* public-gh/master: (51 commits)
Use attachment-size limit for company logos
Address Greptile company logo feedback
Drop lockfile from PR branch
Use asset-backed company logos
fix: use appType "custom" for Vite dev server so worktree branding is applied
docs: fix documentation drift — adapters, plugins, tech stack
docs: update documentation for accuracy after plugin system launch
chore: ignore superset artifacts
Dark theme for CodeMirror code blocks in MDXEditor
Remove duplicate @paperclipai/adapter-openclaw-gateway in server/package.json
Fix code block styles with robust prose overrides
Add Docker setup for untrusted PR review in isolated containers
Fix org chart canvas height to fit viewport without scrolling
Add doc-maintenance skill for periodic documentation accuracy audits
Fix sidebar scrollbar: hide track background when not hovering
Restyle markdown code blocks: dark background, smaller font, compact padding
Add archive project button and filter archived projects from selectors
fix: address review feedback — subscription cleanup, filter nullability, stale diagram
fix: wire plugin event subscriptions from worker to host
fix(ui): hide scrollbar track background when sidebar is not hovered
...
# Conflicts:
# packages/db/src/migrations/meta/0030_snapshot.json
# packages/db/src/migrations/meta/_journal.json
* public-gh/master:
Drop lockfile from watcher change
Tighten plugin dev file watching
Fix plugin smoke example typecheck
Fix plugin dev watcher and migration snapshot
Clarify plugin authoring and external dev workflow
Expand kitchen sink plugin demos
fix: set AGENT_HOME env var for agent processes
Add kitchen sink plugin example
Simplify plugin runtime and cleanup lifecycle
Add plugin framework and settings UI
# Conflicts:
# packages/db/src/migrations/meta/0029_snapshot.json
# packages/db/src/migrations/meta/_journal.json
Resolve conflicts by keeping the issue-documents work alongside upstream heartbeat-context, worktree branding, and adapter runtime updates.
Co-Authored-By: Paperclip <noreply@paperclip.ing>
Add PAPERCLIP_ALLOWED_ATTACHMENT_TYPES env var to configure allowed
MIME types for issue attachments and asset uploads. Supports exact
types (application/pdf) and wildcard patterns (image/*, text/*).
Falls back to the existing image-only defaults when the env var is
unset, preserving backward compatibility.
- Extract shared module `attachment-types.ts` with `isAllowedContentType()`
and `matchesContentType()` (pure, testable)
- Update `routes/issues.ts` and `routes/assets.ts` to use shared module
- Add unit tests for parsing and wildcard matching
Closes#487
The parentId parameter on GET /api/companies/:companyId/issues was
silently ignored — the filter was never extracted from the query string,
never passed to the service layer, and the IssueFilters type did not
include it. All other filters (status, assigneeAgentId, projectId, etc.)
worked correctly.
This caused subtask lookups to return every issue in the company instead
of only children of the specified parent.
Changes:
- Add parentId to IssueFilters interface
- Add eq(issues.parentId, filters.parentId) condition in list()
- Extract parentId from req.query in the route handler
Fixes: LAS-101
Previously, agents were only woken when the assignee changed. Now
also wakes the assigned agent when an issue transitions out of
backlog status (e.g. backlog -> todo).
Fixes#167
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
resolveAdapterConfigForRuntime now returns a secretKeys set tracking
which env vars came from secret_ref bindings. The onAdapterMeta
callback uses this to redact them regardless of key name.
Fixes#234
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add 400 response for /issues without companyId, tag issue.updated
activity with source:comment when triggered by a comment, and mark
comment activities with updated:true when field changes accompany them.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
When a company has "require board approval for new agents" enabled,
hiring an agent creates a pending approval that requires the user
(as a board member) to approve before the agent can start working.
However, the sidebar inbox badge did not include pending approvals
in its count, so there was no visual indicator that action was needed.
Users had no way of knowing an approval was waiting unless they
happened to open the Inbox page manually.
The root cause: the sidebar-badges service correctly included
approvals in the inbox total, but the route handler overwrites
badges.inbox to add alertsCount and staleIssueCount — and in
doing so dropped badges.approvals from the sum.
Add badges.approvals to the inbox count recalculation so that
pending and revision-requested approvals surface in the sidebar
notification badge alongside failed runs, alerts, stale work,
and join requests.
Affected files:
- server/src/routes/sidebar-badges.ts
