@thinkai/tai-api-contract 2.32.0 → 2.32.1-pr.731.2

package/openapi/openapi.yaml

@@ -1,7 +1,7 @@
 openapi: 3.0.3
 info:
   title: ThinkAI API
-  version: 2.30.1
+  version: 2.32.1
   description: >
     Contract surface for the AI Driven SDLC backend used by ThinkAI.
     Workspace-scoped routes use `/workspaces/{workspaceId}/...`.
@@ -3213,6 +3213,25 @@ paths:
         - $ref: "#/components/parameters/PaginationLimit"
         - $ref: "#/components/parameters/PaginationOffset"
         - $ref: "#/components/parameters/PaginationOrder"
+        - name: sort
+          in: query
+          required: false
+          description: >
+            Server-side sort column (the activity "5 W's"). Combined with `order` (asc/desc).
+            Defaults to `when` (occurredAt). `occurredAt`/`id` is always the tiebreaker.
+          schema:
+            type: string
+            enum: [when, who, what, why, where]
+        - name: productArea
+          in: query
+          required: false
+          description: >
+            Coarse product-area grouping filter (#156). `integration` = GitHub + AI-tool key events;
+            `agentic_foundation` = repos, readiness scans, fixes; `workspace_team` = members + HRIS.
+            Omit (or pass `all`) for every area.
+          schema:
+            type: string
+            enum: [integration, agentic_foundation, workspace_team, all]
         - name: eventType
           in: query
           description: Filter to a specific event type.
@@ -4043,6 +4062,79 @@ paths:
         "403":
           $ref: "#/components/responses/Forbidden"
 
+  /workspaces/{workspaceId}/repo-eligibility:
+    get:
+      tags: [RepositoryReadiness]
+      summary: Get repo-sync eligibility gate (defaults + per-workspace overrides)
+      description: >
+        Returns the effective repo-sync eligibility gate (archived / fork / size / count) for the
+        workspace: the global `defaults`, any per-workspace `overrides`, the merged `effective`
+        values, and whether the caller can edit without platform-admin (`canEditUnrestricted`).
+        Member-level read access.
+      operationId: getWorkspaceRepoEligibility
+      parameters:
+        - $ref: "#/components/parameters/WorkspaceId"
+      responses:
+        "200":
+          description: Effective repo-eligibility configuration
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/WorkspaceRepoEligibilityDto"
+        "401":
+          $ref: "#/components/responses/Unauthorized"
+        "403":
+          $ref: "#/components/responses/Forbidden"
+    put:
+      tags: [RepositoryReadiness]
+      summary: Set per-workspace repo-sync eligibility overrides
+      description: >
+        Set (or clear, with an empty `overrides`) the per-workspace repo-sync eligibility overrides.
+        **Platform admins** may set any value (raise caps, `0` = unlimited, include archived/forks).
+        **Workspace admins** may only make the gate *more restrictive* than the platform defaults
+        (lower caps, exclude archived/forks) — exceeding a platform limit returns `403`
+        (`repo_eligibility_bound_exceeded`). Requires workspace admin or platform admin.
+      operationId: putWorkspaceRepoEligibility
+      parameters:
+        - $ref: "#/components/parameters/WorkspaceId"
+      requestBody:
+        required: true
+        content:
+          application/json:
+            schema:
+              type: object
+              required: [overrides]
+              properties:
+                overrides:
+                  $ref: "#/components/schemas/RepoEligibilityOverridesDto"
+      responses:
+        "200":
+          description: Overrides saved
+          content:
+            application/json:
+              schema:
+                type: object
+                required: [overrides, effective]
+                properties:
+                  overrides:
+                    $ref: "#/components/schemas/RepoEligibilityOverridesDto"
+                  effective:
+                    $ref: "#/components/schemas/RepoEligibilityConfigDto"
+        "400":
+          description: Invalid request body
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/ErrorMessageDto"
+        "401":
+          $ref: "#/components/responses/Unauthorized"
+        "403":
+          description: Forbidden, or a workspace-admin value exceeds a platform limit (`repo_eligibility_bound_exceeded`)
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/ErrorMessageDto"
+
   /workspaces/{workspaceId}/readiness/cursor-key-usage:
     get:
       tags: [RepositoryReadiness]
@@ -6756,6 +6848,123 @@ components:
           format: date-time
           nullable: true
           description: Last push or metadata update from GitHub when available.
+        archived:
+          type: boolean
+          nullable: true
+          description: True when the repository is archived (read-only on GitHub).
+        fork:
+          type: boolean
+          nullable: true
+          description: True when the repository is a fork of another repository.
+        disabled:
+          type: boolean
+          nullable: true
+          description: True when the repository is disabled on GitHub.
+        size:
+          type: integer
+          nullable: true
+          description: Repository size in KB as reported by GitHub.
+        readOnly:
+          type: boolean
+          nullable: true
+          description: >
+            True when the GitHub App installation lacks push access to this repo
+            (read-only). Read-only repos are rejected during sync because readiness
+            fixes require write access.
+        ineligibleReason:
+          type: string
+          nullable: true
+          description: >
+            Set when this repo was skipped during sync due to an eligibility check.
+            The frontend should display this as an inline explanation (e.g. "This repo is archived").
+        eligibilityStatus:
+          type: string
+          enum: [eligible, ineligible]
+          nullable: true
+          description: >
+            Language-based eligibility for Agentic-Foundation readiness analysis (issue #44).
+            `ineligible` repos (no supported stack) render read-only/orange in the AF list with
+            no analyze/score/fix actions. Mixed monorepos with a supported secondary stack are
+            `eligible`. Distinct from `ineligibleReason`, which reflects the structural sync gate.
+        eligibilityReason:
+          type: string
+          nullable: true
+          description: >
+            Human-readable explanation when `eligibilityStatus` is `ineligible`
+            (e.g. "This repository's primary language (Python) is not supported in v1").
+        primaryStack:
+          type: string
+          nullable: true
+          description: >
+            Dominant supported stack (by GitHub language bytes), one of
+            backend_jvm | ios_app | web_spa | backend_go | backend_python. Null for ineligible repos.
+        secondaryStack:
+          type: string
+          nullable: true
+          description: Second supported stack for a multi-stack repo, or null.
+        supportedStacks:
+          type: array
+          nullable: true
+          items:
+            type: string
+          description: >
+            All supported stacks detected for the repo (ordered, primary first). Empty/null
+            when no supported stack is present. Drives multi-stack scanning and the orange
+            mixed-monorepo box in the AF UI.
+
+    RepoEligibilityConfigDto:
+      type: object
+      description: Resolved repo-sync eligibility gate (defaults or effective). All fields present.
+      required: [excludeArchived, excludeForks, maxRepoSizeKb, maxReposPerWorkspace]
+      properties:
+        excludeArchived:
+          type: boolean
+          description: Skip archived repos during GitHub repo sync.
+        excludeForks:
+          type: boolean
+          description: Skip forked repos. Forks are included by default.
+        maxRepoSizeKb:
+          type: integer
+          description: Max repo size in KB (GitHub-reported). 0 = no limit.
+        maxReposPerWorkspace:
+          type: integer
+          description: Max repos materialized per workspace per sync. 0 = no limit.
+
+    RepoEligibilityOverridesDto:
+      type: object
+      additionalProperties: false
+      description: >
+        Per-workspace overrides for the repo-sync eligibility gate. Any field present wins over the
+        global default; omit a field to inherit the default. An empty object clears all overrides.
+      properties:
+        excludeArchived:
+          type: boolean
+          nullable: true
+        excludeForks:
+          type: boolean
+          nullable: true
+        maxRepoSizeKb:
+          type: integer
+          minimum: 0
+          nullable: true
+        maxReposPerWorkspace:
+          type: integer
+          minimum: 0
+          nullable: true
+
+    WorkspaceRepoEligibilityDto:
+      type: object
+      required: [defaults, overrides, effective, canEditUnrestricted]
+      properties:
+        defaults:
+          $ref: "#/components/schemas/RepoEligibilityConfigDto"
+        overrides:
+          $ref: "#/components/schemas/RepoEligibilityOverridesDto"
+        effective:
+          $ref: "#/components/schemas/RepoEligibilityConfigDto"
+        canEditUnrestricted:
+          type: boolean
+          description: True when the caller is a platform admin (may set any value, incl. raising caps).
 
     GithubMissingPermissionDto:
       type: object
@@ -7784,6 +7993,33 @@ components:
           nullable: true
           enum: [github_removed, installation_disconnected, installation_replaced, superseded]
           description: Why the repo was archived. Only present when `archivedAt` is set.
+        eligibilityStatus:
+          type: string
+          enum: [eligible, ineligible]
+          nullable: true
+          description: >
+            Language-based eligibility for Agentic-Foundation analysis (#44). `ineligible` repos
+            (no v1-supported stack) render read-only/orange in the AF list with no analyze/score/fix
+            actions; the server also rejects analyze requests for them. Null until the first
+            sync/scan computes it.
+        eligibilityReason:
+          type: string
+          nullable: true
+          description: Human-readable explanation when `eligibilityStatus` is `ineligible`.
+        primaryStack:
+          type: string
+          nullable: true
+          description: Dominant supported stack — backend_jvm | ios_app | web_spa | backend_go | backend_python. Null when ineligible/uncomputed.
+        secondaryStack:
+          type: string
+          nullable: true
+          description: Second supported stack for a multi-stack repo, or null.
+        supportedStacks:
+          type: array
+          nullable: true
+          items:
+            type: string
+          description: All supported stacks detected (ordered, primary first). Empty/null when none.
 
     RepoReadinessScoreDetailDto:
       type: object
@@ -8858,18 +9094,29 @@ components:
         - readiness.scan_completed
         - readiness.scan_failed
         - readiness.scan_partial
-        - config.cursor.added
-        - config.cursor.updated
-        - config.cursor.removed
-        - config.cursor.platform_key_enabled
-        - config.cursor.platform_key_disabled
-        - config.claude.added
-        - config.claude.updated
-        - config.claude.removed
-        - config.agent_execution.provider_changed
+        - integrations.agent_execution.provider_changed
+        - integrations.repo_eligibility.overrides_changed
+        - integrations.cursor.platform_key_enabled
+        - integrations.cursor.platform_key_disabled
         - member.invited
         - member.role_changed
         - member.removed
+        - repo.sync_skipped
+        - integrations.cursor.execution_key.added
+        - integrations.cursor.execution_key.updated
+        - integrations.cursor.execution_key.removed
+        - integrations.cursor.execution_key.check_failed
+        - integrations.cursor.admin_key.added
+        - integrations.cursor.admin_key.updated
+        - integrations.cursor.admin_key.removed
+        - integrations.claude.execution_key.added
+        - integrations.claude.execution_key.updated
+        - integrations.claude.execution_key.removed
+        - integrations.claude.execution_key.check_failed
+        - integrations.claude.admin_key.added
+        - integrations.claude.admin_key.updated
+        - integrations.claude.admin_key.removed
+        - readiness.scan_precheck_failed
 
     ActivityLogActorDto:
       type: object

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@thinkai/tai-api-contract",
-  "version": "2.32.0",
+  "version": "2.32.1-pr.731.2",
   "private": false,
   "type": "module",
   "main": "dist/index.js",

package/src/generated/openapi.ts

@@ -1550,6 +1550,30 @@ export interface paths {
         patch?: never;
         trace?: never;
     };
+    "/workspaces/{workspaceId}/repo-eligibility": {
+        parameters: {
+            query?: never;
+            header?: never;
+            path?: never;
+            cookie?: never;
+        };
+        /**
+         * Get repo-sync eligibility gate (defaults + per-workspace overrides)
+         * @description Returns the effective repo-sync eligibility gate (archived / fork / size / count) for the workspace: the global `defaults`, any per-workspace `overrides`, the merged `effective` values, and whether the caller can edit without platform-admin (`canEditUnrestricted`). Member-level read access.
+         */
+        get: operations["getWorkspaceRepoEligibility"];
+        /**
+         * Set per-workspace repo-sync eligibility overrides
+         * @description Set (or clear, with an empty `overrides`) the per-workspace repo-sync eligibility overrides. **Platform admins** may set any value (raise caps, `0` = unlimited, include archived/forks). **Workspace admins** may only make the gate *more restrictive* than the platform defaults (lower caps, exclude archived/forks) — exceeding a platform limit returns `403` (`repo_eligibility_bound_exceeded`). Requires workspace admin or platform admin.
+         */
+        put: operations["putWorkspaceRepoEligibility"];
+        post?: never;
+        delete?: never;
+        options?: never;
+        head?: never;
+        patch?: never;
+        trace?: never;
+    };
     "/workspaces/{workspaceId}/readiness/cursor-key-usage": {
         parameters: {
             query?: never;
@@ -2759,6 +2783,56 @@ export interface components {
              * @description Last push or metadata update from GitHub when available.
              */
             updatedAt?: string | null;
+            /** @description True when the repository is archived (read-only on GitHub). */
+            archived?: boolean | null;
+            /** @description True when the repository is a fork of another repository. */
+            fork?: boolean | null;
+            /** @description True when the repository is disabled on GitHub. */
+            disabled?: boolean | null;
+            /** @description Repository size in KB as reported by GitHub. */
+            size?: number | null;
+            /** @description True when the GitHub App installation lacks push access to this repo (read-only). Read-only repos are rejected during sync because readiness fixes require write access. */
+            readOnly?: boolean | null;
+            /** @description Set when this repo was skipped during sync due to an eligibility check. The frontend should display this as an inline explanation (e.g. "This repo is archived"). */
+            ineligibleReason?: string | null;
+            /**
+             * @description Language-based eligibility for Agentic-Foundation readiness analysis (issue #44). `ineligible` repos (no supported stack) render read-only/orange in the AF list with no analyze/score/fix actions. Mixed monorepos with a supported secondary stack are `eligible`. Distinct from `ineligibleReason`, which reflects the structural sync gate.
+             * @enum {string|null}
+             */
+            eligibilityStatus?: "eligible" | "ineligible" | null;
+            /** @description Human-readable explanation when `eligibilityStatus` is `ineligible` (e.g. "This repository's primary language (Python) is not supported in v1"). */
+            eligibilityReason?: string | null;
+            /** @description Dominant supported stack (by GitHub language bytes), one of backend_jvm | ios_app | web_spa | backend_go | backend_python. Null for ineligible repos. */
+            primaryStack?: string | null;
+            /** @description Second supported stack for a multi-stack repo, or null. */
+            secondaryStack?: string | null;
+            /** @description All supported stacks detected for the repo (ordered, primary first). Empty/null when no supported stack is present. Drives multi-stack scanning and the orange mixed-monorepo box in the AF UI. */
+            supportedStacks?: string[] | null;
+        };
+        /** @description Resolved repo-sync eligibility gate (defaults or effective). All fields present. */
+        RepoEligibilityConfigDto: {
+            /** @description Skip archived repos during GitHub repo sync. */
+            excludeArchived: boolean;
+            /** @description Skip forked repos. Forks are included by default. */
+            excludeForks: boolean;
+            /** @description Max repo size in KB (GitHub-reported). 0 = no limit. */
+            maxRepoSizeKb: number;
+            /** @description Max repos materialized per workspace per sync. 0 = no limit. */
+            maxReposPerWorkspace: number;
+        };
+        /** @description Per-workspace overrides for the repo-sync eligibility gate. Any field present wins over the global default; omit a field to inherit the default. An empty object clears all overrides. */
+        RepoEligibilityOverridesDto: {
+            excludeArchived?: boolean | null;
+            excludeForks?: boolean | null;
+            maxRepoSizeKb?: number | null;
+            maxReposPerWorkspace?: number | null;
+        };
+        WorkspaceRepoEligibilityDto: {
+            defaults: components["schemas"]["RepoEligibilityConfigDto"];
+            overrides: components["schemas"]["RepoEligibilityOverridesDto"];
+            effective: components["schemas"]["RepoEligibilityConfigDto"];
+            /** @description True when the caller is a platform admin (may set any value, incl. raising caps). */
+            canEditUnrestricted: boolean;
         };
         GithubMissingPermissionDto: {
             /** @description GitHub App permission key (e.g. contents, pull_requests). */
@@ -3251,6 +3325,19 @@ export interface components {
              * @enum {string|null}
              */
             archivedReason?: "github_removed" | "installation_disconnected" | "installation_replaced" | "superseded" | null;
+            /**
+             * @description Language-based eligibility for Agentic-Foundation analysis (#44). `ineligible` repos (no v1-supported stack) render read-only/orange in the AF list with no analyze/score/fix actions; the server also rejects analyze requests for them. Null until the first sync/scan computes it.
+             * @enum {string|null}
+             */
+            eligibilityStatus?: "eligible" | "ineligible" | null;
+            /** @description Human-readable explanation when `eligibilityStatus` is `ineligible`. */
+            eligibilityReason?: string | null;
+            /** @description Dominant supported stack — backend_jvm | ios_app | web_spa | backend_go | backend_python. Null when ineligible/uncomputed. */
+            primaryStack?: string | null;
+            /** @description Second supported stack for a multi-stack repo, or null. */
+            secondaryStack?: string | null;
+            /** @description All supported stacks detected (ordered, primary first). Empty/null when none. */
+            supportedStacks?: string[] | null;
         };
         /** @description Single-repo detail response. Identical to RepoReadinessScoreDto except dimensions use DimensionScoreDetailDto (criteriaDetails required per dimension). */
         RepoReadinessScoreDetailDto: {
@@ -3712,7 +3799,7 @@ export interface components {
          * @description Type of workspace lifecycle event.
          * @enum {string}
          */
-        ActivityLogEventTypeDto: "repo.added" | "repo.removed" | "repo.readded" | "integration.github.added" | "integration.github.updated" | "integration.github.removed" | "integration.github.permissions_changed" | "integration.github.repo_added" | "integration.github.repo_removed" | "fix.requested" | "fix.generating" | "fix.pr_created" | "fix.merged" | "fix.failed" | "readiness.scan_started" | "readiness.scan_completed" | "readiness.scan_failed" | "readiness.scan_partial" | "config.cursor.added" | "config.cursor.updated" | "config.cursor.removed" | "config.cursor.platform_key_enabled" | "config.cursor.platform_key_disabled" | "config.claude.added" | "config.claude.updated" | "config.claude.removed" | "config.agent_execution.provider_changed" | "member.invited" | "member.role_changed" | "member.removed";
+        ActivityLogEventTypeDto: "repo.added" | "repo.removed" | "repo.readded" | "integration.github.added" | "integration.github.updated" | "integration.github.removed" | "integration.github.permissions_changed" | "integration.github.repo_added" | "integration.github.repo_removed" | "fix.requested" | "fix.generating" | "fix.pr_created" | "fix.merged" | "fix.failed" | "readiness.scan_started" | "readiness.scan_completed" | "readiness.scan_failed" | "readiness.scan_partial" | "integrations.agent_execution.provider_changed" | "integrations.repo_eligibility.overrides_changed" | "integrations.cursor.platform_key_enabled" | "integrations.cursor.platform_key_disabled" | "member.invited" | "member.role_changed" | "member.removed" | "repo.sync_skipped" | "integrations.cursor.execution_key.added" | "integrations.cursor.execution_key.updated" | "integrations.cursor.execution_key.removed" | "integrations.cursor.execution_key.check_failed" | "integrations.cursor.admin_key.added" | "integrations.cursor.admin_key.updated" | "integrations.cursor.admin_key.removed" | "integrations.claude.execution_key.added" | "integrations.claude.execution_key.updated" | "integrations.claude.execution_key.removed" | "integrations.claude.execution_key.check_failed" | "integrations.claude.admin_key.added" | "integrations.claude.admin_key.updated" | "integrations.claude.admin_key.removed" | "readiness.scan_precheck_failed";
         ActivityLogActorDto: {
             /** Format: uuid */
             userId: string;
@@ -4083,6 +4170,9 @@ export type CreateWorkspaceBodyDto = components['schemas']['CreateWorkspaceBodyD
 export type CompanyProfileDto = components['schemas']['CompanyProfileDto'];
 export type GithubAccountDto = components['schemas']['GithubAccountDto'];
 export type GithubInstalledRepoDto = components['schemas']['GithubInstalledRepoDto'];
+export type RepoEligibilityConfigDto = components['schemas']['RepoEligibilityConfigDto'];
+export type RepoEligibilityOverridesDto = components['schemas']['RepoEligibilityOverridesDto'];
+export type WorkspaceRepoEligibilityDto = components['schemas']['WorkspaceRepoEligibilityDto'];
 export type GithubMissingPermissionDto = components['schemas']['GithubMissingPermissionDto'];
 export type GithubInstallationSummaryDto = components['schemas']['GithubInstallationSummaryDto'];
 export type GithubPendingApprovalDto = components['schemas']['GithubPendingApprovalDto'];
@@ -7268,6 +7358,10 @@ export interface operations {
                 offset?: components["parameters"]["PaginationOffset"];
                 /** @description Sort direction. */
                 order?: components["parameters"]["PaginationOrder"];
+                /** @description Server-side sort column (the activity "5 W's"). Combined with `order` (asc/desc). Defaults to `when` (occurredAt). `occurredAt`/`id` is always the tiebreaker. */
+                sort?: "when" | "who" | "what" | "why" | "where";
+                /** @description Coarse product-area grouping filter (#156). `integration` = GitHub + AI-tool key events; `agentic_foundation` = repos, readiness scans, fixes; `workspace_team` = members + HRIS. Omit (or pass `all`) for every area. */
+                productArea?: "integration" | "agentic_foundation" | "workspace_team" | "all";
                 /** @description Filter to a specific event type. */
                 eventType?: components["schemas"]["ActivityLogEventTypeDto"];
                 /** @description Filter to events performed by a specific user (UUID). */
@@ -8211,6 +8305,80 @@ export interface operations {
             403: components["responses"]["Forbidden"];
         };
     };
+    getWorkspaceRepoEligibility: {
+        parameters: {
+            query?: never;
+            header?: never;
+            path: {
+                workspaceId: components["parameters"]["WorkspaceId"];
+            };
+            cookie?: never;
+        };
+        requestBody?: never;
+        responses: {
+            /** @description Effective repo-eligibility configuration */
+            200: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content: {
+                    "application/json": components["schemas"]["WorkspaceRepoEligibilityDto"];
+                };
+            };
+            401: components["responses"]["Unauthorized"];
+            403: components["responses"]["Forbidden"];
+        };
+    };
+    putWorkspaceRepoEligibility: {
+        parameters: {
+            query?: never;
+            header?: never;
+            path: {
+                workspaceId: components["parameters"]["WorkspaceId"];
+            };
+            cookie?: never;
+        };
+        requestBody: {
+            content: {
+                "application/json": {
+                    overrides: components["schemas"]["RepoEligibilityOverridesDto"];
+                };
+            };
+        };
+        responses: {
+            /** @description Overrides saved */
+            200: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content: {
+                    "application/json": {
+                        overrides: components["schemas"]["RepoEligibilityOverridesDto"];
+                        effective: components["schemas"]["RepoEligibilityConfigDto"];
+                    };
+                };
+            };
+            /** @description Invalid request body */
+            400: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content: {
+                    "application/json": components["schemas"]["ErrorMessageDto"];
+                };
+            };
+            401: components["responses"]["Unauthorized"];
+            /** @description Forbidden, or a workspace-admin value exceeds a platform limit (`repo_eligibility_bound_exceeded`) */
+            403: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content: {
+                    "application/json": components["schemas"]["ErrorMessageDto"];
+                };
+            };
+        };
+    };
     getCursorKeyUsage: {
         parameters: {
             query?: never;