On macOS, `initdb` defaults to SQL_ASCII encoding because it infers
locale from the system environment. When `ensurePostgresDatabase()`
creates a database without specifying encoding, the new database
inherits SQL_ASCII from the cluster. This causes string functions like
`left()` to operate on bytes instead of characters, producing invalid
UTF-8 when multi-byte characters are truncated.
Two-part fix:
1. Pass `--encoding=UTF8 --locale=C` via `initdbFlags` to all
EmbeddedPostgres constructors so the cluster defaults to UTF-8.
2. Explicitly set `encoding 'UTF8'` in the CREATE DATABASE statement
with `template template0` (required because template1 may already
have a different encoding) and `C` locale for portability.
Existing databases created with SQL_ASCII are NOT automatically fixed;
users must delete their local `data/db` directory and restart to
re-initialize the cluster.
Relates to #636
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The local migrationsFolder variable in migratePostgresIfEmpty duplicated
the module-level MIGRATIONS_FOLDER constant. Reuse the constant to keep
a single source of truth for the migration path.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
URL.pathname returns /C:/... on Windows, causing doubled drive letters
when Node prepends the current drive. fileURLToPath handles this
correctly across platforms.
Fixes#132
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* public-gh/master:
fix(ui): wrap failed run card actions on mobile
feat(codex): add gpt-5.4 to codex_local model list
persist paperclip data in a named volume
add support to `cursor` and `opencode` in containerized instances
force `@types/node@24` in the server
Add artifact-check to fail fast on broken builds
remove an insecure default auth secret
expose `PAPERCLIP_ALLOWED_HOSTNAMES` in compose files
wait for a health db
update lock file
update typing to node v24 from v20
add missing `openclaw` adapter from deps stage
fix incorrect pkg scope
update docker base image
move docker into `authenticated` deployment mode
- db build now copies src/migrations/ to dist/migrations/ after tsc,
so SQL + meta JSON files are included in the published package.
Without this, `import("@paperclipai/server")` fails at runtime with
ENOENT when scanning for migration files.
- CLI's importServerEntry() now distinguishes between "module not found"
and "server crashed during startup" for clearer error messages.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Migrate from single-bundle CLI publishing to publishing all @paperclipai/*
packages individually via Changesets. This fixes the "Cannot find package
@paperclipai/server" error when installing from npm.
Changes:
- Add @changesets/cli with fixed versioning (all packages share version)
- Make 7 packages publishable (shared, adapter-utils, db, 3 adapters, server)
- Add build scripts, publishConfig, and files fields to all packages
- Mark @paperclipai/server as external in CLI esbuild config
- Simplify CLI importServerEntry() to use string-literal dynamic import
- Add generate-npm-package-json support for external workspace packages
- Create scripts/release.sh for one-command releases
- Remove old bump-and-publish.sh and version-bump.sh
- All packages start at version 0.2.0
Usage: ./scripts/release.sh patch|minor|major [--dry-run]
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Rename all workspace packages from @paperclip/* to @paperclipai/* and
the CLI binary from `paperclip` to `paperclipai` in preparation for
npm publishing. Bump CLI version to 0.1.0 and add package metadata
(description, keywords, license, repository, files). Update all
imports, documentation, user-facing messages, and tests accordingly.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add secure claim secret flow for agent join requests with timing-safe
comparison, expiry, and one-time use. Expose machine-readable onboarding
manifests and skill index API endpoints. Add company brand color with
hex validation, pattern icon generation, and settings page integration.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add assigneeAdapterOverrides JSONB column to issues, allowing per-issue
model, thinking effort, and workspace overrides when assigning to agents.
Heartbeat service merges overrides into adapter config at runtime. New
Issue dialog exposes these options for Claude and Codex adapters.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Make workspace cwd optional to support repo-only workspaces that don't require
a local directory. Refactor workspace resolution in heartbeat service to pass
all workspace hints to adapters, add fallback logic when project workspaces
have no valid local cwd, and improve workspace name derivation. Also adds limit
param to heartbeat runs list endpoint.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
New project_workspaces table with primary workspace designation.
Full CRUD routes, service with auto-primary promotion on delete,
workspace management UI in project properties panel, and workspace
data included in project/issue ancestor responses.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
New labels and issue_labels tables with cascade deletes, unique
per-company name constraint. CRUD routes for labels, label filtering
on issue list, and label sync on issue create/update. All issue
responses now include labels array.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Derive issue_prefix from first 3 letters of company name with
deterministic suffixes on collision. Migration rebuilds existing
prefixes, reassigns issue numbers, and adds unique indexes.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add Better Auth, drizzle-orm, @dnd-kit, and remark-gfm dependencies.
Introduce DB schema for auth tables (user, session, account, verification),
company memberships, instance user roles, permission grants, invites, and
join requests. Add assigneeUserId to issues. Extend shared config schema
with deployment mode/exposure/auth settings, add access types and validators,
and wire up new API path constants.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add `icon` text column to agents DB schema with migration
- Add icon field to shared Agent type and validators
- Create AgentIconPicker component with 40+ curated lucide icons and search
- Show clickable icon next to agent name on detail page header
- Replace static Agents nav item with collapsible AGENTS section in sidebar
- Each agent shows its icon (defaulting to Bot) with truncated name
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add `color` (text) and `archivedAt` (timestamp) columns to projects table
- Add PROJECT_COLORS palette constant (10 colors) in shared package
- Add color/archivedAt to Project type interface and Zod validators
- Auto-assign next available color from palette on project creation
- New SidebarProjects component with:
- Collapsible PROJECTS header above WORK section
- Caret toggle visible on hover (left of header)
- Always-visible plus button (right of header) opens NewProjectDialog
- Lists non-archived projects with colored rounded squares
- Active project highlighted based on URL match
- Remove Projects nav item from WORK section in sidebar
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add per-issue execution lock (executionRunId, executionAgentNameKey,
executionLockedAt) to prevent concurrent runs on the same issue.
Same-name wakes are coalesced into the active run; different-name
wakes are deferred and promoted when the lock holder finishes.
Includes checkout/release run ownership enforcement, agent run ID
propagation from JWT claims, wakeup deduplication across assignee
and mention wakes, and claimQueuedRun extraction for reuse. Adds
two DB migrations for checkoutRunId and execution lock columns.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Create project_goals join table with composite PK (project_id, goal_id),
backfill from existing projects.goal_id, and update the project service
to read/write through the join table. Shared types now include goalIds
and goals arrays on Project. Legacy goalId column is kept in sync.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add migration 0010 for assets and issue_attachments tables, update CLI
documentation with storage configuration section, and sync pnpm lockfile.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Introduces a provider-agnostic storage subsystem for file attachments.
Includes local disk and S3 backends, asset/attachment DB schemas, issue
attachment CRUD routes with multer upload, CLI configure/doctor/env
integration, and enriched issue ancestors with project/goal resolution.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Introduce company_secrets and company_secret_versions tables for
encrypted secret storage. Add EnvBinding discriminated union (plain vs
secret_ref) to replace raw string env values in adapter configs. Add
hiddenAt column to issues for soft-hiding. Improve migration system
with journal-ordered application and manual fallback when Drizzle
migrator can't reconcile history.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add agent_task_sessions table for per-task session state keyed by
(agent, adapter, taskKey). Add AgentTaskSession type, resetAgentSessionSchema
validator, and sessionDisplayId/sessionParamsJson to AgentRuntimeState.
Rework migration hash-resolution fallback ordering to prefer hash-based
matching over timestamp-based journal matching. Move backup-db.sh logic
into packages/db/src/backup.ts for programmatic use and simplify the shell
script to call the TypeScript implementation.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add agent_config_revisions table for tracking agent configuration changes with
rollback support. Add issue_approvals junction table linking issues to approvals.
New migrations (0005, 0006) for permissions column and new tables. Rework migration
client with statement-level idempotency checks (table/column/index/constraint
existence) so migrations can be safely retried against partially-migrated databases.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add pending_approval agent status, permissions jsonb column, and AgentPermissions
type with canCreateAgents flag. Add approval_comments table and ApprovalComment
type. Extend approval statuses with revision_requested. Add validators for
permission updates, approval revision requests, resubmission, and approval
comments. Add requireBoardApprovalForNewAgents to company update schema.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add issuePrefix/issueCounter to companies and issueNumber/identifier to issues
for human-readable issue IDs (e.g. PAP-42). Add runId to activity_log for
linking activity to heartbeat runs. Rework DB client to support migration
state inspection and interactive pending migration prompts at startup.
Add reopen option to issue comments validator.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Drop the unused contextMode field from the agent schema, shared types, validators,
and all UI references. Merge wakeOnOnDemand and wakeOnAutomation into a single
wakeOnDemand toggle. Default serveUi to true and remove the onboarding prompt for it.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
