johan
/
mission-control
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
283 Commits 1 Branch 0 Tags 12 MiB
Commit Graph

17 Commits

Author SHA1 Message Date
Nyk 5c873a0d2c fix(openapi): add GET /api/frameworks to spec 
Fixes API contract parity check in CI.
 2026-03-21 22:35:41 +07:00
Nyk a7ef6a0de5 fix(openapi): complete parity burn-down — 0 ignored entries remaining 
Add OpenAPI specs for all 56 previously-ignored API operations:

Methods added to existing paths (15):
- backup (GET, DELETE), agents/sync, cleanup, integrations (PUT, DELETE),
  logs (POST), memory (DELETE), notifications (PUT, DELETE, deliver),
  pipelines/run, spawn, standup, super/provision-jobs/{id}

New paths (41 operations across 28 paths):
- agents/evals, agents/optimize, channels, claude-tasks, gateways/discover,
  gateways/health/history, github/sync, gnap, hermes (+ memory, tasks),
  index, local/agents-doc, local/flight-deck, local/terminal,
  memory/context, memory/graph, memory/health, memory/links, memory/process,
  nodes, projects/{id}/agents, schedule-parse, security-audit, security-scan
  (+ agent, fix), super/os-users, system-monitor, auth/google/disconnect,
  releases/update

Parity ignore list is now empty (was 66 entries at branch start).
Route coverage: 240/241 (only untracked GET /api/frameworks remains).
 2026-03-21 21:58:29 +07:00
Nyk 7994aa6c6c fix(openapi): burn down 7 parity mismatches (66 → 59 ignored) 
Add OpenAPI specs for 7 routes that the CLI/MCP server depend on:

- DELETE /api/agents/{id}/memory — agent memory clear
- GET /api/tokens/by-agent — per-agent cost breakdown
- POST /api/tokens/rotate — API key rotation
- POST /api/agents/register — agent self-registration
- PATCH /api/auth/me — self-service profile update
- GET /api/tasks/outcomes — task outcome analytics
- GET /api/tasks/regression — regression comparison metrics

Remove corresponding entries from the parity ignore list.
 2026-03-21 21:35:27 +07:00
Nyk 7b104952cc chore(api): tranche C parity burn-down and CLI integration scaffolding 2026-03-20 23:53:02 +07:00
HonzysClawdbot a86e939072
fix(session-cookie): migrate to __Host- prefix for secure contexts (#294) 
* fix(session-cookie): migrate to __Host- prefix for secure contexts

- Update session-cookie.ts to use __Host-mc-session for HTTPS requests
- Add LEGACY_MC_SESSION_COOKIE_NAME for backward compatibility with HTTP
- Add parseMcSessionCookieHeader() to parse both cookie names
- Add isRequestSecure() helper to detect HTTPS requests
- Update cookie options to enforce Secure, HttpOnly, SameSite=Strict
- Update all call sites (login, logout, google, me, proxy, auth)
- Update e2e tests to support both cookie names
- Update documentation (README.md, SKILL.md, openapi.json)

This addresses the high-priority TODO about migrating to the __Host- prefix
for enhanced security. The __Host- prefix enforces Secure + Path=/ and
prevents subdomain attacks. Legacy mc-session is still supported for HTTP
contexts.

* fix(tests): keep login-flow cookie name aligned with response

- remove unreachable nullish expression in session cookie secure flag

- use returned cookie pair in login-flow spec instead of forcing __Host- prefix

---------

Co-authored-by: Nyk <0xnykcd@googlemail.com>
 2026-03-12 12:32:53 +07:00
nyk e948a1399b
Merge pull request #204 from builderz-labs/fix/188-task-queue 
feat(tasks): add queue polling endpoint for agent pickup
 2026-03-05 13:35:44 +07:00
Nyk c0cf678c4d fix(gateway): use stored token for websocket connect payload 2026-03-05 13:31:37 +07:00
Nyk c024731764 feat(tasks): add agent queue polling endpoint 2026-03-05 13:22:12 +07:00
Nyk 6d7b20b33b chore: resolve merge conflict with main for PR #178 2026-03-05 12:50:30 +07:00
Nyk ee175597be chore: resolve merge conflict with main for PR #180 2026-03-05 12:41:02 +07:00
Nyk 2f2d380b3b fix(agents): enforce attribution scope and add e2e coverage 2026-03-05 12:39:53 +07:00
Nyk 4296943e05 fix(workload): harden signal recommendations and add route e2e coverage 2026-03-05 12:35:01 +07:00
Nyk a63ec39d3b chore: resolve merge conflict with main for PR #177 2026-03-05 12:27:51 +07:00
Nyk 0f8f0a87e4 fix(agents): enforce diagnostics self-scope and validation 2026-03-05 12:12:32 +07:00
Bhavik Patel 3ef4c5a83a
feat: expand OpenAPI spec coverage and docs metadata 
- Add 11 missing API routes to openapi.json (70 total paths now)
  - /api/docs, /api/mentions, /api/projects, /api/projects/{id},
    /api/projects/{id}/tasks, /api/quality-review, /api/claude/sessions,
    /api/github, /api/releases/check, /api/webhooks/retry,
    /api/webhooks/verify-docs
- Add 5 new tags: Projects, Mentions, Quality, Releases, Docs
- Add Project schema to components
- Bump spec version to 1.3.0
- Sort all paths alphabetically for consistency
- Interactive Scalar docs page already at /docs (unchanged)

Fixes #158
 2026-03-05 10:58:51 +07:00
Nyk f7aa1db27e feat: add direct CLI integration for gateway-free tool connections 
- Add migration 016 for direct_connections table
- Add POST/GET/DELETE /api/connect for CLI tool registration
- Enhance heartbeat POST to accept connection_id and inline token_usage
- Add connectSchema to validation
- Add connection.created/disconnected event types to event bus
- Show direct CLI connections in gateway manager panel
- Add 5 E2E tests for connection lifecycle
- Add CLI integration documentation (docs/cli-integration.md)
- Fix openapi.json brace mismatch on line 642 (Phase 2 bug)
- Add /api/connect endpoints to OpenAPI spec
 2026-03-02 11:45:12 +07:00
Nyk 4c7b3257d6 feat: add OpenAPI 3.1 documentation with Scalar UI 
- Add openapi.json spec covering all 59 API routes (~95 operations)
- Serve spec at GET /api/docs (no auth required, cached)
- Add interactive Scalar API reference UI at /docs
- Allow unauthenticated access to /api/docs and /docs in middleware
- Add @scalar/api-reference-react dependency
- Add 3 E2E tests for spec validation and auth bypass
 2026-03-02 11:03:16 +07:00