Eliminates closure-gate as a separate subagent. Swarm-master now
performs the closure audit and emits the user-facing summary
directly per a new SELF-CLOSURE CONTRACT (§VIIa):
- audit_contracts to verify no broken contracts post-implementation
- audit_belief_protocol to verify C5 contracts have @RATIONALE/@REJECTED
- read_events to check for runtime errors
- Noise reduction (raw dumps, browser transcripts suppressed)
- One closure summary: Applied | Verified | Remaining | Decision
Memory | Next Action
Also fixes pre-existing anchor corruption in swarm-master.md
(duplicate #endregion at file tail) per semantics-contracts §VIII.
Files changed:
- Deleted: .opencode/agents/closure-gate.md
- Deleted: .agents/agents/closure-gate.md
- Modified: .opencode/agents/swarm-master.md
- Modified: .agents/agents/swarm-master.md
Introduce a new API key authentication mechanism to support service-to-service
communication (e.g., Airflow, CI/CD) without browser-based JWT login.
- Add `APIKey` model and `APIKeyPrincipal` dependency for RBAC.
- Implement `require_api_key_or_jwt` dependency with environment scoping.
- Add admin CRUD endpoints for API key lifecycle management.
- Add API key management UI in System Settings.
- Update maintenance API to support explicit `environment_id` and API key auth.
- Add i18n support for API keys and connection settings.
- Include Python and Bash usage examples in the `examples/` directory.
- Update technical specifications and documentation.
- Sidebar.svelte: defer healthStore.refresh() until feature flags confirm
health_monitor is enabled; skip entirely when disabled
- health.js: remove throw error from catch block — log and return null
instead, preventing 'Uncaught (in promise)' on expected 404
- test_report_audit_immutability.py: fix mock assertions —
audit_service uses logger.reason/reflect/explore, not logger.info
- HealthStore and Sidebar now produce zero network noise when
FEATURES__HEALTH_MONITOR=false