Skip to content

Clarify roadmap by separating new features from feature enhancements#5

Draft
Copilot wants to merge 31 commits intomainfrom
copilot/check-new-features-and-enhancements
Draft

Clarify roadmap by separating new features from feature enhancements#5
Copilot wants to merge 31 commits intomainfrom
copilot/check-new-features-and-enhancements

Conversation

Copy link
Copy Markdown
Contributor

Copilot AI commented Mar 30, 2026
edited
Loading

The roadmap currently mixes net-new ideas with improvements to existing capabilities, which makes feature review harder than it needs to be. This change restructures the docs so “possible new features” and “feature enhancements” are surfaced distinctly, while keeping the support/search knowledge source aligned.

  • Roadmap structure

    • Split the single “Planned Features” list into:
      • Possible New Features
      • Feature Enhancements
    • Kept Recently Completed intact
    • Added compact summary cards with counts for each group to make the section scannable

  • Docs search / support alignment

    • Updated docs-knowledge.json roadmap content to mirror the UI structure
    • Added roadmap search keywords for enhancement-focused queries so SupportAgent/RAG returns the same categorization users see in the docs

  • Scope

    • Limited to the existing Documentation → Roadmap surface and its indexed knowledge entry
    • No behavior changes outside roadmap presentation/searchability

  • Example

    const possibleNewFeatures = [
  "Conversation workspace with cross-session chat history",
  "Plugin system for third-party tool integrations",
  "Remote command execution via Fleet endpoints",
];

const featureEnhancements = [
  "User-configurable MCP server connections directly from Settings",
  "Custom theme builder with reusable color presets",
  "Import/export for agents, bookmarks, and settings",
];

  • UI

    • The roadmap now presents completed work, candidate new features, and enhancement work as separate sections rather than one undifferentiated backlog

Roadmap UI update

Original prompt

Check for possible new features and features enhancement

hlsitechio and others added 30 commits March 29, 2026 16:24
@hlsitechio
Remove banner image from README
4d2b6b3 
Removed the banner image from the README.
@hlsitechio
feat: web/electron build split, CI/CD pipeline, staging infra
b2c5fd0 
- Platform detection: compile-time BUILD_TARGET (web vs electron)
- vite.config.ts: conditional base, outDir, strip service key from web builds
- Fix: SecurityMonitor window.electron bug → IS_ELECTRON
- Fix: conditional pt-8 padding (no wasted space on web)
- Fix: landing page copy (9 agents, web-first messaging)
- Add: .env.staging + .env.production (no secrets)
- Add: ci.yml (typecheck + lint + dual build + secret audit)
- Add: deploy-web.yml (main→staging, v*→production)
- Update: release.yml (per-platform VITE_PLATFORM, VPS backup)
- Update: docker.yml (build-args for target/platform)
- Branding: CrowByte Terminal → CrowByte
- README: cleanup (remove tech stack, screenshots, fix AI infra table, fix contacts)
@hlsitechio
fix: honest README, remove Tor detection
aaf02af 
README:
- Rewrite all feature claims to match actual code
- Remove false claims: auto-capture, CSPM scanning, SBOM gen, pre-built SIEM connectors
- Security section: remove X25519 (uses P-256), remove audit logging (not implemented), remove no-telemetry
- Add accurate claims: ECDH+AES-256-GCM, credential encryption, activity logging, conversation encryption
- Move unfinished features to Roadmap where they belong

Tor removal:
- Remove checkTorStatus/checkTorIndicators from ip-status.ts
- Remove isTor from IPStatusData interface
- Remove Tor status UI from Dashboard
- Remove check-tor IPC handler from main.cjs
- Remove checkTor from preload.js and global.d.ts
- Remove check.torproject.org from CSP whitelist
@hlsitechio
security: kill telemetry, add log export, expand logging coverage
09bc42f 
- analytics.ts: all methods now explicit no-ops, clear NO TELEMETRY header
- Logs page: add Export dropdown (CSV + JSON) with timestamped filenames
- ip-status.ts: add loggingService calls for network events (success + warnings)
- README: add 'No Telemetry' + 'Exportable as CSV or JSON' claims (now true)
- README: update roadmap (export done, cloud sync still pending)
@hlsitechio
feat: GlitchTip error monitoring integration
656f6fc 
- Install @sentry/browser SDK (GlitchTip-compatible)
- Create glitchtip.ts service with:
  - Auto error capture via Sentry SDK
  - Manual captureError/captureMessage methods
  - User context (set on login, clear on logout)
  - Breadcrumb tracking
  - API client for AI agent: getIssues, getIssueEvents, getErrorSummary
  - resolveIssue API for triage
  - getIssuesForAgent — formatted output for AI consumption
- Initialize in App.tsx on mount
- Add DSN to .env, .env.production, .env.staging
- Add app.glitchtip.com to nginx CSP connect-src
- Filter noisy errors (ResizeObserver, extensions)
- Bridge: errors go to both GlitchTip AND local logging service
@hlsitechio
feat: GlitchTip Electron main process + renderer config fix
a0a9c99 
- Add @sentry/electron SDK
- Initialize Sentry in electron/main.cjs (main process crash capture)
- Set autoSessionTracking: false (GlitchTip requirement)
- Lower tracesSampleRate to 0.01 (1% in production)
- Renderer uses @sentry/browser (works for both web + Electron renderer)
@hlsitechio
feat: source maps upload to GlitchTip + MCP server config
6be0f87 
- Enable sourcemap generation in Vite build
- @sentry/vite-plugin auto-uploads maps to GlitchTip on SENTRY_AUTH_TOKEN
- Maps auto-deleted post-upload (don't ship to users)
- GlitchTip MCP server added to Claude Code settings
- Permissions for mcp__glitchtip__* tools
@hlsitechio
refactor: nuke all @sentry/* deps, replace with zero-dep GlitchTip re…
9c0a9c4 
…porter

- Removed @sentry/browser, @sentry/electron, @sentry/vite-plugin
- Renderer: custom error reporter using fetch() to GlitchTip store API
  - Global error + unhandledrejection handlers
  - Stack trace parsing (Chrome + Firefox)
  - Breadcrumb tracking, user context, noise filtering
- Main process: same pattern, pure Node fetch()
- Bundle size: -76 KB (2,531 → 2,455 KB)
- Zero external dependencies for error monitoring
- GlitchTip MCP server still configured for AI-assisted debugging
@hlsitechio
feat: hidden sourcemaps + archive script for GlitchTip debugging
806a742 
- sourcemap: 'hidden' — generates .map files without URL refs in bundles
- scripts/upload-sourcemaps.sh archives maps per version, strips from dist
- Proper filenames: chart-vendor-oyh-UeQZ.js.map (not GUIDs)
- sourcemaps/ dir gitignored (local debugging only)
- GlitchTip SaaS doesn't support release file uploads — archive locally
@hlsitechio
feat: wire GlitchTip into AI monitoring agent (GHOST)
138de08 
- Agent can now call glitchtip_get_issues, glitchtip_get_issue_events, glitchtip_error_summary
- System prompt updated with app error monitoring capability
- Scan instructions include GlitchTip checks (steps 6-8)
- Agent auto-checks for production bugs during every monitoring cycle
- Deep-dives into critical issues with stack traces via getIssueEvents
- Zero new deps — uses existing glitchtip.ts API client
@hlsitechio
security+ux: pre-launch audit — nuke secrets, fix shells, honest UI
909d23f 
SECURITY FIXES:
- inoreader.ts: OAuth client_secret moved to env var (was hardcoded)
- license-guard.ts: AES-GCM encryption replaces btoa() for license cache
- credentialStorage.ts: per-device generated salt replaces hardcoded string
- encryption.ts: HMAC key derived from password, not hardcoded
- remote-control.ts: random per-session HKDF salt (was zero bytes)
- CVE.tsx: dynamic user_id from auth session (was hardcoded UUID)

SHELL/PARTIAL FIXES:
- CloudSecurity: preview banner — marks as demo with sample data
- Missions: preview banner — tool execution is simulated
- Connectors: preview banner — integrations not yet active
- DetectionLab: honest label — 'pattern-based, AI coming soon'
- Tools.tsx: loadData() actually calls service, graceful error handling
- AgentBuilder: loadAgents() uncommented with try/catch fallback

UX:
- macOS download marked 'Coming Soon' (not yet tested)
- HardHat icon for preview banners (Construction doesn't exist in phosphor)
@hlsitechio
ci: strip source maps before security audit
b3ebde1 
The grep catches 'service_role' in .map files (Supabase SDK type
definitions, not actual keys). Maps are stripped before audit and
never deployed to users.
@hlsitechio
fix(docker): NODE_ENV=production override for isDev detection
49e394b 
app.isPackaged is always false when running Electron from source
(Docker, dev). The OR-based isDev check ignored NODE_ENV=production.

Now NODE_ENV=production short-circuits the check, so Docker containers
load dist/index.html instead of trying localhost:8081 dev server.

- electron/main.cjs: isForceProduction guard on both isDev checks
- docker/entrypoint.sh: export NODE_ENV=production before electron
@hlsitechio
fix(docker): auto-maximize window in headless/Docker environments
2decfdf 
Xvfb + Fluxbox positions the 1400x900 window off-screen.
When running from source in production mode (Docker), auto-maximize
so the TitleBar and full UI are visible through noVNC.
@hlsitechio
fix(docker): app.name + onboarding pre-seed + fullscreen for headless
14769b7 
- Set app.name='crowbyte' so userData path is consistent (~/.config/crowbyte/)
  instead of ~/.config/Electron/ when running unpackaged
- Pre-seed crowbyte-config.json in entrypoint to skip onboarding wizard
- setFullScreen(true) for Docker/headless environments
- Add --start-maximized flag to electron CLI args
@hlsitechio
refactor: rename Search AI Agent → Support Agent in sidebar
0e137e7
@hlsitechio
feat: CrowByte Support Agent — service + RAG knowledge base
253c72b 
New support-agent.ts service with:
- RAG search over 35 doc chunks (docs-knowledge.json)
- Intent classification (docs/diagnostic/escalation/general)
- 6 diagnostic checks (Supabase, Auth, OpenClaw, Electron, Storage, ErrorReporter)
- OpenClaw AI chat with system prompt + RAG context
- Escalation to Supabase support_tickets + Discord webhook
- Push notification system via Supabase Realtime
- Ticket CRUD for user-facing ticket history

docs-knowledge.json: 35 chunks extracted from all doc sections (~70KB)
@hlsitechio
feat: Support Agent UI — full rewrite with RAG chat, diagnostics, esc…
f227b33 
…alation, notifications
Initial plan
dc2a704
@hlsitechio
fix: security hardening and code quality improvements from code review
94917a7 
Agent-Logs-Url: https://github.com/hlsitechio/crowbyte/sessions/e9657fca-bd05-4cb1-b1b9-d5bdfa697dfe

Co-authored-by: hlsitechio <68784598+hlsitechio@users.noreply.github.com>
@hlsitechio
chore: add agent/__pycache__ to .gitignore and untrack compiled files
110142b 
Agent-Logs-Url: https://github.com/hlsitechio/crowbyte/sessions/e9657fca-bd05-4cb1-b1b9-d5bdfa697dfe

Co-authored-by: hlsitechio <68784598+hlsitechio@users.noreply.github.com>
@hlsitechio
fix(missions): defensive fallback for unknown status/phase values — p…
b402f00 
…revents crash on bad data
@hlsitechio
fix: defensive fallbacks for STATUS_CONFIG/SEVERITY_CONFIG lookups ac…
32cc2fc 
…ross RedTeam + CVE pages
@hlsitechio
fix(findings): null-safe array access for cve_ids, cwe_ids, tags — pr…
7f3bfc9 
…events crash on null DB values
@hlsitechio
merge: security hardening from Copilot code review
ce3e209 
- fix: shell injection in memory bridge (exec → execFile)
- fix: /api/errors endpoints now require JWT auth
- fix: arg sanitization no longer skips --prefixed args
- fix: scan target format validation added
- fix: SSL verification configurable in Python agent
- feat: startup warnings for default credentials and missing JWT_SECRET
- feat: explicit CSP directives instead of disabled Helmet
- chore: noFallthroughCasesInSwitch enabled in tsconfig
@hlsitechio
feat: expand SOC agent registry with new agent types (cherry-pick fro…
dd0ad58 
…m copilot)
@hlsitechio
fix: normalize copilot rate-limit stream errors
964a716 
Agent-Logs-Url: https://github.com/hlsitechio/crowbyte/sessions/95d303ec-05ae-4dbd-9f04-eebc2b9cc963

Co-authored-by: hlsitechio <68784598+hlsitechio@users.noreply.github.com>
@hlsitechio
fix: improve resilience of copilot rate-limit error mapping
a8d9dfe 
Agent-Logs-Url: https://github.com/hlsitechio/crowbyte/sessions/95d303ec-05ae-4dbd-9f04-eebc2b9cc963

Co-authored-by: hlsitechio <68784598+hlsitechio@users.noreply.github.com>
@hlsitechio
feat: complete agent builder save-and-reuse flow
b429d55 
Agent-Logs-Url: https://github.com/hlsitechio/crowbyte/sessions/dd46796a-8e66-4bea-b779-71a9c3b639ff

Co-authored-by: hlsitechio <68784598+hlsitechio@users.noreply.github.com>
Initial plan
2c7bff9
@docs-page
Copy link
Copy Markdown

docs-page Bot commented Mar 30, 2026

To view this pull requests documentation preview, visit the following URL:

docs.page/hlsitechio/crowbyte~5

Documentation is deployed and generated using docs.page.

@hlsitechio
docs: clarify roadmap features and enhancements
f783667 
Agent-Logs-Url: https://github.com/hlsitechio/crowbyte/sessions/beda5faa-74d9-4804-96d1-ce6340446e46

Co-authored-by: hlsitechio <68784598+hlsitechio@users.noreply.github.com>
Copilot AI changed the title [WIP] Check for possible new features and enhancements Clarify roadmap by separating new features from feature enhancements Mar 30, 2026
Copilot AI requested a review from hlsitechio March 30, 2026 21:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@hlsitechio hlsitechio Awaiting requested review from hlsitechio

Assignees

@hlsitechio hlsitechio

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@hlsitechio