npm - jat-feedback - Versions diffs - 2.0.0 → 3.0.0 - Mend

jat-feedback 2.0.0 → 3.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

package/README.md +176 -25
package/dist/jat-feedback.js +42 -37
package/dist/jat-feedback.mjs +3155 -2987
package/package.json +3 -2
package/routes/README.md +45 -0
package/routes/tasks/+page.server.ts +45 -0
package/routes/tasks/+page.svelte +513 -0
package/supabase/functions/jat-webhook/index.ts +53 -22
package/supabase/migrations/3.0.0_rename_to_project_tasks.sql +170 -0

package/supabase/functions/jat-webhook/index.ts CHANGED Viewed

@@ -4,6 +4,12 @@ import { createClient } from "https://esm.sh/@supabase/supabase-js@2"
 const supabaseUrl = Deno.env.get("SUPABASE_URL")!
 const supabaseServiceKey = Deno.env.get("SUPABASE_SERVICE_ROLE_KEY")!
+// JAT sends the project's JWT service role key as the Bearer token.
+// On newer Supabase projects, SUPABASE_SERVICE_ROLE_KEY in the runtime
+// may use the sb_secret_ format instead of the JWT format. JAT_WEBHOOK_SECRET
+// is a custom secret set to the JWT service role key for those projects.
+const webhookSecret = Deno.env.get("JAT_WEBHOOK_SECRET") || supabaseServiceKey
 /**
  * JAT Webhook — generic status-sync endpoint.
  *
@@ -12,24 +18,34 @@ const supabaseServiceKey = Deno.env.get("SUPABASE_SERVICE_ROLE_KEY")!
  * `supabase/functions/jat-webhook/` directory and deploy it.
  *
  * Deploy:
- *   supabase functions deploy jat-webhook
+ *   supabase functions deploy jat-webhook --no-verify-jwt
+ *
+ * Setup (if auth fails with "Invalid authorization"):
+ *   Your project's SUPABASE_SERVICE_ROLE_KEY runtime var may use the
+ *   new sb_secret_ format. Set JAT_WEBHOOK_SECRET to the JWT service
+ *   role key from your project's API settings:
  *
- * Expected payload from JAT ingest daemon:
+ *   supabase secrets set JAT_WEBHOOK_SECRET="eyJhbG..."
+ *
+ * Expected payload:
  * {
  *   source: "jat",
  *   event: "status_changed" | "task_closed",
- *   reference_table: "feedback_reports",
+ *   reference_table: "project_tasks",
  *   reference_id: "uuid-of-row",
  *   data: {
  *     status: "in_progress" | "completed" | ...,
  *     task_id: "myproject-abc",
- *     notes?: "optional developer note"
+ *     notes?: "optional developer note",
+ *     issue_type?: "bug" | "feature" | "task" | "epic",
+ *     assignee?: "agent or user name",
+ *     labels?: ["label1", "label2"],
+ *     due_date?: "2026-04-01T00:00:00Z",
+ *     source?: "jat"
  *   }
  * }
  *
- * Auth: Bearer token must match the Supabase service role key.
- * SUPABASE_URL and SUPABASE_SERVICE_ROLE_KEY are injected automatically
- * by Supabase when the function runs — no configuration needed.
+ * Auth: Bearer token must match JAT_WEBHOOK_SECRET or SUPABASE_SERVICE_ROLE_KEY.
  *
  * integrations.json callback config:
  * {
@@ -41,7 +57,7 @@ const supabaseServiceKey = Deno.env.get("SUPABASE_SERVICE_ROLE_KEY")!
  *       "in_progress": "in_progress",
  *       "closed": "completed"
  *     },
- *     "referenceTable": "feedback_reports",
+ *     "referenceTable": "project_tasks",
  *     "referenceIdFrom": "item_id"
  *   }
  * }
@@ -56,12 +72,19 @@ interface WebhookPayload {
     status?: string
     task_id?: string
     notes?: string
+    issue_type?: string
+    assignee?: string
+    labels?: string[]
+    due_date?: string
+    source?: string
   }
 }
 // Tables and the columns that JAT is allowed to update.
 // Add more tables here if you want JAT to sync status for other record types.
+// "feedback_reports" kept as alias for backward compat with pre-v3 callers.
 const TABLE_CONFIG: Record<string, { statusCol: string; taskIdCol: string }> = {
+  project_tasks: { statusCol: "status", taskIdCol: "jat_task_id" },
   feedback_reports: { statusCol: "status", taskIdCol: "jat_task_id" },
 }
@@ -82,7 +105,7 @@ Deno.serve(async (req) => {
     })
   }
   const token = authHeader.slice(7)
-  if (token !== supabaseServiceKey) {
+  if (token !== webhookSecret && token !== supabaseServiceKey) {
     return new Response(JSON.stringify({ error: "Invalid authorization" }), {
       status: 403,
       headers: { "Content-Type": "application/json" },
@@ -116,11 +139,19 @@ Deno.serve(async (req) => {
     )
   }
+  // Resolve actual table name — "feedback_reports" alias maps to "project_tasks"
+  const actualTable = reference_table === "feedback_reports" ? "project_tasks" : reference_table
   // Build the update object from the payload fields
   const update: Record<string, unknown> = {}
   if (data.status) update[config.statusCol] = data.status
   if (data.task_id) update[config.taskIdCol] = data.task_id
   if (data.notes) update.dev_notes = data.notes
+  if (data.issue_type) update.issue_type = data.issue_type
+  if (data.assignee) update.assignee = data.assignee
+  if (data.labels) update.labels = data.labels
+  if (data.due_date) update.due_date = data.due_date
+  if (data.source) update.source = data.source
   if (Object.keys(update).length === 0) {
     return new Response(
@@ -130,30 +161,30 @@ Deno.serve(async (req) => {
   }
   const supabase = createClient(supabaseUrl, supabaseServiceKey)
-  const { data, error } = await supabase
-    .from(reference_table)
+  const result = await supabase
+    .from(actualTable)
     .update(update)
     .eq("id", reference_id)
     .select("id")
-  if (error) {
-    console.error(`JAT webhook failed: ${error.message}`, {
-      reference_table,
+  if (result.error) {
+    console.error(`JAT webhook failed: ${result.error.message}`, {
+      table: actualTable,
       reference_id,
       update,
     })
     return new Response(
-      JSON.stringify({ error: `Update failed: ${error.message}` }),
+      JSON.stringify({ error: `Update failed: ${result.error.message}` }),
       { status: 500, headers: { "Content-Type": "application/json" } },
     )
   }
-  if (!data || data.length === 0) {
-    console.warn(`JAT webhook: no rows matched ${reference_table}[${reference_id}]`, update)
+  if (!result.data || result.data.length === 0) {
+    console.warn(`JAT webhook: no rows matched ${actualTable}[${reference_id}]`, update)
     return new Response(
       JSON.stringify({
-        error: `No rows matched: ${reference_table} id=${reference_id}`,
-        table: reference_table,
+        error: `No rows matched: ${actualTable} id=${reference_id}`,
+        table: actualTable,
         id: reference_id,
         rowsAffected: 0,
       }),
@@ -161,15 +192,15 @@ Deno.serve(async (req) => {
     )
   }
-  console.log(`JAT webhook: ${event} → ${reference_table}[${reference_id}] (${data.length} row(s))`, update)
+  console.log(`JAT webhook: ${event} → ${actualTable}[${reference_id}] (${result.data.length} row(s))`, update)
   return new Response(
     JSON.stringify({
       success: true,
-      table: reference_table,
+      table: actualTable,
       id: reference_id,
       updated: update,
-      rowsAffected: data.length,
+      rowsAffected: result.data.length,
     }),
     { status: 200, headers: { "Content-Type": "application/json" } },
   )

package/supabase/migrations/3.0.0_rename_to_project_tasks.sql ADDED Viewed

@@ -0,0 +1,170 @@
+-- jat-feedback v3.0.0 — rename feedback_reports → project_tasks + extend schema
+--
+-- BREAKING CHANGE: This migration renames the core table and adds new columns
+-- for unified task management (feedback + JAT tasks + manual entries).
+--
+-- Apply as a new migration in your project:
+--   cp node_modules/jat-feedback/supabase/migrations/3.0.0_rename_to_project_tasks.sql \
+--      supabase/migrations/$(date +%Y%m%d%H%M%S)_feedback_3_0_0.sql
+--   supabase db push
+--
+-- Prerequisites: 1.0.0, 1.1.0, 1.8.0 migrations must already be applied.
+-- ============================================================================
+-- 1. Rename table
+-- ============================================================================
+ALTER TABLE feedback_reports RENAME TO project_tasks;
+-- Rename type → source_type to avoid confusion with issue_type
+ALTER TABLE project_tasks RENAME COLUMN type TO source_type;
+-- ============================================================================
+-- 2. Add new columns
+-- ============================================================================
+-- Source of the task: feedback widget, JAT task sync, or manual creation
+ALTER TABLE project_tasks ADD COLUMN source TEXT DEFAULT 'feedback'
+  CHECK (source IN ('feedback', 'jat', 'manual'));
+-- Issue classification (extends the original bug/enhancement/other type)
+ALTER TABLE project_tasks ADD COLUMN issue_type TEXT DEFAULT 'bug'
+  CHECK (issue_type IN ('bug', 'feature', 'task', 'epic'));
+-- Assignment and scheduling
+ALTER TABLE project_tasks ADD COLUMN assignee TEXT;
+ALTER TABLE project_tasks ADD COLUMN due_date TIMESTAMPTZ;
+-- Labels for flexible categorization
+ALTER TABLE project_tasks ADD COLUMN labels TEXT[];
+-- Self-referential parent for hierarchical tasks (epics → children)
+ALTER TABLE project_tasks ADD COLUMN parent_id UUID REFERENCES project_tasks(id);
+-- Updated timestamp
+ALTER TABLE project_tasks ADD COLUMN updated_at TIMESTAMPTZ DEFAULT now();
+-- ============================================================================
+-- 3. Auto-update updated_at trigger
+-- ============================================================================
+CREATE OR REPLACE FUNCTION update_project_tasks_updated_at()
+RETURNS TRIGGER AS $$
+BEGIN
+  NEW.updated_at = now();
+  RETURN NEW;
+END;
+$$ LANGUAGE plpgsql;
+CREATE TRIGGER project_tasks_updated_at
+  BEFORE UPDATE ON project_tasks
+  FOR EACH ROW
+  EXECUTE FUNCTION update_project_tasks_updated_at();
+-- ============================================================================
+-- 4. Create project_tasks_comments table
+-- ============================================================================
+CREATE TABLE IF NOT EXISTS project_tasks_comments (
+  id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
+  task_id UUID NOT NULL REFERENCES project_tasks(id) ON DELETE CASCADE,
+  author TEXT NOT NULL,
+  author_role TEXT DEFAULT 'user',
+  text TEXT NOT NULL DEFAULT '',
+  created_at TIMESTAMPTZ DEFAULT now()
+);
+CREATE INDEX idx_project_tasks_comments_task
+  ON project_tasks_comments(task_id, created_at);
+-- RLS for comments
+ALTER TABLE project_tasks_comments ENABLE ROW LEVEL SECURITY;
+CREATE POLICY "Authenticated users can insert comments"
+  ON project_tasks_comments FOR INSERT TO authenticated
+  WITH CHECK (true);
+CREATE POLICY "Authenticated users can read comments"
+  ON project_tasks_comments FOR SELECT TO authenticated
+  USING (true);
+CREATE POLICY "Service role full access to comments"
+  ON project_tasks_comments FOR ALL TO service_role
+  USING (true) WITH CHECK (true);
+-- ============================================================================
+-- 5. Rename indexes (drop old, create new)
+-- ============================================================================
+-- The table rename does NOT automatically rename indexes.
+DROP INDEX IF EXISTS idx_feedback_reports_new;
+DROP INDEX IF EXISTS idx_feedback_reports_rejected;
+DROP INDEX IF EXISTS idx_feedback_reports_reporter;
+DROP INDEX IF EXISTS idx_feedback_reports_completed;
+-- Recreate with new names
+CREATE INDEX idx_project_tasks_new
+  ON project_tasks(status, jat_task_id)
+  WHERE status = 'submitted' AND jat_task_id IS NULL;
+CREATE INDEX idx_project_tasks_rejected
+  ON project_tasks(status)
+  WHERE status = 'rejected';
+CREATE INDEX idx_project_tasks_reporter
+  ON project_tasks(reporter_user_id, created_at DESC);
+CREATE INDEX idx_project_tasks_completed
+  ON project_tasks(reporter_user_id, status)
+  WHERE status = 'completed';
+-- ============================================================================
+-- 6. New indexes for extended schema
+-- ============================================================================
+-- Filter by source (feedback vs jat vs manual)
+CREATE INDEX idx_project_tasks_source
+  ON project_tasks(source);
+-- Parent-child lookups
+CREATE INDEX idx_project_tasks_parent
+  ON project_tasks(parent_id)
+  WHERE parent_id IS NOT NULL;
+-- Assignee lookups
+CREATE INDEX idx_project_tasks_assignee
+  ON project_tasks(assignee)
+  WHERE assignee IS NOT NULL;
+-- Due date ordering
+CREATE INDEX idx_project_tasks_due_date
+  ON project_tasks(due_date)
+  WHERE due_date IS NOT NULL;
+-- ============================================================================
+-- 7. Update RLS policies (rename references from feedback_reports)
+-- ============================================================================
+-- Drop old policies (they reference the old table name internally)
+DROP POLICY IF EXISTS "Authenticated users can insert feedback" ON project_tasks;
+DROP POLICY IF EXISTS "Users can read own feedback reports" ON project_tasks;
+DROP POLICY IF EXISTS "Users can respond to own completed feedback" ON project_tasks;
+DROP POLICY IF EXISTS "Service role full access to feedback" ON project_tasks;
+-- Recreate with updated names
+CREATE POLICY "Authenticated users can insert project tasks"
+  ON project_tasks FOR INSERT TO authenticated
+  WITH CHECK (true);
+CREATE POLICY "Users can read own project tasks"
+  ON project_tasks FOR SELECT TO authenticated
+  USING (reporter_user_id = auth.uid());
+CREATE POLICY "Users can update own project tasks"
+  ON project_tasks FOR UPDATE TO authenticated
+  USING (reporter_user_id = auth.uid())
+  WITH CHECK (reporter_user_id = auth.uid());
+CREATE POLICY "Service role full access to project tasks"
+  ON project_tasks FOR ALL TO service_role
+  USING (true) WITH CHECK (true);