aad91f3b9d
chore: remove embedded Gitea package registry
2026-05-08 21:10:03 -07:00
saravanakumardb1
deff216c7e
refactor(gitea): robust manifest-based publish pipeline
...
publish-outdated-packages.sh rewritten:
- Manifest-based change detection (no registry tarball downloads)
- Single pack per package (not double-pack for check+publish)
- Deterministic content hash: normalizes version, publishConfig,
and @bytelyst/* dep versions (workspace:* resolution noise)
- Single metadata fetch per package (cached in-process)
- Fixed .npmrc overwrite bug that broke auth during publish phase
- npm_clean() helper strips all proxy env vars uniformly
release-packages.sh fixed:
- .npmrc now includes scoped registry + proxy=false for corp
- Unified corp/home publish path (no duplicated code)
- version_on_registry() uses proxy-stripped env
- Registry credential check uses proxy-stripped env
CI workflow: switched to publish-outdated-packages.sh --skip-build
2026-04-13 01:47:03 -07:00
saravanakumardb1
7b12cba099
chore(packages): bump versions for Gitea registry publish
...
Published 60 @bytelyst/* packages to local Gitea npm registry.
create-app skipped (private: true — internal scaffolding tool).
Token regenerated with full write:package scope to fix E401.
2026-04-13 00:51:57 -07:00
59ae0e1943
feat(runtime): add checkpoint artifact id contract
2026-04-04 14:27:26 -07:00
9aeb9bbd59
feat(runtime): add checkpoint summaries to shared and cowork surfaces
2026-04-04 12:13:46 -07:00
ff8c5eb704
fix(runtime): add queued agent run state
2026-04-04 11:11:45 -07:00
9810ebf619
fix(events): tighten timeline and runtime contracts
2026-04-04 00:35:24 -07:00
3f2482b12c
feat(events): add timeline and agent runtime baselines
2026-04-03 19:53:41 -07:00
e6b58b7187
feat(events): add phase3 trail report contracts
2026-04-03 19:47:54 -07:00
78918fbd90
feat(events): add phase2 plan routine habit contracts
2026-04-03 19:34:37 -07:00
76f1b47484
feat(events): add phase1 ecosystem contracts
2026-04-03 16:29:30 -07:00
root
8b37189829
chore(registry): point packages to gitea.bytelyst.com
2026-03-31 10:53:13 +00:00
saravanakumardb1
46ee14371c
fix(ci): add --pool forks to all vitest test scripts to fix kill EPERM on Node v25
...
Root cause: tinypool worker teardown calls kill() which returns EPERM
in the act_runner host environment on Node.js v25.2.1. Tests pass but
the vitest process crashes during cleanup, causing CI failure.
Fix: --pool forks CLI flag on every package/service test script, plus
pool: 'forks' in all vitest.config.ts files. This uses child_process.fork()
worker management which handles termination cleanly.
60 package.json files updated, 10 vitest.config.ts files updated.
2026-03-27 23:23:38 -07:00
saravanakumardb1
b6348fd4fe
fix(security): harden npm publish — add .npmrc + publishConfig to all 57 packages
...
- Created .npmrc with @bytelyst scoped registry pointing to local Gitea
- Added publishConfig.registry to all 57 @bytelyst/* package.json files
- Created scripts/harden-publish-config.sh for future re-runs
- Prevents accidental publish to npmjs.org or corporate JFrog registry
2026-03-26 21:51:05 -07:00
saravanakumardb1
841cdf3a16
fix(platform-service+events): 3 more gaps in diagnostics + delivery
...
- diagnostics/subscribers: wire session.created email notification to
target user using existing 'diagnostics-session-created' template
(was just logging instead of sending the email)
- events/types: add missing 'currency' field to payment.failed schema
(payment.succeeded had it, payment.failed did not — inconsistency)
- delivery/subscribers: use event.payload.currency instead of hardcoded
empty string in payment-failed email variables
- Typecheck clean, 1483/1483 tests pass
2026-03-22 01:20:24 -07:00
saravanakumardb1
ca6a4d41d8
feat(flags): production-grade feature flag system — multi-variate, segments, audit, SSE, scheduling, prerequisites
...
- types.ts: multi-variate flags (boolean/string/number/JSON), targeting rules with 18 operators, scheduling (enableAt/disableAt/gradual rollout), prerequisites, segments, audit log, evaluation context
- evaluator.ts: pure evaluation engine — schedule checking, prerequisite dependencies (circular detection), individual targeting, targeting rules (AND clauses), segment matching, percentage rollout (FNV-1a), OS version/platform/region filtering
- repository.ts: 3 collections — feature_flags, flag_segments, flag_audit_log
- routes.ts: 18 endpoints — flag CRUD, toggle, archive, kill switch (with tag filter), segment CRUD, audit log, POST /flags/evaluate (multi-variate), SSE /flags/stream, legacy /flags/poll backward-compat
- seed.ts: updated to produce full FeatureFlagDoc with variations, version
- flags.test.ts: 63 tests — schema validation, evaluator engine, targeting rules, segments, prerequisites, scheduling, gradual rollouts, multi-variate, version comparison, deterministic hashing
- @bytelyst/events: added flag.created, flag.updated, flag.deleted, flag.kill_switch event types
- @bytelyst/feature-flag-client: multi-variate support (getValue, getEvaluation, getAllEvaluations), SSE streaming mode, onChange listeners, auth token injection
- event-dispatcher.ts + webhooks/types.ts: wired new flag events
2026-03-21 11:44:49 -07:00
root
885ee2d504
feat(events): add durable event bus worker path
2026-03-14 16:02:40 +00:00
saravanakumardb1
2b3130821c
fix(auth): register magic_link event type + use admin productId for enterprise IdP
...
- Register 'auth.magic_link_requested' in @bytelyst/events PlatformEventSchemas
- Remove any-cast from magic-link/routes.ts — now properly typed
- Enterprise IdP creation uses admin's JWT productId instead of hardcoded 'smartauth'
- All 53 auth tests passing
2026-03-12 15:55:09 -07:00
saravanakumardb1
362b915ea9
feat(auth): SmartAuth backend core — OAuth, MFA, passkeys, device trust, login events
...
Phase 0A: OneAuth schema extension — UserDoc evolution + auth_providers container
Phase 0B: Progressive lockout + IP rate limiting on login
Phase 1A-1B: Google/Microsoft/Apple OAuth + account linking
Phase 1D: Enhanced /auth/me — products, providers, MFA status
Phase 2A-2C: TOTP MFA + challenge flow + admin policies
Phase 3A-3B: WebAuthn passkeys + device trust
Phase 4A: Login events + rule-based risk scoring
New sub-modules: oauth/, mfa/, passkeys/, devices/, login-events/
New containers: auth_providers, auth_mfa, auth_mfa_policies, auth_passkeys, auth_devices, auth_login_events
Tests: 37 new (946 total, all passing), typecheck clean
2026-03-12 10:55:41 -07:00
saravanakumardb1
7714ab51fb
fix(events): add missing platform event schemas for campaign engine and notifications
2026-03-03 12:24:39 -08:00
saravanakumardb1
6a23a02cd4
fix(diagnostics): BUG-4, BUG-5, BUG-7, BUG-8 - race condition, transactions, test isolation, auth validation
...
- BUG-4: Add optimistic concurrency control with retry to updateSessionStats
- BUG-5: Document transaction limitations in batch operations
- BUG-7: Fix test isolation with unique productIds per test run
- BUG-8: Add session ownership validation to ingest endpoints
2026-03-02 23:47:14 -08:00
saravanakumardb1
4e94ecd721
feat(auth): add forgot-password/change-password API routes to admin dashboard + wire email delivery
...
Admin dashboard:
- platform-client.ts: Added forgotPasswordViaService, changePasswordViaService, deleteAccountViaService
- app/api/auth/forgot-password/route.ts: New API route proxying to platform-service
- app/api/auth/change-password/route.ts: New API route for authenticated password change
Platform-service (from prior session):
- auth/routes.ts: Added /auth/change-password and DELETE /auth/account endpoints, wired email verification on register
- auth/types.ts: Added ChangePasswordSchema and DeleteAccountSchema
- delivery/subscribers.ts: Updated password reset subscriber, added email verification subscriber
- delivery/channels/email.ts: Added ByteLyst email API provider (sendViaBytelyst)
- delivery/types.ts: Added 'bytelyst' provider
- events/types.ts: Added resetToken/displayName to user.password_reset, added user.email_verification_requested event
2026-02-28 04:17:04 -08:00
saravanakumardb1
772f428967
feat(platform): add P0 foundational modules — event bus, scheduled jobs, password reset, email verification, status page
2026-02-28 02:29:08 -08:00
