audit-repo-health.md:
- All 9 steps now read from repos.txt dynamically
- Repos without relevant files (package.json, .dockerignore, etc.) are skipped
- No more manual maintenance when repos are added/removed
verify-all-backends.md:
- Remove duplicate learning_ai_notes entry
- Add learning_ai_efforise backend
- Add learning_ai_efforise client + learning_ai_local_llms dashboard to web checks
gitea-ci.md:
- Steps 3+4 read from repos.txt, skip repos without gitea remote
- Handle oss/ subdirectory repos via basename for Gitea API
- /docker-smoke-test: prep, build, verify all Dockerfiles in a repo
- /audit-repo-health: cross-repo pnpm/Docker/config consistency audit
- /verify-all-backends: quick local typecheck+test+build (complement to /gitea-ci)
Review findings and fixes:
- Fix subscription routes use :userId not :id
- Fix GET /plans returns { plans: [...] } wrapper
- Fix org routes require admin-only JWT role
- Flag missing POST /referrals/apply endpoint
- Flag missing POST /subscriptions/restore endpoint
- Expand org-client and marketplace-client with full API signatures
- Add x-product-id header requirement
- Add NomGap Migration Plan
- Add Known Backend Gaps appendix
- Add /implement-shared-packages workflow
- Enterprise SAML/OIDC callbacks used raw 'sso_xxx' string as passwordHash
which would crash bcrypt.compare(). Now uses userRepo.hashPassword(randomUUID())
- Added updateLastLogin() for existing enterprise SSO users
- Upgraded bcrypt cost factor from 10 to 12 per PRD spec
- All 53 auth tests passing
- GET /auth/mfa/totp/secret — retrieve decrypted TOTP secret for auth app
- POST /auth/mfa/push/create, GET /pending, POST /:id/respond, GET /:id/status
- POST /auth/qr/create, POST /auth/qr/confirm, GET /auth/qr/:id/status
- Kotlin SDK: getTotpSecret, getPendingApprovals, respondToApproval, confirmQrLogin
- Swift SDK: getTotpSecret, getPendingApprovals, respondToApproval, confirmQrLogin
- All 53 auth tests passing
- Create repos.txt as single source of truth for all 7 workspace repos
- Update all repo-management workflows to source from repos.txt:
- repo_sync-repos, repo_push-repos, repo_backup-and-push
- repo_backup-main-branch, repo_commit-workspace
Benefits:
- One file to update when adding/removing repos
- Consistent repo list across all workflows
- Scripts can read repos.txt for automation
- refresh.sh: idempotent script, auto-discovers repos, updates symlinks + copies docs/workflows
- launchd plist: scheduled daily at 11 PM + on login
- /refresh-chat-history workflow for on-demand Cascade runs
- README updated with auto-refresh docs and full data inventory
- Repo docs and workflows refreshed from all 4 repos
- backup-main.sh: no longer pushes unpushed main commits, removed Main Push column
- commit-workspace.sh: removed push_repo function, local commits only
- repo_commit-workspace.md: updated docs to reflect no-push behavior
- Create Backup Main Branch skill with comprehensive documentation
- Add Windsurf workflow for easy access
- Implement bash script with multi-repo support
- Smart detection to avoid duplicate backups
- Automatic cleanup of old backups (keeps 7 days)
- Color-coded output for better visibility
- Always returns to main branch after backup
