stargue-publishing-engine

admin/stargue-publishing-engine

Fork 0

Commit Graph

Author	SHA1	Message	Date
Angelo B. J. Luidens	7aa3137a91	Stage 3 partial: LinkedIn MCP server (OAuth, 9 tools, kill-switch, refresh lock) What ships (testable without live LinkedIn, 27 new tests): - apps/mcp-linkedin/src/oauth.ts: auth URL builder + HMAC-signed state validation (CSRF + tamper + expiry) - apps/mcp-linkedin/src/refresh-lock.ts: advisory-lock helper for token rotation (Plan TEA gap 3); concurrency test verifies 4 attempts → 1 succeeds + 3 denied - apps/mcp-linkedin/src/kill-switch.ts: 30s-cached feature-flag query (Plan Objective 8 + TEA gap 10) - apps/mcp-linkedin/src/tools.ts: 9 Zod tool schemas matching Plan §3.2 (whoami, auth_status, create_post, create_article, upload_media, create_post_with_media, delete_post, get_post_metrics, get_profile_stats) - apps/mcp-linkedin/src/server.ts: validateToolCall + outletForAuthorUrn pure helpers What defers to live-LinkedIn session (gate 0.9): - 3.1 OAuth round-trip with real auth URL → callback → token row - 3.4-3.7 Live throwaway test posts + delete-within-5min audit - 3.9 Fail-safe halt with Telegram webhook - 3.12 MCP stdio transport wired to @modelcontextprotocol/sdk 106/106 tests pass across all packages and apps. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-26 12:57:00 -04:00
Angelo B. J. Luidens	1dc1a1a07a	Stage 0: governance scaffolding + monorepo bootstrap Phase 1 foundation for the Stargue Publishing Engine (plan v2, BMAD panel-reviewed 2026-04-19 — 1 APPROVE, 6 REVISE, 0 REJECT; all principles >=3). - Governance doctrine adopted from DQMS (.clinerules/12-foundational-principles.md, .claude/hooks/gate-plan-exit.sh, .claude/skills/bmad-plan/SKILL.md) - Bun workspaces + Turbo; apps/{mcp-linkedin,scheduler,admin}; packages/{schema,sanitize,linkedin-client,observability} - Drizzle schema (content, publications, approvals, metrics, linkedin_tokens, audit, outlet_feature_flags) with idempotency_key UNIQUE and kill-switch table per TEA/dev panel revisions - LinkedIn API canon: Posts API /rest/posts (not legacy UGC); OAuth auth-code without PKCE; secretbox (not sealed-box); Community Management API as separate approval gate from MDP - Frontmatter Zod schema (status, language, outlets[], sanitize, scheduled, version) - Pino observability with PII redaction - Expand-then-contract migration runbook - Plan + panel verdicts mirrored to docs/plans/ - Deferred gates logged (Dokploy PaaS verification, LinkedIn Dev Portal app registration) bun install + bun run typecheck both exit 0 across 11 workspaces. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-19 07:22:07 -04:00

Author

SHA1

Message

Date

Angelo B. J. Luidens

7aa3137a91

Stage 3 partial: LinkedIn MCP server (OAuth, 9 tools, kill-switch, refresh lock)

What ships (testable without live LinkedIn, 27 new tests):
- apps/mcp-linkedin/src/oauth.ts: auth URL builder + HMAC-signed state validation (CSRF + tamper + expiry)
- apps/mcp-linkedin/src/refresh-lock.ts: advisory-lock helper for token rotation (Plan TEA gap 3); concurrency test verifies 4 attempts → 1 succeeds + 3 denied
- apps/mcp-linkedin/src/kill-switch.ts: 30s-cached feature-flag query (Plan Objective 8 + TEA gap 10)
- apps/mcp-linkedin/src/tools.ts: 9 Zod tool schemas matching Plan §3.2 (whoami, auth_status, create_post, create_article, upload_media, create_post_with_media, delete_post, get_post_metrics, get_profile_stats)
- apps/mcp-linkedin/src/server.ts: validateToolCall + outletForAuthorUrn pure helpers

What defers to live-LinkedIn session (gate 0.9):
- 3.1 OAuth round-trip with real auth URL → callback → token row
- 3.4-3.7 Live throwaway test posts + delete-within-5min audit
- 3.9 Fail-safe halt with Telegram webhook
- 3.12 MCP stdio transport wired to @modelcontextprotocol/sdk

106/106 tests pass across all packages and apps.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-04-26 12:57:00 -04:00

Angelo B. J. Luidens

1dc1a1a07a

Stage 0: governance scaffolding + monorepo bootstrap

Phase 1 foundation for the Stargue Publishing Engine (plan v2, BMAD
panel-reviewed 2026-04-19 — 1 APPROVE, 6 REVISE, 0 REJECT; all principles >=3).

- Governance doctrine adopted from DQMS
  (.clinerules/12-foundational-principles.md,
  .claude/hooks/gate-plan-exit.sh, .claude/skills/bmad-plan/SKILL.md)
- Bun workspaces + Turbo; apps/{mcp-linkedin,scheduler,admin};
  packages/{schema,sanitize,linkedin-client,observability}
- Drizzle schema (content, publications, approvals, metrics,
  linkedin_tokens, audit, outlet_feature_flags) with idempotency_key
  UNIQUE and kill-switch table per TEA/dev panel revisions
- LinkedIn API canon: Posts API /rest/posts (not legacy UGC); OAuth
  auth-code without PKCE; secretbox (not sealed-box); Community
  Management API as separate approval gate from MDP
- Frontmatter Zod schema (status, language, outlets[], sanitize,
  scheduled, version)
- Pino observability with PII redaction
- Expand-then-contract migration runbook
- Plan + panel verdicts mirrored to docs/plans/
- Deferred gates logged (Dokploy PaaS verification, LinkedIn Dev
  Portal app registration)

bun install + bun run typecheck both exit 0 across 11 workspaces.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-04-19 07:22:07 -04:00

2 Commits