Mark CP-005 DONE: TenantAwareCryptoProviderRegistry decorator, ITenantCryptoPreferenceProvider
interface, AddTenantAwareCryptoResolution DI extension, PlatformCryptoPreferenceProvider,
14 unit tests (all pass), and sprint tracker update.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Create timeline.unified_audit_events table with SHA-256 hash chain
- Create timeline.unified_audit_sequences for per-tenant tracking
- Replace IngestAuditEventStore (in-memory) with PostgresUnifiedAuditEventStore
- Preserve chain integrity via serializable isolation
- Mark AUDIT-001 as DONE in sprint tracker
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add crypto provider panel to Platform Settings at /setup/crypto-providers
- Show provider health status with status dots, latency, and last-checked time
- Collapsible start commands with copy-to-clipboard for stopped providers
- Auto-refresh every 30s using interval+switchMap, stopped on destroy
- Provider selection with confirmation dialog via existing ConfirmDialogComponent
- Priority ordering via number input per provider preference
- Active provider banner and per-card active badge
- Disabled "Set as Active" for stopped/unreachable providers with tooltip
- Algorithm scope mapping table for configured preferences
- Backward-compatible redirect from /settings/crypto-providers
- Setup overview card added for Crypto Providers
- Sprint CP-003/CP-004 marked DONE with execution log
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Major edge routing improvements including corridor spacing, crossing reduction,
focused gateway boundary repairs, setter families, and advanced restabilization.
Adds workflow renderer tests for document-processing and artifact inspection.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Target-join and boundary-slot detection now use ResolveNodeSizeClearance
(node dimensions only), while under-node/proximity use
ResolveMinLineClearance (scales with NodeSpacing via ElkLayoutClearance).
Face slot gaps depend on node face geometry, not inter-node spacing.
Routing corridors should scale with spacing for visual breathing room.
Created sprint 008 for wider spacing robustness. NodeSpacing=50 still
fails on target-join (scoring/test detection mismatch needs investigation).
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Replace string-based conflict keys (source:{nodeId}, target:{nodeId}) with
geometric bounding-box overlap detection. Edges now conflict only when their
routed path bounding boxes overlap spatially (with 40px margin) or share a
repeat-collector label on the same source-target pair.
This enables true spatial parallelism: edges using different sides of the
same node can now be repaired in parallel instead of being serialized.
Sprint 006 TASK-001 final criterion met. All 4 tasks DONE.
Tests verified: StraightExit 2/2, HybridDeterministicMode 3/3,
DocumentProcessingWorkflow artifact 1/1 (all 44+ assertions pass).
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Completes Sprint 323 TASK-001 using Option C (direct URL rewrite):
- release-management.client.ts: readBaseUrl and legacyBaseUrl now use
/api/v1/release-orchestrator/releases, eliminating the v2 proxy dependency
- All 15+ component files updated: activity, approvals, runs, versions,
bundle-organizer, sidebar queries, topology pages
- Spec files updated to match new URL patterns
- Added /releases/activity and /releases/versions backend route aliases
in ReleaseEndpoints.cs with ListActivity and ListVersions handlers
- Fixed orphaned audit-log-dashboard.component import → audit-log-table
- Both Angular build and JobEngine build pass clean
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add CRUD endpoints for script variables with validation and diff-compatible
models (ScriptEndpoints, ScriptApiModels, IScriptService, InMemoryScriptService).
Update PlatformScopes and PlatformPolicies for script.read/write permissions.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Implement remediation-aware health checks across all Doctor plugin modules
(Agent, Attestor, Auth, BinaryAnalysis, Compliance, Crypto, Environment,
EvidenceLocker, Notify, Observability, Operations, Policy, Postgres, Release,
Scanner, Storage, Vex) and their backing library counterparts (AI, Attestation,
Authority, Core, Cryptography, Database, Docker, Integration, Notify,
Observability, Security, ServiceGraph, Sources, Verification).
Each check now emits structured remediation metadata (severity, category,
runbook links, and fix suggestions) consumed by the Doctor dashboard
remediation panel.
Also adds:
- docs/doctor/articles/ knowledge base for check explanations
- Advisory AI search seed and allowlist updates for doctor content
- Sprint plan for doctor checks documentation
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add nginx proxy blocks for /api/v1/release-orchestrator/,
/api/v1/release-control/, /api/v2/releases/, /api/v1/releases/,
/api/v1/registries/ in Dockerfile.console
- All release UI calls now reach JobEngine (401 not 404)
- Registry search reaches Scanner service
- Pipeline page uses ReleaseManagementStore (real API, no mock data)
- Deployment wizard uses BundleOrganizerApi for create/seal
- Inline version/hotfix creation in deployment wizard wired to API
- Version detail shows "not found" error instead of blank screen
- Version wizard has promotion lane + duplicate component detection
- Sprint plan for 41 missing backend endpoints created
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Root cause: the | slice pipe was used in the template but SlicePipe
was not in the standalone component's imports array. This caused
Angular's resolveDirective to throw 'Cannot read factory' on every
change detection cycle, preventing mock version cards from rendering
and breaking the Continue button validation.
Also: removed unused RouterModule import, converted computed signals
to methods for PlatformContextStore-dependent values, added
platformCtx.initialize() in constructor.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- integration-hub-ui.component.spec: fix integrationId → id property
- orphan-revival-regression: fix index signature access for getViewMode
- integration-detail-page.spec: fix mock Integration type
- Install @vitest/browser-playwright for test runner
- Sprint 025 FE-CLN-004: DONE — build verified, cleanup confirmed clean,
test runner Karma→Vitest migration is infrastructure not regression
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Backend (Scanner .NET):
- New ScanPolicyEndpoints.cs with GET/POST/PUT/DELETE /api/v1/scan-policies
- In-memory ConcurrentDictionary storage (no migration needed)
- Auth: scanner:read for list, orch:operate for mutations
- Registered in Scanner Program.cs
Frontend (Angular):
- New scan-policy.component.ts with table view, inline create/edit form,
enable/disable toggle, dynamic rules (type/severity/action)
- Route added at /security/scan-policies in security-risk.routes.ts
Gateway route already exists in router-gateway-local.json.
Sprint 002: all 7 tasks now DONE.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Sprint 020 complete: scan ID mismatch, user ID display, feed status text,
route redirect race condition, exception scope mismatch, admin scope bypass.
All verified via Playwright on fresh install.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
