Add project-scoped Cloudflare Sandboxes to OS#1355
Open
jonastemplestein wants to merge 7 commits into
Open
Conversation
…-port # Conflicts: # apps/os/alchemy.run.ts # apps/os/src/domains/codemode/examples.ts # apps/os/src/domains/sandboxes/entrypoints/sandboxes-worker.ts
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.
Reviewed by Cursor Bugbot for commit 4a126e0. Configure here.
| CLOUDFLARE_ACCOUNT_ID: artifactsAccountId, | ||
| DO_CATALOG: db, | ||
| PROJECT_SANDBOX: projectSandbox, | ||
| REPO: sandboxRepo, |
There was a problem hiding this comment.
Sandbox repo overwrites catalog
High Severity
The sandboxes worker uses a separate RepoDurableObject namespace but the same shared DO_CATALOG as the main app. Preparing a sandbox calls ensureIterateConfigInfo, which can wake a repo durable object whose catalog row shares (class, name) with the main worker’s iterate-config repo and overwrites the stored object id.
Additional Locations (1)
Reviewed by Cursor Bugbot for commit 4a126e0. Configure here.
mmkal
added a commit
that referenced
this pull request
Jun 10, 2026
Replaces the `merge-to-main-slack` workflow (one Slack message per merged PR — noisy on busy days) with a workflow that maintains **at most one message per day** in `#ci`: a one-line PR dashboard summary, with the full per-PR breakdown in a single threaded reply. Both are created on the first PR event of the day and updated in place after that. Channel message: > **PR dashboard 10th June** — 51 merged · 9 closed without merging · 4 opened · 2 older still open (details in thread) Threaded reply (rendered from real data): > **Merged:** > • [#1410 Fix 5-min logout, deploy-time JWKS, and stream append skeleton flash](#1410) by jonas (ad6da76) > • [#1407 itx: contexts, capabilities, and the one true handle](#1407) by jonas (f256768) > … > **Closed without merging:** > • [#1440 Migrate captun to published npm 0.0.3](#1440) by misha > … > **Opened:** > • [#1448 Replace per-merge Slack messages with a daily PR dashboard](#1448) by misha (draft) > … > Old: [#1349](#1349), [#1355](#1355) How it works: - Content is refetched from the GitHub search API on every run (merged / closed-unmerged / opened-and-still-open today, plus older open PRs), so the message is self-healing — no incremental state to corrupt. - The day's message timestamps live in a repo Actions variable (`SLACK_PR_DASHBOARD_STATE`, `{date, channel, ts, details_ts}`), written with the same `ITERATE_BOT_GITHUB_TOKEN` the nag workflow uses. No new Slack scopes needed: `chat.update` uses the `chat:write` the bot already exercises. - Targets `#ci`, adopting #1452's decision to move merge announcements out of `#building` (that PR edited the workflow this one deletes; the conflict is resolved here by keeping the deletion). - The threaded details go out as chunked mrkdwn section blocks rather than one `text` param: on busy days a single text field hits `chat.update`'s `msg_too_long` (`postMessage` truncates, `update` rejects — found by e2e-testing against today's ~50 merges). - Plain-text author names (no @-mentions) since the messages update many times a day. - Testable two ways: pushing any `*pr-dashboard*` branch runs it for real against `#misha-test` with a separate state variable (create, update-in-place, and threading paths all verified this way — e.g. runs [27280068182](https://github.com/iterate/iterate/actions/runs/27280068182), [27288814028](https://github.com/iterate/iterate/actions/runs/27288814028)), and `node cli.ts github-script pr-dashboard.update_dashboard.update_pr_dashboard --github-token ...` does a local dry run that prints both messages. Task file: `tasks/slack-daily-pr-dashboard.md`. 🤖 Generated with [Claude Code](https://claude.com/claude-code) --------- Co-authored-by: Claude Fable 5 <noreply@anthropic.com> Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
@/tmp/pr-1355-body.md