f7aa1db27e
feat: add direct CLI integration for gateway-free tool connections
...
- Add migration 016 for direct_connections table
- Add POST/GET/DELETE /api/connect for CLI tool registration
- Enhance heartbeat POST to accept connection_id and inline token_usage
- Add connectSchema to validation
- Add connection.created/disconnected event types to event bus
- Show direct CLI connections in gateway manager panel
- Add 5 E2E tests for connection lifecycle
- Add CLI integration documentation (docs/cli-integration.md)
- Fix openapi.json brace mismatch on line 642 (Phase 2 bug)
- Add /api/connect endpoints to OpenAPI spec
2026-03-02 11:45:12 +07:00
4c7b3257d6
feat: add OpenAPI 3.1 documentation with Scalar UI
...
- Add openapi.json spec covering all 59 API routes (~95 operations)
- Serve spec at GET /api/docs (no auth required, cached)
- Add interactive Scalar API reference UI at /docs
- Allow unauthenticated access to /api/docs and /docs in middleware
- Add @scalar/api-reference-react dependency
- Add 3 E2E tests for spec validation and auth bypass
2026-03-02 11:03:16 +07:00
98da58a8ba
feat: add per-agent cost breakdown panel
...
- Add `agents` field to tokens action=stats response (groups by agent
extracted from sessionId split on ':')
- Add new action=agent-costs returning per-agent stats, model breakdown,
session list, and daily cost/token timeline
- New AgentCostPanel with summary cards, pie chart, trend lines,
efficiency bars, and expandable ranking table
- Add nav-rail entry in OBSERVE group after Tokens
- Add ContentRouter case for agent-costs tab
- Add 5 E2E tests for the new API endpoints
2026-03-02 10:46:13 +07:00
45ad4a488b
test: add 94 E2E tests covering all CRUD routes + fix middleware location
...
Add comprehensive Playwright E2E test coverage for all major API routes:
- tasks-crud (18 tests): full lifecycle, filters, Aegis approval gate
- agents-crud (15 tests): CRUD, lookup by name/id, admin-only delete
- task-comments (7 tests): threaded comments, validation
- workflows-crud (8 tests): workflow template lifecycle
- webhooks-crud (9 tests): secret masking, regeneration
- alerts-crud (8 tests): alert rule lifecycle
- notifications (7 tests): delivery tracking, read status
- quality-review (6 tests): reviews with batch lookup
- search-and-export (7 tests): global search, export, activities
- user-management (8 tests): user admin CRUD
- helpers.ts: shared factory functions and cleanup utilities
Infrastructure fixes:
- Move middleware.ts to src/middleware.ts (Next.js 16 Turbopack
requires middleware in src/ when using src/app/ directory — the
root-level file was silently ignored, breaking CSRF protection)
- Add MC_DISABLE_RATE_LIMIT env var to bypass non-critical rate
limiters during E2E runs (login limiter stays active via critical flag)
- Fix limit-caps test: /api/activities caps at 500, not 200
- Set playwright workers=1, fullyParallel=false for serial execution
- Add CSRF origin fallback to request.nextUrl.host
Roadmap additions from user feedback:
- Agent-agnostic gateway support (not just OpenClaw)
- Direct CLI integration (Codex, Claude Code, etc.)
- Native macOS app (Electron or Tauri)
146/146 E2E tests passing (up from 51).
2026-03-02 02:21:10 +07:00
8de9e0b5c3
test: add 52 Playwright E2E tests covering all critical fixes
...
8 test suites verifying:
- Auth guards on 19 GET endpoints (Issue #4 )
- Timing-safe API key comparison (Issue #5 )
- Legacy cookie auth removal (Issue #7 )
- Login rate limiting (Issue #8 )
- CSRF Origin header validation (Issue #20 )
- DELETE body standardization (Issue #18 )
- Query limit caps at 200 (Issue #19 )
- Login flow and session lifecycle
Also fixes migration 013 crash on fresh DB when gateways table
doesn't exist (created lazily by gateways API, not in migrations).
2026-02-27 15:38:49 +07:00
99815d20b3
feat: initial open-source release
...
OpenClaw Mission Control — agent orchestration dashboard.
Built with Next.js 16, React 19, TypeScript, SQLite, and Tailwind CSS.
MIT License.
2026-02-23 02:00:44 +07:00
Nyk