Skip to content

chore: sync fork main with obot-platform/obot upstream#14

Merged
hbanerjee74 merged 24 commits into
mainfrom
chore/sync-upstream-2026-06-25
Jun 25, 2026
Merged

chore: sync fork main with obot-platform/obot upstream#14
hbanerjee74 merged 24 commits into
mainfrom
chore/sync-upstream-2026-06-25

Conversation

@hbanerjee74

Copy link
Copy Markdown

What

Syncs the fork's main with obot-platform/obot:main — merges 23 upstream commits that landed since the last sync. This is a pure fork-maintenance merge; it carries no Studio-specific or feature work (the MCP instance OAuth-URL route is a separate PR, #13).

Conflicts resolved (3, all fork-customization files)

File Resolution
.github/workflows/docker-build-and-push.yml Kept fork side — publishes to the accelerate-data registry via OBOT_IMAGE; upstream's changes target obot-platform's ghcr/dockerhub, which don't apply to this fork.
Dockerfile Kept fork side — the fork ships the bundled "vibedata" image (Postgres + pgvector + python/node + libreoffice + MCP catalog paths). The fork's apk add line is already a superset of upstream's slimmed line, so no upstream packages are lost.
ui/user/src/routes/admin/+page.svelte Combined — kept the fork's appPath import (used at lines 103/234) and adopted upstream's package rename lucide-svelte → @lucide/svelte (the merged package.json resolves to @lucide/svelte, and 187 other UI files use it).

All other files auto-merged (incl. pkg/services/config.go, pkg/mcp/loader.go, go.mod/go.sum, UI deps).

Verification

  • go build ./... — OK (pulled new upstream deps)
  • go test ./pkg/api/handlers ./pkg/api/router — OK

Notable upstream changes now included

Sequencing

Merge this first; then PR #13 (the OAuth-URL route) rebases cleanly onto the updated main and stays a single commit.

njhale and others added 24 commits June 18, 2026 09:56
Bumps the npm_and_yarn group with 1 update in the /docs directory: [webpack-dev-server](https://github.com/webpack/webpack-dev-server).


Updates `webpack-dev-server` from 5.2.4 to 5.2.5
- [Release notes](https://github.com/webpack/webpack-dev-server/releases)
- [Changelog](https://github.com/webpack/webpack-dev-server/blob/main/CHANGELOG.md)
- [Commits](webpack/webpack-dev-server@v5.2.4...v5.2.5)

---
updated-dependencies:
- dependency-name: webpack-dev-server
  dependency-version: 5.2.5
  dependency-type: indirect
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…bot-platform#6983)

In order to know which MCP server the MCP client is trying to connect
to, they should send a resource parameter with the authorize request.
Not all clients do this. This change introduces a way to alter the
metadata endpoints so that we can still determine which MCP server the
client is connecting to when they don't send a resource parameter.

Signed-off-by: Donnie Adams <donnie@obot.ai>
This screen finishes the MCP OAuth flow so that we can control what the
user sees when the OAuth process completes. This fixes issues when we
redirect back to apps on a user's computer.

This change also removes the old login complete screen in favor of a
consistent experience. That is, if a user uses `obot login`, then they
will see this new "authentication complete" screen with the "you can now
close this window" text.

Signed-off-by: Donnie Adams <donnie@obot.ai>
Clean up the Docker image build by removing legacy dependencies and
consolidating the duplicated OSS/Enterprise build pipeline into a single job.

- Drop the `build-pgvector` stage and the pgvector extension install
- Remove unused runtime packages: `git`, `npm`,
  `nodejs`, `sqlite`, `sqlite-dev`, `libreoffice`, `perl-utils`
- Stop copying the Node build of the UI (`ui/user/build-node`)
- Reorganize docker instructions for clarity
- The `obot-enterprise` image is now identical to the OSS `obot` image, so
  its separate `enterprise-build`/`enterprise-image-scan` jobs are removed
- The single `build` job now also publishes/signs the `-enterprise` tag for
  backwards compatibility, and tags it `latest` on releases
- Rename `oss-build` → `build` and `oss-image-scan` → `image-scan`

Addresses obot-platform#6997

Signed-off-by: Nick Hale <4175918+njhale@users.noreply.github.com>
This change adds support for Client ID Metadata Documents for Obot when
it is functioning as an OAuth Authorization Server. That is, instead of
clients dynamically registering, clients can use CIMD to request auth
tokens on a user's behalf.

Additionally, if an authorization server for an MCP server supports
CIMD, then Obot will use it to get access tokens.

This change also adds an exception for this because claude-code doesn't
advertise itself as a native application_type, but should be treated as
one.

Signed-off-by: Donnie Adams <donnie@obot.ai>
* feat: admin ability to add app notification banner

* Update pkg/api/handlers/appnotifications.go

Co-authored-by: Donnie Adams <donald.g.adams@me.com>

* Update pkg/api/handlers/appnotifications.go

Co-authored-by: Donnie Adams <donald.g.adams@me.com>

* fix: hydration warning fix for InfoTooltip

* adjust logic in page.ts

* address peer review: rename singleton app-notification & remove metadata property

* rename appnotifications -> appnotification & nits

* go generate lint

* fix: on cancel, reset to what's in appnotificationstore, fallback to data.appNotification

* address a few more app notification singular noun verbiage

* fix: add check valid date for dismissedAt

---------

Co-authored-by: Donnie Adams <donald.g.adams@me.com>
Previously, we would check for a valid license on startup and every hour
after that. This change checks on startup and once per day.

Additionally, an API endpoint is added to allow users to manually check
their license once every 5 minutes.

Signed-off-by: Donnie Adams <donnie@obot.ai>
* fix: sort devices initally by scannedAt descending

* derived for getTableUrlParamsFilters
* enhance: how to connect ai client updates

* copilot review comments

* fix: length check & command update

* fix: review comments

* fix: id instead of name for command

* fix: create name for command

* add support for no preference

* address copilot review
…form#7007)

Before this change, when a user connected to an MCP server for the first
time through an MCP client without first configuring it in the Obot UI,
the connection would fail if the server had required configuration.

After this change, the user will be able to provide the required
configuration during the connection. In fact, connecting to an MCP server
in the UI will just show the URL and the user will have to configure it on
first connection.

Signed-off-by: Donnie Adams <donnie@obot.ai>
Co-authored-by: Ivy <ivy.jeong@gmail.com>
This change will make the "redirect in 3 seconds" text count down until
the redirect actually happens.

Signed-off-by: Donnie Adams <donnie@obot.ai>
Signed-off-by: Donnie Adams <donnie@obot.ai>
…m#7019)

* fix: show partial pat on edit of mcp catalog source URL

* changes

* update UI to show when PAT needs updating after preexisting sourceURL change

lint

* fix: for len <= 4 of pat, just return the mask

* check for explicit clear token action made by user

* use input readonly instead of p
The ValidationCodeNoMachine error is also a ErrLicenseNotActivated
error, so we don't need redundant checks.

Signed-off-by: Donnie Adams <donnie@obot.ai>
# Conflicts:
#	.github/workflows/docker-build-and-push.yml
#	Dockerfile
#	ui/user/src/routes/admin/+page.svelte
@hbanerjee74 hbanerjee74 merged commit fea9994 into main Jun 25, 2026
6 of 7 checks passed
@hbanerjee74 hbanerjee74 deleted the chore/sync-upstream-2026-06-25 branch June 25, 2026 12:01
hbanerjee74 added a commit that referenced this pull request Jun 25, 2026
… build-node (#15)

* feat: add MCP server instance OAuth URL route

* fix(lint): resolve pre-existing golangci violations inherited from upstream sync

errcheck + revive unused-parameter findings in generic_oauth_validation_test.go,
oidcjwt/smokeclient/main.go, and oidcjwt/testutil/testutil.go. These predate this
branch (present on main after the upstream sync); golangci-lint v2.11.4 flags them
and blocks every PR. Verified: golangci-lint run -> 0 issues.

* fix(build): restore node UI target in `make all` so image build finds build-node

The fork-sync (#14) inadvertently changed `all: ui` to `all: ui-user`,
dropping the `ui-user-node` target. The Dockerfile copies
/app/ui/user/build-node (produced only by ui-user-node), so the image
build failed with "build-node: not found". Restore `all: ui`.

Verified locally: `make all` now produces both ui/user/build and
ui/user/build-node, and the Go binary builds.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

---------

Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
hbanerjee74 added a commit that referenced this pull request Jun 25, 2026
…on (#17)

* chore: bump image version metadata to upstream v0.23.2

The image build resolves its tag from .accelerate/upstream-sync.json
(scripts/build-vibedata-image.sh → <upstreamObotVersion>-vibedata), but
that metadata was left at v0.23.0 through the v0.23.2 content sync (#14)
and the tag sync (#16). As a result the build would still publish
obot-vibedata:v0.23.0-vibedata despite the code being at v0.23.2.

Update upstreamObotVersion to v0.23.2 and the SHAs to the v0.23.2 commit
(31f8dd8). Verified locally: scripts/build-vibedata-image.sh now resolves
ghcr.io/accelerate-data/obot-vibedata:v0.23.2-vibedata.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

* chore: make upstream-sync version resolution robust

The auto-sync workflow writes .accelerate/upstream-sync.json (which drives
the image tag), but resolved the version via
`git describe --tags --abbrev=0 upstream/main`. That latches onto the
nearest ancestor tag — currently the malformed pre-release `v.0.23.2-rc1` —
and, because upstream cuts patch releases on release branches, can miss the
latest stable tag entirely.

Resolve instead to the highest stable `vX.Y.Z` tag (excluding RC/malformed
tags). This yields v0.23.2 today and auto-advances on future releases, so an
automated sync writes a correct, clean image version.

Note: this only covers syncs run through the workflow; the last two syncs
were done as manual merges, which is why the metadata had drifted.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

---------

Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

5 participants