mark/vibn-frontend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
86 Commits 2 Branches 0 Tags
2647919bd5b415743ac80b44e15a7436ccc72a21
Commit Graph

23 Commits

Author SHA1 Message Date
mawkone
2647919bd5 feat(refactor): live zed-style codebase files autocomplete and context attachment 2026-05-21 17:20:31 -07:00
mawkone
50f65e337d feat(refactor): premium zed-style chat UI, collapsible reasoning, and comprehensive strict type sweeps 2026-05-21 17:05:42 -07:00
mawkone
2e02d3d8c6 fix(ai): completely remove thinkingConfig from Gemini payload to prevent 400 errors 2026-05-19 16:16:52 -07:00
mawkone
a8cdc0344e fix(ai): correct Gemini SDK payload property thinkingBudgetTokens to thinkingBudget 2026-05-19 16:15:59 -07:00
mawkone
93087d4f9a feat(ai): optimize tool loops, fix deployments, and integrate new onboarding flow 2026-05-19 12:52:47 -07:00
mawkone
5364bd8497 feat(api): comprehensive QA hardening — security gates, chat improvements, beta scaffolds 
Closes checklist items F-01..F-06, D-01..D-28, S-01..S-10, C-01..C-07,
B-01..B-07, R-01..R-02, O-03.

Security (28 deletions + 10 auth gates):
- Delete 28 unauthenticated debug/cursor/firebase/test routes
- Gate ai/chat, ai/conversation, context/summarize, work-completed with withTenantProject/withAuth
- Add HMAC-SHA256 signature verification to webhooks/coolify
- Switch all admin secret comparisons to timingSafeStringEq

Foundations (lib/server/*):
- api-handler.ts: withAuth, withTenantProject, withWorkspace, withAdminSecret, withRateLimit
- logger.ts: structured request-scoped logging with turnId
- audit-log.ts: writeAuditLog helper + audit_log table
- rate-limit.ts: Postgres sliding window rate limiter
- coolify-webhook.ts: verifyCoolifySignature
- timing-safe.ts: timingSafeStringEq

Chat hardening (chat/route.ts):
- MAX_TOOL_ROUNDS 15 → 8 (C-01)
- Loop detection: hard-break at 3 identical fingerprints (was 5) (C-02)
- Add 6-consecutive-tool-call hard-break (C-02)
- Mode: respond first, act second prompt block (C-03)
- SSE heartbeat every 25s via setInterval (C-04)
- Per-tool 45s timeout via Promise.race (C-05)
- turnId per-turn UUID for log correlation (C-06)
- Recovery fires when roundsSinceText >= 4 (C-07)
- SSE plan event on plan_task_add/edit (B-05)

Beta features:
- invites table + GET/POST /api/invites (P4.8)
- invites/[token] validate + redeem (P4.8)
- fs_project_dev_servers table + lib/server/dev-server-state.ts (P6.B1)
- fs_project_secrets table + CRUD routes (P6.D2)
- lib/integrations/brief-extract.ts (P3.7)

Documentation:
- app/api/ROUTES.md: full route map with auth + tenant
 2026-05-17 19:17:22 -07:00
mawkone
b148552217 fix(ai): hardcode all default LLM references to gemini-3.1-pro-preview across monorepo 2026-05-16 15:00:17 -07:00
mawkone
bed6607803 fix(ai): actually throw probe error out of probeDevServerReadiness so AI captures the failure synchronously 2026-05-16 13:16:17 -07:00
mawkone
25558d3923 fix(ai): correct syntax for executing bash scripts inside the dev container 2026-05-16 12:49:50 -07:00
mawkone
d290951351 feat(ai): inject full directory tree into context to eliminate manual fs_list probing 2026-05-16 12:40:31 -07:00
mawkone
bc59fb99c1 fix(agent): ensure is_force_https_enabled is applied to docker compose apps when setting custom domains 2026-05-16 11:29:31 -07:00
mawkone
08ea31c39e fix(agent): increase dev server readiness probe timeout to 300s to accommodate slow Next.js cold boots and prevent premature AI loop restarts 2026-05-15 16:59:10 -07:00
mawkone
b53cb0546e fix(ai): ensure dev container is running before attempting to generate codebase summary 2026-05-15 16:22:43 -07:00
mawkone
67c43028dd feat(ai): inject dynamic codebase summary into system prompt to eliminate blind structure searches 2026-05-15 16:16:45 -07:00
mawkone
2db6bee780 feat(ui): add showcase toggle and runtime renderer to design explorer 2026-05-15 14:09:27 -07:00
mawkone
547d74ae44 fix(ui): handle fallback UI for design systems without visual previews 2026-05-15 14:00:01 -07:00
mawkone
688378aa1f feat(ai): replace hardcoded design kits with dynamic open-design templates and registries 2026-05-15 13:49:16 -07:00
mawkone
299addfcad feat(ai): integrate open-design capabilities (templates, media generation, visual QA) 2026-05-15 11:07:44 -07:00
mawkone
4862c76a60 feat(ui): add mobile preview device framing and design QA tools 2026-05-15 11:01:49 -07:00
mawkone
6c85b1db34 fix(mcp): resolve external preview routing failures and correct monorepo git paths 2026-05-14 14:56:29 -07:00
mawkone
d99e8f96c5 fix(ai): strip deepseek xml tags from chat history & secure git tools 
This commit addresses the issue where DeepSeek's raw XML markup (like <tool_calls> and <think>) was leaking into chat history, causing hallucinations in subsequent turns. It also patches a vulnerability in the git commit tool where arbitrary shell injection was possible.

Additionally, it includes UX copy and color contrast adjustments for the marketing homepage breadcrumbs.
 2026-05-14 11:34:42 -07:00
mawkone
6151a72bfd feat(ui): add 5 high-end design systems to registry and fix auth logo styling 2026-05-13 22:51:22 -07:00
mawkone
575c38cb34 chore: convert submodules to standard directories for true monorepo structure 2026-05-13 14:54:23 -07:00