Skip to content

[comp] Production Deploy #2110

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
tofikwest merged 6 commits into from
Feb 9, 2026
Merged

[comp] Production Deploy #2110

tofikwest merged 6 commits into from
Feb 9, 2026

Conversation

@github-actions
Copy link
Contributor

@github-actions github-actions bot commented Feb 6, 2026

This is an automated pull request to release the candidate branch into production, which will trigger a deployment.
It was created by the [Production PR] action.

github-actions bot and others added 2 commits February 5, 2026 23:59
@github-actions
chore: merge release v1.82.1 back to main [skip ci]
d73b798
@github-actions @carhartlewis
[dev] [carhartlewis] lewis/comp-filter-evidence-tasks (#2106)
4e5f321 
* feat(tasks): add framework instances support to task filtering

* feat(tasks): define FrameworkInstanceForTasks type for task components and added a handler for non-existent frameworks

* feat(tasks): add validation for frameworkFilter in TaskList component

---------

Co-authored-by: Lewis Carhart <lewis@trycomp.ai>
@vercel
Copy link

vercel bot commented Feb 6, 2026
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
app (staging) Ready Ready Preview, Comment Feb 8, 2026 2:06pm
portal (staging) Ready Ready Preview, Comment Feb 8, 2026 2:06pm

Request Review

@cursor
Copy link

cursor bot commented Feb 6, 2026
edited
Loading

PR Summary

High Risk
Adds new task state transitions (in_review -> approve/reject) plus new API endpoints and notification delivery, which can affect task lifecycle, permissions, and user-facing comms. Also introduces widespread UI refactors to the design system that may cause regressions in key flows (tasks, people, settings).

Overview
Adds an evidence approval workflow for tasks: new endpoints to submit-for-review (single + bulk), approve, and reject, plus support for persisting approverId and recording audit logs for status/assignee changes and review actions.

Introduces review-request notifications (email + in-app via Novu) with new EvidenceReviewRequested and EvidenceBulkReviewRequested email templates and unsubscribe handling.

Enhances the task UI with an approver selector, submit/approve/reject UX, and a new Activity tab backed by a GET /tasks/:id/activity API.

Includes several UI migrations/refactors to @trycompai/design-system (cloud tests, people tables/invitations, secrets table, loading states, findings overview), plus a small vendor risk assessment model bump (gpt-4o-mini -> gpt-5.2) and a server-side fix to resolve legacy framework IDs in context entries.

Written by Cursor Bugbot for commit e0ae4dc. This will update automatically on new commits. Configure here.

@CLAassistant
Copy link

CLAassistant commented Feb 6, 2026
edited
Loading

CLA assistant check
All committers have signed the CLA.

@github-actions @carhartlewis
[dev] [carhartlewis] lewis/comp-audit-handoff-information-fixes-cs-103 (
d5d7ba1 
#2111)

* feat(context): resolve framework IDs to human-readable names in context entries

* refactor(auditor): exclude framework selection and auditor sections from context

---------

Co-authored-by: Lewis Carhart <lewis@trycomp.ai>
@vercel vercel bot temporarily deployed to staging – portal February 6, 2026 13:01 Inactive
@github-actions @carhartlewis
[dev] [carhartlewis] lewis/comp-join-date-calendar-cs-68 (#2112)
38ac4f2 
* feat(context): resolve framework IDs to human-readable names in context entries

* refactor(auditor): exclude framework selection and auditor sections from context

* feat(people): enhance JoinDate component with date parsing and dropdown

* refactor(people): simplify JoinDate component by removing date parsing logic

* refactor(people): update label in JoinDate component to 'Join Date'

* fix(people): add button type to Done button in JoinDate component

---------

Co-authored-by: Lewis Carhart <lewis@trycomp.ai>
@vercel vercel bot temporarily deployed to staging – portal February 6, 2026 19:15 Inactive
@github-actions @tofikwest
[dev] [tofikwest] tofik/evidence-review-workflow (#2113)
218b7b9 
* feat(tasks): add email templates and notification logic for evidence review requests

* fix(tasks): adjust layout of TabsContent in SingleTask component

---------

Co-authored-by: Tofik Hasanov <annexcies@gmail.com>
cursor[bot]
cursor bot reviewed Feb 7, 2026
View reviewed changes
Copy link

@cursor cursor bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Cursor Bugbot has reviewed your changes and found 4 potential issues.

Bugbot Autofix is OFF. To automatically fix reported issues with Cloud Agents, enable Autofix in the Cursor dashboard.

apps/app/src/app/(app)/[orgId]/tasks/components/BulkTaskStatusChangeModal.tsx
}

const updatedCount = response.data?.updatedCount ?? selectedTaskIds.length;
toast.success(`${updatedCount} task${updatedCount === 1 ? '' : 's'} submitted for review`);
Copy link

@cursor cursor bot Feb 7, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Response field name mismatch breaks task count display

Medium Severity

The frontend expects updatedCount in the response from the bulk submit-for-review endpoint, but the backend returns submittedCount. This causes response.data?.updatedCount to always be undefined, making the toast message fall back to selectedTaskIds.length instead of reflecting the actual number of tasks that were successfully submitted.

Additional Locations (1)

Fix in Cursor Fix in Web

apps/api/src/tasks/tasks.service.ts
? `cancelled evidence review for ${assigneeName}`
: `rejected evidence by ${assigneeName}`,
data: {
action: isCancellation ? 'reject' : 'reject',
Copy link

@cursor cursor bot Feb 7, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Audit log action always records 'reject' for cancellations

Medium Severity

In the rejectTask method, the audit log data.action field uses a ternary expression isCancellation ? 'reject' : 'reject' which always evaluates to 'reject'. When an admin/owner cancels a review (rather than the approver rejecting it), the audit trail cannot distinguish between the two different actions.

Fix in Cursor Fix in Web

@github-actions @carhartlewis
[dev] [carhartlewis] lewis/comp-ui-fixes (#2114)
e0ae4dc 
* chore(deps): update package versions and improve loading components

* chore(deps): update cheerio, zod, and other package versions

* style(FindingsOverview): update styling for no findings message and button

* refactor(people): simplify member and invitation components with new design system, fixed findings on overview page, removed fade in from settings page, re-ordered tabs in trust center

* refactor(ui): change onInput to onChange in QuantityInput component

* chore(deps): update react-hook-form to version 7.71.1

* feat(secrets): enhance SecretsTable with search, pagination, and delete functionality

---------

Co-authored-by: Lewis Carhart <lewis@trycomp.ai>
@tofikwest tofikwest merged commit 2524a4f into release Feb 9, 2026
16 of 17 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cursor cursor[bot] cursor[bot] left review comments

Assignees

No one assigned

Labels

automated-pr prod-deploy

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@CLAassistant @tofikwest