Fixes deprecation warning:
"The configuration property 'package.json#prisma' is deprecated and
will be removed in Prisma 7."
Changes:
- Created apps/api/prisma.config.ts with seed configuration
- Removed deprecated "prisma" field from apps/api/package.json
- Uses defineConfig from "prisma/config" per Prisma 6+ standards
Migration verified with successful prisma generate.
Refs https://pris.ly/prisma-config
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Comprehensive architecture document for M4 quality enforcement pattern.
Problem (L-015 Evidence):
- AI agents claim done prematurely (60-70% complete)
- Defer work as "incremental" or "follow-up PRs"
- Identical language across sessions ("good enough for now")
- Happens even in YOLO mode with full permissions
- Cannot be fixed with instructions or prompting
Evidence:
- uConnect agent: 853 warnings deferred
- Mosaic Stack agent: 509 lint errors + 73 test failures deferred
- Both required manual override to continue
- Pattern observed across multiple agents and sessions
Solution: Non-AI Coordinator Pattern
- AI agents do the work
- Non-AI orchestrator enforces quality gates
- Gates are programmatic (build, lint, test, coverage)
- Agents cannot negotiate or bypass
- Forced continuation when gates fail
- Rejection with specific failure messages
Documentation Includes:
- Problem statement with evidence
- Why non-AI enforcement is necessary
- Complete architecture design
- Component specifications
- Quality gate types and configuration
- State machine and workflow
- Forced continuation prompt templates
- Integration points
- Monitoring and metrics
- Troubleshooting guide
- Implementation examples
Related Issues: #134-141 (M4-MoltBot)
Agents working on M4 issues now have complete context
and rationale without needing jarvis-brain access.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Issues resolved:
- #68: pgvector Setup
* Added pgvector vector index migration for knowledge_embeddings
* Vector index uses HNSW algorithm with cosine distance
* Optimized for 1536-dimension OpenAI embeddings
- #69: Embedding Generation Pipeline
* Created EmbeddingService with OpenAI integration
* Automatic embedding generation on entry create/update
* Batch processing endpoint for existing entries
* Async generation to avoid blocking API responses
* Content preparation with title weighting
- #70: Semantic Search API
* POST /api/knowledge/search/semantic - pure vector search
* POST /api/knowledge/search/hybrid - RRF combined search
* POST /api/knowledge/embeddings/batch - batch generation
* Comprehensive test coverage
* Full documentation in docs/SEMANTIC_SEARCH.md
Technical details:
- Uses OpenAI text-embedding-3-small model (1536 dims)
- HNSW index for O(log n) similarity search
- Reciprocal Rank Fusion for hybrid search
- Graceful degradation when OpenAI not configured
- Async embedding generation for performance
Configuration:
- Added OPENAI_API_KEY to .env.example
- Optional feature - disabled if API key not set
- Falls back to keyword search in hybrid mode
Strict enforcement is now ACTIVE and blocking commits.
Updated documentation to reflect:
- Pre-commit hooks are actively blocking violations
- Package-level enforcement strategy
- How developers should handle blocked commits
- Next steps for incremental cleanup
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
- Add Tag DTOs (CreateTagDto, UpdateTagDto) with validation
- Implement TagsService with CRUD operations
- Add TagsController with authenticated endpoints
- Support automatic slug generation from tag names
- Add workspace isolation for tags
- Include entry count in tag responses
- Add findOrCreateTags method for entry creation/update
- Implement comprehensive test coverage (29 tests passing)
Endpoints:
- GET /api/knowledge/tags - List workspace tags
- POST /api/knowledge/tags - Create tag
- GET /api/knowledge/tags/:slug - Get tag by slug
- PUT /api/knowledge/tags/:slug - Update tag
- DELETE /api/knowledge/tags/:slug - Delete tag
- GET /api/knowledge/tags/:slug/entries - List entries with tag
Related: KNOW-003
Implements #9, #10
- Team model with workspace membership
- TeamMember model with role-based access (OWNER, ADMIN, MEMBER)
- Row-Level Security policies for tenant isolation on 19 tables
- Helper functions: current_user_id(), is_workspace_member(), is_workspace_admin()
- Developer utilities in src/lib/db-context.ts for easy RLS integration
- Comprehensive documentation in docs/design/multi-tenant-rls.md
Database migrations:
- 20260129220941_add_team_model: Adds Team and TeamMember tables
- 20260129221004_add_rls_policies: Enables RLS and creates policies
Security features:
- Complete database-level tenant isolation
- Automatic query filtering based on workspace membership
- Defense-in-depth security with application and database layers
- Performance-optimized with indexes on workspace_id
Implements comprehensive CRUD APIs following TDD principles with 92.44%
test coverage (exceeds 85% requirement).
Features:
- Tasks API: Full CRUD with filtering, pagination, and subtask support
- Events API: Full CRUD with recurrence support and date filtering
- Projects API: Full CRUD with task/event association
- Authentication guards on all endpoints
- Workspace-scoped queries for multi-tenant isolation
- Activity logging for all operations (CREATED, UPDATED, DELETED, etc.)
- DTOs with class-validator validation
- Comprehensive test suite (221 tests, 44 for new APIs)
Implementation:
- Services: Business logic with Prisma ORM integration
- Controllers: RESTful endpoints with AuthGuard
- Modules: Properly registered in AppModule
- Documentation: Complete API reference in docs/4-api/4-crud-endpoints/
Test Coverage:
- Tasks: 96.1%
- Events: 89.83%
- Projects: 84.21%
- Overall: 92.44%
TDD Workflow:
1. RED: Wrote failing tests first
2. GREEN: Implemented minimal code to pass tests
3. REFACTOR: Improved code quality while maintaining coverage
Refs #5
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
- Organized docs into numbered shelf/book/chapter/page structure
- Created comprehensive README.md with project overview
- Added Getting Started book (quick start, installation, configuration)
- Added Development book (workflow, testing, type sharing)
- Added Architecture book (design principles, PDA-friendly patterns)
- Added API Reference book (conventions, authentication)
- Moved TYPE-SHARING.md to proper location
- Updated all cross-references in main README
- Created docs/README.md as master index
- Removed old QA automation reports
- Removed deprecated SETUP.md (content split into new structure)
Documentation structure follows Bookstack best practices:
- Numbered books: 1-getting-started, 2-development, 3-architecture, 4-api
- Numbered chapters and pages for ordering
- Clear hierarchy and navigation
- Cross-referenced throughout
Complete documentation available at: docs/README.md
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
- Integrated BetterAuth library for modern authentication
- Added Session, Account, and Verification database tables
- Created complete auth module with service, controller, guards, and decorators
- Implemented shared authentication types in @mosaic/shared package
- Added comprehensive test coverage (26 tests passing)
- Documented type sharing strategy for monorepo
- Updated environment configuration with OIDC and JWT settings
Key architectural decisions:
- BetterAuth over Passport.js for better TypeScript support
- Separation of User (DB entity) vs AuthUser (client-safe subset)
- Shared types package to prevent FE/BE drift
- Factory pattern for auth config to use shared Prisma instance
Ready for frontend integration (Issue #6).
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Fixes#4
