Updates HANDOFF.md, CURRENT_TASK.md, SESSION_LOG.md to reflect this
session's work: PR #164 ready for review (5 commits closing the last
self-serve cutover code blockers), Phase O manual-ops sequence as the
resume point, and the apex-DNS / Edge-HSTS issues open on the user's
side.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Two fixes that surfaced together:
1. LandingPage.tsx had `—` in a JSX attribute string — JSX attribute
strings don't process JS escape sequences, so the literal six-character
"—" was rendering in the browser tab title and OG description
instead of the intended em dash. Replaced with the literal em dash
character. Same pattern was previously valid because every other use
of `\u...` in the codebase is inside a JS string (regular `'...'`
string literal in TS, or `{...}` expression in JSX), where escapes
resolve at compile time. Verified by grep — LandingPage was the only
site with the bug.
2. PageMeta default fallback tagline was "Decision Tree Platform" — a
stale tagline from before the FlowPilot pivot. Updated to the current
"AI-Powered Troubleshooting for MSPs" (matches index.html and brand
positioning). Default branch is rarely hit since every page passes
a title, but cleaner.
While building, hit TS errors that revealed the prior taxonomy commit
(team -> enterprise + add starter) didn't propagate through the frontend.
Cleared all of them:
- types/account.ts, types/admin.ts: Subscription.plan, AdminAccountCreate.plan,
InviteCodeCreateRequest.assigned_plan literals updated to the new tax.
- types/billing.ts: dropped 'team' from CheckoutPlan (was hybrid old+new).
- admin/AccountsPage.tsx, admin/InviteCodesPage.tsx: state-type literals,
select onChange casts, and the visible <option> rows updated. PLAN_OPTIONS
in InviteCodesPage now has all four tiers with correct labels.
- AccountSettingsPage.tsx: `plan !== 'team'` -> `'enterprise'`, CheckoutButton
prop value too.
- subscription/CheckoutButton.tsx: prop type was 'pro' | 'team', updated
to 'starter' | 'pro' | 'enterprise' with matching planLabels.
Verified: tsc -b clean, lint clean.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Pulls the public docs forward to match the current state of the repo. No
behavior changes — every edit is informational.
- CURRENT-STATE.md: bump date to 2026-05-07; add entries for PR #159 (Diátaxis
User Guides), #160 (sidebar IA + account redesign), #161 (self-serve Phase 1
backend), #162 (Phase 2 frontend cutover), #163 (seed users email-verified),
#164 (open: taxonomy + INTERNAL_TESTER_EMAILS allowlist). Refresh "What's
In Progress" and "What's Next" to reflect Phase O cutover as the active work.
- 03-DEVELOPMENT-ROADMAP.md: add a "Status as of 2026-05-07" preamble at the
top so the months-stale historical content underneath is clearly framed as
historical record. Replace stale "In Progress" rows (PR #114, ConnectWise
Advanced) with current ones (#164 cutover, external Director-of-Onboarding
validation calls). Add Phase O cutover checklist as the new near-term
priority section. Mark search-and-recall complete (shipped via Voyage AI
embeddings).
- README.md: replace `docker start patherly_postgres` (legacy container name)
with `docker compose -f docker-compose.dev.yml up -d`. Repath project tree
from `patherly/` to `resolutionflow/` and add `.ai/` + `scripts/` directories.
Replace `UI-DESIGN-SYSTEM.md` (superseded) with `DESIGN-SYSTEM.md` in the
documentation table; add `AGENTS.md`, `PROJECT_CONTEXT.md`, `PRODUCT.md`.
- DECISIONS.md: append entries for the two architectural decisions made today
— plan taxonomy reconciliation (rename team→enterprise, add starter) and
the INTERNAL_TESTER_EMAILS allowlist for self-serve soft cutover.
- .env.example: add INTERNAL_TESTER_EMAILS line (user edit, paired with the
backend allowlist that landed in the prior commit).
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Phase O Task 46 needs internal validation of the full self-serve flow
against the prod backend before flipping SELF_SERVE_ENABLED public. This
adds the per-email allowlist that bypasses the global flag for specific
authenticated users.
- INTERNAL_TESTER_EMAILS: comma-separated list, parsed by a Pydantic
field_validator into a normalized lowercase list. Settings.is_internal_tester
and Settings.is_self_serve_active_for centralize the allowlist + global-flag
check; both endpoints below call the latter.
- New get_current_user_optional dep — best-effort auth that returns None
on missing/invalid token instead of 401. Used by /config/public so the
same endpoint serves anonymous public callers and authenticated allowlist
members.
- /config/public now accepts optional auth and returns self_serve_enabled=True
for authenticated allowlist members even when the global flag is off.
Anonymous callers always see the global flag.
- /auth/register replaces the SELF_SERVE_ENABLED check with the helper so a
registering email on the allowlist can join without an invite code.
Non-allowlist emails still 400 when self-serve is off.
- docker-compose.dev.yml passes SELF_SERVE_ENABLED + INTERNAL_TESTER_EMAILS
through; backend/.env.example documents both.
Tests cover: allowlisted authenticated user sees true, non-allowlisted
authenticated user sees the global flag, anonymous calls ignore the
allowlist, allowlisted email registers without invite code, non-allowlisted
email still blocked.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
The backend container had no Stripe env vars wired through compose, so
sync_stripe_plan_ids.py and any in-app Stripe calls would short-circuit
even when sk_test_ was set in the repo .env. Adds STRIPE_SECRET_KEY,
STRIPE_PUBLISHABLE_KEY, STRIPE_WEBHOOK_SECRET pass-throughs.
Also flips REQUIRE_INVITE_CODE to false in the dev compose (matches the
working state on this machine — Phase 2 self-serve has been gating that
behavior on SELF_SERVE_ENABLED + the upcoming INTERNAL_TESTER_EMAILS
allowlist anyway).
Adds a repo-root .env.example documenting the variables compose itself
reads (REPO_ROOT, POSTGRES_PORT, secrets) — separate from
backend/.env.example which documents the backend service env.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
The marketing surface (PricingPage, Stripe products) was wired for
"Starter / Pro / Enterprise" while the backend was on "free / pro / team",
leaving plan_billing unseeded and BillingPlan accepting a literal that
violated the FK to plan_limits.
This change:
- Migration 4ce3e594cb87: defensive UPDATE of any subscriptions on
plan='team' to 'enterprise' (dev has zero), renames the plan_limits
row team -> enterprise, inserts a starter row with caps interpolated
between free and pro (max_trees=10, sessions=75, ai=15/mo).
- Renames the plan tier across schemas (invite_code, billing, admin,
subscription comment), is_paid/has_pro_entitlement checks in the
Subscription model, admin/admin_dashboard plan validators, and the
frontend useSubscription isPaidPlan check. Resource visibility uses
the same string 'team' in a separate domain (Tree/StepLibrary
visibility) and is intentionally untouched.
- New backend/scripts/sync_stripe_plan_ids.py: idempotent upsert of
plan_billing rows from Stripe products by exact name match. Picks
the active monthly recurring price for tiers that have one; leaves
annual fields NULL by design. Works against test or live keys.
- Test fixture updates: conftest seeds the new taxonomy, the public
plans helper is a true upsert so tests can override max_users, and
team -> enterprise across test_admin_plan_limits and test_invite_plan.
Verified: 86/86 passing across the subscription/billing/plan/invite/
admin sweep; sync script run against test mode populates plan_billing
correctly for all three tiers.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
The kb_setup fixture asserts free-plan quota numbers (lifetime_conversions_limit=3),
but Phase 1 conftest seeds test_user on Pro. Downgrade explicitly inside kb_setup
to preserve the original test intent without affecting other suites.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Mounts on Pro routers (trees, sessions, scripts, FlowPilot, etc.) and
returns 402 with structured detail when an account's subscription is
missing or locked. Allowlist bypasses billing/account/auth flows so
users can recover from a lapsed subscription.
Conftest now seeds a default Pro/active Subscription on test_user and
test_admin (delete-then-insert because the register endpoint already
creates a free/active sub by default). Two existing tests adapted to
the new seeded plan; tenant-isolation tests seed Subscription rows for
the accounts they create directly.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Adds docs/superpowers/specs/2026-05-05-self-serve-signup-onboarding-design.md.
Six-section design for opening ResolutionFlow to public self-serve registration
with a 14-day reverse trial on Pro, Stripe-backed billing, sales-assist
Enterprise lane, and a hybrid welcome wizard + dashboard onboarding.
Reuses existing infrastructure (subscriptions, plan_limits, feature_flags,
plan_feature_defaults, account_feature_overrides, account_invites,
email_verification_tokens, /admin/plan-limits, /admin/feature-flags,
/accounts/me/transfer-ownership, /webhooks/stripe stub). New schema is
intentionally small: oauth_identities, plan_billing (sibling to plan_limits),
sales_leads, stripe_events, plus column additions for OAuth identity model
nullability, wizard step state, and pilot-account complimentary status.
Replaces deps.py:109 trial auto-downgrade with a non-mutating computed
expiry check enforced by a new require_active_subscription dep. Adds a
sibling require_verified_email_after_grace dep to enforce the 7-day email
verification grace at the API layer (frontend wall is UX over the same rule).
Defers promo codes from v1. No new combined /admin/plans surface — existing
admin endpoints handle plan/feature configuration with extended response
shape.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
8612042 dropped the static "Account Management" heading in favor of the
account name (rendered as a dynamic h1). Switch the smoke test to the
"Settings" SectionLabel — a stable h2 that survives the redesign.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
The /subscription endpoint returns usage as {tree_count, session_count_this_month}
without user_count, so the Seats UsageRow rendered as " / ∞" (blank current value).
The TS type declared user_count: number, hiding this API/type drift; the old
card-stack design hid it visually because each stat had its own border. The new
flat layout surfaced the gap.
Owners get a fallback to members.length (already fetched). Non-owners can't
fetch members and don't need seat-count info, so the row hides entirely for
them. Verified live: owner now sees Seats 2 / ∞.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
The index page had ~12 distinct card surfaces with three places of
nested cards-inside-cards, against PRODUCT.md's "elevation = lighter
surface + border" + "nested cards are always wrong" rules. Branding
appeared twice, Display Code lived in Identity but does invite work,
and Preferences got a full card for one dropdown.
Single column, max-w-3xl, no card chrome. Sections separated by
border-t rules + mono-uppercase section labels (existing house style):
- Header: inline-editable name + plan/status/owner/member-count info
line. No card.
- Plan & usage: renewal date right-aligned in section header, three
thin progress rows replace the 4-card usage stat grid, upgrade
CTAs right-aligned at bottom.
- People (owner-only): invite form, unified members + pending invites
list, display code as a quiet "share to invite during signup" line.
Non-owners see a one-line "managed by your admin" instead of a card.
- Settings: dense route list (icon + title + summary + status pill +
chevron). Profile above a thin divider; team-admin rows below,
owner-gated. Branding row carries the Included/Plan-gated pill.
Support & Feedback as a dim link at the bottom.
- Account actions: plain rows. Owner: Transfer + Delete. Non-owner:
Leave. Destructive labels colored, no red box-of-doom.
Drops: Access & Security card (filler), Preferences card,
Settings Areas link grid, billing-card branding-status duplicate,
SettingsLinkCard helper. Default export format moves to Profile
Settings where it belongs (personal preference, not account).
856 -> 710 lines on the index. tsc, eslint, vite build clean.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
- Sidebar: kill the drifting railGroups + sections dual definition.
Single source of truth (workItems / libraryItems / footerItems)
rendered in both pinned and rail modes; pin/unpin is a width and
label affordance, not an IA switch. Hairline divider replaces
section labels. Guides moves to the footer alongside Account.
Renames: Home -> Dashboard, History -> Sessions, Insights -> Analytics.
- CURRENT-STATE.md: log PR #158 (session impeccable pass + tasklane
keyboard flow) under "Recently shipped".
- PRODUCT.md: design-context source of truth (users, brand, aesthetic);
sibling to DESIGN-SYSTEM.md.
- skills-lock.json: lock /impeccable + /documentation-writer skill
versions so other sessions reproduce the same tooling state.
- Drop stale .impeccable.md.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Update HANDOFF.md, CURRENT_TASK.md, and SESSION_LOG.md to reflect
that PR #159 is being merged into main, replacing the in-flight
"uncommitted" language with the merged-state rollup.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Replace 15 feature-dump guides with 43 problem-oriented how-tos grouped
under 10 categories. Drop Maintenance Flows / AI Assistant / Flow Assist
Sparkles — those surfaces no longer exist post-FlowPilot pivot. Rename
Step Library → Solutions Library throughout. Correct every "click X in
the sidebar" reference to match live labels (Home, History, Tickets,
Flows, Scripts, Data, Acct).
Schema: add `category: CategoryId` and optional `relatedSlugs` to Guide;
new Category type and `categories` const drive hub ordering. GuidesHubPage
renders category sections (auto-hides empty); GuideDetailPage renders a
related-guides footer when set; GuideCard drops the misleading "N sections"
subtitle.
Fix step.tip markdown rendering — `**bold**` rendered literally because
tip used plain text instead of the same regex replacement used on
instruction.
14 net-new how-tos for FlowPilot-era surfaces with no prior coverage:
tasklane keyboard flow, view-what-we-know, ask-AI mid-session,
pause-and-leave, resolve, record-fix-outcome, escalate (Escalation
Mode), post-docs-to-ticket, send-client-update, build-script-from-scratch,
open-suggested-flow, pin-a-flow, invite-teammate.
Browser-verified against engineer + owner test users (sidebar labels,
account sub-pages, pilot-screen header buttons, Tasks panel, integration
form). tsc clean.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Two small ergonomic fixes after the impeccable pass:
- TaskLane keyboard hints (⏎ submit · ⇧⏎ newline) under each open input
were rendered at text-muted-foreground/70, just shy of legible at a
glance. Drop the /70 opacity modifier so they read at full muted weight
on first look without becoming visually loud.
- 12 sites across the session screen had explicit font-sans utilities,
but the body default is already IBM Plex Sans (via --font-sans in
index.css and Tailwind v4's default-sans binding). None of the call
sites sit inside a font-heading or font-mono cascade, so every
font-sans there was a no-op. Drop them. ConcludeSessionModal also had
three "text-xs font-sans text-xs" triplets — drop both the redundant
font-sans and the doubled text-xs in one pass.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Two backlog entries surfaced while polishing the session screen:
- ConcludeSessionModal paused/escalated step forces a single-artifact
choice (Ticket Notes / Client Update / Email Draft). Real escalations
often need at least two of the three. Recommended shape: multi-select
with smart pre-checks per outcome, parallel generation, per-result
Copy / Post / Send actions. Feature work, deferred.
- bg-card-hover Tailwind class doesn't resolve in CommandPalette. The
--color-bg-card-hover token generates bg-bg-card-hover (Tailwind v4
takes the full token name minus --color-). Other call sites use the
explicit hover:bg-[var(--color-bg-card-hover)] form that works; the
CommandPalette classes silently produce nothing. Fix is two lines —
swap to the explicit form, or add a --color-card-hover semantic
mapping in index.css.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
ParameterizationPreview.tokenize() matched highlight values via raw
seg.text.startsWith(value, cursor) with no word-boundary check and no
minimum length. A param value like "D" (e.g. a drive letter) lit up every
capital D in the script body — Get-ADUser, Add-Type, Disable- all rendered
as proposed-parameter pills.
Add a word-boundary guard: a candidate match is only accepted if either
side of the match either falls at start/end of the segment, OR the
adjacent character is non-alphanumeric. The guard is conditional on
whether the value itself starts/ends with a word char, so values that
begin or end in punctuation (e.g. "D:\\Folder") still match cleanly when
they sit next to whitespace or punctuation.
Surfaced 2026-05-01 while testing the suggested-fix flow with a real
PowerShell script.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Multi-step UX refactor of the assistant chat session screen, run via the
$impeccable skill. Heuristic score moved 24/40 → 33/40 (+9), with the biggest
gains on Aesthetic & Minimalist (1→3), Consistency & Standards (1→3), and
Recognition Rather Than Recall (2→4).
Distill — chat region:
- Remove the "Suggested checks" chip strip + selected-chip detail card; the
TaskLane is the single canonical home for "what to do next"
- Add an inline Next steps · N pending cue above the latest action-bearing
AI bubble (anchors attention without duplicating the lane's items)
- Link banner ↔ script-panel lifecycle: collapsing or dismissing the
ProposalBanner now also hides the InlineNoTemplateDialog / TemplateMatchPanel
- Drop backdrop-blur on the handoff-context overlay (DESIGN-SYSTEM hard rule)
Quieter — drop decoration overshoot:
- Remove 3px side stripes on TaskLane done cards, all 6 ProposalBanner modes,
WhatWeKnowItem fact rows
- Drop bg-gradient surfaces on WhatWeKnow + every ProposalBanner mode
- Drop 2px accent borderTop on the TaskLane header
- Replace bordered avatar boxes in banners with inline state-colored icons
- Each surface now uses a single decoration channel (top border + inline icon)
Layout:
- Header consolidates to Resolve + Escalate + ⋯ kebab; Context, New Ticket,
Update Ticket, Pause now live behind the kebab on desktop, with feature
parity in the existing mobile overflow menu
- Messages column anchors to max-w-3xl mx-auto to match the composer
- Chat bubbles drop from rounded-2xl to rounded-xl for vocabulary alignment
Typeset:
- Unify text sizing from 14 distinct sizes (with sub-pixel oddities and
rem/px duplicates) to a 5-step scale: 10px / 11px / text-xs / 13px / text-sm
WhatWeKnow collapsible:
- Header is now a toggle; section body hides when collapsed
- Auto-collapses on first render when facts ≥ 5 so Questions / Diagnostic
Checks stay above the fold
- Engineer's choice persists in sessionStorage per session and beats the
auto-collapse heuristic on subsequent renders
- key=activeChatId on both render sites resets state cleanly across sessions
Polish:
- Split MessageCircleQuestion into Pencil (question Answer CTA, write
affordance) + HelpCircle (per-check Explain toggle, universal help icon) —
same icon for two different jobs was a discoverability bug
- Drop redundant text-xs from font-sans text-[0.625rem] / text-[0.6875rem]
double-class definitions; the more-specific size always wins
TaskLane keyboard flow:
- Enter submits and auto-advances to the next pending task; Shift+Enter
inserts a newline (consistent across question and action textareas — paste
events don't fire keydown, so paste-then-Enter still works as expected)
- Esc cancels (same as the Cancel button)
- After the last pending task is submitted, focus moves to the Send Responses
button so the engineer can fire the whole batch with one more keystroke
- Subtle hint row under each open input teaches the shortcut
Type-check, lint, and build all clean.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
