ake/paperclip
1
0
Fork 0
mirror of https://github.com/alkimake/paperclip.git synced 2026-06-18 03:30:39 +09:00
Code Issues Projects Releases Packages Wiki Activity

[codex] Add structured issue-thread interactions (#4244)

Browse source 
## Thinking Path

> - Paperclip orchestrates AI agents for zero-human companies.
> - Operators supervise that work through issues, comments, approvals,
and the board UI.
> - Some agent proposals need structured board/user decisions, not
hidden markdown conventions or heavyweight governed approvals.
> - Issue-thread interactions already provide a natural thread-native
surface for proposed tasks and questions.
> - This pull request extends that surface with request confirmations,
richer interaction cards, and agent/plugin/MCP helpers.
> - The benefit is that plan approvals and yes/no decisions become
explicit, auditable, and resumable without losing the single-issue
workflow.

## What Changed

- Added persisted issue-thread interactions for suggested tasks,
structured questions, and request confirmations.
- Added board UI cards for interaction review, selection, question
answers, and accept/reject confirmation flows.
- Added MCP and plugin SDK helpers for creating interaction cards from
agents/plugins.
- Updated agent wake instructions, onboarding assets, Paperclip skill
docs, and public docs to prefer structured confirmations for
issue-scoped decisions.
- Rebased the branch onto `public-gh/master` and renumbered branch
migrations to `0063` and `0064`; the idempotency migration uses `ADD
COLUMN IF NOT EXISTS` for old branch users.

## Verification

- `git diff --check public-gh/master..HEAD`
- `pnpm exec vitest run packages/adapter-utils/src/server-utils.test.ts
packages/mcp-server/src/tools.test.ts
packages/shared/src/issue-thread-interactions.test.ts
ui/src/lib/issue-thread-interactions.test.ts
ui/src/lib/issue-chat-messages.test.ts
ui/src/components/IssueThreadInteractionCard.test.tsx
ui/src/components/IssueChatThread.test.tsx
server/src/__tests__/issue-thread-interaction-routes.test.ts
server/src/__tests__/issue-thread-interactions-service.test.ts
server/src/services/issue-thread-interactions.test.ts` -> 9 files / 79
tests passed
- `pnpm -r typecheck` -> passed, including `packages/db` migration
numbering check

## Risks

- Medium: this adds a new issue-thread interaction model across
db/shared/server/ui/plugin surfaces.
- Migration risk is reduced by placing this branch after current master
migrations (`0063`, `0064`) and making the idempotency column add
idempotent for users who applied the old branch numbering.
- UI interaction behavior is covered by component tests, but this PR
does not include browser screenshots.

> For core feature work, check [`ROADMAP.md`](ROADMAP.md) first and
discuss it in `#dev` before opening the PR. Feature PRs that overlap
with planned core work may need to be redirected — check the roadmap
first. See `CONTRIBUTING.md`.

## Model Used

- OpenAI Codex, GPT-5-class coding agent runtime. Exact model ID and
context window are not exposed in this Paperclip run; tool use and local
shell/code execution were enabled.

## Checklist

- [x] I have included a thinking path that traces from project context
to this change
- [x] I have specified the model used (with version and capability
details)
- [x] I have checked ROADMAP.md and confirmed this PR does not duplicate
planned core work
- [x] I have run tests locally and they pass
- [x] I have added or updated tests where applicable
- [ ] If this change affects the UI, I have included before/after
screenshots
- [x] I have updated relevant documentation to reflect my changes
- [x] I have considered and documented any risks above
- [x] I will address all Greptile and reviewer comments before
requesting merge

---------

Co-authored-by: Paperclip <noreply@paperclip.ing>
This commit is contained in:
Dotta 2026-04-21 20:15:11 -05:00 committed by GitHub
parent 014aa0eb2d
commit a957394420
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
93 changed files with 10089 additions and 752 deletions
Download patch file Download diff file Expand all files Collapse all files

83
server/src/__tests__/invite-test-resolution-route.test.ts
View file

@ -2,12 +2,6 @@ import express from "express";
import request from "supertest";
import { afterEach, beforeEach, describe, expect, it, vi } from "vitest";
import {
accessRoutes,
setInviteResolutionNetworkForTest,
} from "../routes/access.js";
import { errorHandler } from "../middleware/index.js";
function createSelectChain(rows: unknown[]) {
const query = {
then(resolve: (value: unknown[]) => unknown) {
@ -50,7 +44,21 @@ function createInvite(overrides: Record<string, unknown> = {}) {
};
}
function createApp(db: Record<string, unknown>) {
let currentAccessModule: Awaited<ReturnType<typeof vi.importActual<typeof import("../routes/access.js")>>> | null = null;
async function createApp(
db: Record<string, unknown>,
network: {
lookup: ReturnType<typeof vi.fn>;
requestHead: ReturnType<typeof vi.fn>;
},
) {
const [access, middleware] = await Promise.all([
vi.importActual<typeof import("../routes/access.js")>("../routes/access.js"),
vi.importActual<typeof import("../middleware/index.js")>("../middleware/index.js"),
]);
currentAccessModule = access;
access.setInviteResolutionNetworkForTest(network);
const app = express();
app.use((req, _res, next) => {
(req as any).actor = { type: "anon" };
@ -58,29 +66,41 @@ function createApp(db: Record<string, unknown>) {
});
app.use(
"/api",
accessRoutes(db as any, {
access.accessRoutes(db as any, {
deploymentMode: "local_trusted",
deploymentExposure: "private",
bindHost: "127.0.0.1",
allowedHostnames: [],
}),
);
app.use(errorHandler);
app.use(middleware.errorHandler);
return app;
}
describe("GET /invites/:token/test-resolution", () => {
const lookup = vi.fn();
const requestHead = vi.fn();
beforeEach(() => {
lookup.mockReset();
requestHead.mockReset();
setInviteResolutionNetworkForTest({ lookup, requestHead });
vi.resetModules();
vi.doUnmock("node:dns/promises");
vi.doUnmock("node:http");
vi.doUnmock("node:https");
vi.doUnmock("node:net");
vi.doUnmock("../board-claim.js");
vi.doUnmock("../services/index.js");
vi.doUnmock("../storage/index.js");
vi.doUnmock("../middleware/logger.js");
vi.doUnmock("../routes/access.js");
vi.doUnmock("../routes/authz.js");
vi.doUnmock("../middleware/index.js");
vi.doMock("node:dns/promises", async () => vi.importActual("node:dns/promises"));
vi.doMock("node:http", async () => vi.importActual("node:http"));
vi.doMock("node:https", async () => vi.importActual("node:https"));
vi.doMock("node:net", async () => vi.importActual("node:net"));
vi.doMock("../routes/authz.js", async () => vi.importActual("../routes/authz.js"));
currentAccessModule = null;
});
afterEach(() => {
setInviteResolutionNetworkForTest(null);
afterEach(async () => {
currentAccessModule?.setInviteResolutionNetworkForTest(null);
});
it.each([
@ -97,8 +117,9 @@ describe("GET /invites/:token/test-resolution", () => {
["NAT64 well-known prefix", "https://gateway.example.test/health", "64:ff9b::0a00:0001"],
["NAT64 local-use prefix", "https://gateway.example.test/health", "64:ff9b:1::0a00:0001"],
])("rejects %s targets before probing", async (_label, url, address) => {
lookup.mockResolvedValue([{ address, family: address.includes(":") ? 6 : 4 }]);
const app = createApp(createDbStub([createInvite()]));
const lookup = vi.fn().mockResolvedValue([{ address, family: address.includes(":") ? 6 : 4 }]);
const requestHead = vi.fn();
const app = await createApp(createDbStub([createInvite()]), { lookup, requestHead });
const res = await request(app)
.get("/api/invites/pcp_invite_test/test-resolution")
@ -109,11 +130,12 @@ describe("GET /invites/:token/test-resolution", () => {
"url resolves to a private, local, multicast, or reserved address",
);
expect(requestHead).not.toHaveBeenCalled();
});
}, 15_000);
it("rejects hostnames that resolve to private addresses", async () => {
lookup.mockResolvedValue([{ address: "10.1.2.3", family: 4 }]);
const app = createApp(createDbStub([createInvite()]));
const lookup = vi.fn().mockResolvedValue([{ address: "10.1.2.3", family: 4 }]);
const requestHead = vi.fn();
const app = await createApp(createDbStub([createInvite()]), { lookup, requestHead });
const res = await request(app)
.get("/api/invites/pcp_invite_test/test-resolution")
@ -128,11 +150,12 @@ describe("GET /invites/:token/test-resolution", () => {
});
it("rejects hostnames when any resolved address is private", async () => {
lookup.mockResolvedValue([
{ address: "93.184.216.34", family: 4 },
const lookup = vi.fn().mockResolvedValue([
{ address: "127.0.0.1", family: 4 },
{ address: "93.184.216.34", family: 4 },
]);
const app = createApp(createDbStub([createInvite()]));
const requestHead = vi.fn();
const app = await createApp(createDbStub([createInvite()]), { lookup, requestHead });
const res = await request(app)
.get("/api/invites/pcp_invite_test/test-resolution")
@ -143,9 +166,9 @@ describe("GET /invites/:token/test-resolution", () => {
});
it("allows public HTTPS targets through the resolved and pinned probe path", async () => {
lookup.mockResolvedValue([{ address: "93.184.216.34", family: 4 }]);
requestHead.mockResolvedValue({ httpStatus: 204 });
const app = createApp(createDbStub([createInvite()]));
const lookup = vi.fn().mockResolvedValue([{ address: "93.184.216.34", family: 4 }]);
const requestHead = vi.fn().mockResolvedValue({ httpStatus: 204 });
const app = await createApp(createDbStub([createInvite()]), { lookup, requestHead });
const res = await request(app)
.get("/api/invites/pcp_invite_test/test-resolution")
@ -176,7 +199,9 @@ describe("GET /invites/:token/test-resolution", () => {
["revoked invite", [createInvite({ revokedAt: new Date("2026-03-07T00:05:00.000Z") })]],
["expired invite", [createInvite({ expiresAt: new Date("2020-03-07T00:10:00.000Z") })]],
])("returns not found for %s tokens before DNS lookup", async (_label, inviteRows) => {
const app = createApp(createDbStub(inviteRows));
const lookup = vi.fn();
const requestHead = vi.fn();
const app = await createApp(createDbStub(inviteRows), { lookup, requestHead });
const res = await request(app)
.get("/api/invites/pcp_invite_test/test-resolution")