Jesús Pérez
|
e5e2244e04
|
feat(security): add SSRF protection and prompt injection scanning
Documentation Lint & Validation / Markdown Linting (push) Has been cancelled
Documentation Lint & Validation / Validate mdBook Configuration (push) Has been cancelled
Documentation Lint & Validation / Content & Structure Validation (push) Has been cancelled
Documentation Lint & Validation / Lint & Validation Summary (push) Has been cancelled
mdBook Build & Deploy / Build mdBook (push) Has been cancelled
mdBook Build & Deploy / Documentation Quality Check (push) Has been cancelled
mdBook Build & Deploy / Deploy to GitHub Pages (push) Has been cancelled
mdBook Build & Deploy / Notification (push) Has been cancelled
Rust CI / Security Audit (push) Has been cancelled
Rust CI / Check + Test + Lint (nightly) (push) Has been cancelled
Rust CI / Check + Test + Lint (stable) (push) Has been cancelled
- Add security module (ssrf.rs, prompt_injection.rs) to vapora-backend
- Block RFC 1918, link-local, cloud metadata URLs before channel registration
- Scan 60+ injection patterns on RLM (load/query/analyze) and task endpoints
- Fix channel SSRF: filter-before-register instead of warn-and-proceed
- Add sanitize() to load_document (was missing, only analyze_document had it)
- Return 400 Bad Request (not 500) for all security rejections
- Add 11 integration tests via Surreal::init() — no external deps required
- Document in ADR-0038, CHANGELOG, and docs/adrs/README.md
|
2026-02-26 18:20:07 +00:00 |
|
Jesús Pérez
|
765841b18f
|
feat(capabilities): add vapora-capabilities crate with in-process executor dispatch
Documentation Lint & Validation / Markdown Linting (push) Has been cancelled
Documentation Lint & Validation / Validate mdBook Configuration (push) Has been cancelled
Documentation Lint & Validation / Content & Structure Validation (push) Has been cancelled
Documentation Lint & Validation / Lint & Validation Summary (push) Has been cancelled
mdBook Build & Deploy / Build mdBook (push) Has been cancelled
mdBook Build & Deploy / Documentation Quality Check (push) Has been cancelled
mdBook Build & Deploy / Deploy to GitHub Pages (push) Has been cancelled
mdBook Build & Deploy / Notification (push) Has been cancelled
Rust CI / Security Audit (push) Has been cancelled
Rust CI / Check + Test + Lint (nightly) (push) Has been cancelled
Rust CI / Check + Test + Lint (stable) (push) Has been cancelled
- New vapora-capabilities crate: CapabilitySpec, Capability trait, CapabilityRegistry
(parking_lot RwLock), CapabilityLoader (TOML overrides), 3 built-ins
(code-reviewer, doc-generator, pr-monitor), 22 tests
- Move AgentDefinition to vapora-shared to break capabilities↔agents circular dep
- Wire system_prompt into AgentExecutor via LLMRouter.complete_with_budget
- AgentCoordinator: in-process task dispatch via DashMap<String, Sender<TaskAssignment>>
- server.rs: bootstrap CapabilityRegistry + LLMRouter from env, spawn executors per capability
- Landing page: 620 tests, 21 crates, Capability Packages feature box
- docs: capability-packages feature guide, ADR-0037, CHANGELOG, SUMMARY
EOF
|
2026-02-26 16:43:28 +00:00 |
|
Jesús Pérez
|
27a290b369
|
feat(kg,channels): hybrid search + agent-inactive notifications
- KG: HNSW + BM25 + RRF(k=60) hybrid search via SurrealDB 3 native indexes
- Fix schema bug: kg_executions missing agent_role/provider/cost_cents (silent empty reads)
- channels: on_agent_inactive hook (AgentStatus::Inactive → Message::error)
- migration 012: adds missing fields + HNSW + BM25 indexes
- docs: ADR-0036, update ADR-0035 + notification-channels feature doc
|
2026-02-26 15:32:44 +00:00 |
|
Jesús Pérez
|
027b8f2836
|
feat(channels): webhook notification channels with built-in secret resolution
Documentation Lint & Validation / Markdown Linting (push) Has been cancelled
Documentation Lint & Validation / Validate mdBook Configuration (push) Has been cancelled
Documentation Lint & Validation / Content & Structure Validation (push) Has been cancelled
Documentation Lint & Validation / Lint & Validation Summary (push) Has been cancelled
mdBook Build & Deploy / Build mdBook (push) Has been cancelled
mdBook Build & Deploy / Documentation Quality Check (push) Has been cancelled
mdBook Build & Deploy / Deploy to GitHub Pages (push) Has been cancelled
mdBook Build & Deploy / Notification (push) Has been cancelled
Rust CI / Security Audit (push) Has been cancelled
Rust CI / Check + Test + Lint (nightly) (push) Has been cancelled
Rust CI / Check + Test + Lint (stable) (push) Has been cancelled
Add vapora-channels crate with trait-based Slack/Discord/Telegram webhook
delivery. ${VAR}/${VAR:-default} interpolation is mandatory inside
ChannelRegistry::from_config — callers cannot bypass secret resolution.
Fire-and-forget dispatch via tokio::spawn in both vapora-workflow-engine
(four lifecycle events) and vapora-backend (task Done, proposal approve/reject).
New REST endpoints: GET /channels, POST /channels/:name/test.
dispatch_notifications extracted as pub(crate) fn for inline testability;
5 handler tests + 6 workflow engine tests + 7 secret resolution unit tests.
Closes: vapora-channels bootstrap, notification gap in workflow/backend layer
ADR: docs/adrs/0035-notification-channels.md
|
2026-02-26 14:49:34 +00:00 |
|
Jesús Pérez
|
bb55c80d2b
|
feat(workflow-engine): autonomous scheduling with timezone and distributed lock
Add cron-based autonomous workflow firing with two hardening layers:
- Timezone-aware scheduling via chrono-tz: ScheduledWorkflow.timezone
(IANA identifier), compute_next_fire_at/after_tz, validate_timezone;
DST-safe, UTC fallback when absent; validated at config load and REST API
- Distributed fire-lock via SurrealDB conditional UPDATE (locked_by/locked_at
fields, 120 s TTL); WorkflowScheduler gains instance_id (UUID) as lock owner;
prevents double-fires across multi-instance deployments without extra infra
- ScheduleStore: try_acquire_fire_lock, release_fire_lock (own-instance guard),
full CRUD (load_one/all, full_upsert, patch, delete, load_runs)
- REST: 7 endpoints (GET/PUT/PATCH/DELETE schedules, runs history, manual fire)
with timezone field in all request/response types
- Migrations 010 (schedule tables) + 011 (timezone + lock columns)
- Tests: 48 passing (was 26); ADR-0034; changelog; feature docs updated
|
2026-02-26 11:34:44 +00:00 |
|
Jesús Pérez
|
b9e2cee9f7
|
feat(workflow-engine): add saga, persistence, auth, and NATS-integrated orchestrator hardening
Documentation Lint & Validation / Markdown Linting (push) Has been cancelled
Documentation Lint & Validation / Validate mdBook Configuration (push) Has been cancelled
Documentation Lint & Validation / Content & Structure Validation (push) Has been cancelled
mdBook Build & Deploy / Build mdBook (push) Has been cancelled
Rust CI / Security Audit (push) Has been cancelled
Rust CI / Check + Test + Lint (nightly) (push) Has been cancelled
Rust CI / Check + Test + Lint (stable) (push) Has been cancelled
Documentation Lint & Validation / Lint & Validation Summary (push) Has been cancelled
mdBook Build & Deploy / Documentation Quality Check (push) Has been cancelled
mdBook Build & Deploy / Deploy to GitHub Pages (push) Has been cancelled
mdBook Build & Deploy / Notification (push) Has been cancelled
Key changes driving this: new saga.rs, persistence.rs, auth.rs in workflow-engine; SurrealDB migration 009_workflow_state.surql; backend
services refactored; frontend dist built; ADR-0033 documenting the hardening decision.
|
2026-02-22 21:44:42 +00:00 |
|
Jesús Pérez
|
0b78d97fd7
|
chore: update adrs
Rust CI / Security Audit (push) Has been cancelled
Rust CI / Check + Test + Lint (nightly) (push) Has been cancelled
Rust CI / Check + Test + Lint (stable) (push) Has been cancelled
Documentation Lint & Validation / Markdown Linting (push) Has been cancelled
Documentation Lint & Validation / Validate mdBook Configuration (push) Has been cancelled
Documentation Lint & Validation / Content & Structure Validation (push) Has been cancelled
Documentation Lint & Validation / Lint & Validation Summary (push) Has been cancelled
mdBook Build & Deploy / Build mdBook (push) Has been cancelled
mdBook Build & Deploy / Documentation Quality Check (push) Has been cancelled
mdBook Build & Deploy / Deploy to GitHub Pages (push) Has been cancelled
mdBook Build & Deploy / Notification (push) Has been cancelled
|
2026-02-17 13:18:12 +00:00 |
|
Jesús Pérez
|
cc55b97678
|
chore: update README and CHANGELOG with workflow orchestrator features
Documentation Lint & Validation / Markdown Linting (push) Has been cancelled
Documentation Lint & Validation / Validate mdBook Configuration (push) Has been cancelled
Documentation Lint & Validation / Content & Structure Validation (push) Has been cancelled
Documentation Lint & Validation / Lint & Validation Summary (push) Has been cancelled
mdBook Build & Deploy / Build mdBook (push) Has been cancelled
mdBook Build & Deploy / Documentation Quality Check (push) Has been cancelled
mdBook Build & Deploy / Deploy to GitHub Pages (push) Has been cancelled
mdBook Build & Deploy / Notification (push) Has been cancelled
Rust CI / Security Audit (push) Has been cancelled
Rust CI / Check + Test + Lint (nightly) (push) Has been cancelled
Rust CI / Check + Test + Lint (stable) (push) Has been cancelled
Nickel Type Check / Nickel Type Checking (push) Has been cancelled
|
2026-01-24 02:07:45 +00:00 |
|
Jesús Pérez
|
7110ffeea2
|
chore: extend doc: adr, tutorials, operations, etc
Rust CI / Security Audit (push) Has been cancelled
Rust CI / Check + Test + Lint (nightly) (push) Has been cancelled
Rust CI / Check + Test + Lint (stable) (push) Has been cancelled
|
2026-01-12 03:32:47 +00:00 |
|
