The inner .gitignore at docs/scripts/extraction/.gitignore blanket-ignored
*.md/*.json/*.jsonl so research-agent transcripts wouldn't drift in. The
curated augmentation file needs an explicit exception so the Docker build
step on production can read it during `node scripts/build-corpus.mjs`.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
The research-agent augmentation file (196 high-quality Q/A pairs with
file:line citations, real production code excerpts, varied phrasings)
needs to ship with the repo so the production Docker build's
`node scripts/build-corpus.mjs` step picks it up.
Distribution by kind:
78 code-recall · 50 workflow · 24 inikey · 13 gotcha
12 debug · 11 comparison · 7 edge-case · 1 refactor
Effect on the en-language corpus:
before: 1055 records per format (instructions/chat/completion)
after: 1264 records per format (+209 from augmentation × 1 fan-out)
Removed from .gitignore. The summary text file stays gitignored
(regenerated on every agent run). The corpus output at
docs/public/corpus/ remains gitignored — built fresh in CI/Docker.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
The Ollama URL was leaking via:
- prose in /en/, /de/, /ja/, /es/, /fr/ docs (oracle, deployment,
local-testing, ai/module/{overview,embed,training})
- code blocks teaching users to curl the host directly
- .env.example, Dockerfile, docker-compose.yml defaults
- providers.mjs, translate-docs.mjs, build-oracle-index.mjs defaults
- LandingScripts.astro comment
- lora-runbook.md prose + SSH host
- the GET handler at /api/oracle which echoed `ollamaUrl` back to public callers
- the "Oracle is silent" fallback message at /api/oracle POST
Replacements:
- prose: "neuronetz.ai" → "your Ollama instance"
- example URLs in code blocks: https://api.neuronetz.ai → https://your-ollama-host.example
- code-level defaults: → http://localhost:11434 (Ollama's standard local port)
- GET /api/oracle: dropped the `ollamaUrl` field; provider + model still exposed
- runbook SSH host: neuronetz@cloud.neuronetz.ai → <gpu-user>@<gpu-host>
Production chat is unaffected: docs/.env (gitignored) on the production
host still pins OLLAMA_BASE_URL=https://api.neuronetz.ai. The only
change in the running container is that the GET handler no longer
echoes the URL.
analytics.neuronetz.ai (Umami tracking) is intentionally left intact —
it's a public, brand-owned subdomain meant to be visible.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
The first version of vhost.d/<host>_location nested four `location { … }`
blocks (for /_astro/, images, /sw.js, /llms.txt) inside the proxy's
generated `location / { … }` to set Cache-Control. nginx accepts the
syntax, but a nested location with no `proxy_pass` directive falls through
to filesystem root and 404s the asset — which is why CSS / JS / images
were missing on the live site even though the HTML loaded fine.
Astro already emits sensible Cache-Control on hashed _astro bundles, so
we don't need the proxy to set them. Removed all four nested blocks; the
vhost.d files now only carry proxy headers, gzip, and security headers,
all of which are valid inside a location {} block without proxy_pass.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
The acme-companion on the production host doesn't accept comma-separated
VIRTUAL_HOST / LETSENCRYPT_HOST values, so cert issuance was failing for
the combined `nibiru-framework.com,www.nibiru-framework.com` entry.
docker-compose.yml — now defines two services sharing the same image:
- docs → VIRTUAL_HOST=nibiru-framework.com (apex)
- docs-www → VIRTUAL_HOST=www.nibiru-framework.com (built once, reused)
A YAML anchor (x-docs-shared-env) keeps the Oracle/LLM/Anthropic config in
lockstep so the two containers can never drift.
docs/nginx/vhost.d/ — per-host nginx-proxy overrides applied at the
location-block level by jwilder/nginx-proxy. Both files set:
- X-Forwarded-* trust + buffering off (Oracle SSE streaming)
- HSTS / X-Content-Type / X-Frame / Referrer-Policy / Permissions-Policy
- gzip with the right MIME set for Astro/Starlight assets
- Aggressive cache on /_astro/ (immutable hashed bundles)
- 30-day cache on images/fonts
- no-store on /sw.js (so PWA updates land)
- 24-hour cache on /llms.txt for AI crawlers
docs/nginx/README.md explains how to mount these into an existing
nginx-proxy (bind-mount + reload, or bake into the proxy image).
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
The Dockerfile's `COPY package.json package-lock.json .npmrc ./` requires
the file to exist; the build was failing on a fresh clone with
`failed to compute cache key … "/.npmrc": not found`.
Contents are intentionally minimal: silence npm's audit/funding chatter
during CI/Docker builds and enable legacy-peer-deps so Astro 6 + Starlight
0.38 + @vite-pwa/astro can install together without npm's strict peer
resolver rejecting the lockfile.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This is the snapshot the production landing site (nibiru-framework.com) is
deployed from. Brings together the recent splash + docs migration to the v4
"Cosmos" design system, the new in-framework AI module, and the framework
groundwork that backs the framework-reference extraction.
What lands:
- docs/: Astro + Starlight site with the v4 dark cosmic palette, GalaxyHero
canvas constellation, Mission Control chat (wired to /api/oracle →
api.neuronetz.ai via providers.mjs Ollama), 5-panel MMVC stage
(Model · AI · Module · Controller · View), translated EN/DE/JA/ES/FR
content, PWA + sitemap + llms.txt + Umami analytics.
- docs/design-system/: canonical mockup bundle (source/index-v2.html for
splash, source/docs-system.html + preview/ for docs, SPEC.md, tokens).
- docs/scripts/extraction/framework-reference-v2.md: deep framework
reference (~1.6k lines, file:line citations, every public factory and
idiom — basis for the LoRA training corpus.
- application/module/ai/: AI module with chat / embed / RAG / agent
plugins, plus pdoQuery / httpGet / fileRead tools and Modelfile +
smoke-test in training/.
- application/module/users/: user / ACL / form-factory traits used as the
reference plugin pattern for the framework docs.
- application/settings/config/database/: schema + seed migrations
including the AI module tables (200–203).
- Form factory + autogenerator changes the framework-reference-v2 covers.
Production secrets stay out: docs/.env, settings.production.ini and
ai.production.ini are all gitignored (.example files are in tree).
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Introduced `errorController` for handling unreachable pages with a soft 404 response. Added configurable error handling via `settings.development.ini` and implemented a new `error.tpl` template. Updated `dispatcher.php` to route non-existent pages to the error controller.
Added logic to handle single trailing URL segments in the router, ensuring non-numeric segments are added to the `$_REQUEST` array if not already present. Improved URL parsing for consistent request handling.
Introduced a `handleSeoUrls` method to support SEO-friendly URLs by transforming them into standard routing. Added validation for slugs, IDs, and potential actions to ensure proper parsing and prevent conflicts with existing routes. Enhanced overall routing functionality to support framework-wide SEO optimizations.
Introduced a new `TypeSwitch` class to manage input type switch fields for forms, allowing simplified creation of toggle switches or binary options. Enhanced attribute handling in `formattributes.php` to conditionally remove the `checked` attribute only if not explicitly specified. Updated framework to include the new `TypeSwitch` class.
The `getRequest` method in `controller.php` now includes a nullable return type and additional checks for array key existence in the `$_REQUEST` array. This update ensures robust error handling and prevents undefined index notices.
The methods `updateRowByFieldWhere` and `updateColumnByFieldWhere` in `mysql.db.php` and `pdo.php` now have a `bool` return type and explicitly return the result of the database operations. This change improves code readability and enforces consistent function outputs, aiding in better error handling and debugging.
Extended the updateRowById method across mysql, pdo, and IDb to support encrypted fields. Updated the PDO update logic to conditionally encrypt data using DES_ENCRYPT when specified. This ensures sensitive data is managed securely during updates.
Extended the typecheckbox element to include a 'disabled' attribute. Updated the README to provide details on new command-line switches for creating and deleting CMS pages. In preparation of the upcoming AI/CMS module.
The name of 'Module.php' file in 'core/c' directory has been renamed to lowercase 'module.php', ensuring consistency across all filenames. The code inside the file has been updated, replacing '__CLASS__' with 'get_called_class()', allowing the correct class scope to be referenced even in an inherited context and ensuring proper function of '_set' and '_get' methods.
Significant changes have been implemented in the database operations, particularly in update and insert functions, ensuring more stable and efficient handling of queries. Form capabilities have been enhanced by adding new attributes for processing decimal steps, further improving data input methods. This update also includes considerable refactoring and security enhancements in the PDO class.
Database operations have been redefined and additional functionality has been added for handling database queries. Functions for updating rows by ID and inserting array into table have been updated for better reliability. In addition, new form attributes for managing decimal steps have been added to enhance data input capabilities. Refactoring and security improvements have also been addressed in the PDO class.
A placeholder attribute has been added to the input type search in typesearch.php. This attribute allows a short hint, a word or a short phrase, to be displayed in the input field before the user enters a value. The change was made to enhance the user experience by providing contextual help in the search field.
The decryption method used in the SQL query within auth.php has been changed. The outdated DES_DECRYPT was replaced with AES_DECRYPT to improve security. The change is expected to provide a more secure and reliable decryption process for user passwords.
Implement new auto class and refactor usages of deprecated autoloader
A new automatic class loading mechanism has been introduced (Auto), replacing the deprecated Autoloader. This refactoring includes updating directory paths, changing the ownership of directories, and modifying file content strings. The codebase has been scoured to replace all instances of the discontinued Autoloader with the new class/method calls.
The paths for "application/settings/database" and "application/settings/elastic" were updated to be more specific. Along with the change in directory paths, the ownership of these directories was re-set, thereby ensuring appropriate permissions and maintaining consistency across the application.
The commit includes additional commands for the Nibiru framework in the readme file. It provides detailed usage for the '-g' switch and '-ws {URL} -wp {PORT}' command helping users connect to a WebSocket and use a Graylog Server more effectively. Also added some file- and folder checks to the binary, in order to have the database folder and the elastic folder being created.
Updates in the Readme reflect the additions to the binary.
Extended the README.md file for the Nibiru framework by including detailed usage for the '-g' switch and the '-ws {URL} -wp {PORT}' command. These new commands allow for versatility when a Graylog Server is present and when connecting to a WebSocket respectively.
