Skip to content

Feat/i18n tooling#162

Closed
agualdron wants to merge 18 commits into
mainfrom
feat/i18n_tooling
Closed

Feat/i18n tooling#162
agualdron wants to merge 18 commits into
mainfrom
feat/i18n_tooling

Conversation

@agualdron

Copy link
Copy Markdown
Collaborator

Summary

  • Adds a new bun run i18n:catalog developer CLI under apps/tradinggoose/scripts/i18n-catalog to scan either a single localized route or the full app and report used keys, missing keys, target-locale gaps, optional orphaned keys, dynamic protected roots, and hardcoded copy candidates.
  • Adds route entry discovery and route-ownership logic so the scanner can follow localized layouts, route boundaries, shared app files, and canonical dynamic route patterns when attributing i18n usage.
  • Updates apps/tradinggoose/i18n/public-copy.test.ts to guard landing array shapes and cross-locale catalog shape alignment, and updates app type-checking to run next typegen through a dedicated tsconfig.typecheck.json.
  • Type of changes: New feature, Other (developer tooling, validation, and test coverage).

Why

  • We need a reliable way to audit localization coverage and catch missing translations, orphaned keys, and hardcoded copy before they ship.
  • The scanner also reduces manual review cost by pointing reviewers to route-owned namespaces and likely hardcoded strings.
  • Running next typegen before tsc keeps type-checking aligned with generated Next route types instead of relying on incomplete compile inputs.

Affected Areas

  • apps/tradinggoose
  • apps/docs
  • packages/*
  • Workflows / execution
  • Realtime / sockets
  • Market data / charting
  • Dev tooling / CI / infra
  • Documentation only
  • Other:

Validation

bunx biome check --files-ignore-unknown=true apps/tradinggoose/i18n/public-copy.test.ts apps/tradinggoose/package.json apps/tradinggoose/tsconfig.typecheck.json apps/tradinggoose/scripts/i18n-catalog
git diff --check staging...HEAD
cd apps/tradinggoose && bun run test -- scripts/i18n-catalog/index.test.ts i18n/public-copy.test.ts
cd apps/tradinggoose && bun run type-check

BruzWJ and others added 18 commits June 11, 2026 17:35
…edits (#141)

* fix(copilot): update context usage handling and remove unnecessary billing logic

* feat(copilot): record local completion usage

Add local completion usage flushing for chat and mark-complete flows, with retryable reservation locks for the local billing path.\n\nCo-authored-by: Codex <codex@openai.com>

* feat(copilot): switch workflow edits to graph-only mermaid

Rewrite edit_workflow to accept minimal Mermaid graphs, add removedBlockIds for intentional deletions, and update the matching manifest and error mapping.\n\nCo-authored-by: Codex <codex@openai.com>

* fix(copilot): refactor tool approval logic and update related tests

* fix(copilot): remove local completion billing logic and update context usage handling

* fix(copilot): remove color field from indicator and workflow schemas, update related documentation

* fix(copilot): update copilot usage handling and improve test coverage for malformed completion commits

* fix(copilot): introduce workflow graph document format and update related handling in tools and tests

* fix(copilot): enhance edit_workflow tool with semantic validators and improve error handling for workflow graphs

* fix(copilot): update editWorkflowServerTool tests to reflect changes in block naming and metadata handling

* fix(copilot): enhance editWorkflowServerTool with block position preservation and validation for internal fields in graph-only edits

* fix(copilot): update inline tool call tests and logic for review controls and entity diffs; enhance workflow graph parsing with condition edge validation

* fix(copilot): improve subgraph node handling in parseVisibleWorkflowEdges; enhance error reporting for unknown edge references

* fix(copilot): remove unused color properties from entity types and update related tests; enhance workflow edge parsing logic

* fix(copilot): update edit_workflow description for clarity on block deletion; adjust error message for block type validation; modify default horizontal handle behavior in preview node

* fix(copilot): remove color property from indicators and workflows; update related logic and tests for consistency

* fix(copilot): remove color property from indicators and workflows; update related logic and tests for consistency

* feat(import-export): bump TradingGoose export envelope to v2

Update the unified export envelope version and align import/export tests and types with the new version.\n\nCo-authored-by: Codex <codex@openai.com>

* feat(copilot): clarify workflow edit topology semantics

Tighten edit_workflow guidance and errors so block ids are treated as stable identities, and preserve overlay metadata when parsing graph-only workflow Mermaid.\n\nCo-authored-by: Codex <codex@openai.com>

* fix(copilot): update workflow document formats and descriptions; adjust tests for consistency

* fix(copilot): enhance workflow validation and update document format references

* fix(import-export): update export version from 2 to 1 across various modules

* fix(export): update export version from 2 to 1 in various components

* fix(copilot): enhance workflow documentation and validation; update tests for consistency

* fix(copilot): implement billing completion usage reporting and update related tests

* fix(copilot): enhance completion usage reporting with validation for invalid reports and billing failures

* fix(import-export): update tests to ignore generated fields in transfer records and remove strict validation

* fix(copilot): refine workflow graph handling and improve Mermaid documentation clarity

* fix(copilot): improve error handling in completion usage reporting and update related tests

* fix(copilot): rename commitLocalCopilotCompletionUsageReports to mirrorLocalCopilotCompletionUsageReports and update related usages and tests

* fix(copilot): consolidate usage reservation commits

Replace the deprecated adjust path with a commit wrapper that reserves and releases Copilot usage around billing operations, and pass workspace context through the store.

Co-authored-by: Codex <codex@openai.com>

* fix(workflows): allow condition source handles

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

* docs(changelog): add June 11 2026 branch summary

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

* refactor(copilot): extract completion billing helpers

Move completion billing and mirror logic into a shared lib module used by copilot routes.\n\nCo-authored-by: Codex <codex@openai.com>

* fix(copilot): forward workspace id in context usage

Pass workspaceId through the copilot usage context flow so workspace-bounded requests keep their billing context.\n\nCo-authored-by: Codex <codex@openai.com>

---------

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
…142)

* feat(workflow): resolve editor trigger input from session snapshot

Co-authored-by: Codex <codex@openai.com>

* fix(workflows): preserve input trigger snapshot values

Co-authored-by: Codex <codex@openai.com>

* fix(workflow): stabilize workflow test execution

Keep test-input writes on a dedicated origin, prefer connected runnable triggers, and block run until the session is ready.\n\nCo-authored-by: Codex <codex@openai.com>

* fix(workflows): preserve queued trigger types

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workflows): require live start block for queued webhook and schedule runs

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workflows): remove test-input Yjs special case

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workflow): block chat-only workflows from editor run

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(workflow): run selected trigger blocks

Propagate the selected workflow node into manual execution and resolve editor test runs against the selected trigger block when available.

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* refactor(workflow): derive run target from awareness

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workflows): select trigger branch for editor Run

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(workflows): preserve trigger source in queued executions

Propagate trigger metadata from editor test runs through the queue client and API so queued executions keep the correct trigger identity.

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workflows): resolve queued trigger identity from workflow state

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* refactor(workflows): simplify trigger helpers

Remove redundant trigger helper exports and inline the same logic in the existing selection helpers.

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workflows): reject chat triggers in editor runs

Prevent editor Run from selecting chat triggers and preserve the fallback selection flow for the remaining trigger branches.

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* test(workflows): add coverage for editor trigger resolution

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workflows): relax manual queue trigger matching

Allow manual queue runs to match non-chat start blocks while preserving exact matching for non-manual triggers.

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* test(yjs): cover shared workflow session bootstrap loading

Add coverage for the loading window before a shared workflow session publishes a readable document, and factor repeated bootstrap fixture setup into a helper.

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workflows): use editor test trigger for client workflow execution

Co-authored-by: Codex <codex@openai.com>\nCo-authored-by: BWJ2310 <brucewj2310@gmail.com>\nCo-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(workflow): unify workflow trigger resolution

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workflow): preserve trigger identity and live run input

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* refactor(workflows): rename workflow start target to trigger target

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workflows): align trigger selection with trigger-mode blocks

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(workflows): require explicit trigger blocks for workflow runs

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workflows): align run_workflow trigger handling

Require exact trigger block ids, remove the legacy start alias, and resolve copilot runs to manual unless the trigger is chat.

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* style(workflows): reorder accessible reference imports

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workflows): handle missing trigger blocks consistently

Disable schedules and webhooks when their trigger block is missing, tighten schedule creation validation, and keep editor trigger resolution aligned with manual editor runs.

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* refactor(workflow): centralize executable workflow data

Consolidate executable block and edge filtering into a shared helper, then reuse it across workflow execution paths and tests.

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workflows): preserve resolved trigger input for copilot runs

Keep explicit copilot workflow input intact when resolving manual runs, and pass the resolved input into queued execution.

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(schedules): delete orphaned schedule rows

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* test(resolver): clarify trigger block alias expectation

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

---------

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
* feat(i18n): canonicalize locale-prefixed routing

Move locale negotiation into the proxy, resolve authenticated locale from user settings, update locale-aware navigation/tests, and remove obsolete telemetry instrumentation scaffolding.

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(nav): support authenticated public navigation

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(workflow): allow editor run to select trigger variants

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workflow): improve workflow summary tooltip rendering

Use viewport-aware tooltip behavior in workflow blocks and preserve full summary text in tooltip overlays.

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(settings): bootstrap authenticated settings on app load

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workflows): resolve triggers from workflow graph edges

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(settings): keep general settings loading state in sync

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(i18n): honor stored locale for authenticated locale-prefixed routes

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workflows): ignore chat-only triggers in editor Run

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* style(tradinggoose): wrap proxy route test case

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(tradinggoose): scope locale and settings state by user

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* test(tradinggoose): cover authenticated locale routing fallback

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(tradinggoose): keep locale routing aligned with auth state

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(tradinggoose): apply preferred locale during bootstrap

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(oauth): normalize callback paths across auth flows

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* style(workspace): format integrations oauth helpers

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workflows): resolve selected trigger configuration errors

Validate the selected trigger block directly during workflow run resolution so missing trigger configuration surfaces as an error instead of being skipped silently.

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* perf(control-bar): memoize workflow run trigger derivation

Avoid recomputing the derived run trigger list on every control-bar render by memoizing it against the workflow graph inputs.

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* refactor(environment): simplify environment store state

Remove the obsolete environment CRUD methods from the Zustand store and load the current payload directly.

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(auth): preserve callback pathname during recovery flows

Thread the current pathname through auth recovery so login, sockets, permission fetches, and environment requests return the user to the same route after reauthentication.

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(auth): redirect authed users to their preferred locale

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(socket): keep auth error handling on the latest pathname

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

---------

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
…igger (#144)

* feat(global-navbar): add sidebar user menu trigger

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(billing): settle deleted Stripe subscriptions in webhook flow

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(billing): avoid resetting onboarding usage for entitled subscriptions

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(billing): ignore orphaned deleted stripe subscription events

Co-authored-by: Codex <codex@openai.com>\nCo-authored-by: BWJ2310 <brucewj2310@gmail.com>\nCo-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* style(sidebar): normalize sidebar formatting

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(db): enforce unique stripe subscription ids

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* refactor(billing): centralize Stripe subscription lookup

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(billing): sync usage limits on subscription deletion

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(db): enforce unique stripe subscription ids

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(billing): reject missing and duplicate deleted subscriptions

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(billing): skip deleted subscriptions without local rows

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(billing): allow duplicate Stripe subscription rows

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(billing): settle subscription webhooks by Stripe id

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* test(global-navbar): cover compact avatar trigger outside sidebar

Co-authored-by: Codex <codex@openai.com>\nCo-authored-by: BWJ2310 <brucewj2310@gmail.com>\nCo-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(billing): sync usage limits from settled subscription

Co-authored-by: Codex <codex@openai.com>\nCo-authored-by: BWJ2310 <brucewj2310@gmail.com>\nCo-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(billing): enforce unique Stripe subscription lookup

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(billing): use atomic upsert for enterprise subscriptions

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(subscription): use stripe subscription id for personal upgrades

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

---------

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
* fix(auth): use browser origin for auth client

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(i18n): add localized not-found route

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>
…146)

* fix(auth): centralize auth cookie cleanup

Remove browser-side cookie deletion from the auth error handler, reuse a shared cookie deletion contract in the proxy, and drop the stale app initialization lifecycle from the store bootstrap.

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(auth): route login-page sign-out failures through reauth cleanup

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(auth): redirect authenticated users from auth entry pages

Use a real session check on the login and signup pages so logged-in users reach the workspace from the page boundary.

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(proxy): let auth entry routes reach their pages

Keep localized auth routes available to the page boundary and limit reauth cookie cleanup to the login route.

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(auth): persist locale through signup verification

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(urls): normalize configured app URL helpers

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* refactor(tradinggoose): resolve canonical URLs at runtime

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(email): preserve transactional text in fallback delivery

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix: handle proxy auth cleanup and preview base URL fallback

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(tradinggoose): remove preview-only base URL fallback

Make the affected route handlers dynamic and pass the shared base URL into emails so generated content no longer depends on preview-only env vars.

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* test(tradinggoose): update workflow test setup

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(auth): log fallback sign-out failures

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

---------

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
* refactor(proxy): use Better Auth session cookies

Remove the proxy-owned cookie cleanup helper and switch the proxy to getSessionCookie directly.

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(auth): handle login reauth cleanup

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

---------

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
* fix(auth): use canonical app session for socket token route

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(auth): simplify unauthorized session handling

Remove inline auth recovery redirects from login and workspace permissions flows.

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(auth): block login form until reauth cleanup finishes

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(auth): remove session cookie cache

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(auth): handle failed session creation by forcing reauth cleanup

When login returns FAILED_TO_CREATE_SESSION, fall back to the reauth cleanup
path instead of showing the old inline copy.

Add coverage for the login flow and socket token stale-cookie rejection, and
remove the unused localized login copy.

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* style(workflow): format edit-workflow-block test

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(auth): remove reauth redirect flag and guard cleanup retries

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* test(copilot): stabilize workflow tool suites

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(auth): route session errors through reauth cleanup

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(auth): route auth provider failures through error flow

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(auth): preserve callback through auth error flows

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(auth): handle reauth cleanup and error callback cookies

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(auth): replace auth error cookie flow with callback route

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(auth): unify session recovery and SSO error handling

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(auth): route workspace permissions auth failures through recovery

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* refactor(auth): stabilize login reauth callbacks

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

---------

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
* feat(workspace): centralize current-user access checks and locale auth routing

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(workspaces): server-side workspace bootstrap

Move workspace and admin entry redirects to the server, factor workspace bootstrap helpers into a shared service, and add coverage for the auth redirect flow.

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workspaces): include workspace owners in access flows

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workspaces): allow same-origin callback URLs

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(auth): scope workspace permissions to the active user

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workspace): derive callback origin from request headers

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workspaces): require admin access before member deletion

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(permissions): treat workspace owners as admins

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(auth): standardize reauth callbacks and permission state checks

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workspaces): roll back failed default workflow seeding

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workspaces): align admin access with workspace ownership

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(auth): reuse workspace access checks

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workflows): centralize workflow permission validation

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workspace-permissions): route missing sessions into auth recovery

Handle resolved anonymous sessions before permissions loading and keep the hook in loading state while recovery runs.

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workspace): redirect workspace roots without bootstrapping

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(copilot): treat workspace owners as workflow admins

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workspace): bootstrap root workspace on the server

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(auth): normalize login callback URLs from request headers

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(auth): add reauth redirect handling for stale session cookies

* fix(workspaces): normalize created workspace payloads

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workspaces): clean up seeded workflow on create failure

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workspaces): handle Yjs seeding failures during workspace creation

---------

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
#152)

* refactor(workspace-permissions): thread authenticated user id through permission loading

Use the server-provided user id at the layout boundary, remove redundant nested workspace permission providers from widgets, and update the permission hook/tests to depend on explicit auth context.

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(auth): thread authenticated user id through navbar

Pass the authenticated user id from the admin and workspace layouts into GlobalNavbar so WorkspaceDialogs can reuse the server-provided identity instead of calling useSession.

Update the admin layout test to assert the propagated user id.

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(auth): use authenticated user id for workspace dialogs

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workspace-invite): prevent self-invites

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(auth): propagate authenticated email through navbar

Use the authenticated user email from layouts in the global navbar and workspace invite modal so self-invite checks and role detection don't depend on workspace permission lookups.

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(navbar): portal header slots into targets

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(auth): preserve auth recovery during workspace permissions fetch

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workspace-permissions): restore current user row in invite modal

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* refactor(workspace-permissions): simplify initial loading fallback

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(auth): wait for client auth before loading workspaces

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(auth): reset workspace redirect state per user access key

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(auth): avoid refetching session-recovery permissions

Skip reloading a workspace permission record that already resolved to
SESSION_EXPIRED when the same user/workspace key remounts.

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(auth): gate auth-dependent queries until session matches user

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workspace): gate permissions UI on matching session user

Require the authenticated session user to match the active user before loading workspace permissions or organization data, and hide the permissions table when there are no users to display.

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workspace): gate workspace data on client auth

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(auth): guard workspace data on stable session state

Derive client auth readiness from the session hook and ignore stale workspace responses when user/session identity changes.

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(navbar): keep the latest header owner active

Track header slot ownership so overlapping contributors do not render stale content after one unmounts.

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(auth): scope cached billing queries by user id

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* refactor(auth): use server-authenticated workspace context

Propagate authenticated user IDs through workspace permissions, navbar, and widget consumers while removing client-session readiness gates.

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workspace): use workspace user identity in invite dialogs

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(auth): pass workspace user to global navbar

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workspace-auth): require inherited workspace sessions in nested providers

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

---------

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
* fix(auth): pass server user into workspace socket provider

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(socket): improve logging for socket authentication errors

* fix(workspace): simplify user prop handling in WorkspaceLayoutClient

* test(auth): adjust auth error handler workspace permission case
* feat(copilot): localize mention labels and mention search

Centralize copilot mention copy and switch mention options and submenus to
stable internal ids so the mention menu can render localized labels, empty
states, and fallback names across chats, workspace entities, knowledge bases,
docs, and logs.

Localize block and workflow block names, use localized log trigger labels in
search, and normalize queries for accent-insensitive matching while reloading
mention sources when the locale changes.

Add en, es, and zh mention message keys plus focused tests for mention menu
rendering, filtering, source reloading, and keyboard mention selection flows.

* fix(copilot): stabilize mention submenu reload deps and add staging changelog

Capture ensureSubmenuLoaded from the loaders object and reuse that stable
callback throughout use-user-input-mentions. This narrows the locale
submenu reload effect dependency to the actual loader callback instead of
the inline loaders object identity.

Add changelog/June-22-2026.md with the required staging entry for
feat/copilot_mentions_translations, documenting the localized mention
copy, normalized filtering, locale-aware source reloads, and reuse
guardrails for future branches.

* chore: restore recovered local changes

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(custom-tools): treat titles as canonical tool names

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(executor): resolve dynamic MCP tool ids at runtime

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(agent): require exact skill ids for skill loading

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* refactor(copilot): reuse centralized mention empty states

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* test(agent): remove stale MCP agent handler coverage

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* test(custom-tools): reject function names in imported schemas

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(function): allow workspace-scoped function execution

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(copilot): resolve custom indicators by runtime id

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* test(copilot): align custom tool schema fixture

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(custom-tools): separate runtime ids from entity ids

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(copilot): keep deleted mentions removed

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(copilot): normalize final streamed messages

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(copilot): filter markdown renderer node props

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(agent): preserve custom tool display names

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(copilot): dedupe docs context mentions

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(function-execution): authorize requests by workflow workspace

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(mcp): persist canonical tool identifiers

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* refactor(mcp): use hyphenated dynamic tool ids

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* test(generic-handler): remove stale mcp id resolution coverage

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(mcp): use explicit server and tool params for execution

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(copilot): treat punctuation as mention boundaries

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(mcp): preserve selected tool IDs for execution

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(copilot): retain contexts for repeated mentions

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* style(custom-tools): format entity state import

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(custom-tools): allow updates with existing titles

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(copilot): reuse mention boundary detection

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(copilot): refresh selected mention contexts

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(function): support workspace-scoped execution

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(custom-tools): normalize function schemas

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* style(tools): sort utility imports

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(custom-tools): normalize API custom tool titles

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(copilot): include log triggers in mention search

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* style: normalize formatting in agent and indicator files

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* style(indicators): format runtime imports

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* refactor(indicators): remove runtime indicator names

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(agent): preserve custom tool ids with display names

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(copilot): localize implicit context labels

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(copilot): preserve duplicate mention insertion order

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* test(custom-tools): align export schema fixture with canonical shape

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(trace-spans): type tool call ids in trace output

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workflows): reject invalid custom tool runtime ids

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(function-execute): require write access for workspace execution

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* docs(changelog): add June 23 changelog

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

---------

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>
Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
* fix(mcp): reject reused device login approvals

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workflows): avoid loading deployed workflow variables

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(mcp): authenticate device login API keys

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(copilot): apply reviewed tool changes atomically

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(copilot): prevent stale server tool review acceptance

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(copilot): handle malformed MCP batch entries

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(copilot): stage mutation tools for review

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(copilot): prevent sensitive tool payload exposure

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* docs: update project agent testing guidance

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(copilot): reject empty JSON-RPC batches

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(copilot): redact managed review secrets

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(mcp): use personal API keys for device login

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(mcp): issue device login keys during approval polling

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workflows): preserve deployment metadata from saved state

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(mcp): use shared personal api key auth

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workflows): preserve variables during direct yjs persistence

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workflows): persist workflow names through Yjs state

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(copilot): read saved entities from bootstrapped Yjs state

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(editors): back entity editors with Yjs sessions

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(workflows): export referenced skills from Yjs state

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(mcp): consume device login approvals when issuing keys

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(yjs): fall back to direct state persistence on apply errors

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(custom-tools): reject duplicate titles on update

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(copilot): omit generated workflow ids from review staging

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(copilot): require workflow variable ids in documents

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* style(copilot): wrap copilot registry assertions

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(copilot): refresh state after server tool mutations

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(copilot): serialize server tool review acceptance

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workflows): persist normalized workflow state

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(auth): preserve locale on invalid MCP authorization

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(copilot): reject stale accepted server tool reviews

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(yjs): keep saved entity sessions noncanonical

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workflows): preserve deployment metadata from live state

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(yjs): separate saved entity draft persistence

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workflows): handle missing normalized saved state

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(copilot): scope environment variable writes to workspace

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* style(mcp): reorder authorize page imports

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(mcp): issue device login keys from approval state

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(api-key): require complete key format for lookup

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(copilot): persist accepted reviewed entity updates

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(api-keys): bind generated key material to stored id

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(copilot): pass workspace context to environment writes

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* style(copilot): wrap credential prompt metadata

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* docs(mcp): clarify device grant retry window

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(mcp): make device login delivery idempotent

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(yjs): persist state before applying document updates

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(yjs): refresh stale saved target snapshots

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(yjs): make saved entity persistence best effort

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(copilot): scope environment variable mutations

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(copilot): align contracts after staging rebase

* fix(copilot): align indicator runtime contracts

* feat(yjs): persist saved entity session edits

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(copilot): preserve MCP server secrets in documents

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(yjs): apply snapshots before database persistence

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* test(copilot): update test files

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(copilot): normalize entity document fields

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* test(copilot): cover entity document normalization

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(mcp): require urls for URL transports

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(copilot): support personal scoped credential reads

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* refactor(yjs): simplify saved entity state sync

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(yjs): persist applied snapshots from live documents

Read back the applied Yjs document before saving normalized entity and workflow state so DB writes reflect the actual post-apply document, and remove the canonical local-store path.

Co-authored-by: Codex <codex@openai.com>\nCo-authored-by: BWJ2310 <brucewj2310@gmail.com>\nCo-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(api-key): reject malformed keys before lookup

Trim incoming headers, fail fast on malformed API keys, and keep the stored-key lookup narrowed to the parsed key id.

Co-authored-by: Codex <codex@openai.com>\nCo-authored-by: BWJ2310 <brucewj2310@gmail.com>\nCo-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(yjs): persist workflow session state through the socket bridge

Keep workflow and entity session documents live in the socket server, route Yjs updates through the bridge, and carry workflow variables through saved state.

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(api-key): remove embedded ids from generated api keys

Generate API keys as fixed-prefix 32-character tokens and authenticate them without narrowing on an embedded database id.

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(copilot): keep review acceptance bound to the staged execution context

Persist the execution context with staged server tool reviews and require it again when accepting the review.

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(auth): simplify MCP device login approval flow

Remove the approval-token challenge flow, approve and cancel device logins directly from the posted code, and keep expired verification rows trimmed during login start.

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(copilot): improve workflow editing and tool routing

Expire stale server-tool review tokens, re-layout edited workflows when their direction changes, and update Copilot tool routing and cache invalidation around workspace-scoped data.

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(workflows): persist workflow state to normalized tables

Store newly created and duplicated workflows through normalized tables, avoid loading workflow state for metadata-only updates, and keep the materialized state selection aware of last-synced timestamps.

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(yjs): stop deleting live sessions during cleanup

Remove the internal Yjs session-delete path, keep saved entity and workflow sessions alive when persistence fails, and trim the socket server delete handlers that only supported that cleanup flow.

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* test(trading): cache the order route handler in the test

Load the order route handler once per test run instead of re-importing it for each assertion.

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(workflows): preserve workflow variables during import and revert

Keep workflow variables in exported/imported state, remap them on JSON import, and avoid fabricating empty variables on revert when the deployment snapshot does not include them.

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(yjs): restore saved entity state from db on materialization failure

If persisting the applied Yjs snapshot fails, rehydrate the socket server state from the database so the saved entity session stays usable.

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(workflow): rename workflow metadata without republishing state

Add a rename-only workflow apply path that updates Yjs metadata directly, avoids loading full workflow state for name-only changes, and keeps the socket server and copilot workflow tool in sync.

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(indicators): carry color through copilot entity documents

Add indicator color to the copilot entity document format, preserve explicit colors on indicator upserts, and stop rewriting color during saved-entity normalization.

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* docs(changelog): add June 24 Copilot MCP branch summary

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(copilot): deny inaccessible workspaces in server tools

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(mcp): limit delivery retries when polling device login

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(yjs): restore workflow state after persistence failure

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workflows): load normalized workflow state consistently

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(yjs): preserve refresh error cause

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(mcp-auth): rate-limit device login starts per requester

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(copilot-mcp): allowlist external server tools

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* style(yjs): reformat snapshot bridge import

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(api): add shared MCP rate limiting

Extract endpoint rate-limit logic into a shared helper, apply it to the v1 middleware and copilot MCP route, and guard oversized JSON-RPC batches.

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(mcp): use configured base URLs in installer flows

Switch MCP login and install routes to the configured public base URL and quote generated shell and PowerShell scripts safely.

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* refactor(copilot): make MCP tool exposure explicit

Replace implicit tool exposure flags with an explicit MCP allow-list and update the router test coverage accordingly.

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(ui): clear help modal scroll timer

Cancel the delayed scroll effect when the help modal re-renders or unmounts to avoid stale timeouts.

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(api-key): hash stored keys and simplify auth

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* build(config): remove API_ENCRYPTION_KEY from deployment samples

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* docs(api-key): remove API_ENCRYPTION_KEY references

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* style(ui): normalize tool call and copilot route formatting

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(auth): bind MCP approval to a user challenge

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(api-key): stop exposing raw API keys in lists

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* refactor(operations): prefetch existing workspace entities during upsert

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(auth): generate MCP api keys at approval time

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(mcp): scope public MCP login starts to the deployment

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(auth): sign MCP device login codes

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* refactor(workspace): split entity writes and clean up Yjs sessions

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(workflows): load workflow state through the Yjs snapshot bridge

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(mcp): harden device login approval challenge handling

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(api): scope endpoint rate limits by endpoint type

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(mcp): ignore malformed client configs when reading tokens

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(yjs): make socket cleanup non-blocking after data mutation

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(mcp): preserve cancelled device login state

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(copilot): run accepted review before consuming token row

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(copilot): claim server tool review tokens before execution

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(mcp): derive approval tokens from device login code

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(yjs): persist deployment status from workflow state

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(mcp): rate-limit device login starts and scope approvals

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(api-key): encrypt stored API keys

Update API key creation, display, and authentication to work with encrypted storage and the new plain-key format.

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(mcp): persist device login state

Simplify the MCP start endpoint and move device-login persistence into the approval flow while keeping key issuance aligned with the new API-key helper.

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(yjs): remove DB refresh fallback after persistence failures

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(indicator): surface save failures in code panel

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(workflow): surface auto-layout failures in control bar

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(api-key): add optional API key encryption

Add API_ENCRYPTION_KEY support across app config, local compose, and Helm values, plus API-key generation and auth handling updates.

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(auth): rate-limit MCP login starts

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(yjs): bootstrap live sessions from saved snapshots

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(mcp): defer device login persistence to approval

Remove the start-time rate limit and materialize pending login rows when the approval flow first needs them.

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* refactor(copilot): require resolved review target runtime

Treat bootstrapped review targets as always having runtime state and tighten the helper imports accordingly.

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(copilot): expose mutation tools to trusted agents

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* refactor(workflows): move variable remapping into import export

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* test(yjs): cover bridge failure propagation

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(api-key): reject malformed keys before lookup

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* refactor(yjs): centralize state persistence in socket server

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(mcp): rate limit public MCP auth endpoints

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(yjs): discard idle documents after failed persistence

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* style(queue): format execution limiter test

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(workflows): sync workflow metadata through yjs state

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(api): ignore user agent in rate limit keys

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* refactor(workflows): separate editable state from deployment metadata

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(mcp): always authenticate installer sessions

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(mcp): acknowledge device login token activation

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* refactor(workflows): read editable state from Yjs sessions

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workflows): validate and persist workflow names

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* style(yjs): format workflow session tests

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(mcp): acknowledge login before config writes

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(yjs): support partial workflow patches

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(saved-entities): map duplicate names to validation errors

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workflows): load live execution state through Yjs sessions

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(yjs): rewrite variable references on replacement

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workflows): export skills from workspace store

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(mcp): reuse approved device login api key

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(yjs): skip idle persistence for clean documents

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(copilot): require explicit workflow variable removal intent

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(yjs): retry transient snapshot bridge fetches

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(yjs): clear reseed metadata after variable replacement

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(workflows): persist embedded custom tools

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workflows): surface realtime orchestration failures

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(rate-limit): fail closed for public MCP auth limits

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(copilot): rate limit public MCP requests before auth

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workflows): standardize realtime-required API responses

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(copilot): normalize MCP server header records

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workflows): sanitize agent tools during normalized saves

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workflows): require realtime state for editable workflows

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(knowledge): surface saved entity persistence errors

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workflows): surface realtime orchestration failures

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(indicators): infer input metadata from pine code

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(auth): preserve locale in MCP authorize callbacks

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(yjs): surface socket bridge snapshot errors

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(yjs): require realtime persistence for saved entities

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(monitor): refresh pages after server tool updates

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* style(monitor): apply formatting cleanup

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(mcp): use dedicated api key type

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(mcp): hydrate server configs from saved entity state

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(mcp): validate server fields consistently

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(yjs): stage apply mutations before persistence

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(yjs): scope saved entity materialization by workspace

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* refactor(api-key): use personal keys for mcp access

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(mcp): bootstrap workspaces for copilot initialize

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(mcp): sanitize copilot rpc errors

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(yjs): read saved entity state through canonical sessions

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(yjs): skip invalid saved entity list rows

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(yjs): add entity-list bootstrap sessions

Introduce Yjs-backed entity list sessions, bootstrap them from canonical rows, and update MCP/widget consumers.

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* test(socket-server): keep connected saved entity drafts on save failure

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* docs(socket-server): clarify explicit-save draft persistence

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* refactor(tradinggoose): simplify resource metadata and sorting

Remove knowledge doc counts and timestamps from list/detail presentation, normalize list ordering to alphabetical labels, and relax the related types and normalizers so missing timestamps are accepted.

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(mcp): show visible MCP servers in selectors

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(mcp): preserve server state across refreshes

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(mcp): propagate enabled state through MCP server lists

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workflows): use bootstrap state for deploy and status checks

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(mcp): synchronize server refresh and membership state

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workflows): clarify editable realtime requirement

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* test: align mocks with current imports

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(custom-tools): allow workflow-scoped lookup

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(mcp): refresh discovered tools after server mutations

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* test(socket-server): cover failed skill update on connected drafts

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(mcp): return 404 when servers are missing

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workflows): handle realtime-required workflow state errors

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(yjs): stabilize saved-entity list sync

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(api-key): require encrypted API-key storage

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(yjs): sync entity lists from saved entity writes

Keep list sessions updated through explicit member mutations and synchronize entity renames and enabled flags after persistence.\n\nCo-authored-by: Codex <codex@openai.com>\nCo-authored-by: BWJ2310 <brucewj2310@gmail.com>\nCo-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* build(config): relax API encryption key requirement

Allow the app and deployment manifests to omit API_ENCRYPTION_KEY unless API-key access or MCP token issuance is in use.\n\nCo-authored-by: Codex <codex@openai.com>\nCo-authored-by: BWJ2310 <brucewj2310@gmail.com>\nCo-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* docs(config): update API encryption key guidance

Clarify when API_ENCRYPTION_KEY is required and update the README and Helm examples to match the new optional behavior.\n\nCo-authored-by: Codex <codex@openai.com>\nCo-authored-by: BWJ2310 <brucewj2310@gmail.com>\nCo-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(mcp): persist server status and refresh metadata

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(yjs): clean up sessions before deleting entities

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* test(mcp): cover config writer targets

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(mcp): sync MCP server API with database records

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(auth): gate API key and MCP routes on storage availability

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(copilot): base review hashes on current entity state

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(yjs): keep saved entity projections in sync

Move entity list projection updates into the write path and run delete-side cleanup after the database mutation so a single side-effect failure cannot block the primary operation.\n\nCo-authored-by: Codex <codex@openai.com>\nCo-authored-by: BWJ2310 <brucewj2310@gmail.com>\nCo-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* perf(yjs): parallelize bootstrapped field reads

Fetch bootstrapped saved-entity fields concurrently and filter missing entries after the fact to reduce latency in review-target bootstrap reads.\n\nCo-authored-by: Codex <codex@openai.com>\nCo-authored-by: BWJ2310 <brucewj2310@gmail.com>\nCo-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(yjs): surface realtime-required snapshot errors

Map SavedEntityRealtimeRequiredError through snapshot bootstrapping, API handlers, and Copilot server tool error responses.

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(copilot): auto-create MCP workspaces

Ensure Copilot MCP instruction generation can create a workspace when one does not already exist.

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(knowledge): make knowledge base notifications transactional

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(yjs): persist workflow docs on live updates

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(realtime): surface realtime sync errors from saved entity writes

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* refactor(mcp): centralize workspace server creation

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(mcp): refresh tool cache when server metadata changes

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workflow): debounce live Yjs persistence

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(copilot): enforce workspace-scoped review targets

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(yjs): rollback created members on publish failure

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* refactor(mcp): rename server update action

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(yjs): keep live entity docs in sync after persistence

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(copilot): harden MCP initialize handling

Validate MCP initialize requests, reject batched initialize calls, and sanitize server-tool errors.

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* refactor(copilot): internalize entity helper utilities

Remove the unused client execution-context helper and make shared server entity helpers internal to the module.\n\nCo-authored-by: Codex <codex@openai.com>\nCo-authored-by: BWJ2310 <brucewj2310@gmail.com>\nCo-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* docs(changelog): remove stale June 24 entry

Remove the outdated changelog note for the June 24 Copilot MCP work.\n\nCo-authored-by: Codex <codex@openai.com>\nCo-authored-by: BWJ2310 <brucewj2310@gmail.com>\nCo-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* refactor(copilot): remove legacy typed server tool error path

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(mcp): remove stale MCP tool cache

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(mcp): harden MCP server workspace handling

- Require at least one accessible workspace for Copilot MCP initialization\n- Broaden MCP server update payloads while keeping validation strict\n- Limit MCP server listing to saved list members and trim names on input\n\nCo-authored-by: Codex <codex@openai.com>\nCo-authored-by: BWJ2310 <brucewj2310@gmail.com>\nCo-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(mcp): derive base URLs from request origin and acknowledge delivered retries

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(copilot): accept MCP 2025-06-18 and workflow variable errors

Support the newer initialize protocol version, fix server metadata sourcing, and surface workflow variable document errors as retryable 422s.

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(mcp): support protocol negotiation and install ack timing

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* refactor(realtime): rename editable bootstrap helpers

Rename workflow and saved-entity helper functions to reflect realtime behavior.

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workspaces): prevent deleting the last workspace

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workspaces): move bootstrap to signup and refresh MCP tools

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workspaces): create default workspace when user has none

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(stores): clear react query cache during user data reset

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workspaces): stop auto-creating workspaces on read

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workflows): remap duplicate block references in sub-blocks

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(api-key): validate encryption key availability

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(query-provider): use browser-scoped query client

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(workspace): create default workspace for root entry

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(workspaces): bootstrap default workspace for MCP users

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(mcp): use configured app URL for auth and install flows

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(mcp): support MCP 2025-06-18 negotiation

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(api-key): handle unconfigured storage consistently

Return a consistent error when API-key storage is unavailable, short-circuit matching helpers, cover the behavior in tests, and rename the MCP setup key label to match the personal API key flow.

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(mcp): normalize protocol negotiation and JSON-RPC handling

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workflows): return conflict when editable workflow state is missing

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(mcp): allow disabled server drafts without a url

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(mcp): align server mutations with realtime review sessions

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* docs(changelog): add June 28 2026 staging changelog

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(mcp): tolerate cleanup failures after MCP server delete

Delete the database record first, then run realtime cleanup as a best-effort follow-up so cleanup failures do not block a successful delete.

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(api-key): reject legacy stored api-key rows

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* docs(readme): add Copilot-MCP setup instructions

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(workflows): persist workflow state through Yjs materialization

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workflows): persist auto-layout durably

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* test: stabilize workflow and heatmap assertions

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(copilot): surface entity enabled state and tighten rename validation

Update shared entity list contracts to carry enabled state and make rename payloads strict.

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(mcp): compare device login hashes in constant time

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(yjs): preserve workflow bootstrap and persistence guards

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

---------

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
* feat(yjs): sync entity list widgets through realtime snapshots

Rebuild list widgets from Yjs entity-list snapshots and propagate workflow list mutations back into realtime state.\n\nCo-authored-by: Codex <codex@openai.com>\nCo-authored-by: BWJ2310 <brucewj2310@gmail.com>\nCo-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(yjs): propagate workflow folder ids through list sessions

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(naming): generate available default names for new entities

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* refactor(workflow-tree): remove unused folder tree props

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(indicators): sync color metadata through Yjs entity lists

Propagate indicator color through Yjs entity-list synchronization and use existing names when creating indicators.

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* refactor(mcp): route server renames through saved entity fields

Remove the dedicated MCP rename route and update the widget/store path to use the shared saved-entity field editor.

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(folders): promote direct children on folder delete

Delete a folder by moving its direct child folders and workflows up one level, and update the store and UI copy to match.

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workflows): make cleanup notifications best-effort

Treat workflow list publication and delete cleanup as best-effort so request success is not blocked by socket-server follow-up work.

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(tradinggoose): use DB-backed custom tool and entity updates

Move custom tool resolution, skill lookup, folder promotion, and realtime invalidation onto direct DB/query-client paths.

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workflows): decouple folder changes from metadata sync

Remove folderId from workflow metadata and Yjs persistence, then handle workflow folder reassignment separately in the workflow and folder routes.

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(yjs): refresh MCP servers after entity updates

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* refactor(yjs): share entity sessions and simplify editor selection

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(workflows): hydrate workflow list from entity metadata

Use workflow entity seeds for rename and duplicate actions, and stop mirroring list data into the registry.

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(editors): default unlinked editors to first entity

When an editor widget is not tied to a color pair and has no explicit selection, use the first available entity instead of leaving the panel empty.

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(list-mcp): select new servers after entity hydration

Defer server selection until the entity list contains the new server, and clear stale selections when the current server disappears from the workspace list.

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(entity-list): keep entity list sessions aligned with db

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(widgets): remove stale selection reset effects

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workflows): sync workflow list members through realtime helpers

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* refactor(widgets): source editor selectors from yjs entity lists

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(yjs): keep workflow mutations durable on socket errors

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* refactor: rename persisted helper APIs

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(widgets): validate requested editor entities

Handle unknown requested custom tools, indicators, and skills after the entity lists finish loading, and keep the loading state active while those lists resolve.

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(yjs): reseed live entity-list sessions on upgrade

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workflow-list): keep widget selection local

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workflows): require realtime sync for list projections

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workflows): make live list sync best effort

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(yjs): skip sync wait for read providers

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(widgets): keep requested ids and selections in sync

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(execution): respect deployed context for saved entities

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* refactor(widgets): simplify workflow list hydration

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workflows): hydrate and validate active workflow selection

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(widgets): handle missing requested editor entities

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(agent): pass deployed context through MCP tool discovery

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workflow): tolerate missing workflow-linked entities

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workflows): remove stale workflow cache

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workflows): persist folder metadata through yjs sync

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(widgets): clear stale selection after list updates

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(mcp): default deployed discover context

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(yjs): retry failed entity lists on reopen

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(folders): apply workflow metadata before delete

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(widgets): stop auto-selecting the first workflow

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* refactor(workflows): decouple list-member sync from yjs snapshots

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(yjs): drop rollback handling for entity publishes

Remove the rollback callback and DB cleanup from live member publishes.

Snapshot reads now swallow bridge errors because DB-seeded projections repair missed live publishes.

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* refactor(yjs): reseed entity lists from db snapshots

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(yjs): surface workflow descriptions in entity lists

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(yjs): surface realtime-required errors for list refreshes

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* refactor(workflow): simplify workflow session fallback handling

Remove the automatic workflow fallback and make projection refresh errors non-fatal so widgets rely on explicit workflow state.

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* refactor(workflows): remove marketplace publishing state

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(yjs): expose entity descriptions to dropdown search

Add skill and custom tool descriptions to entity list loading so dropdowns can search by description, and wire both dropdowns to surface and match on that field.

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workflows): search descriptions and preserve duplicate source

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* refactor(workflow-selection): remove widget-scoped selection syncing

Consolidate workflow selection persistence around panel-scoped events and shared params.

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workflow-widgets): resolve widget workflows through shared state

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(i18n): remove obsolete workflow auth copy

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(ai): mark tool execution as deployed context

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(ai): preserve deployed context flag

Propagate the deployed-context flag through agent execution into provider requests and keep the existing true default for direct tool execution.

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* refactor(tradinggoose): replace MCP server store with entity list state

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(mcp): refresh tool list after server edits

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(indicator-list): open source session read-only

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(mcp): invalidate discovery cache on refresh

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(yjs): enforce access mode on websocket sync

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* refactor(ui): remove redundant delete selection resets

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* docs(changelog): add July 1 branch summary

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(yjs): sync MCP server metadata in entity lists

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workflow): preserve color-pair workflow selection default

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(mcp): retry server list and keep selected status

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(widgets): clear selection after deleting list items

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(yjs): surface entity-list refresh failures

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(yjs): discard stale entity-list projections

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workflow-list): use shared widget state for routing

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* test(yjs): update snapshot bridge failure coverage

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(yjs): reopen disposable read sessions

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(tradinggoose): surface entity lookup failures

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(tradinggoose): queue entity selections until listed

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(agent): fail agent blocks when tool hydration fails

Reject null tool hydration instead of silently shrinking the selected toolset, and cover the behavior with a regression test plus changelog note.

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(widgets): keep explicit entity ids exact

Co-authored-by: Codex <codex@openai.com>\nCo-authored-by: BWJ2310 <brucewj2310@gmail.com>\nCo-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* docs(changelog): document entity selection validation

Co-authored-by: Codex <codex@openai.com>\nCo-authored-by: BWJ2310 <brucewj2310@gmail.com>\nCo-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(yjs): keep shared sessions retrying until live

Retry failed shared Yjs opens on the same 1s cadence as write-session token rotation, remove the now-redundant manual retry plumbing from widgets, and keep workflow selection explicit.

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* docs(changelog): note shared Yjs and workflow retry behavior

Document the workflow selection rule and the shared Yjs session reopen behavior so the July 1 changelog matches the code change.

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(workflow-list): sort workflows newest-first

Seed list members with createdAt from the database and preserve it through Yjs sessions so the workflow widget can render the list in reverse chronological order.

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* docs(changelog): note workflow list newest-first ordering

Document that workflow list members now retain createdAt in the Yjs projection so the widget can render newest-first.

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* docs(yjs): clarify live list snapshot freshness

Document the DB-fresh bootstrap path for live entity-list snapshots, the eventual-consistency caveat for write-mode provider docs, and the changelog note.

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* refactor(tools): move async tool lookup to package entrypoint

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workflow): stabilize workflow hydration on dashboard load

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(yjs): ignore missing saved entities during bootstrap

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* refactor(workflows): resolve workflow state from routed session

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(yjs): serialize entity list reseeds

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workflow): remove registry-backed workflow activation

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* refactor(workflows): remove active-workflow coupling

Make workflow state reads explicit by workflow ID instead of inferring the active workflow from channel context. This removes the registry fallback helpers, updates trigger pollers to read from their own workflow context, and simplifies the deployment/example UI plumbing.

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workflow): source workflow options from entity metadata

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* refactor(workflows): remove template handling from deletions

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* refactor(skills): remove the redundant skills store

Move SkillDefinition into lib/skills, switch skill consumers to entity lists, and fetch skills directly during workflow JSON export.

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workflow): sort workflows by newest createdAt

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(tradinggoose): stabilize MCP and workflow state

Co-authored-by: Codex <codex@openai.com>

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* refactor(tradinggoose): read entity lists from the database

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(yjs): keep read sessions visible while reopening

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(entity-session): rename seedEntityListSession to replaceEntityListSessionMembers for clarity

* feat(skills): support live skill listings

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(yjs): keep shared session errors visible

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* refactor(tradinggoose): remove template subsystem

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* docs(changelog): refresh July 1 entry

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workspace): list live skills and custom tools

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(indicators): source list data from saved entity state

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* build(db): add migration 0037_familiar_killraven

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workflows): preserve populated workflow lists during load failures

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* feat(indicators): derive custom indicator input metadata from pine code

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(yjs): ignore invalid MCP servers and clear stale list errors

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(agent): skip unavailable agent tools during hydration

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(skills): skip missing skill metadata entries

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(yjs): preserve live entity-list snapshots

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(yjs): reseed entity-list snapshots and preserve errors

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(widgets): persist resolved entity ids and scope workflow events

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(widgets): handle stale requested selections without false errors

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* refactor(workflows): remove obsolete workflow store layer

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(widgets): persist resolved list entity ids

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(executor): fail when selected agent resources cannot resolve

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(widgets): reject stale entity selections before fallback

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(widgets): remove redundant selection sync

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(control-bar): sync deployment status from API

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* test(indicators): rename custom option fixture

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(socket-server): serve live entity-list snapshots on reseed failure

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(entities): use canonical DB membership for server lists

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(yjs): sort entity list members deterministically

Ensure entity-backed lists are ordered before mapping them to UI rows.

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(mcp): list servers from persisted records

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(widgets): require explicit selection scopes

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(yjs): stabilize entity list member ordering

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workflows): surface workflow list load errors

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workflow-list): select header-created workflows directly

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* docs(widgets): document entity selection fallback policy

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* test(widgets): cover entity selection fallback rules

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(workflows): keep workflow-list refresh best-effort

Move workflow-list refresh out of the workflow creation/duplication transaction cleanup path so committed workflow rows are not rolled back if projection refresh fails. Make the helper swallow refresh lookup/projection errors after logging them, and add tests for the best-effort behavior.

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(agent): fail fast when selected dependencies are missing

Align agent tool and skill resolution with startup-time validation, and cover the missing-tool case in tests.

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* style(tradinggoose): normalize formatting and import order

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* refactor(yjs): inline live entity list field loading

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

* fix(agent): skip unavailable agent tools and skills

Co-authored-by: BWJ2310 <brucewj2310@gmail.com>

Co-authored-by: BWJ2310-backup <jun.1216.wei@gmail.com>

---------

Co-authored-by: Codex <codex@openai.com>
Co-authored-by: BWJ2310 <brucewj2310@gmail.com>
Add an *i18n:catalog* CLI that scans route or full-app entry graphs,
resolves route ownership, and reports used keys, missing keys, orphaned
keys, locale gaps, and hardcoded copy candidates.

Cover the scanner with fixture-heavy tests for entry discovery, route
resolution, namespace ownership, dynamic copy access, and hardcoded
metadata detection. Strengthen *public-copy* tests to preserve landing
array shapes and keep locale catalog structures aligned.

Update *type-check* to run *next typegen* first and use the dedicated
*tsconfig.typecheck.json* so generated Next route types are included in
type validation.
@greptile-apps

greptile-apps Bot commented Jul 6, 2026

Copy link
Copy Markdown
Contributor

Too many files changed for review. (723 files found, 500 file limit)

@agualdron agualdron closed this Jul 6, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants