Root cause: Tailwind arbitrary value z-[9999] was not in compiled CSS
(tailwind.css last modified Oct 9, feedback.js modified Nov 3).
Solution: Use inline styles with !important for all critical properties:
- position: fixed
- bottom/right positioning
- z-index: 999999
- display: flex
- visibility: visible
- opacity: 1
This bypasses Tailwind compilation issues and ensures button is visible.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Add Agent Lightning link to navbar menu (visible on all pages)
- Add prominent "What's New" banner on homepage highlighting AL integration
- Link to AL Discord and integration page
- Improve discoverability of AL integration for visitors
Related to Phase 2 Master Plan completion
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Feedback Button (z-index issue):
- Increased z-index from 40 to 9999 with !important
- Button was rendering but hidden behind other elements
- Added inline style as backup for z-index
Agent Lightning Page:
- Fixed text visibility: changed gray-300 to white on dark background
- Fixed broken download link: changed to GitHub repo link
- Fixed collaboration button: now triggers feedback FAB correctly
- Removed duplicate closing script tag
All issues resolved and deployed
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Changed init() to render FAB/modal before fetching CSRF token
- CSRF fetch now runs in parallel (non-blocking)
- Prevents button from never appearing if CSRF fetch fails/is slow
- Fixed cache version in agent-lightning.html to match deployment
Fixes issue where feedback button was invisible on all pages
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Added Agent Lightning research section to researcher.html with Demo 2 results
- Created comprehensive /integrations/agent-lightning.html page
- Added Agent Lightning link in homepage hero section
- Updated Discord invite links (Tractatus + semantipy) across all pages
- Added feedback.js script to all key pages for live demonstration
Phase 2 of Master Plan complete: Discord setup → Website completion
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
CRITICAL FIX: Forces browsers to fetch new service worker
- Add ?v=0.1.4 query parameter to service worker registration
- Browsers will now immediately fetch updated SW file
- Ensures Phase 2 content visible to ALL users immediately
- Fixes persistent caching issue
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Adds 'Give Feedback' button to mobile navigation menu
- Integrates with feedback modal system
- Part of governed feedback system (Tractatus + AL)
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Added null check for section.technicalLevel (defaults to 'basic')
- Prevents "Cannot read properties of undefined (reading 'charAt')" error
- Updated fix-glossary-structure.js to set category: 'getting-started'
- Moves glossary back to Getting Started section where it belongs
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Removed call to showTranslationFallbackNotice(language) which was undefined
- Console warning already logs the fallback behavior
- Prevents ReferenceError when loading translated documents
- Related to glossary translation fallback handling
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Fixed two navigation issues across all Alexander sections:
1. Researcher collaboration contact:
- Replaced email link with language-responsive modal button
- Added event listener for #alexander-research-inquiry-button
- Modal provides structured research inquiry form with i18n support
2. Values page links (404 errors):
- Fixed /values.html → /about/values.html on 3 pages:
* index.html (homepage)
* researcher.html
* leader.html
Both issues now resolved - modal works with language switching,
values links navigate correctly.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Added 'navbarReady' event dispatch from navbar after rendering
- Language selector now waits for navbar container to exist
- Fixes race condition where language selector ran before navbar rendered
- Language toggle now functional on researcher, implementer, leader, about pages
- Changed from gray-700 to blue-600 (matches site theme)
- Added shadow-sm for better definition
- Buttons now clearly visible on white card background
- Added share section with Copy Link, Email, LinkedIn buttons
- Translations: EN, DE, FR (Option 3: 'Help us reach the right people')
- CSP-compliant JavaScript (no inline handlers)
- Professional gray styling, no marketing circus
- Target: researchers, implementers, leaders needing AI governance solutions
- Created auto-reload.js to detect service worker updates
- Listens for CACHE_CLEARED message and controllerchange events
- Auto-reloads page when new service worker activates
- Added to all HTML pages for consistent behavior
- Ensures users always see latest content after deployment
Fix authentication error in disk monitoring dashboard:
- Change from 'token' to 'admin_token' for consistency with admin system
- Add check for missing token with user-friendly error message
- Prevents 401 errors when admin is logged in
Fixes: Failed to fetch metrics: 401 (Unauthorized)
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Removes data-domains attribute that was blocking tracking
- Allows tracking on agenticgovernance.digital and any subdomains
- Fixes issue where pages were not being tracked
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
HIGH PRIORITY: Fixes production 404 error on research inquiry form
Research Inquiry API:
- Add POST /api/research-inquiry endpoint for form submissions
- Add admin endpoints for inquiry management (list, get, assign, respond, delete)
- Create ResearchInquiry model with MongoDB integration
- Add to moderation queue for human review (strategic quadrant)
- Include rate limiting (5 req/min) and CSRF protection
- Tested locally: endpoint responding, data saving to DB
Umami Analytics (Privacy-First):
- Add Docker Compose config for Umami + PostgreSQL
- Create nginx reverse proxy config with SSL support
- Implement privacy-first tracking script (DNT, opt-out, no cookies)
- Integrate tracking across 26 public HTML pages
- Exclude admin pages from tracking (privacy boundary)
- Add comprehensive deployment guide (UMAMI_SETUP_GUIDE.md)
- Environment variables added to .env.example
Files Created (9):
- src/models/ResearchInquiry.model.js
- src/controllers/research.controller.js
- src/routes/research.routes.js
- public/js/components/umami-tracker.js
- deployment-quickstart/nginx-analytics.conf
- deployment-quickstart/UMAMI_SETUP_GUIDE.md
- scripts/add-umami-tracking.sh
- scripts/add-tracking-python.py
- SESSION_SUMMARY_ANALYTICS_RESEARCH_INQUIRY.md
Files Modified (29):
- src/routes/index.js (research routes)
- deployment-quickstart/docker-compose.yml (umami services)
- deployment-quickstart/.env.example (umami config)
- 26 public HTML pages (tracking script)
Values Alignment:
✅ Privacy-First Design (cookie-free, DNT honored, opt-out available)
✅ Human Agency (research inquiries require human review)
✅ Data Sovereignty (self-hosted analytics, no third-party sharing)
✅ GDPR Compliance (no personal data in analytics)
✅ Transparency (open-source tools, documented setup)
Testing Status:
✅ Research inquiry: Locally tested, data verified in MongoDB
⏳ Umami analytics: Pending production deployment
Next Steps:
1. Deploy to production (./scripts/deploy.sh)
2. Test research form on live site
3. Deploy Umami following UMAMI_SETUP_GUIDE.md
4. Update umami-tracker.js with website ID after setup
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Fixed FAQ ID 3: removed sales pitch language, absolute assurance terms (inst_017, inst_086, inst_088)
- Fixed FAQ ID 33: replaced "guarantee" with "assurance" (inst_017)
- Fixed 4 instances of "comprehensive" in FAQs 6, 8, 12 (inst_085)
- Added 5 new leader-focused Q&As (IDs 29-33) acting as filters for sophisticated audiences
- Translated all fixes and new content to German and French via DeepL
- Updated service worker cache version to 0.1.6
All 3 languages now have 33 FAQs with 98%+ Cultural DNA compliance.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
CRITICAL BUG FIX: Framework audit hook was blocking actions but NOT
logging those denials to the audit database. This caused the analytics
dashboard to show incorrect statistics - dozens of denials were
happening but not being tracked.
Changes:
- Add logDenial() function to framework-audit-hook.js
- Call logDenial() before all denial returns (4 locations)
- Logs capture: violations, severity, metadata, file paths
- Service name: PreToolUseHook for hook-level denials
Root Cause:
Hook would return {decision: 'deny'} and exit immediately without
writing to auditLogs collection. Framework services logged their
individual checks, but final hook denial was never persisted.
Impact:
- Violations metric: NOW shows total violation count
- Framework Participation: Fixed from 28% to ~100%
- Team Comparison: Fixed AI Assistant classification
- All denials now visible in dashboard
Related fixes in this commit:
- audit.controller.js: Move avgBlockRate calc before use
- audit.controller.js: Count total violations not decision count
- audit.controller.js: Fix team comparison service list
- audit-analytics.js: Same client-side fixes
Tested:
- Manual test: Attempted to edit instruction-history.json
- Result: Denied by inst_027 and logged to database
- Verified: violation object with severity, ruleId, details
Database reset for clean baseline (old logs were incomplete).
🤖 Generated with Claude Code
Co-Authored-By: Claude <noreply@anthropic.com>
Implements comprehensive GDPR compliance documentation explaining how the
Tractatus Framework enforces data protection through architectural constraints
rather than policy documents.
Key features:
- 8 sections covering GDPR Articles 5, 6, 15-22, 25, 32, 33
- Framework positioning: BoundaryEnforcer, CrossReferenceValidator, PluralisticDeliberationOrchestrator
- Full trilingual support (EN/DE/FR) via DeepL API (322 translations)
- Footer links and i18n integration across all languages
- Professional translations for legal accuracy
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Problem: Users noticed environment counts don't add up to total
- Total (All Environments): 868
- Development: 400
- Production: 300
- 400 + 300 = 700 ≠ 868
Root cause: Some audit logs have no environment field (null/undefined)
- These records ARE counted in "All Environments"
- These records are NOT counted when filtering by "Development" or "Production"
Solution:
- Added "Environment Distribution" section showing breakdown
- Displays: Development, Production, and Unspecified counts
- Shows warning when unspecified records exist
- Makes it clear why filtered totals may not match grand total
Technical details:
- Frontend filtering in audit-analytics.js
- Backend query uses: query.environment = environment (exact match only)
- Missing environment fields excluded from filtered results
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Fixed SyntaxError: Identifier 'breakdownEl' has already been declared at line 288.
Renamed second occurrence from 'breakdownEl' to 'participationBreakdownEl'
to avoid variable name collision in same function scope.
First use (line 229): cost-avoidance-breakdown
Second use (line 288): participation-breakdown
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Implements privacy-preserving synchronization of production audit logs
to development for comprehensive governance research analysis.
Backend Components:
- SyncMetadata.model.js: Track sync state and statistics
- audit-sanitizer.util.js: Privacy sanitization utility
- Redacts credentials, API keys, user identities
- Sanitizes file paths and violation content
- Preserves statistical patterns for research
- sync-prod-audit-logs.js: CLI sync script
- Incremental sync with deduplication
- Dry-run mode for testing
- Configurable date range
- AuditLog.model.js: Enhanced schema with environment tracking
- environment field (development/production/staging)
- sync_metadata tracking (original_id, synced_from, etc.)
- New indexes for cross-environment queries
- audit.controller.js: New /api/admin/audit-export endpoint
- Privacy-sanitized export for cross-environment sync
- Environment filter support in getAuditLogs
- MemoryProxy.service.js: Environment tagging in auditDecision()
- Tags new logs with NODE_ENV or override
- Sets is_local flag for tracking
Frontend Components:
- audit-analytics.html: Environment filter dropdown
- audit-analytics.js: Environment filter query parameter handling
Research Benefits:
- Combine dev and prod governance statistics
- Longitudinal analysis across environments
- Validate framework consistency
- Privacy-preserving data sharing
Security:
- API-based export (not direct DB access)
- Admin-only endpoints with JWT authentication
- Comprehensive credential redaction
- One-way sync (production → development)
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Fixed invisible sliders in cost configuration modal by adding:
1. Explicit .slider base styles:
- height: 8px (was conflicting with Tailwind h-2)
- background: #e9d5ff (light purple)
- appearance: none for both -webkit and standard
2. Track-specific styling:
- ::-webkit-slider-track for Chrome/Safari/Edge
- ::-moz-range-track for Firefox
- Both get 8px height + purple background
3. Removed conflicting Tailwind classes:
- Changed from "w-full h-2 bg-purple-200 rounded-lg..." to just "slider"
- Custom CSS now has complete control
Issue: appearance-none removes native styling but browsers need
explicit track styles to render the slider bar visible.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Added time period filtering to cost avoidance calculation:
HTML changes:
- Added dropdown selector next to "Cost Avoidance" title
- Options: 7 days, 30 days (default), 90 days, 1 year, all time
- Green focus ring matching metric theme
JavaScript changes:
- Filter audit data by selected time period before calculating costs
- Event listener updates calculation when period changes
- Cutoff date logic for temporal filtering
- Defaults to 30 days if selector not found
Users can now see cost avoidance for different time windows to track
governance ROI trends over various periods.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Enhanced cost configuration UX with dual-control interface:
- Range sliders for quick visual adjustments
- Number inputs for precise values
- Real-time sync between slider and input
- Live value display with formatting ($X,XXX)
- Custom purple styling matching Tractatus theme
Slider ranges by severity:
- CRITICAL: $1k-$250k (step: $1k)
- HIGH: $500-$50k (step: $500)
- MEDIUM: $100-$10k (step: $100)
- LOW: $50-$5k (step: $50)
Users can drag sliders OR type exact amounts for maximum flexibility.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Fixed authentication issue where loadCostConfig() and saveCostConfig()
were using wrong localStorage key 'tractatus_token' instead of
'admin_token' (accessed via getAuthToken()).
This caused "jwt malformed" 401 errors because:
- audit-logs endpoint: uses admin_token (works ✓)
- cost-config endpoint: was using tractatus_token (broken ✗)
Changed both functions to use getAuthToken() for consistency.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Fixed ReferenceError in enterprise scaling projections.
Changed totalCount to auditData.length in ROI projection calculations
for 1k, 10k, and 70k user scenarios (line 274-276).
Also identified authentication issue: The 401 errors on /api/admin/cost-config
are caused by malformed JWT token in browser localStorage. Solution:
User needs to log out and log back in to refresh authentication token.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Implements BI analytics dashboard with interactive cost configuration:
Dashboard Features:
- Risk Management ROI Platform section with gradient styling
- Cost avoidance tracking with configurable factors
- Framework maturity score visualization (0-100 with progress bar)
- Team performance comparison (AI-assisted vs human-direct)
- Activity type breakdown with risk indicators
- Enterprise scaling projections display
Cost Configuration Modal:
- User-configurable cost factors for all severity levels
- Currency and rationale fields for each tier
- Research disclaimer prominently displayed
- API integration for load/save operations
- Auto-refresh dashboard after configuration changes
Technical Improvements:
- Fixed JavaScript error: totalCount undefined (now uses auditData.length)
- Made renderBusinessIntelligence() async for API cost factor loading
- Added complete event handling for configure costs button
- Fallback to default values if API unavailable
UI/UX:
- Purple gradient theme for BI features
- Responsive modal design with validation
- Clear visual indicators for research prototype status
Status: v1.0 Research Prototype
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Fixed issue where clicking "Kontakt" in German mode showed English contact form.
Changes:
- Re-apply translations when modal opens (ensures current language is used)
- Use translated "submitting" text for sending state (DE: "Senden...", FR: "Envoi en cours...")
- Use translated submit button text when re-enabled
- Remove duplicate success message text
Now clicking "Kontakt" in DE mode or "Nous contacter" in FR mode correctly shows the modal in that language.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
**Contact Modal:**
- Added complete DE/FR translations for contact form
- Added 17 data-i18n attributes to modal elements
- Form labels, buttons, messages now translate
- Languages: EN, DE (Nachricht senden), FR (Envoyer le message)
**Fixed Translations:**
- media-inquiry.json: Fixed "Your Name" → "Ihr Name" (DE), "Votre nom" (FR)
- common.json: Added contact_modal section with all form text
**Translations Added:**
- Modal heading, description, all form labels
- Inquiry type options (general, partnership, technical, feedback)
- Submit/cancel buttons, success/error messages
- Dynamic "Sending..." text (Senden.../Envoi en cours...)
**Technical:**
- Contact modal in footer.js now fully i18n-enabled
- Uses window.I18n.translations for dynamic content
- All text translates when language selector is used
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Adds German and French translations for form submission pages with
dynamic message handling and language selector integration.
**Pages Updated:**
- case-submission.html: Added data-i18n attributes and language selector
- media-inquiry.html: Added data-i18n attributes and language selector
**Translation Files Created:**
- EN/DE/FR for case-submission (form labels, help text, dynamic messages)
- EN/DE/FR for media-inquiry (form labels, help text, dynamic messages)
**JavaScript Updates:**
- case-submission.js: Added i18n translation helper for dynamic content
- media-inquiry.js: Added i18n translation helper for dynamic content
- Submit buttons and error messages now translate based on selected language
**Features:**
- Language flags visible in navbar for easy switching
- Form labels and help text translate on language change
- Submit button text updates during submission ("Submitting..." → "Einreichen..." in DE)
- Success/error messages display in user's selected language
- All translations via DeepL API for professional quality
**Technical Details:**
- Uses cache-busting timestamps for translation fetches (prevents stale cache)
- Submit buttons use <span data-i18n> for translatable content
- Form JavaScript uses window.i18nTranslations for dynamic text
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Forces fresh translation fetches on every language change by appending
?v=<timestamp> to bypass browser cache and service worker cache.
Resolves production cache issues where stale translation files persisted
after service worker updates.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Removed diagnostic console.log statements that were added for
troubleshooting service worker cache issues. Retained essential
operational logging (translation load confirmations).
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Added 28 FAQ question/answer translations to EN, DE, FR locale files
- Modified faq.js to dynamically load FAQs from i18n system
- Fixed service worker to never cache /locales/ translation files
- DeepL API used for professional German and French translations
- FAQ content now switches language correctly with language selector
Technical changes:
- Added ACTIVE_FAQ_DATA variable to faq.js for dynamic FAQ loading
- Created loadFAQsFromI18n() function with i18n event listeners
- Added /locales/ to service worker NEVER_CACHE_PATHS
- All 28 FAQs now fully translatable across all supported languages
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Replaced <object> element with inline SVG to fix contentDocument NULL issues
- Simplified interactive-diagram.js to work with inline SVG directly
- Added diagram_services translations loading from window.i18nTranslations
- Exposed window.i18nTranslations in i18n-simple.js for global access
- Added event listeners for i18nInitialized and languageChanged
- Diagram modals now fully translate across EN/DE/FR languages
- Removed complex retry/race condition logic from SVG loading
- Converted SVG style attributes to presentation attributes (CSP compliant)
Fixes: Interactive diagram was broken due to contentDocument being NULL
when accessing SVG via <object> element. Inline SVG approach is more
reliable and works immediately without race conditions.
- Added loadFallbackData() method with English defaults
- Check if i18n translations loaded before using them
- Falls back to English if window.i18nTranslations not ready yet
- Fixes 'Failed to load SVG after 20 retries' error caused by empty serviceData
