Points to main HEAD after merging fix/audit-2-remediation (BUG-002/003/006 fixes).
Feature branch feature/log-finding-dispatch preserved separately.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Phase 1a used `git submodule foreach`, which only visits initialized
submodules — a fresh machine silently skipped population while the script
still reported success. It now explicitly inits + populates each submodule
declared in .gitmodules (inheriting credentials from the parent origin URL
so non-interactive init authenticates; .gitmodules stays credential-free),
then advances each to its remote branch tip. Reporting reflects the real
configured count.
Also removes the orphaned `projects/solverbot` gitlink (mode 160000),
committed without a .gitmodules entry, which made `git submodule status`
throw `fatal: no submodule mapping`. solverbot's own Gitea repo is untouched.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Updated guru-rmm submodule to commit dc765ee which includes:
- 5 new comprehensive specifications (SPEC-002 through SPEC-006)
- Updated FEATURE_ROADMAP.md with spec links
- Total: 2058 lines of detailed implementation specs
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Add scripts/web-fetch-chrome.py — drives the installed Chrome 148 headlessly
via Playwright (channel="chrome", no Chromium download), runs JS, strips the
HeadlessChrome UA tell, isolated profile so it never touches a human's open
Chrome. Wire it into DISCORD_CLAUDE.md ("Web Research / Bot-Blocked Sites":
WebFetch first, real-Chrome fallback) and refine the headless rule to permit
headless fetching while still forbidding visible/interactive browser windows.
Add playwright to requirements.txt (no `playwright install` needed). Restarted bot.
Tested: static + JS-rendered pages render; UA reports Chrome/148 (not Headless).
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Rob's CAN list granted full Syncro "same as any tech" (incl. bill time +
create invoices), but the CANNOT list forbade billing actions (add line
items, create invoices, update ticket status) — a direct conflict that left
the bot's behavior on Rob's billing requests undefined. Per Mike, Rob gets
full Syncro including billing; remove the contradicting CANNOT line. Restarted bot.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Updated scope from read-only Syncro to full access: create/update/close tickets,
add comments, bill time, create invoices. Same as any tech.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Howard (624667664501178379) gets his ID pinned (full trust). Rob
(261978810713505792) added under a new "Recognized — Restricted
(read-only)" tier: greeted by name, but informational responses only —
no writes, git, system changes, M365, or vault. Restarted bot.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Replace the placeholder so the owner is recognized from his first
message. Restarted bot to load the change.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Her Discord username is @Winter (ID 624666486362996755); store both so
the match against the [DISCORD_CONTEXT] block is robust. Restarted bot.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Replace the (note on first interaction) placeholder with her user ID
624666486362996755 so the bot matches her from the [DISCORD_CONTEXT]
block immediately. Restarted the bot to load the change.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
