Reconcile AGENTS.md after shipping 0.2.0:60
Current state -> :60 live (auto-charge fix, email/SMTP dropped, docs reconciled). Retire the done master-key grant + registry-landing items from Open TODOs/Current state.
This commit is contained in:
Keysat
@@ -101,36 +101,26 @@ Operator-specific memories at `~/.claude/projects/-Users-macpro-Projects-keysat/
|
||||
- Split `audit:read` out of the blanket `:read` scope into its own tier so a
|
||||
Read-only scoped key can read dashboards/licenses but NOT the full audit log
|
||||
(`api/api_keys.rs::Role::grants`). Deferred from the scoped-keys session.
|
||||
- **Operator action (manual; needs the master admin key — a read-only key can't
|
||||
write):** grant `unlimited_merchant_profiles` to the **Pro and Patron** tiers on
|
||||
the live master. Confirmed 2026-06-16 against `licensing.keysat.xyz` that the slug
|
||||
is absent from all three keysat policies (Creator/Pro/Patron), from the master's
|
||||
own Patron self-license, and from the product `entitlements_catalog`. Steps: add
|
||||
the slug to the keysat product `entitlements_catalog`, then to the Pro + Patron
|
||||
policy entitlements (admin UI), then re-issue the master self-license so it takes
|
||||
effect.
|
||||
|
||||
## Current state (2026-06-18)
|
||||
|
||||
- **Live / canonical: `0.2.0:59`** — universal s9pk at `files.keysat.xyz/keysat.s9pk` + GitHub `v0.2.0-59`;
|
||||
live box `immense-voyage.local` on `:59` (verified serving the new admin SPA). Migrations through 0025; four
|
||||
SDKs published; two public sites (keysat.xyz, docs.keysat.xyz) live. `keysat-registry-landing` local + refs
|
||||
gone; the GitHub + Gitea remote repos still need operator deletion (gh needs `delete_repo` scope).
|
||||
- **Live / canonical: `0.2.0:60`** — universal s9pk at `files.keysat.xyz/keysat.s9pk` (byte-verified) + GitHub
|
||||
release `v0.2.0-60` + registry-registered; installed on the live box `immense-voyage.local` and serving
|
||||
(master `licensing.keysat.xyz` returns 200 post-restart). Migrations through 0025; four SDKs published; two
|
||||
public sites (keysat.xyz, docs.keysat.xyz) live. All repos synced to **both** GitHub + gitea.
|
||||
`keysat-registry-landing` remotes deleted by the operator.
|
||||
|
||||
- **This session — adjudicated the parked P2/P3 backlog, then shipped the design blockers.** Adjudication
|
||||
(committed to `keysat-root`): dropped the design structural + token-gap tiers and the Zaprite contact
|
||||
dedup-cache; reframed the manual Zaprite webhook "sandbox pass" into a small automated routing test (DO,
|
||||
ready plan in ROADMAP). Then fixed + released the 3 design-contract blockers: admin featured-toggle and
|
||||
sidebar upgrade-CTA gold fills → navy/cream per the pill convention (daemon `:59`), and the landing buy
|
||||
button pill-radius → 8px (keysat.xyz redeployed). All verified live.
|
||||
|
||||
- **Top remaining payments item (surfaced by the adjudication, not yet fixed):** `try_auto_charge_zaprite`
|
||||
returns `Ok(true)` on any HTTP 2xx, so a Zaprite 200 carrying a FAILED/DECLINED/EXPIRED status silently
|
||||
lapses the subscription. Safe fail-safe fix needs no prod data; highest-priority payments item in ROADMAP.
|
||||
|
||||
- **Next (priority):** 1) Fix the auto-charge silent-lapse bug. 2) Operator data action (master key): grant
|
||||
`unlimited_merchant_profiles` to Pro/Patron on live master (Open TODOs). 3) The multi-profile webhook
|
||||
routing test (ROADMAP). 4) Delete registry-landing GitHub + Gitea remotes.
|
||||
|
||||
- **Tests/build:** daemon `:59` is a CSS-only admin-SPA change (no Rust/schema/SDK touched); `cargo check` +
|
||||
`npm run check` clean, last full suite green (through migration 0025). Debt (P2/P3) in ROADMAP.
|
||||
- **Shipped `:60` — Zaprite auto-charge silent-lapse fix.** `try_auto_charge_zaprite` suppresses manual-pay
|
||||
only for a settled status (`PAID`/`COMPLETE`/`OVERPAID`, via the new `zaprite_charge_settled` helper + unit
|
||||
test); any other/unknown status falls through to the manual-pay pay link. Allowlist by design. No schema/SDK change.
|
||||
- **Decided — Keysat sends no buyer email.** Buyer email + the per-profile SMTP send path are dropped
|
||||
(`plans/keysat-smtp-emails.md` superseded; dormant `merchant_profiles.smtp_*` flagged in code). The surviving
|
||||
kernel, operator failure alerts, is reframed onto StartOS notifications/health (ROADMAP "Operability & alerts").
|
||||
- **Docs reconciled:** false "Keysat emails the license" claim removed from docs.keysat.xyz; `HOW_IT_WORKS.md`
|
||||
corrected (subscriptions + merchant profiles shipped, no email); new design-checker-clean Merchant profiles
|
||||
docs section. `unlimited_merchant_profiles` confirmed live on Pro + Patron policies (Creator excluded).
|
||||
- **Next (priority):** 1) automated multi-profile webhook routing test (ROADMAP, Effort S). 2) split `audit:read`
|
||||
from the blanket `:read` scope. 3) operator-alerts-via-StartOS (verify the start-sdk 1.3.2 API first).
|
||||
4) registry-submission `prepare.sh` + on-box verification.
|
||||
- **Tests/build:** `cargo check` + wrapper `tsc` clean; `zaprite_charge_settled` unit test green; full suite
|
||||
through 0025 last green. Pre-existing docs.css radius drift (10px vs 12px `r-lg`, 3 spots) noted; not blocking.
|
||||
|
||||
Reference in New Issue
Block a user