v0.4.0 — Complete Toolchain Modernization & Infrastructure Hardening

🚀 Highlights

A comprehensive modernization of the entire development toolchain, dependency stack, Docker infrastructure, and documentation. 55 commits since v0.3.4.

---

⚡ Toolchain Replacements

• Webpack → Vite 8 with SWC for both API and client-app (d8873d8, 4a76f03)
• Jest → Vitest 4.1 for all unit and integration tests (0db07d2, d8873d8)
• ESLint + Prettier → Biome 2.4 for linting and formatting (449716f)
• Babel → SWC for compilation (4a76f03, 9f7736a)
• Playwright → supertest for e2e tests (93ad9fe)
• TypeORM → pg Pool in test helpers (fe3e8a0)
• styled-components → plain CSS + Tailwind (6c7db07)

📦 Major Dependency Upgrades

• TypeScript 5.9 → 6.0 (361b85c)
• React 18.2 → 19.2 (11bad79, 4ca4479)
• NestJS 10 → 11 + Express 5.2 (d2b9d5f, 3754db6)
• Nx 21.3 → 22.6 (5fe5b0c)
• Prisma 4.16 → 6.19 (32ebcc8)
• Tailwind 3.2 → 4.2 (7610d10)
• react-router-dom 6.3 → react-router 7.13 (4daa9fc)
• @testing-library/react 13.4 → 16.3 (a3e0362)

🏗️ Architecture & Refactoring

• libs/core library extracted — shared bootstrap, DTOs, exceptions, filters, middleware (8726837)
• Docker bind mounts replace named volumes in ./data/ (019308f)
• Docker-compose healthchecks, depends_on conditions, network segmentation (9aa55f4)
• Robust startup/shutdown with cross-platform healthcheck fixes (f8778f4, fc47a8d, 527d6a2)
• Dockerfile.dev fixed for workspace symlink resolution (c6cd12f, 2124bca)

🔒 CI/CD & Security

• CI consolidated to industry-standard 7-job pipeline (b81e38f, 5013696)
• GitHub Actions upgraded to Node 24 runtime (f8ddec3)
• KICS IaC scan action updated (b68b699)
• Removed unused semantic-release and DiskStation deploy workflows (5d5a034, 2738302)
• Unused dependencies removed across all packages (a00e136, 32e93f8, c13e55d)

📚 Documentation

• AGENTS.md v4 — repomix-verified, benchmark-aligned single source of truth (04407c5)
• All 13 config/ READMEs standardized with consistent format (02f12d1)
• Stale docs removed (content absorbed into AGENTS.md)

🧹 Cleanup

• 9 issues from comprehensive repo review fixed (057a7d5)
• dev-scripts audited and cleaned up (a23752d)
• Stale Jest/webpack/babel config references removed (462d7ae)
• cross-env removed — Unix-only project (aa97054)

---

Full Changelog: v0.3.4...v0.4.0

v0.3.4 - MCPHub SSE Transport & Direct OpenAI API

Fixed

• MCPHub MCP Transport: Switched to sse transport for stable MCP tool execution

  • The streamable-http transport caused constant SSE stream disconnects every ~40-60s
  • SSE transport at http://mcphub:3000/sse provides stable long-lived connections
  • MCP tools (56 discovered) now execute reliably via LibreChat

• LibreChat OpenAI Configuration: Switched from LiteLLM proxy to direct OpenAI API

  • Commented out baseURL pointing to LiteLLM (http://synology.local:4000/v1)
  • LiteLLM proxy was returning 200 OK but streaming responses were being truncated to 4 tokens
  • Direct OpenAI API resolved the empty response / "no response" issue
  • Updated model list: gpt-5, gpt-4o, gpt-5-mini, gpt-4.1, gpt-5.2, claude-sonnet-4.5, claude-opus-4.6
  • Fixed titleModel/summaryModel from non-existent gpt-4o-mini to gpt-5-mini
  • Commented out Anthropic endpoint (not currently used)

v0.3.2 - Complete Integration Testing Suite

Release v0.3.2 - Complete Integration Testing Suite

This release completes the comprehensive integration testing infrastructure for ChatSuite, covering all major docker-compose services with automated environment configuration and graceful handling of optional authentication.

🎯 Key Features

Complete Service Integration Coverage

• ✅ PostgreSQL database integration
• ✅ MongoDB document store integration
• ✅ MinIO S3 storage integration
• ✅ n8n workflow automation integration (optional API key)
• ✅ NocoDB database UI integration (optional auth token)
• ✅ MindsDB AI database integration
• ✅ MCPHub MCP protocol orchestration
• ✅ MCP Email SSE protocol integration

Automatic Environment Configuration

• Industry-standard dotenv-based environment loading
• Automatic hostname/port mapping for local testing
• No manual environment variable passing required
• Seamless Docker → localhost resolution

Graceful Authentication Handling

• Optional API key support (n8n)
• Optional token authentication (NocoDB)
• Tests skip gracefully when credentials not configured
• Clear setup instructions for enabling optional integrations

📊 Test Coverage

• 24/24 integration tests passing
• 100% coverage on app module
• Full service orchestration testing
• SSE connection handling for streaming protocols

🔧 Infrastructure Improvements

Testing Infrastructure

• Created 8 service-specific test helpers
• Implemented proper SSE stream handling for MCP Email
• Added graceful health check degradation for MCPHub
• Established consistent TDD patterns across all integrations

Environment Management

• Automatic .env file loading from config/env/
• Smart hostname mapping for Docker services
• Port conflict resolution
• Zero-configuration test execution

Code Quality

• Added lint:all command for comprehensive linting
• Pre-commit hooks for automated quality gates
• Conventional commit message validation
• Affected-only testing for faster CI/CD

🚀 Commands

# Run all integration tests
pnpm nx integration api-customer-service

# Run affected integration tests only
pnpm nx:integration:affected

# Lint all projects
pnpm lint:all

�� Commits Since v0.3.1

• test: add MCP Email SSE protocol integration tests
• test: add MCPHub MCP protocol integration tests
• test: add MindsDB AI database integration tests
• feat: add NocoDB database UI integration tests
• feat: automatic environment variable loading for integration tests (BREAKING CHANGE)
• docs: add n8n API key setup guide for integration tests
• feat: add n8n workflow automation integration tests
• feat: add MinIO S3 storage integration testing
• feat: add MongoDB integration testing
• fix: resolve all failing integration tests
• fix: configure integration tests to work with existing services
• fix: remove all docker-compose.test.yaml references
• refactor: configure integration tests to use existing docker-compose services
• feat: implement comprehensive integration testing infrastructure and CI/CD pipelines
• docs: Complete professional rewrite of AGENTS.md

🔗 Integration Testing Documentation

See docs/integration-testing-strategy.md for comprehensive testing guidelines.
See docs/integration-testing-implementation.md for implementation details.

🎓 Development Approach

All integrations follow Test-Driven Development (TDD):

1. Write failing test (RED)
2. Implement minimal code (GREEN)
3. Refactor for quality
4. Commit increment

Breaking changes isolated to environment variable loading - now automatic instead of manual.

⚠️ Breaking Changes

Automatic Environment Variable Loading

Integration tests now automatically load environment variables from config/env/.env.${NX_APP_ENV} instead of requiring manual environment variable passing.

Before (v0.3.1 and earlier):

POSTGRES_HOST=localhost POSTGRES_PORT=54320 MONGO_HOST=localhost ... pnpm nx integration api-customer-service

After (v0.3.2):

pnpm nx integration api-customer-service

No action required - the new approach is simpler and follows industry standards.

v0.3.1 - Nginx Reliability and Security Improvements

What's Changed

Added

• LibreChat Nginx Configuration: Added reverse proxy support for LibreChat service
  • LibreChat upstream block with proper port mapping (3080)
  • Location block /librechat with WebSocket support
  • Full HTTP/1.1 upgrade headers for real-time chat functionality

Fixed

• Nginx Startup Reliability: Resolved container crash loop on service startup
  • Commented out static n8n upstream that caused "host not found" errors
  • Implemented dynamic DNS resolution for n8n service (set \$n8n_backend n8n:5678)
  • Prevents nginx failures when services start in different order
  • Resolves repeated container restart issues on Synology DiskStation

Security

• Template Credential Hardening: Replaced actual password values with secure placeholders
  • Changed minioadmin123 to CHANGE_ME_MinIO_Dev_Password in env.dev
  • Changed production passwords to CHANGE_ME_MinIO_Production_Password in env.host
  • Changed QA passwords to CHANGE_ME_MinIO_QA_Password in env.qa
  • Added security warnings for all password fields
  • Resolves GitGuardian security alert for Generic Password exposure

Technical Notes

• Nginx now uses Docker's embedded DNS resolver (127.0.0.11) for runtime hostname resolution
• All services (pgadmin, minio, n8n, librechat) now use dynamic resolution pattern
• Template files are safe to commit; actual credentials remain in .env.* (not tracked)

Full Changelog: v0.3.0...v0.3.1

v0.3.0

v0.3.0 - 2025-12-21

Added

• Comprehensive ESLint Configuration: Enterprise-grade linting infrastructure
  • Security-focused ESLint plugins (eslint-plugin-security, @microsoft/eslint-plugin-sdl)
  • TypeScript strict type checking with @typescript-eslint/eslint-plugin
  • React best practices with eslint-plugin-react and eslint-plugin-react-hooks
  • Accessibility checks with eslint-plugin-jsx-a11y
  • Import organization with eslint-plugin-import
• Prettier Code Formatting: Strict code formatting standards
  • Configured Prettier with 100-character line width
  • Single quotes, trailing commas, and semicolons enforced
  • Integration with ESLint via eslint-config-prettier
• Security Scanning Infrastructure: KICS and Trivy for comprehensive security analysis
  • KICS Infrastructure-as-Code security scanning
  • Trivy Docker image vulnerability scanning
  • 87.5% reduction in security vulnerabilities (32 → 4 remaining)
• Git Hooks with Husky: Automated quality gates
  • Pre-commit hooks for linting and security checks
  • Commit message validation with commitlint
  • Automated code formatting on commit
• TypeScript Strict Mode: Enhanced type safety across the codebase
  • Enabled strict mode in tsconfig.base.json
  • Full type checking for all projects

Changed

• Pre-Commit Workflow: All commits must pass linting and security checks
• Development Standards: Updated AGENTS.md with pre-commit requirements
• Contributing Guidelines: Enhanced with linting and security workflow
• README: Added security workflow documentation

Notes

• All new code must pass ESLint checks before commit
• Security scans are required before creating pull requests
• Git hooks automatically enforce code quality standards
• 4 remaining security issues are false positives or require manual review

v0.2.0

v0.2.0 - 2025-12-20

Added

• MinIO Integration: Added S3-compatible object storage service
  • MinIO service with health checks on ports 9000 (API) and 9001 (Console)
  • Comprehensive MinIO documentation in config/minio/README.md
  • MinIO proxy routes in nginx (/minio/ and /minio-api/)
  • MinIO environment variables in all environment templates
• Security Infrastructure: Automated security scanning with KICS and Trivy
  • GitHub Actions workflow for weekly and on-demand security scans
  • KICS configuration for Infrastructure-as-Code scanning
  • Trivy integration for Docker image vulnerability scanning
  • Automated PR creation for HIGH/CRITICAL security findings
  • SARIF upload to GitHub Security tab
• Documentation Consolidation: Merged all AI agent guidelines into single source of truth
  • Consolidated .github/copilot-instructions.md into AGENTS.md
  • Added comprehensive table of contents to AGENTS.md
  • Added project metadata header with repository info and tech stack
  • Enhanced AGENTS.md with 10 comprehensive development rules
• Enhanced Contributing Guidelines: Complete rewrite of contribution documentation
  • Comprehensive contribution workflow (fork and direct access)
  • Detailed bug reporting and enhancement suggestion templates
  • Development setup and testing requirements
  • Git hooks, code style, and architecture contribution guidelines
• Standardized Code of Conduct: Updated to industry standard
  • Adopted Contributor Covenant v2.1
  • Consistent "community leaders" terminology
  • Four-tier enforcement guidelines
  • Streamlined reporting mechanism

Changed

• Docker Configuration: Fixed all localhost references to use proper container names
  • Changed MinIO healthcheck from localhost:9000 to minio:9000
  • Changed MCPHub healthcheck from localhost:3000 to mcphub:3000
  • Ensures proper Docker networking between services
• Environment Files: Synchronized all environment configurations
  • Added MinIO variables to .env.dev, .env.host, and .env.qa
  • Synchronized with templates env.dev, env.host, and env.qa
• README Enhancement: Updated with security badges and service documentation
  • Added KICS+Trivy security scanning badge
  • Updated service architecture table with MinIO
  • Enhanced project header with professional formatting

Removed

• .github/copilot-instructions.md (merged into AGENTS.md)

Notes

• All services now properly use Docker container names for inter-service communication
• MinIO provides S3-compatible storage at https://localhost:10443/minio/
• Security scanning runs weekly and on every push to main/develop branches
• AGENTS.md is now the authoritative reference for all development standards

v0.1.0

Changed

• Standardized documentation and contribution workflow.
• Cleaned and consolidated CONTRIBUTING.md.
• Fixed README.md Quick Start code blocks and unified environment and
  mkcert instructions.
• Standardized issue templates in .github/ISSUE_TEMPLATE/ for bug reports
  and feature requests.

Added

• SECURITY.md with private reporting instructions, response timelines,
  coordinated disclosure policy, and safe-harbor note.
• Minor editorial and formatting fixes across documentation.

Notes

• Maintainer contact for confidential reports: hubertus@hubertusbecker.com.
• Recommended next step: remove outer code fences from some docs to ensure
  proper Markdown rendering (optional follow-up).