stack

mosaic/stack

Fork 0

Commit Graph

Select branches

Hide Pull Requests

chore/ms21-complete

chore/ms21-final-tasks-done

chore/ms21-tasks-sync

chore/ms22-p1-complete

chore/ms22-p1-tasks

chore/ms22-phase0-complete

chore/ms22-prd-tracking

chore/tasks-final

chore/tasks-update

ci/pnpm-cache

docs/ms22-architecture

feat/custom-base-image

feat/kanban-add-task

feat/ms19-terminal-persistence

feat/ms21-rbac-settings

feat/ms21-session-invalidation

feat/ms21-teams-page

feat/ms21-ui-users-members

feat/ms21-users-page

feat/ms22-ingest-clean

feat/ms22-openclaw-docker

feat/ms22-openclaw-gateway-module

feat/ms22-p1a-schema

feat/ms22-p1b-crypto

feat/ms22-p1c-config-api

feat/ms22-p1d-container-mgr

feat/ms22-p1e-onboarding-api

feat/ms22-p1f-onboarding-ui

feat/ms22-p1g-settings-api

feat/ms22-p1h-settings-ui

feat/ms22-p1i-chat-proxy

feat/ms22-p1j-docker

feat/ms22-p1k-idle-reaper

feat/ms22-task-agent

feat/project-detail-page

feat/usage-widget

feat/wire-chat

fix/base-image-kaniko

fix/base-image-kaniko-v2

fix/ci-glibc-image

fix/ci-lint-632

fix/container-lifecycle-config-module

fix/controller-type-imports

fix/csrf-bearer-bypass

fix/csrf-debug-log

fix/dockerfile-npmrc

fix/file-manager-tags

fix/fleet-provider-form-dto

fix/fleet-provider-form-dto-v2

fix/gateway-cors-trusted-origins

fix/interceptor-tests

fix/kanban-tests

fix/kaniko-cache

fix/logs-page-clean

fix/matrix-native-binary

fix/ms21-ui-001-qa

fix/ms22-audit

fix/ms22-missing-authmodule-imports

fix/orchestrator-widgets

fix/project-domain-attach

fix/project-domain-v2

fix/security-hardening

fix/swarm-compose-ms22-vars

fix/system-admin-env

fix/workspace-members

main

test/ms21-ui-tests

#103

#104

#105

#106

#107

#108

#109

#110

#111

#112

#113

#117

#118

#119

#120

#177

#178

#270

#299

#300

#301

#302

#303

#304

#305

#307

#316

#317

#318

#319

#320

#321

#324

#330

#331

#332

#333

#334

#335

#336

#343

#345

#348

#349

#362

#366

#368

#407

#408

#409

#418

#419

#420

#421

#422

#423

#425

#426

#427

#428

#429

#431

#432

#433

#434

#435

#436

#437

#438

#439

#444

#445

#447

#451

#452

#453

#454

#455

#456

#458

#460

#462

#464

#465

#470

#471

#472

#473

#474

#475

#476

#477

#478

#479

#480

#481

#482

#483

#484

#485

#486

#492

#493

#494

#495

#496

#497

#498

#499

#500

#501

#502

#503

#504

#505

#506

#507

#513

#514

#515

#516

#517

#518

#519

#520

#521

#522

#523

#524

#525

#526

#527

#528

#529

#530

#531

#532

#533

#535

#536

#537

#538

#539

#540

#541

#542

#543

#544

#545

#546

#547

#548

#549

#550

#551

#552

#553

#554

#555

#556

#557

#558

#559

#560

#561

#562

#563

#564

#565

#566

#567

#572

#573

#574

#575

#576

#577

#578

#579

#580

#581

#582

#583

#584

#585

#586

#587

#588

#589

#590

#591

#592

#593

#594

#595

#596

#597

#598

#599

#600

#601

#602

#603

#604

#605

#606

#607

#608

#609

#610

#611

#612

#613

#614

#615

#616

#617

#618

#619

#620

#621

#622

#623

#624

#625

#626

#627

#628

#629

#630

#631

#632

#633

#634

#635

#636

#637

#638

#639

#640

#641

#642

#643

#644

#645

#646

#647

#648

#649

#650

#651

#652

#653

#654

#655

v0.0.15

v0.0.2

v0.0.21

v0.20.0

4188f29161 Merge pull request 'Security and Code Quality Remediation (M6-Fixes)' (#343) from fix/security into develop jason.woltje 2026-02-06 17:49:13 +00:00
fcaeb0fbcd chore: Remove old QA automation pending reports Jason Woltje 2026-02-06 11:41:53 -06:00
8d8db47289 docs: Update compaction protocol - agents cannot invoke /compact Jason Woltje 2026-02-06 11:41:06 -06:00
52f47c2311 docs: Complete Phase 3 verification and update task tracking Jason Woltje 2026-02-05 19:30:22 -06:00
7e9022bf9b fix(CQ-API-3): Make activity logging fire-and-forget Jason Woltje 2026-02-05 19:26:34 -06:00
722b16a903 fix(SEC-API-24): Sanitize error messages in global exception filter Jason Woltje 2026-02-05 19:24:07 -06:00
3cfed1ebe3 fix(SEC-ORCH-19): Validate agentId path parameter as UUID Jason Woltje 2026-02-05 19:21:35 -06:00
89bb24493a fix(SEC-ORCH-16): Implement real health and readiness checks Jason Woltje 2026-02-05 19:20:07 -06:00
22446acd8a fix(CQ-API-4): Remove Redis event listeners in onModuleDestroy Jason Woltje 2026-02-05 19:16:37 -06:00
e891449e0f fix(CQ-ORCH-4): Fix AbortController timeout cleanup using try-finally Jason Woltje 2026-02-05 19:14:06 -06:00
b952c24f21 fix(#338): Fix useChat stale messages with functional state updates Jason Woltje 2026-02-05 19:08:10 -06:00
dcf9a2217d fix(#338): Fix useWebSocket stale closure by using refs for callbacks Jason Woltje 2026-02-05 18:58:35 -06:00
880919c77e fix(#338): Add tests to verify runner jobs interval cleanup Jason Woltje 2026-02-05 18:54:52 -06:00
a22fadae7e fix(#338): Add tests verifying WebSocket timer cleanup on error Jason Woltje 2026-02-05 18:50:19 -06:00
a42f88d64c fix(#338): Add session cleanup on terminal states Jason Woltje 2026-02-05 18:47:14 -06:00
8d57191a91 fix(#338): Use MGET for batch retrieval instead of N individual GETs Jason Woltje 2026-02-05 18:43:00 -06:00
a3490d7b09 fix(#338): Warn when VALKEY_PASSWORD not set Jason Woltje 2026-02-05 18:39:44 -06:00
442f8e0971 fix(#338): Sanitize issue body for prompt injection Jason Woltje 2026-02-05 18:36:16 -06:00
d53c80fef0 fix(#338): Block YOLO mode in production Jason Woltje 2026-02-05 18:33:17 -06:00
3b80e9c396 fix(#338): Add max concurrent agents limit Jason Woltje 2026-02-05 18:30:42 -06:00
ce7fb27c46 fix(#338): Add rate limiting to orchestrator API Jason Woltje 2026-02-05 18:26:50 -06:00
3f16bbeca1 fix(#338): Add Docker security hardening (CapDrop, ReadonlyRootfs, PidsLimit) Jason Woltje 2026-02-05 18:21:43 -06:00
e747c8db04 fix(#338): Whitelist allowed environment variables in Docker containers Jason Woltje 2026-02-05 18:17:00 -06:00
67c72a2d82 fix(#338): Log queue corruption and backup corrupted file Jason Woltje 2026-02-05 18:13:15 -06:00
1852fe2812 fix(#338): Add circuit breaker to coordinator loops Jason Woltje 2026-02-05 18:10:38 -06:00
203bd1e7f2 fix(#338): Standardize API base URL and auth mechanism across components Jason Woltje 2026-02-05 18:04:01 -06:00
10d4de5d69 fix(#338): Disable QuickCaptureWidget in production with Coming Soon Jason Woltje 2026-02-05 17:57:50 -06:00
1c79da70a6 fix(#338): Handle non-OK responses in ActiveProjectsWidget Jason Woltje 2026-02-05 17:50:18 -06:00
1a15c12c56 fix(#338): Implement optimistic rollback on Kanban drag-drop errors Jason Woltje 2026-02-05 17:45:26 -06:00
dd46025d60 fix(#338): Enforce WSS in production and add connect_error handling Jason Woltje 2026-02-05 17:31:26 -06:00
63a622cbef fix(#338): Log auth errors and distinguish backend down from logged out Jason Woltje 2026-02-05 17:23:07 -06:00
587272e2d0 fix(#338): Gate mock data behind NODE_ENV check Jason Woltje 2026-02-05 17:15:35 -06:00
344e5df3bb fix(#338): Route all state-changing fetch() calls through API client Jason Woltje 2026-02-05 17:06:23 -06:00
5ae07f7a84 fix(#338): Validate DEFAULT_WORKSPACE_ID as UUID Jason Woltje 2026-02-05 16:55:48 -06:00
970cc9f606 fix(#338): Add rate limiting and logging to auth catch-all route Jason Woltje 2026-02-05 16:49:06 -06:00
06de72a355 fix(#338): Implement proper system admin role separate from workspace ownership Jason Woltje 2026-02-05 16:44:50 -06:00
32c81e96cf feat: Add @mosaic/cli-tools package for git operations Jason Woltje 2026-02-05 16:42:35 -06:00
7ae92f3e1c fix(#338): Log ERROR on rate limiter fallback and track degraded mode Jason Woltje 2026-02-05 16:39:55 -06:00
53f2cd7f47 feat: Add self-contained orchestration templates and guide Jason Woltje 2026-02-05 16:37:58 -06:00
7390cac2cc fix(#338): Bind CSRF token to user session with HMAC Jason Woltje 2026-02-05 16:33:22 -06:00
7f3cd17488 fix(#338): Add structured logging for embedding failures Jason Woltje 2026-02-05 16:26:30 -06:00
6c88e2b96d fix(#338): Don't instantiate OpenAI client with missing API key Jason Woltje 2026-02-05 16:21:17 -06:00
8d542609ff test(#337): Add workspaceId verification tests for multi-tenant isolation Jason Woltje 2026-02-05 16:14:46 -06:00
721d6d15c5 chore: Add orchestrator report directory to .gitignore Jason Woltje 2026-02-05 16:12:15 -06:00
3055bd2d85 fix(#337): Fix boolean logic bug in ReactFlowEditor (use || instead of ??) Jason Woltje 2026-02-05 16:08:55 -06:00
c30b4b1cc2 fix(#337): Replace hardcoded OIDC values in federation with env vars Jason Woltje 2026-02-05 16:03:09 -06:00
7cb7a4f543 fix(#337): Sanitize OAuth callback error parameter to prevent open redirect Jason Woltje 2026-02-05 15:58:14 -06:00
45a795d29e chore: Close MS-SEC-001 investigation - reporting anomaly confirmed Jason Woltje 2026-02-05 15:55:50 -06:00
6552edaa11 fix(#337): Add Zod validation for Redis deserialization Jason Woltje 2026-02-05 15:54:48 -06:00
6a4f58dc1c fix(#337): Replace blocking KEYS command with SCAN in Valkey client Jason Woltje 2026-02-05 15:49:08 -06:00
6d6ef1d151 fix(#337): Add API key authentication for orchestrator-coordinator communication Jason Woltje 2026-02-05 15:46:03 -06:00
949d0d0ead fix(#337): Enable Docker sandbox by default and warn when disabled Jason Woltje 2026-02-05 15:43:00 -06:00
65df2bbdd3 feat: Bootstrap orchestrator learnings with investigation queue Jason Woltje 2026-02-05 15:40:35 -06:00
7e983e2455 fix(#337): Validate OIDC configuration at startup, fail fast if missing Jason Woltje 2026-02-05 15:39:47 -06:00
e237c40482 fix(#337): Propagate database errors from guards instead of masking as access denied Jason Woltje 2026-02-05 15:35:11 -06:00
6bb9846cde fix(#337): Return error state from secret scanner on scan failures Jason Woltje 2026-02-05 15:30:06 -06:00
aa14b580b3 fix(#337): Sanitize HTML before wiki-link processing in WikiLinkRenderer Jason Woltje 2026-02-05 15:25:57 -06:00
000145af96 fix(SEC-ORCH-2): Add API key authentication to orchestrator API Jason Woltje 2026-02-05 15:18:15 -06:00
c74b6b13d1 chore: Start MS-SEC-001 (orchestrator API auth) Jason Woltje 2026-02-05 15:14:19 -06:00
630f946718 chore(orchestrator): Bootstrap tasks.md from review report Jason Woltje 2026-02-05 15:13:48 -06:00
9dfbf8cf61 chore: Remove pre-created task files, add review reports Jason Woltje 2026-02-05 15:08:02 -06:00
b56bef0747 feat: Set up security remediation task tracking Jason Woltje 2026-02-05 14:58:34 -06:00
bbc211f56e Merge pull request 'feat(#329): Add usage budget management and cost governance' (#336) from feature/329-usage-budget into develop jason.woltje 2026-02-05 20:37:51 +00:00
6b63ca3e07 Merge branch 'develop' into feature/329-usage-budget jason.woltje 2026-02-05 20:37:17 +00:00
c22bde16cd Merge pull request 'feat(#101): Add Task Progress widget for orchestrator monitoring' (#335) from feature/101-task-progress-ui into develop jason.woltje 2026-02-05 19:33:41 +00:00
4e4454b0ca Merge branch 'develop' into feature/101-task-progress-ui jason.woltje 2026-02-05 19:33:33 +00:00
670809afdb Merge pull request 'test(#229): Add performance test suite for orchestrator' (#334) from feature/229-performance-testing into develop jason.woltje 2026-02-05 19:33:16 +00:00
7bc37fc513 Merge branch 'develop' into feature/229-performance-testing jason.woltje 2026-02-05 19:33:06 +00:00
dc4857b167 Merge pull request 'docs(#230): Comprehensive orchestrator documentation' (#333) from feature/230-documentation into develop jason.woltje 2026-02-05 19:32:55 +00:00
8f2afcd022 Merge branch 'develop' into feature/230-documentation jason.woltje 2026-02-05 19:32:40 +00:00
0f0488856f Merge pull request 'test(#226,#227,#228): Add E2E integration tests for agent orchestration' (#332) from feature/226-e2e-agent-lifecycle into develop jason.woltje 2026-02-05 19:32:31 +00:00
a8828cb53e Merge branch 'develop' into feature/226-e2e-agent-lifecycle jason.woltje 2026-02-05 19:32:23 +00:00
25bed45411 Merge pull request '[ORCH-134] Update root documentation' (#331) from feature/235-update-root-docs into develop jason.woltje 2026-02-05 19:32:15 +00:00
02cd6d4815 Merge branch 'develop' into feature/235-update-root-docs jason.woltje 2026-02-05 19:32:09 +00:00
9e89fa320a Merge pull request '[ORCH-132] Connect agent dashboard to real API' (#330) from feature/233-agent-dashboard-api into develop jason.woltje 2026-02-05 19:32:00 +00:00
c68b541b6f fix(#226): Remediate code review findings for E2E tests Jason Woltje 2026-02-05 13:26:21 -06:00
5a0f090cc5 fix(#230): Correct documentation errors from code review Jason Woltje 2026-02-05 13:24:54 -06:00
0796cbc744 fix(#229): Remediate code review findings for performance tests Jason Woltje 2026-02-05 13:23:19 -06:00
92ae8097df fix(#101): Remediate code review findings for TaskProgressWidget Jason Woltje 2026-02-05 13:19:57 -06:00
2cb3fe8f5a fix(#329): Harden BudgetService against security review findings Jason Woltje 2026-02-05 13:15:33 -06:00
22dc964503 feat(#329): Add usage budget management and cost governance Jason Woltje 2026-02-05 13:00:26 -06:00
e7f277ff0c feat(#101): Add Task Progress widget for orchestrator task monitoring Jason Woltje 2026-02-05 12:57:10 -06:00
b93f4c59ce test(#229): Add performance test suite for orchestrator Jason Woltje 2026-02-05 12:52:30 -06:00
751005391b docs(#230): Comprehensive orchestrator documentation Jason Woltje 2026-02-05 12:49:54 -06:00
c8c81fc437 test(#226,#227,#228): Add E2E integration tests for agent orchestration Jason Woltje 2026-02-05 12:46:44 -06:00
dd954ffee3 docs(#235): Update README with orchestration layer information Jason Woltje 2026-02-05 12:33:43 -06:00
27bbbe79df feat(#233): Connect agent dashboard to real orchestrator API Jason Woltje 2026-02-05 12:31:07 -06:00
06fa8f7402 chore: Remove old QA reports and milestone status files Jason Woltje 2026-02-05 11:25:00 -06:00
6de631cd07 feat(#313): Implement FastAPI and agent tracing instrumentation Jason Woltje 2026-02-04 14:25:48 -06:00
b836940b89 feat(#309): Add LLM usage tracking and analytics Jason Woltje 2026-02-04 13:41:45 -06:00
6516843612 feat(#312): Implement core OpenTelemetry infrastructure Jason Woltje 2026-02-04 12:52:20 -06:00
5d683d401e fix(#121): Remediate security issues from ORCH-121 review Jason Woltje 2026-02-04 11:49:40 -06:00
3a98b78661 fix: Complete CSRF protection implementation Jason Woltje 2026-02-04 07:12:42 -06:00
41f1dc48ed Merge branch 'fix/201-wikilink-xss-protection' into develop Jason Woltje 2026-02-03 23:00:04 -06:00
e57271c278 fix(#201): Enhance WikiLink XSS protection with comprehensive validation Jason Woltje 2026-02-03 22:59:41 -06:00
db23486e9e Merge branch 'fix/200-mermaid-xss-protection' into develop Jason Woltje 2026-02-03 22:56:19 -06:00
f87a28ac55 fix(#200): Enhance Mermaid XSS protection with DOMPurify Jason Woltje 2026-02-03 22:55:57 -06:00
6ff6957db4 Merge branch 'fix/298-async-dashboard' into develop Jason Woltje 2026-02-03 22:51:47 -06:00
9582d9a265 fix(#298): Fix async response handling in dashboard Jason Woltje 2026-02-03 22:51:25 -06:00
d675189a77 Merge branch 'fix/297-query-processing' into develop Jason Woltje 2026-02-03 22:49:21 -06:00

... 5 6 7 8 9 ...