diff --git a/AGENTS.md b/AGENTS.md index 43f9d3d..26843a2 100644 --- a/AGENTS.md +++ b/AGENTS.md @@ -101,36 +101,26 @@ Operator-specific memories at `~/.claude/projects/-Users-macpro-Projects-keysat/ - Split `audit:read` out of the blanket `:read` scope into its own tier so a Read-only scoped key can read dashboards/licenses but NOT the full audit log (`api/api_keys.rs::Role::grants`). Deferred from the scoped-keys session. -- **Operator action (manual; needs the master admin key — a read-only key can't - write):** grant `unlimited_merchant_profiles` to the **Pro and Patron** tiers on - the live master. Confirmed 2026-06-16 against `licensing.keysat.xyz` that the slug - is absent from all three keysat policies (Creator/Pro/Patron), from the master's - own Patron self-license, and from the product `entitlements_catalog`. Steps: add - the slug to the keysat product `entitlements_catalog`, then to the Pro + Patron - policy entitlements (admin UI), then re-issue the master self-license so it takes - effect. ## Current state (2026-06-18) -- **Live / canonical: `0.2.0:59`** — universal s9pk at `files.keysat.xyz/keysat.s9pk` + GitHub `v0.2.0-59`; - live box `immense-voyage.local` on `:59` (verified serving the new admin SPA). Migrations through 0025; four - SDKs published; two public sites (keysat.xyz, docs.keysat.xyz) live. `keysat-registry-landing` local + refs - gone; the GitHub + Gitea remote repos still need operator deletion (gh needs `delete_repo` scope). +- **Live / canonical: `0.2.0:60`** — universal s9pk at `files.keysat.xyz/keysat.s9pk` (byte-verified) + GitHub + release `v0.2.0-60` + registry-registered; installed on the live box `immense-voyage.local` and serving + (master `licensing.keysat.xyz` returns 200 post-restart). Migrations through 0025; four SDKs published; two + public sites (keysat.xyz, docs.keysat.xyz) live. All repos synced to **both** GitHub + gitea. + `keysat-registry-landing` remotes deleted by the operator. -- **This session — adjudicated the parked P2/P3 backlog, then shipped the design blockers.** Adjudication - (committed to `keysat-root`): dropped the design structural + token-gap tiers and the Zaprite contact - dedup-cache; reframed the manual Zaprite webhook "sandbox pass" into a small automated routing test (DO, - ready plan in ROADMAP). Then fixed + released the 3 design-contract blockers: admin featured-toggle and - sidebar upgrade-CTA gold fills → navy/cream per the pill convention (daemon `:59`), and the landing buy - button pill-radius → 8px (keysat.xyz redeployed). All verified live. - -- **Top remaining payments item (surfaced by the adjudication, not yet fixed):** `try_auto_charge_zaprite` - returns `Ok(true)` on any HTTP 2xx, so a Zaprite 200 carrying a FAILED/DECLINED/EXPIRED status silently - lapses the subscription. Safe fail-safe fix needs no prod data; highest-priority payments item in ROADMAP. - -- **Next (priority):** 1) Fix the auto-charge silent-lapse bug. 2) Operator data action (master key): grant - `unlimited_merchant_profiles` to Pro/Patron on live master (Open TODOs). 3) The multi-profile webhook - routing test (ROADMAP). 4) Delete registry-landing GitHub + Gitea remotes. - -- **Tests/build:** daemon `:59` is a CSS-only admin-SPA change (no Rust/schema/SDK touched); `cargo check` + - `npm run check` clean, last full suite green (through migration 0025). Debt (P2/P3) in ROADMAP. +- **Shipped `:60` — Zaprite auto-charge silent-lapse fix.** `try_auto_charge_zaprite` suppresses manual-pay + only for a settled status (`PAID`/`COMPLETE`/`OVERPAID`, via the new `zaprite_charge_settled` helper + unit + test); any other/unknown status falls through to the manual-pay pay link. Allowlist by design. No schema/SDK change. +- **Decided — Keysat sends no buyer email.** Buyer email + the per-profile SMTP send path are dropped + (`plans/keysat-smtp-emails.md` superseded; dormant `merchant_profiles.smtp_*` flagged in code). The surviving + kernel, operator failure alerts, is reframed onto StartOS notifications/health (ROADMAP "Operability & alerts"). +- **Docs reconciled:** false "Keysat emails the license" claim removed from docs.keysat.xyz; `HOW_IT_WORKS.md` + corrected (subscriptions + merchant profiles shipped, no email); new design-checker-clean Merchant profiles + docs section. `unlimited_merchant_profiles` confirmed live on Pro + Patron policies (Creator excluded). +- **Next (priority):** 1) automated multi-profile webhook routing test (ROADMAP, Effort S). 2) split `audit:read` + from the blanket `:read` scope. 3) operator-alerts-via-StartOS (verify the start-sdk 1.3.2 API first). + 4) registry-submission `prepare.sh` + on-box verification. +- **Tests/build:** `cargo check` + wrapper `tsc` clean; `zaprite_charge_settled` unit test green; full suite + through 0025 last green. Pre-existing docs.css radius drift (10px vs 12px `r-lg`, 3 spots) noted; not blocking.