mosaic/stack
1
0
Fork 0
Code Issues 10 Pull Requests Actions Packages Projects Releases 2 Wiki Activity
Files
d2ed1f281755be630dea858241ffe2ed4fff5ac8
stack/docs/tasks.md
Jason Woltje b96e2d7dc6
Some checks failed
ci/woodpecker/push/api Pipeline failed
Details
ci/woodpecker/push/web Pipeline failed
Details
chore(#411): Phase 13 complete — QA round 2 remediation done, 272 tests passing 
6 findings remediated:
- QA2-001: Narrowed verifySession allowlist (expired/unauthorized false-positives)
- QA2-002: Runtime null checks in auth controller (defense-in-depth)
- QA2-003: Bearer token log sanitization + non-Error warning
- QA2-004: classifyAuthError returns null for normal 401 (no false banner)
- QA2-005: Login page routes errors through parseAuthError (PDA-safe)
- QA2-006: AuthGuard user validation branch tests (5 new tests)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-16 15:51:38 -06:00

47 KiB
Raw Blame History

Tasks

M10-Telemetry (0.0.10) — Telemetry Integration

Orchestrator: Claude Code Started: 2026-02-15 Branch: feature/m10-telemetry Milestone: M10-Telemetry (0.0.10)

id status description issue repo branch depends_on blocks agent started_at completed_at estimate used
TEL-001 done Install @mosaicstack/telemetry-client in API + NestJS module #369 api feature/m10-telemetry TEL-004,TEL-006,TEL-007 w-1 2026-02-15T10:00Z 2026-02-15T10:37Z 20K 25K
TEL-002 done Install mosaicstack-telemetry in Coordinator #370 coordinator feature/m10-telemetry TEL-005,TEL-006 w-2 2026-02-15T10:00Z 2026-02-15T10:34Z 15K 20K
TEL-003 done Add telemetry config to docker-compose and .env #374 devops feature/m10-telemetry w-3 2026-02-15T10:38Z 2026-02-15T10:40Z 8K 10K
TEL-004 done Track LLM task completions via Mosaic Telemetry #371 api feature/m10-telemetry TEL-001 TEL-007 w-4 2026-02-15T10:38Z 2026-02-15T10:44Z 25K 30K
TEL-005 done Track orchestrator agent task completions #372 coordinator feature/m10-telemetry TEL-002 w-5 2026-02-15T10:45Z 2026-02-15T10:52Z 20K 25K
TEL-006 done Prediction integration for cost estimation #373 api feature/m10-telemetry TEL-001,TEL-002 TEL-007 w-6 2026-02-15T10:45Z 2026-02-15T10:51Z 20K 25K
TEL-007 done Frontend: Token usage and cost dashboard #375 web feature/m10-telemetry TEL-004,TEL-006 TEL-008 w-7 2026-02-15T10:53Z 2026-02-15T11:03Z 30K 115K
TEL-008 done Documentation: Telemetry integration guide #376 docs feature/m10-telemetry TEL-007 w-8 2026-02-15T10:53Z 2026-02-15T10:58Z 15K 75K

M11-CIPipeline (0.0.11) — CI Pipeline #360 Remediation

Orchestrator: Claude Code Started: 2026-02-12 Branch: fix/ci-* Epic: #360

CI Fix Round 6

id status description issue repo branch depends_on blocks agent started_at completed_at estimate used
CI-FIX6-001 done Add @mosaic/ui build to web.yml build-shared step (fixes 10 test suites + 20 typecheck errs) ci fix/ci-366 CI-FIX6-003 w-14 2026-02-12T21:00Z 2026-02-12T21:01Z 3K 3K
CI-FIX6-002 done Move spec file removal to builder stage (layer-aware); add tar CVEs to .trivyignore orchestrator fix/ci-366 CI-FIX6-004 w-15 2026-02-12T21:00Z 2026-02-12T21:15Z 3K 5K
CI-FIX6-003 done Add React.ChangeEvent types to ~10 web files with untyped event handlers (49 lint + 19 TS) web fix/ci-366 CI-FIX6-001 CI-FIX6-004 w-16 2026-02-12T21:02Z 2026-02-12T21:08Z 12K 8K
CI-FIX6-004 done Verification: pnpm lint && pnpm typecheck && pnpm test on web; Dockerfile find validation all fix/ci-366 CI-FIX6-002,CI-FIX6-003 orch 2026-02-12T21:08Z 2026-02-12T21:10Z 5K 2K

M12-MatrixBridge (0.0.12) — Matrix/Element Bridge Integration

Orchestrator: Claude Code Started: 2026-02-15 Branch: feature/m12-matrix-bridge Epic: #377

id status description issue repo branch depends_on blocks agent started_at completed_at estimate used
MB-001 done Install matrix-bot-sdk and create MatrixService skeleton #378 api feature/m12-matrix-bridge MB-003,MB-004,MB-005,MB-006,MB-007,MB-008 worker-1 2026-02-15T10:00Z 2026-02-15T10:20Z 20K 15K
MB-002 done Add Synapse + Element Web to docker-compose for dev #384 docker feature/m12-matrix-bridge worker-2 2026-02-15T10:00Z 2026-02-15T10:15Z 15K 5K
MB-003 done Register MatrixService in BridgeModule with conditional loading #379 api feature/m12-matrix-bridge MB-001 MB-008 worker-3 2026-02-15T10:25Z 2026-02-15T10:35Z 12K 20K
MB-004 done Workspace-to-Matrix-Room mapping and provisioning #380 api feature/m12-matrix-bridge MB-001 MB-005,MB-006,MB-008 worker-4 2026-02-15T10:25Z 2026-02-15T10:35Z 20K 39K
MB-005 done Matrix command handling — receive and dispatch commands #381 api feature/m12-matrix-bridge MB-001,MB-004 MB-007,MB-008 worker-5 2026-02-15T10:40Z 2026-02-15T14:27Z 20K 27K
MB-006 done Herald Service: Add Matrix output adapter #382 api feature/m12-matrix-bridge MB-001,MB-004 MB-008 worker-6 2026-02-15T10:40Z 2026-02-15T14:25Z 18K 109K
MB-007 done Streaming AI responses via Matrix message edits #383 api feature/m12-matrix-bridge MB-001,MB-005 MB-008 worker-7 2026-02-15T14:30Z 2026-02-15T14:35Z 20K 28K
MB-008 done Matrix bridge E2E integration tests #385 api feature/m12-matrix-bridge MB-001,MB-003,MB-004,MB-005,MB-006,MB-007 MB-009 worker-8 2026-02-15T14:38Z 2026-02-15T14:40Z 25K 35K
MB-009 done Documentation: Matrix bridge setup and architecture #386 docs feature/m12-matrix-bridge MB-008 worker-9 2026-02-15T14:38Z 2026-02-15T14:39Z 10K 12K
MB-010 done Sample Matrix swarm deployment compose file #387 docker feature/m12-matrix-bridge 2026-02-15 0 0

| MB-011 | done | Remediate code review and security review findings | #377 | api | feature/m12-matrix-bridge | MB-001..MB-010 | | worker-10 | 2026-02-15T15:00Z | 2026-02-15T15:10Z | 30K | 145K |

Phase Summary

Phase Tasks Description
1 - Foundation MB-001, MB-002 SDK install, dev infrastructure
2 - Module Integration MB-003, MB-004 Module registration, DB mapping
3 - Core Features MB-005, MB-006 Command handling, Herald adapter
4 - Advanced Features MB-007 Streaming responses
5 - Testing MB-008 E2E integration tests
6 - Documentation MB-009 Setup guide, architecture docs
7 - Review Remediation MB-011 Fix all code review + security findings

Review Findings Resolved (MB-011)

# Severity Finding Fix
1 CRITICAL sendThreadMessage hardcodes controlRoomId — wrong room Added channelId to ThreadMessageOptions, use options.channelId
2 CRITICAL void handleRoomMessage swallows ALL errors Added .catch() with logger.error
3 CRITICAL handleFixCommand: dead thread on dispatch failure Wrapped dispatch in try-catch with user-visible error
4 CRITICAL provisionRoom: orphaned Matrix room on DB failure try-catch around DB update with logged warning
5 HIGH Missing MATRIX_BOT_USER_ID validation (infinite loop risk) Added throw in connect() if missing
6 HIGH streamResponse finally block can throw/mask errors Wrapped setTypingIndicator in nested try-catch
7 HIGH streamResponse catch editMessage can throw/mask Wrapped editMessage in nested try-catch
8 HIGH HeraldService error log missing provider identity Added provider.constructor.name to error log
9 HIGH MatrixRoomService uses unsafe type assertion Replaced with public getClient() method
10 HIGH BridgeModule factory incomplete env var validation Added warnings for missing vars when token set
11 MEDIUM setup-bot.sh JSON injection via shell variables Replaced with jq -n for safe JSON construction

Notes

  • #387 already completed in commit 6e20fc5
  • #377 is the EPIC issue — closed after all reviews remediated
  • 187 tests passing after remediation (41 matrix, 20 streaming, 10 room, 26 integration, 27 herald, 25 discord, + others)

M13-SpeechServices (0.0.13) — TTS & STT Integration

Orchestrator: Claude Code Started: 2026-02-15 Branch: feature/m13-speech-services Milestone: M13-SpeechServices (0.0.13) Epic: #388

Phase 1: Foundation (Config + Module + Providers)

id status description issue repo branch depends_on blocks agent started_at completed_at estimate used notes
SP-CFG-001 done #401: Speech services environment variables and ConfigModule integration #401 api feature/m13-speech-services SP-MOD-001,SP-DOC-001 worker-1 2026-02-15T06:00Z 2026-02-15T06:07Z 15K 15K 51 tests, 4cc43be
SP-MOD-001 done #389: Create SpeechModule with provider abstraction layer #389 api feature/m13-speech-services SP-CFG-001 SP-STT-001,SP-TTS-001,SP-MID-001 worker-2 2026-02-15T06:08Z 2026-02-15T06:14Z 25K 25K 27 tests, c40373f

Phase 2: Providers (STT + TTS)

id status description issue repo branch depends_on blocks agent started_at completed_at estimate used notes
SP-STT-001 done #390: Implement STT provider with Speaches/faster-whisper integration #390 api feature/m13-speech-services SP-MOD-001 SP-EP-001,SP-WS-001 worker-4 2026-02-15T06:15Z 2026-02-15T06:25Z 20K 50K 27 tests, 3ae9e53
SP-TTS-001 done #391: Implement tiered TTS provider architecture #391 api feature/m13-speech-services SP-MOD-001 SP-TTS-002,SP-TTS-003,SP-TTS-004,SP-EP-002 worker-5 2026-02-15T06:15Z 2026-02-15T06:25Z 20K 35K 30 tests, b5edb4f
SP-TTS-002 done #393: Implement Kokoro-FastAPI TTS provider (default tier) #393 api feature/m13-speech-services SP-TTS-001 SP-EP-002 worker-6 2026-02-15T06:26Z 2026-02-15T06:33Z 15K 25K 48 tests, 79b1d81
SP-TTS-003 done #394: Implement Chatterbox TTS provider (premium tier, voice cloning) #394 api feature/m13-speech-services SP-TTS-001 SP-EP-002 worker-7 2026-02-15T06:26Z 2026-02-15T06:34Z 15K 25K 26 tests, d37c78f
SP-TTS-004 done #395: Implement Piper TTS provider via OpenedAI Speech (fallback tier) #395 api feature/m13-speech-services SP-TTS-001 SP-EP-002 worker-8 2026-02-15T06:35Z 2026-02-15T06:44Z 12K 15K 37 tests, 6c46556

Phase 3: Middleware + REST Endpoints

id status description issue repo branch depends_on blocks agent started_at completed_at estimate used notes
SP-MID-001 done #398: Audio format validation and preprocessing middleware #398 api feature/m13-speech-services SP-MOD-001 SP-EP-001,SP-EP-002 worker-9 2026-02-15T06:35Z 2026-02-15T06:42Z 15K 25K 36 tests, 7b4fda6
SP-EP-001 done #392: Create /api/speech/transcribe REST endpoint #392 api feature/m13-speech-services SP-STT-001,SP-MID-001 SP-WS-001,SP-FE-001 worker-10 2026-02-15T06:45Z 2026-02-15T06:52Z 20K 25K 10 tests, 527262a
SP-EP-002 done #396: Create /api/speech/synthesize REST endpoint #396 api feature/m13-speech-services SP-TTS-002,SP-TTS-003,SP-TTS-004,SP-MID-001 SP-FE-002 worker-11 2026-02-15T06:45Z 2026-02-15T06:53Z 20K 35K 17 tests, 527262a

Phase 4: WebSocket Streaming

id status description issue repo branch depends_on blocks agent started_at completed_at estimate used notes
SP-WS-001 done #397: Implement WebSocket streaming transcription endpoint #397 api feature/m13-speech-services SP-STT-001,SP-EP-001 SP-FE-001 worker-12 2026-02-15T06:54Z 2026-02-15T07:00Z 20K 30K 29 tests, 28c9e6f

Phase 5: Docker/DevOps

id status description issue repo branch depends_on blocks agent started_at completed_at estimate used notes
SP-DOC-001 done #399: Docker Compose dev overlay for speech services #399 devops feature/m13-speech-services SP-CFG-001 SP-DOC-002 worker-3 2026-02-15T06:08Z 2026-02-15T06:10Z 10K 15K 52553c8
SP-DOC-002 done #400: Docker Compose swarm/prod deployment for speech services #400 devops feature/m13-speech-services SP-DOC-001 worker-13 2026-02-15T06:54Z 2026-02-15T06:56Z 10K 8K b3d6d73

Phase 6: Frontend

id status description issue repo branch depends_on blocks agent started_at completed_at estimate used notes
SP-FE-001 done #402: Frontend voice input component (microphone capture + transcription) #402 web feature/m13-speech-services SP-EP-001,SP-WS-001 SP-FE-003 worker-14 2026-02-15T07:01Z 2026-02-15T07:12Z 25K 50K 34 tests, 74d6c10
SP-FE-002 done #403: Frontend audio playback component for TTS output #403 web feature/m13-speech-services SP-EP-002 SP-FE-003 worker-15 2026-02-15T07:01Z 2026-02-15T07:11Z 20K 50K 32 tests, 74d6c10
SP-FE-003 done #404: Frontend speech settings page (provider selection, voice config) #404 web feature/m13-speech-services SP-FE-001,SP-FE-002 SP-E2E-001 worker-16 2026-02-15T07:13Z 2026-02-15T07:22Z 20K 35K 30 tests, bc86947

Phase 7: Testing + Documentation

id status description issue repo branch depends_on blocks agent started_at completed_at estimate used notes
SP-E2E-001 done #405: E2E integration tests for speech services #405 api feature/m13-speech-services SP-EP-001,SP-EP-002,SP-WS-001,SP-FE-003 SP-DOCS-001 worker-17 2026-02-15T07:23Z 2026-02-15T07:32Z 25K 35K 30 tests, d2c7602
SP-DOCS-001 done #406: Documentation - Speech services architecture, API, and deployment #406 docs feature/m13-speech-services SP-E2E-001 worker-18 2026-02-15T07:23Z 2026-02-15T07:29Z 15K 35K 24065aa

Auth-Frontend-Remediation (<0.1.0) — Auth & Frontend Remediation

Orchestrator: Claude Code Started: 2026-02-16 Branch: fix/auth-frontend-remediation Milestone: Auth-Frontend-Remediation (<0.1.0) Epic: #411

Phase 1: Critical Backend Fixes (#412)

id status description issue repo branch depends_on blocks agent started_at completed_at estimate used
AUTH-001 done 1.1: Add OIDC_REDIRECT_URI to validation with URL + path checks #412 api fix/auth-frontend-remediation AUTH-002 w-1 2026-02-16T11:00Z 2026-02-16T11:04Z 10K 12K
AUTH-002 done 1.2: Wrap BetterAuth handler in try/catch with error logging #412 api fix/auth-frontend-remediation AUTH-001 w-3 2026-02-16T11:05Z 2026-02-16T11:09Z 10K 15K
AUTH-003 done 1.3: Fix docker-compose OIDC_REDIRECT_URI default #412 devops fix/auth-frontend-remediation w-2 2026-02-16T11:00Z 2026-02-16T11:05Z 3K 5K
AUTH-004 done 1.4: Enable PKCE in genericOAuth config #412 api fix/auth-frontend-remediation w-2 2026-02-16T11:00Z 2026-02-16T11:05Z 5K 5K
AUTH-005 done 1.5: Add @SkipCsrf() documentation with BetterAuth CSRF rationale #412 api fix/auth-frontend-remediation w-2 2026-02-16T11:00Z 2026-02-16T11:05Z 3K 5K
AUTH-V01 done Phase 1 verification: quality gates pass #412 all fix/auth-frontend-remediation AUTH-001,AUTH-002,AUTH-003,AUTH-004,AUTH-005 AUTH-006 orch 2026-02-16T11:10Z 2026-02-16T11:10Z 5K 2K

Phase 2: Auth Config Discovery (#413)

id status description issue repo branch depends_on blocks agent started_at completed_at estimate used
AUTH-006 done 2.1: Add AuthProvider and AuthConfigResponse types to @mosaic/shared #413 shared fix/auth-frontend-remediation AUTH-V01 AUTH-007 w-4 2026-02-16T11:12Z 2026-02-16T11:13Z 5K 3K
AUTH-007 done 2.2-2.3: Implement getAuthConfig() + GET /auth/config endpoint #413 api fix/auth-frontend-remediation AUTH-006 AUTH-008 w-5 2026-02-16T11:13Z 2026-02-16T11:17Z 15K 15K
AUTH-008 done 2.4: Add secret-leakage prevention test #413 api fix/auth-frontend-remediation AUTH-007 AUTH-009 w-6 2026-02-16T11:18Z 2026-02-16T11:20Z 8K 8K
AUTH-009 done 2.5: Implement isOidcProviderReachable() health check #413 api fix/auth-frontend-remediation AUTH-007 w-7 2026-02-16T11:18Z 2026-02-16T11:23Z 10K 12K
AUTH-V02 done Phase 2 verification: quality gates pass #413 all fix/auth-frontend-remediation AUTH-006,AUTH-007,AUTH-008,AUTH-009 AUTH-010 orch 2026-02-16T11:24Z 2026-02-16T11:25Z 5K 2K

Phase 3: Backend Hardening (#414)

id status description issue repo branch depends_on blocks agent started_at completed_at estimate used
AUTH-010 done 3.1: Extract trustedOrigins to getTrustedOrigins() with env vars #414 api fix/auth-frontend-remediation AUTH-V02 AUTH-011 w-8 2026-02-16T11:26Z 2026-02-16T11:31Z 10K 15K
AUTH-011 done 3.2: Align CORS config in main.ts with getTrustedOrigins() #414 api fix/auth-frontend-remediation AUTH-010 w-10 2026-02-16T11:32Z 2026-02-16T11:33Z 8K 8K
AUTH-012 done 3.3: Update session config (7d abs, 2h idle, cookie attrs) #414 api fix/auth-frontend-remediation AUTH-V02 w-9 2026-02-16T11:26Z 2026-02-16T11:29Z 8K 8K
AUTH-013 done 3.4: Add TRUSTED_ORIGINS, COOKIE_DOMAIN to .env.example #414 devops fix/auth-frontend-remediation AUTH-010 w-11 2026-02-16T11:32Z 2026-02-16T11:33Z 3K 3K
AUTH-V03 done Phase 3 verification: quality gates pass #414 all fix/auth-frontend-remediation AUTH-010,AUTH-011,AUTH-012,AUTH-013 AUTH-014 orch 2026-02-16T11:34Z 2026-02-16T11:34Z 5K 2K

Phase 4: Frontend Foundation (#415)

id status description issue repo branch depends_on blocks agent started_at completed_at estimate used
AUTH-014 done 4.1: Fix theme storage key (jarvis-theme -> mosaic-theme) #415 web fix/auth-frontend-remediation AUTH-V03 w-12 2026-02-16T11:35Z 2026-02-16T11:44Z 5K 5K
AUTH-015 done 4.2: Create AuthErrorBanner component (PDA-friendly, blue theme) #415 web fix/auth-frontend-remediation AUTH-V03 AUTH-020 w-13 2026-02-16T11:35Z 2026-02-16T11:44Z 12K 12K
AUTH-016 done 4.3: Create AuthDivider component #415 web fix/auth-frontend-remediation AUTH-V03 AUTH-020 w-12 2026-02-16T11:35Z 2026-02-16T11:44Z 5K 5K
AUTH-017 done 4.4: Create OAuthButton component (replaces LoginButton) #415 web fix/auth-frontend-remediation AUTH-V03 AUTH-020 w-13 2026-02-16T11:35Z 2026-02-16T11:44Z 12K 12K
AUTH-018 done 4.5: Create LoginForm component with email/password validation #415 web fix/auth-frontend-remediation AUTH-V03 AUTH-020 w-13 2026-02-16T11:35Z 2026-02-16T11:44Z 15K 15K
AUTH-019 done 4.6: Create SessionExpiryWarning component #415 web fix/auth-frontend-remediation AUTH-V03 AUTH-025 w-12 2026-02-16T11:35Z 2026-02-16T11:44Z 10K 10K
AUTH-V04 done Phase 4 verification: quality gates pass #415 all fix/auth-frontend-remediation AUTH-014,AUTH-015,AUTH-016,AUTH-017,AUTH-018,AUTH-019 AUTH-020 orch 2026-02-16T11:45Z 2026-02-16T11:45Z 5K 2K

Phase 5: Login Page Integration (#416)

id status description issue repo branch depends_on blocks agent started_at completed_at estimate used
AUTH-020 done 5.1-5.2: Fetch /auth/config and render providers dynamically #416 web fix/auth-frontend-remediation AUTH-V04,AUTH-V02 AUTH-021 w-14 2026-02-16T11:46Z 2026-02-16T11:52Z 20K 15K
AUTH-021 done 5.3-5.4: Error display from query params + loading states #416 web fix/auth-frontend-remediation AUTH-020 AUTH-022 w-15 2026-02-16T11:53Z 2026-02-16T11:57Z 12K 12K
AUTH-022 done 5.5: Delete old LoginButton.tsx and update imports #416 web fix/auth-frontend-remediation AUTH-020 w-16 2026-02-16T11:53Z 2026-02-16T11:54Z 5K 4K
AUTH-023 done 5.6-5.7: Responsive layout + accessibility audit #416 web fix/auth-frontend-remediation AUTH-020,AUTH-021 w-17 2026-02-16T11:58Z 2026-02-16T12:03Z 12K 25K
AUTH-V05 done Phase 5 verification: quality gates pass #416 all fix/auth-frontend-remediation AUTH-020,AUTH-021,AUTH-022,AUTH-023 AUTH-024 orch 2026-02-16T12:04Z 2026-02-16T12:04Z 5K 2K

Phase 6: Error Recovery & Polish (#417)

id status description issue repo branch depends_on blocks agent started_at completed_at estimate used
AUTH-024 done 6.1: Create auth-errors.ts with PDA error parsing and mapping #417 web fix/auth-frontend-remediation AUTH-V05 AUTH-025 w-18 2026-02-16T12:10Z 2026-02-16T12:15Z 12K 12K
AUTH-025 done 6.2: Add retry logic for network errors (3x exponential backoff) #417 web fix/auth-frontend-remediation AUTH-V05 w-20 2026-02-16T12:16Z 2026-02-16T12:22Z 10K 15K
AUTH-026 done 6.3-6.4: AuthProvider session-expiring state + SessionExpiryWarning #417 web fix/auth-frontend-remediation AUTH-V05,AUTH-019 w-19 2026-02-16T12:10Z 2026-02-16T12:15Z 15K 20K
AUTH-027 done 6.5: Update auth-client.ts error messages to PDA-friendly #417 web fix/auth-frontend-remediation AUTH-024 w-21 2026-02-16T12:16Z 2026-02-16T12:18Z 8K 10K
AUTH-V06 done Phase 6 verification: quality gates pass #417 all fix/auth-frontend-remediation AUTH-024,AUTH-025,AUTH-026,AUTH-027 orch 2026-02-16T12:23Z 2026-02-16T12:24Z 5K 2K

Phase 7: Review Remediation (#411)

id status description issue repo branch depends_on blocks agent started_at completed_at estimate used
AUTH-028 done 7.1: Frontend fixes — wire fetchWithRetry, dedupe errors, fix OAuth/catch/signout #411 web fix/auth-frontend-remediation AUTH-V06 AUTH-030 w-22 2026-02-16T18:29Z 2026-02-16T18:33Z 20K 15K
AUTH-029 done 7.2: Backend fixes — COOKIE_DOMAIN, TRUSTED_ORIGINS validation, verifySession #411 api fix/auth-frontend-remediation AUTH-V06 AUTH-030 w-23 2026-02-16T18:29Z 2026-02-16T18:31Z 15K 12K
AUTH-030 done 7.3: Missing tests — getAccessToken, isAdmin, null cases, getClientIp #411 all fix/auth-frontend-remediation AUTH-028,AUTH-029 AUTH-V07 w-24 2026-02-16T18:34Z 2026-02-16T18:37Z 15K 15K
AUTH-V07 done Phase 7 verification: 191 web + 106 API tests passing #411 all fix/auth-frontend-remediation AUTH-030 orch 2026-02-16T18:37Z 2026-02-16T18:38Z 5K 2K

Phase 8: QA Remediation — Backend Error Handling (#411)

id status description issue repo branch depends_on blocks agent started_at completed_at estimate used
QA-001 done CRITICAL: AuthGuard — let infrastructure errors propagate instead of wrapping as 401 #411 api fix/auth-frontend-remediation QA-V08 w-25 2026-02-16T19:00Z 2026-02-16T19:10Z 12K 9K
QA-002 done CRITICAL+HIGH: verifySession — invert error classification (allowlist auth errors, re-throw everything else) + typed return type + health check escalation #411 api fix/auth-frontend-remediation QA-001,QA-V08 w-26 2026-02-16T19:00Z 2026-02-16T19:15Z 25K 8K
QA-003 done MEDIUM: auth.config.ts — replace null coalescing with throw in getOidcPlugins + include error details in getTrustedOrigins catch #411 api fix/auth-frontend-remediation QA-V08 w-27 2026-02-16T19:16Z 2026-02-16T19:25Z 10K 3K
QA-004 done MEDIUM: auth.controller.ts — use HttpException(401) instead of raw Error in getSession + PDA-friendly handleAuth error message #411 api fix/auth-frontend-remediation QA-V08 w-28 2026-02-16T19:16Z 2026-02-16T19:22Z 10K 7K
QA-V08 done Phase 8 verification: 128 auth tests pass, 2 pre-existing failures (DB/package), no regressions #411 all fix/auth-frontend-remediation QA-001,QA-002,QA-003,QA-004 QA-005 orch 2026-02-16T19:26Z 2026-02-16T19:27Z 5K 2K

Phase 9: QA Remediation — Frontend Error Handling (#411)

id status description issue repo branch depends_on blocks agent started_at completed_at estimate used
QA-005 done CRITICAL+HIGH: auth-context.tsx — production logging, replace isBackendError with parseAuthError, fix signOut classification, add session-expired state #411 web fix/auth-frontend-remediation QA-V08 QA-007,QA-V09 w-29 2026-02-16T19:28Z 2026-02-16T19:45Z 25K 85K
QA-006 done MEDIUM: auth-client.ts — log JSON parse error in signInWithCredentials + add logging to getAccessToken/isAdmin silent defaults #411 web fix/auth-frontend-remediation QA-V08 QA-V09 w-30 2026-02-16T19:28Z 2026-02-16T19:50Z 12K 15K
QA-007 done HIGH: login/page.tsx — show explicit error state instead of silent email-only fallback when config fetch fails #411 web fix/auth-frontend-remediation QA-005 QA-V09 w-31 2026-02-16T19:51Z 2026-02-16T19:56Z 15K 18K
QA-008 done LOW: auth-errors.ts — derive KNOWN_CODES from Object.keys(ERROR_MESSAGES) to eliminate duplication #411 web fix/auth-frontend-remediation QA-V08 QA-V09 w-32 2026-02-16T19:51Z 2026-02-16T19:53Z 3K 4K
QA-V09 done Phase 9 verification: 194 auth web tests pass, no regressions #411 all fix/auth-frontend-remediation QA-005,QA-006,QA-007,QA-008 QA-009 orch 2026-02-16T19:57Z 2026-02-16T19:58Z 5K 2K

Phase 10: QA Remediation — Comment & Documentation Fixes (#411)

id status description issue repo branch depends_on blocks agent started_at completed_at estimate used
QA-009 done CRITICAL: Fix updateAge comment (not idle timeout — it's session refresh throttle), fix .env.example OIDC vars, fix username->email bug in signInWithCredentials #411 api,web fix/auth-frontend-remediation QA-V09 QA-V10 w-33 2026-02-16T19:59Z 2026-02-16T20:05Z 12K 12K
QA-010 done MINOR: Fix JSDoc issues — response.ok is 2xx not "200", remove "Automatic token refresh" claim, remove "Enable for now" comment, fix CSRF comment placement, fix 403 mapping comment #411 api,web fix/auth-frontend-remediation QA-V09 QA-V10 w-34 2026-02-16T19:59Z 2026-02-16T20:03Z 8K 8K
QA-V10 done Phase 10 verification: 71 tests pass, no regressions #411 all fix/auth-frontend-remediation QA-009,QA-010 QA-011 orch 2026-02-16T20:06Z 2026-02-16T20:07Z 5K 2K

Phase 11: QA Remediation — Type Design Improvements (#411)

id status description issue repo branch depends_on blocks agent started_at completed_at estimate used
QA-011 done HIGH: Unify 4 request-with-user types (RequestWithSession, AuthRequest, BetterAuthRequest, RequestWithUser) into AuthenticatedRequest #411 api fix/auth-frontend-remediation QA-V10 QA-V11 w-35 2026-02-16T20:08Z 2026-02-16T20:16Z 20K 15K
QA-012 done LOW: Add RetryOptions value clamping (maxRetries>=0, baseDelayMs>=100, backoffFactor>=1) #411 web fix/auth-frontend-remediation QA-V10 QA-V11 w-36 2026-02-16T20:08Z 2026-02-16T20:12Z 5K 4K
QA-V11 done Phase 11 verification: 125 tests pass (106 API + 19 web), types compile #411 all fix/auth-frontend-remediation QA-011,QA-012 QA-013 orch 2026-02-16T20:17Z 2026-02-16T20:18Z 5K 2K

Phase 12: QA Remediation — Test Coverage Gaps (#411)

id status description issue repo branch depends_on blocks agent started_at completed_at estimate used
QA-013 done Add signOut failure path test — verify user cleared + authError set to proper type on apiPost rejection #411 web fix/auth-frontend-remediation QA-V11 QA-V12 w-37 2026-02-16T20:19Z 2026-02-16T20:26Z 10K 4K
QA-014 done Add verifySession non-Error thrown value test — verify returns null for string/object throws #411 api fix/auth-frontend-remediation QA-V11 QA-V12 w-38 2026-02-16T20:19Z 2026-02-16T20:23Z 8K 4K
QA-015 done Add handleCredentialsLogin error message fallback test + fix refreshSession test to actually call refresh #411 web fix/auth-frontend-remediation QA-V11 QA-V12 w-39 2026-02-16T20:27Z 2026-02-16T20:30Z 12K 7K
QA-V12 done Phase 12 verification: 309 tests pass (201 web + 108 API) — final quality gate #411 all fix/auth-frontend-remediation QA-013,QA-014,QA-015 orch 2026-02-16T20:31Z 2026-02-16T20:32Z 5K 2K

Phase 13: QA Round 2 — Backend Hardening (#411)

id status description issue repo branch depends_on blocks agent started_at completed_at estimate used
QA2-001 done MEDIUM: Narrow verifySession allowlist — "token expired"/"session expired" instead of bare "expired", exact match "unauthorized" #411 api fix/auth-frontend-remediation QA2-003,QA2-V13 w-40 2026-02-16T21:00Z 2026-02-16T21:02Z 10K 4K
QA2-002 done MEDIUM: Add runtime null checks in auth.controller getSession/getProfile — defense-in-depth for AuthenticatedRequest #411 api fix/auth-frontend-remediation QA2-V13 w-42 2026-02-16T21:03Z 2026-02-16T21:05Z 8K 5K
QA2-003 done MEDIUM: Sanitize Bearer tokens from logged error stacks + add logger.warn for non-Error thrown values in verifySession #411 api fix/auth-frontend-remediation QA2-001 QA2-V13 w-44 2026-02-16T21:06Z 2026-02-16T21:08Z 8K 5K
QA2-004 done MEDIUM: classifyAuthError — map invalid_credentials/session_expired to null instead of "backend" (don't show error banner for normal 401) #411 web fix/auth-frontend-remediation QA2-V13 w-41 2026-02-16T21:00Z 2026-02-16T21:02Z 10K 5K
QA2-005 done MEDIUM: Login page — route BetterAuth result.error.message through parseAuthError for PDA-friendly sanitization #411 web fix/auth-frontend-remediation QA2-V13 w-43 2026-02-16T21:03Z 2026-02-16T21:05Z 8K 4K
QA2-006 done LOW: AuthGuard user validation branch tests — malformed user (missing id/email/name), non-object user, string user #411 api fix/auth-frontend-remediation QA2-V13 w-45 2026-02-16T21:06Z 2026-02-16T21:09Z 8K 5K
QA2-V13 done Phase 13 verification: 272 tests pass (126 web + 146 API), 2 pre-existing failures, no regressions #411 all fix/auth-frontend-remediation QA2-001,QA2-002,QA2-003,QA2-004,QA2-005,QA2-006 orch 2026-02-16T21:10Z 2026-02-16T21:12Z 5K 2K

Summary

Phase Issue Tasks Total Estimate
1 - Critical Backend Fixes #412 6 36K
2 - Auth Config Discovery #413 5 43K
3 - Backend Hardening #414 5 34K
4 - Frontend Foundation #415 7 64K
5 - Login Page Integration #416 5 54K
6 - Error Recovery & Polish #417 5 50K
7 - Review Remediation #411 4 55K
8 - QA: Backend Error Handling #411 5 62K
9 - QA: Frontend Error Handling #411 5 60K
10 - QA: Comment Fixes #411 3 25K
11 - QA: Type Design #411 3 30K
12 - QA: Test Coverage #411 4 35K
13 - QA R2: Hardening + Tests #411 7 57K
Total 64 605K
Reference in New Issue View Git Blame Copy Permalink