Merged
Conversation
Security patch release - fix all 14 security vulnerabilities - Remove unused electron-icon-builder (deprecated phantomjs dependency) - Update electron-builder to 26.7.0 - Force update indirect dependencies via pnpm overrides - Docker build optimization with parallel multi-platform builds Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
- Apply 22.37% corner radius (229px on 1024px canvas) - Add transparent background with rounded corners - Update icon.icns and all PNG sizes (16-1024px) - Backup original square icons - Aligns with macOS Big Sur design guidelines Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
- Use pure logo graphic (bird with headset + terminal icon) - Remove redundant text since app name already shows 'PromptX' - Maintain rounded corners and transparent background - Update for all platforms: macOS (.icns), Windows (.png→.ico), Linux (.png) - Aligns with modern app icon design best practices Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
- Update logo image in all language versions (EN, zh-Hans, zh-Hant) - Add new PromptX-transparent.png logo file with brand text - Change from SVG to PNG format for better display Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
deepracticexc
force-pushed
the
release/1.28.1
branch
from
6e757b4 to
fc987bd
Compare
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
deepracticexc
force-pushed
the
release/1.28.1
branch
from
9d5bd1e to
1504f89
Compare
Member
🎉 Release Tagged Successfully!Tag 🚀 Automated Actions Triggered:
📦 Packages:Once published, packages will be available at:
|
deepracticexc
added a commit
that referenced
this pull request
Feb 11, 2026
Problem: - v1.28.1 Docker build fails with "addgroup: gid '1000' in use" - node:20-alpine base image already uses GID 1000 Solution: - Remove custom app user creation (addgroup/adduser) - Use node:20-alpine's built-in node user (UID/GID 1000) - Update chown to use node:node instead of app:app Benefits: - ✅ Fixes GID conflict - ✅ Maintains security (non-root user) - ✅ Simpler Dockerfile (no user creation needed) - ✅ Follows Docker best practices Fixes: v1.28.1 Docker build failure Related: #539 Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
5 tasks
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
📋 Release v1.28.1
✅ 安全漏洞修复
修复前:14 个漏洞 (1 critical, 6 high, 6 moderate, 1 low)
修复后:0 个漏洞 ✅
🔧 主要变更
1. 移除废弃依赖
electron-icon-builder(未使用且依赖废弃的 phantomjs-prebuilt)2. 更新直接依赖
electron-builder: 26.0.12 → 26.7.03. 强制更新间接依赖 (pnpm overrides)
tar→ 7.4.3 (修复路径遍历/文件覆写漏洞)qs→ 6.13.1 (修复 DoS 漏洞)@isaacs/brace-expansion→ 5.0.1 (修复 DoS 漏洞)form-data→ 4.0.1 (修复不安全随机函数)lodash→ 4.17.21 (修复原型污染)tough-cookie→ 5.0.0 (修复原型污染)4. Docker 构建优化 (来自 #536)
✅ 验证结果
📦 影响的包
🤖 Generated with Claude Code