Skip to content

v1.0.0: Local API Server and Web UI MVP#90

Merged
Shreyas582 merged 1 commit intomainfrom
v1.0.0-local-api-server
Apr 4, 2026
Merged

v1.0.0: Local API Server and Web UI MVP#90
Shreyas582 merged 1 commit intomainfrom
v1.0.0-local-api-server

Conversation

@Shreyas582
Copy link
Copy Markdown
Owner

@Shreyas582 Shreyas582 commented Apr 4, 2026

v1.0.0 — Local API and Web UI MVP

Implements all four issues in the v1.0.0 milestone:

#23 Local API Server

  • New \�pi_server\ workspace crate with axum 0.8
  • 7 REST endpoints: health, ready, runs CRUD, cancel, runtime status
  • \wraithrun serve --port 8080\ subcommand with alias support
  • Background investigation execution with concurrency limiting (default 4)

#25 Security Baseline

  • Bearer token auth middleware on all endpoints except /health\
  • Auto-generated UUID token printed at startup; --api-token\ override
  • Request body size limit (1 MiB) via \RequestBodyLimitLayer\
  • 127.0.0.1-only bind enforced in \ServerConfig\
  • Audit logging for auth failures via tracing

#26 Durable Local Data Model

  • SQLite-backed \DataStore\ with rusqlite (bundled)
  • Schema:
    uns, \ indings, \schema_version\ tables with WAL mode
  • Versioned migration framework (schema v1)
  • --database PATH\ flag for persistent storage
  • \�ackup()\ and \export_json()\ APIs

#24 Web UI MVP

  • Embedded HTML dashboard at \GET /\
  • Run list, findings explorer with severity filters, health panel
  • Run detail slide panel, cancellation, new investigation form
  • Token-gated access with localStorage persistence
  • Dark theme, 5-second auto-refresh polling

Tests

  • 223 total (19 new api_server: 13 route + 6 data store)
  • All existing 204 tests passing

Closes #23, #24, #25, #26, #32

@Shreyas582
feat: v1.0.0 Local API Server and Web UI MVP
b74395c 
Implements all four issues in the v1.0.0 milestone:

#23 Local API server (wraithrun serve)
- New api_server workspace crate with axum 0.8
- 7 REST endpoints: health, ready, runs CRUD, cancel, runtime status
- wraithrun serve --port 8080 subcommand with alias support
- Background investigation execution with concurrency limiting

#25 Security baseline
- Bearer token auth middleware on all endpoints except /health
- Auto-generated UUID token printed at startup, --api-token override
- Request body size limit (1 MiB) via RequestBodyLimitLayer
- 127.0.0.1-only bind enforced in ServerConfig
- Audit logging for auth failures via tracing

#26 Durable local data model
- SQLite-backed DataStore with rusqlite (bundled)
- Schema: runs, findings, schema_version tables with WAL mode
- Versioned migration framework (schema v1)
- --database PATH flag for persistent storage
- backup() and export_json() APIs

#24 Web UI MVP
- Embedded HTML dashboard at GET /
- Run list, findings explorer with severity filters, health panel
- Run detail slide panel, cancellation, new investigation form
- Token-gated access with localStorage persistence
- Dark theme, 5-second auto-refresh polling

Tests: 223 total (19 api_server: 13 route + 6 data store)
Closes #23, #24, #25, #26, #32
@Shreyas582 Shreyas582 added this to the v1.0.0 milestone Apr 4, 2026
@Shreyas582 Shreyas582 merged commit a4e7e9b into main Apr 4, 2026
9 of 10 checks passed
@Shreyas582 Shreyas582 deleted the v1.0.0-local-api-server branch April 4, 2026 21:40
This was referenced Apr 4, 2026
Closed
Closed
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

v1.0.0

Development

Successfully merging this pull request may close these issues.

Implement local API server (wraithrun serve) with v1 endpoints

1 participant

@Shreyas582