Skip to content

[comp] Production Deploy #2002

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
Marfuen merged 8 commits into from
Jan 14, 2026
Merged

[comp] Production Deploy #2002

Marfuen merged 8 commits into from
Jan 14, 2026

Conversation

@github-actions
Copy link
Contributor

@github-actions github-actions bot commented Jan 12, 2026

This is an automated pull request to release the candidate branch into production, which will trigger a deployment.
It was created by the [Production PR] action.

github-actions bot and others added 2 commits January 12, 2026 16:19
@github-actions
chore: merge release v1.76.1 back to main [skip ci]
65d83cd
@github-actions @tofikwest
[dev] [tofikwest] tofik/fix-policy-logic-for-trust-and-update-ui (#2001)
92b2aff 
* feat(pdf): add functionality to delete policy PDFs and handle PDF merging

* fix(api): bug and change pdf view

* fix: upgrade del action and replace action

* fix: rollback in fail for UI

---------

Co-authored-by: Tofik Hasanov <annexcies@gmail.com>
@vercel
Copy link

vercel bot commented Jan 12, 2026
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Review Updated (UTC)
app (staging) Ready Ready Preview, Comment Jan 14, 2026 8:54pm
portal (staging) Ready Ready Preview, Comment Jan 14, 2026 8:54pm

@cursor
Copy link

cursor bot commented Jan 12, 2026
edited
Loading

PR Summary

Policy exports & PDF management

  • Adds GET /v1/policies/download-all to generate an org‑branded PDF bundle of all published policies (merges uploaded PDFs or renders via PolicyPdfRendererService with accent color, headers, and page numbers) and returns a signed URL.
  • Trust portal: overhauls downloadAllPoliciesByAccessToken to produce branded bundles; adds GET /v1/trust-access/access/:token/policies/download-all-zip to deliver ZIP of individually watermarked PDFs; improves NdaPdfService watermark (diagonal pattern + footer).
  • App: introduces PdfViewer (view/replace/delete policy PDFs), upload-policy-pdf & delete-policy-pdf actions (S3 put/delete + DB displayFormat switch), PolicyDetails editor/PDF tab with AI toggle & rollback on error, and updates policies table to call the new API for “Download all”.

Storage & S3

  • Support S3 custom endpoints (e.g., MinIO) via APP_AWS_ENDPOINT and forcePathStyle across api/app/portal S3 clients; shared s3Client wiring and stronger key/metadata sanitization; new getObjectBuffer and getPresignedDownloadUrlWithFilename.
  • .env.example and self‑hosting docs updated with APP_AWS_ENDPOINT; OpenAPI adds attachment download spec.

Assistant chat (ephemeral context)

  • New assistant-chat module with JWT‑scoped history: GET/PUT/DELETE /v1/assistant-chat/history; backed by Upstash Redis (TTL via ASSISTANT_CHAT_TTL_SECONDS, in‑memory fallback).

Vendor risk assessment improvements

  • Safer URL/JSON handling and research gating; domain de‑dup via GlobalVendors; versioning; automatic “Verify risk assessment” task creation/updates; improved logging and batch trigger endpoint.

Tasks & DB

  • Introduces TaskAutomationStatus enum; adds automationStatus to Task and FrameworkEditorTaskTemplate (migrations). Propagated on org init, task create/regenerate; UI copy updated.

Other

  • OpenAPI spec extended for new endpoints; minor guard/formatting cleanups; bump @trycompai/db to 1.3.21.

Written by Cursor Bugbot for commit 878ac95. This will update automatically on new commits. Configure here.

@CLAassistant
Copy link

CLAassistant commented Jan 12, 2026
edited
Loading

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you all sign our Contributor License Agreement before we can accept your contribution.
1 out of 2 committers have signed the CLA.

✅ Calanas
❌ github-actions[bot]
You have signed the CLA already but the status is still pending? Let us recheck it.

@github-actions @tofikwest
[dev] [tofikwest] tofik/update-pdf-preview-watermark-footer-increase-…
eec5660 
…ux (#2003)

* feat(pdf): enhance PDF rendering with organization color and watermark

* fix(api): handle invalid primary color format in PDF rendering

* feat(api): add endpoint to download all policies as ZIP with PDFs

* fix(api): handle fallback for non-ASCII names in safe filename conversion

* fix(api): handle archive errors in ZIP creation process

* fix(api): correct footer font usage in PDF rendering

---------

Co-authored-by: Tofik Hasanov <annexcies@gmail.com>
@vercel vercel bot temporarily deployed to staging – portal January 13, 2026 00:51 Inactive
@vercel vercel bot temporarily deployed to staging – app January 13, 2026 00:51 Inactive
cursor[bot]
cursor bot reviewed Jan 13, 2026
View reviewed changes
apps/api/src/trust-portal/nda-pdf.service.ts
const watermarkText =
customWatermarkText ||
`For: ${name} <${email}> | ${timestamp} | ID: ${agreementId}`;
const watermarkText = 'CompAI';
Copy link

@cursor cursor bot Jan 13, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Custom watermark text parameter ignored in PDF watermarking

Low Severity

The addWatermark method accepts a customWatermarkText parameter but completely ignores it, hardcoding watermarkText to 'CompAI'. The watermarkExistingPdf method passes a watermarkText parameter through to addWatermark, and at least one caller (getComplianceResourceUrlByAccessToken) explicitly passes 'Comp AI' expecting it to be used. The custom text will be silently ignored, which breaks the function's contract with its callers.

Additional Locations (1)

Fix in Cursor Fix in Web

@github-actions @tofikwest
[dev] [tofikwest] tofik/make-beautifuly-policies-in-app-fix-bugs (#2004)
62e0680 
* refactor(api): improve code formatting and structure in assistant chat files

* refactor(pdf): streamline PDF merging logic and enhance error handling

---------

Co-authored-by: Tofik Hasanov <annexcies@gmail.com>
@vercel vercel bot temporarily deployed to staging – portal January 13, 2026 04:34 Inactive
@github-actions @tofikwest
feat(api): add functionality to download policies as ZIP with waterma…
338db04 
…rking (#2005)

Co-authored-by: Tofik Hasanov <annexcies@gmail.com>
@vercel vercel bot temporarily deployed to staging – portal January 13, 2026 05:27 Inactive
@vercel vercel bot temporarily deployed to staging – app January 13, 2026 05:27 Inactive
cursor[bot]
cursor bot reviewed Jan 13, 2026
View reviewed changes
@github-actions @tofikwest
refactor(api): streamline ZIP creation and S3 upload process for poli…
129bb69 
…cies (#2007)

Co-authored-by: Tofik Hasanov <annexcies@gmail.com>
@vercel vercel bot temporarily deployed to staging – portal January 13, 2026 15:08 Inactive
@vercel vercel bot temporarily deployed to staging – app January 13, 2026 15:08 Inactive
@github-actions @tofikwest
[dev] [tofikwest] tofik/automation-status-for-tasks (#2008)
5885242 
* feat(tasks): add automation status to task creation and regeneration

* refactor(tasks): remove logging from regenerate task action

---------

Co-authored-by: Tofik Hasanov <annexcies@gmail.com>
cursor[bot]
cursor bot reviewed Jan 14, 2026
View reviewed changes
apps/api/src/policies/policies.service.ts
width: 10,
height: 26,
color: rgb(accentColor.r, accentColor.g, accentColor.b),
});
Copy link

@cursor cursor bot Jan 14, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Policy header rectangle overlaps original PDF content

Medium Severity

For non-first uploaded PDFs in the merged bundle, the policy header rectangle is positioned at yPos - 40 where yPos = height + 60 - 25 = height + 35. This places the rectangle at y = height - 5, which is 5 pixels below the top of the embedded original PDF content (which occupies y = 0 to y = height). The 26-pixel tall rectangle thus overlaps with the original document content. For first policies, the math works correctly because yPos is adjusted by an additional -34 after drawing the org header, but this adjustment is skipped for subsequent policies.

Additional Locations (1)

Fix in Cursor Fix in Web

@Calanas @Marfuen
Enable use of alternative S3 providers (#2006)
878ac95 
* feat(s3): add optional AWS endpoint configuration for S3-compatible provider support

* feat(s3): make S3 endpoint optional and adjust forcePathStyle configuration

Signed-off-by: Andreas Reußner <andreas.reussner@outlook.de>

* fix(s3): handle undefined endpoint for S3 client initialization

Signed-off-by: Andreas Reußner <andreas.reussner@outlook.de>

---------

Signed-off-by: Andreas Reußner <andreas.reussner@outlook.de>
Co-authored-by: Mariano Fuentes <marfuen98@gmail.com>
@Marfuen Marfuen merged commit f0fb62f into release Jan 14, 2026
12 of 13 checks passed
@claudfuen
Copy link
Contributor

claudfuen commented Jan 14, 2026

🎉 This PR is included in version 1.77.0 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cursor cursor[bot] cursor[bot] left review comments

Assignees

No one assigned

Labels

automated-pr prod-deploy released

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@CLAassistant @claudfuen @Marfuen @Calanas