chore: sync fork with upstream obot v0.23.2#16
Merged
Conversation
Bumps the npm_and_yarn group with 1 update in the /docs directory: [webpack-dev-server](https://github.com/webpack/webpack-dev-server). Updates `webpack-dev-server` from 5.2.4 to 5.2.5 - [Release notes](https://github.com/webpack/webpack-dev-server/releases) - [Changelog](https://github.com/webpack/webpack-dev-server/blob/main/CHANGELOG.md) - [Commits](webpack/webpack-dev-server@v5.2.4...v5.2.5) --- updated-dependencies: - dependency-name: webpack-dev-server dependency-version: 5.2.5 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…bot-platform#6983) In order to know which MCP server the MCP client is trying to connect to, they should send a resource parameter with the authorize request. Not all clients do this. This change introduces a way to alter the metadata endpoints so that we can still determine which MCP server the client is connecting to when they don't send a resource parameter. Signed-off-by: Donnie Adams <donnie@obot.ai>
Signed-off-by: Grant Linville <grant@obot.ai>
This screen finishes the MCP OAuth flow so that we can control what the user sees when the OAuth process completes. This fixes issues when we redirect back to apps on a user's computer. This change also removes the old login complete screen in favor of a consistent experience. That is, if a user uses `obot login`, then they will see this new "authentication complete" screen with the "you can now close this window" text. Signed-off-by: Donnie Adams <donnie@obot.ai>
Previously, we would check for a valid license on startup and every hour after that. This change checks on startup and once per day. Additionally, an API endpoint is added to allow users to manually check their license once every 5 minutes. Signed-off-by: Donnie Adams <donnie@obot.ai>
Merge upstream tag v0.23.2 into the fork (was based at v0.23.0), bringing in the v0.23.1 and v0.23.2 patch releases (auth-complete screen, drop python/pip from image builds, MCP OAuth consent screen, license once-per-day check, etc.). Conflict resolutions: - oauthauthrequest.go / authorize.go: kept fork's ConsentMCPConfigRequired field and its consent-config guard (union with upstream consent changes). - license/provider.go: kept upstream's 24h poll interval + update() error signature; preserved fork's success-logging else block. - Complete.svelte / consent +page.svelte: kept fork's richer behavior (countdown redirect, MCP config-required flow) on upstream's base. - admin/license/+page.svelte: kept fork's @lucide/svelte import (the fork migrated off lucide-svelte repo-wide; upstream's lucide-svelte would break the build). - Dockerfile: adopted upstream's python/pip drop; preserved fork's nodejs-24 pin and docker package. - docker-build-and-push.yml: kept fork's OBOT_IMAGE naming and omission of the Depot enterprise jobs. - openapi_generated.go: regenerated from merged source types. Verified locally: make all (build + build-node + binary), pnpm run check, and make test all pass. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This was referenced Jun 25, 2026
hbanerjee74
added a commit
that referenced
this pull request
Jun 25, 2026
…on (#17) * chore: bump image version metadata to upstream v0.23.2 The image build resolves its tag from .accelerate/upstream-sync.json (scripts/build-vibedata-image.sh → <upstreamObotVersion>-vibedata), but that metadata was left at v0.23.0 through the v0.23.2 content sync (#14) and the tag sync (#16). As a result the build would still publish obot-vibedata:v0.23.0-vibedata despite the code being at v0.23.2. Update upstreamObotVersion to v0.23.2 and the SHAs to the v0.23.2 commit (31f8dd8). Verified locally: scripts/build-vibedata-image.sh now resolves ghcr.io/accelerate-data/obot-vibedata:v0.23.2-vibedata. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> * chore: make upstream-sync version resolution robust The auto-sync workflow writes .accelerate/upstream-sync.json (which drives the image tag), but resolved the version via `git describe --tags --abbrev=0 upstream/main`. That latches onto the nearest ancestor tag — currently the malformed pre-release `v.0.23.2-rc1` — and, because upstream cuts patch releases on release branches, can miss the latest stable tag entirely. Resolve instead to the highest stable `vX.Y.Z` tag (excluding RC/malformed tags). This yields v0.23.2 today and auto-advances on future releases, so an automated sync writes a correct, clean image version. Note: this only covers syncs run through the workflow; the last two syncs were done as manual merges, which is why the metadata had drifted. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Syncs the fork's
main(based at upstream v0.23.0) up to upstream v0.23.2, pulling in thev0.23.1andv0.23.2patch releases.What upstream brings in
defaultPollInterval1h → 24h (v0.23.2, fix: only check for a valid license once per day obot-platform/obot#7011)Conflict resolutions (9 files)
oauthauthrequest.go,authorize.goConsentMCPConfigRequiredfield + consent-config guard, unioned with upstream consent changeslicense/provider.goupdate() errorsignature; preserved fork's success-logging else blockComplete.svelteconsent/[oauth_auth_request]/+page.svelteadmin/license/+page.svelte@lucide/svelteimport — the fork migrated offlucide-svelterepo-wide; upstream'slucide-sveltewould break the buildDockerfilenodejs-24pin +dockerpackagedocker-build-and-push.ymlOBOT_IMAGEnaming and omission of the Depot enterprise jobsopenapi_generated.gogo generate) from merged source typesVerification (local)
make all— builds UI (build+build-node) andbin/obotpnpm run check— 0 errors, 0 warningsmake test— all passgolangci-lint run— 0 issuesDecisions made during sync
🤖 Generated with Claude Code