204 Commits

Author	SHA1	Message	Date
jason.woltje	afcbbb302f	feat(fleet): auto-enable units on install + drift recognizes wrapped runtimes (#583)	2026-06-21 20:02:19 +00:00
jason.woltje	c2c0b5fe8d	chore(release): bump @mosaicstack/mosaic 0.0.34 -> 0.0.35 (#582)	2026-06-21 18:59:39 +00:00
Jason Woltje	c9cfe36204	docs(framework): P3.1 fast-follow — governance wording + gate scope + bare-launch note (#577) ... Co-authored-by: Jason Woltje <jason@diversecanvas.com> Co-committed-by: Jason Woltje <jason@diversecanvas.com>	2026-06-21 18:56:50 +00:00
jason.woltje	fc90c89913	fix(fleet): durable runtime PATH for detached agent launch (#581)	2026-06-21 17:30:40 +00:00
jason.woltje	af2eede7a9	feat(fleet): Phase-2 observability — fleet ps + watch + send verify (#579)	2026-06-21 04:23:51 +00:00
Jason Woltje	5118be74cb	feat(framework): P3 — extract Constitution (L0) + gut AGENTS dispatcher (#575) ... Co-authored-by: Jason Woltje <jason@diversecanvas.com> Co-committed-by: Jason Woltje <jason@diversecanvas.com>	2026-06-21 03:20:32 +00:00
Jason Woltje	bf24066a49	feat(framework): P1+P2 — public sanitization + blocking CI gate (#572) ... Co-authored-by: Jason Woltje <jason@diversecanvas.com> Co-committed-by: Jason Woltje <jason@diversecanvas.com>	2026-06-21 02:40:11 +00:00
Jason Woltje	92316ab41e	feat(framework): P0 — MIT license + executable-leak sanitization (#570) ... Co-authored-by: Jason Woltje <jason@diversecanvas.com> Co-committed-by: Jason Woltje <jason@diversecanvas.com>	2026-06-21 01:43:49 +00:00
Jason Woltje	b354bc8fae	docs(framework): add agency & persistence patterns to config + guides (#543) ... Co-authored-by: Jason Woltje <jason@diversecanvas.com> Co-committed-by: Jason Woltje <jason@diversecanvas.com>	2026-06-21 01:43:36 +00:00
jason.woltje	e834bbb83c	fix(fleet): install executable tmux helpers (#568)	2026-06-20 22:27:46 +00:00
jason.woltje	7498fcb20d	fix(fleet): preserve agent env overrides on install (#567)	2026-06-20 21:50:46 +00:00
jason.woltje	42d081613f	chore(release): bump mosaic cli to 0.0.32 (#566)	2026-06-20 21:15:25 +00:00
jason.woltje	b5c1381e45	fix(fleet): harden operator sends for release (#565)	2026-06-20 20:41:11 +00:00
jason.woltje	6dfd78f643	feat(fleet): add local canary CLI (#563)	2026-06-20 17:49:01 +00:00
jason.woltje	45e2c2aad8	docs: plan durable tmux fleet install (#557)	2026-06-20 16:19:19 +00:00
jason.woltje	57919c38d8	fix(framework/tools): wrapper hardening — TLS validation, cred-path fallback, no-CI fast-exit (#551)	2026-06-20 10:16:38 +00:00
jason.woltje	87f561c1f8	fix(launch): include Pi native skill roots in 'all' mode; dedup 'discover' force-loads (#556)	2026-06-19 19:58:09 +00:00
jason.woltje	8c45857859	feat(launch): force-load fleet-critical Pi skills + reconcile skill docs (#555)	2026-06-19 18:31:02 +00:00
jason.woltje	605221d42f	docs(framework/tools): lead TOOLS.md with high-salience fleet-tools cheatsheet (#554)	2026-06-19 18:03:03 +00:00
jason.woltje	ee584ab48c	fix(framework/tools): prettier-format woodpecker README — restore main format gate (#553)	2026-06-18 22:39:35 +00:00
jason.woltje	ab4e138003	feat(framework/tools): orchestration helpers — lane-brief.sh + ci-wait.sh (#547)	2026-06-18 22:08:40 +00:00
jason.woltje	719c6ac3db	fix(framework/tools): eval injection, broken JSON, tmpfile leak (#549)	2026-06-18 21:35:32 +00:00
jason.woltje	b8807e60df	feat(agent-reflection): durable kernel — reflection.v1 capture + risk-floor + Phase-0 (#545)	2026-06-16 21:35:40 +00:00
jason.woltje	c461380a4a	feat(mosaic-as): agent registration + scoped/revocable tokens (US-007) (#541)	2026-06-16 01:10:44 +00:00
jason.woltje	98a771c8f8	Fix Gitea wrapper login resolution (#538)	2026-06-12 02:34:18 +00:00
jason.woltje	bd9527c033	docs(framework): canonize merge-authority policy (hard gate 13 + E2E gate note) (#537)	2026-06-11 23:56:20 +00:00
jason.woltje	aa221bf92e	release(mosaic): bump @mosaicstack/mosaic 0.0.30 -> 0.0.31 (#534)	2026-06-11 19:55:43 +00:00
jason.woltje	799df40f4e	feat(appservice): room provisioning (M4c) (#535)	2026-06-11 19:50:55 +00:00
jason.woltje	b79e9f32c6	chore(framework): canonize Vault-as-SSOT + ESO-default secrets policy (#519)	2026-06-11 19:07:00 +00:00
jason.woltje	59b611ba8a	refactor(framework): thin-core prompt diet — cut injected contract ~53% (#529)	2026-06-11 18:10:42 +00:00
jason.woltje	dfa0be42f6	feat(framework/tools): inter-agent tmux comms — agent-send.sh + addressing standard (#533)	2026-06-11 18:01:44 +00:00
jason.woltje	8f09c910a9	feat(appservice): Matrix Application Service core library (M4a) (#530)	2026-06-10 21:23:25 +00:00
jason.woltje	dde95a59b3	fix(pi): reduce startup skill-token overhead (#527)	2026-06-05 18:36:42 +00:00
jason.woltje	821e19dcbb	fix(mosaic-tools): roll up Gitea and Woodpecker wrapper fixes (#524)	2026-05-26 20:56:09 +00:00
jason.woltje	ac5650d9f9	fix(db): bootstrap migrations on local-tier gateway startup ... Fresh `mosaic gateway install` (npm) left the gateway DB schema empty — sign-in 500'd with `relation "users" does not exist`, and every entry point (auth, bootstrap setup) failed because they all query the users table first. Five stacked bugs on the local (PGlite) tier: 1. `packages/db/package.json` `files: ["dist"]` excluded the `drizzle/` SQL migrations from the published tarball. 2. `runMigrations()` only supports postgres-js — unusable for embedded PGlite. 3. `apps/gateway/src/database/database.module.ts` never invoked migrations at startup. 4. `createPgliteDb` didn't load pgvector, so migration 0001's `CREATE EXTENSION vector` failed. 5. Drizzle's PG migrator wraps every migration in one outer transaction, which trips Postgres' `check_safe_enum_use` on migration 0009 (`ALTER TYPE ADD VALUE 'pending'` → `SET DEFAULT 'pending'` in the same tx). Changes: - Ship `drizzle/` in the published tarball. - `createPgliteDb` loads `@electric-sql/pglite/vector`. - New `runPgliteMigrations(handle)` walks the Drizzle journal and runs each statement-breakpoint chunk through PGlite's `client.exec()` (autocommit per statement). Records into `drizzle.__drizzle_migrations` for interop with the postgres-js path. Per-statement try/catch surfaces which statement of which migration failed. - `DatabaseModule` runs migrations in `OnModuleInit` before `app.listen()`. Local tier: explicit `runPgliteMigrations` then `storageAdapter.migrate()`. Postgres tier: just `storageAdapter.migrate()`, which already calls `runMigrations(url)` internally — no double-call. - Removed `packages/storage/src/test-utils/pglite-with-vector.ts`. The "intentionally not exported" rationale is moot now that migration 0001 forces pgvector load anyway. The integration test uses `createPgliteDb` + `runPgliteMigrations` from `@mosaicstack/db`. Tests: BetterAuth tables exist after migrate; idempotent (re-runs 0009); partial-failure surfaces statement-level context and leaves no ledger row. QA on a fresh PGlite install: - `Applying PGlite schema migrations...` then `Initializing storage adapter (pglite)...` in startup log. - `GET /api/bootstrap/status` → `{"needsSetup":true}` HTTP 200 (was 500). - `POST /api/bootstrap/setup` reaches Zod validator (was 500). Scope: this PR fixes the local (PGlite) tier. Postgres-tier first install still has the outer-transaction problem and a journal ordering bug (0009's `when` < 0008's). Documented inline as TODO and in the scratchpad — needs a separate change with real-Postgres validation. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-04 17:06:50 -05:00
jason.woltje	ee3f2defd9	feat(types): federation v1 DTOs (FED-M3-01) (#506)	2026-04-24 02:54:40 +00:00
jason.woltje	74fe60d8d6	feat(federation): admin controller + CLI federation commands (FED-M2-08) (#498)	2026-04-22 04:39:46 +00:00
jason.woltje	0bfaa56e9e	feat(federation): enrollment controller + single-use token flow (FED-M2-07) (#497)	2026-04-22 04:23:19 +00:00
jason.woltje	01dd6b9fa1	feat(federation): grants service CRUD + status transitions (FED-M2-06) (#496)	2026-04-22 03:57:12 +00:00
jason.woltje	bf082d95a0	feat(federation): seal federation peer client keys at rest (FED-M2-05) (#495)	2026-04-22 03:10:20 +00:00
jason.woltje	54c278b871	feat(db): federation schema — grants/peers/audit_log [FED-M2-01] (#486)	2026-04-22 02:02:21 +00:00
jason.woltje	45e8f02c91	feat(mosaic-portainer): PORTAINER_INSECURE flag for self-signed TLS (#484)	2026-04-22 01:21:54 +00:00
jason.woltje	dc4afee848	fix(storage): redact credentials in driver errors + advisory lock (FED-M1-10) (#479)	2026-04-20 02:02:57 +00:00
jason.woltje	15d849c166	test(storage): integration test for migrate-tier (FED-M1-08) + camelCase column fix (#477)	2026-04-20 01:40:02 +00:00
jason.woltje	1a4b1ebbf1	feat(gateway,storage): mosaic gateway doctor with tier health JSON (FED-M1-06) (#475)	2026-04-20 01:00:39 +00:00
jason.woltje	ccad30dd27	feat(storage): mosaic storage migrate-tier with dry-run + idempotency (FED-M1-05) (#474)	2026-04-20 00:35:08 +00:00
jason.woltje	58169f9979	feat(storage): pgvector adapter support gated on tier=federated (FED-M1-03) (#472)	2026-04-19 23:42:18 +00:00
jason.woltje	9c89c32684	feat(config): add federated tier + rename team→standalone (FED-M1-01) (#470)	2026-04-19 23:11:11 +00:00
Jason Woltje	5f03c05523	chore(release): @mosaicstack/mosaic 0.0.30 (#459) ... Co-authored-by: Jason Woltje <jason@diversecanvas.com> Co-committed-by: Jason Woltje <jason@diversecanvas.com>	2026-04-12 02:18:17 +00:00
Jason Woltje	c3f810bbd1	fix(mosaic): seed TOOLS.md from defaults on install (#458) ... Co-authored-by: Jason Woltje <jason@diversecanvas.com> Co-committed-by: Jason Woltje <jason@diversecanvas.com>	2026-04-12 02:02:21 +00:00