chore(submodules): sync HiRAG and BotZ gateway pointers#11
Merged
POWERFULMOVES merged 2 commits intoPMOVES.AI-Edition-Hardenedfrom Mar 2, 2026
Merged
chore(submodules): sync HiRAG and BotZ gateway pointers#11POWERFULMOVES merged 2 commits intoPMOVES.AI-Edition-Hardenedfrom
POWERFULMOVES merged 2 commits intoPMOVES.AI-Edition-Hardenedfrom
Conversation
|
You have reached your Codex usage limits for code reviews. You can see your limits in the Codex usage dashboard. |
… codex/nested-pointer-sync
POWERFULMOVES
added a commit
that referenced
this pull request
Apr 19, 2026
…gration (#12) * Remove Docusaurus documentation system Remove the standalone Docusaurus documentation website to simplify the project structure and reduce maintenance overhead. Changes: - Delete /docs directory (480MB freed) containing all Docusaurus files - Remove docker-compose.docs.yml (optional docs service) - Remove ARCHON_DOCS_PORT from .env.example - Update .github/workflows/release-notes.yml (remove docs section) - Update .github/test-release-notes.sh (remove docs section) Preserved: - Project documents feature (archon-ui-main/src/features/projects/documents/) - Backend document service (python/src/server/services/projects/document_service.py) - Project documents API endpoints (/api/projects/{id}/docs) Benefits: - Eliminates redundancy (content duplicated in /PRPs/ai_docs/) - Reduces complexity (removes 480MB dependencies and configuration) - Simplifies deployment (eliminates optional Docker service on port 3838) - Lowers maintenance burden (single documentation source) All validation tests passed: ✓ File system validation ✓ Backend imports verification ✓ Docker Compose integration testing ✓ CI/CD workflow validation ✓ Project documents API still functional 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> * Add OpenRouter embeddings support Implements OpenRouter as an embedding provider option, enabling access to multiple embedding models (OpenAI, Google Gemini, Qwen3, Mistral) through a single API key. Backend changes: - Add validate_openrouter_api_key() for API key validation (sk-or-v1- format) - Add OpenRouterErrorAdapter for error sanitization - Add openrouter to valid providers in llm_provider_service - Create openrouter_discovery_service with hardcoded model list - Create /api/openrouter/models endpoint for model discovery - Register OpenRouter router in FastAPI main app Frontend changes: - Create openrouterService.ts for model discovery API client - Add OpenRouter to RAGSettings.tsx provider options - Configure default models with provider prefix (openai/text-embedding-3-small) - Add OpenRouter to embedding-capable providers list Documentation: - Update .env.example with OPENROUTER_API_KEY documentation 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> * Add unit tests for OpenRouter model discovery Tests cover: - Model list validation (non-empty, valid types) - Provider prefix validation (all models have provider/) - Data validation (positive dimensions, non-negative pricing) - Provider validation (valid provider names) - Specific provider models (OpenAI, Qwen) - Model ID validation (requires prefix) All 11 tests passing. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> * Fix embedding provider grid to fit all providers in one line Changed grid-cols-3 to grid-cols-4 for embedding provider selection so all 4 embedding-capable providers (OpenAI, Google, OpenRouter, Ollama) fit on one line, matching the chat provider layout. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> * Fix credential_service to recognize OpenRouter as embedding provider Added 'openrouter' to embedding_capable_providers set in credential_service.py to prevent it from being rejected and falling back to OpenAI. Fixes: 'Invalid embedding provider openrouter doesn't support embeddings' error 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> * Address CodeRabbit review: Improve openrouterService robustness 1. Lazy initialization of baseUrl via getBaseUrl() method - Allows API URL to be updated at runtime without stale URL issues 2. Runtime validation of API response structure - Validates embedding_models array exists before caching - Prevents invalid responses from being cached Addresses CodeRabbit nitpick comments on PR coleam00#852 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> * Delete PRPs/openrouter-embeddings-support.md * Add robust cache validation with type guards in openrouterService Implemented comprehensive validation to prevent crashes from corrupted cache: - Created isCacheEntry() type guard to validate cache structure - Parse JSON into unknown type (TypeScript strict mode compliant) - Validate timestamp is number and data has OpenRouterModelListResponse shape - Validate each model has all required fields with correct types - Remove corrupted cache entries to avoid repeated failures - No 'any' types used, full strict mode compliance Prevents crashes from malformed cache data while maintaining type safety. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> * Add comprehensive API response validation in discoverModels Enhanced validation to catch malformed responses early: - Validate total_count is non-negative number - Verify total_count matches embedding_models.length - Validate first model has required fields (id, provider, dimensions) - Check dimensions are positive numbers - Validate provider names are from expected set - Provide specific error messages for each validation failure Prevents caching invalid data and provides better debugging information. Addresses CodeRabbit nitpick comment on PR coleam00#852 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> * Update README for Supabase service role key instructions (coleam00#836) * chore(security): add CODEOWNERS and Dependabot configuration Adds repository security files: - CODEOWNERS for PR review routing - dependabot.yml for automated security updates 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * feat(hardened): Add nested submodule integrations for standalone operation - Add .gitmodules with 7 nested integrations: - PMOVES-Agent-Zero (agent orchestration) - PMOVES-BoTZ (MCP tools) - PMOVES-HiRAG (knowledge retrieval) - PMOVES-Deep-Serch (deep research) - docling (document processing) - PMOVES-BotZ-gateway (MCP gateway) - PMOVES-tensorzero (TensorZero client) - Fix PydanticAI Agent initialization (remove invalid result_type parameter) Enables Archon to run standalone with PMOVES.AI service connections. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * feat(pmoves): add Claude Code MCP adapter for PMOVES.AI integration New module: python/pmoves_mcp/ - claude_code_adapter.py: Async MCP adapter for Claude Code CLI - __init__.py: Module exports Features: - Execute TAC slash commands via Agent Zero's MCP interface - ClaudeCodeMCPAdapter with async httpx client - CommandResult dataclass for structured responses - ARCHON_MCP_TOOLS registration for Archon integration Available commands through adapter: - /search:hirag, /search:supaserch, /search:deepresearch - /health:check-all, /health:metrics - /agents:status, /agents:mcp-query - /deploy:smoke-test, /deploy:services, /deploy:up - /botz:init, /botz:profile, /botz:mcp, /botz:secrets 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: Restore fail-fast behavior for API key validation in upload - Remove HTTPException catch that was allowing uploads to proceed with invalid credentials - Aligns with beta guidelines: authentication failures should halt execution - Addresses code review feedback from PR #1 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * chore(deps): Update uv.lock with dependency revisions - Bump revision from 1 to 3 - Add upload-time fields for PyPI packages - Sync with latest uv dependency resolution 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * feat(observability): add Prometheus metrics endpoint Add /metrics endpoint for Prometheus scraping with: - HTTP request counter (by method, endpoint, status) - HTTP request duration histogram - Knowledge operations counter - MCP commands execution counter 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * feat(search): Add Hi-RAG v2 semantic expansion to keyword extraction - Add optional Hi-RAG v2 integration for knowledge-aware keyword discovery - Enable semantic keyword expansion via PMOVES knowledge graph - Add hirag_url parameter to KeywordExtractor for knowledge graph queries - Improves search relevance with ontology-driven term expansion 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * feat(pmoves-ai): Add PMOVES.AI integration patterns (#3) * feat(pmoves-ai): Add PMOVES.AI integration patterns - Add CHIT secrets manifest (chit/secrets_manifest_v2.yaml) - Add tier-based environment loading (env.shared, env.tier-agent.sh) - Add health check module (pmoves_health/) - Add NATS service announcer (pmoves_announcer/) - Add service registry client (pmoves_registry/) - Add Docker Compose YAML anchors (docker-compose.pmoves.yml) - Add integration documentation (PMOVES.AI_INTEGRATION.md) 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix(integration): Apply Phase 1 critical bug fixes - Fix deprecated datetime.utcnow() → datetime.now(timezone.utc) - Fix YAML environment merge (list → map for proper merging) - Fix health check decorator accumulation bug - Fix health endpoint status codes (return 503 when unhealthy) - Remove APP/UI tiers (stick to 6-tier architecture) - Fix resource leaks in NATS connections (try/finally) * fix(security): Remove hardcoded credential defaults - Neo4j: Remove neo4j:neo4j default credentials - MinIO: Remove minioadmin:minioadmin default credentials - ClickHouse: Remove tensorzero:tensorzero default credentials - Fix typo: export_CACHE_TTL → export CACHE_TTL Empty defaults now require explicit configuration for production use. * refactor(code-quality): Phase 3 & 4 improvements Phase 3: Code Quality - Add pmoves_common shared types module (ServiceTier, HealthStatus) - Update ServiceTier imports with fallback to shared module - Remove duplicate ServiceTier enum definitions Phase 4: Documentation - Add comprehensive module docstrings to all integration modules - Create .coderabbit.yaml for automated PR reviews - Enable reviews on feat/* and fix/* branches - Set docstring coverage target to 80% This reduces code duplication and improves type consistency across the PMOVES.AI ecosystem. --------- Co-authored-by: POWERFULMOVES <POWERFULMOVES@users.noreply.github.com> Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com> * chore: Add GitHub Actions workflows and update submodule SHAs - Add CI/CD workflows: ci.yml, claude-fix.yml, claude-review.yml, release-notes.yml - Update submodule references to latest commits 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix(pr): Address CodeRabbit review issues - Fix dependabot.yml: Point pip to /python, npm to /archon-ui-main - Add branch = main to docling submodule in .gitmodules - Add prometheus-client>=0.20.0 to all dependency group 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * feat: Sync main to hardened - MCP adapter, CODEOWNERS, nested submodules, persona service Syncs 4 commits from main to PMOVES.AI-Edition-Hardened: - Claude Code MCP adapter for PMOVES.AI integration - CODEOWNERS configuration (security) - Nested submodule integrations for standalone operation - Persona service and API routes for agent creation Includes CodeRabbit review fixes: - Fixed route ordering (/thread-types before /{persona_id}) - Added proper error handling and validation - Removed Git conflict markers - Fixed .coderabbit.yaml configuration 🤖 Generated with Claude Code * docs: add PMOVES.AI skill hints context tags Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * chore(submodules): update nested PMOVES-HiRAG submodule pointer * security: update PBKDF2 iterations to 600,000 * fix: correct indentation in state_reconciliation.py if-block * fix(env): strip export syntax and add NATS auth to env.shared defaults - Remove `export` prefix from all variables (incompatible with Docker env_file) - Update NATS_URL default to include pmoves credentials - Update usage comment to reflect Docker Compose env_file pattern Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * docs(claude): add CHIT-aware integration context (#9) Co-authored-by: Shaela Bello <slbello@uncg.edu> * fix(auth): align NATS default URLs with credentialed runtime (#10) Co-authored-by: Shaela Bello <slbello@uncg.edu> * chore(submodules): sync HiRAG and BotZ gateway pointers (#11) Co-authored-by: Shaela Bello <slbello@uncg.edu> * fix(security): add USER directive to archon-ui Dockerfile Run as non-root user (uid 65532) to satisfy BuildKit audit and defense-in-depth container hardening requirements. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * feat(github): add GitHub App token minting and client Implements GitHub App integration for agent work orders with: - Token minting with JWT RS256 signing (10-min lifetime) - Installation token exchange via GitHub API - Token caching with 50-minute expiry window - GitHubClient with App token + gh CLI fallback - Full test coverage for token minting and PR operations Environment variables required: - GH_APP_ID: GitHub App numeric ID - GH_APP_SEC: PEM private key (handles double-escaped env values) - GH_APP_INSTALLATION_ID: Installation ID for org access Key features: - mint_installation_token(): Creates short-lived JWT + exchanges for token - get_installation_token(): Cached token retrieval with force_refresh option - clear_token_cache(): Manual cache invalidation - GitHubClient.list_pull_requests(): API-first with CLI fallback - Graceful degradation when credentials unavailable Security considerations: - PEM keys stored in env.tier-agent (plaintext - production hardening needed) - No persistent token storage (in-memory cache only) - Short-lived tokens (JWT <10min, installation tokens = 1 hour) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * chore(submodules): promote nested submodule pointers (HiRAG, BotZ-gateway) - external/PMOVES-HiRAG: 89d4abf→e904b12 (CHIT + geometry bus context, PR #4) - pmoves_multi_agent_pro_pack/PMOVES-BotZ-gateway: 40e1e33→2565022 (log sanitizer, PR #4) Both commits are merged on their respective origin/main branches. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * chore(submodules): recover nested wipes + promote BoTZ skill pointers - Recovered 3 wiped nested subs: Deep-Serch (88 files), tensorzero (2906 files), docling (839 files) — same wipe pattern as Phase 5 - Recovered 6 wiped sub-sub-subs inside nested BoTZ copy - Promoted 7 skill repo pointer advances in nested BoTZ copy Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> --------- Co-authored-by: leex279 <thomas@thirty3.de> Co-authored-by: Claude <noreply@anthropic.com> Co-authored-by: sean-eskerium <sean@eskerium.com> Co-authored-by: Jason Pickens <jasonpickensnz@gmail.com> Co-authored-by: POWERFULMOVES <POWERFULMOVES@users.noreply.github.com> Co-authored-by: PMOVES.AI <claude@pmoves.ai> Co-authored-by: Shaela Bello <slbello@uncg.edu>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary\n- bump nested submodule pointers:\n - �xternal/PMOVES-HiRAG\n - pmoves_multi_agent_pro_pack/PMOVES-BotZ-gateway\n- isolate pointer sync from runtime/config changes for deterministic review\n\n## Scope\n- gitlink-only lane\n- no direct code changes\n\n## Testing\n- submodule pointer update only