thumbgate 1.0.0 → 1.2.0

package/scripts/statusline-links.js

@@ -0,0 +1,238 @@
+#!/usr/bin/env node
+'use strict';
+
+const fs = require('fs');
+const os = require('os');
+const path = require('path');
+const http = require('http');
+const { spawn } = require('child_process');
+
+const { getHomeDir, getRuntimeDir, resolveProjectDir } = require('./feedback-paths');
+const { resolveProKey } = require('./pro-local-dashboard');
+
+const DEFAULT_ORIGIN = 'http://localhost:3456';
+const DEFAULT_TIMEOUT_MS = 150;
+const DEFAULT_BOOT_GRACE_MS = 5000;
+const PKG_ROOT = path.join(__dirname, '..');
+
+function parseOrigin(origin) {
+  const url = new URL(origin || DEFAULT_ORIGIN);
+  return {
+    origin: url.origin,
+    host: url.hostname,
+    port: Number(url.port || (url.protocol === 'https:' ? 443 : 80)),
+    protocol: url.protocol,
+  };
+}
+
+function isLoopbackHost(host) {
+  return host === 'localhost' || host === '127.0.0.1' || host === '::1';
+}
+
+function runtimeStatePath(options = {}) {
+  return path.join(getRuntimeDir(options), 'statusline-api.json');
+}
+
+function readRuntimeState(options = {}) {
+  try {
+    return JSON.parse(fs.readFileSync(runtimeStatePath(options), 'utf8'));
+  } catch {
+    return null;
+  }
+}
+
+function writeRuntimeState(payload, options = {}) {
+  const targetPath = runtimeStatePath(options);
+  fs.mkdirSync(path.dirname(targetPath), { recursive: true });
+  fs.writeFileSync(targetPath, JSON.stringify(payload, null, 2) + '\n');
+  return targetPath;
+}
+
+function isPidAlive(pid) {
+  const numericPid = Number(pid);
+  if (!Number.isInteger(numericPid) || numericPid <= 0) return false;
+  try {
+    process.kill(numericPid, 0);
+    return true;
+  } catch {
+    return false;
+  }
+}
+
+function shouldReuseBootingState(state, now = Date.now()) {
+  if (!state || !isPidAlive(state.pid)) return false;
+  const startedAt = Date.parse(state.startedAt || 0);
+  if (!Number.isFinite(startedAt)) return true;
+  return now - startedAt < DEFAULT_BOOT_GRACE_MS;
+}
+
+function requestOk(url, timeoutMs = DEFAULT_TIMEOUT_MS) {
+  return new Promise((resolve) => {
+    const req = http.get(url, (res) => {
+      res.resume();
+      resolve(res.statusCode >= 200 && res.statusCode < 500);
+    });
+    req.on('error', () => resolve(false));
+    req.setTimeout(timeoutMs, () => {
+      req.destroy();
+      resolve(false);
+    });
+  });
+}
+
+async function probeLocalServer(origin, options = {}) {
+  const timeoutMs = Number(options.timeoutMs || DEFAULT_TIMEOUT_MS);
+  return requestOk(`${origin}/health`, timeoutMs);
+}
+
+function launchLocalServer(options = {}) {
+  const env = options.env || process.env;
+  const origin = parseOrigin(options.origin || env.THUMBGATE_LOCAL_API_ORIGIN || DEFAULT_ORIGIN);
+  const homeDir = options.homeDir || getHomeDir({ env });
+  const resolvedKey = (options.resolveKey || resolveProKey)({ env, homeDir });
+  const projectDir = resolveProjectDir({ env, cwd: options.cwd || process.cwd() });
+  const childEnv = {
+    ...env,
+    HOST: origin.host,
+    PORT: String(origin.port),
+    THUMBGATE_LOCAL_API_ORIGIN: origin.origin,
+    THUMBGATE_PROJECT_DIR: projectDir,
+    THUMBGATE_PRO_MODE: '1',
+  };
+
+  if (resolvedKey && resolvedKey.key) {
+    childEnv.THUMBGATE_API_KEY = resolvedKey.key;
+  }
+
+  const child = spawn(
+    process.execPath,
+    [path.join(PKG_ROOT, 'bin', 'cli.js'), 'start-api'],
+    {
+      cwd: projectDir,
+      env: childEnv,
+      detached: true,
+      stdio: 'ignore',
+    }
+  );
+  child.unref();
+
+  const state = {
+    pid: child.pid,
+    projectDir,
+    origin: origin.origin,
+    startedAt: new Date().toISOString(),
+  };
+  writeRuntimeState(state, { env, home: homeDir });
+  return state;
+}
+
+function buildLinkState({
+  ready,
+  booting,
+  origin,
+  canBootstrap,
+}) {
+  if (ready) {
+    return {
+      state: 'ready',
+      dashboardLabel: 'Dashboard',
+      lessonsLabel: 'Lessons',
+      upLabel: '👍',
+      downLabel: '👎',
+      dashboardUrl: `${origin}/dashboard`,
+      lessonsUrl: `${origin}/lessons`,
+      upUrl: `${origin}/feedback/quick?signal=up`,
+      downUrl: `${origin}/feedback/quick?signal=down`,
+    };
+  }
+
+  if (booting) {
+    return {
+      state: 'booting',
+      dashboardLabel: 'Dashboard…',
+      lessonsLabel: 'Lessons…',
+      upLabel: '👍',
+      downLabel: '👎',
+      dashboardUrl: '',
+      lessonsUrl: '',
+      upUrl: '',
+      downUrl: '',
+    };
+  }
+
+  return {
+    state: canBootstrap ? 'offline' : 'unavailable',
+    dashboardLabel: canBootstrap ? 'Dash: thumbgate pro' : 'Dashboard',
+    lessonsLabel: 'Learn: thumbgate lessons',
+    upLabel: '👍',
+    downLabel: '👎',
+    dashboardUrl: '',
+    lessonsUrl: '',
+    upUrl: '',
+    downUrl: '',
+  };
+}
+
+async function getStatuslineLinks(options = {}) {
+  const env = options.env || process.env;
+  if (env._TEST_THUMBGATE_STATUSLINE_LINKS_JSON) {
+    return JSON.parse(env._TEST_THUMBGATE_STATUSLINE_LINKS_JSON);
+  }
+
+  const homeDir = options.homeDir || getHomeDir({ env });
+  const parsedOrigin = parseOrigin(options.origin || env.THUMBGATE_LOCAL_API_ORIGIN || DEFAULT_ORIGIN);
+  const origin = parsedOrigin.origin;
+  const allowLocalBootstrap = isLoopbackHost(parsedOrigin.host);
+  const probe = options.probeLocalServer || probeLocalServer;
+  const resolveKey = options.resolveKey || resolveProKey;
+  const startServer = options.launchLocalServer || launchLocalServer;
+  const key = resolveKey({ env, homeDir });
+  const canBootstrap = allowLocalBootstrap && Boolean(key && key.key);
+
+  const ready = allowLocalBootstrap ? await probe(origin, options) : false;
+  if (ready) {
+    return buildLinkState({ ready: true, booting: false, origin, canBootstrap });
+  }
+
+  const state = readRuntimeState({ env, home: homeDir });
+  if (shouldReuseBootingState(state)) {
+    return buildLinkState({ ready: false, booting: true, origin, canBootstrap });
+  }
+
+  if (canBootstrap) {
+    startServer({
+      env,
+      homeDir,
+      origin,
+      cwd: options.cwd || process.cwd(),
+      resolveKey: () => key,
+    });
+    return buildLinkState({ ready: false, booting: true, origin, canBootstrap });
+  }
+
+  return buildLinkState({ ready: false, booting: false, origin, canBootstrap });
+}
+
+if (require.main === module) {
+  getStatuslineLinks()
+    .then((payload) => {
+      process.stdout.write(JSON.stringify(payload));
+    })
+    .catch(() => {
+      process.exit(0);
+    });
+}
+
+module.exports = {
+  buildLinkState,
+  getStatuslineLinks,
+  isPidAlive,
+  launchLocalServer,
+  parseOrigin,
+  isLoopbackHost,
+  probeLocalServer,
+  readRuntimeState,
+  runtimeStatePath,
+  shouldReuseBootingState,
+  writeRuntimeState,
+};

package/scripts/statusline.sh

@@ -6,6 +6,7 @@
 # Resolve script directory safely (CodeQL: no uncontrolled paths)
 SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd -P)"
 case "$SCRIPT_DIR" in *[!a-zA-Z0-9/_.-]*) echo "ThumbGate: invalid script path"; exit 1;; esac
+LOCAL_API_ORIGIN="${THUMBGATE_LOCAL_API_ORIGIN:-http://localhost:3456}"
 
 # ── Parse Claude Code session JSON from stdin ─────────────────────
 eval "$(cat | jq -r '
@@ -63,7 +64,7 @@ fi
 # Background refresh from REST API when cache is stale (>120s)
 if [ $(( _NOW - ${CACHE_TS:-0} )) -gt 120 ]; then
   (
-    _R=$(curl -s --max-time 3 "http://localhost:3456/v1/feedback/stats" -H "Authorization: Bearer ${THUMBGATE_API_KEY:-tg_creator_dev_enterprise}" 2>/dev/null)
+    _R=$(curl -s --max-time 3 "${LOCAL_API_ORIGIN}/v1/feedback/stats" -H "Authorization: Bearer ${THUMBGATE_API_KEY:-tg_creator_dev_enterprise}" 2>/dev/null)
     [ -z "$_R" ] && exit 0
     echo "$_R" | python3 -c "
 import json,sys,time,os
@@ -78,6 +79,23 @@ except:pass
   disown 2>/dev/null
 fi
 
+# ── Clickable statusline affordances ─────────────────────────────
+LINK_STATE="offline"
+UP_URL=""; DOWN_URL=""; DASHBOARD_URL=""; LESSONS_URL=""
+DASHBOARD_LABEL="Dashboard"; LESSONS_LABEL="Lessons"
+_LINKS_JSON=$(node "${SCRIPT_DIR}/statusline-links.js" 2>/dev/null)
+if [ -n "$_LINKS_JSON" ]; then
+  eval "$(echo "$_LINKS_JSON" | jq -r '
+    @sh "LINK_STATE=\(.state // "offline")",
+    @sh "UP_URL=\(.upUrl // "")",
+    @sh "DOWN_URL=\(.downUrl // "")",
+    @sh "DASHBOARD_URL=\(.dashboardUrl // "")",
+    @sh "LESSONS_URL=\(.lessonsUrl // "")",
+    @sh "DASHBOARD_LABEL=\(.dashboardLabel // "Dashboard")",
+    @sh "LESSONS_LABEL=\(.lessonsLabel // "Lessons")"
+  ' 2>/dev/null)"
+fi
+
 # ── ThumbGate package metadata ────────────────────────────────────────
 TG_VERSION="unknown"; TG_TIER="Free"
 _META_JSON=$(node "${SCRIPT_DIR}/statusline-meta.js" 2>/dev/null)
@@ -107,17 +125,34 @@ case "${TREND}" in
   improving) ARROW="↗" ;; degrading) ARROW="↘" ;; stable) ARROW="→" ;; *) ARROW="?" ;;
 esac
 
+osc8_link() {
+  local url="$1"
+  local label="$2"
+  if [ -n "$url" ]; then
+    printf '\033]8;;%s\a%s\033]8;;\a' "$url" "$label"
+  else
+    printf '%s' "$label"
+  fi
+}
+
+UP_ICON="$(osc8_link "$UP_URL" "👍")"
+DOWN_ICON="$(osc8_link "$DOWN_URL" "👎")"
+DASHBOARD_LINK="$(osc8_link "$DASHBOARD_URL" "$DASHBOARD_LABEL")"
+LESSONS_LINK="$(osc8_link "$LESSONS_URL" "$LESSONS_LABEL")"
+
 # ── Output (single line) ─────────────────────────────────────────
 LINE="ThumbGate v${TG_VERSION} · ${TG_TIER}"
 if [ "$UP" = "0" ] && [ "$DOWN" = "0" ]; then
-  echo -e "${D}${LINE} · no feedback yet${RST}"
+  LINE="${D}${LINE} · no feedback yet${RST} · ${C}${DASHBOARD_LINK}${RST} · ${M}${LESSONS_LINK}${RST}"
+  printf '%b\n' "$LINE"
 else
-  LINE="${LINE} · ${G}${BD}${UP}${RST}👍 ${R}${BD}${DOWN}${RST}👎 ${ARROW}"
+  LINE="${LINE} · ${G}${BD}${UP}${RST}${UP_ICON} ${R}${BD}${DOWN}${RST}${DOWN_ICON} ${ARROW}"
 
   # Control Tower alerts (if any)
   [ "${SLO_V:-0}" -gt 0 ] && LINE="${LINE} ${R}${SLO_V} SLO${RST}"
   [ "${AT_RISK:-0}" -gt 0 ] && LINE="${LINE} ${R}${AT_RISK}⚠${RST}"
   [ "${ANOMALIES:-0}" -gt 0 ] && LINE="${LINE} ${R}${ANOMALIES}☠${RST}"
+  LINE="${LINE} · ${C}${DASHBOARD_LINK}${RST} · ${M}${LESSONS_LINK}${RST}"
 
-  echo -e "$LINE"
+  printf '%b\n' "$LINE"
 fi

package/scripts/sync-github-about.js

@@ -6,6 +6,7 @@ const {
   fetchLiveGitHubAbout,
   loadGitHubAboutConfig,
   updateLiveGitHubAbout,
+  verifyLiveGitHubAbout,
 } = require('./github-about');
 
 async function main() {
@@ -32,11 +33,13 @@ async function main() {
   console.log(`Syncing GitHub About for ${about.repo}...`);
   await updateLiveGitHubAbout({ repo: about.repo });
 
-  const after = await fetchLiveGitHubAbout({ repo: about.repo });
-  const remaining = compareGitHubAbout(about, after, `Live GitHub About (${about.repo})`);
-  if (remaining.length > 0) {
+  const verification = await verifyLiveGitHubAbout({
+    expected: about,
+    repo: about.repo,
+  });
+  if (verification.errors.length > 0) {
     console.error(`\n❌ GitHub About sync incomplete for ${about.repo}:\n`);
-    for (const error of remaining) {
+    for (const error of verification.errors) {
       console.error(`  • ${error}`);
     }
     console.error('');

package/scripts/tool-registry.js

@@ -399,6 +399,17 @@ const TOOLS = [
       },
     },
   }),
+  destructiveTool({
+    name: 'export_hf_dataset',
+    description: 'Export ThumbGate agent traces and DPO preference pairs as a HuggingFace-compatible dataset. Produces traces.jsonl, preferences.jsonl, and dataset_info.json with PII-redacted paths. Ready for huggingface-cli upload.',
+    inputSchema: {
+      type: 'object',
+      properties: {
+        outputDir: { type: 'string', description: 'Output directory (default: feedback-dir/hf-dataset)' },
+        includeProvenance: { type: 'boolean', description: 'Include provenance events in traces (default: true)' },
+      },
+    },
+  }),
   destructiveTool({
     name: 'export_databricks_bundle',
     description: 'Export ThumbGate logs and proof artifacts as a Databricks-ready analytics bundle',

package/scripts/workflow-sentinel.js

@@ -14,6 +14,7 @@ const {
   normalizePosix,
   resolveRepoRoot,
 } = require('./operational-integrity');
+const { buildDockerSandboxPlan } = require('./docker-sandbox-planner');
 const { evaluatePretool } = require('./hybrid-feedback-context');
 
 const GOVERNANCE_STATE_PATH = path.join(process.env.HOME || '/tmp', '.thumbgate', 'governance-state.json');
@@ -523,12 +524,58 @@ function buildEvidence({
   return evidence;
 }
 
+function addIntegrityRemediations(push, integrity) {
+  if (!integrity || !Array.isArray(integrity.blockers)) {
+    return;
+  }
+
+  const blockerCodes = new Set(integrity.blockers.map((blocker) => blocker.code));
+  const remediationSpecs = [
+    {
+      codes: ['missing_branch_governance'],
+      id: 'set_branch_governance',
+      title: 'Declare branch governance',
+      action: 'Call set_branch_governance with branchName, baseBranch, and PR/release expectations.',
+      why: 'Release, merge, and PR workflows need explicit branch state.',
+    },
+    {
+      codes: ['merge_requires_pr_context'],
+      id: 'attach_pr_context',
+      title: 'Attach PR context',
+      action: 'Update branch governance with prNumber or prUrl before merging.',
+      why: 'Merge actions should be tied to one explicit review surface.',
+    },
+    {
+      codes: ['missing_release_version', 'release_version_mismatch'],
+      id: 'align_release_version',
+      title: 'Align release version',
+      action: 'Set branch governance releaseVersion and verify it matches package.json before publish.',
+      why: 'Release metadata should match the artifact being published.',
+    },
+    {
+      codes: ['publish_requires_base_branch', 'publish_requires_mainline_head'],
+      id: 'switch_to_mainline',
+      title: 'Run publish from mainline',
+      action: `Move the action onto ${integrity.baseBranch || DEFAULT_BASE_BRANCH} after the merge commit exists.`,
+      why: 'Publish and tag flows should execute from the protected mainline branch.',
+    },
+  ];
+
+  for (const remediation of remediationSpecs) {
+    if (!remediation.codes.some((code) => blockerCodes.has(code))) {
+      continue;
+    }
+    push(remediation.id, remediation.title, remediation.action, remediation.why);
+  }
+}
+
 function buildRemediations({
   integrity,
   taskScopeViolation,
   protectedSurface,
   blastRadius,
   memoryGuard,
+  executionSurface,
 }) {
   const remediations = [];
   const seen = new Set();
@@ -555,41 +602,7 @@ function buildRemediations({
       'Protected policy files need an explicit time-bounded approval.'
     );
   }
-  if (integrity && Array.isArray(integrity.blockers)) {
-    const blockerCodes = new Set(integrity.blockers.map((blocker) => blocker.code));
-    if (blockerCodes.has('missing_branch_governance')) {
-      push(
-        'set_branch_governance',
-        'Declare branch governance',
-        'Call set_branch_governance with branchName, baseBranch, and PR/release expectations.',
-        'Release, merge, and PR workflows need explicit branch state.'
-      );
-    }
-    if (blockerCodes.has('merge_requires_pr_context')) {
-      push(
-        'attach_pr_context',
-        'Attach PR context',
-        'Update branch governance with prNumber or prUrl before merging.',
-        'Merge actions should be tied to one explicit review surface.'
-      );
-    }
-    if (blockerCodes.has('missing_release_version') || blockerCodes.has('release_version_mismatch')) {
-      push(
-        'align_release_version',
-        'Align release version',
-        'Set branch governance releaseVersion and verify it matches package.json before publish.',
-        'Release metadata should match the artifact being published.'
-      );
-    }
-    if (blockerCodes.has('publish_requires_base_branch') || blockerCodes.has('publish_requires_mainline_head')) {
-      push(
-        'switch_to_mainline',
-        'Run publish from mainline',
-        `Move the action onto ${integrity.baseBranch || DEFAULT_BASE_BRANCH} after the merge commit exists.`,
-        'Publish and tag flows should execute from the protected mainline branch.'
-      );
-    }
-  }
+  addIntegrityRemediations(push, integrity);
   if (memoryGuard && memoryGuard.mode && memoryGuard.mode !== 'allow') {
     push(
       'retrieve_lessons',
@@ -606,6 +619,14 @@ function buildRemediations({
       'Smaller blast radii are easier to verify and recover.'
     );
   }
+  if (executionSurface?.shouldSandbox) {
+    push(
+      'route_to_docker_sandbox',
+      'Route through Docker Sandboxes',
+      `Launch the repo in Docker Sandboxes before retrying. Standalone: ${executionSurface.launchers.standalone}. Docker Desktop: ${executionSurface.launchers.dockerDesktop}.`,
+      'Isolated execution limits host damage when a high-risk local action goes wrong.'
+    );
+  }
 
   return remediations;
 }
@@ -615,6 +636,9 @@ function buildReasoning(report) {
     `Workflow sentinel risk ${report.band} (${report.riskScore}) for ${report.toolName}.`,
     `Blast radius: ${report.blastRadius.summary}.`,
   ];
+  if (report.executionSurface?.shouldSandbox) {
+    lines.push(`Execution surface: ${report.executionSurface.summary}`);
+  }
   for (const driver of report.drivers.slice(0, 4)) {
     lines.push(`Driver ${driver.key} (+${driver.weight}): ${driver.reason}`);
   }
@@ -624,6 +648,16 @@ function buildReasoning(report) {
   return lines;
 }
 
+function getSentinelActionType(toolName) {
+  if (toolName === 'Bash') {
+    return 'shell.exec';
+  }
+  if (EDIT_LIKE_TOOLS.has(toolName)) {
+    return 'file.write';
+  }
+  return '';
+}
+
 function chooseDecision({ riskScore, integrity, memoryGuard, blastRadius, command }) {
   const hasOperationalBlockers = Boolean(integrity && Array.isArray(integrity.blockers) && integrity.blockers.length > 0);
   const destructiveBypass = /\bgit\s+push\b.*(?:--force|-f)\b/i.test(command) || /\bgh\s+pr\s+merge\b.*--admin\b/i.test(command);
@@ -713,6 +747,18 @@ function evaluateWorkflowSentinel(toolName, toolInput = {}, options = {}) {
     taskScopeViolation,
     protectedSurface: protectedSurfaceForRisk,
   });
+  const executionSurface = buildDockerSandboxPlan({
+    toolName,
+    actionType: getSentinelActionType(toolName),
+    command: toolInput.command,
+    repoPath,
+    affectedFiles,
+    riskBand: risk.band,
+    riskScore: risk.score,
+    requiresNetwork: Boolean(
+      /\b(?:curl|wget|gh\s+pr|git\s+push|npm\s+publish|yarn\s+publish|pnpm\s+publish)\b/i.test(toolInput.command || '')
+    ),
+  });
   const decision = chooseDecision({
     riskScore: risk.score,
     integrity,
@@ -736,6 +782,7 @@ function evaluateWorkflowSentinel(toolName, toolInput = {}, options = {}) {
     protectedSurface: protectedSurfaceForRisk,
     blastRadius,
     memoryGuard,
+    executionSurface,
   });
   const summary = decision === 'allow'
     ? 'No predictive workflow blockers detected.'
@@ -753,6 +800,7 @@ function evaluateWorkflowSentinel(toolName, toolInput = {}, options = {}) {
     blastRadius,
     evidence,
     remediations,
+    executionSurface,
     memoryGuard,
     taskScopeViolation,
     operationalIntegrity: {

package/src/api/server.js

@@ -169,6 +169,7 @@ const PRO_PAGE_PATH = path.resolve(__dirname, '../../public/pro.html');
 const DASHBOARD_PAGE_PATH = path.resolve(__dirname, '../../public/dashboard.html');
 const LESSONS_PAGE_PATH = path.resolve(__dirname, '../../public/lessons.html');
 const GUIDE_PAGE_PATH = path.resolve(__dirname, '../../public/guide.html');
+const COMPARE_PAGE_PATH = path.resolve(__dirname, '../../public/compare.html');
 const LEARN_PAGE_PATH = path.resolve(__dirname, '../../public/learn.html');
 const LEARN_DIR = path.resolve(__dirname, '../../public/learn');
 const BUYER_INTENT_SCRIPT_PATH = path.resolve(__dirname, '../../public/js/buyer-intent.js');
@@ -2791,6 +2792,16 @@ async function addContext(){
       return;
     }
 
+    if (isGetLikeRequest && pathname === '/compare') {
+      try {
+        const html = fs.readFileSync(COMPARE_PAGE_PATH, 'utf-8');
+        sendHtml(res, 200, html, {}, { headOnly: isHeadRequest });
+      } catch {
+        sendJson(res, 404, { error: 'Compare page not found' });
+      }
+      return;
+    }
+
     if (isGetLikeRequest && pathname === '/blog') {
       try {
         const blogPath = path.resolve(__dirname, '../../public/blog.html');
@@ -2848,7 +2859,7 @@ async function addContext(){
           version: pkg.version,
           status: 'ok',
           docs: 'https://github.com/IgorGanapolsky/ThumbGate',
-          endpoints: ['/health', '/dashboard', '/guide', '/learn', '/pro', '/v1/feedback/capture', '/v1/feedback/stats', '/v1/feedback/summary', '/v1/lessons/search', '/v1/search', '/v1/dashboard', '/v1/dashboard/render-spec', '/v1/settings/status', '/v1/dpo/export', '/v1/jobs', '/v1/jobs/harness', '/v1/analytics/databricks/export'],
+          endpoints: ['/health', '/dashboard', '/guide', '/compare', '/learn', '/pro', '/v1/feedback/capture', '/v1/feedback/stats', '/v1/feedback/summary', '/v1/lessons/search', '/v1/search', '/v1/dashboard', '/v1/dashboard/render-spec', '/v1/settings/status', '/v1/dpo/export', '/v1/jobs', '/v1/jobs/harness', '/v1/analytics/databricks/export'],
         }, {}, {
           headOnly: isHeadRequest,
         });