> ## Documentation Index
> Fetch the complete documentation index at: https://docs.riftmap.dev/llms.txt
> Use this file to discover all available pages before exploring further.

# Week of May 22, 2026

> Reliability hardening, more accurate cross-repo edges, and self-healing billing.

## New features

**`/ready` health probe.** A new public `/ready` endpoint returns `200` only when Postgres, both Redis instances, and at least one scan worker are reachable, and `503` otherwise. Point external uptime monitors at it to catch half-broken states the main `/health` endpoint can't see.

**Idempotent scans.** `POST /connected-orgs/{id}/scans` now rejects a second scan for an org that already has one pending or running with a `409 Conflict`. Safe to retry from agents and CI without queuing duplicates.

**Broader Helm, Python, Terraform, and Ansible detection.** Riftmap now recognizes cross-repo consumption from `helmfile.yaml`, `kustomization.yaml`'s `helmCharts`, Poetry and uv dependency tables, and Ansible Galaxy `requirements.yml`. Previously these declarations were invisible — orgs heavy on Helm or Python will see substantially more edges on the next scan.

**Container image edges from Helm chart templates.** Scans now extract `image:` references from `charts/*/templates/*.yaml` even when they contain Go template directives, surfacing `k8s_container_image` consumption that was previously dropped at parse time.

## Updates

**Faster recovery from stuck scans.** The stuck-scan reaper now runs every 15 minutes instead of daily and uses task state (not just age) to decide what to clear, so a hard-killed scan no longer blocks an org's queue for hours.

**Search-jump camera stability.** Clicking a graph search result reliably pans to the target node and opens the detail panel without the graph re-fitting and undoing the pan. Subsequent searches in the same session also stay stable.

**GitHub container registry attribution.** Docker image artifacts produced by GitHub-hosted repos now resolve to `ghcr.io/<org>/<repo>` instead of an invalid host, so consumer matching across GitHub orgs works correctly.

## Bug fixes

**Artifact consumers reflect the latest scan.** [`/artifacts/{id}/consumers`](/api-reference/artifacts/list-repositories-consuming-this-artifact-with-pinned-versions), `/artifacts/{id}/versions`, and the `/stats` endpoints could return stale pinned versions and inflated orphan counts after a re-scan because they read across all historical scans. They now scope to the latest scan per org, so edited constraints show up immediately and `consumers_lagging` is correct.

**Stripe checkout self-heal.** Workspaces whose subscription was canceled out-of-order with a late `invoice.payment_succeeded` webhook could get stuck unable to re-checkout. The checkout endpoint now reconciles with Stripe before returning `409`, and the plan card surfaces a clear next action instead of a generic error.

**Worker boot resilience.** The worker healthcheck sidecar now starts before the broker connection, so a slow Redis at boot no longer causes the platform to mark workers unhealthy and restart them in a loop.

**Cleaner dependency graphs.** The resolver now rejects several classes of bogus artifacts that were polluting org graphs:

* Vendored `package.json` files (e.g. Hugo themes, vendored frontend assets) no longer register as npm packages "produced by" the host repo.
* Vendored or subchart `Chart.yaml` files no longer attribute Helm charts to the wrong repo.
* Go modules with bare names (`module foo`) or bare hosts (`module github.com`) are dropped instead of prefix-matching unrelated consumers.
* Self-edges (a repo declaring a dependency on its own artifact via a sub-module) are filtered from the resolver chain.

These changes mean noticeably fewer phantom edges on the next scan, especially for orgs with vendored dependencies or multi-module Go repos.
