feat(web): graduate context gateway tabs to prod tier#488
Merged
Conversation
The Context Gateway settings panes (Artifact Sync, Skills, Commands, Agents) have been gated behind ``mm web --dev`` since their introduction. The hardening that landed in #482/#483/#484 (round-trip preserve, project-scope codex_agents default, settings-sync confirm) closed the last UX rough edges that justified the dev-only label, so the four routers and their SPA tabs now ship in the polished surface all ``uv tool install`` users see. * ``_PROD_ROUTERS``/``_DEV_ONLY_ROUTERS`` swap in ``web/app.py`` * matching ``data-ui-tier="dev" → "prod"`` flips on the four ``settings-nav-btn``s in ``index.html`` * ``test_web_mode`` updates: drop ``ctx-*`` from ``expected_dev``, drop ``/api/context/overview`` from the dev-only parametrize set, add the four ``/api/context/*`` paths to the prod-mounted sanity check The dev/prod distinction here is UX maturity (not security) — loopback-only Tier 1 already covers the threat model per ``feedback_tier2_web_gating_deferred.md``; mutator endpoints behave identically to before and ``settings-sync``/namespace tools stay dev-only. Smoke-tested against ``mm web`` (prod): all four ``/api/context/*`` endpoints return 200, the four dev-only endpoints stay 404, and the SPA renders the four tabs under "연동" / Integrations. Co-Authored-By: Claude <[email protected]>
Per default-change-fanout, a user-visible default flip belongs in the same PR as the docs that describe it. Three call sites referenced the four context tabs (or `/api/context/*` endpoints) as dev-only and needed their tier classification flipped. * `docs/guides/reference.md` — extend the prod page list with Artifact Sync + Skills/Commands/Agents, drop them from the dev-only paragraph, and remove `/api/context/*` from the dev-only endpoint example list. * `docs/guides/configuration.md` — same `/api/context/*` removal in the parallel paragraph under the env-var doc. * `CHANGELOG.md` — Unreleased entry capturing the tier graduation, the hardening PRs (#482/#483/#484) that earned it, and a forward-looking note that prod now ships its first mutator-heavy surface so Tier 2 hardening (deferred per `feedback_tier2_web_gating_deferred.md`) starts here. No code changes — paired with the previous commit which moves the routers and SPA `data-ui-tier` flips. Co-Authored-By: Claude <[email protected]>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
context_gateway,context_skills,context_commands,context_agents) from_DEV_ONLY_ROUTERSto_PROD_ROUTERSinweb/app.py, and flip the four matchingsettings-nav-btndata-ui-tier="dev" → "prod"instatic/index.html. Net effect: the Artifact Sync / Skills / Commands / Agents tabs ship in the polished surface that alluv tool installusers see, instead of being gated behindmm web --dev.feedback_tier2_web_gating_deferred.md, Tier 1 (loopback + single user) is the only supported deployment shape; the mutator endpoints under/api/context/*(POST/PATCH/DELETE) keep the same trust origin as before — already exposed prod endpoints like/api/configPATCH have the same gating model.## <Agent>-Specificsections through round-trip #482 (round-trip## *-Specificpreservation), feat(context)!: codex_agents project-scope default #483 (project-scopecodex_agentsdefault), and fix(context): confirm before settings sync writes outside the project #484 (settings-sync host-write confirm) closes the last rough edges that justified hiding these tabs from polished-surface users.Test plan
uv run ruff check packages/memtomem/src+ruff format --check— cleanuv run pytest -m "not ollama"— 2514 passedtest_web_modeupdates:expected_devdropsctx-overview,ctx-skills,ctx-commands,ctx-agents/api/context/overviewtest_prod_keeps_polished_routes_mountedadds the four/api/context/*pathsmm web(prod, isolatedHOME+ state dir):/api/system/ui-mode→{"mode":"prod"}/api/context/{overview,skills,commands,agents}→ all 200/api/{namespaces,settings-sync,sessions,watchdog/status}→ all 404 (dev-only stays gated)Notes
app.jschanges needed: the Home dashboarddevModegate only covers/api/namespaces,/api/sessions,/api/scratch— context endpoints are not fetched from Home.settings_sync(the user-scope~/.claude/settings.jsonwriter) stays in_DEV_ONLY_ROUTERS. It's behaviorally adjacent but its UX surface (e.g. host-write confirm flow) is still maturing; promoting it is a separate decision.scripts/context-gateway-review-plan.mdPR-4 for the original audit context.🤖 Generated with Claude Code