3502c61faf
Update secrets and email types
...
BotServer CI/CD / build (push) Successful in 10m52s
- Refactor secrets module structure
- Remove unused type in email types
- Improve error handling in secrets
🤖 Generated with [Claude Code](https://claude.com/claude-code )
Co-Authored-By: Claude <noreply@anthropic.com>
2026-04-05 06:27:34 -03:00
645a7936c5
fix: use shared secrets manager instead of creating new Vault client
BotServer CI/CD / build (push) Successful in 4m12s
2026-04-04 23:58:17 -03:00
58f8451981
fix: add ConfigManager import, fix ContentType import
BotServer CI/CD / build (push) Failing after 1m11s
2026-04-04 23:11:35 -03:00
b131c7e311
fix: use builder_dangerous with credentials for port 25 (like Roundcube does)
BotServer CI/CD / build (push) Successful in 5m1s
2026-04-04 21:46:06 -03:00
b8bf4ed5bb
fix: remove private ClientId usage, use builder_dangerous for port 25
BotServer CI/CD / build (push) Successful in 2m51s
2026-04-04 20:58:45 -03:00
a3226162a4
fix: set hello_name to mail.pragmatismo.com.br for Stalwart EHLO
BotServer CI/CD / build (push) Failing after 5m57s
2026-04-04 20:34:33 -03:00
f8e3b34a8a
fix: use builder_dangerous for port 25 (local Stalwart), starttls_relay for 465/587
BotServer CI/CD / build (push) Successful in 4m53s
2026-04-04 20:25:59 -03:00
01db253900
fix: add log::info import, fix ContentType parse, remove unused RedisClient import
BotServer CI/CD / build (push) Successful in 4m38s
2026-04-04 17:49:40 -03:00
5cfd93b050
fix: remove dead code leftover in email/types.rs
BotServer CI/CD / build (push) Failing after 5m38s
2026-04-04 17:39:12 -03:00
a3ad927a21
fix: remove mime crate dependency, use lettre ContentType for mime types
BotServer CI/CD / build (push) Failing after 14s
2026-04-04 17:29:45 -03:00
45eb8357cb
feat: implement real email sending via lettre + Vault credentials
...
BotServer CI/CD / build (push) Failing after 8m6s
- Replace EmailService::send_email stub with full lettre SMTP implementation
- Vault resolution chain: bot-specific → default bot → system fallback
- Seed Vault prod with default email config (contato@pragmatismo.com.br )
- Update all call sites to pass bot_id for Vault lookup
- Support attachments via lettre MultiPart/Attachment API
- Remove unused imports and dead code
2026-04-04 17:16:50 -03:00
6f183c63d2
feat: dual-mode service configs - Vault first, fallback to DB/localhost
...
BotServer CI/CD / build (push) Has been cancelled
All services now try Vault first (remote/distributed mode), then fall back
to database config, then localhost defaults (local/dev mode).
Services fixed:
- Qdrant/VectorDB: kb_indexer.rs, kb_statistics.rs, bootstrap_utils.rs, kb_context.rs
- LLM/Embedding: email/vectordb.rs (was hardcoded localhost:8082)
- All services: security/integration.rs (postgres, cache, drive, directory, qdrant, llm)
Pattern: SecretsManager::get_X_config_sync() → DB config → localhost default
2026-04-03 15:01:37 -03:00
ab1f2df476
Read Drive config from Vault at runtime with fallback defaults
BotServer CI / build (push) Failing after 7m26s
2026-03-17 00:00:36 -03:00
d1cb6b758c
Fix LXD container mode: PATH, socket proxy, exec
BotServer CI / build (push) Successful in 10m54s
2026-03-15 20:00:06 -03:00
260a13e77d
refactor: apply various fixes across botserver
BotServer CI / build (push) Has been cancelled
2026-03-10 15:15:21 -03:00
0b1b17406d
chore(core): various email and security updates
2026-02-24 19:02:48 -03:00
b1118f977d
fix: Correct parameter names in tool .bas files to match database schema
...
- Tool 06: Change tipoExibicao to tipoDescricao (matches pedidos_uso_imagem table)
- Tool 07: Change tipoExibicao to categoriaDescricao (matches licenciamentos table)
- Both tools now compile and execute successfully with database inserts
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-02-18 17:51:47 +00:00
5ea171d126
Refactor: Split large files into modular subdirectories
...
BotServer CI / build (push) Failing after 1m34s
Split 20+ files over 1000 lines into focused subdirectories for better
maintainability and code organization. All changes maintain backward
compatibility through re-export wrappers.
Major splits:
- attendance/llm_assist.rs (2074→7 modules)
- basic/keywords/face_api.rs → face_api/ (7 modules)
- basic/keywords/file_operations.rs → file_ops/ (8 modules)
- basic/keywords/hear_talk.rs → hearing/ (6 modules)
- channels/wechat.rs → wechat/ (10 modules)
- channels/youtube.rs → youtube/ (5 modules)
- contacts/mod.rs → contacts_api/ (6 modules)
- core/bootstrap/mod.rs → bootstrap/ (5 modules)
- core/shared/admin.rs → admin_*.rs (5 modules)
- designer/canvas.rs → canvas_api/ (6 modules)
- designer/mod.rs → designer_api/ (6 modules)
- docs/handlers.rs → handlers_api/ (11 modules)
- drive/mod.rs → drive_handlers.rs, drive_types.rs
- learn/mod.rs → types.rs
- main.rs → main_module/ (7 modules)
- meet/webinar.rs → webinar_api/ (8 modules)
- paper/mod.rs → (10 modules)
- security/auth.rs → auth_api/ (7 modules)
- security/passkey.rs → (4 modules)
- sources/mod.rs → sources_api/ (5 modules)
- tasks/mod.rs → task_api/ (5 modules)
Stats: 38,040 deletions, 1,315 additions across 318 files
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-02-12 21:09:30 +00:00
8d405e6926
Fix compilation errors for CI: Make embed-ui optional, fix HTML strings, shared module, email syntax
2026-02-05 11:46:32 -03:00
355215c2a2
Update: refactor migrations, update source files, and add new features
2026-02-04 13:29:29 -03:00
0a24cd4b50
Fix build errors and unused imports in core, security and package_manager modules
2026-01-24 22:04:47 -03:00
6fa52e1dd8
feat: implement feature bundling architecture and fix conditional compilation
...
- Restructured Cargo.toml with Bundle Pattern for easy feature selection
- Added feature bundles: tasks → automation + drive + monitoring
- Applied conditional compilation guards throughout codebase:
* AppState fields (drive, cache, task_engine, task_scheduler)
* main.rs initialization (S3, Redis, Tasks)
* SessionManager Redis usage
* bootstrap S3/Drive operations
* compiler task scheduling
* shared module Task/NewTask exports
- Eliminated all botserver compilation warnings
- Minimal build now compiles successfully
- Accepted core dependencies: automation (Rhai), drive (S3), cache (Redis)
- Created DEPENDENCY_FIX_PLAN.md with complete documentation
Minimal feature set: chat + automation + drive + cache
Verified: cargo check -p botserver --no-default-features --features minimal ✅
2026-01-23 13:14:20 -03:00
18b8afd54c
O
2026-01-19 21:19:10 -03:00
033bb504b9
Various updates: dependencies, features, and bug fixes
2026-01-16 11:29:22 -03:00
cb2f13d5b0
Fix all duplicate route conflicts: combine methods and move UI routes to /api/ui/
2026-01-14 09:37:07 -03:00
a2783f9b32
Fix 5 errors and 32 warnings: calendar, compliance, billing_alert_broadcast, unused vars
2026-01-13 22:21:25 -03:00
31777432b4
Implement TODO items: session auth, face API, task logs, intent storage
...
Learn Module:
- All 9 handlers now use AuthenticatedUser extractor
Security:
- validate_session_sync reads roles from SESSION_CACHE
AutoTask:
- get_task_logs reads from manifest with status logs
- store_compiled_intent saves to cache and database
Face API:
- AWS Rekognition, OpenCV, InsightFace implementations
- Detection, verification, analysis methods
Other fixes:
- Calendar/task integration database queries
- Recording database methods
- Analytics insights trends
- Email/folder monitoring mock data
2026-01-13 14:48:49 -03:00
479950945b
feat(auth): Add OTP password display on bootstrap and fix Zitadel login flow
...
- Add generate_secure_password() for OTP generation during admin bootstrap
- Display admin credentials (username/password) in console on first run
- Save credentials to ~/.gb-setup-credentials file
- Fix Zitadel client to support PAT token authentication
- Replace OAuth2 password grant with Zitadel Session API for login
- Fix get_current_user to fetch user data from Zitadel session
- Return session_id as access_token for proper authentication
- Set email as verified on user creation to skip verification
- Add password grant type to OAuth application config
- Update directory_setup to include proper redirect URIs
2026-01-06 22:56:35 -03:00
29b80f597c
Fix email_accounts -> user_email_accounts table name typo in list_emails_htmx
2026-01-04 08:48:27 -03:00
38f9abb7db
Fix organizations foreign key reference (org_id not id)
2025-12-29 08:07:42 -03:00
c67aaa677a
feat(security): Complete security infrastructure implementation
...
SECURITY MODULES ADDED:
- security/auth.rs: Full RBAC with roles (Anonymous, User, Moderator, Admin, SuperAdmin, Service, Bot, BotOwner, BotOperator, BotViewer) and permissions
- security/cors.rs: Hardened CORS (no wildcard in production, env-based config)
- security/panic_handler.rs: Panic catching middleware with safe 500 responses
- security/path_guard.rs: Path traversal protection, null byte prevention
- security/request_id.rs: UUID request tracking with correlation IDs
- security/error_sanitizer.rs: Sensitive data redaction from responses
- security/zitadel_auth.rs: Zitadel token introspection and role mapping
- security/sql_guard.rs: SQL injection prevention with table whitelist
- security/command_guard.rs: Command injection prevention
- security/secrets.rs: Zeroizing secret management
- security/validation.rs: Input validation utilities
- security/rate_limiter.rs: Rate limiting with governor crate
- security/headers.rs: Security headers (CSP, HSTS, X-Frame-Options)
MAIN.RS UPDATES:
- Replaced tower_http::cors::Any with hardened create_cors_layer()
- Added panic handler middleware
- Added request ID tracking middleware
- Set global panic hook
SECURITY STATUS:
- 0 unwrap() in production code
- 0 panic! in production code
- 0 unsafe blocks
- cargo audit: PASS (no vulnerabilities)
- Estimated completion: ~98%
Remaining: Wire auth middleware to handlers, audit logs for sensitive data
2025-12-28 19:29:18 -03:00
96cf7b57f8
App generator LLM-only, app logs, knowledge base, web search, designer magic
2025-12-28 11:50:50 -03:00
14b7cf70af
feat(autotask): Implement AutoTask system with intent classification and app generation
...
- Add IntentClassifier with 7 intent types (APP_CREATE, TODO, MONITOR, ACTION, SCHEDULE, GOAL, TOOL)
- Add AppGenerator with LLM-powered app structure analysis
- Add DesignerAI for modifying apps through conversation
- Add app_server for serving generated apps with clean URLs
- Add db_api for CRUD operations on bot database tables
- Add ask_later keyword for pending info collection
- Add migration 6.1.1 with tables: pending_info, auto_tasks, execution_plans, task_approvals, task_decisions, safety_audit_log, generated_apps, intent_classifications, designer_changes
- Write apps to S3 drive and sync to SITE_ROOT for serving
- Clean URL structure: /apps/{app_name}/
- Integrate with DriveMonitor for file sync
Based on Chapter 17 - Autonomous Tasks specification
2025-12-27 21:10:09 -03:00
5da86bbef2
Fix clippy warnings: match arms, async/await, Debug impls, formatting
...
- Fix match arms with identical bodies by consolidating patterns
- Fix case-insensitive file extension comparisons using eq_ignore_ascii_case
- Fix unnecessary Debug formatting in log/format macros
- Fix clone_from usage instead of clone assignment
- Fix let...else patterns where appropriate
- Fix format! append to String using write! macro
- Fix unwrap_or with function calls to use unwrap_or_else
- Add missing fields to manual Debug implementations
- Fix duplicate code in if blocks
- Add type aliases for complex types
- Rename struct fields to avoid common prefixes
- Various other clippy warning fixes
Note: Some 'unused async' warnings remain for functions that are
called with .await but don't contain await internally - these are
kept async for API compatibility.
2025-12-26 08:59:25 -03:00
db6d7a9859
fix: zero warnings in botserver
...
- drive/vectordb.rs: fix struct field name db_path -> _db_path
- meet/conversations.rs: prefix 38 unused variables with underscore
- console/mod.rs: rename border_active/inactive, title_bg/fg
- console/mod.rs: fix unnested or-pattern KeyCode::Char
- email/mod.rs: remove unnecessary raw string hashes, fix unused state
- attendance/drive.rs: update deprecated aws_config::from_env()
- Cargo.toml: attendance feature extends drive for AWS deps
2025-12-24 10:31:18 -03:00
3a260a5703
Fix more clippy warnings: unused imports, raw string hashes, conditional imports
2025-12-24 09:42:16 -03:00
3a8510d191
Fix clippy warnings: raw strings, unused imports, format args, must_use attributes
2025-12-24 09:39:23 -03:00
7cbfe43319
Update attendance, keywords, calendar, compliance, console, core, drive, email, llm, msteams, security, and tasks modules
2025-12-24 09:29:27 -03:00
883c6d07e1
Remove all code comments and fix ratatui version
2025-12-23 18:40:58 -03:00
e2a5bf091a
Update server components and keywords
2025-12-23 15:52:35 -03:00
a491cc13a6
Update botserver
2025-12-21 23:40:43 -03:00
dd91fc2d3b
refactor: fix TaskEngine feature gate, thread-safe Extensions with Arc<RwLock>
2025-12-20 19:57:57 -03:00
ac47b89dbd
Update calendar and email modules
2025-12-15 23:16:08 -03:00
224ddd4a03
chore: Remove emoji icons from log messages and UI
...
Replace emoji icons with plain text/ASCII equivalents to prevent
encoding issues and improve console compatibility:
- Replace checkmarks with *
- Replace x marks with x
- Replace status indicators with text [OK], [ERR], etc.
- Remove decorative emojis from info/debug log messages
- Keep functional emojis in user-facing chat/sentiment features
2025-12-09 07:55:11 -03:00
6c4ecea2fc
feat(auth): Add OAuth login for Google, Discord, Reddit, Twitter, Microsoft, Facebook
...
- Create core/oauth module with OAuthProvider enum and shared types
- Implement providers.rs with auth URLs, token exchange, user info endpoints
- Add routes for /auth/oauth/providers, /auth/oauth/{provider}, and callbacks
- Update login.html with OAuth button grid and dynamic provider loading
- Add OAuth config settings to config.csv with setup documentation and links
- Uses HTMX for login form, minimal JS for OAuth provider visibility
2025-12-04 22:53:40 -03:00
d9b09e24d4
feat(email): implement email read tracking with pixel support
...
- Add email-read-pixel config parameter to enable/disable tracking
- Implement tracking pixel injection in HTML emails
- Add sent_email_tracking table with migration
- Create 4 new API endpoints:
- GET /api/email/tracking/pixel/{id} - serve pixel & record read
- GET /api/email/tracking/status/{id} - get email read status
- GET /api/email/tracking/list - list all tracked emails
- GET /api/email/tracking/stats - get aggregate statistics
- Store tracking data: read_at, read_count, IP, user_agent
- Integrate with send_email() to auto-inject pixel when enabled
2025-12-04 18:15:09 -03:00
11ffccaa94
- More htmx.
2025-11-29 17:27:13 -03:00
ad1cd3ee36
HTMX enters.
2025-11-29 16:29:28 -03:00
c67ff407b1
Add .env.example with comprehensive configuration template
...
The commit adds a complete example environment configuration file
documenting all available settings for BotServer, including logging,
database, server, drive, LLM, Redis, email, and feature flags.
Also removes hardcoded environment variable usage throughout the
codebase, replacing them with configuration via config.csv or
appropriate defaults. This includes:
- WhatsApp, Teams, Instagram adapter configurations
- Weather API key handling
- Email and directory service configurations
- Console feature conditionally compiles monitoring code
- Improved logging configuration with library suppression
2025-11-28 13:19:03 -03:00
1789952c5b
Remove unused sqlx dependency and related code
...
The sqlx database library has been removed from the project along with
associated database-specific code that was no longer being used. This
includes removal of various sqlx-related dependencies from Cargo.lock
and cleanup of database connection pool references.
2025-11-28 09:27:29 -03:00
