stargue-publishing-engine

admin/stargue-publishing-engine

Fork 0

Commit Graph

Author	SHA1	Message	Date
Angelo B. J. Luidens	c73b7e4aad	Stage 2 partial: migrations + middleware + authz + API contracts What ships (verifiable without live DB, 64 new tests): - db/migrations/0000_initial_schema.sql (Drizzle-generated, 7 tables) + .down.sql + registry entry - db/migrations/rehearse.ts: forward-then-rollback round-trip with row-count hash check (DoD 2.2) - infra/docker-compose.yml: postgres 17 + redis 7 + openobserve for local dev (5433/6380/5080) - packages/schema/src/rate-limit.ts: pluggable store; 4 tests including 21st-of-20 reject (DoD 2.4) - packages/schema/src/csrf.ts: HMAC double-submit token; 8 tests covering forgery + tamper + malformed - packages/schema/src/authz.ts: 3-role Cerbos-equivalent rules (operator/approver/viewer); 6 tests - packages/schema/src/api-contracts.ts: Zod schemas for /api/content, /api/approvals, /api/publications, /api/feature-flags + idempotencyKeyOf; 11 tests What defers to live-DB session: - 2.3 admin route handlers integration tests (401/403/200/422 contract suite) - 2.2 actual rehearsal execution against staging DB Total: 79/79 tests pass across 9 files in 4 packages. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-26 12:54:04 -04:00
Angelo B. J. Luidens	1dc1a1a07a	Stage 0: governance scaffolding + monorepo bootstrap Phase 1 foundation for the Stargue Publishing Engine (plan v2, BMAD panel-reviewed 2026-04-19 — 1 APPROVE, 6 REVISE, 0 REJECT; all principles >=3). - Governance doctrine adopted from DQMS (.clinerules/12-foundational-principles.md, .claude/hooks/gate-plan-exit.sh, .claude/skills/bmad-plan/SKILL.md) - Bun workspaces + Turbo; apps/{mcp-linkedin,scheduler,admin}; packages/{schema,sanitize,linkedin-client,observability} - Drizzle schema (content, publications, approvals, metrics, linkedin_tokens, audit, outlet_feature_flags) with idempotency_key UNIQUE and kill-switch table per TEA/dev panel revisions - LinkedIn API canon: Posts API /rest/posts (not legacy UGC); OAuth auth-code without PKCE; secretbox (not sealed-box); Community Management API as separate approval gate from MDP - Frontmatter Zod schema (status, language, outlets[], sanitize, scheduled, version) - Pino observability with PII redaction - Expand-then-contract migration runbook - Plan + panel verdicts mirrored to docs/plans/ - Deferred gates logged (Dokploy PaaS verification, LinkedIn Dev Portal app registration) bun install + bun run typecheck both exit 0 across 11 workspaces. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-19 07:22:07 -04:00

Author

SHA1

Message

Date

Angelo B. J. Luidens

c73b7e4aad

Stage 2 partial: migrations + middleware + authz + API contracts

What ships (verifiable without live DB, 64 new tests):
- db/migrations/0000_initial_schema.sql (Drizzle-generated, 7 tables) + .down.sql + registry entry
- db/migrations/rehearse.ts: forward-then-rollback round-trip with row-count hash check (DoD 2.2)
- infra/docker-compose.yml: postgres 17 + redis 7 + openobserve for local dev (5433/6380/5080)
- packages/schema/src/rate-limit.ts: pluggable store; 4 tests including 21st-of-20 reject (DoD 2.4)
- packages/schema/src/csrf.ts: HMAC double-submit token; 8 tests covering forgery + tamper + malformed
- packages/schema/src/authz.ts: 3-role Cerbos-equivalent rules (operator/approver/viewer); 6 tests
- packages/schema/src/api-contracts.ts: Zod schemas for /api/content, /api/approvals, /api/publications, /api/feature-flags + idempotencyKeyOf; 11 tests

What defers to live-DB session:
- 2.3 admin route handlers integration tests (401/403/200/422 contract suite)
- 2.2 actual rehearsal execution against staging DB

Total: 79/79 tests pass across 9 files in 4 packages.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-04-26 12:54:04 -04:00

Angelo B. J. Luidens

1dc1a1a07a

Stage 0: governance scaffolding + monorepo bootstrap

Phase 1 foundation for the Stargue Publishing Engine (plan v2, BMAD
panel-reviewed 2026-04-19 — 1 APPROVE, 6 REVISE, 0 REJECT; all principles >=3).

- Governance doctrine adopted from DQMS
  (.clinerules/12-foundational-principles.md,
  .claude/hooks/gate-plan-exit.sh, .claude/skills/bmad-plan/SKILL.md)
- Bun workspaces + Turbo; apps/{mcp-linkedin,scheduler,admin};
  packages/{schema,sanitize,linkedin-client,observability}
- Drizzle schema (content, publications, approvals, metrics,
  linkedin_tokens, audit, outlet_feature_flags) with idempotency_key
  UNIQUE and kill-switch table per TEA/dev panel revisions
- LinkedIn API canon: Posts API /rest/posts (not legacy UGC); OAuth
  auth-code without PKCE; secretbox (not sealed-box); Community
  Management API as separate approval gate from MDP
- Frontmatter Zod schema (status, language, outlets[], sanitize,
  scheduled, version)
- Pino observability with PII redaction
- Expand-then-contract migration runbook
- Plan + panel verdicts mirrored to docs/plans/
- Deferred gates logged (Dokploy PaaS verification, LinkedIn Dev
  Portal app registration)

bun install + bun run typecheck both exit 0 across 11 workspaces.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-04-19 07:22:07 -04:00

2 Commits