Casa Devarno — OAuth login, issue audit, and roadmap cleanup
What shipped
Google, GitHub, and Apple sign-in are now live on Casa Devarno (family-hub). Family members can log in using their existing Google or GitHub account — no separate password required. Apple Sign In is also available.
The existing email/password login remains and works alongside the new options.
Domain restriction is enforced at the auth layer. Only @devarno.cloud email addresses can create an account, regardless of which sign-in method is used. Attempting to sign in with a personal Google or GitHub account will be rejected at account-creation time.
Roadmap audit — what changed
A full audit of all 35 open roadmap issues was run against the actual codebase.| Outcome | Count | Details |
|---|---|---|
| Closed — already done | 4 | Redis presence, ephemeral tokens, request tracing, retry logic |
| Updated — partially done | 8 | Bodies rewritten to show what exists and what remains |
| Left open — not started | 23 | No change |
| New issues created | 2 | OAuth work documented; analytics_snapshots schema gap filed |
The 4 closed items
These were fully built but never marked done:- Real-time user presence tracking (Redis)
- Secure one-time WebSocket auth tokens (Redis)
- Request ID propagation across internal services
- Automatic retry and timeout on service calls
The 8 updated items
Issues where partial work existed but the issue body overstated the gap. Each has been updated with: what is already in the codebase, what file it lives in, and exactly what remains. Cleaner signal for prioritisation.Identified gap: CI trend charts missing database table
The build-time trend charts in the insights dashboard have UI code and selector components already built, but the underlying database table (analytics_snapshots) was never created. Charts are rendering empty. A dedicated issue (#65) has been filed to unblock this — it is a pure schema addition with no business logic changes needed.
Action items
| Owner | Action |
|---|---|
| Platform | Create analytics_snapshots table (issue #65) — unblocks CI trend charts |
| Platform | Compute and store a 0–100 security score per org (currently only raw alert counts) |
| Platform | Materialise CI duration onto repository rows for faster querying (currently derived from raw event JSON) |
| All | Test sign-in with Google/GitHub accounts on family-hub — report any friction |