preloop

# Changelog All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). ## [Unreleased] ### Added - **Flow Execution Retry**: Failed, stopped, timed out, or cancelled flow executions can now be retried via `POST /api/v1/flows/executions/{id}/retry`. The new execution is linked to the original via `retry_of_execution_id` and uses the same trigger event data. UI retry button available in the execution detail view. - **update_comment Issue Comment Support**: The `update_comment` tool now supports PR conversation comments (issue comments) in addition to inline review comments. Use the optional `comment_type` parameter to specify the type, or let the tool auto-detect by trying review_comment first then issue_comment. - **Pull Request/Merge Request MCP Tools**: New built-in tools for PR/MR management: - `get_pull_request`: Fetch PR/MR details including comments and diff - `update_pull_request`: Update PR/MR state, submit reviews (approve, request changes, comment), add/remove reactions - `add_comment`: Add comments to PRs/MRs (general, inline code comments, threaded replies) - `update_comment`: Update or resolve existing PR/MR comments - `create_pull_request`: Create new PRs/MRs with full metadata support - Works with both GitHub Pull Requests and GitLab Merge Requests - **PR/MR Reactions**: `update_pull_request` now supports adding and removing emoji reactions (GitHub: +1, -1, laugh, confused, heart, hooray, rocket, eyes; GitLab: thumbsup, thumbsdown, smile, eyes, rocket, etc.) - **Commit Status Updates**: Flow executions now appear as commit status checks in GitHub/GitLab, showing "pending" while running and "success"/"failure" on completion - **Bot Event Filtering**: Flow trigger service now detects and ignores events triggered by Preloop's own actions to prevent infinite loops - **Android Push Notifications (FCM)**: Native Firebase Cloud Messaging support for Android mobile app push notifications - **Push Proxy**: Proxy endpoint allowing OSS instances to send push notifications via production infrastructure - **Message-based WebSocket Authentication**: Secure WebSocket auth via message after connection (tokens no longer in URLs) - **Periodic Version Checker**: Automatic daily version check against preloop.ai (configurable interval, opt-out available) - **Admin Activity Monitor**: Click-to-navigate from session to user/account details ### Changed - **FCM Service**: Moved Firebase SDK calls to thread pool executor to avoid blocking the event loop - **Session Manager**: Database writes now run in thread pool to prevent event loop blocking during connection spikes - **WebSocket Endpoints**: Updated to support message-based authentication for browsers ### Deprecated - **`get_merge_request` MCP Tool**: Use `get_pull_request` instead. Works with both GitHub PRs and GitLab MRs. - **`update_merge_request` MCP Tool**: Use `update_pull_request` instead. Works with both GitHub PRs and GitLab MRs. ### Fixed - **GitHub Assignees/Reviewers Clearing**: `update_pull_request` with `assignees=[]` or `reviewers=[]` now correctly clears all assignees/reviewers on GitHub (previously it did nothing because GitHub's POST endpoints only add). Consistent behavior with GitLab. - **GitHub App Reaction Removal**: `remove_issue_reaction` now safely handles GitHub App installation tokens by checking for `app_slug` in connection_details. Previously it attempted to call GET /app which fails with installation tokens. - **GitHub Inline Comment ID**: `add_comment` now returns the actual comment ID instead of the review ID for GitHub inline comments, enabling proper follow-up updates via `update_comment` - **Thread Resolution Validation**: `update_comment` now properly validates that `thread_id` is required for resolving threads. GitHub requires a thread ID (format: `PRRT_...`), not a comment ID. Automatic GraphQL lookup added for GitHub. - **Inline Comment Side Parameter**: `add_comment` no longer validates the `side` parameter for non-inline comments, fixing errors when `side` was passed for regular comments - **GitLab Inline Comments**: Now properly returns 501 error explaining that inline diff comments require position data not available in this API, instead of creating non-anchored discussions - **GitLab Assignees/Reviewers**: `update_pull_request` and `create_pull_request` now correctly look up user IDs from usernames for GitLab, with clear warnings when lookups fail - **Review Comments Validation**: `update_pull_request` now validates that each item in `review_comments` has required fields (path, line, body), returning 400 with clear error instead of 500 - **Git Clone Fallback**: When `git_clone_config.enabled = true` but `repositories` is empty, now falls back to using the trigger project for cloning - **Self-hosted GitLab URLs**: Fixed URL parsing for self-hosted GitLab instances (no longer requires "gitlab" in hostname) - **Milestone Pagination**: GitHub milestone lookup now paginates through all milestones instead of only checking the first page - **HTTPException Wrapping**: Fixed exception handlers that were incorrectly wrapping HTTPException in 502 errors - **Event Loop Blocking**: FCM notifications and session DB writes no longer block the FastAPI event loop - **WebSocket Middleware Paths**: Middleware now handles `/api/v1/ws` prefixed paths correctly - **Telemetry Env Var**: Both `PRELOOP_DISABLE_TELEMETRY` and `DISABLE_VERSION_CHECK` now work to disable telemetry - **Session Manager Thread Safety**: DB writes now use thread-local sessions to avoid SQLAlchemy thread-safety issues - **WebSocket Auth Upgrade**: Anonymous users upgrading to authenticated are now properly registered for broadcast messages - **OpenAI API Errors**: Issue duplicates endpoint now returns 503 for API auth/rate limit errors instead of 500 ### Configuration New environment variables (see `.env.example`): - `FCM_CREDENTIALS_JSON` / `FCM_CREDENTIALS_PATH`: Firebase service account credentials - `PUSH_PROXY_URL` / `PUSH_PROXY_API_KEY`: Push proxy configuration for OSS instances - `PRELOOP_DISABLE_TELEMETRY`: Disable version check telemetry - `VERSION_CHECK_INTERVAL`: Seconds between version checks (default: 86400 = 24h)