Skip to content

InsForge

v2.2.0 Security

This release includes 1 security fix for security teams reviewing exposed deployments.

Published 14h AI Agents & Assistants
✓ No known CVEs patched
Read the diff → Tool health → What is this tool? →
This release patches 1 known CVE

Topics

ai ai-agents coding deno embeddings insforge
+7 more
nextjs oauth2 pgvector postgresql realtime vectors websockets

Affected surfaces

deps

ReleasePort's take

Moderate signal
editorial:auto 13h

This release patches 24 npm vulnerabilities across seven packages.

Why it matters: Patch the identified CVEs to mitigate high‑severity (severity 90) risks affecting your dependency tree; all listed CVEs require immediate remediation.

Summary

AI summary

Broad release touches database, deployment, chore, and tests.

Changes in this release

Security Critical

Patch 24 npm CVEs across 7 packages.

Patch 24 npm CVEs across 7 packages.

Source: llm_adapter@2026-06-05

Confidence: high
Breaking High

Rename public‑facing Deployment terminology to Sites.

Rename public‑facing Deployment terminology to Sites.

Source: llm_adapter@2026-06-05

Confidence: high
Feature Low

Add E2E runner preflight checks.

Add E2E runner preflight checks.

Source: llm_adapter@2026-06-05

Confidence: high
Bugfix Medium

Fix Windows build failure in @insforge/ui.

Fix Windows build failure in @insforge/ui.

Source: llm_adapter@2026-06-05

Confidence: high
Bugfix Medium

Remove orphaned deployment records on function deletion.

Remove orphaned deployment records on function deletion.

Source: llm_adapter@2026-06-05

Confidence: high
Bugfix Medium

Handle ISO datetime strings in DATE type cell editor of database‑studio.

Handle ISO datetime strings in DATE type cell editor of database‑studio.

Source: llm_adapter@2026-06-05

Confidence: high
Bugfix Medium

Align single‑record empty string stripping with bulk writes in database layer.

Align single‑record empty string stripping with bulk writes in database layer.

Source: llm_adapter@2026-06-05

Confidence: high
Bugfix Medium

Guard migrations against destructive replay on an empty migration ledger.

Guard migrations against destructive replay on an empty migration ledger.

Source: llm_adapter@2026-06-05

Confidence: high
Bugfix Medium

Resolve migration prefix numbering collision in database migrations.

Resolve migration prefix numbering collision in database migrations.

Source: llm_adapter@2026-06-05

Confidence: high
Bugfix Medium

Return all severity levels for function.logs endpoint.

Return all severity levels for function.logs endpoint.

Source: llm_adapter@2026-06-05

Confidence: high
Full changelog

What's Changed

  • docs(deployment): add Deploy on Containarium guide by @hsinatfootprintai in https://github.com/InsForge/InsForge/pull/1373
  • chore: update X handle to @InsForge by @tonychang04 in https://github.com/InsForge/InsForge/pull/1413
  • docs: add Analytics core concept page by @CarmenDou in https://github.com/InsForge/InsForge/pull/1418
  • docs: rename Compute to Custom Compute by @tonychang04 in https://github.com/InsForge/InsForge/pull/1423
  • chore(tests): relocate test-google-id-token debug file from root to m… by @Ranganivandan in https://github.com/InsForge/InsForge/pull/1409
  • fix(database): align single-record empty string stripping with bulk writes by @eunseo9311 in https://github.com/InsForge/InsForge/pull/1364
  • feat: rename public-facing Deployment terminology to Sites (fixes #1414) by @Ranganivandan in https://github.com/InsForge/InsForge/pull/1432
  • fix: resolve Windows build failure in @insforge/ui by @Ranganivandan in https://github.com/InsForge/InsForge/pull/1441
  • [codex] Fix AI config soft-delete migration idempotency by @Fermionic-Lyu in https://github.com/InsForge/InsForge/pull/1442
  • fix(functions): remove orphaned deployment records on function deletion by @eunseo9311 in https://github.com/InsForge/InsForge/pull/1444
  • fix(database-studio): handle ISO datetime strings in DATE type cell editor by @kevintorrescd in https://github.com/InsForge/InsForge/pull/1410
  • INS-296 Fix deployment -> sites PR by @Fermionic-Lyu in https://github.com/InsForge/InsForge/pull/1453
  • INS-294: Align Analytics page UI states with other pages by @CarmenDou in https://github.com/InsForge/InsForge/pull/1451
  • INS-307 Update contributor issue workflow by @Fermionic-Lyu in https://github.com/InsForge/InsForge/pull/1454
  • fix(deps): patch 24 npm CVEs across 7 packages by @jwfing in https://github.com/InsForge/InsForge/pull/1455
  • fix(database): resolve migration prefix numbering collision by @Ranganivandan in https://github.com/InsForge/InsForge/pull/1384
  • INS-308 Codex/oauth additional params by @Fermionic-Lyu in https://github.com/InsForge/InsForge/pull/1456
  • Docs/update dashboard readme by @Ranganivandan in https://github.com/InsForge/InsForge/pull/1407
  • dialog descrip added for the s3 access key create dialog by @Kathircpe in https://github.com/InsForge/InsForge/pull/1467
  • docs: compress MCP setup videos and add asset guidelines by @Gautam-aman in https://github.com/InsForge/InsForge/pull/1412
  • fix(migrations): guard against destructive replay on an empty migration ledger by @tonychang04 in https://github.com/InsForge/InsForge/pull/1419
  • docs: compress antigravity logo via pngquant by @CarmenDou in https://github.com/InsForge/InsForge/pull/1473
  • INS-305 Update config as code docs by @Fermionic-Lyu in https://github.com/InsForge/InsForge/pull/1450
  • Fix Claude plugin marketplace docs by @malsomesh9 in https://github.com/InsForge/InsForge/pull/1438
  • Add E2E runner preflight checks by @malsomesh9 in https://github.com/InsForge/InsForge/pull/1465
  • chore(code-health): Deno type safety, OAuth AppError standardization, OpenAPI sunset policy (#1405) by @Sudarshan25092007 in https://github.com/InsForge/InsForge/pull/1443
  • Re-scope root AGENTS.md for contributors by @malsomesh9 in https://github.com/InsForge/InsForge/pull/1411
  • INS-328 fix(logs): return all severities for function.logs by @jwfing in https://github.com/InsForge/InsForge/pull/1477
  • Rework project_admin by @Fermionic-Lyu in https://github.com/InsForge/InsForge/pull/1474
  • bump version by @Fermionic-Lyu in https://github.com/InsForge/InsForge/pull/1479

New Contributors

  • @hsinatfootprintai made their first contribution in https://github.com/InsForge/InsForge/pull/1373
  • @Ranganivandan made their first contribution in https://github.com/InsForge/InsForge/pull/1409
  • @eunseo9311 made their first contribution in https://github.com/InsForge/InsForge/pull/1364
  • @kevintorrescd made their first contribution in https://github.com/InsForge/InsForge/pull/1410
  • @Gautam-aman made their first contribution in https://github.com/InsForge/InsForge/pull/1412
  • @Sudarshan25092007 made their first contribution in https://github.com/InsForge/InsForge/pull/1443

Full Changelog: https://github.com/InsForge/InsForge/compare/v2.1.10...v2.2.0

Breaking Changes

  • Rename public-facing Deployment terminology to Sites

Security Fixes

  • fix(deps): patch 24 npm CVEs across 7 packages
View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track InsForge

Get notified when new releases ship.

Sign up free

About InsForge

All releases →

Related context

Earlier breaking changes

  • v2.1.8 Restricts raw SQL permission to project_admin role only.

Beta — feedback welcome: [email protected]