cbb729f377
Merge pull request 'perf: gateway + DB + frontend optimizations (P8-003)' ( #211 ) from feat/p8-003-performance into main
...
ci/woodpecker/push/ci Pipeline failed
Reviewed-on: mosaic/mosaic-stack#211
2026-03-21 12:28:30 +00:00
77ba13b41b
feat(auth): add WorkOS and Keycloak SSO providers
ci/woodpecker/pr/ci Pipeline was successful
ci/woodpecker/push/ci Pipeline was successful
2026-03-19 20:30:00 -05:00
254da35300
feat(auth): add WorkOS + Keycloak SSO providers (P8-001)
...
- Refactor auth.ts to build OAuth providers array dynamically; extract
buildOAuthProviders() for unit-testability
- Add WorkOS provider (WORKOS_CLIENT_ID/SECRET/REDIRECT_URI env vars)
- Add Keycloak provider with realm-scoped OIDC discovery
(KEYCLOAK_URL/REALM/CLIENT_ID/CLIENT_SECRET env vars)
- Add genericOAuthClient plugin to web auth-client for signIn.oauth2()
- Add WorkOS + Keycloak SSO buttons to login page (NEXT_PUBLIC_*_ENABLED
feature flags control visibility)
- Update .env.example with SSO provider stanzas
- Add 8 unit tests covering all provider inclusion/exclusion paths
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-03-19 20:18:59 -05:00
3b81bc9f3d
perf: gateway + DB + frontend optimizations (P8-003)
...
- DB client: configure connection pool (max=20, idle_timeout=30s, connect_timeout=5s)
- DB schema: add missing indexes for auth sessions, accounts, conversations, agent_logs
- DB schema: promote preferences(user_id,key) to UNIQUE index for ON CONFLICT upsert
- Drizzle migration: 0003_p8003_perf_indexes.sql
- preferences.service: replace 2-query SELECT+INSERT/UPDATE with single-round-trip upsert
- conversations repo: add ORDER BY + LIMIT to findAll (200) and findMessages (500)
- session-gc.service: make onModuleInit fire-and-forget (removes cold-start TTFB block)
- next.config.ts: enable compress, productionBrowserSourceMaps:false, image avif/webp
- docs/PERFORMANCE.md: full profiling report and change impact notes
2026-03-18 21:26:45 -05:00
cbfd6fb996
fix(web): conversation DELETE — resolve Failed to fetch TypeError ( #204 )
...
ci/woodpecker/push/ci Pipeline failed
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-03-17 02:43:56 +00:00
3f8553ce07
fix(cli): TUI polish — Ctrl+T, React keys, clipboard, version ( #205 )
...
ci/woodpecker/push/ci Pipeline failed
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-03-17 02:40:18 +00:00
bf668e18f1
fix(web): admin page role check — stop false redirect to /chat ( #203 )
...
ci/woodpecker/push/ci Pipeline failed
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-03-17 02:38:25 +00:00
93645295d5
fix(gateway): filter projects by ownership — close data privacy leak ( #202 )
...
ci/woodpecker/push/ci Pipeline failed
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-03-17 02:35:45 +00:00
7a52652be6
feat(gateway): Discord channel auto-creation on project bootstrap ( #200 )
...
ci/woodpecker/push/ci Pipeline was successful
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-03-17 02:32:14 +00:00
791c8f505e
feat(gateway): /system override condensation — accumulate + Haiku merge ( #198 )
...
ci/woodpecker/push/ci Pipeline was successful
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-03-17 02:26:31 +00:00
12653477d6
feat(gateway): project bootstrap — docs structure + default agent ( #190 )
...
ci/woodpecker/push/ci Pipeline was successful
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-03-17 02:12:24 +00:00
dedfa0d9ac
fix(gateway): system override TTL 5min → 7 days ( #189 )
...
ci/woodpecker/push/ci Pipeline was successful
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-03-17 02:06:58 +00:00
39ef2ff123
feat: verify Phase 8 platform architecture + integration tests (P8-019) ( #185 )
...
ci/woodpecker/push/ci Pipeline was successful
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-03-16 03:43:42 +00:00
0821393c1d
feat(gateway): WorkspaceService + ProjectBootstrapService + TeamsService (P8-015)
...
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/pr/ci Pipeline was successful
- WorkspaceService: path resolution, git init/clone, directory lifecycle (create/delete/exists), user and team root provisioning
- ProjectBootstrapService: orchestrates DB record creation (via Brain) + workspace directory init in a single call
- TeamsService: isMember, canAccessProject, findAll, findById, listMembers via Drizzle DB queries
- WorkspaceController: POST /api/workspaces — auth-guarded project bootstrap endpoint
- TeamsController: GET /api/teams, /:teamId, /:teamId/members, /:teamId/members/:userId
- WorkspaceModule wired into AppModule
- workspace.service.spec.ts: 5 unit tests for resolvePath (user, team, fallback, env var, default)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-03-15 22:06:01 -05:00
24f5c0699a
feat(gateway): MosaicPlugin lifecycle + ReloadService + hot reload (P8-013) ( #182 )
...
ci/woodpecker/push/ci Pipeline was successful
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-03-16 03:00:56 +00:00
96409c40bf
feat(gateway): /agent, /provider, /mission, /prdy, /tools commands (P8-012) ( #181 )
...
ci/woodpecker/push/ci Pipeline was successful
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-03-16 02:50:18 +00:00
b649b5c987
feat(gateway): SessionGCService three-tier GC + /gc command + cron (P8-014)
...
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/pr/ci Pipeline was successful
Implements three-tier garbage collection for agent sessions:
- SessionGCService.collect() for immediate per-session cleanup on destroySession()
- SessionGCService.sweepOrphans() for daily cron sweep of orphaned Valkey keys
- SessionGCService.fullCollect() for cold-start aggressive cleanup via OnModuleInit
- /gc slash command wired into CommandExecutorService + registered in CommandRegistryService
- SESSION_GC_CRON (daily 4am) added to CronService
- GCModule provides Valkey (ioredis via @mosaic/queue) and is imported by AgentModule, LogModule, CommandsModule, AppModule
- 8 Vitest unit tests covering all three GC tiers
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-03-15 21:38:48 -05:00
85aeebbde2
feat(gateway): PreferencesService + /preferences REST + /system Valkey override (P8-011)
...
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/pr/ci Pipeline was successful
- PreferencesService: platform defaults, user overrides, IMMUTABLE_KEYS enforcement
- PreferencesController: GET /api/preferences, POST /api/preferences, DELETE /api/preferences/:key
- PreferencesModule: global module exporting PreferencesService and SystemOverrideService
- SystemOverrideService: Valkey-backed session-scoped system prompt override with 5-min TTL + renew
- CommandRegistryService: register /system command (socket execution)
- CommandExecutorService: handle /system command via SystemOverrideService
- AgentService: inject system override before each prompt turn, renew TTL; store userId in session
- ChatGateway: pass userId when creating agent sessions
- PreferencesService unit tests: 11 tests covering defaults, overrides, enforcement wins, immutable key errors
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-03-15 21:32:03 -05:00
a4bb563779
feat(gateway): CommandRegistryService + CommandExecutorService (P8-010) ( #178 )
...
ci/woodpecker/push/ci Pipeline was successful
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-03-16 02:10:31 +00:00
7f6464bbda
feat(gateway): tool path hardening + sandbox escape prevention (P8-016) ( #177 )
...
ci/woodpecker/push/ci Pipeline was successful
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-03-16 02:02:48 +00:00
4da255bf04
feat(cli): command architecture — agents, missions, gateway-aware prdy ( #158 )
...
ci/woodpecker/push/ci Pipeline failed
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-03-15 23:10:23 +00:00
82c10a7b33
feat(cli): TUI complete overhaul — components, sidebar, search, branding ( #157 )
...
ci/woodpecker/push/ci Pipeline was successful
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-03-15 22:17:19 +00:00
3792576566
fix(web): add jsdom dependency and exclude e2e from vitest ( #155 )
...
ci/woodpecker/push/ci Pipeline was successful
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-03-15 20:00:53 +00:00
cb92ba16c1
feat(web): Playwright E2E test suite for critical paths ( #152 )
...
ci/woodpecker/push/ci Pipeline failed
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-03-15 19:46:13 +00:00
a760401407
feat(admin): web admin panel — user CRUD, role assignment, system health ( #150 )
...
ci/woodpecker/push/ci Pipeline was successful
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-03-15 19:18:47 +00:00
22a5e9791c
feat(coord): DB migration — project-scoped missions, multi-tenant RBAC ( #149 )
...
ci/woodpecker/push/ci Pipeline failed
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-03-15 19:18:18 +00:00
d1bef49b4e
feat(agent): session cwd sandbox, system prompt config, tool restrictions ( #148 )
...
ci/woodpecker/push/ci Pipeline failed
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-03-15 19:15:05 +00:00
76abf11eba
fix(cli): remove side-effect from agent:end state updater ( #133 ) ( #147 )
...
ci/woodpecker/push/ci Pipeline failed
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-03-15 19:09:13 +00:00
0809f4e787
feat(web): settings persistence — profile, preferences save to DB ( #124 ) ( #145 )
...
ci/woodpecker/push/ci Pipeline was successful
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-03-15 18:43:52 +00:00
3bb401641e
feat(agent): skill invocation — load and execute skills from catalog ( #128 ) ( #143 )
...
ci/woodpecker/push/ci Pipeline was successful
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-03-15 18:36:58 +00:00
54b821d8bd
feat(web): provider management UI — list, test, model capabilities ( #123 ) ( #142 )
...
ci/woodpecker/push/ci Pipeline was successful
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-03-15 18:33:55 +00:00
09e649fc7e
feat(gateway): MCP client — connect to external MCP servers as agent tools ( #127 ) ( #141 )
...
ci/woodpecker/push/ci Pipeline was successful
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-03-15 18:28:31 +00:00
f208f72dc0
feat(web): project detail views — missions, tasks, PRD viewer ( #122 ) ( #140 )
...
ci/woodpecker/push/ci Pipeline failed
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-03-15 18:28:14 +00:00
d42cd68ea4
feat(web): conversation management — search, rename, delete, archive ( #121 ) ( #139 )
...
ci/woodpecker/push/ci Pipeline was successful
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-03-15 18:20:15 +00:00
07647c8382
feat(agent): expand tool registry — file, git, shell, web fetch ( #126 ) ( #138 )
...
ci/woodpecker/push/ci Pipeline was successful
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-03-15 18:17:17 +00:00
8633823257
feat(gateway): add MCP server endpoint with streamable HTTP transport ( #137 )
...
ci/woodpecker/push/ci Pipeline was successful
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-03-15 18:11:50 +00:00
d0999a8e37
feat(web): wire WebSocket chat with streaming and conversation switching ( #120 ) ( #136 )
...
ci/woodpecker/push/ci Pipeline was successful
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-03-15 18:09:14 +00:00
ab61a15edc
fix(agent): register Ollama with api: openai-completions ( #117 )
...
ci/woodpecker/push/ci Pipeline was successful
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-03-15 17:10:32 +00:00
2c60459851
fix(agent): pass dummy apiKey for Ollama provider registration ( #116 )
...
ci/woodpecker/push/ci Pipeline was successful
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-03-15 17:08:19 +00:00
049bb719e8
fix(auth): add CORS headers to BetterAuth raw HTTP handler ( #112 )
...
ci/woodpecker/push/ci Pipeline failed
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-03-15 16:47:27 +00:00
72a73c859c
fix(gateway): CORS, memory userId from session, pgvector auto-init ( #110 )
...
ci/woodpecker/push/ci Pipeline was successful
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-03-15 16:40:28 +00:00
6d2b81f6e4
fix(gateway): add missing @Inject() decorators causing silent startup hang ( #109 )
...
ci/woodpecker/push/ci Pipeline was successful
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-03-15 01:52:01 +00:00
9d01a0d484
fix(gateway): load .env from monorepo root via dotenv ( #108 )
...
ci/woodpecker/push/ci Pipeline was successful
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-03-15 01:25:09 +00:00
84e1868028
fix(gateway): resolve two startup bugs blocking E2E testing ( #102 )
...
ci/woodpecker/push/ci Pipeline was successful
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-03-15 00:45:28 +00:00
1f4d54e474
fix(gateway): wire Telegram plugin into gateway plugin host ( #99 )
...
ci/woodpecker/push/ci Pipeline failed
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-03-15 00:05:27 +00:00
1bfdc91f90
Merge pull request 'feat(auth): P5-004 Authentik OIDC adapter via Better Auth genericOAuth' ( #97 ) from feat/p5-sso-authentik into main
ci/woodpecker/push/ci Pipeline failed
2026-03-13 20:15:50 +00:00
684dbdc6a4
fix(gateway): enforce task and mission ownership
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/pr/ci Pipeline was successful
2026-03-13 14:43:33 -05:00
e92de12cf9
feat(auth): add Authentik OIDC adapter
...
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/pr/ci Pipeline was successful
Refs #96
2026-03-13 14:42:05 -05:00
85a25fd995
fix: add plugin paths to tsconfig.typecheck.json for merged PluginModule
ci/woodpecker/pr/ci Pipeline was successful
ci/woodpecker/push/ci Pipeline was successful
2026-03-13 13:03:59 -05:00
20f302367c
chore(gateway): align typecheck paths after rebase
2026-03-13 13:03:09 -05:00
