Replace env-var based config with DB-first approach (Portainer model).
Only PORT, DATABASE_PATH, and MASTER_KEY_PATH remain as env vars.
All other settings (Gitea, Feishu, security, review engine, memory) are
managed through the Admin Dashboard Web UI backed by system_settings table.
- ConfigManager rewrites getRawValue() to read from settingsRepo with
fallback to compiled-in defaults (no more process.env reads)
- seedDefaults() auto-generates JWT_SECRET and WEBHOOK_SECRET on first boot
- getSource() returns 'db' | 'default' (removed 'env' source type)
- Merged 'app'+'admin' config groups into 'security' group
- Removed PORT from CONFIG_FIELDS (env-var only)
- Removed readonly/readonlyWarning from all field definitions
Remove OPENAI_API_KEY from Secret, OPENAI_*/REVIEW_MODEL_*/CONFIG_OVERRIDES_PATH from ConfigMap; switch emptyDir to PVC.
Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-opencode)
Upgrade local bun from 1.2.22 to 1.3.10 to match oven/bun:1 Docker image.
Revert Dockerfile from pinned bun:1.2 back to bun:1 (latest). Regenerate
both root and frontend bun.lock with bun 1.3.10 for consistent dependency
resolution between local development and Docker builds.
Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-opencode)
Comprehensive 838-line design specification covering architecture,
provider types, database schema, API endpoints, encryption strategy,
frontend wireframes, and migration plan for the pluggable multi-provider
LLM system.
Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-opencode)
Fix 13 pre-existing test failures caused by SpecialistAgent constructor
signature change during LLMGateway migration. Replace raw OpenAI client
mock with gateway mock returning normalized LLMChatResponse objects.
Update assertions for gateway request format (responseFormat, providerOptions)
and LLMMessage shape (toolCallId instead of tool_call_id).
Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-opencode)
Component tests for all LLM management UI elements using vitest and
@testing-library/react with happy-dom:
- LLMProviders: Tab container rendering
- ModelCombobox: API/recommended/custom tag display, selection, custom input
- ProviderList: Async data loading, enable switches, status indicators
- RoleAssignment: Role card rendering, Radix Select interaction
- TestResultDialog: Success/error state rendering
Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-opencode)
Install vitest, @testing-library/react, @testing-library/jest-dom,
@testing-library/user-event, and happy-dom as dev dependencies. Configure
vitest with happy-dom environment, path aliases, and test setup file.
Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-opencode)
Add complete Web UI for LLM provider configuration: provider list with
enable/disable toggles, add/edit dialog, connection testing with result
display, role assignment cards, and model combobox with API/recommended/custom
tags. All labels in Chinese. Add description prop to SelectItem for
Radix Select rendering fix. Register route and nav link.
Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-opencode)
Strip OpenAI-specific settings (apiKey, baseUrl, model) and per-role model
overrides from config schema — these are now managed through the database
via the LLM provider UI. Simplify config-manager and its tests accordingly.
Keep only runtime settings (port, webhookSecret, etc.) in env/config.
Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-opencode)
Replace all direct OpenAI client usage in review agents, orchestrator,
learning system, and AI review service with the new LLMGateway abstraction.
Agents now call gateway.chatForRole() instead of openai.chat.completions.create(),
enabling multi-provider support across all review workflows. Add getAll()
method to ToolRegistry for provider capability checking.
Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-opencode)
Add REST endpoints under /admin/api/llm/ for provider CRUD, API key
management, role assignments, connection testing, and model listing.
Register routes in index.ts with JWT authentication middleware. Initialize
master key and database on server startup.
Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-opencode)
Add bun:sqlite-based database with automatic migration system. Includes
repositories for LLM providers (CRUD), model-role assignments, encrypted
API key secrets (AES-256-GCM via master.key), and system settings.
Single-file DB at data/assistant.db.
Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-opencode)
Introduce provider-agnostic LLM gateway supporting 4 provider types:
OpenAI Compatible, OpenAI Responses API, Anthropic Messages API, and
Google Gemini API. Each provider normalizes to a unified LLMChatResponse
format with tool call support. Includes AES-256-GCM encrypted secret
management for API keys and a tool-converter for cross-provider tool
format translation.
Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-opencode)
Exclude runtime data (data/), SQLite WAL files, frontend lock file, and
build artifacts. Add bunfig.toml to scope bun test to src/ only,
preventing it from picking up frontend vitest test files.
Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-opencode)
Add GLOBAL_PROMPT config field that appends user-defined instructions to
every LLM system message across all 9 call sites (legacy engine, agent
specialist, reflexion, critic, and debate orchestrator).
Configured via admin dashboard (auto-rendered from CONFIG_FIELDS metadata)
or GLOBAL_PROMPT env var. Example use: "请始终使用中文回复".
Changes:
- Add GLOBAL_PROMPT to Zod schema, AppConfig interface, and buildConfig
- Add CONFIG_FIELDS metadata (group: openai, type: text)
- Add getEffectiveValue switch case
- Add withGlobalPrompt() helper in src/utils/global-prompt.ts
- Inject into all LLM call sites via withGlobalPrompt wrapper
Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-opencode)
ConfigMap volumes are read-only in K8s, causing EROFS when saving config.
Replace ConfigMap-mounted config-overrides.json with a writable emptyDir
at /app/data/ and set CONFIG_OVERRIDES_PATH accordingly. The app handles
missing override files gracefully (starts with empty overrides).
Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-opencode)
Frontend sends entire form state including readonly fields (PORT,
WEBHOOK_SECRET, JWT_SECRET). Previously the backend rejected the whole
request. Now readonly fields are silently skipped.
Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-opencode)
Atomic rename (temp→target) fails on K8s volumes with EBUSY/EXDEV/EROFS.
Fall back to direct writeFile when rename fails, with best-effort
cleanup of orphaned temp files.
Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-opencode)
- Add complete finding JSON schema (all required fields) to both legacy
and ReAct system prompts to prevent malformed responses
- Change JSON parse error handling from break (abandon review) to
injecting a guidance message that prompts the model to return valid JSON
- Add global prompt injection support via withGlobalPrompt helper
Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-opencode)
The --type-add and --type options were placed after the path argument,
causing ripgrep to treat them as additional paths rather than flags.
Moved option flags before the -e pattern and path arguments.
Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-opencode)
Agent mode requires git for mirror cloning and rg for code search.
Both were missing from oven/bun:1-slim causing command failures (exit code -1).
Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-opencode)
Remove all isDev logic from review controller and config manager.
The isDev check treated missing NODE_ENV as development, causing
production to use a hardcoded fake commit SHA and skip real reviews.
Config validation now always fails fast on invalid configuration.
- Add Qdrant vector database service with persistent storage
- Add health check and depends_on for service ordering
- Expose ports 6333 (HTTP) and 6334 (gRPC)
- Rewrite release.yml: semantic-release for auto-versioning + Docker
image build and push to GitHub Container Registry (ghcr.io)
- Rewrite ci.yml: remove continue-on-error on lint
- Add .releaserc.json with changelog and git plugins
- Add semantic-release dependencies to package.json
- Fix Dockerfile: remove --frozen-lockfile from production install
- Update .dockerignore with comprehensive exclusions
- Update docker-compose.yml to pull from GHCR by default
- Remove obsolete pnpm packageManager field
- Remove obsolete kubernetes.yaml from .gitignore
- Add @biomejs/biome as dev dependency
- Remove deprecated tslint dependency
- Add biome.json with project-specific rules
- Update lint script to use Biome
- Apply Biome auto-fixes across codebase
- Create English README.md as primary documentation
- Create Chinese docs/README.zh-CN.md with language link
- Focus on core functionality: features, quick start, configuration, deployment
- Remove CI badge, GitHub Actions, Contributing, Acknowledgments sections
- Remove verbose API Reference and Development sections
- Condense configuration examples for clarity
- Delete obsolete docs/ADMIN_UI_DESIGN.md
- Add config-overrides.json to .gitignore (user-specific runtime config)
- Add config-overrides.json to .dockerignore (not needed in image)
- Mount config-overrides.json as volume in docker-compose.yml
This enables persistent configuration overrides in containerized
deployments without rebuilding the image.
- Add concurrently package for parallel process execution
- Split dev script into dev:backend and dev:frontend
- Use concurrently to run both with colored, labeled output
This enables single-command development with 'bun run dev' that starts
both the backend server (with hot reload) and frontend dev server.
Migrate to react-router-dom for SPA routing:
- Add BrowserRouter with nested routes
- Implement AuthGuard component for protected routes
- Add collapsible sidebar navigation
- Support /repos and /config routes
Changes:
- App.tsx: Route definitions with AuthGuard wrapper
- main.tsx: Force dark mode, improved retry logic
- DashboardPage.tsx: New layout with sidebar + Outlet
- vite.config.ts: Expose dev server on 0.0.0.0
Dependencies added:
- react-router-dom
- @radix-ui/react-select, switch, separator, tabs
Add comprehensive configuration management UI:
- ConfigManager: Main page with grouped config display
- ConfigGroupCard: Expandable cards for each config group
- ConfigFieldInput: Smart input based on field type
- Text, URL, password (masked), number, boolean, enum, textarea
UI Components added:
- Select, Switch, Tabs, Textarea, Separator from shadcn/ui
Features:
- Real-time field validation
- Source indicator (default/env/override)
- Save/reset functionality with toast notifications
- Responsive layout with collapsible groups
Add /admin/api/config routes for runtime configuration:
- GET /: Retrieve all config groups with field metadata and values
- PUT /: Validate and persist configuration overrides
- POST /reset: Reset specified keys to defaults (remove overrides)
Features:
- Sensitive field masking (passwords, secrets, API keys)
- Field validation (URL, enum, number range, boolean)
- Readonly field protection
- Grouped field organization with metadata
