Skip to content

feat(loopover): flip site-identity domain to loopover.ai#5580

Merged
JSONbored merged 1 commit into
mainfrom
loopover/domain-flip
Jul 13, 2026
Merged

feat(loopover): flip site-identity domain to loopover.ai#5580
JSONbored merged 1 commit into
mainfrom
loopover/domain-flip

Conversation

@JSONbored

Copy link
Copy Markdown
Owner

Summary

  • Advances Decide & schedule the domain sunset window #4765. Flips PUBLIC_SITE_ORIGIN (+ CORS allowlist, GitHub OAuth returnTo fallback, UI-facing links/docs/sitemap, ORB broker/collector defaults, OpenAPI server URL) from gittensory.aethereal.dev / gittensory-api.aethereal.dev to loopover.ai / api.loopover.ai as the new default site identity.
  • PUBLIC_API_ORIGIN is intentionally left unchanged in this PR: flipping it changes the redirect_uri sent during GitHub OAuth, which requires the GitHub App's registered callback URL to include the new domain first. That flip lands separately once the callback URL is confirmed.
  • The old gittensory.aethereal.dev domain stays live (CORS allowlist, Worker route, and the new PUBLIC_SITE_ORIGIN_ALIASES var) as a backward-compatible alias, not a hard cutover — existing bookmarks/links keep working.

Test plan

  • Updated test/helpers/d1.ts's shared PUBLIC_SITE_ORIGIN test fixture default and fixed the resulting assertions across test/unit/auth.test.ts, test/unit/github-app.test.ts, test/unit/github-commands.test.ts, test/unit/orb-broker-client.test.ts, test/unit/queue-4.test.ts, test/integration/orb-oauth.test.ts, test/integration/routes-errors.test.ts.
  • Full local gate (npm run test:ci + npm audit --audit-level=moderate) green.

@superagent-security

Copy link
Copy Markdown
Contributor

Superagent didn't find any vulnerabilities or security issues in this PR.

@JSONbored JSONbored self-assigned this Jul 13, 2026
@codecov

codecov Bot commented Jul 13, 2026

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 94.99%. Comparing base (d402777) to head (496448a).
✅ All tests successful. No failed tests found.

Additional details and impacted files
@@           Coverage Diff           @@
##             main    #5580   +/-   ##
=======================================
  Coverage   94.99%   94.99%           
=======================================
  Files         573      573           
  Lines       45490    45490           
  Branches    14680    14680           
=======================================
  Hits        43212    43212           
  Misses       1527     1527           
  Partials      751      751           
Flag Coverage Δ
shard-1 44.03% <60.00%> (ø)
shard-2 35.66% <80.00%> (ø)
shard-3 32.16% <60.00%> (ø)
shard-4 32.86% <40.00%> (ø)
shard-5 31.86% <40.00%> (+<0.01%) ⬆️
shard-6 44.17% <40.00%> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

Files with missing lines Coverage Δ
src/api/routes.ts 94.30% <100.00%> (ø)
src/auth/github-oauth.ts 95.04% <100.00%> (ø)
src/github/footer.ts 100.00% <100.00%> (ø)
src/github/repo-doc-pr.ts 100.00% <ø> (ø)
src/orb/broker-client.ts 99.14% <100.00%> (ø)
src/review/repo-doc-render.ts 100.00% <ø> (ø)
src/review/visual/capture.ts 96.00% <ø> (ø)
src/selfhost/orb-collector.ts 100.00% <100.00%> (ø)
src/signals/engine.ts 97.49% <ø> (ø)
🚀 New features to boost your workflow:
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@loopover-orb loopover-orb Bot added the gittensor:bug Gittensor-scored bug fix — scores a 0.05x multiplier. label Jul 13, 2026
@loopover-orb

loopover-orb Bot commented Jul 13, 2026

Copy link
Copy Markdown

Caution

🟥🟥🟥🟥🟥🟥🟥🟥🟥🟥🟥🟥

🛑 Gittensory review result - fixes required

Review updated: 2026-07-13 07:20:04 UTC

41 files · 1 AI reviewer · 2 blockers · readiness 93/100 · CI failing · unstable

🛑 Suggested Action - Manual Review

Review summary
This is a mechanical domain flip: PUBLIC_SITE_ORIGIN moves to loopover.ai (site-facing links, CORS, sitemap, robots, OAuth returnTo fallback), while PUBLIC_API_ORIGIN stays on gittensory-api.aethereal.dev per the stated OAuth callback-URL constraint — but api.loopover.ai is used as the new default for the UI's VITE_GITTENSORY_API_ORIGIN, ORB broker/collector defaults, and the OpenAPI server URL, exactly as the description says. The old gittensory.aethereal.dev domain is correctly retained in DEFAULT_CORS_ORIGINS (src/api/routes.ts:5703) and PUBLIC_SITE_ORIGIN_ALIASES (wrangler.jsonc), so bookmarks/OAuth returns from the legacy domain keep working. worker-configuration.d.ts was regenerated in lockstep with wrangler.jsonc (both PUBLIC_SITE_ORIGIN/ALIASES updated together), and all the test fixtures/assertions across auth, github-app, github-commands, orb-broker-client, queue-4, and the two integration suites were updated consistently with the new default.

Blockers

  • apps/gittensory-ui/src/lib/api/origin.ts:1 flips the browser API default to `https:​//api.loopover.ai`, so OAuth starts from that host and `src/auth/github-oauth.ts:236` derives `redirect_uri=https:​//api.loopover.ai/v1/auth/github/callback`, contradicting the PR's stated staged rollout and breaking login until the GitHub App callback is registered; keep the frontend/API env defaults on `https:​//gittensory-api.aethereal.dev` until the callback flip lands.
Nits — 5 non-blocking
  • apps/gittensory-ui/wrangler.jsonc and several src files now default to api.loopover.ai for the API origin (ORB broker, OpenAPI server URL, UI build env) even though PUBLIC_API_ORIGIN itself is intentionally still gittensory-api.aethereal.dev — worth confirming api.loopover.ai DNS/Worker route is actually live before this merges, or the UI/smoke tests will point at a dead host.
  • scripts/smoke-production.mjs:2 defaults apiOrigin to api.loopover.ai and will be exercised by the smoke-production job against production — same DNS-readiness caveat as above.
  • The hardcoded https:​//api.loopover.ai / https:​//loopover.ai literals scattered across src/orb/broker-client.ts, src/api/routes.ts, src/auth/github-oauth.ts, etc. mirror the pre-existing pattern (same as the old gittensory.aethereal.dev literals they replace), so this isn't a new violation, but it would be worth centralizing these as a follow-up.
  • Consider adding a one-line note in the PR description confirming api.loopover.ai's DNS/Worker route is provisioned, since that's a precondition for every api.loopover.ai default introduced here (origin.ts, broker-client.ts, orb-collector.ts, openapi.json server URL) actually working in production.
  • apps/gittensory-ui/src/lib/analytics-proxy.ts:3 and src/review/visual/capture.ts:491 only updated comment text, not code — good, but worth double-checking no other comment-only occurrences of gittensory.aethereal.dev were missed elsewhere in the tree.

Why this is blocked

  • No linked issue detected — If this PR is intended to solve an issue, link it explicitly in the PR body.
  • Maintainer requires a linked issue — Link the relevant issue (for example Closes #123) before opening the PR.
📋 Copy for AI agents — paste into your coding agent
Fix the following blocker(s) from this PR review:

1. No linked issue detected — If this PR is intended to solve an issue, link it explicitly in the PR body.

2. Maintainer requires a linked issue — Link the relevant issue (for example `Closes #123`) before opening the PR.

CI checks failing

  • Build UI preview artifact
Signal Result Evidence
Code review ❌ 2 blockers 1 reviewer
Linked issue ⚠️ Missing No linked issue or no-issue rationale found.
Related work ✅ No active overlap found No same-issue or scoped active PR overlap found.
Change scope ✅ 20/20 Low review scope from cached public metadata (no linked issue context).
Validation posture ✅ 25/25 PR body includes validation/test evidence.
Contributor workload ✅ 10/10 Author activity: 44 registered-repo PR(s), 36 merged, 379 issue(s).
Contributor context ✅ Confirmed Gittensor contributor JSONbored; Gittensor profile; 44 PR(s), 379 issue(s).
Gate result ❌ Blocking Repo-configured hard blocker found.
Improvement ✅ Minor risk: clean · value: minor — Code changes are accompanied by test evidence.
Review context
  • Author: JSONbored
  • Role context: owner (maintainer lane)
  • Public audience mode: oss maintainer
  • Lane context: Repository is configured for direct PR review.
  • Public profile languages: not available
  • Official Gittensor activity: 44 PR(s), 379 issue(s).
  • PR-specific overlap: none found.
Contributor next steps
  • Treat this as maintainer-lane context rather than normal contributor-lane activity.
  • Explain no-issue PR.
  • Link the issue being solved, or explicitly explain why this is a no-issue PR.
Signal definitions
  • Related work = same linked issue, overlapping active PRs, or title/path similarity.
  • Change scope = cached public metadata such as size labels, draft state, and review-burden hints.
  • Validation posture = whether the PR provides enough public validation/test evidence for maintainer review.
  • Contributor workload = public contributor activity and cleanup pressure, not a repo-wide quality failure.
  • Contributor context = public GitHub/Gittensor identity context; non-Gittensor status is not a blocker.
[BETA] Chat with Gittensory

Ask Gittensory a question about this PR directly in a comment — grounded only in the same cached, public-safe facts shown above, never a new claim.

  • @gittensory ask &lt;question&gt; answers contribution-quality Q&A with source citations and freshness.
  • @gittensory chat &lt;question&gt; answers in natural prose from cached decision-pack facts via local inference (maintainer/collaborator; read-only).
  • A plain-language @gittensory mention with a real question is routed to the closest matching read-only command automatically -- no exact syntax required.

Full command reference: https://gittensory.aethereal.dev/docs/gittensory-commands

Visual preview
Route Viewport Before (production) After (this PR's preview) Diff
/agents desktop before /agents after /agents
/agents mobile before /agents (mobile) after /agents (mobile)
/docs/mcp-clients desktop before /docs/mcp-clients after /docs/mcp-clients
/docs/mcp-clients mobile before /docs/mcp-clients (mobile) after /docs/mcp-clients (mobile)

Click any thumbnail to open the full-size screenshot. Before = production · After = this PR's preview deploy.

🟩 Safe / merged · 🟦 Advisory · 🟨 Held for review · 🟥 Blocked / closed


💰 Earn for open-source contributions like this. Gittensor lets GitHub contributors earn for the work they already do — register to start earning →.

Checked by Gittensory, a quiet PR intelligence layer for OSS maintainers.

  • Re-run Gittensory review

Advances #4765. Flips PUBLIC_SITE_ORIGIN (+ CORS, OAuth returnTo fallback,
UI-facing links/docs/sitemap, ORB broker/collector defaults, OpenAPI server
URL) from gittensory.aethereal.dev / gittensory-api.aethereal.dev to
loopover.ai / api.loopover.ai as the new default identity.

PUBLIC_API_ORIGIN is intentionally left unchanged: flipping it would send a
new redirect_uri during GitHub OAuth, which requires the GitHub App's
registered callback URL to be updated first. That flip lands separately
once the callback URL is confirmed.

The old gittensory.aethereal.dev domain stays live (CORS allowlist,
Worker route, and PUBLIC_SITE_ORIGIN_ALIASES) as a backward-compatible
alias, not a hard cutover.
@JSONbored
JSONbored force-pushed the loopover/domain-flip branch from 393b1d1 to 496448a Compare July 13, 2026 07:24
@cloudflare-workers-and-pages

cloudflare-workers-and-pages Bot commented Jul 13, 2026

Copy link
Copy Markdown

Deploying with  Cloudflare Workers  Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status Name Latest Commit Preview URL Updated (UTC)
✅ Deployment successful!
View logs
loopover-ui 496448a Commit Preview URL

Branch Preview URL
Jul 13 2026, 07:26 AM

@JSONbored
JSONbored merged commit dc86cf7 into main Jul 13, 2026
20 checks passed
@JSONbored
JSONbored deleted the loopover/domain-flip branch July 13, 2026 07:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

gittensor:bug Gittensor-scored bug fix — scores a 0.05x multiplier. manual-review Gittensor contributor context

Development

Successfully merging this pull request may close these issues.

Decide & schedule the domain sunset window

1 participant