merge: upstream 121 commits#313
Open
github-actions[bot] wants to merge 122 commits into
Open
Conversation
GitOrigin-RevId: 94e25c0ea7431f3ce71d7fd63e8d42141ae5506e
GitOrigin-RevId: 41fbc3889b46cf8091bfa1fd2f2420128eb69b36
* feat: Highlight advanced props * refactor / feedback GitOrigin-RevId: 9edeb0b183b9fd6b373fd34a2e5cc27046d47426
GitOrigin-RevId: 68a5104052a763fd2c26fe4594fcd2e25a3cf54a
GitOrigin-RevId: 2f0f105d5b68cde85f24d6cacd93403dc92ad08f
GitOrigin-RevId: a845a88dda6b07356a3f321bf96d1c957653695f
GitOrigin-RevId: 3a101dcff4b6b5f6ce7db7752de7ac2c9901ab70
GitOrigin-RevId: a28317aef02a2eb91feb92387f2d0399cdbae87e
GitOrigin-RevId: fb745d5933efe7bfbbdb86d5e21383c51efcc73f
GitOrigin-RevId: 17782c920adf9f475363e16224f6f997b0d52154
Upgraded minor and patch versions across all platform workspaces. Skipped version upgrades will be documented in a separate PR. GitOrigin-RevId: a209f961d539ef5e67a72607eff1a7f74e038009
GitOrigin-RevId: 3fa1e141dd7097621f0de65f1fc610062248d23b
…(#2713) @octokit/app bumped 16.1.1 -> 16.1.2 and @octokit/auth-unauthenticated bumped 7.0.2 -> 7.0.3; rename patch files to silence version mismatch warnings on yarn install. Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com> GitOrigin-RevId: 8eb7d2aa0b8aa95e78238e83466edf147bbd6970
@ai-sdk/react bumped from 3.0.80 to 3.0.170 as a transitive dependency of @ai-sdk/google-vertex v4. In that range, addToolOutput changed its return type from Promise<void> to void | PromiseLike<void>. Widening spawn's parameter type accommodates this without forcing every call site to cast. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> --------- Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com> GitOrigin-RevId: cebf1df3da538c25819eb5d24c3100927f7de897
GitOrigin-RevId: 0e2dbc3d49d6dd874fa88fedc881de96fc42e8e9
…events (#2712)
BaseAnalytics.track() was not passing this.baseEventProperties to
mergeProperties, so properties like `production` and `host` set via
appendBaseEventProperties were never included in events sent to PostHog
(server-side).
mergeSane (lodash mergeWith) mutates the first argument in place. All
call sites pass class members as the first argument, so each call would
permanently accumulate properties from subsequent calls. Merge into a
fresh {} instead.
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
GitOrigin-RevId: 96f0f681abbce3f2f5e9b7079342f9785b84ea5d
Upgrade devDependency ranges across all `packages/` workspaces. ## devDependency ranges narrowed to latest **packages/cli** - `@babel/core` ^7.12.3 → ^7.29.0 - `@babel/generator` ^7.12.1 → ^7.29.1 - `@babel/parser` ^7.12.3 → ^7.29.2 - `@babel/preset-typescript` ^7.12.1 → ^7.28.5 - `@babel/traverse` ^7.12.1 → ^7.29.0 - `@babel/types` ^7.23.0 → ^7.29.0 - `@types/babel__core` ^7.20.3 → ^7.20.5 - `@types/babel__generator` ^7.6.6 → ^7.27.0 - `@types/babel__traverse` ^7.20.3 → ^7.28.0 - `@types/cli-progress` ^3.11.0 → ^3.11.6 - `@types/lodash` ^4.14.157 → ^4.17.24 - `@types/semver` ^7.3.1 → ^7.7.1 - `@types/tmp` ^0.2.0 → ^0.2.6 - `esbuild` 0.17.18 → 0.27.7 - `lodash` ^4.17.19 → ^4.18.1 - `prettier` ^3.6.2 → ^3.8.3 - `semver` ^7.3.2 → ^7.7.4 - `socket.io-client` ^4.1.2 → ^4.8.3 - `tmp` ^0.2.1 → ^0.2.5 - `ts-jest` ^29.1.1 → ^29.4.9 - `tsx` ^4.20.6 → ^4.21.0 - `utility-types` ^3.10.0 → ^3.11.0 - `winston` ^3.3.3 → ^3.19.0 **packages/create-plasmic-app** - `@types/lodash` ^4.14.168 → ^4.17.24 - `@types/semver` ^7.3.5 → ^7.7.1 - `tsx` ^4.20.6 → ^4.21.0 **packages/host** - `@rollup/plugin-json` ^6.0.0 → ^6.1.0 - `@types/classnames` ^2.3.0 → ^2.3.4 - `rollup-plugin-banner2` ^1.2.2 → ^1.3.1 **packages/loader-react** - `@types/pascalcase` ^1.0.0 → ^1.0.3 **packages/nextjs-app-router** - `@types/yargs` ^17.0.32 → ^17.0.35 **packages/react-web** - `@babel/core` ^7.14.6 → ^7.29.0 - `@babel/preset-env` ^7.22.15 → ^7.29.2 - `@babel/preset-react` ^7.22.15 → ^7.28.5 - `@babel/preset-typescript` ^7.22.15 → ^7.28.5 - `@rollup/plugin-json` ^6.0.0 → ^6.1.0 - `@types/classnames` ^2.3.1 → ^2.3.4 - `@types/clone` ^2.1.1 → ^2.1.4 - `@types/dlv` ^1.1.2 → ^1.1.5 **packages/react-web-runtime** - `rollup` ^4.1.4 → ^4.60.2 ## Lockfile deduplication - Ran `yarn-deduplicate --strategy fewer` after install — reduced from 729 to 470 duplicate entries vs master - Manually preserved two lockfile entries that dedup would incorrectly merge: - `@types/react@*` kept at 18.x (merging up to 19.x breaks `plasmicpkgs/react-slick` build — TS2786) - `@testing-library/user-event@^14.4.0` kept at 14.6.x (merging down to 14.5.2 breaks react-aria storybook focus tests) ## Skipped - `react-aria` / `@react-aria/*` / `@react-stately/*` / `@react-types/*` — blocked by PLA-12485 (focus regression on overlay dismiss) GitOrigin-RevId: 34942a8d48b026e372fe772a77752283cef420cf
- @plasmicapp/cli@0.1.361 - create-plasmic-app@0.0.142 - @plasmicapp/data-sources@1.0.3 - @plasmicapp/host@2.0.2 - @plasmicapp/loader-gatsby@2.0.3 - @plasmicapp/loader-nextjs@2.0.3 - @plasmicapp/loader-react@2.0.3 - @plasmicapp/nextjs-app-router@1.0.23 - @plasmicapp/react-web@1.0.3 - @plasmicapp/react-web-runtime@1.0.3 - plasmicpkgs-dev@0.0.62 - @plasmicpkgs/airtable@0.0.259 - @plasmicpkgs/antd@2.0.167 - @plasmicpkgs/antd5@0.0.340 - @plasmicpkgs/plasmic-chakra-ui@0.0.75 - @plasmicpkgs/cms@0.0.22 - @plasmicpkgs/commerce@0.0.243 - @plasmicpkgs/commerce-commercetools@0.0.193 - @plasmicpkgs/commerce-local@0.0.243 - @plasmicpkgs/commerce-saleor@0.0.207 - @plasmicpkgs/commerce-shopify@0.0.251 - @plasmicpkgs/commerce-swell@0.0.253 - @plasmicpkgs/contentful@0.0.17 - @plasmicpkgs/dnd-kit@0.0.22 - @plasmicpkgs/fetch@0.0.35 - @plasmicpkgs/framer-motion@0.0.243 - @plasmicpkgs/plasmic-google-maps@0.0.24 - @plasmicpkgs/graphql@0.0.29 - @plasmicpkgs/plasmic-keen-slider@0.0.88 - @plasmicpkgs/lottie-react@0.0.237 - @plasmicpkgs/plasmic-mailchimp@0.0.22 - @plasmicpkgs/plasmic-basic-components@0.0.274 - @plasmicpkgs/plasmic-calendly@0.0.91 - @plasmicpkgs/plasmic-cms@0.0.313 - @plasmicpkgs/plasmic-content-stack@0.0.199 - @plasmicpkgs/plasmic-contentful@0.0.193 - @plasmicpkgs/plasmic-embed-css@0.1.229 - @plasmicpkgs/plasmic-eventbrite@0.0.77 - @plasmicpkgs/plasmic-giphy@0.0.77 - @plasmicpkgs/plasmic-graphcms@0.0.216 - @plasmicpkgs/plasmic-hubspot@0.0.89 - @plasmicpkgs/plasmic-intercom@0.0.22 - @plasmicpkgs/plasmic-link-preview@1.0.147 - @plasmicpkgs/plasmic-nav@0.0.215 - @plasmicpkgs/plasmic-pigeon-maps@0.0.77 - @plasmicpkgs/plasmic-query@0.0.264 - @plasmicpkgs/plasmic-rich-components@1.0.246 - @plasmicpkgs/plasmic-sanity-io@1.0.224 - @plasmicpkgs/plasmic-soundcloud@0.0.89 - @plasmicpkgs/plasmic-strapi@0.1.201 - @plasmicpkgs/plasmic-tabs@0.0.86 - @plasmicpkgs/plasmic-typeform@0.0.89 - @plasmicpkgs/plasmic-wordpress@0.0.171 - @plasmicpkgs/plasmic-wordpress-graphql@0.0.161 - @plasmicpkgs/plasmic-yotpo@0.0.88 - @plasmicpkgs/radix-ui@0.0.103 - @plasmicpkgs/react-aria@0.0.177 - @plasmicpkgs/react-audio-player@0.0.72 - @plasmicpkgs/react-awesome-reveal@3.8.247 - @plasmicpkgs/react-chartjs-2@1.0.155 - @plasmicpkgs/react-parallax-tilt@0.0.245 - @plasmicpkgs/react-quill@1.0.108 - @plasmicpkgs/react-scroll-parallax@0.0.254 - @plasmicpkgs/react-slick@0.0.266 - @plasmicpkgs/react-twitter-widgets@0.0.243 - @plasmicpkgs/react-youtube@7.13.249 - @plasmicpkgs/rive@0.0.31 - @plasmicpkgs/plasmic-spotify@0.0.22 - @plasmicpkgs/strapi@0.0.20 - @plasmicpkgs/tiptap@0.0.28 - @plasmicpkgs/vanilla-cookieconsent@0.0.21 - @plasmicpkgs/wordpress@0.0.21 GitOrigin-RevId: f110feb3414bdfdcbd84167e91a951f8dcd4dd60
GitOrigin-RevId: be922d505cb61d4f6df699d002b4a3ba7540e0a3
Resolves critical/moderate audit vulnerabilities: - handlebars: JS injection via AST type confusion (CVE, patch >=4.7.9) - protobufjs: arbitrary code execution (patch >=7.5.5) - via posthog-js opentelemetry chain Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> GitOrigin-RevId: 29c254c6d581dd53094239218f0356e1a1c1ba2e
* fix: Choice prop codegen when options use object form * test: wabToTsType GitOrigin-RevId: 4b7d5bff4f86adc6f3917ecf1cd7a03e0af01a81
GitOrigin-RevId: 7e53e05781d6af6873315d1ad4eb4776e2e00697
GitOrigin-RevId: 13aad22bce0f9357d55549ead01d8b6df8d8733d
GitOrigin-RevId: 643a9d8dfb2d09c8a2c1bd5178ad47683220e0a4
Adds a `loader_bundle_cache_total` Prometheus counter that tracks S3
bundle cache hits and misses, labeled by source ("prefill" vs "live"),
so we can measure how often a live CDN request triggers an esbuild
run vs being served from a prefilled S3 cache.
Adds cache miss log message with the cache key.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---------
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
GitOrigin-RevId: 29dd37be14bd3bab0922875ff51bf3f49b95a3b9
GitOrigin-RevId: 26a99ab7a4b47a43145712b8b0e4b68f8d7db9e8
GitOrigin-RevId: 8765cdc08085347514c193d541654af29c24d15a
GitOrigin-RevId: d781fb8e8a177f3cf7c58d0b632642c94c9bdebc
GitOrigin-RevId: 0156c3e18cd8716d40d59d100adf591d83fa083e
GitOrigin-RevId: 3ecc66013fc67787f440f273fb60e1a20345ba69
GitOrigin-RevId: 9ed58da9cbf87dad8eeabf4de501fb6e74744803
GitOrigin-RevId: 0c770feed9d5e86836bf8e2dabd3448db818ef53
github-actions
Bot
force-pushed
the
merge/upstream
branch
from
d195b8b to
1e7a651
Compare
github-actions
Bot
changed the title
Codegen events are high volume; reduce sampling threshold to 0.1 to cut down on tracked analytics for both the codegen and loader endpoints. Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com> GitOrigin-RevId: 003735e938bfea240238ab97f4475f1a9473bdcb
…790) Pages can have props too, even though they are not normally used. This commit adds an optional $props arg to getServerQueriesData. GitOrigin-RevId: 3a21b82e22a00cd8dd1bf8afe84a3448d2cd0d8f
GitOrigin-RevId: d60144d5acd0c67b65915905878eea338a95a651
Adds a new 'Text Editor' section to Help > Keyboard Shortcuts listing the inline-tag hotkeys (em, i, strong, sub, sup, span, code) registered in CanvasText.ts, plus the older bold / italic / underline / strikethrough / link shortcuts, so users can discover them. Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com> GitOrigin-RevId: 02449d5a1c95d6c16c7d7f503fa293862a9d8112
* chore(tests): Update chrome to latest version * chore(tests): Changed Chrome version * chore(tests): Changed Chrome version * chore(tests): Fix kubectl GitOrigin-RevId: 135bd9a2e287bde04c56b4c60b743f6295cfb688
…2794) GitOrigin-RevId: 1b4bdd5c4744284a3b8aa8d20e86679eccaf1803
…n tests (#2781) * feat: add cpa integration tests for app dir * refactor * feat: add gatsby and tanstack to integration tests * fix: cron runs once every 24 hours GitOrigin-RevId: a3e71aaf3b707ac73090d763ee097deb864eb668
Adds a small helper line under the og:image picker in the page SEO panel pointing users to Facebook's Open Graph image documentation, along with the recommended 1200x630 size. GitOrigin-RevId: b0df961fd2252e5d65811098ac9223d213d71d08
GitOrigin-RevId: d8cc05df2860841a3077da5d63a3df5103d3f06d
* feat: create-plasmic-app uses next 16 * chore: cpa-out * fix: write next config options to the correct config file * fix: outdated comment after the Next.js bump * fix: require node >= 20.9.0 for next.js platform * fix: test against more Next versions * Revert "fix: require node >= 20.9.0 for next.js platform" This reverts commit 1a04f5360c49883e3d223d5603fbeb72cbcbde41. * fix: remove failing combo * fix: add related task ID GitOrigin-RevId: cf1e93d2d795d969f13457fadcd8578b2451df4a
…3061) (#2764)
executeServerQuery was an unreleased server-query API removed in #2410, but older cached/published loader codegen output still imports it from @plasmicapp/react-web/lib/data-sources, which breaks esbuild bundling of loader assets ("No matching export ... for import executeServerQuery"). Re-add it as a deprecated no-op so those stale outputs can still be bundled.
GitOrigin-RevId: c135cc26ba034324ccd587465a136b379638db37
- @plasmicapp/data-sources@1.0.8 - @plasmicapp/react-web@1.0.9 - @plasmicapp/react-web-runtime@1.0.9 - @plasmicpkgs/antd5@0.0.346 - @plasmicpkgs/plasmic-link-preview@1.0.152 - @plasmicpkgs/plasmic-rich-components@1.0.252 - @plasmicpkgs/tiptap@0.0.33 GitOrigin-RevId: e7fba8eb70bafe6176256ccbbef135a64f53ed35
GitOrigin-RevId: c798f48a54b82c20a31f02a0be471f1f6fabcc05
GitOrigin-RevId: c60e2bb509fd5e180746e225057096db0d54aa3a
GitOrigin-RevId: aaf0fd9bcd42ccc25b3637f633a2564a4bde6f7b
GitOrigin-RevId: 93d197fcabe325a2cb0ea929085512006a81d3b3
GitOrigin-RevId: 2f9a5c1bbe017be8f5036d21f09eedc4e59ec608
…ests GitOrigin-RevId: fb924604175af9226e581668aac3224050e11e3b
GitOrigin-RevId: 14d67f123ee89a0d78e7a8eadefe3e35eef1d412
github-actions
Bot
force-pushed
the
merge/upstream
branch
from
1e7a651 to
6db4dab
Compare
github-actions
Bot
changed the title
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
6 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Upstream Merge
121 new commits from plasmicapp/plasmic master.
Conflicts to resolve
git fetch origin merge/upstream git checkout merge/upstream # Resolve conflicts, then: git push origin merge/upstreamConflicted files:
Before merging
See Upstream Merge Runbook.