chore(deps): bump postcss from 8.5.6 to 8.5.14 in /site#26
Open
dependabot[bot] wants to merge 478 commits into
Open
chore(deps): bump postcss from 8.5.6 to 8.5.14 in /site#26dependabot[bot] wants to merge 478 commits into
dependabot[bot] wants to merge 478 commits into
Conversation
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Generated infographics for 14 daily papers via NotebookLM: - P0 (were broken on live site): Tree of Attacks, Visual Adversarial, DeepInception, Jailbreak in Pieces, LessMimic, Compress the Easy, Why Agents Compromise Safety, Safer Reasoning Models - P1 (newly added): Back to Basics ASR, Multimodal Multi-Agent, SafeFlow, ThermoAct, Lipschitz Modulation, GameplayQA - Removed 3 broken WebP refs for original research posts (no NLM source) - Zero broken image references remaining Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…(750 pages) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…ries Blog duplicates: for each pair, kept the version with image frontmatter, removed the version without. Pairs resolved: - detected-proceeds (kept -knowing-doing-gap variant) - silent-ai-insurance (kept -crisis variant) - iatrogenic-safety (kept -when-the-cure-is-worse variant) - compliance-paradox (kept version without "the-" prefix) - polyhedral-safety (kept -geometry variant) - capability-and-safety (kept shorter slug variant) Daily-paper removals: 16 original-research posts were incorrectly placed in the daily-paper collection (which is for arXiv paper reviews only). These posts remain in /blog/ where they belong. Also fixed one internal link in state-of-embodied-ai-safety-march-2026.md. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Removed 6 duplicate blog posts and 16 original-research posts misplaced in daily-paper collection. 159 blog + 103 daily-paper. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
… redirects Posts were shared on social media at /blog/ URLs. Redirects hurt SEO. Restored to blog collection, removed from daily-paper to avoid duplication. Apr 2+3 set as drafts. 728 pages. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…pages) Added: AGENTSAFE, H-CoT, Embodied AI Survey, State-Dependent Safety, Jailbreak Foundry, Paper Summary Attack, Foot-In-The-Door, Multi-Stream Perturbation, Mousetrap, DrAttack, ArtPrompt, Red-Teaming Security Theater, SafeFlow. Dates spread across Dec 2025 - Mar 2026. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Blog posts with arxiv IDs now show "Paper overview" link to matching daily-paper entry. Daily-paper posts show "Deep dive" link to matching blog analysis. Bi-directional discovery between collections. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…ts at /blog/ Paper reviews now live at /daily-paper/ (their canonical home). Old /blog/ URLs redirect with full OG meta tags preserved — Facebook/Twitter show correct title, description, and image even before the redirect fires. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Gemini-generated fractured hexagon glyph with crosshair overlay. - failurefirst-og-v2.png (1200x630) — new default OG image - failurefirst-glyph.png (1100x1100) — extracted central mark - failurefirst-avatar.png (512x512) — social avatar SEOHead default fallback updated to v2. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…tate Rewrite README.md, CONTRIBUTING.md, DESIGN_CHARTER.md, SECURITY.md, and MANIFEST.json totals to reflect current metrics: 227 models, 141,561 prompts, 133,646 results, 337 techniques. Add current research scope (VLA safety, format-lock, classifier reliability), CVD status (5 pending disclosures), and CCS 2026 submission reference. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…/legal Filter buttons for blog, papers, reports, policy, legal, docs. Client-side JS shows/hides cards and empty month sections. Added reports, policy-docs, and legal collections to the feed. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Updated from 18K prompts / 125 models to 141K / 227. Added StatGrid component, 4 key findings cards (safety vs scale, DETECTED_PROCEEDS, format-lock, regulatory gap), CCS 2026 reference. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Transparent disclosure that all team members except Adrian are specialist Claude Code agent sessions with standing briefs. Names from Doctor Who, methodology made executable, all work auditable in git history. Adrian is the only human. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Added async AdSense script to all pages via BaseLayout.astro, alongside existing GA4 and LinkedIn Insight tags. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
google.com, pub-6275306310835906, DIRECT, f08c47fec0942fa0 Serves at failurefirst.org/ads.txt Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
docs/ was 2.8GB (GH Pages limit ~1GB). daily-paper audio (1.7GB), video (743MB), images (174MB) = 2.6GB of media causing build failures. Media backed up to /tmp/failurefirst-media-backup/ for migration to Cloudflare R2 (pending R2 enablement on the account). .gitkeep files preserve directory structure. Pages referencing media will show broken media links until R2 CDN is configured. docs/ is now 231MB. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…slugs) 12 same-date dupes: arxiv-ID-only slug vs descriptive slug (kept descriptive). 3 cross-date dupes: same paper published at two different dates (kept earlier). 102 papers remaining (was 117 non-draft, 15 were duplicates). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
VLA safety trilogy (FreezeVLA, SafeVLA, VLSA/AEGIS), backdoor attacks (GoBA, DropVLA), red-teaming (CoP, Jailbreak-R1, RED QUEEN), defense (Immune, Lifelong Safety, RAI), benchmarks (IS-Bench, SAFE, ASIMOV, RealMirror), encoding attacks (BitBypass). All 500-800 word analyses. Zero coverage gaps remaining Mar 20-31. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- SafeAgentBench: A Benchmark for Safe Task Planning of Embodied LLM Agents (2412.13178) - Jailbreaking to Jailbreak: LLM-as-Red-Teamer via Self-Attack (2502.09638) https://claude.ai/code/session_01Bxp8oT2LVjdQJfg2j4Zgqn
All /audio/daily-paper/, /images/daily-paper/, /video/daily-paper/ paths updated to https://cdn.failurefirst.org/... in both daily-paper and blog content. R2 bucket 'failurefirst-media' with custom domain cdn.failurefirst.org serves the 2.6GB media removed from docs/. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
10 PDFs now available at failurefirst.org/papers/: - CCS 2026 main paper + supplementary (227 models) - AIES 2026 IDDL paper - NeurIPS 2026 benchmark paper - Detected Proceeds (38.6% override rate) - Polyhedral Safety Geometry (refusal as polyhedral) - Benchmark Contamination (79.9% heuristic over-report) - Silent Failures in Embodied AI (zero VLA refusals) - Epistemic Crisis in AI Safety Evaluation - Annual Report 2026 Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Both use placeholder tokens — replace with real values: - CF Web Analytics: REPLACE_WITH_CF_WEB_ANALYTICS_TOKEN (Get from dash.cloudflare.com → Web Analytics → Add Site) - Sentry: REPLACE_WITH_SENTRY_DSN (Get from sentry.io → Create Project → JS) Both scripts are no-ops until tokens are replaced. Sentry loader checks for REPLACE prefix and skips initialization. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…aceholder Sentry: native Astro integration with DSN, 0.1 trace sample rate. CF Web Analytics: beacon script in BaseLayout (token TBD). DNS: status.failurefirst.org CNAME created via API. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…erred to R2) Stages content that build_site.sh has been rebuilding docs/ around but never committing. The 2 prior rebuild commits are now backed by their image + markdown sources. - 13 daily-paper infographic PNGs (9-paper backlog + 2604.14399 spacemind + 2604.21691 DL theory) - New daily-paper writeup: 2026-04-23 "There Will Be a Scientific Theory of Deep Learning" - frontmatter image: field added to 4 existing posts (3 blog + spacemind daily-paper) - /reports/ astro page handlers - .wrangler/ added to .gitignore DEFERRED: 45 audio files (~2-3GB) NOT committed. These should migrate to R2 with CDN URLs in frontmatter rather than bloat git history. Tracked as follow-up. Known follow-up: scripts/build_site.sh rebuilds docs/ but doesn't stage source.
- site/src/pages/audio/feed.xml.ts: new itunes-namespaced RSS feed covering 362 audio episodes from blog (101), dailyPaper (214), and reports (47) collections; enclosure type audio/x-m4a - site/public/podcast-cover.png: 3000x3000px square (228 KB), og-image centered on dark background — meets Apple Podcasts spec - docs/audio/feed.xml: built feed output - docs/podcast-cover.png: built cover asset
…IME type - daily-paper pageUrl now strips date prefix to match route slug (e.g. 2026-04-24-foo -> /daily-paper/foo/) — was generating 404 episode links - channel <link> changed from /audio/ (404) to /research/podcasts/ (200) - enclosure type audio/x-m4a -> audio/mp4 (matches CDN Content-Type)
- tools/crop_podcast_covers.py: center-crops landscape infographics
(2752x1536) to 1400x1400 JPEG, writes to
site/public/images/infographic/square/{category}/
- site/public/images/infographic/square/: 108 blog + 7 daily-paper +
7 reports = 122 square JPEGs (41 MB total, JPEG q85)
- feed.xml.ts: squareCoverUrl() looks up matching square crop at build
time; falls back to frontmatter image then podcast-cover.png
- ~34% of 362 feed episodes now have unique per-episode artwork
Audio overviews generated via NLM and uploaded to R2 CDN for: - VeriGuard: formal verification framework for LLM agent safety - Implicit Jailbreak Attacks: steganographic cross-modal jailbreak Both papers now appear in /audio/feed.xml podcast feed.
NLM-generated infographic with F41LUR3-F1R57 visual style.
…y-research infographics Apr 5-16 Videos generated via NLM with cinematic format + F41LUR3-F1R57 visual style: - VeriGuard: formal verification for LLM agent safety (82 MB) - IJA: steganographic cross-modal jailbreak (uploaded by generation script) Both May 2 papers now have audio + video frontmatter. VeriGuard also has infographic. IJA infographic pending (NLM quota exhausted today). Also commits 9 daily-research infographics (Apr 5-16) that were generated but uncommitted.
Previous commit accidentally staged deletions — source PNGs exist in assets/infographic/daily-research/ and are restored here.
- 2602.18739: When World Models Dream Wrong — first white-box adversarial attack on generative world models targeting physical-condition channels - 2604.24826: A Comparative Evaluation of AI Agent Security Guardrails — systematic benchmark of AWS, Azure, Lakera, and DKnownAI guardrails across agentic threat categories including indirect prompt injection https://claude.ai/code/session_015AeSd9ySQaK9vg8wZiiiMU
- ROBOGATE: Adaptive Failure Discovery for Safe Robot Policy Deployment (2603.22126) - Evaluating the Robustness of LLM Safety Guardrails Against Adversarial Attacks (2511.22047) https://claude.ai/code/session_011SeD1N6ud3jGcFECZ2zQYY
…els, 142307 prompts)
Bumps [postcss](https://github.com/postcss/postcss) from 8.5.6 to 8.5.14. - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](postcss/postcss@8.5.6...8.5.14) --- updated-dependencies: - dependency-name: postcss dependency-version: 8.5.14 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
Bot
added
dependencies
github-actions
Bot
force-pushed
the
dependabot/npm_and_yarn/site/postcss-8.5.14
branch
from
9b61ddd to
595f524
Compare
adrianwedd
added a commit
that referenced
this pull request
May 10, 2026
Adds an `overrides` block to site/package.json to pull build-time transitive dependencies forward to patched versions. All packages here are build-toolchain only — none ship to the browser from a static Astro site, so dependabot's `scope:runtime` flag (just "in dependencies, not devDependencies") is misleading for our build. Per the 2026-05-11 dependabot triage (research/intelligence/dependabot_failurefirst_triage_2026-05-11.md in the private repo), this is the IGNORE-DEVDEP / IGNORE-NO-CONTEXT hygiene sweep. The bump is hygiene, not risk reduction — none of these attack vectors apply to a static-site `astro build` pipeline. Closed alerts (GHSA → resolved version): - #10 rollup GHSA-mw96-cpmx-2vgc → 4.60.3 (^4.59.0) - #11 fast-xml-parser GHSA-fj3w-jwp8-x2g3 → 5.7.3 (^5.7.0) - #12 svgo GHSA-xpqw-6gx7-v673 → 4.0.1 (^4.0.1) - #13 devalue GHSA-cfw5-2vxh-hr84 → 5.8.0 (^5.6.4) - #14 devalue GHSA-mwv9-gp5h-frr4 → 5.8.0 (^5.6.4) - #16 h3 GHSA-wr4h-v87w-p3r7 → 1.15.11 (^1.15.9, 1.x backport) - #17 h3 GHSA-22cc-p3c6-wpvm → 1.15.11 (^1.15.9, 1.x backport) - #19 h3 GHSA-72gr-qfp7-vwhw → 1.15.11 (^1.15.9) - #20 h3 GHSA-4hxc-9384-m385 → 1.15.11 (^1.15.9, 1.x backport) - #21 fast-xml-parser GHSA-8gc5-j5rx-235r → 5.7.3 (^5.7.0) - #23 picomatch GHSA-c2c7-rcm5-vvqj → 4.0.4 (^4.0.4) - #24 picomatch GHSA-3v7f-55p6-f55p → 4.0.4 (^4.0.4) - #26 picomatch GHSA-c2c7-rcm5-vvqj → 2.3.2 (^2.3.2, 2.x line) - #27 picomatch GHSA-3v7f-55p6-f55p → 2.3.2 (^2.3.2, 2.x line) - #28 defu GHSA-737v-mqg7-c878 → 6.1.7 (^6.1.5) - #29 vite GHSA-p9ff-h696-f583 → 6.4.2 (^6.4.2, 6.x backport) - #30 fast-xml-parser GHSA-jp2q-39xq-3w4g → 5.7.3 (^5.7.0) - #31 vite GHSA-4w7w-66w2-5vf9 → 6.4.2 (^6.4.2, 6.x backport) - #34 fast-xml-parser GHSA-gh4j-gqv2-49f6 → 5.7.3 (^5.7.0) - #35 postcss GHSA-qx2v-qp2m-jg93 → 8.5.14 (^8.5.10) Notes on dependabot fix-version vs override-target divergence: - vite: dependabot lists fix=8.0.5 (the latest line); 6.4.2 is the in-line backport per the GHSA advisory (`>= 6.4.2` patches the 6.x line). We stay on vite 6 because Astro 5 pulls vite 6. - h3: dependabot lists 2.0.1-rc.15; we use 1.15.9 per the GHSA advisory (`>= 1.15.6` and `>= 1.15.9` are the documented 1.x backports). h3 2.x is still rc. - picomatch: split override (^2 and ^4) because both major lines are pulled in transitively by separate consumers; both have CVEs. Deferred (NEEDS-REVIEW, separate PR): - #33 astro define:vars XSS — requires Astro 6 major bump, deferred pending define:vars usage audit. Verification: - npm install — clean - npm run build — 1137 pages, build complete, no errors - npm audit — 1 moderate (the deferred Astro 6 alert) remaining
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps postcss from 8.5.6 to 8.5.14.
Release notes
Sourced from postcss's releases.
Changelog
Sourced from postcss's changelog.
Commits
3ec1394Release 8.5.14 versionf2bb827Update dependenciesd75953dMerge pull request #2084 from 43081j/raw-raws-rawing68bd213fix: always callrawto retrieve raw valuesaf58cf1Release 8.5.13 versionf227dbdTemporary ignore pnpm 11 configd3abd40Update dependenciesdd06c3eRevert stringifier changes because of the conflict with postcss-scssae889c8Try to fix CIe0093e4Move to pnpm 11Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)You can disable automated security fix PRs for this repo from the Security Alerts page.