Building Scout

SvelteKit app, Prisma schema, magic link auth, GitLab provider, sync worker. Dashboard, Team, Projects, Actions pages. Auto-sync scheduler, settings tabs, rate limiting, AES-256 token encryption. The entire architecture in a single day.

Unit tests with coverage, E2E Playwright tests. ESLint, Prettier, Husky pre-commit hooks. GitHub Actions CI pipeline with PostgreSQL service. Database indexes. Forge deployment config. First documented PR.

Landing page design. Auth UI redesign with shared AuthPanel component. "Copy for AI" button on every metrics card. Contributor groups filter for team views.

GitHub provider support alongside GitLab. FREE plan paywall — 5 contributors, 3 months history. Activity score algorithm with 5 dimensions and radar chart.

Lemon Squeezy integration for self-serve PRO upgrade. In-app feedback widget with email notifications. Show/hide score setting per workspace.

Role-based access control — 7 roles (Admin, CEO, CTO, Tech Lead, Lead Dev, Dev, Member). Users management page. Configurable visibility per role (SELF / GROUP / ALL). Sidebar adapts dynamically: My Stats, My Squad, or Team.

KPI cards rework — hero/secondary tiers aligned with DORA and SPACE frameworks. Release notes drawer. Zero-downtime deploy with PM2 cluster mode and atomic build swap. Metrics research. E2E test fixes.

Invite non-contributor users (CEO, PM) by email with role. Welcome flow — 2-step onboarding customized by role. Role-based landing page (CEO → dashboard, Dev → actions). Design system: dark sidebar, Epilogue font, indigo primary, branded color palette. Login redesign with glassmorphism. Separate E2E test database. Hydration fix for Playwright. 69 E2E tests, 68 integration, 247 unit.

Parse ticket keys (Jira/Linear) from branch names, commits, and MR titles via regex. New Delivery page with ticket list, Git activity per ticket, WIP/delivered status. Dashboard KPIs: features delivered, features in progress, average lead time. Draft MRs excluded from all metrics. Shared Avatar component with pastel fallback colors. Collapsible settings cards. Rename to Scout, new domain tryscout.tech.

Enforce team profile access control — SELF/GROUP/ALL visibility checks on individual pages. Redirect SELF users from dashboard to actions. Uniform page widths (max-w-4xl standard, max-w-5xl for data-heavy pages). Fix all 31 svelte-check warnings. Update nodemailer for security patch. Docker Hub credentials in CI. 23k+ lines of code, zero warnings.

Append-only audit log with centralized logAudit() helper — 15 critical actions instrumented (auth, roles, settings, integrations, data operations). Admin UI at /audit-log with cursor pagination and filters by actor/action. Ticket prefix allowlist in Settings — admin selects real project prefixes, false positives (GPL-3, UTF-8) hidden from Delivery. User last seen tracking with throttled updates. 265 unit tests.

Full multi-workspace routing — all app routes under /{slug}/. Two-level layout: parent handles auth, [slug] layout resolves workspace + membership. Workspace switcher in sidebar (conditional: only visible with 2+ workspaces). Cookie-based redirect to last visited workspace. Security audit found and fixed critical workspace scoping bugs in all form actions. Onboarding lobby for new users (create vs invited). Editable slug with auto-suffix on collision. Workspace creation limit (1 per user) with discrete link in Account. 85 E2E + 270 unit tests, zero failures.