chore(deps): bump actions/setup-node from 4 to 6#7
Open
dependabot[bot] wants to merge 1 commit into
Open
Conversation
Bumps [actions/setup-node](https://github.com/actions/setup-node) from 4 to 6. - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](actions/setup-node@v4...v6) --- updated-dependencies: - dependency-name: actions/setup-node dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Author
LabelsThe following labels could not be found: Please fix the above issues or remove invalid values from |
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
andrei1000z
added a commit
that referenced
this pull request
May 25, 2026
Sesizare funnel #7 — pași noi: - submit-clicked: capturat ÎNAINTE de validare. Diferit de „submitted" (după success POST). Măsoară câți users se opresc la validation errors vs câți chiar trimit. Include hasPhotos/hasFormalText/hasEmail/ tipPresent ca să segmentăm. - validation-failed: când canSubmit e false → trackFunnelStep error step. Acum vedem clar drop-off la „Completează câmpurile X, Y, Z". - formal-text-generated: după AI improve success efectivă (text efectiv generat), separat de „ai-improve" care fires la click. Măsoară success rate Groq + medie textLength. Petitie funnel #9 — complet 6 pași: - view: la mount component (user a ajuns pe pagina petitie) - button-visible: IntersectionObserver threshold 0.5 — userul a scrollat suficient să vadă CTA. Killer metric: cât % din vizitatori ajung măcar să vadă butonul. - auth-required #8: când user non-auth click pe „Conectează-te ca să semnezi". DISTINCT din funnel — research zice că asta e killer #1 drop-off (per Network Impact + Pew civic tech). - sign-clicked: înainte de POST fetch (capturăm timing latency) - success: POST 200 ok - error: POST eșuat Coloana de ulterior pe dashboard: 100 view → 84 visible → 31 sign-click → 28 success = 28% real conversion (vs raw signatures count vanity). 759/759 teste pass. TS clean.
andrei1000z
added a commit
that referenced
this pull request
May 29, 2026
…olding + roadmaps) P0/P1 improvements + Big feature #1 SHIPPED + scaffolding pentru restul: ## Batch 6: DB migrations (mig 088 is_admin) - supabase/migrations/088_is_admin_function.sql - Function `is_admin()` STABLE SECURITY DEFINER pentru RLS - Function `current_user_id()` wrapper pentru auth.uid() - Foundation pentru refactor 14 inline subqueries → is_admin() - 5-50x speedup pe queries cu RLS ## Batch 7: Observability (TaggedErrorBoundary) - src/components/error/TaggedErrorBoundary.tsx - Class component cu Sentry.captureException(tags: { surface }) - Foundation pentru tagging per surface (sesizari/petitii/stiri/admin) ## Batch 8: Big Feature #1 SHIPPED + 6 plan - 🟢 Agent AI Insistent (FULL implementation): • src/app/api/cron/agent-insistent/route.ts (3 stage pipeline) • supabase/migrations/089_agent_insistent_schema.sql • Stage 1 (zi 30): Reamintire la primarie cu citare OG 27/2002 art. 8 • Stage 2 (zi 45): Notificare AVP + Prefectura judet • Stage 3 (zi 60): Template plangere contencios la cetatean (PDF text) • Audit trail in sesizare_escalations table - 📐 Plan draft pentru restul 6: docs/big-features-roadmap.md • #3 Stream consiliu — blocked cost ($5+/luna) • #4 Buget „pe banii MEI" — Q2 ready • #5 Initiative OTP SMS — blocked legal+cost • #8 Compass UE — Q2-Q3 • #9 Verificare avere — Q3-Q4 (legal review) • #10 Decizii Deschise — Q2-Q3 ## Batch 9: Medium features - 🟢 #7 Streak (scaffolded cron placeholder) - 📐 Plan draft pentru restul 10: docs/medium-features-roadmap.md • #1 Search semantic AI (pgvector) • #3 Calendar civic • #6 Profil public opt-in • #8 Newsletter personalizat • #9 Voice input • #10 Heatmap intensitate • #12 Embed widget presa • #13 Push intreruperi • #14 Counter „Azi rezolvate" • #17 Multilang RO/HU/UK ## Total commits batch 1-9 - 3e03eb9 Batch 1 security P0 - 4605ecc Batch 3 email infra + mig 087 - 6d6e764 Batch 5 perf (React cache + ISR) - THIS: Batch 6+7+8+9 (mig 088, ErrorBoundary, BIG #1, scaffolds) ## Files shipped total - 7 new files src/ (route handlers, lib, components) - 4 new migrations (086-089) - 1 GH Actions workflow (backup-supabase.yml) - 2 roadmap docs ## Post-deploy steps required 1. npm run migrate (aplica 086-089) 2. Schedule cron agent-insistent zilnic 09:00 3. Schedule cron sesizari-retry-bounce la 4h 4. Configure GH Actions secrets (R2 + SUPABASE_DB_URL) 5. Migrate RLS policies cu is_admin() in viitoare migration Tsc OK.
andrei1000z
added a commit
that referenced
this pull request
May 29, 2026
Mega push consolidat: toate features-uri aprobate de user implementate. ═══════════════════════════════════════════════════════════════════ 🚀 BIG FEATURES (7 din 7 aprobate) ═══════════════════════════════════════════════════════════════════ ✅ #1 Agent AI Insistent (deja shipped in commit anterior) ✅ #3 Consultatii publice / Agenda consiliu (lite version) - Table consultatii_publice in mig 090 - Integrare in Calendar civic la /calendar (Stream full requires CF Stream + Whisper $$$ → Q4+) ✅ #4 Buget „Pe banii MEI" - src/lib/buget/calculator.ts (formule fiscale RO 2026) - src/app/buget/personal/page.tsx + BugetCalculatorClient.tsx - User input salariu net + judet → cota anuala primarie + distributie pe 9 categorii (salarizare, investitii, invatamant, etc.) ✅ #5 Inițiative cetatenesti OTP - src/app/initiative/page.tsx (lista publica) - src/app/api/initiative/sign-otp/route.ts (Twilio SMS + Redis OTP TTL 10min) - Tables initiative + initiative_signatures cu privacy (phone_hash, cnp_hash) - Anti-fraud: rate limit, unique constraint, OTP 6 cifre ✅ #8 Compass Finanțare UE - src/app/compass-ue/page.tsx - Table ue_programs cu embedding pgvector pentru match AI - Filter expiring soon (badge rosu pentru <7 zile) ✅ #9 Verificare avere demnitari (ANI) - src/app/verificare-avere/page.tsx - Table demnitari_avere cu suspicious_jump_pct - Disclaimer clar + link integritate.eu - LEGAL REVIEW required inainte de scraping live ✅ #10 Decizii Deschise consilii locale - src/app/decizii-deschise/page.tsx - Tables consiliu_propuneri + consiliu_propunere_comments - AI summary pe propunere + spatiu comments cetatenesti ═══════════════════════════════════════════════════════════════════ 🎁 MEDIUM FEATURES (11 din 11 aprobate) ═══════════════════════════════════════════════════════════════════ ✅ #1 Search semantic AI cu pgvector - /api/search/semantic cu Cloudflare AI embedding (bge-small-en-v1.5) - Fallback ILIKE keyword search graceful - Function similar_sesizari in mig 090 ✅ #3 Calendar civic - src/app/calendar/page.tsx - Aggregator proteste + consultatii publice - /api/calendar/export.ics — RFC 5545 compliant iCal export ✅ #6 Profil public opt-in - src/app/u/[slug]/page.tsx - Columns profiles.public_profile_enabled/slug/bio in mig 090 - Badge-uri civice computed (Power Contributor, etc.) - JSON-LD + OG meta pentru SEO ✅ #7 Civic Streak (full impl partial) - Table civic_streak cu RLS public read - Cron skeleton in commit anterior ✅ #8 Newsletter săptămânal personalizat - /api/newsletter/subscribe + /api/newsletter/unsubscribe (1-click GDPR) - Table newsletter_subscriptions cu unsubscribe_token - Confirmare email via Resend ✅ #9 Voice input (Web Speech API) - src/components/VoiceInput.tsx - Fallback graceful daca iOS Safari (no SR available) - Real-time partial transcript ✅ #10 Heatmap intensitate sesizari - /api/heatmap/sesizari API - Materialized view sesizari_heatmap in mig 090 - Bucket-uire lat/lng la 3 decimals (~100m precision) ✅ #12 Embed widget jurnalisti - /embed/sesizari/[judet]?count=5 - Iframe-friendly, CSS izolat, CORS-open - Per judet generateStaticParams ✅ #13 Push lucrari programate - /api/push/subscribe (existent) - mig 090 adauga topic + active columns ✅ #14 Counter „Azi rezolvate" - src/components/TodayCounter.tsx (live update 30s) - View today_civic_stats in mig 090 - /api/stats/today endpoint - CountUp animation easeOutCubic ✅ #17 Multilang RO/HU/UK - src/lib/i18n/messages.ts (lightweight i18n, no deps) - src/components/LocaleSwitcher.tsx (cookie-based) - 16 strings traduse Romanian/Hungarian/Ukrainian ═══════════════════════════════════════════════════════════════════ 📊 SCHEMA: mig 090 (10 tables + 1 view + 1 matview + 2 functions) ═══════════════════════════════════════════════════════════════════ Tables noi: - newsletter_subscriptions - civic_streak - buget_primarii_annual - initiative + initiative_signatures - ue_programs + ue_program_subscriptions - demnitari_avere - consiliu_propuneri + consiliu_propunere_comments - consultatii_publice Columns adăugate: - profiles: 7 noi (public_profile_*, preferred_locale, notify_intreruperi_*, newsletter_pref) - push_subscriptions: topic + active - sesizari/petitii/stiri: embedding vector(384) Indexes (HNSW pentru embedding): - 4x HNSW vector cosine_ops pentru semantic search - 5x partial indexes pe queries hot RLS: - 11 policies noi pentru tabele cu read public + insert/all auth - Foloseste is_admin() helper din mig 088 ═══════════════════════════════════════════════════════════════════ 🔧 POST-DEPLOY STEPS NECESARE ═══════════════════════════════════════════════════════════════════ 1. npm run migrate (aplica mig 090) 2. ENV vars de configurat: - TWILIO_ACCOUNT_SID + TWILIO_AUTH_TOKEN + TWILIO_FROM_NUMBER (Initiative OTP) - CLOUDFLARE_ACCOUNT_ID + CLOUDFLARE_AI_TOKEN (semantic search free tier) - PHONE_HASH_SALT (random 32-byte hex pentru hashing telefon) 3. Schedule pg_cron pentru: - refresh_sesizari_heatmap weekly - newsletter delivery luni 09:00 4. Add navigation links la /buget/personal, /initiative, /compass-ue, /verificare-avere, /decizii-deschise, /calendar, /u/[slug] 5. Add LocaleSwitcher in Footer Tsc OK. Files: 22 new files, ~3400 lines.
andrei1000z
added a commit
that referenced
this pull request
Jun 6, 2026
Înainte: userul confirma abonarea → vedea o pagină „bine ai venit" dar nu primea NIMIC pe email până la primul digest (puteau trece zile) → moment mort „și acum ce?". Acum: welcome email imediat la confirmare (non-blocking via after()) — ce e Civia + ce poate face (sesizare/petiție/știri) + CTA „Fă o sesizare". Eșecul nu blochează confirmarea (try/catch + Sentry). Dedup: petiția duplicată `calea-victoriei-pietonala-permanenta` (5 iun) arhivată (reversibil) — originalul `cale-victoriei` (29 apr) rămâne. tsc curat. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
andrei1000z
added a commit
that referenced
this pull request
Jul 2, 2026
… + matching + stări + reziliență AI) SECURITATE - BLOCKER #1: auto-apply cerea încredere din From-ul spoofabil + poarta DKIM/ DMARC era opțională → oricine putea falsifica office@primarie.ro + cod PUBLIC și marca sesizarea altui cetățean. Acum auto-apply cere DOVADĂ: match token/ threading (secret) SAU DKIM/DMARC aliniat (authenticity.auth_aligned) - #20/#22 worker: păstrăm PRIMA apariție Authentication-Results (cea a Cloudflare), nu ultima → atacatorul nu mai injectează un A-R fals mai jos în mesaj - #19: scoreAiAuthenticity folosește cascada groqText (nu Groq brut) → 429 nu mai colapsează la 50 (care bloca auto-apply pt. senderi gov reali) MATCHING - #6 gardă N3: cod din sursă slabă fără coroborare (domeniu/sursă robustă) → medium nu high; cod care leagă o sesizare netrimisă/creată-după-reply → nu se leagă - #8 N4: fereastră 180z + order + limit server-side (nu mai lovea plafonul 1000) - #25/#32 extract-code: scos regex-ul care prindea primul token al oricărui Message-ID terț; nr. de înregistrare 12345/2026 nu mai e confundat cu cod - #26: content_score medium doar pe câștigător strict (fără tie arbitrar) STĂRI - #11/#13: ignorat (marcaj administrativ) nu mai înghite răspunsuri reale — orice status de răspuns îl supersedează - #12: mișcări laterale în tier activ (in-lucru->interventie) = progres, nu drop - #29: redirectionata poate supersedea inregistrata (redirect după înregistrare) - #30 auto-status: nu mai marchează ignorat sesizări niciodată-trimise (scos nou); cronometrează de la sent_at, nu created_at NOTIFICĂRI - #5: push-ul reflectă statusul CHIAR aplicat, nu clasificarea (gata Rezolvată fals) - #7: push doar pe match high-confidence (medium putea notifica alt cetățean = PII) - #15: auto_applied=true doar când un status se aplică efectiv (nu scapă din digest) REZILIENȚĂ AI - #27: cascada nu mai moare dacă lipsește GROQ_API_KEY (sare la Gemini/CF) - #10: timeout intern pe callGemini (18s) + pe SDK-ul PDF (25s) - #9: PDF scanat cu Gemini gol cade la Groq/CF vision (nu renunță) WORKER - #3/#17/#18: filtre soft (noreply@/Auto-Submitted/Precedence/List-Id) nu mai dropează confirmările de înregistrare — bypass când par răspuns de autoritate - #33: Message-ID sintetic determinist pt. emailuri fără unul → dedup la retry - #24: eroare tranzitorie de insert → retry (dedup-safe), nu pierdere tăcută - #28/#31: received_at/official_response_at = ora emailului, nu ora procesării +14 teste noi (computeStatusUpdate ignorat/lateral/redirect, extract-code guards, matchReply N3). worker v4.3.0. 1161 teste, tsc 0, eslint 0. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps actions/setup-node from 4 to 6.
Release notes
Sourced from actions/setup-node's releases.
... (truncated)
Commits
48b55a0Update Node.js versions in versions.yml and bump package to v6.4.0 (#1533)ab72c7eUpgrade@actionsdependencies (#1525)53b8394Bump minimatch from 3.1.2 to 3.1.5 (#1498)54045abScope test lockfiles by package manager and update cache tests (#1495)c882bffReplace uuid with crypto.randomUUID() (#1378)774c1d6feat(node-version-file): support parsingdevEnginesfield (#1283)efcb663fix: remove hardcoded bearer (#1467)d02c89dFix npm audit issues (#1491)6044e13Docs: bump actions/checkout from v5 to v6 (#1468)8e49463Fix README typo (#1226)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)