Introduce testEnvironment() on ServerAdapterModule with structured
pass/warn/fail diagnostics for all four adapter types (claude_local,
codex_local, process, http). Adds POST test-environment endpoint,
shared types/validators, adapter test implementations, and UI API
client. Includes asset type foundations used by related features.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
AgentConfigForm.tsx exported both React components and a plain
object constant (defaultCreateValues), which broke Vite Fast Refresh.
Moved the constant to agent-config-defaults.ts so the component
module only exports React components.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Server: the /companies/:companyId/live-runs endpoint now returns
issueId extracted from contextSnapshot, so the UI can match runs
to issues without N+1 queries.
UI (Issues.tsx): fetches company live runs (with 5s polling), builds
a set of issue IDs with active runs, and shows a pulsing "Live" badge
in each matching issue row — matching the existing blue live indicator
style from AgentDetail.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
When clicking Invoke on the agent page, after the run is created the
browser now navigates to /agents/{id}/runs/{runId} so the user can
immediately see the live run.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Adjust xs avatar vertical offset from top-[2px] to -top-px for better
baseline alignment. Restructure dashboard recent tasks rows so the
timestamp sits right-aligned outside the title text flow and title
truncates properly on desktop.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Make agents list force list view on mobile with condensed trailing
info. Add mobile bottom bar for config save/cancel and live run
indicator on agent detail. Make MetricCard, PageTabBar, Dashboard
tasks, and ActivityRow responsive for small screens. Add xs avatar
size for inline text flow. Remove redundant budget displays from
agent overview, properties panel, costs tab, and config form.
Add attachment activity verb labels.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Delete storage objects for each attachment when an issue is removed.
Hide responseTime from pino-pretty console output to reduce noise.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Document local-trusted vs cloud-hosted deployment scenarios in
PRODUCT.md. Spec out assets and issue_attachments tables with storage
provider abstraction and attachment API endpoints. Draft comprehensive
plan for human users, memberships, invites, permissions, and
agent-to-human task delegation across both deployment modes.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add migration 0010 for assets and issue_attachments tables, update CLI
documentation with storage configuration section, and sync pnpm lockfile.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Make PageTabBar render a native select on mobile, allow ActivityRow text
to wrap on narrow viewports, and minor layout adjustments in AgentDetail
and Issues pages.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Fix S3 provider to use async generator for web stream conversion instead
of Readable.fromWeb, add postForm helper and attachment API methods to
the UI client, and add local disk storage provider tests.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add PAPERCLIP_WAKE_COMMENT_ID to adapter skill env table, add planning
workflow section and comment-wake guidance to paperclip skill, and update
API reference with project/goal resolution on issue ancestors.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add live ActiveAgentsPanel with real-time transcript feed, SidebarContext
for responsive sidebar state, agent config form with reasoning effort,
improved inbox with failed run alerts, enriched issue detail with project
picker, and various component refinements across pages.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Enhance heartbeat wakeup to propagate wakeCommentId, queue follow-up runs
for comment wakes on already-running agents, and merge coalesced context
snapshots. Add failed run count to sidebar badges and expose usage/result
JSON in activity service.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add dynamic OpenAI model list fetching for codex adapter with caching,
async listModels interface, reasoning effort support for both claude and
codex adapters, optional timeouts (default to unlimited), wakeCommentId
context propagation, and richer codex stdout event parsing/formatting.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Introduces a provider-agnostic storage subsystem for file attachments.
Includes local disk and S3 backends, asset/attachment DB schemas, issue
attachment CRUD routes with multer upload, CLI configure/doctor/env
integration, and enriched issue ancestors with project/goal resolution.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The project field in the issue header was a static read-only link (or
invisible when unset), making it impossible to add/edit a project directly
from the /issues/{id} page. Replace it with a searchable popover picker
that always shows, matching the pattern used by StatusIcon and PriorityIcon.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Add ensureLocalSecretsKeyFile helper that generates a random 32-byte
master key during onboard if using local_encrypted provider. Move
resolveRuntimeLikePath to cli/src/utils/ for reuse by secrets-key
and existing check modules.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Document secret storage in DATABASE.md and DEVELOPING.md. Update
SPEC-implementation with company_secrets schema and indexes. Add
migrate-inline-env-secrets script for converting existing plain
env values to managed secrets (dry-run by default, --apply to commit).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Replace plain text env var editor with structured EnvVarEditor
supporting plain values and secret references with inline "Seal"
to convert a value to a managed secret. Add issue hide action via
popover menu on issue detail. Adapters now emit envBindings with
typed plain/secret_ref entries instead of raw KEY=VALUE strings.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add secrets section to onboard, configure, and doctor commands. Doctor
validates local encrypted provider key file and can auto-repair missing
keys. Extract shared path resolution into path-resolver module used by
database and log checks. Show secrets env vars in `paperclip env`.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add AES-256-GCM local encrypted secrets provider with auto-generated
master key, stub providers for AWS/GCP/Vault, and a secrets service
that normalizes adapter configs (converting sensitive inline values to
secret refs in strict mode) and resolves secret refs back to plain
values at runtime. Extract redaction utilities from agent routes into
shared module. Redact sensitive values in activity logs, config
revisions, and approval payloads. Block rollback of revisions
containing redacted secrets. Filter hidden issues from list queries.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Introduce company_secrets and company_secret_versions tables for
encrypted secret storage. Add EnvBinding discriminated union (plain vs
secret_ref) to replace raw string env values in adapter configs. Add
hiddenAt column to issues for soft-hiding. Improve migration system
with journal-ordered application and manual fallback when Drizzle
migrator can't reconcile history.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Switch agents, issues, and approvals pages from query-param tabs to
URL-based routes (/agents/active, /issues/backlog, /approvals/pending).
Extract shared ActivityRow component used by both Dashboard and Activity
pages. Redesign agent detail overview with LatestRunCard showing live/
recent run status, move permissions toggle to Configuration tab, add
budget progress bar, and reorder tabs (Runs before Configuration).
Dashboard now counts idle agents as active and shows "Recent Tasks"
instead of "Stale Tasks". Remove unused MyIssues page and sidebar link.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Comprehensive guide for building new Paperclip adapters covering the
module structure, registration points, session management, skills
injection patterns, security considerations, and testing conventions
derived from the claude-local and codex-local implementations.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Codex adapter now auto-injects Paperclip skills into ~/.codex/skills,
pipes prompts via stdin instead of passing as CLI args, filters out noisy
rollout stderr warnings, and extracts error/turn.failed messages from
JSONL output. Also broadens stale session detection for rollout path
errors. Claude-local adapter gets the same template vars (agentId,
companyId, runId) that codex-local already had.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Show task sessions list in AgentDetail with per-session reset. Extract
ApprovalCard into standalone component from Approvals and Inbox pages,
reducing duplication. Add CompanySettings page with issuePrefix configuration.
Fix Sidebar active state for settings route. Display sessionDisplayId
in agent properties. Various cleanups to Approvals and Inbox pages.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Heartbeat service now resolves session state per-task using agentTaskSessions,
with resolveNextSessionState handling codec-based serialization and fallback
to legacy sessionId. Queued runs are chained — when a run finishes or is reaped,
the next queued run for the same agent starts automatically. Queued runs for
an agent with an already-running run wait instead of failing.
Add task-sessions list endpoint and extend reset-session to accept optional
taskKey for targeted session clearing. Block pending_approval agents from
API key auth. Update agent/company delete cascades to include task sessions.
Update spec docs with task-session architecture.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Introduce AdapterSessionCodec interface for structured session serialization,
deserialization, and display ID extraction. Implement codecs for claude_local
and codex_local adapters with cwd validation — sessions saved for a different
working directory are not resumed. Both adapters now return sessionParams and
sessionDisplayId alongside legacy sessionId.
Add isCodexUnknownSessionError detection and automatic retry with fresh session
for codex_local (matching existing claude_local behavior). Inject approval
context env vars (PAPERCLIP_APPROVAL_ID, PAPERCLIP_APPROVAL_STATUS,
PAPERCLIP_LINKED_ISSUE_IDS) into adapter environments.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add agent_task_sessions table for per-task session state keyed by
(agent, adapter, taskKey). Add AgentTaskSession type, resetAgentSessionSchema
validator, and sessionDisplayId/sessionParamsJson to AgentRuntimeState.
Rework migration hash-resolution fallback ordering to prefer hash-based
matching over timestamp-based journal matching. Move backup-db.sh logic
into packages/db/src/backup.ts for programmatic use and simplify the shell
script to call the TypeScript implementation.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add scripts/backup-db.sh for backing up the embedded PostgreSQL database
with support for custom (.dump) and plain SQL formats, auto-detection of
the configured port, and pruning of backups older than 30 days.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Document remaining work for config revision UI, approval comment integration,
adapter reflection improvements, and end-to-end CEO hiring workflow testing.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add ApprovalDetail page with comment thread, revision request/resubmit flow,
and ApprovalPayload component for structured payload display. Extend AgentDetail
with permissions management, config revision history, and duplicate action.
Add agent hire dialog with permission-gated access. Rework Costs page with
per-agent breakdown table and period filtering. Add sidebar badge counts for
pending approvals and inbox items. Enhance Dashboard with live metrics and
sparkline trends. Extend Agents list with pending_approval status and bulk
actions. Update IssueDetail with approval linking. Various component improvements
to MetricCard, InlineEditor, CommentThread, and StatusBadge.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Export agentConfigurationDoc from all adapters for LLM reflection. Inject
PAPERCLIP_APPROVAL_ID, PAPERCLIP_APPROVAL_STATUS, and PAPERCLIP_LINKED_ISSUE_IDS
into local adapter environments. Update SKILL.md with approval handling procedure,
issue-approval linking, and config revision documentation. Add new
paperclip-create-agent skill for CEO-driven agent hiring workflows.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Agent management: hire endpoint with permission gates and pending_approval status,
config revision tracking with rollback, agent duplicate route, permission CRUD.
Block pending_approval agents from auth, heartbeat, and assignments.
Approvals: revision request/resubmit flow, approval comments CRUD, issue-approval
linking, auto-wake agents on approval decisions with context snapshot.
Costs: per-agent breakdown, period filtering (month/week/day/all), cost by agent
list endpoint.
Adapters: agentConfigurationDoc on all adapters, /llms/agent-configuration.txt
reflection routes. Inject PAPERCLIP_APPROVAL_ID, PAPERCLIP_APPROVAL_STATUS,
PAPERCLIP_LINKED_ISSUE_IDS into adapter environments.
Sidebar badges endpoint for pending approval/inbox counts. Dashboard and company
settings extensions.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add AgentConfigRevision, CostByAgent, SidebarBadges types. Add createAgentHireSchema
with source issue linking and linkIssueApprovalSchema. Extend approval validator with
issueIds. Update cost summary to generic period naming. Add sidebar badges API path.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add agent_config_revisions table for tracking agent configuration changes with
rollback support. Add issue_approvals junction table linking issues to approvals.
New migrations (0005, 0006) for permissions column and new tables. Rework migration
client with statement-level idempotency checks (table/column/index/constraint
existence) so migrations can be safely retried against partially-migrated databases.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add pending_approval agent status, permissions jsonb column, and AgentPermissions
type with canCreateAgents flag. Add approval_comments table and ApprovalComment
type. Extend approval statuses with revision_requested. Add validators for
permission updates, approval revision requests, resubmission, and approval
comments. Add requireBoardApprovalForNewAgents to company update schema.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Document the design for enabling CEO agents to hire new agents with
board approval governance, including permission model, limbo status,
approval workflows with comments/revisions, adapter config reflection,
and a phased implementation plan.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add Identity component (avatar + name) used across agent/issue displays. Add
LiveRunWidget for real-time streaming of active heartbeat runs on issue detail
pages via WebSocket. Display issue identifiers (PAP-42) instead of UUID
fragments throughout Issues, Inbox, CommandPalette, and detail pages.
Enhance CommentThread with re-open checkbox, Cmd+Enter submit, sorted display,
and run linking. Improve Activity page with richer formatting and filtering.
Update Dashboard with live metrics. Add reports-to agent link in AgentProperties.
Various small fixes: StatusIcon centering, CopyText ref init, agent detail
run-issue cross-links.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Inject PAPERCLIP_RUN_ID, PAPERCLIP_TASK_ID, and PAPERCLIP_WAKE_REASON into
local adapter environments so agents know their run context and wake trigger.
Update SKILL.md to document new env vars and require X-Paperclip-Run-Id header
on all mutating API requests for audit trail linkage.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Replace auto-migrate-if-empty with interactive migration flow that inspects
pending migrations and prompts before applying. Add pino-pretty for structured
console + file logging. Add reapOrphanedRuns to clean up stuck heartbeat runs
on startup and periodically. Track runId through auth middleware, activity logs,
and all mutation routes. Add issue-run cross-reference queries, live-run and
active-run endpoints for issues, issue identifier lookup, reopen-via-comment
flow, and done/cancelled -> todo status transitions.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add issuePrefix/issueCounter to companies and issueNumber/identifier to issues
for human-readable issue IDs (e.g. PAP-42). Add runId to activity_log for
linking activity to heartbeat runs. Rework DB client to support migration
state inspection and interactive pending migration prompts at startup.
Add reopen option to issue comments validator.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Resolve relative paths in database and log checks against the config file
directory with fallback candidates. Make the AgentDetail tab bar sticky
with backdrop blur for better navigation on long pages.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add inline editing for goal title/description with mutation support. Enhance
GoalProperties with clickable status/level pickers and linked owner/parent
navigation. Improve InlineEditor with auto-sizing textarea for multiline mode.
Update AgentDetail to redact secrets in env display, render thinking/user
transcript entries, and pretty-print tool results.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add HS256 JWT-based authentication for local adapters (claude_local, codex_local)
so agents authenticate automatically without manual API key configuration. The
server mints short-lived JWTs per heartbeat run and injects them as PAPERCLIP_API_KEY.
The auth middleware verifies JWTs alongside existing static API keys.
Includes: CLI onboard/doctor JWT secret management, env command for deployment,
config path resolution from ancestor directories, dotenv loading on server startup,
event payload secret redaction, multi-status issue filtering, and adapter transcript
parsing for thinking/user message kinds.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
