learning_ai_claw-code-oss is an upstream Anthropic Claude Code OSS
clone, not a ByteLyst product. Its root CLAUDE.md is auto-generated
by Claude Code's own bootstrap convention (documents the Rust workspace
shape, verification commands, working agreement) and is owned by
upstream conventions, not by us.
Forcing it through our agent-docs migration would:
- Delete legitimate upstream content
- Replace it with a canonical-pointer block referencing a sibling repo
that has no semantic relationship to claw-code-oss
- Diverge from upstream Anthropic conventions for no benefit
Surgical fix: omit it from repos.txt with an inline comment explaining
why. The repo remains workspace-resident for normal IDE use; we just
don't manage its agent docs from learning_ai_common_plat.
After this change:
- drift check: 17/17 in sync, 2 missing AGENTS.md (productivity_web,
mac_tooling — addressed in follow-up commits)
- claw-code-oss CLAUDE.md preserved as-is
audit-repo-health.md:
- All 9 steps now read from repos.txt dynamically
- Repos without relevant files (package.json, .dockerignore, etc.) are skipped
- No more manual maintenance when repos are added/removed
verify-all-backends.md:
- Remove duplicate learning_ai_notes entry
- Add learning_ai_efforise backend
- Add learning_ai_efforise client + learning_ai_local_llms dashboard to web checks
gitea-ci.md:
- Steps 3+4 read from repos.txt, skip repos without gitea remote
- Handle oss/ subdirectory repos via basename for Gitea API
- /docker-smoke-test: prep, build, verify all Dockerfiles in a repo
- /audit-repo-health: cross-repo pnpm/Docker/config consistency audit
- /verify-all-backends: quick local typecheck+test+build (complement to /gitea-ci)
Review findings and fixes:
- Fix subscription routes use :userId not :id
- Fix GET /plans returns { plans: [...] } wrapper
- Fix org routes require admin-only JWT role
- Flag missing POST /referrals/apply endpoint
- Flag missing POST /subscriptions/restore endpoint
- Expand org-client and marketplace-client with full API signatures
- Add x-product-id header requirement
- Add NomGap Migration Plan
- Add Known Backend Gaps appendix
- Add /implement-shared-packages workflow
- Enterprise SAML/OIDC callbacks used raw 'sso_xxx' string as passwordHash
which would crash bcrypt.compare(). Now uses userRepo.hashPassword(randomUUID())
- Added updateLastLogin() for existing enterprise SSO users
- Upgraded bcrypt cost factor from 10 to 12 per PRD spec
- All 53 auth tests passing
- GET /auth/mfa/totp/secret — retrieve decrypted TOTP secret for auth app
- POST /auth/mfa/push/create, GET /pending, POST /:id/respond, GET /:id/status
- POST /auth/qr/create, POST /auth/qr/confirm, GET /auth/qr/:id/status
- Kotlin SDK: getTotpSecret, getPendingApprovals, respondToApproval, confirmQrLogin
- Swift SDK: getTotpSecret, getPendingApprovals, respondToApproval, confirmQrLogin
- All 53 auth tests passing
- Create repos.txt as single source of truth for all 7 workspace repos
- Update all repo-management workflows to source from repos.txt:
- repo_sync-repos, repo_push-repos, repo_backup-and-push
- repo_backup-main-branch, repo_commit-workspace
Benefits:
- One file to update when adding/removing repos
- Consistent repo list across all workflows
- Scripts can read repos.txt for automation
- refresh.sh: idempotent script, auto-discovers repos, updates symlinks + copies docs/workflows
- launchd plist: scheduled daily at 11 PM + on login
- /refresh-chat-history workflow for on-demand Cascade runs
- README updated with auto-refresh docs and full data inventory
- Repo docs and workflows refreshed from all 4 repos
- backup-main.sh: no longer pushes unpushed main commits, removed Main Push column
- commit-workspace.sh: removed push_repo function, local commits only
- repo_commit-workspace.md: updated docs to reflect no-push behavior
- Create Backup Main Branch skill with comprehensive documentation
- Add Windsurf workflow for easy access
- Implement bash script with multi-repo support
- Smart detection to avoid duplicate backups
- Automatic cleanup of old backups (keeps 7 days)
- Color-coded output for better visibility
- Always returns to main branch after backup
