This website requires JavaScript.
254f85369b
add repo lifecycle hooks for mosaic-stack sessions
2026-02-17 12:45:39 -06:00
ddf6851bfd
bootstrap repo to mosaic standards layer
2026-02-17 12:43:14 -06:00
027fee1afa
fix: use UUID for Better Auth ID generation to match Prisma schema
Jason Woltje
2026-02-16 22:48:17 -06:00
abe57621cd
fix: add CORS env vars to Swarm/Portainer compose and log trusted origins
Jason Woltje
2026-02-16 22:31:29 -06:00
7c7ad59002
Remove extra docker-compose and .env.exmple files.
Jason Woltje
2026-02-16 22:08:02 -06:00
ca430d6fdf
fix: resolve Portainer deployment Redis and CORS failures
Jason Woltje
2026-02-16 22:05:58 -06:00
18e5f6312b
fix: reduce Kaniko disk usage in Node.js Dockerfiles
Jason Woltje
2026-02-16 20:21:44 -06:00
d2ed1f2817
fix: eliminate apt-get from Kaniko builds, use static dumb-init binary
Jason Woltje
2026-02-16 20:06:06 -06:00
fb609d40e3
fix: use Kaniko --snapshot-mode=redo to fix apt GPG errors in CI
Jason Woltje
2026-02-16 19:56:34 -06:00
0c93be417a
fix: clear stale APT lists before apt-get update in Dockerfiles
Jason Woltje
2026-02-16 19:44:36 -06:00
b719fa0444
Merge pull request 'chore: upgrade Node.js runtime to v24 across codebase' (#419 ) from fix/auth-frontend-remediation into main
jason.woltje
2026-02-17 01:04:46 +00:00
8961f5b18c
chore: upgrade Node.js runtime to v24 across codebase
2026-02-16 17:33:26 -06:00
d58bf47cd7
Merge pull request 'fix(#411 ): auth & frontend remediation — all 6 phases complete' (#418 ) from fix/auth-frontend-remediation into develop
jason.woltje
2026-02-16 23:11:42 +00:00
c917a639c4
fix(#411 ): wrap login page useSearchParams in Suspense boundary
2026-02-16 17:07:18 -06:00
9d3a673e6c
fix(#411 ): resolve CI lint errors — prettier, unused directives, no-base-to-string
2026-02-16 17:00:01 -06:00
b96e2d7dc6
chore(#411 ): Phase 13 complete — QA round 2 remediation done, 272 tests passing
2026-02-16 15:51:38 -06:00
76756ad695
test(#411 ): add AuthGuard user validation branch tests — malformed/missing/null user data
2026-02-16 15:48:53 -06:00
05ee6303c2
fix(#411 ): sanitize Bearer tokens in verifySession logs + warn on non-Error thrown values
2026-02-16 15:48:10 -06:00
5328390f4c
fix(#411 ): sanitize login error messages through parseAuthError — prevent raw error leakage
2026-02-16 15:45:40 -06:00
4d9b75994f
fix(#411 ): add runtime null checks in auth controller — defense-in-depth for AuthenticatedRequest
2026-02-16 15:44:31 -06:00
d7de20e586
fix(#411 ): classifyAuthError — return null for normal 401/session-expired instead of 'backend'
2026-02-16 15:42:44 -06:00
399d5a31c8
fix(#411 ): narrow verifySession allowlist — prevent false-positive infra error classification
2026-02-16 15:42:10 -06:00
b675db1324
test(#411 ): QA-015 — add credentials fallback test + fix refreshSession test name
2026-02-16 14:05:30 -06:00
e0d6d585b3
test(#411 ): QA-014 — add verifySession non-Error thrown value tests
2026-02-16 14:03:08 -06:00
0a2eaaa5e4
refactor(#411 ): QA-011 — unify request-with-user types into AuthenticatedRequest
2026-02-16 14:00:14 -06:00
df495c67b5
fix(#411 ): QA-012 — clamp RetryOptions to sensible ranges
2026-02-16 13:53:29 -06:00
3e2c1b69ea
fix(#411 ): QA-009 — fix .env.example OIDC vars and test assertion
2026-02-16 13:51:13 -06:00
27c4c8edf3
fix(#411 ): QA-010 — fix minor JSDoc and comment issues across auth files
2026-02-16 13:50:04 -06:00
e600cfd2d0
fix(#411 ): QA-007 — explicit error state on login config fetch failure
2026-02-16 13:44:01 -06:00
08e32d42a3
fix(#411 ): QA-008 — derive KNOWN_CODES from ERROR_MESSAGES keys
2026-02-16 13:40:48 -06:00
752e839054
fix(#411 ): QA-005 — production logging, error classification, session-expired state
2026-02-16 13:37:49 -06:00
8a572e8525
fix(#411 ): QA-004 — HttpException for session guard + PDA-friendly auth error
2026-02-16 13:18:53 -06:00
4f31690281
fix(#411 ): QA-002 — invert verifySession error classification + health check escalation
2026-02-16 13:15:41 -06:00
097f5f4ab6
fix(#411 ): QA-001 — let infrastructure errors propagate through AuthGuard
2026-02-16 13:14:49 -06:00
ac492aab80
chore(#411 ): Phase 7 complete — review remediation done, 297 tests passing
2026-02-16 12:38:18 -06:00
110e181272
test(#411 ): add missing test coverage — getAccessToken, isAdmin, null cases, getClientIp
2026-02-16 12:37:11 -06:00
9696e45265
fix(#411 ): remediate frontend review findings — wire fetchWithRetry, fix error handling
2026-02-16 12:33:25 -06:00
7ead8b1076
fix(#411 ): remediate backend review findings — COOKIE_DOMAIN, TRUSTED_ORIGINS validation, verifySession
2026-02-16 12:31:53 -06:00
3fbba135b9
chore(#411 ): Phase 6 complete — 4/4 tasks done, 93 tests passing
2026-02-16 12:21:29 -06:00
c233d97ba0
feat(#417 ): add fetchWithRetry with exponential backoff for auth
2026-02-16 12:19:46 -06:00
f1ee0df933
feat(#417 ): update auth-client.ts error messages to PDA-friendly
2026-02-16 12:15:25 -06:00
07084208a7
feat(#417 ): add session expiry detection to AuthProvider
2026-02-16 12:12:46 -06:00
f500300b1f
feat(#417 ): create auth-errors.ts with PDA error parsing and mapping
2026-02-16 12:02:57 -06:00
24ee7c7f87
chore(#411 ): Phase 5 complete — 4/4 tasks done, 83 tests passing
2026-02-16 11:58:02 -06:00
d9a3eeb9aa
feat(#416 ): responsive layout + accessibility for login page
2026-02-16 11:56:13 -06:00
077bb042b7
feat(#416 ): add error display from URL query params on login page
2026-02-16 11:50:33 -06:00
1d7d5a9d01
refactor(#416 ): delete old LoginButton, replaced by OAuthButton
2026-02-16 11:48:15 -06:00
2020c15545
feat(#416 ): redesign login page with dynamic provider rendering
2026-02-16 11:45:44 -06:00
3ab87362a9
chore(#411 ): Phase 4 complete — 6/6 tasks done, 54 frontend tests passing
2026-02-16 11:39:45 -06:00
81b5204258
feat(#415 ): theme fix, AuthDivider, SessionExpiryWarning components
2026-02-16 11:37:31 -06:00
9623a3be97
chore(#411 ): Phase 3 complete — 4/4 tasks done, 73 auth tests passing
2026-02-16 11:28:46 -06:00
f37c83e280
docs(#414 ): add TRUSTED_ORIGINS and COOKIE_DOMAIN to .env.example
2026-02-16 11:27:26 -06:00
7ebbcbf958
fix(#414 ): extract trustedOrigins to getTrustedOrigins() with env vars
2026-02-16 11:25:58 -06:00
b316e98b64
fix(#414 ): update session config to 7d absolute, 2h idle timeout
2026-02-16 11:24:15 -06:00
447141f05d
chore(#411 ): Phase 2 complete — 4/4 tasks done, 55 auth tests passing
2026-02-16 11:21:14 -06:00
3b2356f5a0
feat(#413 ): add OIDC provider health check with 30s cache
2026-02-16 11:20:05 -06:00
d2605196ac
test(#413 ): add secret-leakage prevention test for GET /auth/config
2026-02-16 11:16:59 -06:00
2d59c4b2e4
feat(#413 ): implement GET /auth/config discovery endpoint
2026-02-16 11:14:51 -06:00
a9090aca7f
feat(#413 ): add AuthProviderConfig and AuthConfigResponse types to @mosaic/shared
2026-02-16 11:10:50 -06:00
f6eadff5bf
chore(#411 ): Phase 1 complete — 5/5 tasks done, 36 tests passing
2026-02-16 11:09:51 -06:00
9ae21c4c15
fix(#412 ): wrap BetterAuth handler in try/catch with error logging
2026-02-16 11:08:47 -06:00
976d14d94b
fix(#412 ): enable PKCE, fix docker OIDC default, document @SkipCsrf
2026-02-16 11:04:34 -06:00
b2eec3cf83
fix(#412 ): add OIDC_REDIRECT_URI to startup validation
2026-02-16 11:02:56 -06:00
bd7470f5d7
chore(#411 ): bootstrap auth-frontend-remediation tasks from plan
2026-02-16 10:58:32 -06:00
491675b613
docs: add auth & frontend remediation plan
Jason Woltje
2026-02-16 04:43:38 -06:00
4b3eecf05a
fix(#410 ): pass OIDC_ENABLED to API container in docker-compose
Jason Woltje
2026-02-16 04:04:42 -06:00
3376d8162e
fix(#410 ): skip CSRF guard on auth catch-all route
Jason Woltje
2026-02-16 03:41:50 -06:00
e2ffaa71b1
fix: exempt health endpoint from rate limiting
Jason Woltje
2026-02-16 03:21:46 -06:00
444fa1116a
fix(#410 ): align BetterAuth basePath and auth client with NestJS routing
Jason Woltje
2026-02-15 19:41:08 -06:00
31ce9e920c
fix: replace flaky timing-based test with deterministic assertion
Jason Woltje
2026-02-15 19:11:15 -06:00
ba54de88fd
fix(#410 ): use toNodeHandler for BetterAuth Express compatibility
Jason Woltje
2026-02-15 19:03:21 -06:00
ca21416efc
fix: switch Docker images from Alpine to Debian slim for native addon compatibility
Jason Woltje
2026-02-15 16:02:23 -06:00
1bad7a8cca
fix: allow matrix-sdk-crypto-nodejs build scripts for native binary
Jason Woltje
2026-02-15 15:27:36 -06:00
6015ace1de
fix: update @mosaicstack/telemetry-client to 0.1.1 for CJS compatibility
Jason Woltje
2026-02-15 15:09:02 -06:00
92de2f282f
fix(database): resolve migration failures and schema drift
Jason Woltje
2026-02-15 14:42:06 -06:00
1fde25760a
Merge pull request 'feat: M13-SpeechServices — TTS & STT integration' (#409 ) from feature/m13-speech-services into develop
jason.woltje
2026-02-15 18:37:53 +00:00
cf28efa880
merge: resolve conflicts with develop (M10-Telemetry + M12-MatrixBridge)
Jason Woltje
2026-02-15 12:31:08 -06:00
11d284554d
Merge pull request 'feat: M12-MatrixBridge — Matrix/Element chat bridge integration' (#408 ) from feature/m12-matrix-bridge into develop
jason.woltje
2026-02-15 18:22:16 +00:00
3cc2030446
fix(#377 ): add pnpm overrides for matrix-bot-sdk transitive vulnerabilities
Jason Woltje
2026-02-15 12:17:17 -06:00
eca2c46e9d
merge: resolve conflicts with develop (telemetry + lockfile)
Jason Woltje
2026-02-15 12:12:43 -06:00
c5a87df6e1
fix(#374 ): add pip.conf to coordinator Docker build for private registry
Jason Woltje
2026-02-15 12:05:04 -06:00
17ee28b6f6
Merge pull request 'feat: M10-Telemetry — Mosaic Telemetry integration' (#407 ) from feature/m10-telemetry into develop
jason.woltje
2026-02-15 17:32:07 +00:00
af9c5799af
fix(#388 ): address PR review findings — fix WebSocket/REST bugs, improve error handling, fix types and comments
Jason Woltje
2026-02-15 03:44:33 -06:00
dcbc8d1053
chore(orchestrator): finalize M13-SpeechServices tasks.md — all 18/18 done
Jason Woltje
2026-02-15 03:27:21 -06:00
d2c7602430
test(#405 ): add E2E integration tests for speech services
Jason Woltje
2026-02-15 03:26:05 -06:00
24065aa199
docs(#406 ): add speech services documentation
Jason Woltje
2026-02-15 03:23:22 -06:00
bc86947d01
feat(#404 ): add speech settings page with provider config
Jason Woltje
2026-02-15 03:16:27 -06:00
74d6c1092e
feat(#403 ): add audio playback component for TTS output
Jason Woltje
2026-02-15 03:05:39 -06:00
03d0c032e4
chore(orchestrator): Add review remediation phase to tasks.md
Jason Woltje
2026-02-15 03:02:27 -06:00
8d19ac1f4b
fix(#377 ): remediate code review and security findings
Jason Woltje
2026-02-15 03:00:53 -06:00
28c9e6fe65
feat(#397 ): implement WebSocket streaming transcription gateway
Jason Woltje
2026-02-15 02:54:41 -06:00
b3d6d73348
feat(#400 ): add Docker Compose swarm/prod deployment for speech services
Jason Woltje
2026-02-15 02:51:13 -06:00
527262af38
feat(#392 ): create /api/speech/transcribe REST endpoint
Jason Woltje
2026-02-15 02:47:52 -06:00
a1f0d1dd71
chore(orchestrator): All M12-MatrixBridge tasks complete
Jason Woltje
2026-02-15 02:40:47 -06:00
9cc70dbe31
test(#385 ): Matrix bridge integration tests
Jason Woltje
2026-02-15 02:39:59 -06:00
6c465566f6
feat(#395 ): implement Piper TTS provider via OpenedAI Speech
Jason Woltje
2026-02-15 02:39:20 -06:00
68808c0933
docs(#386 ): Matrix bridge setup and architecture documentation
Jason Woltje
2026-02-15 02:39:20 -06:00
7b4fda6011
feat(#398 ): add audio/text validation pipes and speech DTOs
Jason Woltje
2026-02-15 02:37:54 -06:00
0819dfa470
chore(orchestrator): Update tasks — Phase 4 complete, Phase 5+6 starting
Jason Woltje
2026-02-15 02:35:53 -06:00
93cd31435b
feat(#383 ): Streaming AI responses via Matrix message edits
Jason Woltje
2026-02-15 02:34:36 -06:00
Jason Woltje
Jason Woltje