BrickflowUI 0.1.13 Stability Verification¶
Date: 2026-06-29
Branch: codex/stability-hardening
Target: main
Version: 0.1.13
Outcome¶
The source, frontend production bundle, automated tests, static analysis, documentation build, browser acceptance matrix, final package build, clean-wheel installation, and dependency audits are green. GitHub publication remains blocked until authentication is refreshed. No wheel from an earlier source state may be published.
Automated gates¶
| Gate | Command | Result |
|---|---|---|
| Python tests | python -m pytest -q -p no:cacheprovider |
77 passed |
| Python lint | python -m ruff check --no-cache brickflowui tests examples scripts/generate_component_reference.py |
passed |
| Python types | python -m mypy --no-incremental --cache-dir NUL brickflowui |
passed, 16 source files |
| Frontend tests | npm test -- --run |
30 passed in 8 files |
| Frontend lint | npm run lint |
passed |
| Frontend build | npm run build |
passed with Vite 7.3.6 |
| Component references | python scripts/generate_component_reference.py |
passed; only the intentional Progress reference change remains |
| Documentation | python -m mkdocs build --strict --site-dir site-final |
passed |
| Patch hygiene | git diff --check |
passed |
The production bundle generated by the verified frontend build references:
assets/index-xP_s6Cac.jsassets/index-6YTbxISe.cssassets/vendor-D_MD1exS.jsassets/charts-CbObG0ND.js
The final npm audit --audit-level=high registry check reported zero vulnerabilities.
Browser acceptance¶
The in-app browser exercised the production bundle served by the Python runtime.
| Scenario | Result |
|---|---|
| Initial page and WebSocket connection | passed |
Direct /settings deep link |
passed |
/ to /analytics to /users navigation |
passed |
| Browser Back, Back, Forward without duplicate entries | passed |
| Forced server disconnect and full-tree reconnect | passed |
| Search filtering and keyboard clear | passed |
| Table sort ascending and descending | passed |
| Theme toggle | passed |
| Narrow 390 x 844 viewport without horizontal overflow | passed |
| Progress values 88, 93, and 82 | width matched value and computed color was non-transparent |
| ChatInput Enter submission | passed; rendered once and cleared the input |
| Browser console on verified flows | no uncaught errors observed |
The browser harness did not expose a Blob download event. CSV behavior is therefore covered by unit tests for formula neutralization, UTF-8 BOM and CRLF output, attached-link click order, cleanup, and deferred object-URL revocation.
Defects fixed in this release¶
- transparent progress fills caused by undefined friendly color tokens;
- duplicate browser-history pushes during popstate navigation;
- unsafe or malformed incremental VDOM patches;
- nested VNodes omitted from changed prop serialization;
- lost back-to-back ChatInput change and submit events;
- ChatInput submission during IME composition;
- unsafe spreadsheet formula cells and fragile Blob download cleanup;
- render-context leakage across nested renders;
- unsafe HTML shell interpolation and active bootstrap configuration;
- frozen pages when the packaged frontend bundle is missing;
- unsafe CLI scaffold paths;
- source version reporting inherited from an unrelated installed release.
Package verification¶
The final artifacts were built in an isolated PEP 517 environment and passed Twine metadata validation:
- wheel:
brickflowui-0.1.13-py3-none-any.whl - wheel SHA-256:
A8A200DD110FE1C4179C9A8182BC75B861DEECD9AA6146A7AC14543D308C669A - sdist:
brickflowui-0.1.13.tar.gz
The sdist checksum is recorded alongside the final external release artifacts rather than embedded here, because this report is itself included in the sdist.
The exact wheel installed successfully into a clean environment. An isolated import reported version 0.1.13 from site-packages, found the expected index-xP_s6Cac.js bundle, and served both / and the bundled JavaScript asset with HTTP 200. pip-audit reported no known vulnerabilities in the installed dependency set; the unpublished local brickflowui==0.1.13 distribution was the expected unaudited package.
Publication blocker¶
GitHub CLI authentication also reports an invalid token for AjayAJ2000. Before release:
- refresh authentication with
gh auth refresh -h github.com; - push the verified branch and open the PR to
main; - merge only after CI and review;
- publish
v0.1.13through the trusted-publishing workflow; - verify the exact PyPI JSON endpoint and a fresh
brickflowui==0.1.13install.
Release status: locally verified; GitHub authentication and the reviewed merge/release workflow remain required for publication.