Conversation
[dev] [Marfuen] mariano/nist-sp800-53-readiness
|
The latest updates on your projects. Learn more about Vercel for GitHub.
2 Skipped Deployments
|
* fix(controls): include direct policy/task links in custom framework view Custom frameworks never populate FrameworkControlPolicyLink/TaskLink junction tables, so findOneForFramework returned empty policies/tasks. Now merges both framework-scoped and direct relationships with dedup. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix(controls): scope direct-link fallback to custom frameworks only Avoids regression for built-in frameworks where framework-scoped links are intentionally per-framework. Also applies the same fix to findRequirement() in frameworks service for list/detail consistency. Extracts deduplicateById to shared util. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix(controls): write-side sync + complete read fallback for custom frameworks Write side: syncDirectLinksToCustomFrameworks mirrors direct policy/task/ document links into framework-scoped junction tables for all custom FIs using a control. Called from linkPolicies/linkTasks/linkDocumentTypes (no frameworkInstanceId) and linkControlsToRequirement (custom FI). Read side: all 4 read paths (findOneForFramework, findOne, findAll, findRequirement) fall back to direct relationships for custom frameworks, covering existing data without a migration. Extracts mergeControlLinks helper to deduplicate mapping logic between findOne and findRequirement. Collapses deduplicateById/deduplicateByFormType into a generic deduplicateBy. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * perf(controls): early exit sync when org has no custom frameworks Avoids the requirementMap query on every direct-link operation for orgs that don't use custom frameworks (vast majority of traffic). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix(controls): clean up framework-scoped doc links on direct unlink When unlinking a direct ControlDocumentType, also delete the corresponding FrameworkControlDocumentTypeLink rows for custom framework instances. Prevents stale evidence showing up in custom framework views after the direct link is removed. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix(controls): only cascade doc-link cleanup when direct link existed Skip framework-scoped cleanup if deleteMany removed 0 direct rows, preventing deletion of explicitly-scoped custom framework links. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix(controls): complete custom framework link coverage - removePolicyControl: cascade-delete framework-scoped policy links for custom FIs when disconnecting a policy from a control - findAll: add custom framework fallback for policies, documents, and tasks so dashboard compliance scores are correct - create: sync framework-scoped links within the creation transaction when the control is mapped to custom framework requirements Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix(controls): guard policy cleanup and fix task dedup ordering - removePolicyControl: check link exists before cascading framework- scoped cleanup, preventing deletion of explicitly-scoped links - findAll: filter empty-controls tasks before dedup and prioritize direct tasks, so custom framework tasks aren't dropped by empty framework-scoped entries shadowing valid direct entries Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix(controls): wrap unlink cascades in transactions Both removePolicyControl and unlinkDocumentType now run their direct-link removal and framework-scoped cleanup in a single transaction, preventing partial state on failure. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> --------- Co-authored-by: Mariano Fuentes <marfuen98@gmail.com> Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
![cubic-dev-ai[bot]](https://avatars.githubusercontent.com/in/1082092?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
2 issues found across 7 files (changes from recent commits).
Reply with feedback, questions, or to request a fix.
Fix all with cubic | Re-trigger cubic
Adds requirementFamily field to FrameworkEditorRequirement, with full support across the framework editor, versioning/sync/rollback, manifest builder/diff, export/import, and the app's requirements tab. - Framework editor: ComboboxCell column for setting requirement families - App: FrameworkRequirementsGrouped component with expand/collapse, search, family filter, and URL persistence via nuqs - Versioning: requirementFamily captured in manifests, diffed, synced - Review: shows requirement family changes in update preview Co-authored-by: Mariano Fuentes <marfuen98@gmail.com> Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…ewport bottom * fix(framework-editor): flip ComboboxCell dropdown upward when near viewport bottom Measures available space below the cell on open. If less than 260px, the dropdown renders above the cell instead of below. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix(framework-editor): default sort requirements by identifier Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix(app): remove duplicate headings, default sort requirements by identifier CS-390: Requirements now sorted by identifier with numeric-aware comparison (AC-2 before AC-10) in the flat view. CS-393: Removed duplicate "Requirements (N)" and "Controls (N)" headings — the tab already shows the count. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> --------- Co-authored-by: Mariano Fuentes <marfuen98@gmail.com> Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The three createMany calls (policy, task, document links) now run inside a transaction when no external client is provided, preventing partial sync state if one fails. Co-authored-by: Mariano Fuentes <marfuen98@gmail.com> Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…miting * fix(api): add batch update endpoint for requirements to avoid rate limiting Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix(api): add IsNotEmpty to batch update requirement ID field Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> --------- Co-authored-by: Mariano Fuentes <marfuen98@gmail.com> Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Contributor
|
🎉 This PR is included in version 3.64.0 🎉 The release is available on GitHub release Your semantic-release bot 📦🚀 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This is an automated pull request to release the candidate branch into production, which will trigger a deployment.
It was created by the [Production PR] action.
Summary by cubic
Adds family grouping for both controls and requirements to make large frameworks easier to browse. Also completes custom framework link handling, hardens sync with a transaction, and adds a batch requirements update API to reduce rate limiting during bulk edits.
New Features
FrameworkControlsGrouped,FrameworkRequirementsGrouped,FamilyFilterDropdown, shared helpers/tests; Review Update tests for family summaries.@trycompai/design-systemand updates Tailwind content paths.FrameworkControlFamilytable;requirementFamilyon requirements; manifests/builders/types updated. Prisma migrations run on deploy.Bug Fixes
ComboboxCelldropdown flips upward when near the viewport bottom to avoid overflow.Written for commit 8ce8b3c. Summary will update on new commits. Review in cubic