stack

Author	SHA1	Message	Date
Jason Woltje	ee5364f2d3	feat(web): add widget picker drawer for dashboard customization All checks were successful ci/woodpecker/push/web Pipeline was successful Details Add a slide-out drawer UI to browse available widgets from the registry, search by name/description, and add them to the dashboard. The picker is accessible via "Add Widget" button in edit mode. - WidgetPicker component with search, widget list, and one-click add - Generates unique widget IDs and places new widgets below existing ones - Integrated into dashboard page header (edit mode only) Ref: #488 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-23 18:54:12 -06:00
Jason Woltje	cc56f2cbe1	feat(web): migrate dashboard to WidgetGrid with layout persistence (#497 ) All checks were successful ci/woodpecker/push/web Pipeline was successful Details Co-authored-by: Jason Woltje <jason@diversecanvas.com> Co-committed-by: Jason Woltje <jason@diversecanvas.com>	2026-02-24 00:50:24 +00:00
Jason Woltje	f9cccd6965	feat(api): seed 7 widget definitions for dashboard system (#496 ) All checks were successful ci/woodpecker/push/api Pipeline was successful Details Co-authored-by: Jason Woltje <jason@diversecanvas.com> Co-committed-by: Jason Woltje <jason@diversecanvas.com>	2026-02-24 00:28:02 +00:00
Jason Woltje	90c3bbccdf	feat(web): add theme selection UI in Settings > Appearance (#495 ) All checks were successful ci/woodpecker/push/web Pipeline was successful Details Co-authored-by: Jason Woltje <jason@diversecanvas.com> Co-committed-by: Jason Woltje <jason@diversecanvas.com>	2026-02-23 14:18:16 +00:00
Jason Woltje	79286e98c6	feat(web): upgrade ThemeProvider for multi-theme registry (#494 ) All checks were successful ci/woodpecker/push/web Pipeline was successful Details Co-authored-by: Jason Woltje <jason@diversecanvas.com> Co-committed-by: Jason Woltje <jason@diversecanvas.com>	2026-02-23 14:09:10 +00:00
Jason Woltje	cfd1def4a9	feat(web): add theme definition system with 5 built-in themes (#493 ) All checks were successful ci/woodpecker/push/web Pipeline was successful Details Co-authored-by: Jason Woltje <jason@diversecanvas.com> Co-committed-by: Jason Woltje <jason@diversecanvas.com>	2026-02-23 13:59:01 +00:00
Jason Woltje	f435d8e8c6	docs: initialize MS18 Theme & Widget System mission (#492 ) Co-authored-by: Jason Woltje <jason@diversecanvas.com> Co-committed-by: Jason Woltje <jason@diversecanvas.com>	2026-02-23 13:36:10 +00:00
Jason Woltje	3d78b09064	docs: close out MS16+MS17 mission (#486 ) All checks were successful ci/woodpecker/push/web Pipeline was successful Details Co-authored-by: Jason Woltje <jason@diversecanvas.com> Co-committed-by: Jason Woltje <jason@diversecanvas.com>	2026-02-23 13:27:22 +00:00
Jason Woltje	a7955b9b32	docs: mark MS16+MS17 milestone complete (#485 ) Co-authored-by: Jason Woltje <jason@diversecanvas.com> Co-committed-by: Jason Woltje <jason@diversecanvas.com>	2026-02-23 13:16:38 +00:00
Jason Woltje	372cc100cc	docs: update PRD statuses and mission artifacts for MS16+MS17 (#484 ) Co-authored-by: Jason Woltje <jason@diversecanvas.com> Co-committed-by: Jason Woltje <jason@diversecanvas.com>	2026-02-23 05:09:04 +00:00
Jason Woltje	172ed1d40f	feat(web): add kanban board page with drag-and-drop (#478 ) Some checks failed ci/woodpecker/push/web Pipeline failed Details ci/woodpecker/push/orchestrator Pipeline was successful Details ci/woodpecker/push/api Pipeline was successful Details Co-authored-by: Jason Woltje <jason@diversecanvas.com> Co-committed-by: Jason Woltje <jason@diversecanvas.com>	2026-02-23 04:26:25 +00:00
Jason Woltje	cd5c2218c8	chore(orchestrator): bootstrap MS16+MS17 planning (#470 ) Co-authored-by: Jason Woltje <jason@diversecanvas.com> Co-committed-by: Jason Woltje <jason@diversecanvas.com>	2026-02-23 03:29:53 +00:00
Jason Woltje	f643d2bc04	docs: mark mission complete (MS-P4-003) (#465 ) Co-authored-by: Jason Woltje <jason@diversecanvas.com> Co-committed-by: Jason Woltje <jason@diversecanvas.com>	2026-02-23 02:11:13 +00:00
Jason Woltje	8957904ea9	Phase 4: Deploy + Smoke Test (#463 ) (#464 ) All checks were successful ci/woodpecker/push/web Pipeline was successful Details Co-authored-by: Jason Woltje <jason@diversecanvas.com> Co-committed-by: Jason Woltje <jason@diversecanvas.com>	2026-02-23 02:09:43 +00:00
Jason Woltje	458cac7cdd	Phase 3: Agent Cycle Visibility (#461 ) (#462 ) All checks were successful ci/woodpecker/push/api Pipeline was successful Details ci/woodpecker/push/web Pipeline was successful Details Co-authored-by: Jason Woltje <jason@diversecanvas.com> Co-committed-by: Jason Woltje <jason@diversecanvas.com>	2026-02-23 01:07:29 +00:00
Jason Woltje	7581d26567	Phase 2: Task Ingestion Pipeline (#459 ) (#460 ) All checks were successful ci/woodpecker/push/api Pipeline was successful Details ci/woodpecker/push/web Pipeline was successful Details Co-authored-by: Jason Woltje <jason@diversecanvas.com> Co-committed-by: Jason Woltje <jason@diversecanvas.com>	2026-02-23 00:54:55 +00:00
Jason Woltje	07f5225a76	Phase 1: Dashboard Polish + Theming (#457 ) (#458 ) All checks were successful ci/woodpecker/push/orchestrator Pipeline was successful Details ci/woodpecker/push/api Pipeline was successful Details ci/woodpecker/push/web Pipeline was successful Details Co-authored-by: Jason Woltje <jason@diversecanvas.com> Co-committed-by: Jason Woltje <jason@diversecanvas.com>	2026-02-23 00:16:45 +00:00
Jason Woltje	ea1620fa7a	docs: initialize go-live MVP mission with coordinator protocol (#455 ) Co-authored-by: Jason Woltje <jason@diversecanvas.com> Co-committed-by: Jason Woltje <jason@diversecanvas.com>	2026-02-22 23:37:13 +00:00
Jason Woltje	d218902cb0	docs: design system reference and task completion (MS15-DOC-001) (#454 ) Co-authored-by: Jason Woltje <jason@diversecanvas.com> Co-committed-by: Jason Woltje <jason@diversecanvas.com>	2026-02-22 21:20:28 +00:00
Jason Woltje	b43e860c40	feat(web): Phase 3 — Dashboard Page (#450 ) (#453 ) Some checks failed ci/woodpecker/push/web Pipeline failed Details Co-authored-by: Jason Woltje <jason@diversecanvas.com> Co-committed-by: Jason Woltje <jason@diversecanvas.com>	2026-02-22 21:18:50 +00:00
Jason Woltje	716f230f72	feat(ui,web): Phase 2 — Shared Components & Terminal Panel (#449 ) (#452 ) All checks were successful ci/woodpecker/push/orchestrator Pipeline was successful Details ci/woodpecker/push/api Pipeline was successful Details ci/woodpecker/push/web Pipeline was successful Details Co-authored-by: Jason Woltje <jason@diversecanvas.com> Co-committed-by: Jason Woltje <jason@diversecanvas.com>	2026-02-22 21:12:13 +00:00
Jason Woltje	a5ed260fbd	feat(web): MS15 Phase 1 — Design System & App Shell (#451 ) All checks were successful ci/woodpecker/push/web Pipeline was successful Details Co-authored-by: Jason Woltje <jason@diversecanvas.com> Co-committed-by: Jason Woltje <jason@diversecanvas.com>	2026-02-22 20:57:06 +00:00
Jason Woltje	74c8c376b7	docs(coolify): update deployment docs with operations guide (#445 ) Co-authored-by: Jason Woltje <jason@diversecanvas.com> Co-committed-by: Jason Woltje <jason@diversecanvas.com>	2026-02-22 08:05:47 +00:00
Jason Woltje	9901fba61e	docs: add Coolify deployment guide and compose file (#444 ) Co-authored-by: Jason Woltje <jason@diversecanvas.com> Co-committed-by: Jason Woltje <jason@diversecanvas.com>	2026-02-22 07:40:24 +00:00
Jason Woltje	23d610ba5b	chore: switch from develop/dev to main/latest image tags (#434 ) All checks were successful ci/woodpecker/push/infra Pipeline was successful Details ci/woodpecker/push/coordinator Pipeline was successful Details ci/woodpecker/push/orchestrator Pipeline was successful Details ci/woodpecker/push/api Pipeline was successful Details ci/woodpecker/push/web Pipeline was successful Details Co-authored-by: Jason Woltje <jason@diversecanvas.com> Co-committed-by: Jason Woltje <jason@diversecanvas.com>	2026-02-21 22:05:07 +00:00
Jason Woltje	b5ac2630c1	docs(auth): record digest-based deploy fix verification	2026-02-18 23:39:06 -06:00
Jason Woltje	8424a28faa	fix(auth): use set_config for transaction-scoped RLS context All checks were successful ci/woodpecker/push/api Pipeline was successful Details	2026-02-18 23:23:15 -06:00
Jason Woltje	d2cec04cba	fix(auth): preserve raw BetterAuth cookie token for session lookup All checks were successful ci/woodpecker/push/api Pipeline was successful Details	2026-02-18 23:06:37 -06:00
Jason Woltje	0c2a6b14cf	fix(auth): verify BetterAuth sessions via cookie headers	2026-02-18 22:39:54 -06:00
Jason Woltje	dedc1af080	fix(auth): restore BetterAuth OIDC flow across api/web/compose All checks were successful ci/woodpecker/push/infra Pipeline was successful Details ci/woodpecker/push/web Pipeline was successful Details ci/woodpecker/push/api Pipeline was successful Details	2026-02-17 23:37:49 -06:00
Jason Woltje	6fd8e85266	fix(orchestrator): make provider-aware Claude key startup requirements All checks were successful ci/woodpecker/push/infra Pipeline was successful Details ci/woodpecker/push/orchestrator Pipeline was successful Details	2026-02-17 17:15:42 -06:00
Jason Woltje	d3474cdd74	chore(orchestrator): bootstrap issue 424	2026-02-17 17:05:09 -06:00
Jason Woltje	9d9a01f5f7	feat(web): add orchestrator readiness badge and resilient events parsing All checks were successful ci/woodpecker/push/web Pipeline was successful Details	2026-02-17 16:20:03 -06:00
Jason Woltje	5bce7dbb05	feat(web): show latest orchestrator event in task progress widget Some checks failed ci/woodpecker/push/web Pipeline failed Details	2026-02-17 16:12:40 -06:00
Jason Woltje	ab902250f8	feat(web-hud): seed default layout with orchestration widgets All checks were successful ci/woodpecker/push/web Pipeline was successful Details	2026-02-17 16:07:09 -06:00
Jason Woltje	d34f097a5c	feat(web): add orchestrator events widget with matrix signal visibility All checks were successful ci/woodpecker/push/web Pipeline was successful Details	2026-02-17 15:56:12 -06:00
Jason Woltje	f4ad7eba37	fix(web-hud): support hyphenated widget IDs with regression tests Some checks failed ci/woodpecker/push/orchestrator Pipeline was successful Details ci/woodpecker/push/web Pipeline failed Details	2026-02-17 15:49:09 -06:00
Jason Woltje	4d089cd020	feat(orchestrator): add recent events API and monitor script	2026-02-17 15:44:43 -06:00
Jason Woltje	3258cd4f4d	feat(orchestrator): add SSE events, queue controls, and mosaic rails sync	2026-02-17 15:39:15 -06:00
Jason Woltje	cab8d690ab	fix(#411 ): complete 2026-02-17 remediation sweep Apply RLS context at task service boundaries, harden orchestrator/web integration and session startup behavior, re-enable targeted frontend tests, and lock vulnerable transitive dependencies so QA and security gates pass cleanly.	2026-02-17 14:19:15 -06:00
Jason Woltje	8961f5b18c	chore: upgrade Node.js runtime to v24 across codebase All checks were successful ci/woodpecker/push/orchestrator Pipeline was successful Details ci/woodpecker/push/api Pipeline was successful Details ci/woodpecker/push/web Pipeline was successful Details - Update .woodpecker/codex-review.yml: node:22-slim → node:24-slim - Update packages/cli-tools engines: >=18 → >=24.0.0 - Update README.md, CONTRIBUTING.md, prerequisites docs to reference Node 24+ - Rename eslint.config.js → eslint.config.mjs to eliminate Node 24 MODULE_TYPELESS_PACKAGE_JSON warnings (ESM detection overhead) - Add .nvmrc targeting Node 24 - Fix pre-existing no-unsafe-return lint error in matrix-room.service.ts - Add Campsite Rule to CLAUDE.md - Regenerate Prisma client for Node 24 compatibility All Dockerfiles and main CI pipelines already used node:24. This commit aligns the remaining stragglers (codex-review CI, cli-tools engines, documentation) and resolves Node 24 ESM module detection warnings. Quality gates: lint ✅ typecheck ✅ tests ✅ (6 pre-existing API failures) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-16 17:33:26 -06:00
Jason Woltje	b96e2d7dc6	chore(#411 ): Phase 13 complete — QA round 2 remediation done, 272 tests passing Some checks failed ci/woodpecker/push/api Pipeline failed Details ci/woodpecker/push/web Pipeline failed Details 6 findings remediated: - QA2-001: Narrowed verifySession allowlist (expired/unauthorized false-positives) - QA2-002: Runtime null checks in auth controller (defense-in-depth) - QA2-003: Bearer token log sanitization + non-Error warning - QA2-004: classifyAuthError returns null for normal 401 (no false banner) - QA2-005: Login page routes errors through parseAuthError (PDA-safe) - QA2-006: AuthGuard user validation branch tests (5 new tests) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-16 15:51:38 -06:00
Jason Woltje	ac492aab80	chore(#411 ): Phase 7 complete — review remediation done, 297 tests passing Some checks failed ci/woodpecker/push/api Pipeline failed Details ci/woodpecker/push/web Pipeline failed Details - AUTH-028: Frontend fixes (fetchWithRetry wired, error dedup, OAuth catch, signout feedback) - AUTH-029: Backend fixes (COOKIE_DOMAIN, TRUSTED_ORIGINS validation, verifySession infra errors) - AUTH-030: Missing test coverage (15 new tests for getAccessToken, isAdmin, null cases, getClientIp) - AUTH-V07: 191 web + 106 API auth tests passing Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-16 12:38:18 -06:00
Jason Woltje	3fbba135b9	chore(#411 ): Phase 6 complete — 4/4 tasks done, 93 tests passing Some checks failed ci/woodpecker/push/web Pipeline failed Details All 6 phases of auth-frontend-remediation are now complete. Phase 6 adds: auth-errors.ts (43 tests), fetchWithRetry (15 tests), session expiry detection (18 tests), PDA-friendly auth-client (17 tests). Total web test suite: 89 files, 1078 tests passing (23 skipped). Refs #411	2026-02-16 12:21:29 -06:00
Jason Woltje	24ee7c7f87	chore(#411 ): Phase 5 complete — 4/4 tasks done, 83 tests passing - AUTH-020: Login page redesign with dynamic provider rendering - AUTH-021: URL error params with PDA-friendly messages - AUTH-022: Deleted old LoginButton (replaced by OAuthButton) - AUTH-023: Responsive layout + WCAG 2.1 AA accessibility Refs #416 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-16 11:58:02 -06:00
Jason Woltje	3ab87362a9	chore(#411 ): Phase 4 complete — 6/6 tasks done, 54 frontend tests passing - AUTH-014: Theme storage key fix (jarvis-theme -> mosaic-theme) - AUTH-015: AuthErrorBanner (PDA-friendly, blue info theme) - AUTH-016: AuthDivider component - AUTH-017: OAuthButton with loading state - AUTH-018: LoginForm with email/password validation - AUTH-019: SessionExpiryWarning floating banner Refs #415 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-16 11:39:45 -06:00
Jason Woltje	9623a3be97	chore(#411 ): Phase 3 complete — 4/4 tasks done, 73 auth tests passing - AUTH-010: getTrustedOrigins() with env var support - AUTH-011: CORS aligned with getTrustedOrigins() - AUTH-012: Session config (7d absolute, 2h idle, secure cookies) - AUTH-013: .env.example updated with TRUSTED_ORIGINS, COOKIE_DOMAIN Refs #414 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-16 11:28:46 -06:00
Jason Woltje	447141f05d	chore(#411 ): Phase 2 complete — 4/4 tasks done, 55 auth tests passing - AUTH-006: AuthProviderConfig + AuthConfigResponse types in @mosaic/shared - AUTH-007: GET /auth/config endpoint + getAuthConfig() in AuthService - AUTH-008: Secret-leakage prevention test - AUTH-009: isOidcProviderReachable() health check (2s timeout, 30s cache) Refs #413 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-16 11:21:14 -06:00
Jason Woltje	f6eadff5bf	chore(#411 ): Phase 1 complete — 5/5 tasks done, 36 tests passing - AUTH-001: OIDC_REDIRECT_URI validation (URL + path checks) - AUTH-002: BetterAuth handler try/catch with error logging - AUTH-003: Docker compose OIDC_REDIRECT_URI safe default - AUTH-004: PKCE enabled in genericOAuth config - AUTH-005: @SkipCsrf() documentation with rationale Refs #412 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-16 11:09:51 -06:00
Jason Woltje	bd7470f5d7	chore(#411 ): bootstrap auth-frontend-remediation tasks from plan Parsed 6 phases into 33 tasks. Estimated total: 281K tokens. Epic #411, Issues #412-#417. Refs #411 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-16 10:58:32 -06:00

1 2 3 4 5

243 Commits