Feat/2026 roadmap merge

.env.example

@@ -143,3 +143,15 @@ LIVEKIT_TURN_UDP_PORT=3478
 # ===========================================
 # OPENAI_API_KEY=
 # ANTHROPIC_API_KEY=
+
+# ===========================================
+# CRON AGENTS (standup + janitor)
+# Shared secret used by POST /api/cron/standup and POST /api/cron/janitor.
+# Generate with: openssl rand -hex 32
+# The docker-compose `cron` sidecar reads this to invoke the endpoints
+# on a schedule. JANITOR_SYSTEM_USER_ID is the user id used as the
+# author for janitor comments and updates — when unset the janitor runs
+# in dry-run mode (decisions are returned but not applied).
+# ===========================================
+# CRON_SECRET=
+# JANITOR_SYSTEM_USER_ID=

.github/FUNDING.yml

@@ -0,0 +1,5 @@
+# Funding configuration — uncomment lines once accounts are live.
+# github: [neuraparse]
+# open_collective: tasknebula
+# patreon:
+# custom: ["https://neuraparse.com/sponsor"]

.github/ISSUE_TEMPLATE/bug_report.yml

@@ -0,0 +1,60 @@
+name: Bug report
+description: Report a problem you ran into
+labels: [bug]
+body:
+  - type: input
+    id: version
+    attributes:
+      label: TaskNebula version
+      placeholder: 0.2.6
+    validations:
+      required: true
+  - type: dropdown
+    id: deployment
+    attributes:
+      label: How are you running TaskNebula?
+      options:
+        - Docker (Docker Hub image)
+        - Docker (built from source)
+        - pnpm dev (local development)
+        - Other
+    validations:
+      required: true
+  - type: input
+    id: os
+    attributes:
+      label: Operating system
+      placeholder: Ubuntu 24.04 / macOS 15 / Windows 11
+  - type: input
+    id: browser
+    attributes:
+      label: Browser (if relevant)
+      placeholder: Chrome 138 / Firefox 142
+  - type: textarea
+    id: repro
+    attributes:
+      label: Steps to reproduce
+      placeholder: |
+        1. Go to '...'
+        2. Click '...'
+        3. See error
+    validations:
+      required: true
+  - type: textarea
+    id: expected
+    attributes:
+      label: What you expected to happen
+    validations:
+      required: true
+  - type: textarea
+    id: actual
+    attributes:
+      label: What actually happened
+    validations:
+      required: true
+  - type: textarea
+    id: logs
+    attributes:
+      label: Logs and screenshots
+      description: Paste server logs, browser console output, or screenshots that help us diagnose.
+      render: shell

.github/ISSUE_TEMPLATE/config.yml

@@ -0,0 +1,8 @@
+blank_issues_enabled: false
+contact_links:
+  - name: GitHub Discussions
+    url: https://github.com/neuraparse/tasknebula/discussions
+    about: Ask questions, share ideas, and get help from the community.
+  - name: Commercial support
+    url: mailto:hello@neuraparse.com
+    about: Reach out for paid support or partnership inquiries.

.github/ISSUE_TEMPLATE/feature_request.yml

@@ -0,0 +1,27 @@
+name: Feature request
+description: Suggest an idea or improvement
+labels: [enhancement]
+body:
+  - type: textarea
+    id: problem
+    attributes:
+      label: What problem does this solve?
+      description: Describe the pain point or use case, not the solution.
+    validations:
+      required: true
+  - type: textarea
+    id: solution
+    attributes:
+      label: Proposed solution
+      description: What would you like to see TaskNebula do?
+    validations:
+      required: true
+  - type: textarea
+    id: alternatives
+    attributes:
+      label: Alternatives you considered
+  - type: textarea
+    id: context
+    attributes:
+      label: Additional context
+      description: Mockups, links, related issues, etc.

.github/ISSUE_TEMPLATE/question.yml

@@ -0,0 +1,18 @@
+name: Question
+description: Ask a question about using TaskNebula
+labels: [question]
+body:
+  - type: markdown
+    attributes:
+      value: |
+        For general "how do I…" questions please use [GitHub Discussions](https://github.com/neuraparse/tasknebula/discussions) — they are easier to search and reuse.
+  - type: textarea
+    id: question
+    attributes:
+      label: What would you like to know?
+    validations:
+      required: true
+  - type: textarea
+    id: tried
+    attributes:
+      label: What have you already tried?

.github/PULL_REQUEST_TEMPLATE.md

@@ -0,0 +1,26 @@
+<!-- Thanks for the contribution! -->
+
+## Summary
+
+<!-- 1–3 sentences describing what changed and why. -->
+
+## Related issues
+
+<!-- e.g. Closes #123, Refs #456 -->
+
+## Test plan
+
+- [ ] Unit tests added or updated
+- [ ] Manual test of the affected flow
+- [ ] `pnpm type-check` passes
+- [ ] `pnpm --filter @tasknebula/web exec jest` passes
+- [ ] Migrations (if any) run cleanly against a fresh DB
+
+## Screenshots / recordings
+
+<!-- For UI changes, please include before/after screenshots or a short recording. -->
+
+## Breaking changes
+
+- [ ] This PR contains a breaking change.
+<!-- If yes, describe the migration path here. -->

.github/workflows/e2e.yml

@@ -0,0 +1,119 @@
+name: E2E (Playwright)
+
+on:
+  pull_request:
+    paths:
+      - 'apps/web/**'
+      - 'packages/db/**'
+      - 'pnpm-lock.yaml'
+      - '.github/workflows/e2e.yml'
+  push:
+    branches: [main]
+
+concurrency:
+  group: e2e-${{ github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  playwright:
+    name: Playwright (chromium, firefox, webkit)
+    runs-on: ubuntu-latest
+    timeout-minutes: 30
+
+    services:
+      postgres:
+        image: postgres:16-alpine
+        env:
+          POSTGRES_USER: postgres
+          POSTGRES_PASSWORD: postgres
+          POSTGRES_DB: tasknebula
+        ports:
+          - 5432:5432
+        options: >-
+          --health-cmd "pg_isready -U postgres"
+          --health-interval 5s
+          --health-timeout 5s
+          --health-retries 12
+
+      redis:
+        image: redis:7-alpine
+        ports:
+          - 6379:6379
+        options: >-
+          --health-cmd "redis-cli ping"
+          --health-interval 5s
+          --health-timeout 5s
+          --health-retries 12
+
+    env:
+      DATABASE_URL: postgresql://postgres:postgres@localhost:5432/tasknebula
+      REDIS_URL: redis://localhost:6379
+      NEXTAUTH_URL: http://localhost:3000
+      NEXTAUTH_SECRET: e2e-secret-not-used-in-prod
+      PLAYWRIGHT_AI_STUB: '1'
+      NODE_ENV: test
+      CI: 'true'
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Setup pnpm
+        uses: pnpm/action-setup@v4
+        with:
+          version: 9.15.0
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: 22
+          cache: pnpm
+
+      - name: Install dependencies
+        run: pnpm install --frozen-lockfile
+
+      - name: Cache Playwright browsers
+        uses: actions/cache@v4
+        id: pw-cache
+        with:
+          path: ~/.cache/ms-playwright
+          key: pw-${{ runner.os }}-${{ hashFiles('apps/web/package.json') }}
+
+      - name: Install Playwright browsers
+        if: steps.pw-cache.outputs.cache-hit != 'true'
+        run: pnpm --filter @tasknebula/web exec playwright install --with-deps
+
+      - name: Install Playwright OS deps
+        if: steps.pw-cache.outputs.cache-hit == 'true'
+        run: pnpm --filter @tasknebula/web exec playwright install-deps
+
+      - name: Run database migrations
+        run: pnpm --filter @tasknebula/db db:migrate
+
+      - name: Seed e2e fixture
+        run: pnpm --filter @tasknebula/web exec tsx e2e/fixtures/seed.ts
+
+      - name: Build Next.js (faster + closer to prod)
+        run: pnpm --filter @tasknebula/web build
+
+      - name: Run Playwright tests
+        run: pnpm --filter @tasknebula/web tests:e2e
+        env:
+          # Reuse the built app in CI for stability.
+          PLAYWRIGHT_BASE_URL: http://localhost:3000
+
+      - name: Upload Playwright report
+        if: always()
+        uses: actions/upload-artifact@v4
+        with:
+          name: playwright-report
+          path: apps/web/playwright-report
+          retention-days: 14
+
+      - name: Upload traces
+        if: failure()
+        uses: actions/upload-artifact@v4
+        with:
+          name: playwright-traces
+          path: apps/web/test-results
+          retention-days: 14

.github/workflows/openapi.yml

@@ -0,0 +1,42 @@
+name: openapi
+
+# Ensures `apps/web/public/openapi.json` stays in sync with the registry under
+# `apps/web/src/lib/openapi/`. The jest snapshot test (`openapi.test.ts`) is
+# the source of truth — this workflow regenerates the file and then runs the
+# tests, so a stale spec fails the build twice (`git diff` here and the
+# in-test deep equality check).
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+
+jobs:
+  openapi:
+    name: generate + check OpenAPI spec
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Setup pnpm
+        uses: pnpm/action-setup@v4
+        with:
+          version: 9.15.0
+
+      - uses: actions/setup-node@v4
+        with:
+          node-version: '22'
+          cache: 'pnpm'
+
+      - name: Install dependencies
+        run: pnpm install --frozen-lockfile
+
+      - name: Regenerate openapi.json
+        run: pnpm --filter @tasknebula/web openapi:gen
+
+      - name: Fail if openapi.json is stale (regen produced a diff)
+        run: git diff --exit-code -- apps/web/public/openapi.json
+
+      - name: Run OpenAPI tests (snapshot + 3.1 conformance)
+        run: pnpm --filter @tasknebula/web test -- --testPathPatterns=openapi

.gitignore

@@ -309,6 +309,7 @@ junit.xml
 test-results/
 playwright-report/
 playwright/.cache/
+apps/web/e2e/.auth/
 cypress/videos/
 cypress/screenshots/
 cypress/downloads/

.husky/commit-msg

@@ -0,0 +1 @@
+pnpm exec commitlint --edit "$1"

.husky/pre-commit

@@ -0,0 +1 @@
+pnpm exec lint-staged

CHANGELOG.md

@@ -0,0 +1,49 @@
+# Changelog
+
+All notable changes to TaskNebula will be documented in this file.
+
+The format is based on [Keep a Changelog 1.1.0](https://keepachangelog.com/en/1.1.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+## [Unreleased]
+
+### Added
+- Governance documentation: `SECURITY.md`, `CODE_OF_CONDUCT.md`, `SUPPORT.md`, GitHub issue/PR templates, and `FUNDING.yml` placeholder.
+
+## [0.2.6] - 2026-05-14
+
+### Added
+- **Integrations:** GitHub and Sentry OAuth flows, plus HMAC-signed outbound webhook delivery (Plane parity).
+- **Admin:** Platform integration OAuth credentials form and feature-flag CRUD UI with runtime tests.
+- **Templates:** Admin CRUD for project templates plus a use-template onboarding flow.
+- **Drafts:** Database-backed drafts with a promote-to-project flow and a project-creation modal on the drafts list.
+- **Invites & permissions:** New invite flow, refined permission model, and redesigned mail/notification surfaces.
+
+### Changed
+- **Project UI:** Minimized top bar, settings moved into a modal, and an icon-only views toolbar.
+- **Schema:** Exposed new drafts and integration-client-credentials schemas in the barrel exports; consolidated journal entries.
+
+### Fixed
+- **Infra:** Expanded health checks, repaired the migration journal, and reduced log noise.
+- **Infra:** More robust container healthchecks and a better memory-pressure signal.
+- **Auth:** Added `forgot-password`, `reset-password`, and `verify-email` to middleware public routes.
+- **Templates:** Moved `getTemplateAuthz` out of `route.ts` so Next.js route exports stay valid; escaped quotes in the new-template dialog.
+- **Automation:** Escaped apostrophe in the automation manager toast.
+
+### Removed
+- The standalone "New work item" button (superseded by inline creation affordances).
+
+## [0.2.0] - 2026-03
+
+### Added
+- Initial public preview of TaskNebula: kanban boards, real-time updates, and keyboard-first navigation.
+- [See git log] for the full list of pre-0.2.6 changes.
+
+## [0.1.0] - 2026-01
+
+### Added
+- Internal alpha release. [See git log] for details.
+
+[Unreleased]: https://github.com/neuraparse/tasknebula/compare/v0.2.6...HEAD
+[0.2.6]: https://github.com/neuraparse/tasknebula/releases/tag/v0.2.6
+[0.2.0]: https://github.com/neuraparse/tasknebula/releases/tag/v0.2.0
+[0.1.0]: https://github.com/neuraparse/tasknebula/releases/tag/v0.1.0