mosaic/stack
1
0
Fork 0
Code Issues 10 Pull Requests Actions Packages Projects Releases 2 Wiki Activity

Compare commits

base: mosaic:feat/ms22-p2-agent-routing
Branches Tags
mosaic:main mosaic:test/ms22-p2-agent-tests mosaic:chore/ms22-p2-docs-update mosaic:feat/ms22-p2-agent-ui mosaic:feat/ms22-p2-agent-routing mosaic:chore/ms22-p2-update-docs mosaic:feat/ms22-p2-user-agents mosaic:feat/ms22-p2-agent-crud mosaic:fix/security-audit-multer mosaic:ci/portainer-v2 mosaic:fix/chat-complete mosaic:ci/portainer-deploy mosaic:fix/chat-configmodule mosaic:feature/chat-guest-mode mosaic:fix/ms21-missing-user-auth-migration mosaic:infra/fix-mosaic-db-init-extensions mosaic:infra/migrate-to-openbrain-db mosaic:fix/flaky-queue-test mosaic:fix/deploy-service-names mosaic:fix/deploy-service-update mosaic:fix/deploy-user-v2 mosaic:fix/deploy-user mosaic:feat/ci-auto-deploy mosaic:fix/orchestrator-widget-endpoints mosaic:fix/dashboard-widget-mock-data mosaic:fix/ci-glibc-image mosaic:fix/dockerfile-npmrc mosaic:fix/matrix-native-binary mosaic:fix/kaniko-cache mosaic:fix/base-image-kaniko-v2 mosaic:fix/base-image-kaniko mosaic:feat/custom-base-image mosaic:ci/pnpm-cache mosaic:fix/interceptor-tests mosaic:fix/kanban-tests mosaic:feat/wire-chat mosaic:feat/usage-widget mosaic:fix/security-hardening mosaic:fix/project-domain-v2 mosaic:feat/kanban-add-task mosaic:fix/project-domain-attach mosaic:fix/logs-page-clean mosaic:fix/workspace-members mosaic:fix/ci-lint-632 mosaic:fix/file-manager-tags mosaic:fix/csrf-debug-log mosaic:fix/controller-type-imports mosaic:fix/system-admin-env mosaic:fix/gateway-cors-trusted-origins mosaic:feat/project-detail-page mosaic:fix/fleet-provider-form-dto-v2 mosaic:fix/ms22-audit mosaic:fix/orchestrator-widgets mosaic:fix/fleet-provider-form-dto mosaic:fix/csrf-bearer-bypass mosaic:fix/ms22-missing-authmodule-imports mosaic:fix/container-lifecycle-config-module mosaic:fix/swarm-compose-ms22-vars mosaic:chore/ms22-p1-complete mosaic:feat/ms22-p1h-settings-ui mosaic:feat/ms22-p1f-onboarding-ui mosaic:feat/ms22-p1i-chat-proxy mosaic:feat/ms22-p1k-idle-reaper mosaic:feat/ms22-p1j-docker mosaic:feat/ms22-p1e-onboarding-api mosaic:feat/ms22-p1g-settings-api mosaic:feat/ms22-p1d-container-mgr mosaic:feat/ms22-p1c-config-api mosaic:chore/ms22-prd-tracking mosaic:feat/ms22-p1a-schema mosaic:feat/ms22-p1b-crypto mosaic:chore/ms22-p1-tasks mosaic:docs/ms22-architecture mosaic:feat/ms22-openclaw-docker mosaic:feat/ms22-openclaw-gateway-module mosaic:chore/ms21-complete mosaic:chore/ms21-final-tasks-done mosaic:fix/ms21-ui-001-qa mosaic:test/ms21-ui-tests mosaic:chore/ms21-tasks-sync mosaic:chore/ms22-phase0-complete mosaic:feat/ms22-ingest-clean mosaic:feat/ms21-ui-users-members mosaic:feat/ms22-task-agent mosaic:chore/tasks-final mosaic:chore/tasks-update mosaic:feat/ms21-session-invalidation mosaic:feat/ms21-rbac-settings mosaic:feat/ms21-teams-page mosaic:feat/ms21-users-page mosaic:feat/ms19-terminal-persistence
mosaic:v0.0.21 mosaic:v0.20.0 mosaic:v0.0.15 mosaic:v0.0.2
..
compare: mosaic:fix/gateway-cors-trusted-origins
Branches Tags
mosaic:main mosaic:test/ms22-p2-agent-tests mosaic:chore/ms22-p2-docs-update mosaic:feat/ms22-p2-agent-ui mosaic:feat/ms22-p2-agent-routing mosaic:chore/ms22-p2-update-docs mosaic:feat/ms22-p2-user-agents mosaic:feat/ms22-p2-agent-crud mosaic:fix/security-audit-multer mosaic:ci/portainer-v2 mosaic:fix/chat-complete mosaic:ci/portainer-deploy mosaic:fix/chat-configmodule mosaic:feature/chat-guest-mode mosaic:fix/ms21-missing-user-auth-migration mosaic:infra/fix-mosaic-db-init-extensions mosaic:infra/migrate-to-openbrain-db mosaic:fix/flaky-queue-test mosaic:fix/deploy-service-names mosaic:fix/deploy-service-update mosaic:fix/deploy-user-v2 mosaic:fix/deploy-user mosaic:feat/ci-auto-deploy mosaic:fix/orchestrator-widget-endpoints mosaic:fix/dashboard-widget-mock-data mosaic:fix/ci-glibc-image mosaic:fix/dockerfile-npmrc mosaic:fix/matrix-native-binary mosaic:fix/kaniko-cache mosaic:fix/base-image-kaniko-v2 mosaic:fix/base-image-kaniko mosaic:feat/custom-base-image mosaic:ci/pnpm-cache mosaic:fix/interceptor-tests mosaic:fix/kanban-tests mosaic:feat/wire-chat mosaic:feat/usage-widget mosaic:fix/security-hardening mosaic:fix/project-domain-v2 mosaic:feat/kanban-add-task mosaic:fix/project-domain-attach mosaic:fix/logs-page-clean mosaic:fix/workspace-members mosaic:fix/ci-lint-632 mosaic:fix/file-manager-tags mosaic:fix/csrf-debug-log mosaic:fix/controller-type-imports mosaic:fix/system-admin-env mosaic:fix/gateway-cors-trusted-origins mosaic:feat/project-detail-page mosaic:fix/fleet-provider-form-dto-v2 mosaic:fix/ms22-audit mosaic:fix/orchestrator-widgets mosaic:fix/fleet-provider-form-dto mosaic:fix/csrf-bearer-bypass mosaic:fix/ms22-missing-authmodule-imports mosaic:fix/container-lifecycle-config-module mosaic:fix/swarm-compose-ms22-vars mosaic:chore/ms22-p1-complete mosaic:feat/ms22-p1h-settings-ui mosaic:feat/ms22-p1f-onboarding-ui mosaic:feat/ms22-p1i-chat-proxy mosaic:feat/ms22-p1k-idle-reaper mosaic:feat/ms22-p1j-docker mosaic:feat/ms22-p1e-onboarding-api mosaic:feat/ms22-p1g-settings-api mosaic:feat/ms22-p1d-container-mgr mosaic:feat/ms22-p1c-config-api mosaic:chore/ms22-prd-tracking mosaic:feat/ms22-p1a-schema mosaic:feat/ms22-p1b-crypto mosaic:chore/ms22-p1-tasks mosaic:docs/ms22-architecture mosaic:feat/ms22-openclaw-docker mosaic:feat/ms22-openclaw-gateway-module mosaic:chore/ms21-complete mosaic:chore/ms21-final-tasks-done mosaic:fix/ms21-ui-001-qa mosaic:test/ms21-ui-tests mosaic:chore/ms21-tasks-sync mosaic:chore/ms22-phase0-complete mosaic:feat/ms22-ingest-clean mosaic:feat/ms21-ui-users-members mosaic:feat/ms22-task-agent mosaic:chore/tasks-final mosaic:chore/tasks-update mosaic:feat/ms21-session-invalidation mosaic:feat/ms21-rbac-settings mosaic:feat/ms21-teams-page mosaic:feat/ms21-users-page mosaic:feat/ms19-terminal-persistence
mosaic:v0.0.21 mosaic:v0.20.0 mosaic:v0.0.15 mosaic:v0.0.2

1 Commits
feat/ms22- ... fix/gatewa

Author SHA1 Message Date
Jason Woltje
f982fb5233 fix(api): use TRUSTED_ORIGINS for socket.io gateway CORS; add createTask API client
All checks were successful
ci/woodpecker/push/ci Pipeline was successful
Details
2026-03-01 14:13:00 -06:00
79 changed files with 1714 additions and 4304 deletions
Expand all files Collapse all files

57
.mosaic/orchestrator/mission.json
View File

@@ -1,56 +1,56 @@
{
"schema_version": 1,
"mission_id": "ms22-p2-named-agent-fleet-20260304",
"name": "MS22-P2 Named Agent Fleet",
"description": "",
"mission_id": "ms21-multi-tenant-rbac-data-migration-20260228",
"name": "MS21 Multi-Tenant RBAC Data Migration",
"description": "Build multi-tenant user/workspace/team management, break-glass auth, RBAC UI enforcement, and migrate jarvis-brain data into Mosaic Stack",
"project_path": "/home/jwoltje/src/mosaic-stack",
"created_at": "2026-03-05T01:53:28Z",
"created_at": "2026-02-28T17:10:22Z",
"status": "active",
"task_prefix": "",
"quality_gates": "",
"milestone_version": "0.0.1",
"task_prefix": "MS21",
"quality_gates": "pnpm lint && pnpm build && pnpm test",
"milestone_version": "0.0.21",
"milestones": [
{
"id": "phase-1",
"name": "Schema+Seed",
"name": "Schema and Admin API",
"status": "pending",
"branch": "schema-seed",
"branch": "schema-and-admin-api",
"issue_ref": "",
"started_at": "",
"completed_at": ""
},
{
"id": "phase-2",
"name": "Admin CRUD",
"name": "Break-Glass Authentication",
"status": "pending",
"branch": "admin-crud",
"branch": "break-glass-authentication",
"issue_ref": "",
"started_at": "",
"completed_at": ""
},
{
"id": "phase-3",
"name": "User CRUD",
"name": "Data Migration",
"status": "pending",
"branch": "user-crud",
"branch": "data-migration",
"issue_ref": "",
"started_at": "",
"completed_at": ""
},
{
"id": "phase-4",
"name": "Agent Routing",
"name": "Admin UI",
"status": "pending",
"branch": "agent-routing",
"branch": "admin-ui",
"issue_ref": "",
"started_at": "",
"completed_at": ""
},
{
"id": "phase-5",
"name": "Discord+UI",
"name": "RBAC UI Enforcement",
"status": "pending",
"branch": "discord-ui",
"branch": "rbac-ui-enforcement",
"issue_ref": "",
"started_at": "",
"completed_at": ""
@@ -65,5 +65,26 @@
"completed_at": ""
}
],
"sessions": []
"sessions": [
{
"session_id": "sess-001",
"runtime": "unknown",
"started_at": "2026-02-28T17:48:51Z",
"ended_at": "",
"ended_reason": "",
"milestone_at_end": "",
"tasks_completed": [],
"last_task_id": ""
},
{
"session_id": "sess-002",
"runtime": "unknown",
"started_at": "2026-02-28T20:30:13Z",
"ended_at": "",
"ended_reason": "",
"milestone_at_end": "",
"tasks_completed": [],
"last_task_id": ""
}
]
}

8
.mosaic/orchestrator/session.lock Normal file
View File

@@ -0,0 +1,8 @@
{
"session_id": "sess-002",
"runtime": "unknown",
"pid": 3178395,
"started_at": "2026-02-28T20:30:13Z",
"project_path": "/tmp/ms21-ui-001",
"milestone_id": ""
}

2
.npmrc
View File

@@ -1,3 +1 @@
@mosaicstack:registry=https://git.mosaicstack.dev/api/packages/mosaic/npm/
supportedArchitectures[libc][]=glibc
supportedArchitectures[cpu][]=x64

27
.woodpecker/base-image.yml
View File

@@ -1,27 +0,0 @@
when:
- event: manual
- event: cron
cron: weekly-base-image
variables:
- &kaniko_setup |
mkdir -p /kaniko/.docker
echo "{\"auths\":{\"git.mosaicstack.dev\":{\"username\":\"$GITEA_USER\",\"password\":\"$GITEA_TOKEN\"}}}" > /kaniko/.docker/config.json
steps:
build-base:
image: gcr.io/kaniko-project/executor:debug
environment:
GITEA_USER:
from_secret: gitea_username
GITEA_TOKEN:
from_secret: gitea_token
commands:
- *kaniko_setup
- /kaniko/executor
--context .
--dockerfile docker/base.Dockerfile
--destination git.mosaicstack.dev/mosaic/node-base:24-slim
--destination git.mosaicstack.dev/mosaic/node-base:latest
--cache=true
--cache-repo git.mosaicstack.dev/mosaic/node-base/cache

54
.woodpecker/ci.yml
View File

@@ -29,11 +29,9 @@ when:
- ".trivyignore"
variables:
- &node_image "node:24-slim"
- &node_image "node:24-alpine"
- &install_deps |
corepack enable
apt-get update && apt-get install -y --no-install-recommends python3 make g++
pnpm config set store-dir /root/.local/share/pnpm/store
pnpm install --frozen-lockfile
- &use_deps |
corepack enable
@@ -170,7 +168,7 @@ steps:
elif [ "$CI_COMMIT_BRANCH" = "main" ]; then
DESTINATIONS="--destination git.mosaicstack.dev/mosaic/stack-api:latest"
fi
/kaniko/executor --context . --dockerfile apps/api/Dockerfile --snapshot-mode=redo --cache=true --cache-repo git.mosaicstack.dev/mosaic/stack-api/cache $DESTINATIONS
/kaniko/executor --context . --dockerfile apps/api/Dockerfile --snapshot-mode=redo $DESTINATIONS
when:
- branch: [main]
event: [push, manual, tag]
@@ -195,7 +193,7 @@ steps:
elif [ "$CI_COMMIT_BRANCH" = "main" ]; then
DESTINATIONS="--destination git.mosaicstack.dev/mosaic/stack-orchestrator:latest"
fi
/kaniko/executor --context . --dockerfile apps/orchestrator/Dockerfile --snapshot-mode=redo --cache=true --cache-repo git.mosaicstack.dev/mosaic/stack-orchestrator/cache $DESTINATIONS
/kaniko/executor --context . --dockerfile apps/orchestrator/Dockerfile --snapshot-mode=redo $DESTINATIONS
when:
- branch: [main]
event: [push, manual, tag]
@@ -220,7 +218,7 @@ steps:
elif [ "$CI_COMMIT_BRANCH" = "main" ]; then
DESTINATIONS="--destination git.mosaicstack.dev/mosaic/stack-web:latest"
fi
/kaniko/executor --context . --dockerfile apps/web/Dockerfile --snapshot-mode=redo --cache=true --cache-repo git.mosaicstack.dev/mosaic/stack-web/cache --build-arg NEXT_PUBLIC_API_URL=https://api.mosaicstack.dev $DESTINATIONS
/kaniko/executor --context . --dockerfile apps/web/Dockerfile --snapshot-mode=redo --build-arg NEXT_PUBLIC_API_URL=https://api.mosaicstack.dev $DESTINATIONS
when:
- branch: [main]
event: [push, manual, tag]
@@ -337,47 +335,3 @@ steps:
- security-trivy-api
- security-trivy-orchestrator
- security-trivy-web
# ─── Deploy to Docker Swarm via Portainer API (main only) ─────────────────────
deploy-swarm:
image: alpine:3
failure: ignore
environment:
PORTAINER_URL:
from_secret: portainer_url
PORTAINER_API_KEY:
from_secret: portainer_api_key
PORTAINER_STACK_ID: "121"
commands:
- apk add --no-cache curl
- |
set -e
echo "🚀 Deploying to Docker Swarm via Portainer API..."
# Use Portainer API to update the stack (forces pull of new images)
RESPONSE=$(curl -s -w "\n%{http_code}" -X POST \
-H "X-API-Key: $PORTAINER_API_KEY" \
-H "Content-Type: application/json" \
"$PORTAINER_URL/api/stacks/$PORTAINER_STACK_ID/git/redeploy")
HTTP_CODE=$(echo "$RESPONSE" | tail -1)
BODY=$(echo "$RESPONSE" | head -n -1)
if [ "$HTTP_CODE" = "200" ] || [ "$HTTP_CODE" = "202" ]; then
echo "✅ Stack update triggered successfully"
else
echo "❌ Stack update failed (HTTP $HTTP_CODE)"
echo "$BODY"
exit 1
fi
# Wait for services to converge
echo "⏳ Waiting for services to converge..."
sleep 30
echo "✅ Deploy complete"
when:
- branch: [main]
event: [push, manual, tag]
depends_on:
- link-packages

24
apps/api/Dockerfile
View File

@@ -1,7 +1,7 @@
# Base image for all stages
# Uses Debian slim (glibc) instead of Alpine (musl) because native Node.js addons
# (matrix-sdk-crypto-nodejs, Prisma engines) require glibc-compatible binaries.
FROM git.mosaicstack.dev/mosaic/node-base:24-slim AS base
FROM node:24-slim AS base
# Install pnpm globally
RUN corepack enable && corepack prepare pnpm@10.27.0 --activate
@@ -19,9 +19,9 @@ COPY turbo.json ./
FROM base AS deps
# Install build tools for native addons (node-pty requires node-gyp compilation)
# Note: openssl and ca-certificates pre-installed in base image
# and OpenSSL for Prisma engine detection
RUN apt-get update && apt-get install -y --no-install-recommends \
python3 make g++ \
python3 make g++ openssl \
&& rm -rf /var/lib/apt/lists/*
# Copy all package.json files for workspace resolution
@@ -30,9 +30,6 @@ COPY packages/ui/package.json ./packages/ui/
COPY packages/config/package.json ./packages/config/
COPY apps/api/package.json ./apps/api/
# Copy npm configuration for native binary architecture hints
COPY .npmrc ./
# Install dependencies (no cache mount — Kaniko builds are ephemeral in CI)
# Then explicitly rebuild node-pty from source since pnpm may skip postinstall
# scripts or fail to find prebuilt binaries for this Node.js version
@@ -64,14 +61,19 @@ RUN pnpm turbo build --filter=@mosaic/api --force
# ======================
# Production stage
# ======================
FROM git.mosaicstack.dev/mosaic/node-base:24-slim AS production
FROM node:24-slim AS production
# dumb-init, openssl, ca-certificates pre-installed in base image
# Install dumb-init for proper signal handling (static binary from GitHub,
# avoids apt-get which fails under Kaniko with bookworm GPG signature errors)
ADD https://github.com/Yelp/dumb-init/releases/download/v1.2.5/dumb-init_1.2.5_x86_64 /usr/local/bin/dumb-init
# Single RUN to minimize Kaniko filesystem snapshots (each RUN = full snapshot)
# - Remove npm/npx to reduce image size (not used in production)
# - Create non-root user
RUN rm -rf /usr/local/lib/node_modules/npm /usr/local/bin/npm /usr/local/bin/npx \
# - openssl: Prisma engine detection requires libssl
# - No build tools needed here — native addons are compiled in the deps stage
RUN apt-get update && apt-get install -y --no-install-recommends openssl \
&& rm -rf /var/lib/apt/lists/* \
&& rm -rf /usr/local/lib/node_modules/npm /usr/local/bin/npm /usr/local/bin/npx \
&& chmod 755 /usr/local/bin/dumb-init \
&& groupadd -g 1001 nodejs && useradd -m -u 1001 -g nodejs nestjs
WORKDIR /app

1
apps/api/package.json
View File

@@ -62,7 +62,6 @@
"discord.js": "^14.25.1",
"dockerode": "^4.0.9",
"gray-matter": "^4.0.3",
"helmet": "^8.1.0",
"highlight.js": "^11.11.1",
"ioredis": "^5.9.2",
"jose": "^6.1.3",

13
apps/api/prisma/migrations/20260303000001_ms21_user_auth_fields/migration.sql
View File

@@ -1,13 +0,0 @@
-- MS21: Add admin, local auth, and invitation fields to users table
-- These columns were added to schema.prisma but never captured in a migration.
ALTER TABLE "users"
ADD COLUMN IF NOT EXISTS "deactivated_at" TIMESTAMPTZ,
ADD COLUMN IF NOT EXISTS "is_local_auth" BOOLEAN NOT NULL DEFAULT false,
ADD COLUMN IF NOT EXISTS "password_hash" TEXT,
ADD COLUMN IF NOT EXISTS "invited_by" UUID,
ADD COLUMN IF NOT EXISTS "invitation_token" TEXT,
ADD COLUMN IF NOT EXISTS "invited_at" TIMESTAMPTZ;
-- CreateIndex
CREATE UNIQUE INDEX IF NOT EXISTS "users_invitation_token_key" ON "users"("invitation_token");

36
apps/api/prisma/schema.prisma
View File

@@ -1703,39 +1703,3 @@ model UserAgentConfig {
createdAt DateTime @default(now())
updatedAt DateTime @updatedAt
}
model AgentTemplate {
id String @id @default(cuid())
name String @unique // "jarvis", "builder", "medic"
displayName String // "Jarvis", "Builder", "Medic"
role String // "orchestrator" | "coding" | "monitoring"
personality String // SOUL.md content (markdown)
primaryModel String // "opus", "codex", "haiku"
fallbackModels Json @default("[]") // ["sonnet", "haiku"]
toolPermissions Json @default("[]") // ["exec", "read", "write", ...]
discordChannel String? // "jarvis", "builder", "medic-alerts"
isActive Boolean @default(true)
isDefault Boolean @default(false) // Include in new user provisioning
createdAt DateTime @default(now())
updatedAt DateTime @updatedAt
}
model UserAgent {
id String @id @default(cuid())
userId String
templateId String? // null = custom agent
name String // "jarvis", "builder", "medic" or custom
displayName String
role String
personality String // User can customize
primaryModel String?
fallbackModels Json @default("[]")
toolPermissions Json @default("[]")
discordChannel String?
isActive Boolean @default(true)
createdAt DateTime @default(now())
updatedAt DateTime @updatedAt
@@unique([userId, name])
@@index([userId])
}

4
apps/api/prisma/seed.ts
View File

@@ -7,7 +7,6 @@ import {
EntryStatus,
Visibility,
} from "@prisma/client";
import { seedAgentTemplates } from "../src/seed/agent-templates.seed";
const prisma = new PrismaClient();
@@ -587,9 +586,6 @@ This is a draft document. See [[architecture-overview]] for current state.`,
console.log(`Created ${links.length} knowledge links`);
});
// Seed default agent templates (idempotent)
await seedAgentTemplates(prisma);
console.log("Seeding completed successfully!");
}

2
apps/api/src/activity/activity.controller.ts
View File

@@ -1,7 +1,7 @@
import { Controller, Get, Query, Param, UseGuards } from "@nestjs/common";
import { ActivityService } from "./activity.service";
import { EntityType } from "@prisma/client";
import { QueryActivityLogDto } from "./dto";
import type { QueryActivityLogDto } from "./dto";
import { AuthGuard } from "../auth/guards/auth.guard";
import { WorkspaceGuard, PermissionGuard } from "../common/guards";
import { Workspace, Permission, RequirePermission } from "../common/decorators";

11
apps/api/src/activity/activity.service.ts
View File

@@ -117,13 +117,12 @@ export class ActivityService {
/**
* Get a single activity log by ID
*/
async findOne(id: string, workspaceId?: string): Promise<ActivityLogResult | null> {
const where: Prisma.ActivityLogWhereUniqueInput = { id };
if (workspaceId) {
where.workspaceId = workspaceId;
}
async findOne(id: string, workspaceId: string): Promise<ActivityLogResult | null> {
return await this.prisma.activityLog.findUnique({
where,
where: {
id,
workspaceId,
},
include: {
user: {
select: {

24
apps/api/src/activity/interceptors/activity-logging.interceptor.spec.ts
View File

@@ -384,18 +384,10 @@ describe("ActivityLoggingInterceptor", () => {
const context = createMockExecutionContext("POST", {}, body, user);
const next = createMockCallHandler(result);
mockActivityService.logActivity.mockResolvedValue({
id: "activity-123",
});
await new Promise<void>((resolve) => {
interceptor.intercept(context, next).subscribe(() => {
// workspaceId is now optional, so logActivity should be called without it
expect(mockActivityService.logActivity).toHaveBeenCalled();
const callArgs = mockActivityService.logActivity.mock.calls[0][0];
expect(callArgs.userId).toBe("user-123");
expect(callArgs.entityId).toBe("task-123");
expect(callArgs.workspaceId).toBeUndefined();
// Should not call logActivity when workspaceId is missing
expect(mockActivityService.logActivity).not.toHaveBeenCalled();
resolve();
});
});
@@ -420,18 +412,10 @@ describe("ActivityLoggingInterceptor", () => {
const context = createMockExecutionContext("POST", {}, body, user);
const next = createMockCallHandler(result);
mockActivityService.logActivity.mockResolvedValue({
id: "activity-123",
});
await new Promise<void>((resolve) => {
interceptor.intercept(context, next).subscribe(() => {
// workspaceId is now optional, so logActivity should be called without it
expect(mockActivityService.logActivity).toHaveBeenCalled();
const callArgs = mockActivityService.logActivity.mock.calls[0][0];
expect(callArgs.userId).toBe("user-123");
expect(callArgs.entityId).toBe("task-123");
expect(callArgs.workspaceId).toBeUndefined();
// Should not call logActivity when workspaceId is missing
expect(mockActivityService.logActivity).not.toHaveBeenCalled();
resolve();
});
});

19
apps/api/src/activity/interceptors/activity-logging.interceptor.ts
View File

@@ -4,7 +4,6 @@ import { tap } from "rxjs/operators";
import { ActivityService } from "../activity.service";
import { ActivityAction, EntityType } from "@prisma/client";
import type { Prisma } from "@prisma/client";
import type { CreateActivityLogInput } from "../interfaces/activity.interface";
import type { AuthenticatedRequest } from "../../common/types/user.types";
/**
@@ -62,13 +61,10 @@ export class ActivityLoggingInterceptor implements NestInterceptor {
// Extract entity information
const resultObj = result as Record<string, unknown> | undefined;
const entityId = params.id ?? (resultObj?.id as string | undefined);
// workspaceId is now optional - log events even when missing
const workspaceId = user.workspaceId ?? (body.workspaceId as string | undefined);
// Log with warning if entityId is missing, but still proceed with logging if workspaceId exists
if (!entityId) {
this.logger.warn("Cannot log activity: missing entityId");
if (!entityId || !workspaceId) {
this.logger.warn("Cannot log activity: missing entityId or workspaceId");
return;
}
@@ -96,8 +92,9 @@ export class ActivityLoggingInterceptor implements NestInterceptor {
const userAgent =
typeof userAgentHeader === "string" ? userAgentHeader : userAgentHeader?.[0];
// Log the activity — workspaceId is optional
const activityInput: CreateActivityLogInput = {
// Log the activity
await this.activityService.logActivity({
workspaceId,
userId: user.id,
action,
entityType,
@@ -105,11 +102,7 @@ export class ActivityLoggingInterceptor implements NestInterceptor {
details,
ipAddress: ip ?? undefined,
userAgent: userAgent ?? undefined,
};
if (workspaceId) {
activityInput.workspaceId = workspaceId;
}
await this.activityService.logActivity(activityInput);
});
} catch (error) {
// Don't fail the request if activity logging fails
this.logger.error(

3
apps/api/src/activity/interfaces/activity.interface.ts
View File

@@ -2,10 +2,9 @@ import type { ActivityAction, EntityType, Prisma } from "@prisma/client";
/**
* Interface for creating a new activity log entry
* workspaceId is optional - allows logging events without workspace context
*/
export interface CreateActivityLogInput {
workspaceId?: string | null;
workspaceId: string;
userId: string;
action: ActivityAction;
entityType: EntityType;

47
apps/api/src/agent-template/agent-template.controller.ts
View File

@@ -1,47 +0,0 @@
import {
Controller,
Get,
Post,
Patch,
Delete,
Body,
Param,
UseGuards,
ParseUUIDPipe,
} from "@nestjs/common";
import { AgentTemplateService } from "./agent-template.service";
import { CreateAgentTemplateDto } from "./dto/create-agent-template.dto";
import { UpdateAgentTemplateDto } from "./dto/update-agent-template.dto";
import { AuthGuard } from "../auth/guards/auth.guard";
import { AdminGuard } from "../auth/guards/admin.guard";
@Controller("admin/agent-templates")
@UseGuards(AuthGuard, AdminGuard)
export class AgentTemplateController {
constructor(private readonly agentTemplateService: AgentTemplateService) {}
@Get()
findAll() {
return this.agentTemplateService.findAll();
}
@Get(":id")
findOne(@Param("id", ParseUUIDPipe) id: string) {
return this.agentTemplateService.findOne(id);
}
@Post()
create(@Body() dto: CreateAgentTemplateDto) {
return this.agentTemplateService.create(dto);
}
@Patch(":id")
update(@Param("id", ParseUUIDPipe) id: string, @Body() dto: UpdateAgentTemplateDto) {
return this.agentTemplateService.update(id, dto);
}
@Delete(":id")
remove(@Param("id", ParseUUIDPipe) id: string) {
return this.agentTemplateService.remove(id);
}
}

12
apps/api/src/agent-template/agent-template.module.ts
View File

@@ -1,12 +0,0 @@
import { Module } from "@nestjs/common";
import { AgentTemplateService } from "./agent-template.service";
import { AgentTemplateController } from "./agent-template.controller";
import { PrismaModule } from "../prisma/prisma.module";
@Module({
imports: [PrismaModule],
controllers: [AgentTemplateController],
providers: [AgentTemplateService],
exports: [AgentTemplateService],
})
export class AgentTemplateModule {}

57
apps/api/src/agent-template/agent-template.service.ts
View File

@@ -1,57 +0,0 @@
import { Injectable, NotFoundException, ConflictException } from "@nestjs/common";
import { PrismaService } from "../prisma/prisma.service";
import { CreateAgentTemplateDto } from "./dto/create-agent-template.dto";
import { UpdateAgentTemplateDto } from "./dto/update-agent-template.dto";
@Injectable()
export class AgentTemplateService {
constructor(private readonly prisma: PrismaService) {}
async findAll() {
return this.prisma.agentTemplate.findMany({
orderBy: { createdAt: "asc" },
});
}
async findOne(id: string) {
const template = await this.prisma.agentTemplate.findUnique({ where: { id } });
if (!template) throw new NotFoundException(`AgentTemplate ${id} not found`);
return template;
}
async findByName(name: string) {
const template = await this.prisma.agentTemplate.findUnique({ where: { name } });
if (!template) throw new NotFoundException(`AgentTemplate "${name}" not found`);
return template;
}
async create(dto: CreateAgentTemplateDto) {
const existing = await this.prisma.agentTemplate.findUnique({ where: { name: dto.name } });
if (existing) throw new ConflictException(`AgentTemplate "${dto.name}" already exists`);
return this.prisma.agentTemplate.create({
data: {
name: dto.name,
displayName: dto.displayName,
role: dto.role,
personality: dto.personality,
primaryModel: dto.primaryModel,
fallbackModels: dto.fallbackModels ?? ([] as string[]),
toolPermissions: dto.toolPermissions ?? ([] as string[]),
...(dto.discordChannel !== undefined && { discordChannel: dto.discordChannel }),
isActive: dto.isActive ?? true,
isDefault: dto.isDefault ?? false,
},
});
}
async update(id: string, dto: UpdateAgentTemplateDto) {
await this.findOne(id);
return this.prisma.agentTemplate.update({ where: { id }, data: dto });
}
async remove(id: string) {
await this.findOne(id);
return this.prisma.agentTemplate.delete({ where: { id } });
}
}

43
apps/api/src/agent-template/dto/create-agent-template.dto.ts
View File

@@ -1,43 +0,0 @@
import { IsString, IsBoolean, IsOptional, IsArray, MinLength } from "class-validator";
export class CreateAgentTemplateDto {
@IsString()
@MinLength(1)
name!: string;
@IsString()
@MinLength(1)
displayName!: string;
@IsString()
@MinLength(1)
role!: string;
@IsString()
@MinLength(1)
personality!: string;
@IsString()
@MinLength(1)
primaryModel!: string;
@IsArray()
@IsOptional()
fallbackModels?: string[];
@IsArray()
@IsOptional()
toolPermissions?: string[];
@IsString()
@IsOptional()
discordChannel?: string;
@IsBoolean()
@IsOptional()
isActive?: boolean;
@IsBoolean()
@IsOptional()
isDefault?: boolean;
}

4
apps/api/src/agent-template/dto/update-agent-template.dto.ts
View File

@@ -1,4 +0,0 @@
import { PartialType } from "@nestjs/mapped-types";
import { CreateAgentTemplateDto } from "./create-agent-template.dto";
export class UpdateAgentTemplateDto extends PartialType(CreateAgentTemplateDto) {}

4
apps/api/src/app.module.ts
View File

@@ -48,8 +48,6 @@ import { TerminalModule } from "./terminal/terminal.module";
import { PersonalitiesModule } from "./personalities/personalities.module";
import { WorkspacesModule } from "./workspaces/workspaces.module";
import { AdminModule } from "./admin/admin.module";
import { AgentTemplateModule } from "./agent-template/agent-template.module";
import { UserAgentModule } from "./user-agent/user-agent.module";
import { TeamsModule } from "./teams/teams.module";
import { ImportModule } from "./import/import.module";
import { ConversationArchiveModule } from "./conversation-archive/conversation-archive.module";
@@ -131,8 +129,6 @@ import { OrchestratorModule } from "./orchestrator/orchestrator.module";
PersonalitiesModule,
WorkspacesModule,
AdminModule,
AgentTemplateModule,
UserAgentModule,
TeamsModule,
ImportModule,
ConversationArchiveModule,

2
apps/api/src/auth/auth.controller.ts
View File

@@ -106,7 +106,7 @@ export class AuthController {
// @SkipCsrf avoids double-protection conflicts.
// See: https://www.better-auth.com/docs/reference/security
@SkipCsrf()
@Throttle({ default: { ttl: 60_000, limit: 5 } })
@Throttle({ strict: { limit: 10, ttl: 60000 } })
async handleAuth(@Req() req: ExpressRequest, @Res() res: ExpressResponse): Promise<void> {
// Extract client IP for logging
const clientIp = this.getClientIp(req);

78
apps/api/src/chat-proxy/chat-proxy.controller.ts
View File

@@ -1,79 +1,31 @@
import { Body, Controller, HttpException, Logger, Post, Req, Res, UseGuards } from "@nestjs/common";
import {
Body,
Controller,
HttpException,
Logger,
Post,
Req,
Res,
UnauthorizedException,
UseGuards,
} from "@nestjs/common";
import type { Response } from "express";
import { AuthGuard } from "../auth/guards/auth.guard";
import { SkipCsrf } from "../common/decorators/skip-csrf.decorator";
import type { MaybeAuthenticatedRequest } from "../auth/types/better-auth-request.interface";
import { ChatStreamDto } from "./chat-proxy.dto";
import { ChatProxyService } from "./chat-proxy.service";
@Controller("chat")
@UseGuards(AuthGuard)
export class ChatProxyController {
private readonly logger = new Logger(ChatProxyController.name);
constructor(private readonly chatProxyService: ChatProxyService) {}
// POST /api/chat/guest
// Guest chat endpoint - no authentication required
// Uses a shared LLM configuration for unauthenticated users
@SkipCsrf()
@Post("guest")
async guestChat(
@Body() body: ChatStreamDto,
@Req() req: MaybeAuthenticatedRequest,
@Res() res: Response
): Promise<void> {
const abortController = new AbortController();
req.once("close", () => {
abortController.abort();
});
res.setHeader("Content-Type", "text/event-stream");
res.setHeader("Cache-Control", "no-cache");
res.setHeader("Connection", "keep-alive");
res.setHeader("X-Accel-Buffering", "no");
try {
const upstreamResponse = await this.chatProxyService.proxyGuestChat(
body.messages,
abortController.signal
);
const upstreamContentType = upstreamResponse.headers.get("content-type");
if (upstreamContentType) {
res.setHeader("Content-Type", upstreamContentType);
}
if (!upstreamResponse.body) {
throw new Error("LLM response did not include a stream body");
}
for await (const chunk of upstreamResponse.body as unknown as AsyncIterable<Uint8Array>) {
if (res.writableEnded || res.destroyed) {
break;
}
res.write(Buffer.from(chunk));
}
} catch (error: unknown) {
this.logStreamError(error);
if (!res.writableEnded && !res.destroyed) {
res.write("event: error\n");
res.write(`data: ${JSON.stringify({ error: this.toSafeClientMessage(error) })}\n\n`);
}
} finally {
if (!res.writableEnded && !res.destroyed) {
res.end();
}
}
}
// POST /api/chat/stream
// Request: { messages: Array<{role, content}> }
// Response: SSE stream of chat completion events
// Requires authentication - uses user's personal OpenClaw container
@Post("stream")
@UseGuards(AuthGuard)
async streamChat(
@Body() body: ChatStreamDto,
@Req() req: MaybeAuthenticatedRequest,
@@ -81,8 +33,7 @@ export class ChatProxyController {
): Promise<void> {
const userId = req.user?.id;
if (!userId) {
this.logger.warn("streamChat called without user ID after AuthGuard");
throw new HttpException("Authentication required", 401);
throw new UnauthorizedException("No authenticated user found on request");
}
const abortController = new AbortController();
@@ -99,8 +50,7 @@ export class ChatProxyController {
const upstreamResponse = await this.chatProxyService.proxyChat(
userId,
body.messages,
abortController.signal,
body.agent
abortController.signal
);
const upstreamContentType = upstreamResponse.headers.get("content-type");

13
apps/api/src/chat-proxy/chat-proxy.dto.ts
View File

@@ -1,12 +1,5 @@
import { Type } from "class-transformer";
import {
ArrayMinSize,
IsArray,
IsNotEmpty,
IsOptional,
IsString,
ValidateNested,
} from "class-validator";
import { ArrayMinSize, IsArray, IsNotEmpty, IsString, ValidateNested } from "class-validator";
export interface ChatMessage {
role: string;
@@ -29,8 +22,4 @@ export class ChatStreamDto {
@ValidateNested({ each: true })
@Type(() => ChatMessageDto)
messages!: ChatMessageDto[];
@IsString({ message: "agent must be a string" })
@IsOptional()
agent?: string;
}

3
apps/api/src/chat-proxy/chat-proxy.module.ts
View File

@@ -1,5 +1,4 @@
import { Module } from "@nestjs/common";
import { ConfigModule } from "@nestjs/config";
import { AuthModule } from "../auth/auth.module";
import { AgentConfigModule } from "../agent-config/agent-config.module";
import { ContainerLifecycleModule } from "../container-lifecycle/container-lifecycle.module";
@@ -8,7 +7,7 @@ import { ChatProxyController } from "./chat-proxy.controller";
import { ChatProxyService } from "./chat-proxy.service";
@Module({
imports: [AuthModule, PrismaModule, ContainerLifecycleModule, AgentConfigModule, ConfigModule],
imports: [AuthModule, PrismaModule, ContainerLifecycleModule, AgentConfigModule],
controllers: [ChatProxyController],
providers: [ChatProxyService],
exports: [ChatProxyService],

132
apps/api/src/chat-proxy/chat-proxy.service.ts
View File

@@ -2,38 +2,26 @@ import {
BadGatewayException,
Injectable,
Logger,
NotFoundException,
ServiceUnavailableException,
} from "@nestjs/common";
import { ConfigService } from "@nestjs/config";
import { ContainerLifecycleService } from "../container-lifecycle/container-lifecycle.service";
import { PrismaService } from "../prisma/prisma.service";
import type { ChatMessage } from "./chat-proxy.dto";
const DEFAULT_OPENCLAW_MODEL = "openclaw:default";
const DEFAULT_GUEST_LLM_URL = "http://10.1.1.42:11434/v1";
const DEFAULT_GUEST_LLM_MODEL = "llama3.2";
interface ContainerConnection {
url: string;
token: string;
}
interface AgentConfig {
name: string;
displayName: string;
personality: string;
primaryModel: string | null;
}
@Injectable()
export class ChatProxyService {
private readonly logger = new Logger(ChatProxyService.name);
constructor(
private readonly prisma: PrismaService,
private readonly containerLifecycle: ContainerLifecycleService,
private readonly config: ConfigService
private readonly containerLifecycle: ContainerLifecycleService
) {}
// Get the user's OpenClaw container URL and mark it active.
@@ -46,38 +34,21 @@ export class ChatProxyService {
async proxyChat(
userId: string,
messages: ChatMessage[],
signal?: AbortSignal,
agentName?: string
signal?: AbortSignal
): Promise<Response> {
const { url: containerUrl, token: gatewayToken } = await this.getContainerConnection(userId);
// Get agent config if specified
let agentConfig: AgentConfig | null = null;
if (agentName) {
agentConfig = await this.getAgentConfig(userId, agentName);
}
const model = agentConfig?.primaryModel ?? (await this.getPreferredModel(userId));
const requestBody: Record<string, unknown> = {
messages,
model,
stream: true,
};
// Add agent config if available
if (agentConfig) {
requestBody.agent = agentConfig.name;
requestBody.agent_personality = agentConfig.personality;
}
const model = await this.getPreferredModel(userId);
const requestInit: RequestInit = {
method: "POST",
headers: {
"Content-Type": "application/json",
Authorization: `Bearer ${gatewayToken}`,
},
body: JSON.stringify(requestBody),
body: JSON.stringify({
messages,
model,
stream: true,
}),
};
if (signal) {
@@ -108,65 +79,6 @@ export class ChatProxyService {
}
}
/**
* Proxy guest chat request to configured LLM endpoint.
* Uses environment variables for configuration:
* - GUEST_LLM_URL: OpenAI-compatible endpoint URL
* - GUEST_LLM_API_KEY: API key (optional, for cloud providers)
* - GUEST_LLM_MODEL: Model name to use
*/
async proxyGuestChat(messages: ChatMessage[], signal?: AbortSignal): Promise<Response> {
const llmUrl = this.config.get<string>("GUEST_LLM_URL") ?? DEFAULT_GUEST_LLM_URL;
const llmApiKey = this.config.get<string>("GUEST_LLM_API_KEY");
const llmModel = this.config.get<string>("GUEST_LLM_MODEL") ?? DEFAULT_GUEST_LLM_MODEL;
const headers: Record<string, string> = {
"Content-Type": "application/json",
};
if (llmApiKey) {
headers.Authorization = `Bearer ${llmApiKey}`;
}
const requestInit: RequestInit = {
method: "POST",
headers,
body: JSON.stringify({
messages,
model: llmModel,
stream: true,
}),
};
if (signal) {
requestInit.signal = signal;
}
try {
this.logger.debug(`Guest chat proxying to ${llmUrl} with model ${llmModel}`);
const response = await fetch(`${llmUrl}/chat/completions`, requestInit);
if (!response.ok) {
const detail = await this.readResponseText(response);
const status = `${String(response.status)} ${response.statusText}`.trim();
this.logger.warn(
detail ? `Guest LLM returned ${status}: ${detail}` : `Guest LLM returned ${status}`
);
throw new BadGatewayException(`Guest LLM returned ${status}`);
}
return response;
} catch (error: unknown) {
if (error instanceof BadGatewayException) {
throw error;
}
const message = error instanceof Error ? error.message : String(error);
this.logger.warn(`Failed to proxy guest chat request: ${message}`);
throw new ServiceUnavailableException("Failed to proxy guest chat to LLM");
}
}
private async getContainerConnection(userId: string): Promise<ContainerConnection> {
const connection = await this.containerLifecycle.ensureRunning(userId);
await this.containerLifecycle.touch(userId);
@@ -195,32 +107,4 @@ export class ChatProxyService {
return null;
}
}
private async getAgentConfig(userId: string, agentName: string): Promise<AgentConfig> {
const agent = await this.prisma.userAgent.findUnique({
where: { userId_name: { userId, name: agentName } },
select: {
name: true,
displayName: true,
personality: true,
primaryModel: true,
isActive: true,
},
});
if (!agent) {
throw new NotFoundException(`Agent "${agentName}" not found for user`);
}
if (!agent.isActive) {
throw new NotFoundException(`Agent "${agentName}" is not active`);
}
return {
name: agent.name,
displayName: agent.displayName,
personality: agent.personality,
primaryModel: agent.primaryModel,
};
}
}

9
apps/api/src/common/guards/csrf.guard.ts
View File

@@ -111,9 +111,14 @@ export class CsrfGuard implements CanActivate {
throw new ForbiddenException("CSRF token not bound to session");
}
} else {
this.logger.debug({
event: "CSRF_SKIP_SESSION_BINDING",
method: request.method,
path: request.path,
reason: "User context not yet available (global guard runs before AuthGuard)",
});
}
// Note: when userId is absent, the double-submit cookie check above is
// sufficient CSRF protection. AuthGuard populates request.user afterward.
return true;
}

2
apps/api/src/dashboard/dashboard.controller.ts
View File

@@ -3,7 +3,7 @@ import { DashboardService } from "./dashboard.service";
import { AuthGuard } from "../auth/guards/auth.guard";
import { WorkspaceGuard, PermissionGuard } from "../common/guards";
import { Workspace, Permission, RequirePermission } from "../common/decorators";
import { DashboardSummaryDto } from "./dto";
import type { DashboardSummaryDto } from "./dto";
/**
* Controller for dashboard endpoints.

2
apps/api/src/fleet-settings/fleet-settings.controller.ts
View File

@@ -15,7 +15,7 @@ import type { AuthUser } from "@mosaic/shared";
import { CurrentUser } from "../auth/decorators/current-user.decorator";
import { AdminGuard } from "../auth/guards/admin.guard";
import { AuthGuard } from "../auth/guards/auth.guard";
import {
import type {
CreateProviderDto,
ResetPasswordDto,
UpdateAgentConfigDto,

2
apps/api/src/llm-usage/llm-usage.controller.ts
View File

@@ -1,7 +1,7 @@
import { Controller, Get, Param, Query } from "@nestjs/common";
import type { LlmUsageLog } from "@prisma/client";
import { LlmUsageService } from "./llm-usage.service";
import { UsageAnalyticsQueryDto, UsageAnalyticsResponseDto } from "./dto";
import type { UsageAnalyticsQueryDto, UsageAnalyticsResponseDto } from "./dto";
/**
* LLM Usage Controller

9
apps/api/src/main.ts
View File

@@ -1,7 +1,6 @@
import { NestFactory } from "@nestjs/core";
import { RequestMethod, ValidationPipe } from "@nestjs/common";
import cookieParser from "cookie-parser";
import helmet from "helmet";
import { AppModule } from "./app.module";
import { getTrustedOrigins } from "./auth/auth.config";
import { GlobalExceptionFilter } from "./filters/global-exception.filter";
@@ -34,14 +33,6 @@ async function bootstrap() {
// Enable cookie parser for session handling
app.use(cookieParser());
// Enable helmet security headers
app.use(
helmet({
contentSecurityPolicy: false, // Let Next.js handle CSP
crossOriginEmbedderPolicy: false,
})
);
// Enable global validation pipe with transformation
app.useGlobalPipes(
new ValidationPipe({

98
apps/api/src/orchestrator/orchestrator.controller.ts
View File

@@ -1,4 +1,4 @@
import { Controller, Get, Query, Res, UseGuards } from "@nestjs/common";
import { Controller, Get, Res, UseGuards } from "@nestjs/common";
import { AgentStatus } from "@prisma/client";
import type { Response } from "express";
import { AuthGuard } from "../auth/guards/auth.guard";
@@ -6,7 +6,6 @@ import { PrismaService } from "../prisma/prisma.service";
const AGENT_POLL_INTERVAL_MS = 5_000;
const SSE_HEARTBEAT_MS = 15_000;
const DEFAULT_EVENTS_LIMIT = 25;
interface OrchestratorAgentDto {
id: string;
@@ -16,26 +15,6 @@ interface OrchestratorAgentDto {
createdAt: Date;
}
interface OrchestratorEventDto {
type: string;
timestamp: string;
agentId?: string;
taskId?: string;
data?: Record<string, unknown>;
}
interface OrchestratorHealthDto {
status: "healthy" | "degraded" | "unhealthy";
database: "connected" | "disconnected";
agents: {
total: number;
working: number;
idle: number;
errored: number;
};
timestamp: string;
}
@Controller("orchestrator")
@UseGuards(AuthGuard)
export class OrchestratorController {
@@ -46,81 +25,6 @@ export class OrchestratorController {
return this.fetchActiveAgents();
}
@Get("events/recent")
async getRecentEvents(
@Query("limit") limit?: string
): Promise<{ events: OrchestratorEventDto[] }> {
const eventsLimit = limit ? parseInt(limit, 10) : DEFAULT_EVENTS_LIMIT;
const safeLimit = Math.min(Math.max(eventsLimit, 1), 100);
// Fetch recent agent activity to derive events
const agents = await this.prisma.agent.findMany({
where: {
status: {
not: AgentStatus.TERMINATED,
},
},
orderBy: {
createdAt: "desc",
},
take: safeLimit,
});
// Derive events from agent status changes
const events: OrchestratorEventDto[] = agents.map((agent) => ({
type: `agent:${agent.status.toLowerCase()}`,
timestamp: agent.createdAt.toISOString(),
agentId: agent.id,
data: {
name: agent.name,
role: agent.role,
model: agent.model,
},
}));
return { events };
}
@Get("health")
async getHealth(): Promise<OrchestratorHealthDto> {
let databaseConnected = false;
let agents: OrchestratorAgentDto[] = [];
try {
// Check database connectivity
await this.prisma.$queryRaw`SELECT 1`;
databaseConnected = true;
// Get agent counts
agents = await this.fetchActiveAgents();
} catch {
databaseConnected = false;
}
const working = agents.filter((a) => a.status === AgentStatus.WORKING).length;
const idle = agents.filter((a) => a.status === AgentStatus.IDLE).length;
const errored = agents.filter((a) => a.status === AgentStatus.ERROR).length;
let status: OrchestratorHealthDto["status"] = "healthy";
if (!databaseConnected) {
status = "unhealthy";
} else if (errored > 0) {
status = "degraded";
}
return {
status,
database: databaseConnected ? "connected" : "disconnected",
agents: {
total: agents.length,
working,
idle,
errored,
},
timestamp: new Date().toISOString(),
};
}
@Get("events")
async streamEvents(@Res() res: Response): Promise<void> {
res.setHeader("Content-Type", "text/event-stream");

5
apps/api/src/projects/dto/create-project.dto.ts
View File

@@ -8,7 +8,6 @@ import {
MinLength,
MaxLength,
Matches,
IsUUID,
} from "class-validator";
/**
@@ -44,10 +43,6 @@ export class CreateProjectDto {
})
color?: string;
@IsOptional()
@IsUUID("4", { message: "domainId must be a valid UUID" })
domainId?: string;
@IsOptional()
@IsObject({ message: "metadata must be an object" })
metadata?: Record<string, unknown>;

5
apps/api/src/projects/dto/update-project.dto.ts
View File

@@ -8,7 +8,6 @@ import {
MinLength,
MaxLength,
Matches,
IsUUID,
} from "class-validator";
/**
@@ -46,10 +45,6 @@ export class UpdateProjectDto {
})
color?: string | null;
@IsOptional()
@IsUUID("4", { message: "domainId must be a valid UUID" })
domainId?: string | null;
@IsOptional()
@IsObject({ message: "metadata must be an object" })
metadata?: Record<string, unknown>;

15
apps/api/src/projects/projects.service.ts
View File

@@ -47,9 +47,6 @@ export class ProjectsService {
createProjectDto: CreateProjectDto
): Promise<ProjectWithRelations> {
const data: Prisma.ProjectCreateInput = {
...(createProjectDto.domainId
? { domain: { connect: { id: createProjectDto.domainId } } }
: {}),
name: createProjectDto.name,
description: createProjectDto.description ?? null,
color: createProjectDto.color ?? null,
@@ -224,18 +221,6 @@ export class ProjectsService {
if (updateProjectDto.startDate !== undefined) updateData.startDate = updateProjectDto.startDate;
if (updateProjectDto.endDate !== undefined) updateData.endDate = updateProjectDto.endDate;
if (updateProjectDto.color !== undefined) updateData.color = updateProjectDto.color;
if (updateProjectDto.domainId !== undefined)
updateData.domain = updateProjectDto.domainId
? { connect: { id: updateProjectDto.domainId } }
: { disconnect: true };
if (updateProjectDto.domainId !== undefined)
updateData.domain = updateProjectDto.domainId
? {
connect: {
id: updateProjectDto.domainId,
},
}
: { disconnect: true };
if (updateProjectDto.metadata !== undefined) {
updateData.metadata = updateProjectDto.metadata as unknown as Prisma.InputJsonValue;
}

62
apps/api/src/seed/agent-templates.seed.ts
View File

@@ -1,62 +0,0 @@
import type { PrismaClient } from "@prisma/client";
const AGENT_TEMPLATES = [
{
name: "jarvis",
displayName: "Jarvis",
role: "orchestrator",
personality: `# Jarvis - Orchestrator Agent\n\nYou are Jarvis, the orchestrator and COO. You plan, delegate, and coordinate. You never write code directly — you spawn workers. You are direct, capable, and proactive. Your job is to get things done without hand-holding.\n\n## Core Traits\n- Direct and concise\n- Resourceful — figure it out before asking\n- Proactive — find problems to solve\n- Delegator — workers execute, you orchestrate`,
primaryModel: "opus",
fallbackModels: ["sonnet"],
toolPermissions: ["read", "write", "exec", "browser", "web_search", "memory_search"],
discordChannel: "jarvis",
isActive: true,
isDefault: true,
},
{
name: "builder",
displayName: "Builder",
role: "coding",
personality: `# Builder - Coding Agent\n\nYou are Builder, the coding agent. You implement features, fix bugs, and write tests. You work in worktrees, follow the E2E delivery protocol, and never skip quality gates. You are methodical and thorough.\n\n## Core Traits\n- Works in git worktrees (never touches main directly)\n- Runs lint + typecheck + tests before every commit\n- Follows the Mosaic E2E delivery framework\n- Never marks a task done until CI is green`,
primaryModel: "codex",
fallbackModels: ["sonnet", "haiku"],
toolPermissions: ["read", "write", "exec"],
discordChannel: "builder",
isActive: true,
isDefault: true,
},
{
name: "medic",
displayName: "Medic",
role: "monitoring",
personality: `# Medic - Health Monitoring Agent\n\nYou are Medic, the health monitoring agent. You watch services, check deployments, alert on anomalies, and verify system health. You are vigilant, calm, and proactive.\n\n## Core Traits\n- Monitors service health proactively\n- Alerts clearly and concisely\n- Tracks uptime and deployment status\n- Never panics — diagnoses methodically`,
primaryModel: "haiku",
fallbackModels: ["sonnet"],
toolPermissions: ["read", "exec"],
discordChannel: "medic-alerts",
isActive: true,
isDefault: true,
},
];
export async function seedAgentTemplates(prisma: PrismaClient): Promise<void> {
for (const template of AGENT_TEMPLATES) {
await prisma.agentTemplate.upsert({
where: { name: template.name },
update: {},
create: {
name: template.name,
displayName: template.displayName,
role: template.role,
personality: template.personality,
primaryModel: template.primaryModel,
fallbackModels: template.fallbackModels,
toolPermissions: template.toolPermissions,
discordChannel: template.discordChannel,
isActive: template.isActive,
isDefault: template.isDefault,
},
});
}
console.log("✅ Agent templates seeded:", AGENT_TEMPLATES.map((t) => t.name).join(", "));
}

43
apps/api/src/user-agent/dto/create-user-agent.dto.ts
View File

@@ -1,43 +0,0 @@
import { IsString, IsBoolean, IsOptional, IsArray, MinLength } from "class-validator";
export class CreateUserAgentDto {
@IsString()
@MinLength(1)
templateId?: string;
@IsString()
@MinLength(1)
name!: string;
@IsString()
@MinLength(1)
displayName!: string;
@IsString()
@MinLength(1)
role!: string;
@IsString()
@MinLength(1)
personality!: string;
@IsString()
@IsOptional()
primaryModel?: string;
@IsArray()
@IsOptional()
fallbackModels?: string[];
@IsArray()
@IsOptional()
toolPermissions?: string[];
@IsString()
@IsOptional()
discordChannel?: string;
@IsBoolean()
@IsOptional()
isActive?: boolean;
}

4
apps/api/src/user-agent/dto/update-user-agent.dto.ts
View File

@@ -1,4 +0,0 @@
import { PartialType } from "@nestjs/mapped-types";
import { CreateUserAgentDto } from "./create-user-agent.dto";
export class UpdateUserAgentDto extends PartialType(CreateUserAgentDto) {}

70
apps/api/src/user-agent/user-agent.controller.ts
View File

@@ -1,70 +0,0 @@
import {
Controller,
Get,
Post,
Patch,
Delete,
Body,
Param,
UseGuards,
ParseUUIDPipe,
} from "@nestjs/common";
import { UserAgentService } from "./user-agent.service";
import { CreateUserAgentDto } from "./dto/create-user-agent.dto";
import { UpdateUserAgentDto } from "./dto/update-user-agent.dto";
import { AuthGuard } from "../auth/guards/auth.guard";
import { CurrentUser } from "../auth/decorators/current-user.decorator";
import type { AuthUser } from "@mosaic/shared";
@Controller("agents")
@UseGuards(AuthGuard)
export class UserAgentController {
constructor(private readonly userAgentService: UserAgentService) {}
@Get()
findAll(@CurrentUser() user: AuthUser) {
return this.userAgentService.findAll(user.id);
}
@Get("status")
getAllStatuses(@CurrentUser() user: AuthUser) {
return this.userAgentService.getAllStatuses(user.id);
}
@Get(":id")
findOne(@CurrentUser() user: AuthUser, @Param("id", ParseUUIDPipe) id: string) {
return this.userAgentService.findOne(user.id, id);
}
@Get(":id/status")
getStatus(@CurrentUser() user: AuthUser, @Param("id", ParseUUIDPipe) id: string) {
return this.userAgentService.getStatus(user.id, id);
}
@Post()
create(@CurrentUser() user: AuthUser, @Body() dto: CreateUserAgentDto) {
return this.userAgentService.create(user.id, dto);
}
@Post("from-template/:templateId")
createFromTemplate(
@CurrentUser() user: AuthUser,
@Param("templateId", ParseUUIDPipe) templateId: string
) {
return this.userAgentService.createFromTemplate(user.id, templateId);
}
@Patch(":id")
update(
@CurrentUser() user: AuthUser,
@Param("id", ParseUUIDPipe) id: string,
@Body() dto: UpdateUserAgentDto
) {
return this.userAgentService.update(user.id, id, dto);
}
@Delete(":id")
remove(@CurrentUser() user: AuthUser, @Param("id", ParseUUIDPipe) id: string) {
return this.userAgentService.remove(user.id, id);
}
}

12
apps/api/src/user-agent/user-agent.module.ts
View File

@@ -1,12 +0,0 @@
import { Module } from "@nestjs/common";
import { UserAgentService } from "./user-agent.service";
import { UserAgentController } from "./user-agent.controller";
import { PrismaModule } from "../prisma/prisma.module";
@Module({
imports: [PrismaModule],
controllers: [UserAgentController],
providers: [UserAgentService],
exports: [UserAgentService],
})
export class UserAgentModule {}

153
apps/api/src/user-agent/user-agent.service.ts
View File

@@ -1,153 +0,0 @@
import {
Injectable,
NotFoundException,
ConflictException,
ForbiddenException,
} from "@nestjs/common";
import { PrismaService } from "../prisma/prisma.service";
import { CreateUserAgentDto } from "./dto/create-user-agent.dto";
import { UpdateUserAgentDto } from "./dto/update-user-agent.dto";
export interface AgentStatusResponse {
id: string;
name: string;
displayName: string;
role: string;
isActive: boolean;
containerStatus?: "running" | "stopped" | "unknown";
}
@Injectable()
export class UserAgentService {
constructor(private readonly prisma: PrismaService) {}
async findAll(userId: string) {
return this.prisma.userAgent.findMany({
where: { userId },
orderBy: { createdAt: "asc" },
});
}
async findOne(userId: string, id: string) {
const agent = await this.prisma.userAgent.findUnique({ where: { id } });
if (!agent) throw new NotFoundException(`UserAgent ${id} not found`);
if (agent.userId !== userId) throw new ForbiddenException("Access denied to this agent");
return agent;
}
async findByName(userId: string, name: string) {
const agent = await this.prisma.userAgent.findUnique({
where: { userId_name: { userId, name } },
});
if (!agent) throw new NotFoundException(`UserAgent "${name}" not found for user`);
return agent;
}
async create(userId: string, dto: CreateUserAgentDto) {
// Check for unique name within user scope
const existing = await this.prisma.userAgent.findUnique({
where: { userId_name: { userId, name: dto.name } },
});
if (existing)
throw new ConflictException(`UserAgent "${dto.name}" already exists for this user`);
// If templateId provided, verify it exists
if (dto.templateId) {
const template = await this.prisma.agentTemplate.findUnique({
where: { id: dto.templateId },
});
if (!template) throw new NotFoundException(`AgentTemplate ${dto.templateId} not found`);
}
return this.prisma.userAgent.create({
data: {
userId,
templateId: dto.templateId ?? null,
name: dto.name,
displayName: dto.displayName,
role: dto.role,
personality: dto.personality,
primaryModel: dto.primaryModel ?? null,
fallbackModels: dto.fallbackModels ?? ([] as string[]),
toolPermissions: dto.toolPermissions ?? ([] as string[]),
discordChannel: dto.discordChannel ?? null,
isActive: dto.isActive ?? true,
},
});
}
async createFromTemplate(userId: string, templateId: string) {
const template = await this.prisma.agentTemplate.findUnique({
where: { id: templateId },
});
if (!template) throw new NotFoundException(`AgentTemplate ${templateId} not found`);
// Check for unique name within user scope
const existing = await this.prisma.userAgent.findUnique({
where: { userId_name: { userId, name: template.name } },
});
if (existing)
throw new ConflictException(`UserAgent "${template.name}" already exists for this user`);
return this.prisma.userAgent.create({
data: {
userId,
templateId: template.id,
name: template.name,
displayName: template.displayName,
role: template.role,
personality: template.personality,
primaryModel: template.primaryModel,
fallbackModels: template.fallbackModels as string[],
toolPermissions: template.toolPermissions as string[],
discordChannel: template.discordChannel,
isActive: template.isActive,
},
});
}
async update(userId: string, id: string, dto: UpdateUserAgentDto) {
const agent = await this.findOne(userId, id);
// If name is being changed, check for uniqueness
if (dto.name && dto.name !== agent.name) {
const existing = await this.prisma.userAgent.findUnique({
where: { userId_name: { userId, name: dto.name } },
});
if (existing)
throw new ConflictException(`UserAgent "${dto.name}" already exists for this user`);
}
return this.prisma.userAgent.update({
where: { id },
data: dto,
});
}
async remove(userId: string, id: string) {
await this.findOne(userId, id);
return this.prisma.userAgent.delete({ where: { id } });
}
async getStatus(userId: string, id: string): Promise<AgentStatusResponse> {
const agent = await this.findOne(userId, id);
return {
id: agent.id,
name: agent.name,
displayName: agent.displayName,
role: agent.role,
isActive: agent.isActive,
};
}
async getAllStatuses(userId: string): Promise<AgentStatusResponse[]> {
const agents = await this.findAll(userId);
return agents.map((agent) => ({
id: agent.id,
name: agent.name,
displayName: agent.displayName,
role: agent.role,
isActive: agent.isActive,
}));
}
}

2
apps/api/src/widgets/widgets.controller.ts
View File

@@ -4,7 +4,7 @@ import { WidgetsService } from "./widgets.service";
import { WidgetDataService } from "./widget-data.service";
import { AuthGuard } from "../auth/guards/auth.guard";
import { WorkspaceGuard } from "../common/guards/workspace.guard";
import { StatCardQueryDto, ChartQueryDto, ListQueryDto, CalendarPreviewQueryDto } from "./dto";
import type { StatCardQueryDto, ChartQueryDto, ListQueryDto, CalendarPreviewQueryDto } from "./dto";
import type { RequestWithWorkspace } from "../common/types/user.types";
/**

21
apps/api/src/workspaces/workspaces.controller.ts
View File

@@ -6,7 +6,7 @@ import { WorkspaceGuard, PermissionGuard } from "../common/guards";
import { Permission, RequirePermission } from "../common/decorators";
import type { WorkspaceMember } from "@prisma/client";
import type { AuthenticatedUser } from "../common/types/user.types";
import { AddMemberDto, UpdateMemberRoleDto, WorkspaceResponseDto } from "./dto";
import type { AddMemberDto, UpdateMemberRoleDto, WorkspaceResponseDto } from "./dto";
/**
* User-scoped workspace operations.
@@ -29,25 +29,6 @@ export class WorkspacesController {
return this.workspacesService.getUserWorkspaces(user.id);
}
/**
* GET /api/workspaces/:workspaceId/stats
* Returns member, project, and domain counts for a workspace.
*/
@Get(":workspaceId/stats")
async getStats(@Param("workspaceId") workspaceId: string) {
return this.workspacesService.getStats(workspaceId);
}
/**
* GET /api/workspaces/:workspaceId/members
* Returns the list of members for a workspace.
*/
@Get(":workspaceId/members")
@UseGuards(WorkspaceGuard)
async getMembers(@Param("workspaceId") workspaceId: string) {
return this.workspacesService.getMembers(workspaceId);
}
/**
* POST /api/workspaces/:workspaceId/members
* Add a member to a workspace with the specified role.

23
apps/api/src/workspaces/workspaces.service.ts
View File

@@ -321,18 +321,6 @@ export class WorkspacesService {
});
}
/**
* Get members of a workspace.
*/
async getMembers(workspaceId: string) {
return this.prisma.workspaceMember.findMany({
where: { workspaceId },
include: {
user: { select: { id: true, name: true, email: true, createdAt: true } },
},
orderBy: { joinedAt: "asc" },
});
}
private assertCanAssignRole(
actorRole: WorkspaceMemberRole,
requestedRole: WorkspaceMemberRole
@@ -354,15 +342,4 @@ export class WorkspacesService {
private isUniqueConstraintError(error: unknown): error is Prisma.PrismaClientKnownRequestError {
return error instanceof Prisma.PrismaClientKnownRequestError && error.code === "P2002";
}
async getStats(
workspaceId: string
): Promise<{ memberCount: number; projectCount: number; domainCount: number }> {
const [memberCount, projectCount, domainCount] = await Promise.all([
this.prisma.workspaceMember.count({ where: { workspaceId } }),
this.prisma.project.count({ where: { workspaceId } }),
this.prisma.domain.count({ where: { workspaceId } }),
]);
return { memberCount, projectCount, domainCount };
}
}

16
apps/coordinator/tests/test_coordinator.py
View File

@@ -601,21 +601,9 @@ class TestCoordinatorIntegration:
coordinator = Coordinator(queue_manager=queue_manager, poll_interval=0.02)
task = asyncio.create_task(coordinator.start())
# Poll for completion with timeout instead of fixed sleep
deadline = asyncio.get_event_loop().time() + 5.0 # 5 second timeout
while asyncio.get_event_loop().time() < deadline:
all_completed = True
for i in range(157, 162):
item = queue_manager.get_item(i)
if item is None or item.status != QueueItemStatus.COMPLETED:
all_completed = False
break
if all_completed:
break
await asyncio.sleep(0.05)
await asyncio.sleep(0.5) # Allow time for processing
await coordinator.stop()
task.cancel()
try:
await task

14
apps/orchestrator/Dockerfile
View File

@@ -1,6 +1,6 @@
# Base image for all stages
# Uses Debian slim (glibc) instead of Alpine (musl) for native addon compatibility.
FROM git.mosaicstack.dev/mosaic/node-base:24-slim AS base
FROM node:24-slim AS base
# Install pnpm globally
RUN corepack enable && corepack prepare pnpm@10.27.0 --activate
@@ -22,9 +22,6 @@ COPY packages/shared/package.json ./packages/shared/
COPY packages/config/package.json ./packages/config/
COPY apps/orchestrator/package.json ./apps/orchestrator/
# Copy npm configuration for native binary architecture hints
COPY .npmrc ./
# Install ALL dependencies (not just production)
# No cache mount — Kaniko builds are ephemeral in CI
RUN pnpm install --frozen-lockfile
@@ -57,7 +54,7 @@ RUN find ./apps/orchestrator/dist \( -name '*.spec.js' -o -name '*.spec.js.map'
# ======================
# Production stage
# ======================
FROM git.mosaicstack.dev/mosaic/node-base:24-slim AS production
FROM node:24-slim AS production
# Add metadata labels
LABEL maintainer="mosaic-team@mosaicstack.dev"
@@ -68,12 +65,13 @@ LABEL org.opencontainers.image.vendor="Mosaic Stack"
LABEL org.opencontainers.image.title="Mosaic Orchestrator"
LABEL org.opencontainers.image.description="Agent orchestration service for Mosaic Stack"
# dumb-init, ca-certificates pre-installed in base image
# Install dumb-init for proper signal handling (static binary from GitHub,
# avoids apt-get which fails under Kaniko with bookworm GPG signature errors)
ADD https://github.com/Yelp/dumb-init/releases/download/v1.2.5/dumb-init_1.2.5_x86_64 /usr/local/bin/dumb-init
# Single RUN to minimize Kaniko filesystem snapshots (each RUN = full snapshot)
# - Remove npm/npx to reduce image size (not used in production)
# - Create non-root user
RUN rm -rf /usr/local/lib/node_modules/npm /usr/local/bin/npm /usr/local/bin/npx \
&& chmod 755 /usr/local/bin/dumb-init \
&& groupadd -g 1001 nodejs && useradd -m -u 1001 -g nodejs nestjs
WORKDIR /app

17
apps/web/Dockerfile
View File

@@ -1,7 +1,7 @@
# Base image for all stages
# Uses Debian slim (glibc) for consistency with API/orchestrator and to prevent
# future native addon compatibility issues with Alpine's musl libc.
FROM git.mosaicstack.dev/mosaic/node-base:24-slim AS base
FROM node:24-slim AS base
# Install pnpm globally
RUN corepack enable && corepack prepare pnpm@10.27.0 --activate
@@ -24,9 +24,6 @@ COPY packages/ui/package.json ./packages/ui/
COPY packages/config/package.json ./packages/config/
COPY apps/web/package.json ./apps/web/
# Copy npm configuration for native binary architecture hints
COPY .npmrc ./
# Install dependencies (no cache mount — Kaniko builds are ephemeral in CI)
RUN pnpm install --frozen-lockfile
@@ -41,9 +38,6 @@ COPY packages/ui/package.json ./packages/ui/
COPY packages/config/package.json ./packages/config/
COPY apps/web/package.json ./apps/web/
# Copy npm configuration for native binary architecture hints
COPY .npmrc ./
# Install production dependencies only
RUN pnpm install --frozen-lockfile --prod
@@ -93,14 +87,15 @@ RUN mkdir -p ./apps/web/public
# ======================
# Production stage
# ======================
FROM git.mosaicstack.dev/mosaic/node-base:24-slim AS production
FROM node:24-slim AS production
# dumb-init, ca-certificates pre-installed in base image
# Install dumb-init for proper signal handling (static binary from GitHub,
# avoids apt-get which fails under Kaniko with bookworm GPG signature errors)
ADD https://github.com/Yelp/dumb-init/releases/download/v1.2.5/dumb-init_1.2.5_x86_64 /usr/local/bin/dumb-init
# Single RUN to minimize Kaniko filesystem snapshots (each RUN = full snapshot)
# - Remove npm/npx to reduce image size (not used in production)
# - Create non-root user
RUN rm -rf /usr/local/lib/node_modules/npm /usr/local/bin/npm /usr/local/bin/npx \
&& chmod 755 /usr/local/bin/dumb-init \
&& groupadd -g 1001 nodejs && useradd -m -u 1001 -g nodejs nextjs
WORKDIR /app

234
apps/web/src/app/(authenticated)/files/page.tsx
View File

@@ -13,7 +13,7 @@ import {
ChevronUp,
ChevronDown,
} from "lucide-react";
import type { KnowledgeEntryWithTags, KnowledgeTag } from "@mosaic/shared";
import type { KnowledgeEntryWithTags } from "@mosaic/shared";
import { EntryStatus, Visibility } from "@mosaic/shared";
import { MosaicSpinner } from "@/components/ui/MosaicSpinner";
@@ -25,7 +25,7 @@ import {
DialogDescription,
DialogFooter,
} from "@/components/ui/dialog";
import { fetchEntries, createEntry, deleteEntry, fetchTags } from "@/lib/api/knowledge";
import { fetchEntries, createEntry, deleteEntry } from "@/lib/api/knowledge";
import type { EntriesResponse, CreateEntryData, EntryFilters } from "@/lib/api/knowledge";
/* ---------------------------------------------------------------------------
@@ -421,26 +421,6 @@ function CreateEntryDialog({
const [visibility, setVisibility] = useState<Visibility>(Visibility.PRIVATE);
const [formError, setFormError] = useState<string | null>(null);
// Tag state
const [selectedTags, setSelectedTags] = useState<string[]>([]);
const [tagInput, setTagInput] = useState("");
const [availableTags, setAvailableTags] = useState<KnowledgeTag[]>([]);
const [showSuggestions, setShowSuggestions] = useState(false);
const tagInputRef = useRef<HTMLInputElement>(null);
// Load available tags when dialog opens
useEffect(() => {
if (open) {
fetchTags()
.then((tags) => {
setAvailableTags(tags);
})
.catch((err: unknown) => {
console.error("Failed to load tags:", err);
});
}
}, [open]);
function resetForm(): void {
setTitle("");
setContent("");
@@ -448,9 +428,6 @@ function CreateEntryDialog({
setStatus(EntryStatus.DRAFT);
setVisibility(Visibility.PRIVATE);
setFormError(null);
setSelectedTags([]);
setTagInput("");
setShowSuggestions(false);
}
async function handleSubmit(e: SyntheticEvent): Promise<void> {
@@ -475,7 +452,6 @@ function CreateEntryDialog({
content: trimmedContent,
status,
visibility,
tags: selectedTags,
};
const trimmedSummary = summary.trim();
if (trimmedSummary) {
@@ -634,212 +610,6 @@ function CreateEntryDialog({
/>
</div>
{/* Tags */}
<div style={{ marginBottom: 16 }}>
<label
htmlFor="entry-tags"
style={{
display: "block",
marginBottom: 6,
fontSize: "0.85rem",
fontWeight: 500,
color: "var(--text-2)",
}}
>
Tags
</label>
<div
style={{
width: "100%",
minHeight: 38,
padding: "6px 8px",
background: "var(--bg)",
border: "1px solid var(--border)",
borderRadius: "var(--r)",
boxSizing: "border-box",
display: "flex",
flexWrap: "wrap",
gap: 4,
alignItems: "center",
position: "relative",
}}
>
{/* Selected tag chips */}
{selectedTags.map((tag) => (
<span
key={tag}
style={{
display: "inline-flex",
alignItems: "center",
gap: 4,
padding: "2px 8px",
background: "var(--surface-2)",
border: "1px solid var(--border)",
borderRadius: "var(--r-sm)",
fontSize: "0.75rem",
color: "var(--text)",
}}
>
{tag}
<button
type="button"
onClick={() => {
setSelectedTags((prev) => prev.filter((t) => t !== tag));
}}
style={{
background: "transparent",
border: "none",
padding: 0,
cursor: "pointer",
color: "var(--muted)",
display: "flex",
alignItems: "center",
lineHeight: 1,
}}
>
×
</button>
</span>
))}
{/* Tag text input */}
<input
ref={tagInputRef}
id="entry-tags"
type="text"
value={tagInput}
onChange={(e) => {
setTagInput(e.target.value);
setShowSuggestions(e.target.value.length > 0);
}}
onKeyDown={(e) => {
if (e.key === "Enter" || e.key === ",") {
e.preventDefault();
const trimmed = tagInput.trim();
if (trimmed && !selectedTags.includes(trimmed)) {
setSelectedTags((prev) => [...prev, trimmed]);
setTagInput("");
}
}
if (e.key === "Backspace" && tagInput === "" && selectedTags.length > 0) {
setSelectedTags((prev) => prev.slice(0, -1));
}
}}
onBlur={() => {
// Delay to allow click on suggestion
setTimeout(() => {
setShowSuggestions(false);
}, 150);
}}
onFocus={() => {
if (tagInput.length > 0) setShowSuggestions(true);
}}
placeholder={selectedTags.length === 0 ? "Add tags..." : ""}
style={{
flex: 1,
minWidth: 80,
border: "none",
background: "transparent",
color: "var(--text)",
fontSize: "0.85rem",
outline: "none",
padding: "2px 0",
}}
/>
{/* Autocomplete suggestions */}
{showSuggestions && (
<div
style={{
position: "absolute",
top: "100%",
left: 0,
right: 0,
marginTop: 4,
background: "var(--surface)",
border: "1px solid var(--border)",
borderRadius: "var(--r)",
boxShadow: "0 4px 12px rgba(0,0,0,0.15)",
maxHeight: 150,
overflowY: "auto",
zIndex: 10,
}}
>
{availableTags
.filter(
(t) =>
t.name.toLowerCase().includes(tagInput.toLowerCase()) &&
!selectedTags.includes(t.name)
)
.slice(0, 5)
.map((tag) => (
<button
key={tag.id}
type="button"
onClick={() => {
if (!selectedTags.includes(tag.name)) {
setSelectedTags((prev) => [...prev, tag.name]);
}
setTagInput("");
setShowSuggestions(false);
tagInputRef.current?.focus();
}}
style={{
width: "100%",
padding: "8px 12px",
background: "transparent",
border: "none",
textAlign: "left",
cursor: "pointer",
color: "var(--text)",
fontSize: "0.85rem",
}}
onMouseEnter={(e) => {
e.currentTarget.style.background = "var(--surface-2)";
}}
onMouseLeave={(e) => {
e.currentTarget.style.background = "transparent";
}}
>
{tag.name}
</button>
))}
{availableTags.filter(
(t) =>
t.name.toLowerCase().includes(tagInput.toLowerCase()) &&
!selectedTags.includes(t.name)
).length === 0 &&
tagInput.trim() &&
!selectedTags.includes(tagInput.trim()) && (
<button
type="button"
onClick={() => {
const trimmed = tagInput.trim();
if (trimmed && !selectedTags.includes(trimmed)) {
setSelectedTags((prev) => [...prev, trimmed]);
}
setTagInput("");
setShowSuggestions(false);
tagInputRef.current?.focus();
}}
style={{
width: "100%",
padding: "8px 12px",
background: "transparent",
border: "none",
textAlign: "left",
cursor: "pointer",
color: "var(--muted)",
fontSize: "0.85rem",
fontStyle: "italic",
}}
>
Create "{tagInput.trim()}"
</button>
)}
</div>
)}
</div>
</div>
{/* Status + Visibility row */}
<div style={{ display: "flex", gap: 16, marginBottom: 16 }}>
<div style={{ flex: 1 }}>

188
apps/web/src/app/(authenticated)/kanban/page.test.tsx
View File

@@ -1,188 +0,0 @@
import { describe, it, expect, vi, beforeEach } from "vitest";
import { render, screen, waitFor } from "@testing-library/react";
import userEvent from "@testing-library/user-event";
import type { Task } from "@mosaic/shared";
import { TaskPriority, TaskStatus } from "@mosaic/shared";
import KanbanPage from "./page";
const mockReplace = vi.fn();
let mockSearchParams = new URLSearchParams();
vi.mock("next/navigation", () => ({
useRouter: (): { replace: typeof mockReplace } => ({ replace: mockReplace }),
useSearchParams: (): URLSearchParams => mockSearchParams,
}));
vi.mock("@hello-pangea/dnd", () => ({
DragDropContext: ({ children }: { children: React.ReactNode }): React.JSX.Element => (
<div data-testid="mock-dnd-context">{children}</div>
),
Droppable: ({
children,
droppableId,
}: {
children: (provided: {
innerRef: (el: HTMLElement | null) => void;
droppableProps: Record<string, never>;
placeholder: React.ReactNode;
}) => React.ReactNode;
droppableId: string;
}): React.JSX.Element => (
<div data-testid={`mock-droppable-${droppableId}`}>
{children({
innerRef: () => {
/* noop */
},
droppableProps: {},
placeholder: null,
})}
</div>
),
Draggable: ({
children,
draggableId,
}: {
children: (
provided: {
innerRef: (el: HTMLElement | null) => void;
draggableProps: { style: Record<string, string> };
dragHandleProps: Record<string, string>;
},
snapshot: { isDragging: boolean }
) => React.ReactNode;
draggableId: string;
index: number;
}): React.JSX.Element => (
<div data-testid={`mock-draggable-${draggableId}`}>
{children(
{
innerRef: () => {
/* noop */
},
draggableProps: { style: {} },
dragHandleProps: {},
},
{ isDragging: false }
)}
</div>
),
}));
vi.mock("@/components/ui/MosaicSpinner", () => ({
MosaicSpinner: ({ label }: { label?: string }): React.JSX.Element => (
<div data-testid="mosaic-spinner">{label ?? "Loading..."}</div>
),
}));
const mockUseWorkspaceId = vi.fn<() => string | null>();
vi.mock("@/lib/hooks", () => ({
useWorkspaceId: (): string | null => mockUseWorkspaceId(),
}));
const mockFetchTasks = vi.fn<() => Promise<Task[]>>();
const mockUpdateTask = vi.fn<() => Promise<unknown>>();
const mockCreateTask = vi.fn<() => Promise<Task>>();
vi.mock("@/lib/api/tasks", () => ({
fetchTasks: (...args: unknown[]): Promise<Task[]> => mockFetchTasks(...(args as [])),
updateTask: (...args: unknown[]): Promise<unknown> => mockUpdateTask(...(args as [])),
createTask: (...args: unknown[]): Promise<Task> => mockCreateTask(...(args as [])),
}));
const mockFetchProjects = vi.fn<() => Promise<unknown[]>>();
vi.mock("@/lib/api/projects", () => ({
fetchProjects: (...args: unknown[]): Promise<unknown[]> => mockFetchProjects(...(args as [])),
}));
const createdTask: Task = {
id: "task-new-1",
title: "Ship Kanban add task flow",
description: null,
status: TaskStatus.NOT_STARTED,
priority: TaskPriority.MEDIUM,
dueDate: null,
creatorId: "user-1",
assigneeId: null,
workspaceId: "ws-1",
projectId: "project-42",
parentId: null,
sortOrder: 0,
metadata: {},
completedAt: null,
createdAt: new Date("2026-03-01"),
updatedAt: new Date("2026-03-01"),
};
describe("KanbanPage add task flow", (): void => {
beforeEach((): void => {
vi.clearAllMocks();
mockSearchParams = new URLSearchParams("project=project-42");
mockUseWorkspaceId.mockReturnValue("ws-1");
mockFetchTasks.mockResolvedValue([]);
mockFetchProjects.mockResolvedValue([]);
mockCreateTask.mockResolvedValue(createdTask);
});
it("opens add-task form in a column and creates a task via API", async (): Promise<void> => {
const user = userEvent.setup();
render(<KanbanPage />);
await waitFor((): void => {
expect(screen.getByText("Kanban Board")).toBeInTheDocument();
});
// Click the "+ Add task" button in the To Do column
const addTaskButtons = screen.getAllByRole("button", { name: /\+ Add task/i });
// eslint-disable-next-line @typescript-eslint/no-non-null-assertion
await user.click(addTaskButtons[0]!); // First column is "To Do"
// Type in the title input
const titleInput = screen.getByPlaceholderText("Task title...");
await user.type(titleInput, createdTask.title);
// Click the Add button
await user.click(screen.getByRole("button", { name: /✓ Add/i }));
await waitFor((): void => {
expect(mockCreateTask).toHaveBeenCalledWith(
expect.objectContaining({
title: createdTask.title,
status: TaskStatus.NOT_STARTED,
projectId: "project-42",
}),
"ws-1"
);
});
});
it("cancels add-task form when pressing Escape", async (): Promise<void> => {
const user = userEvent.setup();
render(<KanbanPage />);
await waitFor((): void => {
expect(screen.getByText("Kanban Board")).toBeInTheDocument();
});
// Click the "+ Add task" button
const addTaskButtons = screen.getAllByRole("button", { name: /\+ Add task/i });
// eslint-disable-next-line @typescript-eslint/no-non-null-assertion
await user.click(addTaskButtons[0]!);
// Type in the title input
const titleInput = screen.getByPlaceholderText("Task title...");
await user.type(titleInput, "Test task");
// Press Escape to cancel
await user.keyboard("{Escape}");
// Form should be closed, back to "+ Add task" button
await waitFor((): void => {
const buttons = screen.getAllByRole("button", { name: /\+ Add task/i });
expect(buttons.length).toBe(5); // One per column
});
// Should not have called createTask
expect(mockCreateTask).not.toHaveBeenCalled();
});
});

217
apps/web/src/app/(authenticated)/kanban/page.tsx
View File

@@ -1,6 +1,6 @@
"use client";
import { useState, useEffect, useCallback, useMemo, useRef } from "react";
import { useState, useEffect, useCallback, useMemo } from "react";
import type { ReactElement } from "react";
import { useSearchParams, useRouter } from "next/navigation";
import { DragDropContext, Droppable, Draggable } from "@hello-pangea/dnd";
@@ -12,7 +12,7 @@ import type {
} from "@hello-pangea/dnd";
import { MosaicSpinner } from "@/components/ui/MosaicSpinner";
import { fetchTasks, updateTask, createTask, type TaskFilters } from "@/lib/api/tasks";
import { fetchTasks, updateTask, type TaskFilters } from "@/lib/api/tasks";
import { fetchProjects, type Project } from "@/lib/api/projects";
import { useWorkspaceId } from "@/lib/hooks";
import type { Task } from "@mosaic/shared";
@@ -184,48 +184,9 @@ function TaskCard({ task, provided, snapshot, columnAccent }: TaskCardProps): Re
interface KanbanColumnProps {
config: ColumnConfig;
tasks: Task[];
onAddTask: (status: TaskStatus, title: string, projectId?: string) => Promise<void>;
projectId?: string;
}
function KanbanColumn({ config, tasks, onAddTask, projectId }: KanbanColumnProps): ReactElement {
const [showAddForm, setShowAddForm] = useState(false);
const [inputValue, setInputValue] = useState("");
const [isSubmitting, setIsSubmitting] = useState(false);
const inputRef = useRef<HTMLInputElement>(null);
// Focus input when form is shown
useEffect(() => {
if (showAddForm && inputRef.current) {
inputRef.current.focus();
}
}, [showAddForm]);
const handleSubmit = async (e: React.SyntheticEvent): Promise<void> => {
e.preventDefault();
if (!inputValue.trim() || isSubmitting) {
return;
}
setIsSubmitting(true);
try {
await onAddTask(config.status, inputValue.trim(), projectId);
setInputValue("");
setShowAddForm(false);
} catch (err) {
console.error("[KanbanColumn] Failed to add task:", err);
} finally {
setIsSubmitting(false);
}
};
const handleKeyDown = (e: React.KeyboardEvent<HTMLInputElement>): void => {
if (e.key === "Escape") {
setShowAddForm(false);
setInputValue("");
}
};
function KanbanColumn({ config, tasks }: KanbanColumnProps): ReactElement {
return (
<div
style={{
@@ -307,128 +268,6 @@ function KanbanColumn({ config, tasks, onAddTask, projectId }: KanbanColumnProps
</div>
)}
</Droppable>
{/* Add Task Form */}
{!showAddForm ? (
<button
type="button"
onClick={() => {
setShowAddForm(true);
}}
style={{
padding: "10px 16px",
border: "none",
background: "transparent",
color: "var(--muted)",
fontSize: "0.8rem",
cursor: "pointer",
textAlign: "left",
transition: "color 0.15s",
width: "100%",
}}
onMouseEnter={(e) => {
e.currentTarget.style.color = "var(--text)";
}}
onMouseLeave={(e) => {
e.currentTarget.style.color = "var(--muted)";
}}
>
+ Add task
</button>
) : (
<form
onSubmit={handleSubmit}
style={{ padding: "8px 12px 12px", borderTop: "1px solid var(--border)" }}
>
<input
ref={inputRef}
type="text"
value={inputValue}
onChange={(e) => {
setInputValue(e.target.value);
}}
onKeyDown={handleKeyDown}
placeholder="Task title..."
disabled={isSubmitting}
style={{
width: "100%",
padding: "8px 10px",
borderRadius: "var(--r)",
border: `1px solid ${inputValue ? "var(--primary)" : "var(--border)"}`,
background: "var(--surface)",
color: "var(--text)",
fontSize: "0.85rem",
outline: "none",
opacity: isSubmitting ? 0.6 : 1,
}}
autoFocus
/>
<div style={{ display: "flex", gap: 6, marginTop: 6 }}>
<button
type="submit"
disabled={isSubmitting || !inputValue.trim()}
style={{
padding: "6px 12px",
borderRadius: "var(--r)",
border: "1px solid var(--primary)",
background: "var(--primary)",
color: "#fff",
fontSize: "0.8rem",
fontWeight: 500,
cursor: isSubmitting || !inputValue.trim() ? "not-allowed" : "pointer",
opacity: isSubmitting || !inputValue.trim() ? 0.5 : 1,
}}
>
Add
</button>
<button
type="button"
onClick={() => {
setShowAddForm(false);
setInputValue("");
}}
disabled={isSubmitting}
style={{
padding: "6px 12px",
borderRadius: "var(--r)",
border: "1px solid var(--border)",
background: "transparent",
color: "var(--muted)",
fontSize: "0.8rem",
cursor: isSubmitting ? "not-allowed" : "pointer",
opacity: isSubmitting ? 0.5 : 1,
}}
>
Cancel
</button>
</div>
<div style={{ marginTop: 6, fontSize: "0.75rem", color: "var(--muted)" }}>
Press{" "}
<kbd
style={{
padding: "2px 4px",
background: "var(--bg-mid)",
borderRadius: "2px",
fontFamily: "var(--mono)",
}}
>
Enter
</kbd>{" "}
to save,{" "}
<kbd
style={{
padding: "2px 4px",
background: "var(--bg-mid)",
borderRadius: "2px",
fontFamily: "var(--mono)",
}}
>
Escape
</kbd>{" "}
to cancel
</div>
</form>
)}
</div>
);
}
@@ -782,31 +621,6 @@ export default function KanbanPage(): ReactElement {
void loadTasks(workspaceId);
}
/* --- add task handler --- */
const handleAddTask = useCallback(
async (status: TaskStatus, title: string, projectId?: string) => {
try {
const wsId = workspaceId ?? undefined;
const taskData: { title: string; status: TaskStatus; projectId?: string } = {
title,
status,
};
if (projectId) {
taskData.projectId = projectId;
}
const newTask = await createTask(taskData, wsId);
// Optimistically add to local state
setTasks((prev) => [...prev, newTask]);
} catch (err: unknown) {
console.error("[Kanban] Failed to create task:", err);
// Re-fetch on error to get consistent state
void loadTasks(workspaceId);
}
},
[workspaceId, loadTasks]
);
/* --- render --- */
return (
@@ -913,8 +727,23 @@ export default function KanbanPage(): ReactElement {
Clear filters
</button>
</div>
) : tasks.length === 0 ? (
/* Empty state */
<div
style={{
background: "var(--surface)",
border: "1px solid var(--border)",
borderRadius: "var(--r-lg)",
padding: 48,
textAlign: "center",
}}
>
<p style={{ color: "var(--muted)", margin: 0, fontSize: "0.9rem" }}>
No tasks yet. Create some tasks to see them here.
</p>
</div>
) : (
/* Board (always render columns to allow adding first task) */
/* Board */
<DragDropContext onDragEnd={handleDragEnd}>
<div
style={{
@@ -926,13 +755,7 @@ export default function KanbanPage(): ReactElement {
}}
>
{COLUMNS.map((col) => (
<KanbanColumn
key={col.status}
config={col}
tasks={grouped[col.status]}
onAddTask={handleAddTask}
projectId={filterProject}
/>
<KanbanColumn key={col.status} config={col} tasks={grouped[col.status]} />
))}
</div>
</DragDropContext>

607
apps/web/src/app/(authenticated)/logs/page.tsx
View File

@@ -4,39 +4,21 @@ import { useState, useEffect, useCallback, useRef } from "react";
import type { ReactElement } from "react";
import { MosaicSpinner } from "@/components/ui/MosaicSpinner";
import {
fetchActivityLogs,
ActivityAction,
EntityType,
type ActivityLog,
type ActivityLogFilters,
} from "@/lib/api/activity";
import { fetchRunnerJobs, fetchJobSteps, RunnerJobStatus } from "@/lib/api/runner-jobs";
import type { RunnerJob, JobStep } from "@/lib/api/runner-jobs";
import { useWorkspaceId } from "@/lib/hooks";
// ─── Constants ────────────────────────────────────────────────────────
type ActionFilter = "all" | ActivityAction;
type EntityFilter = "all" | EntityType;
type StatusFilter = "all" | "running" | "completed" | "failed" | "queued";
type DateRange = "24h" | "7d" | "30d" | "all";
const ACTION_OPTIONS: { value: ActionFilter; label: string }[] = [
{ value: "all", label: "All actions" },
{ value: ActivityAction.CREATED, label: "Created" },
{ value: ActivityAction.UPDATED, label: "Updated" },
{ value: ActivityAction.DELETED, label: "Deleted" },
{ value: ActivityAction.COMPLETED, label: "Completed" },
{ value: ActivityAction.ASSIGNED, label: "Assigned" },
];
const ENTITY_OPTIONS: { value: EntityFilter; label: string }[] = [
{ value: "all", label: "All entities" },
{ value: EntityType.TASK, label: "Tasks" },
{ value: EntityType.EVENT, label: "Events" },
{ value: EntityType.PROJECT, label: "Projects" },
{ value: EntityType.WORKSPACE, label: "Workspaces" },
{ value: EntityType.USER, label: "Users" },
{ value: EntityType.DOMAIN, label: "Domains" },
{ value: EntityType.IDEA, label: "Ideas" },
const STATUS_OPTIONS: { value: StatusFilter; label: string }[] = [
{ value: "all", label: "All statuses" },
{ value: "running", label: "Running" },
{ value: "completed", label: "Completed" },
{ value: "failed", label: "Failed" },
{ value: "queued", label: "Queued" },
];
const DATE_RANGES: { value: DateRange; label: string }[] = [
@@ -46,37 +28,37 @@ const DATE_RANGES: { value: DateRange; label: string }[] = [
{ value: "all", label: "All" },
];
const STATUS_FILTER_TO_ENUM: Record<StatusFilter, RunnerJobStatus[] | undefined> = {
all: undefined,
running: [RunnerJobStatus.RUNNING],
completed: [RunnerJobStatus.COMPLETED],
failed: [RunnerJobStatus.FAILED],
queued: [RunnerJobStatus.QUEUED, RunnerJobStatus.PENDING],
};
const POLL_INTERVAL_MS = 5_000;
// ─── Helpers ──────────────────────────────────────────────────────────
const ACTION_COLORS: Record<string, string> = {
[ActivityAction.CREATED]: "var(--ms-teal-400)",
[ActivityAction.UPDATED]: "var(--ms-blue-400)",
[ActivityAction.DELETED]: "var(--danger)",
[ActivityAction.COMPLETED]: "var(--ms-emerald-400)",
[ActivityAction.ASSIGNED]: "var(--ms-amber-400)",
};
function getActionColor(action: string): string {
return ACTION_COLORS[action] ?? "var(--muted)";
function getStatusColor(status: string): string {
switch (status) {
case "RUNNING":
return "var(--ms-amber-400)";
case "COMPLETED":
return "var(--ms-teal-400)";
case "FAILED":
case "CANCELLED":
return "var(--danger)";
case "QUEUED":
case "PENDING":
return "var(--ms-blue-400)";
default:
return "var(--muted)";
}
}
const ENTITY_LABELS: Record<string, string> = {
[EntityType.TASK]: "Task",
[EntityType.EVENT]: "Event",
[EntityType.PROJECT]: "Project",
[EntityType.WORKSPACE]: "Workspace",
[EntityType.USER]: "User",
[EntityType.DOMAIN]: "Domain",
[EntityType.IDEA]: "Idea",
};
function getEntityTypeLabel(entityType: string): string {
return ENTITY_LABELS[entityType] ?? entityType;
}
function formatRelativeTime(dateStr: string): string {
function formatRelativeTime(dateStr: string | null): string {
if (!dateStr) return "\u2014";
const date = new Date(dateStr);
const now = Date.now();
const diffMs = now - date.getTime();
@@ -92,6 +74,29 @@ function formatRelativeTime(dateStr: string): string {
return date.toLocaleDateString();
}
function formatDuration(startedAt: string | null, completedAt: string | null): string {
if (!startedAt) return "\u2014";
const start = new Date(startedAt).getTime();
const end = completedAt ? new Date(completedAt).getTime() : Date.now();
const ms = end - start;
if (ms < 1_000) return `${String(ms)}ms`;
const sec = Math.floor(ms / 1_000);
if (sec < 60) return `${String(sec)}s`;
const min = Math.floor(sec / 60);
const remainSec = sec % 60;
return `${String(min)}m ${String(remainSec)}s`;
}
function formatStepDuration(durationMs: number | null): string {
if (durationMs === null) return "\u2014";
if (durationMs < 1_000) return `${String(durationMs)}ms`;
const sec = Math.floor(durationMs / 1_000);
if (sec < 60) return `${String(sec)}s`;
const min = Math.floor(sec / 60);
const remainSec = sec % 60;
return `${String(min)}m ${String(remainSec)}s`;
}
function isWithinDateRange(dateStr: string, range: DateRange): boolean {
if (range === "all") return true;
const date = new Date(dateStr);
@@ -100,16 +105,18 @@ function isWithinDateRange(dateStr: string, range: DateRange): boolean {
return now - date.getTime() < hours * 60 * 60 * 1_000;
}
// ─── Action Badge ─────────────────────────────────────────────────────
// ─── Status Badge ─────────────────────────────────────────────────────
function ActionBadge({ action }: { action: string }): ReactElement {
const color = getActionColor(action);
function StatusBadge({ status }: { status: string }): ReactElement {
const color = getStatusColor(status);
const isRunning = status === "RUNNING";
return (
<span
style={{
display: "inline-flex",
alignItems: "center",
gap: 6,
padding: "2px 10px",
borderRadius: 9999,
fontSize: "0.75rem",
@@ -120,7 +127,18 @@ function ActionBadge({ action }: { action: string }): ReactElement {
textTransform: "capitalize",
}}
>
{action.toLowerCase()}
{isRunning && (
<span
style={{
width: 6,
height: 6,
borderRadius: "50%",
background: color,
animation: "pulse 1.5s ease-in-out infinite",
}}
/>
)}
{status.toLowerCase()}
</span>
);
}
@@ -131,55 +149,59 @@ export default function LogsPage(): ReactElement {
const workspaceId = useWorkspaceId();
// Data state
const [activities, setActivities] = useState<ActivityLog[]>([]);
const [jobs, setJobs] = useState<RunnerJob[]>([]);
const [isLoading, setIsLoading] = useState(true);
const [error, setError] = useState<string | null>(null);
// Expanded job and steps
const [expandedJobId, setExpandedJobId] = useState<string | null>(null);
const [jobStepsMap, setJobStepsMap] = useState<Record<string, JobStep[]>>({});
const [stepsLoading, setStepsLoading] = useState<Set<string>>(new Set());
// Filters
const [actionFilter, setActionFilter] = useState<ActionFilter>("all");
const [entityFilter, setEntityFilter] = useState<EntityFilter>("all");
const [statusFilter, setStatusFilter] = useState<StatusFilter>("all");
const [dateRange, setDateRange] = useState<DateRange>("7d");
const [searchQuery, setSearchQuery] = useState("");
// Auto-refresh
const [autoRefresh, setAutoRefresh] = useState(true);
const [autoRefresh, setAutoRefresh] = useState(false);
const intervalRef = useRef<ReturnType<typeof setInterval> | null>(null);
// Hover state
const [hoveredRowId, setHoveredRowId] = useState<string | null>(null);
// ─── Data Loading ─────────────────────────────────────────────────
const loadActivities = useCallback(async (): Promise<void> => {
const loadJobs = useCallback(async (): Promise<void> => {
try {
const filters: ActivityLogFilters = {};
const statusEnums = STATUS_FILTER_TO_ENUM[statusFilter];
const filters: Parameters<typeof fetchRunnerJobs>[0] = {};
if (workspaceId) {
filters.workspaceId = workspaceId;
}
if (actionFilter !== "all") {
filters.action = actionFilter;
}
if (entityFilter !== "all") {
filters.entityType = entityFilter;
if (statusEnums) {
filters.status = statusEnums;
}
const response: Awaited<ReturnType<typeof fetchActivityLogs>> =
await fetchActivityLogs(filters);
setActivities(response);
const data = await fetchRunnerJobs(filters);
setJobs(data);
setError(null);
} catch (err: unknown) {
console.error("[Logs] Failed to fetch activity logs:", err);
console.error("[Logs] Failed to fetch runner jobs:", err);
setError(
err instanceof Error
? err.message
: "We had trouble loading activity logs. Please try again when you're ready."
: "We had trouble loading jobs. Please try again when you're ready."
);
}
}, [workspaceId, actionFilter, entityFilter]);
}, [workspaceId, statusFilter]);
// Initial load
useEffect(() => {
let cancelled = false;
setIsLoading(true);
loadActivities()
loadJobs()
.then(() => {
if (!cancelled) {
setIsLoading(false);
@@ -194,13 +216,13 @@ export default function LogsPage(): ReactElement {
return (): void => {
cancelled = true;
};
}, [loadActivities]);
}, [loadJobs]);
// Auto-refresh polling
useEffect(() => {
if (autoRefresh) {
intervalRef.current = setInterval(() => {
void loadActivities();
void loadJobs();
}, POLL_INTERVAL_MS);
} else if (intervalRef.current) {
clearInterval(intervalRef.current);
@@ -213,22 +235,55 @@ export default function LogsPage(): ReactElement {
intervalRef.current = null;
}
};
}, [autoRefresh, loadActivities]);
}, [autoRefresh, loadJobs]);
// ─── Steps Loading ────────────────────────────────────────────────
const toggleExpand = useCallback(
(jobId: string) => {
if (expandedJobId === jobId) {
setExpandedJobId(null);
return;
}
setExpandedJobId(jobId);
// Load steps if not already loaded
if (!jobStepsMap[jobId] && !stepsLoading.has(jobId)) {
setStepsLoading((prev) => new Set(prev).add(jobId));
fetchJobSteps(jobId, workspaceId ?? undefined)
.then((steps) => {
setJobStepsMap((prev) => ({ ...prev, [jobId]: steps }));
})
.catch((err: unknown) => {
console.error("[Logs] Failed to fetch steps for job:", jobId, err);
setJobStepsMap((prev) => ({ ...prev, [jobId]: [] }));
})
.finally(() => {
setStepsLoading((prev) => {
const next = new Set(prev);
next.delete(jobId);
return next;
});
});
}
},
[expandedJobId, jobStepsMap, stepsLoading, workspaceId]
);
// ─── Filtering ────────────────────────────────────────────────────
const filteredActivities = activities.filter((activity) => {
const filteredJobs = jobs.filter((job) => {
// Date range filter
if (!isWithinDateRange(activity.createdAt, dateRange)) return false;
if (!isWithinDateRange(job.createdAt, dateRange)) return false;
// Search filter
if (searchQuery.trim()) {
const q = searchQuery.toLowerCase();
const matchesEntity = getEntityTypeLabel(activity.entityType).toLowerCase().includes(q);
const matchesId = activity.entityId.toLowerCase().includes(q);
const matchesUser = activity.user?.name?.toLowerCase().includes(q);
const matchesEmail = activity.user?.email.toLowerCase().includes(q);
if (!matchesEntity && !matchesId && !matchesUser && !matchesEmail) return false;
const matchesType = job.type.toLowerCase().includes(q);
const matchesId = job.id.toLowerCase().includes(q);
if (!matchesType && !matchesId) return false;
}
return true;
@@ -238,7 +293,7 @@ export default function LogsPage(): ReactElement {
const handleManualRefresh = (): void => {
setIsLoading(true);
void loadActivities().finally(() => {
void loadJobs().finally(() => {
setIsLoading(false);
});
};
@@ -252,12 +307,16 @@ export default function LogsPage(): ReactElement {
return (
<main className="container mx-auto px-4 py-8">
{/* Pulse animation for auto-refresh */}
{/* Pulse animation for running status */}
<style>{`
@keyframes pulse {
0%, 100% { opacity: 1; }
50% { opacity: 0.4; }
}
@keyframes auto-refresh-spin {
from { transform: rotate(0deg); }
to { transform: rotate(360deg); }
}
`}</style>
{/* ─── Header ─────────────────────────────────────────────── */}
@@ -273,10 +332,10 @@ export default function LogsPage(): ReactElement {
>
<div>
<h1 className="text-3xl font-bold" style={{ color: "var(--text)" }}>
Activity Logs
Logs &amp; Telemetry
</h1>
<p className="mt-1" style={{ color: "var(--text-muted)" }}>
Audit trail and activity history
Runner job history and step-level detail
</p>
</div>
@@ -349,11 +408,11 @@ export default function LogsPage(): ReactElement {
marginBottom: 24,
}}
>
{/* Action filter */}
{/* Status filter */}
<select
value={actionFilter}
value={statusFilter}
onChange={(e) => {
setActionFilter(e.target.value as ActionFilter);
setStatusFilter(e.target.value as StatusFilter);
}}
style={{
padding: "8px 12px",
@@ -366,31 +425,7 @@ export default function LogsPage(): ReactElement {
minWidth: 140,
}}
>
{ACTION_OPTIONS.map((opt) => (
<option key={opt.value} value={opt.value}>
{opt.label}
</option>
))}
</select>
{/* Entity filter */}
<select
value={entityFilter}
onChange={(e) => {
setEntityFilter(e.target.value as EntityFilter);
}}
style={{
padding: "8px 12px",
borderRadius: 8,
fontSize: "0.82rem",
border: "1px solid var(--border)",
background: "var(--surface)",
color: "var(--text)",
cursor: "pointer",
minWidth: 140,
}}
>
{ENTITY_OPTIONS.map((opt) => (
{STATUS_OPTIONS.map((opt) => (
<option key={opt.value} value={opt.value}>
{opt.label}
</option>
@@ -432,7 +467,7 @@ export default function LogsPage(): ReactElement {
{/* Search input */}
<input
type="text"
placeholder="Search by entity or user..."
placeholder="Search by job type..."
value={searchQuery}
onChange={(e) => {
setSearchQuery(e.target.value);
@@ -452,9 +487,9 @@ export default function LogsPage(): ReactElement {
</div>
{/* ─── Content ────────────────────────────────────────────── */}
{isLoading && activities.length === 0 ? (
{isLoading && jobs.length === 0 ? (
<div className="flex justify-center py-16">
<MosaicSpinner label="Loading activity logs..." />
<MosaicSpinner label="Loading jobs..." />
</div>
) : error !== null ? (
<div
@@ -473,7 +508,7 @@ export default function LogsPage(): ReactElement {
Try again
</button>
</div>
) : filteredActivities.length === 0 ? (
) : filteredJobs.length === 0 ? (
<div
className="rounded-lg p-8 text-center"
style={{
@@ -481,10 +516,10 @@ export default function LogsPage(): ReactElement {
border: "1px solid var(--border)",
}}
>
<p style={{ color: "var(--text-muted)" }}>No activity logs found</p>
<p style={{ color: "var(--text-muted)" }}>No jobs found</p>
</div>
) : (
/* ─── Activity Table ──────────────────────────────────────── */
/* ─── Job Table ──────────────────────────────────────────── */
<div
style={{
borderRadius: 12,
@@ -500,7 +535,7 @@ export default function LogsPage(): ReactElement {
background: "var(--bg-mid)",
}}
>
{["Action", "Entity", "User", "Details", "Time"].map((header) => (
{["Job Type", "Status", "Started", "Duration", "Steps"].map((header) => (
<th
key={header}
style={{
@@ -521,9 +556,32 @@ export default function LogsPage(): ReactElement {
</tr>
</thead>
<tbody>
{filteredActivities.map((activity) => (
<ActivityRow key={activity.id} activity={activity} />
))}
{filteredJobs.map((job) => {
const isExpanded = expandedJobId === job.id;
const isHovered = hoveredRowId === job.id;
const steps = jobStepsMap[job.id];
const isStepsLoading = stepsLoading.has(job.id);
return (
<JobRow
key={job.id}
job={job}
isExpanded={isExpanded}
isHovered={isHovered}
steps={steps}
isStepsLoading={isStepsLoading}
onToggle={() => {
toggleExpand(job.id);
}}
onMouseEnter={() => {
setHoveredRowId(job.id);
}}
onMouseLeave={() => {
setHoveredRowId(null);
}}
/>
);
})}
</tbody>
</table>
</div>
@@ -533,91 +591,260 @@ export default function LogsPage(): ReactElement {
);
}
// ─── Activity Row Component ───────────────────────────────────────────
// ─── Job Row Component ────────────────────────────────────────────────
function JobRow({
job,
isExpanded,
isHovered,
steps,
isStepsLoading,
onToggle,
onMouseEnter,
onMouseLeave,
}: {
job: RunnerJob;
isExpanded: boolean;
isHovered: boolean;
steps: JobStep[] | undefined;
isStepsLoading: boolean;
onToggle: () => void;
onMouseEnter: () => void;
onMouseLeave: () => void;
}): ReactElement {
return (
<>
<tr
onClick={onToggle}
onMouseEnter={onMouseEnter}
onMouseLeave={onMouseLeave}
style={{
background: isExpanded
? "var(--surface-2)"
: isHovered
? "var(--surface-2)"
: "var(--surface)",
cursor: "pointer",
borderBottom: isExpanded ? "none" : "1px solid var(--border)",
transition: "background 100ms ease",
}}
>
<td
style={{
padding: "12px 16px",
fontSize: "0.85rem",
fontWeight: 500,
color: "var(--text)",
whiteSpace: "nowrap",
}}
>
<span style={{ display: "inline-flex", alignItems: "center", gap: 8 }}>
<span
style={{
display: "inline-block",
width: 16,
textAlign: "center",
fontSize: "0.7rem",
color: "var(--muted)",
transition: "transform 150ms ease",
transform: isExpanded ? "rotate(90deg)" : "rotate(0deg)",
}}
>
&#9654;
</span>
{job.type}
</span>
</td>
<td style={{ padding: "12px 16px" }}>
<StatusBadge status={job.status} />
</td>
<td
style={{
padding: "12px 16px",
fontSize: "0.82rem",
fontFamily: "var(--mono)",
color: "var(--text-muted)",
whiteSpace: "nowrap",
}}
>
{formatRelativeTime(job.startedAt ?? job.createdAt)}
</td>
<td
style={{
padding: "12px 16px",
fontSize: "0.82rem",
fontFamily: "var(--mono)",
color: "var(--text-muted)",
whiteSpace: "nowrap",
}}
>
{formatDuration(job.startedAt, job.completedAt)}
</td>
<td
style={{
padding: "12px 16px",
fontSize: "0.82rem",
fontFamily: "var(--mono)",
color: "var(--text-muted)",
}}
>
{steps ? String(steps.length) : "\u2014"}
</td>
</tr>
{/* Expanded Steps Section */}
{isExpanded && (
<tr>
<td
colSpan={5}
style={{
padding: 0,
borderBottom: "1px solid var(--border)",
}}
>
<div
style={{
background: "var(--bg-mid)",
padding: "12px 16px 12px 48px",
}}
>
{isStepsLoading ? (
<div style={{ display: "flex", justifyContent: "center", padding: 16 }}>
<MosaicSpinner size={24} label="Loading steps..." />
</div>
) : !steps || steps.length === 0 ? (
<p
style={{
fontSize: "0.82rem",
color: "var(--text-muted)",
padding: "8px 0",
}}
>
No steps recorded for this job
</p>
) : (
<table style={{ width: "100%", borderCollapse: "collapse" }}>
<thead>
<tr>
{["#", "Name", "Phase", "Status", "Duration"].map((header) => (
<th
key={header}
style={{
padding: "6px 12px",
textAlign: "left",
fontSize: "0.7rem",
fontWeight: 600,
textTransform: "uppercase",
letterSpacing: "0.05em",
color: "var(--muted)",
fontFamily: "var(--mono)",
borderBottom: "1px solid var(--border)",
whiteSpace: "nowrap",
}}
>
{header}
</th>
))}
</tr>
</thead>
<tbody>
{steps
.sort((a, b) => a.ordinal - b.ordinal)
.map((step) => (
<StepRow key={step.id} step={step} />
))}
</tbody>
</table>
)}
{/* Job error message if failed */}
{job.error && (
<div
style={{
marginTop: 12,
padding: "8px 12px",
borderRadius: 6,
fontSize: "0.78rem",
fontFamily: "var(--mono)",
color: "var(--danger)",
background: "color-mix(in srgb, var(--danger) 8%, transparent)",
border: "1px solid color-mix(in srgb, var(--danger) 20%, transparent)",
wordBreak: "break-all",
}}
>
{job.error}
</div>
)}
</div>
</td>
</tr>
)}
</>
);
}
// ─── Step Row Component ───────────────────────────────────────────────
function StepRow({ step }: { step: JobStep }): ReactElement {
const [hovered, setHovered] = useState(false);
function ActivityRow({ activity }: { activity: ActivityLog }): ReactElement {
return (
<tr
onMouseEnter={() => {
setHovered(true);
}}
onMouseLeave={() => {
setHovered(false);
}}
style={{
background: "var(--surface)",
borderBottom: "1px solid var(--border)",
background: hovered ? "color-mix(in srgb, var(--surface) 50%, transparent)" : "transparent",
borderBottom: "1px solid color-mix(in srgb, var(--border) 50%, transparent)",
transition: "background 100ms ease",
}}
>
<td style={{ padding: "12px 16px" }}>
<ActionBadge action={activity.action} />
</td>
<td
style={{
padding: "12px 16px",
fontSize: "0.85rem",
fontWeight: 500,
color: "var(--text)",
}}
>
<div style={{ display: "flex", flexDirection: "column", gap: 2 }}>
<span>{getEntityTypeLabel(activity.entityType)}</span>
<span
style={{
fontSize: "0.75rem",
color: "var(--muted)",
fontFamily: "var(--mono)",
}}
>
{activity.entityId}
</span>
</div>
</td>
<td
style={{
padding: "12px 16px",
fontSize: "0.82rem",
color: "var(--text)",
}}
>
{activity.user ? (
<div style={{ display: "flex", flexDirection: "column", gap: 2 }}>
<span>{activity.user.name ?? activity.user.email}</span>
{activity.user.name && (
<span
style={{
fontSize: "0.75rem",
color: "var(--muted)",
}}
>
{activity.user.email}
</span>
)}
</div>
) : (
<span style={{ color: "var(--muted)" }}></span>
)}
</td>
<td
style={{
padding: "12px 16px",
padding: "6px 12px",
fontSize: "0.78rem",
color: "var(--text-muted)",
fontFamily: "var(--mono)",
maxWidth: 300,
overflow: "hidden",
textOverflow: "ellipsis",
whiteSpace: "nowrap",
color: "var(--muted)",
}}
title={activity.details ? JSON.stringify(activity.details) : undefined}
>
{activity.details ? JSON.stringify(activity.details) : "—"}
{String(step.ordinal)}
</td>
<td
style={{
padding: "12px 16px",
fontSize: "0.82rem",
padding: "6px 12px",
fontSize: "0.8rem",
color: "var(--text)",
}}
>
{step.name}
</td>
<td
style={{
padding: "6px 12px",
fontSize: "0.75rem",
fontFamily: "var(--mono)",
color: "var(--text-muted)",
textTransform: "lowercase",
}}
>
{step.phase}
</td>
<td style={{ padding: "6px 12px" }}>
<StatusBadge status={step.status} />
</td>
<td
style={{
padding: "6px 12px",
fontSize: "0.78rem",
fontFamily: "var(--mono)",
color: "var(--text-muted)",
whiteSpace: "nowrap",
}}
>
{formatRelativeTime(activity.createdAt)}
{formatStepDuration(step.durationMs)}
</td>
</tr>
);

102
apps/web/src/app/(authenticated)/projects/page.tsx
View File

@@ -17,8 +17,6 @@ import {
import { fetchProjects, createProject, deleteProject, ProjectStatus } from "@/lib/api/projects";
import type { Project, CreateProjectDto } from "@/lib/api/projects";
import { useWorkspaceId } from "@/lib/hooks";
import { fetchDomains } from "@/lib/api/domains";
import type { Domain } from "@mosaic/shared";
/* ---------------------------------------------------------------------------
Status badge helpers
@@ -67,14 +65,11 @@ interface ProjectCardProps {
project: Project;
onDelete: (id: string) => void;
onClick: (id: string) => void;
domains: Domain[];
}
function ProjectCard({ project, onDelete, onClick, domains }: ProjectCardProps): ReactElement {
function ProjectCard({ project, onDelete, onClick }: ProjectCardProps): ReactElement {
const [hovered, setHovered] = useState(false);
const status = getStatusStyle(project.status);
// Find domain if project has a domainId
const domain = project.domainId ? domains.find((d) => d.id === project.domainId) : undefined;
return (
<div
@@ -209,22 +204,6 @@ function ProjectCard({ project, onDelete, onClick, domains }: ProjectCardProps):
>
{status.label}
</span>
{domain && (
<span
style={{
display: "inline-block",
padding: "2px 10px",
borderRadius: "var(--r)",
background: "rgba(139,92,246,0.15)",
color: "var(--purple)",
fontSize: "0.75rem",
fontWeight: 500,
marginLeft: 8,
}}
>
{domain.name}
</span>
)}
{/* Timestamps */}
<span
@@ -250,7 +229,6 @@ interface CreateDialogProps {
onOpenChange: (open: boolean) => void;
onSubmit: (data: CreateProjectDto) => Promise<void>;
isSubmitting: boolean;
domains: Domain[];
}
function CreateProjectDialog({
@@ -258,24 +236,20 @@ function CreateProjectDialog({
onOpenChange,
onSubmit,
isSubmitting,
domains,
}: CreateDialogProps): ReactElement {
const [name, setName] = useState("");
const [description, setDescription] = useState("");
const [formError, setFormError] = useState<string | null>(null);
const [domainId, setDomainId] = useState("");
function resetForm(): void {
setName("");
setDescription("");
setFormError(null);
setDomainId("");
}
async function handleSubmit(e: SyntheticEvent): Promise<void> {
e.preventDefault();
setFormError(null);
setDomainId("");
const trimmedName = name.trim();
if (!trimmedName) {
@@ -289,9 +263,6 @@ function CreateProjectDialog({
if (trimmedDesc) {
payload.description = trimmedDesc;
}
if (domainId) {
payload.domainId = domainId;
}
await onSubmit(payload);
resetForm();
} catch (err: unknown) {
@@ -411,47 +382,6 @@ function CreateProjectDialog({
/>
</div>
{/* Domain */}
<div style={{ marginBottom: 16 }}>
<label
htmlFor="project-domain"
style={{
display: "block",
marginBottom: 6,
fontSize: "0.85rem",
fontWeight: 500,
color: "var(--text-2)",
}}
>
Domain (optional)
</label>
<select
id="project-domain"
value={domainId}
onChange={(e) => {
setDomainId(e.target.value);
}}
style={{
width: "100%",
padding: "8px 12px",
background: "var(--bg)",
border: "1px solid var(--border)",
borderRadius: "var(--r)",
color: "var(--text)",
fontSize: "0.9rem",
outline: "none",
boxSizing: "border-box",
}}
>
<option value="">None</option>
{domains.map((d) => (
<option key={d.id} value={d.id}>
{d.name}
</option>
))}
</select>
</div>
{/* Form error */}
{formError !== null && (
<p style={{ color: "var(--danger)", fontSize: "0.85rem", margin: "0 0 12px" }}>
@@ -602,7 +532,6 @@ export default function ProjectsPage(): ReactElement {
const workspaceId = useWorkspaceId();
const [projects, setProjects] = useState<Project[]>([]);
const [domains, setDomains] = useState<Domain[]>([]);
const [isLoading, setIsLoading] = useState(true);
const [error, setError] = useState<string | null>(null);
@@ -672,33 +601,6 @@ export default function ProjectsPage(): ReactElement {
};
}, [workspaceId]);
// Load domains
useEffect(() => {
if (!workspaceId) {
return;
}
let cancelled = false;
const wsId = workspaceId;
async function loadDomains(): Promise<void> {
try {
const response = await fetchDomains(undefined, wsId);
if (!cancelled) {
setDomains(response.data);
}
} catch (err: unknown) {
console.error("[Projects] Failed to fetch domains:", err);
}
}
void loadDomains();
return (): void => {
cancelled = true;
};
}, [workspaceId]);
function handleRetry(): void {
void loadProjects(workspaceId);
}
@@ -877,7 +779,6 @@ export default function ProjectsPage(): ReactElement {
project={project}
onDelete={handleDeleteRequest}
onClick={handleCardClick}
domains={domains}
/>
))}
</div>
@@ -889,7 +790,6 @@ export default function ProjectsPage(): ReactElement {
onOpenChange={setCreateOpen}
onSubmit={handleCreate}
isSubmitting={isCreating}
domains={domains}
/>
{/* Delete Confirmation Dialog */}

25
apps/web/src/components/chat/Chat.tsx
View File

@@ -342,31 +342,6 @@ export const Chat = forwardRef<ChatRef, ChatProps>(function Chat(
)}
{/* Input Area */}
{!user && (
<div className="mx-4 mb-2 lg:mx-auto lg:max-w-4xl lg:px-8">
<div
className="flex items-center justify-center gap-2 rounded-lg border px-4 py-3 text-center"
style={{
backgroundColor: "rgb(var(--surface-1))",
borderColor: "rgb(var(--border-default))",
}}
>
<svg
className="h-4 w-4"
style={{ color: "rgb(var(--text-secondary))" }}
fill="none"
viewBox="0 0 24 24"
stroke="currentColor"
strokeWidth={2}
>
<path d="M15 7a2 2 0 012 2m4 0a6 6 0 01-7.743 5.743L11 17H9v2H7v2H4a1 1 0 01-1-1v-2.586a1 1 0 01.293-.707l5.964-5.964A6 6 0 1121 9z" />
</svg>
<span className="text-sm" style={{ color: "rgb(var(--text-secondary))" }}>
Sign in to chat with Jarvis
</span>
</div>
</div>
)}
<div
className="sticky bottom-0 border-t"
style={{

20
apps/web/src/components/chat/ChatOverlay.tsx
View File

@@ -55,8 +55,8 @@ export function ChatOverlay(): React.JSX.Element {
onClick={open}
className="fixed bottom-6 right-6 z-50 flex h-14 w-14 items-center justify-center rounded-full shadow-lg transition-all hover:scale-110 focus:outline-none focus:ring-2 focus:ring-offset-2 lg:bottom-8 lg:right-8"
style={{
backgroundColor: "var(--accent-primary, #10b981)",
color: "var(--text-on-accent, #ffffff)",
backgroundColor: "rgb(var(--accent-primary))",
color: "rgb(var(--text-on-accent))",
}}
aria-label="Open chat"
title="Open Jarvis chat (Cmd+Shift+J)"
@@ -78,18 +78,18 @@ export function ChatOverlay(): React.JSX.Element {
if (isMinimized) {
return (
<div
className="fixed bottom-0 right-0 z-40 w-full shadow-2xl sm:w-96"
className="fixed bottom-0 right-0 z-40 w-full sm:w-96"
style={{
backgroundColor: "var(--surface-0, #ffffff)",
borderColor: "var(--border-default, #e5e7eb)",
backgroundColor: "rgb(var(--surface-0))",
borderColor: "rgb(var(--border-default))",
}}
>
<button
onClick={expand}
className="flex w-full items-center justify-between border-t px-4 py-3 text-left transition-colors hover:bg-black/5 focus:outline-none focus:ring-2 focus:ring-inset"
style={{
borderColor: "var(--border-default, #e5e7eb)",
backgroundColor: "var(--surface-0, #ffffff)",
borderColor: "rgb(var(--border-default))",
backgroundColor: "rgb(var(--surface-0))",
}}
aria-label="Expand chat"
>
@@ -135,10 +135,10 @@ export function ChatOverlay(): React.JSX.Element {
{/* Chat Panel */}
<div
className="fixed inset-y-0 right-0 z-40 flex w-full flex-col border-l shadow-2xl sm:w-96 lg:inset-y-16"
className="fixed inset-y-0 right-0 z-40 flex w-full flex-col border-l sm:w-96 lg:inset-y-16"
style={{
backgroundColor: "var(--surface-0, #ffffff)",
borderColor: "var(--border-default, #e5e7eb)",
backgroundColor: "rgb(var(--surface-0))",
borderColor: "rgb(var(--border-default))",
}}
>
{/* Header */}

4
apps/web/src/components/layout/AppHeader.tsx
View File

@@ -5,7 +5,6 @@ import Link from "next/link";
import { usePathname } from "next/navigation";
import { useAuth } from "@/lib/auth/auth-context";
import { ThemeToggle } from "./ThemeToggle";
import { UsageWidget } from "@/components/ui/UsageWidget";
import { useSidebar } from "./SidebarContext";
/**
@@ -351,9 +350,6 @@ export function AppHeader(): React.JSX.Element {
{/* Theme Toggle */}
<ThemeToggle />
{/* Usage Widget */}
<UsageWidget />
{/* User Avatar + Dropdown */}
<div ref={dropdownRef} style={{ position: "relative", flexShrink: 0 }}>
<button

337
apps/web/src/components/ui/UsageWidget.tsx
View File

@@ -1,337 +0,0 @@
"use client";
import { useState, useEffect, useRef, useCallback } from "react";
import { fetchUsageSummary, type UsageSummary } from "@/lib/api/telemetry";
// ─── Types ───────────────────────────────────────────────────────────
interface UsageTier {
name: string;
tokens: number;
limit: number;
percentage: number;
}
// ─── Helpers ─────────────────────────────────────────────────────────
function getUsageColor(percentage: number): string {
if (percentage < 60) return "var(--success)";
if (percentage < 80) return "var(--warn)";
return "var(--danger)";
}
function formatTokens(value: number): string {
if (value >= 1_000_000) return `${(value / 1_000_000).toFixed(1)}M`;
if (value >= 1_000) return `${(value / 1_000).toFixed(1)}K`;
return value.toFixed(0);
}
// ─── Component ───────────────────────────────────────────────────────
export function UsageWidget(): React.JSX.Element {
const [summary, setSummary] = useState<UsageSummary | null>(null);
const [popoverOpen, setPopoverOpen] = useState(false);
const [isLoading, setIsLoading] = useState(true);
const popoverRef = useRef<HTMLDivElement>(null);
const tiers: UsageTier[] = summary
? [
{
name: "Session",
tokens: summary.totalTokens,
limit: 100_000,
percentage: (summary.totalTokens / 100_000) * 100,
},
{
name: "Daily",
tokens: summary.totalTokens,
limit: 500_000,
percentage: (summary.totalTokens / 500_000) * 100,
},
{
name: "Monthly",
tokens: summary.totalTokens,
limit: 2_000_000,
percentage: (summary.totalTokens / 2_000_000) * 100,
},
]
: [];
const currentTier = tiers[0];
const usageColor = currentTier ? getUsageColor(currentTier.percentage) : "var(--muted)";
const loadSummary = useCallback(async () => {
try {
const data = await fetchUsageSummary("30d");
setSummary(data);
} catch (err) {
console.error("Failed to load usage summary:", err);
} finally {
setIsLoading(false);
}
}, []);
useEffect(() => {
void loadSummary();
}, [loadSummary]);
useEffect(() => {
function handleClickOutside(event: MouseEvent): void {
if (popoverRef.current && !popoverRef.current.contains(event.target as Node)) {
setPopoverOpen(false);
}
}
if (!popoverOpen) {
return;
}
document.addEventListener("mousedown", handleClickOutside);
return (): void => {
document.removeEventListener("mousedown", handleClickOutside);
};
}, [popoverOpen]);
const pct = currentTier ? Math.min(currentTier.percentage, 100) : 0;
return (
<div ref={popoverRef} style={{ position: "relative" }}>
<button
onClick={(): void => {
setPopoverOpen((prev) => !prev);
}}
aria-label="Usage widget"
aria-expanded={popoverOpen}
aria-haspopup="true"
className="hidden lg:flex items-center"
style={{
gap: 6,
padding: "5px 10px",
borderRadius: 6,
background: "var(--surface)",
border: `1px solid ${popoverOpen ? usageColor : "var(--border)"}`,
fontSize: "0.75rem",
fontFamily: "var(--mono)",
color: "var(--text-2)",
cursor: "pointer",
transition: "border-color 0.15s, color 0.15s",
flexShrink: 0,
}}
onMouseEnter={(e): void => {
(e.currentTarget as HTMLButtonElement).style.borderColor = usageColor;
(e.currentTarget as HTMLButtonElement).style.color = "var(--text)";
}}
onMouseLeave={(e): void => {
if (!popoverOpen) {
(e.currentTarget as HTMLButtonElement).style.borderColor = "var(--border)";
(e.currentTarget as HTMLButtonElement).style.color = "var(--text-2)";
}
}}
>
<svg
width="12"
height="12"
viewBox="0 0 16 16"
fill="none"
stroke="currentColor"
strokeWidth="2"
strokeLinecap="round"
strokeLinejoin="round"
style={{ color: usageColor, flexShrink: 0 }}
aria-hidden="true"
>
<path d="M9 1L3 9h5l-1 6 6-8H8l1-6z" />
</svg>
<span style={{ fontWeight: 500, color: "var(--text-2)" }}>
{isLoading ? "..." : summary ? formatTokens(summary.totalTokens) : "0"}
</span>
{!isLoading && currentTier && (
<div
style={{
width: 24,
height: 4,
borderRadius: 2,
background: "var(--bg-mid)",
overflow: "hidden",
flexShrink: 0,
}}
aria-hidden="true"
>
<div
style={{
width: `${String(pct)}%`,
height: "100%",
background: usageColor,
borderRadius: 2,
transition: "width 0.3s ease-out",
}}
/>
</div>
)}
{!isLoading && currentTier && (
<span style={{ fontWeight: 600, color: usageColor, minWidth: 32, textAlign: "right" }}>
{Math.round(currentTier.percentage)}%
</span>
)}
</button>
{popoverOpen && (
<div
role="dialog"
aria-label="Usage details"
style={{
position: "absolute",
top: "calc(100% + 8px)",
right: 0,
width: 280,
background: "var(--surface)",
border: "1px solid var(--border)",
borderRadius: 8,
padding: 12,
boxShadow: "0 8px 32px rgba(0,0,0,0.3)",
zIndex: 200,
}}
>
<div
style={{
fontSize: "0.83rem",
fontWeight: 600,
color: "var(--text)",
marginBottom: 12,
paddingBottom: 8,
borderBottom: "1px solid var(--border)",
}}
>
Token Usage
</div>
{isLoading ? (
<div
style={{
textAlign: "center",
padding: "20px 0",
color: "var(--muted)",
fontSize: "0.75rem",
}}
>
Loading usage data
</div>
) : summary ? (
<>
<div style={{ marginBottom: 12, display: "flex", flexDirection: "column", gap: 8 }}>
<div
style={{ display: "flex", justifyContent: "space-between", fontSize: "0.75rem" }}
>
<span style={{ color: "var(--muted)" }}>Total Tokens</span>
<span style={{ color: "var(--text)", fontFamily: "var(--mono)" }}>
{formatTokens(summary.totalTokens)}
</span>
</div>
<div
style={{ display: "flex", justifyContent: "space-between", fontSize: "0.75rem" }}
>
<span style={{ color: "var(--muted)" }}>Estimated Cost</span>
<span style={{ color: "var(--text)", fontFamily: "var(--mono)" }}>
${summary.totalCost.toFixed(2)}
</span>
</div>
<div
style={{ display: "flex", justifyContent: "space-between", fontSize: "0.75rem" }}
>
<span style={{ color: "var(--muted)" }}>Tasks</span>
<span style={{ color: "var(--text)", fontFamily: "var(--mono)" }}>
{summary.taskCount}
</span>
</div>
</div>
<div style={{ display: "flex", flexDirection: "column", gap: 10 }}>
{tiers.map((tier) => {
const tierPct = Math.min(tier.percentage, 100);
return (
<div key={tier.name}>
<div
style={{
display: "flex",
justifyContent: "space-between",
fontSize: "0.75rem",
marginBottom: 4,
}}
>
<span style={{ color: "var(--text-2)" }}>{tier.name}</span>
<span
style={{
color: getUsageColor(tier.percentage),
fontFamily: "var(--mono)",
fontWeight: 500,
}}
>
{formatTokens(tier.tokens)} / {formatTokens(tier.limit)}
</span>
</div>
<div
style={{
width: "100%",
height: 6,
borderRadius: 3,
background: "var(--bg-mid)",
overflow: "hidden",
}}
>
<div
style={{
width: `${String(tierPct)}%`,
height: "100%",
background: getUsageColor(tier.percentage),
borderRadius: 3,
transition: "width 0.3s ease-out",
}}
/>
</div>
</div>
);
})}
</div>
<a
href="/usage"
onClick={(): void => {
setPopoverOpen(false);
}}
style={{
display: "block",
marginTop: 12,
paddingTop: 8,
borderTop: "1px solid var(--border)",
fontSize: "0.75rem",
color: "var(--primary)",
textDecoration: "none",
textAlign: "center",
}}
onMouseEnter={(e): void => {
(e.currentTarget as HTMLAnchorElement).style.textDecoration = "underline";
}}
onMouseLeave={(e): void => {
(e.currentTarget as HTMLAnchorElement).style.textDecoration = "none";
}}
>
View detailed usage
</a>
</>
) : (
<div
style={{
textAlign: "center",
padding: "20px 0",
color: "var(--muted)",
fontSize: "0.75rem",
}}
>
No usage data available
</div>
)}
</div>
)}
</div>
);
}

56
apps/web/src/components/widgets/AgentStatusWidget.tsx
View File

@@ -16,21 +16,6 @@ interface Agent {
error?: string;
}
function isWorking(status: string): boolean {
const s = status.toLowerCase();
return s === "running" || s === "working";
}
function isIdle(status: string): boolean {
const s = status.toLowerCase();
return s === "idle" || s === "spawning" || s === "waiting" || s === "queued";
}
function isErrored(status: string): boolean {
const s = status.toLowerCase();
return s === "failed" || s === "error";
}
export function AgentStatusWidget({ id: _id, config: _config }: WidgetProps): React.JSX.Element {
const [agents, setAgents] = useState<Agent[]>([]);
const [isLoading, setIsLoading] = useState(true);
@@ -89,20 +74,25 @@ export function AgentStatusWidget({ id: _id, config: _config }: WidgetProps): Re
}, [fetchAgents]);
const getStatusIcon = (status: string): React.JSX.Element => {
if (isWorking(status)) {
return <Activity className="w-4 h-4 text-blue-500 animate-pulse" />;
const statusLower = status.toLowerCase();
switch (statusLower) {
case "running":
case "working":
return <Activity className="w-4 h-4 text-blue-500 animate-pulse" />;
case "spawning":
case "queued":
return <Clock className="w-4 h-4 text-yellow-500" />;
case "completed":
return <CheckCircle className="w-4 h-4 text-green-500" />;
case "failed":
case "error":
return <AlertCircle className="w-4 h-4 text-red-500" />;
case "terminated":
case "killed":
return <CheckCircle className="w-4 h-4 text-gray-500" />;
default:
return <Clock className="w-4 h-4 text-gray-400" />;
}
if (isIdle(status)) {
return <Clock className="w-4 h-4 text-yellow-500" />;
}
if (isErrored(status)) {
return <AlertCircle className="w-4 h-4 text-red-500" />;
}
const s = status.toLowerCase();
if (s === "completed" || s === "terminated" || s === "killed") {
return <CheckCircle className="w-4 h-4 text-gray-500" />;
}
return <Clock className="w-4 h-4 text-gray-400" />;
};
const getStatusText = (status: string): string => {
@@ -131,9 +121,9 @@ export function AgentStatusWidget({ id: _id, config: _config }: WidgetProps): Re
const stats = {
total: agents.length,
working: agents.filter((a) => isWorking(a.status)).length,
idle: agents.filter((a) => isIdle(a.status)).length,
error: agents.filter((a) => isErrored(a.status)).length,
working: agents.filter((a) => a.status.toLowerCase() === "running").length,
idle: agents.filter((a) => a.status.toLowerCase() === "spawning").length,
error: agents.filter((a) => a.status.toLowerCase() === "failed").length,
};
if (isLoading) {
@@ -186,9 +176,9 @@ export function AgentStatusWidget({ id: _id, config: _config }: WidgetProps): Re
<div
key={agent.agentId}
className={`p-3 rounded-lg border ${
isErrored(agent.status)
agent.status.toLowerCase() === "failed"
? "bg-red-50 border-red-200"
: isWorking(agent.status)
: agent.status.toLowerCase() === "running"
? "bg-blue-50 border-blue-200"
: "bg-gray-50 border-gray-200"
}`}

78
apps/web/src/components/widgets/CalendarWidget.tsx
View File

@@ -4,43 +4,61 @@
import { useState, useEffect } from "react";
import { Calendar as CalendarIcon, Clock, MapPin } from "lucide-react";
import type { WidgetProps, Event } from "@mosaic/shared";
import { fetchEvents } from "@/lib/api/events";
import type { WidgetProps } from "@mosaic/shared";
interface Event {
id: string;
title: string;
startTime: string;
endTime?: string;
location?: string;
allDay: boolean;
}
export function CalendarWidget({ id: _id, config: _config }: WidgetProps): React.JSX.Element {
const [events, setEvents] = useState<Event[]>([]);
const [isLoading, setIsLoading] = useState(true);
// Mock data for now - will fetch from API later
useEffect(() => {
let isMounted = true;
setIsLoading(true);
const now = new Date();
const today = new Date(now.getFullYear(), now.getMonth(), now.getDate());
const tomorrow = new Date(today);
tomorrow.setDate(tomorrow.getDate() + 1);
const loadEvents = async (): Promise<void> => {
setIsLoading(true);
try {
const data = await fetchEvents();
if (isMounted) {
setEvents(data);
}
} catch {
if (isMounted) {
setEvents([]);
}
} finally {
if (isMounted) {
setIsLoading(false);
}
}
};
void loadEvents();
return (): void => {
isMounted = false;
};
setTimeout(() => {
setEvents([
{
id: "1",
title: "Team Standup",
startTime: new Date(today.setHours(9, 0, 0, 0)).toISOString(),
endTime: new Date(today.setHours(9, 30, 0, 0)).toISOString(),
location: "Zoom",
allDay: false,
},
{
id: "2",
title: "Project Review",
startTime: new Date(today.setHours(14, 0, 0, 0)).toISOString(),
endTime: new Date(today.setHours(15, 0, 0, 0)).toISOString(),
location: "Conference Room A",
allDay: false,
},
{
id: "3",
title: "Sprint Planning",
startTime: new Date(tomorrow.setHours(10, 0, 0, 0)).toISOString(),
endTime: new Date(tomorrow.setHours(12, 0, 0, 0)).toISOString(),
allDay: false,
},
]);
setIsLoading(false);
}, 500);
}, []);
const formatTime = (dateValue: Date | string): string => {
const date = new Date(dateValue);
const formatTime = (dateString: string): string => {
const date = new Date(dateString);
return date.toLocaleTimeString("en-US", {
hour: "numeric",
minute: "2-digit",
@@ -48,8 +66,8 @@ export function CalendarWidget({ id: _id, config: _config }: WidgetProps): React
});
};
const formatDay = (dateValue: Date | string): string => {
const date = new Date(dateValue);
const formatDay = (dateString: string): string => {
const date = new Date(dateString);
const today = new Date();
const tomorrow = new Date(today);
tomorrow.setDate(tomorrow.getDate() + 1);

84
apps/web/src/components/widgets/TasksWidget.tsx
View File

@@ -4,56 +4,68 @@
import { useState, useEffect } from "react";
import { CheckCircle, Circle, Clock, AlertCircle } from "lucide-react";
import { TaskPriority, TaskStatus, type WidgetProps, type Task } from "@mosaic/shared";
import { fetchTasks } from "@/lib/api/tasks";
import type { WidgetProps } from "@mosaic/shared";
export function TasksWidget({ id: _id, config: _config }: WidgetProps): React.JSX.Element {
interface Task {
id: string;
title: string;
status: string;
priority: string;
dueDate?: string;
}
// eslint-disable-next-line no-empty-pattern
export function TasksWidget({}: WidgetProps): React.JSX.Element {
const [tasks, setTasks] = useState<Task[]>([]);
const [isLoading, setIsLoading] = useState(true);
// Mock data for now - will fetch from API later
useEffect(() => {
let isMounted = true;
const loadTasks = async (): Promise<void> => {
setIsLoading(true);
try {
const data = await fetchTasks();
if (isMounted) {
setTasks(data);
}
} catch {
if (isMounted) {
setTasks([]);
}
} finally {
if (isMounted) {
setIsLoading(false);
}
}
};
void loadTasks();
return (): void => {
isMounted = false;
};
setIsLoading(true);
// Simulate API call
setTimeout(() => {
setTasks([
{
id: "1",
title: "Complete project documentation",
status: "IN_PROGRESS",
priority: "HIGH",
dueDate: "2024-02-01",
},
{
id: "2",
title: "Review pull requests",
status: "NOT_STARTED",
priority: "MEDIUM",
dueDate: "2024-02-02",
},
{
id: "3",
title: "Update dependencies",
status: "COMPLETED",
priority: "LOW",
dueDate: "2024-01-30",
},
]);
setIsLoading(false);
}, 500);
}, []);
const getPriorityIcon = (priority: TaskPriority): React.JSX.Element => {
const getPriorityIcon = (priority: string): React.JSX.Element => {
switch (priority) {
case TaskPriority.HIGH:
case "HIGH":
return <AlertCircle className="w-4 h-4 text-red-500" />;
case TaskPriority.MEDIUM:
case "MEDIUM":
return <Clock className="w-4 h-4 text-yellow-500" />;
case TaskPriority.LOW:
case "LOW":
return <Circle className="w-4 h-4 text-gray-400" />;
default:
return <Circle className="w-4 h-4 text-gray-400" />;
}
};
const getStatusIcon = (status: TaskStatus): React.JSX.Element => {
return status === TaskStatus.COMPLETED ? (
const getStatusIcon = (status: string): React.JSX.Element => {
return status === "COMPLETED" ? (
<CheckCircle className="w-4 h-4 text-green-500" />
) : (
<Circle className="w-4 h-4 text-gray-400" />
@@ -62,8 +74,8 @@ export function TasksWidget({ id: _id, config: _config }: WidgetProps): React.JS
const stats = {
total: tasks.length,
inProgress: tasks.filter((t) => t.status === TaskStatus.IN_PROGRESS).length,
completed: tasks.filter((t) => t.status === TaskStatus.COMPLETED).length,
inProgress: tasks.filter((t) => t.status === "IN_PROGRESS").length,
completed: tasks.filter((t) => t.status === "COMPLETED").length,
};
if (isLoading) {

69
apps/web/src/components/widgets/__tests__/CalendarWidget.test.tsx
View File

@@ -1,58 +1,16 @@
import { describe, it, expect, beforeEach, afterEach, vi } from "vitest";
import { render, screen, waitFor } from "@testing-library/react";
import type { Event } from "@mosaic/shared";
import { act, render, screen } from "@testing-library/react";
import { CalendarWidget } from "../CalendarWidget";
import { fetchEvents } from "@/lib/api/events";
vi.mock("@/lib/api/events", () => ({
fetchEvents: vi.fn(),
}));
const mockEvents: Event[] = [
{
id: "event-1",
title: "API Planning",
description: null,
startTime: new Date("2026-02-01T09:00:00Z"),
endTime: new Date("2026-02-01T09:30:00Z"),
allDay: false,
location: "Zoom",
recurrence: null,
creatorId: "user-1",
workspaceId: "workspace-1",
projectId: null,
metadata: {},
createdAt: new Date("2026-01-30T09:00:00Z"),
updatedAt: new Date("2026-01-30T09:00:00Z"),
},
{
id: "event-2",
title: "API Review",
description: null,
startTime: new Date("2026-02-02T10:00:00Z"),
endTime: new Date("2026-02-02T11:00:00Z"),
allDay: false,
location: "Room 1",
recurrence: null,
creatorId: "user-1",
workspaceId: "workspace-1",
projectId: null,
metadata: {},
createdAt: new Date("2026-01-30T09:00:00Z"),
updatedAt: new Date("2026-01-30T09:00:00Z"),
},
];
async function finishWidgetLoad(): Promise<void> {
await waitFor(() => {
expect(screen.queryByText("Loading events...")).not.toBeInTheDocument();
await act(async () => {
await vi.advanceTimersByTimeAsync(500);
});
}
describe("CalendarWidget", (): void => {
beforeEach((): void => {
vi.clearAllMocks();
vi.mocked(fetchEvents).mockResolvedValue(mockEvents);
vi.useFakeTimers();
vi.setSystemTime(new Date("2026-02-01T08:00:00Z"));
});
@@ -66,15 +24,15 @@ describe("CalendarWidget", (): void => {
expect(screen.getByText("Loading events...")).toBeInTheDocument();
});
it("fetches and renders upcoming events after loading", async (): Promise<void> => {
it("renders upcoming events after loading", async (): Promise<void> => {
render(<CalendarWidget id="calendar-1" />);
await finishWidgetLoad();
expect(fetchEvents).toHaveBeenCalledTimes(1);
expect(screen.getByText("Upcoming Events")).toBeInTheDocument();
expect(screen.getByText("API Planning")).toBeInTheDocument();
expect(screen.getByText("API Review")).toBeInTheDocument();
expect(screen.getByText("Team Standup")).toBeInTheDocument();
expect(screen.getByText("Project Review")).toBeInTheDocument();
expect(screen.getByText("Sprint Planning")).toBeInTheDocument();
});
it("shows relative day labels", async (): Promise<void> => {
@@ -92,15 +50,6 @@ describe("CalendarWidget", (): void => {
await finishWidgetLoad();
expect(screen.getByText("Zoom")).toBeInTheDocument();
expect(screen.getByText("Room 1")).toBeInTheDocument();
});
it("shows empty state when no events are returned", async (): Promise<void> => {
vi.mocked(fetchEvents).mockResolvedValueOnce([]);
render(<CalendarWidget id="calendar-1" />);
await finishWidgetLoad();
expect(screen.getByText("No upcoming events")).toBeInTheDocument();
expect(screen.getByText("Conference Room A")).toBeInTheDocument();
});
});

98
apps/web/src/components/widgets/__tests__/TasksWidget.test.tsx
View File

@@ -1,80 +1,20 @@
import { describe, it, expect, beforeEach, vi } from "vitest";
import { render, screen, waitFor } from "@testing-library/react";
import { TaskStatus, TaskPriority, type Task } from "@mosaic/shared";
import { describe, it, expect, beforeEach, afterEach, vi } from "vitest";
import { act, render, screen } from "@testing-library/react";
import { TasksWidget } from "../TasksWidget";
import { fetchTasks } from "@/lib/api/tasks";
vi.mock("@/lib/api/tasks", () => ({
fetchTasks: vi.fn(),
}));
const mockTasks: Task[] = [
{
id: "task-1",
title: "API task one",
description: null,
status: TaskStatus.IN_PROGRESS,
priority: TaskPriority.HIGH,
dueDate: new Date("2026-02-03T09:00:00Z"),
creatorId: "user-1",
assigneeId: "user-1",
workspaceId: "workspace-1",
projectId: null,
parentId: null,
sortOrder: 0,
metadata: {},
completedAt: null,
createdAt: new Date("2026-02-01T09:00:00Z"),
updatedAt: new Date("2026-02-01T09:00:00Z"),
},
{
id: "task-2",
title: "API task two",
description: null,
status: TaskStatus.NOT_STARTED,
priority: TaskPriority.MEDIUM,
dueDate: new Date("2026-02-04T09:00:00Z"),
creatorId: "user-1",
assigneeId: "user-1",
workspaceId: "workspace-1",
projectId: null,
parentId: null,
sortOrder: 1,
metadata: {},
completedAt: null,
createdAt: new Date("2026-02-01T09:00:00Z"),
updatedAt: new Date("2026-02-01T09:00:00Z"),
},
{
id: "task-3",
title: "API task three",
description: null,
status: TaskStatus.COMPLETED,
priority: TaskPriority.LOW,
dueDate: new Date("2026-02-05T09:00:00Z"),
creatorId: "user-1",
assigneeId: "user-1",
workspaceId: "workspace-1",
projectId: null,
parentId: null,
sortOrder: 2,
metadata: {},
completedAt: new Date("2026-02-02T09:00:00Z"),
createdAt: new Date("2026-02-01T09:00:00Z"),
updatedAt: new Date("2026-02-02T09:00:00Z"),
},
];
async function finishWidgetLoad(): Promise<void> {
await waitFor(() => {
expect(screen.queryByText("Loading tasks...")).not.toBeInTheDocument();
await act(async () => {
await vi.advanceTimersByTimeAsync(500);
});
}
describe("TasksWidget", (): void => {
beforeEach((): void => {
vi.clearAllMocks();
vi.mocked(fetchTasks).mockResolvedValue(mockTasks);
vi.useFakeTimers();
});
afterEach((): void => {
vi.useRealTimers();
});
it("renders loading state initially", (): void => {
@@ -83,26 +23,25 @@ describe("TasksWidget", (): void => {
expect(screen.getByText("Loading tasks...")).toBeInTheDocument();
});
it("fetches tasks and renders summary stats", async (): Promise<void> => {
it("renders default summary stats", async (): Promise<void> => {
render(<TasksWidget id="tasks-1" />);
await finishWidgetLoad();
expect(fetchTasks).toHaveBeenCalledTimes(1);
expect(screen.getByText("Total")).toBeInTheDocument();
expect(screen.getByText("In Progress")).toBeInTheDocument();
expect(screen.getByText("Done")).toBeInTheDocument();
expect(screen.getByText("3")).toBeInTheDocument();
});
it("renders task rows from API response", async (): Promise<void> => {
it("renders default task rows", async (): Promise<void> => {
render(<TasksWidget id="tasks-1" />);
await finishWidgetLoad();
expect(screen.getByText("API task one")).toBeInTheDocument();
expect(screen.getByText("API task two")).toBeInTheDocument();
expect(screen.getByText("API task three")).toBeInTheDocument();
expect(screen.getByText("Complete project documentation")).toBeInTheDocument();
expect(screen.getByText("Review pull requests")).toBeInTheDocument();
expect(screen.getByText("Update dependencies")).toBeInTheDocument();
});
it("shows due date labels for each task", async (): Promise<void> => {
@@ -112,13 +51,4 @@ describe("TasksWidget", (): void => {
expect(screen.getAllByText(/Due:/).length).toBe(3);
});
it("shows empty state when API returns no tasks", async (): Promise<void> => {
vi.mocked(fetchTasks).mockResolvedValueOnce([]);
render(<TasksWidget id="tasks-1" />);
await finishWidgetLoad();
expect(screen.getByText("No tasks yet")).toBeInTheDocument();
});
});

249
apps/web/src/hooks/useChat.test.ts
View File

@@ -9,6 +9,7 @@ import { useChat, type Message } from "./useChat";
import * as chatApi from "@/lib/api/chat";
import * as ideasApi from "@/lib/api/ideas";
import type { Idea } from "@/lib/api/ideas";
import type { ChatResponse } from "@/lib/api/chat";
// Mock the API modules - use importOriginal to preserve types/enums
vi.mock("@/lib/api/chat", () => ({
@@ -36,8 +37,24 @@ const mockStreamChatMessage = chatApi.streamChatMessage as MockedFunction<
const mockCreateConversation = ideasApi.createConversation as MockedFunction<
typeof ideasApi.createConversation
>;
const mockUpdateConversation = ideasApi.updateConversation as MockedFunction<
typeof ideasApi.updateConversation
>;
const mockGetIdea = ideasApi.getIdea as MockedFunction<typeof ideasApi.getIdea>;
/**
* Creates a mock ChatResponse
*/
function createMockChatResponse(content: string, model = "llama3.2"): ChatResponse {
return {
message: { role: "assistant" as const, content },
model,
done: true,
promptEvalCount: 10,
evalCount: 5,
};
}
/**
* Creates a mock Idea
*/
@@ -59,9 +76,9 @@ function createMockIdea(id: string, title: string, content: string): Idea {
/**
* Configure streamChatMessage to immediately fail,
* without using a non-streaming fallback.
* triggering the fallback to sendChatMessage.
*/
function makeStreamFail(error: Error = new Error("Streaming not available")): void {
function makeStreamFail(): void {
mockStreamChatMessage.mockImplementation(
(
_request,
@@ -71,7 +88,7 @@ function makeStreamFail(error: Error = new Error("Streaming not available")): vo
_signal?: AbortSignal
): void => {
// Call synchronously so the Promise rejects immediately
onError(error);
onError(new Error("Streaming not available"));
}
);
}
@@ -138,7 +155,24 @@ describe("useChat", () => {
});
});
describe("sendMessage (streaming failure path)", () => {
describe("sendMessage (fallback path when streaming fails)", () => {
it("should add user message and assistant response via fallback", async () => {
mockSendChatMessage.mockResolvedValueOnce(createMockChatResponse("Hello there!"));
mockCreateConversation.mockResolvedValueOnce(createMockIdea("conv-1", "Test", ""));
const { result } = renderHook(() => useChat());
await act(async () => {
await result.current.sendMessage("Hello");
});
expect(result.current.messages).toHaveLength(3); // welcome + user + assistant
expect(result.current.messages[1]?.role).toBe("user");
expect(result.current.messages[1]?.content).toBe("Hello");
expect(result.current.messages[2]?.role).toBe("assistant");
expect(result.current.messages[2]?.content).toBe("Hello there!");
});
it("should not send empty messages", async () => {
const { result } = renderHook(() => useChat());
@@ -152,19 +186,22 @@ describe("useChat", () => {
expect(result.current.messages).toHaveLength(1); // only welcome
});
it("should handle streaming errors gracefully", async () => {
it("should handle API errors gracefully", async () => {
vi.spyOn(console, "error").mockImplementation(() => undefined);
vi.spyOn(console, "warn").mockImplementation(() => undefined);
makeStreamFail(new Error("Streaming not available"));
mockSendChatMessage.mockRejectedValueOnce(new Error("API Error"));
const { result } = renderHook(() => useChat());
const onError = vi.fn();
const { result } = renderHook(() => useChat({ onError }));
await act(async () => {
await result.current.sendMessage("Hello");
});
// Streaming fails, no fallback, placeholder is removed
expect(result.current.error).toContain("Chat error:");
expect(result.current.messages).toHaveLength(2); // welcome + user (no assistant)
expect(result.current.error).toBe("Unable to send message. Please try again.");
expect(onError).toHaveBeenCalledWith(expect.any(Error));
expect(result.current.messages).toHaveLength(3);
expect(result.current.messages[2]?.content).toBe("Something went wrong. Please try again.");
});
});
@@ -551,8 +588,9 @@ describe("useChat", () => {
describe("clearError", () => {
it("should clear error state", async () => {
vi.spyOn(console, "error").mockImplementation(() => undefined);
vi.spyOn(console, "warn").mockImplementation(() => undefined);
makeStreamFail(new Error("Test error"));
mockSendChatMessage.mockRejectedValueOnce(new Error("Test error"));
const { result } = renderHook(() => useChat());
@@ -560,7 +598,7 @@ describe("useChat", () => {
await result.current.sendMessage("Hello");
});
expect(result.current.error).toContain("Chat error:");
expect(result.current.error).toBe("Unable to send message. Please try again.");
act(() => {
result.current.clearError();
@@ -570,14 +608,87 @@ describe("useChat", () => {
});
});
// Note: "error context logging" tests removed - the detailed logging with LLM_ERROR type
// was removed in commit 44da50d when guest fallback mode was removed.
// The implementation now uses simple console.warn for streaming failures.
describe("error context logging", () => {
it("should log comprehensive error context when sendMessage fails", async () => {
const consoleSpy = vi.spyOn(console, "error").mockImplementation(() => undefined);
vi.spyOn(console, "warn").mockImplementation(() => undefined);
mockSendChatMessage.mockRejectedValueOnce(new Error("LLM timeout"));
const { result } = renderHook(() => useChat({ model: "llama3.2" }));
await act(async () => {
await result.current.sendMessage("Hello world");
});
expect(consoleSpy).toHaveBeenCalledWith(
"Failed to send chat message",
expect.objectContaining({
errorType: "LLM_ERROR",
messageLength: 11,
messagePreview: "Hello world",
model: "llama3.2",
timestamp: expect.any(String) as string,
})
);
});
it("should truncate long message previews to 50 characters", async () => {
const consoleSpy = vi.spyOn(console, "error").mockImplementation(() => undefined);
vi.spyOn(console, "warn").mockImplementation(() => undefined);
mockSendChatMessage.mockRejectedValueOnce(new Error("Failed"));
const longMessage = "A".repeat(100);
const { result } = renderHook(() => useChat());
await act(async () => {
await result.current.sendMessage(longMessage);
});
expect(consoleSpy).toHaveBeenCalledWith(
"Failed to send chat message",
expect.objectContaining({
messagePreview: "A".repeat(50),
messageLength: 100,
})
);
});
it("should include message count in error context", async () => {
const consoleSpy = vi.spyOn(console, "error").mockImplementation(() => undefined);
vi.spyOn(console, "warn").mockImplementation(() => undefined);
// First successful message via streaming
makeStreamSucceed(["OK"]);
mockCreateConversation.mockResolvedValueOnce(createMockIdea("conv-1", "Test", ""));
const { result } = renderHook(() => useChat());
await act(async () => {
await result.current.sendMessage("First");
});
// Second message: streaming fails, fallback fails
makeStreamFail();
mockSendChatMessage.mockRejectedValueOnce(new Error("Fail"));
await act(async () => {
await result.current.sendMessage("Second");
});
expect(consoleSpy).toHaveBeenCalledWith(
"Failed to send chat message",
expect.objectContaining({
messageCount: expect.any(Number) as number,
})
);
});
});
describe("LLM vs persistence error separation", () => {
it("should show streaming error when stream fails", async () => {
it("should show LLM error and add error message to chat when API fails", async () => {
vi.spyOn(console, "error").mockImplementation(() => undefined);
vi.spyOn(console, "warn").mockImplementation(() => undefined);
makeStreamFail(new Error("Streaming not available"));
mockSendChatMessage.mockRejectedValueOnce(new Error("Model not available"));
const { result } = renderHook(() => useChat());
@@ -585,9 +696,9 @@ describe("useChat", () => {
await result.current.sendMessage("Hello");
});
// Streaming fails, placeholder is removed, error is set
expect(result.current.error).toContain("Chat error:");
expect(result.current.messages).toHaveLength(2); // welcome + user (no assistant)
expect(result.current.error).toBe("Unable to send message. Please try again.");
expect(result.current.messages).toHaveLength(3);
expect(result.current.messages[2]?.content).toBe("Something went wrong. Please try again.");
});
it("should keep assistant message visible when save fails (streaming path)", async () => {
@@ -606,10 +717,27 @@ describe("useChat", () => {
expect(result.current.error).toContain("Message sent but failed to save");
});
it("should keep assistant message visible when save fails (fallback path)", async () => {
vi.spyOn(console, "error").mockImplementation(() => undefined);
vi.spyOn(console, "warn").mockImplementation(() => undefined);
mockSendChatMessage.mockResolvedValueOnce(createMockChatResponse("Great answer!"));
mockCreateConversation.mockRejectedValueOnce(new Error("Database connection lost"));
const { result } = renderHook(() => useChat());
await act(async () => {
await result.current.sendMessage("Hello");
});
expect(result.current.messages).toHaveLength(3);
expect(result.current.messages[2]?.content).toBe("Great answer!");
expect(result.current.error).toContain("Message sent but failed to save");
});
it("should log with PERSISTENCE_ERROR type when save fails", async () => {
const consoleSpy = vi.spyOn(console, "error").mockImplementation(() => undefined);
vi.spyOn(console, "warn").mockImplementation(() => undefined);
makeStreamSucceed(["Response"]);
mockSendChatMessage.mockResolvedValueOnce(createMockChatResponse("Response"));
mockCreateConversation.mockRejectedValueOnce(new Error("DB error"));
const { result } = renderHook(() => useChat());
@@ -637,6 +765,53 @@ describe("useChat", () => {
expect(llmErrorCalls).toHaveLength(0);
});
it("should use different user-facing messages for LLM vs save errors", async () => {
vi.spyOn(console, "error").mockImplementation(() => undefined);
vi.spyOn(console, "warn").mockImplementation(() => undefined);
// LLM error path (streaming fails + fallback fails)
mockSendChatMessage.mockRejectedValueOnce(new Error("Timeout"));
const { result: result1 } = renderHook(() => useChat());
await act(async () => {
await result1.current.sendMessage("Test");
});
const llmError = result1.current.error;
// Save error path (streaming succeeds, save fails)
makeStreamSucceed(["OK"]);
mockCreateConversation.mockRejectedValueOnce(new Error("DB down"));
const { result: result2 } = renderHook(() => useChat());
await act(async () => {
await result2.current.sendMessage("Test");
});
const saveError = result2.current.error;
expect(llmError).toBe("Unable to send message. Please try again.");
expect(saveError).toContain("Message sent but failed to save");
expect(llmError).not.toEqual(saveError);
});
it("should handle non-Error throws from LLM API", async () => {
vi.spyOn(console, "error").mockImplementation(() => undefined);
vi.spyOn(console, "warn").mockImplementation(() => undefined);
mockSendChatMessage.mockRejectedValueOnce("string error");
const onError = vi.fn();
const { result } = renderHook(() => useChat({ onError }));
await act(async () => {
await result.current.sendMessage("Hello");
});
expect(result.current.error).toBe("Unable to send message. Please try again.");
expect(onError).toHaveBeenCalledWith(expect.any(Error));
expect(result.current.messages[2]?.content).toBe("Something went wrong. Please try again.");
});
it("should handle non-Error throws from persistence layer", async () => {
vi.spyOn(console, "error").mockImplementation(() => undefined);
vi.spyOn(console, "warn").mockImplementation(() => undefined);
@@ -654,5 +829,37 @@ describe("useChat", () => {
expect(result.current.error).toBe("Message sent but failed to save. Please try again.");
expect(onError).toHaveBeenCalledWith(expect.any(Error));
});
it("should handle updateConversation failure for existing conversations", async () => {
vi.spyOn(console, "error").mockImplementation(() => undefined);
vi.spyOn(console, "warn").mockImplementation(() => undefined);
// First message via fallback
mockSendChatMessage.mockResolvedValueOnce(createMockChatResponse("First response"));
mockCreateConversation.mockResolvedValueOnce(createMockIdea("conv-1", "Test", ""));
const { result } = renderHook(() => useChat());
await act(async () => {
await result.current.sendMessage("First");
});
expect(result.current.conversationId).toBe("conv-1");
// Second message via fallback, updateConversation fails
makeStreamFail();
mockSendChatMessage.mockResolvedValueOnce(createMockChatResponse("Second response"));
mockUpdateConversation.mockRejectedValueOnce(new Error("Connection reset"));
await act(async () => {
await result.current.sendMessage("Second");
});
const assistantMessages = result.current.messages.filter(
(m) => m.role === "assistant" && m.id !== "welcome"
);
expect(assistantMessages[assistantMessages.length - 1]?.content).toBe("Second response");
expect(result.current.error).toBe("Message sent but failed to save. Please try again.");
});
});
});

72
apps/web/src/hooks/useChat.ts
View File

@@ -4,7 +4,11 @@
*/
import { useState, useCallback, useRef } from "react";
import { streamChatMessage, type ChatMessage as ApiChatMessage } from "@/lib/api/chat";
import {
sendChatMessage,
streamChatMessage,
type ChatMessage as ApiChatMessage,
} from "@/lib/api/chat";
import { createConversation, updateConversation, getIdea, type Idea } from "@/lib/api/ideas";
import { safeJsonParse, isMessageArray } from "@/lib/utils/safe-json";
@@ -214,6 +218,8 @@ export function useChat(options: UseChatOptions = {}): UseChatReturn {
const controller = new AbortController();
abortControllerRef.current = controller;
let streamingSucceeded = false;
try {
await new Promise<void>((resolve, reject) => {
let hasReceivedData = false;
@@ -241,6 +247,7 @@ export function useChat(options: UseChatOptions = {}): UseChatReturn {
});
},
() => {
streamingSucceeded = true;
setIsStreaming(false);
abortControllerRef.current = null;
resolve();
@@ -271,8 +278,8 @@ export function useChat(options: UseChatOptions = {}): UseChatReturn {
return;
}
// Streaming failed — show error (no guest fallback, auth required)
console.warn("Streaming failed", {
// Streaming failed — fall back to non-streaming
console.warn("Streaming failed, falling back to non-streaming", {
error: err instanceof Error ? err : new Error(String(err)),
});
@@ -282,15 +289,66 @@ export function useChat(options: UseChatOptions = {}): UseChatReturn {
return withoutPlaceholder;
});
setIsStreaming(false);
setIsLoading(false);
const errorMsg = err instanceof Error ? err.message : "Chat unavailable";
setError(`Chat error: ${errorMsg}`);
return;
try {
const response = await sendChatMessage(request);
const assistantMessage: Message = {
id: `assistant-${Date.now().toString()}`,
role: "assistant",
content: response.message.content,
createdAt: new Date().toISOString(),
model: response.model,
promptTokens: response.promptEvalCount ?? 0,
completionTokens: response.evalCount ?? 0,
totalTokens: (response.promptEvalCount ?? 0) + (response.evalCount ?? 0),
};
setMessages((prev) => {
const updated = [...prev, assistantMessage];
messagesRef.current = updated;
return updated;
});
streamingSucceeded = true;
} catch (fallbackErr: unknown) {
const errorMsg =
fallbackErr instanceof Error ? fallbackErr.message : "Failed to send message";
setError("Unable to send message. Please try again.");
onError?.(fallbackErr instanceof Error ? fallbackErr : new Error(errorMsg));
console.error("Failed to send chat message", {
error: fallbackErr,
errorType: "LLM_ERROR",
conversationId: conversationIdRef.current,
messageLength: content.length,
messagePreview: content.substring(0, 50),
model,
messageCount: messagesRef.current.length,
timestamp: new Date().toISOString(),
});
const errorMessage: Message = {
id: `error-${String(Date.now())}`,
role: "assistant",
content: "Something went wrong. Please try again.",
createdAt: new Date().toISOString(),
};
setMessages((prev) => {
const updated = [...prev, errorMessage];
messagesRef.current = updated;
return updated;
});
setIsLoading(false);
return;
}
}
setIsLoading(false);
if (!streamingSucceeded) {
return;
}
const finalMessages = messagesRef.current;
const isFirstMessage =

139
apps/web/src/lib/api/activity.ts
View File

@@ -1,139 +0,0 @@
/**
* Activity API Client
* Handles activity-log-related API requests
*/
import { apiGet, type ApiResponse } from "./client";
/**
* Activity action enum (matches backend ActivityAction)
*/
export enum ActivityAction {
CREATED = "CREATED",
UPDATED = "UPDATED",
DELETED = "DELETED",
COMPLETED = "COMPLETED",
ASSIGNED = "ASSIGNED",
}
/**
* Entity type enum (matches backend EntityType)
*/
export enum EntityType {
TASK = "TASK",
EVENT = "EVENT",
PROJECT = "PROJECT",
WORKSPACE = "WORKSPACE",
USER = "USER",
DOMAIN = "DOMAIN",
IDEA = "IDEA",
}
/**
* Activity log response interface (matches Prisma ActivityLog model)
*/
export interface ActivityLog {
id: string;
workspaceId: string;
userId: string;
action: ActivityAction;
entityType: EntityType;
entityId: string;
details: Record<string, unknown> | null;
ipAddress: string | null;
userAgent: string | null;
createdAt: string;
user?: {
id: string;
name: string | null;
email: string;
};
}
/**
* Filters for querying activity logs
*/
export interface ActivityLogFilters {
workspaceId?: string;
userId?: string;
action?: ActivityAction;
entityType?: EntityType;
entityId?: string;
startDate?: string;
endDate?: string;
page?: number;
limit?: number;
}
/**
* Paginated activity logs response
*/
export interface PaginatedActivityLogs {
data: ActivityLog[];
meta: {
total: number;
page: number;
limit: number;
totalPages: number;
};
}
/**
* Fetch activity logs with optional filters
*/
export async function fetchActivityLogs(filters?: ActivityLogFilters): Promise<ActivityLog[]> {
const params = new URLSearchParams();
if (filters?.userId) {
params.append("userId", filters.userId);
}
if (filters?.action) {
params.append("action", filters.action);
}
if (filters?.entityType) {
params.append("entityType", filters.entityType);
}
if (filters?.entityId) {
params.append("entityId", filters.entityId);
}
if (filters?.startDate) {
params.append("startDate", filters.startDate);
}
if (filters?.endDate) {
params.append("endDate", filters.endDate);
}
if (filters?.page !== undefined) {
params.append("page", String(filters.page));
}
if (filters?.limit !== undefined) {
params.append("limit", String(filters.limit));
}
const queryString = params.toString();
const endpoint = queryString ? `/api/activity?${queryString}` : "/api/activity";
const response = await apiGet<PaginatedActivityLogs>(endpoint, filters?.workspaceId);
return response.data;
}
/**
* Fetch a single activity log by ID
*/
export async function fetchActivityLog(id: string, workspaceId?: string): Promise<ActivityLog> {
return apiGet<ActivityLog>(`/api/activity/${id}`, workspaceId);
}
/**
* Fetch audit trail for a specific entity
*/
export async function fetchAuditTrail(
entityType: EntityType,
entityId: string,
workspaceId?: string
): Promise<ActivityLog[]> {
const response = await apiGet<ApiResponse<ActivityLog[]>>(
`/api/activity/audit/${entityType}/${entityId}`,
workspaceId
);
return response.data;
}

251
apps/web/src/lib/api/chat.ts
View File

@@ -1,6 +1,6 @@
/**
* Chat API client
* Handles LLM chat interactions via /api/chat/stream (streaming) and /api/llm/chat (fallback)
* Handles LLM chat interactions via /api/llm/chat
*/
import { apiPost, fetchCsrfToken, getCsrfToken } from "./client";
@@ -33,28 +33,9 @@ export interface ChatResponse {
}
/**
* Parsed SSE data chunk from OpenAI-compatible stream
* Parsed SSE data chunk from the LLM stream
*/
interface OpenAiSseChunk {
id?: string;
object?: string;
created?: number;
model?: string;
choices?: {
index: number;
delta?: {
role?: string;
content?: string;
};
finish_reason?: string | null;
}[];
error?: string;
}
/**
* Parsed SSE data chunk from legacy /api/llm/chat stream
*/
interface LegacySseChunk {
interface SseChunk {
error?: string;
message?: {
role: string;
@@ -65,17 +46,7 @@ interface LegacySseChunk {
}
/**
* Parsed SSE data chunk with simple token format
*/
interface SimpleTokenChunk {
token?: string;
done?: boolean;
error?: string;
}
/**
* Send a chat message to the LLM (non-streaming fallback)
* Uses /api/llm/chat endpoint which supports both streaming and non-streaming
* Send a chat message to the LLM
*/
export async function sendChatMessage(request: ChatRequest): Promise<ChatResponse> {
return apiPost<ChatResponse>("/api/llm/chat", request);
@@ -92,158 +63,14 @@ async function ensureCsrfTokenForStream(): Promise<string> {
return fetchCsrfToken();
}
/**
* Stream a guest chat message (no authentication required).
* Uses /api/chat/guest endpoint with shared LLM configuration.
*
* @param request - Chat request
* @param onChunk - Called with each token string as it arrives
* @param onComplete - Called when the stream finishes successfully
* @param onError - Called if the stream encounters an error
* @param signal - Optional AbortSignal for cancellation
*/
export function streamGuestChat(
request: ChatRequest,
onChunk: (chunk: string) => void,
onComplete: () => void,
onError: (error: Error) => void,
signal?: AbortSignal
): void {
void (async (): Promise<void> => {
try {
const response = await fetch(`${API_BASE_URL}/api/chat/guest`, {
method: "POST",
headers: {
"Content-Type": "application/json",
},
credentials: "include",
body: JSON.stringify({ messages: request.messages, stream: true }),
signal: signal ?? null,
});
if (!response.ok) {
const errorText = await response.text().catch(() => response.statusText);
throw new Error(`Guest chat failed: ${errorText}`);
}
if (!response.body) {
throw new Error("Response body is not readable");
}
const reader = response.body.getReader();
const decoder = new TextDecoder("utf-8");
let buffer = "";
let readerDone = false;
while (!readerDone) {
const { done, value } = await reader.read();
readerDone = done;
if (done) {
break;
}
buffer += decoder.decode(value, { stream: true });
// SSE messages are separated by double newlines
const parts = buffer.split("\n\n");
buffer = parts.pop() ?? "";
for (const part of parts) {
const trimmed = part.trim();
if (!trimmed) continue;
// Handle event: error format
const eventMatch = /^event:\s*(\S+)\n/i.exec(trimmed);
const dataMatch = /^data:\s*(.+)$/im.exec(trimmed);
if (eventMatch?.[1] === "error" && dataMatch?.[1]) {
try {
const errorData = JSON.parse(dataMatch[1].trim()) as {
error?: string;
};
throw new Error(errorData.error ?? "Stream error occurred");
} catch (parseErr) {
if (parseErr instanceof SyntaxError) {
throw new Error("Stream error occurred");
}
throw parseErr;
}
}
// Standard SSE format: data: {...}
for (const line of trimmed.split("\n")) {
if (!line.startsWith("data: ")) continue;
const data = line.slice("data: ".length).trim();
if (data === "[DONE]") {
onComplete();
return;
}
try {
const parsed: unknown = JSON.parse(data);
// Handle OpenAI format
const openAiChunk = parsed as OpenAiSseChunk;
if (openAiChunk.choices?.[0]?.delta?.content) {
onChunk(openAiChunk.choices[0].delta.content);
continue;
}
// Handle simple token format
const simpleChunk = parsed as SimpleTokenChunk;
if (simpleChunk.token) {
onChunk(simpleChunk.token);
continue;
}
if (simpleChunk.done === true) {
onComplete();
return;
}
const error = openAiChunk.error ?? simpleChunk.error;
if (error) {
throw new Error(error);
}
} catch (parseErr) {
if (parseErr instanceof SyntaxError) {
continue;
}
throw parseErr;
}
}
}
}
onComplete();
} catch (err: unknown) {
if (err instanceof DOMException && err.name === "AbortError") {
return;
}
onError(err instanceof Error ? err : new Error(String(err)));
}
})();
}
/**
* Stream a chat message from the LLM using SSE over fetch.
*
* Uses /api/chat/stream endpoint which proxies to OpenClaw.
* The backend responds with Server-Sent Events in one of these formats:
*
* OpenAI-compatible format:
* data: {"choices":[{"delta":{"content":"token"}}],...}\n\n
* data: [DONE]\n\n
*
* Legacy format (from /api/llm/chat):
* data: {"message":{"content":"token"},...}\n\n
* data: [DONE]\n\n
*
* Simple token format:
* data: {"token":"..."}\n\n
* data: {"done":true}\n\n
* The backend accepts stream: true in the request body and responds with
* Server-Sent Events:
* data: {"message":{"content":"token"},...}\n\n for each token
* data: [DONE]\n\n when the stream is complete
* data: {"error":"message"}\n\n on error
*
* @param request - Chat request (stream field will be forced to true)
* @param onChunk - Called with each token string as it arrives
@@ -262,14 +89,14 @@ export function streamChatMessage(
try {
const csrfToken = await ensureCsrfTokenForStream();
const response = await fetch(`${API_BASE_URL}/api/chat/stream`, {
const response = await fetch(`${API_BASE_URL}/api/llm/chat`, {
method: "POST",
headers: {
"Content-Type": "application/json",
"X-CSRF-Token": csrfToken,
},
credentials: "include",
body: JSON.stringify({ messages: request.messages, stream: true }),
body: JSON.stringify({ ...request, stream: true }),
signal: signal ?? null,
});
@@ -305,25 +132,6 @@ export function streamChatMessage(
const trimmed = part.trim();
if (!trimmed) continue;
// Handle event: error format
const eventMatch = /^event:\s*(\S+)\n/i.exec(trimmed);
const dataMatch = /^data:\s*(.+)$/im.exec(trimmed);
if (eventMatch?.[1] === "error" && dataMatch?.[1]) {
try {
const errorData = JSON.parse(dataMatch[1].trim()) as {
error?: string;
};
throw new Error(errorData.error ?? "Stream error occurred");
} catch (parseErr) {
if (parseErr instanceof SyntaxError) {
throw new Error("Stream error occurred");
}
throw parseErr;
}
}
// Standard SSE format: data: {...}
for (const line of trimmed.split("\n")) {
if (!line.startsWith("data: ")) continue;
@@ -335,39 +143,14 @@ export function streamChatMessage(
}
try {
const parsed: unknown = JSON.parse(data);
const parsed = JSON.parse(data) as SseChunk;
// Handle OpenAI format (from /api/chat/stream via OpenClaw)
const openAiChunk = parsed as OpenAiSseChunk;
if (openAiChunk.choices?.[0]?.delta?.content) {
onChunk(openAiChunk.choices[0].delta.content);
continue;
if (parsed.error) {
throw new Error(parsed.error);
}
// Handle legacy format (from /api/llm/chat)
const legacyChunk = parsed as LegacySseChunk;
if (legacyChunk.message?.content) {
onChunk(legacyChunk.message.content);
continue;
}
// Handle simple token format
const simpleChunk = parsed as SimpleTokenChunk;
if (simpleChunk.token) {
onChunk(simpleChunk.token);
continue;
}
// Handle done flag in simple format
if (simpleChunk.done === true) {
onComplete();
return;
}
// Handle error in any format
const error = openAiChunk.error ?? legacyChunk.error ?? simpleChunk.error;
if (error) {
throw new Error(error);
if (parsed.message?.content) {
onChunk(parsed.message.content);
}
} catch (parseErr) {
if (parseErr instanceof SyntaxError) {
@@ -379,7 +162,7 @@ export function streamChatMessage(
}
}
// Natural end of stream without [DONE] or done flag
// Natural end of stream without [DONE]
onComplete();
} catch (err: unknown) {
if (err instanceof DOMException && err.name === "AbortError") {

1
apps/web/src/lib/api/index.ts
View File

@@ -18,4 +18,3 @@ export * from "./projects";
export * from "./workspaces";
export * from "./admin";
export * from "./fleet-settings";
export * from "./activity";

2
apps/web/src/lib/api/projects.ts
View File

@@ -95,7 +95,6 @@ export interface CreateProjectDto {
startDate?: string;
endDate?: string;
color?: string;
domainId?: string;
metadata?: Record<string, unknown>;
}
@@ -109,7 +108,6 @@ export interface UpdateProjectDto {
startDate?: string | null;
endDate?: string | null;
color?: string | null;
domainId?: string | null;
metadata?: Record<string, unknown>;
}

53
apps/web/src/lib/api/telemetry.test.ts
View File

@@ -1,53 +0,0 @@
import { describe, it, expect, beforeEach, afterEach, vi } from "vitest";
import { fetchUsageSummary } from "./telemetry";
vi.mock("./client", () => ({
apiGet: vi.fn(),
}));
const { apiGet } = await import("./client");
describe("Telemetry API Client", (): void => {
beforeEach((): void => {
vi.clearAllMocks();
vi.useFakeTimers();
vi.setSystemTime(new Date("2026-03-02T12:00:00Z"));
});
afterEach((): void => {
vi.useRealTimers();
});
it("fetches usage summary from llm usage analytics endpoint", async (): Promise<void> => {
vi.mocked(apiGet).mockResolvedValueOnce({
data: {
totalCalls: 47,
totalPromptTokens: 120000,
totalCompletionTokens: 125800,
totalTokens: 245800,
totalCostCents: 342,
averageDurationMs: 3200,
byProvider: [],
byModel: [],
byTaskType: [],
},
});
const result = await fetchUsageSummary("30d");
const calledEndpoint = vi.mocked(apiGet).mock.calls[0]?.[0];
expect(calledEndpoint).toMatch(/^\/api\/llm-usage\/analytics\?/);
const queryString = calledEndpoint?.split("?")[1] ?? "";
const params = new URLSearchParams(queryString);
expect(params.get("startDate")).toBeTruthy();
expect(params.get("endDate")).toBeTruthy();
expect(result).toEqual({
totalTokens: 245800,
totalCost: 3.42,
taskCount: 47,
avgQualityGatePassRate: 0,
});
});
});

186
apps/web/src/lib/api/telemetry.ts
View File

@@ -1,6 +1,10 @@
/**
* Telemetry API Client
* Handles telemetry data fetching for the usage dashboard.
*
* NOTE: Currently returns mock/placeholder data since the telemetry API
* aggregation endpoints don't exist yet. The important thing is the UI structure.
* When the backend endpoints are ready, replace mock calls with real apiGet() calls.
*/
import { apiGet, type ApiResponse } from "./client";
@@ -56,84 +60,65 @@ export interface EstimateResponse {
};
}
interface ProviderUsageAnalyticsItem {
provider: string;
calls: number;
promptTokens: number;
completionTokens: number;
totalTokens: number;
costCents: number;
averageDurationMs: number;
}
// ─── Mock Data Generators ────────────────────────────────────────────
interface ModelUsageAnalyticsItem {
model: string;
calls: number;
promptTokens: number;
completionTokens: number;
totalTokens: number;
costCents: number;
averageDurationMs: number;
}
function generateDateRange(range: TimeRange): string[] {
const days = range === "7d" ? 7 : range === "30d" ? 30 : 90;
const dates: string[] = [];
const now = new Date();
interface TaskTypeUsageAnalyticsItem {
taskType: string;
calls: number;
promptTokens: number;
completionTokens: number;
totalTokens: number;
costCents: number;
averageDurationMs: number;
}
interface UsageAnalyticsResponse {
totalCalls: number;
totalPromptTokens: number;
totalCompletionTokens: number;
totalTokens: number;
totalCostCents: number;
averageDurationMs: number;
byProvider: ProviderUsageAnalyticsItem[];
byModel: ModelUsageAnalyticsItem[];
byTaskType: TaskTypeUsageAnalyticsItem[];
}
const TASK_OUTCOME_COLORS = ["#6EBF8B", "#F5C862", "#94A3B8", "#C4A5DE", "#7AA2F7"];
const DAYS_BY_RANGE: Record<TimeRange, number> = {
"7d": 7,
"30d": 30,
"90d": 90,
};
const analyticsRequestCache = new Map<TimeRange, Promise<UsageAnalyticsResponse>>();
function buildAnalyticsEndpoint(timeRange: TimeRange): string {
const endDate = new Date();
const startDate = new Date(endDate);
startDate.setDate(startDate.getDate() - (DAYS_BY_RANGE[timeRange] - 1));
startDate.setHours(0, 0, 0, 0);
const query = new URLSearchParams({
startDate: startDate.toISOString(),
endDate: endDate.toISOString(),
}).toString();
return `/api/llm-usage/analytics?${query}`;
}
async function fetchUsageAnalytics(timeRange: TimeRange): Promise<UsageAnalyticsResponse> {
const cachedRequest = analyticsRequestCache.get(timeRange);
if (cachedRequest) {
return cachedRequest;
for (let i = days - 1; i >= 0; i--) {
const d = new Date(now);
d.setDate(d.getDate() - i);
dates.push(d.toISOString().split("T")[0] ?? "");
}
const request = apiGet<ApiResponse<UsageAnalyticsResponse>>(buildAnalyticsEndpoint(timeRange))
.then((response) => response.data)
.finally(() => {
analyticsRequestCache.delete(timeRange);
});
return dates;
}
analyticsRequestCache.set(timeRange, request);
return request;
function generateMockTokenUsage(range: TimeRange): TokenUsagePoint[] {
const dates = generateDateRange(range);
return dates.map((date) => {
const baseInput = 8000 + Math.floor(Math.random() * 12000);
const baseOutput = 3000 + Math.floor(Math.random() * 7000);
return {
date,
inputTokens: baseInput,
outputTokens: baseOutput,
totalTokens: baseInput + baseOutput,
};
});
}
function generateMockSummary(range: TimeRange): UsageSummary {
const multiplier = range === "7d" ? 1 : range === "30d" ? 4 : 12;
return {
totalTokens: 245_800 * multiplier,
totalCost: 3.42 * multiplier,
taskCount: 47 * multiplier,
avgQualityGatePassRate: 0.87,
};
}
function generateMockCostBreakdown(): CostBreakdownItem[] {
return [
{ model: "claude-sonnet-4-5", provider: "anthropic", cost: 18.5, taskCount: 124 },
{ model: "gpt-4o", provider: "openai", cost: 12.3, taskCount: 89 },
{ model: "claude-haiku-3.5", provider: "anthropic", cost: 4.2, taskCount: 156 },
{ model: "llama-3.3-70b", provider: "ollama", cost: 0, taskCount: 67 },
{ model: "gemini-2.0-flash", provider: "google", cost: 2.8, taskCount: 42 },
];
}
// PDA-friendly colors: calm, no aggressive reds
function generateMockTaskOutcomes(): TaskOutcomeItem[] {
return [
{ outcome: "Success", count: 312, color: "#6EBF8B" },
{ outcome: "Partial", count: 48, color: "#F5C862" },
{ outcome: "Timeout", count: 18, color: "#94A3B8" },
{ outcome: "Incomplete", count: 22, color: "#C4A5DE" },
];
}
// ─── API Functions ───────────────────────────────────────────────────
@@ -142,54 +127,47 @@ async function fetchUsageAnalytics(timeRange: TimeRange): Promise<UsageAnalytics
* Fetch usage summary data (total tokens, cost, task count, quality rate)
*/
export async function fetchUsageSummary(timeRange: TimeRange): Promise<UsageSummary> {
const analytics = await fetchUsageAnalytics(timeRange);
return {
totalTokens: analytics.totalTokens,
totalCost: analytics.totalCostCents / 100,
taskCount: analytics.totalCalls,
avgQualityGatePassRate: 0,
};
// TODO: Replace with real API call when backend aggregation endpoints are ready
// const response = await apiGet<ApiResponse<UsageSummary>>(`/api/telemetry/summary?range=${timeRange}`);
// return response.data;
void apiGet; // suppress unused import warning in the meantime
await new Promise((resolve) => setTimeout(resolve, 200));
return generateMockSummary(timeRange);
}
/**
* Fetch token usage time series for charts
*/
export function fetchTokenUsage(timeRange: TimeRange): Promise<TokenUsagePoint[]> {
void timeRange;
return Promise.resolve([]);
export async function fetchTokenUsage(timeRange: TimeRange): Promise<TokenUsagePoint[]> {
// TODO: Replace with real API call
// const response = await apiGet<ApiResponse<TokenUsagePoint[]>>(`/api/telemetry/tokens?range=${timeRange}`);
// return response.data;
await new Promise((resolve) => setTimeout(resolve, 250));
return generateMockTokenUsage(timeRange);
}
/**
* Fetch cost breakdown by model
*/
export async function fetchCostBreakdown(timeRange: TimeRange): Promise<CostBreakdownItem[]> {
const analytics = await fetchUsageAnalytics(timeRange);
return analytics.byModel
.filter((item) => item.calls > 0)
.sort((a, b) => b.costCents - a.costCents)
.map((item) => ({
model: item.model,
provider: "unknown",
cost: item.costCents / 100,
taskCount: item.calls,
}));
// TODO: Replace with real API call
// const response = await apiGet<ApiResponse<CostBreakdownItem[]>>(`/api/telemetry/costs?range=${timeRange}`);
// return response.data;
await new Promise((resolve) => setTimeout(resolve, 200));
void timeRange;
return generateMockCostBreakdown();
}
/**
* Fetch task outcome distribution
*/
export async function fetchTaskOutcomes(timeRange: TimeRange): Promise<TaskOutcomeItem[]> {
const analytics = await fetchUsageAnalytics(timeRange);
return analytics.byTaskType
.filter((item) => item.calls > 0)
.map((item, index) => ({
outcome: item.taskType,
count: item.calls,
color: TASK_OUTCOME_COLORS[index % TASK_OUTCOME_COLORS.length] ?? "#94A3B8",
}));
// TODO: Replace with real API call
// const response = await apiGet<ApiResponse<TaskOutcomeItem[]>>(`/api/telemetry/outcomes?range=${timeRange}`);
// return response.data;
await new Promise((resolve) => setTimeout(resolve, 150));
void timeRange;
return generateMockTaskOutcomes();
}
/**

111
docker-compose.swarm.portainer.yml
View File

@@ -9,8 +9,6 @@
# - OpenBao: Standalone container (see docker-compose.openbao.yml)
# - Authentik: External OIDC provider
# - Ollama: External AI inference
# - PostgreSQL: Provided by the openbrain stack (openbrain_brain-db)
# Deploy openbrain stack before this stack.
#
# Usage (Portainer):
# 1. Stacks -> Add Stack -> Upload or paste
@@ -38,75 +36,37 @@
# Required vars use plain ${VAR} — the app validates at startup.
#
# ==============================================
# DATABASE (openbrain_brain-db — external)
# ==============================================
#
# This stack uses the PostgreSQL instance from the openbrain stack.
# The openbrain stack must be deployed first and its brain-internal
# overlay network must exist.
#
# Required env vars for DB access:
# BRAIN_DB_ADMIN_USER — openbrain superuser (default: openbrain)
# BRAIN_DB_ADMIN_PASSWORD — openbrain superuser password
# (must match openbrain stack POSTGRES_PASSWORD)
# POSTGRES_USER — mosaic application DB user (created by mosaic-db-init)
# POSTGRES_PASSWORD — mosaic application DB password
# POSTGRES_DB — mosaic application database name (default: mosaic)
#
# ==============================================
services:
# ============================================
# DATABASE INIT
# CORE INFRASTRUCTURE
# ============================================
# ======================
# Mosaic Database Init
# PostgreSQL Database
# ======================
# Creates the mosaic application user and database in the shared
# openbrain PostgreSQL instance (openbrain_brain-db).
# Runs once and exits. Idempotent — safe to run on every deploy.
mosaic-db-init:
image: postgres:17-alpine
postgres:
image: git.mosaicstack.dev/mosaic/stack-postgres:${IMAGE_TAG:-latest}
environment:
PGHOST: openbrain_brain-db
PGPORT: 5432
PGUSER: ${BRAIN_DB_ADMIN_USER:-openbrain}
PGPASSWORD: ${BRAIN_DB_ADMIN_PASSWORD}
MOSAIC_USER: ${POSTGRES_USER}
MOSAIC_PASSWORD: ${POSTGRES_PASSWORD}
MOSAIC_DB: ${POSTGRES_DB:-mosaic}
entrypoint: ["sh", "-c"]
command:
- |
until pg_isready -h openbrain_brain-db -p 5432 -U $${PGUSER}; do
echo "Waiting for openbrain_brain-db..."
sleep 2
done
echo "Database ready. Creating mosaic user and database..."
psql -h openbrain_brain-db -U $${PGUSER} -tc "SELECT 1 FROM pg_roles WHERE rolname='$${MOSAIC_USER}'" | grep -q 1 || \
psql -h openbrain_brain-db -U $${PGUSER} -c "CREATE USER $${MOSAIC_USER} WITH PASSWORD '$${MOSAIC_PASSWORD}';"
psql -h openbrain_brain-db -U $${PGUSER} -tc "SELECT 1 FROM pg_database WHERE datname='$${MOSAIC_DB}'" | grep -q 1 || \
psql -h openbrain_brain-db -U $${PGUSER} -c "CREATE DATABASE $${MOSAIC_DB} OWNER $${MOSAIC_USER} ENCODING 'UTF8' LC_COLLATE='C' LC_CTYPE='C' TEMPLATE template0;"
echo "Enabling required extensions in $${MOSAIC_DB}..."
psql -h openbrain_brain-db -U $${PGUSER} -d $${MOSAIC_DB} -c "CREATE EXTENSION IF NOT EXISTS vector;"
psql -h openbrain_brain-db -U $${PGUSER} -d $${MOSAIC_DB} -c "CREATE EXTENSION IF NOT EXISTS \"uuid-ossp\";"
echo "Mosaic database ready: $${MOSAIC_DB}"
POSTGRES_USER: ${POSTGRES_USER}
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
POSTGRES_DB: ${POSTGRES_DB}
POSTGRES_SHARED_BUFFERS: ${POSTGRES_SHARED_BUFFERS:-256MB}
POSTGRES_EFFECTIVE_CACHE_SIZE: ${POSTGRES_EFFECTIVE_CACHE_SIZE:-1GB}
POSTGRES_MAX_CONNECTIONS: ${POSTGRES_MAX_CONNECTIONS:-100}
volumes:
- postgres_data:/var/lib/postgresql/data
healthcheck:
test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER} -d ${POSTGRES_DB}"]
interval: 10s
timeout: 5s
retries: 5
start_period: 30s
networks:
- openbrain-brain-internal
- internal
deploy:
restart_policy:
condition: on-failure
delay: 5s
max_attempts: 5
# ============================================
# CORE INFRASTRUCTURE
# ============================================
# ======================
# Valkey Cache
@@ -145,7 +105,7 @@ services:
NODE_ENV: production
PORT: ${API_PORT:-3001}
API_HOST: ${API_HOST:-0.0.0.0}
DATABASE_URL: postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@openbrain_brain-db:5432/${POSTGRES_DB:-mosaic}
DATABASE_URL: postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@postgres:5432/${POSTGRES_DB}
VALKEY_URL: redis://valkey:6379
# Auth (external Authentik)
OIDC_ENABLED: ${OIDC_ENABLED:-false}
@@ -168,8 +128,6 @@ services:
# Matrix bridge (optional — configure after Synapse is running)
MATRIX_HOMESERVER_URL: ${MATRIX_HOMESERVER_URL:-http://synapse:8008}
MATRIX_ACCESS_TOKEN: ${MATRIX_ACCESS_TOKEN:-}
# System admin IDs (comma-separated user UUIDs) for auth settings access
SYSTEM_ADMIN_IDS: ${SYSTEM_ADMIN_IDS:-}
MATRIX_BOT_USER_ID: ${MATRIX_BOT_USER_ID:-}
MATRIX_CONTROL_ROOM_ID: ${MATRIX_CONTROL_ROOM_ID:-}
MATRIX_WORKSPACE_ID: ${MATRIX_WORKSPACE_ID:-}
@@ -203,7 +161,6 @@ services:
networks:
- internal
- traefik-public
- openbrain-brain-internal
deploy:
restart_policy:
condition: on-failure
@@ -348,36 +305,36 @@ services:
# ======================
# Synapse Database Init
# ======================
# Creates the 'synapse' database in the shared openbrain PostgreSQL instance.
# Creates the 'synapse' database in the shared PostgreSQL instance.
# Runs once and exits. Idempotent — safe to run on every deploy.
synapse-db-init:
image: postgres:17-alpine
environment:
PGHOST: openbrain_brain-db
PGHOST: postgres
PGPORT: 5432
PGUSER: ${BRAIN_DB_ADMIN_USER:-openbrain}
PGPASSWORD: ${BRAIN_DB_ADMIN_PASSWORD}
PGUSER: ${POSTGRES_USER}
PGPASSWORD: ${POSTGRES_PASSWORD}
SYNAPSE_DB: ${SYNAPSE_POSTGRES_DB}
SYNAPSE_USER: ${SYNAPSE_POSTGRES_USER}
SYNAPSE_PASSWORD: ${SYNAPSE_POSTGRES_PASSWORD}
entrypoint: ["sh", "-c"]
command:
- |
until pg_isready -h openbrain_brain-db -p 5432 -U $${PGUSER}; do
echo "Waiting for openbrain_brain-db..."
until pg_isready -h postgres -p 5432 -U $${PGUSER}; do
echo "Waiting for PostgreSQL..."
sleep 2
done
echo "Database ready. Creating Synapse user and database..."
echo "PostgreSQL is ready. Creating Synapse database and user..."
psql -h openbrain_brain-db -U $${PGUSER} -tc "SELECT 1 FROM pg_roles WHERE rolname='$${SYNAPSE_USER}'" | grep -q 1 || \
psql -h openbrain_brain-db -U $${PGUSER} -c "CREATE USER $${SYNAPSE_USER} WITH PASSWORD '$${SYNAPSE_PASSWORD}';"
psql -h postgres -U $${PGUSER} -tc "SELECT 1 FROM pg_roles WHERE rolname='$${SYNAPSE_USER}'" | grep -q 1 || \
psql -h postgres -U $${PGUSER} -c "CREATE USER $${SYNAPSE_USER} WITH PASSWORD '$${SYNAPSE_PASSWORD}';"
psql -h openbrain_brain-db -U $${PGUSER} -tc "SELECT 1 FROM pg_database WHERE datname='$${SYNAPSE_DB}'" | grep -q 1 || \
psql -h openbrain_brain-db -U $${PGUSER} -c "CREATE DATABASE $${SYNAPSE_DB} OWNER $${SYNAPSE_USER} ENCODING 'UTF8' LC_COLLATE='C' LC_CTYPE='C' TEMPLATE template0;"
psql -h postgres -U $${PGUSER} -tc "SELECT 1 FROM pg_database WHERE datname='$${SYNAPSE_DB}'" | grep -q 1 || \
psql -h postgres -U $${PGUSER} -c "CREATE DATABASE $${SYNAPSE_DB} OWNER $${SYNAPSE_USER} ENCODING 'UTF8' LC_COLLATE='C' LC_CTYPE='C' TEMPLATE template0;"
echo "Synapse database ready: $${SYNAPSE_DB}"
networks:
- openbrain-brain-internal
- internal
deploy:
restart_policy:
condition: on-failure
@@ -492,6 +449,7 @@ services:
# Volumes
# ======================
volumes:
postgres_data:
valkey_data:
orchestrator_workspace:
speaches_models:
@@ -504,6 +462,3 @@ networks:
driver: overlay
traefik-public:
external: true
openbrain-brain-internal:
external: true
name: openbrain_brain-internal

16
docker/base.Dockerfile
View File

@@ -1,16 +0,0 @@
FROM node:24-slim AS base
# Pre-bake OS updates and common packages shared across all apps.
# Rebuild this image weekly or when base packages change.
# Push to: git.mosaicstack.dev/mosaic/node-base:24-slim
RUN apt-get update && apt-get upgrade -y --no-install-recommends \
&& apt-get install -y --no-install-recommends \
openssl \
ca-certificates \
curl \
dumb-init \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/*
# Enable corepack for pnpm
RUN corepack enable

82
docs/MISSION-MANIFEST.md
View File

@@ -1,68 +1,52 @@
# Mission Manifest — MS22-P2 Named Agent Fleet
# Mission Manifest — MS21 Multi-Tenant RBAC Data Migration
> Persistent document tracking full mission scope, status, and session history.
> Updated by the orchestrator at each phase transition and milestone completion.
## Mission
**ID:** ms22-p2-named-agent-fleet-20260304
**Statement:** Implement named agent fleet (jarvis, builder, medic) with per-agent personalities, model assignments, Discord channel routing, and WebUI selector.
**PRD:** `docs/PRD-MS22-P2-AGENT-FLEET.md`
**Phase:** Execution
**Status:** in-progress
**Last Updated:** 2026-03-04
**ID:** ms21-multi-tenant-rbac-data-migration-20260228
**Statement:** Build multi-tenant user/workspace/team management, break-glass auth, RBAC UI enforcement, and migrate jarvis-brain data into Mosaic Stack
**Phase:** Intake
**Current Milestone:**
**Progress:** 0 / 6 milestones
**Status:** active
**Last Updated:** 2026-02-28 17:10 UTC
## Success Criteria
1. AgentTemplate and UserAgent tables exist and are seeded with jarvis/builder/medic
2. Admin CRUD endpoints at `/admin/agent-templates` work and are guarded
3. User agent CRUD endpoints allow per-user agent customization
4. Chat proxy routes messages to correct agent by name
5. Discord channel → agent routing maps #jarvis/#builder/#medic-alerts
6. WebUI shows agent selector and connects to correct agent
7. All CI gates green
<!-- Define measurable success criteria here -->
## Milestones
| # | ID | Name | Status | Tasks | Notes |
| --- | ------------- | ------------- | ---------- | -------------- | --------------------- |
| 1 | schema-seed | Schema+Seed | ✅ done | P2-001, P2-002 | PRs #675, #677 merged |
| 2 | admin-crud | Admin CRUD | ✅ done | P2-003 | PR #678 merged |
| 3 | user-crud | User CRUD | ✅ done | P2-004 | PR #682 merged |
| 4 | agent-routing | Agent Routing | pending | P2-005, P2-006 | Depends on M3 |
| 5 | discord-ui | Discord+UI | ⬜ pending | P2-007, P2-008 | Depends on M4 |
| 6 | verification | Verification | ⬜ pending | P2-009, P2-010 | Final gate |
| # | ID | Name | Status | Branch | Issue | Started | Completed |
| --- | ------- | -------------------------- | ------- | ------ | ----- | ------- | --------- |
| 1 | phase-1 | Schema and Admin API | pending | — | — | — | — |
| 2 | phase-2 | Break-Glass Authentication | pending | — | — | — | — |
| 3 | phase-3 | Data Migration | pending | — | — | — | — |
| 4 | phase-4 | Admin UI | pending | — | — | — | — |
| 5 | phase-5 | RBAC UI Enforcement | pending | — | — | — | — |
| 6 | phase-6 | Verification | pending | — | — | — | — |
## Task Summary
## Deployment
See `docs/TASKS.md` — MS22 Phase 2 section for full task details.
| Task | Status | PR | Notes |
| ----------------------- | -------------- | ---- | ------------------------------ |
| P2-001 Schema | ✅ done | #675 | AgentTemplate + UserAgent |
| P2-002 Seed | ✅ done | #677 | jarvis/builder/medic templates |
| P2-003 Admin CRUD | ✅ done | #678 | /admin/agent-templates |
| P2-004 User CRUD | ✅ done | #682 | /api/agents |
| P2-005 Status endpoints | ⬜ not-started | — | |
| P2-006 Chat routing | ⬜ not-started | — | |
| P2-007 Discord routing | ⬜ not-started | — | |
| P2-008 WebUI selector | ⬜ not-started | — | |
| P2-009 Unit tests | ⬜ not-started | — | |
| P2-010 E2E verification | ⬜ not-started | — | |
| Target | URL | Method |
| ------ | --- | ------ |
| — | — | — |
## Token Budget
| Phase | Est | Used |
| ----------------- | -------- | -------------------- |
| Schema+Seed+CRUD | 30K | ~15K (done directly) |
| User CRUD+Routing | 40K | ~25K |
| Discord+UI | 30K | — |
| Verification | 10K | — |
| **Total** | **110K** | **~40K** |
| Metric | Value |
| ------ | ------ |
| Budget | — |
| Used | 0 |
| Mode | normal |
## Session Log
## Session History
| Date | Work Done |
| ---------- | --------------------------------------------------------------------------------------------------------- |
| 2026-03-04 | Session 2: Fixed CI security audit, merged PRs #681, #678, #682. Milestones 1-3 complete (4/6 remaining). |
| 2026-03-04 | P2-001..003 shipped; CI fix; postgres rebuilt; mission initialized |
| Session | Runtime | Started | Duration | Ended Reason | Last Task |
| ------- | ------- | ------- | -------- | ------------ | --------- |
## Scratchpad
Path: `docs/scratchpads/ms21-multi-tenant-rbac-data-migration-20260228.md`

182
docs/PRD-MS22-P2-AGENT-FLEET.md
View File

@@ -1,182 +0,0 @@
# PRD: MS22 Phase 2 — Named Agent Fleet
## Metadata
- **Owner:** Jason Woltje
- **Date:** 2026-03-04
- **Status:** draft
- **Design Doc:** `~/src/jarvis-brain/docs/planning/FLEET-EVOLUTION-PLAN.md`
- **Depends On:** MS22 Phase 1 (DB-Centric Architecture) — COMPLETE
## Problem Statement
Mosaic Stack has the infrastructure for per-user containers and knowledge layer, but no predefined agent personalities. Users start with a blank slate. For Jason's personal use case, we need named agents with distinct roles, personalities, and tool access that can collaborate through the shared knowledge layer.
## Objectives
1. **Named agents** — jarvis (orchestrator), builder (coding), medic (monitoring)
2. **Per-agent model assignment** — Opus for jarvis, Codex for builder, Haiku for medic
3. **Tool permissions** — Restrict dangerous tools to appropriate agents
4. **Discord bindings** — Route agents to specific channels
5. **Mosaic skill** — All agents can read/write findings and memory
## Scope
### In Scope
- Agent personality definitions (SOUL.md for each)
- Agent registry in Mosaic DB
- Per-agent model configuration
- Per-agent tool permission sets
- Discord channel routing
- Default agent templates for new users
### Out of Scope
- Matrix observation rooms (nice-to-have)
- WebUI chat improvements (separate phase)
- Cross-agent quality gates (future)
- Team workspaces (future)
## Agent Definitions
### Jarvis — Orchestrator
| Property | Value |
| --------------- | ------------------------------------------------------------------------------------------------------------------------------------------ |
| **Role** | Main orchestrator, user-facing assistant |
| **Model** | Opus (primary), Sonnet (fallback) |
| **Tools** | All tools — full access |
| **Discord** | #jarvis |
| **Personality** | Capable, direct, proactive. Gets stuff done without hand-holding. Thinks before acting, speaks up when seeing a better way. NOT a yes-man. |
### Builder — Coding Agent
| Property | Value |
| --------------- | --------------------------------------------------------------------------------------- |
| **Role** | Code implementation, PRs, refactoring |
| **Model** | Codex (primary, uses OpenAI credits), Sonnet (fallback) |
| **Tools** | exec, read, write, edit, github, browser |
| **Discord** | #builder |
| **Personality** | Focused, thorough. Writes clean code. Tests before declaring done. Documents decisions. |
### Medic — Health Monitoring
| Property | Value |
| --------------- | ------------------------------------------------------------------------------- |
| **Role** | System health checks, alerts, monitoring |
| **Model** | Haiku (primary), MiniMax (fallback) |
| **Tools** | exec (SSH), nodes, cron, message (alerts only) |
| **Discord** | #medic-alerts |
| **Personality** | Vigilant, concise. Alerts on anomalies. Proactive health checks. Minimal noise. |
## Database Schema
```prisma
model AgentTemplate {
id String @id @default(cuid())
name String @unique // "jarvis", "builder", "medic"
displayName String // "Jarvis", "Builder", "Medic"
role String // "orchestrator" | "coding" | "monitoring"
personality String // SOUL.md content
primaryModel String // "opus", "codex", "haiku"
fallbackModels Json @default("[]") // ["sonnet", "haiku"]
toolPermissions Json @default("[]") // ["exec", "read", "write", ...]
discordChannel String? // "jarvis", "builder", "medic-alerts"
isActive Boolean @default(true)
isDefault Boolean @default(false) // Include in new user provisioning
createdAt DateTime @default(now())
updatedAt DateTime @updatedAt
}
model UserAgent {
id String @id @default(cuid())
userId String
templateId String? // null = custom agent
name String // "jarvis", "builder", "medic" or custom
displayName String
role String
personality String // User can customize
primaryModel String?
fallbackModels Json @default("[]")
toolPermissions Json @default("[]")
discordChannel String?
isActive Boolean @default(true)
createdAt DateTime @default(now())
updatedAt DateTime @updatedAt
@@unique([userId, name])
}
```
## API Endpoints
### Agent Templates (Admin)
```
GET /api/admin/agent-templates — List all templates
POST /api/admin/agent-templates — Create template
GET /api/admin/agent-templates/:id — Get template
PATCH /api/admin/agent-templates/:id — Update template
DELETE /api/admin/agent-templates/:id — Delete template
```
### User Agents
```
GET /api/agents — List user's agents
POST /api/agents — Create custom agent (or from template)
GET /api/agents/:id — Get agent details
PATCH /api/agents/:id — Update agent (personality, model)
DELETE /api/agents/:id — Delete custom agent
POST /api/agents/:id/chat — Chat with agent (proxy to container)
```
### Agent Status
```
GET /api/agents/status — All agents status for user
GET /api/agents/:id/status — Single agent status
```
## Task Breakdown
| Task ID | Phase | Description | Scope | Dependencies | Estimate |
| -------------- | ------- | ---------------------------------------------- | ----- | ------------ | -------- |
| P2-DB-001 | schema | Prisma models: AgentTemplate, UserAgent | api | P1a | 10K |
| P2-SEED-001 | seed | Seed default agents (jarvis, builder, medic) | api | P2-DB-001 | 5K |
| P2-API-001 | api | Agent template CRUD endpoints | api | P2-DB-001 | 15K |
| P2-API-002 | api | User agent CRUD endpoints | api | P2-DB-001 | 15K |
| P2-API-003 | api | Agent status endpoints | api | P2-DB-001 | 10K |
| P2-PROXY-001 | api | Agent chat routing (select agent by name) | api | P2-API-002 | 15K |
| P2-DISCORD-001 | discord | Route Discord messages to correct agent | api | P2-PROXY-001 | 15K |
| P2-UI-001 | web | Agent list/selector in WebUI | web | P2-API-002 | 15K |
| P2-UI-002 | web | Agent detail/edit page | web | P2-UI-001 | 15K |
| P2-TEST-001 | test | Unit tests for agent services | api | P2-API-002 | 15K |
| P2-VER-001 | verify | End-to-end: Discord → correct agent → response | stack | all | 10K |
**Total Estimate:** ~140K tokens
## Success Criteria
1. ✅ User can list available agents in WebUI
2. ✅ User can select agent and chat with it
3. ✅ Discord messages in #jarvis go to jarvis agent
4. ✅ Discord messages in #builder go to builder agent
5. ✅ Each agent uses its assigned model
6. ✅ Each agent has correct tool permissions
7. ✅ Agents can read/write findings via mosaic skill
## Risks
| Risk | Mitigation |
| --------------------------- | ------------------------------------------------ |
| Agent routing complexity | Keep it simple: map Discord channel → agent name |
| Tool permission enforcement | OpenClaw config generation respects permissions |
| Model fallback failures | Log and alert, don't block user |
## Next Steps
1. Review this PRD with Jason
2. Create Mission MS22-P2 in TASKS.md
3. Begin with P2-DB-001 (schema)

566
docs/PRD-MS22-platform.md
View File

@@ -1,566 +0,0 @@
# PRD: Mosaic Stack Dashboard & Platform Implementation
## Metadata
- Owner: Jason Woltje
- Date: 2026-02-22
- Status: in-progress
- Best-Guess Mode: true
## Problem Statement
The Mosaic Stack web UI has a basic navigation and simple widget-based dashboard that doesn't match the production-ready design vision. The reference design (dashboard.html) defines a comprehensive command center UI with sidebar navigation, topbar, terminal panel, and multiple page layouts. The current implementation uses mismatched design tokens (raw Tailwind colors vs CSS variables), has no collapsible sidebar, no global terminal, and lacks the polished design system from the reference.
## Objectives
1. Implement the dashboard.html reference design as the production UI foundation
2. Establish a consistent CSS design token system that supports multiple themes
3. Build a responsive, accessible app shell with collapsible sidebar and full-width header
4. Create a theme system supporting installable theme packages
5. Build all dashboard pages (Dashboard, Projects, Workspace, Kanban, Files, Logs, Settings, Profile)
6. Implement real backend integration (no mock data)
7. Support multi-tenant configuration with RBAC
8. Implement federation (master-master and master-slave)
9. Build global terminal, project chat, and master chat session
10. Configure telemetry with opt-out support
## Completed Work
### MS15-DashboardShell (v0.0.15) — Complete
Design system + app shell + dashboard page. PRs #451-454.
- CSS design token system (colors, fonts, spacing, radii)
- App shell layout: collapsible sidebar + full-width header + main content
- Sidebar navigation with groups, icons, badges, active states, collapse/expand
- Responsive layout with hamburger at small breakpoints
- Light/dark theme matching reference design
- Mosaic logo spinner as global loading indicator
- Shared component updates in packages/ui
- Dashboard page: metrics strip, orchestrator sessions, quick actions, activity feed, token budget
- Grain overlay texture
### Go-Live MVP (v0.0.16) — Complete
Dashboard polish, task ingestion pipeline, agent cycle visibility, deploy + smoke test. PRs #458, #460, #462, #464.
- Fixed broken test suites and removed legacy unused widgets
- Visual + theme polish across all components
- Dashboard summary API endpoint (aggregated task counts, project counts, activity, jobs)
- Dashboard widgets wired to real API data (ActivityFeed, DashboardMetrics, OrchestratorSessions)
- WebSocket emits for job status/progress/step events
- Dashboard auto-refresh with polling + progress bars + step status indicators
- Deployed to mosaic.woltje.com, auth working via Authentik
- Release tag v0.0.16
### MS16+MS17-PagesDataIntegration (v0.0.17) — Complete
All pages built + wired to real API data. PRs #470-484 (15 PRs). Issues #466-469.
- Custom 404 pages (global + authenticated route groups)
- Settings root page with 4 category cards
- Tasks, Calendar, Knowledge pages wired to real API (238+ lines mock data removed)
- Projects list page with create/delete dialogs
- Project Workspace page with tabbed view (Tasks, Agent Sessions, Settings)
- Kanban board with drag-and-drop (@hello-pangea/dnd), 5 status columns, optimistic updates
- File Manager page with list/grid views, search, create/delete
- Logs & Telemetry page with auto-refresh, expandable rows, filters
- Profile page with user info and preferences
- All 5125 tests passing, CI pipeline #585 green
- Deployed and smoke-tested at mosaic.woltje.com
### MS18-ThemeWidgets (v0.0.18) — Complete
Theme package system, widget registry, WYSIWYG editor, Kanban filtering. PRs #493-505. Issues #487-491.
- 5 built-in themes (Dark, Light, Nord, Dracula, Solarized) as TypeScript theme packages
- ThemeProvider with dynamic CSS variable application and instant switching
- Theme selection UI in Settings with live preview swatches
- Widget definition registry with configurable sizing and schemas
- WidgetGrid dashboard with drag-and-drop layout (react-grid-layout)
- Widget picker drawer for adding widgets from registry
- Per-widget configuration dialog driven by configSchema
- Layout save/load/rename/delete via UserLayout API
- Tiptap WYSIWYG editor for knowledge entries with toolbar
- Markdown round-trip (import/export)
- Kanban board filtering by project, assignee, priority, search with URL persistence
- 1,195 web tests, 3,243 API tests passing
### MS19-ChatTerminal (v0.0.19) — Complete
Real terminal with PTY backend, chat streaming, orchestrator integration. PRs #515-522. Issues #508-512.
- NestJS WebSocket gateway (/terminal namespace) with node-pty for real shell sessions
- Terminal session persistence in PostgreSQL (Prisma model: TerminalSession)
- xterm.js integration with FitAddon, WebLinksAddon, CSS variable theme support
- Multi-session terminal tabs: create/close/rename, tab switching, session recovery
- SSE chat streaming with token-by-token rendering, abort/cancel support
- Master chat polish: model selector dropdown, temperature/maxTokens config, ChatEmptyState
- Orchestrator command system: /status, /agents, /jobs, /pause, /resume, /help
- Agent output terminal: SSE streaming from orchestrator, lifecycle indicators, read-only view
- Command autocomplete with keyboard navigation in chat input
- 328 MS19-specific tests (268 web + 60 API), 4744 total passing
- Deployed and smoke-tested at mosaic.woltje.com (CI #635 green)
### Bugfix: API Global Prefix (post-MS18) — Complete
PR #507. Fixed systemic 404 on all data endpoints.
- Added `setGlobalPrefix("api")` to NestJS with exclusions for /health and /auth/\*
- Normalized 6 federation controllers to remove redundant api/ prefix
- Fixed rollup CVE (GHSA-mw96-cpmx-2vgc) via pnpm override
## Scope
### In Scope (MS16+MS17 — Pages & Data Integration)
This is the active mission scope. MS16 (Pages) and MS17 (Backend Integration) are combined because the backend API modules already exist — the work is primarily frontend page creation and API wiring.
1. Projects list page with CRUD (wire to existing `/api/projects`)
2. Project workspace/detail page (wire to `/api/projects/:id`, `/api/tasks`, `/api/runner-jobs`)
3. Kanban board page with status-based columns (wire to existing `/api/tasks`)
4. File Manager page with tree/list view and CRUD (wire to existing `/api/knowledge`)
5. Logs & Telemetry page with log viewer and filtering (wire to `/api/runner-jobs`, job steps, events)
6. Settings root/index page linking to existing subpages
7. Custom 404 page for unknown routes
8. Wire `/tasks` page to real API data (currently mock)
9. Wire `/calendar` page to real API data (currently mock)
10. Wire `/knowledge` pages to real API data (currently mock)
### In Scope (Future Milestones — Documented for Planning)
11. Theme system with installable theme packages (MS18)
12. Widget system with installable widget packages, customizable sizes (MS18)
13. Global terminal: project/orchestrator level, smart (MS19)
14. Project-level orchestrator chat (MS19)
15. Master chat session: collapsible sidebar/slideout, always available (MS19)
16. Site stabilization: workspace context propagation for mutations (MS20)
17. Site stabilization: personalities API + UI (MS20)
18. Site stabilization: user preferences API endpoint (MS20)
19. Site stabilization: orchestrator 502 and WebSocket connectivity (MS20)
20. Site stabilization: credential management UI (MS20)
21. Site stabilization: terminal page route (MS20)
22. Site stabilization: favicon, dark mode dropdown fix (MS20)
23. Settings page for ALL environment variables, dynamically configurable via webUI (MS21)
24. Multi-tenant configuration with admin user management (MS21)
25. Team management with shared data spaces and chat rooms (MS21)
26. RBAC for file access, resources, models (MS21)
27. Federation: master-master and master-slave with key exchange (MS22)
28. Federation testing: 3 instances on Portainer (woltje.com domain) (MS22)
29. Agent task mapping configuration: system-level defaults, user-level overrides (MS23)
30. Telemetry: opt-out, customizable endpoint, sanitized data (MS23)
31. File manager with WYSIWYG editing: system/user/project levels (MS18)
32. User-level and project-level Kanban with filtering (MS18)
33. Break-glass authentication user (MS20)
34. Playwright E2E tests for all pages (MS23)
35. API documentation via Swagger (MS23)
36. Backend endpoints for all dashboard data (MS17 — already complete for existing modules)
37. Profile page linked from user card (MS16)
### Out of Scope
1. Mobile native app
2. Third-party marketplace for themes/widgets (initial implementation is local package management only)
3. Mobile native app deployment targets
4. Calendar system redesign (existing calendar implementation is retained)
## User/Stakeholder Requirements
1. The `jarvis` user must be able to log into mosaic.woltje.com via Authentik as administrator with access to all pages
2. A standard `jarvis-user` must operate at a lower permission level
3. A break-glass user must have access without Authentik authentication
4. All pages must be navigable without errors (no 404s from sidebar links)
5. Light and dark themes must work across all pages and components
6. Sidebar must be collapsible with open/close button; hidden by default at small breakpoints
7. Hamburger button visible at lower breakpoints for sidebar control
8. The Mosaic Stack logo icon must be the site-wide loading spinner
9. No mock data — all data pulled from backend APIs
## Functional Requirements
### FR-001: Design Token System
- CSS custom properties for all colors, spacing, typography, radii
- Dark theme as default (`:root`), light theme via `[data-theme="light"]`
- Fonts: Outfit (body), Fira Code (monospace)
- All components must use design tokens, never hardcoded colors
- **Status: COMPLETE (MS15)**
### FR-002: App Shell Layout
- CSS Grid: sidebar column + header row + main content
- Full-width header spanning above sidebar and content
- ASSUMPTION: Header spans full width including above sidebar area. The logo is in the header, not the sidebar. Rationale: User explicitly stated "The logo will NOT be part of the sidebar."
- **Status: COMPLETE (MS15)**
### FR-003: Sidebar Navigation
- Nav groups: Overview (Dashboard), Workspace (Projects, Project Workspace, Kanban, File Manager), Operations (Logs & Telemetry, Terminal), System (Settings)
- Collapsible: icon-only mode when collapsed
- Active state indicator (left border accent)
- User card in footer with avatar, name, role, online status
- ASSUMPTION: Sidebar footer user card navigates to Profile page. Rationale: Matches reference design behavior.
- **Status: COMPLETE (MS15+MS16) — Profile page added in PR #482.**
### FR-004: Header/Topbar
- Logo + brand wordmark (left)
- Search bar with keyboard shortcut hint
- System status indicator
- Terminal toggle button
- Notification bell with badge
- Theme toggle (sun/moon icon)
- User avatar button with dropdown (Profile, Account Settings, Sign Out)
- **Status: COMPLETE (MS15)**
### FR-005: Responsive Design
- Breakpoints: sm (640px), md (768px), lg (1024px), xl (1280px)
- Below md: sidebar hidden, hamburger button in header
- md-lg: sidebar can be toggled
- lg+: sidebar visible by default
- **Status: COMPLETE (MS15)**
### FR-006: Dashboard Page
- 6-cell metrics strip with colored top borders and trend indicators
- Active Orchestrator Sessions card with agent nodes
- Quick Actions 2x2 grid
- Activity Feed sidebar card
- Token Budget sidebar card with progress bars
- Wired to real API via `/api/dashboard/summary`
- **Status: COMPLETE (Go-Live MVP)**
### FR-007: Loading Spinner
- Mosaic logo icon (4 corner squares + center circle) with CSS rotation animation
- Used as global loading indicator across all pages
- Available as a shared component
- **Status: COMPLETE (MS15)**
### FR-008: Projects Page (MS16)
- Projects list view with card or table layout
- Project creation dialog/form
- Project detail view (name, description, status, created/updated timestamps)
- Wire to existing `/api/projects` (full CRUD already implemented)
- Navigate from sidebar → /projects
- **Status: COMPLETE (MS16) — PR #477. Card layout, create/delete dialogs, status badges.**
### FR-009: Project Workspace Page (MS16)
- Single-project view showing tasks, agent sessions, and project settings
- Task list for selected project
- Agent session history and status
- Wire to `/api/projects/:id`, `/api/tasks`, `/api/runner-jobs`
- Navigate from sidebar → /workspace (with project context)
- **Status: COMPLETE (MS16) — PR #479. Tabbed view (Tasks, Agent Sessions, Settings), project selector mode.**
### FR-010: Kanban Board Page (MS16)
- Drag-and-drop board with columns mapped to task status values
- Task cards showing title, assignee, priority, status
- Column headers with task counts
- Wire to existing `/api/tasks` (status field drives columns)
- Navigate from sidebar → /kanban
- **Status: COMPLETE (MS16) — PR #478. 5 columns (NOT_STARTED→ARCHIVED), @hello-pangea/dnd, optimistic updates.**
### FR-011: File Manager Page (MS16)
- Tree or list view of knowledge entries
- CRUD operations (create, read, update, delete)
- Search functionality
- Wire to existing `/api/knowledge` (full CRUD + search already implemented)
- Navigate from sidebar → /files
- **Status: COMPLETE (MS16) — PR #481. List+grid views, search, create/delete dialogs.**
### FR-012: Logs & Telemetry Page (MS16)
- Log viewer with timestamp, level, source, message columns
- Filtering by level, source, date range
- Auto-refresh for live logs
- Wire to existing runner-jobs, job steps, and events APIs
- Navigate from sidebar → /logs
- **Status: COMPLETE (MS16) — PR #480. Auto-refresh (5s polling), expandable rows, filters.**
### FR-013: Settings Root Page (MS16)
- Landing/index page for settings
- Category cards linking to existing subpages: Credentials, Domains, Personalities, Workspaces
- Navigate from sidebar → /settings (currently 404; subpages exist)
- **Status: COMPLETE (MS16) — PR #471. 4 category cards with icons and hover states.**
### FR-014: Custom 404 Page (MS16)
- Branded 404 page matching design system
- Helpful message and navigation link back to dashboard
- Applied to all unmatched routes within authenticated layout
- **Status: COMPLETE (MS16) — PR #472. Global + authenticated route-group 404 pages.**
### FR-015: Mock Data Elimination (MS16+MS17)
- `/tasks` page: replace mock data with `/api/tasks` calls
- `/calendar` page: replace mock data with `/api/events` calls
- `/knowledge` pages: replace mock data with `/api/knowledge` calls
- All pages must render real data from backend APIs
- **Status: COMPLETE (MS16+MS17) — PRs #473-#476. 238+ lines of mock data removed.**
### FR-016: Theme System (MS18) — COMPLETE
- 5 built-in themes (Dark, Light, Nord, Dracula, Solarized) as TypeScript theme packages
- ThemeProvider loads themes dynamically, applies CSS variables, instant switching
- Theme selection UI in Settings with live preview swatches
- UserPreference.theme persists selection across sessions
- **Status: COMPLETE (MS18) — PRs #493-495**
### FR-017: Terminal Panel (MS19) — COMPLETE
- Bottom drawer panel, toggleable from header and sidebar
- Real xterm.js terminal with PTY backend via WebSocket
- Multiple tabs: shell sessions, orchestrator agent output, build logs
- Terminal session persistence (create/close/rename tabs)
- Smart terminal operating at project/orchestrator level
- ASSUMPTION: Terminal backend uses node-pty for PTY management, communicating via WebSocket namespace (/terminal). Rationale: node-pty is the standard for Node.js terminal emulation, used by VS Code.
- ASSUMPTION: Terminal sessions are workspace-scoped and stored in PostgreSQL for recovery. Rationale: Consistent with existing workspace isolation pattern.
- **Status: COMPLETE (MS19) — PRs #515 (gateway), #517 (persistence), #518 (xterm.js), #520 (tabs), #522 (agent tabs). 60 API + 176 web tests.**
### FR-018: Chat Streaming & Master Chat (MS19) — COMPLETE
- Complete SSE streaming for token-by-token chat rendering
- Master chat sidebar (ChatOverlay) polish: model selector, conversation search, keyboard shortcuts
- Chat persistence via Ideas API (already implemented)
- ASSUMPTION: Chat streaming uses existing SSE infrastructure in LLM controller. Frontend needs streamChatMessage() completion. Rationale: Backend SSE is already working, only frontend wiring is missing.
- **Status: COMPLETE (MS19) — PRs #516 (streaming), #519 (polish). Model selector, temperature/maxTokens config, ChatEmptyState, Cmd+N/L shortcuts. 78 web tests.**
### FR-019: Project-Level Orchestrator Chat (MS19) — COMPLETE
- Chat context scoped to active project
- Can trigger orchestrator actions: spawn agent, check status, view jobs
- Command prefix system (/spawn, /status, /jobs) parsed in chat
- Agent output viewable in terminal tabs
- ASSUMPTION: Orchestrator commands route through existing web proxy (/api/orchestrator/\*) to orchestrator service. Rationale: Proxy routes already exist and handle auth.
- **Status: COMPLETE (MS19) — PRs #521 (commands), #522 (agent terminal). /status, /agents, /jobs, /pause, /resume, /help commands. Agent output streaming via SSE. 113 web tests.**
### FR-020: Site Stabilization & Feature Gaps (MS20) — IN PROGRESS
Runtime bugs and feature gaps discovered during live testing of mosaic.woltje.com.
**Workspace Context Propagation:**
- Domains page: "Workspace ID is required" when creating domains
- Projects page: "Workspace ID is required" when creating projects
- Credentials page: unable to add credentials (button disabled, feature stub)
- ASSUMPTION: The `useWorkspaceId()` hook + auto-detect in `apiRequest` from PR #532 handles reads, but mutation endpoints on some pages don't pass workspace ID correctly. Rationale: GET requests work after PR #532 but POST/mutation requests still fail on domains and projects pages.
**Missing API Endpoints:**
- `/api/personalities` — no controller/service exists; frontend expects GET/POST/PATCH/DELETE
- `/users/me/preferences` — listed in PRD API table but returns 404; frontend profile page depends on it
- ASSUMPTION: Personalities API follows existing NestJS module patterns (controller + service + DTO + Prisma model). Rationale: Consistent with all other API modules in the codebase.
- ASSUMPTION: User preferences endpoint is part of the existing users module but route is not registered. Rationale: PRD lists it as an existing endpoint.
**Orchestrator Connectivity:**
- All orchestrator-proxied endpoints return HTTP 502
- Orchestrator WebSocket connection fails ("Reconnecting to server...")
- Dashboard widgets: Agent Status, Task Progress, Orchestrator Events all error
- ASSUMPTION: The orchestrator service container runs but the Next.js API proxy cannot reach it. Root cause is likely environment variable or network configuration in Docker Swarm. Rationale: The orchestrator container exists in the compose file and has Traefik labels.
**UI/UX Issues:**
- Dark mode theming on Formality Level dropdown in Personalities page incorrect
- favicon.ico missing (404)
- Terminal sidebar link uses `#terminal` anchor instead of page route
- `useWorkspaceId` warning in console: no workspace ID in localStorage on fresh sessions
- ASSUMPTION: Terminal should have a dedicated page route `/terminal` that renders the terminal panel full-screen. Rationale: The sidebar has a Terminal link in the Operations section alongside Logs, implying it should be a navigable page.
**Credential Management:**
- "Add Credential" button is `disabled` in code — feature was stubbed as "coming soon"
- Need to implement credential creation UI and wire to existing `/api/credentials` CRUD endpoints
- ASSUMPTION: Credential CRUD frontend can use the existing `/api/credentials` API which was built during M7-CredentialSecurity. Rationale: Backend endpoints exist per audit.
### FR-021: Settings Configuration (Future — MS21)
- All environment variables configurable via UI
- Minimal launch env vars, rest configurable dynamically
- Settings stored in DB with RLS
- Theme selection, widget management, federation config, telemetry config
## Non-Functional Requirements
1. Security: All API endpoints require authentication. RBAC enforced. No PII in telemetry. Secrets never hardcoded.
2. Performance: Dashboard loads in <2s. No layout shift during theme toggle. Sidebar toggle is instant (<100ms animation).
3. Reliability: Break-glass auth ensures access when Authentik is down.
4. Observability: Telemetry with opt-out support. Wide-event logging. Customizable telemetry endpoint.
## Acceptance Criteria
### MS15-DashboardShell — COMPLETE
1. ~~Design tokens from dashboard.html are implemented in globals.css~~ DONE
2. ~~App shell shows full-width header with logo, collapsible sidebar, main content area~~ DONE
3. ~~Sidebar has all nav groups with icons, collapses to icon-only mode~~ DONE
4. ~~Hamburger button appears at mobile breakpoints, sidebar hidden by default~~ DONE
5. ~~Light/dark theme toggle works across all components~~ DONE
6. ~~Mosaic logo spinner is used as site-wide loading indicator~~ DONE
7. ~~Dashboard page shows metrics strip, orchestrator sessions, quick actions, activity feed, token budget~~ DONE
8. ~~All shared components in packages/ui use design tokens (no hardcoded colors)~~ DONE
9. ~~Lint, typecheck, and existing tests pass~~ DONE
10. ~~Grain overlay texture from reference is applied~~ DONE
### Go-Live MVP (v0.0.16) — COMPLETE
11. ~~Dashboard widgets wired to real API data~~ DONE
12. ~~WebSocket emits for agent job lifecycle~~ DONE
13. ~~Deployed to mosaic.woltje.com with auth working~~ DONE
### MS16+MS17 — Pages & Data Integration — COMPLETE
14. ~~All sidebar links navigate to functional pages (no 404s)~~ DONE
15. ~~Projects page: list, create, view project details~~ DONE
16. ~~Workspace page: view single project with tasks and agent sessions~~ DONE
17. ~~Kanban page: drag-and-drop board with task status columns~~ DONE
18. ~~File Manager page: tree/list view with CRUD operations~~ DONE
19. ~~Logs page: log viewer with filtering and auto-refresh~~ DONE
20. ~~Settings root page: category index linking to subpages~~ DONE
21. ~~Custom 404 page for unknown routes~~ DONE
22. ~~`/tasks` page uses real API data (no mock)~~ DONE
23. ~~`/calendar` page uses real API data (no mock)~~ DONE
24. ~~`/knowledge` pages use real API data (no mock)~~ DONE
25. ~~All new pages support light/dark theme~~ DONE
26. ~~All new pages are responsive (sm/md/lg/xl breakpoints)~~ DONE
27. ~~Lint, typecheck, and tests pass~~ DONE
28. ~~Deployed and smoke-tested at mosaic.woltje.com~~ DONE
### MS18 — Theme & Widget System — COMPLETE
29. ~~5+ themes with live preview and instant switching~~ DONE
30. ~~Theme selection UI in Settings with swatches~~ DONE
31. ~~UserPreference.theme persists across sessions~~ DONE
32. ~~WidgetGrid dashboard with drag/resize/add/remove~~ DONE
33. ~~Widget picker UI from registry~~ DONE
34. ~~Per-widget configuration dialog~~ DONE
35. ~~Layout save/load/rename/delete via API~~ DONE
36. ~~Tiptap WYSIWYG editor for knowledge entries~~ DONE
37. ~~Markdown round-trip (import/export)~~ DONE
38. ~~Kanban filtering by project, assignee, priority, search~~ DONE
39. ~~All features support all themes~~ DONE
40. ~~Lint, typecheck, tests pass~~ DONE
### MS19 — Chat & Terminal — COMPLETE
41. ~~Terminal panel has real xterm.js with PTY backend~~ DONE — PR #518
42. ~~Terminal supports multiple named sessions (tabs)~~ DONE — PR #520
43. ~~Terminal sessions persist and recover on reconnect~~ DONE — PR #517
44. ~~Chat streaming renders tokens in real-time (SSE)~~ DONE — PR #516
45. ~~Master chat sidebar accessible from any page (Cmd+Shift+J)~~ DONE — PR #519
46. ~~Master chat supports model selection and conversation management~~ DONE — PR #519
47. ~~Project-level chat can trigger orchestrator actions~~ DONE — PR #521
48. ~~Agent output viewable in terminal tabs~~ DONE — PR #522
49. ~~All features support all themes~~ DONE — CSS variables throughout
50. ~~Lint, typecheck, tests pass~~ DONE — 1441 web + 3303 API = 4744 total
51. ~~Deployed and smoke-tested~~ DONE — CI #635 green, web deployed to mosaic.woltje.com
### Full Project (All Milestones)
52. jarvis user logs in via Authentik, has admin access to all pages
53. jarvis-user has standard access at lower permission level
54. Break-glass user has access without Authentik
55. Three Mosaic Stack instances on Portainer with federation testing
56. Playwright tests confirm all pages, functions, theming work
57. No errors during site navigation
58. API documented via Swagger with proper auth gating
59. Telemetry working locally with wide-event logging
60. Mosaic Telemetry properly reporting to telemetry endpoint
## Constraints and Dependencies
1. Next.js 16 with App Router — all pages use server/client component patterns
2. Tailwind CSS 3.4 — design tokens must integrate with Tailwind's utility class system
3. BetterAuth for authentication — must maintain existing auth flow
4. Authentik as IdP at auth.diversecanvas.com — must remain operational
5. PostgreSQL 17 with Prisma — all settings stored in DB
6. Portainer for deployment — 3 instances needed for federation testing
7. packages/ui is shared across apps — changes affect all consumers
8. Backend API modules already exist for all page data needs — no new API endpoints required for MS16+MS17 scope
## Risks and Open Questions
1. **Risk**: Pages need to match the design system established in MS15. Inconsistency would degrade UX. Mitigation: Use existing design tokens and shared components exclusively. **RESOLVED** — All MS16+MS17 pages use design tokens consistently.
2. **Risk**: Kanban drag-and-drop adds complexity and potential for state bugs. Mitigation: Use a proven DnD library. **RESOLVED**@hello-pangea/dnd selected (maintained fork of react-beautiful-dnd, better TS support). Optimistic updates with rollback on failure.
3. **Risk**: Mock data elimination may reveal backend API gaps or mismatches. Mitigation: Audit each API response shape against page needs during implementation. **RESOLVED** — All 3 mock-data pages wired successfully. No API gaps found.
4. ~~**Open**: Exact task status values for Kanban columns~~ **RESOLVED** — TaskStatus enum: NOT_STARTED, IN_PROGRESS, PAUSED, COMPLETED, ARCHIVED (5 columns).
5. ~~**Open**: Whether Workspace page should require project selection or show a default view~~ **RESOLVED** — Shows project selector when no project param, workspace detail when ?project=id.
6. ~~**Open**: File Manager page — should it be a direct mapping of Knowledge entries or a separate file abstraction?~~ **RESOLVED** — Direct mapping to Knowledge entries via /api/knowledge. API shape matches file manager needs.
## Existing Backend API Modules (Reference)
These 19 NestJS modules are already implemented with Prisma and available for frontend wiring:
| Module | Endpoint | Capabilities |
| ------------------ | ------------------------------ | --------------------- |
| Projects | `/api/projects` | Full CRUD |
| Tasks | `/api/tasks` | Full CRUD |
| Layouts | `/api/layouts` | Widget placement |
| Widgets | `/api/widgets` | Data endpoints |
| Activity | `/api/activity` | Audit logs |
| Dashboard | `/api/dashboard/summary` | Aggregated summary |
| Knowledge | `/api/knowledge` | Full CRUD + search |
| Ideas | `/api/ideas` | Capture/CRUD |
| Domains | `/api/domains` | CRUD |
| Events | `/api/events` | CRUD |
| Preferences | `/api/users/me/preferences` | User settings |
| Workspace Settings | `/api/workspaces/:id/settings` | LLM config |
| Runner Jobs | `/api/runner-jobs` | Job management |
| Job Steps | `/api/runner-jobs/:id/steps` | Step tracking |
| Agent Tasks | `/api/agent-tasks` | Agent task management |
| Credentials | `/api/credentials` | Encrypted storage |
| Brain/AI | `/api/brain` | Query/search |
| WebSocket | Real-time | Event broadcasting |
| LLM | `/api/llm/chat` | Chat + SSE streaming |
| Orchestrator Proxy | `/api/orchestrator/*` | Agent mgmt proxy |
| Telemetry | Internal | Logging/monitoring |
## Testing and Verification
1. Baseline: `pnpm lint && pnpm build` must pass
2. Situational: All sidebar links navigate without 404
3. Situational: Each new page renders with real API data
4. Situational: Theme toggle on each new page
5. Situational: Responsive verification at sm/md/lg/xl
6. E2E: Playwright tests for all page navigation (MS23)
7. E2E: Auth flow with Authentik (MS23)
8. Federation: Master-master and master-slave data access tests (MS21)
## Delivery/Milestone Intent
| Milestone | Version | Focus | Status |
| ------------------------------ | ------- | ----------------------------------------------------------------- | ----------- |
| MS15-DashboardShell | 0.0.15 | Design system + app shell + dashboard page | COMPLETE |
| Go-Live MVP | 0.0.16 | Dashboard polish, ingestion, agent visibility, deploy | COMPLETE |
| MS16+MS17-PagesDataIntegration | 0.0.17 | All pages built + wired to real API data | COMPLETE |
| MS18-ThemeWidgets | 0.0.18 | Theme package system, widget registry, WYSIWYG, Kanban filtering | COMPLETE |
| MS19-ChatTerminal | 0.0.19 | Global terminal, project chat, master chat session | COMPLETE |
| MS20-SiteStabilization | 0.0.20 | Runtime bug fixes, missing endpoints, orchestrator connectivity | IN PROGRESS |
| MS21-MultiTenant | 0.0.21 | Multi-tenant, teams, RBAC, RLS enforcement, break-glass auth | NOT STARTED |
| MS22-Federation | 0.0.22 | Federation (M-M, M-S), 3 instances, key exchange, data separation | NOT STARTED |
| MS23-AgentTelemetry | 0.0.23 | Agent task mapping, telemetry, wide-event logging | NOT STARTED |
| MS24-Testing | 0.0.24 | Playwright E2E, federation tests, documentation finalization | NOT STARTED |
## Assumptions
1. ASSUMPTION: Header spans full width including above sidebar area. The logo is in the header, not the sidebar. Rationale: User explicitly stated "The logo will NOT be part of the sidebar."
2. ASSUMPTION: Sidebar footer user card navigates to Profile page. Rationale: Matches reference design behavior.
3. ASSUMPTION: Initial implementation supports dark/light from reference design. Multi-theme package system is a future milestone. Rationale: Foundation must be solid before extensibility.
4. ASSUMPTION: MS16 and MS17 are combined into a single mission because 19 backend API modules already exist with real Prisma business logic. The remaining work is primarily frontend page creation and API wiring. Rationale: Backend audit on 2026-02-22 confirmed all required endpoints are implemented.
5. ASSUMPTION: File Manager page maps to Knowledge entries rather than a separate file system abstraction. Rationale: `/api/knowledge` provides full CRUD + search which matches file manager needs. Can be extended later if needed.
6. ASSUMPTION: Theme packages are code-level TypeScript files (not runtime-installable npm packages). Each theme exports CSS variable overrides. Rationale: Keeps the system simple for MS18; runtime package loading can be added in a future milestone.
7. ASSUMPTION: WYSIWYG editor uses Tiptap (ProseMirror-based, headless). Rationale: Headless approach integrates naturally with the CSS variable design system, excellent markdown import/export, TypeScript-first, battle-tested.
8. ASSUMPTION: MS18 includes WYSIWYG editing for knowledge entries and Kanban filtering enhancements in addition to themes and widgets. These were originally listed separately but are grouped into MS18 per PRD scope items 24-25. Rationale: All are frontend-focused enhancements that build on the existing page infrastructure.
9. ASSUMPTION: The `useWorkspaceId()` hook + auto-detect in `apiRequest` from PR #532 handles reads, but mutation endpoints on some pages don't pass workspace ID correctly. Rationale: GET requests work after PR #532 but POST/mutation requests still fail on domains and projects pages.
10. ASSUMPTION: Personalities API follows existing NestJS module patterns (controller + service + DTO + Prisma model). Rationale: Consistent with all other API modules in the codebase.
11. ASSUMPTION: User preferences endpoint is part of the existing users module but route is not registered. Rationale: PRD lists it as an existing endpoint.
12. ASSUMPTION: The orchestrator service container runs but the Next.js API proxy cannot reach it. Root cause is likely environment variable or network configuration in Docker Swarm. Rationale: The orchestrator container exists in the compose file and has Traefik labels.
13. ASSUMPTION: Terminal should have a dedicated page route `/terminal` that renders the terminal panel full-screen. Rationale: The sidebar has a Terminal link in the Operations section alongside Logs, implying it should be a navigable page.
14. ASSUMPTION: Credential CRUD frontend can use the existing `/api/credentials` API which was built during M7-CredentialSecurity. Rationale: Backend endpoints exist per audit.

645
docs/PRD.md
View File

@@ -1,167 +1,566 @@
# PRD: MS22 Phase 2 — Named Agent Fleet
# PRD: Mosaic Stack Dashboard & Platform Implementation
## Metadata
- Owner: Jason Woltje
- Date: 2026-03-04
- Date: 2026-02-22
- Status: in-progress
- Mission: ms22-p2-named-agent-fleet-20260304
- Design Doc: `docs/design/MS22-DB-CENTRIC-ARCHITECTURE.md`
- Depends On: MS22 Phase 1 (DB-Centric Architecture) — COMPLETE
---
- Best-Guess Mode: true
## Problem Statement
Mosaic Stack has the infrastructure for per-user containers and a knowledge layer, but no predefined agent personalities. Users start with a blank slate. For Jason's personal use case, the system needs named agents — jarvis, builder, medic — with distinct roles, personalities, and tool access that can collaborate through the shared knowledge layer and respond in dedicated Discord channels.
The Mosaic Stack web UI has a basic navigation and simple widget-based dashboard that doesn't match the production-ready design vision. The reference design (dashboard.html) defines a comprehensive command center UI with sidebar navigation, topbar, terminal panel, and multiple page layouts. The current implementation uses mismatched design tokens (raw Tailwind colors vs CSS variables), has no collapsible sidebar, no global terminal, and lacks the polished design system from the reference.
Currently:
## Objectives
- No agent registry exists in the database
- No per-agent model configuration is possible
- Discord channels are not routed to specific agents
- Chat routing is model-agnostic (no agent context)
1. Implement the dashboard.html reference design as the production UI foundation
2. Establish a consistent CSS design token system that supports multiple themes
3. Build a responsive, accessible app shell with collapsible sidebar and full-width header
4. Create a theme system supporting installable theme packages
5. Build all dashboard pages (Dashboard, Projects, Workspace, Kanban, Files, Logs, Settings, Profile)
6. Implement real backend integration (no mock data)
7. Support multi-tenant configuration with RBAC
8. Implement federation (master-master and master-slave)
9. Build global terminal, project chat, and master chat session
10. Configure telemetry with opt-out support
---
## Completed Work
### MS15-DashboardShell (v0.0.15) — Complete
Design system + app shell + dashboard page. PRs #451-454.
- CSS design token system (colors, fonts, spacing, radii)
- App shell layout: collapsible sidebar + full-width header + main content
- Sidebar navigation with groups, icons, badges, active states, collapse/expand
- Responsive layout with hamburger at small breakpoints
- Light/dark theme matching reference design
- Mosaic logo spinner as global loading indicator
- Shared component updates in packages/ui
- Dashboard page: metrics strip, orchestrator sessions, quick actions, activity feed, token budget
- Grain overlay texture
### Go-Live MVP (v0.0.16) — Complete
Dashboard polish, task ingestion pipeline, agent cycle visibility, deploy + smoke test. PRs #458, #460, #462, #464.
- Fixed broken test suites and removed legacy unused widgets
- Visual + theme polish across all components
- Dashboard summary API endpoint (aggregated task counts, project counts, activity, jobs)
- Dashboard widgets wired to real API data (ActivityFeed, DashboardMetrics, OrchestratorSessions)
- WebSocket emits for job status/progress/step events
- Dashboard auto-refresh with polling + progress bars + step status indicators
- Deployed to mosaic.woltje.com, auth working via Authentik
- Release tag v0.0.16
### MS16+MS17-PagesDataIntegration (v0.0.17) — Complete
All pages built + wired to real API data. PRs #470-484 (15 PRs). Issues #466-469.
- Custom 404 pages (global + authenticated route groups)
- Settings root page with 4 category cards
- Tasks, Calendar, Knowledge pages wired to real API (238+ lines mock data removed)
- Projects list page with create/delete dialogs
- Project Workspace page with tabbed view (Tasks, Agent Sessions, Settings)
- Kanban board with drag-and-drop (@hello-pangea/dnd), 5 status columns, optimistic updates
- File Manager page with list/grid views, search, create/delete
- Logs & Telemetry page with auto-refresh, expandable rows, filters
- Profile page with user info and preferences
- All 5125 tests passing, CI pipeline #585 green
- Deployed and smoke-tested at mosaic.woltje.com
### MS18-ThemeWidgets (v0.0.18) — Complete
Theme package system, widget registry, WYSIWYG editor, Kanban filtering. PRs #493-505. Issues #487-491.
- 5 built-in themes (Dark, Light, Nord, Dracula, Solarized) as TypeScript theme packages
- ThemeProvider with dynamic CSS variable application and instant switching
- Theme selection UI in Settings with live preview swatches
- Widget definition registry with configurable sizing and schemas
- WidgetGrid dashboard with drag-and-drop layout (react-grid-layout)
- Widget picker drawer for adding widgets from registry
- Per-widget configuration dialog driven by configSchema
- Layout save/load/rename/delete via UserLayout API
- Tiptap WYSIWYG editor for knowledge entries with toolbar
- Markdown round-trip (import/export)
- Kanban board filtering by project, assignee, priority, search with URL persistence
- 1,195 web tests, 3,243 API tests passing
### MS19-ChatTerminal (v0.0.19) — Complete
Real terminal with PTY backend, chat streaming, orchestrator integration. PRs #515-522. Issues #508-512.
- NestJS WebSocket gateway (/terminal namespace) with node-pty for real shell sessions
- Terminal session persistence in PostgreSQL (Prisma model: TerminalSession)
- xterm.js integration with FitAddon, WebLinksAddon, CSS variable theme support
- Multi-session terminal tabs: create/close/rename, tab switching, session recovery
- SSE chat streaming with token-by-token rendering, abort/cancel support
- Master chat polish: model selector dropdown, temperature/maxTokens config, ChatEmptyState
- Orchestrator command system: /status, /agents, /jobs, /pause, /resume, /help
- Agent output terminal: SSE streaming from orchestrator, lifecycle indicators, read-only view
- Command autocomplete with keyboard navigation in chat input
- 328 MS19-specific tests (268 web + 60 API), 4744 total passing
- Deployed and smoke-tested at mosaic.woltje.com (CI #635 green)
### Bugfix: API Global Prefix (post-MS18) — Complete
PR #507. Fixed systemic 404 on all data endpoints.
- Added `setGlobalPrefix("api")` to NestJS with exclusions for /health and /auth/\*
- Normalized 6 federation controllers to remove redundant api/ prefix
- Fixed rollup CVE (GHSA-mw96-cpmx-2vgc) via pnpm override
## Scope
### In Scope
### In Scope (MS16+MS17 — Pages & Data Integration)
- `AgentTemplate` and `UserAgent` Prisma models
- Admin CRUD endpoints for managing agent templates
- User agent CRUD endpoints for personal agent instances
- Agent chat proxy routing (select agent by name)
- Discord channel → agent routing (#jarvis, #builder, #medic-alerts)
- WebUI agent selector and agent detail view
- Unit tests and E2E verification
This is the active mission scope. MS16 (Pages) and MS17 (Backend Integration) are combined because the backend API modules already exist — the work is primarily frontend page creation and API wiring.
### Non-Goals
1. Projects list page with CRUD (wire to existing `/api/projects`)
2. Project workspace/detail page (wire to `/api/projects/:id`, `/api/tasks`, `/api/runner-jobs`)
3. Kanban board page with status-based columns (wire to existing `/api/tasks`)
4. File Manager page with tree/list view and CRUD (wire to existing `/api/knowledge`)
5. Logs & Telemetry page with log viewer and filtering (wire to `/api/runner-jobs`, job steps, events)
6. Settings root/index page linking to existing subpages
7. Custom 404 page for unknown routes
8. Wire `/tasks` page to real API data (currently mock)
9. Wire `/calendar` page to real API data (currently mock)
10. Wire `/knowledge` pages to real API data (currently mock)
- Matrix observation rooms
- Cross-agent quality gates
- Team/multi-user agent sharing
- Agent-to-agent communication
- Token metering per agent
### In Scope (Future Milestones — Documented for Planning)
---
11. Theme system with installable theme packages (MS18)
12. Widget system with installable widget packages, customizable sizes (MS18)
13. Global terminal: project/orchestrator level, smart (MS19)
14. Project-level orchestrator chat (MS19)
15. Master chat session: collapsible sidebar/slideout, always available (MS19)
16. Site stabilization: workspace context propagation for mutations (MS20)
17. Site stabilization: personalities API + UI (MS20)
18. Site stabilization: user preferences API endpoint (MS20)
19. Site stabilization: orchestrator 502 and WebSocket connectivity (MS20)
20. Site stabilization: credential management UI (MS20)
21. Site stabilization: terminal page route (MS20)
22. Site stabilization: favicon, dark mode dropdown fix (MS20)
23. Settings page for ALL environment variables, dynamically configurable via webUI (MS21)
24. Multi-tenant configuration with admin user management (MS21)
25. Team management with shared data spaces and chat rooms (MS21)
26. RBAC for file access, resources, models (MS21)
27. Federation: master-master and master-slave with key exchange (MS22)
28. Federation testing: 3 instances on Portainer (woltje.com domain) (MS22)
29. Agent task mapping configuration: system-level defaults, user-level overrides (MS23)
30. Telemetry: opt-out, customizable endpoint, sanitized data (MS23)
31. File manager with WYSIWYG editing: system/user/project levels (MS18)
32. User-level and project-level Kanban with filtering (MS18)
33. Break-glass authentication user (MS20)
34. Playwright E2E tests for all pages (MS23)
35. API documentation via Swagger (MS23)
36. Backend endpoints for all dashboard data (MS17 — already complete for existing modules)
37. Profile page linked from user card (MS16)
## User Stories
### Out of Scope
### US-001
1. Mobile native app
2. Third-party marketplace for themes/widgets (initial implementation is local package management only)
3. Mobile native app deployment targets
4. Calendar system redesign (existing calendar implementation is retained)
As Jason, I can list my available agents in the WebUI so I know what's configured.
## User/Stakeholder Requirements
### US-002
As Jason, I can select an agent and chat with it directly via WebUI.
### US-003
As Jason, I can send a message in #jarvis on Discord and Jarvis responds.
### US-004
As Jason, I can send a message in #builder on Discord and Builder responds.
### US-005
As Jason, I can send a message in #medic-alerts and Medic responds.
### US-006
As an admin, I can create, update, and delete agent templates.
### US-007
As Jason, I can customize an agent's personality without affecting the shared template.
### US-008
As Jason, I can see which agents are active vs inactive at a glance.
---
1. The `jarvis` user must be able to log into mosaic.woltje.com via Authentik as administrator with access to all pages
2. A standard `jarvis-user` must operate at a lower permission level
3. A break-glass user must have access without Authentik authentication
4. All pages must be navigable without errors (no 404s from sidebar links)
5. Light and dark themes must work across all pages and components
6. Sidebar must be collapsible with open/close button; hidden by default at small breakpoints
7. Hamburger button visible at lower breakpoints for sidebar control
8. The Mosaic Stack logo icon must be the site-wide loading spinner
9. No mock data — all data pulled from backend APIs
## Functional Requirements
- FR-1: The system SHALL provide an `AgentTemplate` model with: name, displayName, role, personality, primaryModel, fallbackModels, toolPermissions, discordChannel, isActive, isDefault
- FR-2: The system SHALL provide a `UserAgent` model that extends or customizes an AgentTemplate per user
- FR-3: The system SHALL seed three default templates on startup: jarvis (orchestrator/opus), builder (coding/codex), medic (monitoring/haiku)
- FR-4: Admin endpoints SHALL exist at `GET/POST/PATCH/DELETE /admin/agent-templates` protected by AdminGuard
- FR-5: User agent endpoints SHALL exist at `GET/POST/PATCH/DELETE /agents` protected by AuthGuard
- FR-6: Agent status endpoints SHALL return active/inactive state per agent for the authenticated user
- FR-7: The chat proxy SHALL route messages to the correct agent based on agent name or ID in the request
- FR-8: Incoming Discord messages in a configured channel SHALL be routed to the matching agent
- FR-9: The WebUI SHALL display a list of available agents with role, model, and status
- FR-10: The WebUI SHALL allow selecting an agent and opening a chat session with it
### FR-001: Design Token System
---
- CSS custom properties for all colors, spacing, typography, radii
- Dark theme as default (`:root`), light theme via `[data-theme="light"]`
- Fonts: Outfit (body), Fira Code (monospace)
- All components must use design tokens, never hardcoded colors
- **Status: COMPLETE (MS15)**
### FR-002: App Shell Layout
- CSS Grid: sidebar column + header row + main content
- Full-width header spanning above sidebar and content
- ASSUMPTION: Header spans full width including above sidebar area. The logo is in the header, not the sidebar. Rationale: User explicitly stated "The logo will NOT be part of the sidebar."
- **Status: COMPLETE (MS15)**
### FR-003: Sidebar Navigation
- Nav groups: Overview (Dashboard), Workspace (Projects, Project Workspace, Kanban, File Manager), Operations (Logs & Telemetry, Terminal), System (Settings)
- Collapsible: icon-only mode when collapsed
- Active state indicator (left border accent)
- User card in footer with avatar, name, role, online status
- ASSUMPTION: Sidebar footer user card navigates to Profile page. Rationale: Matches reference design behavior.
- **Status: COMPLETE (MS15+MS16) — Profile page added in PR #482.**
### FR-004: Header/Topbar
- Logo + brand wordmark (left)
- Search bar with keyboard shortcut hint
- System status indicator
- Terminal toggle button
- Notification bell with badge
- Theme toggle (sun/moon icon)
- User avatar button with dropdown (Profile, Account Settings, Sign Out)
- **Status: COMPLETE (MS15)**
### FR-005: Responsive Design
- Breakpoints: sm (640px), md (768px), lg (1024px), xl (1280px)
- Below md: sidebar hidden, hamburger button in header
- md-lg: sidebar can be toggled
- lg+: sidebar visible by default
- **Status: COMPLETE (MS15)**
### FR-006: Dashboard Page
- 6-cell metrics strip with colored top borders and trend indicators
- Active Orchestrator Sessions card with agent nodes
- Quick Actions 2x2 grid
- Activity Feed sidebar card
- Token Budget sidebar card with progress bars
- Wired to real API via `/api/dashboard/summary`
- **Status: COMPLETE (Go-Live MVP)**
### FR-007: Loading Spinner
- Mosaic logo icon (4 corner squares + center circle) with CSS rotation animation
- Used as global loading indicator across all pages
- Available as a shared component
- **Status: COMPLETE (MS15)**
### FR-008: Projects Page (MS16)
- Projects list view with card or table layout
- Project creation dialog/form
- Project detail view (name, description, status, created/updated timestamps)
- Wire to existing `/api/projects` (full CRUD already implemented)
- Navigate from sidebar → /projects
- **Status: COMPLETE (MS16) — PR #477. Card layout, create/delete dialogs, status badges.**
### FR-009: Project Workspace Page (MS16)
- Single-project view showing tasks, agent sessions, and project settings
- Task list for selected project
- Agent session history and status
- Wire to `/api/projects/:id`, `/api/tasks`, `/api/runner-jobs`
- Navigate from sidebar → /workspace (with project context)
- **Status: COMPLETE (MS16) — PR #479. Tabbed view (Tasks, Agent Sessions, Settings), project selector mode.**
### FR-010: Kanban Board Page (MS16)
- Drag-and-drop board with columns mapped to task status values
- Task cards showing title, assignee, priority, status
- Column headers with task counts
- Wire to existing `/api/tasks` (status field drives columns)
- Navigate from sidebar → /kanban
- **Status: COMPLETE (MS16) — PR #478. 5 columns (NOT_STARTED→ARCHIVED), @hello-pangea/dnd, optimistic updates.**
### FR-011: File Manager Page (MS16)
- Tree or list view of knowledge entries
- CRUD operations (create, read, update, delete)
- Search functionality
- Wire to existing `/api/knowledge` (full CRUD + search already implemented)
- Navigate from sidebar → /files
- **Status: COMPLETE (MS16) — PR #481. List+grid views, search, create/delete dialogs.**
### FR-012: Logs & Telemetry Page (MS16)
- Log viewer with timestamp, level, source, message columns
- Filtering by level, source, date range
- Auto-refresh for live logs
- Wire to existing runner-jobs, job steps, and events APIs
- Navigate from sidebar → /logs
- **Status: COMPLETE (MS16) — PR #480. Auto-refresh (5s polling), expandable rows, filters.**
### FR-013: Settings Root Page (MS16)
- Landing/index page for settings
- Category cards linking to existing subpages: Credentials, Domains, Personalities, Workspaces
- Navigate from sidebar → /settings (currently 404; subpages exist)
- **Status: COMPLETE (MS16) — PR #471. 4 category cards with icons and hover states.**
### FR-014: Custom 404 Page (MS16)
- Branded 404 page matching design system
- Helpful message and navigation link back to dashboard
- Applied to all unmatched routes within authenticated layout
- **Status: COMPLETE (MS16) — PR #472. Global + authenticated route-group 404 pages.**
### FR-015: Mock Data Elimination (MS16+MS17)
- `/tasks` page: replace mock data with `/api/tasks` calls
- `/calendar` page: replace mock data with `/api/events` calls
- `/knowledge` pages: replace mock data with `/api/knowledge` calls
- All pages must render real data from backend APIs
- **Status: COMPLETE (MS16+MS17) — PRs #473-#476. 238+ lines of mock data removed.**
### FR-016: Theme System (MS18) — COMPLETE
- 5 built-in themes (Dark, Light, Nord, Dracula, Solarized) as TypeScript theme packages
- ThemeProvider loads themes dynamically, applies CSS variables, instant switching
- Theme selection UI in Settings with live preview swatches
- UserPreference.theme persists selection across sessions
- **Status: COMPLETE (MS18) — PRs #493-495**
### FR-017: Terminal Panel (MS19) — COMPLETE
- Bottom drawer panel, toggleable from header and sidebar
- Real xterm.js terminal with PTY backend via WebSocket
- Multiple tabs: shell sessions, orchestrator agent output, build logs
- Terminal session persistence (create/close/rename tabs)
- Smart terminal operating at project/orchestrator level
- ASSUMPTION: Terminal backend uses node-pty for PTY management, communicating via WebSocket namespace (/terminal). Rationale: node-pty is the standard for Node.js terminal emulation, used by VS Code.
- ASSUMPTION: Terminal sessions are workspace-scoped and stored in PostgreSQL for recovery. Rationale: Consistent with existing workspace isolation pattern.
- **Status: COMPLETE (MS19) — PRs #515 (gateway), #517 (persistence), #518 (xterm.js), #520 (tabs), #522 (agent tabs). 60 API + 176 web tests.**
### FR-018: Chat Streaming & Master Chat (MS19) — COMPLETE
- Complete SSE streaming for token-by-token chat rendering
- Master chat sidebar (ChatOverlay) polish: model selector, conversation search, keyboard shortcuts
- Chat persistence via Ideas API (already implemented)
- ASSUMPTION: Chat streaming uses existing SSE infrastructure in LLM controller. Frontend needs streamChatMessage() completion. Rationale: Backend SSE is already working, only frontend wiring is missing.
- **Status: COMPLETE (MS19) — PRs #516 (streaming), #519 (polish). Model selector, temperature/maxTokens config, ChatEmptyState, Cmd+N/L shortcuts. 78 web tests.**
### FR-019: Project-Level Orchestrator Chat (MS19) — COMPLETE
- Chat context scoped to active project
- Can trigger orchestrator actions: spawn agent, check status, view jobs
- Command prefix system (/spawn, /status, /jobs) parsed in chat
- Agent output viewable in terminal tabs
- ASSUMPTION: Orchestrator commands route through existing web proxy (/api/orchestrator/\*) to orchestrator service. Rationale: Proxy routes already exist and handle auth.
- **Status: COMPLETE (MS19) — PRs #521 (commands), #522 (agent terminal). /status, /agents, /jobs, /pause, /resume, /help commands. Agent output streaming via SSE. 113 web tests.**
### FR-020: Site Stabilization & Feature Gaps (MS20) — IN PROGRESS
Runtime bugs and feature gaps discovered during live testing of mosaic.woltje.com.
**Workspace Context Propagation:**
- Domains page: "Workspace ID is required" when creating domains
- Projects page: "Workspace ID is required" when creating projects
- Credentials page: unable to add credentials (button disabled, feature stub)
- ASSUMPTION: The `useWorkspaceId()` hook + auto-detect in `apiRequest` from PR #532 handles reads, but mutation endpoints on some pages don't pass workspace ID correctly. Rationale: GET requests work after PR #532 but POST/mutation requests still fail on domains and projects pages.
**Missing API Endpoints:**
- `/api/personalities` — no controller/service exists; frontend expects GET/POST/PATCH/DELETE
- `/users/me/preferences` — listed in PRD API table but returns 404; frontend profile page depends on it
- ASSUMPTION: Personalities API follows existing NestJS module patterns (controller + service + DTO + Prisma model). Rationale: Consistent with all other API modules in the codebase.
- ASSUMPTION: User preferences endpoint is part of the existing users module but route is not registered. Rationale: PRD lists it as an existing endpoint.
**Orchestrator Connectivity:**
- All orchestrator-proxied endpoints return HTTP 502
- Orchestrator WebSocket connection fails ("Reconnecting to server...")
- Dashboard widgets: Agent Status, Task Progress, Orchestrator Events all error
- ASSUMPTION: The orchestrator service container runs but the Next.js API proxy cannot reach it. Root cause is likely environment variable or network configuration in Docker Swarm. Rationale: The orchestrator container exists in the compose file and has Traefik labels.
**UI/UX Issues:**
- Dark mode theming on Formality Level dropdown in Personalities page incorrect
- favicon.ico missing (404)
- Terminal sidebar link uses `#terminal` anchor instead of page route
- `useWorkspaceId` warning in console: no workspace ID in localStorage on fresh sessions
- ASSUMPTION: Terminal should have a dedicated page route `/terminal` that renders the terminal panel full-screen. Rationale: The sidebar has a Terminal link in the Operations section alongside Logs, implying it should be a navigable page.
**Credential Management:**
- "Add Credential" button is `disabled` in code — feature was stubbed as "coming soon"
- Need to implement credential creation UI and wire to existing `/api/credentials` CRUD endpoints
- ASSUMPTION: Credential CRUD frontend can use the existing `/api/credentials` API which was built during M7-CredentialSecurity. Rationale: Backend endpoints exist per audit.
### FR-021: Settings Configuration (Future — MS21)
- All environment variables configurable via UI
- Minimal launch env vars, rest configurable dynamically
- Settings stored in DB with RLS
- Theme selection, widget management, federation config, telemetry config
## Non-Functional Requirements
- All API endpoints must pass NestJS ValidationPipe (value imports for DTOs, not `import type`)
- All new modules must be registered in `app.module.ts`
- Prisma schema changes must include a migration file
- Code must pass `pnpm turbo run lint typecheck build` before merge
- Tests must pass `pnpm turbo run test` with no regressions
- No direct pushes to main — PR + squash merge only
---
1. Security: All API endpoints require authentication. RBAC enforced. No PII in telemetry. Secrets never hardcoded.
2. Performance: Dashboard loads in <2s. No layout shift during theme toggle. Sidebar toggle is instant (<100ms animation).
3. Reliability: Break-glass auth ensures access when Authentik is down.
4. Observability: Telemetry with opt-out support. Wide-event logging. Customizable telemetry endpoint.
## Acceptance Criteria
- [ ] `AgentTemplate` and `UserAgent` tables exist in production DB after migration
- [ ] `GET /admin/agent-templates` returns jarvis, builder, medic (seeded)
- [ ] `POST /admin/agent-templates` creates a new template (admin only, 403 for non-admin)
- [ ] `GET /agents` returns the authenticated user's agents
- [ ] `POST /agents` creates a user agent from a template
- [ ] `GET /agents/:id/chat` proxies to the correct agent
- [ ] Discord message in #jarvis channel routes to jarvis agent and responds
- [ ] Discord message in #builder channel routes to builder agent and responds
- [ ] WebUI shows agent list with name, role, model, status
- [ ] WebUI allows selecting an agent and sending a message
- [ ] All CI checks green on main after final PR merge
### MS15-DashboardShell — COMPLETE
---
1. ~~Design tokens from dashboard.html are implemented in globals.css~~ DONE
2. ~~App shell shows full-width header with logo, collapsible sidebar, main content area~~ DONE
3. ~~Sidebar has all nav groups with icons, collapses to icon-only mode~~ DONE
4. ~~Hamburger button appears at mobile breakpoints, sidebar hidden by default~~ DONE
5. ~~Light/dark theme toggle works across all components~~ DONE
6. ~~Mosaic logo spinner is used as site-wide loading indicator~~ DONE
7. ~~Dashboard page shows metrics strip, orchestrator sessions, quick actions, activity feed, token budget~~ DONE
8. ~~All shared components in packages/ui use design tokens (no hardcoded colors)~~ DONE
9. ~~Lint, typecheck, and existing tests pass~~ DONE
10. ~~Grain overlay texture from reference is applied~~ DONE
## Technical Considerations
### Go-Live MVP (v0.0.16) — COMPLETE
- DTOs must use value imports (never `import type`) for NestJS ValidationPipe compatibility — see MEMORY.md
- `AgentTemplate.fallbackModels` and `toolPermissions` are stored as `Json` (Prisma) — treat as `string[]` in TypeScript
- Discord routing requires mapping `discordChannel` string to a channel ID in OpenClaw config
- Chat proxy must be stateless — agent selection passed per-request
- Use `AdminGuard` from `src/auth/guards/admin.guard` for admin endpoints (existing pattern)
- Use `AuthGuard` from `src/auth/guards/auth.guard` for user endpoints (existing pattern)
11. ~~Dashboard widgets wired to real API data~~ DONE
12. ~~WebSocket emits for agent job lifecycle~~ DONE
13. ~~Deployed to mosaic.woltje.com with auth working~~ DONE
---
### MS16+MS17 — Pages & Data Integration — COMPLETE
## Risks / Open Questions
14. ~~All sidebar links navigate to functional pages (no 404s)~~ DONE
15. ~~Projects page: list, create, view project details~~ DONE
16. ~~Workspace page: view single project with tasks and agent sessions~~ DONE
17. ~~Kanban page: drag-and-drop board with task status columns~~ DONE
18. ~~File Manager page: tree/list view with CRUD operations~~ DONE
19. ~~Logs page: log viewer with filtering and auto-refresh~~ DONE
20. ~~Settings root page: category index linking to subpages~~ DONE
21. ~~Custom 404 page for unknown routes~~ DONE
22. ~~`/tasks` page uses real API data (no mock)~~ DONE
23. ~~`/calendar` page uses real API data (no mock)~~ DONE
24. ~~`/knowledge` pages use real API data (no mock)~~ DONE
25. ~~All new pages support light/dark theme~~ DONE
26. ~~All new pages are responsive (sm/md/lg/xl breakpoints)~~ DONE
27. ~~Lint, typecheck, and tests pass~~ DONE
28. ~~Deployed and smoke-tested at mosaic.woltje.com~~ DONE
| Risk | Likelihood | Mitigation |
| ------------------------------------------------------------ | ---------- | ------------------------------------------------- |
| Discord channel ID mapping not yet configured in OpenClaw | Medium | Manual config step; document in MISSION-MANIFEST |
| Agent routing adds latency to chat proxy | Low | Agent lookup is a single DB read; cache if needed |
| `exactOptionalPropertyTypes` TS strictness on Prisma creates | Medium | Use conditional spread for optional fields |
| Seed idempotency failure (duplicate name) | Low | Use `upsert` — already implemented |
### MS18 — Theme & Widget System — COMPLETE
---
29. ~~5+ themes with live preview and instant switching~~ DONE
30. ~~Theme selection UI in Settings with swatches~~ DONE
31. ~~UserPreference.theme persists across sessions~~ DONE
32. ~~WidgetGrid dashboard with drag/resize/add/remove~~ DONE
33. ~~Widget picker UI from registry~~ DONE
34. ~~Per-widget configuration dialog~~ DONE
35. ~~Layout save/load/rename/delete via API~~ DONE
36. ~~Tiptap WYSIWYG editor for knowledge entries~~ DONE
37. ~~Markdown round-trip (import/export)~~ DONE
38. ~~Kanban filtering by project, assignee, priority, search~~ DONE
39. ~~All features support all themes~~ DONE
40. ~~Lint, typecheck, tests pass~~ DONE
## Success Metrics / Testing
### MS19 — Chat & Terminal — COMPLETE
- Unit tests cover: AgentTemplateService CRUD, UserAgentService CRUD, chat routing logic
- E2E test: send Discord message in #jarvis → verify response comes from jarvis agent
- Manual smoke test: WebUI agent selector loads, chat works with selected agent
- CI pipeline green on all three apps (api, web, orchestrator)
41. ~~Terminal panel has real xterm.js with PTY backend~~ DONE — PR #518
42. ~~Terminal supports multiple named sessions (tabs)~~ DONE — PR #520
43. ~~Terminal sessions persist and recover on reconnect~~ DONE — PR #517
44. ~~Chat streaming renders tokens in real-time (SSE)~~ DONE — PR #516
45. ~~Master chat sidebar accessible from any page (Cmd+Shift+J)~~ DONE — PR #519
46. ~~Master chat supports model selection and conversation management~~ DONE — PR #519
47. ~~Project-level chat can trigger orchestrator actions~~ DONE — PR #521
48. ~~Agent output viewable in terminal tabs~~ DONE — PR #522
49. ~~All features support all themes~~ DONE — CSS variables throughout
50. ~~Lint, typecheck, tests pass~~ DONE — 1441 web + 3303 API = 4744 total
51. ~~Deployed and smoke-tested~~ DONE — CI #635 green, web deployed to mosaic.woltje.com
---
### Full Project (All Milestones)
## Milestones / Delivery
52. jarvis user logs in via Authentik, has admin access to all pages
53. jarvis-user has standard access at lower permission level
54. Break-glass user has access without Authentik
55. Three Mosaic Stack instances on Portainer with federation testing
56. Playwright tests confirm all pages, functions, theming work
57. No errors during site navigation
58. API documented via Swagger with proper auth gating
59. Telemetry working locally with wide-event logging
60. Mosaic Telemetry properly reporting to telemetry endpoint
| Milestone | Tasks | Status | Target |
| ----------------- | -------------- | ----------------------- | ---------- |
| M1: Schema + Seed | P2-001, P2-002 | ✅ done (PR #675, #677) | 2026-03-04 |
| M2: Admin CRUD | P2-003 | ✅ done (PR #678) | 2026-03-04 |
| M3: User CRUD | P2-004 | ⬜ next | 2026-03-05 |
| M4: Agent Routing | P2-005, P2-006 | ⬜ pending | 2026-03-05 |
| M5: Discord + UI | P2-007, P2-008 | ⬜ pending | 2026-03-06 |
| M6: Verification | P2-009, P2-010 | ⬜ pending | 2026-03-06 |
## Constraints and Dependencies
1. Next.js 16 with App Router — all pages use server/client component patterns
2. Tailwind CSS 3.4 — design tokens must integrate with Tailwind's utility class system
3. BetterAuth for authentication — must maintain existing auth flow
4. Authentik as IdP at auth.diversecanvas.com — must remain operational
5. PostgreSQL 17 with Prisma — all settings stored in DB
6. Portainer for deployment — 3 instances needed for federation testing
7. packages/ui is shared across apps — changes affect all consumers
8. Backend API modules already exist for all page data needs — no new API endpoints required for MS16+MS17 scope
## Risks and Open Questions
1. **Risk**: Pages need to match the design system established in MS15. Inconsistency would degrade UX. Mitigation: Use existing design tokens and shared components exclusively. **RESOLVED** — All MS16+MS17 pages use design tokens consistently.
2. **Risk**: Kanban drag-and-drop adds complexity and potential for state bugs. Mitigation: Use a proven DnD library. **RESOLVED**@hello-pangea/dnd selected (maintained fork of react-beautiful-dnd, better TS support). Optimistic updates with rollback on failure.
3. **Risk**: Mock data elimination may reveal backend API gaps or mismatches. Mitigation: Audit each API response shape against page needs during implementation. **RESOLVED** — All 3 mock-data pages wired successfully. No API gaps found.
4. ~~**Open**: Exact task status values for Kanban columns~~ **RESOLVED** — TaskStatus enum: NOT_STARTED, IN_PROGRESS, PAUSED, COMPLETED, ARCHIVED (5 columns).
5. ~~**Open**: Whether Workspace page should require project selection or show a default view~~ **RESOLVED** — Shows project selector when no project param, workspace detail when ?project=id.
6. ~~**Open**: File Manager page — should it be a direct mapping of Knowledge entries or a separate file abstraction?~~ **RESOLVED** — Direct mapping to Knowledge entries via /api/knowledge. API shape matches file manager needs.
## Existing Backend API Modules (Reference)
These 19 NestJS modules are already implemented with Prisma and available for frontend wiring:
| Module | Endpoint | Capabilities |
| ------------------ | ------------------------------ | --------------------- |
| Projects | `/api/projects` | Full CRUD |
| Tasks | `/api/tasks` | Full CRUD |
| Layouts | `/api/layouts` | Widget placement |
| Widgets | `/api/widgets` | Data endpoints |
| Activity | `/api/activity` | Audit logs |
| Dashboard | `/api/dashboard/summary` | Aggregated summary |
| Knowledge | `/api/knowledge` | Full CRUD + search |
| Ideas | `/api/ideas` | Capture/CRUD |
| Domains | `/api/domains` | CRUD |
| Events | `/api/events` | CRUD |
| Preferences | `/api/users/me/preferences` | User settings |
| Workspace Settings | `/api/workspaces/:id/settings` | LLM config |
| Runner Jobs | `/api/runner-jobs` | Job management |
| Job Steps | `/api/runner-jobs/:id/steps` | Step tracking |
| Agent Tasks | `/api/agent-tasks` | Agent task management |
| Credentials | `/api/credentials` | Encrypted storage |
| Brain/AI | `/api/brain` | Query/search |
| WebSocket | Real-time | Event broadcasting |
| LLM | `/api/llm/chat` | Chat + SSE streaming |
| Orchestrator Proxy | `/api/orchestrator/*` | Agent mgmt proxy |
| Telemetry | Internal | Logging/monitoring |
## Testing and Verification
1. Baseline: `pnpm lint && pnpm build` must pass
2. Situational: All sidebar links navigate without 404
3. Situational: Each new page renders with real API data
4. Situational: Theme toggle on each new page
5. Situational: Responsive verification at sm/md/lg/xl
6. E2E: Playwright tests for all page navigation (MS23)
7. E2E: Auth flow with Authentik (MS23)
8. Federation: Master-master and master-slave data access tests (MS21)
## Delivery/Milestone Intent
| Milestone | Version | Focus | Status |
| ------------------------------ | ------- | ----------------------------------------------------------------- | ----------- |
| MS15-DashboardShell | 0.0.15 | Design system + app shell + dashboard page | COMPLETE |
| Go-Live MVP | 0.0.16 | Dashboard polish, ingestion, agent visibility, deploy | COMPLETE |
| MS16+MS17-PagesDataIntegration | 0.0.17 | All pages built + wired to real API data | COMPLETE |
| MS18-ThemeWidgets | 0.0.18 | Theme package system, widget registry, WYSIWYG, Kanban filtering | COMPLETE |
| MS19-ChatTerminal | 0.0.19 | Global terminal, project chat, master chat session | COMPLETE |
| MS20-SiteStabilization | 0.0.20 | Runtime bug fixes, missing endpoints, orchestrator connectivity | IN PROGRESS |
| MS21-MultiTenant | 0.0.21 | Multi-tenant, teams, RBAC, RLS enforcement, break-glass auth | NOT STARTED |
| MS22-Federation | 0.0.22 | Federation (M-M, M-S), 3 instances, key exchange, data separation | NOT STARTED |
| MS23-AgentTelemetry | 0.0.23 | Agent task mapping, telemetry, wide-event logging | NOT STARTED |
| MS24-Testing | 0.0.24 | Playwright E2E, federation tests, documentation finalization | NOT STARTED |
## Assumptions
1. ASSUMPTION: Header spans full width including above sidebar area. The logo is in the header, not the sidebar. Rationale: User explicitly stated "The logo will NOT be part of the sidebar."
2. ASSUMPTION: Sidebar footer user card navigates to Profile page. Rationale: Matches reference design behavior.
3. ASSUMPTION: Initial implementation supports dark/light from reference design. Multi-theme package system is a future milestone. Rationale: Foundation must be solid before extensibility.
4. ASSUMPTION: MS16 and MS17 are combined into a single mission because 19 backend API modules already exist with real Prisma business logic. The remaining work is primarily frontend page creation and API wiring. Rationale: Backend audit on 2026-02-22 confirmed all required endpoints are implemented.
5. ASSUMPTION: File Manager page maps to Knowledge entries rather than a separate file system abstraction. Rationale: `/api/knowledge` provides full CRUD + search which matches file manager needs. Can be extended later if needed.
6. ASSUMPTION: Theme packages are code-level TypeScript files (not runtime-installable npm packages). Each theme exports CSS variable overrides. Rationale: Keeps the system simple for MS18; runtime package loading can be added in a future milestone.
7. ASSUMPTION: WYSIWYG editor uses Tiptap (ProseMirror-based, headless). Rationale: Headless approach integrates naturally with the CSS variable design system, excellent markdown import/export, TypeScript-first, battle-tested.
8. ASSUMPTION: MS18 includes WYSIWYG editing for knowledge entries and Kanban filtering enhancements in addition to themes and widgets. These were originally listed separately but are grouped into MS18 per PRD scope items 24-25. Rationale: All are frontend-focused enhancements that build on the existing page infrastructure.
9. ASSUMPTION: The `useWorkspaceId()` hook + auto-detect in `apiRequest` from PR #532 handles reads, but mutation endpoints on some pages don't pass workspace ID correctly. Rationale: GET requests work after PR #532 but POST/mutation requests still fail on domains and projects pages.
10. ASSUMPTION: Personalities API follows existing NestJS module patterns (controller + service + DTO + Prisma model). Rationale: Consistent with all other API modules in the codebase.
11. ASSUMPTION: User preferences endpoint is part of the existing users module but route is not registered. Rationale: PRD lists it as an existing endpoint.
12. ASSUMPTION: The orchestrator service container runs but the Next.js API proxy cannot reach it. Root cause is likely environment variable or network configuration in Docker Swarm. Rationale: The orchestrator container exists in the compose file and has Traefik labels.
13. ASSUMPTION: Terminal should have a dedicated page route `/terminal` that renders the terminal panel full-screen. Rationale: The sidebar has a Terminal link in the Operations section alongside Logs, implying it should be a navigable page.
14. ASSUMPTION: Credential CRUD frontend can use the existing `/api/credentials` API which was built during M7-CredentialSecurity. Rationale: Backend endpoints exist per audit.

17
docs/TASKS.md
View File

@@ -89,20 +89,3 @@ Design doc: `docs/design/MS22-DB-CENTRIC-ARCHITECTURE.md`
| MS22-P1i | done | phase-1i | Chat proxy: route WebUI chat to user's OpenClaw container (SSE) | — | api+web | feat/ms22-p1i-chat-proxy | P1c,P1d | — | — | — | — | 20K | — | |
| MS22-P1j | done | phase-1j | Docker entrypoint + health checks + core compose | — | docker | feat/ms22-p1j-docker | P1c | — | — | — | — | 10K | — | |
| MS22-P1k | done | phase-1k | Idle reaper cron: stop inactive user containers | — | api | feat/ms22-p1k-idle-reaper | P1d | — | — | — | — | 10K | — | |
## MS22 Phase 2: Named Agent Fleet
PRD: `docs/PRD-MS22-P2-AGENT-FLEET.md`
| Task ID | Status | Phase | Description | Issue | Scope | Branch | Depends On | Blocks | Assigned Worker | Started | Completed | Est Tokens | Act Tokens | Notes |
| ----------- | ----------- | -------- | -------------------------------------------- | -------- | ----- | --------------------------- | ------------- | ------------- | --------------- | ---------- | ---------- | ---------- | ---------- | -------------- |
| MS22-P2-001 | done | p2-fleet | Prisma schema: AgentTemplate, UserAgent | TASKS:P2 | api | feat/ms22-p2-agent-schema | MS22-P1a | P2-002,P2-003 | orchestrator | 2026-03-04 | 2026-03-04 | 10K | 3K | PR #675 merged |
| MS22-P2-002 | done | p2-fleet | Seed default agents (jarvis, builder, medic) | TASKS:P2 | api | feat/ms22-p2-agent-seed | P2-001 | P2-004 | orchestrator | 2026-03-04 | 2026-03-04 | 5K | 2K | PR #677 merged |
| MS22-P2-003 | done | p2-fleet | Agent template CRUD endpoints (admin) | TASKS:P2 | api | feat/ms22-p2-agent-crud | P2-001 | P2-005 | orchestrator | 2026-03-04 | 2026-03-04 | 15K | 5K | PR #678 merged |
| MS22-P2-004 | done | p2-fleet | User agent CRUD endpoints | TASKS:P2 | api | feat/ms22-p2-user-agents | P2-002,P2-003 | P2-006 | orchestrator | 2026-03-04 | 2026-03-04 | 15K | 8K | PR #682 merged |
| MS22-P2-005 | in-progress | p2-fleet | Agent status endpoints | TASKS:P2 | api | feat/ms22-p2-agent-status | P2-003 | P2-008 | orchestrator | 2026-03-04 | — | 10K | — | |
| MS22-P2-006 | not-started | p2-fleet | Agent chat routing (select agent by name) | TASKS:P2 | api | feat/ms22-p2-agent-routing | P2-004 | P2-007 | — | — | — | 15K | — | |
| MS22-P2-007 | not-started | p2-fleet | Discord channel → agent routing | TASKS:P2 | api | feat/ms22-p2-discord-router | P2-006 | P2-009 | — | — | — | 15K | — | |
| MS22-P2-008 | not-started | p2-fleet | Agent list/selector UI in WebUI | TASKS:P2 | web | feat/ms22-p2-agent-ui | P2-005 | — | — | — | — | 15K | — | |
| MS22-P2-009 | not-started | p2-fleet | Unit tests for agent services | TASKS:P2 | api | test/ms22-p2-agent-tests | P2-007 | P2-010 | — | — | — | 15K | — | |
| MS22-P2-010 | not-started | p2-fleet | E2E verification: Discord → agent → response | TASKS:P2 | stack | — | P2-009 | — | — | — | — | 10K | — | |

23
docs/scratchpads/ms22-p2-named-agent-fleet-20260304.md
View File

@@ -1,23 +0,0 @@
# Mission Scratchpad — MS22-P2 Named Agent Fleet
> Append-only log. NEVER delete entries. NEVER overwrite sections.
> This is the orchestrator's working memory across sessions.
## Original Mission Prompt
```
(Paste the mission prompt here on first session)
```
## Planning Decisions
## Session Log
| Session | Date | Milestone | Tasks Done | Outcome |
| ------- | ---------- | --------- | ---------------------- | ------------------------------------------------------------------------------ |
| 2 | 2026-03-04 | M1+M2+M3 | P2-004 done | Fixed CI security audit, merged PRs #681, #678, #682. Milestones 1-3 complete. |
| 1 | 2026-03-04 | M1+M2 | P2-001, P2-002, P2-003 | Schema, seed, and Admin CRUD complete |
## Open Questions
## Corrections

2
package.json
View File

@@ -76,7 +76,7 @@
"undici": ">=6.23.0",
"rollup": ">=4.59.0",
"serialize-javascript": ">=7.0.3",
"multer": ">=2.1.1"
"multer": ">=2.1.0"
}
}
}

38
pnpm-lock.yaml generated
View File

@@ -17,7 +17,7 @@ overrides:
undici: '>=6.23.0'
rollup: '>=4.59.0'
serialize-javascript: '>=7.0.3'
multer: '>=2.1.1'
multer: '>=2.1.0'
importers:
@@ -180,9 +180,6 @@ importers:
gray-matter:
specifier: ^4.0.3
version: 4.0.3
helmet:
specifier: ^8.1.0
version: 8.1.0
highlight.js:
specifier: ^11.11.1
version: 11.11.1
@@ -1616,7 +1613,6 @@ packages:
'@mosaicstack/telemetry-client@0.1.1':
resolution: {integrity: sha512-1udg6p4cs8rhQgQ2pKCfi7EpRlJieRRhA5CIqthRQ6HQZLgQ0wH+632jEulov3rlHSM1iplIQ+AAe5DWrvSkEA==, tarball: https://git.mosaicstack.dev/api/packages/mosaic/npm/%40mosaicstack%2Ftelemetry-client/-/0.1.1/telemetry-client-0.1.1.tgz}
engines: {node: '>=18'}
'@mrleebo/prisma-ast@0.13.1':
resolution: {integrity: sha512-XyroGQXcHrZdvmrGJvsA9KNeOOgGMg1Vg9OlheUsBOSKznLMDl+YChxbkboRHvtFYJEMRYmlV3uoo/njCw05iw==}
@@ -5214,10 +5210,6 @@ packages:
resolution: {integrity: sha512-0hJU9SCPvmMzIBdZFqNPXWa6dqh7WdH0cII9y+CyS8rG3nL48Bclra9HmKhVVUHyPWNH5Y7xDwAB7bfgSjkUMQ==}
engines: {node: '>= 0.4'}
helmet@8.1.0:
resolution: {integrity: sha512-jOiHyAZsmnr8LqoPGmCjYAaiuWwjAPLgY8ZX2XrmHawt99/u1y6RgrZMTeoPfpUbV96HOalYgz1qzkRbw54Pmg==}
engines: {node: '>=18.0.0'}
highlight.js@11.11.1:
resolution: {integrity: sha512-Xwwo44whKBVCYoliBQwaPvtd/2tYFkRQtXDWj1nackaV2JPXx3L0+Jvd8/qCJ2p+ML0/XVkJ2q+Mr+UVdpJK5w==}
engines: {node: '>=12.0.0'}
@@ -5864,8 +5856,8 @@ packages:
msgpackr@1.11.5:
resolution: {integrity: sha512-UjkUHN0yqp9RWKy0Lplhh+wlpdt9oQBYgULZOiFhV3VclSF1JnSQWZ5r9gORQlNYaUKQoR8itv7g7z1xDDuACA==}
multer@2.1.1:
resolution: {integrity: sha512-mo+QTzKlx8R7E5ylSXxWzGoXoZbOsRMpyitcht8By2KHvMbf3tjwosZ/Mu/XYU6UuJ3VZnODIrak5ZrPiPyB6A==}
multer@2.1.0:
resolution: {integrity: sha512-TBm6j41rxNohqawsxlsWsNNh/VdV4QFXcBvRcPhXaA05EZ79z0qJ2bQFpync6JBoHTeNY5Q1JpG7AlTjdlfAEA==}
engines: {node: '>= 10.16.0'}
mute-stream@2.0.0:
@@ -8005,7 +7997,7 @@ snapshots:
chalk: 5.6.2
commander: 12.1.0
dotenv: 17.2.4
drizzle-orm: 0.41.0(@opentelemetry/api@1.9.0)(@prisma/client@5.22.0(prisma@6.19.2(magicast@0.3.5)(typescript@5.9.3)))(@types/pg@8.16.0)(better-sqlite3@12.6.2)(kysely@0.28.10)(pg@8.17.2)(postgres@3.4.8)(prisma@6.19.2(magicast@0.3.5)(typescript@5.9.3))
drizzle-orm: 0.41.0(@opentelemetry/api@1.9.0)(@prisma/client@6.19.2(prisma@6.19.2(magicast@0.3.5)(typescript@5.9.3))(typescript@5.9.3))(@types/pg@8.16.0)(better-sqlite3@12.6.2)(kysely@0.28.10)(pg@8.17.2)(postgres@3.4.8)(prisma@6.19.2(magicast@0.3.5)(typescript@5.9.3))
open: 10.2.0
pg: 8.17.2
prettier: 3.8.1
@@ -8869,7 +8861,7 @@ snapshots:
'@nestjs/core': 11.1.12(@nestjs/common@11.1.12(class-transformer@0.5.1)(class-validator@0.14.3)(reflect-metadata@0.2.2)(rxjs@7.8.2))(@nestjs/platform-express@11.1.12)(@nestjs/websockets@11.1.12)(reflect-metadata@0.2.2)(rxjs@7.8.2)
cors: 2.8.5
express: 5.2.1
multer: 2.1.1
multer: 2.1.0
path-to-regexp: 8.3.0
tslib: 2.8.1
transitivePeerDependencies:
@@ -11345,7 +11337,7 @@ snapshots:
optionalDependencies:
'@prisma/client': 5.22.0(prisma@6.19.2(magicast@0.3.5)(typescript@5.9.3))
better-sqlite3: 12.6.2
drizzle-orm: 0.41.0(@opentelemetry/api@1.9.0)(@prisma/client@5.22.0(prisma@6.19.2(magicast@0.3.5)(typescript@5.9.3)))(@types/pg@8.16.0)(better-sqlite3@12.6.2)(kysely@0.28.10)(pg@8.17.2)(postgres@3.4.8)(prisma@6.19.2(magicast@0.3.5)(typescript@5.9.3))
drizzle-orm: 0.41.0(@opentelemetry/api@1.9.0)(@prisma/client@6.19.2(prisma@6.19.2(magicast@0.3.5)(typescript@5.9.3))(typescript@5.9.3))(@types/pg@8.16.0)(better-sqlite3@12.6.2)(kysely@0.28.10)(pg@8.17.2)(postgres@3.4.8)(prisma@6.19.2(magicast@0.3.5)(typescript@5.9.3))
next: 16.1.6(@babel/core@7.28.6)(@opentelemetry/api@1.9.0)(react-dom@19.2.4(react@19.2.4))(react@19.2.4)
pg: 8.17.2
prisma: 6.19.2(magicast@0.3.5)(typescript@5.9.3)
@@ -11370,7 +11362,7 @@ snapshots:
optionalDependencies:
'@prisma/client': 6.19.2(prisma@6.19.2(magicast@0.3.5)(typescript@5.9.3))(typescript@5.9.3)
better-sqlite3: 12.6.2
drizzle-orm: 0.41.0(@opentelemetry/api@1.9.0)(@prisma/client@5.22.0(prisma@6.19.2(magicast@0.3.5)(typescript@5.9.3)))(@types/pg@8.16.0)(better-sqlite3@12.6.2)(kysely@0.28.10)(pg@8.17.2)(postgres@3.4.8)(prisma@6.19.2(magicast@0.3.5)(typescript@5.9.3))
drizzle-orm: 0.41.0(@opentelemetry/api@1.9.0)(@prisma/client@6.19.2(prisma@6.19.2(magicast@0.3.5)(typescript@5.9.3))(typescript@5.9.3))(@types/pg@8.16.0)(better-sqlite3@12.6.2)(kysely@0.28.10)(pg@8.17.2)(postgres@3.4.8)(prisma@6.19.2(magicast@0.3.5)(typescript@5.9.3))
next: 16.1.6(@babel/core@7.28.6)(@opentelemetry/api@1.9.0)(react-dom@19.2.4(react@19.2.4))(react@19.2.4)
pg: 8.17.2
prisma: 6.19.2(magicast@0.3.5)(typescript@5.9.3)
@@ -12194,17 +12186,6 @@ snapshots:
dotenv@17.2.4: {}
drizzle-orm@0.41.0(@opentelemetry/api@1.9.0)(@prisma/client@5.22.0(prisma@6.19.2(magicast@0.3.5)(typescript@5.9.3)))(@types/pg@8.16.0)(better-sqlite3@12.6.2)(kysely@0.28.10)(pg@8.17.2)(postgres@3.4.8)(prisma@6.19.2(magicast@0.3.5)(typescript@5.9.3)):
optionalDependencies:
'@opentelemetry/api': 1.9.0
'@prisma/client': 5.22.0(prisma@6.19.2(magicast@0.3.5)(typescript@5.9.3))
'@types/pg': 8.16.0
better-sqlite3: 12.6.2
kysely: 0.28.10
pg: 8.17.2
postgres: 3.4.8
prisma: 6.19.2(magicast@0.3.5)(typescript@5.9.3)
drizzle-orm@0.41.0(@opentelemetry/api@1.9.0)(@prisma/client@6.19.2(prisma@6.19.2(magicast@0.3.5)(typescript@5.9.3))(typescript@5.9.3))(@types/pg@8.16.0)(better-sqlite3@12.6.2)(kysely@0.28.10)(pg@8.17.2)(postgres@3.4.8)(prisma@6.19.2(magicast@0.3.5)(typescript@5.9.3)):
optionalDependencies:
'@opentelemetry/api': 1.9.0
@@ -12215,7 +12196,6 @@ snapshots:
pg: 8.17.2
postgres: 3.4.8
prisma: 6.19.2(magicast@0.3.5)(typescript@5.9.3)
optional: true
dunder-proto@1.0.1:
dependencies:
@@ -12835,8 +12815,6 @@ snapshots:
dependencies:
function-bind: 1.1.2
helmet@8.1.0: {}
highlight.js@11.11.1: {}
html-encoding-sniffer@4.0.0:
@@ -13486,7 +13464,7 @@ snapshots:
optionalDependencies:
msgpackr-extract: 3.0.3
multer@2.1.1:
multer@2.1.0:
dependencies:
append-field: 1.0.0
busboy: 1.6.0