Changelog
c1ed059 Merge pull request 'Release v0.2.1' (#78) from release/v0.2.1 into main
0c2c1cb Release v0.2.1
7fa0aba Merge pull request 'BUNYIP-58: force real bunyip-api rebuild, guard against oci-build stub leak' (#76) from fix/bunyip-58-oci-build-stub-leak into main
73d2cf7 fix(oci-build): force real bunyip-api rebuild, guard against stub leak
da55b1e Merge pull request 'fix(oidc): register SPA clients from env-driven startup upsert (BUNYIP-57)' (#75) from fix/bunyip-57-env-driven-oidc-client-seed into main
c918f2e fix(oidc): make post-logout URIs optional in SPA client upsert (BUNYIP-57)
8608d18 fix(oidc): register SPA clients from env-driven startup upsert (BUNYIP-57)
518b9af Merge pull request 'fix(oidc): honor checked= flag on /login to break authorize redirect loop' (#74) from fix/oidc-login-redirect-loop-honor-checked into main
8d9e4de fix(oidc): honor checked= flag on /login to break authorize loop
58a1e38 Merge pull request 'fix(build): bump rust-builder-glibc to v1.0.1, drop bun workaround' (#73) from fix/bun-v1.0.1-drop-workaround into main
2b0f100 fix(build): bump rust-builder-glibc to v1.0.1, drop bun workaround
ecf2b54 Merge pull request 'chore: Sync .gitignore' (#72) from chore/sync-gitignore into main
dff36a0 chore: Sync .gitignore
3f722bc Merge pull request 'fix(web): applications-page launcher points at /dashboard, not /' (#71) from fix/applications-launcher-points-at-dashboard into main
a7c2422 fix(web): applications-page launcher points at /dashboard, not /
98ca4dc Merge pull request 'fix(auth): GET /v1/auth/logout 302s directly to url; /logout page lands on /' (#70) from fix/logout-honors-final-url into main
942b837 fix(auth): GET /v1/auth/logout 302s directly to url; /logout page lands on /
b9a3f4c Merge pull request 'feat(auth): AuthenticatedUser accepts OIDC at+jwt alongside legacy HS256 (BUNYIP-55)' (#69) from feat/bunyip-55-authenticated-user-accept-atjwt into main
23c9abc feat(auth): AuthenticatedUser accepts OIDC at+jwt alongside legacy HS256 (BUNYIP-55)
467ab5a Merge pull request 'fix(oidc): gate authorize on a server-validated OP session (BUNYIP-53)' (#67) from fix/bunyip-53-logout-terminates-op-session into main
005e017 Merge pull request 'fix(web): make bun/bunx runnable by the host user in the dev image (BUNYIP-54)' (#68) from fix/bunyip-54-web-bun-permission into main
c992899 fix(web): make bun/bunx runnable by the host user in the dev image
b4ab88d fix(oidc): gate authorize on a server-validated OP session
baf11fc Merge pull request 'feat(dev-sso): bunyip-api as the OIDC OP for hub and mokosh SPA' (#66) from feat/dev-sso-bunyip-as-op into main
ce45c85 feat(dev-sso): make bunyip-api the OIDC OP for the hub and mokosh SPA
151be82 Merge pull request 'feat(auth): GET /v1/auth/memberships synthetic single-tenant stub' (#65) from feat/auth-memberships-stub into main
ff79eb9 feat(auth): GET /v1/auth/memberships synthetic single-tenant stub
9bfeee2 Merge pull request 'feat(web): admin UI to edit and create application distribution config' (#64) from feat/bunyip-51-app-distribution-admin-ui into main
bd5a1bb fix(web): address review of application distribution admin UI
d52cff9 feat(web): admin UI to edit and create application distribution config
5bd3046 Merge pull request 'feat(admin): add revoke-lifetime-membership endpoint + UI' (#63) from feat/admin-user-management into main
e20979b feat(admin): add revoke-lifetime-membership endpoint + UI
556f1c3 Merge pull request 'fix(dev): escape literal paren in dev-sso print string' (#62) from fix/dev-sso-nushell-paren-escape into main
e963488 fix(dev): escape literal paren in dev-sso print string
b5d0343 Merge pull request 'fix(web): drop obsolete bun symlink workaround in dev Dockerfile' (#61) from fix/web-dockerfile-bun-base-image-update into main
c9da238 fix(web): drop obsolete bun symlink workaround in dev Dockerfile
e7ec9c7 Merge pull request 'feat/admin-user-management' (#60) from feat/admin-user-management into main
8f36030 chore: remove stray mktemp file accidentally committed
b4377c2 fix(admin): use axum 0.7 ':id' path-param syntax, not '{id}'
61c851d Merge pull request 'feat(admin): expand user management with detail page + new actions' (#59) from feat/admin-user-management into main
fff3968 feat(admin): expand user management with detail page + new actions
e2d54b6 Merge pull request 'fix(web): show forbidden/unauthenticated download errors distinctly (BUNYIP-49)' (#58) from fix/bunyip-49-downloads-forbidden-message into main
800261e fix(web): handle 404 + add sign-in link on downloads error page (BUNYIP-49 review)
0d8726e fix(web): show forbidden/unauthenticated download errors distinctly (BUNYIP-49)
bdca948 Merge pull request 'feat: map DownloadCacheError via dunite ErrorClass in member-download handler (BUNYIP-48)' (#57) from feat/bunyip-48-download-errorclass into main
db252a7 feat: map DownloadCacheError via dunite ErrorClass in the member-download handler (BUNYIP-48)
1f0b5e4 Merge pull request 'feat: adopt dunite PSA-37 secret_env + PSA-42 acquire_concurrency_only; bump dunite dep' (#56) from feat/bunyip-47-adopt-dunite-psa37-42 into main
727ecb6 refactor(oci): collapse always-Some concurrency guard to a plain UsageGuard (BUNYIP-47 review)
d9e299f feat: adopt dunite PSA-37 secret_env + PSA-42 acquire_concurrency_only; bump dunite dep
36ef071 Merge pull request 'fix(oci): daily pull limit counts logical pulls, not every manifest request (BUNYIP-43)' (#55) from fix/bunyip-43-oci-pull-count into main
63e1eb7 fix(oci): address PR #55 review - extract should_meter + test, fix doc, note tradeoffs
53a7dfd fix(oci): daily pull limit counts logical pulls, not every manifest request (BUNYIP-43)
76989b9 Merge pull request 'chore(compose): pass through distribution limit/TTL env vars (BUNYIP-42)' (#54) from chore/bunyip-42-compose-distribution-tunables into main
52a6a30 chore(compose): pass through distribution limit/TTL env vars (BUNYIP-42)
4892c99 Merge pull request 'fix(oci): blob cache total_size_bytes decode error broke LRU eviction (BUNYIP-41)' (#53) from fix/bunyip-41-oci-blob-eviction-pool into main
02dd8a8 fix(download): same SUM-as-i64 decode bug in download cache; harden BUNYIP-41 test
a27f51d fix(oci): blob cache total_size_bytes decode error broke LRU eviction (BUNYIP-41)
a9df71f Merge pull request 'fix(oci): rate-limit failed token verifications, not successful pulls (BUNYIP-40)' (#52) from fix/bunyip-40-oci-token-rate-limit into main
eb7f399 fix(oci): address PR #52 review - per-IP failure cap, dedup limit blocks
658e697 fix(oci): rate-limit failed token verifications, not successful pulls (BUNYIP-40)
f3b4c42 Merge pull request 'feat(entitlements): per-product access control with admin + Stripe grants (BUNYIP-39)' (#51) from feat/bunyip-39-per-product-entitlements into main
0ea20b1 fix(entitlements): address PR #51 review findings
6d09f67 feat(entitlements): per-product access control with admin + Stripe grants (BUNYIP-39)
be19611 Merge pull request 'feat(deps): consume dunite PSA-36 (single-flight core + download Transport error class) (BUNYIP-44)' (#50) from feat/bunyip-44-dunite-psa-36 into main
d407788 fix(download): map upstream NotFound to 404 and classify with an exhaustive match (PR #50 review)
8e4d08e feat(deps): consume dunite PSA-36 (single-flight core + download Transport error class)
dbe79c9 Merge pull request 'fix(feedback): improve contrast of hero text (BUNYIP-45)' (#49) from fix/feedback-hero-bunyip-contrast into main
d85b113 fix(feedback): raise contrast of hero "Bunyip" wordmark
ac3c796 Merge pull request 'feat(applications): seed Drillmark as a hosted launcher tile' (#48) from feat/seed-drillmark-application into main
8b4797e feat(applications): seed Drillmark as a hosted launcher tile
efa868a Merge pull request 'fix(launcher): point app tiles at /dashboard so AuthGuard fires' (#47) from fix/launcher-tile-to-dashboard into main
cae06a4 Merge pull request 'fix(cors): split CORS_ORIGIN comma-list into per-origin registrations' (#46) from fix/cors-allowed-origins-list into main
66e9934 fix(cors): split CORS_ORIGIN comma-list into per-origin registrations
3eee826 fix(launcher): point app tiles at /dashboard so AuthGuard fires
960e4ff Merge pull request 'fix(web): preserve ?redirect= through the 2FA hop' (#45) from fix/preserve-redirect-through-2fa into main
ff262ce fix(web): preserve ?redirect= through the 2FA hop
c361409 Merge pull request 'feat(applications): seed Mokosh as a hosted launcher tile' (#44) from feat/seed-mokosh-application into main
8fd483e Merge pull request 'fix(web): accept absolute OIDC issuer URLs in safe_redirect' (#43) from fix/bunyip-web-safe-redirect-allow-issuer into main
e7a2266 feat(applications): seed Mokosh as a hosted launcher tile
e78b5ca fix(web): accept absolute OIDC issuer URLs in safe_redirect
8569ee7 Merge pull request 'fix(oidc): use single web_origin for login redirects, not the cors_origin list' (#42) from fix/bunyip-web-origin-for-oidc-login-redirect into main
b004bd2 fix(oidc): use single web_origin for login redirects, not the cors_origin list
3e638f3 Merge pull request 'feat(oidc): seed mokosh-apps + drillmark as public PKCE clients' (#41) from feat/bunyip-op-cutover into main
786ec10 feat(oidc): seed mokosh-apps + drillmark as public PKCE clients
9f4e000 Merge pull request 'feat(secrets): file-based production secrets via compose secrets (BUNYIP-38)' (#40) from feat/bunyip-38-file-based-secrets into main
6cfd663 fix(secrets): address PR #40 review findings
ae84d2b feat(secrets): file-based production secrets via compose secrets + {NAME}_FILE convention (BUNYIP-38)
2444718 Merge pull request 'chore(toolchain): pin rust 1.94.1, fix clippy/fmt workspace-wide, deflake config tests (BUNYIP-36)' (#39) from chore/bunyip-36-rust-1.94-toolchain into main
75cf0f7 fix(toolchain): address PR #39 review findings
ce68931 chore(toolchain): pin rust 1.94.1, fix clippy/fmt workspace-wide, deflake config tests (BUNYIP-36)
bb21a68 Merge pull request 'refactor(oci): consume dunite-oci shared limiter API and typed blob-cache errors (PSA-35)' (#38) from refactor/psa-35-dunite-oci-consumer into main
d8771c0 refactor(oci): consume dunite-oci's shared limiter API and typed blob-cache errors (PSA-35)
498eaf1 Merge pull request 'docs(dev-sso): distribution e2e smoke-test section (BUNYIP-35)' (#37) from docs/bunyip-35-e2e-smoke-tests into main
c94af88 docs(dev-sso): rework smoke-test section per review; definitive cache proof
357f625 docs(dev-sso): add distribution e2e smoke-test section from BUNYIP-35 run
b31736e Merge pull request 'feat(web): downloads page with OCI pull instructions and version listings (BUNYIP-34)' (#36) from feat/bunyip-34-downloads-oci-ux into main
9a13bcb Merge pull request 'fix(web-dev): web dev container crash-loops on bun permissions (BUNYIP-37)' (#35) from fix/bunyip-37-web-dev-bun into main
26fcec5 fix(downloads): address PR #36 review findings
b69c8a4 feat(web): downloads page with OCI pull instructions and version badges (BUNYIP-34)
b892859 fix(web-dev): replace inaccessible bun symlink so dev container runs as host user (BUNYIP-37)
8a811ba Merge pull request 'feat(catalog): seed Mokosh product catalog + one-call admin create + token audit (BUNYIP-33)' (#34) from feat/bunyip-33-catalog-entitlements into main
336a4da fix(catalog): address PR #34 review findings
eb96536 feat(catalog): seed Mokosh product catalog + one-call admin create + token audit (BUNYIP-33)
5c43407 Merge pull request 'feat(infra): distribution proxy in prod compose + dev-sso Traefik registry (BUNYIP-32)' (#33) from feat/bunyip-32-distribution-infra into main
a187680 fix(infra): address code-review findings on the distribution infra PR
c11c4a7 feat(infra): wire the distribution proxy into prod compose + dev-sso Traefik (BUNYIP-32)
18f6d64 Merge pull request 'feat(oci): make registry verifiable against private Forgejo (BUNYIP-31)' (#27) from feat/bunyip-31-oci-private-forgejo into main
1de2587 fix(oci): address code-review findings on the registry verification PR
824769b fix(oci): writable cache volumes + live verification results (BUNYIP-31 Phase B)
6ed7432 Merge pull request 'revert(auth): restore Subscriber as default role on register' (#32) from revert/register-as-admin-staging into main
a7ccb73 revert(auth): restore Subscriber as default role on register
59aee79 Merge pull request 'fix(ci): pin Rust toolchain to 1.93.0' (#31) from fix/pin-rust-toolchain into main
1d78a84 fix(ci): pin Rust toolchain to 1.93.0
234b6cf Merge pull request 'fix(web): silence dead_code + too_many_arguments lints' (#30) from fix/web-fmt into main
2c1912b fix(web): silence dead_code + too_many_arguments lints
43b5581 Merge pull request 'style: cargo fmt --all (clears CI fmt-check failure)' (#29) from fix/web-fmt into main
a9d4117 style: cargo fmt --all (clears CI fmt-check failure)
51bfdbe Merge pull request 'chore(auth): default new registrations to Admin role (staging only)' (#28) from chore/register-as-admin-staging into main
6a07c17 chore(auth): default new registrations to Admin role (staging only)
9b2df2d feat(oci): make registry verifiable against private Forgejo (BUNYIP-31)
403d9f8 Merge pull request 'feat(download): consume dunite-download engine, drop hand-rolled code (BUNYIP-30)' (#26) from feat/bunyip-30-consume-dunite-download into main
2cc3fd7 fix(download): address code-review findings on the dunite-download adoption
9b3cbe6 chore: remove accidentally committed Claude session artifact, ignore .claude/
b85f53c feat(download): consume dunite-download engine, drop hand-rolled code (BUNYIP-30)
97678a4 Merge pull request 'docs(billing): sequenced M1 implementation plan on the locked decisions' (#25) from docs/billing-m1-plan into main
132ebfc docs(billing): sequenced M1 implementation plan on the locked decisions
6cb33c7 Merge pull request 'docs(billing): correct stale rebuild premise + add M1 billing gap matrix' (#24) from docs/billing-m1-audit into main
dd5accd docs(billing): correct stale rebuild premise + add M1 billing gap matrix
f33076f Merge pull request 'docs(dev-sso): add three-repo dev-sso runbook + design rationale' (#23) from docs/dev-sso-runbook into main
b31c85d docs(dev-sso): add three-repo dev-sso runbook + design rationale
fde2743 Merge pull request 'fix(ci): generate release notes from commits since previous tag' (#21) from fix/release-notes-since-prev-tag into main
4f863e1 Merge branch 'main' into fix/release-notes-since-prev-tag
50131e9 Merge pull request 'feat(dev): generate OIDC signing keys on just dev if missing' (#22) from feat/dev-ensure-oidc-keys into main
c7f6ae3 fix(ci): generate release notes from commits since previous tag
7926e5b feat(dev): generate OIDC signing keys on just dev if missing
87ffdcd Merge pull request 'fix(dev): export HOST_UID/HOST_GID (not UID/GID) for compose' (#20) from fix/dev-host-uid-mapping into main
ff6d817 fix(dev): export HOST_UID/HOST_GID (not UID/GID) for compose
0244fdd Merge pull request 'fix(dev-sso): mark the per-developer private network external' (#19) from fix/dev-sso-private-network-external into main
820516b fix(dev-sso): mark the per-developer private network external
0789192 Merge pull request 'fix(dev-sso): route bunyip-web on nebula-secure via list-syntax labels' (#18) from fix/dev-sso-nebula-secure-list into main
61ebd28 fix(dev-sso): route bunyip-web on nebula-secure via list-syntax labels
05df92b Merge pull request 'feat(dev-sso): make Traefik entrypoints overridable via TRAEFIK_ENTRYPOINTS' (#17) from feat/dev-sso-traefik-entrypoint-env into main
107f9ac feat(dev-sso): make Traefik entrypoints overridable via TRAEFIK_ENTRYPOINTS
c65075c Merge pull request 'feat: 100% a8n.tools parity - SSR frontend, dunite backend, governance conformance' (#16) from feat/bunyip-dunite-infra-boot into main
b51a15b fix(web): tolerate missing updated_at in API responses (register/login 'missing field')
4f5bfd3 feat(web): restore the Bunyip mascot illustration in the hero
c1b6691 feat(web): restore Bunyip styling + wording (reed/water theme, "Surfaces what matters")
7517a11 fix(web): serve assets/styles.css (fix 404, broken styling)
c1e9a21 chore: MIT license, secret-generating ensure-env, justfile groups, startup banners
2e5ee27 feat: a8n.tools (menkent) parity - SSR frontend, governance conformance, domain rename
9ee7a3b feat(infra): wire dev + prod stack for the actix backend on dunite
f09fa28 fix(api): load .env at startup
26d07fd Merge pull request 'feat: scaffold bunyip-core/oci/oidc crates for the dunite rebuild' (#15) from feat/bunyip-api-on-dunite into main
a35b179 chore(core): rebrand runtime config defaults from a8n to bunyip
2b69a97 fix: drop bunyip-mocks workspace member and strip oidc client seeds
2aabd49 chore: prune a8n migration seeds and retire the axum mock
6cd6d92 feat(api): convert bunyip-api from axum mock to the actix binary on dunite
23fd194 feat(oidc): port bunyip-oidc provider on dunite-oidc keys
ce60a06 feat(oci): port bunyip-oci consuming the dunite-oci generic engine
d33be83 build: consume dunite crates from the Forgejo git source
057ff50 feat(core): fill bunyip-core domain layer on the dunite-core kernel
23ede7c feat(scaffold): skeleton bunyip-core/oci/oidc crates for the dunite rebuild
0d7044c Merge pull request 'PSA audit (non-mock fixes) + prod mock-guard' (#14) from feat/m1-vas into main
dfa6fe8 fix(web): derive_api_host returns same-origin host on apex topology
dc0e9d5 feat(m1): Phase-5 audit fixes - OIDC nonce, log scrub, active-org, feedback routing, prod mock-guard
27f1987 feat(m1): vas sprint - google oauth + wiring
bc9a734 Merge pull request 'fix(login): omit client_id from password_login body when empty' (#13) from fix/login-skip-empty-client-id into main
ae197fb fix(login): omit client_id from password_login body when empty
1d9340c Merge pull request 'fix(release): publish binaries to psa-systems-private Generic Packages' (#12) from fix/release-binaries-to-generic-packages into main
637974e fix(release): publish binaries to psa-systems-private Generic Packages
nrupard released this