Bump lodash from 4.17.23 to 4.18.1 in /frontend#2
Closed
dependabot[bot] wants to merge 175 commits intomainfrom
Closed
Bump lodash from 4.17.23 to 4.18.1 in /frontend#2dependabot[bot] wants to merge 175 commits intomainfrom
dependabot[bot] wants to merge 175 commits intomainfrom
Conversation
- Add .typos.toml to ignore JWT 'typ' header field - Update .pre-commit-config.yaml with mypy exclusions - Fix ruff lint errors (line length, exception chaining) - Fix mypy type errors in scripts/deploy-frontend.py - Update pyproject.toml with per-file ignore rules - Format code with ruff, prettier, trailing whitespace fixes
- Tavily: Switch from SDK to REST API to avoid tiktoken circular import - Nova: Add inference-profile/* and bedrock:Converse permissions - Add S310 ruff ignore for Tavily API URL
- Add BYPASS_TOOL_CONSENT for headless operation - Increase max_tokens to 30000 - Add DATA_SOURCES config with tavily, nova, arxiv, kb - Accept enabledSources from payload to filter tools - Remove editor tool, keep file_read and file_write only
- Add strands-deep-research to AgentPattern type - Add parser mapping for strands-deep-research - Accept enabledSources parameter in invoke method
- Add toggle buttons for Tavily, Nova, ArXiv in chat interface - Pass enabled sources to agent via API payload - Increase test-agent.py timeout to 300s
- Round 1: Generate Report V1 - Round 2: Research & Enrich - Round 3: Deep Dive & Refine - Round 4: Final Polish & Present
- Add admin_user_email to config.yaml - Add test_tavily_local.py for local Tavily testing - Add test_nova_local.py for local Nova testing
- Switch from Nova Lite to Nova 2 Lite (us.amazon.nova-2-lite-v1:0) - Return full response with text and citations - Fix system-tool ARN (no region in ARN) - Add S310 ignore for test_tavily_local.py
- Add ReportS3UploadHook to upload report to S3 after file_write/editor - Generate pre-signed URLs for frontend to fetch report content - Add CORS configuration to staging bucket for frontend access - Pass staging bucket to backend stack for S3 permissions - Add S3 read/write permissions to agent role
- Clarify H1 for report title only, H2 for sections - Add explicit heading rules for better report formatting
- Add ResizableSplitPane component with draggable divider - Add ResearchReportPanel with markdown rendering and download - Add ReportMarkdownRenderer with collapsible H2 sections - Extract report URL from tool results and fetch from S3 - Show split view when first file_write starts - Highlight changed sections with green indicator - Auto-generate table of contents from H2 headings - Use H1 title from markdown in panel header
- Add thinking placeholder while waiting for first response - Update header to show just "Correlate" title
- Move model_id configuration to config.yaml - Use global. prefix for cross-region model access
- Textarea no longer disabled during loading - Send button and Enter key still blocked until agent completes
The deep research agent was hitting AgentCore HTTP/2 streaming limits when generating large tool inputs (e.g., file_write with full report content or editor with large sections), causing ERR_HTTP2_PROTOCOL_ERROR. Changes: - Add SafeBedrockModel class with JSON repair for truncated streaming tool inputs and broader exception handling (BotoCoreError) - Restructure system prompt: scaffold-first workflow with file_write for skeleton only, editor for per-section content updates - Reduce from 4 rounds to 3, limit searches to 4-6, cap at 3 findings - Remove redundant file_read/re-output at end (report visible via panel) - Remove Sources section (citations are inline) - Add AgentCore lifecycle config with 30min idle timeout
Feat/add openfda See merge request proserve/genaiid/reusable-assets/correlate-deep-research!1
🔥 Remove unused code See merge request proserve/genaiid/reusable-assets/correlate-deep-research!2
- Replace BDA-based S3 tool with simple text/PDF reader Lambda - PDF files auto-converted to markdown via pymupdf4llm - Pre-signed URLs included for source citations - Add S3 Files data source toggle in UI with URI input - Auto-extract [Source: XXX] from reports into References section - Reset data sources on New Research - Add .typos.toml for JWT typ false positive
- Replace max_lines with start_line/end_line params for precise reading - Remove pre-signed URL generation, use plain S3 URIs for citations - Always create/update report, support follow-up questions - System prompt: read existing report before updating on follow-ups
✨ Add S3 file reader with PDF support and references panel See merge request proserve/genaiid/reusable-assets/correlate-deep-research!3
- Add SSE keepalive events during idle tool execution to prevent HTTP/2 connection drops (asyncio queue + 15s timeout) - Fix agent pattern mismatch in aws-exports.json (strands-single-agent → strands-deep-research) that caused "parser is not a function" error - Restructure system prompt from 3 rounds to 2 steps with hard budgets: max 4 search calls, exactly 3 editor calls, no chat summary - Add S3 file reading instructions: explore first 100 lines, read more only if relevant, max 2 reads per file - Skip end-of-response summary to save time (report already visible)
Feat/plotting See merge request proserve/genaiid/reusable-assets/correlate-deep-research!27
Fix/prompt See merge request proserve/genaiid/reusable-assets/correlate-deep-research!28
Generate styled PDF alongside markdown on every report upload. Citations converted to numbered superscript references with clickable URLs. Charts rendered at 300 DPI for print quality.
Download button fetches PDF when available, falls back to markdown. Inline [Source: URL] citations replaced with numbered superscripts that link directly to the source. References section with anchors.
Regex for tool names and required block required lines to end after the colon, skipping all lines with trailing YAML comments. This caused zero tools to be written to aws-exports.json.
Enable tools that work without API keys by default, disable ones that require external API keys (alphavantage, tavily, bedrock_kb).
HTML-escape source URLs before embedding in PDF href attributes to prevent injection. Use errors='replace' when reading markdown files to avoid crash on invalid UTF-8 sequences.
📄 Add PDF report generation with weasyprint See merge request proserve/genaiid/reusable-assets/correlate-deep-research!29
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.23 to 4.18.1. - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](lodash/lodash@4.17.23...4.18.1) --- updated-dependencies: - dependency-name: lodash dependency-version: 4.18.1 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
Bot
added
dependencies
Contributor
Author
|
OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting If you change your mind, just re-open this PR and I'll resolve any conflicts on it. |
dependabot
Bot
deleted the
dependabot/npm_and_yarn/frontend/lodash-4.18.1
branch
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps lodash from 4.17.23 to 4.18.1.
Release notes
Sourced from lodash's releases.
Commits
cb0b9b9release(patch): bump main to 4.18.1 (#6177)75535f5chore: prune stale advisory refs (#6170)62e91bcdocs: remove n_ Node.js < 6 REPL note from README (#6165)59be2derelease(minor): bump to 4.18.0 (#6161)af63457fix: broken tests for _.template 879aaa91073a76fix: linting issues879aaa9fix: validate imports keys in _.templatefe8d32efix: block prototype pollution in baseUnset via constructor/prototype traversal18ba0a3refactor(fromPairs): use baseAssignValue for consistent assignment (#6153)b819080ci: add dist sync validation workflow (#6137)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)You can disable automated security fix PRs for this repo from the Security Alerts page.