[DOC] docs,ci: close M1 — SQL template ACL ✅ + Runbot-only CI model + local pre-commit hook Phase 3.7 carry-over / Gate M1 closure: - roadmap §5 + security.md checklist: tick SQL template ACL (evidence: sql_template.py _check_sql_safety + ACL CTE __acl_allowed + group_ids allowlist + JSON Schema params; test_sql_template.py ma trận ACL/multi-company all pass). - roadmap §6: định nghĩa CI gate = Viindoo Runbot 'CI/runbot' (Runbot-only theo chuẩn org, tvtmaaddons cũng zero GitHub Actions); gỡ giả định P15 tour gate khóa bởi Chrome runner GitHub Actions — tour chạy trên Runbot. Đồng bộ M1 condition + Track B refs + REPO_LAYOUT. - tooling: thêm husky + mở rộng lint-staged (ruff check/format cho *.py) làm lớp verify local; CONTRIBUTING hướng dẫn chạy test qua odoo-bin --test-tags (không phải pytest thuần). Why: PR #34 chủ động drop CI repo-specific để dùng Runbot external; docs cần khớp thực tế để M1 đóng sạch và dev có lớp verify nhanh trước push.

PR: [DOC] docs,ci: close M1 — SQL template ACL ✅ + Runbot-only CI model + local pre-commit hook

Committer: David Tran

Instance ID: 0

PR State: merged

[REVERT] .github: back out CI runner switch — return to GitHub-hosted (PR #34) Per decision to abandon the self-hosted Viindoo Runbot switch (M1 W4/W6): - ci.yaml: restore all 5 jobs to runs-on: ubuntu-latest + setup-python steps - preflight-pgvector.yml: restore ubuntu-22.04 + original branch/path triggers Both files now match origin/17.0 byte-for-byte. Security fixes (trace ir.rule, nl_query sanitize, confirmation nonce) untouched. ai17 returns to GitHub-hosted runners; quota strategy handled separately. Part of Wave 1 — PR #34.

PR: M1 Wave 1: 3 security HIGH gap closure (trace ir.rule + nl_query sanitize + confirmation nonce)

Committer: David Tran

Instance ID: 0

PR State: merged

[FIX] viin_ai_*: root-cause boil-the-lake of /code-review findings — preflight self-hosted + SSOT + dedupe + aggregation fixture + nonce burn (M1 W6) Root-cause fix all 5 findings from /code-review of PR #34. Per boil-the-lake, no shortcuts. 1. preflight-pgvector.yml: switch runs-on from ubuntu-22.04 to [self-hosted, "Viindoo Runbot"]. Root cause of "preflight dead" was org-Free-tier GH Actions quota exhaustion, not workflow code (proven by run 26076812824 which succeeded in 38s before quota hit). Self-hosted Runbot has identical pgvector/pgvector:0.8.2-pg14 service container confirmed via brain-tours.yml. 2. viin_ai_search/controllers/search_controller.py: error message now uses MAX_NL_QUERY_CHARS constant via %d interpolation (SSOT — CLAUDE.md Rule 10). 3. viin_ai_base/tests/test_trace_acl.py: remove duplicate .browse().read() call in test_user_cannot_read_other_users_trace — the first call's result was discarded, dead code. 4. viin_ai_search/tests/test_search_controller.py: replace TODO stub with full integration test for the aggregation path — seeds topic+template+ provider, mocks call_completion, asserts <untrusted_context> wrap in the captured user message of the aggregation LLM call. 5. viin_ai_chat/controllers/chat_controller.py: nonce now single-use — _clear_pending_tool called on NONCE_MISMATCH to burn pending state. Adds AC10 test. Updates security.md §3.1 to document single-use semantics. Part of Wave 1 — PR #34.

PR: M1 Wave 1: 3 security HIGH gap closure (trace ir.rule + nl_query sanitize + confirmation nonce)

Committer: David Tran

Instance ID: 0

PR State: merged

[REF] all modules: switch to short version scheme (strip 17.0. prefix) Odoo recommends short version format (x.y.z) over full (17.0.x.y.z) so that porting to a new Odoo series requires no manifest version bump. - 11 __manifest__.py: strip 17.0. prefix - docs/ai/README.md, roadmap.md, conventions.md, migration.md: update version references and remove stale note about viin_ai_rag alignment - viin_ai_rag/migrations/17.0.0.1.0/pre-migrate.py: update docstring - viin_brain/tests: update migration version reference in comment Migration folder 17.0.0.1.0/ kept as-is (must match what Odoo stored in DB on existing installs).

PR: [REF] all modules: switch to short version scheme (strip 17.0. prefix)

Committer: David Tran

Instance ID: 0

PR State: merged

[REF] all modules: switch to short version scheme (strip 17.0. prefix) Odoo recommends short version format (x.y.z) over full (17.0.x.y.z) so that porting to a new Odoo series requires no manifest version bump. - 11 __manifest__.py: strip 17.0. prefix - docs/ai/README.md, roadmap.md, conventions.md, migration.md: update version references and remove stale note about viin_ai_rag alignment - viin_ai_rag/migrations/17.0.0.1.0/pre-migrate.py: update docstring - viin_brain/tests: update migration version reference in comment Migration folder 17.0.0.1.0/ kept as-is (must match what Odoo stored in DB on existing installs).

PR: [REF] all modules: switch to short version scheme (strip 17.0. prefix)

Committer: David Tran

Instance ID: 0

PR State: merged

[FIX] viin_brain: remove orphan test_ir_http.py — ir_http.py deleted in f815901 (TipTap rejected) Commit f815901 deleted viin_brain/models/ir_http.py and its __init__ import when TipTap editor was rejected in favour of OdooEditor (ADR-003 update). The companion test file viin_brain/tests/test_ir_http.py was not removed, leaving 2 HttpCase tests (test_session_info_includes_editor_backend_flag, test_session_info_defaults_to_odoo_when_invalid) that assert on viin_web_editor_editor_backend in session_info — a key that no longer exists because the injector (ir_http.py) was deleted. Runbot build 381692 (rb-84f5047-221719) caught both failures: AssertionError: None != 'tiptap' AssertionError: None != 'odoo' Fix: delete test_ir_http.py and remove its import from tests/__init__.py. No functional change — the WI-11 classmethod regression guard is no longer needed since the override that triggered it no longer exists.

PR: [Phase 3.7] Gate M1 carry-over: SQL templates, aggregation router, AI Draft smart button, Brain bridge deprecate

Committer: David Tran

Instance ID: 0

PR State: merged

[REF] viin_ai_account,viin_ai_sale,viin_ai_stock: remove <delete> migration guards — no existing installs to upgrade

PR: [Phase 3.7] Gate M1 carry-over: SQL templates, aggregation router, AI Draft smart button, Brain bridge deprecate

Committer: David Tran

Instance ID: 0

PR State: merged

[FIX] viin_ai_account,viin_ai_sale,viin_ai_stock: add <delete> to remove legacy viin_ai_agent placeholder records on install (UniqueViolation fix)

PR: [Phase 3.7] Gate M1 carry-over: SQL templates, aggregation router, AI Draft smart button, Brain bridge deprecate

Committer: David Tran

Instance ID: 0

PR State: merged

[FIX] viin_ai_agent: stock_on_hand template — use parent_path/view_location_id FK join instead of fragile name LIKE

PR: [Phase 3.7] Gate M1 carry-over: SQL templates, aggregation router, AI Draft smart button, Brain bridge deprecate

Committer: David Tran

Instance ID: 0

PR State: merged

[DOC] docs: fix documentation drift — editor ADR, stale state, nav breadcrumbs, Brain bridge timeline Group A — Stale / Navigation (8 fixes): - REPO_LAYOUT.md: replace stale 2026-04-16 skeleton status with accurate Phase 0-3 / P0-P13 ship state - README.md: remove duplicate conventions row, add docs/README.md persona pointer, update date - docs/README.md: add breadcrumb back to root README - docs/brain/README.md: add breadcrumb, remove absolute local path from footer, update date - CONTRIBUTING.md: add Brain cluster onboarding step (step 7) - docs/ai/README.md: add note explaining viin_ai_rag version scheme divergence - docs/brain/data-models.md: add v1.0 note clarifying viin.brain.block is v1.1+ spec Group B — Architecture drift (6 fixes): - docs/decisions/adr-003-wysiwyg-path-b.md: update status Proposed→active; rewrite Decision section — OdooEditor proper extension (NOT TipTap); move TipTap to Alternatives Considered - docs/decisions/README.md: update ADR-003 summary to reflect OdooEditor + TipTap rejected - docs/roadmap.md: fix Track B W12-W17 TipTap→OdooEditor; fix Brain bridge deprecation timeline (W4-W6 bridges redundant, formal remove deferred to v1.2 per ADR-001) - docs/brain/architecture.md: add v1.0 interim callout (raw contenteditable, migration P16) - docs/history/wysiwyg-migration-progress.md: add SUPERSEDED banner (TipTap rejected) - viin_brain/docs/brain/contenteditable_policy.md: rewrite §8 to reflect OdooEditor decision, remove TipTap activation requirements, note tiptap_adapter.js deleted Group C — Code cleanup (1 artifact removed): - viin_web_editor/__manifest__.py: remove tiptap_adapter.js asset entry - viin_brain/models/__init__.py: remove ir_http import - viin_web_editor/static/src/adapters/tiptap_adapter.js: delete TipTap stub - viin_brain/models/ir_http.py: delete TipTap feature flag injector

PR: [DOC] Fix documentation drift — editor ADR (OdooEditor), stale state, nav breadcrumbs, Brain bridge timeline

Committer: David Tran

Instance ID: 0

PR State: merged

[DOC] docs: fix 7 conflicts — rescope viin_ai_documents, fix version pin, branch naming, encapsulation, eliminate stub redirects C1: rescope viin_ai_documents from SKIP to Phase 7.4 Wave-C - architecture.md: depends documents -> viin_document (Viindoo Enterprise) - roadmap.md: add to Wave-C W28-W30; footnote fix; inventory 30->31; §10 count update C2: README.md: viin_api_request_logger >= 0.2 -> >= 0.1.1 (actual version in tvtmaaddons17) C3: CONTRIBUTING.md: clarify external vs internal branch naming convention C4: docs/conventions.md: add note that ai17 daily branch is 17.0 (not master) C5: docs/ai/operating-model.md §4.1: remove optional external deps from viin_ai_ops C6: docs/brain/README.md: update roadmap description (absorbed into C7) C7: eliminate 2 stub redirect files (docs/ai/roadmap.md, docs/brain/roadmap.md) - reroute all relative roadmap.md links in docs/ai/*.md and docs/brain/*.md to ../roadmap.md - fix stale anchor in observability.md - update frozen decision records historical notes - update docs/README.md mention of stubs

PR: [DOC] Fix 7 doc conflicts: viin_ai_documents rescope, version pin, branch naming, encapsulation, stub cleanup

Committer: David Tran

Instance ID: 0

PR State: merged

[DOC] research/cowork-docs: restructure to match CoWork-OS repo layout Move 12 files from flat root into docs/ subdirectory to mirror the original CoWork-OS docs/ layout. The import had flattened this structure, creating 116+ broken links with docs/ prefix in root-level files. Files moved to docs/: - architecture.md, features.md, providers.md, core-automation.md - context-compaction.md, workflow-intelligence.md, heartbeat-v3.md - skills-runtime-model.md, knowledge-graph.md, memory-observations.md - operator-runtime-visibility.md, integration-skill-bootstrap-lifecycle.md Cross-reference fixes (8 links): - docs/architecture.md: managed-agents.md → ../managed-agents.md - docs/core-automation.md: permission-system.md → ../permission-system.md - docs/features.md: managed-agents.md → ../managed-agents.md - execution-runtime-model.md: bare architecture/features → docs/ prefix - permission-system.md: bare core-automation/architecture/features → docs/ prefix Result: broken links reduced from 213 to 185 (-28). Remaining 185 are Type 2 (files never imported from CoWork-OS — not fixable without importing additional source material).

PR: [DOC] docs: consolidate AI + Brain roadmap into unified W1-W30 plan

Committer: David Tran

Instance ID: 0

PR State: merged

[DOC] compact: merge ui-design pair + merge glossary into conventions A — Merge ui-design files: - docs/brain/ui-design-overview.md (190 lines) + ui-design-waves.md (528 lines) → docs/brain/ui-design.md (single spec, Overview + Component & Wave Specs sections). Removes cross-file navigation overhead. - Update references in brain/README.md, brain/architecture.md, brain/roadmap.md. B — Merge glossary into conventions: - docs/glossary.md (155 lines) absorbed into docs/conventions.md as new §Thuật ngữ section (terminology rules + 10 term tables for phases 3.8/3.9 + Cognitive Layer). - Remove duplicate "Vendor vs Provider" English dispatch section from conventions.md; keep the Vietnamese-focused table from glossary. - Update references in README.md, docs/README.md, docs/roadmap.md, CONTRIBUTING.md, SUPPORT.md, decisions/adr-004. Net: -3 files, -2 cross-file nav sections, conventions.md now single coding-standards-and-terminology reference.

PR: [DOC] docs: consolidate AI + Brain roadmap into unified W1-W30 plan

Committer: David Tran

Instance ID: 0

PR State: merged

[DOC] dead content cleanup: placeholders, history, orphan links - Remove screenshot placeholder sections from 3 module READMEs (viin_brain, viin_ai_brain, viin_brain_account_reports): TODO images violate ETHOS §4.4 visual evidence — remove until real screenshots exist. - Move 4 cancelled Phase 3.5 dogfood files to docs/history/ (CANCELLED). - Move 2 UAT files (2026-04-17) to docs/history/ (historical artifacts). - Update docs/history/README.md index with 6 new entries. - Fix wi-001-cluster-audit.md: Phase 3.5 status was "Not started" → "CANCELLED — zero legacy traffic; replaced by internal QA gate". - Rewrite docs/roadmap.md §1: remove historical narrative ("trước đây có hai roadmap song song...") — forward-looking only. - Add "See also" links in 3 docs to resolve orphaned files: docs/ai/security.md → phase1/phase2 security checklists docs/brain/security.md → conflict_registry + contenteditable_policy docs/ai/architecture.md → pgvector_install guide

PR: [DOC] docs: consolidate AI + Brain roadmap into unified W1-W30 plan

Committer: David Tran

Instance ID: 0

PR State: merged