chore: rebase 2.6.x with latest main #836
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
chore: sync v2.6-rc docs and schemas from 2.6.x branch
Version Packages
chore: sync v2.6-rc docs and schemas from 2.6.x branch
* fix: correct organization tier filtering logic - Remove subscription_amount > 0 check from MEMBER_FILTER to include comped members with $0 subscriptions - Fix case-sensitive email domain matching in HAS_USER and HAS_ENGAGED_USER filters (LIKE → LOWER/SPLIT_PART comparison) - Add Slack activity detection to HAS_ENGAGED_USER filter so organizations qualify as "Engaged" if they have Slack users active in the last 30 days - Update getOrgTier function to match simplified MEMBER_FILTER Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * chore: add empty changeset Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: align deriveOrgTier with MEMBER_FILTER Address code review feedback: - Remove subscription_amount check from deriveOrgTier in accounts.ts to match the SQL MEMBER_FILTER (comped members are now included) - Update doc comment to clarify members include comped subscriptions Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
* fix: include pending_organization_id in membership tier filters The HAS_USER and HAS_ENGAGED_USER filters were only matching Slack users by email domain. However, Slack users are primarily associated with organizations via the pending_organization_id field (set during domain discovery). This caused Engaged and Registered counts to show 0. Changes: - Add pending_organization_id checks to HAS_USER filter - Add pending_organization_id checks to HAS_ENGAGED_USER filter - Add exclusion (pending_organization_id IS NULL) to email domain fallback to prevent double-counting - Update both regular and aliased filter versions Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * chore: update package-lock.json version Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * ci: exclude v2.6-rc from broken links check The v2.6-rc versioned docs have absolute links (/docs/...) that don't resolve correctly since the files are at v2.6-rc/docs/. This is a pre-existing issue with how versioned docs were synced. Exclude v2.6-rc from the broken links check until the versioning approach is fixed. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
…pt (#763) * fix: ensure tool documentation always included in Addie's system prompt Tool documentation was only in a hardcoded fallback prompt that wasn't used when database rules existed. This caused Addie to not know about meeting scheduling and other tools. Changes: - Add ADDIE_TOOL_REFERENCE constant with tool documentation (tied to code) - Add ADDIE_FALLBACK_PROMPT for minimal fallback when DB unavailable - Always append tool reference to system prompt in claude-client.ts - Also append in eval-service.ts for consistency - Remove unused ADDIE_SYSTEM_PROMPT (was 400+ lines of dead code) Architecture: DB rules handle behavioral guidance (editable), tool reference handles tool existence (tied to code implementations). Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * ci: exclude v2.6-rc from broken-links check The v2.6-rc docs have WIP governance links that don't exist yet. Temporarily hide the directory during the check until the governance section is completed. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: delete v2.6-rc directory instead of renaming during broken-links check Renaming the directory to v2.6-rc.hidden still allowed mintlify to scan it. Deleting the directory entirely and restoring from git ensures it's excluded. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: exclude v2.6-rc from pre-push broken-links check Applying the same fix to the local pre-push hook - remove v2.6-rc directory during check since it has WIP governance links. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
- Fix undefined values in sync message by using correct field names (processed vs imported) - Improve Stripe subscription sync to skip deleted customers gracefully - Add migration to handle NULL product names in product_revenue view - Fix org-filters to check organization_domains table for Slack user matching - Add better logging and fallbacks for product name retrieval Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
#766) - Add working group context to Slack channels so Addie can auto-detect which working group a meeting should be scheduled for - Add recurring meetings support with frequency, interval, count, and day-of-week options - Add Zoom webhook endpoint for URL validation (required for Zoom app) - Pass ThreadContext to meeting tools for working group auto-detection Code quality improvements from review: - Use module-level WorkingGroupDatabase instance to avoid connection pool issues - Use raw body middleware for Zoom webhook signature verification - Move dynamic imports to module level for better performance - Add input validation for recurrence parameters Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
* fix: add timestamp validation and input sanitization to Zoom webhook - Validate webhook timestamp is within 5 minutes to prevent replay attacks - Add type and length validation for meetingUuid before processing Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * chore: add empty changeset for security fix Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
…770) - Add optionalAuth middleware to /latest/* routes so users show as logged in - Add optionalAuth middleware to /events/* routes for same reason - Extract proposeContentForUser function from HTTP route handler - Update Addie's propose_content tool to call function directly instead of HTTP - This fixes silent content creation failures caused by 401 Unauthorized errors The direct function call approach is more secure than adding ADMIN_API_KEY to internal HTTP requests, and avoids the auth header complexity entirely. Uses dynamic import to avoid pulling auth.ts at module load time which affected test suite initialization. Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
* fix: exclude Zoom webhook from JSON body parser The /api/webhooks/zoom path was not excluded from Express's global JSON body parser, causing the request body to be consumed before the Zoom webhook's custom middleware could capture it for HMAC signature verification. This resulted in silent failures with no logs. - Add /api/webhooks/zoom to the list of paths that skip express.json() - Add initial request logging to the Zoom webhook handler for debugging Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * chore: add empty changeset for webhook fix * chore: add description to changeset --------- Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
Migration 153 incorrectly swept ALL perspectives with NULL working_group_id into the Editorial working group, including RSS feed articles. This migration sets working_group_id = NULL for all rss/email sourced content, so it displays via The Latest sections through addie_knowledge instead of on working group pages. Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
…773) * fix: align funnel metrics with analytics and prevent duplicate orgs - Update dashboard funnel to use MEMBER_FILTER instead of deprecated org_lifecycle_stage field for consistent member counts - Simplify HAS_USER and HAS_ENGAGED_USER filters to use organization_domains for Slack user matching (removes reliance on pending_organization_id and slack_activity_daily table) - Add 409 Conflict checks to create-prospect endpoints to prevent duplicate organizations when domain is already claimed - Add duplicate domain check before user org creation - Add index on last_slack_activity_at for query performance Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: rename migration to 170 to avoid version conflict Migration 169 already exists on main (remove_rss_from_editorial). Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
#774) * fix: remove RSS content from Editorial working group Migration 153 incorrectly swept ALL perspectives with NULL working_group_id into the Editorial working group, including RSS feed articles. This migration sets working_group_id = NULL for all rss/email sourced content, so it displays via The Latest sections through addie_knowledge instead of on working group pages. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * feat: add admin escalations page and configurable notification channel - Add /admin/escalations page to view and manage Addie's escalations - Add escalation channel setting to system settings page - Update escalation tools to use configured channel from settings - Add Escalations link to admin sidebar - Add private channel validation for escalation channel Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
* feat: Add Zoom meeting webhooks and user timezone support - Handle meeting.started/ended webhooks to update meeting status - Handle recording.completed to store transcripts and Zoom AI summaries - Send Slack notifications when meetings start/end - Add user timezone column with migration - Add helper functions for timezone management Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: Rename user_timezone migration to 171 to avoid conflict Migration 170 already exists in main (slack_activity_index). Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: Use empty changeset for server-only changes Server implementation changes (webhooks, migrations) don't require a protocol version bump. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
* fix: Meeting scheduling timezone comparison bug When Claude provides a datetime like "2026-01-15T09:15:00" without timezone info, JavaScript's Date parses it as server local time (UTC). This caused Addie to incorrectly reject meeting times as "already passed" when users specified times in their local timezone. The fix compares times within the specified timezone context by: 1. Getting current time formatted in the target timezone 2. Comparing ISO strings directly (lexicographically sortable) This ensures "9:15 AM ET" is compared against "current time in ET", not UTC. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * chore: Add changeset for timezone fix --------- Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
* fix: Clarify start_time format - no Z suffix Claude was interpreting "11 AM ET" as "11 AM UTC" and adding Z suffix, causing meetings to be rejected. Updated schema description to explicitly tell Claude to NOT add Z or timezone offsets - the timezone parameter handles that. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: Remove CONCURRENTLY from migration 170 CREATE INDEX CONCURRENTLY cannot run inside a transaction block. Migrations run in transactions, so we need to use regular CREATE INDEX. The slack_user_mappings table is small enough that the brief lock is fine. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
The working_group_memberships.user_email field is often NULL because it's not always populated when members are added. Updated the query to join with the users table to get the actual email. This fixes calendar invites not being sent because attendeeCount was 0. Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
When creating Zoom meetings, toISOString() was adding a Z suffix which made Zoom interpret times as UTC instead of the specified timezone. Example: "11 AM ET" was scheduled for 11:00 UTC = 6:00 AM ET Fix: Strip the Z suffix so Zoom interprets the time using the timezone parameter (America/New_York). Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
* fix: Accept both UUID and Zoom meeting IDs in meeting tools - Show meeting ID in list_upcoming_meetings output so Claude can see it - Update get_meeting_details to try UUID first, then Zoom meeting ID - Update rsvp_to_meeting to try UUID first, then Zoom meeting ID - Update cancel_meeting to try UUID first, then Zoom meeting ID - Update add_meeting_attendee to try UUID first, then Zoom meeting ID This fixes the issue where Claude would try to use Zoom meeting IDs from meeting links but the tools only accepted our internal UUIDs. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: Strip Z suffix from Google Calendar dateTime to fix timezone Applied the same timezone fix to Google Calendar events that was applied to Zoom meetings in PR #779. The Z suffix was causing Google Calendar to interpret times as UTC, resulting in meetings showing 5 hours earlier than intended for ET. Renamed formatDateForZoom to formatDateWithoutZ since it's now used for both Zoom and Google Calendar. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
#781) - Rename "Research & Ideas" to "Perspectives" across the site - Fix perspectives article detail page routing (was redirecting to section) - Add "The Latest" section to homepage showing recent perspectives - Add 301 redirect from /latest/research to /latest/perspectives - Update Addie MCP tools with new section URLs Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
- Change per-item logs to debug level (planner decisions, outreach sends, goal reconciliations) - Make job summary logs conditional (only when there's activity) - Remove duplicate wrapper logs from scheduler.ts and http.ts - Convert console.log to logger.debug for MCP/A2A discovery - Make "Running job" and "Found candidates" logs debug level Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
* fix: Parse meeting times in specified timezone correctly Fixed timezone handling end-to-end: - Added parseDateInTimezone() to interpret input times in the target timezone - When Claude sends "2026-01-15T13:00:00" for "1 PM ET", we now create a Date representing 18:00 UTC (the correct moment for 1 PM ET) - Both display in Slack and API calls to Zoom/Calendar now show correct time - Removed formatDateWithoutZ() workaround since Date objects are now correct Before: "1 PM ET" → Date(13:00 UTC) → displayed as "8 AM ET", but Calendar showed 1 PM After: "1 PM ET" → Date(18:00 UTC) → displayed as "1 PM ET", Calendar shows 1 PM Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * feat: Add my_working_groups_only filter to list_upcoming_meetings Added a new parameter to the list_upcoming_meetings tool that filters meetings to only show those from working groups the user is a member of. This allows Addie to answer "what meetings are coming up for committees I'm in?" with a single tool call. Changes: - Added working_group_ids option to ListMeetingsOptions type - Updated listMeetings() to support filtering by multiple group IDs - Added my_working_groups_only parameter to list_upcoming_meetings tool Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * refactor: Rename my_working_groups_only to my_committees_only Use user-facing terminology - "committees" instead of "working groups". Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
Added invite_mode parameter to control who gets invited to meetings: - all_members (default): Invite everyone in the working group - topic_subscribers: Only invite members subscribed to the meeting's topics - none: Create meeting without invites (opt-in mode) This allows scheduling meetings where people can self-join rather than being automatically invited. Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
Addie's probe_adcp_agent was reporting MCP agents as "unreachable" because validateAgentCards only checked for A2A-style agent-card.json endpoints. MCP agents use streamable HTTP instead. Changes: - Refactored validateSingleAgentCard to try A2A first, then MCP as fallback - Added 5s timeout to MCP validation using Promise.race - Returns combined errors when both protocols fail - Added tests for MCP protocol support Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
- Add update_meeting tool to Addie for rescheduling/editing meetings - Fix meetings not displaying on committee detail pages - Add edit functionality to admin meetings page - Fix timezone handling when editing meetings in admin UI Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
- Fix channel activity query to use slack_ts instead of created_at - Remove aao-admin from exclusion list (was blocking indexing) - Add access control for private channels based on working group membership - Filter search results to only show channels user has access to - Only index private channels that have linked working groups - Add getAccessiblePrivateChannelIds for efficient membership lookup - Add getWorkingGroupIdsByUser for local membership queries This ensures users can only see search results from: 1. Public channels (accessible to all workspace members) 2. Private channels where they are a working group member Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
Add proactive reminders for members about incomplete setup tasks: - Dashboard alerts for missing logo, tagline, and pending join requests - Addie scheduled job to DM members about missing setup items - Addie home alerts for same items via Slack home tab Only targets paying members with active subscriptions. Rate limited to once per 7 days per nudge type per user. Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
Updates the Agentic Protocol Landscape perspectives content to include: - ARTF (Agentic RTB Framework) in IAB Tech Lab standards - Prebid.org section with key projects - Comparison table showing how standards relate at different layers - Links to ARTF spec and Prebid.org in Get Involved section Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
* feat: Add topic Slack channels for working groups - Working group topics can now have an optional Slack channel ID - New invite mode 'slack_channel' allows scheduling meetings for Slack channel members - Admin UI for managing topics with Slack channel linking - Addie can manage topics via manage_committee_topics tool - Added validation for slack_channel invite mode - Added error handling for channel member lookups Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: Rename migration to avoid version conflict Migration 173 already exists on main (173_setup_nudge_log.sql). Rename to 175 to resolve conflict. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
* feat: Add 'Agentic Advertising is for Allocation' perspective
Adds Brian O'Kelley's article as a link-type perspective with the
quote "OpenRTB is a protocol for day trading; AdCP is a protocol for
investing" from Benjamin Masse.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix: Handle URL-encoded interactive payloads in Addie /events endpoint
Slack sends interactive component payloads (button clicks, modal
submissions) as URL-encoded form data (payload={json}), not raw JSON.
The /events endpoint was only parsing JSON, causing "Unexpected token 'p'"
errors when interactive payloads arrived.
Now checks if body starts with "payload=" and decodes it appropriately.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* feat: Add logging for Addie tool errors
Previously, when tools returned error strings (like "Failed to create
content: ...") or threw exceptions, these weren't logged. Now we log:
- ERROR level: when tools throw exceptions
- WARN level: when tools return error-like results
This will help debug issues like the content submission failure.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix: Simplify propose_content tool schema
The tool schema had a confusing nested 'collection' object with type:
'personal' | 'committee'. This was misleading because:
1. There's no "personal" collection - migration 153 moved all personal
content to the 'editorial' working group
2. All content goes to a working group - the only question is which one
3. The 'personal' option was just syntactic sugar for 'editorial'
Changes:
- Replace nested collection object with simple committee_slug parameter
- Default to 'editorial' (site-wide Perspectives section) if not specified
- Maintain backward compatibility with legacy collection format
- Add validation for legacy format to prevent silent wrong-collection errors
- Update description to accurately describe the content system
The content system:
- 'editorial' committee = site-wide Perspectives section (accepts public submissions)
- Other committees = working groups, councils, chapters (may require membership)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
…) (#803) - Add 'publisher' to VALID_MEMBER_OFFERINGS to match MemberOffering type - Create centralized VALID_* constants for runtime validation to prevent type drift: - VALID_MEMBER_OFFERINGS, VALID_ORGANIZATION_ROLES, VALID_ASSIGNABLE_ROLES - VALID_LEGAL_DOCUMENT_TYPES, VALID_REVENUE_TIERS - Extract member profile routes from http.ts to routes/member-profiles.ts (~530 lines) - Add 'trialing' to subscription status types for trial user support - Fix slug validation to properly check reserved keywords Closes #796 Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
* docs: Clarify signal agents and decisioning platforms terminology Standardize terminology to use 'signal agent' (MCP servers) instead of 'signal platform'. Replace ambiguous 'injective platforms' with concrete examples (SSPs, ad servers). Add glossary entries for Decisioning Platform, Signal Agent, Sales Agent, and SSP. Update related definitions to reference decisioning platform consistently. * chore: Add empty changeset for docs-only changes
) - Add cross-feed URL deduplication to prevent same article from multiple feeds appearing as duplicates (e.g., same Adweek article from 5 feeds) - Add new RSS feeds for ChatGPT/OpenAI coverage: The Verge, Wired, VentureBeat, Ars Technica, CNBC Tech - Reduce quality 4 quiet period from 3 hours to 1 hour - Add test case for ’ HTML entity decoding Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
) * fix: Dedupe alerts by URL to prevent spam from existing duplicates The previous fix (1760aed) prevented new duplicate perspectives from being created, but existing duplicates still matched the alert query. This caused the same article to be posted multiple times. Now the alert query checks if ANY perspective with the same external_url has been alerted to a channel, not just the specific perspective_id. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: Reduce Addie noise with better deduplication and relevance filtering 1. Alert deduplication: Check external_url across ALL perspectives, not just the specific perspective_id. Prevents spam from cross-feed duplicates. 2. Content relevance: Tighten mentions_agentic detection to require BOTH agentic AI terms AND advertising context. Prevents general AI news (ChatGPT updates, etc.) from being flagged as relevant. 3. Performance: Add composite index on industry_alerts(channel_id, perspective_id) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
* fix: Correct AdminNav to AdminSidebar for 401 redirect handling
When users accessed admin pages while logged out, the API returned 401
but the JavaScript tried to call window.AdminNav.redirectToLogin() which
doesn't exist. The correct object is window.AdminSidebar.
This caused the catch block to show "Failed to load admin data" instead
of properly redirecting to the login page.
Fixed in 14 admin HTML files. Also removed dead code in admin-org-detail
that referenced AdminNav.user which never existed.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* feat: Add AdminSidebar.fetch() for shared 401 handling
Added a shared fetch wrapper that automatically handles 401 redirects,
so pages don't need to duplicate the 401 check. Usage:
// Before (repeated in every page):
const response = await fetch('/api/admin/...');
if (!response.ok) {
if (response.status === 401) {
window.AdminSidebar.redirectToLogin();
return;
}
throw new Error('...');
}
// After (401 handled automatically):
const response = await AdminSidebar.fetch('/api/admin/...');
if (!response.ok) {
throw new Error('...');
}
Updated admin.html as an example. Other pages can be migrated gradually.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
…812) The original migration 147 only set is_founding_member=TRUE for profiles that existed at migration time. Profiles created afterward were not automatically flagged, even though they joined before the April 2026 cutoff. Changes: - Update createProfile to set is_founding_member based on cutoff date - Add migration 180 to backfill existing profiles Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
- Fix Users section collapsed by default - removed collapsed class - Add role column to organization_memberships table (migration 181) - Update WorkOS webhooks to cache role from membership events - Add PUT /api/admin/accounts/:orgId/members/:userId/role endpoint - Include role in account detail API response - Add role dropdown UI (Member/Admin/Owner options) - Owner role shown but disabled (cannot be assigned via dropdown) The role update endpoint: - Validates role is assignable (admin or member only) - Verifies membership belongs to org via WorkOS API - Updates both WorkOS and local cache - Logs admin email and previous role for audit trail Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
The domain merge logic used INSERT with ON CONFLICT DO NOTHING, which silently skipped domains that already existed (for the secondary org being merged). The subsequent DELETE then removed those domains entirely, causing them to be lost. Changed to UPDATE which directly transfers domain ownership to the primary organization. Also fixed the collapsible "Linked Domains" section in admin account detail page - the h2 was wrapped in a flex container that broke the sibling relationship required by toggleSection(). Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
…query (#816) The /api/admin/organizations/:orgId/member-insights endpoint was returning a 500 error because the SQL query referenced mit.display_name, a column that doesn't exist in the member_insight_types table. The table only has a name column (as defined in migration 072_member_insights.sql). Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
- Add findStripeCustomerMismatches() to detect orgs with multiple Stripe customers - Add /api/admin/stripe-mismatches endpoint to list and resolve mismatches - Add Stripe customer conflict detection to merge preview and execution - Update admin-billing.html with mismatch resolution UI (keep DB/metadata, auto-resolve) - Update admin-data-cleanup.html, admin-prospects.html, admin-domain-health.html to show Stripe conflicts during merge previews - Update Addie merge_organizations tool to handle stripe_customer_resolution parameter - Add safety checks to prevent deletion of customers with activity - Add null check for customer activity before deletion Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
* docs: Add threat model and clarify security mitigations Addresses issue #177 by adding explicit threat model documentation and clarifying which mitigations address which threats. Key changes: - Add Threat Model section with categorized threats and mitigations - Add Domain Trust Assumption section explaining OAuth limitations - Clarify that OAuth doesn't protect against domain hijacking - Update high-risk operations to focus on actual controls (request signing, short-lived tokens, spending limits) rather than auth mechanism - Rewrite Bearer Token Risks with precise threat/mitigation mapping The key insight: authentication mechanism alone doesn't determine security level. A well-implemented bearer token system with request signing and spending limits is more secure than a long-lived OAuth token without those controls. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * chore: Add empty changeset Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
Co-authored-by: bokelley <134922+bokelley@users.noreply.github.com>
The sync workflow now extracts navigation groups from 2.6.x's docs.json, transforms paths by prepending "v2.6-rc/", and updates main's docs.json. This ensures new sections (like governance) automatically appear in v2.6-rc navigation without manual docs.json updates on main. Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
The view counts endpoint was showing different numbers than actual results because the count queries used different filtering logic than the results queries: - needs_attention: Count included all orgs with action items, but results only showed non-members OR members with expiring subscriptions - new_insights: Count used 7-day window, results used 30-day window - hot: Count required both engagement AND interest, results used OR Also removed a dead duplicate endpoint that was unreachable. Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
- Fix latency distribution chart not rendering (CSS height issue) - Add haiku tracking for background API calls (router, insight extraction) - Add channel breakdown columns (LLM time, tool time, iterations) - Fix precision model (Opus) not used in streaming API calls - Fix effective model not recorded when saving messages - Update precision model to claude-opus-4-5 Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
* feat: Tool-set based routing for Addie Replaces individual tool recommendations with category-based routing: - Router selects tool SETS (knowledge, member, directory, etc.) - Sonnet receives focused tools based on selected sets - Reduces context from ~4K to ~1-1.5K tokens per message - Includes always-available escape hatches (escalate_to_admin, etc.) - Adds unavailable sets hint so Sonnet can redirect if needed - Billing set triggers precision mode (Opus) Migration 183 adds backward-compatible view update. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * feat: Add AdCP protocol tools with proper MCP schemas Adds standard MCP tools that match the AdCP protocol specification: - Media Buy tools: get_products, create_media_buy, sync_creatives, etc. - Creative tools: build_creative, preview_creative - Signals tools: get_signals, activate_signal These tools expose the same functionality as call_adcp_agent but with proper schemas enabling skills to work correctly. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
#826) The auto-add domain users feature was only checking the first page of organization memberships from WorkOS (max 100). Organizations with more members would incorrectly show users as "available to add" when they were already members. Fixed by adding pagination loops that fetch all membership pages using listMetadata.after cursor, matching the pattern used elsewhere in the codebase. Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
Add ability to search/filter threads by: - Message content (text search) - User display name - Tool name used in conversation Backend changes: - Extend ThreadListFilters with search_text, tool_name, user_search - Update listThreads() to handle new filters with optional JOIN - Add getAvailableTools() method for tool dropdown - Add /api/admin/addie/threads/tools endpoint - Add input length validation on search params Frontend changes: - Add search row with text, user, and tool inputs - Add loading state to prevent concurrent requests - Wire up search params to API call Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
When clicking "Link to Org" for an organization in the "Organizations Without Verified Domains" section, the API was returning success but the org remained in the list. This happened because the domain existed in organization_domains with verified=false, and the endpoint returned early without checking the verified status. Now the endpoint checks if the existing domain is verified before returning early. If not verified, it continues to the verification logic which updates both WorkOS and the local DB. Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
The auto-add domain users backfill was showing users as "can be added" when they actually had pending invitations that hadn't been accepted yet. Root cause: WorkOS's listOrganizationMemberships only returns active memberships, not pending invitations. When trying to add these users, WorkOS returns error code "cannot_reactivate_pending_organization_membership". Changes: - Status endpoint now checks pending invitations and excludes those users - Backfill endpoint handles both "organization_membership_already_exists" and "cannot_reactivate_pending_organization_membership" as skip conditions - Fixed error code checking in organizations.ts endpoints (was checking error message strings instead of error codes) Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
- Add `debug` parameter to all 10 AdCP tool schemas for protocol-level visibility - Include debug_logs in tool output when debug mode enabled - Remove redundant `call_adcp_agent` tool (individual tools provide better validation) - Fix `probe_adcp_agent` messaging to clarify connectivity vs protocol compliance Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
Multiple MCP tool handlers were incorrectly parsing API responses,
expecting flat arrays/objects when APIs return wrapped responses:
- list_working_groups: Extract working_groups from wrapped response
- get_working_group: Extract working_group from { working_group, is_member }
- get_my_working_groups: Extract working_groups from wrapped response
- get_my_profile: Extract profile from { profile, organization_id, organization_name }
These fixes resolve errors that were appearing on the Addie performance
page for list_working_groups and related tools.
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
…mes (#832) - Add CODE_VERSION constant to track significant code logic changes - Include code_version in config hash so code changes create new versions - Add migration 184 to store code_version in addie_config_versions table - Show code version in admin dashboard version banner and history - Add 3-hour and 12-hour options to performance page time filters - Change performance metrics API to use hours internally for precision - Add input validation for days parameter Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
…833) Previously, web admin access was determined by the ADMIN_EMAILS environment variable, while Slack/Addie admin access was determined by membership in the aao-admin working group. This caused confusion when adding users to the AAO Administration working group - they'd get Addie admin access but not web admin. Changes: - Web admin access now checks aao-admin working group membership (primary) with ADMIN_EMAILS as a fallback for emergency access - Add cache invalidation when working group membership changes to ensure admin status updates take effect immediately (was cached for 30 min) Cache invalidation added to: - routes/committees.ts: admin add/remove, self-join, self-leave - slack/sync.ts: bulk sync and channel join sync - slack/events.ts: real-time Slack channel join - addie/mcp/admin-tools.ts: add/remove committee leaders via Addie Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
- Keep version 2.6.0 for package.json, package-lock.json, and schema index - Add comprehensive 2.6.0 changelog with all merged features: - Content Standards Protocol - Property Governance Protocol - Unified assets field - Typed extensions infrastructure - OpenAI Commerce integration - Privacy policy URL fields - creative_assignments refactor - Keep main's changes for v2.6-rc docs (source of truth) - Keep main's sync-versioned-docs.yml improvements
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
Rebase 2.6.x branch with the latest changes from main.
Resolved Conflicts
Upcoming Steps