Skip to content

[comp] Production Deploy#3330

Merged
tofikwest merged 6 commits into
releasefrom
main
Jul 2, 2026
Merged

[comp] Production Deploy#3330
tofikwest merged 6 commits into
releasefrom
main

Conversation

@github-actions

@github-actions github-actions Bot commented Jul 2, 2026

Copy link
Copy Markdown
Contributor

This is an automated pull request to release the candidate branch into production, which will trigger a deployment.
It was created by the [Production PR] action.


Summary by cubic

Clarified policy delete confirmation and parallelized GitHub branch protection checks to prevent manual-run timeouts. Added tests for both changes.

  • Bug Fixes
    • Updated PolicyDeleteDialog text to clearly state it deletes the entire policy and all versions; added test assertions for the new warnings. Version-level delete dialog unchanged.
    • GitHub branch protection check now processes repos in parallel using mapWithConcurrency and REPO_CHECK_CONCURRENCY to avoid manual-run HTTP timeouts; added tests to verify bounded concurrency and correct results.

Written for commit 4d57fd0. Summary will update on new commits.

Review in cubic

github-actions Bot and others added 5 commits July 1, 2026 21:10
## Problem

A customer accidentally deleted an entire policy when they intended to delete only a single version. The confirmation dialog in PolicyDeleteDialog.tsx uses generic wording ("Are you sure you want to delete this policy?") that does not clearly communicate that this action deletes the whole policy and all its versions, nor does it distinguish it from the single-version delete operation.

## Root cause

The platform has two separate delete operations: deletePolicy (whole policy with cascading deletes of framework-control-policy links) and deletePolicyVersion (single version only). However the UI confirmation dialogs are asymmetric in their clarity. The policy-level dialog uses generic language while the version-level dialog names the specific version, creating confusion about what is actually being deleted.

## Fix

Updated PolicyDeleteDialog.tsx to clarify the confirmation title and description text. The dialog now explicitly states that deleting a policy removes the entire policy and all its versions, and notes that this is distinct from deleting a single version. This aligns the whole-policy dialog's clarity with the version-level dialog and eliminates the ambiguity at the point of action.

## Explicitly NOT touched

Soft-delete and recovery functionality. That requires schema changes and is out of scope for this fix.

## Verification

✅ PolicyDeleteDialog confirmation text now clearly distinguishes whole-policy delete from version delete
✅ Dialog title and description updated to state "entire policy and all its versions"
✅ Stale test assertions updated to match new wording
✅ Manual confirmation: policy delete dialog shows updated copy, version delete dialog behavior unchanged
… checks

## Problem
GitHub integration tests for branch protection checks hang and show no results when triggered manually. The UI shows a spinner that eventually stops and returns to 'no runs yet' state with no error message.

## Root cause
The manual check.run invocation in the HTTP request handler executes repo and branch iteration serially with retry backoff in branch-protection.ts. This stacks delays across potentially dozens of repos/branches and exceeds the ~60s gateway timeout. The request completes without returning results and with no error communicated to the user.

The same issue was fixed for code-scanning checks in commit 070a964 by wrapping the iteration in mapWithConcurrency to parallelize work within the timeout window. branch-protection checks were never converted to this pattern, so the timeout symptom persists despite the fix being proven elsewhere in the codebase.

## Fix
Wrap the repository and branch iteration loop in branch-protection.ts with the existing mapWithConcurrency helper to parallelize check execution. This matches the established pattern used in code-scanning and keeps all work within the gateway timeout.

## Explicitly NOT touched
- Authentication, token refresh, or org/repo scoping logic
- RBAC or permission checks
- Schema or data models
- Non-manual check runs (scheduled background jobs already use async patterns)

## Verification
✅ Branch protection checks now complete within gateway timeout when run manually
✅ Results are returned and displayed in the UI
✅ Concurrency pattern matches existing code-scanning implementation
✅ No auth/org-scoping changes that could affect access control
…in-team

fix(todo): create a ticket in team cs "[feature request/ux] - policy de
@vercel

vercel Bot commented Jul 2, 2026

Copy link
Copy Markdown

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
app (staging) Ready Ready Preview, Comment Jul 2, 2026 1:34pm
comp-framework-editor (staging) Ready Ready Preview, Comment Jul 2, 2026 1:34pm
1 Skipped Deployment
Project Deployment Actions Updated (UTC)
portal (staging) Skipped Skipped Jul 2, 2026 1:34pm

Request Review

@cubic-dev-ai cubic-dev-ai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No issues found across 2 files

Confidence score: 5/5

  • Automated review surfaced no issues in the provided summaries.
  • No files require special attention.

Re-trigger cubic

…b-integration-tests

fix(github-integration): use concurrent mapping for branch protection checks
@vercel vercel Bot temporarily deployed to staging – portal July 2, 2026 13:28 Inactive
@tofikwest tofikwest merged commit 3cdeafc into release Jul 2, 2026
13 checks passed
@claudfuen

Copy link
Copy Markdown
Contributor

🎉 This PR is included in version 3.95.2 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants