Conversation
6 tasks
vorionsys
force-pushed
the
feat/cognigate-foundation-routers
branch
2 times, most recently
from
be0d903 to
1190db9
Compare
…l repo Cognigate was partially migrated from the standalone c:/voriongit/cognigate repo into the monorepo as cognigate-api/. The external repo had 9 routers that never made it across; 3 of them are low-risk, zero-dependency ports that restore the n8n-nodes-cognigate package's API contract: - reference — read-only lookups (tiers, capabilities, error codes, rate limits, versions, products, domains) — thin projection over constants_bridge.py - agents — CRUD for agent registration (in-memory store, observation tiers BLACK_BOX..VERIFIED_BOX with score-based ceilings) - auth_keys — API key CRUD behind X-API-Key auth with IA-5(1) strength validation ## Port contents Added files: - app/constants_bridge.py (1268 LOC) — shared constants source used by the 3 new routers; pure stdlib leaf, no transitive deps - app/routers/reference.py, agents.py, auth_keys.py - tests/test_reference.py (19 tests) - tests/test_agents.py (14 tests) - tests/test_auth_keys.py (13 tests) Modified: - app/core/auth.py — add verify_api_key (X-API-Key header) and validate_api_key_strength (IA-5(1) — length, weak-pattern detection, known-weak rejection, character class diversity). Upgrade generate_api_key to re-validate generated keys with max_attempts defense-in-depth. Do NOT port verify_deepspace_key — its absence is load-bearing per external commit 46613a3 (proprietary isolation). - app/config.py — add api_key: str setting for pipeline endpoints - app/main.py — import + register the 3 new routers with api_prefix ## Test result pytest: 191 passed (was 145 — added 46 new tests) - 19 reference tests covering tiers/capabilities/errors/rate-limits/ versions/products/domains, filter parameters, and 404 paths - 14 agents tests covering register (all 5 observation tiers), list, get, update, delete, duplicate conflict - 13 auth_keys tests covering missing/wrong X-API-Key, create/list/ delete, hash-not-raw storage, plus unit-level validate_api_key_strength cases (empty, too-short, known-weak, all-zeros, no-diversity, strong) ## Why this matters packages/n8n-nodes-cognigate (870 LOC, 46 jest tests) dispatches to resources: intent, enforce, proof, agent, trust, health, reference, compliance. The monorepo's cognigate-api only exposed intent/enforce/ proof/health/admin/integrity before this PR. Pointing the n8n node at the monorepo meant ~50% of operations 404'd. This PR restores 3 of the 4 missing resource categories (reference, agent, plus auth_keys). Remaining: trust (PR3), compliance (PR4), gateway (PR5). ## What's explicitly NOT in this PR - Deep Space modules (tmr_consensus, monte_carlo, self_healing, deepspace router, verify_deepspace_key) — intentionally isolated as proprietary per external commit 46613a3 - theme.py and documentation/tools routers — UI theming not used by n8n node - TOTP MFA (verify_admin_key_with_mfa) — can be ported later as its own admin UX improvement - Alembic bootstrap — PR2 (prerequisite for PR3 trust tables) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Ruff fixes on the new files I introduced in PR1: - auto-fix I001 import sorting in test files + router files - UP045 type annotations: replace Optional[X] with X | None - N815: add targeted noqa for camelCase API-shape fields (agentId, observationTier) that must stay camelCase to match the n8n node contract - E501: wrap long docstring lines in reference.py constants_bridge.py is a mechanical port from @vorionsys/shared-constants. Its (str, Enum) classes and data dictionary line widths are intentional API-shape mirrors of the TypeScript source. Added a file-level ruff noqa for UP042/I001/E501 rather than mutating the generated mirror; also sorted the Enum import within it. Tests: 191 passed (unchanged). Ruff clean on the 8 PR1 files. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
vorionsys
force-pushed
the
feat/cognigate-foundation-routers
branch
from
1190db9 to
1f2956a
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Track 2 PR1 of the cognigate cherry-pick plan. Ports the three lowest-risk, zero-dependency routers from the external standalone cognigate repo into `cognigate-api/`, restoring 3 of the 4 missing resource categories that `packages/n8n-nodes-cognigate` expects.
The problem
Cognigate was partially migrated from `c:/voriongit/cognigate/` into the monorepo as `cognigate-api/`. The external repo had 9 routers that never made it across. The monorepo's `cognigate-api` only registered 6 routers (health, intent, enforce, proof, admin, integrity) while the n8n community node (packages/n8n-nodes-cognigate) dispatches to 8 resource categories. Result: point the n8n node at the monorepo and ~50% of operations 404.
What this PR ships
Three routers with near-zero transitive dependencies:
Files added
Files modified
Test result
```
cd cognigate-api && pytest
============================= 191 passed in 2.37s =============================
```
+46 new tests over the previous 145. All existing tests still green. Black + ruff clean on changed files.
Deep Space exclusion (load-bearing)
Did not port `verify_deepspace_key`, `tmr_consensus`, `monte_carlo`, `self_healing`, or `deepspace.py`. Per external commit `46613a3 feat(security): isolate deep space proprietary algorithms with separate authentication`, these are intentionally excluded from the OSS monorepo. Their absence prevents accidental wiring.
What's next in the cherry-pick sequence
After PR5 lands, the n8n node should exercise all 8 resources successfully against the monorepo. Full plan in `C:\Users\racas.claude\plans\radiant-honking-puddle.md`.
Test plan