What shipped
All reposKey FrontendKeystoneKey Service Sites (KSL/GHK)Training Centre (STC/CPD)Key ProtosKeyflowCompany Backend (Strapi)Key Docs
All authorsJoshYG-TheKeyOwenTourlamainRhadamanthus1TheTomWardalex-wilson-the-keycpoteylunky84robin-agentsarahcthekeysnyk-io-eu[bot]
8 PRs · 3 repos · 1 contributor · 6 Jun – 6 Jul
Monday, 6 July 2026
Training Centre (STC/CPD)
- Rrobin-agentThe training_centre service added timeouts and automatic retries to its gRPC calls so transient service issues don't silently break course completion flows.#1964 — feat: PENG-3675 add deadlines and native gRPC retries to service clients
Thursday, 2 July 2026
Key Protos
- Rrobin-agentIncluded the publication status of training items in API responses so downstream services can see whether items are published or coming-soon.#117 — feat: PENG-3648 add status field to HydratedTrainingItem
Training Centre (STC/CPD)
- Rrobin-agentPrevented accidental changes to SCOID identifiers on training pages once registrations exist, which was breaking the ability to sync completion data from ScormCloud.#1960 — fix: PENG-3637 prevent SCOID changes when registrations or results exist
Monday, 29 June 2026
Training Centre (STC/CPD)
- Rrobin-agentTraining content marked as 'new' will now automatically stop appearing as new after 2 months, eliminating the need for manual updates and preventing stale content from being labeled as fresh.#1959 — feat: PENG-3652 auto-expire is_new label after 2 months
Friday, 26 June 2026
Training Centre (STC/CPD)
- Rrobin-agentPrevented learner course completion status from reverting to incomplete when they re-access a finished ScormCloud course, ensuring consistent data between status and completion timestamps.#1957 — fix: PENG-3637 prevent status regression on ScormCloud re-access sync
Wednesday, 24 June 2026
Company Backend (Strapi)
- Rrobin-agentFixed security vulnerabilities in lodash-es and fast-xml-parser by adding dependency overrides and upgrading packages to safer versions.#68 — fix: PENG-3041 override lodash-es and upgrade fast-xml-parser to 5.x
Tuesday, 23 June 2026
Company Backend (Strapi)
- Rrobin-agentAdditional vulnerable transitive dependencies in company-backend have been patched through pnpm overrides to address remaining security vulnerabilities like prototype pollution and HTTP response splitting issues.#67 — fix: PENG-3041 override additional vulnerable transitive dependencies
- Rrobin-agentSeventy-one vulnerable transitive dependencies introduced by Strapi have been mitigated by pinning safe patched versions through pnpm overrides, addressing critical security issues while maintaining API compatibility.#66 — fix: PENG-3041 override vulnerable transitive dependencies