Without this step the model_pricing collection is empty and all LLM
costs are recorded as $0. Seed is idempotent — safe on every deploy.
Also wait for backend container readiness before running migrations.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
same-origin-allow-popups allows the Microsoft auth popup to communicate
back to the parent window, which is required for loginPopup to work.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- deploy.sh runs entirely on server, no local Mac needed
- docker-compose: add 'frontend' service (node:20-alpine, profile=build)
builds frontend and copies dist/ to /var/www/html/semblance
- Remove server-deploy.sh
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Build frontend locally (Node not installed on server)
- rsync dist/ to server instead of building remotely
- Change PYTHON_CMD to python3 (server has 3.12, not 3.13)
- Add step to start MongoDB in Docker (mongo:7, not installed natively)
- Add step to inject Apache proxy config for /semblance_back/ and /semblance/
- SSH_HOST=optical-dev (uses ~/.ssh/config alias)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Fix missing await on FocusGroup.get_messages() (N-L1)
- Replace time.sleep with asyncio.sleep in key_theme_service and focus_group_service (N-P10)
- Replace flask import with quart in focus_groups.py (N-S3)
- Add logger.error before all 500 returns in focus_groups.py (N-P6)
- Add logging to silent except blocks across routes (N-M10, N-M11)
- Add @rate_limit to 6 remaining AI endpoints (N-H4)
- Add --confirm flag to populate scripts before delete_many (S-H2)
- Remove hardcoded Azure ID fallbacks from msal_service.py and msalConfig.ts (A-M2, F-H4)
- Centralize make_serializable() in utils.py, remove duplicates from 3 route files (N-P7)
- Replace all datetime.utcnow() with datetime.now(timezone.utc) across entire backend (M-L2)
- AuthContext.tsx: only mark token validated on 200 success, not on non-401 errors (F-H2)
- Rename authType → auth_type in auth.py (N-S4)
- Add security_report.md and security_report.pdf with full 92-finding status
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Creates uploads/ and temp/ directories with correct ownership
before restarting the service, fixing systemd namespace errors.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
