Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
112 commits
Select commit Hold shift + click to select a range
70f9824
Add per-package version files and reorganize release notes
PenguinzTech Dec 11, 2025
9056677
feat: implement .WORKFLOW compliance for squawk
PenguinzTech Dec 11, 2025
c2484f2
feat: implement DHCP and Time (NTP/PTP) services across all components
PenguinzTech Jan 5, 2026
e1697cf
periodic save
PenguinzTech Jan 6, 2026
65becbf
periodic save
PenguinzTech Jan 7, 2026
b65f71a
periodic save
PenguinzTech Jan 8, 2026
09d7459
Updating documentation to new base standard
PenguinzTech Jan 12, 2026
740ffbf
Updating documentation to new base standard
PenguinzTech Jan 14, 2026
64f0790
Updating documentation to new base standard
PenguinzTech Jan 14, 2026
41f838e
Updating documentation to new base standard
PenguinzTech Jan 14, 2026
48e0bfd
Updating documentation to new base standard
PenguinzTech Jan 14, 2026
e978f0b
Updating documentation to new base standard
PenguinzTech Jan 15, 2026
ff43017
Updating documentation to new base standard
Jan 22, 2026
5482214
Updating documentation to new base standard
Jan 22, 2026
6db0e0f
Updating documentation to new base standard
Jan 22, 2026
915f716
Updating documentation to new base standard
PenguinzTech Jan 28, 2026
7bb170f
Convert Flask web console to API-only backend with React WebUI
PenguinzTech Jan 30, 2026
7362575
Update Next.js to 15.5.10 to fix high severity vulnerabilities
PenguinzTech Jan 30, 2026
1510d80
Updating documentation to new base standard
PenguinzTech Jan 30, 2026
e17d82b
Fix .dockerignore excluding docs needed by root Dockerfile
PenguinzTech Jan 30, 2026
14cc6eb
Fix critical security vulnerabilities and add comprehensive test suite
PenguinzTech Feb 2, 2026
1e46e89
Fix zod dependency version (4.3.6 -> 3.24.1)
PenguinzTech Feb 2, 2026
544aed6
Fix dns-webui build by installing react_libs dependencies
PenguinzTech Feb 2, 2026
a345d96
Fix beta K8s deployment to use Cloudflare wildcard certificate
PenguinzTech Feb 2, 2026
4b944f4
Fix K8s deployment health checks and add required volume mounts
PenguinzTech Feb 3, 2026
ea685f3
Update to use penguin-libs from GitHub instead of local copy
PenguinzTech Feb 3, 2026
cd4a885
Updating documentation to new base standard
PenguinzTech Feb 4, 2026
ef64a2c
Remove vendored shared/ libraries in favor of centralized penguin-libs
PenguinzTech Feb 12, 2026
ffff0f6
Updating documentation to new base standard
PenguinzTech Feb 13, 2026
99c9741
Updating documentation to new base standard
PenguinzTech Feb 13, 2026
2b7c9e6
Add standardized k8s deployment configuration
PenguinzTech Feb 13, 2026
95883cf
Remove extra k8s documentation files
PenguinzTech Feb 13, 2026
be79a74
Updating documentation to new base standard
PenguinzTech Feb 13, 2026
3ebf929
fix(k8s): standardize deploy-beta.sh TLD to .penguintech.cloud
PenguinzTech Feb 17, 2026
56b4472
Remove website folder - moved to centralized website repo
PenguinzTech Feb 18, 2026
c127eda
Remove app.md template (replaced by {subject}.local.md convention)
PenguinzTech Feb 19, 2026
3b1cb36
Updating documentation to new base standard
PenguinzTech Feb 19, 2026
31ad77d
Updating documentation to new base standard
PenguinzTech Feb 19, 2026
1f83992
Updating documentation to new base standard
PenguinzTech Feb 26, 2026
7f0313f
Updating documentation to new base standard
PenguinzTech Feb 26, 2026
c39e4aa
Updating documentation to new base standard
PenguinzTech Mar 2, 2026
8652efc
Add standardized GitHub issue templates
PenguinzTech Mar 2, 2026
f953d17
Updating documentation to new base standard
PenguinzTech Mar 4, 2026
25205fd
Updating documentation to new base standard
PenguinzTech Mar 9, 2026
741e524
Updating documentation to new base standard
PenguinzTech Mar 11, 2026
181a467
Updating documentation to new base standard
PenguinzTech Mar 11, 2026
440bffe
feat: coverage 98%, Codecov v4, README badges, penguin-libs migration
PenguinzTech Mar 13, 2026
ac65aa4
chore: exclude worktree directory from git tracking
PenguinzTech Mar 13, 2026
bbd622e
security: pin trivy-action to v0.35.0 (supply chain fix)
PenguinzTech Mar 24, 2026
a1895d7
Updating documentation to new base standard
PenguinzTech Mar 25, 2026
c65d8db
chore: pin all dependencies to immutable SHA references
PenguinzTech Mar 25, 2026
7af5adf
chore: pin gosec to immutable SHA reference
PenguinzTech Mar 25, 2026
f7d7b41
Updating documentation to new base standard
PenguinzTech Mar 26, 2026
1a988cb
Updating documentation to new base standard
PenguinzTech Mar 26, 2026
f47782c
chore: migrate to penguin-dal, fix requirements version constraints
PenguinzTech Mar 28, 2026
4919be2
fix: use >= constraints for penguin-libs in .in files, remove penguin…
PenguinzTech Mar 28, 2026
4d14339
fix: remove test packages from production requirements.txt, fix pengu…
PenguinzTech Mar 28, 2026
944edab
fix: remove pytest packages from manager/backend/requirements.in
PenguinzTech Mar 28, 2026
93f343f
feat: add SQLAlchemy schema and Alembic migrations for dns-server
PenguinzTech Mar 28, 2026
dc2bb72
fix: resolve lint errors and SQLAlchemy 2.x compatibility in dns-serv…
PenguinzTech Mar 28, 2026
99fdb5b
feat: migrate dns-server to penguin-dal (replaces PyDAL)
PenguinzTech Mar 28, 2026
f9b62ef
fix: add missing dns-server schema tables, fix penguin-dal query API …
PenguinzTech Mar 28, 2026
0901bda
fix: add db_engine, db, clean_db_tables pytest fixtures to dns-server…
PenguinzTech Mar 28, 2026
e3375ca
fix: type hints and safe tempfile creation in dns-server test conftest
PenguinzTech Mar 28, 2026
01eb758
feat: add SQLAlchemy schema and Alembic migrations for manager/backend
PenguinzTech Mar 28, 2026
7000df1
fix: move schema import to module level in alembic migration
PenguinzTech Mar 28, 2026
a39fe57
feat: migrate manager/backend to penguin-dal (replaces PyDAL)
PenguinzTech Mar 28, 2026
7427c8a
feat: replace flask-limiter with penguin-limiter in both services
PenguinzTech Mar 28, 2026
14dcb67
fix: suppress pre-existing E402 flake8 violations in dns-server app.py
PenguinzTech Mar 28, 2026
9082cb6
feat: pin dns-webui npm deps to exact versions and add AppConsoleVers…
PenguinzTech Mar 28, 2026
c097bb8
test: add Vitest unit tests for dns-webui
PenguinzTech Mar 28, 2026
ba9fbd6
feat: integrate react-libs LoginPageBuilder, SidebarMenu, AppConsoleV…
PenguinzTech Mar 28, 2026
e017437
test: add Playwright E2E tests for dns-webui and manager (skip when o…
PenguinzTech Mar 28, 2026
160175d
test: add Vitest unit tests for manager/frontend
PenguinzTech Mar 28, 2026
6418277
fix: scope manager/frontend coverage to tested files only
PenguinzTech Mar 28, 2026
4f48953
test: improve Python test coverage for dns-server and manager/backend
PenguinzTech Mar 28, 2026
2c07eac
test: improve manager/frontend Login and Sidebar coverage to 100%
PenguinzTech Mar 28, 2026
16fbf92
periodic save
PenguinzTech Mar 28, 2026
136ab5f
ci: update Go version to 1.24.2 to match go.mod
PenguinzTech Apr 1, 2026
c26de93
security: fix gosec G115 and G104 warnings in Go client
PenguinzTech Apr 1, 2026
134676a
Updating documentation to new base standard
PenguinzTech Apr 1, 2026
053d12d
Fixed CICD workflow
PenguinzTech Apr 1, 2026
8e0a90b
Fixed CICD workflow
PenguinzTech Apr 1, 2026
1a26483
Fixed CICD workflow
PenguinzTech Apr 1, 2026
fc8d875
Updating documentation to new base standard
PenguinzTech Apr 8, 2026
f15727d
Updating documentation to new base standard
PenguinzTech Apr 10, 2026
af0315a
chore: migrate containers to rootless non-root users
PenguinzTech Apr 12, 2026
30ab266
chore: pre-wipe backup
PenguinzTech Apr 18, 2026
240e0aa
ci: parallel arm64/amd64 builds with manifest merge (#47)
PenguinzTech Apr 22, 2026
469fb51
chore: upgrade GitHub Actions + close e2e/smoke test coverage gaps
PenguinzTech Apr 22, 2026
2f4fe14
Updating documentation to new base standard
PenguinzTech Apr 24, 2026
b7ce7ae
feat: deploy squawk to dal2-beta as external DNS resolver
PenguinzTech May 9, 2026
0ad9b12
feat: complete k8s deployment infrastructure - Helm chart + kustomize…
PenguinzTech May 9, 2026
9b826c5
feat: add squawk-k8s-dns internal Kubernetes DNS plugin
PenguinzTech May 10, 2026
b613d3a
Update squawk-dns-client binary.
PenguinzTech May 26, 2026
2eabe3d
Enterprise hardening + dns-server consolidation to Quart app.main (#50)
PenguinzTech Jul 9, 2026
fb1750c
Merge origin/main into v2.1.x: union release reconciliation
PenguinzTech Jul 9, 2026
e21c6d9
feat(dhcp): harden DHCP server — penguin-dal persistence + JWT auth
PenguinzTech Jul 9, 2026
7ec5fa4
feat(ntp): harden NTP server to full RFC 8915 NTS
PenguinzTech Jul 9, 2026
ce43089
fix(client): never send bearer token over plaintext transport
PenguinzTech Jul 9, 2026
cb4f2fb
feat(k8s): wire dhcp-server and ntp-server (Helm + Kustomize)
PenguinzTech Jul 9, 2026
4ed4773
fix(dhcp): correct uninstallable dependency pins
PenguinzTech Jul 9, 2026
9cf7047
ci: build, test, and publish dhcp-server and ntp-server
PenguinzTech Jul 9, 2026
946f4d9
style: black-format dhcp-server, ntp-server, and python client
PenguinzTech Jul 9, 2026
8b19aa0
style(go-client): resolve all golangci-lint issues in the union
PenguinzTech Jul 9, 2026
3070e69
fix(ci): align Go version, add pytest-asyncio, accept epoch version, …
PenguinzTech Jul 9, 2026
86b7590
fix(ci): resolve PR #46 round-2 failures (golangci, ntp, dns-client, …
PenguinzTech Jul 9, 2026
840e29d
fix(ci): golangci-lint v1 config + resolve 12 errcheck findings
PenguinzTech Jul 9, 2026
614150c
fix(ci): use #nosec annotations for standalone gosec scan
PenguinzTech Jul 9, 2026
35ceb9b
chore(security): enterprise hardening wave — seccomp, deps, supply-ch…
PenguinzTech Jul 10, 2026
557bab7
fix(ci): sign multi-arch manifest in merge jobs (fix arm64 SBOM failure)
PenguinzTech Jul 10, 2026
3d5b401
feat(security): asymmetric JWT (ES256/RS256) + tenant isolation
PenguinzTech Jul 10, 2026
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
The table of contents is too big for display.
Diff view
Diff view
  •  
  •  
  •  
The diff you're trying to view is too large. We only load the first 3000 changed files.
60 changes: 60 additions & 0 deletions .claude/.claude/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,60 @@
# Claude Context Files

This directory contains focused standards files for Claude Code to reference when working on specific parts of the codebase.

## 🚫 DO NOT MODIFY EXISTING FILES

**These are centralized template standards that will be overwritten when updated.**

Files you must **NEVER modify**:
- `go.md`, `python.md`, `react.md` (language standards)
- `flask-backend.md`, `go-backend.md`, `webui.md` (service standards)
- `database.md`, `security.md`, `testing.md`, `containers.md`, `kubernetes.md` (domain standards)
- `README.md` (this file)

**Instead, CREATE NEW FILES for app-specific context:**
- `.claude/app.md` - App-specific rules and context
- `.claude/[feature].md` - Feature-specific context (e.g., `billing.md`, `notifications.md`)
- `docs/APP_STANDARDS.md` - Human-readable app-specific documentation

---

## ⚠️ CRITICAL RULES

Every file in this directory starts with a "CRITICAL RULES" section. Claude should read and follow these rules strictly.

## File Index

### Language Standards
| File | When to Read |
|------|--------------|
| `go.md` | Working on Go code (*.go files) |
| `python.md` | Working on Python code (*.py files) |
| `react.md` | Working on React/frontend code (*.jsx, *.tsx files) |

### Service Standards
| File | When to Read |
|------|--------------|
| `flask-backend.md` | Working on Flask backend service |
| `go-backend.md` | Working on Go backend service |
| `webui.md` | Working on WebUI/React service |

### Domain Standards
| File | When to Read |
|------|--------------|
| `database.md` | Any database operations (PyDAL, SQLAlchemy, GORM) |
| `security.md` | Authentication, authorization, security scanning |
| `testing.md` | Running tests, beta infrastructure, smoke tests |
| `containers.md` | Docker images, Dockerfiles, container configuration |
| `kubernetes.md` | K8s deployments, Helm v3 charts, Kustomize overlays |

## Usage

Claude should:
1. Read the main `CLAUDE.md` for project overview and critical rules
2. Read relevant `.claude/*.md` files based on the task at hand
3. Follow the CRITICAL RULES sections strictly - these are non-negotiable

## File Size Limit

All files in this directory should be under 5000 characters to ensure Claude can process them effectively.
27 changes: 27 additions & 0 deletions .claude/.claude/app.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
# App-Specific Context

> ✅ **This file IS safe to modify.** Add your app-specific rules, context, and requirements here.

## About This App

<!-- Describe what this application does -->

## App-Specific Rules

<!-- Add rules specific to this application that Claude should follow -->

## Key Files & Locations

<!-- List important files Claude should know about -->

## Domain-Specific Terms

<!-- Define any domain terminology Claude should understand -->

## Integration Notes

<!-- Any app-specific integration details -->

---

*This file is for app-specific context. Do not add general standards here - those belong in the template files.*
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
183 changes: 183 additions & 0 deletions .claude/.claude/react.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,183 @@
# React / Frontend Standards

## ⚠️ CRITICAL RULES

- **ReactJS MANDATORY** for all frontend applications - no exceptions
- **Node.js 18+** required for build tooling
- **ES2022+ standards** mandatory (modern JS syntax, async/await, arrow functions, destructuring)
- **Functional components with hooks only** - no class components
- **Centralized API client** with auth interceptors - all API calls through `apiClient`
- **Protected routes** required - use AuthContext with authentication state
- **ESLint + Prettier required** - all code must pass linting before commit
- **Dark theme default** - gold text (amber-400) with slate backgrounds
- **TailwindCSS v4** for styling - use CSS variables for design system
- **Responsive design** - mobile-first approach, all layouts must be responsive

## Technology Stack

**Required Dependencies:**
- `react@^18.2.0`, `react-dom@^18.2.0`
- `react-router-dom@^6.20.0` - page routing
- `axios@^1.6.0` - HTTP client
- `@tanstack/react-query@^5.0.0` - data fetching & caching
- `zustand@^4.4.0` - state management (optional)
- `lucide-react@^0.453.0` - icons
- `tailwindcss@^4.0.0` - styling

**DevDependencies:**
- `vite@^5.0.0` - build tool
- `@vitejs/plugin-react@^4.2.0` - React plugin
- `eslint@^8.55.0` - code linting
- `prettier@^3.1.0` - code formatting

## Project Structure

```
services/webui/
├── src/
│ ├── components/ # Reusable UI components
│ ├── pages/ # Page components
│ ├── services/ # API client & integrations
│ ├── hooks/ # Custom React hooks
│ ├── context/ # React context (auth, etc)
│ ├── utils/ # Utility functions
│ ├── App.jsx
│ └── index.jsx
├── package.json
├── Dockerfile
└── .env
```

## API Client Integration

**Centralized axios client with auth interceptors:**

```javascript
// src/services/apiClient.js
import axios from 'axios';

const apiClient = axios.create({
baseURL: process.env.REACT_APP_API_URL || 'http://localhost:5000',
headers: { 'Content-Type': 'application/json' },
withCredentials: true,
});

// Request: Add auth token to headers
apiClient.interceptors.request.use(config => {
const token = localStorage.getItem('authToken');
if (token) config.headers.Authorization = `Bearer ${token}`;
return config;
});

// Response: Handle 401 (redirect to login)
apiClient.interceptors.response.use(
response => response,
error => {
if (error.response?.status === 401) {
localStorage.removeItem('authToken');
window.location.href = '/login';
}
return Promise.reject(error);
}
);

export default apiClient;
```

## Component Patterns

**Functional components with hooks:**
- Use `useState` for local state, `useEffect` for side effects
- Custom hooks for shared logic (e.g., `useUsers`, `useFetch`)
- React Query for data fetching with caching (`useQuery`, `useMutation`)

**Authentication Context:**
- Centralize auth state in `AuthProvider`
- Export `useAuth` hook for accessing user, login, logout
- Validate token on app mount, refresh on 401 responses

**Protected Routes:**
- Create `ProtectedRoute` component checking `useAuth()` state
- Redirect unauthenticated users to `/login`
- Show loading state while checking auth status

**Data Fetching:**
- Use React Query for server state management
- Custom hooks wrapping `useQuery`/`useMutation` for API calls
- Automatic caching, refetching, and error handling

## Design System

**Color Palette (CSS Variables):**
```css
--bg-primary: #0f172a; /* slate-900 - main background */
--bg-secondary: #1e293b; /* slate-800 - sidebar/cards */
--text-primary: #fbbf24; /* amber-400 - headings */
--text-secondary: #f59e0b; /* amber-500 - body text */
--primary-500: #0ea5e9; /* sky-blue - interactive elements */
--border-color: #334155; /* slate-700 */
```

**Navigation Patterns:**
1. **Sidebar (Elder style)**: Fixed left sidebar with collapsible categories
2. **Tabs (WaddlePerf style)**: Horizontal tabs with active underline
3. **Combined**: Sidebar + tabs for complex layouts

**Required Components:**
- `Card` - bordered container with optional title
- `Button` - variants: primary, secondary, danger, ghost
- `ProtectedRoute` - authentication guard
- `Sidebar` - main navigation with collapsible groups

## Styling Standards

- **TailwindCSS v4** for all styling (no inline styles)
- **Dark theme default**: slate backgrounds + gold/amber text
- **Responsive**: Use Tailwind breakpoints (sm, md, lg, xl)
- **Transitions**: `transition-colors` or `transition-all 0.2s` for state changes
- **Consistent spacing**: Use Tailwind spacing scale (4, 6, 8 px increments)
- **Gradient accents**: Subtle, sparing usage for visual interest

## Quality Standards

**Linting & Formatting:**
- **ESLint** required - extends React best practices
- **Prettier** required - enforces code style
- Run before every commit: `npm run lint && npm run format`

**Code Quality:**
- All code must pass ESLint without errors/warnings
- Type checking with PropTypes or TypeScript (if using TS)
- Meaningful variable/component names
- Props validation for all components

**Testing:**
- Smoke tests: Build, run, API health, page loads
- Unit tests for custom hooks and utilities
- Integration tests for component interactions

## Docker Configuration

```dockerfile
# services/webui/Dockerfile - Multi-stage build
FROM node:18-slim AS builder
WORKDIR /app
COPY package*.json ./
RUN npm ci
COPY . .
RUN npm run build

FROM nginx:stable-bookworm-slim
COPY --from=builder /app/dist /usr/share/nginx/html
COPY nginx.conf /etc/nginx/conf.d/default.conf
EXPOSE 80
CMD ["nginx", "-g", "daemon off;"]
```

## Accessibility Requirements

- Keyboard navigation for all interactive elements
- Focus states: `focus:ring-2 focus:ring-primary-500`
- ARIA labels for screen readers
- Color contrast minimum 4.5:1
- Respect `prefers-reduced-motion` preference
File renamed without changes.
File renamed without changes.
File renamed without changes.
1 change: 1 addition & 0 deletions .claude/development-rules.md
1 change: 1 addition & 0 deletions .claude/git-workflow.md
1 change: 1 addition & 0 deletions .claude/licensing.md
1 change: 1 addition & 0 deletions .claude/mobile.md
1 change: 1 addition & 0 deletions .claude/orchestration.md
Loading
Loading