What shipped
All reposKey FrontendKeystoneKey Service Sites (KSL/GHK)Training Centre (STC/CPD)Key ProtosKeyflowCompany Backend (Strapi)Key Docs
All authorsJoshYG-TheKeyOwenTourlamainRhadamanthus1TheTomWardalex-wilson-the-keycpoteylunky84robin-agentsarahcthekeysnyk-io-eu[bot]
12 PRs · 3 repos · 4 contributors · 6 Jun – 6 Jul
Monday, 6 July 2026
Key Service Sites (KSL/GHK)
- Rrobin-agentThe key_service_sites microservice now applies timeouts to all gRPC calls including page-rendering operations, preventing worker threads from getting stuck waiting for unresponsive backend services.#1983 — feat: PENG-3675 gRPC deadlines, 16MB limits, and django-q task retries
Thursday, 2 July 2026
Key Service Sites (KSL/GHK)
- SsarahcthekeyConfigured the key_service_sites container to run as a non-root user for improved security in production environments.#1981 — feat(key_service_sites): run container as non-root user (PLA-380)
Friday, 26 June 2026
Keyflow
- CcpoteyEnsured the local development database doesn't restore a stale deprecated validation URL when reset, preventing authentication issues during testing.#68 — fix(db): PENG-3645 clear MYKEY authorisation_redirect_url in set-data…
Wednesday, 24 June 2026
Company Backend (Strapi)
- Rrobin-agentFixed security vulnerabilities in lodash-es and fast-xml-parser by adding dependency overrides and upgrading packages to safer versions.#68 — fix: PENG-3041 override lodash-es and upgrade fast-xml-parser to 5.x
Key Service Sites (KSL/GHK)
- Rrobin-agentMade text and messaging updates to the website for ticket 3635 to improve user-facing copy.#1978 — 3635 copy tweaks
Tuesday, 23 June 2026
Company Backend (Strapi)
- Rrobin-agentAdditional vulnerable transitive dependencies in company-backend have been patched through pnpm overrides to address remaining security vulnerabilities like prototype pollution and HTTP response splitting issues.#67 — fix: PENG-3041 override additional vulnerable transitive dependencies
- Rrobin-agentSeventy-one vulnerable transitive dependencies introduced by Strapi have been mitigated by pinning safe patched versions through pnpm overrides, addressing critical security issues while maintaining API compatibility.#66 — fix: PENG-3041 override vulnerable transitive dependencies
Key Service Sites (KSL/GHK)
- CcpoteyImages no longer silently disappear from articles when the Wagtail editor encounters rendering errors, preventing accidental data loss when users save pages after editing.#1976 — 2fix(rich_text): PENG-3622 Preserve image embed data when editor rende…
- RRhadamanthus1Unused application settings and the context processor module that served no active purpose have been removed as part of cleanup operations.#1977 — chore(settings): PENG-3499 prune unused settings
- RRhadamanthus1Obsolete OIDC middleware that was designed for the old user-facing Django template system has been removed since the application is now a headless backend.#1972 — chore(middleware): PENG-3499 remove unused oidc middleware
- RRhadamanthus1The single-access-session middleware and related functionality have been removed because no new tokens of this type have been created in years and stakeholders confirmed it is unused.#1974 — Peng 3499 remove single access session middleware
- RRhadamanthus1The redirect middleware has been removed because its functionality is now handled by Kubernetes infrastructure-level redirect rules that are already in place.#1973 — chore(middleware): PENG-3499 remove redirect middleware