You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Lockstep bump of the eight published packages 1.9.0 -> 1.9.1
(api/codegen/core/introspect/kozou/mcp/svelte-ui/ui-core), plus the
per-release pins (scaffold + quickstart docker-compose image tags; README
docker examples and the runtime-requirements heading) and a README roadmap
entry. Cross-package deps stay workspace:* (no lockfile change).
Contents:
- The reference Admin UI's create / update / delete form actions catch
AdapterError, so a DB constraint violation (unique / FK / CHECK) or a
privilege / RLS denial re-renders the form with the user's input and a
readable message instead of a generic 500 (#170, PR #175).
- Free-text search under the external REST opt-out quotes the term, so a
value with reserved characters (, ( ) .) is matched literally instead
of corrupting the or=(...) filter grammar (#171, PR #174).
- Transitive hono bumped to >=4.12.25 for a published security advisory
(GHSA-wwfh-h76j-fc44; hono ships in @kozou/mcp via the MCP SDK) (#176).
Patch: bug fixes + a dependency security bump only — no new features,
no breaking or wire changes.
Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Copy file name to clipboardExpand all lines: README.md
+4-3Lines changed: 4 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -88,8 +88,8 @@ Advisory only: enforcement stays in PostgreSQL (GRANTs + your RLS). See
88
88
Use the runtime image directly:
89
89
90
90
```bash
91
-
docker pull ghcr.io/kozou-dev/kozou:v1.9.0
92
-
docker run --rm ghcr.io/kozou-dev/kozou:v1.9.0 mcp --help
91
+
docker pull ghcr.io/kozou-dev/kozou:v1.9.1
92
+
docker run --rm ghcr.io/kozou-dev/kozou:v1.9.1 mcp --help
93
93
```
94
94
95
95
Or install the packages for library / embedded use:
@@ -124,7 +124,7 @@ via JWKS, or a minimal self-hosted issuer. See
124
124
125
125
## Requirements
126
126
127
-
Runtime requirements for v1.9.0:
127
+
Runtime requirements for v1.9.1:
128
128
129
129
-**PostgreSQL 16 or later** — the canonical source of truth
130
130
-**Docker 24 or later** (optional) — recommended for the `docker compose up` stack, which brings up PostgreSQL and a `kozou` service running `kozou dev` (the bundled Admin UI + MCP HTTP server, plus Kozou's in-house REST backend served in-process) from `ghcr.io/kozou-dev/kozou` (a multi-arch image, native on linux/amd64 and linux/arm64). The default stack needs **no separate REST container**; to opt out and use an external PostgREST instead, set `adapter.type: postgrest` and add the (commented) service in the scaffold's `docker-compose.yml`.
@@ -153,6 +153,7 @@ Contributors additionally need **pnpm 9 or later**. See [CONTRIBUTING.md](CONTRI
153
153
- v1.8.0 (shipped): **opt-in privilege-aware AI context** — point Kozou at a role (`introspection.respectPrivileges`) and the MCP `describe_table` / `describe_view` tools and `kozou docs` now also tell the agent what that role may *touch*: each relation is annotated with the role's effective GRANTs (relation-level `SELECT`/`INSERT`/`UPDATE`/`DELETE`, plus per-column `insertable` / `updatable` on tables), and `kozou docs` grows a per-table "Security" section. Unlike the Admin UI's privilege mode, the AI surfaces **annotate rather than hide** — a table the role cannot `SELECT` still appears, marked `select: false`, so the agent is told its limits rather than left guessing. It reuses the existing privilege introspection (no new queries) and is advisory only: enforcement stays in PostgreSQL (GRANTs + your RLS). When the MCP `call` execution tool is enabled, the annotated role is tied to the execution role so describe and act never disagree. Default off ⇒ every surface stays schema-wide. `kozou docs` also now renders per-column `@ai` / `@policy` notes. See [`examples/quickstart`](examples/quickstart).
154
154
- v1.8.1 (shipped): a security-hardening patch. The unauthenticated MCP HTTP server gains **DNS-rebinding protection** — it validates the request `Host` / `Origin` against an allowlist before handling it, so a page in the operator's browser cannot drive it by rebinding a hostname to loopback — and a **request-body size limit** (both the MCP server and `@kozou/api` reject an over-large body with `413`, and a non-JSON body with `415`, instead of buffering it unbounded). Read requests (`GET`) now run in a `READ ONLY` transaction, so a read cannot commit a write regardless of the role's grants. The bundled dev stack is **loopback by default**: the Admin UI and MCP HTTP server bind `127.0.0.1` (set `KOZOU_UI_HOST` / `KOZOU_MCP_HTTP_HOST` to expose them inside a container), and the scaffold and quickstart `docker-compose` files publish every port (Admin UI, MCP, database) on `127.0.0.1` only. See the repository's security advisory.
155
155
- v1.9.0 (shipped): field-report fixes for the introspection and REST surfaces. Native PostgreSQL `ENUM` columns are now recognized — a column typed as a native enum gets the `enum-select` widget, a string-literal union in the generated client, and an `enum` in OpenAPI / the MCP context, matching how the same type already resolved as a function argument. Declarative **partitioned parent tables** and **materialized views** are now introspected (the parent is surfaced and reads like a normal table while its leaf partitions stay hidden; a materialized view appears as a read-only view) — previously both were silently absent from every surface. A list query with an explicit `sort` on a non-unique column now appends the primary key as a tiebreaker, so `LIMIT`/`OFFSET` pagination is stable across pages. And `kozou mcp --http` honours `server.mcp.http.{port,host}` from `kozou.config.yaml`, matching `kozou dev`.
156
+
- v1.9.1 (shipped): field-report fixes for the reference Admin UI and the external REST adapter. A create / update / delete that the database rejects (a unique / foreign-key / check violation, or a privilege / row-level-security denial) now re-renders the form with the user's input and a readable message instead of a generic 500 that discarded it. And free-text search under the external REST (PostgREST) opt-out now quotes the term, so a value containing reserved characters (`,``(``)``.`) is matched literally instead of corrupting the query. Also bumps a transitive dependency for a published security advisory.
156
157
- Beyond v1.8: React UI exploration — optional write-path parity (a second UI driving create / edit / delete across both adapters)
Copy file name to clipboardExpand all lines: packages/svelte-ui/package.json
+1-1Lines changed: 1 addition & 1 deletion
Original file line number
Diff line number
Diff line change
@@ -1,6 +1,6 @@
1
1
{
2
2
"name": "@kozou/svelte-ui",
3
-
"version": "1.9.0",
3
+
"version": "1.9.1",
4
4
"description": "Kozou reference Admin UI. SvelteKit + Svelte 5 admin UI that consumes SchemaContext via @kozou/core and talks to a backend via the DataAdapter interface.",
0 commit comments