Commit graph

7168 commits

Author SHA1 Message Date
CREDO23
a5fc8c2b7d docs(revamp): add Access domain (chat/REST/MCP doors) 2026-06-30 23:35:42 +02:00
CREDO23
297a53efa6 docs(revamp): add Capabilities domain (typed verbs) 2026-06-30 23:35:11 +02:00
CREDO23
10801058c5 docs(revamp): add CI pivot overview & domain map 2026-06-30 23:35:05 +02:00
DESKTOP-RTLN3BA\$punk
15fd0b08d6 feat: completed init mvp of phase 3 2026-06-30 03:02:40 -07:00
DESKTOP-RTLN3BA\$punk
bdacea8b6e feat(crawler): captcha solving + per-attempt billing (Phase 3d)
Wire captchatools as the StealthyFetcher-tier page_action to detect, harvest
(egressing from the crawl's own proxy IP), inject, and submit reCAPTCHA v2/v3
and hCaptcha tokens. Opt-in and off by default (zero attempts, zero cost).

Licensing split:
- Apache-2 app/utils/captcha/ holds the generic, vendor-agnostic config
  (CaptchaConfig + captcha_enabled() = flag AND key present).
- Proprietary app/proprietary/web_crawler/captcha.py holds the bypass logic
  (detect/harvest/inject) plus a process-wide solver latch that halts solving
  on unrecoverable errors (no balance / bad key).

Crawler: CrawlOutcome gains captcha_attempts/captcha_solved, surfaced via a
per-call captcha_state dict threaded crawl_url -> _crawl_with_stealthy(_sync)
and stamped onto every stealth terminal outcome. The stealth tier captures the
proxy once and reuses it for both the fetch and the solver (IP-coherence).

Billing: WebCrawlCreditService gains captcha_billing_enabled,
captcha_solves_to_micros, charge_captcha, and a generic check_balance, sharing
a single _apply_debit path. The indexer accumulates attempts (even on failed
crawls), runs a combined crawl+captcha pre-flight, and posts a per-attempt
owner charge as usage_type="web_crawl_captcha". The captcha worst-case is only
reserved when solving is actually enabled, so a solving-off deployment is never
blocked for captcha that can never run. Both chat scrape tools fold attempts
into the current turn before the success/fail branch.

Fully config-driven prices; no migration. New unit tests cover the config,
factory (detection/latch/timeout/cap), credit service, indexer wiring, and the
chat fold.

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-06-29 22:58:21 -07:00
DESKTOP-RTLN3BA\$punk
aad366ba13 chore: sync plans (03c@17bdb0682 implemented)
Co-authored-by: Cursor <cursoragent@cursor.com>
2026-06-29 21:41:26 -07:00
DESKTOP-RTLN3BA\$punk
17bdb06825 feat(03c): bill credits per successful web crawl
Add a config-driven crawl meter (1 USD / 1000 successes by default, retunable
via WEB_CRAWL_MICROS_PER_SUCCESS) mirroring EtlCreditService:

- WebCrawlCreditService (gate -> pre-check -> post-charge) on the unified wallet
- webcrawler indexer: pre-flight credit block + post-charge of the workspace
  owner per success, with a web_crawl TokenUsage audit row
- chat scrape_webpage (main + research): fold each successful scrape into the
  active turn's token accumulator so it settles with the chat turn
- WEB_CRAWL_CREDIT_BILLING_ENABLED / WEB_CRAWL_MICROS_PER_SUCCESS config + env
- unit tests (service) + integration tests (indexer wiring)
- scripts/e2e_phase3_crawl_billing.py: manual functional e2e (3a/3b/3c)

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-06-29 21:40:53 -07:00
DESKTOP-RTLN3BA\$punk
a517eb7d2d chore: sync plans (03a@5c36cd3, 03b@6226012 implemented)
Mark 03a/03b status banners with their commit SHAs in the subplans and umbrella plan.

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-06-29 21:04:17 -07:00
DESKTOP-RTLN3BA\$punk
62260125f7 feat(03b): add BYO custom proxy provider + bounded crawler rotation-retry
Add CustomProxyProvider (single endpoint or rotating pool via Scrapling ProxyRotator), registered as 'custom' alongside anonymous_proxies and selectable via PROXY_PROVIDER. Adds is_pool_backed to the ProxyProvider ABC + a zero-arg package helper. The web crawler does a bounded one-per-tier is_proxy_error rotation-retry gated on is_pool_backed() (single-endpoint providers no-op). Config/.env.example gain CUSTOM_PROXY_URL(S). Zero-arg getter contract unchanged for all consumers. Documents the proprietary boundary test (generic proxy infra stays Apache-2). Tests: provider, registry, crawler rotation (16).

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-06-29 21:03:34 -07:00
DESKTOP-RTLN3BA\$punk
5c36cd3071 feat(03a): implement Scrapling-only web crawler and remove Firecrawl integration
- Standardized the web crawler to use Scrapling exclusively, removing Firecrawl entirely.
- Updated the crawler's location to `app/proprietary/web_crawler/connector.py` under a non-Apache-2 license boundary.
- Refactored the `WebCrawlerConnector` to eliminate the Firecrawl API key dependency, simplifying the interface for crawling URLs.
- Adjusted related components to accommodate the new structure and ensure successful crawl outcomes are properly handled.
- Updated documentation to reflect these changes and the new implementation status.
2026-06-29 20:37:56 -07:00
DESKTOP-RTLN3BA\$punk
34ab23f5d8 chore: synced plans 2026-06-29 18:26:29 -07:00
Rohan Verma
96b18af607
Merge pull request #1562 from MODSetter/feat/rename-searchspace-to-workspace
feat: rename searchspace to workspace
2026-06-29 17:58:07 -07:00
DESKTOP-RTLN3BA\$punk
2836654701 Merge commit '683a7d3bc2' into feat/rename-searchspace-to-workspace 2026-06-29 17:55:15 -07:00
DESKTOP-RTLN3BA\$punk
683a7d3bc2 Merge commit 'd0664f3dd6' into ci_mvp 2026-06-29 17:53:29 -07:00
DESKTOP-RTLN3BA\$punk
d12f39a7e2 feat: updated plans with test statergy 2026-06-29 17:50:24 -07:00
Rohan Verma
d0664f3dd6
Merge pull request #1560 from mvanhorn/refactor/1363-delete-notes-api-service
refactor: delete unused notesApiService orphan API module
2026-06-29 17:47:46 -07:00
Rohan Verma
deec7f0d01
Merge pull request #1559 from yagitoshiro/fix/ime-enter-submit-chat
fix(web): don't submit chat on Enter during IME composition
2026-06-29 17:47:04 -07:00
Rohan Verma
32951ac141
Merge pull request #1543 from DhruvTilva/fix/codeblock-interior-line-indentation
fix: prevent spurious leading spaces in nested codeBlock interior lines
2026-06-29 17:45:21 -07:00
Rohan Verma
d22131185f
Merge pull request #1542 from DhruvTilva/fix/multilingual-embedding-truncation
fix: use token-safe truncation for document embeddings
2026-06-29 17:44:55 -07:00
Matt Van Horn
9b2f880e3c
refactor: delete unused notesApiService orphan API module 2026-06-29 00:49:30 -07:00
yagitoshiro
24ff4b7d93 fix(web): don't submit chat on Enter during IME composition
The chat composers submit on Enter without checking whether an IME
composition is active. For Japanese/Chinese/Korean input, pressing Enter
to confirm a conversion fires the submit handler and sends a half-typed
message. Guard the Enter handlers with e.nativeEvent.isComposing in the
main chat editor, the anonymous free composer, and the mention/prompt
picker key navigation.
2026-06-28 13:13:46 +09:00
CREDO23
7a38614e07 docs(plans): record as-built state + re-runnable verification for Phase 2 (backend rename)
Add a top status banner (SHIPPED, branch/PR, phase tip commit) and an
Implementation record (deviations, carve-outs as-shipped, re-runnable
verification gates, deploy caveats) to 02-rename-backend.md.
2026-06-27 22:24:41 +02:00
CREDO23
2acdf42661 docs(plans): record as-built state + re-runnable verification for Phase 1 (DB rename)
Add a top status banner (SHIPPED, branch/PR, phase tip commit) and an
Implementation record (deviations, carve-outs as-shipped, re-runnable
verification gates with last results) to 01-rename-db.md.
2026-06-27 22:24:41 +02:00
DESKTOP-RTLN3BA\$punk
79dca6a5b9 Merge commit '7093b4d4d0' into ci_mvp 2026-06-26 19:55:44 -07:00
Rohan Verma
7093b4d4d0
Merge pull request #1549 from MODSetter/dev
fix(docker): add reverse proxy for zero sync auth context in Caddyfile
2026-06-26 12:26:13 -07:00
DESKTOP-RTLN3BA\$punk
8e73eba238 Merge commit '14352d6f37' into dev 2026-06-26 12:24:50 -07:00
DESKTOP-RTLN3BA\$punk
2e4959f947 fix(docker): add reverse proxy for zero sync auth context in Caddyfile 2026-06-26 12:24:12 -07:00
Rohan Verma
14352d6f37
Merge pull request #1548 from MODSetter/dev
fix(docker): add proxy directory and Caddyfile to win installation script
2026-06-26 12:03:45 -07:00
DESKTOP-RTLN3BA\$punk
3556d43c53 Merge commit 'cdc7c8ff7f' into dev 2026-06-26 12:01:28 -07:00
DESKTOP-RTLN3BA\$punk
b4e8aa0a1c feat(docker): add proxy directory and Caddyfile to installation script 2026-06-26 12:00:50 -07:00
Rohan Verma
cdc7c8ff7f
Merge pull request #1547 from MODSetter/dev
feat(hotpatch): fix migration 168
2026-06-26 11:31:50 -07:00
DESKTOP-RTLN3BA\$punk
47e4dd9403 Merge commit '2148053569' into dev 2026-06-26 11:30:37 -07:00
DESKTOP-RTLN3BA\$punk
ab7d138b32 feat(hotpatch): fix migration 168 2026-06-26 11:30:06 -07:00
Rohan Verma
2148053569
Merge pull request #1544 from AnishSarkar22/fix/login-button
feat: update authentication defaults to LOCAL
2026-06-26 11:06:22 -07:00
Anish Sarkar
e6fa9f177e
Merge pull request #1545 from AnishSarkar22/fix/auth-session
fix(auth): centralize session refresh retry handling
2026-06-26 22:43:59 +05:30
Anish Sarkar
f14c471a03 refactor(ZeroProvider): simplify route handling by removing desktop check for public routes 2026-06-26 22:15:48 +05:30
CREDO23
902b3374ea docs(env): update spawn-paused runbook to workspace_id (Phase 2 carve-outs)
Align the .env.example operational runbook with the renamed Redis key
surfsense:spawn_paused:<workspace_id> (carve-out 3). All other carve-out
decisions are applied inline: KEEP enum values 'SEARCH_SPACE', Celery task names,
OTel/metric key "search_space.id", and historical alembic migrations; RENAME the
Redis/event/LangGraph keys and the default seed name "My Workspace".
2026-06-26 18:38:11 +02:00
CREDO23
ca9bd28934 test: rename SearchSpace -> Workspace across tests + fixtures (Phase 2 Wave F)
Apply the same rename to surfsense_backend/tests: workspace_id fields/vars,
Workspace* classes/schemas, table name searchspaces -> workspaces in raw SQL,
and the API URL spellings -> /workspaces. Preserves the carve-out wire literals
tests assert (Celery task names, OTel key "search_space.id").
2026-06-26 18:36:46 +02:00
Anish Sarkar
3ce759f1d6 refactor(auth): streamline session handling with authenticatedFetch 2026-06-26 22:05:11 +05:30
CREDO23
56826a63bc refactor(routes): rename to workspace + consolidate URL spellings (Phase 2 Wave E)
Hard cutover of the HTTP surface: collapse the three legacy spellings
(/searchspaces, /search-spaces, /search-space/{id}) onto canonical
/workspaces/{workspace_id}/..., rename the gateway field-setter sub-actions to
singular /workspace, rename search_spaces_routes.py -> workspaces_routes.py and the
search_spaces_router -> workspaces_router include, and flip search_space_id ->
workspace_id in bodies/params. No alias routers: the old URLs now 404 by design.
Full app constructs with zero legacy path spellings.
2026-06-26 18:35:08 +02:00
Anish Sarkar
4b6bcaeb1b refactor(auth): reuse desktop token cache in API clients 2026-06-26 22:04:59 +05:30
Anish Sarkar
652a25be37 refactor(chat): use shared authenticated fetch for chat requests 2026-06-26 22:04:33 +05:30
Anish Sarkar
4c257e9122 refactor(auth): route session and zero context through shared fetch 2026-06-26 22:04:23 +05:30
Anish Sarkar
9fc93e5e82 fix(auth): centralize session refresh retry 2026-06-26 22:03:59 +05:30
CREDO23
7fb0707933 refactor(backend): rename search_space -> workspace across app bulk (Phase 2 Wave D)
Scoped codemod over surfsense_backend/app (excluding routes/, Wave E): renames
search_space_id -> workspace_id, search_space -> workspace, SearchSpace -> Workspace
across services, utils, tasks, agents, gateway, event_bus, notifications, podcasts,
automations, observability params, and prompt .md files. Also flips the camelCase
payload key searchSpaceId -> workspaceId (no backend reader; hard cutover).

Preserved carve-outs (verbatim): Celery task names "delete_search_space_background"
and "ai_sort_search_space" (wire names), and the OTel/metric key "search_space.id"
(dashboards depend on it). Enum values 'SEARCH_SPACE' and SearchSourceConnector
untouched.
2026-06-26 18:30:47 +02:00
CREDO23
0c53d884eb refactor(schemas): rename SearchSpace -> Workspace in Pydantic schemas (Phase 2 Wave C)
Rename schemas/search_space.py -> schemas/workspace.py, the SearchSpace* classes
-> Workspace* (incl. UserSearchSpaceAccess -> UserWorkspaceAccess), and the
search_space_id / search_space_name fields -> workspace_id / workspace_name across
all schema modules. Under hard cutover the serialized JSON keys change outright
(no alias). Re-exports in schemas/__init__.py updated.
2026-06-26 18:23:43 +02:00
CREDO23
d948b769ba refactor(db): rename search_space to workspace in satellite ORM models (Phase 2 Wave B)
Flip search_space_id -> workspace_id and the workspace relationship/back_populates
in the automations, file_storage, notifications, and podcasts persistence models,
and drop the Phase 1 Column("workspace_id", ...) shim. Full SQLAlchemy mapper
configuration now passes (db.py + satellites consistent).
2026-06-26 18:20:28 +02:00
CREDO23
df03565940 refactor(db): rename SearchSpace ORM core to Workspace (Phase 2 Wave A)
Flip the symbolic name in db.py: classes SearchSpace/Role/Membership/Invite ->
Workspace*, attributes search_space_id -> workspace_id (and owner_*), relationship
attrs + back_populates pairs, and drop the Phase 1 Column("workspace_id", ...) shim
now that attribute name == column name. Enum values 'SEARCH_SPACE' and the
SearchSourceConnector class are intentionally untouched (carve-outs).

Part of the atomic SearchSpace -> Workspace rename; the suite goes green only once
Waves B-F land (no half-renamed steady state).
2026-06-26 18:18:50 +02:00
CREDO23
49d3001fbf docs(db): tighten migration 170 docstring, move publication invariant to call site
Trim the header to a one-line summary and relocate the "never raw DROP/CREATE
PUBLICATION" invariant (bug #1355, migration 116) to the apply_publication call
site where a refactor would actually occur. Comment/docstring only; no behavior
change.
2026-06-26 17:59:05 +02:00
Anish Sarkar
ef9b5b42a8 feat: update JWT token lifetime and enhance header management in chat page
- Increased ACCESS_TOKEN_LIFETIME_SECONDS from 30 minutes to 60 minutes for improved session duration.
- Introduced getRequestHeadersWithCurrentDesktopAuth function to streamline authorization header management across fetch requests in the chat page.
2026-06-26 21:25:27 +05:30