Skip to content

feat: gist-to-repo identity shift with philosophy-first agent experience#21

Open
simonbc wants to merge 72 commits into
mainfrom
gist-to-repo
Open

feat: gist-to-repo identity shift with philosophy-first agent experience#21
simonbc wants to merge 72 commits into
mainfrom
gist-to-repo

Conversation

@simonbc

@simonbc simonbc commented Apr 13, 2026

Copy link
Copy Markdown
Contributor

Summary

Transforms Jottit from a markdown publisher into a capture-and-publish tool, with a focus on the developer agent experience.

Profile & Identity

  • Unified signin/signup flow (removed user_exists gate)
  • Profile setup flow with avatar upload, username selection
  • Redirect signed-in users to their profile
  • Empty-state profile with getting-started checklist
  • INDEX.md support for profile landing pages
  • Visibility badges and private/unlisted/listed/pinned states

Connect Agent Experience

  • Connect Agent settings page with copy-paste setup prompt
  • Philosophy-first agent-setup endpoint: teaches AI when to capture and how to write, not just API endpoints
  • MCP+OAuth integration for Claude Code
  • AGENTS special page support in conventions
  • API token management

Homepage & Landing

  • Below-fold sections: how it works, agent angle, bottom CTA
  • Landing page redesign with email signup form

Security Fixes

  • Block non-owner access to private page revision history (regression fix)
  • Rotate agent tokens on regeneration instead of creating duplicates

Test Coverage

Tests: 328 → 354 (+26 new). All pass.

Coverage audit: 7/7 code paths tested (100%) for the philosophy changes.

Pre-Landing Review

No issues found in the philosophy implementation (3 files, 73 lines).

Adversarial Review

Claude + Codex adversarial review found pre-existing branch issues:

  • [FIXED] Private revision history accessible to non-owners
  • [FIXED] Unbounded duplicate token creation on setup prompt
  • [NOTED] Rate limiter uses in-memory storage (per-process)
  • [NOTED] MCP defaults to unlisted vs API defaults to private (intentional: MCP is for anonymous/unclaimed pages)

TODOS

  • Created TODOS.md with follow-up: add philosophy/workflow guidance to MCP tool descriptions

Test plan

  • All pytest tests pass (354 tests, 0 failures)
  • New tests: agent-setup philosophy/workflow/conventions fields
  • Regression test: private page revision access blocked

🤖 Generated with Claude Code

simonbc added 30 commits April 13, 2026 10:34
@simonbc
Add private visibility, unified signup, and private-by-default pages
80c0abd
@simonbc
Add homepage repo story, INDEX.md profile, and visibility badges
7067449
@simonbc
Fix lint warning, update homepage copy to matter-of-fact tone
5b2a419
@simonbc
Remove unused index_page variable
92a19ee
@simonbc
Move logo to top-left header bar on homepage
b6d0dcb
@simonbc
Improve landing page design: centered layout, combined input+button, …
ad9ed81 
…better spacing
@simonbc
Use pill radius on signup form to match existing button style
7835140
@simonbc
Fix sign-in link positioning in homepage header
3598ca7
@simonbc
Green signup button, larger header logo
77b3821
@simonbc
Add underline to create-a-page link
91c02d6
@simonbc
Use arrow instead of underline for create-a-page link
4221b52
@simonbc
Add empty-state profile with getting-started checklist and MCP config…
c4f0da9 
… copy
@simonbc
Remove unused username variable in MCP config endpoint
8ec217a
@simonbc
Add server-side event logging for signup, signin, page creation, and …
4d0f462 
…MCP config
@simonbc
Improve verify and username pages: add logo, show email, add resend hint
fea9846
@simonbc
Move verify/setup logo to top-left corner
a49741c
@simonbc
Use landing page header on verify and username pages
4ac7eee
@simonbc
Remove max-width on homepage header for full-width layout
27ab2b2
@simonbc
Fix header on verify/setup pages: position absolute to span full width
739065d
@simonbc
Remove unused verify-logo CSS
a3b019e
@simonbc
Restore sidebar on empty profile, add links section, fix checklist co…
c1df125 
…ndition
@simonbc
Redesign empty profile: GitHub-style quickstart with code blocks
b9bd0fb
@simonbc
Replace floating profile header with integrated welcome on empty profile
69b2ae6
@simonbc
Remove links from sidebar, hide sidebar on empty profile
60a18a6
@simonbc
Use agent-agnostic language for MCP setup
f6799fa
@simonbc
Use curl install command for CLI setup
b8850fe
@simonbc
Add base URL to MCP config, remove API section from quickstart
1478540
@simonbc
Add darker background to site header
8c33052
@simonbc
Darken site header background
14a3f44
@simonbc
Tune site header to darker shade between bg and black
4553982
simonbc added 30 commits April 13, 2026 13:04
@simonbc
Fix avatar preview: use blob URL instead of data URL for CSP compatib…
6583d51 
…ility
@simonbc
Use createElement for avatar preview to avoid innerHTML CSP issues
98e5199
@simonbc
Allow blob: URLs in CSP img-src for avatar preview
6db935b
@simonbc
Redirect signed-in users from / to their profile
0a62240
@simonbc
Add Connect Agent settings page, sidebar CTA, fix MCP page styling
f44a7f9
@simonbc
Add edit profile hint in sidebar when bio/avatar missing
4b84649
@simonbc
Add Edit profile link to profile header
d0b5afa
@simonbc
Unify action-link styling, remove sidebar profile hint
e4ae902
@simonbc
Move edit profile to right side, align profile header with content width
0f2a070
@simonbc
Revert profile header width, remove About heading from sidebar, reord…
214a18d 
…er sections
@simonbc
Add bot icon next to Connect an agent link
b268b17
@simonbc
Fix sidebar link padding, move bot icon to AGENTS.md
9d5f5ad
@simonbc
Make AGENTS.md sidebar link smaller and muted to distinguish from pages
f8d5d54
@simonbc
Display AGENTS.md as sidebar metadata, not a page link
729a4e3
@simonbc
Increase spacing above AGENTS.md meta section
46a31be
@simonbc
Constrain profile header to content width so Edit profile aligns with…
f6b000e 
… timestamps
@simonbc
Move Edit profile inline next to username
d8cc222
@simonbc
Redesign Connect Agent page: step-based layout, no card wrapper
4d96dd5
@simonbc
Redesign Connect Agent page: Claude Code OAuth, Claude Desktop config…
463371b 
…, CLI sections
@simonbc
Redesign Connect Agent: API token first, platform shortcuts below
6890025
@simonbc
Simplify Connect Agent to copy-paste prompt, fix code block overflow
2fea470
@simonbc
Fix Connect Agent design: prose prompt in card, copy button, proper w…
bb0bcdb 
…rapping
@simonbc
Add /api/v1/agent-setup endpoint, simplify setup prompt to one fetch
61edeac
@simonbc
Remove unused username variable
16b83a8
@simonbc
Redesign Connect Agent page: use panel card, left-aligned, cleaner st…
8c28436 
…ructure
@simonbc
Add below-fold sections to landing page: how it works, agent angle, b…
52b85db 
…ottom CTA
@simonbc
Show landing page for all users, avatar in header when signed in
5ebbc72
@simonbc
fix: block private page revision access, rotate agent tokens
f2487d5 
Add check_page_visibility to view_revision endpoint to prevent
non-owners from accessing revision history of private pages.

Rotate mcp-default token on regeneration instead of creating
duplicates, preventing unbounded token accumulation.
@simonbc
docs: add TODOS.md with MCP tool descriptions follow-up
e47e347
@simonbc
fix: pass user_id to delete_api_token in setup prompt rotation
a93dccd
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@simonbc