The recent upgrade to PostgreSQL 18 in CI (commit 27515d4) caused the
Setup Database job to fail because the runner's host pg_dump (v16) refuses
to dump a Postgres 18 server.
Replace tj-actions/pg-dump and tj-actions/pg-restore with docker run
commands using the postgres:18 image, ensuring the client version always
matches the server. This aligns with the fix already applied in the
internal cal repo.
The checkout step deletes the review-context.json file that was extracted
from the artifact. The 'Post comment with Devin session link' step was
trying to read this file after checkout, causing ENOENT errors.
Fixed by using the PR number from the extract-prompt step output instead
of reading the deleted file.
Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
* feat: add GitHub workflows to sync agents/ to Devin Knowledge
- Add parse-to-devin-knowledge.ts to convert agents/ markdown to Devin Knowledge JSON
- Add validate-format.ts to validate rules have frontmatter and knowledge-base sections start with 'When...'
- Add sync-to-devin.ts to sync knowledge entries to Devin API
- Add export-devin-knowledge.sh to backup existing Devin knowledge
- Add validate-agents-format.yml workflow to validate format on PRs
- Add sync-agents-to-devin.yml workflow to sync on merge to main
- Add devin-knowledge.json to .gitignore (generated file)
Co-Authored-By: eunjae@cal.com <hey@eunjae.dev>
* fix: use tsx instead of ts-node for better ESM support in CI
Co-Authored-By: eunjae@cal.com <hey@eunjae.dev>
* docs: add missing knowledge entries from Devin backup
Co-Authored-By: eunjae@cal.com <hey@eunjae.dev>
* refactor: move agents scripts to scripts/ folder
Co-Authored-By: eunjae@cal.com <hey@eunjae.dev>
* refactor: rename scripts to devin-knowledge-* for clarity
Co-Authored-By: eunjae@cal.com <hey@eunjae.dev>
* refactor: move scripts to scripts/devin/ with clearer names
Co-Authored-By: eunjae@cal.com <hey@eunjae.dev>
* rename DEVIN_API_TOKEN to DEVIN_API_KEY
* docs: fix usage comment script path
Co-Authored-By: eunjae@cal.com <hey@eunjae.dev>
* fix: remove folder creation from sync script (API doesn't support it)
Co-Authored-By: eunjae@cal.com <hey@eunjae.dev>
* fix: add -S flag to shebang for proper env execution
Co-Authored-By: eunjae@cal.com <hey@eunjae.dev>
* use pull_request_target
* fix: add -S flag to shebang in sync-knowledge-to-devin.ts for proper env execution
Co-Authored-By: unknown <>
* restructure workflows
* refactor: consolidate agent docs and split knowledge-base into modular rules
- Delete knowledge-base.md, migrate content to 17 new rule files
- Delete coding-standards.md (content duplicated in AGENTS.md and rules)
- Add ci- and reference- prefixes to rules/_sections.md
- Update AGENTS.md to reference new rule files
- Update agents/README.md as rules index
- Clean up parse-local-knowledge.ts (remove deleted file references)
New rule files:
- testing-playwright, testing-mocking, testing-timezone
- ci-check-failures, ci-type-check-first, ci-git-workflow
- data-prisma-migrations, data-prisma-feature-flags
- quality-error-handling, quality-imports, quality-pr-creation, quality-code-comments
- architecture-features-modules
- patterns-workflow-triggers, patterns-app-store
- reference-file-locations, reference-local-dev
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* Revert "refactor: consolidate agent docs and split knowledge-base into modular rules"
This reverts commit 8251b6b214.
* refactor: reorganize agent docs - extract coding rules, keep domain knowledge
- Slim down knowledge-base.md (356 → 96 lines) to domain knowledge only
- Add Business rules section (managed events, orgs/teams, OAuth clients)
- Delete coding-standards.md (content moved to rules)
- Create 19 new rule files for coding guidelines:
- quality-*: PR creation, error handling, imports, comments, code review
- testing-*: playwright, mocking, timezone, incremental
- ci-*: check failures, type-check-first, git workflow
- data-prisma-*: migrations, feature flags
- patterns-*: workflow triggers, app store
- architecture-features-modules, reference-file-locations, reference-local-dev
- Update agents/README.md as rules index (43 total rules)
- Update _sections.md with CI/CD and Reference sections
- Clean up parse-local-knowledge.ts
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix: rename knowledge-base sections to start with "When..."
Update section headers to pass validation rules:
- "Business Rules" → "When working with managed events, organizations, or OAuth clients"
- "Product & Codebase Knowledge" → "When you need product or codebase context"
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* refactor: split knowledge-base business rules into separate sections
Split the combined "When working with managed events, organizations, or OAuth clients"
section into three distinct ## sections for better Devin triggering:
- When working with managed event types
- When working with organizations and teams
- When working with OAuth clients
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* refactor: simplify trigger description logic in parse-local-knowledge.ts
Since validate-local-knowledge.ts enforces that all section titles must start
with "When...", we can remove the manual fallback logic and just use the
title directly as the trigger description.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* refactor: simplify knowledge-base section validation
Simplify the validation to only check that section titles start with "When..."
since we've standardized on that pattern. Remove the special cases for error,
file naming, PR, and repo note sections.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* feat: add script to delete all Devin knowledge entries
Add delete-all-devin-knowledge.ts script that:
- Lists all knowledge entries before deletion
- Requires interactive confirmation (Y) to proceed
- Blocks execution in non-TTY environments (CI, piped input)
- Shows progress while deleting entries
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* docs: add API reference links to delete-all-devin-knowledge script
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix: replace NOW() with CURRENT_TIMESTAMP in feature flag migration example
Co-Authored-By: unknown <>
* add -S
* docs: consolidate agent documentation and add AI setup guide
- Remove duplicated Project Structure & Tech Stack from agents/README.md
- Condense Commands section in AGENTS.md, link to agents/commands.md
- Add AI-Assisted Development section to root README.md explaining
the agents/ folder structure and symlink configuration
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* docs: remove incorrect CLAUDE.md symlink claim from README
Co-Authored-By: unknown <>
---------
Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
Use workflow_run pattern to enable the Cubic AI to Devin review workflow
for PRs from external forks. The pull_request_review event doesn't have
access to secrets when triggered from forks, so we split into two workflows:
1. cubic-devin-review-trigger.yml - Lightweight workflow that triggers on
pull_request_review and saves the review context as an artifact
2. cubic-devin-review.yml - Main workflow that triggers on workflow_run,
downloads the artifact, and processes it with full permissions/secrets
This follows the same pattern used by on-changes-requested.yml and re-draft.yml.
Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
* fix: make linting required for CI
- Remove continue-on-error from lint workflow so CI fails on lint errors
- Fix 2 lint errors: avoid importing from @trpc/server in lib package
- Add trpcErrorUtils.ts to handle TRPC errors without circular dependencies
- Update lint-staged to show warnings but not block commits
Co-Authored-By: Volnei Munhoz <volnei.munhoz@gmail.com>
* fix: add message field validation to isTRPCErrorLike type guard
Co-Authored-By: Volnei Munhoz <volnei.munhoz@gmail.com>
---------
Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
* ci(companion): add separate typecheck workflow to catch type errors
This adds a new companion-typecheck.yml workflow that runs TypeScript type
checking for the companion app. This would have caught the missing useEffect
import issue in PR #26931.
Changes:
- Add new companion-typecheck.yml workflow file
- Update pr.yml to call the new workflow when companion files change
- Add typecheck-companion to the required jobs list
Co-Authored-By: anik@cal.com <adhabal2002@gmail.com>
* add lint checks
* test
* remove
* update typecheck
* address review
---------
Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
* feat: add GitHub Action to check Prisma migrations match schema
Co-Authored-By: joe@cal.com <j.auyeung419@gmail.com>
* refactor: use CI_DATABASE_URL secret instead of hardcoded URL
Co-Authored-By: joe@cal.com <j.auyeung419@gmail.com>
* test: add test field to verify prisma migration check workflow
Co-Authored-By: joe@cal.com <j.auyeung419@gmail.com>
* fix: use git-based check for prisma changes to bypass paths-filter issue
Co-Authored-By: joe@cal.com <j.auyeung419@gmail.com>
* feat: add migration for test field to verify prisma migration check workflow
Co-Authored-By: joe@cal.com <j.auyeung419@gmail.com>
* chore: revert test field and migration after verifying workflow
Co-Authored-By: joe@cal.com <j.auyeung419@gmail.com>
* fix: split paths-filter into two actions to fix predicate-quantifier issue
Co-Authored-By: joe@cal.com <j.auyeung419@gmail.com>
* fix: rename has_companion to has-companion for consistent naming
Co-Authored-By: joe@cal.com <j.auyeung419@gmail.com>
* fix: update steps.filter references to steps.filter-exclusions
Co-Authored-By: joe@cal.com <j.auyeung419@gmail.com>
---------
Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
* fix: remove Stale label when Devin starts completing a stale PR
Co-Authored-By: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
* fix: update Devin prompt to remove Stale label after pushing changes
Co-Authored-By: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
* fix: use lowercase 'stale' label to match repository label
Co-Authored-By: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
* Update stale-pr-devin-completion.yml
---------
Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
* fix: detect OOM errors in type-check CI workflow
Turborepo has a known bug where tasks killed by signals (like OOM)
are incorrectly marked as successful because the exit code is -1,
and Turborepo takes max(-1, 0) = 0.
This fix captures the type-check output and explicitly checks for
OOM error patterns, failing the job if detected.
See: https://github.com/vercel/turbo/issues/4227
Co-Authored-By: Volnei Munhoz <volnei.munhoz@gmail.com>
* fix: increase type-check memory limit to 6144MB and add OOM detection
Co-Authored-By: Volnei Munhoz <volnei.munhoz@gmail.com>
* fix: increase type-check memory limit to 12GB
Co-Authored-By: Volnei Munhoz <volnei.munhoz@gmail.com>
---------
Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
* fix: reuse existing Devin sessions in stale PR completion workflow
Co-Authored-By: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
* refactor: consolidate Devin session logic into reusable action
- Create .github/actions/devin-session composite action for session checking
- Update stale-pr-devin-completion.yml to use the new action
- Update cubic-devin-review.yml to use the new action
- Update devin-conflict-resolver.yml to use the new action
- Rename workflows to 'PR Labeled' with descriptive job names
The new action checks for existing Devin sessions by:
1. Looking for session URLs in PR body (for PRs created by Devin)
2. Searching PR comments for known Devin session patterns
3. Verifying session is active (working, blocked, or resumed status)
This eliminates duplicated session checking logic across all three workflows.
Co-Authored-By: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
* revert: restore original workflow names
Reverted workflow names back to descriptive names:
- 'Stale Community PR Devin Completion' (was 'PR Labeled')
- 'Devin PR Conflict Resolver' (was 'PR Labeled')
Descriptive names are the recommended convention as they appear in
GitHub Actions tab, status checks, and notifications.
Co-Authored-By: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
* fix: add active status check for PR body sessions
Addresses Cubic AI feedback (confidence 9/10): PR body sessions
now verify the session is active (working, blocked, or resumed)
before reusing, matching the behavior of comment-based session checks.
Co-Authored-By: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
---------
Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
* feat: remove fork restriction from Stale Community PR Devin Completion workflow
Co-Authored-By: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
* feat: add back request maintainer access step for fork PRs
Co-Authored-By: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
---------
Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
* chore: sync vercel env var with trigger.dev
* chore: get trigger version from .env.production
* chore: deploy trigger dev tasks in draft release
* fixup! chore: deploy trigger dev tasks in draft release
* fixup! Merge branch 'main' into sync-trigger-dev-env-vercel
* remove trigger version from commit message it's already in .env.production
* chore: use generated token instead of GITHUB_TOKEN in draft release
* fix: code review
* feat: add DEVIN_ACTIONS_PAT instructions for pushing to forked PRs
Co-Authored-By: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
* refactor: simplify PAT instructions to be high-level
Co-Authored-By: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
* feat: allow workflow_dispatch to run on draft PRs
Co-Authored-By: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
* fix: only process targeted PR when pr_number is provided
Co-Authored-By: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
* feat: add critical fork PR error handling instruction to stale PR workflow
Co-Authored-By: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
---------
Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
* fix: use pull_request_target for conflict resolver label trigger
Co-Authored-By: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
* fix: update if condition to check for pull_request_target event name
Co-Authored-By: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
---------
Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
resolver validation
- Change git diff from HEAD^1 to HEAD^2 to show PRs contribution
(matches GitHubs Files changed view) instead of what main brought in
- Replace fixed 50-file threshold with relative threshold (original PR files + 10)
- A 20-file PR with 100 files in merge = bad
- A 100-file PR with 108 files in merge = fine
- Update devin-conflict-resolver.yml to check maintainerCanModify for fork PRs
- Instead of skipping fork PRs entirely, now checks if maintainer access is enabled
- Posts friendly comment asking contributors to enable 'Allow edits from maintainers'
- Adds 'maintainer-access-requested' label to track which PRs have been notified
- Update stale-pr-devin-completion.yml to post similar comment when triggered
- Both workflows avoid duplicate comments by checking for existing requests
Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
* fix: only auto-fix Cubic suggestions with confidence >= 9/10
Co-Authored-By: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
* Apply suggestion from @keithwillcode
---------
Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
* fix(api): remove OAuth client ID suffix from email in booking API responses
Fixes#25494 | Linear: CAL-6843
When managed users create or receive bookings, their emails were being returned with an internal OAuth client ID suffix (e.g., bob+cuid123@example.com). This suffix is used internally for user identification but should not be exposed in API responses.
Changes:
- Add cleanOAuthEmailSuffix() helper using CUID regex pattern
- Clean email suffix in hosts[], attendees[], bookingFieldsResponses.email, bookingFieldsResponses.guests[], and reassignedTo.email
- Pattern consistent with google-calendar.service.ts implementation
Affected output methods:
- getOutputBooking
- getOutputRecurringBooking
- getOutputSeatedBooking
- getOutputRecurringSeatedBooking
- getOutputReassignedBooking
- getHost
* refactor(api): preserve original email, add displayEmail field
Per team discussion, keep original email unchanged to avoid breaking changes for platform customers.
Add displayEmail field with CUID suffix removed for display purposes
* feat(api): add displayEmail to booking output DTOs
Add displayEmail property to BookingAttendee, BookingHost and ReassignedToDto for API documentation and type safety
* test(api): add e2e tests for displayEmail fields in managed user bookings
Add tests to verify that displayEmail fields correctly strip CUID suffix from OAuth managed user emails in booking API responses:
- Test host displayEmail returns email without CUID suffix
- Test attendee displayEmail returns email without CUID suffix
- Test bookingFieldsResponses.displayEmail returns clean email
- Test displayGuests array returns emails without CUID suffix
* false positive breaking change
* false positive breaking change
* test(api): update existing e2e tests to expect displayEmail field
* fix(api): add missing displayEmail to seated booking test assertions
The seated booking tests were missing displayEmail in the attendee
assertions for the second booking test and cancel-as-host test,
causing CI test failures
---------
Co-authored-by: cal.com <morgan@cal.com>
Co-authored-by: Morgan <33722304+ThyMinimalDev@users.noreply.github.com>
