npm - @promptbook/cli - Versions diffs - 0.112.0-100 → 0.112.0-102 - Mend

@promptbook/cli 0.112.0-100 → 0.112.0-102

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (78) hide show

package/apps/agents-server/README.md CHANGED Viewed

@@ -41,6 +41,12 @@ ptbk agents-server start --agent github-copilot --model gpt-5.4 --thinking-level
 <a id="agents-server-env-admin-password"></a>
 -   `ADMIN_PASSWORD`: Password for the built-in `admin` login on a self-hosted Agents Server. Choose a private value before using the admin UI.
+<a id="agents-server-env-next-public-cdn-storage-provider"></a>
+-   `NEXT_PUBLIC_CDN_STORAGE_PROVIDER`: File storage provider for uploads. Use `s3` for S3-compatible storage such as the VPS installer's self-contained MinIO service or external S3, and `vercel` for Vercel Blob.
+<a id="agents-server-env-s3-cdn"></a>
+-   `CDN_BUCKET`, `CDN_ENDPOINT`, `CDN_ACCESS_KEY_ID`, `CDN_SECRET_ACCESS_KEY`, `NEXT_PUBLIC_CDN_PUBLIC_URL`, and `NEXT_PUBLIC_CDN_PATH_PREFIX`: S3-compatible upload configuration used when `NEXT_PUBLIC_CDN_STORAGE_PROVIDER=s3`.
 ## Creating servers
 When creating new Agents server, search across the repository for [☁]

package/apps/agents-server/package.json CHANGED Viewed

@@ -7,7 +7,7 @@
         "dev": "next dev -p 4440",
         "test": "npm run lint && npm run test-build && npm run test-e2e",
         "test-e2e": "playwright test",
-        "pretest-build": "npx kill-port 4021",
+        "pretest-build": "npx kill-port 4021 4440 || exit 0",
         "test-build": "node -r ./scripts/ignore-kill-eperm.js ../../node_modules/next/dist/bin/next build && node ./scripts/prerender-homepage.js",
         "build": "node -r ./scripts/ignore-kill-eperm.js ../../node_modules/next/dist/bin/next build && node ./scripts/prerender-homepage.js",
         "start": "next start -p 4440",

package/apps/agents-server/scripts/prerender-homepage.js CHANGED Viewed

@@ -45,6 +45,10 @@ const WAIT_TIMEOUT_MS = 15000;
  * Timeout for the final homepage download once the server is confirmed ready.
  */
 const HOME_REQUEST_TIMEOUT_MS = 30000;
+/**
+ * Timeout for stopping the temporary production server before escalating cleanup.
+ */
+const STOP_SERVER_TIMEOUT_MS = 10000;
 /**
  * When enabled, homepage prerender failures abort the whole build.
  */
@@ -136,6 +140,65 @@ function waitForServerReady(serverProcess) {
     });
 }
+/**
+ * Waits briefly for the temporary production server to exit after cleanup starts.
+ *
+ * @param serverProcess - Spawned `next start` child process.
+ * @param gracefulExit - Promise resolved by the child `exit` event.
+ * @returns Whether the child exited within the timeout window.
+ */
+async function waitForServerStop(serverProcess, gracefulExit) {
+    if (serverProcess.exitCode !== null || serverProcess.signalCode !== null) {
+        return true;
+    }
+    return await Promise.race([
+        gracefulExit.then(() => true),
+        new Promise((resolve) => setTimeout(() => resolve(false), STOP_SERVER_TIMEOUT_MS)),
+    ]);
+}
+/**
+ * Force-stops the temporary production server when normal shutdown does not finish in time.
+ *
+ * Windows can leave `next start` alive after an `EPERM` kill attempt, so use `taskkill`
+ * against the exact PID before giving up on cleanup.
+ *
+ * @param serverProcess - Spawned `next start` child process.
+ */
+async function forceStopServer(serverProcess) {
+    if (serverProcess.exitCode !== null || serverProcess.signalCode !== null) {
+        return;
+    }
+    if (process.platform !== 'win32') {
+        try {
+            serverProcess.kill('SIGKILL');
+        } catch (error) {
+            if (!isIgnorableStopServerError(error)) {
+                throw error;
+            }
+        }
+        return;
+    }
+    await new Promise((resolve, reject) => {
+        const taskKillProcess = spawn('taskkill', ['/PID', String(serverProcess.pid), '/T', '/F'], {
+            stdio: 'ignore',
+        });
+        taskKillProcess.on('error', reject);
+        taskKillProcess.on('exit', (code) => {
+            if (code === 0 || serverProcess.exitCode !== null || serverProcess.signalCode !== null) {
+                resolve();
+                return;
+            }
+            reject(new Error(`Failed to stop temporary production server process ${serverProcess.pid} with taskkill.`));
+        });
+    });
+}
 /**
  * Runs the production server for the built app, captures `/`, and keeps the HTML.
  */
@@ -196,7 +259,19 @@ async function prerenderHomePage() {
     } finally {
         detachStopServerHandlers();
         stopServer();
-        await gracefulExit;
+        if (!(await waitForServerStop(serverProcess, gracefulExit))) {
+            console.warn(
+                `Timed out waiting ${STOP_SERVER_TIMEOUT_MS}ms for the temporary production server to stop. Trying a forceful shutdown.`,
+            );
+            await forceStopServer(serverProcess);
+            if (!(await waitForServerStop(serverProcess, gracefulExit))) {
+                console.warn(
+                    `Timed out waiting ${STOP_SERVER_TIMEOUT_MS}ms for the temporary production server after forceful shutdown.`,
+                );
+            }
+        }
     }
 }

package/apps/agents-server/src/app/actions.ts CHANGED Viewed

@@ -6,7 +6,6 @@ import { revalidatePath } from 'next/cache';
 import { string_agent_permanent_id } from '../../../../src/types/typeAliases';
 import { DEFAULT_NAME_POOL, NAME_POOL_METADATA_KEY, parseNamePool } from '../constants/namePool';
 import { NEW_AGENT_WIZZARD_METADATA_KEY, parseNewAgentWizardMode } from '../constants/newAgentWizard';
-import { AUTHENTICATION_METHODS_METADATA_KEY, isAuthenticationMethodEnabled } from '../constants/authenticationMethods';
 import { getMetadata } from '../database/getMetadata';
 import { $provideAgentCollectionForServer } from '../tools/$provideAgentCollectionForServer';
 import { type AgentVisibility, parseAgentVisibility } from '../utils/agentVisibility';
@@ -106,11 +105,6 @@ export async function loginAction(formData: FormData) {
     console.info(`Login attempt for user: ${username}`);
-    if (!isAuthenticationMethodEnabled(await getMetadata(AUTHENTICATION_METHODS_METADATA_KEY), 'PASSWORD')) {
-        console.info('Password login rejected because PASSWORD authentication is disabled in metadata.');
-        return { success: false, message: 'Password login is disabled on this server.' };
-    }
     const user = await authenticateUser(username, password);
     if (user) {

package/apps/agents-server/src/app/admin/about/page.tsx CHANGED Viewed

@@ -413,7 +413,7 @@ export default async function AdminAboutPage() {
     ];
     return (
-        <div className="min-h-screen bg-gradient-to-br from-blue-50 via-white to-purple-50">
+        <div className="min-h-screen bg-gradient-to-br from-blue-50 via-white to-purple-50 dark:from-slate-950 dark:via-slate-950 dark:to-slate-900">
             <div className="container mx-auto px-4 py-16">
                 <Card className="mb-10 space-y-4">
                     <div>

package/apps/agents-server/src/app/admin/login-methods/shibboleth/page.tsx ADDED Viewed

@@ -0,0 +1,365 @@
+import Link from 'next/link';
+import { headers } from 'next/headers';
+import { AlertTriangle, CheckCircle2, ExternalLink, XCircle } from 'lucide-react';
+import { $getTableName } from '../../../../database/$getTableName';
+import { $provideSupabaseForServer } from '../../../../database/$provideSupabaseForServer';
+import { ForbiddenPage } from '../../../../components/ForbiddenPage/ForbiddenPage';
+import { isUserAdmin } from '../../../../utils/isUserAdmin';
+import {
+    getShibbolethAuthenticationAttemptTableName,
+    getShibbolethUserIdentityTableName,
+    resolveShibbolethAuthenticationConfiguration,
+    type ShibbolethAuthenticationAttemptRow,
+    type ShibbolethUserIdentityRow,
+} from '../../../../utils/shibbolethAuthentication';
+/**
+ * User row subset displayed on the Shibboleth dashboard.
+ */
+type DashboardUserRow = {
+    readonly id: number;
+    readonly username: string;
+    readonly email?: string | null;
+    readonly displayName?: string | null;
+    readonly authenticationProvider?: string | null;
+    readonly isAdmin: boolean;
+};
+/**
+ * Builds an absolute URL for Shibboleth route configuration inside server components.
+ */
+async function getDashboardRequestUrl(): Promise<string> {
+    const headerStore = await headers();
+    const forwardedProtocol = headerStore.get('x-forwarded-proto')?.split(',')[0]?.trim() || 'http';
+    const forwardedHost = headerStore.get('x-forwarded-host') || headerStore.get('host') || 'localhost';
+    return `${forwardedProtocol}://${forwardedHost}/admin/login-methods/shibboleth`;
+}
+/**
+ * Loads recent Shibboleth authentication attempts for the dashboard.
+ */
+async function loadShibbolethAuthenticationAttempts(): Promise<ReadonlyArray<ShibbolethAuthenticationAttemptRow>> {
+    const supabase = $provideSupabaseForServer();
+    const { data, error } = await supabase
+        .from(await getShibbolethAuthenticationAttemptTableName())
+        .select('*')
+        .order('createdAt', { ascending: false })
+        .limit(100);
+    if (error) {
+        console.error('Failed to load Shibboleth authentication attempts:', error);
+        return [];
+    }
+    return (data as ShibbolethAuthenticationAttemptRow[] | null) || [];
+}
+/**
+ * Loads Shibboleth identities and their linked users for the dashboard.
+ */
+async function loadShibbolethIdentitiesWithUsers(): Promise<{
+    readonly identities: ReadonlyArray<ShibbolethUserIdentityRow>;
+    readonly usersById: ReadonlyMap<number, DashboardUserRow>;
+}> {
+    const supabase = $provideSupabaseForServer();
+    const { data: identities, error } = await supabase
+        .from(await getShibbolethUserIdentityTableName())
+        .select('*')
+        .order('lastLoggedInAt', { ascending: false, nullsFirst: false });
+    if (error) {
+        console.error('Failed to load Shibboleth identities:', error);
+        return {
+            identities: [],
+            usersById: new Map(),
+        };
+    }
+    const identityRows = (identities as ShibbolethUserIdentityRow[] | null) || [];
+    const userIds = Array.from(new Set(identityRows.map((identity) => identity.userId)));
+    if (userIds.length === 0) {
+        return {
+            identities: identityRows,
+            usersById: new Map(),
+        };
+    }
+    const { data: users, error: usersError } = await supabase
+        .from(await $getTableName('User'))
+        .select('*')
+        .in('id', userIds);
+    if (usersError) {
+        console.error('Failed to load Shibboleth users:', usersError);
+        return {
+            identities: identityRows,
+            usersById: new Map(),
+        };
+    }
+    const usersById = new Map<number, DashboardUserRow>();
+    for (const user of (users as unknown as DashboardUserRow[] | null) || []) {
+        usersById.set(user.id, user);
+    }
+    return {
+        identities: identityRows,
+        usersById,
+    };
+}
+/**
+ * Formats an optional date-time value for the dashboard.
+ */
+function formatDashboardDateTime(value: string | null | undefined): string {
+    if (!value) {
+        return 'Never';
+    }
+    return new Date(value).toLocaleString();
+}
+/**
+ * Handles Shibboleth login method dashboard page.
+ */
+export default async function ShibbolethLoginMethodPage() {
+    const isAdmin = await isUserAdmin();
+    if (!isAdmin) {
+        return <ForbiddenPage />;
+    }
+    const requestUrl = await getDashboardRequestUrl();
+    const [configuration, attempts, identitiesWithUsers] = await Promise.all([
+        resolveShibbolethAuthenticationConfiguration({
+            requestUrl,
+            isIdentityProviderMetadataValidationEnabled: true,
+        }),
+        loadShibbolethAuthenticationAttempts(),
+        loadShibbolethIdentitiesWithUsers(),
+    ]);
+    const isWarningShown = configuration.isActive && !configuration.isConfigured;
+    return (
+        <div className="container mx-auto max-w-6xl px-4 py-8 space-y-8">
+            <div className="flex flex-col gap-3 sm:flex-row sm:items-start sm:justify-between">
+                <div>
+                    <p className="text-sm font-medium text-gray-500">System / Login Methods</p>
+                    <h1 className="text-3xl font-semibold text-gray-950">Shibboleth</h1>
+                    <p className="mt-2 max-w-3xl text-sm text-gray-600">
+                        Manage Shibboleth SAML login, review authentication attempts, and inspect linked users.
+                    </p>
+                </div>
+                <Link
+                    href="/admin/users"
+                    className="inline-flex items-center justify-center rounded-md border border-gray-300 px-3 py-2 text-sm font-medium text-gray-700 hover:bg-gray-50"
+                >
+                    Users
+                </Link>
+            </div>
+            {isWarningShown && (
+                <div className="flex gap-3 rounded-md border border-amber-300 bg-amber-50 p-4 text-amber-900">
+                    <AlertTriangle className="mt-0.5 h-5 w-5 flex-none" />
+                    <div className="space-y-1 text-sm">
+                        <p className="font-semibold">
+                            Shibboleth authentication is active but not configured correctly.
+                        </p>
+                        <p>{configuration.errors.join(' ')}</p>
+                        <a href="#setup-instructions" className="font-medium underline">
+                            Open setup instructions
+                        </a>
+                    </div>
+                </div>
+            )}
+            <section className="rounded-md border border-gray-200 bg-white p-5">
+                <div className="flex items-center gap-2">
+                    {configuration.isActive ? (
+                        <CheckCircle2 className="h-5 w-5 text-green-600" />
+                    ) : (
+                        <XCircle className="h-5 w-5 text-gray-400" />
+                    )}
+                    <h2 className="text-lg font-semibold text-gray-950">Configuration</h2>
+                </div>
+                <dl className="mt-4 grid gap-4 text-sm sm:grid-cols-2">
+                    <div>
+                        <dt className="font-medium text-gray-500">Active</dt>
+                        <dd className="mt-1 text-gray-900">{configuration.isActive ? 'Yes' : 'No'}</dd>
+                    </div>
+                    <div>
+                        <dt className="font-medium text-gray-500">Configured</dt>
+                        <dd className="mt-1 text-gray-900">{configuration.isConfigured ? 'Yes' : 'No'}</dd>
+                    </div>
+                    <div>
+                        <dt className="font-medium text-gray-500">EntityID</dt>
+                        <dd className="mt-1 break-all font-mono text-xs text-gray-900">
+                            {configuration.serviceProviderUrls.entityId}
+                        </dd>
+                    </div>
+                    <div>
+                        <dt className="font-medium text-gray-500">ACS URL</dt>
+                        <dd className="mt-1 break-all font-mono text-xs text-gray-900">
+                            {configuration.serviceProviderUrls.assertionConsumerServiceUrl}
+                        </dd>
+                    </div>
+                    <div>
+                        <dt className="font-medium text-gray-500">SP metadata</dt>
+                        <dd className="mt-1 break-all text-xs">
+                            <a
+                                href={configuration.serviceProviderUrls.metadataUrl}
+                                className="inline-flex items-center gap-1 font-mono text-blue-700 hover:text-blue-900"
+                            >
+                                {configuration.serviceProviderUrls.metadataUrl}
+                                <ExternalLink className="h-3.5 w-3.5" />
+                            </a>
+                        </dd>
+                    </div>
+                    <div>
+                        <dt className="font-medium text-gray-500">IdP metadata source</dt>
+                        <dd className="mt-1 break-all text-xs text-gray-900">
+                            {configuration.isIdentityProviderMetadataXmlConfigured
+                                ? 'Metadata XML is stored directly in metadata configuration.'
+                                : configuration.identityProviderMetadataUrl || 'Not set'}
+                        </dd>
+                    </div>
+                </dl>
+                {configuration.errors.length > 0 && (
+                    <ul className="mt-4 list-disc space-y-1 pl-5 text-sm text-amber-800">
+                        {configuration.errors.map((error) => (
+                            <li key={error}>{error}</li>
+                        ))}
+                    </ul>
+                )}
+            </section>
+            <section id="setup-instructions" className="rounded-md border border-gray-200 bg-white p-5">
+                <h2 className="text-lg font-semibold text-gray-950">Setup Instructions</h2>
+                <ol className="mt-4 list-decimal space-y-3 pl-5 text-sm text-gray-700">
+                    <li>
+                        In{' '}
+                        <Link href="/admin/metadata" className="text-blue-700 underline">
+                            Metadata
+                        </Link>
+                        , set <code>IS_SHIBBOLETH_AUTH_ACTIVE</code> to <code>true</code>.
+                    </li>
+                    <li>
+                        Set <code>SHIBBOLETH_IDP_METADATA_URL</code> to the university Identity Provider metadata URL.
+                        For Silesian University use <code>https://idp-cro.slu.cz/idp/shibboleth</code>, or paste the XML
+                        into <code>SHIBBOLETH_IDP_METADATA_XML</code>.
+                    </li>
+                    <li>
+                        Send the Service Provider metadata URL above to the IdP administrator, or send the EntityID and
+                        ACS URL shown in the configuration panel.
+                    </li>
+                    <li>
+                        Ask the IdP administrator to release <code>mail</code>, <code>displayName</code>, and{' '}
+                        <code>unstructuredName</code>. <code>eduPersonPrincipalName</code> can also be used as an
+                        institutional identifier.
+                    </li>
+                </ol>
+            </section>
+            <section className="rounded-md border border-gray-200 bg-white p-5">
+                <h2 className="text-lg font-semibold text-gray-950">Authentication Attempts</h2>
+                <div className="mt-4 overflow-x-auto">
+                    <table className="min-w-full divide-y divide-gray-200 text-sm">
+                        <thead>
+                            <tr className="text-left text-xs font-semibold uppercase tracking-wide text-gray-500">
+                                <th className="py-2 pr-4">Time</th>
+                                <th className="py-2 pr-4">Status</th>
+                                <th className="py-2 pr-4">Stage</th>
+                                <th className="py-2 pr-4">Email</th>
+                                <th className="py-2 pr-4">Name</th>
+                                <th className="py-2 pr-4">Error</th>
+                            </tr>
+                        </thead>
+                        <tbody className="divide-y divide-gray-100">
+                            {attempts.length === 0 ? (
+                                <tr>
+                                    <td className="py-3 text-gray-500" colSpan={6}>
+                                        No Shibboleth authentication attempts recorded yet.
+                                    </td>
+                                </tr>
+                            ) : (
+                                attempts.map((attempt) => (
+                                    <tr key={attempt.id}>
+                                        <td className="whitespace-nowrap py-2 pr-4 text-gray-700">
+                                            {formatDashboardDateTime(attempt.createdAt)}
+                                        </td>
+                                        <td className="py-2 pr-4 font-medium text-gray-900">{attempt.status}</td>
+                                        <td className="py-2 pr-4 text-gray-700">{attempt.stage}</td>
+                                        <td className="py-2 pr-4 text-gray-700">{attempt.email || '-'}</td>
+                                        <td className="py-2 pr-4 text-gray-700">{attempt.displayName || '-'}</td>
+                                        <td className="max-w-xs py-2 pr-4 text-gray-600">
+                                            {attempt.errorMessage || '-'}
+                                        </td>
+                                    </tr>
+                                ))
+                            )}
+                        </tbody>
+                    </table>
+                </div>
+            </section>
+            <section className="rounded-md border border-gray-200 bg-white p-5">
+                <h2 className="text-lg font-semibold text-gray-950">Shibboleth Users</h2>
+                <div className="mt-4 overflow-x-auto">
+                    <table className="min-w-full divide-y divide-gray-200 text-sm">
+                        <thead>
+                            <tr className="text-left text-xs font-semibold uppercase tracking-wide text-gray-500">
+                                <th className="py-2 pr-4">User</th>
+                                <th className="py-2 pr-4">Email</th>
+                                <th className="py-2 pr-4">Display Name</th>
+                                <th className="py-2 pr-4">Institutional ID</th>
+                                <th className="py-2 pr-4">Logins</th>
+                                <th className="py-2 pr-4">Last Login</th>
+                            </tr>
+                        </thead>
+                        <tbody className="divide-y divide-gray-100">
+                            {identitiesWithUsers.identities.length === 0 ? (
+                                <tr>
+                                    <td className="py-3 text-gray-500" colSpan={6}>
+                                        No Shibboleth users have logged in yet.
+                                    </td>
+                                </tr>
+                            ) : (
+                                identitiesWithUsers.identities.map((identity) => {
+                                    const user = identitiesWithUsers.usersById.get(identity.userId);
+                                    return (
+                                        <tr key={identity.id}>
+                                            <td className="py-2 pr-4">
+                                                {user ? (
+                                                    <Link
+                                                        href={`/admin/users/${encodeURIComponent(user.username)}`}
+                                                        className="font-medium text-blue-700 hover:text-blue-900"
+                                                    >
+                                                        {user.username}
+                                                    </Link>
+                                                ) : (
+                                                    <span className="text-gray-500">
+                                                        Missing user #{identity.userId}
+                                                    </span>
+                                                )}
+                                            </td>
+                                            <td className="py-2 pr-4 text-gray-700">{identity.email}</td>
+                                            <td className="py-2 pr-4 text-gray-700">{identity.displayName || '-'}</td>
+                                            <td className="py-2 pr-4 text-gray-700">
+                                                {identity.unstructuredName || identity.eduPersonPrincipalName || '-'}
+                                            </td>
+                                            <td className="py-2 pr-4 text-gray-700">{identity.loginCount}</td>
+                                            <td className="whitespace-nowrap py-2 pr-4 text-gray-700">
+                                                {formatDashboardDateTime(identity.lastLoggedInAt)}
+                                            </td>
+                                        </tr>
+                                    );
+                                })
+                            )}
+                        </tbody>
+                    </table>
+                </div>
+            </section>
+        </div>
+    );
+}

package/apps/agents-server/src/app/admin/servers/ServersRegistryTable.tsx CHANGED Viewed

@@ -17,7 +17,7 @@ import {
  * @private function of <ServersClient/>
  */
 const INPUT_CLASS_NAME =
-    'w-full rounded-md border border-gray-300 px-3 py-2 text-sm text-gray-900 shadow-sm focus:border-blue-500 focus:outline-none focus:ring-2 focus:ring-blue-200';
+    'w-full rounded-md border border-gray-300 px-3 py-2 text-sm text-gray-900 shadow-sm focus:border-blue-500 focus:outline-none focus:ring-2 focus:ring-blue-200 dark:border-slate-600 dark:bg-slate-950 dark:text-slate-100 dark:focus:border-sky-400 dark:focus:ring-sky-500/30';
 /**
  * Shared secondary button styling used by the registry table.
@@ -25,7 +25,7 @@ const INPUT_CLASS_NAME =
  * @private function of <ServersClient/>
  */
 const SECONDARY_BUTTON_CLASS_NAME =
-    'inline-flex items-center gap-2 rounded-md border border-gray-300 bg-white px-3 py-2 text-sm font-semibold text-gray-700 hover:bg-gray-50 disabled:cursor-not-allowed disabled:opacity-60';
+    'inline-flex items-center gap-2 rounded-md border border-gray-300 bg-white px-3 py-2 text-sm font-semibold text-gray-700 hover:bg-gray-50 disabled:cursor-not-allowed disabled:opacity-60 dark:border-slate-600 dark:bg-slate-950 dark:text-slate-100 dark:hover:bg-slate-800';
 /**
  * Shared primary button styling used by the registry table.
@@ -196,7 +196,7 @@ function ServersRegistryTableRow(props: ServersRegistryTableRowProps) {
     return (
         <>
-            <tr className={isCurrent ? 'bg-blue-50/40' : 'hover:bg-gray-50'}>
+            <tr className={isCurrent ? 'bg-blue-50/40 dark:bg-sky-950/45' : 'hover:bg-gray-50 dark:hover:bg-slate-900/80'}>
                 <td className="px-4 py-3 align-top">
                     <input
                         type="text"

package/apps/agents-server/src/app/admin/update/UpdateClient.tsx CHANGED Viewed

@@ -2,6 +2,7 @@
 import { CheckCircle2, Download, Loader2, RefreshCcw, Rocket, Server, TriangleAlert } from 'lucide-react';
 import { useCallback, useEffect, useMemo, useState } from 'react';
+import { AdminXtermTerminal } from '../../../components/AdminTerminal/AdminXtermTerminal';
 import { Card } from '../../../components/Homepage/Card';
 /**
@@ -121,6 +122,9 @@ export function UpdateClient() {
     const isEnvironmentSwitchRequired =
         Boolean(selectedEnvironment) && selectedEnvironment?.id !== overview?.currentEnvironment.id;
     const isUpdateRunning = overview?.job.status === 'running';
+    const updateTerminalId = `standalone-vps-update:${overview?.job.startedAt || overview?.job.finishedAt || overview?.job.status || 'loading'}`;
+    const updateTerminalEmptyState =
+        isLoading && !overview ? 'Loading update log...' : 'No persisted update log output yet.';
     /**
      * Starts one detached update run for the selected environment.
@@ -406,9 +410,14 @@ export function UpdateClient() {
                             <span className="ml-2 font-mono text-slate-700">{overview.job.logFilePath}</span>
                         </div>
                     )}
-                    <pre className="max-h-[28rem] overflow-auto rounded-xl border border-slate-200 bg-slate-950 p-4 text-xs text-slate-100">
-                        {overview?.job.logTail || 'No persisted update log output yet.'}
-                    </pre>
+                    <AdminXtermTerminal
+                        terminalId={updateTerminalId}
+                        output={overview?.job.logTail || ''}
+                        emptyState={updateTerminalEmptyState}
+                        isReadOnly
+                        isPlainTextOutput
+                        ariaLabel="Standalone VPS update log"
+                    />
                 </div>
             </Card>
         </div>

package/apps/agents-server/src/app/admin/usage/UsageClientTimelineChart.tsx CHANGED Viewed

@@ -81,7 +81,7 @@ export function UsageClientTimelineChart(props: UsageClientTimelineChartProps) {
     return (
         <div>
-            <div className="w-full overflow-x-auto rounded-lg border border-gray-100 bg-gradient-to-br from-slate-50 via-white to-blue-50 p-2">
+            <div className="w-full overflow-x-auto rounded-lg border border-gray-100 bg-gradient-to-br from-slate-50 via-white to-blue-50 p-2 dark:from-slate-950 dark:via-slate-950 dark:to-slate-900">
                 <svg
                     width="100%"
                     viewBox={`0 0 ${chartGeometry.width} ${chartGeometry.height}`}

package/apps/agents-server/src/app/admin/users/[userId]/UserDetailClient.tsx CHANGED Viewed

@@ -86,33 +86,40 @@ export function UserDetailClient({ userId }: UserDetailClientProps) {
                                     {t('users.adminRole')}
                                 </span>
                             )}
+                            {user.authenticationProvider?.includes('SHIBBOLETH') && (
+                                <Link
+                                    href="/admin/login-methods/shibboleth"
+                                    className="ml-2 inline-block bg-emerald-100 text-emerald-800 text-xs px-2 py-1 rounded mt-1 hover:bg-emerald-200"
+                                >
+                                    Shibboleth
+                                </Link>
+                            )}
                             <p className="text-gray-500 text-sm mt-2">
                                 {t('users.idLabel')}: {user.id}
                             </p>
+                            {user.displayName && (
+                                <p className="text-gray-500 text-sm mt-1">Display name: {user.displayName}</p>
+                            )}
+                            {user.email && <p className="text-gray-500 text-sm mt-1">Email: {user.email}</p>}
+                            {user.authenticationProvider && (
+                                <p className="text-gray-500 text-sm mt-1">
+                                    Authentication: {user.authenticationProvider}
+                                </p>
+                            )}
                             <p className="text-gray-500 text-sm mt-1">
                                 {t('users.createdAtLabel')}:{' '}
-                                {user.createdAt
-                                    ? new Date(user.createdAt).toLocaleString()
-                                    : t('users.unknownValue')}
+                                {user.createdAt ? new Date(user.createdAt).toLocaleString() : t('users.unknownValue')}
                             </p>
                             <p className="text-gray-500 text-sm mt-1">
                                 {t('users.lastUpdatedLabel')}:{' '}
-                                {user.updatedAt
-                                    ? new Date(user.updatedAt).toLocaleString()
-                                    : t('users.unknownValue')}
+                                {user.updatedAt ? new Date(user.updatedAt).toLocaleString() : t('users.unknownValue')}
                             </p>
                         </div>
                         <div className="space-x-2">
-                            <button
-                                onClick={handleToggleAdmin}
-                                className="text-sm text-blue-600 hover:text-blue-800"
-                            >
+                            <button onClick={handleToggleAdmin} className="text-sm text-blue-600 hover:text-blue-800">
                                 {user.isAdmin ? t('users.removeAdmin') : t('users.makeAdmin')}
                             </button>
-                            <button
-                                onClick={handleDelete}
-                                className="text-sm text-red-600 hover:text-red-800"
-                            >
+                            <button onClick={handleDelete} className="text-sm text-red-600 hover:text-red-800">
                                 {t('users.deleteUserAction')}
                             </button>
                         </div>