LINK AUDIT — every internal link now resolves to a real page:
- BrandHeader doc-nav 'Showcase' target → /{locale}/showcase/projects/
(the showcase/ directory has no index, only patterns/projects)
- Translated-slug bugs across de/es/fr/ja: ~30 broken links from the
overnight translator that auto-localised path segments. Mapped back to
the actual English slugs:
de: warum-nibiru → why-nibiru, kuenstliche-intelligenz/orakel → ai/oracle,
kI/modul/* → ai/module/*, praesentation/projekte → showcase/projects
es: ai/modulo/* → ai/module/*, diseno/* → design/*,
porque-nibiru / por-que-nibiru → why-nibiru,
presentacion/proyectos → showcase/projects
fr: ia/module/* → ai/module/*, ia/module/formation → ai/module/training,
pourquoi-nibiru → why-nibiru, presentation/projets → showcase/projects
ja: ai/milestones → ai/roadmap
- Cross-locale leaks: bare `/ai/oracle` (no locale) → `/{locale}/ai/oracle/`
in de/index.mdx, fr/index.mdx, fr/ai/module/overview.md, en/ai/corpus.md
- `/en/start/` (which 404s — start/ has no index) was hardcoded in five
design/components.md atelier-button hrefs across all locales →
`/{locale}/start/installation/`
- `/en/reference` removed from en/downloads.mdx — the reference doc tree
isn't built yet; replaced with a github link to the v2 markdown source
- Collapsed stray double-slashes (`/de/why-nibiru//` etc.) introduced by
the slug-replacement sed sweep
Final audit shows 0 broken internal links (down from ~37).
TRAINING SOURCE NOW SHIPS — root cause of "I cannot find the training data
in the repository": the curated source files were gitignored.
- .gitignore at scripts/extraction/ now whitelists framework-reference-v2.md
and lora-augmentation.summary.txt alongside lora-augmentation.jsonl
- The 1620-line v2 reference, the 323-record augmentation jsonl, and the
summary report all enter the repo so the production Docker build sees
them and contributors can find them by browsing gitea
NEURONETZ AI DEEPLINK BADGE — small "AI by Neuronetz ↗" pill in the splash
footer's bottom strip. Logo mark mirrored locally to
public/img/external/neuronetz-mark.svg (pulled from neuronetz.ai/favicon.svg)
so the page doesn't hot-link off-domain on every paint. Magenta border on
hover; opens neuronetz.ai in a new tab with rel=noopener.
SPLASH I18N PARITY — de/es/fr/ja index.mdx now import + render the same
component stack as en (CometTrail · MmvcStage · MissionControl · LaunchSequence
· SpacecraftGrid · EditorialContent · LandingFooter · ToTop · LandingScripts),
so every locale shows the full splash structure. The component bodies
themselves are still English (proper i18n is the next step); for now this
brings structural parity.
MOBILE RESPONSIVE SWEEP:
- LandingFooter: 4-col grid stacks 2-col @ 768px and 1-col @ 480px;
bottom strip wraps vertical at 480px
- MmvcStage: 5-step progress rail tightens its gaps under 720px and
drops the bar segments entirely under 480px so the labels fit
- Docs bridge §11: tighter H1/H2 spacing, breadcrumbs/doc-meta on
narrow viewports, pagination cards stack 1-col, help-strip stacks
vertical, tables get horizontal-scroll on overflow
- Doc-header: nav-version chip hides under 480px so the search-pill
+ brand fit comfortably
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Earlier commit captured a partial 196-record file because the background
research agent was still writing when the commit landed. The agent has
since completed with 323 high-quality records.
New distribution by kind:
121 code-recall · 97 workflow · 29 inikey · 26 comparison
16 gotcha · 16 debug · 15 edge-case · 3 refactor
All 323 lines are valid JSON, all carry instruction/input/output plus
metadata.{language, source, section, kind, citations}. Every answer has
a real file:line citation or quoted code from framework-reference-v2.md
(no hedging language allowed in agent output).
Effect on en-language corpus:
before: 1264 records per format
after: ~1545 records per format (+281 from augmentation × ~1)
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
The inner .gitignore at docs/scripts/extraction/.gitignore blanket-ignored
*.md/*.json/*.jsonl so research-agent transcripts wouldn't drift in. The
curated augmentation file needs an explicit exception so the Docker build
step on production can read it during `node scripts/build-corpus.mjs`.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
The research-agent augmentation file (196 high-quality Q/A pairs with
file:line citations, real production code excerpts, varied phrasings)
needs to ship with the repo so the production Docker build's
`node scripts/build-corpus.mjs` step picks it up.
Distribution by kind:
78 code-recall · 50 workflow · 24 inikey · 13 gotcha
12 debug · 11 comparison · 7 edge-case · 1 refactor
Effect on the en-language corpus:
before: 1055 records per format (instructions/chat/completion)
after: 1264 records per format (+209 from augmentation × 1 fan-out)
Removed from .gitignore. The summary text file stays gitignored
(regenerated on every agent run). The corpus output at
docs/public/corpus/ remains gitignored — built fresh in CI/Docker.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
The Ollama URL was leaking via:
- prose in /en/, /de/, /ja/, /es/, /fr/ docs (oracle, deployment,
local-testing, ai/module/{overview,embed,training})
- code blocks teaching users to curl the host directly
- .env.example, Dockerfile, docker-compose.yml defaults
- providers.mjs, translate-docs.mjs, build-oracle-index.mjs defaults
- LandingScripts.astro comment
- lora-runbook.md prose + SSH host
- the GET handler at /api/oracle which echoed `ollamaUrl` back to public callers
- the "Oracle is silent" fallback message at /api/oracle POST
Replacements:
- prose: "neuronetz.ai" → "your Ollama instance"
- example URLs in code blocks: https://api.neuronetz.ai → https://your-ollama-host.example
- code-level defaults: → http://localhost:11434 (Ollama's standard local port)
- GET /api/oracle: dropped the `ollamaUrl` field; provider + model still exposed
- runbook SSH host: neuronetz@cloud.neuronetz.ai → <gpu-user>@<gpu-host>
Production chat is unaffected: docs/.env (gitignored) on the production
host still pins OLLAMA_BASE_URL=https://api.neuronetz.ai. The only
change in the running container is that the GET handler no longer
echoes the URL.
analytics.neuronetz.ai (Umami tracking) is intentionally left intact —
it's a public, brand-owned subdomain meant to be visible.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
The first version of vhost.d/<host>_location nested four `location { … }`
blocks (for /_astro/, images, /sw.js, /llms.txt) inside the proxy's
generated `location / { … }` to set Cache-Control. nginx accepts the
syntax, but a nested location with no `proxy_pass` directive falls through
to filesystem root and 404s the asset — which is why CSS / JS / images
were missing on the live site even though the HTML loaded fine.
Astro already emits sensible Cache-Control on hashed _astro bundles, so
we don't need the proxy to set them. Removed all four nested blocks; the
vhost.d files now only carry proxy headers, gzip, and security headers,
all of which are valid inside a location {} block without proxy_pass.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
The acme-companion on the production host doesn't accept comma-separated
VIRTUAL_HOST / LETSENCRYPT_HOST values, so cert issuance was failing for
the combined `nibiru-framework.com,www.nibiru-framework.com` entry.
docker-compose.yml — now defines two services sharing the same image:
- docs → VIRTUAL_HOST=nibiru-framework.com (apex)
- docs-www → VIRTUAL_HOST=www.nibiru-framework.com (built once, reused)
A YAML anchor (x-docs-shared-env) keeps the Oracle/LLM/Anthropic config in
lockstep so the two containers can never drift.
docs/nginx/vhost.d/ — per-host nginx-proxy overrides applied at the
location-block level by jwilder/nginx-proxy. Both files set:
- X-Forwarded-* trust + buffering off (Oracle SSE streaming)
- HSTS / X-Content-Type / X-Frame / Referrer-Policy / Permissions-Policy
- gzip with the right MIME set for Astro/Starlight assets
- Aggressive cache on /_astro/ (immutable hashed bundles)
- 30-day cache on images/fonts
- no-store on /sw.js (so PWA updates land)
- 24-hour cache on /llms.txt for AI crawlers
docs/nginx/README.md explains how to mount these into an existing
nginx-proxy (bind-mount + reload, or bake into the proxy image).
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
The Dockerfile's `COPY package.json package-lock.json .npmrc ./` requires
the file to exist; the build was failing on a fresh clone with
`failed to compute cache key … "/.npmrc": not found`.
Contents are intentionally minimal: silence npm's audit/funding chatter
during CI/Docker builds and enable legacy-peer-deps so Astro 6 + Starlight
0.38 + @vite-pwa/astro can install together without npm's strict peer
resolver rejecting the lockfile.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This is the snapshot the production landing site (nibiru-framework.com) is
deployed from. Brings together the recent splash + docs migration to the v4
"Cosmos" design system, the new in-framework AI module, and the framework
groundwork that backs the framework-reference extraction.
What lands:
- docs/: Astro + Starlight site with the v4 dark cosmic palette, GalaxyHero
canvas constellation, Mission Control chat (wired to /api/oracle →
api.neuronetz.ai via providers.mjs Ollama), 5-panel MMVC stage
(Model · AI · Module · Controller · View), translated EN/DE/JA/ES/FR
content, PWA + sitemap + llms.txt + Umami analytics.
- docs/design-system/: canonical mockup bundle (source/index-v2.html for
splash, source/docs-system.html + preview/ for docs, SPEC.md, tokens).
- docs/scripts/extraction/framework-reference-v2.md: deep framework
reference (~1.6k lines, file:line citations, every public factory and
idiom — basis for the LoRA training corpus.
- application/module/ai/: AI module with chat / embed / RAG / agent
plugins, plus pdoQuery / httpGet / fileRead tools and Modelfile +
smoke-test in training/.
- application/module/users/: user / ACL / form-factory traits used as the
reference plugin pattern for the framework docs.
- application/settings/config/database/: schema + seed migrations
including the AI module tables (200–203).
- Form factory + autogenerator changes the framework-reference-v2 covers.
Production secrets stay out: docs/.env, settings.production.ini and
ai.production.ini are all gitignored (.example files are in tree).
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Introduced `errorController` for handling unreachable pages with a soft 404 response. Added configurable error handling via `settings.development.ini` and implemented a new `error.tpl` template. Updated `dispatcher.php` to route non-existent pages to the error controller.
Added logic to handle single trailing URL segments in the router, ensuring non-numeric segments are added to the `$_REQUEST` array if not already present. Improved URL parsing for consistent request handling.
Introduced a `handleSeoUrls` method to support SEO-friendly URLs by transforming them into standard routing. Added validation for slugs, IDs, and potential actions to ensure proper parsing and prevent conflicts with existing routes. Enhanced overall routing functionality to support framework-wide SEO optimizations.
Introduced a new `TypeSwitch` class to manage input type switch fields for forms, allowing simplified creation of toggle switches or binary options. Enhanced attribute handling in `formattributes.php` to conditionally remove the `checked` attribute only if not explicitly specified. Updated framework to include the new `TypeSwitch` class.
The `getRequest` method in `controller.php` now includes a nullable return type and additional checks for array key existence in the `$_REQUEST` array. This update ensures robust error handling and prevents undefined index notices.
The methods `updateRowByFieldWhere` and `updateColumnByFieldWhere` in `mysql.db.php` and `pdo.php` now have a `bool` return type and explicitly return the result of the database operations. This change improves code readability and enforces consistent function outputs, aiding in better error handling and debugging.
Extended the updateRowById method across mysql, pdo, and IDb to support encrypted fields. Updated the PDO update logic to conditionally encrypt data using DES_ENCRYPT when specified. This ensures sensitive data is managed securely during updates.
Extended the typecheckbox element to include a 'disabled' attribute. Updated the README to provide details on new command-line switches for creating and deleting CMS pages. In preparation of the upcoming AI/CMS module.
The name of 'Module.php' file in 'core/c' directory has been renamed to lowercase 'module.php', ensuring consistency across all filenames. The code inside the file has been updated, replacing '__CLASS__' with 'get_called_class()', allowing the correct class scope to be referenced even in an inherited context and ensuring proper function of '_set' and '_get' methods.
Significant changes have been implemented in the database operations, particularly in update and insert functions, ensuring more stable and efficient handling of queries. Form capabilities have been enhanced by adding new attributes for processing decimal steps, further improving data input methods. This update also includes considerable refactoring and security enhancements in the PDO class.
Database operations have been redefined and additional functionality has been added for handling database queries. Functions for updating rows by ID and inserting array into table have been updated for better reliability. In addition, new form attributes for managing decimal steps have been added to enhance data input capabilities. Refactoring and security improvements have also been addressed in the PDO class.
A placeholder attribute has been added to the input type search in typesearch.php. This attribute allows a short hint, a word or a short phrase, to be displayed in the input field before the user enters a value. The change was made to enhance the user experience by providing contextual help in the search field.
The decryption method used in the SQL query within auth.php has been changed. The outdated DES_DECRYPT was replaced with AES_DECRYPT to improve security. The change is expected to provide a more secure and reliable decryption process for user passwords.
Implement new auto class and refactor usages of deprecated autoloader
A new automatic class loading mechanism has been introduced (Auto), replacing the deprecated Autoloader. This refactoring includes updating directory paths, changing the ownership of directories, and modifying file content strings. The codebase has been scoured to replace all instances of the discontinued Autoloader with the new class/method calls.
The paths for "application/settings/database" and "application/settings/elastic" were updated to be more specific. Along with the change in directory paths, the ownership of these directories was re-set, thereby ensuring appropriate permissions and maintaining consistency across the application.
The commit includes additional commands for the Nibiru framework in the readme file. It provides detailed usage for the '-g' switch and '-ws {URL} -wp {PORT}' command helping users connect to a WebSocket and use a Graylog Server more effectively. Also added some file- and folder checks to the binary, in order to have the database folder and the elastic folder being created.
Updates in the Readme reflect the additions to the binary.
Extended the README.md file for the Nibiru framework by including detailed usage for the '-g' switch and the '-ws {URL} -wp {PORT}' command. These new commands allow for versatility when a Graylog Server is present and when connecting to a WebSocket respectively.
