Merged
Conversation
…w updates - Update API route to include updateSquadConfig tool with usage instructions - Add onToolCall handler to SquadChat for client-side tool handling - Wire up onboarding page with actual SquadChat and SquadPreview components - Use sendAutomaticallyWhen for automatic tool result submission - Import SquadConfig from canonical location (@/lib/onboarding-tools) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Verified pnpm test runs successfully (AI tests skip as expected) - Verified pnpm test:coverage generates coverage report - Verified Playwright config loads correctly - Verified Vitest UI starts successfully - Verified GitHub Actions workflow file exists - Verified typecheck passes (test utilities importable) - Phase 00 complete, ready for Phase 01 Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Mark X-Agent-Name validation task complete (already implemented) - Add MAX_MENTIONS = 5 constant to comments API - Add validation before comment creation to reject >5 mentions - Return 400 error with clear message for too many mentions - Validation occurs before database insert to prevent orphaned data Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add MAX_REQUEST_BODY_SIZE constant (10KB) - Early rejection via Content-Length header check - Streaming body read with size limit protects against spoofed headers - Returns 413 Payload Too Large when limit exceeded - Cancel reader on oversized body to avoid resource leaks Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Sequential phases now run in worktrees like parallel phases - Each phase merges back to feat branch after completion - Worktree cleanup happens automatically after successful merge Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add comprehensive unit tests for the StatusDot component covering: - All three status states (active, idle, offline) with correct styling - Pulse animation behavior (only for active status with pulse=true) - All three size variants (sm, md, lg) - Accessibility attributes (role, aria-label, aria-hidden) - Ref forwarding, className merging, HTML attribute pass-through - Base styles and status/size combinations 40 tests, all passing. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add integration tests for Supabase database client: - Test configuration (getTestConfig returns expected shape) - Client creation (anon and admin clients) - Database connection (queries squads, agents, tasks tables) - RPC functions (set_current_squad_id) - Type generation verification (13 tables, enums) Tests skip gracefully when database unavailable via shouldSkipDatabaseTest() helper that handles connection errors and missing schema. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Test cross-tenant isolation and verify RLS returns empty results (not errors) for unauthorized access. Tests cover: - User cannot see other users' squad data - Cross-tenant queries return empty arrays - Anon client cannot insert into squads table - Agent context grants access only to specified squad - Context-based policies restrict access appropriately Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Create comprehensive test suite for rate-limit.ts (39 tests) - Test getClientIp IP extraction from headers - Test disabled mode when Upstash not configured - Test rateLimitByIp convenience function - Test createRateLimitResponse 429 responses with Retry-After header - Test addRateLimitHeaders for attaching headers to responses - Test all rate limit types (heartbeat: 10/min, tasks: 30/min, default: 60/min) - Test enabled mode with mocked Upstash Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Created comprehensive test suite for API key verification helper - 54 tests covering extractApiKeyPrefix, extractApiKeyFromHeader, verifyApiKey, authenticateAgent, and verifyApiKeyWithAgent - Tests verify correct status codes (401, 403, 400, 404) - Tests verify RLS context setting via set_current_squad_id RPC - Uses vi.mock for bcrypt and Supabase client Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Create comprehensive test suite for auth.ts functions (42 tests) - Test getSession, getUser, requireAuth, getCurrentSquadId, signIn, signUp, signOut - Include PRD-required tests: signup, signin, signout, get session - Add edge cases and cookie integration tests - Mock @supabase/ssr, next/headers, next/navigation - Mark atom component tests checkbox complete (all 7 atom tests exist) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Update middleware to redirect authenticated users from /login and /signup to /dashboard - Create comprehensive middleware test suite with 25 tests covering: - PRD-required tests: unauthenticated redirect, authenticated access, auth page redirect - Public paths, API routes, and static files bypass auth - Proper redirectTo query param handling - Edge cases and Supabase client configuration Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Create comprehensive E2E test suite for the login flow with 20 tests: - Page structure validation (form elements, input types, autocomplete) - Form validation (required fields, email format) - Successful login flow with redirect to dashboard - Error handling (invalid credentials, error styling, error clearing) - Accessibility (labels, keyboard navigation, tab order) - Session handling (redirect authenticated users) Tests skip gracefully when SUPABASE_SERVICE_ROLE_KEY is unavailable. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Create tests/e2e/auth/session.spec.ts with 11 comprehensive tests for session persistence across page refresh and navigation: - Page refresh tests (basic, multiple, hard reload) - Navigation tests (away/back, browser history) - Cookie and storage verification - Protected route access after refresh - Session expiry edge cases Tests skip gracefully when SUPABASE_SERVICE_ROLE_KEY unavailable. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Audit all error states across the codebase: - Route-level error boundaries with "Try Again" buttons - Reusable ErrorBoundary molecule with "Try Again" button - TaskCardContainer with "Retry" button - Form validation errors correctable by user input Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
…pdates - Introduce URL-driven task modal functionality in `TasksClient`, auto-opening specific tasks via query parameters - Add navigational menu in Header with icon-based links to dashboard sections (Dashboard, Squads, Agents, Tasks) and "Create Squad" button - Implement `AgentSidebarWithPanel` for agent selection, detail viewing, and activity/message fetching - Create robust, accessible navigation and improved agent interaction experiences
Create comprehensive test suite for SquadChat onboarding component with 35 tests covering rendering, accessibility, message sending, keyboard interaction, AI responses, disabled states, imperative handle (ref), squad update callbacks, useChat configuration, styling, message parts handling, and avatar display. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Create comprehensive test suite for SquadPreview component - 45 tests covering rendering, config updates, keyboard navigation, accessibility, imperative handle, styling, and edge cases - Verify PRD requirements: renders agent cards, updates on config changes Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- 36 comprehensive tests covering rendering, edit mode, validation, keyboard navigation, delete functionality, and edge cases - Tests verify PRD requirements: renders name/role, allows editing, validates required fields, is keyboard navigable - Follows established testing patterns from SquadChat and SquadPreview tests Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
…feed with tests - Enhance `DashboardLayout` with collapsible sidebar and activity feed functionality - Persist collapse states in `localStorage` and restore on load - Add accessible toggle buttons with animated transitions - Comprehensive test suite covering rendering, toggling, `localStorage` state persistence, and restoration
…with tests - Add `notifications.ts` offering @mention parsing, notification creation, retry logic, and delivery tracking - Introduce `security` utilities for sanitization to prevent XSS vulnerabilities - Implement comprehensive test suites for notifications and `sanitizeHtml` methods, ensuring functionality and security compliance - Configure Qodana for static analysis with `qodana.yaml`
…ve tests - Introduce `queries.ts` for optimized Supabase eager loading queries to prevent N+1 patterns - Implement `CircuitBreaker` utility for reliable external API handling with state transitions and error management - Add `CircuitBreaker` test suite covering 479 cases like state changes, failure thresholds, cooldowns, and recovery handling - Comprehensive documentation and examples provided for both utilities
…ty type error - Add daily standup cron endpoint with Telegram integration - Add vercel.json cron configuration (11 PM UTC daily) - Fix ActivityMetadata type to satisfy Supabase Json constraint - 21 tests for daily standup covering auth, formatting, Telegram, errors Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add `openclaw.json` for OpenClaw agent configurations and heartbeat optimization - Update `SKILL.md` to address discrepancies with actual API behavior (task status enum, response shapes, pagination removal) - Refactor rate limit table for consistency with runtime implementation - Add placeholders for integration test setup, including Docker Compose and orchestrator components - Lay groundwork for comprehensive
Complete integration test infrastructure for validating the full agent lifecycle against a Docker Compose environment (Supabase + Next.js). - Test orchestrator with squad bootstrap, heartbeat simulation, and task assignment helpers - Typed API client covering all 17+ Mission Control endpoints with retry logic and multi-agent support via withAgent() - Polling helpers (waitForHealth, waitForAgentOnline, waitForTaskStatus) - 12-step lifecycle test: agents online → task CRUD → assignment → status updates → comments → @mentions → notifications → squad chat - 7 focused scenario suites: squad lifecycle, task flow, collaboration, SOUL.md sync, squad chat, error handling, AI work (gated) - CI workflow with Docker Compose, health polling, and nightly schedule - npm scripts for integration test lifecycle management Co-Authored-By: Claude <noreply@anthropic.com>
Fix 224 test failures caused by test-implementation drift from
earlier phases. Tests were written for APIs that subsequently evolved.
Hook tests: fix mock paths (client→browser), add realtime mocks,
match actual hook signatures and Supabase query patterns.
Realtime test: complete rewrite to test actual RealtimeClient API
instead of non-existent exports (subscribeToTable, MessageDeduplicator).
Component tests: update props, DOM queries, and assertions to match
current component implementations.
TaskForm: replace user.type('a'.repeat(2001)) with fireEvent.change
to fix flaky timeout under full suite load.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
…ware The anon Supabase client + set_current_squad_id RPC pattern broke because PostgREST runs each request in a separate transaction, losing the transaction-local config set by the RPC call. This caused all agent-authenticated routes to return 404. Switch to service role client for agent/spec lookups since the API key verification is already the security boundary. Also fixes test mismatches: invalid priority 'medium', wrong ChatMessage field names (from_agent/message vs author/content), and incorrect soul_md_sync expectation for new agents. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
… agent bootstrap scripts - Replace `openclaw.json` with `kong.yml` and a modularized configuration directory - Add robust agent bootstrap, setup, and entrypoint scripts - Update Supabase URL env fallback handling (`SUPABASE_URL`) - Enhance Docker Compose with new services, test healthchecks, and defaults - Refactor `supabase-db`, `mission-control`, and `openclaw-gateway` ports and dependencies
Radix UI requires DialogTitle as a descendant of DialogContent at mount time. Previously it was inside conditional branches and could be missed during validation. Now rendered as sr-only direct child of Content. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Documents the critical bug where Supabase JS anon client + set_config RPC loses transaction state across PostgREST calls, causing RLS-filtered queries to return zero rows. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
…upabase setup - Replace static `ENV` vars with build-time `ARG`s in `apps/web/Dockerfile` to support flexible runtime overrides. - Add detailed integration documentation for OpenClaw, Supabase, and Kong configuration, troubleshooting, and testing. - Introduce preflight validation script to detect common misconfigurations. - Update OpenClaw default config to enable cost-effective testing with Anthropic Haiku. - Refine port mappings, health checks, and modular service dependencies in `docker-compose.integration.yml`. - Ensure runtime handling of `NEXT_PUBLIC_SUPABASE_URL` and fallback patterns in client-side code.
…iguration - Replace single shared HEARTBEAT.md with agent-specific versions for Lead, Writer, and Social roles. - Update agent bootstrap scripts to copy distinct heartbeat instructions per workspace. - Rev
…document - Deleted `.claude/rules/10-docker-integration-prevention-strategies.md` following consolidation of strategies in preflight checks and recent documentation updates.
- Consolidated mission instructions in `HEARTBEAT.md` for clear agent workflows. - Reduced redundancy and refined descriptions in `SKILL.md`. - Updated task, notification, and status handling workflows for better readability and alignment with current API behavior. - Improved authentication and error handling documentation sections.
… and enhance config - Replaced redundant agent commands in HEARTBEAT.md with concise references to mission-control skill. - Standardized skill usage by setting `MISSION_CONTROL_AGENT_NAME` in each agent's HEARTBEAT.md. - Updated setup and entrypoint scripts to handle agent-specific HEARTBEAT.md files and copy real skill files. - Improved OpenClaw configuration by enabling skill-based heartbeats and clarifying heartbeat model handling in comments. - Adjusted logging and sandbox settings for improved test reliability.
…at integration - Introduced comprehensive documentation for configuring and troubleshooting OpenClaw skill-based heartbeats with Mission Control. - Included step-by-step solutions for common issues like API key errors, silent agents, and onboarding failures. - Added detailed explanations of SKILL.md, HEARTBEAT.md, and openclaw.json configurations. - Provided debugging strategies, runtime flow, and architectural insights for seamless integration. - Documented lessons learned, end-to-end proofs, and related files for better team alignment.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.