@rubytech/create-maxy 1.0.885 → 1.0.886

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@rubytech/create-maxy",
-  "version": "1.0.885",
+  "version": "1.0.886",
   "description": "Install Maxy — AI for Productive People",
   "bin": {
     "create-maxy": "./dist/index.js"

package/payload/platform/neo4j/schema.cypher

@@ -498,9 +498,16 @@ OPTIONS {
 CREATE CONSTRAINT message_id_unique IF NOT EXISTS
 FOR (m:Message) REQUIRE m.messageId IS UNIQUE;
 
+// Task 1007 — Message.sessionKey is the canonical conversation pointer.
+// The legacy m.conversationId index stays until follow-up Task 1011 (final
+// cutover, after the full code-rename slice lands and no path reads
+// m.conversationId).
 CREATE INDEX message_conversation IF NOT EXISTS
 FOR (m:Message) ON (m.conversationId);
 
+CREATE INDEX message_session_key IF NOT EXISTS
+FOR (m:Message) ON (m.sessionKey);
+
 CREATE VECTOR INDEX message_embedding IF NOT EXISTS
 FOR (m:Message) ON (m.embedding)
 OPTIONS {

package/payload/platform/scripts/check-no-conversation-id-leaks.mjs

@@ -0,0 +1,165 @@
+#!/usr/bin/env node
+// Task 1007 build-time gate: prevents NEW files from gaining a `conversationId` /
+// `sessionId` reference while the 146-file rename slice is in progress.
+//
+// The legacy identifiers are being collapsed into the single canonical
+// `sessionKey`. This sprint shipped the schema-side load-bearing pieces
+// (backfill, new index, boot-time adherence probe) plus the core lib rename.
+// The mechanical tail (routes, MCP plugin parameters, UI props, WhatsApp,
+// tests, specialist templates) is split across follow-up tasks 1009 and 1010.
+//
+// During the transition window, every file currently containing the legacy
+// identifiers is named in `conversation-id-allowlist.txt`. Each follow-up
+// rename PR removes file paths from the allowlist as those files are migrated.
+// This gate fails if:
+//   (a) a file NOT in the allowlist contains any of the four legacy tokens, or
+//   (b) the allowlist references a path that no longer exists (stale entry).
+//
+// Once tasks 1009 and 1010 land, the allowlist is empty; the gate then enforces
+// the task's outcome contract (zero hits anywhere outside .tasks/archive/).
+
+import { readFileSync, readdirSync, statSync, existsSync } from 'node:fs'
+import { dirname, join, relative, basename } from 'node:path'
+import { fileURLToPath } from 'node:url'
+
+const SCRIPT_DIR = dirname(fileURLToPath(import.meta.url))
+const REPO_ROOT = join(SCRIPT_DIR, '..', '..')
+const ALLOWLIST_PATH = join(SCRIPT_DIR, 'conversation-id-allowlist.txt')
+
+const SCAN_ROOTS = [
+  join(REPO_ROOT, 'platform'),
+  join(REPO_ROOT, 'packages'),
+  join(REPO_ROOT, 'brands'),
+  join(REPO_ROOT, '.docs'),
+  join(REPO_ROOT, '.claude', 'skills'),
+]
+
+const ALLOWED_EXTS = new Set([
+  '.sh', '.ts', '.tsx', '.js', '.jsx', '.mjs', '.cjs',
+  '.md', '.cypher', '.json',
+])
+const SKIP_DIR_NAMES = new Set([
+  'node_modules', 'dist', 'build', '.next', 'payload',
+])
+const SKIP_PATH_FRAGMENTS = ['.tasks/archive/']
+
+// Whole-word matches only — avoids hits inside longer identifiers like
+// `agentSessionId` (Claude Agent SDK per-process session, intentionally kept)
+// and `conversationIdentity` (ConversationArchive hash key, unrelated).
+const LEGACY_TOKEN_RE = /\b(?:conversationId|sessionId|CONVERSATION_ID|SESSION_ID)\b/
+
+// Comment-line skip — matches the convention in check-no-task-id-leaks.mjs.
+// Comments that *describe* the legacy field (inside the migration code itself,
+// or inline docstrings explaining the rename) are not new executing code
+// introducing the token, so they don't trip the gate.
+function isCommentLine(line) {
+  const trimmed = line.replace(/^\s+/, '')
+  if (trimmed.startsWith('#')) return true
+  if (trimmed.startsWith('//')) return true
+  if (trimmed.startsWith('/*')) return true
+  if (trimmed.startsWith('*')) return true
+  if (trimmed.startsWith('{/*')) return true
+  return false
+}
+
+function loadAllowlist() {
+  if (!existsSync(ALLOWLIST_PATH)) return new Set()
+  const text = readFileSync(ALLOWLIST_PATH, 'utf-8')
+  return new Set(
+    text.split('\n')
+      .map(l => l.trim())
+      .filter(l => l && !l.startsWith('#'))
+  )
+}
+
+function shouldScanFile(filePath) {
+  const name = basename(filePath)
+  const ext = name.includes('.') ? '.' + name.split('.').pop() : ''
+  if (!ALLOWED_EXTS.has(ext)) return false
+  const rel = relative(REPO_ROOT, filePath)
+  for (const frag of SKIP_PATH_FRAGMENTS) {
+    if (rel.includes(frag)) return false
+  }
+  return true
+}
+
+function* walk(root) {
+  let entries
+  try { entries = readdirSync(root) } catch { return }
+  for (const name of entries) {
+    if (SKIP_DIR_NAMES.has(name)) continue
+    const full = join(root, name)
+    let st
+    try { st = statSync(full) } catch { continue }
+    if (st.isDirectory()) {
+      yield* walk(full)
+    } else if (st.isFile()) {
+      yield full
+    }
+  }
+}
+
+const allowlist = loadAllowlist()
+const newLeaks = []
+const hitFiles = new Set()
+
+for (const root of SCAN_ROOTS) {
+  if (!existsSync(root)) continue
+  for (const file of walk(root)) {
+    if (!shouldScanFile(file)) continue
+    let content
+    try { content = readFileSync(file, 'utf-8') } catch { continue }
+    if (!LEGACY_TOKEN_RE.test(content)) continue
+    const rel = relative(REPO_ROOT, file)
+    const lines = content.split('\n')
+    // For non-allowlisted files: only flag hits in non-comment lines. For
+    // allowlisted files: any hit counts (so the allowlist accurately tracks
+    // the surface still using the legacy name, comments and code alike).
+    if (allowlist.has(rel)) {
+      hitFiles.add(rel)
+      continue
+    }
+    let firstLine = 0, firstText = ''
+    for (let i = 0; i < lines.length; i++) {
+      if (!LEGACY_TOKEN_RE.test(lines[i])) continue
+      if (isCommentLine(lines[i])) continue
+      firstLine = i + 1
+      firstText = lines[i].trim().slice(0, 120)
+      break
+    }
+    if (firstLine > 0) {
+      newLeaks.push({ file: rel, line: firstLine, content: firstText })
+    }
+  }
+}
+
+// Stale allowlist entries: files in the allowlist that no longer have a hit
+// (renamed already, or no longer exist) — remove them.
+const staleAllowlistEntries = [...allowlist].filter(p => !hitFiles.has(p))
+
+let failed = false
+
+if (newLeaks.length > 0) {
+  failed = true
+  console.error(`check-no-conversation-id-leaks: ${newLeaks.length} NEW file(s) introduced legacy identifier(s):`)
+  for (const leak of newLeaks) {
+    console.error(`  ${leak.file}:${leak.line}: ${leak.content}`)
+  }
+  console.error('')
+  console.error('The single canonical identifier is `sessionKey`. New code must use it.')
+  console.error('Legacy tokens: conversationId, sessionId, CONVERSATION_ID, SESSION_ID.')
+  console.error('Follow-up tasks 1009 + 1010 are migrating existing files off the allowlist.')
+}
+
+if (staleAllowlistEntries.length > 0) {
+  failed = true
+  console.error('')
+  console.error(`check-no-conversation-id-leaks: ${staleAllowlistEntries.length} stale allowlist entry(ies) — remove from platform/scripts/conversation-id-allowlist.txt:`)
+  for (const entry of staleAllowlistEntries) {
+    console.error(`  ${entry}`)
+  }
+}
+
+if (failed) process.exit(1)
+
+console.error(`check-no-conversation-id-leaks: ok (${allowlist.size} files in transition allowlist; 0 new leaks)`)

package/payload/platform/scripts/conversation-id-allowlist.txt

@@ -0,0 +1,151 @@
+.docs/agents.md
+.docs/conversation-archive.md
+.docs/deployment.md
+.docs/mcp-servers.md
+.docs/neo4j.md
+.docs/observability.md
+.docs/platform.md
+.docs/web-chat.md
+.docs/whatsapp.md
+platform/lib/graph-mcp/src/index.ts
+platform/lib/graph-trash/src/index.ts
+platform/lib/graph-write/src/__tests__/audit.test.ts
+platform/lib/graph-write/src/audit.ts
+platform/neo4j/schema.cypher
+platform/plugins/admin/PLUGIN.md
+platform/plugins/admin/hooks/__tests__/archive-ingest-surface-gate.test.sh
+platform/plugins/admin/mcp/src/index.ts
+platform/plugins/admin/skills/onboarding/SKILL.md
+platform/plugins/admin/skills/stream-log-review/SKILL.md
+platform/plugins/admin/skills/stream-log-review/references/analysis-patterns.md
+platform/plugins/business-assistant/references/profiling.md
+platform/plugins/contacts/mcp/src/index.ts
+platform/plugins/contacts/mcp/src/tools/contact-erase.ts
+platform/plugins/contacts/mcp/src/tools/contact-export.ts
+platform/plugins/contacts/mcp/src/tools/group-create.ts
+platform/plugins/contacts/mcp/src/tools/group-manage.ts
+platform/plugins/docs/references/admin-session.md
+platform/plugins/docs/references/contacts-guide.md
+platform/plugins/docs/references/internals.md
+platform/plugins/docs/references/platform.md
+platform/plugins/docs/references/plugins-guide.md
+platform/plugins/docs/references/troubleshooting.md
+platform/plugins/linkedin-import/skills/linkedin-import/SKILL.md
+platform/plugins/linkedin-import/skills/linkedin-import/references/connections.md
+platform/plugins/memory/bin/conversation-archive-ingest.mjs
+platform/plugins/memory/bin/conversation-archive-ingest.sh
+platform/plugins/memory/mcp/scripts/boot-smoke.sh
+platform/plugins/memory/mcp/scripts/graph/fixture.cypher
+platform/plugins/memory/mcp/src/index.ts
+platform/plugins/memory/mcp/src/lib/graph-prune.ts
+platform/plugins/memory/mcp/src/tools/conversation-archive-derive-insights.ts
+platform/plugins/memory/mcp/src/tools/conversation-archive-enrich-rejection.ts
+platform/plugins/memory/mcp/src/tools/conversation-memory-expunge.ts
+platform/plugins/memory/mcp/src/tools/memory-archive-write.ts
+platform/plugins/memory/mcp/src/tools/memory-find-candidates.ts
+platform/plugins/memory/mcp/src/tools/memory-ingest.ts
+platform/plugins/memory/mcp/src/tools/profile-update.ts
+platform/plugins/memory/references/graph-primitives.md
+platform/plugins/memory/references/schema-base.md
+platform/plugins/memory/skills/conversation-archive/SKILL.md
+platform/plugins/memory/skills/conversational-memory/SKILL.md
+platform/plugins/memory/skills/document-ingest/SKILL.md
+platform/plugins/scheduling/mcp/src/index.ts
+platform/plugins/tasks/.mcp.json
+platform/plugins/tasks/mcp/src/index.ts
+platform/plugins/tasks/mcp/src/tools/project-create.ts
+platform/plugins/tasks/mcp/src/tools/session-list.ts
+platform/plugins/waitlist/mcp/src/index.ts
+platform/plugins/waitlist/mcp/src/tools/__tests__/waitlist-persist.test.ts
+platform/plugins/waitlist/mcp/src/tools/waitlist-heal.ts
+platform/plugins/waitlist/mcp/src/tools/waitlist-list.ts
+platform/plugins/waitlist/mcp/src/tools/waitlist-persist.ts
+platform/plugins/waitlist/mcp/src/tools/waitlist-scan.ts
+platform/plugins/waitlist/mcp/src/tools/waitlist-setup.ts
+platform/plugins/whatsapp/PLUGIN.md
+platform/plugins/whatsapp/mcp/src/index.ts
+platform/plugins/workflows/mcp/src/index.ts
+platform/scripts/__tests__/admin-persist-audit.test.ts
+platform/scripts/admin-conversation-recover.mjs
+platform/scripts/admin-persist-audit.ts
+platform/scripts/check-no-conversation-id-leaks.mjs
+platform/scripts/check-sdk-oauth.mjs
+platform/scripts/component-knowledgedoc-backfill.ts
+platform/scripts/seed-neo4j.sh
+platform/templates/agents/admin/IDENTITY.md
+platform/templates/specialists/agents/database-operator.md
+platform/ui/__tests__/form-spawn-tailer.test.ts
+platform/ui/app/AdminModals.tsx
+platform/ui/app/ChatActionsMenu.tsx
+platform/ui/app/ChatFooter.tsx
+platform/ui/app/ConversationRowActions.tsx
+platform/ui/app/Sidebar.tsx
+platform/ui/app/__tests__/buildSessionLogsUrl.test.ts
+platform/ui/app/admin/components/CloudflareSetupForm.tsx
+platform/ui/app/graph/__tests__/display-helpers.test.ts
+platform/ui/app/graph/__tests__/zoom-tier-colour-stability.test.ts
+platform/ui/app/graph/display-helpers.ts
+platform/ui/app/lib/__tests__/admin-conversation-create.test.ts
+platform/ui/app/lib/__tests__/admin-persist-observability.test.ts
+platform/ui/app/lib/__tests__/claude-agent-loop-stop.test.ts
+platform/ui/app/lib/__tests__/conversation-deferred-persistence.test.ts
+platform/ui/app/lib/__tests__/ensure-conversation-handled-by.test.ts
+platform/ui/app/lib/__tests__/graph-trash-conversation-cascade.test.ts
+platform/ui/app/lib/__tests__/jsonl-replay.test.ts
+platform/ui/app/lib/__tests__/load-user-profile-sparse.test.ts
+platform/ui/app/lib/__tests__/neo4j-store-autolabel.test.ts
+platform/ui/app/lib/__tests__/neo4j-store-persist-message.test.ts
+platform/ui/app/lib/admin-sse-registry.ts
+platform/ui/app/lib/attachments.ts
+platform/ui/app/lib/claude-agent/admin-agent.ts
+platform/ui/app/lib/claude-agent/compaction.ts
+platform/ui/app/lib/claude-agent/dispatcher.ts
+platform/ui/app/lib/claude-agent/jsonl-replay.ts
+platform/ui/app/lib/claude-agent/logging.ts
+platform/ui/app/lib/claude-agent/memory-context.ts
+platform/ui/app/lib/claude-agent/public-agent.ts
+platform/ui/app/lib/claude-agent/session-store.ts
+platform/ui/app/lib/claude-agent/spawn-env.ts
+platform/ui/app/lib/claude-agent/stream-parser.ts
+platform/ui/app/lib/client-event.ts
+platform/ui/app/lib/cloudflare-setup-types.ts
+platform/ui/app/lib/cloudflare-task-tracker.ts
+platform/ui/app/lib/logs-read-resolve.ts
+platform/ui/app/lib/neo4j-store.ts
+platform/ui/app/lib/paths.ts
+platform/ui/app/lib/useConversationRename.ts
+platform/ui/app/lib/useLogsPopover.ts
+platform/ui/app/lib/vnc.ts
+platform/ui/app/lib/whatsapp/__tests__/ensure-conversation.test.ts
+platform/ui/app/lib/whatsapp/__tests__/persist-message.test.ts
+platform/ui/app/lib/whatsapp/ensure-conversation.ts
+platform/ui/app/lib/whatsapp/manager.ts
+platform/ui/app/lib/whatsapp/persist-message.ts
+platform/ui/app/page.tsx
+platform/ui/app/public/MessageList.tsx
+platform/ui/app/public/page.tsx
+platform/ui/app/public/types.ts
+platform/ui/app/public/useSession.ts
+platform/ui/app/useAdminAuth.ts
+platform/ui/app/useAdminChat.ts
+platform/ui/server/index.ts
+platform/ui/server/routes/__tests__/whatsapp-conversation-graph-state.test.ts
+platform/ui/server/routes/_helpers.ts
+platform/ui/server/routes/admin/__tests__/browser-iframe-route.test.ts
+platform/ui/server/routes/admin/__tests__/chat-stream-log-path.test.ts
+platform/ui/server/routes/admin/__tests__/cloudflare-tunnels-zero.test.ts
+platform/ui/server/routes/admin/__tests__/graph-search.test.ts
+platform/ui/server/routes/admin/__tests__/graph-subgraph.test.ts
+platform/ui/server/routes/admin/__tests__/logs.test.ts
+platform/ui/server/routes/admin/__tests__/sessions.test.ts
+platform/ui/server/routes/admin/browser-iframe.ts
+platform/ui/server/routes/admin/chat-failure.ts
+platform/ui/server/routes/admin/chat.ts
+platform/ui/server/routes/admin/cloudflare.ts
+platform/ui/server/routes/admin/graph-subgraph.ts
+platform/ui/server/routes/admin/logs.ts
+platform/ui/server/routes/admin/session.ts
+platform/ui/server/routes/admin/sessions.ts
+platform/ui/server/routes/group.ts
+platform/ui/server/routes/session.ts
+platform/ui/server/routes/whatsapp.ts

package/payload/platform/scripts/seed-neo4j.sh

@@ -490,6 +490,52 @@ fi
 
 echo "$SCHEMA_CYPHER" | "$CYPHER_SHELL" -u "$NEO4J_USER" -p "$NEO4J_PASSWORD" -a "$NEO4J_URI"
 
+# ------------------------------------------------------------------
+# Task 1007 — sessionKey backfill (idempotent, runs every seed pass).
+#
+# Conversation and Message rows minted before Task 985 carry only
+# `conversationId`. The new canonical identifier is `sessionKey` (same
+# UUID shape). This block copies conversationId → sessionKey on every
+# row where sessionKey is still null, leaving rows that already carry
+# sessionKey untouched. Re-runs are no-ops. The legacy
+# `conversation_id_unique` constraint and `m.conversationId` index
+# stay until the full code-rename slice lands and no path reads the
+# legacy field; the drop happens in Task 1007's open completion scope.
+# ------------------------------------------------------------------
+echo "==> Backfilling sessionKey on :Conversation and :Message..."
+BACKFILL_RESULT=$("$CYPHER_SHELL" -u "$NEO4J_USER" -p "$NEO4J_PASSWORD" -a "$NEO4J_URI" --format plain << 'BACKFILL_EOF'
+MATCH (c:Conversation)
+WHERE c.sessionKey IS NULL AND c.conversationId IS NOT NULL
+SET c.sessionKey = c.conversationId
+RETURN count(c) AS conversations_backfilled;
+MATCH (m:Message)
+WHERE m.sessionKey IS NULL AND m.conversationId IS NOT NULL
+SET m.sessionKey = m.conversationId
+RETURN count(m) AS messages_backfilled;
+MATCH (c:Conversation) WHERE c.sessionKey IS NULL RETURN count(c) AS conversations_null_after;
+MATCH (m:Message) WHERE m.sessionKey IS NULL RETURN count(m) AS messages_null_after;
+BACKFILL_EOF
+)
+# Emit the migration-1007 adherence lines on stderr so they land in server.log
+# the same as every other log line. Non-zero null counts after backfill are P0:
+# they indicate orphan rows that carry neither identifier and need operator
+# attention before the constraint flip in Task 1011.
+echo "$BACKFILL_RESULT" | python3 -c "
+import sys, re
+rows = [r.strip() for r in sys.stdin.read().splitlines() if r.strip() and not r.strip().startswith(('conversations_', 'messages_'))]
+nums = [int(r) for r in rows if re.fullmatch(r'\d+', r)]
+if len(nums) >= 4:
+    conv_bf, msg_bf, conv_null, msg_null = nums[0], nums[1], nums[2], nums[3]
+    print(f'[migration-1007] conversation-row-backfill rows={conv_bf} outcome=ok', file=sys.stderr)
+    print(f'[migration-1007] message-row-backfill rows={msg_bf} outcome=ok', file=sys.stderr)
+    print(f'[migration-1007] adherence-check label=Conversation rows-with-null-sessionkey={conv_null}', file=sys.stderr)
+    print(f'[migration-1007] adherence-check label=Message rows-with-null-sessionkey={msg_null}', file=sys.stderr)
+    if conv_null > 0 or msg_null > 0:
+        print(f'[migration-1007] adherence-check P0=true reason=null-sessionkey-after-backfill', file=sys.stderr)
+else:
+    print(f'[migration-1007] backfill output unparseable rows={len(nums)}', file=sys.stderr)
+"
+
 # ------------------------------------------------------------------
 # 3. Create AdminUser node + ADMIN_OF relationship
 # ------------------------------------------------------------------