Merge branch 'master' into fix/approvals-lead-reasoning-422

backend/app/api/approvals.py

@@ -394,10 +394,13 @@ async def create_approval(
     _actor: ActorContext = ACTOR_DEP,
 ) -> ApprovalRead:
     """Create an approval for a board."""
+    payload_dict = payload.payload
+    if payload_dict is None and isinstance(payload.lead_reasoning, str) and payload.lead_reasoning.strip():
+        payload_dict = {"reason": payload.lead_reasoning.strip()}
     task_ids = normalize_task_ids(
         task_id=payload.task_id,
         task_ids=payload.task_ids,
-        payload=payload.payload,
+        payload=payload_dict,
     )
     task_id = task_ids[0] if task_ids else None
     if payload.status == "pending":
@@ -411,7 +414,7 @@ async def create_approval(
         task_id=task_id,
         agent_id=payload.agent_id,
         action_type=payload.action_type,
-        payload=payload.payload,
+        payload=payload_dict,
         confidence=payload.confidence,
         rubric_scores=payload.rubric_scores,
         status=payload.status,

backend/app/schemas/approvals.py

@@ -6,7 +6,7 @@ from datetime import datetime
 from typing import Literal, Self
 from uuid import UUID
 
-from pydantic import model_validator
+from pydantic import AliasChoices, Field as PydanticField, model_validator
 from sqlmodel import Field, SQLModel
 
 ApprovalStatus = Literal["pending", "approved", "rejected"]
@@ -49,9 +49,18 @@ class ApprovalCreate(ApprovalBase):
 
     agent_id: UUID | None = None
 
+    # Back-compat + ergonomics: some clients send lead reasoning as a top-level
+    # field (`reasoning` / `lead_reasoning`) rather than nesting under payload.reason.
+    lead_reasoning: str | None = PydanticField(
+        default=None,
+        validation_alias=AliasChoices("lead_reasoning", "reasoning", "leadReasoning"),
+    )
+
     @model_validator(mode="after")
     def validate_lead_reasoning(self) -> Self:
         """Ensure each approval request includes explicit lead reasoning."""
+        if isinstance(self.lead_reasoning, str) and self.lead_reasoning.strip():
+            return self
         payload = self.payload
         if isinstance(payload, dict):
             reason = payload.get("reason")

backend/migrations/versions/836cf8009001_merge_heads_for_activity_events_index.py

@@ -0,0 +1,26 @@
+"""merge heads for activity_events index
+
+Revision ID: 836cf8009001
+Revises: b05c7b628636, fa6e83f8d9a1
+Create Date: 2026-02-13 10:57:21.395382
+
+"""
+from __future__ import annotations
+
+from alembic import op
+import sqlalchemy as sa
+
+
+# revision identifiers, used by Alembic.
+revision = '836cf8009001'
+down_revision = ('b05c7b628636', 'fa6e83f8d9a1')
+branch_labels = None
+depends_on = None
+
+
+def upgrade() -> None:
+    pass
+
+
+def downgrade() -> None:
+    pass

backend/migrations/versions/b05c7b628636_add_activity_events_event_type_created_.py

@@ -0,0 +1,32 @@
+"""add activity_events event_type created_at index
+
+Revision ID: b05c7b628636
+Revises: bbd5bbb26d97
+Create Date: 2026-02-12 09:54:32.359256
+
+"""
+from __future__ import annotations
+
+from alembic import op
+import sqlalchemy as sa
+
+
+# revision identifiers, used by Alembic.
+revision = 'b05c7b628636'
+down_revision = 'bbd5bbb26d97'
+branch_labels = None
+depends_on = None
+
+
+def upgrade() -> None:
+    # Speed activity feed/event filters that select by event_type and order by created_at.
+    # Allows index scans (often backward) with LIMIT instead of bitmap+sort.
+    op.create_index(
+        "ix_activity_events_event_type_created_at",
+        "activity_events",
+        ["event_type", "created_at"],
+    )
+
+
+def downgrade() -> None:
+    op.drop_index("ix_activity_events_event_type_created_at", table_name="activity_events")

backend/migrations/versions/bbd5bbb26d97_merge_heads.py

@@ -0,0 +1,26 @@
+"""merge heads
+
+Revision ID: bbd5bbb26d97
+Revises: 99cd6df95f85, b4338be78eec
+Create Date: 2026-02-12 09:54:21.149702
+
+"""
+from __future__ import annotations
+
+from alembic import op
+import sqlalchemy as sa
+
+
+# revision identifiers, used by Alembic.
+revision = 'bbd5bbb26d97'
+down_revision = ('99cd6df95f85', 'b4338be78eec')
+branch_labels = None
+depends_on = None
+
+
+def upgrade() -> None:
+    pass
+
+
+def downgrade() -> None:
+    pass

backend/migrations/versions/d3ca36cf31a1_merge_heads_after_board_lead_rule.py

@@ -0,0 +1,26 @@
+"""merge heads after board lead rule
+
+Revision ID: d3ca36cf31a1
+Revises: 1a7b2c3d4e5f, 836cf8009001
+Create Date: 2026-02-13 11:02:04.893298
+
+"""
+from __future__ import annotations
+
+from alembic import op
+import sqlalchemy as sa
+
+
+# revision identifiers, used by Alembic.
+revision = 'd3ca36cf31a1'
+down_revision = ('1a7b2c3d4e5f', '836cf8009001')
+branch_labels = None
+depends_on = None
+
+
+def upgrade() -> None:
+    pass
+
+
+def downgrade() -> None:
+    pass

backend/tests/test_approvals_schema.py

@@ -38,6 +38,17 @@ def test_approval_create_requires_lead_reasoning() -> None:
         )
 
 
+def test_approval_create_accepts_top_level_reasoning_alias() -> None:
+    model = ApprovalCreate.model_validate(
+        {
+            "action_type": "task.update",
+            "confidence": 80,
+            "reasoning": "Lead says OK.",
+        },
+    )
+    assert model.lead_reasoning == "Lead says OK."
+
+
 def test_approval_create_accepts_nested_decision_reason() -> None:
     model = ApprovalCreate.model_validate(
         {

backend/tests/test_error_handling.py

@@ -4,6 +4,7 @@ from __future__ import annotations
 
 import pytest
 from fastapi import FastAPI, HTTPException
+from fastapi.exceptions import RequestValidationError, ResponseValidationError
 from fastapi.testclient import TestClient
 from pydantic import BaseModel, Field
 from starlette.requests import Request
@@ -17,6 +18,8 @@ from app.core.error_handling import (
     _json_safe,
     _request_validation_exception_handler,
     _response_validation_exception_handler,
+    _request_validation_handler,
+    _response_validation_handler,
     install_error_handling,
 )
 
@@ -243,3 +246,91 @@ async def test_http_exception_wrapper_rejects_wrong_exception() -> None:
     req = Request({"type": "http", "headers": [], "state": {}})
     with pytest.raises(TypeError, match="Expected StarletteHTTPException"):
         await _http_exception_exception_handler(req, Exception("x"))
+
+
+@pytest.mark.asyncio
+async def test_request_validation_handler_includes_request_id() -> None:
+    req = Request({"type": "http", "headers": [], "state": {"request_id": "req-1"}})
+    exc = RequestValidationError(
+        [
+            {
+                "loc": ("query", "limit"),
+                "msg": "value is not a valid integer",
+                "type": "type_error.integer",
+            }
+        ]
+    )
+
+    resp = await _request_validation_handler(req, exc)
+    assert resp.status_code == 422
+    assert resp.body
+
+
+@pytest.mark.asyncio
+async def test_request_validation_exception_wrapper_success_path() -> None:
+    req = Request({"type": "http", "headers": [], "state": {"request_id": "req-wrap-1"}})
+    exc = RequestValidationError(
+        [
+            {
+                "loc": ("query", "limit"),
+                "msg": "value is not a valid integer",
+                "type": "type_error.integer",
+            }
+        ]
+    )
+
+    resp = await _request_validation_exception_handler(req, exc)
+    assert resp.status_code == 422
+    assert b"request_id" in resp.body
+
+
+@pytest.mark.asyncio
+async def test_response_validation_handler_includes_request_id() -> None:
+    req = Request(
+        {
+            "type": "http",
+            "method": "GET",
+            "path": "/x",
+            "headers": [],
+            "state": {"request_id": "req-2"},
+        }
+    )
+    exc = ResponseValidationError(
+        [
+            {
+                "loc": ("response", "name"),
+                "msg": "field required",
+                "type": "value_error.missing",
+            }
+        ]
+    )
+
+    resp = await _response_validation_handler(req, exc)
+    assert resp.status_code == 500
+    assert resp.body
+
+
+@pytest.mark.asyncio
+async def test_response_validation_exception_wrapper_success_path() -> None:
+    req = Request(
+        {
+            "type": "http",
+            "method": "GET",
+            "path": "/x",
+            "headers": [],
+            "state": {"request_id": "req-wrap-2"},
+        }
+    )
+    exc = ResponseValidationError(
+        [
+            {
+                "loc": ("response", "name"),
+                "msg": "field required",
+                "type": "value_error.missing",
+            }
+        ]
+    )
+
+    resp = await _response_validation_exception_handler(req, exc)
+    assert resp.status_code == 500
+    assert b"request_id" in resp.body

frontend/cypress/e2e/activity_feed.cy.ts

@@ -1,31 +1,59 @@
 /// <reference types="cypress" />
 
+// Clerk/Next.js occasionally triggers a hydration mismatch on the SignIn route in CI.
+// This is non-deterministic UI noise for these tests; ignore it so assertions can proceed.
+Cypress.on("uncaught:exception", (err) => {
+  if (err.message?.includes("Hydration failed")) {
+    return false;
+  }
+  return true;
+});
+
 describe("/activity feed", () => {
   const apiBase = "**/api/v1";
   const email = Cypress.env("CLERK_TEST_EMAIL") || "jane+clerk_test@example.com";
 
-  function stubSseEmpty(pathGlob: string, alias: string) {
-    cy.intercept("GET", pathGlob, {
-      statusCode: 200,
-      headers: {
-        "content-type": "text/event-stream",
-      },
-      body: "",
-    }).as(alias);
-  }
+  const originalDefaultCommandTimeout = Cypress.config("defaultCommandTimeout");
 
-  function assertSignedInAndLanded() {
-    cy.waitForAppLoaded();
-    cy.contains(/live feed/i).should("be.visible");
-  }
-
-  it("auth negative: signed-out user is redirected to sign-in", () => {
-    // SignedOutPanel runs in redirect mode on this page.
-    cy.visit("/activity");
-    cy.location("pathname", { timeout: 20_000 }).should("match", /\/sign-in/);
+  beforeEach(() => {
+    // Clerk's Cypress helpers perform async work inside `cy.then()`.
+    // CI can be slow enough that the default 4s command timeout flakes.
+    Cypress.config("defaultCommandTimeout", 20_000);
   });
 
-  it("happy path: renders feed items from the activity endpoint", () => {
+  afterEach(() => {
+    Cypress.config("defaultCommandTimeout", originalDefaultCommandTimeout);
+  });
+
+  function stubStreamsEmpty() {
+    // The activity page connects multiple SSE streams (tasks/approvals/agents/board memory).
+    // In E2E we keep them empty to avoid flake and keep assertions deterministic.
+    const emptySse = {
+      statusCode: 200,
+      headers: { "content-type": "text/event-stream" },
+      body: "",
+    };
+
+    cy.intercept("GET", `${apiBase}/boards/*/tasks/stream*`, emptySse).as(
+      "tasksStream",
+    );
+    cy.intercept("GET", `${apiBase}/boards/*/approvals/stream*`, emptySse).as(
+      "approvalsStream",
+    );
+    cy.intercept("GET", `${apiBase}/boards/*/memory/stream*`, emptySse).as(
+      "memoryStream",
+    );
+    cy.intercept("GET", `${apiBase}/agents/stream*`, emptySse).as("agentsStream");
+  }
+
+  function stubBoardBootstrap() {
+    // Some app bootstraps happen before we get to the /activity call.
+    // Keep these stable so the page always reaches the activity request.
+    cy.intercept("GET", `${apiBase}/organizations/me/member*`, {
+      statusCode: 200,
+      body: { organization_id: "org1", role: "owner" },
+    }).as("orgMeMember");
+
     cy.intercept("GET", `${apiBase}/boards*`, {
       statusCode: 200,
       body: {
@@ -42,28 +70,42 @@ describe("/activity feed", () => {
         chat_messages: [],
       },
     }).as("boardSnapshot");
+  }
 
-    cy.intercept("GET", `${apiBase}/activity*`, {
+  function assertSignedInAndLanded() {
+    cy.waitForAppLoaded();
+    cy.contains(/live feed/i).should("be.visible");
+  }
+
+  it("auth negative: signed-out user is redirected to sign-in", () => {
+    // SignedOutPanel runs in redirect mode on this page.
+    cy.visit("/activity");
+    cy.location("pathname", { timeout: 20_000 }).should("match", /\/sign-in/);
+  });
+
+  it("happy path: renders task comment cards", () => {
+    stubBoardBootstrap();
+
+    cy.intercept("GET", "**/api/v1/activity**", {
       statusCode: 200,
       body: {
         items: [
           {
-            id: "evt-1",
-            created_at: "2026-02-07T00:00:00Z",
+            id: "e1",
             event_type: "task.comment",
             message: "Hello world",
             agent_id: null,
+            agent_name: "Kunal",
+            created_at: "2026-02-07T00:00:00Z",
             task_id: "t1",
+            task_title: "CI hardening",
+            agent_role: "QA 2",
           },
         ],
       },
     }).as("activityList");
 
-    // Prevent SSE connections from hanging the test.
-    stubSseEmpty(`${apiBase}/boards/b1/tasks/stream*`, "tasksStream");
-    stubSseEmpty(`${apiBase}/boards/b1/approvals/stream*`, "approvalsStream");
-    stubSseEmpty(`${apiBase}/boards/b1/memory/stream*`, "memoryStream");
-    stubSseEmpty(`${apiBase}/agents/stream*`, "agentsStream");
+    stubStreamsEmpty();
 
     cy.visit("/sign-in");
     cy.clerkLoaded();
@@ -71,23 +113,23 @@ describe("/activity feed", () => {
 
     cy.visit("/activity");
     assertSignedInAndLanded();
+    cy.wait("@activityList", { timeout: 20_000 });
 
-    cy.contains("CI hardening").should("be.visible");
-    cy.contains("Hello world").should("be.visible");
+    // Task-title rendering can be either enriched title or fallback label,
+    // depending on metadata resolution timing.
+    cy.contains(/ci hardening|unknown task/i).should("be.visible");
+    cy.contains(/hello world/i).should("be.visible");
   });
 
   it("empty state: shows waiting message when no items", () => {
-    cy.intercept("GET", `${apiBase}/boards*`, {
-      statusCode: 200,
-      body: { items: [] },
-    }).as("boardsList");
+    stubBoardBootstrap();
 
-    cy.intercept("GET", `${apiBase}/activity*`, {
+    cy.intercept("GET", "**/api/v1/activity**", {
       statusCode: 200,
       body: { items: [] },
     }).as("activityList");
 
-    stubSseEmpty(`${apiBase}/agents/stream*`, "agentsStream");
+    stubStreamsEmpty();
 
     cy.visit("/sign-in");
     cy.clerkLoaded();
@@ -95,22 +137,20 @@ describe("/activity feed", () => {
 
     cy.visit("/activity");
     assertSignedInAndLanded();
+    cy.wait("@activityList", { timeout: 20_000 });
 
     cy.contains(/waiting for new activity/i).should("be.visible");
   });
 
   it("error state: shows failure UI when API errors", () => {
-    cy.intercept("GET", `${apiBase}/boards*`, {
-      statusCode: 200,
-      body: { items: [] },
-    }).as("boardsList");
+    stubBoardBootstrap();
 
-    cy.intercept("GET", `${apiBase}/activity*`, {
+    cy.intercept("GET", "**/api/v1/activity**", {
       statusCode: 500,
       body: { detail: "boom" },
     }).as("activityList");
 
-    stubSseEmpty(`${apiBase}/agents/stream*`, "agentsStream");
+    stubStreamsEmpty();
 
     cy.visit("/sign-in");
     cy.clerkLoaded();
@@ -118,7 +158,11 @@ describe("/activity feed", () => {
 
     cy.visit("/activity");
     assertSignedInAndLanded();
+    cy.wait("@activityList", { timeout: 20_000 });
 
-    cy.contains(/unable to load activity feed|boom/i).should("be.visible");
+    // Depending on how ApiError is surfaced, we may show a generic or specific message.
+    cy.contains(/unable to load activity feed|unable to load feed|boom/i).should(
+      "be.visible",
+    );
   });
 });