chore: update dependencies and improve security in code execution

[frontegg-david]

Summary by CodeRabbit

• Bug Fixes

  • Fixed potential memory leak in event listener cleanup
  • Improved code-generation safety to reduce injection risk
  • Re-enabled Custom Globals test with proper resource disposal

• New Features

  • Preserved custom global names during code transformation
  • Added a dedicated worker-script build target for optimized bundling

• Dependencies

  • Bumped React peer requirement to >=18.0.0 and updated core tooling and libraries (esbuild, NX, zod, etc.)

• Chores

  • Reworked review automation configuration for branch-based auto-reviews

[coderabbitai]

📝 Walkthrough

Walkthrough

Updates to CI review config, multiple dependency bumps across packages, adds an esbuild target for worker scripts, refactors VM/worker script wrappers, improves worker-pool event cleanup, tracks custom enclave globals, and re-enables a skipped test.

Changes

Cohort / File(s)	Summary
CI config .coderabbit.yaml	Replaces top-level base_branches under reviews with a new auto_review section using main and regex release/.*.
Package dependency bumps package.json, libs/broker/package.json, libs/core/package.json, libs/react/package.json, libs/runtime/package.json, libs/types/package.json	Bumps various dependencies and devDependencies (NX, esbuild, SWC, ESLint, testing libs, minimatch ^10.0.1→^10.1.1, zod ^4.1.13→^4.3.6, @babel/standalone ^7.28.6→^7.29.0, React peer >=17→>=18, ws ^8.0.0→^8.19.0, etc.) and removes @mintlify/cli.
Build target added libs/core/project.json	Adds build-worker-script esbuild target to bundle libs/core/src/adapters/worker-pool/worker-script.ts (CJS) to libs/core/dist/src/adapters/worker-pool; updates build-cjs to depend on it and sets deleteOutputPath: false.
Enclave global handling libs/core/src/enclave.ts	Adds private customGlobalNames to store initial global keys and passes them as additionalIdentifiers to the transform pipeline to avoid renaming custom globals.
Wrapper string construction libs/core/src/adapters/vm-adapter.ts, libs/core/src/adapters/worker-pool/worker-script.ts	Replaces template-literal async-IIFE wrappers with explicit string concatenation when assembling wrapped code prior to VM compilation; behavior unchanged.
Worker-pool event cleanup libs/core/src/adapters/worker-pool/worker-pool-adapter.ts	Introduces a bound boundMemoryExceededHandler and removes the listener in dispose before stopping the memory monitor to avoid leaks.
Test activation libs/core/src/__tests__/worker-pool-adapter.spec.ts	Re-enables previously skipped Custom Globals test (removed it.skip) and adds explicit await enclave.dispose() cleanup.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Poem

🐰 I nibbled code lines, neat and spry,

Dependencies hopped and reached the sky,
Globals tucked in a cozy name,
Workers bundled, listeners tame,
Tests awake — the rabbit cheers, hi-fi! 🥕

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately reflects the main objectives of the changeset, which includes dependency updates across multiple packages and security improvements in code execution patterns (template literal to string concatenation, event listener cleanup, custom globals handling).
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch security-fixes

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Fix all issues with AI agents

In `@libs/react/package.json`:
- Around line 39-41: The package.json change raising the peerDependency "react"
to ">=18.0.0" is a breaking API change for consumers on React 17; add a
documented changelog and migration guidance under docs/enclave explaining the
breaking change and upgrade path. Update docs/enclave to include a new changelog
entry referencing libs/react/package.json and the "peerDependencies" change,
describe the impact (React 17 incompatibility), list recommended migration steps
(e.g., upgrade to React 18, code adjustments, testing notes), and link to any
relevant external React 18 migration docs; ensure the docs mention the new
minimum version and which release contains the breaking change.

🧹 Nitpick comments (1)

libs/core/src/adapters/worker-pool/worker-script.ts (1)

336-341: Clarify the security comment — concatenation doesn't prevent injection.

The comment states this change avoids "code injection patterns," but string concatenation and template literals offer equivalent injection risk. If msg.code contained a malicious payload like '}); malicious(); (async () => {', both approaches would be equally vulnerable.

The actual security comes from AST validation performed upstream before code reaches this point. Consider updating the comment to reflect the true reason for this change (e.g., avoiding template literal escaping complexity, build tool compatibility, or code clarity).

📝 Suggested comment clarification

    // Wrap code in async IIFE to support top-level await
    // Must call __ag_main() if defined, as the enclave transforms code to wrap in async function __ag_main()
-   // Use string concatenation instead of template literals to avoid code injection patterns
+   // Use string concatenation for clarity; security is enforced by AST validation upstream
    const wrappedCode =

[coderabbitai]

Actionable comments posted: 2

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (2)

libs/core/src/__tests__/worker-pool-adapter.spec.ts (1)

379-398: ⚠️ Potential issue | 🟡 Minor

Remove unnecessary await from dispose() call for consistency.

Re-enabling this test with explicit cleanup is good, but the await on line 398 should be removed. The dispose() method returns void, not a Promise, so await is unnecessary and creates inconsistency with all other tests in this file (lines 75, 300, 322, 350, 357, 364, 371, etc.) which call enclave.dispose() without await.

Change await enclave.dispose(); to enclave.dispose(); on line 398.

package.json (1)

29-70: ⚠️ Potential issue | 🔴 Critical

Fix the docs script or restore @mintlify/cli dependency.
The docs script at line 18 invokes mint dev --port 4300, but @mintlify/cli has been removed from devDependencies. No alternative mint CLI provider exists. npm run docs will fail until either the dependency is restored or the script is updated.

🤖 Fix all issues with AI agents

In `@libs/core/project.json`:
- Around line 36-39: The build target "build-cjs" uses the "@nx/esbuild:esbuild"
executor which defaults deleteOutputPath to true and can delete outputs from the
concurrently-run "build-worker-script"; to fix, add an options entry
"deleteOutputPath": false to the "build-cjs" target in project.json so the
esbuild step won't remove libs/core/dist and thus won't wipe the worker script
produced by "build-worker-script".

In `@libs/types/package.json`:
- Line 38: The Zod version bump to ^4.3.6 can introduce breaking changes; search
the libs/types codebase for usages of Zod APIs impacted by 4.3.0—specifically
.pick(), .omit(), .extend(), .safeExtend(), .refine(), ZodMiniType,
z.strictObject(), and intersections—and update any offending code: replace
.extend() on refined object schemas with .safeExtend() or refactor to build the
final object type without refining first, ensure .pick()/ .omit() are only
called with existing keys or replace with manual object creation, remove/replace
.refine() usages that target ZodMiniType, and adjust intersection/strictObject
patterns as required; after changes run unit tests and update public API docs in
docs/enclave/ if any exported type shapes or behavior changed.

🧹 Nitpick comments (1)

libs/core/src/adapters/worker-pool/worker-script.ts (1)

336-341: Clarify: String concatenation doesn't inherently prevent code injection.

The comment states this change avoids "code injection patterns," but the security posture is unchanged—msg.code is still embedded directly into the executed script regardless of whether template literals or string concatenation is used. The actual security boundary here is the VM context with codeGeneration: { strings: false } (line 301) and the sandbox restrictions, not the string assembly method.

Consider updating the comment to reflect the actual reason for the change (e.g., build tooling compatibility, readability preference) or removing the security claim if it's not the true motivation.

💡 Suggested comment clarification

     // Wrap code in async IIFE to support top-level await
     // Must call __ag_main() if defined, as the enclave transforms code to wrap in async function __ag_main()
-    // Use string concatenation instead of template literals to avoid code injection patterns
+    // Use string concatenation for clearer code boundary visualization
     const wrappedCode =
       '(async () => {\n' +
       msg.code +

[github-actions]

Cherry-pick Conflict

Automatic cherry-pick to main failed due to merge conflicts.

An issue has been created with manual instructions. Please resolve if this change should also be in main.