bytelyst/learning_ai_common_plat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
749 Commits 2 Branches 3 Tags 60 MiB
1fda345d38
Commit Graph

299 Commits

Author SHA1 Message Date
saravanakumardb1
6ba86e0bf4 fix: replace corepack pnpm with pnpm in pretest/predev scripts 
Node 25 removed corepack as a built-in. Replace all 'corepack pnpm'
invocations with direct 'pnpm' calls since pnpm is installed globally.

Affected: platform-service, tracker-web, blob, testing, LLM dashboard
 2026-03-19 19:57:16 -07:00
saravanakumardb1
16dc1c4a79 feat(platform-service): overhaul module generator with auto-patching 
- Rewrote gen-module.ts to match actual codebase patterns
- Repository uses getRegisteredContainer from @bytelyst/cosmos
- Routes use req.jwtPayload?.sub for auth (not req.user)
- Routes register with explicit /name paths under /api prefix
- Auto-patches cosmos-init.ts with container definition
- Auto-patches server.ts with import + route registration
- Proper parenthesis-aware field splitter for enum(a,b,c)
- Test template generates per-field validation tests
- Checks for existing module directory before overwriting
- Pascal/camel case helpers handle hyphenated module names
- Dry-run shows auto-patch previews
 2026-03-19 19:52:06 -07:00
saravanakumardb1
1ad8660dd8 fix(platform): fix 2 type errors found in typecheck sweep 
- api-key-auth.ts: Record<string, unknown> → FilterMap (import from @bytelyst/datastore)
- reviews/notifications.ts: raw subject/html/text → templateId + variables (match dispatchEmail signature)
 2026-03-19 19:02:57 -07:00
saravanakumardb1
548f7199bf fix(extraction-service): fix QueueJob generic type mismatch in createJob 
enqueue() returns QueueJob<TPayload, unknown> since no result exists at
enqueue time. mapQueueJob expects ExtractionJobResult. Cast at the call
site since newly enqueued jobs have undefined result and all accesses
use optional chaining.
 2026-03-19 18:12:34 -07:00
root
e996962b64 feat(mcp-server): add team provisioning follow-up hooks 2026-03-15 09:59:35 +00:00
root
8976caa966 feat(mcp-server): add org review follow-up hooks 2026-03-15 09:56:04 +00:00
root
7c5999ce5a feat(mcp-server): wire a2a governance hooks 2026-03-15 09:51:00 +00:00
root
d93ada4037 docs(config): align rate limit settings 2026-03-15 09:42:42 +00:00
root
e4bff5a2fe feat(platform-service): add support case management foundation 2026-03-15 09:39:20 +00:00
root
14346fbd5d feat(ratelimit): back api throttles with datastore 2026-03-15 09:37:03 +00:00
root
8b99b7a9a7 feat(platform-service): add scim provisioning foundation 2026-03-15 09:36:27 +00:00
root
66d0bf53a9 feat(platform-service): add shared knowledge foundation 2026-03-15 09:33:17 +00:00
root
728d8f2484 feat(platform-service): add ai budget governance 2026-03-15 09:30:16 +00:00
root
3f06427038 feat(platform-service): add agent evaluation governance 2026-03-15 09:26:40 +00:00
root
8d78b6ce59 feat(api-key): audit security events 2026-03-15 09:24:01 +00:00
root
2f7163b856 feat(api-key): restrict job operations to service tokens 2026-03-15 09:08:38 +00:00
root
95261acb92 feat(api-key): log auth and throttling rejects 2026-03-15 09:06:51 +00:00
root
798c1b9fad feat(platform-service): add agent registry foundation 2026-03-15 09:05:39 +00:00
root
473b7310d5 fix(tokens): tighten machine credential issuance 2026-03-15 06:28:50 +00:00
root
57abfa5b03 feat(api-key): add per-product throttling 2026-03-15 06:26:42 +00:00
root
8240f6060d feat(api-key): restrict ops routes to service tokens 2026-03-15 06:24:08 +00:00
root
d1b3faae8b fix(tokens): issue machine-ready defaults 2026-03-15 06:19:48 +00:00
root
eac633e1e7 fix(api-key): enforce machine token policy 2026-03-15 06:16:15 +00:00
root
507f0fdd1f feat(tokens): classify machine credentials 2026-03-15 06:09:42 +00:00
root
3398d1400f feat(platform-service): add human review queue 2026-03-15 06:08:23 +00:00
root
33c5a5a5ce feat(platform-service): add org workspace foundation 2026-03-15 06:03:08 +00:00
root
841d2f5129 fix(api-key): enforce requested product binding 2026-03-15 06:01:17 +00:00
root
daec38faf7 feat(a2a): persist incident pipeline runs 2026-03-15 05:58:15 +00:00
root
07e9475b70 fix(tokens): align api token storage with cosmos partitioning 2026-03-15 05:57:34 +00:00
root
a76b932502 feat(platform-service): add durable run tracking 2026-03-14 16:08:07 +00:00
root
885ee2d504 feat(events): add durable event bus worker path 2026-03-14 16:02:40 +00:00
root
8de22f9f22 feat(platform-service): allow scoped api keys on webhook routes 2026-03-14 15:38:42 +00:00
root
da744ab116 feat(platform-service): allow scoped api keys on ops routes 2026-03-14 14:58:08 +00:00
root
0ad6703961 feat(platform-service): add api key auth context and throttling guard 2026-03-14 14:55:23 +00:00
root
7616901683 test(workspace): harden service bootstrap and sync coverage 2026-03-14 06:40:10 +00:00
root
2b4fccb744 feat(queue): add durable worker runtime and extraction integration 2026-03-14 06:25:10 +00:00
root
91885f0d4f Add Mailpit-backed prototype email sandbox 2026-03-14 06:16:28 +00:00
root
a27a822fc2 Add prototype storage diagnostics and smoke test 2026-03-14 06:06:35 +00:00
root
114240c79a feat(platform-service): add telegram and slack delivery 2026-03-14 06:01:59 +00:00
root
db9ae4a573 feat(platform-service): add smtp email delivery and postal setup 2026-03-14 05:52:28 +00:00
root
19b58b3ea0 Fix prototype service runtime dependencies 2026-03-14 05:32:21 +00:00
root
a5e8890df2 Add Cosmos emulator prototype support 2026-03-14 05:24:01 +00:00
saravanakumardb1
2b3130821c fix(auth): register magic_link event type + use admin productId for enterprise IdP 
- Register 'auth.magic_link_requested' in @bytelyst/events PlatformEventSchemas
- Remove any-cast from magic-link/routes.ts — now properly typed
- Enterprise IdP creation uses admin's JWT productId instead of hardcoded 'smartauth'
- All 53 auth tests passing
 2026-03-12 15:55:09 -07:00
saravanakumardb1
b0e1a54481 fix(auth): enterprise SSO bcrypt hash + upgrade cost 10→12 
- Enterprise SAML/OIDC callbacks used raw 'sso_xxx' string as passwordHash
  which would crash bcrypt.compare(). Now uses userRepo.hashPassword(randomUUID())
- Added updateLastLogin() for existing enterprise SSO users
- Upgraded bcrypt cost factor from 10 to 12 per PRD spec
- All 53 auth tests passing
 2026-03-12 15:35:00 -07:00
saravanakumardb1
0c4e53a0ed feat(auth): Phase 6 — enterprise SAML/OIDC, magic link, HIBP, E2E specs 
6A: Enterprise IdP CRUD, SAML callback, OIDC callback, email domain lookup
6B: Magic link send/verify (15min TTL, anti-enumeration), HIBP breach check
6D: 3 new E2E specs (account-linking, step-up, enterprise) — total 8 SmartAuth specs
- All 53 auth tests passing
 2026-03-12 15:25:28 -07:00
saravanakumardb1
f4b9124065 feat(auth): add Phase 5C-5E endpoints + SDK methods — TOTP secret, push approvals, QR auth 
- GET /auth/mfa/totp/secret — retrieve decrypted TOTP secret for auth app
- POST /auth/mfa/push/create, GET /pending, POST /:id/respond, GET /:id/status
- POST /auth/qr/create, POST /auth/qr/confirm, GET /auth/qr/:id/status
- Kotlin SDK: getTotpSecret, getPendingApprovals, respondToApproval, confirmQrLogin
- Swift SDK: getTotpSecret, getPendingApprovals, respondToApproval, confirmQrLogin
- All 53 auth tests passing
 2026-03-12 15:01:51 -07:00
saravanakumardb1
ae13abfab2 fix(auth): address SmartAuth agent review gaps — Swift mock wiring, passkey SDK consistency, device list parity, JSDoc, SSR docs 2026-03-12 12:27:08 -07:00
saravanakumardb1
a613cf1bf9 test(auth): add SmartAuth integration tests + fix auth.routes.test mocks 
- Add 5 new tests: MFA challenge integration, risk scorer edge cases, login events wiring, device trust pure function
- Fix auth.routes.test.ts: add vi.mock stubs for login-events, risk-scorer, mfa, devices, config, event-bus
- Change afterEach from restoreAllMocks to clearAllMocks (preserves mock implementations between tests)
- Total: 42 smartauth tests, 951 platform-service tests all passing
 2026-03-12 11:27:50 -07:00
saravanakumardb1
0f4be0c325 feat(auth): wire login events into OAuth login helper 
- Record success login event with risk scoring after OAuth token issuance
- Import login-events repo + risk-scorer into oauth/routes
- Best-effort recording — never blocks OAuth login flow
 2026-03-12 11:19:11 -07:00
saravanakumardb1
82d7f157d9 feat(auth): wire login events + MFA challenge into login handler 
- Add recordLoginEvent() helper with risk scoring via scoreLoginRisk()
- On failed login: record 'failed' event with risk assessment
- On MFA-required: issue challenge token, record 'mfa_required' event
- On success: record 'success' event with risk assessment
- Import login-events repo, risk-scorer, mfa repo, challenge store, device repo
 2026-03-12 11:17:23 -07:00