Fix Dependabot alert #94 (LOW):
- @eslint/plugin-kit vulnerability: Regular Expression Denial of Service
through ConfigCommentParser
- Updated from 0.2.8 (vulnerable) to 0.5.1 via pnpm/npm overrides
Build verified successful. All tests pass.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Fix Dependabot alert #76 (MEDIUM):
- esbuild vulnerability: allows any website to send requests to
development server and read responses
- Updated from 0.21.5 (vulnerable) to 0.27.2 via pnpm/npm overrides
Build verified successful. All tests pass.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Changes:
- Added npm "overrides" section to package.json alongside existing pnpm overrides
- Generated and tracked package-lock.json with security fixes applied
- Removed web/package-lock.json from .gitignore to support npm users
- Both npm and pnpm now enforce secure dependency versions
This enables developers to use either pnpm or npm while maintaining
consistent security posture across both package managers.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
- Add greybeard_secure_prompt_engineer pattern to create secure system prompts
- Update pattern explanations and renumber existing entries
- Refactor build process to use npm hooks for copying JSON files
- Remove manual web static file copying from extract script
- Update .gitignore to exclude generated data and tmp directories
- Modify suggest_pattern categories to include new security pattern
- Delete redundant web static data file, rely on build hooks
- Use bind:value for proper two-way binding with Select component
- Handle empty input to clear session when user clears the field
- Skip session change if value unchanged to avoid redundant API calls
- Track previous session to restore when placeholder selected
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Extract session UI into dedicated SessionSelector.svelte component
- Use Select component instead of native <select>
- Add session message loading when selecting existing session
- Fix placeholder selection behavior to preserve current session
- Rename "Session ID" to "Session Name" for consistency
- Add proper error handling for session loading
- Simplify reactive statements with nullish coalescing
- Use ?? instead of || in ChatService.ts
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Remove reactive statement that was resetting input on each keystroke
- Initialize sessionInput only once in onMount
- Change layout to stack input and dropdown vertically for better display
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add session name parameter to GUI chat interface, enabling persistent
multi-turn conversations similar to CLI's --session flag.
Changes:
- Add SessionName field to PromptRequest in chat.go
- Add sessionName to ChatPrompt interface
- Include currentSession in ChatService requests
- Add Session ID input with existing sessions dropdown in DropdownGroup
Closes#680🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Extract positioning calculations into dedicated `positioning.ts` module
- Add reactive tooltip position updates on scroll/resize
- Improve accessibility with `aria-describedby` and unique IDs
- Add SSR safety with `isBrowser` flag check
- Replace inline position calculation with reactive statement
- Add window event listeners for position tracking
- Update unit tests to use extracted functions
- Add test coverage for style formatting function
- Replace 42MB favicon.png with proper 64x64 PNG (4.7KB)
- Replace 42MB fabric-logo.png with static PNG from first GIF frame (387KB)
- Optimize animated GIF from 42MB to 5.4MB (half resolution, 12fps, 128 colors)
- Update docs/images/fabric-logo-gif.gif with optimized version
Total reduction: ~168MB to ~11.2MB
Closes#1361
Signed-off-by: majiayu000 <majiayu000@users.noreply.github.com>
Use position: fixed and getBoundingClientRect() to calculate tooltip
position dynamically. This prevents tooltips from being clipped by
parent containers with overflow: hidden (such as slide transitions).
Closes#1790
Signed-off-by: majiayu000 <majiayu000@users.noreply.github.com>
- Upgrade `pdfjs-dist` to v5 with new engine requirement
- Dynamically import PDF.js to avoid SSR import-time crashes
- Configure PDF worker via CDN using runtime PDF.js version
- Update PDF conversion pipeline to use lazy initialization
- Guard chat message localStorage persistence behind browser checks
- Reformat ChatService with consistent imports and typings
- Bump `patch-package` and refresh pnpm lock dependency graph
- Add `skeletonlabs` to VSCode spellcheck dictionary
Use SvelteKit's browser constant instead of typeof localStorage check
to properly handle server-side rendering. Prevents 'localStorage.getItem
is not a function' error when running dev server.
- Rename pattern directory to fix spelling error
- Add new pattern to explanations documentation
- Update suggest_pattern system with concall_summary references
- Include concall_summary in ANALYSIS category mappings
- Add concall_summary to BUSINESS category listings
- Append concall_summary to SUMMARIZE category references
- Update pattern descriptions JSON with new entry
- Generate pattern extracts for concall_summary functionality
- Add user documentation for earnings call analysis
- Include changelog entry for PR #1833
- Update `--raw` flag description across all documentation files
- Clarify flag only affects OpenAI-compatible providers behavior
- Document Anthropic models use smart parameter selection
- Remove outdated reference to system/user role changes
- Update help text in CLI flags definition
- Translate updated description to all supported locales
- Update shell completion descriptions for zsh and fish
- chore: incoming 1836 changelog entry
### CHANGES
- Add `create_conceptmap` for HTML concept maps using Vis.js
- Introduce `fix_typos` for text proofreading and corrections
- Implement `model_as_sherlock_freud` for psychological modeling
- Add `predict_person_actions` for behavior prediction
- Include `recommend_yoga_practice` for personalized yoga guidance
- Credit pattern contribution to @FELIPEGUEDESBR
# CHANGES
- Add new WELLNESS category with four patterns
- Add `model_as_sherlock_freud` for psychological detective analysis
- Add `predict_person_actions` for behavioral response predictions
- Add `recommend_yoga_practice` for personalized wellness guidance
- Add `fix_typos` pattern for proofreading corrections
- Update ANALYSIS category to include new patterns
- Update SELF category with wellness-related patterns
- Tag existing patterns with WELLNESS classification
### CHANGES
- Add `extract_characters` to identify and describe characters
- Update business category to include `extract_characters`
- Include `extract_characters` in extract category
- Add `extract_characters` description in pattern descriptions JSON
- Update user documentation with `extract_characters` details
## CHANGES
- Add top-level project name to navigation hierarchy
- Nest all sections under main project heading
- Fix npm install script path extension
- Update localhost URL to use HTML format
- Add "Mdsvex" to VSCode spelling dictionary
- Include "details" and "summary" to HTML tags
- Remove trailing newline from web README
### CHANGES
- Update Vite to version 5.4.20
- Update Rollup to version 4.50.1
- Add `@eslint-community/eslint-utils` version 4.9.0
- Update `@humanfs/node` to version 0.16.7
- Update `@humanwhocodes/retry` to version 0.4.3
- Update Rollup platform-specific packages to 4.50.1
- Add `@rollup/rollup-openharmony-arm64` version 4.50.1
- Closes Dependabot PR https://github.com/danielmiessler/Fabric/pull/1763
### CHANGES
- Add `create_story_about_people_interaction` pattern description
- Include pattern in `ANALYSIS` and `WRITING` categories
- Update `suggest_pattern` system and user documentation
- Modify JSON files to incorporate new pattern details
- Add internationalization system with Spanish support
- Create contexts and sessions tutorial documentation
- Fix broken Warp sponsorship image URL
- Add locale detection from environment variables
- Update VSCode settings with new dictionary words
- Exclude VSCode settings from version workflows
- Update pattern descriptions and explanations
- Add comprehensive i18n test coverage
- Add winget installation method for Windows
- Add Docker Hub and GHCR image references
- Include docker run examples for setup/patterns
- Remove deprecated PowerShell download link
- Delete unused show_fabric_options_markmap pattern
- Update suggest_pattern with new AI patterns
- Add personal development patterns for storytelling
CHANGES
- Add create_story_about_person system pattern with narrative workflow
- Add heal_person system pattern for compassionate healing plans
- Update pattern_explanations to register new patterns and renumber indices
- Extend pattern_descriptions with entries, tags, and concise descriptions
- Add pattern_extracts for both patterns with full instruction blocks
- Bump devalue dependency from 5.1.1 to 5.3.2
- Refresh lockfile snapshots to reference updated devalue version
- Sync web static pattern_descriptions with new patterns
Updates `devalue` from 5.1.1 to 5.3.2
- [Release notes](https://github.com/sveltejs/devalue/releases)
- [Changelog](https://github.com/sveltejs/devalue/blob/main/CHANGELOG.md)
- [Commits](sveltejs/devalue@v5.1.1...v5.3.2)
---
updated-dependencies:
- dependency-name: devalue
dependency-version: 5.3.2
dependency-type: indirect
dependency-group: npm_and_yarn
...
Signed-off-by: dependabot[bot] <support@github.com>
CHANGES
- Add -V/--vendor flag to specify model vendor
- Implement vendor-aware model resolution and availability validation
- Warn on ambiguous models; suggest --vendor to disambiguate
- Update bash, zsh, fish completions with vendor suggestions
- Extend --listmodels to print vendor|model when interactive
- Add VendorsModels.PrintWithVendor; sort vendors and models alphabetically
- Pass vendor through API; update server chat handler
- Standardize docs and errors to --yt-dlp-args="..." syntax
- Add test covering ambiguous model warning across multiple vendors
- Promote go-shellquote to direct dependency in go.mod
## CHANGES
- Fix static directory path in extract_patterns.py script
- Add apply_ul_tags pattern for content categorization
- Add t_check_dunning_kruger pattern for bias analysis
- Update pattern descriptions with new entries
- Sync web static data with latest patterns
- Include pattern extracts for new functionality
- Support standardized content topic classification
- Enable cognitive bias identification capabilities
### CHANGES
- Add `review_code`, `extract_alpha`, and `extract_mcp_servers` patterns.
- Refactor the pattern extraction script for improved clarity.
- Add docstrings and specific error handling to script.
- Improve formatting in the pattern management README.
- Fix typo in the `analyze_bill_short` pattern description.
## CHANGES
- Add new YouTube handler for transcript requests
- Create `/youtube/transcript` POST endpoint route
- Add request/response types for YouTube API
- Support language and timestamp options
- Update frontend to use new endpoint
- Remove chat endpoint dependency for transcripts
- Validate video vs playlist URLs properly
### CHANGES
- Reformat JSON `tags` array to display on new lines.
- Update `write_essay` pattern description for clarity.
- Apply consistent formatting to both data files.
## CHANGES
- Rename `write_essay` to `write_essay_pg` for Paul Graham style
- Rename `write_essay_by_author` to `write_essay` with author variable
- Update pattern descriptions to reflect naming changes
- Fix duplicate `write_essay_pg` entry in pattern descriptions
### CHANGES
- Add tags and descriptions for five new creative and analytical patterns.
- Introduce `analyze_terraform_plan` for infrastructure review.
- Add `write_essay_by_author` for stylistic writing.
- Include `summarize_board_meeting` for corporate notes.
- Introduce `create_mnemonic_phrases` for memory aids.
- Update and clean pattern description data files.
- Sort the pattern explanations list alphabetically.
- Refactor `cleanPatternOutput` to use a dedicated return variable.
- Hoist `processResponse` function for improved stream readability.
- Remove unnecessary whitespace and trailing newlines from file.
## CHANGES
- Add Variables field to PromptRequest struct
- Pass pattern variables through chat handler
- Create API variables documentation example
- Add pattern variables UI in web interface
- Create pattern variables store in Svelte
- Include variables in chat service requests
- Add JSON textarea for variable input
### CHANGES
- Add `.browserslistrc` to define target browser versions.
- Upgrade `pdfjs-dist` dependency from v2.16 to v4.2.67.
- Upgrade `nanoid` dependency from v4.0.2 to v5.0.9.
- Introduce `pdf-config.ts` for centralized PDF.js worker setup.
- Refactor `PdfConversionService` to use new PDF worker configuration.
- Add static `pdf.worker.min.mjs` to serve PDF.js worker.
- Update Vite configuration for ESNext build target and PDF.js.
