chore(deps): bump nodemailer from 6.9.15 to 7.0.7#1
Open
dependabot[bot] wants to merge 90 commits into
Open
Conversation
dependabot
Bot
added
dependencies
…ment disabled (langfuse#9544) When LANGFUSE_FREE_TIER_USAGE_THRESHOLD_ENFORCEMENT_ENABLED is false, the paid plan check was never reached due to early return. This caused ALL organizations (paid and free) to be incorrectly counted as free_tier_orgs. Fix: Move paid plan check before enforcement check to ensure paid orgs always return "PAID_PLAN" regardless of enforcement status. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-authored-by: Claude <noreply@anthropic.com>
…s, and CRM integration (langfuse#9547) * fix(billing): enhance free tier usage emails with pricing, reset dates, and CRM integration - Add getBillingCycleEnd() helper to calculate when usage limits reset - Add comprehensive tests for billing cycle end date calculations - Add optional USAGE_THRESHOLD_EMAIL_BCC env variable for CRM integration (e.g., HubSpot) - Include reset date in both warning and suspension emails - Add Core plan pricing ($29/month) and key benefits to email templates - Mention startup program (50% off for first year) with link to langfuse.com/startups - Update email templates to include: - When usage limit resets - Pricing information from stripeCatalogue - Key upgrade benefits: unlimited users, 90-day retention, email/chat support - Startup program callout - Update test script to include reset date and BCC configuration 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> * refactor(billing): rename USAGE_THRESHOLD_EMAIL_BCC to CLOUD_CRM_EMAIL Rename environment variable to better reflect its purpose as a general cloud CRM integration endpoint rather than being specific to email BCC. Changes: - Renamed env variable in both .env.dev.example and .env.prod.example - Updated email sending functions to use new variable name - Updated test script with new variable name - Regenerated TypeScript declarations 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> * security(billing): add email validation for CLOUD_CRM_EMAIL Add Zod email validation before using CLOUD_CRM_EMAIL in BCC field to prevent potential email header injection attacks. Changes: - Import and use zod/v4 for email validation in both email functions - Validate CLOUD_CRM_EMAIL format before assigning to BCC - Log warning if invalid email format is detected - Add CLOUD_CRM_EMAIL to worker env schema 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> --------- Co-authored-by: Claude <noreply@anthropic.com>
…angfuse#9549) * fix(billing): implement chunked updates for free tier usage tracking Reduces DB load by 95% via transaction batching (50,000 → 50 chunks). Each chunk processes 1,000 orgs with proper error handling. Failed chunks reported to Datadog without killing the job. Changes: - Refactored processThresholds() to return update data instead of executing immediately - Created bulkUpdates.ts with chunked transaction processing (1000 orgs per batch) - Modified usageAggregation.ts to collect updates and execute in bulk - Updated tests to verify returned data instead of mock calls - Added error handling with traceException for failed chunks - Structured for easy swap to raw SQL (Option 1) if needed 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> * test: update cache invalidation tests to use bulkUpdateOrganizations The tests now call bulkUpdateOrganizations() to complete the update flow, including cache invalidation. This reflects the refactored architecture where processThresholds() returns update data and bulkUpdateOrganizations() executes it. * fix: reduce transaction timeout from 60s to 15s per chunk 60 seconds was excessive for 1000 orgs. Even at 10ms per update, that's only 10 seconds. 15 seconds provides a reasonable buffer. * refactor: use Promise.allSettled instead of transaction wrapper Benefits over previous () approach: - Better resilience: One failed org doesn't fail the entire 1000-org chunk - Concurrent execution: Much faster than sequential transaction - Granular error tracking: Track exactly which orgs failed - Better error handling: Each org failure reported to Datadog individually Trade-off: No atomicity per chunk, but we don't need it for this use case. Each org update is independent and idempotent. * fix: remove unused chunkOrgIds variable * remove unused code * refactor transaction update and add rawsql update * Update worker/src/ee/usageThresholds/bulkUpdates.ts Co-authored-by: ellipsis-dev[bot] <65095814+ellipsis-dev[bot]@users.noreply.github.com> * Update worker/src/ee/usageThresholds/bulkUpdates.ts Co-authored-by: ellipsis-dev[bot] <65095814+ellipsis-dev[bot]@users.noreply.github.com> * make rawsql query default --------- Co-authored-by: Claude <noreply@anthropic.com> Co-authored-by: ellipsis-dev[bot] <65095814+ellipsis-dev[bot]@users.noreply.github.com>
* Fix: Prevent duplicate job scheduling in queues Co-authored-by: michael <michael@langfuse.com> * Fix: Deduplicate queue jobs across multiple worker instances Co-authored-by: michael <michael@langfuse.com> * Checkpoint before follow-up message Co-authored-by: michael <michael@langfuse.com> * Checkpoint before follow-up message Co-authored-by: michael <michael@langfuse.com> * fix: prevent duplicate queue job scheduling across multiple containers - Add unique jobIds to CloudFreeTierUsageThresholdQueue for deduplication - Add comprehensive logging for job scheduling and execution tracking - Apply best practices pattern with descriptive job data and comments - Remove investigation documentation files This resolves the issue where multiple worker containers were creating duplicate recurring and bootstrap jobs, causing 10x more executions than expected. * add logging statements * remove job id and bootstrap execution --------- Co-authored-by: Cursor Agent <cursoragent@cursor.com> Co-authored-by: michael <michael@langfuse.com>
chore: use simplier to install CH client + doc update.
…fuse#9563) * feat(trace-ui): add log view with all observations concatenated * collapse nicer * move up * fix types
* shuffle toolbar * controls sidebar * setup for filter attributes * test with environment filter * new filter state management * name filter * add reset filter button * add tags filter * add bookmarked filter * unify column id v display handling * rename to bookmarked * polish, fix bugs * merge hooks, efficiency * support dual-value in slider * latency filter * make filters generic * add sidebar to observations, sessions, prompts, scores and evals * simplify table-controls component * allow resetting individual filters * clean up layout * show "all" when only selected item * text facets * add key-value filter * add numerical key-value filter * add metadata filter * disable accordion animations * add filtering for values * fix observation filters not being applied * add ai filters * represent no range filter with empty inputs * update look of reset button * fix header shrinking * tidy up vertical spacing * clean up * fix type and lint issues * fix none-of operator not being used when it should * fix missing env filter * a few last fixes * another type error * oops
fix: empty trace name breaking filter options
* chore: ingest otel events into new events table (dev) * chore: propagate completionStartTime * chore: add metadata processing * chore: propagate metadata * chore: add source attributes * chore: simplify * chore: adjust modelname prop
* fix: env and trace tags filter missing in sessions view * fix: restore missing sessions view filters * fix: bookmarked filter in sessions view * fix: trace tags filter * fix: add back missing scores filters
…ngfuse#9430) Map gen_ai.tool.call.arguments/result to input/output Co-authored-by: Nimar <l.nimar.b@gmail.com>
…use#9589) * chore: add filter options for users * chore: add filter options for users
…10) (langfuse#9492) * feat: allow public traces API to use advanced filters * chore: update API specs
…#9664) * add obs name as mapping indicator * fix mapper oai * lint * simplify
…PI (langfuse#9349) (langfuse#9625) * fix: support `queueId` when creating a score via the API (langfuse#9349) fix: support queue ids on score ingestion Co-authored-by: Nimar <l.nimar.b@gmail.com> Co-authored-by: marliessophie <74332854+marliessophie@users.noreply.github.com> * tests: add queueId ingestion on score body to tests * docs: adjust api docs * tests: for queueId match in score ingestion service --------- Co-authored-by: Steve Farthing <516498+sfarthin@users.noreply.github.com> Co-authored-by: Nimar <l.nimar.b@gmail.com>
…v annotations scored as zero dropped (langfuse#9682)
…data types (langfuse#9684) * fix(dataset-run-item): enhance metadata conversion to handle various data types * fix(experiment-service): remove unused input and expectedOutput fields from processItem function
* feat(trace-table): decode unicode in truncated JSONs * add unicode * fix in iotablecell * fix docs
* fix: fix dataset run items API limits * fix: fix dataset run items API limits
…ble (langfuse#9651) * feat: introducing events repository with observations-compatible iface. * feat: wiring the new events repository to the observations table * feat: add getObservationByIdFromEventsTable to events repository * chore: run ch:dev-tables in CI to allow tests for experimental events table pass
…otel (langfuse#9707) * perf: filter input/output attributes from metadata attributes key in otel * chore: lint * chore: cleanup * chore: remove comment * chore: stringify outputs
* chore: add batch-based observation to event propagation * chore: adjust timestamp and partition handling * chore: update metadata handling and disable by default * chore: align comment with reality * chore: do not set default value for ingestionservice * chore: handle staging table write more precisely using environments * chore: query memory optimizations * chore: spell check * chore: set global concurrency limit to 1 and increase timeout * chore: run event propagation in a new trace * chore: set request timeout * chore: pass correct timeout * chore: backlog handling for event backfill
…e#9718) * chore: create virtual trace spans for historic compatibility * chore: refactoring
* fix(chamtl): openai mapper * update * refactor * fix * fix pg * add tests * fix test * lint * tighter types * test types fixed * fix test
feat: Improve tRPC error reporting to Sentry Co-authored-by: Cursor Agent <cursoragent@cursor.com>
* feat(trace-ui): pretty render langgraph * render messages of langgraph * fix lint * add langgraph trace * fix tests
…docs instead of code examples, not in API creation modal (langfuse#9727) * imrpove dialog component * open external links in new tab * remove quickstart examples * simplify tracing table conditional render of setup page * move tracing setup to its own onboarding page * cmd enter on project and org creation * Update web/src/pages/project/[projectId]/traces/setup.tsx Co-authored-by: ellipsis-dev[bot] <65095814+ellipsis-dev[bot]@users.noreply.github.com> * copy --------- Co-authored-by: ellipsis-dev[bot] <65095814+ellipsis-dev[bot]@users.noreply.github.com>
Bumps [nodemailer](https://github.com/nodemailer/nodemailer) from 6.9.15 to 7.0.7. - [Release notes](https://github.com/nodemailer/nodemailer/releases) - [Changelog](https://github.com/nodemailer/nodemailer/blob/master/CHANGELOG.md) - [Commits](nodemailer/nodemailer@v6.9.15...v7.0.7) --- updated-dependencies: - dependency-name: nodemailer dependency-version: 7.0.7 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
Bot
force-pushed
the
dependabot/npm_and_yarn/nodemailer-7.0.7
branch
from
5b7adb1 to
28b6574
Compare
Author
|
A newer version of nodemailer exists, but since this PR has been edited by someone other than Dependabot I haven't updated it. You'll get a PR for the updated version as normal once this PR is merged. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
13 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps nodemailer from 6.9.15 to 7.0.7.
Release notes
Sourced from nodemailer's releases.
... (truncated)
Changelog
Sourced from nodemailer's changelog.
... (truncated)
Commits
9357a71chore(master): release 7.0.7 [skip-ci] (#1761)df13b74fix(linter): Updated eslint and created prettier formatting task62629a0Updated tests for addressparser1150d99fix(addressparser): Fixed addressparser handling of quoted nested email addre...3b8982cfix: resolve linter errors in DNS cache tests0240d67fix(dns): add memory leak prevention for DNS cacheea0fc5afix: refresh expired DNS cache on error (#1759)430ca75chore(master): release 7.0.6 [skip-ci] (#1753)e3e700cBumped depsf322c38replaced escaped single quotes with unescaped onesYou can trigger a rebase of this PR by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)You can disable automated security fix PRs for this repo from the Security Alerts page.