist/browserslist/releases)
- [Changelog](https://github.com/browserslist/browserslist/blob/main/CHANGELOG.md)
- [Commits](browserslist/browserslist@4.14.2...4.24.4)

Updates `dns-packet` from 1.3.4 to 5.6.1
- [Changelog](https://github.com/mafintosh/dns-packet/blob/master/CHANGELOG.md)
- [Commits](mafintosh/dns-packet@v1.3.4...v5.6.1)

Updates `ejs` from 2.7.4 to 3.1.10
- [Release notes](https://github.com/mde/ejs/releases)
- [Commits](mde/ejs@v2.7.4...v3.1.10)

Updates `minimatch` from 3.0.4 to 3.1.2
- [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md)
- [Commits](isaacs/minimatch@v3.0.4...v3.1.2)

Updates `node-forge` from 0.10.0 to 1.3.1
- [Changelog](https://github.com/digitalbazaar/forge/blob/main/CHANGELOG.md)
- [Commits](digitalbazaar/forge@0.10.0...v1.3.1)

Updates `postcss` from 7.0.36 to 7.0.39
- [Release notes](https://github.com/postcss/postcss/releases)
- [Changelog](https://github.com/postcss/postcss/blob/7.0.39/CHANGELOG.md)
- [Commits](postcss/postcss@7.0.36...7.0.39)

Updates `shell-quote` from 1.7.2 to 1.8.2
- [Changelog](https://github.com/ljharb/shell-quote/blob/main/CHANGELOG.md)
- [Commits](ljharb/shell-quote@v1.7.2...v1.8.2)

Updates `terser` from 4.8.1 to 5.39.0
- [Changelog](https://github.com/terser/terser/blob/master/CHANGELOG.md)
- [Commits](terser/terser@v4.8.1...v5.39.0)

Updates `ws` from 6.2.3 to 7.5.10
- [Release notes](https://github.com/websockets/ws/releases)
- [Commits](websockets/ws@6.2.3...7.5.10)

---
updated-dependencies:
- dependency-name: react-scripts
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: xml2js
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: ansi-html
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: ansi-regex
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: loader-utils
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: browserslist
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: dns-packet
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: ejs
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: minimatch
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: node-forge
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: postcss
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: shell-quote
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: terser
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: ws
  dependency-type: indirect
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
@saksham-gera
Update buildAndDeploy.yml
18473f2
@pradeeban
Merge pull request #226 from saksham-gera/dev
55f77a9 
Update buildAndDeploy.yml
@pradeeban
Merge pull request #227 from ControlCore-Project/dev
626524b 
Merge dev to main
@saksham-gera
Zoom Component Will now update zoom level on zooming through mouse co…
df0215d 
…mponent too
@pradeeban
Merge pull request #229 from saksham-gera/dev
23eeb04 
Zoom Component Will now update zoom level on zooming through mouse scroll
@pradeeban
Merge pull request #216 from ControlCore-Project/dependabot/pip/serve…
0b4af00 
…r/pip-56e27855de

Bump the pip group across 1 directory with 5 updates
@saksham-gera
Added FullScreen Functionality
54a16e1
@pradeeban
Merge pull request #231 from saksham-gera/dev
d260a9c 
Added FullScreen Functionality
@saksham-gera
Functionality of loading graphs from previous sessions on hold
280b0f7
GREENRAT-K405 and others added 28 commits January 11, 2026 12:01
@GREENRAT-K405
Improve the edges: add curve when nodes not aligned, improved visibility
9bc1dac
@GREENRAT-K405
fix: edges placement when nodes are closed, increased distance betwee…
d7d569f 
…n any two parallel edges
@pradeeban
Merge pull request #263 from GREENRAT-K405/dev
8dc73af
@GREENRAT-K405
add pop up
d0c8982
@GREENRAT-K405
add pop up to upload directory feature
ec5c14a
@GREENRAT-K405
update close tab pop up logic
e783b34
@GREENRAT-K405
update upload directory pop-up
841905b
@GREENRAT-K405
update upload directory pop-up
04a7711
@pradeeban
Merge pull request #268 from GREENRAT-K405/dev
8936f42 
Display a normal pop-up message instead of windows alert at file upload directory and close tab in graph workspace. fix issue #248
@GREENRAT-K405
add darkmode to concore editor
6175826
@GREENRAT-K405
complete DARK MODE
a43387d
@GREENRAT-K405
update edges dark mode
0eb0bf9
@GREENRAT-K405
update darkmode: removed unnecessary comments
7a87a02
@GREENRAT-K405
complete dark mode UI
b215d7c
@pradeeban
Merge pull request #269 from GREENRAT-K405/dev
7fd3e5f 
Add dark mode UI throughout the concore-editor.
@GREENRAT-K405
add gemini ai pull request review
f4d8af2
@avinxshKD
Refactor: Replace UA sniffing with feature detection
d885d21
@avinxshKD
Merge branch 'origin/dev' into fix/ua-sniffing
fe18fd0
@avinxshKD
Fix: Remove incorrect fallback that disabled feature detection
9292dc7
@avinxshKD
Style: Revert formatting to match upstream
b21bc32
@avinxshKD
Cleanup: Remove accidental file and fix type
fb62ad6
@GREENRAT-K405
add greeings bot
abb9ba0
@pradeeban
Merge pull request #275 from GREENRAT-K405/dev
d007afe 
Add gemini AI pull request review
@pradeeban
Merge pull request #276 from avinxshKD/fix/ua-sniffing
59ce547 
Refactor: Replace UA sniffing with feature detection
@GREENRAT-K405
update uppercase/lowercase
35a95d9
@pradeeban
Merge pull request #279 from GREENRAT-K405/feat/greetings-first-time
febb68d 
Add first-interaction greetings workflow
@GREENRAT-K405
add missing pr-review.yaml file
8de285b
@pradeeban
Merge pull request #284 from GREENRAT-K405/dev
5adc49d 
add missing pr-review.yaml file
@pradeeban
Copy link
Member Author

pradeeban commented Feb 12, 2026

/gemini-review

github-advanced-security[bot]
github-advanced-security bot found potential problems Feb 12, 2026
View reviewed changes
.github/workflows/PR-review.yaml
steps:
- name: PR Info
run: |
echo "Comment: ${{ github.event.comment.body }}"

Check failure

Code scanning / CodeQL

Code injection Critical

Potential code injection in
${ github.event.comment.body }
Loading
, which may be controlled by an external user (
issue_comment
Loading
).

Copilot Autofix

AI about 16 hours ago

General fix: Avoid using ${{ github.event.comment.body }} directly in a run step. Instead, assign it to an environment variable in the step’s env: block using expression syntax, and reference that variable using shell syntax ($VAR) inside the script.

Concrete best fix here:

  • In the PR Info step (lines 19–24), move github.event.comment.body, github.event.issue.number, and github.repository into environment variables via an env: block.
  • Update the run script to use $COMMENT_BODY, $ISSUE_NUMBER, and $REPOSITORY instead of ${{ ... }}.
  • This changes only how values are passed into the shell, not what is logged, so functionality remains the same.

Changes are limited to the PR Info step in .github/workflows/PR-review.yaml around lines 19–24. No new imports or external dependencies are needed.

Suggested changeset 1
.github/workflows/PR-review.yaml

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/.github/workflows/PR-review.yaml b/.github/workflows/PR-review.yaml
--- a/.github/workflows/PR-review.yaml
+++ b/.github/workflows/PR-review.yaml
@@ -17,10 +17,14 @@
       contains(github.event.comment.body, '/gemini-review')
     steps:
       - name: PR Info
+        env:
+          COMMENT_BODY: ${{ github.event.comment.body }}
+          ISSUE_NUMBER: ${{ github.event.issue.number }}
+          REPOSITORY: ${{ github.repository }}
         run: |
-          echo "Comment: ${{ github.event.comment.body }}"
-          echo "Issue Number: ${{ github.event.issue.number }}"
-          echo "Repository: ${{ github.repository }}"
+          echo "Comment: $COMMENT_BODY"
+          echo "Issue Number: $ISSUE_NUMBER"
+          echo "Repository: $REPOSITORY"
 
       - name: Checkout Repo
         uses: actions/checkout@v3
EOF
@@ -17,10 +17,14 @@
contains(github.event.comment.body, '/gemini-review')
steps:
- name: PR Info
env:
COMMENT_BODY: ${{ github.event.comment.body }}
ISSUE_NUMBER: ${{ github.event.issue.number }}
REPOSITORY: ${{ github.repository }}
run: |
echo "Comment: ${{ github.event.comment.body }}"
echo "Issue Number: ${{ github.event.issue.number }}"
echo "Repository: ${{ github.repository }}"
echo "Comment: $COMMENT_BODY"
echo "Issue Number: $ISSUE_NUMBER"
echo "Repository: $REPOSITORY"

- name: Checkout Repo
uses: actions/checkout@v3
Copilot is powered by AI and may make mistakes. Always verify output.
Copy link
Member Author

@pradeeban pradeeban Feb 12, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@GREENRAT-K405 see if this solution makes sense (and if it does, please use that in your fix.)

Copy link

@GREENRAT-K405 GREENRAT-K405 Feb 12, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@pradeeban I have made changes in PR-review.yaml and will raise PR soon in all three repos.

.github/workflows/PR-review.yaml
Comment on lines +25 to +31
- name: Checkout Repo
uses: actions/checkout@v3
with:
fetch-depth: 0
ref: refs/pull/${{ github.event.issue.number }}/head

- name: Get PR Details

Check failure

Code scanning / CodeQL

Checkout of untrusted code in trusted context High

Potential execution of untrusted code on a privileged workflow (
issue_comment
Loading
)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@GREENRAT-K405 GREENRAT-K405 GREENRAT-K405 left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@pradeeban @GREENRAT-K405 @saksham-gera @avinxshKD