From 5f6714b77094d394b4eaf43cb8727f87fd046c5e Mon Sep 17 00:00:00 2001
From: Arjun Komath <arjunkomath@gmail.com>
Date: Sun, 15 Feb 2026 11:25:53 +1100
Subject: [PATCH 1/3] Add more validations

---
 agent/internal/agent/backup.go                | 17 +++++++++++++++++
 web/actions/projects.ts                       | 15 ++++++++++++---
 web/app/api/github/manifest/callback/route.ts |  2 +-
 web/lib/github.ts                             |  8 ++++++++
 4 files changed, 38 insertions(+), 4 deletions(-)

diff --git a/agent/internal/agent/backup.go b/agent/internal/agent/backup.go
index 509b350..7469298 100644
--- a/agent/internal/agent/backup.go
+++ b/agent/internal/agent/backup.go
@@ -957,6 +957,14 @@ func extractTarGz(archivePath, destPath string) error {
 			return fmt.Errorf("invalid tar entry: %s", header.Name)
 		}
 
+		parentDir := filepath.Dir(targetPath)
+		if resolvedParent, err := filepath.EvalSymlinks(parentDir); err == nil {
+			if !strings.HasPrefix(resolvedParent, filepath.Clean(destPath)+string(os.PathSeparator)) &&
+				resolvedParent != filepath.Clean(destPath) {
+				return fmt.Errorf("invalid tar entry (symlink traversal): %s", header.Name)
+			}
+		}
+
 		switch header.Typeflag {
 		case tar.TypeDir:
 			if err := os.MkdirAll(targetPath, os.FileMode(header.Mode)); err != nil {
@@ -976,6 +984,15 @@ func extractTarGz(archivePath, destPath string) error {
 			}
 			outFile.Close()
 		case tar.TypeSymlink:
+			linkTarget := header.Linkname
+			if !filepath.IsAbs(linkTarget) {
+				linkTarget = filepath.Join(filepath.Dir(targetPath), linkTarget)
+			}
+			resolvedLink := filepath.Clean(linkTarget)
+			if !strings.HasPrefix(resolvedLink, filepath.Clean(destPath)+string(os.PathSeparator)) &&
+			resolvedLink != filepath.Clean(destPath) {
+				return fmt.Errorf("invalid symlink target: %s -> %s", header.Name, header.Linkname)
+			}
 			if err := os.MkdirAll(filepath.Dir(targetPath), 0755); err != nil {
 				return fmt.Errorf("failed to create parent directory: %w", err)
 			}
diff --git a/web/actions/projects.ts b/web/actions/projects.ts
index 59fc8c1..862f069 100644
--- a/web/actions/projects.ts
+++ b/web/actions/projects.ts
@@ -41,9 +41,6 @@ import { startMigration } from "./migrations";
 import { inngest } from "@/lib/inngest/client";
 
 function isValidImageReferencePart(reference: string): boolean {
-	// Allow only characters that are valid in Docker tags/digests and avoid path traversal.
-	// Tags: letters, digits, underscores, periods and dashes; Digests: "algorithm:hex".
-	// This regex is intentionally conservative.
 	const tagPattern = /^[A-Za-z0-9_][A-Za-z0-9_.-]{0,127}$/;
 	const digestPattern = /^[A-Za-z0-9_+.-]+:[0-9a-fA-F]{32,256}$/;
 
@@ -54,6 +51,11 @@ function isValidImageReferencePart(reference: string): boolean {
 	);
 }
 
+function isValidImageNamePart(part: string): boolean {
+	const segmentPattern = /^[a-zA-Z0-9]([a-zA-Z0-9._-]*[a-zA-Z0-9])?$/;
+	return part.split("/").every((segment) => segmentPattern.test(segment));
+}
+
 function parseImageReference(image: string): {
 	registry: string;
 	namespace: string;
@@ -117,6 +119,13 @@ export async function validateDockerImage(
 			};
 		}
 
+		if (!isValidImageNamePart(namespace) || !isValidImageNamePart(repository)) {
+			return {
+				valid: false,
+				error: "Invalid image name",
+			};
+		}
+
 		if (registry === "docker.io") {
 			const repoPath =
 				namespace === "library" ? repository : `${namespace}/${repository}`;
diff --git a/web/app/api/github/manifest/callback/route.ts b/web/app/api/github/manifest/callback/route.ts
index 84fae82..b3f4afb 100644
--- a/web/app/api/github/manifest/callback/route.ts
+++ b/web/app/api/github/manifest/callback/route.ts
@@ -4,7 +4,7 @@ export async function GET(request: NextRequest) {
 	const searchParams = request.nextUrl.searchParams;
 	const code = searchParams.get("code");
 
-	if (!code) {
+	if (!code || !/^[a-zA-Z0-9]+$/.test(code)) {
 		return NextResponse.redirect(
 			new URL("/dashboard/settings?github_error=missing_code", request.url),
 		);
diff --git a/web/lib/github.ts b/web/lib/github.ts
index e6b2e07..5b07b7b 100644
--- a/web/lib/github.ts
+++ b/web/lib/github.ts
@@ -122,6 +122,12 @@ export function buildCloneUrl(token: string, repoFullName: string): string {
 	return `https://x-access-token:${token}@github.com/${repoFullName}.git`;
 }
 
+function validateRepoFullName(repoFullName: string): void {
+	if (!/^[a-zA-Z0-9._-]+\/[a-zA-Z0-9._-]+$/.test(repoFullName)) {
+		throw new Error("Invalid repository name");
+	}
+}
+
 type DeploymentState =
 	| "pending"
 	| "in_progress"
@@ -136,6 +142,7 @@ export async function createGitHubDeployment(
 	environment: string,
 	description: string,
 ): Promise<number> {
+	validateRepoFullName(repoFullName);
 	const token = await getInstallationToken(installationId);
 
 	const response = await fetch(
@@ -178,6 +185,7 @@ export async function updateGitHubDeploymentStatus(
 		environmentUrl?: string;
 	},
 ): Promise<void> {
+	validateRepoFullName(repoFullName);
 	const token = await getInstallationToken(installationId);
 
 	const body: Record<string, unknown> = {

From 2ceed6968ad4e6ffd3bb3ff8a1f6321c6a6b5fa5 Mon Sep 17 00:00:00 2001
From: Arjun Komath <arjunkomath@gmail.com>
Date: Tue, 24 Feb 2026 23:44:49 +1100
Subject: [PATCH 2/3] UI clean up

---
 .../import-compose/import-compose-form.tsx    |  16 +-
 web/components/core/action-button.tsx         |  69 -------
 web/components/core/editable-text.tsx         |   2 +-
 web/components/logs/log-viewer.tsx            |  29 +--
 .../details/pending-changes-banner.tsx        |   2 +-
 .../service/details/secrets-section.tsx       |   2 +-
 web/components/ui/command.tsx                 | 190 ------------------
 web/components/ui/input-group.tsx             | 158 ---------------
 web/lib/email/templates/alert.tsx             |   4 +-
 web/lib/email/templates/test-email.tsx        |  36 ----
 10 files changed, 29 insertions(+), 479 deletions(-)
 delete mode 100644 web/components/core/action-button.tsx
 delete mode 100644 web/components/ui/command.tsx
 delete mode 100644 web/components/ui/input-group.tsx
 delete mode 100644 web/lib/email/templates/test-email.tsx

diff --git a/web/app/(dashboard)/dashboard/projects/[slug]/[env]/import-compose/import-compose-form.tsx b/web/app/(dashboard)/dashboard/projects/[slug]/[env]/import-compose/import-compose-form.tsx
index c583a7d..54d25af 100644
--- a/web/app/(dashboard)/dashboard/projects/[slug]/[env]/import-compose/import-compose-form.tsx
+++ b/web/app/(dashboard)/dashboard/projects/[slug]/[env]/import-compose/import-compose-form.tsx
@@ -243,8 +243,8 @@ services:
 							<AlertCircle className="h-4 w-4" />
 							<AlertTitle>Error</AlertTitle>
 							<AlertDescription>
-								{errors.map((err, i) => (
-									<div key={i}>{err.message}</div>
+								{errors.map((err) => (
+									<div key={err.message}>{err.message}</div>
 								))}
 							</AlertDescription>
 						</Alert>
@@ -335,8 +335,8 @@ services:
 							</AlertTitle>
 							<AlertDescription className="text-yellow-700/80 dark:text-yellow-500/80">
 								<ul className="list-disc list-inside space-y-1 mt-1">
-									{warnings.map((w, i) => (
-										<li key={i}>
+									{warnings.map((w) => (
+										<li key={`${w.service}-${w.message}`}>
 											{w.service ? <strong>{w.service}:</strong> : null}{" "}
 											{w.message}
 										</li>
@@ -352,8 +352,8 @@ services:
 							<AlertTitle>Errors ({errors.length})</AlertTitle>
 							<AlertDescription>
 								<ul className="list-disc list-inside space-y-1 mt-1">
-									{errors.map((e, i) => (
-										<li key={i}>
+									{errors.map((e) => (
+										<li key={`${e.service}-${e.message}`}>
 											{e.service ? <strong>{e.service}:</strong> : null}{" "}
 											{e.message}
 										</li>
@@ -482,8 +482,8 @@ services:
 							</AlertTitle>
 							<AlertDescription className="text-yellow-700/80 dark:text-yellow-500/80">
 								<ul className="list-disc list-inside space-y-1 mt-1">
-									{importResult.warnings.map((w, i) => (
-										<li key={i}>
+									{importResult.warnings.map((w) => (
+										<li key={`${w.service}-${w.message}`}>
 											{w.service ? <strong>{w.service}:</strong> : null}{" "}
 											{w.message}
 										</li>
diff --git a/web/components/core/action-button.tsx b/web/components/core/action-button.tsx
deleted file mode 100644
index 7aec496..0000000
--- a/web/components/core/action-button.tsx
+++ /dev/null
@@ -1,69 +0,0 @@
-"use client";
-
-import { useState } from "react";
-import { toast } from "sonner";
-import { Button } from "@/components/ui/button";
-
-interface ActionButtonProps {
-	action: () => Promise<unknown>;
-	label: string;
-	loadingLabel: string;
-	variant?:
-		| "default"
-		| "positive"
-		| "destructive"
-		| "outline"
-		| "secondary"
-		| "ghost"
-		| "link"
-		| "warning";
-	size?: "default" | "sm" | "lg" | "icon";
-	onComplete?: () => void;
-}
-
-export function ActionButton({
-	action,
-	label,
-	loadingLabel,
-	variant = "default",
-	size = "sm",
-	onComplete,
-}: ActionButtonProps) {
-	const [isLoading, setIsLoading] = useState(false);
-
-	const handleClick = async () => {
-		setIsLoading(true);
-		try {
-			await action();
-			onComplete?.();
-		} catch (error) {
-			console.error("Action failed:", error);
-			// Handle all error types: Error instances, objects with message, strings, or unknown
-			const errorMessage =
-				error instanceof Error
-					? error.message
-					: typeof error === "string"
-						? error
-						: error &&
-								typeof error === "object" &&
-								"message" in error &&
-								typeof error.message === "string"
-							? error.message
-							: "An error occurred";
-			toast.error(errorMessage);
-		} finally {
-			setIsLoading(false);
-		}
-	};
-
-	return (
-		<Button
-			onClick={handleClick}
-			disabled={isLoading}
-			variant={variant}
-			size={size}
-		>
-			{isLoading ? loadingLabel : label}
-		</Button>
-	);
-}
diff --git a/web/components/core/editable-text.tsx b/web/components/core/editable-text.tsx
index 0088665..e9ead32 100644
--- a/web/components/core/editable-text.tsx
+++ b/web/components/core/editable-text.tsx
@@ -30,7 +30,7 @@ export function EditableText({
 }) {
 	const [isOpen, setIsOpen] = useState(false);
 	const [isSaving, setIsSaving] = useState(false);
-	const [inputValue, setInputValue] = useState(value);
+	const [inputValue, setInputValue] = useState("");
 	const inputRef = useRef<HTMLInputElement>(null);
 
 	const handleFocus = () => {
diff --git a/web/components/logs/log-viewer.tsx b/web/components/logs/log-viewer.tsx
index 7519a80..6a7d05b 100644
--- a/web/components/logs/log-viewer.tsx
+++ b/web/components/logs/log-viewer.tsx
@@ -13,7 +13,7 @@ import {
 	parseAsStringLiteral,
 	useQueryState,
 } from "nuqs";
-import { useEffect, useLayoutEffect, useMemo, useRef, useState } from "react";
+import { useLayoutEffect, useMemo, useRef, useState } from "react";
 import useSWR from "swr";
 import { Button } from "@/components/ui/button";
 import {
@@ -116,7 +116,7 @@ function highlightMatches(text: string, search: string): React.ReactNode {
 	return parts.map((part, i) =>
 		regex.test(part) ? (
 			<mark
-				key={i}
+				key={`${part}-${i}`}
 				className="bg-yellow-300 dark:bg-yellow-700 text-inherit rounded-sm px-0.5"
 			>
 				{part}
@@ -648,6 +648,14 @@ export function LogViewer(props: LogViewerProps) {
 	const [olderLogs, setOlderLogs] = useState<unknown[]>([]);
 	const [isLoadingOlder, setIsLoadingOlder] = useState(false);
 	const [olderHasMore, setOlderHasMore] = useState(true);
+	const [prevSelectedServerId, setPrevSelectedServerId] =
+		useState(selectedServerId);
+
+	if (selectedServerId !== prevSelectedServerId) {
+		setPrevSelectedServerId(selectedServerId);
+		setOlderLogs([]);
+		setOlderHasMore(true);
+	}
 
 	const servers = props.variant === "service-logs" ? props.servers : undefined;
 
@@ -688,11 +696,6 @@ export function LogViewer(props: LogViewerProps) {
 	const hasMore =
 		olderLogs.length === 0 ? data?.hasMore || false : olderHasMore;
 
-	useEffect(() => {
-		setOlderLogs([]);
-		setOlderHasMore(true);
-	}, [selectedServerId]);
-
 	const loadOlderLogs = async () => {
 		if (isLoadingOlder || !hasMore) return;
 
@@ -974,12 +977,12 @@ export function LogViewer(props: LogViewerProps) {
 					</Empty>
 				) : (
 					<div className="p-4 py-2">
-						{filteredLogs.map((entry, idx) => {
+						{filteredLogs.map((entry) => {
 							if (props.variant === "service-logs") {
 								const e = entry as ServiceLogEntry;
 								return (
 									<ServiceLogRow
-										key={`${e.id}-${idx}`}
+										key={e.id}
 										entry={e}
 										search={search}
 									/>
@@ -989,7 +992,7 @@ export function LogViewer(props: LogViewerProps) {
 								const e = entry as RequestEntry;
 								return (
 									<RequestRow
-										key={`${e.id}-${idx}`}
+										key={e.id}
 										entry={e}
 										search={search}
 									/>
@@ -999,7 +1002,7 @@ export function LogViewer(props: LogViewerProps) {
 								const e = entry as ServerLogEntry;
 								return (
 									<ServerLogRow
-										key={`${e.id}-${idx}`}
+										key={e.id}
 										entry={e}
 										search={search}
 									/>
@@ -1009,7 +1012,7 @@ export function LogViewer(props: LogViewerProps) {
 								const e = entry as BuildLogEntry;
 								return (
 									<BuildLogRow
-										key={`${e.timestamp}-${idx}`}
+										key={e.timestamp}
 										entry={e}
 										search={search}
 									/>
@@ -1018,7 +1021,7 @@ export function LogViewer(props: LogViewerProps) {
 							const e = entry as BuildLogEntry;
 							return (
 								<BuildLogRow
-									key={`${e.timestamp}-${idx}`}
+									key={e.timestamp}
 									entry={e}
 									search={search}
 								/>
diff --git a/web/components/service/details/pending-changes-banner.tsx b/web/components/service/details/pending-changes-banner.tsx
index f584ba3..3cfd102 100644
--- a/web/components/service/details/pending-changes-banner.tsx
+++ b/web/components/service/details/pending-changes-banner.tsx
@@ -85,7 +85,7 @@ export const PendingChangesBanner = memo(function PendingChangesBanner({
 									<div className="mt-2 space-y-1.5">
 										{changes.map((change, i) => (
 											<div
-												key={`change-${change.field}-${i}`}
+												key={change.field}
 												className="flex items-center gap-2 text-sm"
 											>
 												<span className="font-medium shrink-0 text-muted-foreground">
diff --git a/web/components/service/details/secrets-section.tsx b/web/components/service/details/secrets-section.tsx
index 2d0a51e..bb829df 100644
--- a/web/components/service/details/secrets-section.tsx
+++ b/web/components/service/details/secrets-section.tsx
@@ -278,7 +278,7 @@ export const SecretsSection = memo(function SecretsSection({
 						)}
 						{pendingVars.map((variable, index) => (
 							<div
-								key={`${variable.key}-${index}`}
+								key={variable.key}
 								className="flex items-center justify-between px-3 py-2 rounded-md text-sm bg-green-500/10 border border-green-500/20"
 							>
 								<div className="flex items-center gap-2 min-w-0 flex-1">
diff --git a/web/components/ui/command.tsx b/web/components/ui/command.tsx
deleted file mode 100644
index 9f7152b..0000000
--- a/web/components/ui/command.tsx
+++ /dev/null
@@ -1,190 +0,0 @@
-"use client";
-
-import * as React from "react";
-import { Command as CommandPrimitive } from "cmdk";
-
-import { cn } from "@/lib/utils";
-import {
-	Dialog,
-	DialogContent,
-	DialogDescription,
-	DialogHeader,
-	DialogTitle,
-} from "@/components/ui/dialog";
-import { InputGroup, InputGroupAddon } from "@/components/ui/input-group";
-import { SearchIcon, CheckIcon } from "lucide-react";
-
-function Command({
-	className,
-	...props
-}: React.ComponentProps<typeof CommandPrimitive>) {
-	return (
-		<CommandPrimitive
-			data-slot="command"
-			className={cn(
-				"bg-popover text-popover-foreground rounded-xl! p-1 flex size-full flex-col overflow-hidden",
-				className,
-			)}
-			{...props}
-		/>
-	);
-}
-
-function CommandDialog({
-	title = "Command Palette",
-	description = "Search for a command to run...",
-	children,
-	className,
-	showCloseButton = false,
-	...props
-}: Omit<React.ComponentProps<typeof Dialog>, "children"> & {
-	title?: string;
-	description?: string;
-	className?: string;
-	showCloseButton?: boolean;
-	children: React.ReactNode;
-}) {
-	return (
-		<Dialog {...props}>
-			<DialogHeader className="sr-only">
-				<DialogTitle>{title}</DialogTitle>
-				<DialogDescription>{description}</DialogDescription>
-			</DialogHeader>
-			<DialogContent
-				className={cn("rounded-xl! overflow-hidden p-0", className)}
-				showCloseButton={showCloseButton}
-			>
-				{children}
-			</DialogContent>
-		</Dialog>
-	);
-}
-
-function CommandInput({
-	className,
-	...props
-}: React.ComponentProps<typeof CommandPrimitive.Input>) {
-	return (
-		<div data-slot="command-input-wrapper" className="p-1 pb-0">
-			<InputGroup className="bg-input/30 border-input/30 h-8! rounded-lg! shadow-none! *:data-[slot=input-group-addon]:pl-2!">
-				<CommandPrimitive.Input
-					data-slot="command-input"
-					className={cn(
-						"w-full text-sm outline-hidden disabled:cursor-not-allowed disabled:opacity-50",
-						className,
-					)}
-					{...props}
-				/>
-				<InputGroupAddon>
-					<SearchIcon className="size-4 shrink-0 opacity-50" />
-				</InputGroupAddon>
-			</InputGroup>
-		</div>
-	);
-}
-
-function CommandList({
-	className,
-	...props
-}: React.ComponentProps<typeof CommandPrimitive.List>) {
-	return (
-		<CommandPrimitive.List
-			data-slot="command-list"
-			className={cn(
-				"no-scrollbar max-h-72 scroll-py-1 outline-none overflow-x-hidden overflow-y-auto",
-				className,
-			)}
-			{...props}
-		/>
-	);
-}
-
-function CommandEmpty({
-	className,
-	...props
-}: React.ComponentProps<typeof CommandPrimitive.Empty>) {
-	return (
-		<CommandPrimitive.Empty
-			data-slot="command-empty"
-			className={cn("py-6 text-center text-sm", className)}
-			{...props}
-		/>
-	);
-}
-
-function CommandGroup({
-	className,
-	...props
-}: React.ComponentProps<typeof CommandPrimitive.Group>) {
-	return (
-		<CommandPrimitive.Group
-			data-slot="command-group"
-			className={cn(
-				"text-foreground [&_[cmdk-group-heading]]:text-muted-foreground overflow-hidden p-1 [&_[cmdk-group-heading]]:px-2 [&_[cmdk-group-heading]]:py-1.5 [&_[cmdk-group-heading]]:text-xs [&_[cmdk-group-heading]]:font-medium",
-				className,
-			)}
-			{...props}
-		/>
-	);
-}
-
-function CommandSeparator({
-	className,
-	...props
-}: React.ComponentProps<typeof CommandPrimitive.Separator>) {
-	return (
-		<CommandPrimitive.Separator
-			data-slot="command-separator"
-			className={cn("bg-border -mx-1 h-px", className)}
-			{...props}
-		/>
-	);
-}
-
-function CommandItem({
-	className,
-	children,
-	...props
-}: React.ComponentProps<typeof CommandPrimitive.Item>) {
-	return (
-		<CommandPrimitive.Item
-			data-slot="command-item"
-			className={cn(
-				"data-selected:bg-muted data-selected:text-foreground data-selected:*:[svg]:text-foreground relative flex cursor-default items-center gap-2 rounded-sm px-2 py-1.5 text-sm outline-hidden select-none [&_svg:not([class*='size-'])]:size-4 [[data-slot=dialog-content]_&]:rounded-lg! group/command-item data-[disabled=true]:pointer-events-none data-[disabled=true]:opacity-50 [&_svg]:pointer-events-none [&_svg]:shrink-0",
-				className,
-			)}
-			{...props}
-		>
-			{children}
-			<CheckIcon className="ml-auto opacity-0 group-has-[[data-slot=command-shortcut]]/command-item:hidden group-data-[checked=true]/command-item:opacity-100" />
-		</CommandPrimitive.Item>
-	);
-}
-
-function CommandShortcut({
-	className,
-	...props
-}: React.ComponentProps<"span">) {
-	return (
-		<span
-			data-slot="command-shortcut"
-			className={cn(
-				"text-muted-foreground group-data-selected/command-item:text-foreground ml-auto text-xs tracking-widest",
-				className,
-			)}
-			{...props}
-		/>
-	);
-}
-
-export {
-	Command,
-	CommandDialog,
-	CommandInput,
-	CommandList,
-	CommandEmpty,
-	CommandGroup,
-	CommandItem,
-	CommandShortcut,
-	CommandSeparator,
-};
diff --git a/web/components/ui/input-group.tsx b/web/components/ui/input-group.tsx
deleted file mode 100644
index b74357c..0000000
--- a/web/components/ui/input-group.tsx
+++ /dev/null
@@ -1,158 +0,0 @@
-"use client";
-
-import * as React from "react";
-import { cva, type VariantProps } from "class-variance-authority";
-
-import { cn } from "@/lib/utils";
-import { Button } from "@/components/ui/button";
-import { Input } from "@/components/ui/input";
-import { Textarea } from "@/components/ui/textarea";
-
-function InputGroup({ className, ...props }: React.ComponentProps<"div">) {
-	return (
-		<div
-			data-slot="input-group"
-			role="group"
-			className={cn(
-				"border-input dark:bg-input/30 has-[[data-slot=input-group-control]:focus-visible]:border-ring has-[[data-slot=input-group-control]:focus-visible]:ring-ring/50 has-[[data-slot][aria-invalid=true]]:ring-destructive/20 has-[[data-slot][aria-invalid=true]]:border-destructive dark:has-[[data-slot][aria-invalid=true]]:ring-destructive/40 has-disabled:bg-input/50 dark:has-disabled:bg-input/80 h-8 rounded-lg border transition-colors has-disabled:opacity-50 has-[[data-slot=input-group-control]:focus-visible]:ring-[3px] has-[[data-slot][aria-invalid=true]]:ring-[3px] has-[>[data-align=block-end]]:h-auto has-[>[data-align=block-end]]:flex-col has-[>[data-align=block-start]]:h-auto has-[>[data-align=block-start]]:flex-col has-[>[data-align=block-end]]:[&>input]:pt-3 has-[>[data-align=block-start]]:[&>input]:pb-3 has-[>[data-align=inline-end]]:[&>input]:pr-1.5 has-[>[data-align=inline-start]]:[&>input]:pl-1.5 [[data-slot=combobox-content]_&]:focus-within:border-inherit [[data-slot=combobox-content]_&]:focus-within:ring-0 group/input-group relative flex w-full min-w-0 items-center outline-none has-[>textarea]:h-auto",
-				className,
-			)}
-			{...props}
-		/>
-	);
-}
-
-const inputGroupAddonVariants = cva(
-	"text-muted-foreground h-auto gap-2 py-1.5 text-sm font-medium group-data-[disabled=true]/input-group:opacity-50 [&>kbd]:rounded-[calc(var(--radius)-5px)] [&>svg:not([class*='size-'])]:size-4 flex cursor-text items-center justify-center select-none",
-	{
-		variants: {
-			align: {
-				"inline-start":
-					"pl-2 has-[>button]:ml-[-0.3rem] has-[>kbd]:ml-[-0.15rem] order-first",
-				"inline-end":
-					"pr-2 has-[>button]:mr-[-0.3rem] has-[>kbd]:mr-[-0.15rem] order-last",
-				"block-start":
-					"px-2.5 pt-2 group-has-[>input]/input-group:pt-2 [.border-b]:pb-2 order-first w-full justify-start",
-				"block-end":
-					"px-2.5 pb-2 group-has-[>input]/input-group:pb-2 [.border-t]:pt-2 order-last w-full justify-start",
-			},
-		},
-		defaultVariants: {
-			align: "inline-start",
-		},
-	},
-);
-
-function InputGroupAddon({
-	className,
-	align = "inline-start",
-	...props
-}: React.ComponentProps<"div"> & VariantProps<typeof inputGroupAddonVariants>) {
-	return (
-		<div
-			role="group"
-			data-slot="input-group-addon"
-			data-align={align}
-			className={cn(inputGroupAddonVariants({ align }), className)}
-			onClick={(e) => {
-				if ((e.target as HTMLElement).closest("button")) {
-					return;
-				}
-				e.currentTarget.parentElement?.querySelector("input")?.focus();
-			}}
-			{...props}
-		/>
-	);
-}
-
-const inputGroupButtonVariants = cva(
-	"gap-2 text-sm shadow-none flex items-center",
-	{
-		variants: {
-			size: {
-				xs: "h-6 gap-1 rounded-[calc(var(--radius)-3px)] px-1.5 [&>svg:not([class*='size-'])]:size-3.5",
-				sm: "",
-				"icon-xs":
-					"size-6 rounded-[calc(var(--radius)-3px)] p-0 has-[>svg]:p-0",
-				"icon-sm": "size-8 p-0 has-[>svg]:p-0",
-			},
-		},
-		defaultVariants: {
-			size: "xs",
-		},
-	},
-);
-
-function InputGroupButton({
-	className,
-	type = "button",
-	variant = "ghost",
-	size = "xs",
-	...props
-}: Omit<React.ComponentProps<typeof Button>, "size" | "type"> &
-	VariantProps<typeof inputGroupButtonVariants> & {
-		type?: "button" | "submit" | "reset";
-	}) {
-	return (
-		<Button
-			type={type}
-			data-size={size}
-			variant={variant}
-			className={cn(inputGroupButtonVariants({ size }), className)}
-			{...props}
-		/>
-	);
-}
-
-function InputGroupText({ className, ...props }: React.ComponentProps<"span">) {
-	return (
-		<span
-			className={cn(
-				"text-muted-foreground gap-2 text-sm [&_svg:not([class*='size-'])]:size-4 flex items-center [&_svg]:pointer-events-none",
-				className,
-			)}
-			{...props}
-		/>
-	);
-}
-
-function InputGroupInput({
-	className,
-	...props
-}: React.ComponentProps<"input">) {
-	return (
-		<Input
-			data-slot="input-group-control"
-			className={cn(
-				"rounded-none border-0 bg-transparent shadow-none ring-0 focus-visible:ring-0 disabled:bg-transparent aria-invalid:ring-0 dark:bg-transparent dark:disabled:bg-transparent flex-1",
-				className,
-			)}
-			{...props}
-		/>
-	);
-}
-
-function InputGroupTextarea({
-	className,
-	...props
-}: React.ComponentProps<"textarea">) {
-	return (
-		<Textarea
-			data-slot="input-group-control"
-			className={cn(
-				"rounded-none border-0 bg-transparent py-2 shadow-none ring-0 focus-visible:ring-0 disabled:bg-transparent aria-invalid:ring-0 dark:bg-transparent dark:disabled:bg-transparent flex-1 resize-none",
-				className,
-			)}
-			{...props}
-		/>
-	);
-}
-
-export {
-	InputGroup,
-	InputGroupAddon,
-	InputGroupButton,
-	InputGroupText,
-	InputGroupInput,
-	InputGroupTextarea,
-};
diff --git a/web/lib/email/templates/alert.tsx b/web/lib/email/templates/alert.tsx
index 6730d2d..7dfd5d1 100644
--- a/web/lib/email/templates/alert.tsx
+++ b/web/lib/email/templates/alert.tsx
@@ -38,8 +38,8 @@ export function Alert({
 			<Text style={paragraph}>{description}</Text>
 
 			<Section style={detailsBox}>
-				{details.map((detail, index) => (
-					<div key={index}>
+				{details.map((detail) => (
+					<div key={detail.label}>
 						<Text style={detailLabel}>{detail.label}</Text>
 						<Text style={detailValue}>{detail.value}</Text>
 					</div>
diff --git a/web/lib/email/templates/test-email.tsx b/web/lib/email/templates/test-email.tsx
deleted file mode 100644
index e3ea2b4..0000000
--- a/web/lib/email/templates/test-email.tsx
+++ /dev/null
@@ -1,36 +0,0 @@
-import { Heading, Text } from "@react-email/components";
-import { BaseEmail } from "./base";
-
-type TestEmailProps = {
-	baseUrl?: string;
-};
-
-export function TestEmail({ baseUrl }: TestEmailProps) {
-	return (
-		<BaseEmail preview="Test email from Techulus Cloud" baseUrl={baseUrl}>
-			<Heading style={heading}>SMTP Configuration Test</Heading>
-			<Text style={paragraph}>
-				This is a test email to verify your SMTP configuration is working
-				correctly.
-			</Text>
-			<Text style={paragraph}>
-				If you received this email, your email settings are configured properly.
-			</Text>
-		</BaseEmail>
-	);
-}
-
-const heading = {
-	fontSize: "24px",
-	fontWeight: "600",
-	lineHeight: "32px",
-	color: "#1a1a1a",
-	marginBottom: "24px",
-};
-
-const paragraph = {
-	fontSize: "14px",
-	lineHeight: "24px",
-	color: "#525f7f",
-	marginBottom: "16px",
-};

From 0e0071f65233dbf9604499533ce167f593b405ec Mon Sep 17 00:00:00 2001
From: Arjun Komath <arjunkomath@gmail.com>
Date: Sat, 28 Feb 2026 17:11:29 +1100
Subject: [PATCH 3/3] Fix UI for rollout list

---
 web/components/service/details/rollout-history.tsx | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/web/components/service/details/rollout-history.tsx b/web/components/service/details/rollout-history.tsx
index 1c39224..eafaeaa 100644
--- a/web/components/service/details/rollout-history.tsx
+++ b/web/components/service/details/rollout-history.tsx
@@ -68,7 +68,7 @@ function StatusBadge({ status }: { status: RolloutStatus }) {
 
 	return (
 		<span
-			className={`inline-flex items-center gap-1.5 px-2 py-1 rounded-md text-xs font-medium ${config.color} bg-current/10`}
+			className={`inline-flex items-center justify-center gap-1.5 w-28 px-2 py-1 rounded-md text-xs font-medium ${config.color} bg-current/10`}
 		>
 			<Icon className={`size-3.5 ${isAnimated ? "animate-spin" : ""}`} />
 			{config.label}