commits
* [Vulnerability][Patches] Apply patch to vulnerable dependencies
* [Vulnerabilities] Upgrade @graphql-codegen packages and @apollo/client to fix vulnerabilities (#178)
* [Simplification] Remove Content Proxy as not needed reference
* add comment on env.example
* [dependabot] Configure to prevent major bump of node
* code review changes
This was using an absolute path which didn't work for the mdbook version. Switch to relative, and make the link name consistent with the target page title.
* Setting GraphQL depth limit to 10
* Set env var for GraphQL depth
Used safe var helper to ensure proper integer is being used for GraphQL depth
Using Node 24.14.0, as directed to make CI happy
* Cleared merge conflict
* Logging error instead of throwing error
* Use jsonStringify for logging invalid env var
This change addresses ESLint warning about type safety of JSON.stringify.
Co-authored-by: Paweł Wieczorek <pawiecz@collabora.com>
* [Code Simplification][Vulnerabilities] Remove Betterer and upgrade ESLint to v9
* [Vulnerabilities] Upgrade AWS SDK to fix fast-xml-parser vulnerabilities
* remove unused package
* [Code Simplification][Vulnerabilities] Remove Betterer and upgrade ESLint to v9
* code review fixes
* fix ci
* fix for realz now
I was browsing the docs and noticed this looked weird/inconsistent :)
* Fix ClickHouse outage crashing all dashboard pages
* fix betterer
* add logging on warehouse error to let back-end know. given empty returns are to prevent front-end issues
* [Vulnerabilities] Migrate from CRA Storybook to Vite compatible Storybook main
* fix button
* fix betterer and eslint
* fix eslint
* use coop style
* remove sample exchanges
* [HMA][Exchanges] Configure HMA exchanges directly from coop
* tests
* capitalize first value of the keys
* fix tests
* code review changes
* fix eslint
* fix eslint
* fix for real now
* ci: Realign Betterer results file with current code base state
Fixes: #116
* chore: Lock Node version to v24.14.0 to prevent inconsistency
Version selection was delegated to ".nvmrc" file where applicable.
Fixes: #111
* client: Install Vite dependencies
* client: Add minimal Vite configuration
* client: Add vite-env.d.ts
* client: Update index.html
* client: Update tsconfig.json
* client: Call lazy loader explicitly instead of interpolating imported paths
* client: Migrate server proxy configuration
* client: Migrate transforming SVGs into React components
* client: Migrate env variables
Variable "NODE_ENV" is no longer used in client. It's been replaced with
Vite-specific "MODE" which can be adjusted with "--mode" command line argument
and defaults to:
- "development" for plain "vite" call
- "production" for "build" and "preview" calls
Even though server still uses "GOOGLE_PLACES_API_KEY" variable, client now uses
"VITE_GOOGLE_PLACES_API_KEY" ("VITE_"-prefixed). This way Vite can access this
information.
* client: Replace craco commands with vite(st)
* client: Remove react-scripts/craco and unused configuration
* client: Add a note on slow client start
* client: Fix linter errors after migrating to Vite
* client: Fix betterer errors after migrating to Vite
* client: Add missing Vite plugin configuration
* client: Remove unused Jest configuration
* ci: Realign Betterer results file with current code base state
* fix dockerignore
---------
Co-authored-by: Juan S. Mrad <juansmrad@gmail.com>
* Upgrade roost packages ( Types, db-migrator ) and use Types model cards
* remove unneeded casting
* upgrade example integration.
* [Code Simplification] Replace Kafka with BullMQ for item submission processing
* [Security] Bump sequelize and undici to fix high-severity vulnerabilities
- sequelize 6.32.1 → 6.37.8: fixes SQL injection via JSON column cast type (GHSA)
- undici 7.19.0 → 7.24.5: fixes WebSocket memory/DoS, CRLF injection, and HTTP smuggling
- Lockfile-only changes, no package.json or source code modifications
* Raise minimum versions for sequelize and undici in package.json
npm's sigstore provenance verification requires `repository.url` in
package.json to match the GitHub repo URL from the provenance bundle.
Both `@roostorg/types` and `@roostorg/db-migrator` were missing this
field, causing publish to fail with a 422 error.
* [Code Simplification] Removal of Snowflake from codebase
* final pass after self review
* [Code Simplification] Remove momentjs Dependency
* code review fixes
* [Model Cards] Update required fields and mark current as TBD
* update package version
* [Code Simplification] Remove use of and ui fixes
* fix betterer issue
* fix pre-existing bug
* chore: Lock Node version to v24.14.0 to prevent inconsistency
Version selection was delegated to ".nvmrc" file where applicable.
Fixes: #111
* migrator: Remove no longer required @types/umzug
Package umzug provides its own type definitions, so this does not need to be
installed.
Fixes: #107
* migrator: Apply audit fixes
* .devops/migrator: Remove no longer required @types/umzug
Package umzug provides its own type definitions, so this does not need to be
installed.
Fixes: #107
* .devops/migrator: Apply audit fixes
* .devops/migrator: Add snowflake-sdk-scoped override for @tootallnate/once
* Improve Investigation 'Take action' UX and docs
* remove extra empty line
* feat: add typeName to body.item return
* chore: type fix
* test: add typeName to test return
* feat: add name to more instances of webhook returns
* chore: update types to make name required
* Integrations plugin: types, registry, logo API, and @roostorg/types from npm
Add types and server-side plugin loading (config, registry, logo routes).
Switch client and server to published @roostorg/types.
* add whiteline
* code review changes
* Integration Plugin Backend: migration, GraphQL API, and plugin signals (#91)
* Integration Plugin Backend: migration, GraphQL API, and plugin signals
* code review changes
* Integration plugin: client UI, example config, and example dependency (#92)
* Integration plugin: client UI, example config, and example dependency
* code review changes
* fix casting error
* betterer fixes
Co-authored-by: Mac <mac@Macs-MacBook-Pro.local>
* docker-compose: Use fixed Docker image tag for Jaeger
* docker-compose: Use fixed Docker image tag for Redis
* Update port 5000 to 9876 to avoid conflict with macOS Monterey or later
* Updated Migration Command
---------
Co-authored-by: Mac <mac@Macs-MacBook-Pro.local>
* fix: Catch Kafka connect error to prevent unhandled promise rejection crashing the process
* fix: lint issue
* feat: SES packages
* test: email service tests
* feat: add SES email service
* Add new types for Signal to be exported by integration plugins
* rename to config over credentials as it may be more generic.
* [types] Generate new types for integrations
* increase version for types
Bumps [@aws-cdk/lambda-layer-kubectl-v29](https://github.com/cdklabs/awscdk-asset-kubectl) from 2.0.0 to 2.1.1.
- [Release notes](https://github.com/cdklabs/awscdk-asset-kubectl/releases)
- [Commits](https://github.com/cdklabs/awscdk-asset-kubectl/compare/kubectl-v20v2.0.0...kubectl-v20v2.1.1)
---
updated-dependencies:
- dependency-name: "@aws-cdk/lambda-layer-kubectl-v29"
dependency-version: 2.1.1
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [constructs](https://github.com/aws/constructs) from 10.1.81 to 10.4.5.
- [Release notes](https://github.com/aws/constructs/releases)
- [Commits](https://github.com/aws/constructs/compare/v10.1.81...v10.4.5)
---
updated-dependencies:
- dependency-name: constructs
dependency-version: 10.4.5
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Allow rotation of Signing Key by users
* code review changes
* use logError for structure errors here
* NCMEC <-> Queue Improvements and default NCMEC queue
* code review changes
* NCMEC Additional fields fixes #27
* tests
* lint fixes
* add exif viewed by esp and publicly available from additional info response
* broke out NCMEC docs into separate file and added more detail. Updated USER_GUIDE and SUMMARY
* code review comments
---------
Co-authored-by: Juliet Shen <juliet@roost.tools>
* Remove HMA service from DEVELOPMENT.md
Removed HMA service entry from the development documentation. It has to be started up separately
docker compose up --build -d hma
* Update DEVELOPMENT.md with HMA setup details
Added HMA development instructions and image URL accessibility notes.
* Enhance USER_GUIDE with HMA setup and management details
Added detailed instructions for setting up and managing hash banks in HMA.
* add HMA images and update user guide
---------
Co-authored-by: Juliet Shen <juliet@roost.tools>
* Add ZENTROPI integration and ZENTROPI_LABELER signal type enums
Add Zentropi as a new third-party integration and ZENTROPI_LABELER as
a new signal type across TypeScript enums, GraphQL schema, and
generated types.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* Add Zentropi credential storage and database migration
Add ZentropiCredential type, CRUD operations for per-org API key
storage, and migration to create signal_auth_service.zentropi_configs
table.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* Add Zentropi signal implementation
Implement ZentropiLabelerSignal and zentropiUtils following the OpenAI
Moderation pattern. Calls POST /v1/label with policy-steerable labeler,
maps label+confidence to a composite 0-1 score, and handles permanent
errors (401/404) vs transient errors (5xx).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* Wire up Zentropi signal with cached fetcher and credential getter
Register ZentropiLabelerSignal in instantiateBuiltInSignals, add
cached Zentropi API fetcher (with labeler-aware cache keys), and
add cached credential getter for ZENTROPI integration.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* Add tests for Zentropi signal integration
Test score mapping (all four quadrants), signal class metadata,
disabled info, error handling (401/404 permanent, 5xx transient,
missing subcategory), and correct API call parameters.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* Fix Zentropi label type coercion and test credential helper
The Zentropi API returns label as a string ("0"/"1") rather than a
number. The strict equality check (label === 1) would always fail,
causing violating content to receive a safe score. Use Number(label)
to handle both string and number responses.
Also fix test helper makeCredentialGetter to use string | null instead
of string | undefined, since passing undefined explicitly triggers the
JS default parameter value, making the missing-credentials test path
ineffective.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* Add labeler version IDs to Zentropi integration
Store labeler versions (id + label pairs) in the Zentropi integration config
alongside the API key. The eligibleSubcategories resolver dynamically returns
org-specific labeler versions, and the subcategory picker renders a dropdown
for flat subcategory lists. Also fixes spot test to work on rules regardless
of their enabled status.
* Address PR review feedback: add missing DB enum, use fetchHTTP, bind in cached fetchers
- Add ZENTROPI_LABELER to enum_signals_type in migration SQL
- Replace raw fetch() with shared fetchHTTP dependency in getZentropiScores
- Bind fetchHTTP into getZentropiScores in makeCachedFetchers
- Update tests to mock fetchHTTP instead of global.fetch
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* Inline override values in ZentropiLabelerSignal, remove wrapper functions
Move simple return values (docsUrl, integration, pricingStructure, etc.)
directly into the signal class instead of delegating to single-use
functions in zentropiUtils.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* Collapse Zentropi migrations into a single file
Merge labeler_versions column into the initial CREATE TABLE instead of
a separate ALTER TABLE migration.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* Fix lint and betterer CI failures
Use Object.assign instead of property mutation in test helpers to
satisfy better-mutation/no-mutation rule. Replace @ant-design/icons
with lucide-react equivalents in IntegrationConfigApiCredentialsSection.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* Fix remaining lint errors in spotTest and signalAuthService
Remove unnecessary null check in spotTest (getGraphQLRuleFromId always
returns or throws). Replace JSON.parse/JSON.stringify with jsonParse/
jsonStringify in signalAuthService per codebase conventions.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* Bump zentropi migration datestamp to avoid ordering conflict
Main already has a migration at 2026.02.10T00.00.00; rename ours
to 2026.02.18T00.00.00 so it runs after all existing migrations.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Co-authored-by: samidh <Samidh@host4-129-30-192.springshosting.net>
* NCMEC <-> Queue Improvements and default NCMEC queue
* code review changes
Co-authored-by: Shalabh Agarwal <me@serendipty01.dev>
* ci: Align Node version with development environment configuration
This approach allows syncing continuously with development environment
configuration. It might need adjustments to specify exact runtime
versions that should be used as the project approaches V1 release.
* ci: Drop NPM packages publishing workflow trigger from unused branch
* Update eslint-plugin-jsdoc version
Fixes: #31
Related: #32
* client: Add scoped override for out-of-date rimraf
Override is scoped to "source-map-explorer" which has not been updated
since 2022 and depends on pre-v4 rimraf (now deprecated).
Related: #33
* Align jest between server and client
Version of jest used in client pulls deprecated dependencies.
Project-wide alignment of jest removes these warnigns.
Related: #33
* ci: Align Node version with development environment configuration
This approach allows syncing continuously with development environment
configuration. It might need adjustments to specify exact runtime
versions that should be used as the project approaches V1 release.
* ci: Drop NPM packages publishing workflow trigger from unused branch
* Setting GraphQL depth limit to 10
* Set env var for GraphQL depth
Used safe var helper to ensure proper integer is being used for GraphQL depth
Using Node 24.14.0, as directed to make CI happy
* Cleared merge conflict
* Logging error instead of throwing error
* Use jsonStringify for logging invalid env var
This change addresses ESLint warning about type safety of JSON.stringify.
Co-authored-by: Paweł Wieczorek <pawiecz@collabora.com>
* ci: Realign Betterer results file with current code base state
Fixes: #116
* chore: Lock Node version to v24.14.0 to prevent inconsistency
Version selection was delegated to ".nvmrc" file where applicable.
Fixes: #111
* client: Install Vite dependencies
* client: Add minimal Vite configuration
* client: Add vite-env.d.ts
* client: Update index.html
* client: Update tsconfig.json
* client: Call lazy loader explicitly instead of interpolating imported paths
* client: Migrate server proxy configuration
* client: Migrate transforming SVGs into React components
* client: Migrate env variables
Variable "NODE_ENV" is no longer used in client. It's been replaced with
Vite-specific "MODE" which can be adjusted with "--mode" command line argument
and defaults to:
- "development" for plain "vite" call
- "production" for "build" and "preview" calls
Even though server still uses "GOOGLE_PLACES_API_KEY" variable, client now uses
"VITE_GOOGLE_PLACES_API_KEY" ("VITE_"-prefixed). This way Vite can access this
information.
* client: Replace craco commands with vite(st)
* client: Remove react-scripts/craco and unused configuration
* client: Add a note on slow client start
* client: Fix linter errors after migrating to Vite
* client: Fix betterer errors after migrating to Vite
* client: Add missing Vite plugin configuration
* client: Remove unused Jest configuration
* ci: Realign Betterer results file with current code base state
* fix dockerignore
---------
Co-authored-by: Juan S. Mrad <juansmrad@gmail.com>
* [Code Simplification] Replace Kafka with BullMQ for item submission processing
* [Security] Bump sequelize and undici to fix high-severity vulnerabilities
- sequelize 6.32.1 → 6.37.8: fixes SQL injection via JSON column cast type (GHSA)
- undici 7.19.0 → 7.24.5: fixes WebSocket memory/DoS, CRLF injection, and HTTP smuggling
- Lockfile-only changes, no package.json or source code modifications
* Raise minimum versions for sequelize and undici in package.json
* Integrations plugin: types, registry, logo API, and @roostorg/types from npm
Add types and server-side plugin loading (config, registry, logo routes).
Switch client and server to published @roostorg/types.
* add whiteline
* code review changes
* Integration Plugin Backend: migration, GraphQL API, and plugin signals (#91)
* Integration Plugin Backend: migration, GraphQL API, and plugin signals
* code review changes
* Integration plugin: client UI, example config, and example dependency (#92)
* Integration plugin: client UI, example config, and example dependency
* code review changes
* fix casting error
* betterer fixes
Bumps [@aws-cdk/lambda-layer-kubectl-v29](https://github.com/cdklabs/awscdk-asset-kubectl) from 2.0.0 to 2.1.1.
- [Release notes](https://github.com/cdklabs/awscdk-asset-kubectl/releases)
- [Commits](https://github.com/cdklabs/awscdk-asset-kubectl/compare/kubectl-v20v2.0.0...kubectl-v20v2.1.1)
---
updated-dependencies:
- dependency-name: "@aws-cdk/lambda-layer-kubectl-v29"
dependency-version: 2.1.1
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [constructs](https://github.com/aws/constructs) from 10.1.81 to 10.4.5.
- [Release notes](https://github.com/aws/constructs/releases)
- [Commits](https://github.com/aws/constructs/compare/v10.1.81...v10.4.5)
---
updated-dependencies:
- dependency-name: constructs
dependency-version: 10.4.5
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* NCMEC <-> Queue Improvements and default NCMEC queue
* code review changes
* NCMEC Additional fields fixes #27
* tests
* lint fixes
* add exif viewed by esp and publicly available from additional info response
* broke out NCMEC docs into separate file and added more detail. Updated USER_GUIDE and SUMMARY
* code review comments
---------
Co-authored-by: Juliet Shen <juliet@roost.tools>
* Remove HMA service from DEVELOPMENT.md
Removed HMA service entry from the development documentation. It has to be started up separately
docker compose up --build -d hma
* Update DEVELOPMENT.md with HMA setup details
Added HMA development instructions and image URL accessibility notes.
* Enhance USER_GUIDE with HMA setup and management details
Added detailed instructions for setting up and managing hash banks in HMA.
* add HMA images and update user guide
---------
Co-authored-by: Juliet Shen <juliet@roost.tools>
* Add ZENTROPI integration and ZENTROPI_LABELER signal type enums
Add Zentropi as a new third-party integration and ZENTROPI_LABELER as
a new signal type across TypeScript enums, GraphQL schema, and
generated types.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* Add Zentropi credential storage and database migration
Add ZentropiCredential type, CRUD operations for per-org API key
storage, and migration to create signal_auth_service.zentropi_configs
table.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* Add Zentropi signal implementation
Implement ZentropiLabelerSignal and zentropiUtils following the OpenAI
Moderation pattern. Calls POST /v1/label with policy-steerable labeler,
maps label+confidence to a composite 0-1 score, and handles permanent
errors (401/404) vs transient errors (5xx).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* Wire up Zentropi signal with cached fetcher and credential getter
Register ZentropiLabelerSignal in instantiateBuiltInSignals, add
cached Zentropi API fetcher (with labeler-aware cache keys), and
add cached credential getter for ZENTROPI integration.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* Add tests for Zentropi signal integration
Test score mapping (all four quadrants), signal class metadata,
disabled info, error handling (401/404 permanent, 5xx transient,
missing subcategory), and correct API call parameters.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* Fix Zentropi label type coercion and test credential helper
The Zentropi API returns label as a string ("0"/"1") rather than a
number. The strict equality check (label === 1) would always fail,
causing violating content to receive a safe score. Use Number(label)
to handle both string and number responses.
Also fix test helper makeCredentialGetter to use string | null instead
of string | undefined, since passing undefined explicitly triggers the
JS default parameter value, making the missing-credentials test path
ineffective.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* Add labeler version IDs to Zentropi integration
Store labeler versions (id + label pairs) in the Zentropi integration config
alongside the API key. The eligibleSubcategories resolver dynamically returns
org-specific labeler versions, and the subcategory picker renders a dropdown
for flat subcategory lists. Also fixes spot test to work on rules regardless
of their enabled status.
* Address PR review feedback: add missing DB enum, use fetchHTTP, bind in cached fetchers
- Add ZENTROPI_LABELER to enum_signals_type in migration SQL
- Replace raw fetch() with shared fetchHTTP dependency in getZentropiScores
- Bind fetchHTTP into getZentropiScores in makeCachedFetchers
- Update tests to mock fetchHTTP instead of global.fetch
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* Inline override values in ZentropiLabelerSignal, remove wrapper functions
Move simple return values (docsUrl, integration, pricingStructure, etc.)
directly into the signal class instead of delegating to single-use
functions in zentropiUtils.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* Collapse Zentropi migrations into a single file
Merge labeler_versions column into the initial CREATE TABLE instead of
a separate ALTER TABLE migration.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* Fix lint and betterer CI failures
Use Object.assign instead of property mutation in test helpers to
satisfy better-mutation/no-mutation rule. Replace @ant-design/icons
with lucide-react equivalents in IntegrationConfigApiCredentialsSection.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* Fix remaining lint errors in spotTest and signalAuthService
Remove unnecessary null check in spotTest (getGraphQLRuleFromId always
returns or throws). Replace JSON.parse/JSON.stringify with jsonParse/
jsonStringify in signalAuthService per codebase conventions.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* Bump zentropi migration datestamp to avoid ordering conflict
Main already has a migration at 2026.02.10T00.00.00; rename ours
to 2026.02.18T00.00.00 so it runs after all existing migrations.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Co-authored-by: samidh <Samidh@host4-129-30-192.springshosting.net>
* ci: Align Node version with development environment configuration
This approach allows syncing continuously with development environment
configuration. It might need adjustments to specify exact runtime
versions that should be used as the project approaches V1 release.
* ci: Drop NPM packages publishing workflow trigger from unused branch
* Update eslint-plugin-jsdoc version
Fixes: #31
Related: #32
* client: Add scoped override for out-of-date rimraf
Override is scoped to "source-map-explorer" which has not been updated
since 2022 and depends on pre-v4 rimraf (now deprecated).
Related: #33
* Align jest between server and client
Version of jest used in client pulls deprecated dependencies.
Project-wide alignment of jest removes these warnigns.
Related: #33
* ci: Align Node version with development environment configuration
This approach allows syncing continuously with development environment
configuration. It might need adjustments to specify exact runtime
versions that should be used as the project approaches V1 release.
* ci: Drop NPM packages publishing workflow trigger from unused branch