Timmy-time-dashboard

perplexity/Timmy-time-dashboard

Archived

Fork 0

forked from Rockachopa/Timmy-time-dashboard

Commit Graph

Author	SHA1	Message	Date
Alexander Whitestone	ae3bb1cc21	feat: code quality audit + autoresearch integration + infra hardening (#150 )	2026-03-08 12:50:44 -04:00
Alexander Whitestone	fd0ede0d51	feat: auto-escalation system + agentic loop fixes (#149 ) (#149 ) Wire up automatic error-to-task escalation and fix the agentic loop stopping after the first tool call. Auto-escalation: - Add swarm.task_queue.models with create_task() bridge to existing task queue SQLite DB - Add swarm.event_log with EventType enum, log_event(), and SQLite persistence + WebSocket broadcast - Wire capture_error() into request logging middleware so unhandled HTTP exceptions auto-create [BUG] tasks with stack traces, git context, and push notifications (5-min dedup window) Agentic loop (Round 11 Bug #1): - Wrap agent_chat() in asyncio.to_thread() to stop blocking the event loop (fixes Discord heartbeat warnings) - Enable Agno's native multi-turn tool chaining via show_tool_calls and tool_call_limit on the Agent config - Strengthen multi-step continuation prompts with explicit examples Co-authored-by: Trip T <trip@local> Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-08 03:11:14 -04:00
Alexander Whitestone	3a8496a3f1	feat: add security middleware suite - CSRF, security headers, and request logging (#102 ) Implements three security middleware components with full test coverage: - CSRF Protection: Token generation/validation, safe method allowlist, auto-exempt webhooks, constant-time comparison for timing attack prevention - Security Headers: X-Content-Type-Options, X-Frame-Options, CSP, Permissions-Policy, Referrer-Policy, HSTS (production) - Request Logging: Method/path/status/duration logging with correlation IDs, configurable path exclusions, X-Forwarded-For support Also fixes Discord test isolation issue where settings.discord_token was not being properly reset between tests. New files: - src/dashboard/middleware/{csrf,security_headers,request_logging}.py - tests/dashboard/middleware/test_{csrf,security_headers,request_logging}.py Addresses design review recommendations R3, R8, R9, R4. All tests pass: 1950 passed, 40 skipped Co-authored-by: Alexander Payne <apayne@MM.local>	2026-02-28 23:21:09 -05:00

Author

SHA1

Message

Date

Alexander Whitestone

ae3bb1cc21

feat: code quality audit + autoresearch integration + infra hardening (#150 )

2026-03-08 12:50:44 -04:00

Alexander Whitestone

fd0ede0d51

feat: auto-escalation system + agentic loop fixes (#149 ) (#149 )

Wire up automatic error-to-task escalation and fix the agentic loop
stopping after the first tool call.

Auto-escalation:
- Add swarm.task_queue.models with create_task() bridge to existing
  task queue SQLite DB
- Add swarm.event_log with EventType enum, log_event(), and SQLite
  persistence + WebSocket broadcast
- Wire capture_error() into request logging middleware so unhandled
  HTTP exceptions auto-create [BUG] tasks with stack traces, git
  context, and push notifications (5-min dedup window)

Agentic loop (Round 11 Bug #1):
- Wrap agent_chat() in asyncio.to_thread() to stop blocking the
  event loop (fixes Discord heartbeat warnings)
- Enable Agno's native multi-turn tool chaining via show_tool_calls
  and tool_call_limit on the Agent config
- Strengthen multi-step continuation prompts with explicit examples

Co-authored-by: Trip T <trip@local>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>

2026-03-08 03:11:14 -04:00

Alexander Whitestone

3a8496a3f1

feat: add security middleware suite - CSRF, security headers, and request logging (#102 )

Implements three security middleware components with full test coverage:

- CSRF Protection: Token generation/validation, safe method allowlist,
  auto-exempt webhooks, constant-time comparison for timing attack prevention

- Security Headers: X-Content-Type-Options, X-Frame-Options, CSP,
  Permissions-Policy, Referrer-Policy, HSTS (production)

- Request Logging: Method/path/status/duration logging with correlation IDs,
  configurable path exclusions, X-Forwarded-For support

Also fixes Discord test isolation issue where settings.discord_token
was not being properly reset between tests.

New files:
- src/dashboard/middleware/{csrf,security_headers,request_logging}.py
- tests/dashboard/middleware/test_{csrf,security_headers,request_logging}.py

Addresses design review recommendations R3, R8, R9, R4.

All tests pass: 1950 passed, 40 skipped

Co-authored-by: Alexander Payne <apayne@MM.local>

2026-02-28 23:21:09 -05:00

3 Commits