Add a secure repository Prompts review surface and prompt metadata API

Hop-State: A_06FN6MRSHG4B64ZV13086G8
Hop-Proposal: R_06FN6MQDE14FFNR65H1D28G
Hop-Task: T_06FN6J8ECE1Z9XQ5PQ3Z3D8
Hop-Attempt: AT_06FN6J8ECC1SC794JMZ0TF8
This commit is contained in:
Hop
2026-07-11 15:36:22 -07:00
parent c0c1161107
commit fee4f6dd31
15 changed files with 709 additions and 8 deletions
+2 -1
View File
@@ -27,6 +27,7 @@ asset or replacing the Gitea volume.
| Native route and behavior | Hop label |
| --- | --- |
| Repository code | Files |
| — | Prompts (Hop-native causal record) |
| Issues | Tasks |
| Branches | Attempts |
| Commits | Checkpoints |
@@ -47,7 +48,7 @@ Gitea sidebar. It uses Gitea's own classes, links, icons, and live counts.
After changing the pinned Gitea version:
1. run the installer;
2. confirm Tasks, Proposals, and Evidence in repository navigation;
2. confirm Prompts, Tasks, Proposals, and Evidence in repository navigation;
3. confirm Attempts and Checkpoints in the Files view;
4. confirm proposal creation and acceptance labels;
5. inspect browser console errors; and
+17 -2
View File
@@ -27,5 +27,20 @@ docker compose --env-file .env up --build -d
The reverse proxy should forward the public hostname to the configured
`GITEA_HTTP_BIND:GITEA_HTTP_PORT`, preserve the `Host` header, and set
`X-Forwarded-Proto` to `https`. Persistent repository and database data live in
the named Compose volumes.
`X-Forwarded-Proto` to `https`. It must also proxy `/hop/` to the Hop control
plane, preserving the browser's Gitea session cookie. This lets the Prompts
view check the viewer's repository access before returning potentially
sensitive prompt text.
For nginx, the control-plane location should precede the Gitea catch-all:
```nginx
location /hop/ {
proxy_pass http://127.0.0.1:8080/;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Cookie $http_cookie;
}
```
Persistent repository and database data live in the named Compose volumes.