Applied fresh on current main (the matching dependabot branches were 350-430
commits behind and would have conflicted on the lockfile):
- @azure/cosmos 4.9.1 -> 4.9.3
- jose 6.1.3 -> 6.2.3 (mcp-server stays on the 5.x line: 5.9.6 -> 5.10.0)
- @typescript-eslint/parser 8.0 -> 8.60.0
Verified: full workspace build green; platform-service suite 1684 pass (only the
pre-existing single-fork migration-isolation flake, passes isolated); tracker-web
228 pass (only the pre-existing happy-dom product-context failures). No new
regressions. Major bumps (fastify/cors, happy-dom, lint-staged, stripe,
types/node) deferred for separate review.
Generated with [Devin](https://cli.devin.ai/docs)
Co-Authored-By: Devin <158243242+devin-ai-integration[bot]@users.noreply.github.com>
Three coordinated fixes so 'docker compose up cosmos-emulator platform-service
cowork-service --wait' completes end-to-end (pre-existing blocker surfaced by
W1 post-push review).
1. Remove harmful prepare:tsc from @bytelyst/react-native-platform-sdk
package.json. The hook fires during pnpm install --frozen-lockfile against
an empty src/ tree (because Dockerfiles COPY package.jsons before
sources), tsc aborts, install fails. Canonical monorepo build flow is
pnpm -r build using the existing build:tsc script; prepare only runs for
git+ URL installs (which this published package doesn't use), so removing
it is lossless.
2. Add --ignore-scripts to platform-service + mcp-server Dockerfile install
steps. Mirrors the pattern already used by extraction-service/Dockerfile,
dashboards/admin-web/Dockerfile, dashboards/tracker-web/Dockerfile.
Belt-and-braces against future prepare-hook regressions in any workspace
package.
3. Expand .dockerignore node_modules/dist/.next/coverage to **/ globs.
Docker's .dockerignore with bare 'node_modules' only matches root-level;
nested packages/*/node_modules/ were being COPY'd into images, poisoning
them with host-absolute-path .bin shims (e.g. @bytelyst/storage's tsc
shim resolved to /learning_voice_ai_agent/node_modules/.pnpm/... which
doesn't exist in the container → MODULE_NOT_FOUND). The glob fix makes
COPY packages/ packages/ deliver source only.
Gap: INFRA-gap-02
Verified:
pnpm install --frozen-lockfile ✅
pnpm --filter @bytelyst/react-native-platform-sdk build ✅
pnpm --filter @bytelyst/react-native-platform-sdk typecheck ✅
docker compose build platform-service ✅ (previously failed)
docker compose build mcp-server ✅
docker compose build extraction-service ✅
Extend centralized MCP server with 5 new ChronoMind tools:
- chronomind.timers.reschedule — shift timer by delta or set new target time
- chronomind.timers.availability — find free time slots in a window
- chronomind.routines.start — start a routine from ready/template status
- chronomind.agentActions.list — list agent action audit trail
- chronomind.agentActions.approve — approve a proposed agent action
Client functions added to chronomind-client.ts:
- chronomindTimerReschedule, chronomindTimerAvailability, chronomindRoutineStart
- chronomindAgentActionCreate, chronomindAgentActionsList, chronomindAgentActionApprove
Write tools (reschedule, routines.start) record agent actions for audit trail.
Audit recording is fail-open — failures don't block the actual operation.
MCP server typecheck passes. No breaking changes to existing tools.
Root cause: tinypool worker teardown calls kill() which returns EPERM
in the act_runner host environment on Node.js v25.2.1. Tests pass but
the vitest process crashes during cleanup, causing CI failure.
Fix: --pool forks CLI flag on every package/service test script, plus
pool: 'forks' in all vitest.config.ts files. This uses child_process.fork()
worker management which handles termination cleanly.
60 package.json files updated, 10 vitest.config.ts files updated.
platform-service had 16/60, extraction-service had 14/60, mcp-server had 34/60.
All three now list all 57 packages + 4 services + 2 dashboards + scripts.
Required for pnpm install --frozen-lockfile to resolve the full workspace.
- regression-watch-pipeline.ts: Add try/catch around session creation, continue on failures
- post-incident-cleanup-pipeline.ts: Add try/catch around policy deletion and audit export
- Fix extractionResetProductRateLimit optional parameter pattern
- Update return values to use actual counts instead of targets
- All pipelines now continue processing individual items instead of failing entirely
- Add proper type casting for audit response events array
- extraction.extractBatch: batch extraction with shared config
- extraction.submitJob: async job submission with webhook support
- extraction.getJob: get job status/results by ID
- extraction.listJobs: list recent async jobs
- extraction.getProductRateLimitStatus: per-product or summary rate limits
- extraction.resetProductRateLimit: admin rate limit reset
- extraction.sidecarMonitoringState: detailed sidecar circuit breaker state
All tools require admin role and map to existing extraction-service endpoints.
Fixes TypeScript optional parameter error in extractionGetProductRateLimitStatus.
FastingSessionDoc has stages: unknown[] not currentStage: string.
- Replace currentStage cast with hasStages check (session.stages.length > 0)
- Fix protocolId extraction to use direct field (session?.protocolId)
- Report currentStage derived from stages.length as 'stage_N' indicator
New tools backed by routes that existed but had no MCP surface:
- maintenance.getSchedule: GET /settings/maintenance/schedule (list upcoming windows)
- maintenance.deleteWindow: DELETE /settings/maintenance/schedule/:id (cancel window)
- lysnrai.apiTokens.revoke: DELETE /api-tokens/:id (revoke token by ID)
New client functions:
- maintenanceGetSchedule, maintenanceDeleteWindow (platform-client.ts)
- lysnraiApiTokenRevoke (lysnrai-client.ts)
The backend has two separate endpoints:
POST /marketplace/admin/:id/approve
POST /marketplace/admin/:id/reject
Previously jarvisMarketplaceCertify always called /approve regardless of
the decision field — rejections would silently approve listings.
Fix: derive action from decision.decision ('approved' → 'approve', else 'reject')
and use the correct endpoint path.
- tracker-client functions appended to platform-client.ts (tracker is part of platform-service)
- tracker.items.{stats,list,get,create,updateStatus,delete}
- tracker.votes.{toggle,list}
- tracker.comments.{list,add,delete}
- tracker.public.{roadmap,stats}
- All 13 tools require admin role; productId forwarded as x-product-id
