Merge branch 'main' into dev — resolve 1.7.0/1.7.1 version overlap, keep 1.7.1

# Conflicts: # package.json
Merge pull request 'fix: base64-encode Patchmon Basic auth credentials server-side' (#74 ) from fix/patchmon-sync-basic-auth into dev
2026-05-30 19:00:49 -04:00 · 2026-05-30 18:54:53 -04:00 · 2026-05-30 18:51:27 -04:00 · 2026-05-30 18:33:41 -04:00 · 2026-05-29 16:10:56 -04:00 · 2026-05-29 16:08:18 -04:00
4 changed files with 11 additions and 3 deletions
@@ -539,6 +539,7 @@ function _renderJobConfigFields(key, cfg) {
    </div>`;
  if (key === 'patchmon_sync' || key === 'semaphore_sync') {
    const label = key === 'semaphore_sync' ? 'API Token (Bearer)' : 'API Token (Basic)';
+    const tokenPlaceholder = key === 'patchmon_sync' ? 'token_key:token_secret' : '';
    return `
    <div class="form-group">
      <label class="form-label" for="job-cfg-api-url">API URL</label>
@@ -548,6 +549,7 @@ function _renderJobConfigFields(key, cfg) {
    <div class="form-group">
      <label class="form-label" for="job-cfg-api-token">${label}</label>
      <input class="form-input" id="job-cfg-api-token" type="password"
+        placeholder="${tokenPlaceholder}"
        value="${esc(cfg.api_token ?? '')}">
    </div>`;
  }
@@ -1 +1 @@
-const VERSION = "1.5.0";
+const VERSION = "1.7.1";
@@ -1,6 +1,6 @@
 {
  "name": "catalyst",
-  "version": "1.6.0",
+  "version": "1.7.1",
  "type": "module",
  "scripts": {
    "start": "node server/server.js",
@@ -41,8 +41,14 @@ async function patchmonSyncHandler(cfg) {
  const { api_url, api_token } = cfg;
  if (!api_url || !api_token) throw new Error('Patchmon not configured — set API URL and token');

+  // Accept raw "key:secret" (recommended) or a pre-encoded base64 string.
+  // ":" cannot appear in a valid base64 string, so it's a reliable discriminator.
+  const credential = api_token.includes(':')
+    ? Buffer.from(api_token).toString('base64')
+    : api_token;
+
  const res = await fetch(api_url, {
-    headers: { Authorization: `Basic ${api_token}` },
+    headers: { Authorization: `Basic ${credential}` },
  });
  if (!res.ok) throw new Error(`Patchmon API ${res.status}`);
Author	SHA1	Message	Date
josh	917fb26e05	Merge branch 'main' into dev — resolve 1.7.0/1.7.1 version overlap, keep 1.7.1 CI / test (pull_request) Successful in 11s Details CI / build-dev (pull_request) Has been skipped Details # Conflicts: # package.json	2026-05-30 19:00:49 -04:00
josh	a28867b398	Merge pull request 'fix: base64-encode Patchmon Basic auth credentials server-side' (#74 ) from fix/patchmon-sync-basic-auth into dev CI / test (push) Successful in 9s Details CI / build-dev (push) Successful in 23s Details CI / test (pull_request) Successful in 18s Details CI / build-dev (pull_request) Has been skipped Details Reviewed-on: #74	2026-05-30 18:54:53 -04:00
josh	ac71ea2c49	chore: bump to version 1.7.1 CI / test (pull_request) Successful in 19s Details CI / build-dev (pull_request) Has been skipped Details Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-30 18:51:27 -04:00
josh	efa1750cac	fix: base64-encode Patchmon Basic auth credentials server-side Patchmon's API uses standard RFC 7617 Basic auth — `Basic base64(token_key:token_secret)`. The handler was sending the api_token field verbatim, so it only worked if the user had manually base64-encoded the credential. After a Patchmon upgrade, the sync started returning HTML (the SPA, served when auth is rejected) and failing with "Unexpected token '<'" on JSON.parse. Now: if the token contains ':' (raw key:secret), encode it server-side; otherwise pass through unchanged for backward compatibility. UI gets a placeholder hint showing the expected format. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-30 18:33:41 -04:00
josh	aa6e28d818	Merge pull request 'chore: bump to version 1.7.0' (#72 ) from chore/bump-v1.7.0 into main CI / test (push) Successful in 13s Details Release / release (push) Successful in 30s Details CI / build-dev (push) Has been skipped Details Reviewed-on: #72	2026-05-29 16:10:56 -04:00
josh	2cf797545c	chore: bump to version 1.7.0 CI / test (pull_request) Successful in 14s Details CI / build-dev (pull_request) Has been skipped Details	2026-05-29 16:08:18 -04:00
josh	a0381b12cc	Merge pull request 'test: add failing tests for sort/order on GET /api/instances' (#71 ) from dev into main CI / test (push) Successful in 16s Details Release / release (push) Failing after 11s Details CI / build-dev (push) Has been skipped Details Reviewed-on: #71	2026-05-29 16:05:54 -04:00