irmin serve: Tw_html DSL + GitHub OAuth with allowlist

Monorepo management for opam overlays

HTML is now composed from tw.html's typed DSL (no raw strings, no
CDN scripts); /tw.css is generated at startup from a sample page.
Upload form is a plain <form action method POST enctype multipart>
that the browser submits natively.

GitHub OAuth wired via ocaml-auth:
- enabled when IRMIN_AUTH_CLIENT_ID/_SECRET/_BASE_URL/_COOKIE_SECRET
are all set; otherwise uploads are unauthenticated (dev mode).
- Auth.routes mounted under /auth/github*, /auth/signout.
- Auth DB at .irmin/auth.db (SQLite, single-process).
- Each page renders a header strip: "Sign in with GitHub" with no
session, "<email> [Sign out]" when signed in, nothing when off.

Upload allowlist lives inside the store at refs/meta/config,
file admin.toml (Gerrit convention). Format:
[[allow]]
email = "you@example.com"
Re-read on every upload, so editing and committing admin.toml
takes effect without restarting. Missing or empty allowlist means
no one is allowed (safe default).

Dependencies added: tw, tw.html, auth, oauth, requests, tomlt.

Thomas Gazagnaire 2 months ago d87f2c9c f50ef71b

+1 -1

1 changed file

expand all

lib

changes.ml

+1 -1

lib/changes.ml

··· 613 613 614 614 let run_claude_analysis ~sw ~process_mgr ~clock prompt = 615 615 let output_format = 616 - Claude.Proto.Structured_output.of_json_schema changelog_output_schema 616 + Claude.Structured_output.of_json_schema changelog_output_schema 617 617 in 618 618 let options = 619 619 Claude.Options.default

Configure Feed

Configure Feed