Commit Graph

18 Commits

Author SHA1 Message Date
gramps 1dcd79ef96 test: add maybe_evict all-pinned break test and stats admin check
- test_maybe_evict_all_pinned_breaks: above high water but only
  pinned points → eviction breaks with 0 deleted, no EVICTION_LOG entry
- test_rag_stats_requires_admin: guest gets 403 on /api/rag/stats
2026-07-06 08:06:06 -07:00
gramps cb7a6c5cb5 fix: address three gaps in Task 8 spec compliance
- get_rag_operational_stats() now returns at_risk_count,
  pinned_count, avg_retrieval_count via scroll-based computation
- GET /api/rag/stats requires admin role (was guest-accessible)
- test_rag_stats_endpoint asserts full shape per spec
- Add test_rag_stats_requires_admin (guest → 403)
2026-07-06 08:05:14 -07:00
gramps bb16cd6927 refactor: extract eviction engine into eviction.py (rag.py 303→109 lines)
- Move all eviction logic (evict_batch, maybe_evict, EVICTION_LOG,
  get_collection_count/stats, get_rag_operational_stats) into eviction.py
- Move QDRANT_URL, RAG_COLLECTION into config.py to break circular dep
- rag.py re-exports eviction symbols for backward compatibility
- Router imports updated to use eviction module directly
- All 130 tests pass
2026-07-06 08:00:26 -07:00
gramps 8072fb3dd0 feat: Roadmap K — RAG corpus management with score-based eviction (v0.13.0)
- Config: RAG_MAX_VECTORS, high/low water marks, grace period, weights
- rag.py: get_collection_count, evict_batch, maybe_evict (asyncio.Lock),
  get_rag_operational_stats, EVICTION_LOG, retrieval_count tracking
- routers/rag_admin.py: GET /api/rag/stats, POST /api/rag/flush (admin)
- Wire maybe_evict() into upload.py and ingest.py after Qdrant upsert
- 16 tests: collection stats, eviction scoring, pinned/grace/batch guards,
  endpoint auth, race lock, flush, operational stats shape
- Bump to v0.13.0
2026-07-06 07:56:09 -07:00
gramps 7291b8fc42 v0.11.0 -> v0.12.0: startup hardware self-assessment (Roadmap J)
- hardware.py: assess_hardware() probes RAM, CPU, GPU VRAM (rocm-smi),
  llama-server, Qdrant, SearXNG reachability — writes hardware_state.json
- routers/hardware.py: GET /api/hardware (no auth) returns snapshot
- app.py: calls assess_hardware() in lifespan after init_db()
- 4 new tests: all services reachable, rocm-smi absent, llama unreachable,
  HTTP endpoint
2026-07-03 12:53:34 -07:00
gramps 1ac21ad13f v1.10.0 -> v1.11.0: terminal command RAG hook (Roadmap I)
- POST /api/ingest with Bearer token auth, chunk_text, embed, Qdrant upsert
- docs/jc-ingest.sh — shell script for PROMPT_COMMAND hook on jarvis
- /api/ingest exempted from session middleware (self-authenticating)
- 5 tests: missing/wrong key, empty/missing content, success path
2026-07-03 12:35:21 -07:00
gramps 81238c0d7f v1.9.0 -> v1.10.0: file upload UI + attachment management
- Paperclip icon left of text input, file preview pill (image thumb or file icon)
- Conversation list shows attachment icon right of trash, opens gallery overlay
- Gallery overlay: scrollable, close (X), delete attachment per item
- DELETE /api/upload/{id} removes from SQLite + Qdrant
- PATCH /api/upload/{id}/link ties upload to conversation
- GET /api/upload/by-conversation/{id} lists attachments
- Chat accepts upload_context_id, injects [ATTACHED DOCUMENT] into system prompt
- Conversation list includes attachment_count field
- 8 new tests: upload context injection, delete, link, by-conversation, image type, attachment count

Still missing (P3): drag-and-drop upload, global attachments page, file download, batch upload
2026-07-03 12:18:06 -07:00
gramps 4a891c8435 v1.8.9 -> v1.9.0: file upload backend (PDF/text, Qdrant ingest, SQLite context) 2026-07-01 18:15:23 -07:00
gramps 091e2ad2e3 test: add unit tests for all 10 routers (92 total)
New test files:
- test_conversations.py — list/create/get/update/delete/delete-all, admin enforcement
- test_presets.py — list/create/update/delete, default preset protection
- test_profile.py — get/update/default, length validation
- test_models_router.py — list/ps/show/stats/search-status, connect errors
- test_completions.py — API key auth, FIM passthrough, streaming/blocking, errors
- test_search_route.py — explicit search flow, no results, stream errors
- test_memories.py — edit/search/stats endpoints, validation, admin enforcement

Update AGENTS.md with full test file coverage table and README.md
2026-06-27 15:27:13 -07:00
gramps 5986c4ad86 fix: close two CSRF origin-check security gaps
- Extend origin check to all /api/ requests (not just state-changing methods),
  closing the GET/HEAD/OPTIONS bypass that allowed cross-origin reads
- origin_allowed() now returns False when both Origin and Referer headers
  are absent, preventing script-initiated requests from bypassing the check
- Update AGENTS.md and README.md to document the changes
2026-06-27 15:20:02 -07:00
gramps cc1efa7a21 fix: resolve all critical runtime errors and bugs from audit
- Add COMPLETIONS_API_KEY to config.py (env var + auto-generated fallback)
- Fix perplexity auto-search: upstream sends logprobs=true, parse_llama_stream_chunk
  extracts per-token logprobs, all_logprobs populated during streaming
- Fix all /api/models endpoints to target LLAMA_SERVER_BASE (port 8081) not OLLAMA_BASE
- Fix RAG embedding endpoint URL from port 11434 (Ollama) to 8081 (llama-server)
- Correct misleading error messages: 'inference server' not 'Ollama'
- Remove raw_results leak from SSE event stream in /api/search
- Fix weather query extractor: pattern-match instead of unconditional suffix append
- Escape FTS5 operator keywords (AND/OR/NOT/NEAR) in memory search
- Move auth.py BODY_LIMIT_DEFAULT_BYTES imports to module level
- Change RAG injection log level from warning to info
- Fix all 8 test files after modular refactor (rewire imports from correct modules)
- Update AGENTS.md and README.md to reflect v1.8.0 changes
2026-06-27 15:12:18 -07:00
gramps 4d1541412b feat(skills): add phase-1 skill registry and toggles (v1.7.4) 2026-04-28 08:44:22 -07:00
gramps 250fec1f06 test(streaming): cover chat/search/memory paths (v1.7.3) 2026-04-28 08:31:01 -07:00
gramps 12188f3ad2 feat(errors): incident-key safe error envelopes (v1.7.2) 2026-04-27 16:56:17 -07:00
gramps 9589141521 feat(settings): allowlist /api/settings keys (v1.7.1) 2026-04-27 16:48:19 -07:00
gramps 76e4461b38 feat(security): add LAN IP allowlist and ingress guardrails 2026-04-27 16:43:21 -07:00
gramps 28aa40c42a release: v1.6.1 link sanitization and backlog updates 2026-04-27 16:25:35 -07:00
gramps 81319f83d4 feat(auth): add guest/admin PIN security model and hardening 2026-04-27 10:09:53 -07:00