|
|
019211ecce
|
chore(telemetry): loosen error normalization to preserve status codes and line numbers for accurate verification signatures
|
2026-06-10 11:12:29 -07:00 |
|
|
|
d433da56f9
|
chore(telemetry): resolve universal path normalizer logic and path-confusion tracking
|
2026-06-10 11:08:42 -07:00 |
|
|
|
ca47d0643d
|
feat(telemetry): implement phase-based execution loop and adaptive tool budgets
|
2026-06-09 18:58:12 -07:00 |
|
|
|
7ddcbfe32d
|
chore(telemetry): add path-confusion loop breaker and strict blank-preview diagnostic protocol
|
2026-06-09 16:27:09 -07:00 |
|
|
|
472e30e9bc
|
chore(telemetry): replace fragile regex path normalization with bulletproof path.posix.resolve
|
2026-06-09 16:25:51 -07:00 |
|
|
|
a2298be5ca
|
chore(telemetry): remove hardcoded legacy getacquired slug from universal path normalizer
|
2026-06-09 16:21:12 -07:00 |
|
|
|
137d5975e1
|
chore(telemetry): implement universal path normalizer and omni-reaper to prevent preview sprawl
|
2026-06-09 16:11:31 -07:00 |
|
|
|
7a9c2575f0
|
chore(telemetry): add path-confusion loop breaker and strict blank-preview diagnostic protocol
|
2026-06-09 16:10:45 -07:00 |
|
|
|
dd510fe81f
|
chore(telemetry): verify signature comment and cleanup
|
2026-06-09 15:35:46 -07:00 |
|
|
|
ef4a06a57c
|
ux(chat): tune silent-loop status nudge threshold to 6 rounds and strip leaked tool trace payloads from UI
|
2026-06-09 15:02:34 -07:00 |
|
|
|
a036f2f28f
|
chore(telemetry): align shell_exec and dev_server_start cwd to flattened workspace root
|
2026-06-09 14:59:42 -07:00 |
|
|
|
8c73f72680
|
chore(telemetry): jack up MAX_TOOL_ROUNDS to 150 for ultimate custom app-building runway
|
2026-06-09 14:30:36 -07:00 |
|
|
|
f1d0c9e0b5
|
chore(telemetry): jack up MAX_TOOL_ROUNDS to 150 for ultimate custom app-building runway
|
2026-06-09 14:18:44 -07:00 |
|
|
|
ad7d0face8
|
chore(telemetry): raise MAX_TOOL_ROUNDS to 60 for complete engineering runway
|
2026-06-09 14:16:31 -07:00 |
|
|
|
1284078799
|
chore(telemetry): align attached-file reader to flattened project root path
|
2026-06-09 13:38:32 -07:00 |
|
|
|
de1209afe4
|
chore(telemetry): refactor stall detector to track real state progress and persist non-null verify signatures across edit rounds
|
2026-06-09 13:36:30 -07:00 |
|
|
|
6ec312f716
|
chore(telemetry): flatten the project slug layer and remove cd path instructions from system prompt
|
2026-06-09 13:28:57 -07:00 |
|
|
|
98cb278cbc
|
ux(mcp): resolve tool-pill red X contradiction inside Playwright browser crawler
|
2026-06-09 12:42:53 -07:00 |
|
|
|
3679ccf913
|
chore(telemetry): optimize state-based loop stall detector by tracking tool input signatures and clean up unused helper functions
|
2026-06-09 12:23:20 -07:00 |
|
|
|
7b6cac5462
|
chore(telemetry): implement state-based loop governor, 180s tool timeout, visual-qa path fix, and fs_write diff-guard
|
2026-06-09 12:05:15 -07:00 |
|
|
|
c442921ccb
|
chore(telemetry): add bulletproof mcp_token sanitization and read-only mode fallback in chat route
|
2026-06-09 10:47:32 -07:00 |
|
|
|
492404cd14
|
chore(telemetry): fix agent loops, name mangling, dev server leaks, CWD alignment, and add daily session auditor
|
2026-06-08 16:09:58 -07:00 |
|
|
|
c35b63d797
|
fix(agency): add force-dynamic to workspace api route to prevent aggressive next.js cache
|
2026-06-08 13:23:07 -07:00 |
|
|
|
d7187abedc
|
feat(auth): make Name field required on signup
|
2026-06-08 10:45:26 -07:00 |
|
|
|
2714f8cdf3
|
feat(frontend): email+password auth, /signin + /signup pages, marketing consolidation, onboarding workspace naming + full data persistence
|
2026-06-06 20:28:38 -07:00 |
|
|
|
4d40496739
|
feat: complete live-verified GTM onboarding flow & places autocomplete search proxies
|
2026-06-06 17:53:13 -07:00 |
|
|
|
1926b7df22
|
fix(db): cast project_id to uuid in agent_sessions INSERT query
|
2026-05-30 12:40:14 -07:00 |
|
|
|
eb709d111d
|
fix(auth): allow empty string appPath inside session-creation route
|
2026-05-29 19:23:06 -07:00 |
|
|
|
c2f71769bb
|
feat(auth): enable requireWorkspacePrincipal on agent/sessions routes to support desktop API keys
|
2026-05-29 19:08:23 -07:00 |
|
|
|
7681bd1211
|
feat(auth): enable requireWorkspacePrincipal on individual project GET/PATCH routes to support desktop API keys
|
2026-05-29 18:48:28 -07:00 |
|
|
|
b263f6d392
|
feat(auth): enable requireWorkspacePrincipal on projects GET route to support desktop API keys
|
2026-05-29 17:06:23 -07:00 |
|
|
|
bf6171a667
|
feat: added desktop sso endpoints
|
2026-05-28 16:05:47 -07:00 |
|
|
|
b3dd3714c3
|
feat(refactor): live zed-style codebase files autocomplete and context attachment
|
2026-05-21 17:20:31 -07:00 |
|
|
|
8049a7f1ab
|
feat(refactor): premium zed-style chat UI, collapsible reasoning, and comprehensive strict type sweeps
|
2026-05-21 17:05:42 -07:00 |
|
|
|
329eb4eb67
|
feat(ai): configure Architect mode prompt with Spec Kit templates and enforce task completion rules in background runner
|
2026-05-19 19:40:23 -07:00 |
|
|
|
02de32958f
|
feat(ai): automate end-to-end PRD, architecture, and task generation directly from Objective
|
2026-05-19 19:32:07 -07:00 |
|
|
|
7c45fdc5cc
|
fix(ai): bump roundSinceText cutoff to 30 to prevent panic loops
|
2026-05-19 15:26:15 -07:00 |
|
|
|
096ebc278a
|
fix(api): delete legacy atlas and advisor agent endpoints
|
2026-05-19 15:09:59 -07:00 |
|
|
|
5573f1e6fa
|
fix(ai): restore thinking animations for gemini streams
|
2026-05-19 14:53:24 -07:00 |
|
|
|
d7d4b2d2fe
|
fix(ai): bump loop-breaker limits from 16 to 30 to permit long autonomous workflows
|
2026-05-19 14:51:45 -07:00 |
|
|
|
67fa4a2ccc
|
feat(runner): migrate vibn-agent-runner to use frontend MCP proxy tools and updated headless prompt
|
2026-05-19 14:06:12 -07:00 |
|
|
|
bbcd4ad55e
|
fix(ai): implement Phase 2 and 3 prompt recommendations from review
|
2026-05-19 13:47:18 -07:00 |
|
|
|
618f7796b2
|
feat(ai): optimize tool loops, fix deployments, and integrate new onboarding flow
|
2026-05-19 12:52:47 -07:00 |
|
|
|
6b8862ef2b
|
feat(api): comprehensive QA hardening — security gates, chat improvements, beta scaffolds
Closes checklist items F-01..F-06, D-01..D-28, S-01..S-10, C-01..C-07,
B-01..B-07, R-01..R-02, O-03.
Security (28 deletions + 10 auth gates):
- Delete 28 unauthenticated debug/cursor/firebase/test routes
- Gate ai/chat, ai/conversation, context/summarize, work-completed with withTenantProject/withAuth
- Add HMAC-SHA256 signature verification to webhooks/coolify
- Switch all admin secret comparisons to timingSafeStringEq
Foundations (lib/server/*):
- api-handler.ts: withAuth, withTenantProject, withWorkspace, withAdminSecret, withRateLimit
- logger.ts: structured request-scoped logging with turnId
- audit-log.ts: writeAuditLog helper + audit_log table
- rate-limit.ts: Postgres sliding window rate limiter
- coolify-webhook.ts: verifyCoolifySignature
- timing-safe.ts: timingSafeStringEq
Chat hardening (chat/route.ts):
- MAX_TOOL_ROUNDS 15 → 8 (C-01)
- Loop detection: hard-break at 3 identical fingerprints (was 5) (C-02)
- Add 6-consecutive-tool-call hard-break (C-02)
- Mode: respond first, act second prompt block (C-03)
- SSE heartbeat every 25s via setInterval (C-04)
- Per-tool 45s timeout via Promise.race (C-05)
- turnId per-turn UUID for log correlation (C-06)
- Recovery fires when roundsSinceText >= 4 (C-07)
- SSE plan event on plan_task_add/edit (B-05)
Beta features:
- invites table + GET/POST /api/invites (P4.8)
- invites/[token] validate + redeem (P4.8)
- fs_project_dev_servers table + lib/server/dev-server-state.ts (P6.B1)
- fs_project_secrets table + CRUD routes (P6.D2)
- lib/integrations/brief-extract.ts (P3.7)
Documentation:
- app/api/ROUTES.md: full route map with auth + tenant
|
2026-05-17 19:17:22 -07:00 |
|
|
|
000d2d171e
|
fix(deploy): use explicit ssh:// scheme and port 222 for gitea clone urls in coolify
|
2026-05-16 13:54:17 -07:00 |
|
|
|
120f045a55
|
fix(ai): upgrade deploy mechanism to use explicit ssh deploy keys rather than http basic auth to solve gitea cloning bugs
|
2026-05-16 13:30:14 -07:00 |
|
|
|
1545145292
|
fix(ai): implement two-stage loop detection to warn before hard-stopping (Fix 11)
|
2026-05-16 12:59:16 -07:00 |
|
|
|
f2c29857b5
|
fix(ai): relax fs_edit line number enforcement to allow safe oldString replacements
|
2026-05-16 12:54:15 -07:00 |
|
|
|
ca8a915fe2
|
fix(ai): sync auto-commit with streamed result to surface commit SHA to UI (Fix 10)
|
2026-05-16 12:26:54 -07:00 |
|
|
|
89c9b01669
|
fix(ai): add hard-rule prompt clause forbidding unverified mutation claims (Fix 8)
|
2026-05-16 12:25:26 -07:00 |
|
