feat: autonomous codex integration branch

[Asheze1127]

Summary

• continue autonomous integration work on dev-codex without touching dev
• fold the progress-checker service shape and the hack-evaluater multi-hackathon / role-aware direction into changeHack
• keep this PR as the cumulative summary of what has landed on the branch

Delivered on dev-codex

• reusable subagent orchestration plugin with repo-local role prompts, project context files, and portability guidance
• new apps/console control-plane separate from the legacy apps/web dashboard
• hackathon domain seam with hackathons, teams.hackathon_id, workspace-aware Slack channel mapping, and hackathon-filtered mentor board routes
• mentor question queue, question detail, progress overview, and team progress detail in apps/console
• question status update workflow from the web console
• lightweight role / scope login flow for console personas (platform_admin, tenant_admin, hackathon_organizer, mentor, sponsor)
• signed console session cookies and signed console -> API viewer headers
• API-side scope enforcement for console-driven question / progress / team / hackathon reads and question status mutation
• fail-closed Slack scope resolution so unresolved channel mappings no longer persist orphaned team_id = null question/progress rows
• stateful question follow-up handling with question_sessions, awaiting_user, missing-info persistence, and follow-up-only re-triage when the session is waiting for the user
• combined-product docs, env docs, setup docs, README, and cycle plan updates to match the current architecture

Current shape of the product

• apps/web: legacy read-only dashboard remains intact
• apps/console: new multi-hackathon control-plane and the main surface for ongoing integration work
• apps/api: now exposes mentor operational APIs plus a minimal trusted viewer auth seam for console-originated access
• apps/worker: now resolves Slack channel scope safely and keeps AI question follow-ups stateful instead of stateless

Remaining major gaps

• real identity / membership / role bindings instead of the current dev-oriented role picker
• tenant / sponsor visibility model and sponsor-safe data surfaces
• Slack discussion -> Issue queue / Issue Worker / GitHub Issue creation flow
• richer operator remediation around Slack channel mapping failures

Verification run on the current branch

• cd changeHack/apps/api && go build ./...
• cd changeHack/apps/api && go test ./...
• cd changeHack/apps/worker && pnpm lint && pnpm typecheck && pnpm build
• cd changeHack && pnpm --filter @hackhub/console typecheck
• cd changeHack && pnpm --filter @hackhub/console lint
• cd changeHack && pnpm --filter @hackhub/console build
• git -C changeHack diff --check

Branch rule

• dev-codex is the active integration branch
• dev stays untouched until this branch is reviewed and intentionally merged
• additional autonomous cycles can continue landing here, with PR comments used as incremental checkpoints

[Asheze1127]

Overnight cycle update 1 landed on dev-codex.

Added in this slice:

• mentor question detail page at apps/console/app/mentor/questions/[questionId]
• PATCH /api/questions/:id/status for minimal web-side mentor status changes
• console queue now links to detail instead of dropping to raw API JSON
• question detail screen now renders persisted body / error / tried / triage payload and supports in_progress / resolved / escalated / closed
• make lint is now usable end-to-end because apps/worker has a working ESLint setup
• setup docs and README now mention apps/console and make dev-console

Verification for this slice:

• cd changeHack && make lint
• cd changeHack && make build
• cd changeHack/apps/api && go test ./...
• cd changeHack && pnpm --filter @hackhub/console typecheck

Next target: role/scope session shell and protected console routing on top of the new mentor workflow.

[Asheze1127]

Cycle update on dev-codex after 9856217 feat: add console role scope session shell.

Added a lightweight role/scope session shell to apps/console so the new control-plane now has an actual protected route boundary instead of only placeholder role pages.

What changed:

• Added /login -> /auth/login -> session cookie flow for platform_admin, tenant_admin, hackathon_organizer, mentor, and sponsor.
• Added /auth/logout, /forbidden, and a root proxy.ts guard for protected routes.
• Active session now drives header/nav state and landing-route selection in apps/console.
• Mentor queue, progress pages, team detail, and question detail now resolve the active hackathon from session scope instead of trusting arbitrary query params.
• GET /api/questions/:id and PATCH /api/questions/:id/status now reject out-of-scope access via optional hackathon_id.
• Hardened the console auth shell by validating roles, allowing only local redirect targets, and setting cookies with secure in production.
• Synced docs and local setup guidance so console usage starts from http://localhost:3001/login.

Verification run:

• cd changeHack/apps/api && go test ./...
• cd changeHack/apps/worker && pnpm lint && pnpm typecheck
• cd changeHack && pnpm --filter @hackhub/console typecheck
• cd changeHack && pnpm --filter @hackhub/console lint
• cd changeHack && pnpm --filter @hackhub/console build
• cd changeHack && git diff --check

Remaining gap after this slice: this is still a lightweight session shell, not real membership/authz. The next high-value step is tenant/sponsor visibility + backend authorization seams, or hardening Slack write-path scoping where team resolution is still partial.

[Asheze1127]

Cycle update on dev-codex after 2ce3eca feat: enforce console viewer scope in api.

This slice turns the console role/scope shell into a real backend seam instead of only a UI guard.

What changed:

• Console session cookies are now signed, so route guards no longer trust raw JSON cookies.
• Added signed viewer headers from apps/console to apps/api for server-side data fetches.
• Added a console-side proxy route for question status updates so client actions also go through the signed viewer context.
• Added apps/api/internal/authz with signature verification, role checks, and hackathon scope resolution.
• /api/questions, /api/questions/:id, /api/questions/:id/status, /api/progress, and /api/teams now enforce viewer scope when trusted console headers are present.
• Raw mentor operational endpoints are denied to sponsor viewers; question status mutation now requires a trusted viewer role.
• /api/hackathons now collapses to the viewer's active hackathon when the viewer is hackathon-bound.
• Added Go unit tests for the new authz helper and synced env/docs for HACKHUB_INTERNAL_AUTH_SECRET and CONSOLE_SESSION_SECRET.

Verification run:

• cd changeHack/apps/api && go test ./...
• cd changeHack && pnpm --filter @hackhub/console typecheck
• cd changeHack && pnpm --filter @hackhub/console lint
• cd changeHack && pnpm --filter @hackhub/console build
• cd changeHack/apps/worker && pnpm lint && pnpm typecheck
• cd changeHack && git diff --check

Important remaining limitation:

• This is still a dev-oriented principal model, not full identity/membership auth. The viewer is now server-issued and signed, but users can still choose a role/hackathon at login. The next highest-value slice is either real membership/role bindings or progress-checker-style question_sessions to make AI follow-up handling stateful instead of stateless.

[Asheze1127]

Cycle update on dev-codex after bb5f62e fix: fail closed on unresolved slack scope.

This slice closes the biggest remaining data-integrity gap after the new scoped console/API path: Slack writes no longer persist orphaned question/progress rows when team/hackathon scope cannot be resolved.

What changed:

• resolveTeamScopeBySlackChannel now distinguishes resolved, not_found, and ambiguous channel mappings instead of silently picking a null/partial result.
• Question and progress workers now stop before persistence when channel/workspace mapping does not resolve to exactly one team.
• Added shared scope-resolution notification logic so the source channel gets a clear remediation message and the mentor/operator channel gets an alert for mapping fixes.
• Updated gap-analysis / cycle docs to reflect that unresolved scope is now fail-closed and that the next follow-up candidate is question_sessions.

Verification run:

• cd changeHack/apps/worker && pnpm lint && pnpm typecheck && pnpm build
• cd changeHack/apps/api && go test ./...
• cd changeHack && pnpm --filter @hackhub/console typecheck
• cd changeHack && git diff --check

Why this slice matters:

• The console/API scope model added in the previous commit only stays correct if writes also land inside a real team/hackathon boundary.
• This change removes the team_id = null path for new Slack submissions and turns mapping problems into explicit operational work instead of hidden bad data.

[Asheze1127]

Cycle update on dev-codex after 31dbfc7 feat: add stateful question followups.

This slice closes a major progress-checker gap: question follow-up handling is no longer stateless.

What changed:

• Added DB migration 008_create_question_sessions.sql.
• Added worker-side question_sessions persistence with awaiting_user / answered / resolved / escalated states.
• New questions now move to in_progress when the AI reply asks for more information, and the requested missing_info list is stored in the session.
• Socket Mode follow-up ingestion now only re-enqueues thread replies when the question session is actually awaiting_user.
• Follow-up re-triage now combines the original question context, the previously requested missing info, and the new user reply before re-running AI triage.
• User and bot follow-up messages are now written to question_followups so the thread history is no longer purely implicit.
• Docs now reflect that stateful follow-up handling is implemented and that the next major area is tenant/sponsor visibility plus the later Issue flow.

Verification run:

• cd changeHack/apps/worker && pnpm lint && pnpm typecheck && pnpm build
• cd changeHack/apps/api && go test ./...
• cd changeHack && pnpm --filter @hackhub/console typecheck
• cd changeHack && git diff --check

Net effect:

• The AI can now explicitly wait for missing facts, recognize the next user reply as a continuation of that session, and re-answer with preserved context instead of treating every thread reply as a fresh stateless prompt.

[Asheze1127]

Update on dev-codex after commit 9aecaf6 (feat: unify console tracks and add dark mode).

This slice reframes the branch around the combined product instead of a mentor-only console.

Added / changed:

• apps/console overview now presents both tracks explicitly: support hub and showcase / talent.
• Added role shells and navigation for Judge and Hacker.
• Added dark mode to the console with a persisted theme toggle.
• Updated existing mentor routes to use theme-aware colors so dark mode works across queue / detail / progress pages too.
• Expanded console session roles and API trusted-viewer role parsing to include judge and hacker.
• Added API tests covering the new viewer roles.
• Updated README, main specification, product definition, setup docs, Makefile help, and CLAUDE.md so docs now describe the combined support-hub + presentation / portfolio / scout direction.
• Added make dev-control-plane as the preferred alias for the console app while keeping make dev-console for compatibility.

Verification run:

• cd apps/api && go test ./...
• pnpm --filter @hackhub/console typecheck
• pnpm --filter @hackhub/console lint
• pnpm --filter @hackhub/console build
• git diff --check

Next cycle can move from shell surfaces into real feature flows: GitHub presentation digest, portfolio aggregation/export, and sponsor scout data paths.

[Asheze1127]

Latest slice on dev-codex:

• Reframed apps/console as the combined HackHub control-plane, not mentor-only. The overview and role shells now explicitly cover both tracks:
  • support hub: question triage / progress / mentor + organizer ops
  • showcase / talent: judge GitHub digest / hacker portfolio / sponsor scout
• Added dark mode support across the console, including a persisted theme toggle and variable-based styling for the mentor routes.
• Added Judge and Hacker routes plus session-schema / API viewer support for those roles.
• Updated docs and dev surfaces to match the new direction:
  • README.md
  • docs/specification.md
  • docs/detail/01_product-definition.md
  • docs/setup/*.md
  • CLAUDE.md
  • Makefile now recommends make dev-control-plane and keeps make dev-console as a legacy alias.
• Added API tests for the new viewer roles.

Verification run for this slice:

• cd changeHack/apps/api && go test ./...
• cd changeHack && pnpm --filter @hackhub/console typecheck
• cd changeHack && pnpm --filter @hackhub/console lint
• cd changeHack && pnpm --filter @hackhub/console build
• git -C changeHack diff --check

Current branch tip:

• 9aecaf6 feat: unify console tracks and add dark mode

[Asheze1127]

b264172 feat: add console auth onboarding and scout flow を dev-codex に push しました。

今回の slice で追加・整理した内容:

• apps/console にローカル認証の最小導線を追加
  • /login
  • /signup
  • /switch-context
  • signed cookie session
• users / user_role_bindings / hackathon_memberships / sponsor_visible_hackathons / scouts を作る 009_create_console_auth.sql を追加
• Sponsor / Hacker の最小 scout onboarding を追加
  • Sponsor は可視ハッカソン内の参加者にスカウト送信
  • Hacker は受信可否を切替えて受信履歴を確認
• Slack 導入案内画面 /slack/install を追加
• mentor / sponsor / hacker / judge / organizer / platform / tenant を含む console の visible copy を日本語に寄せ、質問・進捗 UI の状態ラベルも日本語化
• 旧 /api/scouts route を削除し、/scouts/create に一本化
• README / Makefile に dev-control-plane の確認導線と /signup 起点のローカル確認手順を追記

確認済み:

• cd apps/api && go test ./...
• pnpm --filter @hackhub/console typecheck
• pnpm --filter @hackhub/console lint
• pnpm --filter @hackhub/console build
• git diff --check

次に進める対象:

• progress-checker 側の残差分を apps/console / API に寄せる
• login 後の招待フローや Slack OAuth callback など onboarding の未実装部分を詰める
• Judge digest / portfolio export / scout の本実装を shell から実体化する

[Asheze1127]

dev-codex に auth/onboarding slice を追加して push しました。今回の更新は主に b264172 と 41d2b5b です。

今回入ったもの:

• apps/console にローカル認証の流れを追加
• /signup でアカウント作成 + 初期ロール付与
• /login でログイン、複数ロール時は /switch-context で切替
• /slack/install で Slack 導入案内と OAuth 開始導線
• users / user_role_bindings / hackathon_memberships / sponsor_visible_hackathons / scouts を作る 009_create_console_auth.sql
• sponsor 画面で可視範囲内参加者へのスカウト送信と送信履歴
• hacker 画面で参加履歴確認、スカウト受信 ON/OFF、受信履歴
• proxy / signed session を使った protected route 制御
• mentor / organizer / judge / sponsor / hacker / platform / tenant を含む console copy の日本語化
• README / Makefile に /signup と dev-control-plane 前提の起動導線を追記

検証済み:

• go test ./... in apps/api
• pnpm --filter @hackhub/console typecheck
• pnpm --filter @hackhub/console lint
• pnpm --filter @hackhub/console build
• git diff --check

現時点で dev-codex にある大きい機能:

• support hub 側: hackathon scope 付き mentor 質問/進捗画面、stateful follow-up、fail-close scope resolution
• showcase/talent 側: judge/hacker/sponsor shell、dark mode、console auth/onboarding、最小 scout onboarding

次の cycle で進める候補:

• Slack install の callback / workspace 永続化
• 招待ベースのアカウント作成と binding 付与
• judge digest の実データフロー
• portfolio export の実データフロー
• progress-checker 側の未回収機能の続き

[Asheze1127]

Auth / onboarding / scout の slice を dev-codex に積みました。最新は 41d2b5b です。

今回追加・整理した内容:

• apps/api/db/migrations/009_create_console_auth.sql を追加し、users / user_role_bindings / hackathon_memberships / sponsor_visible_hackathons / scouts を導入
• apps/console にローカル認証を追加
  • /signup でアカウント作成 + 初期ロール割り当て
  • /login で認証
  • /switch-context で複数ロール切替
  • signed cookie session を userId/email/displayName/bindingId/role/hackathonId へ拡張
• /slack/install を Slack 導入案内画面として追加し、manifest と OAuth URL を表示
• Sponsor / Hacker 導線を最小実装
  • Sponsor: 可視ハッカソン内の参加者候補一覧、スカウト送信、送信履歴
  • Hacker: 参加履歴、スカウト受信可否切替、受信履歴
  • /scouts/create と /hacker/preferences/scout を追加
  • 旧 /api/scouts の二重 route は削除
• console 全体の visible copy を日本語に寄せ、mentor / judge / organizer / platform / tenant / sponsor / hacker / forbidden / home を整理
• README / Makefile を更新し、ローカル確認の入口を /signup / /login / /slack/install に明記

検証:

• cd apps/api && go test ./...
• pnpm --filter @hackhub/console typecheck
• pnpm --filter @hackhub/console lint
• pnpm --filter @hackhub/console build
• git diff --check

次の cycle は、この auth/onboarding 基盤の上で残りの progress-checker 不足分と、Judge digest / portfolio 実体化へ進めます.

[Asheze1127]

2ac88c0 feat: add organizer setup for teams and hackathons を dev-codex に push しました。

今回の cycle で追加した内容:

• API に運用設定用の書き込み口を追加
  • POST /api/hackathons
  • POST /api/teams
  • PATCH /api/teams/:id
• viewer authz に hackathon 管理 / team 管理の権限判定を追加
• apps/console の tenant を shell から実画面に変更
  • ハッカソン作成フォーム
  • 登録済みハッカソン一覧
• apps/console の organizer を shell から実画面に変更
  • team 作成フォーム
  • Slack channel ID / workspace ID / tech stack / phase / SOS を設定する更新フォーム
• これで、ローカル確認時に DB 直打ちせず team / hackathon / Slack channel mapping を Web から設定できます
• 古い team-admin-store と重複 route は削除

確認済み:

• cd apps/api && make sqlc
• cd apps/api && go test ./...
• pnpm --filter @hackhub/console typecheck
• pnpm --filter @hackhub/console lint
• pnpm --filter @hackhub/console build
• git diff --check

これで、前回あなたが踏んだ
「このチャンネルは team / hackathon scope にまだ紐付いていない」
に対して、/tenant と /organizer から UI で設定を進められる状態になりました。

[Asheze1127]

追加の slice を dev-codex に push しました。対象 commit は 2ac88c0 と d9f4e7b です。

今回入ったもの:

• organizer 向けに team / hackathon / Slack channel mapping を扱う setup 導線
• GET /api/hackathons, POST /api/hackathons, POST /api/teams, PATCH /api/teams/:id を console から使う control-plane 経路
• apps/console/app/organizer からチーム追加・既存チーム更新・Slack channel/workspace ID 更新
• apps/console/app/tenant/hackathons/create からハッカソン追加
• viewer authz に CanManageTeams / CanManageHackathons を反映

これで、以前のように DB へ直接 INSERT しなくても、organizer/tenant 導線から Slack mapping を設定できる状態になりました。

今回の確認:

• go test ./... in apps/api
• pnpm --filter @hackhub/console typecheck
• pnpm --filter @hackhub/console lint
• pnpm --filter @hackhub/console build
• git diff --check

次の cycle 候補:

• Slack install callback と workspace 永続化
• 招待ベースのアカウント作成 / role binding 付与
• judge digest 実体化
• portfolio export 実体化

[Asheze1127]

追加の slice です。

• /slack/install を shell から実体化し、署名付き state 付きの OAuth 開始 URLを生成するようにしました。
• /slack/oauth/callback を追加し、Slack OAuth code exchange 後に workspace metadata を slack_installations へ保存するようにしました。
• install 画面に導入済み workspace 一覧を追加し、scope / bot user / installed by を確認できるようにしました。
• .env.example と setup docs に SLACK_CLIENT_SECRET / SLACK_REDIRECT_URI を反映しました。

検証:

• pnpm --filter @hackhub/console typecheck
• pnpm --filter @hackhub/console lint
• pnpm --filter @hackhub/console build
• git diff --check

この push の commit:

• b6fa2e8 feat: add slack oauth installation tracking

[Asheze1127]

追加の slice です。

• /platform から sponsor binding ごとの visible hackathon を追加できるようにしました。
• platform 画面のユーザー一覧で、sponsor role が持っている visible hackathons も確認できるようにしました。
• /hacker に同じハッカソンの judge digest 一覧を出し、1 クリックで portfolio 下書きへ取り込めるようにしました。
• digest 取り込み時は、発表用要約・技術的な見どころ・審査で確認したい点を section として portfolio 下書きへマージします。

検証:

• pnpm --filter @hackhub/console typecheck
• pnpm --filter @hackhub/console lint
• pnpm --filter @hackhub/console build
• cd apps/api && go test ./...
• git diff --check

この push の commit:

• 0258130 feat: connect sponsor visibility and portfolio digests

[Asheze1127]

追加の slice です。

• judge digest が README / 主要コード / commit message だけでなく、最近の diff 抜粋も AI に渡すようになりました。
• UI 文言も 公開 repo 限定 から外し、GITHUB_TOKEN があれば private repo でも使える前提に寄せました。
• .env.example と env/setup docs に GITHUB_TOKEN を追記しました。

検証:

• pnpm --filter @hackhub/console typecheck
• pnpm --filter @hackhub/console lint
• pnpm --filter @hackhub/console build
• git diff --check

この push の commit:

• 49d6afd feat: expand judge digest github context

[Asheze1127]

追加 slice を dev-codex に push しました。HEAD は edbeaa3 (feat: resolve slack bot tokens per workspace) です。

今回入れた内容:

• Slack OAuth callback で取得した access_token を slack_installations.bot_access_token_ciphertext に暗号化保存
• apps/console に runtime token 保存状態の表示を追加
• apps/api に workspace-aware token resolver を追加し、slash command modal open / mentor reply / resolved / not-resolved の Slack Web API 呼び出しを workspace ごとの bot token で解決
• apps/worker に workspace-aware token resolver を追加し、question / progress / scope failure 通知 / thread reply / mentor escalation の Slack 投稿を workspace ごとの bot token で解決
• question_id -> teams.slack_workspace_id lookup を追加して follow-up reply も単一 SLACK_BOT_TOKEN 固定に依存しないように修正
• SLACK_INSTALLATION_ENCRYPTION_SECRET を env/docs に追加

確認済み:

• cd apps/api && go test ./...
• cd apps/worker && pnpm typecheck
• cd apps/worker && pnpm lint
• cd apps/worker && pnpm build
• pnpm --filter @hackhub/console typecheck
• pnpm --filter @hackhub/console lint
• pnpm --filter @hackhub/console build
• git diff --check

これで Slack install は「記録だけ」ではなく、保存済み workspace token を API/worker runtime で使う段階まで入りました。SLACK_APP_TOKEN は引き続き Socket Mode 用の env token を使います。

[Asheze1127]

env / Makefile 整備の追加入れました。HEAD は 128b86c (chore: align env defaults and make test) です。

今回の修正:

• make test が壊れていたので、apps/api の go test に加えて apps/worker / apps/console の typecheck を回す形に修正
• Makefile の help 文言も実態に合わせて 利用可能なテスト / 型検査 に更新
• .env.example の NEXTAUTH_URL を現行 control-plane の http://localhost:3001 に修正
• docs/detail/07_env-vars.md の NEXTAUTH_URL も 3001 に揃えた
• ローカル .env には未定義だった SLACK_REDIRECT_URI / SLACK_INSTALLATION_ENCRYPTION_SECRET / HACKHUB_INTERNAL_AUTH_SECRET / CONSOLE_SESSION_SECRET を追記し、NEXTAUTH_URL を 3001 に更新（.env は ignore のため PR 差分には含めていません）

確認済み:

• cd changeHack && make test
• git -C changeHack diff --check

[Asheze1127]

participant GitHub OAuth の slice を dev-codex に push しました。HEAD は 908cb82 (feat: add participant github oauth for digests) です。

今回の変更:

• github_connections migration を追加し、participant ごとの GitHub access token を暗号化保存する土台を追加
• Hacker 画面に GitHub 連携 UI を追加
  • /hacker/github/connect
  • /github/oauth/callback
  • /hacker/github/disconnect
• judge digest は .env の共通 GITHUB_TOKEN を主経路にせず、同一 hackathon 内で participant が /hacker に保存した repository_url と一致する repo について、その participant の GitHub OAuth token を優先利用するよう変更
• GITHUB_TOKEN は運営 fallback / public repo rate limit 緩和の補助に格下げ
• portfolio 保存時に GitHub repo URL を正規化し、judge 側の repo URL と一致しやすく修正
• README / local setup / env docs を participant GitHub 連携前提に更新

確認済み:

• pnpm --filter @hackhub/console typecheck
• pnpm --filter @hackhub/console lint
• pnpm --filter @hackhub/console build
• git diff --check

この slice で、private repo 読取の本線は「participant が GitHub OAuth 連携し、自分の hacker portfolio に repo URL を保存する」形に切り替わりました。

[Asheze1127]

signup 導線の後方互換 fix を追加しました。HEAD は 10a2992 (fix: keep signup working before github migration) です。

内容:

• github_connections migration が未適用でも findGitHubConnectionForUser / resolveGitHubAccessTokenForRepository が 42P01 を飲んで null fallback するよう修正
• これにより、signup 後に /hacker へ redirect した際、GitHub 連携テーブル未作成が原因で画面全体が落ちる状態を防止

確認:

• pnpm --filter @hackhub/console typecheck
• pnpm --filter @hackhub/console build
• git diff --check
• curl -X POST http://localhost:3001/auth/signup ... で 307 redirect と session cookie を再確認

[Asheze1127]

追加対応です。AI 一次回答の直後に answered / escalated へ遷移していた挙動を止め、ユーザー確認式に切り替えました。

変更点:

• AI 一次回答後の questions.status は in_progress のまま維持
• question_sessions.status に awaiting_confirmation を追加
• Slack の一次回答ブロックを 解決しましたか？ / はい / いいえ に変更
• はい 押下時のみ questions と question_sessions を resolved へ更新
• いいえ 押下時のみ questions と question_sessions を escalated へ更新し、mentor channel へ SOS を投稿
• 追加情報が必要なケースは従来どおり awaiting_user で follow-up を待機
• onQuestionResolved / onQuestionNotResolved の回帰テストを追加

確認済み:

• cd apps/api && go test ./...
• cd apps/worker && pnpm lint && pnpm typecheck && pnpm build
• git diff --check

commit: 413db81 fix: require user confirmation for ai question answers

[Asheze1127]

追加で Slack UX を修正しました。

変更点:

• AI の一次回答は質問者をメンションして返答
• mentor channel の通知は modal 返信ではなく、この質問に回答する ボタンで元スレッドへ直接遷移
• mentor channel の設定場所が UI ではなく .env の SLACK_MENTOR_CHANNEL_ID であることを setup docs に明記

確認済み:

• cd apps/api && go test ./...
• cd apps/worker && pnpm lint && pnpm typecheck && pnpm build
• git diff --check

commit: 05c99d1 fix: improve mentor escalation ux

[Asheze1127]

追加修正です。AI 一次返答で missing_info が出るケースでも確認ボタンを消していたので、分岐を外しました。

変更点:

• AI の一次返答の下に わかりましたか？ / はい / いいえ を常時表示
• missing_info があるケースでもユーザーがその場で はい / いいえ を選べるように変更

確認済み:

• cd apps/worker && pnpm lint && pnpm typecheck && pnpm build
• git diff --check

commit: e67836d fix: always show ai answer confirmation buttons

[Asheze1127]

triage の malformed JSON 対応を追加しました。

変更点:

• provider error message 内の Text: ... から raw JSON-like payload を抽出
• category / confidence / needs_more_info / missing_info / short_answer_for_user など主要 key を regex と配列抽出で salvage
• salvage できた場合は safety fallback ではなく部分復旧した triage 結果を採用
• prompt に JSON オブジェクトのみ / URL 群や schema 外キー禁止 を追記
• worker に pnpm test を追加し、malformed JSON 再現ケースのテストを追加

確認済み:

• cd apps/worker && pnpm test
• cd apps/worker && pnpm lint && pnpm typecheck && pnpm build
• git diff --check

commit: 295e462 fix: salvage malformed triage json

[Asheze1127]

make dev-worker の重複起動対策を入れました。

変更点:

• scripts/dev-worker.sh を追加
• 起動前に pidfile と既存 ts-node src/index.ts を掃除
• make dev-worker は新ラッパー経由で起動
• local setup docs に「既存 worker は自動停止」と追記

確認:

• zsh -n scripts/dev-worker.sh
• make dev-worker で起動確認
• ps -ef | rg "apps/worker|ts-node src/index.ts" で worker 1 本を確認

commit: b0405ce chore: prevent duplicate dev worker processes

[Asheze1127]

Bonsai の structured output をやめました。

変更点:

• Bonsai は generateObject / JSON mode を使わず、普通の自然文回答を返す方式に変更
• backend 側で category / confidence / needs_more_info / missing_info を補完して QuestionTriageResult に包む
• 概念説明・比較質問は基本 needs_more_info = false
• bug / env_setup 系だけ具体的な missing_info を backend で補完
• structured fallback 側は残しつつ、Type validation failed: Value: ... からも salvage できるように継続強化
• triage test を追加して概念質問・bug 質問・Value marker の再現ケースを固定

確認済み:

• cd apps/worker && pnpm test
• cd apps/worker && pnpm lint && pnpm typecheck && pnpm build
• git diff --check

commit: 41e53d1 refactor: wrap bonsai text answers into triage results

[Asheze1127]

triage 用に KIT AI provider を追加しました。

変更点:

• KIT_AI_URL, KIT_AI_PW, KIT_AI_MODEL, KIT_AI_VERIFY_TLS を追加
• KIT_AI_* が設定されていれば worker は最優先で https://.../api/generate 形式の streaming endpoint を利用
• Authorization ヘッダには KIT_AI_PW をそのまま設定
• NDJSON の response chunk を結合し、HTML entity / <br> を正規化
• self-signed 証明書向けに KIT_AI_VERIFY_TLS=false をサポート
• KIT_AI_* が未設定なら従来どおり Bonsai/Ollama -> OpenAI -> Anthropic の順で fallback
• .env.example, env docs, local setup を更新
• .tmp/ を gitignore に追加

確認済み:

• cd apps/worker && pnpm test
• cd apps/worker && pnpm lint && pnpm typecheck && pnpm build
• git diff --check

commit: 2f3772b feat: add kit ai provider for triage

[Asheze1127]

確認ボタンの冪等性を修正しました。

変更点:

• question_resolved / question_not_resolved は、questions.status がまだ未確定のときだけ状態遷移するよう変更
• すでに resolved または escalated の質問に対する二回目以降のボタン押下は no-op
• いいえ の多重押下で mentor channel に同じ質問が何度も飛ぶ問題を解消
• 回帰テストを追加し、duplicate escalation で Slack 投稿 0 件を確認

確認済み:

• cd apps/api && go test ./...
• git diff --check

commit: 5ef4177 fix: make question action buttons idempotent