kunthawat/ALwrity
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,106 Commits 42 Branches 2 Tags
63a0df2536e734023ad311b2cd57ba1b74cf1341
Commit Graph

480 Commits

Author SHA1 Message Date
ajaysi
63a0df2536 feat: LinkedIn LLM alignment - Phase 1-3 complete 
Phase 1: Dead Code Cleanup
- Remove GeminiGroundedProvider import and property from linkedin_service.py
- Remove fallback_provider property (gemini_provider imports)
- Fix routers/linkedin.py edit endpoint to use llm_text_gen
- Delete dead LinkedInImageEditor class
- Remove dead _transform_gemini_sources from content_generator.py

Phase 2: Research Infrastructure Alignment
- Add user_id to _conduct_research() for pre-flight validation
- Add validate_exa_research_operations() before Exa/Tavily calls
- Pass user_id to provider.simple_search() for usage tracking
- Inject research content into LLM prompts via _build_research_context()
- Fix Google engine path to fallback to Exa
- Add Exa → Tavily fallback on research failure

Phase 3: Cosmetic Cleanup
- Rename _generate_prompts_with_gemini → _generate_prompts_with_llm
- Rename _build_gemini_prompt → _build_image_prompt
- Rename _parse_gemini_response → _parse_llm_response
- Remove all Gemini references from LinkedIn code (0 remaining)
- Update docstrings and log messages

Additional:
- Research caching using existing ResearchCache
- Shared ExaContentResearchProvider in services/research/
- Persona service uses llm_text_gen instead of gemini_structured_json_response
- LinkedInWriter.tsx ChatMessage → ChatMsg type mapping fix
- RegisterLinkedInActionsEnhanced.tsx content_format_rules typing fix
 2026-06-12 18:58:53 +05:30
ajaysi
e54aaa7a3e chore: bulk commit of local changes across blog writer, SEO dashboard, scheduler, docs-site, and frontend 2026-06-05 12:40:30 +05:30
ajaysi
b894bc0abb fix: GHSA-426f-p74m-73fv — JWT JWKS issuer confusion auth bypass (CVSS 9.4) 
Pin issuer and JWKS URL at startup from CLERK_PUBLISHABLE_KEY.
Validate token iss claim before any JWKS fetch.
Add issuer= to jwt.decode() with verify_iss=True.
 2026-06-05 12:07:22 +05:30
ajaysi
70542b32fc feat: add linkedin and facebook feature flags, clean up dead code 
- Register 'linkedin' FeatureGroup with routers.linkedin and
  api.linkedin_image_generation routers
- Register 'facebook' FeatureGroup with
  api.facebook_writer.routers:facebook_router
- Add 'linkedin' and 'facebook' profiles to PROFILE_GROUP_MAP
- Remove dead imports of linkedin_router, linkedin_image_router,
  and facebook_router from app.py (router manager handles via
  CORE_ROUTER_REGISTRY)
- Add LINKEDIN and FACEBOOK keys to frontend FEATURE_KEYS
- Add route priorities for /linkedin-writer and /facebook-writer
- Change route gates from feature='social' to feature='linkedin'
  and feature='facebook' respectively
 2026-06-05 12:07:22 +05:30
ajaysi
9a3d704c5c feat: add backlinking feature flag following blog_writer pattern 
- Register 'backlinking' FeatureGroup in feature_registry.py with
  routers=routers.backlink_outreach:router
- Add 'backlinking' profile to PROFILE_GROUP_MAP (core + backlinking)
- Add backlink_outreach to OPTIONAL_ROUTER_REGISTRY with
  features={'all', 'backlinking'}
- Remove direct import/include of backlink_outreach from app.py
  (router manager handles both 'all' and 'backlinking' modes)
- Add BACKLINKING key to FEATURE_KEYS and route priority in
  frontend demoMode.ts
- Change frontend route gate from feature='seo' to feature='backlinking'
  so ALWRITY_ENABLED_FEATURES=backlinking enables the route
 2026-06-03 20:19:41 +05:30
ajaysi
8699ffc27d fix: resolve remaining 5 QA audit findings (#3, #8, #10, #11, #12) 
#3 — Duplicate prospect handling: add_lead now checks (campaign_id, url)
     before insert; bulk_add_leads skips existing URLs.
#8 — Atomic rate limiting: try_increment_* methods atomically check cap
     and increment in a single session; router uses these before send.
#10 — Reply matching via Message-ID: sender generates Message-ID header,
     stored on OutreachAttempt; reply monitor parses In-Reply-To/References;
     poll_replies matches by message_id first, falls back to from_email.
#11 — Save-to-campaign uses existing store results instead of
      re-running expensive deepDiscover.
#12 — Lead status Literal type: Pydantic models enforce valid status
      values; backend validates via LEAD_VALID_STATUSES frozenset;
      frontend API typed as LeadStatus union.
 2026-06-03 20:06:11 +05:30
ajaysi
259194c289 Merge remote-tracking branch 'origin/codex/add-atomic-idempotency-reservation-method' 
# Conflicts:
#	backend/routers/backlink_outreach.py
#	backend/services/backlink_outreach_models.py
 2026-06-03 18:52:18 +05:30
ajaysi
2f93ae4891 Merge remote-tracking branch 'origin/codex/add-sender-email-validation-and-logging' 2026-06-03 18:50:53 +05:30
ي
bf22a3d318 Handle backlink outreach idempotency reservations 2026-06-03 18:49:14 +05:30
ajaysi
2a879a6e24 Merge remote-tracking branch 'origin/codex/update-compliance-requirements-for-outreach-send' 2026-06-03 18:49:07 +05:30
ajaysi
7749b4db0e Merge remote-tracking branch 'origin/codex/refactor-backlink-outreach-services-for-async-support' 
# Conflicts:
#	backend/routers/backlink_outreach.py
 2026-06-03 18:49:01 +05:30
ي
cbace3b752 Validate backlink outreach sender aliases 2026-06-03 18:48:17 +05:30
ي
98d4ac6dbd Harden backlink outreach send policy 2026-06-03 18:33:11 +05:30
ي
55b7209554 Refactor backlink discovery HTTP calls 2026-06-03 18:28:40 +05:30
ajaysi
57e46a20f8 Merge remote-tracking branch 'origin/codex/update-backlink-outreach-for-campaign-validation' 2026-06-03 18:22:35 +05:30
ي
ec2f9151b8 Harden backlink lead campaign ownership 2026-06-03 18:19:16 +05:30
ي
40516e5c79 Secure backlink lead status updates 2026-06-03 18:16:10 +05:30
ajaysi
923fa671fe feat: ContentGuardianAgent, onboarding UX, Team Activity action wiring, docs, agent help modal 
ContentGuardianAgent consolidation:
- Merge 3 duplicate classes into single source in specialized/content_guardian.py
- Watchdog audit_committee() with heuristic scoring, coverage gaps, overlaps, alerts
- Remove misleading rejection_rate() helper; use acceptance_rate directly
- Integrate audit + alerts + trend signals into today_workflow_service.py

Team Activity page:
- QualityAuditPanel: health ring, per-agent critiques, coverage gaps, overlaps
- TrendSignalsPanel: opportunity cards with urgency/impact/coverage bars
- AlertBanner: persistent dismiss via POST /alerts/{id}/mark-read
- AgentHelpModal: dialog showing all 8 agents with descriptions, tools, schedule
- QualityAuditPanel action buttons: Fill gap -> /content-planning, Resolve overlap, View CTA on alerts/issues
- TrendSignalsPanel action buttons: Create content from this trend -> /blog-writer with trend context state

Onboarding system:
- Step 4 validation: no auto-pass via basic_ready; requires persona data or explicit progression
- Step 5 validation: logs warning on auto-pass without integration data
- OnboardingCompletionService: single DB session, transactional task creation, upsert pattern
- Business-without-website: nullable website_url on SIFIndexingTask and MarketTrendsTask
- DeepCompetitorAnalysisExecutor: 5-min timeout, 10-competitor cap, asyncio.wait_for
- Persona generation: async with 30s timeout, falls back to scheduler
- OnboardingProgressService.reset_onboarding(): resets session + pauses all DB tasks
- OnboardingControlService.reset_onboarding(): also cancels APScheduler jobs
- FinalStep TaskSchedulingPanel: shows scheduled/failed tasks after completion, 8s auto-redirect
- onboarding_completed agent activity event logged to feed

Documentation:
- docs-site/features/onboarding/: overview, steps, scheduler-tasks, technical-reference (4 pages)
- docs-site/mkdocs.yml: added Onboarding System nav section
- docs-site/features/sif-agents/: overview, agent-directory, committee-system, content-guardian (4 pages)
- docs-site/features/team-activity/: overview, quality-audit, trend-signals, alert-system (4 pages)
- docs-site/features/todays-workflow/: updated overview, technical-architecture, workflow-guide, api-reference
 2026-06-01 12:24:31 +05:30
ajaysi
9b472f1c18 debug: add startup log to suggest-prompts endpoint to diagnose timeout 2026-05-30 11:08:43 +05:30
ajaysi
ce2b8eefba fix: persist sectionImages to localStorage immediately in onImageGenerated callback, add restore/effect with debug logging 2026-05-30 08:22:04 +05:30
ajaysi
64f1f88cdd feat: image generation overhaul (model-aware text, dim clamping, \.30 pricing), event-driven dashboard cache invalidation, SEO insights (AI visibility, GSC, keyword gap), YouTube OAuth/publish, blog writer & content planning improvements, scheduler monitoring updates 2026-05-30 07:58:22 +05:30
ajaysi
aaf94049da feat: validate podcast cost estimation accuracy, document per-token costs, and fix subscription/plan enforcement 
Issue #543 — Validate Estimated Cost Accuracy (UI vs Backend)

Backend:
- cost_estimator.py uses pricing catalog (APIProviderPricing) as single source of truth
- All 7 cost components: analysis, research (search+LLM), script, TTS, voice clone, avatar, video
- initialize_default_pricing() runs on every app startup for auto-sync

Frontend cost estimation fixes:
- Added missing analysisCost, scriptCost, voiceCloneCost to PodcastEstimate type
- toPodcastEstimate() now extracts all 7 backend fields (was dropping 3)
- headerCostEst maps analysisCost->Analyze, scriptCost->Write, voiceCloneCost->Produce
- EstimateCard shows 5 chips: Analysis, Research, Script, Voice(TTS+clone), Visuals(avatar+video)
- Chip sum now equals backend total for all configurations

Subscription & plan fixes:
- Removed Stripe re-verification from checkSubscription() (downgrade regression fix #539)
- Added verifyCheckoutRef pattern for reliable mount-time checkout polling
- One-time Stripe sync effect with pending_subscription_change flag for Customer Portal returns
- Free plan limits: stability_calls 3->10, audio_calls 5->10 (supports 2 podcasts)
- Image enforcement uses actual provider (GPT_PROVIDER), not hardcoded Stability
- Billing/pricing pages bypass onboarding check in ProtectedRoute
- Gradient buttons + loading spinner on plan chip in UserBadge
- Added metadata-based Stripe lookup fallback (Issue #538)

Documentation:
- TESTING_GUIDE.md: comprehensive testing instructions for non-technical testers
  - Free plan limits, usage tracking, cost estimation formulas
  - 10 test cases for UI verification
  - Troubleshooting guide
  - Quick-reference cost formulas with all default rates

Cleanup: removed legacy ToBeMigrated directory (70+ files, ~22K LOC)
GSC Brainstorm: service, hook, modal, and UI components for blog topic brainstorming
 2026-05-27 08:46:38 +05:30
ajaysi
96fa469fe8 fix: add metadata-based Stripe customer lookup in verify-checkout for reliable post-subscription plan detection (#538) 2026-05-26 15:25:05 +05:30
ajaysi
a1a1abb8fd fix: redact sensitive API key count from log in ai_refresh (#536) 2026-05-25 20:57:48 +05:30
ajaysi
c47b452943 fix: redact sensitive API key names from log in ai_refresh (#535) 2026-05-25 20:57:47 +05:30
ajaysi
d889e83d6a fix: harden podcast media path resolution and URL parsing (#530) 2026-05-25 20:31:08 +05:30
ajaysi
45e9de4a31 fix: replace MD5 with SHA256 in cache key derivation (#528) 2026-05-25 20:31:07 +05:30
ajaysi
03622fca6e fix: use canonicalized resolved_video_path in transform serving (#527) 2026-05-25 20:31:07 +05:30
ي
d0f0c25cf3 Potential fix for code scanning alert no. 87: Clear-text logging of sensitive information 
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
 2026-05-25 17:41:16 +05:30
ي
0c48e2e0bf Potential fix for code scanning alert no. 85: Clear-text logging of sensitive information 
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
 2026-05-25 17:39:49 +05:30
ي
c6c118e7b8 Potential fix for code scanning alert no. 128: Uncontrolled data used in path expression 
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
 2026-05-25 17:33:13 +05:30
ي
56b2f3afcf Potential fix for code scanning alert no. 134: Use of a broken or weak cryptographic hashing algorithm on sensitive data 
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
 2026-05-25 17:29:39 +05:30
ي
8000d21a05 Potential fix for code scanning alert no. 139: Uncontrolled data used in path expression 
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
 2026-05-25 17:25:28 +05:30
ي
6aca86f087 Potential fix for code scanning alert no. 29: Uncontrolled command line 
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
 2026-05-25 17:24:15 +05:30
ajaysi
cb3666dd7b fix: multi-tenant isolation for asset serving, image-studio ownership check, ts compile error 2026-05-25 17:23:59 +05:30
ajaysi
9b3bec698b fix: credit tracking, voice clone TTL, avatar upload ui, asset serving fallback, OAuth encryption, free plan video renders, backlink outreach sprint 2026-05-25 17:07:35 +05:30
ajaysi
090d69761f feat: Sprint 1 - Deep discovery, lead persistence, and dashboard nav 
- Add BacklinkOutreachScraper (Exa + DuckDuckGo deep scraping)
- Extend DB and Pydantic models for lead enrichment columns
- Add StorageService methods for lead CRUD with auto-migration
- Add backend endpoints: deep discover, campaign detail, lead management
- Extend frontend API client and store with discovery + lead actions
- Create BacklinkOutreachDashboard component with campaigns/discover/leads tabs
- Register route at /backlink-outreach under SEO feature flag
- Add nav entry under Enterprise & Advanced in tool categories
 2026-05-23 17:07:33 +05:30
ajaysi
2b44e9c013 Merge branch 'pr-486' 2026-05-23 15:18:15 +05:30
ajaysi
3d3bcceb45 Merge branch 'pr-483' 
# Conflicts:
#	backend/services/podcast/broll_composer.py
#	backend/services/podcast/broll_service.py
 2026-05-23 13:37:44 +05:30
ajaysi
d1cd28d407 Merge branch 'recover-stash' 2026-05-23 13:13:18 +05:30
ajaysi
33458c78c0 Merge branch 'pr-498' 
# Conflicts:
#	backend/services/user_workspace_manager.py
 2026-05-23 13:11:34 +05:30
ajaysi
17b69708ca Merge branch 'pr-497' 2026-05-23 13:09:48 +05:30
ajaysi
8f116ef4d1 On main: session-work-2026-05-22 2026-05-23 13:09:41 +05:30
ajaysi
644e72d289 feat: Brainstorm Topics with GSC + Issue #518 fixes + Blog Editor enhancements 
Issue #518 - Subscription not updating after checkout:
- Fix stale closure in SubscriptionContext checkout polling (use subscriptionRef)
- Move checkout success polling from InitialRouteHandler into SubscriptionContext
- Remove redundant polling code from InitialRouteHandler
- Fix plan label: 'Free' instead of 'No Plan', proper capitalization
- Add plan refresh button in UserBadge
- Add 'View Costing Details' to UserBadge dropdown
- Rename 'ALwrity Podcast Maker' to 'Podcast Creator' across UI
- Clean subscription=success URL param after verification

Blog Writer WYSIWYG Editor enhancements:
- Per-section preview toggle (view/edit icons)
- Enhanced hover-based toolbar
- Circular SVG progress stats bar with detailed tooltip
- Research tool chips in stats bar footer
- Per-section TTS with useTextToSpeech hook (browser native)
- Full blog preview modal with print/PDF support
- PlayAllTTSButton: sequential playback with progress bar
- OnThisPageNav: floating sidebar with scroll tracking
- Section data attributes for scroll anchoring

GSC Brainstorm Topics feature:
- Backend: gsc_brainstorm_service.py (rule-based + LLM recommendations)
- Backend: POST /gsc/brainstorm endpoint with 3-word minimum validation
- Frontend: gscBrainstorm.ts API client
- Frontend: useGSCBrainstormConnection hook (popup OAuth, no /onboarding redirect)
- Frontend: useGSCBrainstorm hook (connect check + brainstorm call)
- Frontend: GSCBrainstormModal (3-tab results: Opportunities, Gaps, AI Recs)
- Frontend: BrainstormButton (visible at 3+ words, GSC connect overlay)
- Wire BrainstormButton into ManualResearchForm and ResearchAction
- Add blog_writer to gsc_auth router features for ALWRITY_ENABLED_FEATURES
 2026-05-20 22:44:15 +05:30
ي
68190dedb3 Implement real Wix token-backed routes and error mapping 2026-05-20 22:42:16 +05:30
ي
9afd0d322d # Harden Wix test routes behind admin+env gating 2026-05-20 22:38:36 +05:30
ي
439a9b6be3 Secure WordPress OAuth token storage with encryption and migration 2026-05-20 22:35:05 +05:30
ي
11d83e6f86 Harden OAuth callback postMessage origin and payload encoding 2026-05-20 22:35:05 +05:30
ي
882a62fa98 Unify workspace creation and add minimal-mode contract tests 2026-05-18 14:35:58 +05:30
ي
e8c190188f Unify workspace root resolution across services 2026-05-18 14:35:37 +05:30