npm - insforge - Versions diffs - 0.3.2 → 1.2.10 - Mend

insforge 0.3.2 → 1.2.10

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (507) hide show

package/docker-compose.prod.yml CHANGED Viewed

@@ -11,7 +11,6 @@ services:
       - postgres-data:/var/lib/postgresql/data
       - ./docker-init/db/db-init.sql:/docker-entrypoint-initdb.d/01-init.sql
       - ./docker-init/db/jwt.sql:/docker-entrypoint-initdb.d/02-jwt.sql
-      - ./docker-init/db/logs.sql:/docker-entrypoint-initdb.d/03-logs.sql
       - ./docker-init/db/postgresql.conf:/etc/postgresql/postgresql.conf
     ports:
       - "5432:5432"
@@ -35,7 +34,7 @@ services:
       PGRST_OPENAPI_SERVER_PROXY_URI: http://localhost:3000
       PGRST_DB_SCHEMA: public
       PGRST_DB_ANON_ROLE: anon
-      PGRST_JWT_SECRET: ${JWT_SECRET}
+      PGRST_JWT_SECRET: ${JWT_SECRET:-dev-secret-please-change-in-production}
     ports:
       - "5430:3000"
     depends_on:
@@ -50,6 +49,7 @@ services:
       dockerfile: Dockerfile
       args:
         VITE_API_BASE_URL: ${VITE_API_BASE_URL:-http://localhost:7130}
+        VITE_PUBLIC_POSTHOG_KEY: ${VITE_PUBLIC_POSTHOG_KEY:-}
     container_name: insforge
     depends_on:
       postgres:
@@ -57,14 +57,17 @@ services:
     ports:
       - "7130:7130"
       - "7131:7131"
+      - "7132:7132"
     environment:
       - PORT=7130
       - PROJECT_ROOT=/app
       - API_BASE_URL=${API_BASE_URL:-}
-      - JWT_SECRET=${JWT_SECRET:-dev-secret-change-in-production}
+      - JWT_SECRET=${JWT_SECRET:-dev-secret-please-change-in-production}
       - ENCRYPTION_KEY=${ENCRYPTION_KEY:-}
       - ADMIN_EMAIL=${ADMIN_EMAIL:-admin@example.com}
       - ADMIN_PASSWORD=${ADMIN_PASSWORD:-change-this-password}
+      - AWS_ACCESS_KEY_ID=${AWS_ACCESS_KEY_ID:-}
+      - AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY:-}
       # PostgreSQL connection
       - POSTGRES_HOST=postgres
       - POSTGRES_PORT=5432
@@ -78,6 +81,9 @@ services:
       # Storage Configuration
       - AWS_S3_BUCKET=${AWS_S3_BUCKET:-}
       - AWS_REGION=${AWS_REGION:-}
+      - AWS_CLOUDFRONT_URL=${AWS_CLOUDFRONT_URL:-}
+      - AWS_CLOUDFRONT_KEY_PAIR_ID=${AWS_CLOUDFRONT_KEY_PAIR_ID:-}
+      - AWS_CLOUDFRONT_PRIVATE_KEY=${AWS_CLOUDFRONT_PRIVATE_KEY:-}
       # Multi-tenant Cloud Configuration
       - DEPLOYMENT_ID=${DEPLOYMENT_ID:-}
       - PROJECT_ID=${PROJECT_ID:-}
@@ -90,6 +96,19 @@ services:
       - GOOGLE_CLIENT_SECRET=${GOOGLE_CLIENT_SECRET:-}
       - GITHUB_CLIENT_ID=${GITHUB_CLIENT_ID:-}
       - GITHUB_CLIENT_SECRET=${GITHUB_CLIENT_SECRET:-}
+      - DISCORD_CLIENT_ID=${DISCORD_CLIENT_ID:-}
+      - DISCORD_CLIENT_SECRET=${DISCORD_CLIENT_SECRET:-}
+      - MICROSOFT_CLIENT_ID=${MICROSOFT_CLIENT_ID:-}
+      - MICROSOFT_CLIENT_SECRET=${MICROSOFT_CLIENT_SECRET:-}
+      - LINKEDIN_CLIENT_ID=${LINKEDIN_CLIENT_ID:-}
+      - LINKEDIN_CLIENT_SECRET=${LINKEDIN_CLIENT_SECRET:-}
+      # Logs directory
+      - LOGS_DIR=/insforge-logs
+      # Storage directory (for local file storage when S3 is not configured)
+      - STORAGE_DIR=/insforge-storage
+    volumes:
+      - storage-data:/insforge-storage
+      - shared-logs:/insforge-logs
     restart: unless-stopped
     networks:
       - insforge-network
@@ -119,7 +138,7 @@ services:
       - WORKER_TIMEOUT_MS=${WORKER_TIMEOUT_MS:-30000}
       # Encryption keys for decrypting function secrets
       - ENCRYPTION_KEY=${ENCRYPTION_KEY}
-      - JWT_SECRET=${JWT_SECRET}
+      - JWT_SECRET=${JWT_SECRET:-dev-secret-please-change-in-production}
     volumes:
       - ./functions:/app/functions
       - deno_cache:/deno-dir
@@ -134,11 +153,48 @@ services:
     networks:
       - insforge-network
+  # Vector.dev for log collection and shipping
+  vector:
+    container_name: insforge-vector
+    image: timberio/vector:0.28.1-alpine
+    restart: unless-stopped
+    depends_on:
+      postgres:
+        condition: service_healthy
+      postgrest:
+        condition: service_started
+      insforge:
+        condition: service_started
+      deno:
+        condition: service_started
+    volumes:
+      - ./docker-init/logs/vector.yml:/etc/vector/vector.yml:ro
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+      - shared-logs:/insforge-logs
+    healthcheck:
+      test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:7135/health"]
+      timeout: 5s
+      interval: 5s
+      retries: 3
+    environment:
+      - AWS_ACCESS_KEY_ID=${AWS_ACCESS_KEY_ID:-}
+      - AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY:-}
+      - AWS_REGION=${AWS_REGION:-skip}
+      - PROJECT_ID=${PROJECT_ID:-}
+      - HOSTNAME_OVERRIDE=${HOSTNAME_OVERRIDE:-}
+    command: ["--config", "/etc/vector/vector.yml"]
+    networks:
+      - insforge-network
 volumes:
   postgres-data:
     driver: local
   deno_cache:
     driver: local
+  storage-data:
+    driver: local
+  shared-logs:
+    driver: local
 networks:
   insforge-network:

package/docker-compose.yml CHANGED Viewed

@@ -13,7 +13,6 @@ services:
       - postgres-data:/var/lib/postgresql/data
       - ./docker-init/db/db-init.sql:/docker-entrypoint-initdb.d/01-init.sql
       - ./docker-init/db/jwt.sql:/docker-entrypoint-initdb.d/02-jwt.sql
-      - ./docker-init/db/logs.sql:/docker-entrypoint-initdb.d/03-logs.sql
       - ./docker-init/db/postgresql.conf:/etc/postgresql/postgresql.conf
     ports:
       - "5432:5432"
@@ -37,7 +36,7 @@ services:
       PGRST_OPENAPI_SERVER_PROXY_URI: http://localhost:3000
       PGRST_DB_SCHEMA: public
       PGRST_DB_ANON_ROLE: anon
-      PGRST_JWT_SECRET: ${JWT_SECRET}
+      PGRST_JWT_SECRET: ${JWT_SECRET:-dev-secret-please-change-in-production}
       # Enable schema reloading via NOTIFY
       PGRST_DB_CHANNEL_ENABLED: true
       PGRST_DB_CHANNEL: pgrst
@@ -59,15 +58,18 @@ services:
     ports:
       - "7130:7130"
       - "7131:7131"
+      - "7132:7132"
     environment:
       - PORT=7130
       - PROJECT_ROOT=/app
       - API_BASE_URL=${API_BASE_URL:-}
       - VITE_API_BASE_URL=${VITE_API_BASE_URL:-}
-      - JWT_SECRET=${JWT_SECRET:-dev-secret-change-in-production}
+      - JWT_SECRET=${JWT_SECRET:-dev-secret-please-change-in-production}
       - ENCRYPTION_KEY=${ENCRYPTION_KEY:-}
       - ADMIN_EMAIL=${ADMIN_EMAIL:-admin@example.com}
       - ADMIN_PASSWORD=${ADMIN_PASSWORD:-change-this-password}
+      - AWS_ACCESS_KEY_ID=${AWS_ACCESS_KEY_ID:-}
+      - AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY:-}
       # PostgreSQL connection
       - POSTGRES_HOST=postgres
       - POSTGRES_PORT=5432
@@ -81,11 +83,15 @@ services:
       # Storage Configuration
       - AWS_S3_BUCKET=${AWS_S3_BUCKET:-}
       - AWS_REGION=${AWS_REGION:-}
+      - AWS_CLOUDFRONT_URL=${AWS_CLOUDFRONT_URL:-}
+      - AWS_CLOUDFRONT_KEY_PAIR_ID=${AWS_CLOUDFRONT_KEY_PAIR_ID:-}
+      - AWS_CLOUDFRONT_PRIVATE_KEY=${AWS_CLOUDFRONT_PRIVATE_KEY:-}
       # Multi-tenant Cloud Configuration
       - DEPLOYMENT_ID=${DEPLOYMENT_ID:-}
       - PROJECT_ID=${PROJECT_ID:-}
       - APP_KEY=${APP_KEY:-}
       - ACCESS_API_KEY=${ACCESS_API_KEY:-}
+      - CLOUD_API_HOST=${CLOUD_API_HOST:-}
       # LLM Model API keys
       - OPENROUTER_API_KEY=${OPENROUTER_API_KEY:-}
       # OAuth Configuration
@@ -93,16 +99,32 @@ services:
       - GOOGLE_CLIENT_SECRET=${GOOGLE_CLIENT_SECRET:-}
       - GITHUB_CLIENT_ID=${GITHUB_CLIENT_ID:-}
       - GITHUB_CLIENT_SECRET=${GITHUB_CLIENT_SECRET:-}
+      - DISCORD_CLIENT_ID=${DISCORD_CLIENT_ID:-}
+      - DISCORD_CLIENT_SECRET=${DISCORD_CLIENT_SECRET:-}
+      - MICROSOFT_CLIENT_ID=${MICROSOFT_CLIENT_ID:-}
+      - MICROSOFT_CLIENT_SECRET=${MICROSOFT_CLIENT_SECRET:-}
+      - LINKEDIN_CLIENT_ID=${LINKEDIN_CLIENT_ID:-}
+      - LINKEDIN_CLIENT_SECRET=${LINKEDIN_CLIENT_SECRET:-}
+      # Logs directory
+      - LOGS_DIR=/insforge-logs
+      # Storage directory (for local file storage when S3 is not configured)
+      - STORAGE_DIR=/insforge-storage
+      # Auth app URL for development proxy
+      - AUTH_APP_URL=${AUTH_APP_URL:-http://localhost:7132}
     volumes:
       - ./package.json:/app/package.json
       - ./backend:/app/backend
       - ./frontend:/app/frontend
+      - ./auth:/app/auth
       - ./shared-schemas:/app/shared-schemas
       - ./docs:/app/docs
       - node_modules:/app/node_modules
       - backend_node_modules:/app/backend/node_modules
       - frontend_node_modules:/app/frontend/node_modules
+      - auth_node_modules:/app/auth/node_modules
       - shared_schemas_node_modules:/app/shared-schemas/node_modules
+      - shared-logs:/insforge-logs
+      - storage-data:/insforge-storage
     command: sh -c "npm install && cd backend && npm run migrate:up && cd .. && npm run dev"
     restart: unless-stopped
     networks:
@@ -133,7 +155,7 @@ services:
       - WORKER_TIMEOUT_MS=${WORKER_TIMEOUT_MS:-30000}
       # Encryption keys for decrypting function secrets
       - ENCRYPTION_KEY=${ENCRYPTION_KEY}
-      - JWT_SECRET=${JWT_SECRET}
+      - JWT_SECRET=${JWT_SECRET:-dev-secret-please-change-in-production}
     volumes:
       - ./functions:/app/functions
       - deno_cache:/deno-dir
@@ -148,6 +170,39 @@ services:
     networks:
       - insforge-network
+  # Vector.dev for log collection and shipping
+  vector:
+    container_name: insforge-vector
+    image: timberio/vector:0.28.1-alpine
+    restart: unless-stopped
+    depends_on:
+      postgres:
+        condition: service_healthy
+      postgrest:
+        condition: service_started
+      insforge:
+        condition: service_started
+      deno:
+        condition: service_started
+    volumes:
+      - ./docker-init/logs/vector.yml:/etc/vector/vector.yml:ro
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+      - shared-logs:/insforge-logs
+    healthcheck:
+      test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:7135/health"]
+      timeout: 5s
+      interval: 5s
+      retries: 3
+    environment:
+      - AWS_ACCESS_KEY_ID=${AWS_ACCESS_KEY_ID:-}
+      - AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY:-}
+      - AWS_REGION=${AWS_REGION:-skip}
+      - PROJECT_ID=${PROJECT_ID:-}
+      - HOSTNAME_OVERRIDE=${HOSTNAME_OVERRIDE:-}
+    command: ["--config", "/etc/vector/vector.yml"]
+    networks:
+      - insforge-network
 volumes:
   postgres-data:
     driver: local
@@ -157,10 +212,16 @@ volumes:
     driver: local
   frontend_node_modules:
     driver: local
+  auth_node_modules:
+    driver: local
   shared_schemas_node_modules:
     driver: local
   deno_cache:
     driver: local
+  shared-logs:
+    driver: local
+  storage-data:
+    driver: local
 networks:
   insforge-network:

package/docker-init/db/db-init.sql CHANGED Viewed

@@ -16,31 +16,8 @@ GRANT USAGE ON SCHEMA public TO project_admin;
 GRANT USAGE, SELECT ON ALL SEQUENCES IN SCHEMA public TO project_admin;
 -- Grant permissions to roles
--- NOTICE: The anon role is intended for unauthenticated users, so it should only have read access.
-GRANT SELECT ON ALL TABLES IN SCHEMA public TO anon;
-ALTER DEFAULT PRIVILEGES IN SCHEMA public
-  GRANT SELECT ON TABLES TO anon;
-GRANT SELECT ON ALL TABLES IN SCHEMA public TO authenticated;
-ALTER DEFAULT PRIVILEGES IN SCHEMA public
-  GRANT SELECT ON TABLES TO authenticated;
-GRANT INSERT ON ALL TABLES IN SCHEMA public TO authenticated;
-ALTER DEFAULT PRIVILEGES IN SCHEMA public
-  GRANT INSERT ON TABLES TO authenticated;
-GRANT UPDATE ON ALL TABLES IN SCHEMA public TO authenticated;
-ALTER DEFAULT PRIVILEGES IN SCHEMA public
-  GRANT UPDATE ON TABLES TO authenticated;
-GRANT DELETE ON ALL TABLES IN SCHEMA public TO authenticated;
-ALTER DEFAULT PRIVILEGES IN SCHEMA public
-  GRANT DELETE ON TABLES TO authenticated;
-GRANT SELECT, INSERT, UPDATE, DELETE ON ALL TABLES IN SCHEMA public TO project_admin;
-ALTER DEFAULT PRIVILEGES IN SCHEMA public
-  GRANT SELECT, INSERT, UPDATE, DELETE ON TABLES TO project_admin;
+GRANT SELECT, INSERT, UPDATE, DELETE ON ALL TABLES IN SCHEMA public TO anon, authenticated, project_admin;
+ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT, INSERT, UPDATE, DELETE ON TABLES TO anon, authenticated, project_admin;
 -- Create function to automatically create RLS policies for new tables
 CREATE OR REPLACE FUNCTION public.create_default_policies()
 RETURNS event_trigger AS $$
@@ -65,12 +42,8 @@ BEGIN
       AND tablename = table_name;
     -- Only create policies if RLS is enabled
     IF has_rls THEN
-      -- Create policies for each role
-      -- anon: read-only access
-      EXECUTE format('CREATE POLICY "anon_policy" ON %s FOR SELECT TO anon USING (true)', obj.object_identity);
-      -- authenticated: full access
-      EXECUTE format('CREATE POLICY "authenticated_policy" ON %s FOR ALL TO authenticated USING (true) WITH CHECK (true)', obj.object_identity);
-      -- project_admin: full access
+      -- Create policy for project_admin role only
+      -- Users must define their own policies for anon and authenticated roles
       EXECUTE format('CREATE POLICY "project_admin_policy" ON %s FOR ALL TO project_admin USING (true) WITH CHECK (true)', obj.object_identity);
     END IF;
   END LOOP;
@@ -109,9 +82,8 @@ BEGIN
       WHERE schemaname = table_schema
         AND tablename = table_name
     ) THEN
-      -- Create default policies
-      EXECUTE format('CREATE POLICY "anon_policy" ON %s FOR SELECT TO anon USING (true)', obj.object_identity);
-      EXECUTE format('CREATE POLICY "authenticated_policy" ON %s FOR ALL TO authenticated USING (true) WITH CHECK (true)', obj.object_identity);
+      -- Create policy for project_admin role only
+      -- Users must define their own policies for anon and authenticated roles
       EXECUTE format('CREATE POLICY "project_admin_policy" ON %s FOR ALL TO project_admin USING (true) WITH CHECK (true)', obj.object_identity);
     END IF;
   END LOOP;

package/docker-init/logs/vector.yml ADDED Viewed

@@ -0,0 +1,236 @@
+api:
+  enabled: true
+  address: 0.0.0.0:7135
+sources:
+  docker_host:
+    type: docker_logs
+    exclude_containers:
+      - insforge-vector
+    include_containers:
+      - insforge
+      - insforge-deno
+      - insforge-postgrest
+      - insforge-postgres
+transforms:
+  project_logs:
+    type: remap
+    inputs:
+      - docker_host
+    source: |-
+      .project = "default"
+      .event_message = del(.message)
+      # Remove leading slash from container name if present
+      container = to_string!(del(.container_name))
+      if starts_with(container, "/") {
+          .appname = slice!(container, 1)
+      } else {
+          .appname = container
+      }
+      del(.container_created_at)
+      del(.container_id)
+      del(.source_type)
+      del(.stream)
+      del(.label)
+      del(.image)
+      del(.host)
+      del(.stream)
+  router:
+    type: route
+    inputs:
+      - project_logs
+    route:
+      insforge: '.appname == "insforge"'
+      deno: '.appname == "insforge-deno"'
+      rest: '.appname == "insforge-postgrest"'
+      db: '.appname == "insforge-postgres"'
+      realtime: '.appname == "insforge-realtime"'
+  # PostgREST logs with proper parsing
+  rest_logs:
+    type: remap
+    inputs:
+      - router.rest
+    source: |-
+      # .metadata.host = .project
+      # Parse PostgREST log format: DD/Mon/YYYY:HH:MM:SS +ZZZZ: message
+      parsed, err = parse_regex(.event_message, r'^(?P<time>\d{2}/\w{3}/\d{4}:\d{2}:\d{2}:\d{2} [+-]\d{4}): (?P<msg>.*)$')
+      if err == null && parsed != null {
+          .event_message = parsed.msg
+          .metadata.level = "info"
+      } else {
+          # If parsing fails, keep original message
+          .metadata.level = "info"
+      }
+  # InsForge logs are structured JSON, parse and handle both request logs and application logs
+  insforge_logs:
+    type: remap
+    inputs:
+      - router.insforge
+    source: |-
+      # Remove the [backend] prefix if present
+      .event_message = replace!(.event_message, r'^\[backend\] ', "")
+      req, err = parse_json(.event_message)
+      if err == null {
+          # Set timestamp from log
+          if req.timestamp != null {
+              .timestamp = to_timestamp!(req.timestamp)
+          }
+          # Set log level
+          .metadata.level = req.level
+          # Check if this is a request log (has duration field)
+          if req.duration != null {
+              # Flatten request log fields to top level
+              .user_agent = req.userAgent
+              .ip = req.ip
+              .method = req.method
+              .path = req.path
+              .protocol = "HTTP/1.1"
+              .status_code = req.status
+              .size = req.size
+              .duration = req.duration
+              # Format as nginx-style log line
+              .event_message = join!([req.method, req.path, to_string!(req.status), to_string!(req.size), req.duration, "-", req.ip, "-", req.userAgent], " ")
+              .log_type = "request"
+          } else {
+              # This is an application log
+              .event_message = join!([req.level, req.message], " - ")
+              .log_type = "application"
+              if req.error != null {
+                  .error = req.error
+              }
+              if req.stack != null {
+                  .stack = req.stack
+              }
+          }
+      }
+  realtime_logs:
+    type: remap
+    inputs:
+      - router.realtime
+    source: |-
+      parsed, err = parse_regex(.event_message, r'^(?P<time>\d+:\d+:\d+\.\d+) \[(?P<level>\w+)\] (?P<msg>.*)$')
+      if err == null {
+          .event_message = parsed.msg
+          .metadata.level = parsed.level
+      }
+  deno_logs:
+    type: remap
+    inputs:
+      - router.deno
+    source: |-
+      parsed, err = parse_regex(.event_message, r'^(?P<time>\d+:\d+:\d+\.\d+) \[(?P<level>\w+)\] (?P<msg>.*)$')
+      if err == null {
+          .event_message = parsed.msg
+          .timestamp = to_timestamp!(parsed.time)
+          .metadata.level = upcase!(parsed.level)
+          # .metadata.host = .project
+      }
+  # Postgres logs with proper parsing
+  db_logs:
+    type: remap
+    inputs:
+      - router.db
+    source: |-
+      # .metadata.host = "db-default"
+      # Parse PostgreSQL log format: YYYY-MM-DD HH:MM:SS.SSS TZ [PID] LEVEL: message
+      parsed, err = parse_regex(.event_message, r'^(?P<time>\d{4}-\d{2}-\d{2} \d{2}:\d{2}:\d{2}\.\d{3}) (?P<tz>\w+) \[(?P<pid>\d+)\] (?P<level>LOG|ERROR|WARNING|INFO|NOTICE|FATAL|PANIC|STATEMENT|DETAIL): (?P<msg>.*)$')
+      if err == null && parsed != null {
+          .metadata.parsed.pid = parsed.pid
+          .metadata.level = upcase!(parsed.level)
+          .event_message = parsed.msg
+          # Normalize STATEMENT and DETAIL to appropriate log levels
+          if .metadata.level == "STATEMENT" {
+              .metadata.level = "INFO"
+          }
+          if .metadata.level == "DETAIL" {
+              .metadata.level = "INFO"
+          }
+      } else {
+          # If parsing fails, keep original message and set default severity
+          .metadata.level = "LOG"
+      }
+sinks:
+  # File sinks - JSONL format for FileProvider (always enabled)
+  file_insforge:
+    type: 'file'
+    inputs:
+      - insforge_logs
+    path: '/insforge-logs/insforge.logs.jsonl'
+    encoding:
+      codec: 'json'
+  file_deno:
+    type: 'file'
+    inputs:
+      - deno_logs
+    path: '/insforge-logs/function.logs.jsonl'
+    encoding:
+      codec: 'json'
+  file_rest:
+    type: 'file'
+    inputs:
+      - rest_logs
+    path: '/insforge-logs/postgrest.logs.jsonl'
+    encoding:
+      codec: 'json'
+  file_db:
+    type: 'file'
+    inputs:
+      - db_logs
+    path: '/insforge-logs/postgres.logs.jsonl'
+    encoding:
+      codec: 'json'
+  # CloudWatch sinks (ignored if AWS_REGION not set)
+  cw_insforge:
+    type: aws_cloudwatch_logs
+    inputs:
+      - insforge_logs
+    region: ${AWS_REGION:-skip}
+    group_name: /insforge/local
+    stream_name: ${HOSTNAME_OVERRIDE:-local}-insforge-vector
+    encoding:
+      codec: json
+    healthcheck:
+      enabled: false
+  cw_rest:
+    type: aws_cloudwatch_logs
+    inputs:
+      - rest_logs
+    region: ${AWS_REGION:-skip}
+    group_name: /insforge/local
+    stream_name: ${HOSTNAME_OVERRIDE:-local}-postgrest-vector
+    encoding:
+      codec: json
+    healthcheck:
+      enabled: false
+  cw_deno:
+    type: aws_cloudwatch_logs
+    inputs:
+      - deno_logs
+    region: ${AWS_REGION:-skip}
+    group_name: /insforge/local
+    stream_name: ${HOSTNAME_OVERRIDE:-local}-function-vector
+    encoding:
+      codec: json
+    healthcheck:
+      enabled: false
+  cw_db:
+    type: aws_cloudwatch_logs
+    inputs:
+      - db_logs
+    region: ${AWS_REGION:-skip}
+    group_name: /insforge/local
+    stream_name: ${HOSTNAME_OVERRIDE:-local}-postgres-vector
+    encoding:
+      codec: json
+    healthcheck:
+      enabled: false

package/docs/README.md ADDED Viewed

@@ -0,0 +1,44 @@
+# Mintlify Starter Kit
+Use the starter kit to get your docs deployed and ready to customize.
+Click the green **Use this template** button at the top of this repo to copy the Mintlify starter kit. The starter kit contains examples with
+- Guide pages
+- Navigation
+- Customizations
+- API reference pages
+- Use of popular components
+**[Follow the full quickstart guide](https://starter.mintlify.com/quickstart)**
+## Development
+Install the [Mintlify CLI](https://www.npmjs.com/package/mint) to preview your documentation changes locally. To install, use the following command:
+```
+npm i -g mint
+```
+Run the following command at the root of your documentation, where your `docs.json` is located:
+```
+mint dev
+```
+View your local preview at `http://localhost:3000`.
+## Publishing changes
+Install our GitHub app from your [dashboard](https://dashboard.mintlify.com/settings/organization/github-app) to propagate changes from your repo to your deployment. Changes are deployed to production automatically after pushing to the default branch.
+## Need help?
+### Troubleshooting
+- If your dev environment isn't running: Run `mint update` to ensure you have the most recent version of the CLI.
+- If a page loads as a 404: Make sure you are running in a folder with a valid `docs.json`.
+### Resources
+- [Mintlify documentation](https://mintlify.com/docs)
+- [Mintlify community](https://mintlify.com/community)

package/docs/changelog.mdx ADDED Viewed

@@ -0,0 +1,67 @@
+---
+title: "Changelog"
+description: "Latest updates and improvements to InsForge"
+---
+## November 2025
+<AccordionGroup>
+  <Accordion title="November 30, 2025" icon="rocket">
+    ### QuickStart Prompts & Templates
+    Get started faster with our new quickstart prompts and templates for common apps. Builders can now start with one click and get a fullstack app running in **5 minutes**.
+    <img src="/images/changelog/nov-2025/quickstart-prompts.webp" alt="QuickStart Prompts and Templates" />
+    ### Auth Components
+    Drop-in prebuilt React auth components for your app. Get a working auth flow right away with social sign-on support built in by default.
+    <img src="/images/changelog/nov-2025/auth-components.webp" alt="Auth Components with Social Sign-on" />
+    ### Database Metadata Dashboard
+    View your RLS policies, triggers, functions, and indexes all in one place. This makes debugging and understanding your project security much easier.
+    <img src="/images/changelog/nov-2025/database-metadata.webp" alt="Database Metadata Dashboard" />
+    ### SQL Editor
+    Run SQL queries directly in the InsForge dashboard. No external tools required.
+    <img src="/images/changelog/nov-2025/sql-editor.webp" alt="SQL Editor in Dashboard" />
+    ### Usage Page
+    A new dashboard section that displays a clear breakdown of your resource usage and what your plan includes.
+    <img src="/images/changelog/nov-2025/usage-page.webp" alt="Usage Page Dashboard" />
+  </Accordion>
+</AccordionGroup>
+## October 2025
+<AccordionGroup>
+  <Accordion title="October 30, 2025" icon="rocket">
+    ### OAuth: 4 New Third-Party Providers
+    You can now enable third-party logins with **LinkedIn, Microsoft, Facebook, and Discord**. On InsForge Cloud, we provide shared credentials for developers who want to quickly test these login flows.
+    After enabling, you can implement these logins directly through your agent by sending a simple prompt:
+    ```text
+    implement Discord login
+    ```
+    <img src="/images/changelog/october-2025/oauth-providers.webp" alt="OAuth Providers - LinkedIn, Microsoft, Facebook, and Discord" />
+    ### Import CSV to Your Table
+    You can now upload `.csv` files directly into any table from the dashboard. Perfect for bringing in sample data or migrating from other tools.
+    <img src="/images/changelog/october-2025/csv-upload.webp" alt="CSV Upload to Tables Feature" />
+    ### InsForge.js SDK
+    We've released our **insforge-js SDK** to make it easier for developers to integrate InsForge into their workflows. Manage auth, query databases, and control your backend programmatically with a few lines of code.
+    **Repository:** [GitHub](https://github.com/InsForge/InsForge-sdk-js)
+    ### Logs
+    The new logs page lets you monitor container logs in real time. You can watch your backend activity directly in the dashboard, or let AI coding agents query logs through the InsForge MCP to automatically debug and search for errors.
+    <img src="/images/changelog/october-2025/logs-feature.webp" alt="Real-time Logs Monitoring Feature" />
+  </Accordion>
+</AccordionGroup>