Backend:
- Atomic seq assignment via Redis Lua script: INCR + GET run atomically
inside a Lua script, preventing duplicate seqs under concurrent requests.
DB reconciliation only triggers on cross-server handoff (rare path).
- Broadcast channel capacity: 10,000 → 100,000 to prevent message drops
under high-throughput rooms.
Frontend:
- Optimistic sendMessage: adds message to UI immediately (marked
isOptimistic=true) so user sees it instantly. Replaces with
server-confirmed message on success, marks as isOptimisticError on
failure. Fire-and-forget to IndexedDB for persistence.
- Seq-based dedup in onRoomMessage: replaces optimistic message by
matching seq, preventing duplicates when WS arrives before REST confirm.
- Reconnect jitter: replaced deterministic backoff with full jitter
(random within backoff window), preventing thundering herd on server
restart.
- Visual WS status dot in room header: green=connected, amber
(pulsing)=connecting, red=error/disconnected.
- isPending check extended to cover both old 'temp-' prefix and new
isOptimistic flag, showing 'Sending...' / 'Failed' badges.
- Badge: 'Command as Service · Human + Agent Engineering'
- Subtitle: 'Every action is a command. Every command is versioned,
auditable, and composable.'
- Terminal demo: show service deploy, skill run, and replay commands
- Features: lead with Command as Service, rewrite all descriptions
around the command stream paradigm
- Section header: 'Build. Review. Automate. All via Commands.'
- Highlight: 'Your CLI is also your API'
- Nav/Footer: surface Command as Service in Platform menu
validate_origin() only allowed localhost origins by default, causing
production WebSocket connections to be rejected. Now it reads
APP_DOMAIN_URL and APP_STATIC_DOMAIN from env and automatically
adds their http/https/ws/wss variants to the allowed origins list.
Also add APP_DOMAIN_URL to the production configmap.
The frontend WebSocket client sends room_public, but the HTTP fallback
sends it as a JSON body parsed directly into RoomCreateRequest/RoomUpdateRequest
which expects public. Add #[serde(rename = "room_public")] so both
ws params and HTTP JSON body work consistently.
Add ssh_clone_url and https_clone_url to ProjectRepositoryItem,
constructed from config.ssh_domain() and config.git_http_domain().
Update frontend RepoInfo interface and header.tsx to use the
server-provided URLs instead of hardcoded values.
The generated client returns AxiosError as resp when throwOnError=false.
Check resp.error (set by the client to err.response?.data) for the
business-level code/error fields rather than relying on HTTP status.
Replace timestamp-based and 'latest' defaults with git rev-parse --short
HEAD across build.js, deploy.js, and push.js for consistent, traceable
image tags tied to source commits.
Without a shared cookie signing key, each pod generates a random key on
startup. Requests that hit different pods fail session validation, causing
CaptchaError when the captcha and login requests route to different pods.
- Add procps to git-hook and email-worker Dockerfiles (provides pgrep)
- Change all exec probes from pgrep to kill -0 1 (more reliable, bash built-in)
- Add startupProbe to gitserver with 30 failure threshold (5min max startup time)
- Increase gitserver liveness initialDelay to 30s for slower SSH init
- Add landing subpages: pricing, skills, solutions, network, about, docs
- Nav pop cards link to all subpages with nested routes
- Homepage: full landing content with top nav (no sidebar) for logged-in users
- Rewrite copy based on real backend: Git repos, Issues/PRs, Rooms, AI Agents
- Introduce "Command as Service" as core product concept
- Terminal demo shows realistic gitdata CLI commands
- Footer links updated to real routes
- Fix workspace redirect slug guard (undefined route)
ConfigMap was removed from Helm chart (managed externally).
Secret contains all required env vars (APP_DATABASE_URL, APP_REDIS_URL,
SMTP credentials, SSH domain/key, etc.) and is always rendered
(helm.sh/resource-policy: keep prevents deletion on upgrade).
Also add APP_SSH_PORT and APP_SSH_SERVER_PRIVATE_KEY to secret template.
Replace individual configMapKeyRef env vars with envFrom + configMapRef
to inject the full ConfigMap, plus minimal env blocks for static values.
Also remove resources block from operator deployment (K8s schema validation).
The previous single-quote syntax with escaped quotes was split by
split_sql_statements on semicolons inside the function body.
Use $$ quoting to avoid quote escaping issues.
m20260411_000003_add_workspace_id_to_project was running before
m20250628_000013_create_project, causing "relation project does not exist".
Move all project table CREATEs before workspace migrations.
Foreign keys at the database level cause issues with deployment flexibility.
Keep only indexes for query performance; enforce referential integrity at
the application level.
