Add @bytelyst/notifications-ui as a workspace dep (minimal link: lockfile entry,
avoiding the env-specific full re-normalization). New SystemBanners component
mounts at the top of the dashboard shell:
- BannerStack renders dismissible system/maintenance notices from
NEXT_PUBLIC_SYSTEM_NOTICE (nothing when unset)
- Announcement shows a localStorage-dismissible "what's new" pill
Defer UX-13.1 (NotificationCenter): tracker has no notifications feed — the
/api/tracker proxy exposes only items/comments/votes/roadmap. The dep + an
import smoke test are in place so a future feed wiring starts from green.
All colors come from the bridged --bl-* tokens; no hardcoded literals.
Generated with [Devin](https://cli.devin.ai/docs)
Co-Authored-By: Devin <158243242+devin-ai-integration[bot]@users.noreply.github.com>
- add @bytelyst/auth-ui workspace dep (minimal link: lockfile entry) (11.1)
- replace the password form with LoginForm and the OTP step with MfaChallenge,
wiring onSubmit to the existing auth-context login + /api/auth/mfa/verify;
social login gated to Google via NEXT_PUBLIC_GOOGLE_CLIENT_ID (11.2)
- add aria-labels to the placeholder-only auth-ui inputs so the a11y gate and
label-based selectors stay green
- add an auth-ui import smoke test; full render assertion stays in the e2e
"shows login form with correct branding" test (11.3)
The /api/auth/* proxy routes and auth-context are unchanged.
Generated with [Devin](https://cli.devin.ai/docs)
Co-Authored-By: Devin <158243242+devin-ai-integration[bot]@users.noreply.github.com>
Add @bytelyst/ui and @bytelyst/design-tokens as workspace dependencies,
create token bridge layer mapping --bl-* to existing tracker vars, and
implement Primitives.tsx adapter for shared UI components. Includes smoke
test verifying component exports. All verification checks pass.
Generated with [Devin](https://cli.devin.ai/docs)
Co-Authored-By: Devin <158243242+devin-ai-integration[bot]@users.noreply.github.com>
Replaces the bespoke <table> in /dashboard/items with <DataTable> (TanStack-
powered sorting + client pagination), keeping the existing badge cells, title
link, labels and delete action via ColumnDef cell renderers. Server-side
type/status/priority/search filters retained (enableFilter=false on the table).
Verified: tsc --noEmit clean; vitest 31/31; next build --webpack succeeds
(/dashboard/items compiles).
RichTextEditor (toolbar + slash menu + async mentions, SSR-safe via
immediatelyRender:false) + RichTextViewer (generateHTML, server-renderable) +
standalone Toolbar. Pure filterSlashItems/filterUsers helpers. 12/12 vitest
(incl. live editor mount + bold toggle in happy-dom); tsc clean; published to
Gitea.
DataTable wrapper: sort, global filter, pagination, row selection + bulk
action bar, column resize/pin/reorder, compact/comfortable density, and a
virtualised mode for 10k+ rows (seeded initialRect for SSR/headless).
Note: roadmap 9.C says 'TanStack Table v9' but no stable v9 exists yet; built
on the current stable v8.21.3 + react-virtual 3.13.
Verified: vitest 10/10; tsc --noEmit clean; tsc build emits dist; published
@bytelyst/data-table@0.1.0 to local Gitea registry.
@bytelyst/ui 0.2.0 -> 0.2.1
- Combobox: scroll the highlighted option into view during arrow-key nav so
it never leaves the popover viewport (IMP-1)
- TagInput: new commitOnBlur prop (default false) — committing the buffer on
blur surprised users clicking away to discard. BEHAVIOR CHANGE: blur no
longer commits unless commitOnBlur is set (IMP-3)
- Add vitest + happy-dom + @testing-library/react devDeps, test script, and
packages/ui/vitest.config.ts; 6 unit tests for Combobox + TagInput (GAP-4)
- Drop the stale 'vitest pending' ROADMAP-EXEC-TODO comments
6/6 tests pass; tsc clean.
═══════════════════════════════════════════════════════════════════════
TODO #6 — size-limit budgets in CI
═══════════════════════════════════════════════════════════════════════
Adds .size-limit.cjs with budgets for 6 pilot @bytelyst/* packages,
plus a Gitea Actions workflow (.gitea/workflows/size-limit.yml) that
fails the build on any regression.
Current measurements vs budget (all comfortably under):
@bytelyst/api-client 793 B / 8 KB
@bytelyst/auth-client 1.97 KB / 8 KB
@bytelyst/celebrations 236 B / 6 KB
@bytelyst/quick-actions 122 B / 6 KB
@bytelyst/react-auth 2.71 KB / 10 KB
@bytelyst/dashboard-shell 3.96 KB / 30 KB
Scripts:
pnpm size — measure + assert against budgets
pnpm size:why — explain top contributors
Deps: size-limit@^12.1.0, @size-limit/preset-small-lib@^12.1.0.
Pilot scope (this commit): 6 packages. Full @bytelyst/* rollout is
incremental — each entry added separately.
═══════════════════════════════════════════════════════════════════════
TODO #5 — Storybook canonical pattern
═══════════════════════════════════════════════════════════════════════
Discovery: @bytelyst/ui already has Storybook 8 with the @bytelyst/
addon-a11y addon configured and 5 .stories.tsx files.
This commit:
- Documents that setup as the canonical template
(docs/STORYBOOK_TEMPLATE.md) including the .storybook/main.ts,
preview.ts, package.json scripts, and an example story.
- Catalogs which of the 8 visual @bytelyst/* packages need Storybook
added (1/8 done — @bytelyst/ui).
- Per docs/ROADMAP_2026_DECISIONS.md §9, hosting target is
self-hosted Gitea Pages (no Chromatic).
Full rollout to the other 7 packages stays open as incremental work.
═══════════════════════════════════════════════════════════════════════
TODO #4 — DTCG v3 token migration RFC
═══════════════════════════════════════════════════════════════════════
This is too large to land in a single commit. Drafted RFC instead:
docs/rfc/0001-dtcg-v3-token-migration.md
The RFC proposes a 4-PR sequence:
PR 1 — Add converter + dual-emit (byte-identical assertion)
PR 2 — Flip source of truth to DTCG JSON
PR 3 — Introduce the component tier
PR 4 — Multi-theme via DTCG token sets
Estimate: 2 person-weeks total. Backward compatibility: --ml-* and
--bl-* names preserved through all 4 PRs. Status: Draft, awaiting
reviewers.
Refs: learning_ai_uxui_web/docs/ROADMAP_2026.md §10 TODOs #4, #5, #6
The platform-service build was failing with 3 unrelated TS errors,
surfaced while running the Gitea outdated-package detector earlier
in this session:
src/server.ts(18,8): Cannot find module '@bytelyst/devops/server'
src/server.ts(318,61): Property 'cosmosEndpoint' does not exist on type 'ProductIdentity'
src/server.ts(321,42): Property 'platformServiceUrl' does not exist on type 'ProductIdentity'
Root causes (two distinct bugs):
1. Stale install. '@bytelyst/devops' was already declared as
'workspace:*' in services/platform-service/package.json (line 24),
but node_modules/@bytelyst/devops/ did not exist. Re-running
'pnpm install' at the workspace root materialised the symlink.
2. Variable shadowing. In the GET /devops/info handler the code
declared a local 'const config' from loadProductIdentity() that
shadowed the module-level 'config' (env vars) imported from
'./lib/config.js' at line 112. The author then tried to read
'config.cosmosEndpoint' and 'config.platformServiceUrl' off the
ProductIdentity, where those keys never exist:
ProductIdentity = {
productId, displayName, licensePrefix, configDirName,
envVarPrefix, bundleIdSuffix, packageName
}
The intended values live on the env config:
config.COSMOS_ENDPOINT (Zod-validated, required at boot)
config.HOST + config.PORT (defaults '0.0.0.0' / 4003)
There is no 'platformServiceUrl' field anywhere in the codebase —
it only appeared in this single buggy line. Reconstructed as
'\${HOST}:\${PORT}' which is the URL admins would use to reach
this service for the devops/info diagnostic dashboard.
Fix (services/platform-service/src/server.ts:310-339):
- Rename local 'const config' to 'const productIdentity' to break
the shadowing.
- Use productIdentity.productId for the devops productId field.
- Use config.COSMOS_ENDPOINT (the env config) for the cosmos
dependency health check URL.
- Use `http://${config.HOST}:${config.PORT}` for the extra
platformServiceUrl field.
- Add a doc comment block explaining the two-config distinction
so future contributors don't reintroduce the shadow.
Verified:
pnpm --filter @lysnrai/platform-service build OK (0 errors)
pnpm --filter @lysnrai/platform-service test 1511/1512 pass
The 1 remaining failure (src/modules/products/cache.test.ts line 104,
'returns all cached products' expects 2 products but got 3) is a
PRE-EXISTING product-registry test drift on main, verified by
stashing this commit's changes and re-running the same test against
the unmodified tree. It will be addressed separately.
Baseline pnpm-lock.yaml on origin/main was missing entries for
packages/billing-client and packages/webhook-dispatch (their
package.json files list typescript + vitest devDependencies that the
lockfile didn't reflect). Any pnpm install --frozen-lockfile — in CI,
in services/platform-service/Dockerfile, in services/mcp-server/Dockerfile,
in services/extraction-service/Dockerfile — therefore failed with
ERR_PNPM_OUTDATED_LOCKFILE.
Ran pnpm install which regenerated the lockfile deterministically; the
net diff cleans up a large amount of stale phantom entries while adding
the two missing package entries. After the refresh,
pnpm install --frozen-lockfile succeeds.
This is W1 baseline-repair scope (similar to commit a954f434 for lint).
It does NOT fully restore the full-stack docker compose smoke because
services/platform-service/Dockerfile also has a separate pre-existing
bug: @bytelyst/react-native-platform-sdk runs `tsc` in its prepare
script, but pnpm install runs prepare scripts before the Dockerfile
COPY packages/ step brings in source — so tsc has nothing to compile
and fails. That Dockerfile is outside W1's Files-You-Own and needs
a separate fix (either remove/no-op the prepare script, use pnpm
install --ignore-scripts, or COPY source before install).
Gap: none (baseline repair supporting INFRA-gap-01)
Verified: pnpm install --frozen-lockfile (clean), pnpm -r typecheck /
lint / build / test (all green), docker compose build
cowork-service + docker compose up -d cowork-service --wait
(still Healthy), curl localhost:4009/health (200 OK).
Added LLM routing module to cowork-service:
- lib/llm-router.ts — singleton LlmRouter with cloud + local Ollama support
- modules/llm/types.ts — Zod request schemas
- modules/llm/routes.ts — POST /api/llm/chat, GET /api/llm/providers, GET /api/llm/health
- All endpoints gated by llm_multi_model_enabled feature flag
- Best-effort init: service works without API keys (router stays uninitialized)
- 8 new tests (routes), server test updated for 3 route modules
- 57 total tests passing, typecheck clean
- GET /auth/mfa/totp/secret — retrieve decrypted TOTP secret for auth app
- POST /auth/mfa/push/create, GET /pending, POST /:id/respond, GET /:id/status
- POST /auth/qr/create, POST /auth/qr/confirm, GET /auth/qr/:id/status
- Kotlin SDK: getTotpSecret, getPendingApprovals, respondToApproval, confirmQrLogin
- Swift SDK: getTotpSecret, getPendingApprovals, respondToApproval, confirmQrLogin
- All 53 auth tests passing
- Update kill-switch-client and feature-flag-client tests to use
expect.objectContaining for headers to handle x-request-id
- Move React Native SDK roadmap to completed/
Total: 44 client-side package tests passing
