feat: /gstack-submit + community mode (v0.13.0.0)#416
Open
feat: /gstack-submit + community mode (v0.13.0.0)#416
Conversation
Adds user_id, email, config/analytics/retro snapshots, and backup versioning to installations. Creates community_benchmarks table with public read + service-role write RLS. Foundation for authenticated backup and community intelligence features. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Two-path authentication: enter 6-digit code in terminal OR click magic link in email. Races both paths — whichever completes first wins. Saves JWT to ~/.gstack/auth-token.json with auto-refresh. Includes status and logout subcommands. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Three bug fixes: - Telemetry-sync now pings update_checks on successful event sync (previously only in gstack-update-check on cache-miss path) - community-pulse falls back to distinct session_id count when update_checks is empty - Dashboard queries session_id and shows unique session count Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- gstack-community-backup: syncs config/analytics/retro to Supabase using auth JWT, rate-limited to 30min intervals - gstack-community-restore: pulls backup from Supabase, merges with local state (local wins on conflicts), supports --dry-run - gstack-community-benchmarks: compares your per-skill duration avg against community median with delta percentages Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- community-benchmarks: computes per-skill median/p25/p75 duration,
total runs, and success rate from last 30 days of telemetry events.
Upserts into community_benchmarks table, cached 1 hour.
- community-recommendations: co-occurrence-based skill suggestions
("used by X% of /qa users"). Cached 24 hours.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Telemetry prompt now offers Community (backup/benchmarks/email), Anonymous, or Off. Community tier triggers gstack-auth OTP flow. Adds one-time upgrade prompt for existing anonymous users. Preamble emits EMAIL, COMM_PROMPTED, AUTH status vars. All 33 SKILL.md files regenerated for Claude Code + Codex/agents. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
E2E test runner now sets GSTACK_STATE_DIR to a temp directory so skill preamble telemetry goes to /tmp/ instead of ~/.gstack/. Prevents test runs from polluting production Supabase with fake crash events (was causing 252 spurious "timeout" crashes from a single test session). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Adds error_message (max 200 chars, e.g. "bun test: 3 tests failed") and failed_step (e.g. "run_tests", "create_pr") to telemetry events. Schema, ingest function, and local logger all updated. Makes crash reports actionable instead of just "timeout — 252 occurrences". Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Magic link requires matching the Supabase Site URL to a dynamic local port, which doesn't work reliably. OTP is the right UX for a CLI tool — user is already in a terminal, typing 6 digits is fast. Removes bun callback server, nc listener, port detection, and cleanup traps. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Crash clusters now grouped by error_class (not duplicated per version). Shows errors with skill, error class, count, failed step, example message, and unique session count — so you can tell if it's one user or widespread. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Epilogue now instructs Claude to classify errors (error_class from a defined taxonomy), write a one-line error_message, and identify the failed_step. All 33 SKILL.md files regenerated. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Accept main's generated SKILL.md files (will be regenerated by bun run build). Resolve gen-skill-docs.ts: keep community tier 3-option prompt from branch, keep error context fields from branch, add PLAN MODE EXCEPTION from main. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Resolve conflict in gen-skill-docs.ts by keeping both the detailed error field instructions (community-mode) and the new Plan Status Footer section (main). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…ration guards - Add source field (live/test/dev) to telemetry pipeline: --source flag in gstack-telemetry-log, GSTACK_TELEMETRY_SOURCE env fallback, pass-through in telemetry-sync, source=eq.live filter on all dashboard queries - Replace SHA-256 installation_id with UUID install_fingerprint for all tiers (not just community). Expand-contract migration: ADD new column + trigger to copy installation_id, preserving backward compat with old clients - Fix duration bug: persist _TEL_START to file via $PPID (stable across bash blocks), cap durations at 86400s, reject negative values - Ungate update-check pings from telemetry=off — sends only version + OS + random UUID. Generate .install-id in update-check for telemetry=off users - Migration 003: source columns, install_fingerprint, duration CHECK constraint, indexes, recreated views with source filter, growth funnel (first-seen based), materialized views for daily installs + version adoption - E2E test isolation: session-runner sets GSTACK_TELEMETRY_SOURCE=test - 8 new telemetry tests (source field, duration caps, fingerprint persistence) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Regenerated via bun run gen:skill-docs. Preamble now persists TEL_START and SESSION_ID to $PPID files + echoes them. Epilogue reads from files and passes --source flag. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- install.sh: curl-pipe-bash installer with prereq checks (git, bun), upgrade detection (git pull if already installed), transparency note about update-check pings - setup: add install ping at end (gstack-update-check --force) to register day-zero installs in Supabase - Install ping only in setup (not install.sh) to avoid double-counting (Codex review fix #7) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- community-benchmarks: add .eq("source", "live") to telemetry_events query
- community-pulse: use distinct install_fingerprint count instead of raw
count, add source=live filter to all queries
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Community tier auth, backup/restore, and test updates that were already on this branch before the telemetry sprint. Includes updated telemetry prompt test to match 3-option community tier flow. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add update-check transparency note to telemetry prompt (Codex fix #9): users see the disclosure about version pings at first telemetry prompt - Add one-liner install to README: bash <(curl -fsSL .../install.sh) alongside the existing Claude Code paste-in-terminal approach Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
telemetry-sync POSTs directly to Supabase REST API (/rest/v1/telemetry_events), not through this edge function. Two ingest paths = maintenance burden for zero value. Identified during eng review. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Community mode + trustworthy telemetry: source tagging, UUID fingerprinting, duration guards, growth funnel metrics, one-liner installer, edge function source filtering, dead code cleanup. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Resolve conflicts in VERSION, package.json, and CHANGELOG.md. Keep 0.12.0.0 version with community mode entry on top, followed by 0.11.12.0 and 0.11.11.0 entries from main. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
E2E Evals: ✅ PASS67/67 tests passed | $6.78 total cost | 12 parallel runners
12x ubicloud-standard-2 (Docker: pre-baked toolchain + deps) | wall clock ≈ slowest suite |
Resolve conflicts from v0.11.13.0 merge (worktree isolation + resolver refactor). Keep 0.12.0.0 version, take main's modular gen-skill-docs resolvers, regenerate all SKILL.md files. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Supabase migration 004 creates: - pr-screenshots storage bucket (private, service_role read) - screenshots table with RLS (auth insert, public read metadata) - device_codes table for RFC 8628 auth flow (service_role only) - pg_cron cleanup for expired codes and orphan screenshots Also adds GSTACK_WEB_URL to config.sh for gstack.gg integration. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Rewrites gstack-auth to use browser-based device code flow as default: CLI requests code → browser opens gstack.gg → user approves → CLI gets Supabase tokens. Email OTP preserved as fallback for SSH/headless. Adds change-email subcommand and browser detection (open/xdg-open). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
New binary for uploading screenshots to gstack.gg with pre-upload compression (sips/ImageMagick), slug sanitization, and auth token refresh. Outputs proxy URL to stdout for PR embedding. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Adds Step 6.75 to /ship: detects frontend scope, offers responsive screenshots, handles auth inline, captures via browse, uploads to gstack.gg, embeds watermarked images in PR body. Tests cover screenshot-upload (usage, missing file, auth check, slug sanitization) and gstack-auth device code flow (happy path, expired, invalid secret, SSH fallback). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Resolved 10 conflicted files:
- VERSION/package.json: kept 0.12.0.0 (feature branch version)
- CHANGELOG.md: preserved both branch entry and main's new entries
- supabase/config.sh: kept GSTACK_WEB_URL, accepted TELEMETRY_ENDPOINT removal
- bin/gstack-{community-dashboard,telemetry-log,telemetry-sync,update-check}:
took main's improved versions (edge function approach, safe cursor, UUID gen)
- supabase/functions/community-pulse: took main's count-based approach
- test/telemetry.test.ts: took main's structure with fingerprint field name
Post-merge fixes:
- Removed shadowed local RESOLVERS/functions in gen-skill-docs.ts (main's
resolver imports now take precedence for tier-based preamble, coverage gates)
- Added 3 missing E2E_TIERS entries (ship-plan-*, review-plan-completion)
- Updated telemetry test to match current prompt text
- Regenerated all SKILL.md files
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The duration_reasonable CHECK constraint fails on existing rows with 56-year durations from the shell var bug. Move the prerequisite UPDATE into the migration itself so it's self-contained. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
6 tasks
Main advanced from 0.12.0.0 to 0.12.5.0 (voice directive, deploy dry-run, smarter browsing, headed mode, full commit coverage, codex hang fixes). Our branch had a stale 0.12.0.0 entry for community mode. Conflicts resolved: - VERSION/package.json: take main's 0.12.5.0 - CHANGELOG: take main's entries; our community-mode entry rewrites at ship - gen-skill-docs.ts: removed duplicate slug functions (main moved to resolvers/utility.ts) - touchfiles.ts: removed duplicate review-plan-completion tier entry - All 21 SKILL.md files: regenerated from templates (never resolve generated files manually) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…retention Formal privacy policy for gstack — covers the 3 telemetry tiers (off/anonymous/community), PR screenshot storage, auth data, retention periods, user rights (access/opt-out/delete), and third-party services. Linked from README.md. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
PR screenshots require authentication, which associates your email and GitHub username with your uploads. Telemetry itself stays anonymous. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…unt deletion Calls out logged-in users as a distinct tier (email + GitHub identity). Account deletion = lose access, but collected data may be retained for product improvement by GStack core team / YC. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
… preview AI-assisted project submission to gstack.gg showcase gallery. Gathers build context (git stats, design docs, skill usage), browses the deployed site for screenshots, optionally mines Claude Code transcripts (grep-first, 200 line cap), writes a rich markdown showcase entry, opens it in the browser for refinement, then POSTs to the showcase API. Key design decisions from eng review: - Grep-first transcript reading (not raw file dumps) - jq for JSON payload construction (not string interpolation) - Source supabase/config.sh for API URL (not hardcoded) - Markdown file preview in browser with edit loop - Graceful degradation at every step (no URL, no screenshot, API down) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Covers data sent during /gstack-submit (user-initiated, user-approved), transcript reading privacy model (local-only, grep-matched excerpts, never transmitted), and what never gets sent (raw code, raw transcripts, credentials). Renumbers sections 5-9. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
New zsh-safe test from main catches unsafe for-in globs and ls/grep with glob args. Fix ship/SKILL.md.tmpl (for-in → find) and gstack-submit (add setopt +o nomatch guards for ls with glob patterns). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
garrytan
changed the title
Conflicts resolved: - VERSION: keep 0.13.0.0 (our branch > main's 0.12.9.0) - package.json: same version resolution - CHANGELOG.md: keep both entries, 0.13.0.0 on top of 0.12.9.0 Main brought in: uninstall script, skill namespacing, faster install, Python security patterns, Windows port fix, office-hours Codex fallback. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Conflicts resolved: - VERSION: keep 0.13.0.0 (branch > main's 0.12.12.0) - package.json: same version resolution - CHANGELOG.md: keep both entries — 0.13.0.0 on top, then 0.12.12.0/11.0/10.0 - scripts/gen-skill-docs.ts: keep resolvers-based architecture, drop main's inline Codex helper duplicates (already in scripts/resolvers/codex-helpers.ts) Main brought in: security audit compliance (conditional telemetry, credential cleanup, dead code removal), skill prefix choice, Codex filesystem boundary, audit regression tests. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
58MB Mach-O arm64 binary was tracked despite being in .gitignore. Same situation as browse/dist/ — the ./setup script builds from source (bin/gstack-global-discover.ts) for every platform. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Picks up preamble changes from main: conditional telemetry calls, SKILL_PREFIX awareness, and local JSONL always-log. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Conflicts resolved: - CHANGELOG.md: both sides added [0.13.0.0] entries — bumped our community-mode entry to [0.14.0.0], kept main's design tools entry as [0.13.0.0] below it - VERSION + package.json: bumped to 0.14.0.0 to sit above main's 0.13.0.0 Main brought in: design binary ($D) with 13 commands, /design-shotgun skill, comparison board, design memory, visual diffing, gallery timeline, screenshot evolution, responsive variants, design-to-code prompts. Also fixed: zsh glob safety in design-shotgun/SKILL.md.tmpl (added setopt +o nomatch guard to ls variant-*.png). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- README.md: added /gstack-submit to skills table, install skill lists (one-liner + add-to-repo + troubleshooting), added /design-shotgun and /connect-chrome to troubleshooting list, added PRIVACY.md to docs table - CLAUDE.md: added gstack-submit/ to project structure tree - docs/skills.md: added /gstack-submit to skills table Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
New skill:
/gstack-submit— AI-assisted project submission to the gstack.gg showcase gallery. Gathers build context, browses the deployed site, optionally mines Claude Code transcripts (grep-first, 200 line cap), writes a rich markdown showcase entry with screenshots, opens it in the browser for refinement, and POSTs to the showcase API.Community infrastructure:
gstack-screenshot-upload)curl -fsSL https://gstack.gg/install | bash)Privacy:
Fixes:
Test Coverage
All new code paths have test coverage via existing skill-validation and gen-skill-docs tests. gstack-submit is a prompt template (no application code paths to test beyond template validation).
Pre-Landing Review
Eng review completed (2026-03-27). 6 issues found and resolved:
Plan Completion
Plan file:
~/.claude/plans/zippy-swinging-moth.mdTest plan
bun run gen:skill-docs— all templates compilebun test— all validations pass (frontmatter, placeholders, tools, zsh safety)Documentation
/gstack-submitto skills table, install skill lists (one-liner + add-to-repo + troubleshooting), added/design-shotgunand/connect-chrometo troubleshooting list, addedPRIVACY.mdto docs tablegstack-submit/to project structure tree/gstack-submitto skills reference table🤖 Generated with Claude Code