9b56cf362b
fix(preview): remove brittle dev server readiness probes; trust that the server will eventually boot
2026-06-12 15:36:35 -07:00
960232e525
design(preview): match toggle button sizes to device toggles
2026-06-12 15:00:40 -07:00
82a41f7e95
fix(stop+stability): stop button interrupts live generation; classifier, prompt + preview pane improvements
...
Stop button fix:
- Plumb AbortSignal end-to-end: callVibnChat → Gemini SDK (config.abortSignal) / OpenAI fetch → executeMcpTool (/api/mcp fetch)
- Treat abort as clean user stop (not fatal error); partial reply persisted with '(stopped by user)'
Classifier fix:
- Add timeout/gateway/5xx/connection-error vocabulary to diagnose intent
- Prevents 'I get a gateway timeout' from falling through to feature_build (40 rounds) and looping
Prompt / agent behaviour:
- Render verification is now scope-aware: small edits stop at green healthCheck; no browser_console/curl audit on healthy server
- Sanitize stale '### Phase Checkpoint' walls from loaded history so old threads stop biasing new turns
- Next.js dev command updated to --no-turbopack for container stability (per-route lazy compile caused cold-start 503s)
- New public page prompt: agent checks middleware allowlist in the same turn
- Scope discipline and QA-tool gating carried forward from prior session
Code cleanup:
- Remove duplicate AgentPhase declaration (TS2440)
- Remove dead checkpoint emit branch and orphan 'checkpoint' phase value
- Remove unused MAX_TOOL_ROUNDS constant
Preview pane (build status):
- 4-state machine: initial-load / building (with elapsed timer) / build-failed / not-running
- pollMs 0 → 5 000ms so dev-server recovery and build completion auto-update without refresh
- anatomy route + use-anatomy type: inFlightBuild gains createdAt for elapsed timer
2026-06-10 21:40:48 -07:00
39cb9194a5
feat(verification): acceptance-check layer + executor fix-loop; hide phase-checkpoint walls; guaranteed turn-end summary. Verification gated behind VIBN_VERIFICATION_ENABLED.
2026-06-10 19:43:36 -07:00
a4fe96496a
feat(telemetry): emit per-turn governor summary (stop_reason, rounds, tool_results) for orchestration diagnostics
2026-06-10 17:07:43 -07:00
caab38f950
fix(telemetry): restore knowledge_chunks schema; move agent_telemetry DDL to its own file
2026-06-10 16:23:10 -07:00
4f76b0f3b7
feat: decoupled training telemetry microservice
2026-06-10 15:11:26 -07:00
4550df6c1a
perf(telemetry): stop migration hook from endlessly rsyncing large node_modules by guarding with marker file
2026-06-10 11:46:50 -07:00
ca47d0643d
feat(telemetry): implement phase-based execution loop and adaptive tool budgets
2026-06-09 18:58:12 -07:00
d4c10db58e
chore(telemetry): use safer rsync for container path migration hook
2026-06-09 16:28:51 -07:00
137d5975e1
chore(telemetry): implement universal path normalizer and omni-reaper to prevent preview sprawl
2026-06-09 16:11:31 -07:00
a036f2f28f
chore(telemetry): align shell_exec and dev_server_start cwd to flattened workspace root
2026-06-09 14:59:42 -07:00
b43dddac4e
chore(telemetry): add container-level self-healing repository folder migration hook
2026-06-09 13:52:14 -07:00
6ec312f716
chore(telemetry): flatten the project slug layer and remove cd path instructions from system prompt
2026-06-09 13:28:57 -07:00
492404cd14
chore(telemetry): fix agent loops, name mangling, dev server leaks, CWD alignment, and add daily session auditor
2026-06-08 16:09:58 -07:00
2714f8cdf3
feat(frontend): email+password auth, /signin + /signup pages, marketing consolidation, onboarding workspace naming + full data persistence
2026-06-06 20:28:38 -07:00
4d40496739
feat: complete live-verified GTM onboarding flow & places autocomplete search proxies
2026-06-06 17:53:13 -07:00
b3dd3714c3
feat(refactor): live zed-style codebase files autocomplete and context attachment
2026-05-21 17:20:31 -07:00
8049a7f1ab
feat(refactor): premium zed-style chat UI, collapsible reasoning, and comprehensive strict type sweeps
2026-05-21 17:05:42 -07:00
d56131d8b4
fix(ai): completely remove thinkingConfig from Gemini payload to prevent 400 errors
2026-05-19 16:16:52 -07:00
f2dcd5597d
fix(ai): correct Gemini SDK payload property thinkingBudgetTokens to thinkingBudget
2026-05-19 16:15:59 -07:00
618f7796b2
feat(ai): optimize tool loops, fix deployments, and integrate new onboarding flow
2026-05-19 12:52:47 -07:00
6b8862ef2b
feat(api): comprehensive QA hardening — security gates, chat improvements, beta scaffolds
...
Closes checklist items F-01..F-06, D-01..D-28, S-01..S-10, C-01..C-07,
B-01..B-07, R-01..R-02, O-03.
Security (28 deletions + 10 auth gates):
- Delete 28 unauthenticated debug/cursor/firebase/test routes
- Gate ai/chat, ai/conversation, context/summarize, work-completed with withTenantProject/withAuth
- Add HMAC-SHA256 signature verification to webhooks/coolify
- Switch all admin secret comparisons to timingSafeStringEq
Foundations (lib/server/*):
- api-handler.ts: withAuth, withTenantProject, withWorkspace, withAdminSecret, withRateLimit
- logger.ts: structured request-scoped logging with turnId
- audit-log.ts: writeAuditLog helper + audit_log table
- rate-limit.ts: Postgres sliding window rate limiter
- coolify-webhook.ts: verifyCoolifySignature
- timing-safe.ts: timingSafeStringEq
Chat hardening (chat/route.ts):
- MAX_TOOL_ROUNDS 15 → 8 (C-01)
- Loop detection: hard-break at 3 identical fingerprints (was 5) (C-02)
- Add 6-consecutive-tool-call hard-break (C-02)
- Mode: respond first, act second prompt block (C-03)
- SSE heartbeat every 25s via setInterval (C-04)
- Per-tool 45s timeout via Promise.race (C-05)
- turnId per-turn UUID for log correlation (C-06)
- Recovery fires when roundsSinceText >= 4 (C-07)
- SSE plan event on plan_task_add/edit (B-05)
Beta features:
- invites table + GET/POST /api/invites (P4.8)
- invites/[token] validate + redeem (P4.8)
- fs_project_dev_servers table + lib/server/dev-server-state.ts (P6.B1)
- fs_project_secrets table + CRUD routes (P6.D2)
- lib/integrations/brief-extract.ts (P3.7)
Documentation:
- app/api/ROUTES.md: full route map with auth + tenant
2026-05-17 19:17:22 -07:00
955aeed6ce
fix(ai): hardcode all default LLM references to gemini-3.1-pro-preview across monorepo
2026-05-16 15:00:17 -07:00
9b5702a81c
fix(ai): actually throw probe error out of probeDevServerReadiness so AI captures the failure synchronously
2026-05-16 13:16:17 -07:00
2057a61ea2
fix(ai): correct syntax for executing bash scripts inside the dev container
2026-05-16 12:49:50 -07:00
70ea8f849b
feat(ai): inject full directory tree into context to eliminate manual fs_list probing
2026-05-16 12:40:31 -07:00
a4480f9217
fix(agent): ensure is_force_https_enabled is applied to docker compose apps when setting custom domains
2026-05-16 11:29:31 -07:00
c7e720bdc9
fix(agent): increase dev server readiness probe timeout to 300s to accommodate slow Next.js cold boots and prevent premature AI loop restarts
2026-05-15 16:59:10 -07:00
feebeccd8e
fix(ai): ensure dev container is running before attempting to generate codebase summary
2026-05-15 16:22:43 -07:00
485ed73572
feat(ai): inject dynamic codebase summary into system prompt to eliminate blind structure searches
2026-05-15 16:16:45 -07:00
f3b957ace2
feat(ui): add showcase toggle and runtime renderer to design explorer
2026-05-15 14:09:27 -07:00
b4821b3eba
fix(ui): handle fallback UI for design systems without visual previews
2026-05-15 14:00:01 -07:00
895fd8a961
feat(ai): replace hardcoded design kits with dynamic open-design templates and registries
2026-05-15 13:49:16 -07:00
9c903d22ef
feat(ai): integrate open-design capabilities (templates, media generation, visual QA)
2026-05-15 11:07:44 -07:00
8a7897a891
feat(ui): add mobile preview device framing and design QA tools
2026-05-15 11:01:49 -07:00
c3b06b61fc
fix(mcp): resolve external preview routing failures and correct monorepo git paths
2026-05-14 14:56:29 -07:00
c51c3c21b3
fix(ai): strip deepseek xml tags from chat history & secure git tools
...
This commit addresses the issue where DeepSeek's raw XML markup (like <tool_calls> and <think>) was leaking into chat history, causing hallucinations in subsequent turns. It also patches a vulnerability in the git commit tool where arbitrary shell injection was possible.
Additionally, it includes UX copy and color contrast adjustments for the marketing homepage breadcrumbs.
2026-05-14 11:34:42 -07:00
8a302365cd
feat(ui): add 5 high-end design systems to registry and fix auth logo styling
2026-05-13 22:51:22 -07:00
abf9bf89c2
chore: convert submodules to standard directories for true monorepo structure
2026-05-13 14:54:23 -07:00
