Jesús Pérez
|
847523e4d4
|
fix: eliminate stub implementations across 6 integration points
Documentation Lint & Validation / Markdown Linting (push) Has been cancelled
Documentation Lint & Validation / Validate mdBook Configuration (push) Has been cancelled
Documentation Lint & Validation / Content & Structure Validation (push) Has been cancelled
mdBook Build & Deploy / Build mdBook (push) Has been cancelled
Rust CI / Security Audit (push) Has been cancelled
Rust CI / Check + Test + Lint (nightly) (push) Has been cancelled
Rust CI / Check + Test + Lint (stable) (push) Has been cancelled
Documentation Lint & Validation / Lint & Validation Summary (push) Has been cancelled
mdBook Build & Deploy / Documentation Quality Check (push) Has been cancelled
mdBook Build & Deploy / Deploy to GitHub Pages (push) Has been cancelled
mdBook Build & Deploy / Notification (push) Has been cancelled
- WorkflowOrchestrator and WorkflowService wired in main.rs (non-fatal)
- try_fallback_with_budget actually calls fallback providers
- vapora-tracking persistence: real TrackingEntry + NatsPublisher
- vapora-doc-lifecycle: workspace + classify/consolidate/rag/NATS stubs
- Merkle hash chain audit trail (tamper-evident, verify_integrity)
- /api/v1/workflows/* routes operational; get_workflow_audit Result fix
- ADR-0039, CHANGELOG, workflow-orchestrator docs updated
|
2026-02-27 00:00:02 +00:00 |
|
Jesús Pérez
|
e5e2244e04
|
feat(security): add SSRF protection and prompt injection scanning
Documentation Lint & Validation / Markdown Linting (push) Has been cancelled
Documentation Lint & Validation / Validate mdBook Configuration (push) Has been cancelled
Documentation Lint & Validation / Content & Structure Validation (push) Has been cancelled
Documentation Lint & Validation / Lint & Validation Summary (push) Has been cancelled
mdBook Build & Deploy / Build mdBook (push) Has been cancelled
mdBook Build & Deploy / Documentation Quality Check (push) Has been cancelled
mdBook Build & Deploy / Deploy to GitHub Pages (push) Has been cancelled
mdBook Build & Deploy / Notification (push) Has been cancelled
Rust CI / Security Audit (push) Has been cancelled
Rust CI / Check + Test + Lint (nightly) (push) Has been cancelled
Rust CI / Check + Test + Lint (stable) (push) Has been cancelled
- Add security module (ssrf.rs, prompt_injection.rs) to vapora-backend
- Block RFC 1918, link-local, cloud metadata URLs before channel registration
- Scan 60+ injection patterns on RLM (load/query/analyze) and task endpoints
- Fix channel SSRF: filter-before-register instead of warn-and-proceed
- Add sanitize() to load_document (was missing, only analyze_document had it)
- Return 400 Bad Request (not 500) for all security rejections
- Add 11 integration tests via Surreal::init() — no external deps required
- Document in ADR-0038, CHANGELOG, and docs/adrs/README.md
|
2026-02-26 18:20:07 +00:00 |
|
Jesús Pérez
|
27a290b369
|
feat(kg,channels): hybrid search + agent-inactive notifications
- KG: HNSW + BM25 + RRF(k=60) hybrid search via SurrealDB 3 native indexes
- Fix schema bug: kg_executions missing agent_role/provider/cost_cents (silent empty reads)
- channels: on_agent_inactive hook (AgentStatus::Inactive → Message::error)
- migration 012: adds missing fields + HNSW + BM25 indexes
- docs: ADR-0036, update ADR-0035 + notification-channels feature doc
|
2026-02-26 15:32:44 +00:00 |
|
Jesús Pérez
|
027b8f2836
|
feat(channels): webhook notification channels with built-in secret resolution
Documentation Lint & Validation / Markdown Linting (push) Has been cancelled
Documentation Lint & Validation / Validate mdBook Configuration (push) Has been cancelled
Documentation Lint & Validation / Content & Structure Validation (push) Has been cancelled
Documentation Lint & Validation / Lint & Validation Summary (push) Has been cancelled
mdBook Build & Deploy / Build mdBook (push) Has been cancelled
mdBook Build & Deploy / Documentation Quality Check (push) Has been cancelled
mdBook Build & Deploy / Deploy to GitHub Pages (push) Has been cancelled
mdBook Build & Deploy / Notification (push) Has been cancelled
Rust CI / Security Audit (push) Has been cancelled
Rust CI / Check + Test + Lint (nightly) (push) Has been cancelled
Rust CI / Check + Test + Lint (stable) (push) Has been cancelled
Add vapora-channels crate with trait-based Slack/Discord/Telegram webhook
delivery. ${VAR}/${VAR:-default} interpolation is mandatory inside
ChannelRegistry::from_config — callers cannot bypass secret resolution.
Fire-and-forget dispatch via tokio::spawn in both vapora-workflow-engine
(four lifecycle events) and vapora-backend (task Done, proposal approve/reject).
New REST endpoints: GET /channels, POST /channels/:name/test.
dispatch_notifications extracted as pub(crate) fn for inline testability;
5 handler tests + 6 workflow engine tests + 7 secret resolution unit tests.
Closes: vapora-channels bootstrap, notification gap in workflow/backend layer
ADR: docs/adrs/0035-notification-channels.md
|
2026-02-26 14:49:34 +00:00 |
|
Jesús Pérez
|
b9e2cee9f7
|
feat(workflow-engine): add saga, persistence, auth, and NATS-integrated orchestrator hardening
Documentation Lint & Validation / Markdown Linting (push) Has been cancelled
Documentation Lint & Validation / Validate mdBook Configuration (push) Has been cancelled
Documentation Lint & Validation / Content & Structure Validation (push) Has been cancelled
mdBook Build & Deploy / Build mdBook (push) Has been cancelled
Rust CI / Security Audit (push) Has been cancelled
Rust CI / Check + Test + Lint (nightly) (push) Has been cancelled
Rust CI / Check + Test + Lint (stable) (push) Has been cancelled
Documentation Lint & Validation / Lint & Validation Summary (push) Has been cancelled
mdBook Build & Deploy / Documentation Quality Check (push) Has been cancelled
mdBook Build & Deploy / Deploy to GitHub Pages (push) Has been cancelled
mdBook Build & Deploy / Notification (push) Has been cancelled
Key changes driving this: new saga.rs, persistence.rs, auth.rs in workflow-engine; SurrealDB migration 009_workflow_state.surql; backend
services refactored; frontend dist built; ADR-0033 documenting the hardening decision.
|
2026-02-22 21:44:42 +00:00 |
|
Jesús Pérez
|
0b78d97fd7
|
chore: update adrs
Rust CI / Security Audit (push) Has been cancelled
Rust CI / Check + Test + Lint (nightly) (push) Has been cancelled
Rust CI / Check + Test + Lint (stable) (push) Has been cancelled
Documentation Lint & Validation / Markdown Linting (push) Has been cancelled
Documentation Lint & Validation / Validate mdBook Configuration (push) Has been cancelled
Documentation Lint & Validation / Content & Structure Validation (push) Has been cancelled
Documentation Lint & Validation / Lint & Validation Summary (push) Has been cancelled
mdBook Build & Deploy / Build mdBook (push) Has been cancelled
mdBook Build & Deploy / Documentation Quality Check (push) Has been cancelled
mdBook Build & Deploy / Deploy to GitHub Pages (push) Has been cancelled
mdBook Build & Deploy / Notification (push) Has been cancelled
|
2026-02-17 13:18:12 +00:00 |
|
Jesús Pérez
|
7110ffeea2
|
chore: extend doc: adr, tutorials, operations, etc
Rust CI / Security Audit (push) Has been cancelled
Rust CI / Check + Test + Lint (nightly) (push) Has been cancelled
Rust CI / Check + Test + Lint (stable) (push) Has been cancelled
|
2026-01-12 03:32:47 +00:00 |
|
