syntaur 0.1.14 → 0.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +5 -0
- package/dashboard/dist/assets/{_basePickBy-eih-KlEh.js → _basePickBy-BhaCV7eH.js} +1 -1
- package/dashboard/dist/assets/{_baseUniq-M21wg9ZQ.js → _baseUniq-CDPcqrs2.js} +1 -1
- package/dashboard/dist/assets/{arc-uKZMelpQ.js → arc-BP0RxLwl.js} +1 -1
- package/dashboard/dist/assets/{architectureDiagram-2XIMDMQ5-CpMG5exj.js → architectureDiagram-2XIMDMQ5-BDzvaeJp.js} +1 -1
- package/dashboard/dist/assets/{blockDiagram-WCTKOSBZ-BHnCCKl_.js → blockDiagram-WCTKOSBZ-ZeL9mROo.js} +1 -1
- package/dashboard/dist/assets/{c4Diagram-IC4MRINW-B-n3zU9i.js → c4Diagram-IC4MRINW-7S5bvFLp.js} +1 -1
- package/dashboard/dist/assets/channel-CcB_wcgb.js +1 -0
- package/dashboard/dist/assets/{chunk-4BX2VUAB-ChD9Iuih.js → chunk-4BX2VUAB-Ca7R4nv5.js} +1 -1
- package/dashboard/dist/assets/{chunk-55IACEB6-B3vP9Psg.js → chunk-55IACEB6-flEv13FB.js} +1 -1
- package/dashboard/dist/assets/{chunk-FMBD7UC4-CIhWgxPS.js → chunk-FMBD7UC4-CfcYWBM6.js} +1 -1
- package/dashboard/dist/assets/{chunk-JSJVCQXG-DiGIV_cB.js → chunk-JSJVCQXG-Dw4yL0VS.js} +1 -1
- package/dashboard/dist/assets/{chunk-KX2RTZJC-DnGsx5jo.js → chunk-KX2RTZJC-B2cDe40G.js} +1 -1
- package/dashboard/dist/assets/{chunk-NQ4KR5QH-BFBu1fmg.js → chunk-NQ4KR5QH-LZVm0IWg.js} +1 -1
- package/dashboard/dist/assets/{chunk-QZHKN3VN-DYtumHth.js → chunk-QZHKN3VN-Dg0EeHNI.js} +1 -1
- package/dashboard/dist/assets/{chunk-WL4C6EOR-BzCrQPuw.js → chunk-WL4C6EOR-v3rXNwXc.js} +1 -1
- package/dashboard/dist/assets/classDiagram-VBA2DB6C-BJr38z2g.js +1 -0
- package/dashboard/dist/assets/classDiagram-v2-RAHNMMFH-BJr38z2g.js +1 -0
- package/dashboard/dist/assets/clone-Cfs2GUGt.js +1 -0
- package/dashboard/dist/assets/{cose-bilkent-S5V4N54A-Bl8mb5eY.js → cose-bilkent-S5V4N54A-D-3JzLoS.js} +1 -1
- package/dashboard/dist/assets/{dagre-KLK3FWXG-BHffcOgo.js → dagre-KLK3FWXG-d_mbczhU.js} +1 -1
- package/dashboard/dist/assets/{diagram-E7M64L7V-Ib83qzT_.js → diagram-E7M64L7V-BUyAp8pW.js} +1 -1
- package/dashboard/dist/assets/{diagram-IFDJBPK2-hOdh63_T.js → diagram-IFDJBPK2-C8doXcyQ.js} +1 -1
- package/dashboard/dist/assets/{diagram-P4PSJMXO-D4ocLmc5.js → diagram-P4PSJMXO-BUSmHa55.js} +1 -1
- package/dashboard/dist/assets/{erDiagram-INFDFZHY-CHJ6zqnJ.js → erDiagram-INFDFZHY-Bn5_0LPU.js} +1 -1
- package/dashboard/dist/assets/{flowDiagram-PKNHOUZH-DEz5g2Ye.js → flowDiagram-PKNHOUZH-CnEjerQM.js} +1 -1
- package/dashboard/dist/assets/{ganttDiagram-A5KZAMGK-BSftxDHA.js → ganttDiagram-A5KZAMGK-CL94fbyy.js} +1 -1
- package/dashboard/dist/assets/{gitGraphDiagram-K3NZZRJ6-Cr3vGf07.js → gitGraphDiagram-K3NZZRJ6-4i_PeG8V.js} +1 -1
- package/dashboard/dist/assets/{graph-D4us8trI.js → graph-BtoFhoAd.js} +1 -1
- package/dashboard/dist/assets/index-DZUGYrvE.css +1 -0
- package/dashboard/dist/assets/index-Dv_-SxuL.js +481 -0
- package/dashboard/dist/assets/{infoDiagram-LFFYTUFH-CH_jVfru.js → infoDiagram-LFFYTUFH-CdUsuNgZ.js} +1 -1
- package/dashboard/dist/assets/{ishikawaDiagram-PHBUUO56-BdKLa5GC.js → ishikawaDiagram-PHBUUO56-BjggRlUx.js} +1 -1
- package/dashboard/dist/assets/{journeyDiagram-4ABVD52K-C_SMzNGF.js → journeyDiagram-4ABVD52K-V4AgexlR.js} +1 -1
- package/dashboard/dist/assets/{kanban-definition-K7BYSVSG-BeA-egRW.js → kanban-definition-K7BYSVSG-ChlylQRf.js} +1 -1
- package/dashboard/dist/assets/{layout-B8tDmL4j.js → layout-DLcz9AmA.js} +1 -1
- package/dashboard/dist/assets/{linear-CeGJyrHS.js → linear-l2xnSHze.js} +1 -1
- package/dashboard/dist/assets/{mermaid.core-DyEs-LPd.js → mermaid.core-DKO1ytRW.js} +4 -4
- package/dashboard/dist/assets/{mindmap-definition-YRQLILUH-DCxzAr8m.js → mindmap-definition-YRQLILUH-DTmTPHrT.js} +1 -1
- package/dashboard/dist/assets/{pieDiagram-SKSYHLDU-CEj5dRDi.js → pieDiagram-SKSYHLDU-CwK80y8Y.js} +1 -1
- package/dashboard/dist/assets/{quadrantDiagram-337W2JSQ-CKfvAEQg.js → quadrantDiagram-337W2JSQ-Be1xqW_w.js} +1 -1
- package/dashboard/dist/assets/{requirementDiagram-Z7DCOOCP-CTRqKPtJ.js → requirementDiagram-Z7DCOOCP-JcspXCs0.js} +1 -1
- package/dashboard/dist/assets/{sankeyDiagram-WA2Y5GQK-BlYbz8UR.js → sankeyDiagram-WA2Y5GQK-nJb1BInq.js} +1 -1
- package/dashboard/dist/assets/{sequenceDiagram-2WXFIKYE-PT2t7ryQ.js → sequenceDiagram-2WXFIKYE-DUrclEgA.js} +1 -1
- package/dashboard/dist/assets/{stateDiagram-RAJIS63D-eDX7IUuV.js → stateDiagram-RAJIS63D-CjinnNtF.js} +1 -1
- package/dashboard/dist/assets/stateDiagram-v2-FVOUBMTO-yfclw-nM.js +1 -0
- package/dashboard/dist/assets/{timeline-definition-YZTLITO2-By11B1Ow.js → timeline-definition-YZTLITO2-kM-oVLNz.js} +1 -1
- package/dashboard/dist/assets/{treemap-KZPCXAKY-rvdLeWWV.js → treemap-KZPCXAKY-CYziFlrQ.js} +1 -1
- package/dashboard/dist/assets/{vennDiagram-LZ73GAT5-Br_oZ1wv.js → vennDiagram-LZ73GAT5-DX0DbxBN.js} +1 -1
- package/dashboard/dist/assets/{xychartDiagram-JWTSCODW-D-MWVqrT.js → xychartDiagram-JWTSCODW-BGqM42ZM.js} +1 -1
- package/dashboard/dist/index.html +2 -2
- package/dist/dashboard/server.d.ts +6 -1
- package/dist/dashboard/server.js +2427 -1089
- package/dist/dashboard/server.js.map +1 -1
- package/dist/index.js +6139 -2624
- package/dist/index.js.map +1 -1
- package/examples/playbooks/keep-records-updated.md +15 -9
- package/examples/playbooks/read-before-plan.md +13 -10
- package/examples/{sample-mission → sample-project}/_index-assignments.md +1 -1
- package/examples/{sample-mission → sample-project}/_index-decisions.md +1 -1
- package/examples/{sample-mission → sample-project}/_index-plans.md +1 -1
- package/examples/{sample-mission → sample-project}/_status.md +4 -4
- package/examples/{sample-mission → sample-project}/assignments/design-auth-schema/assignment.md +8 -18
- package/examples/sample-project/assignments/design-auth-schema/comments.md +26 -0
- package/examples/sample-project/assignments/design-auth-schema/progress.md +20 -0
- package/examples/{sample-mission → sample-project}/assignments/implement-jwt-middleware/assignment.md +8 -18
- package/examples/sample-project/assignments/implement-jwt-middleware/comments.md +17 -0
- package/examples/sample-project/assignments/implement-jwt-middleware/progress.md +20 -0
- package/examples/{sample-mission → sample-project}/assignments/write-auth-tests/assignment.md +8 -9
- package/examples/sample-project/assignments/write-auth-tests/comments.md +10 -0
- package/examples/sample-project/assignments/write-auth-tests/progress.md +10 -0
- package/examples/{sample-mission → sample-project}/manifest.md +3 -3
- package/examples/{sample-mission → sample-project}/memories/_index.md +2 -2
- package/examples/{sample-mission → sample-project}/memories/postgres-connection-pooling.md +1 -1
- package/examples/{sample-mission → sample-project}/resources/_index.md +1 -1
- package/package.json +5 -3
- package/platforms/README.md +7 -7
- package/platforms/claude-code/README.md +1 -1
- package/platforms/claude-code/agents/syntaur-expert.md +94 -66
- package/platforms/claude-code/commands/doctor-syntaur/doctor-syntaur.md +112 -0
- package/platforms/claude-code/commands/track-session/track-session.md +8 -8
- package/platforms/claude-code/hooks/enforce-boundaries.sh +4 -4
- package/platforms/claude-code/hooks/hooks.json +1 -1
- package/platforms/claude-code/hooks/session-cleanup.sh +5 -5
- package/platforms/claude-code/references/file-ownership.md +20 -8
- package/platforms/claude-code/references/protocol-summary.md +24 -9
- package/platforms/claude-code/skills/complete-assignment/SKILL.md +35 -17
- package/platforms/claude-code/skills/create-assignment/SKILL.md +22 -19
- package/platforms/claude-code/skills/grab-assignment/SKILL.md +56 -49
- package/platforms/claude-code/skills/plan-assignment/SKILL.md +57 -10
- package/platforms/claude-code/skills/syntaur-protocol/SKILL.md +38 -24
- package/platforms/codex/.codex-plugin/plugin.json +3 -3
- package/platforms/codex/README.md +1 -1
- package/platforms/codex/adapters/AGENTS.md.template +3 -3
- package/platforms/codex/agents/openai.yaml +2 -2
- package/platforms/codex/agents/syntaur-operator.md +58 -43
- package/platforms/codex/references/file-ownership.md +19 -8
- package/platforms/codex/references/protocol-summary.md +28 -9
- package/platforms/codex/scripts/enforce-boundaries.sh +2 -2
- package/platforms/codex/scripts/session-cleanup.sh +2 -2
- package/platforms/codex/skills/complete-assignment/SKILL.md +7 -6
- package/platforms/codex/skills/create-assignment/SKILL.md +18 -12
- package/platforms/codex/skills/grab-assignment/SKILL.md +30 -20
- package/platforms/codex/skills/plan-assignment/SKILL.md +19 -11
- package/platforms/codex/skills/syntaur-protocol/SKILL.md +46 -28
- package/platforms/cursor/README.md +1 -1
- package/platforms/cursor/adapters/syntaur-protocol.mdc +1 -1
- package/platforms/opencode/README.md +1 -1
- package/platforms/opencode/adapters/opencode.json.template +1 -1
- package/dashboard/dist/assets/channel-DVBgSlOI.js +0 -1
- package/dashboard/dist/assets/classDiagram-VBA2DB6C-B7dxBacd.js +0 -1
- package/dashboard/dist/assets/classDiagram-v2-RAHNMMFH-B7dxBacd.js +0 -1
- package/dashboard/dist/assets/clone-DAOrHcCC.js +0 -1
- package/dashboard/dist/assets/index-AXntWS_w.css +0 -1
- package/dashboard/dist/assets/index-CEMjexkj.js +0 -460
- package/dashboard/dist/assets/stateDiagram-v2-FVOUBMTO--yuSBnLh.js +0 -1
- package/examples/sample-mission/agent.md +0 -33
- package/examples/sample-mission/claude.md +0 -13
- package/platforms/claude-code/skills/create-mission/SKILL.md +0 -51
- package/platforms/codex/skills/create-mission/SKILL.md +0 -35
- /package/examples/{sample-mission → sample-project}/assignments/design-auth-schema/decision-record.md +0 -0
- /package/examples/{sample-mission → sample-project}/assignments/design-auth-schema/handoff.md +0 -0
- /package/examples/{sample-mission → sample-project}/assignments/design-auth-schema/plan.md +0 -0
- /package/examples/{sample-mission → sample-project}/assignments/design-auth-schema/scratchpad.md +0 -0
- /package/examples/{sample-mission → sample-project}/assignments/implement-jwt-middleware/decision-record.md +0 -0
- /package/examples/{sample-mission → sample-project}/assignments/implement-jwt-middleware/handoff.md +0 -0
- /package/examples/{sample-mission → sample-project}/assignments/implement-jwt-middleware/plan.md +0 -0
- /package/examples/{sample-mission → sample-project}/assignments/implement-jwt-middleware/scratchpad.md +0 -0
- /package/examples/{sample-mission → sample-project}/assignments/write-auth-tests/decision-record.md +0 -0
- /package/examples/{sample-mission → sample-project}/assignments/write-auth-tests/handoff.md +0 -0
- /package/examples/{sample-mission → sample-project}/assignments/write-auth-tests/plan.md +0 -0
- /package/examples/{sample-mission → sample-project}/assignments/write-auth-tests/scratchpad.md +0 -0
- /package/examples/{sample-mission/mission.md → sample-project/project.md} +0 -0
- /package/examples/{sample-mission → sample-project}/resources/auth-requirements.md +0 -0
|
@@ -1,10 +1,10 @@
|
|
|
1
1
|
---
|
|
2
2
|
name: "Keep Records Updated"
|
|
3
3
|
slug: keep-records-updated
|
|
4
|
-
description: "Agents must keep assignment.md
|
|
4
|
+
description: "Agents must keep assignment.md criteria, progress.md, and related records current in real-time"
|
|
5
5
|
when_to_use: "After every meaningful action, when completing acceptance criteria, when starting or stopping work"
|
|
6
6
|
created: "2026-04-02T00:00:00Z"
|
|
7
|
-
updated: "2026-04-
|
|
7
|
+
updated: "2026-04-20T00:00:00Z"
|
|
8
8
|
tags:
|
|
9
9
|
- protocol
|
|
10
10
|
- recordkeeping
|
|
@@ -13,18 +13,24 @@ tags:
|
|
|
13
13
|
# Keep Records Updated
|
|
14
14
|
|
|
15
15
|
## After every meaningful action:
|
|
16
|
-
-
|
|
17
|
-
-
|
|
18
|
-
-
|
|
16
|
+
- Append a new entry to `progress.md` with what you did
|
|
17
|
+
- Progress entries live in `progress.md` (reverse-chronological order, newest first with a `## <ISO 8601 timestamp>` heading). Do NOT add a `## Progress` section to `assignment.md` — that section is removed as of protocol v2.0.
|
|
18
|
+
- Bump `entryCount` and `updated` in `progress.md`'s frontmatter.
|
|
19
19
|
|
|
20
20
|
## When you complete an acceptance criterion:
|
|
21
|
-
- Check it off in the `## Acceptance Criteria` section immediately
|
|
21
|
+
- Check it off in the `## Acceptance Criteria` section of `assignment.md` immediately
|
|
22
22
|
- Do not batch these up -- mark them as you go
|
|
23
23
|
|
|
24
|
+
## When you have a question, note, or piece of feedback:
|
|
25
|
+
- Run `syntaur comment <slug-or-uuid> "body" --type question|note|feedback [--reply-to <id>]`
|
|
26
|
+
- Never edit `comments.md` directly — all writes are CLI-mediated
|
|
27
|
+
- Questions carry a `resolved` flag that can be toggled from the dashboard
|
|
28
|
+
|
|
24
29
|
## When starting work:
|
|
25
|
-
-
|
|
26
|
-
- If
|
|
30
|
+
- Append an entry to `progress.md` noting you've begun and what your approach is
|
|
31
|
+
- If any plan files exist (plan.md, plan-v2.md, ...), update their task checkboxes as you complete steps
|
|
27
32
|
|
|
28
33
|
## When stopping or handing off:
|
|
29
|
-
-
|
|
34
|
+
- Append a final entry to `progress.md` summarizing current state
|
|
35
|
+
- Write a structured handoff entry in `handoff.md`
|
|
30
36
|
- Note anything the next agent needs to know
|
|
@@ -1,10 +1,10 @@
|
|
|
1
1
|
---
|
|
2
2
|
name: "Read Before You Plan"
|
|
3
3
|
slug: read-before-plan
|
|
4
|
-
description: "Agents must read all
|
|
5
|
-
when_to_use: "Before creating or modifying plan.md"
|
|
4
|
+
description: "Agents must read all project context files before creating or modifying a plan"
|
|
5
|
+
when_to_use: "Before creating or modifying any plan file (plan.md, plan-v2.md, ...)"
|
|
6
6
|
created: "2026-04-02T00:00:00Z"
|
|
7
|
-
updated: "2026-04-
|
|
7
|
+
updated: "2026-04-20T00:00:00Z"
|
|
8
8
|
tags:
|
|
9
9
|
- protocol
|
|
10
10
|
- planning
|
|
@@ -12,16 +12,19 @@ tags:
|
|
|
12
12
|
|
|
13
13
|
# Read Before You Plan
|
|
14
14
|
|
|
15
|
-
Before creating or modifying plan.md, read these files in order:
|
|
15
|
+
Before creating or modifying any plan file (plan.md, plan-v2.md, ...), read these files in order:
|
|
16
16
|
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
17
|
+
For project-nested assignments:
|
|
18
|
+
1. `manifest.md` -- understand the project structure
|
|
19
|
+
2. `project.md` -- understand the goal and scope
|
|
20
|
+
3. `assignment.md` -- understand your specific task, acceptance criteria, and dependencies. Frontmatter includes `project: <slug> | null` and `type: <classification> | null`.
|
|
21
|
+
4. `progress.md` (if exists) -- reverse-chron log of what has been done on this assignment
|
|
22
|
+
5. `comments.md` (if exists) -- open questions, notes, and feedback
|
|
22
23
|
6. `handoff.md` (if exists) -- understand what previous agents did and learned
|
|
23
24
|
7. `decision-record.md` (if exists) -- understand past decisions and their rationale
|
|
24
25
|
|
|
26
|
+
For standalone assignments (at `~/.syntaur/assignments/<uuid>/`), skip `manifest.md` and `project.md` — those only exist for project-nested assignments.
|
|
27
|
+
|
|
25
28
|
Do NOT skip files because you think you know what's in them. Context from prior agents is often critical.
|
|
26
29
|
|
|
27
|
-
If the assignment has `dependsOn` entries, read those assignments too --
|
|
30
|
+
If the assignment has `dependsOn` entries, read those assignments too -- and read **their** `decision-record.md` first. Upstream decisions are binding constraints you must not silently contradict. (The grab-assignment skill auto-loads these.)
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
---
|
|
2
|
-
|
|
2
|
+
project: build-auth-system
|
|
3
3
|
generated: "2026-03-18T14:30:00Z"
|
|
4
4
|
status: active
|
|
5
5
|
progress:
|
|
@@ -13,10 +13,10 @@ progress:
|
|
|
13
13
|
needsAttention:
|
|
14
14
|
blockedCount: 0
|
|
15
15
|
failedCount: 0
|
|
16
|
-
|
|
16
|
+
openQuestions: 1
|
|
17
17
|
---
|
|
18
18
|
|
|
19
|
-
#
|
|
19
|
+
# Project Status: Build Authentication System
|
|
20
20
|
|
|
21
21
|
**Status:** active
|
|
22
22
|
**Progress:** 1/3 assignments complete
|
|
@@ -44,4 +44,4 @@ graph TD
|
|
|
44
44
|
|
|
45
45
|
- **0 blocked** assignments
|
|
46
46
|
- **0 failed** assignments
|
|
47
|
-
- **1
|
|
47
|
+
- **1 open** question in [implement-jwt-middleware/comments.md](./assignments/implement-jwt-middleware/comments.md)
|
package/examples/{sample-mission → sample-project}/assignments/design-auth-schema/assignment.md
RENAMED
|
@@ -2,6 +2,8 @@
|
|
|
2
2
|
id: d1e2f3a4-b5c6-7890-abcd-111111111111
|
|
3
3
|
slug: design-auth-schema
|
|
4
4
|
title: Design Auth Database Schema
|
|
5
|
+
project: build-auth-system
|
|
6
|
+
type: feature
|
|
5
7
|
status: completed
|
|
6
8
|
priority: high
|
|
7
9
|
created: "2026-03-15T09:30:00Z"
|
|
@@ -32,30 +34,18 @@ Design the PostgreSQL database schema for the authentication system. This includ
|
|
|
32
34
|
- [x] All tables have appropriate indexes for query patterns
|
|
33
35
|
- [x] Migration scripts are idempotent and backward-compatible
|
|
34
36
|
|
|
35
|
-
##
|
|
36
|
-
|
|
37
|
-
This is the foundational data layer for the auth system. The schema must support the JWT middleware (implement-jwt-middleware) and be testable (write-auth-tests). See [Auth Requirements](../../resources/auth-requirements.md) for functional specs.
|
|
38
|
-
|
|
39
|
-
## Questions & Answers
|
|
37
|
+
## Todos
|
|
40
38
|
|
|
41
|
-
|
|
42
|
-
**Asked:** 2026-03-16T10:00:00Z
|
|
43
|
-
**A:** Use UUIDs (v4). They avoid enumeration attacks and simplify future sharding. Generate them in the application layer, not the database.
|
|
39
|
+
- [x] Execute [plan](./plan.md)
|
|
44
40
|
|
|
45
|
-
##
|
|
46
|
-
|
|
47
|
-
### 2026-03-17T10:00:00Z
|
|
48
|
-
Completed all migration scripts and schema design. Final schema includes three tables: `users`, `sessions`, and `refresh_tokens`. Added composite index on `sessions(user_id, revoked_at)` for the active-session lookup query. All migrations tested against a clean database. Ready for handoff to JWT middleware implementation.
|
|
49
|
-
|
|
50
|
-
### 2026-03-16T14:00:00Z
|
|
51
|
-
Draft schema complete for users and sessions tables. Working on refresh token rotation tracking. Decided to add a `token_family` column to detect reuse of old refresh tokens.
|
|
41
|
+
## Context
|
|
52
42
|
|
|
53
|
-
|
|
54
|
-
Started schema design. Reviewed auth requirements document. Planning three tables: users, sessions, refresh_tokens.
|
|
43
|
+
This is the foundational data layer for the auth system. The schema must support the JWT middleware (implement-jwt-middleware) and be testable (write-auth-tests). See [Auth Requirements](../../resources/auth-requirements.md) for functional specs.
|
|
55
44
|
|
|
56
45
|
## Links
|
|
57
46
|
|
|
58
|
-
- [
|
|
47
|
+
- [Progress](./progress.md)
|
|
48
|
+
- [Comments](./comments.md)
|
|
59
49
|
- [Scratchpad](./scratchpad.md)
|
|
60
50
|
- [Handoff](./handoff.md)
|
|
61
51
|
- [Decision Record](./decision-record.md)
|
|
@@ -0,0 +1,26 @@
|
|
|
1
|
+
---
|
|
2
|
+
assignment: design-auth-schema
|
|
3
|
+
entryCount: 2
|
|
4
|
+
generated: "2026-03-17T10:00:00Z"
|
|
5
|
+
updated: "2026-03-16T10:05:00Z"
|
|
6
|
+
---
|
|
7
|
+
|
|
8
|
+
# Comments
|
|
9
|
+
|
|
10
|
+
## c-1
|
|
11
|
+
|
|
12
|
+
**Recorded:** 2026-03-16T10:00:00Z
|
|
13
|
+
**Author:** claude-2
|
|
14
|
+
**Type:** question
|
|
15
|
+
**Resolved:** true
|
|
16
|
+
|
|
17
|
+
Should we use UUIDs or auto-incrementing integers for user IDs?
|
|
18
|
+
|
|
19
|
+
## c-2
|
|
20
|
+
|
|
21
|
+
**Recorded:** 2026-03-16T10:05:00Z
|
|
22
|
+
**Author:** human
|
|
23
|
+
**Type:** note
|
|
24
|
+
**Reply to:** c-1
|
|
25
|
+
|
|
26
|
+
Use UUIDs (v4). They avoid enumeration attacks and simplify future sharding. Generate them in the application layer, not the database.
|
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
---
|
|
2
|
+
assignment: design-auth-schema
|
|
3
|
+
entryCount: 3
|
|
4
|
+
generated: "2026-03-16T09:30:00Z"
|
|
5
|
+
updated: "2026-03-17T10:00:00Z"
|
|
6
|
+
---
|
|
7
|
+
|
|
8
|
+
# Progress
|
|
9
|
+
|
|
10
|
+
## 2026-03-17T10:00:00Z
|
|
11
|
+
|
|
12
|
+
Completed all migration scripts and schema design. Final schema includes three tables: `users`, `sessions`, and `refresh_tokens`. Added composite index on `sessions(user_id, revoked_at)` for the active-session lookup query. All migrations tested against a clean database. Ready for handoff to JWT middleware implementation.
|
|
13
|
+
|
|
14
|
+
## 2026-03-16T14:00:00Z
|
|
15
|
+
|
|
16
|
+
Draft schema complete for users and sessions tables. Working on refresh token rotation tracking. Decided to add a `token_family` column to detect reuse of old refresh tokens.
|
|
17
|
+
|
|
18
|
+
## 2026-03-16T09:30:00Z
|
|
19
|
+
|
|
20
|
+
Started schema design. Reviewed auth requirements document. Planning three tables: users, sessions, refresh_tokens.
|
|
@@ -2,6 +2,8 @@
|
|
|
2
2
|
id: d1e2f3a4-b5c6-7890-abcd-222222222222
|
|
3
3
|
slug: implement-jwt-middleware
|
|
4
4
|
title: Implement JWT Authentication Middleware
|
|
5
|
+
project: build-auth-system
|
|
6
|
+
type: feature
|
|
5
7
|
status: in_progress
|
|
6
8
|
priority: high
|
|
7
9
|
created: "2026-03-15T09:30:00Z"
|
|
@@ -36,30 +38,18 @@ Implement Express.js middleware that validates JWT access tokens on protected ro
|
|
|
36
38
|
- [ ] Token revocation endpoint (logout)
|
|
37
39
|
- [ ] Role-based route guards (admin vs user)
|
|
38
40
|
|
|
39
|
-
##
|
|
40
|
-
|
|
41
|
-
Depends on the database schema from [design-auth-schema](../design-auth-schema/assignment.md). The schema is complete — see the [handoff notes](../design-auth-schema/handoff.md) for integration details. Key table: `sessions` with `jti` column for token validation. See [Auth Requirements](../../resources/auth-requirements.md) for full specs.
|
|
42
|
-
|
|
43
|
-
## Questions & Answers
|
|
41
|
+
## Todos
|
|
44
42
|
|
|
45
|
-
|
|
46
|
-
**Asked:** 2026-03-18T11:00:00Z
|
|
47
|
-
**A:** pending
|
|
43
|
+
- [ ] Execute [plan](./plan.md)
|
|
48
44
|
|
|
49
|
-
##
|
|
50
|
-
|
|
51
|
-
### 2026-03-18T14:30:00Z
|
|
52
|
-
Implemented role-based route guard middleware (`requireRole`). Working on the refresh token endpoint next. The token generation and basic validation middleware are working and passing manual tests. Need to wire up the refresh token rotation logic using the `token_family` pattern from the schema design.
|
|
53
|
-
|
|
54
|
-
### 2026-03-18T10:00:00Z
|
|
55
|
-
JWT validation middleware is functional. It extracts the token from the Authorization header, verifies the RS256 signature, checks expiry, and looks up the `jti` in the sessions table to confirm the session is not revoked. Added proper error responses for expired, invalid, and revoked tokens.
|
|
45
|
+
## Context
|
|
56
46
|
|
|
57
|
-
|
|
58
|
-
Started implementation. Set up RS256 key pair loading from environment variables. Implemented `generateAccessToken` and `generateRefreshToken` functions. Created the login endpoint that authenticates with bcrypt and returns both tokens.
|
|
47
|
+
Depends on the database schema from [design-auth-schema](../design-auth-schema/assignment.md). The schema is complete — see the [handoff notes](../design-auth-schema/handoff.md) for integration details. Key table: `sessions` with `jti` column for token validation. See [Auth Requirements](../../resources/auth-requirements.md) for full specs.
|
|
59
48
|
|
|
60
49
|
## Links
|
|
61
50
|
|
|
62
|
-
- [
|
|
51
|
+
- [Progress](./progress.md)
|
|
52
|
+
- [Comments](./comments.md)
|
|
63
53
|
- [Scratchpad](./scratchpad.md)
|
|
64
54
|
- [Handoff](./handoff.md)
|
|
65
55
|
- [Decision Record](./decision-record.md)
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
---
|
|
2
|
+
assignment: implement-jwt-middleware
|
|
3
|
+
entryCount: 1
|
|
4
|
+
generated: "2026-03-18T11:00:00Z"
|
|
5
|
+
updated: "2026-03-18T11:00:00Z"
|
|
6
|
+
---
|
|
7
|
+
|
|
8
|
+
# Comments
|
|
9
|
+
|
|
10
|
+
## c-1
|
|
11
|
+
|
|
12
|
+
**Recorded:** 2026-03-18T11:00:00Z
|
|
13
|
+
**Author:** claude-1
|
|
14
|
+
**Type:** question
|
|
15
|
+
**Resolved:** false
|
|
16
|
+
|
|
17
|
+
Should the refresh token endpoint require the old access token or just the refresh token?
|
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
---
|
|
2
|
+
assignment: implement-jwt-middleware
|
|
3
|
+
entryCount: 3
|
|
4
|
+
generated: "2026-03-17T10:30:00Z"
|
|
5
|
+
updated: "2026-03-18T14:30:00Z"
|
|
6
|
+
---
|
|
7
|
+
|
|
8
|
+
# Progress
|
|
9
|
+
|
|
10
|
+
## 2026-03-18T14:30:00Z
|
|
11
|
+
|
|
12
|
+
Implemented role-based route guard middleware (`requireRole`). Working on the refresh token endpoint next. The token generation and basic validation middleware are working and passing manual tests. Need to wire up the refresh token rotation logic using the `token_family` pattern from the schema design.
|
|
13
|
+
|
|
14
|
+
## 2026-03-18T10:00:00Z
|
|
15
|
+
|
|
16
|
+
JWT validation middleware is functional. It extracts the token from the Authorization header, verifies the RS256 signature, checks expiry, and looks up the `jti` in the sessions table to confirm the session is not revoked. Added proper error responses for expired, invalid, and revoked tokens.
|
|
17
|
+
|
|
18
|
+
## 2026-03-17T10:30:00Z
|
|
19
|
+
|
|
20
|
+
Started implementation. Set up RS256 key pair loading from environment variables. Implemented `generateAccessToken` and `generateRefreshToken` functions. Created the login endpoint that authenticates with bcrypt and returns both tokens.
|
package/examples/{sample-mission → sample-project}/assignments/write-auth-tests/assignment.md
RENAMED
|
@@ -2,6 +2,8 @@
|
|
|
2
2
|
id: d1e2f3a4-b5c6-7890-abcd-333333333333
|
|
3
3
|
slug: write-auth-tests
|
|
4
4
|
title: Write Auth System Tests
|
|
5
|
+
project: build-auth-system
|
|
6
|
+
type: feature
|
|
5
7
|
status: pending
|
|
6
8
|
priority: medium
|
|
7
9
|
created: "2026-03-15T09:30:00Z"
|
|
@@ -34,21 +36,18 @@ Write comprehensive unit and integration tests for the authentication system, co
|
|
|
34
36
|
- [ ] Edge case tests: expired tokens, revoked sessions, refresh token reuse detection
|
|
35
37
|
- [ ] Coverage report showing 80%+ line coverage
|
|
36
38
|
|
|
37
|
-
##
|
|
38
|
-
|
|
39
|
-
This assignment depends on [implement-jwt-middleware](../implement-jwt-middleware/assignment.md) being completed. Tests will cover both the schema layer (from design-auth-schema) and the middleware/endpoint layer (from implement-jwt-middleware). Use Jest as the test framework with `supertest` for HTTP integration tests.
|
|
39
|
+
## Todos
|
|
40
40
|
|
|
41
|
-
|
|
41
|
+
- [ ] Execute [plan](./plan.md)
|
|
42
42
|
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
## Progress
|
|
43
|
+
## Context
|
|
46
44
|
|
|
47
|
-
|
|
45
|
+
This assignment depends on [implement-jwt-middleware](../implement-jwt-middleware/assignment.md) being completed. Tests will cover both the schema layer (from design-auth-schema) and the middleware/endpoint layer (from implement-jwt-middleware). Use Jest as the test framework with `supertest` for HTTP integration tests.
|
|
48
46
|
|
|
49
47
|
## Links
|
|
50
48
|
|
|
51
|
-
- [
|
|
49
|
+
- [Progress](./progress.md)
|
|
50
|
+
- [Comments](./comments.md)
|
|
52
51
|
- [Scratchpad](./scratchpad.md)
|
|
53
52
|
- [Handoff](./handoff.md)
|
|
54
53
|
- [Decision Record](./decision-record.md)
|
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
---
|
|
2
2
|
version: "1.0"
|
|
3
|
-
|
|
3
|
+
project: build-auth-system
|
|
4
4
|
generated: "2026-03-18T14:30:00Z"
|
|
5
5
|
---
|
|
6
6
|
|
|
7
|
-
#
|
|
7
|
+
# Project: build-auth-system
|
|
8
8
|
|
|
9
9
|
## Overview
|
|
10
|
-
- [
|
|
10
|
+
- [Project Overview](./project.md)
|
|
11
11
|
|
|
12
12
|
## Indexes
|
|
13
13
|
- [Assignments](./_index-assignments.md)
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
---
|
|
2
|
-
|
|
2
|
+
project: build-auth-system
|
|
3
3
|
generated: "2026-03-18T14:30:00Z"
|
|
4
4
|
total: 1
|
|
5
5
|
---
|
|
@@ -8,4 +8,4 @@ total: 1
|
|
|
8
8
|
|
|
9
9
|
| Name | Source | Scope | Source Assignment | Updated |
|
|
10
10
|
|------|--------|-------|------------------|---------|
|
|
11
|
-
| [postgres-connection-pooling](./postgres-connection-pooling.md) | claude-2 |
|
|
11
|
+
| [postgres-connection-pooling](./postgres-connection-pooling.md) | claude-2 | project | design-auth-schema | 2026-03-17T09:00:00Z |
|
package/package.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "syntaur",
|
|
3
|
-
"version": "0.
|
|
4
|
-
"description": "
|
|
3
|
+
"version": "0.3.0",
|
|
4
|
+
"description": "Project workflow CLI with dashboard, Claude Code plugin, and Codex plugin",
|
|
5
5
|
"homepage": "https://github.com/prong-horn/syntaur#readme",
|
|
6
6
|
"repository": {
|
|
7
7
|
"type": "git",
|
|
@@ -40,7 +40,9 @@
|
|
|
40
40
|
"typecheck": "tsc --noEmit",
|
|
41
41
|
"test": "vitest run",
|
|
42
42
|
"test:watch": "vitest",
|
|
43
|
-
"prepublishOnly": "npm run build && npm ci --prefix dashboard && npm run build --prefix dashboard"
|
|
43
|
+
"prepublishOnly": "npm run build && npm ci --prefix dashboard && npm run build --prefix dashboard",
|
|
44
|
+
"try": "node scripts/try.mjs",
|
|
45
|
+
"untry": "npm unlink -g syntaur && npm install -g syntaur@latest && echo '\\n✓ global syntaur restored to latest published version'"
|
|
44
46
|
},
|
|
45
47
|
"engines": {
|
|
46
48
|
"node": ">=20.0.0"
|
package/platforms/README.md
CHANGED
|
@@ -16,16 +16,16 @@ format expected by the target framework.
|
|
|
16
16
|
|
|
17
17
|
```bash
|
|
18
18
|
# Generate Cursor adapter files in the current directory
|
|
19
|
-
syntaur setup-adapter cursor --
|
|
19
|
+
syntaur setup-adapter cursor --project <project-slug> --assignment <assignment-slug>
|
|
20
20
|
|
|
21
21
|
# Generate Codex adapter files
|
|
22
|
-
syntaur setup-adapter codex --
|
|
22
|
+
syntaur setup-adapter codex --project <project-slug> --assignment <assignment-slug>
|
|
23
23
|
|
|
24
24
|
# Generate OpenCode adapter files
|
|
25
|
-
syntaur setup-adapter opencode --
|
|
25
|
+
syntaur setup-adapter opencode --project <project-slug> --assignment <assignment-slug>
|
|
26
26
|
|
|
27
27
|
# Overwrite existing files
|
|
28
|
-
syntaur setup-adapter cursor --
|
|
28
|
+
syntaur setup-adapter cursor --project my-project --assignment my-task --force
|
|
29
29
|
```
|
|
30
30
|
|
|
31
31
|
## What Gets Generated
|
|
@@ -35,8 +35,8 @@ All adapters embed equivalent protocol knowledge:
|
|
|
35
35
|
- **Write boundary rules** (which files the agent can and cannot modify)
|
|
36
36
|
- **Assignment lifecycle states** and valid transitions
|
|
37
37
|
- **CLI commands** for state transitions (`syntaur start`, `syntaur complete`, etc.)
|
|
38
|
-
- **Reading order** for
|
|
39
|
-
- **Current assignment context** (
|
|
38
|
+
- **Reading order** for project and assignment files
|
|
39
|
+
- **Current assignment context** (project slug, assignment slug, paths)
|
|
40
40
|
|
|
41
41
|
## Contributing a New Adapter
|
|
42
42
|
|
|
@@ -46,7 +46,7 @@ To add support for a new framework:
|
|
|
46
46
|
reference file showing the format. This is documentation, not a runtime asset.
|
|
47
47
|
|
|
48
48
|
2. **Create a TypeScript renderer** in `src/templates/<framework>.ts`:
|
|
49
|
-
- Define a params interface with `
|
|
49
|
+
- Define a params interface with `projectSlug`, `assignmentSlug`, `projectDir`, `assignmentDir`
|
|
50
50
|
- Export a render function returning the file content as a string
|
|
51
51
|
- Embed protocol knowledge directly in the template literal (do not read files at runtime)
|
|
52
52
|
|
|
@@ -4,7 +4,7 @@ Syntaur plugin for Claude Code. Installed automatically during `syntaur setup`.
|
|
|
4
4
|
|
|
5
5
|
## What's included
|
|
6
6
|
|
|
7
|
-
- **Skills:** grab-assignment, plan-assignment, complete-assignment, create-
|
|
7
|
+
- **Skills:** grab-assignment, plan-assignment, complete-assignment, create-project, create-assignment, syntaur-protocol
|
|
8
8
|
- **Agents:** syntaur-protocol (background)
|
|
9
9
|
- **Hooks:** write boundary enforcement (PreToolUse)
|
|
10
10
|
- **Commands:** track-session
|