Skip to content

Allot of bug fixes#15

Merged
DevFlex-AI merged 2 commits into
embire2:mainfrom
DevFlex-AI:main
May 9, 2026
Merged

Allot of bug fixes#15
DevFlex-AI merged 2 commits into
embire2:mainfrom
DevFlex-AI:main

Conversation

@DevFlex-AI

Copy link
Copy Markdown
Collaborator

This update makes the system security stronger. It also makes the system work better. It does this by fixing problems, with the action runner and by making sure that only the right people can use the API routes. It also makes the chat work efficiently by making the payload sizes smaller.

These changes stop files from being written without anyone noticing they stop people from using tokens when they are not allowed to. They make the user interface work more smoothly. This is especially true when people upload images and when the system is sending out a lot of information to track what is going on.

DevFlex-AI added 2 commits May 9, 2026 02:43
…ken wasting issue and a lag issue

This update makes the system security stronger. It also makes the system work better. It does this by fixing problems, with the action runner and by making sure that only the right people can use the API routes. It also makes the chat work efficiently by making the payload sizes smaller.

These changes stop files from being written without anyone noticing they stop people from using tokens when they are not allowed to. They make the user interface work more smoothly. This is especially true when people upload images and when the system is sending out a lot of information to track what is going on.
@DevFlex-AI DevFlex-AI merged commit 269225c into embire2:main May 9, 2026
12 of 16 checks passed

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: cf074d9172

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

Comment on lines +6 to +8
export async function action({ request, params }: ActionFunctionArgs) {
if (!(await isTenantAdminAuthorized(request))) {
return json({ error: 'Forbidden' }, { status: 403 });

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P1 Badge Guard the dynamic managed-instance route instead

This new guard is attached to api.managed-instances..refresh.ts, which has no $slug segment, so params.slug is always empty and the actual dynamic endpoint remains the pre-existing unguarded app/routes/api.managed-instances.$slug.refresh.ts (same pattern for suspend). Requests to /api/managed-instances/<slug>/refresh will continue to hit the $slug route and bypass isTenantAdminAuthorized; the guard needs to be applied to the $slug refresh/suspend route files rather than these new double-dot routes.

Useful? React with 👍 / 👎.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant