farhoodlabs/paperclip
8
0
Fork 2
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
e89d3f7e11fc1e85a04c912d03996886ba3a85dc
paperclip/server/src/middleware/http-log-policy.ts
T
Dotta e89d3f7e11 [codex] Add backup endpoint and dev runtime hardening (#4087) 
## Thinking Path

> - Paperclip is a local-first control plane for AI-agent companies.
> - Operators need predictable local dev behavior, recoverable instance
data, and scripts that do not churn the running app.
> - Several accumulated changes improve backup streaming, dev-server
health, static UI caching/logging, diagnostic-file ignores, and instance
isolation.
> - These are operational improvements that can land independently from
product UI work.
> - This pull request groups the dev-infra and backup changes from the
split branch into one standalone branch.
> - The benefit is safer local operation, easier manual backups, less
noisy dev output, and less cross-instance auth leakage.

## What Changed

- Added a manual instance database backup endpoint and route tests.
- Streamed backup/restore handling to avoid materializing large payloads
at once.
- Reduced dev static UI log/cache churn and ignored Node diagnostic
report captures.
- Added guarded dev auto-restart health polling coverage.
- Preserved worktree config during provisioning and scoped auth cookies
by instance.
- Added a Discord daily digest helper script and environment
documentation.
- Hardened adapter-route and startup feedback export tests around the
changed infrastructure.

## Verification

- `pnpm install --frozen-lockfile`
- `pnpm exec vitest run packages/db/src/backup-lib.test.ts
server/src/__tests__/instance-database-backups-routes.test.ts
server/src/__tests__/server-startup-feedback-export.test.ts
server/src/__tests__/adapter-routes.test.ts
server/src/__tests__/dev-runner-paths.test.ts
server/src/__tests__/health-dev-server-token.test.ts
server/src/__tests__/http-log-policy.test.ts
server/src/__tests__/vite-html-renderer.test.ts
server/src/__tests__/workspace-runtime.test.ts
server/src/__tests__/better-auth.test.ts`
- Split integration check: merged after the runtime/governance branch
and before UI branches with no merge conflicts.
- Confirmed this branch does not include `pnpm-lock.yaml`.

## Risks

- Medium risk: touches server startup, backup streaming, auth cookie
naming, dev health checks, and worktree provisioning.
- Backup endpoint behavior depends on existing board/admin access
controls and database backup helpers.
- No database migrations are included.

> For core feature work, check [`ROADMAP.md`](ROADMAP.md) first and
discuss it in `#dev` before opening the PR. Feature PRs that overlap
with planned core work may need to be redirected — check the roadmap
first. See `CONTRIBUTING.md`.

## Model Used

- OpenAI Codex, GPT-5.4 tool-enabled coding model, agentic
code-editing/runtime with local shell and GitHub CLI access; exact
context window and reasoning mode are not exposed by the Paperclip
harness.

## Checklist

- [x] I have included a thinking path that traces from project context
to this change
- [x] I have specified the model used (with version and capability
details)
- [x] I have checked ROADMAP.md and confirmed this PR does not duplicate
planned core work
- [x] I have run tests locally and they pass
- [x] I have added or updated tests where applicable
- [x] If this change affects the UI, I have included before/after
screenshots
- [x] I have updated relevant documentation to reflect my changes
- [x] I have considered and documented any risks above
- [x] I will address all Greptile and reviewer comments before
requesting merge

---------

Co-authored-by: Paperclip <noreply@paperclip.ing>
2026-04-20 06:08:55 -05:00

51 lines
1.6 KiB
TypeScript
Raw Blame History

const SILENCED_SUCCESS_METHODS = new Set(["GET", "HEAD"]);
const SILENCED_SUCCESS_API_PATHS = [
/^\/api\/health(?:\/|$)/,
/^\/api\/companies\/[^/]+\/activity(?:\/|$)/,
/^\/api\/companies\/[^/]+\/dashboard(?:\/|$)/,
/^\/api\/companies\/[^/]+\/heartbeat-runs(?:\/|$)/,
/^\/api\/companies\/[^/]+\/issues(?:\/|$)/,
/^\/api\/companies\/[^/]+\/live-runs(?:\/|$)/,
/^\/api\/companies\/[^/]+\/sidebar-badges(?:\/|$)/,
/^\/api\/heartbeat-runs\/[^/]+\/log(?:\/|$)/,
];
const SILENCED_SUCCESS_STATIC_PREFIXES = [
"/@fs/",
"/@id/",
"/@react-refresh",
"/@vite/",
"/_plugins/",
"/assets/",
"/node_modules/",
"/src/",
];
const SILENCED_SUCCESS_STATIC_PATHS = new Set([
"/",
"/index.html",
"/favicon.ico",
"/site.webmanifest",
"/sw.js",
]);
function normalizePath(url: string): string {
const trimmed = url.trim();
if (trimmed.length === 0) return "/";
const pathname = trimmed.split("?")[0]?.trim() ?? "/";
return pathname.length > 0 ? pathname : "/";
}
export function shouldSilenceHttpSuccessLog(method: string | undefined, url: string | undefined, statusCode: number): boolean {
if (statusCode >= 400) return false;
if (statusCode === 304) return true;
if (!method || !url) return false;
if (!SILENCED_SUCCESS_METHODS.has(method.toUpperCase())) return false;
const pathname = normalizePath(url);
if (SILENCED_SUCCESS_STATIC_PATHS.has(pathname)) return true;
if (SILENCED_SUCCESS_STATIC_PREFIXES.some((prefix) => pathname.startsWith(prefix))) return true;
return SILENCED_SUCCESS_API_PATHS.some((pattern) => pattern.test(pathname));
}
Reference in New Issue View Git Blame Copy Permalink