Codex state#97
Merged
khaliqgant merged 14 commits intomainfrom Jan 7, 2026
Merged
Conversation
- Implement handleForwardWebhook to process GitHub events forwarded by Nango - Add handlers for installation and installation_repositories events - Include auto-add logic in forward handlers to add users to workspaces - Fixes issue where repos weren't syncing and auto-add wasn't triggering Previously, forward events were being ignored, causing GitHub installation webhooks to be dropped. This meant repos never synced to the database and users with repo access weren't automatically added to workspaces.
Add null checks and full payload logging to debug forward webhook structure
Remove assumptions about payload structure and just log it for analysis
Parse Nango forward webhooks properly: - GitHub event data is nested in payload.payload - Infer event type from payload structure (installation vs repositories) - Route to appropriate handlers for installation events - Include auto-add logic for workspace membership
…repos When User B syncs a repo that User A already linked to a workspace: - Check if ANY user has this repo linked to a workspace (not just current user) - Auto-add User B to that workspace since they have repo access - Fixes issue where new users with repo access weren't being auto-added Previously, each user gets their own row in repositories table. When User B synced repo X, a new row was created with no workspaceId, so auto-add logic didn't trigger even though User A had linked repo X to a workspace. Now we query all records for the same repo (by githubFullName) and check if any other user has it linked to a workspace.
When user logs in with GitHub OAuth (not GitHub App OAuth): - Query repos they have access to via GitHub user OAuth connection - Check if any of those repos are linked to existing workspaces - Auto-add user to those workspaces This eliminates the need for users to complete the separate GitHub App OAuth flow just to be added to workspaces. Auto-add now triggers on regular login for all three scenarios: 1. New user creation 2. Returning user login 3. First-time connection for existing user Fixes issue where users had to complete extra OAuth step to join workspaces for repos they already have access to.
/api/github-app/repos now falls back to querying GitHub directly via user OAuth connection when database is empty. Before: Endpoint only returned repos from database, which was empty for users who only completed GitHub login (not GitHub App OAuth). After: 1. Try database first (populated by GitHub App OAuth) 2. If empty, query GitHub API via user's github connection 3. Return repos with source indicator (database vs github-api) This allows users to see their repos without completing the GitHub App OAuth flow, using their regular GitHub OAuth connection instead.
When checking for workspace auto-add during login: - Query GitHub for user's accessible repos - Persist each repo to database (cache for future queries) - Then check for workspace memberships This eliminates repeated GitHub API calls on every /api/github-app/repos request. After login, repos are cached in database and served from there.
Two fixes: 1. Only persist repos that match existing workspaces during login - Previously synced ALL repos user has access to (wasteful) - Now only persists repos that are linked to workspaces - Checks for workspace match BEFORE persisting 2. Add workspace member permissions to proxy route - Previously only workspace owner could proxy requests - Now members and admins can also proxy requests - Viewers limited to read-only (GET) requests - Checks acceptedAt to ensure membership is accepted
When creating repo record for new user, copy the workspaceId from the existing repo record that has it. Previously, we checked for workspace match but didn't copy the workspaceId to the new user's repo record. Now: 1. Find existing repo records with workspaceId 2. Save the matched workspaceId 3. Copy it to the new user's repo record This ensures the new user's repo is properly linked to the workspace.
- Add broadcastData() call after message send in /api/send endpoint - Ensures all connected dashboard users receive message updates via WebSocket - Fixes issue where workspace members couldn't see each other's messages in real-time 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.