The login flow now falls back to OAuth client credentials flow when
the admin PAT token is not available. This allows login.html to work
even when Zitadel PAT generation hasn't been configured yet.
- Added get_oauth_token() helper function
- Login now tries PAT first, then OAuth client credentials
- Includes proper Zitadel scope for API access
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Bug fixes in .bas tools:
- Fix BEGIN MAIL email → BEGIN MAIL emailContato in tools 07, 09, 10
- Fix newsletter BOOLEAN → STRING in tool 10 (LLM sends 'Sim' as string)
- Add natural language descriptions to ENUM params in tools 02-10
Botserver:
- Fix duplicate chat message when tool is executed (tool_was_executed flag)
BotUI:
- Remove theme selector button from minimal chat for non-logged users
Testing: All 10 tools verified with NL ENUM mapping and DB records
SECURITY FIXES:
- Add restart.sh script that reads Vault credentials from /tmp/ only
- Add .gitignore rules for: vault-unseal-keys, start-and-unseal.sh, vault-token-*
- Add security warning to README.md about /tmp/ for secrets
- Update botserver port references from 8088 to 9000 in README
Secrets MUST be placed in /tmp/ only:
- /tmp/vault-token-gb (Vault root token)
- /tmp/vault-unseal-key-gb (Vault unseal key)
This commit removes the previous commit (c7a60b8) that contained hardcoded
secrets in restart.sh and start-and-unseal.sh files.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
- Add token-aware text truncation utility in core/shared/utils.rs
- Fix embedding generators to use 600 token limit (safe under 768)
- Fix LLM context limit detection for local models (768 vs 4096)
- Prevent 'exceed context size' errors for both embeddings and chat
- Fix installer.rs: Add Windows OS support with check_admin(), configure_windows_security(), and update_windows_signatures()
- Fix installer.rs: Remove duplicate check_root() function and fix invalid #[cfg] attributes
- Fix installer.rs: Use runtime cfg!(windows) checks instead of compile-time attributes
- Fix ui_server: Extract bot name from URL path and pass to frontend via window.__INITIAL_BOT_NAME__
- Fix tasks.js: Wrap activePollingTaskId, pollingInterval, pendingManifestUpdates, and taskStyleElement in checks to prevent redeclaration
- Fix autotask.html: Use absolute paths for all CSS/JS references (/suite/tasks/*)
- Fix navigation: Update tasks.html references to autotask.html in base.html, home.html, and index.html
- Add isBasicFile() and openInDesigner() functions in drive.js
- Remove .bas from inline editor, redirect to designer with bucket/path params
- Update designer FileQuery to include bucket parameter
- Add load_from_drive() function to fetch .bas content from MinIO
- Fix designer initialization for HTMX dynamic loading
- Parse URL params from both query string and hash fragment
- Add parseBasicCodeToNodes() to convert BASIC code to visual nodes
- Support TALK, HEAR, SET, IF, FOR, CALL, WAIT, GET, PARAM commands
- Add saveToDrive() to save changes back to original location
- Fix createNode() to return the created node
- Add generateBasCode() for converting nodes back to BASIC
