Deploy to AWS Copilot #5 Workflow was triggered via push by niebloomj frumfinance/n8n

1 new commit pushed to

<https://github.com/frumfinance/n8n/tree/main|main>

by niebloomj

<https://github.com/frumfinance/n8n/commit/ecb014e2121b8c65cbddecaa83e69b267fe44a0d|ecb014e2>

- Update n8n Docker image to version 1.122.2 frumfinance/n8n

Deploy to AWS Copilot #6 Workflow was triggered via push by niebloomj frumfinance/n8n

1 new commit pushed to

<https://github.com/frumfinance/n8n/tree/main|main>

by niebloomj

<https://github.com/frumfinance/n8n/commit/eba31e74a5f6fc24b31101cf75552e843e1c5e59|eba31e74>

- Refactor GitHub Actions workflow to improve AWS Copilot CLI installation frumfinance/n8n

#1253 add db dir to the base lambda image hash Pull request opened by jzier3 frumfinance/FrumFinanceCore

1 new commit pushed to

<https://github.com/frumfinance/SlackApp/tree/main|main>

by niebloomj

<https://github.com/frumfinance/SlackApp/commit/639e108234abedb092fcdca8da051739f8c87d0a|639e1082>

- Remove unnecessary poetry install from deployment script (#364) frumfinance/SlackApp

Deploy CDK to AWS #323 Workflow was triggered via push by niebloomj frumfinance/SlackApp

CI Checks #836 Workflow was triggered via push by niebloomj frumfinance/SlackApp

1 new commit pushed to

<https://github.com/frumfinance/FrumFinanceCore/tree/main|main>

by niebloomj

<https://github.com/frumfinance/FrumFinanceCore/commit/233018ba47e00256f547e77e7fdde48c6d615162|233018ba>

- add db dir to the base lambda image hash (#1253) frumfinance/FrumFinanceCore

Unit Testing and Linting #4004 Workflow was triggered via push by niebloomj frumfinance/FrumFinanceCore

Security Checks #3102 Workflow was triggered via push by niebloomj frumfinance/FrumFinanceCore

#855 Non‑YNAB budgets rejected due to missing `CategoryMap` rows Issue created by niebloomj ## Problem Non‑YNAB users encounter a 422 {"detail":"No category map found…"} error when saving budgets. add_budget_handler always queries CategoryMap and raises if no mapping exists, because Budget.category_map_id is a foreign key to CategoryMap.id. This forces a mapping even though users without YNAB connections should not require one. ## Where • lambdas/budget_insights_lambda/api/handlers/user/budgets.py • db/postgres/models/budget_model.py (FK to CategoryMap.id) ## Breaking Commit 18ebe9b (“Fix cat map id ≠ cat id (#824)”) added the mandatory CategoryMap lookup to prevent mismatched category_map_id/category_id pairs. While necessary for YNAB-linked budgets, it unintentionally blocks non‑YNAB users. # What the commit fixed It closed a real data-integrity bug: YNAB-linked budgets could persist with a category_map_id that didn’t correspond to the YNAB category they claimed to represent. When later synchronizing with YNAB or running analytics, these “orphaned” mappings produced incorrect category totals and unreliable insights. ## Impact Non‑YNAB community members cannot persist budgets, hindering a core feature and cluttering the schema with pointless “self‑mapping” rows when inserts succeed. ## Steps to Reproduce • Use a user record with ynab_token = NULL. • POST add_budget with any category. • Handler responds with {"detail":"No category map found for user_id= and category_id="}. ## Expected Non‑YNAB budgets save successfully without requiring or creating CategoryMap rows. ## Actual Insertion is rejected unless a matching CategoryMap exists. ## Acceptance Criteria • Non‑YNAB users can insert and update budgets without any CategoryMap record. • YNAB‑linked users still require a valid mapping. • Retrieval logic returns budgets for both user types. • Unit tests cover both paths. frumfinance/FrumFinanceCore

#1254 Document CodeBuild downgrade date and costs Pull request opened by niebloomj ## Summary • record the November 27, 2025 verification/log date for the CodeBuild compute downgrades section • expand the CodeBuild cost table to include migration and GitHub runner workloads priced at BUILD_GENERAL1_SMALL ## Testing • just test (fails: pre-commit could not download hook dependencies; Tunnel connection failed: 403 Forbidden) --- Codex Task frumfinance/FrumFinanceCore

#1250 Add CDK-based UI Deployment (S3 + CloudFront) Pull request opened by codegen-sh[bot] ## Overview This PR implements CDK infrastructure for deploying the FrumFinanceUI React application, replacing Netlify with AWS-native hosting using S3 + CloudFront. ## Architecture UIHostingStack provisions: • S3: Static asset storage with private access • CloudFront: Global CDN with SSL/TLS and caching • Route53: DNS routing for custom domains • ACM: Free SSL certificates (auto-validated) Domains: • Production:

app.frum.finance

• Alpha:

alpha.app.frum.finance

## Key Features ✅ Infrastructure as Code: Full CDK stack with proper lifecycle management ✅ Secure: Origin Access Identity, SSL enforcement, private S3 bucket ✅ SPA Routing: Proper 404/403 error handling for client-side routing ✅ Cost Optimized: $1-10/month per environment (Price Class 100) ✅ Automated Deployment: Bash script with build, sync, and cache invalidation ✅ Well Tested: 12 unit tests covering all stack functionality ## Deployment ### Manual Deployment # Deploy to alpha ./scripts/deploy-ui.sh alpha # Deploy to production ./scripts/deploy-ui.sh prod ### CI/CD The deployment script can be integrated into GitHub Actions workflows for automatic deployments. ## Cost Impact Expected Cost per Environment: • Alpha: $1-3/month (low traffic, internal testing) • Production: $3-10/month (moderate traffic growth) • Total: $4-13/month for both environments Replaces Netlify's free tier with AWS-native infrastructure providing: • Full IaC control • Tighter AWS ecosystem integration • No third-party dependencies • Consistent deployment patterns See detailed cost breakdown in

infra/docs/AWS_INFRASTRUCTURE_COST.md

## Files Changed Infrastructure: •

infra/lib/ui-hosting.stack.ts

- UIHostingStack implementation •

infra/test/ui-hosting.stack.test.ts

- Comprehensive test suite •

infra/bin/app.ts

- Stack registration Deployment: •

scripts/deploy-ui.sh

- Automated deployment script Documentation: •

infra/README.md

- UI deployment guide •

infra/docs/AWS_INFRASTRUCTURE_COST.md

- Cost analysis ## Testing All tests passing (12/12):

Test Suites: 9 passed, 9 total
Tests:       58 passed, 58 total

## Next Steps 1. Review and merge this PR 2. Deploy UIHostingStack to alpha:

just deploy-alpha

3. Test UI deployment:

./scripts/deploy-ui.sh alpha

4. Verify alpha.app.frum.finance is accessible 5. Deploy to production when ready ## Related This addresses the requirement to move off Netlify and consolidate all infrastructure in CDK. --- :computer: View my work • About Codegen :no_entry: Remove Codegen from PR • :no_entry_sign: Ban action checks frumfinance/FrumFinanceCore

1 new commit pushed to

<https://github.com/frumfinance/FrumFinanceCore/tree/main|main>

by niebloomj

<https://github.com/frumfinance/FrumFinanceCore/commit/f0e830ed3be6b9ac53e156984400c20650c285d8|f0e830ed>

- Add CDK-based UI Deployment (S3 + CloudFront) (#1250) frumfinance/FrumFinanceCore

Security Checks #3109 Workflow was triggered via push by niebloomj frumfinance/FrumFinanceCore

Unit Testing and Linting #4011 Workflow was triggered via push by niebloomj frumfinance/FrumFinanceCore

Deploy CDK to AWS #661 (Attempt 2) Workflow was triggered via push by niebloomj frumfinance/FrumFinanceCore

#1255 Ensure UI pipeline triggers on branch pushes Pull request opened by niebloomj ## Summary • Plan: explicitly configure the UI CodePipeline source action to trigger on push events for the

alpha

and

main

branches and lock the expectation in tests. • Added an explicit push trigger to the CodeStar connection source so GitHub pushes start the pipeline without manual intervention. • Updated pipeline snapshot tests to assert change detection is enabled for both alpha and production, guarding against regressions. ## Testing •

just test

(fails because pre-commit could not download yamlfmt due to 403 from the proxy; pipeline configuration changes are otherwise covered by updated unit tests). --- Codex Task frumfinance/FrumFinanceCore

1 new commit pushed to

<https://github.com/frumfinance/FrumFinanceCore/tree/main|main>

by niebloomj

<https://github.com/frumfinance/FrumFinanceCore/commit/8abcebf4be102640a3db737e57cbdf20dffc5f4a|8abcebf4>

- Ensure UI pipeline triggers on push (#1255) frumfinance/FrumFinanceCore

Deploy CDK to AWS #662 Workflow was triggered via push by niebloomj frumfinance/FrumFinanceCore

Security Checks #3111 Workflow was triggered via push by niebloomj frumfinance/FrumFinanceCore

Unit Testing and Linting #4013 Workflow was triggered via push by niebloomj frumfinance/FrumFinanceCore

1 new commit pushed to

<https://github.com/frumfinance/FrumFinanceCore/tree/main|main>

by niebloomj

<https://github.com/frumfinance/FrumFinanceCore/commit/2db90bb1013040e7b44b804f2f39c5302436a3a3|2db90bb1>

- Bump langchain-core from 0.3.79 to 0.3.80 (#1237) frumfinance/FrumFinanceCore

Unit Testing and Linting #4014 Workflow was triggered via push by niebloomj frumfinance/FrumFinanceCore

Security Checks #3112 Workflow was triggered via push by niebloomj frumfinance/FrumFinanceCore

Deploy CDK to AWS #663 Workflow was triggered via push by niebloomj frumfinance/FrumFinanceCore

#1256 Optimize Playwright layer caching Pull request opened by niebloomj ## Summary • install Playwright and its system dependencies before copying Python dependency files so the heavy layer stays cached when poetry dependencies change • pin the Playwright version via build argument to keep the pre-installed layer aligned with application requirements ## Testing • just test (fails: pre-commit yamlfmt download blocked by 403 during environment setup) --- Codex Task frumfinance/FrumFinanceCore

#1257 Bump the all-python-deps group across 1 directory with 12 updates Pull request opened by dependabot[bot] Bumps the all-python-deps group with 11 updates in the / directory: | Package | From | To | | ---------------------------------------------------------- | ------- | ------- | | [faker](https://github.com/joke2k/faker) | 38.0.0 | 38.2.0 | | [pre-commit](https://github.com/pre-commit/pre-commit) | 4.4.0 | 4.5.0 | | [pydantic](https://github.com/pydantic/pydantic) | 2.12.4 | 2.12.5 | | [boto3](https://github.com/boto/boto3) | 1.40.76 | 1.41.5 | | [sentry-sdk](https://github.com/getsentry/sentry-python) | 2.45.0 | 2.46.0 | | [psycopg](https://github.com/psycopg/psycopg) | 3.2.12 | 3.2.13 | | [slack-sdk](https://github.com/slackapi/python-slack-sdk) | 3.38.0 | 3.39.0 | | [langsmith](https://github.com/langchain-ai/langsmith-sdk) | 0.4.43 | 0.4.49 | | [pydantic-ai](https://github.com/pydantic/pydantic-ai) | 1.20.0 | 1.24.0 | | [logfire](https://github.com/pydantic/logfire) | 4.14.2 | 4.15.1 | | [fastapi](https://github.com/fastapi/fastapi) | 0.121.2 | 0.122.0 | Updates

faker

from 38.0.0 to 38.2.0 Release notes Sourced from faker's releases.

## Release v38.2.0

See CHANGELOG.md.

## Release v38.1.0

See CHANGELOG.md.

Changelog Sourced from faker's changelog.

### v38.2.0 - 2025-11-19

• Add localized UniqueProxy. Thanks `@​azmeuk`

### v38.1.0 - 2025-11-19

• Add

person

provider for

ar_DZ

locale. Thanks `@​othmane099`.

• Add

person

,

phone_number

,

date_time

for

fr_DZ

locale. Thanks `@​othmane099`.

Commits • `337f8fa` Bump version: 38.1.0 → 38.2.0 • `d8fb7f2` 📝 Update CHANGELOG.md • `243e317` lint docs • `e398287` 📝 Update docs • `3cc7f77` feat: localized UniqueProxy (#2279) • `8ba30da` Bump version: 38.0.0 → 38.1.0 • `921bde1` 📝 Update CHANGELOG.md • `702e23b` fix newline • `d5051a9` add_faker_pk_pypi_link (#2281) • `050de37` Add

person

provider for

ar_DZ

locale (#2271) • Additional commits viewable in compare view Updates

pre-commit

from 4.4.0 to 4.5.0 Release notes Sourced from pre-commit's releases.

## pre-commit v4.5.0

### Features

• Add

pre-commit hazmat

.

• #3585 PR by `@​asottile`.

Changelog Sourced from pre-commit's changelog.

# 4.5.0 - 2025-11-22

### Features

• Add

pre-commit hazmat

.

• #3585 PR by `@​asottile`.

Commits • `1af6c8f` v4.5.0 • `3358a3b` Merge pull request #3585 from pre-commit/hazmat • `bdf6879` add pre-commit hazmat • `e436690` Merge pull request #3584 from pre-commit/exitstack • `8d34f95` use ExitStack instead of start + stop • `9c7ea88` Merge pull request #3583 from pre-commit/forward-compat-map-manifest • `844dacc` add forward-compat error message • `6a1d543` Merge pull request #3582 from pre-commit/move-gc-back • `66278a9` move logic for gc back to commands.gc • `1b32c50` Merge pull request #3579 from pre-commit/pre-commit-ci-update-config • Additional commits viewable in compare view Updates

pydantic

from 2.12.4 to 2.12.5 Release notes Sourced from pydantic's releases.

## v2.12.5 2025-11-26

## v2.12.5 (2025-11-26)

This is the fifth 2.12 patch release, addressing an issue with the

MISSING

sentinel and providing several documentation improvements.

The next 2.13 minor release will be published in a couple weeks, and will include a new polymorphic serialization feature addressing the remaining unexpected changes to the serialize as any behavior.

• Fix pickle error when using

model_construct()

on a model with

MISSING

as a default value by `@​ornariece` in #12522.

• Several updates to the documentation by `@​Viicos`.

Full Changelog: pydantic/pydantic@v2.12.4...v2.12.5

Changelog Sourced from pydantic's changelog.

## v2.12.5 (2025-11-26)

GitHub release

This is the fifth 2.12 patch release, addressing an issue with the

MISSING

sentinel and providing several documentation improvements.

The next 2.13 minor release will be published in a couple weeks, and will include a new polymorphic serialization feature addressing the remaining unexpected changes to the serialize as any behavior.

• Fix pickle error when using

model_construct()

on a model with

MISSING

as a default value by <https://github.co…

frumfinance/FrumFinanceCore

#1258 Set Sentry DSN for UI pipeline builds Pull request opened by niebloomj ## Summary • pass the deployment Sentry DSN into the UI CodeBuild environment so the front-end build no longer fails when it requires the variable • document the Sentry DSN requirement in the UI pipeline setup guide to ensure deployers export it before running CDK ## Plan and Justification • ensure the UI pipeline injects SENTRY_DSN from the deployment environment, aligning with existing backend stacks that depend on the same variable and preventing build-time crashes • add documentation so operators know to provide the DSN during deployment, reducing future pipeline breakages ## Testing • SENTRY_DSN=https://examplePublicKey@o0.ingest.sentry.io/0 just test (fails: pre-commit could not download dependencies due to network proxy: URLError: Tunnel connection failed: 403 Forbidden) --- Codex Task frumfinance/FrumFinanceCore