030 react live queries#260
Merged
Merged
Conversation
Introduce React live-query support and related tooling (030-react-live-queries): add @kalamdb/react package, React examples (examples/react-ai-chat), new TypeScript/React SDK tests and specs, and docs showing React usage. Rename client subscription APIs across CLI and tests from subscribe/subscribe_with_config to live_events/live_events_with_config and update call sites accordingly. Update project docs and READMEs (license clarified to Apache-2.0), add a KalamDB speckit constitution, and relax backend server allowed_origins to '*' for dev setups. Miscellaneous updates: docs/sdk React examples, TypeScript SDK additions, and numerous test adjustments to align with the new live-query APIs.
Add a release workflow step to build the React SDK from link/sdks/typescript/react-old. Include a new package-lock.json for the examples/react-ai-chat app and update related example files (package.json, scripts, vite config). Also reflect React SDK renames/moves (react -> react-old) across SDK docs/examples and update UI package/config files and react live-queries spec files.
Introduce multiple topic and file-download improvements: - Add POST /v1/api/topics/latest-offsets endpoint to resolve partition head offsets (service/dba/system only). - Make topic consume support optional consumer group (stateless inspection); honor requested position for stateless reads and route fetches accordingly. - Add RESET CONSUMER GROUP SQL command/parser/classifier, integrate into extensions and dialect, and implement handler + result rows so admins (dba/system) can move group cursors. Wire into stream handler registry. - Harden file download handler: rename path param to stored_name, validate/guess content type from stored_name, sanitize disposition, and restrict cross-user raw file downloads to dba/system via explicit authorization helper. Update DownloadQuery docs and tests. - Improve health/job maintenance: add lower-frequency idle trim guard, epoch helper, and avoid unnecessary leadership polling in single-node mode; increase idle poll max and reduce unnecessary ticks. - Minor cleanups and tests: small formatting fixes in backup/restore tests, add topic models (selectors/response), and update routes, models, and related tests and SDK/UI files. These changes add admin tooling for topic maintenance, tighten file download security/authorization, and reduce background wakeups in non-cluster deployments.
Replace the monolithic SDK workflow with dedicated TypeScript and Dart SDK workflows (.github/workflows/typescript-sdk.yml, .github/workflows/dart-sdk.yml) and remove the old sdks.yml and orm.yml. Add a versions management script and manifest (scripts/versions.py, versions.json) and wire it into the release flow: release.yml now syncs versions.json, reads version metadata via the script, and uses the synced commit for release assets. Also enable workflow_call publish inputs (python-sdk.yml) and update release tasks to include versions.json in release artifacts and target the synced commit when creating releases. These changes split responsibilities per-SDK, add badge/update steps and centralize version resolution.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This pull request introduces several updates across the codebase, focusing on dependency upgrades, improved security and authorization for file downloads, documentation enhancements, and project governance formalization. The most significant changes are grouped as follows:
1. Security and Authorization Improvements for File Downloads
download_fileto ensure only users with appropriate roles (DBA/System) can download files for other users, and regular users can only download their own files. Introduced thecan_download_user_file_for_targethelper for clear, testable permission checks. Also improved input sanitization and error handling for file paths and download requests. [1] [2] [3] [4] [5] [6] [7]stored_nameinstead offile_idfor clarity and consistency. [1] [2]2. Dependency and Version Upgrades
tonic,tonic-prost,bcrypt,wasm-bindgen,wasm-bindgen-futures,js-sys, andweb-sys. Updated the workspace version to0.5.0-beta.1and set the minimum Rust version to 1.92. [1] [2] [3]3. Documentation and Licensing
README.mdand backendREADME.md, referencing the appropriate files. [1] [2].github/agents/copilot-instructions.mdto reflect new active technologies (TypeScript 6, React 19, Node.js 18, and related tools) and recent changes, including the new React live queries feature plan. [1] [2] [3]4. Project Governance and Principles
These changes collectively improve security, maintainability, clarity, and governance for the project.