Nicolas Cantu
58cc2493e5
Initial state: - ia_dev was historically referenced as ./ia_dev in docs and integrations, while the vendored module lives under services/ia_dev. - AnythingLLM sync and hook installation had error masking / weak exit signaling. - Proxy layers did not validate proxy path segments, allowing path normalization tricks. Motivation: - Make the IDE-oriented workflow usable (sync -> act -> deploy/preview) with explicit errors. - Reduce security footguns in proxying and script automation. Resolution: - Standardize IA_DEV_ROOT usage and documentation to services/ia_dev. - Add SSH remote data mirroring + optional AnythingLLM ingestion. - Extend AnythingLLM pull sync to support upload-all/prefix and fail on upload errors. - Harden smart-ide-sso-gateway and smart-ide-global-api proxying with safe-path checks and non-leaking error responses. - Improve ia-dev-gateway runner validation and reduce sensitive path leakage. - Add site scaffold tool (Vite/React) with OIDC + chat via sso-gateway -> orchestrator. Root cause: - Historical layout changes (submodule -> vendored tree) and missing central contracts for path resolution. - Missing validation for proxy path traversal patterns. - Overuse of silent fallbacks (|| true, exit 0 on partial failures) in automation scripts. Impacted features: - Project sync: git pull + AnythingLLM sync + remote data mirror ingestion. - Site frontends: SSO gateway proxy and orchestrator intents (rag.query, chat.local). - Agent execution: ia-dev-gateway script runner and SSE output. Code modified: - scripts/remote-data-ssh-sync.sh - scripts/anythingllm-pull-sync/sync.mjs - scripts/install-anythingllm-post-merge-hook.sh - cron/git-pull-project-clones.sh - services/smart-ide-sso-gateway/src/server.ts - services/smart-ide-global-api/src/server.ts - services/smart-ide-orchestrator/src/server.ts - services/ia-dev-gateway/src/server.ts - services/ia_dev/tools/site-generate.sh Documentation modified: - docs/** (architecture, API docs, ia_dev module + integration, scripts) Configurations modified: - config/services.local.env.example - services/*/.env.example Files in deploy modified: - services/ia_dev/deploy/* Files in logs impacted: - logs/ia_dev.log (runtime only) - .logs/* (runtime only) Databases and other sources modified: - None Off-project modifications: - None Files in .smartIde modified: - .smartIde/agents/*.md - services/ia_dev/.smartIde/** Files in .secrets modified: - None New patch version in VERSION: - 0.0.5 CHANGELOG.md updated: - yes
48 lines
1.1 KiB
Plaintext
48 lines
1.1 KiB
Plaintext
# <type>: <subject>
|
|
#
|
|
# Brief description of the change (50 chars max recommended)
|
|
#
|
|
# Author: 4NK or Nicolas Cantu only. Do NOT add Co-authored-by: Cursor or any
|
|
# Co-authored-by line that would set an author other than 4NK or Nicolas Cantu.
|
|
|
|
**Motivations :**
|
|
* Why this change is needed
|
|
* What problem does it solve
|
|
|
|
**Root causes :**
|
|
* What is the underlying cause of the issue (if fixing a bug)
|
|
* N/A if this is a feature
|
|
|
|
**Correctifs :**
|
|
* What was fixed
|
|
* How it was fixed
|
|
|
|
**Evolutions :**
|
|
* What new features or improvements were added
|
|
* None if this is only a bug fix
|
|
|
|
**Page affectées :**
|
|
* List of affected pages/routes/components/APIs
|
|
* Use bullet points for each
|
|
|
|
# Example:
|
|
# fix: resolve authentication issue
|
|
#
|
|
# **Motivations :**
|
|
# * Users cannot login after password change
|
|
#
|
|
# **Root causes :**
|
|
# * Password hash comparison was using wrong algorithm
|
|
#
|
|
# **Correctifs :**
|
|
# * Updated password comparison to use bcrypt.compare correctly
|
|
# * Added proper error handling
|
|
#
|
|
# **Evolutions :**
|
|
# * None
|
|
#
|
|
# **Page affectées :**
|
|
# * /api/auth/login
|
|
# * /login page
|
|
#
|