agents-orchestrator/agent-orchestrator
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
29 commits 3 branches 0 tags 54 MiB
Commit graph

29 commits

This branch
This branch
All branches
Author SHA1 Message Date
Hibryda
244d5e3938 feat: Sprint 0 — settings panel infrastructure 
SettingsPanel.svelte: VS Code-style shell with sidebar categories,
search bar (fuzzy on registry metadata), keyboard navigation (arrows,
Escape), deep-link to setting anchors.

settings-registry.ts: static metadata for 35+ settings with key, label,
description, category, anchorId, keywords, scopeable, pro flags.
Supports fuzzy search and category filtering.

settings-scope.svelte.ts: centralized scope resolution store.
scopedGet/scopedSet resolve Global→Project cascade. Override chain
for ScopeCascade display. Cache invalidation on project switch.

settings/categories/ directory ready for Sprint 1 extraction.
 2026-03-17 04:58:57 +01:00
Hibryda
6ca168e336 fix(a11y): resolve all 15 pre-existing Svelte compiler warnings 
- GroupAgentsPanel: add keyboard handler on clickable div, remove unused CSS
- CommsTab: add aria-label on icon button
- CommandPalette: add aria-label on close button
- SettingsTab: add aria-labels on icon buttons, remove unused CSS rules
- AgentPane: fix state_referenced_locally for initialPrompt
- NotificationCenter: add keyboard handler on clickable notification
- ProjectHeader: replace nested <button> with <span> (invalid DOM nesting)
- CodeEditor: fix state_referenced_locally for content and lang
- PdfViewer: fix state_referenced_locally for filePath
 2026-03-17 04:53:49 +01:00
Hibryda
2cdc8dddb2 chore: remove old root-level docs (content moved to subdirectories) 2026-03-17 04:22:47 +01:00
Hibryda
493b436eef docs: complete reorganization — move remaining docs into subdirectories 2026-03-17 04:22:38 +01:00
Hibryda
8641f260f7 docs: move orchestration and sidecar docs into subdirectories 2026-03-17 04:19:04 +01:00
Hibryda
b6c1d4b6af docs: add 11 new documentation files across all categories 
New reference docs:
- agents/ref-btmsg.md: inter-agent messaging schema and CLI
- agents/ref-bttask.md: kanban task board operations
- providers/ref-providers.md: Claude/Codex/Ollama/Aider comparison
- config/ref-settings.md: (already committed)

New guides:
- contributing/dual-repo-workflow.md: community vs commercial repos
- plugins/guide-developing.md: Web Worker sandbox API and publishing

New pro docs:
- pro/features/knowledge-base.md: persistent memory + symbol graph
- pro/features/git-integration.md: context injection + branch policy
- pro/marketplace/README.md: 13 plugins catalog

Split files:
- architecture/data-model.md: from architecture.md (schemas, layout)
- production/hardening.md: from production.md (supervisor, sandbox, WAL)
- production/features.md: from production.md (FTS5, plugins, secrets, audit)
 2026-03-17 04:18:05 +01:00
Hibryda
8251321dac docs: restructure documentation into multilevel directory layout 
New structure: docs/ split into 11 subdirectories (getting-started/,
agents/, providers/, sidecar/, multi-machine/, plugins/, config/,
production/, architecture/, contributing/, pro/).

New files:
- docs/README.md: navigation index with audience table
- docs/getting-started/quickstart.md: install, build, first session
- docs/config/ref-settings.md: all env vars, config files, databases
- docs/architecture/overview.md: split from architecture.md (>300 lines)
- docs/pro/README.md: Pro edition overview
- docs/pro/features/analytics.md: analytics dashboard docs
- docs/pro/features/cost-intelligence.md: budget + router docs

Remaining docs being written by background agents — will be committed
in follow-up when complete.
 2026-03-17 04:15:15 +01:00
Hibryda
738574b9f0 fix(security): resolve all HIGH/MEDIUM/LOW audit findings 
Rust fixes (HIGH):
- symbols.rs: path validation (reject near-root, 50K file limit, symlink filter)
- memory.rs: FTS5 query quoting (prevent operator injection), 1000 fragment cap, content length limit, transaction wrapping
- budget.rs: atomic check-and-reserve via transaction, input validation, index on budget_log
- export.rs: safe UTF-8 truncation via chars().take()
- git_context.rs: reject paths starting with '-' (flag injection)
- branch_policy.rs: action validation (block|warn only), path validation

Rust fixes (MEDIUM):
- export.rs: named column access (positional→named)
- budget.rs: named column access, negative value guards

Svelte fixes:
- AccountSwitcher: 2-step confirmation before account switch
- ProjectMemory: expand/collapse content, 2-step delete confirm, tags split fix
- CodeIntelligence: min 2-char symbol query, CodeSymbol rename, aria-labels
- BudgetManager: 10M upper bound, aria-label on input, named constants
- SessionExporter: timeout cleanup on destroy, aria-live feedback
- AnalyticsDashboard: SVG aria-label, removed unused import, named constant
 2026-03-17 03:56:44 +01:00
Hibryda
0324f813e2 fix(security): resolve critical audit findings in marketplace and frontend 
CRITICAL fixes:
- marketplace.rs: Replace fake SHA-256 (SipHash) with real sha2 crate
- marketplace.rs: Reject empty checksums (refuse unsigned plugins)
- marketplace.rs: Add install path traversal protection (reject ../|/|\)
- marketplace.rs: Add HTTPS-only URL validation on download_url
- marketplace.rs: Add curl --proto =https to block file:/gopher: SSRF
- marketplace.rs: Add --max-filesize 50MB download cap
- marketplace.rs: Add --no-same-owner --no-same-permissions to tar extraction
- marketplace.rs: Post-extraction path validation (canonicalize check)

Frontend fixes:
- pro-bridge.ts: Rename Symbol→CodeSymbol (avoid global collision)
- pro-bridge.ts: Tighten trust type to union 'human'|'agent'|'auto'
- PluginMarketplace.svelte: URL sanitization (reject non-https hrefs)

Remaining audit fixes (HIGH/MEDIUM/LOW) being applied by background
agents — will be committed separately when complete.
 2026-03-17 03:50:10 +01:00
Hibryda
285f2404aa refactor(pro): simplify ProjectMemory and CodeIntelligence components 2026-03-17 03:29:14 +01:00
Hibryda
be084c8f17 feat(pro): add Svelte components for commercial phases 
BudgetManager (budget+router), ProjectMemory (persistent memory),
CodeIntelligence (symbols+git+branch policy). Updated pro-bridge.ts
with all new IPC functions.
 2026-03-17 03:27:40 +01:00
Hibryda
191b869b43 feat(pro): implement all 3 commercial phases 
Phase 1 — Cost Intelligence:
- budget.rs: per-project token budgets, soft/hard limits, usage logging
- router.rs: 3 preset profiles (CostSaver/QualityFirst/Balanced)

Phase 2 — Knowledge Base:
- memory.rs: persistent agent memory with FTS5, auto-extraction, TTL
- symbols.rs: regex-based symbol graph (tree-sitter stub)

Phase 3 — Git Integration:
- git_context.rs: branch/commit/modified file context injection
- branch_policy.rs: session-level branch protection

6 modules, 32 cargo tests, 22+ Tauri plugin commands.
 2026-03-17 03:27:40 +01:00
Hibryda
3798bedc4d feat: add pre-dispatch hook for agent task middleware 
Generic extension point in community codebase: PreDispatchHook type
registered in AppState, checked before every agent_query dispatch.
Enables Pro features like budget enforcement and branch policy.
 2026-03-17 03:27:40 +01:00
Hibryda
19771237c9 refactor(pro): simplify PluginMarketplace component (503→310 lines) 2026-03-17 02:22:20 +01:00
Hibryda
5300c09157 feat(pro): add plugin marketplace with catalog, install, and update support 
Marketplace backend (agor-pro/src/marketplace.rs): fetch catalog from
GitHub, download+verify+extract plugins, install/uninstall/update with
SHA-256 checksum verification and path traversal protection. 6 Tauri
plugin commands.

PluginMarketplace.svelte: Browse/Installed tabs, search, plugin cards
with permission badges, one-click install/uninstall/update.

Plugin catalog repo: agents-orchestrator/agor-plugins (3 seed plugins).
Plugin scaffolding: scripts/plugin-init.sh.
7 marketplace vitest tests, 3 Rust tests.
 2026-03-17 02:20:10 +01:00
Hibryda
a98d061b04 feat(pro): add commercial Svelte components 
AnalyticsDashboard (period selector, summary cards, SVG bar chart, model table),
SessionExporter (session/project report generation, clipboard copy),
AccountSwitcher (account list, active indicator, hot-switch).
All use Svelte 5 runes, --ctp-* theme vars, plugin:agor-pro IPC.
 2026-03-17 01:53:22 +01:00
Hibryda
fc6b306a5c docs: update CHANGELOG and TODO for commercial features 2026-03-17 01:52:46 +01:00
Hibryda
03fe2e2237 feat(pro): add analytics, export, and multi-account commercial features 
3 new agor-pro modules: analytics.rs (usage dashboard queries),
export.rs (session/project Markdown report generation),
profiles.rs (multi-account switching via accounts.json).
9 Tauri plugin commands. Frontend IPC bridge (pro-bridge.ts).
168 cargo tests, 14 commercial vitest tests.
 2026-03-17 01:52:46 +01:00
Hibryda
6973c70c5a fix(deps): resolve 15 Dependabot security vulnerabilities 
- undici: updated to fix WebSocket memory exhaustion, CRLF injection,
  HTTP smuggling, and 64-bit length overflow (10 alerts)
- devalue: updated to fix prototype pollution in parse/unflatten (2 alerts)
- serialize-javascript: override to >=7.0.3 fixes RCE via RegExp.flags (1 alert)
- glib 0.18.5: unsound Iterator impls — upstream tauri dependency,
  cannot update without tauri releasing gtk-rs 0.22 support (1 alert, low risk)

Resolves all npm vulnerabilities (0 remaining). 1 Rust advisory remains
(glib, pinned by tauri gtk-rs dependency chain).
 2026-03-17 01:33:32 +01:00
Hibryda
ec2fee256e chore: remove old bterminal-core and bterminal-relay directories 
These were renamed to agor-core and agor-relay in the rebrand commit.
Also removes the old bterminal.test.ts (renamed to agor.test.ts).
 2026-03-17 01:12:35 +01:00
Hibryda
421c38cd8c docs: update all documentation for agor rebrand and dual-repo structure 2026-03-17 01:12:25 +01:00
Hibryda
5fadd1c022 feat: add agor-pro commercial plugin crate and dual-repo infrastructure 
agor-pro Tauri 2.x plugin (feature-gated via --features pro),
commercial Tauri config overlay, asymmetric test setup,
CI workflows (leak-check, commercial-build, PAT health),
pre-push hook, Makefile, CONTRIBUTING/MAINTENANCE/LICENSE-COMMERCIAL.
 2026-03-17 01:12:25 +01:00
Hibryda
a63e6711ac refactor!: rebrand bterminal to agor (agents-orchestrator) 
Rename Cargo crates (bterminal-core→agor-core, bterminal-relay→agor-relay),
env vars (BTERMINAL_*→AGOR_*), config paths (~/.config/agor), CSS custom
properties, plugin API object, package names, and all documentation.

BREAKING CHANGE: config/data paths changed from bterminal to agor.
 2026-03-17 01:12:25 +01:00
Hibryda
ef3548a569 chore: gitignore tar.gz archives and update CHANGELOG for repo flattening 2026-03-16 05:23:53 +01:00
Hibryda
356660f17d docs: reconcile hib_changes onto flat structure 
Bring over comprehensive documentation, CLI tools, and project
scaffolding from the archived v2/ branch onto the rebuilt flat
main. All v2/ path references updated to match flat layout.

- docs/: architecture, decisions, phases, progress, findings, etc.
- docker/tempo: telemetry stack (Grafana + Tempo)
- CLAUDE.md, .claude/CLAUDE.md: comprehensive project guides
- CHANGELOG.md, TODO.md, README.md: project meta
- consult, ctx: CLI tools
- .gitignore: merged entries from both branches
 2026-03-16 03:34:04 +01:00
DexterFromLab
37b2b82ae5 feat: add Clear All button to CommsTab — purge all messages from DB 
Adds trash icon button in Messages header that clears all communications
for the active group: DMs, channel messages, activity feed, seen tracking,
and dead letters. Shows Tauri warning dialog with confirmation before delete.

- Rust: clear_all_communications() in btmsg.rs (4 DELETE queries)
- Tauri command: btmsg_clear_all_comms
- Bridge: clearAllComms(groupId)
- UI: trash button with hover-red styling, resets all local state after clear
 2026-03-15 17:24:40 +01:00
DexterFromLab
6504a79bfe chore: add launch.sh for .desktop entry 
Runs `tauri dev` so Vite dev server starts before the WebView binary.
Builds sidecar runners on first launch if missing.
 2026-03-15 17:13:22 +01:00
DexterFromLab
a3595f0277 fix: agent status indicators persist after stop — sync btmsg + optimistic UI 
Green borders in GroupAgentsPanel and health dots stayed active after
stopping agents because btmsg DB status was never set to 'stopped'.

- Add terminal state guard in agent store (done/error cannot revert to active)
- Optimistic updateAgentStatus('done') on all stop paths (AgentPane, StatusBar Stop All, AgentSession onAgentStop)
- Sync btmsg agent status to 'stopped' in agent-dispatcher on every terminal transition (agent_stopped, agent_error, cost done/error, sidecar crash)
- Sync btmsg optimistically in UI stop handlers for immediate card border update
- Add Stop All button to StatusBar with wake scheduler kill
 2026-03-15 16:59:20 +01:00
DexterFromLab
3672e92b7e feat: Agent Orchestrator — multi-project agent dashboard 
Tauri + Svelte 5 + Rust application for orchestrating multiple AI coding agents.
Includes Claude, Aider, Codex, and Ollama provider support, multi-agent
communication (btmsg/bttask), session anchors, plugin sandbox, FTS5 search,
Landlock sandboxing, and 507 vitest + 110 cargo tests.
 2026-03-15 15:45:27 +01:00