Devel

.devcontainer/devcontainer.json

@@ -3,7 +3,7 @@
   "dockerComposeFile": "../docker-compose.yml",
   "service": "app",
   "workspaceFolder": "/workspace",
-  
+
   "customizations": {
     "vscode": {
       "extensions": [
@@ -28,7 +28,7 @@
       }
     }
   },
-  
+
   "forwardPorts": [3000, 5173],
   "portsAttributes": {
     "3000": {
@@ -40,11 +40,11 @@
       "onAutoForward": "notify"
     }
   },
-  
+
   "postCreateCommand": "npm install && cd backend && npm install && cd ../frontend && npm install",
-  
+
   "remoteUser": "node",
-  
+
   "features": {
     "ghcr.io/devcontainers/features/git:1": {},
     "ghcr.io/devcontainers/features/github-cli:1": {}

.dockerignore

@@ -59,4 +59,4 @@ temp/
 *.sqlite3
 
 # Bolt project files (will be mounted as volume)
-test-bolt-project/
+bolt-project/

.env.example

@@ -3,6 +3,7 @@
 
 # Application Configuration
 PORT=3000
+HOST=localhost
 NODE_ENV=production
 
 # Bolt Configuration
@@ -25,3 +26,9 @@ EXECUTION_TIMEOUT=300000
 # Logging Configuration
 # Options: error, warn, info, debug
 LOG_LEVEL=info
+
+# Package Installation Configuration
+# JSON array of available package installation tasks
+# Default: package (built-in) only
+# To add more tasks (e.g., custom modules), uncomment and customize:
+# PACKAGE_TASKS=[{"name":"package","label":"Package (built-in)","parameterMapping":{"packageName":"name","ensure":"action","version":"version"}},{"name":"mymodule::install","label":"Custom Installer","parameterMapping":{"packageName":"app","ensure":"ensure","version":"version","settings":"settings"}}]

.github/workflows/ci.yml

@@ -9,54 +9,53 @@ on:
 jobs:
   lint-and-test:
     runs-on: ubuntu-latest
-    
+
     strategy:
       matrix:
         node-version: [20.x]
-    
+
     steps:
       - name: Checkout code
         uses: actions/checkout@v4
-      
+
       - name: Setup Node.js ${{ matrix.node-version }}
         uses: actions/setup-node@v4
         with:
           node-version: ${{ matrix.node-version }}
-          cache: 'npm'
-
+
       - name: Install dependencies
         run: npm ci
-      
+
       - name: Run ESLint
         run: npm run lint
-      
+
       - name: Run TypeScript type check - Backend
         run: npx tsc --noEmit
         working-directory: ./backend
-      
+
       - name: Run TypeScript type check - Frontend
         run: npx tsc --noEmit
         working-directory: ./frontend
-      
+
       - name: Run unit tests
         run: npm test -- --silent
-      
+
       - name: Build backend
         run: npm run build:backend
-      
+
       - name: Build frontend
         run: npm run build:frontend
 
   docker-build-test:
     runs-on: ubuntu-latest
-    
+
     steps:
       - name: Checkout code
         uses: actions/checkout@v4
-      
+
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3
-      
+
       - name: Build Docker image (test)
         uses: docker/build-push-action@v5
         with:

.github/workflows/publish.yml

@@ -15,21 +15,21 @@ jobs:
     permissions:
       contents: read
       packages: write
-    
+
     steps:
       - name: Checkout code
         uses: actions/checkout@v4
-      
+
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3
-      
+
       - name: Log in to GitHub Container Registry
         uses: docker/login-action@v3
         with:
           registry: ${{ env.REGISTRY }}
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
-      
+
       - name: Extract metadata
         id: meta
         uses: docker/metadata-action@v5
@@ -39,9 +39,10 @@ jobs:
             type=semver,pattern={{version}}
             type=semver,pattern={{major}}.{{minor}}
             type=semver,pattern={{major}}
-            type=sha,prefix={{branch}}-
-      
+            type=sha
+
       - name: Build and push Docker image
+        id: build
         uses: docker/build-push-action@v5
         with:
           context: .
@@ -51,7 +52,7 @@ jobs:
           cache-from: type=gha
           cache-to: type=gha,mode=max
           platforms: linux/amd64,linux/arm64
-      
+
       - name: Generate artifact attestation
         uses: actions/attest-build-provenance@v1
         with:

.gitignore

@@ -37,7 +37,19 @@ Thumbs.db
 
 # Testing
 coverage/
+test-results/
+playwright-report/
+playwright/.cache/
 
 # Temporary files
 *.tmp
 *.temp
+
+# Bolt Project
+bolt-project/.modules/
+bolt-project/.plan_cache.json
+bolt-project/.rerun.json
+bolt-project/.task_cache.json
+bolt-project/.resource_types/
+bolt-project/bolt-debug.log
+bolt-project/data/

.kiro/hooks/accessibility-audit.kiro.hook

@@ -15,4 +15,4 @@
     "type": "askAgent",
     "prompt": "A UI component file has been modified. Please audit it for accessibility issues following React and web accessibility best practices:\n1. Check for proper ARIA labels and roles\n2. Ensure all interactive elements are keyboard accessible\n3. Verify proper heading hierarchy (h1, h2, h3, etc.)\n4. Check color contrast ratios\n5. Ensure images have alt text\n6. Verify form labels are properly associated\n7. Check for semantic HTML usage\n8. Suggest improvements for screen reader compatibility\n9. Follow React accessibility patterns and hooks usage\n10. Ensure components are properly tested for accessibility"
   }
-}
+}

.kiro/hooks/api-schema-validation.kiro.hook

@@ -18,4 +18,4 @@
     "type": "askAgent",
     "prompt": "An API schema file has been modified. Please:\n1. Validate the schema syntax (OpenAPI/Swagger or GraphQL)\n2. Generate TypeScript types from the schema\n3. Update any existing API client code to match schema changes\n4. Check for breaking changes and document them\n5. Validate that examples in the schema are correct\n6. Update API documentation if needed\n7. Run any schema-based tests to ensure compatibility\n8. Follow TypeScript best practices for generated types\n9. Ensure proper error handling for API responses\n10. Document API endpoints and data structures\n11. Include relevant documentation links in code comments"
   }
-}
+}

.kiro/hooks/auto-test-on-save.kiro.hook

@@ -16,4 +16,4 @@
     "type": "askAgent",
     "prompt": "A code file has been saved. Run the appropriate tests for this file and report any failures. IMPORTANT: Use minimal verbosity to prevent session timeouts - add --silent, --quiet, or similar flags. If this is a test file, run it directly with filtering (--grep, --testNamePattern). If this is a source file, find and run related tests. Use commands like: npm test -- --silent, yarn test --silent, npx jest --silent --testNamePattern='specific', or pytest -q -k 'test_name'."
   }
-}
+}

.kiro/hooks/cdk-synth-on-change.kiro.hook

@@ -17,4 +17,4 @@
     "type": "askAgent",
     "prompt": "CDK code has been modified. Please:\n1. Run 'cdk synth' to validate the CDK code\n2. Check for any synthesis errors or warnings\n3. Validate that the generated CloudFormation templates are correct\n4. Run CDK diff if there's an existing deployment to show what would change\n5. Check for any security issues in the generated templates\n6. Ensure all constructs follow the established CDK patterns and best practices\n7. Verify proper resource naming and tagging conventions\n8. Check that all resources are properly configured for the target environment"
   }
-}
+}

.kiro/hooks/code-coverage-check.kiro.hook

@@ -11,4 +11,4 @@
     "type": "askAgent",
     "prompt": "Run tests with code coverage analysis following testing best practices. Please:\n1. Run the test suite with coverage reporting enabled using minimal verbosity (--silent, --quiet flags)\n2. Generate a coverage report showing which lines/functions are not covered\n3. Identify files with low coverage (< 80%)\n4. Suggest specific areas that need more tests\n5. Check for any dead code that can be removed\n6. Report overall coverage statistics\n7. Suggest improvements to increase coverage\n8. Use commands like: npm test -- --coverage --silent, yarn test --coverage --silent, or pytest --cov --tb=short -q\n9. Focus on testing behavior, not implementation\n10. Ensure tests are descriptive and well-organized"
   }
-}
+}

.kiro/hooks/dependency-update-check.kiro.hook

@@ -11,4 +11,4 @@
     "type": "askAgent",
     "prompt": "Check for outdated dependencies and suggest updates following dependency management best practices. Please:\n1. Run dependency check commands (npm outdated, pip list --outdated, etc.)\n2. Identify packages that have newer versions available\n3. Categorize updates by severity (major, minor, patch)\n4. Check for security vulnerabilities in current versions\n5. Suggest which updates are safe to apply immediately\n6. Warn about potentially breaking changes in major updates\n7. Provide commands to update specific packages\n8. Use latest stable versions of all libraries and dependencies\n9. Leverage Context7 MCP server to verify compatibility before adding dependencies\n10. Justify each new dependency with clear business or technical value"
   }
-}
+}

.kiro/hooks/env-file-validation.kiro.hook

@@ -15,4 +15,4 @@
     "type": "askAgent",
     "prompt": "An environment file has been modified. Please:\n1. Check that no secrets or sensitive data are included (follow security best practices)\n2. Validate the format of environment variables\n3. Compare with .env.example to ensure all required variables are present\n4. Check that the corresponding .env file is in .gitignore\n5. Verify that environment variables are properly used in the code\n6. Suggest creating .env.example if it doesn't exist\n7. Check for any unused environment variables\n8. Ensure proper naming conventions (UPPER_SNAKE_CASE)\n9. Validate that sensitive data uses proper encryption or external secret management"
   }
-}
+}

.kiro/hooks/lint-and-format-on-save.kiro.hook

@@ -18,4 +18,4 @@
     "type": "askAgent",
     "prompt": "A code file has been saved. Please:\n1. Run the appropriate linter (ESLint for JS/TS, flake8/pylint for Python)\n2. Run the appropriate formatter (Prettier for JS/TS, Black for Python)\n3. Fix any auto-fixable issues\n4. Report any remaining issues that need manual attention\n\nUse the project's existing configuration files (.eslintrc, .prettierrc, pyproject.toml, etc.) and follow the established coding standards."
   }
-}
+}

.kiro/hooks/mcp-config-validation.kiro.hook

@@ -14,4 +14,4 @@
     "type": "askAgent",
     "prompt": "An MCP configuration file has been modified. Please:\n1. Validate the JSON syntax and structure\n2. Check that all required fields are present (command, args)\n3. Verify server names are unique and descriptive\n4. Review autoApprove settings for security implications\n5. Suggest testing the configured servers immediately\n6. Check for common configuration issues (missing uvx, incorrect paths)\n7. Recommend appropriate FASTMCP_LOG_LEVEL settings\n8. Verify that disabled servers are intentionally disabled\n9. Ensure version pinning follows MCP best practices (@latest or specific versions)\n10. Test servers immediately after configuration changes"
   }
-}
+}

.kiro/hooks/mcp-server-test.kiro.hook

@@ -10,4 +10,4 @@
     "type": "askAgent",
     "prompt": "Test all configured MCP servers and their functionality following MCP best practices. Please:\n1. Check which MCP servers are currently configured and enabled\n2. Test basic connectivity to each server\n3. List available tools from each server\n4. Run sample calls to verify tool functionality\n5. Check for any connection errors or timeouts\n6. Verify that auto-approved tools are working correctly\n7. Report any servers that are disabled and suggest re-enabling if appropriate\n8. Document any issues found and suggest fixes\n9. Test with various parameter combinations\n10. Don't inspect the configuration files unless there are specific issues - focus on testing the actual tool functionality"
   }
-}
+}

.kiro/hooks/performance-analysis.kiro.hook

@@ -11,4 +11,4 @@
     "type": "askAgent",
     "prompt": "Analyze the codebase for performance issues and optimization opportunities following development standards. Please:\n1. Look for common performance anti-patterns (N+1 queries, inefficient loops, etc.)\n2. Check for memory leaks or excessive memory usage\n3. Identify slow or blocking operations\n4. Suggest optimizations for database queries\n5. Look for opportunities to use caching\n6. Check bundle size and suggest ways to reduce it\n7. Identify unused code that can be removed\n8. Suggest performance monitoring tools if not already in use\n9. Follow language-specific performance best practices\n10. Keep functions small and focused on single responsibilities\n11. Implement proper error handling and logging"
   }
-}
+}

.kiro/hooks/pre-commit-and-commit.kiro.hook

@@ -0,0 +1,13 @@
+{
+  "enabled": true,
+  "name": "Pre-commit Validation & Commit",
+  "description": "Automatically runs pre-commit hooks to validate changes when files are modified. If validation fails, attempts to fix issues and asks user how to proceed. Once pre-commit tests pass and user confirms, creates a commit with an informative title and description based on the changes.",
+  "version": "1",
+  "when": {
+    "type": "userTriggered"
+  },
+  "then": {
+    "type": "askAgent",
+    "prompt": "Files have been modified. Please follow this workflow:\n\n1. Run `pre-commit run --all-files` to validate all changes\n2. If pre-commit fails:\n   - Analyze the failures and attempt to fix them automatically\n   - Run pre-commit again to verify fixes\n   - If fixes cannot be applied automatically, explain the issues to the user and ask how to proceed\n3. Once pre-commit passes successfully:\n   - Review all staged and unstaged changes using `git status` and `git diff`\n   - Ask the user to confirm they want to commit these changes\n   - If confirmed, analyze the changes to create an informative commit message following conventional commit format (type(scope): description)\n   - Stage all changes with `git add .`\n   - Create the commit with `git commit -m \"title\" -m \"detailed description of what changed\"`\n   - Confirm the commit was successful\n\nFollow git best practices for commit messages:\n- Use conventional commit format: type(scope): description\n- Types: feat, fix, docs, style, refactor, test, chore\n- Keep first line under 50 characters\n- Use imperative mood\n- Include detailed body explaining what changed and why"
+  }
+}

.kiro/hooks/readme-spell-check.kiro.hook

@@ -11,4 +11,4 @@
     "type": "askAgent",
     "prompt": "Please review and fix spelling and grammar errors in README files following documentation best practices. Please:\n1. Check all README.md files in the project\n2. Identify spelling errors, grammar issues, and typos\n3. Fix obvious errors while preserving the original meaning\n4. Improve readability and clarity where needed\n5. Ensure consistent formatting and style\n6. Check that code examples are properly formatted\n7. Verify that links are working and properly formatted\n8. Maintain single comprehensive README covering all aspects including deployment\n9. Reference official sources through MCP servers when available"
   }
-}
+}

.kiro/hooks/security-scan-on-dependency-change.kiro.hook

@@ -18,4 +18,4 @@
     "type": "askAgent",
     "prompt": "A dependency file has been modified. Please:\n1. Run security audit (npm audit, yarn audit, or pip-audit for Python)\n2. Check for known vulnerabilities in dependencies\n3. Suggest updates for vulnerable packages\n4. Report any high-severity issues that need immediate attention\n5. Check for any new dependencies that might introduce security risks\n6. Ensure all dependencies are from trusted sources and have active maintenance\n7. Follow security best practices for dependency management"
   }
-}
+}

.kiro/hooks/translation-update.kiro.hook

@@ -15,4 +15,4 @@
     "type": "askAgent",
     "prompt": "Base language translation file has been updated. Please:\n1. Identify what keys were added, modified, or removed\n2. Update corresponding translation files for other languages\n3. Mark new or changed keys as needing translation\n4. Preserve existing translations where keys haven't changed\n5. Generate placeholder translations or mark missing translations\n6. Update any translation documentation or guides\n7. Follow consistent naming conventions across translations\n8. Ensure proper file organization and structure\n9. Validate JSON syntax and structure\n10. Document any breaking changes in translation keys"
   }
-}
+}

.kiro/hooks/update-documentation.kiro.hook

@@ -15,4 +15,4 @@
     "type": "askAgent",
     "prompt": "A source code file has been modified. Please update documentation following documentation best practices:\n1. Check if this file has associated documentation that needs updating\n2. Look for README files, API documentation, or inline comments that reference this code\n3. Update any outdated documentation to reflect the changes\n4. Generate JSDoc/docstring comments if they're missing from new functions\n5. Update any relevant examples or usage instructions\n6. Maintain single comprehensive README covering all aspects including deployment\n7. Reference official sources through MCP servers when available\n8. Keep documentation close to relevant code\n9. Include relevant documentation links in code comments\n10. Update documentation when upgrading dependencies"
   }
-}
+}

.kiro/hooks/validate-docker-on-change.kiro.hook

@@ -16,4 +16,4 @@
     "type": "askAgent",
     "prompt": "A Docker file has been modified. Please:\n1. Validate the Dockerfile syntax\n2. Check for Docker best practices (multi-stage builds, non-root user, minimal layers)\n3. Scan for security issues (hardcoded secrets, vulnerable base images)\n4. Suggest optimizations for image size and build time\n5. Verify that .dockerignore is properly configured\n6. Check for proper use of specific base image tags (avoid 'latest')\n7. Ensure proper health checks and metadata are included\n8. Test build the image if possible to catch any build errors"
   }
-}
+}