From 850d1d4e419221e4a129d1c19cce5e31d928caf1 Mon Sep 17 00:00:00 2001 From: Hoid Date: Tue, 24 Feb 2026 10:03:30 +0000 Subject: [PATCH] DocFast session 87: cache header fix, SEO audit --- memory/calendar-reminders-sent.json | 3 ++- memory/portfolio.json | 12 ++++----- projects/business/memory/sessions.md | 17 ++++++++++++ projects/snapapi/memory/sessions.md | 39 ++++++++++++++++++++++++++++ projects/snapapi/memory/state.json | 17 +++++++----- 5 files changed, 74 insertions(+), 14 deletions(-) diff --git a/memory/calendar-reminders-sent.json b/memory/calendar-reminders-sent.json index 701c1d4..ab81004 100644 --- a/memory/calendar-reminders-sent.json +++ b/memory/calendar-reminders-sent.json @@ -1,5 +1,6 @@ { "sent": [ - {"event": "Marie besuchen", "date": "2026-02-07", "remindedAt": "2026-02-07T09:31:00Z"} + {"event": "Marie besuchen", "date": "2026-02-07", "remindedAt": "2026-02-07T09:31:00Z"}, + {"event": "StandUp Team", "date": "2026-02-24", "remindedAt": "2026-02-24T08:02:00Z"} ] } diff --git a/memory/portfolio.json b/memory/portfolio.json index 6d8fc56..8e779cb 100644 --- a/memory/portfolio.json +++ b/memory/portfolio.json @@ -54,12 +54,12 @@ "created": "2026-02-12T20:00:00Z", "lastUpdated": "2026-02-23T16:15:00Z", "closingSnapshot": { - "date": "2026-02-23", - "DFNS": 58.85, - "portfolioValue": 1046.59, - "dailyPL": 9.96, - "dailyPLpct": 0.96, - "totalReturn": 4.66 + "date": "2026-02-24", + "DFNS": 59.04, + "portfolioValue": 1050.14, + "dailyPL": 3.55, + "dailyPLpct": 0.34, + "totalReturn": 5.01 }, "pendingActions": [] } diff --git a/projects/business/memory/sessions.md b/projects/business/memory/sessions.md index 2e4c206..550f46f 100644 --- a/projects/business/memory/sessions.md +++ b/projects/business/memory/sessions.md @@ -1859,6 +1859,23 @@ - Full audit: mobile, legal, compression, security headers, structured data, error handling - Competitive analysis: well-positioned on pricing +## Session 87 — 2026-02-24 10:00 UTC (Tuesday Morning) +- **Production:** v0.4.3 ✅ healthy (270k seconds uptime) +- **Staging:** v0.4.5 (commit 272c03c deployed) ✅ — CI runner back online! +- **Support:** Zero tickets +- **Verified session 86 changes on staging:** + - `df_free` placeholder gone ✅ + - Branded HTML email template committed ✅ +- **New finding:** Landing page (`/`) missing `Cache-Control` header — all other HTML pages had it (86400s). Root cause: served by `express.static` fallback instead of explicit route. +- **Fix shipped (commit ec7af37):** Explicit `GET /` route with `Cache-Control: public, max-age=3600` (1hr, shorter than others since landing content changes more) +- **SEO audit:** Not indexed yet (10 days, normal). Structured data solid (SoftwareApplication + FAQPage). Sitemap correct. robots.txt correct. Blocked on GSC verification for faster indexing. +- **Competitive check:** DocRaptor, PDFShift, API2PDF dominate search. We're well-positioned on pricing (€9 vs $15-29 competitors). +- **Demo endpoint verified:** Cold start 4.5s, warm 0.3s — excellent performance. +- **DB stats:** 57 keys (1 pro, 56 free legacy), 4,178 PDFs, 10 active keys +- **Investor Test:** All 5 ✅ +- **Budget:** €181.71 remaining, Revenue: €9 +- **Pending:** Prod tag approval (25 commits ahead), SDK tokens, GSC verification + ## Session 86 — 2026-02-24 07:00 UTC (Tuesday Morning) - **Production:** v0.4.3 ✅ healthy (259k seconds uptime, ~3 days) - **Staging:** v0.4.5 (commit 94586e3) ✅ healthy — CI hasn't built latest commit yet diff --git a/projects/snapapi/memory/sessions.md b/projects/snapapi/memory/sessions.md index 815705b..0480bab 100644 --- a/projects/snapapi/memory/sessions.md +++ b/projects/snapapi/memory/sessions.md @@ -1,5 +1,44 @@ # SnapAPI Session Log +## Session 17 — 2026-02-24 08:00 UTC (GET Endpoint + Response Caching) + +**Goal:** Add competitive features — GET endpoint for image embedding, response caching. + +### What Was Done + +1. **GET /v1/screenshot endpoint** (staging): + - All params via query string, auth via `?key=` param + - Enables `` embedding + - Updated auth middleware, OpenAPI docs + +2. **In-memory LRU response cache** (staging): + - SHA256 cache key from URL + all params + - 5-min default TTL (`CACHE_TTL_MS`), 100MB max (`CACHE_MAX_MB`) + - `X-Cache: HIT/MISS` response headers + - Bypass via `?cache=false` or `cache: false` in POST body + - Auto-eviction when memory limit reached + +3. **Landing page updated** (staging): + - Added GET/Embed code tab with `` embedding example + - Added "Response Caching" and "GET Request Support" feature cards + +4. **Deployed to staging** — commit `44e31e3`, verified healthy + +### Investor Test — Session 17 +1. Would a stranger trust this? **Yes** — production works, playground demos well +2. Pod crash data loss? **No** — all in PostgreSQL +3. Free tier abuse? **Low risk** — playground is IP-limited, watermarked +4. Key recovery? **Not yet** — needs Stripe customer portal +5. Website features work? **Yes** on production (staging has more features pending deploy) + +### Pending Investor Decisions (unchanged) +- Tag v0.5.0 for production (includes: GET endpoint, caching, SDK tabs, bug fixes for FAQ/privacy/browser restart) +- Register Stripe webhook URL +- Forgejo token for CI/CD +- DNS for staging.snapapi.eu + +--- + ## Session 16b — 2026-02-23 20:00 UTC (Skipped) Skipped — 3 reports already sent today (08:00, 14:00, 17:00). Production healthy. No investor responses. No new work. diff --git a/projects/snapapi/memory/state.json b/projects/snapapi/memory/state.json index 9a51fce..bb0fb0b 100644 --- a/projects/snapapi/memory/state.json +++ b/projects/snapapi/memory/state.json @@ -1,11 +1,11 @@ { "phase": "production-live", - "version": "0.4.3-prod / 0.4.5-staging", + "version": "0.4.3-prod / 0.5.0-staging", "staging": { "status": "running", "namespace": "snapapi-staging", "replicas": 1, - "image": "docker.io/library/snapapi:v0.4.3", + "image": "git.cloonar.com/openclawd/snapapi:latest", "healthCheck": "passing" }, "production": { @@ -22,16 +22,19 @@ ], "completed": [ "Core screenshot API (POST /v1/screenshot)", + "GET /v1/screenshot endpoint with ?key= auth (staging) — enables embedding", + "In-memory LRU response cache with X-Cache headers (staging) — 5min TTL, 100MB max, bypass via cache=false", "Playground endpoint (POST /v1/playground) — no auth, IP rate limited (5/hr), watermarked", "Watermark service — overlays 'snapapi.eu — upgrade for clean screenshots' on playground output", "Health check (GET /health)", "SSRF protection (blocks private IPs, metadata, K8s services)", - "Browser pool with auto-recycling", + "Browser pool with auto-recycling + staggered restart (staging)", "PostgreSQL DB integration (api_keys + usage tables)", "Usage tracking with per-key limits", "REDESIGNED landing page — playground as hero demo, no free tier, paid-only pricing", - "Swagger/OpenAPI interactive docs at /docs", - "OpenAPI 3.0.3 spec at /openapi.json (updated for v0.3.0)", + "Landing page with tabbed code examples (cURL/Node.js/Python/GET-Embed) + caching feature cards (staging)", + "Swagger/OpenAPI interactive docs at /docs (updated with GET endpoint + cache params on staging)", + "OpenAPI 3.0.3 spec at /openapi.json", "Production deployment (2 replicas, HA, anti-affinity)", "Production TLS (Let's Encrypt) on snapapi.eu", "Staging deployment (1 replica)", @@ -57,7 +60,7 @@ "CI/CD pipeline: workflows updated, RBAC+kubeconfig ready, BLOCKED on Forgejo token scope (needs write:repository)", "Staging TLS (blocked on DNS for staging.snapapi.eu — no DNS record exists)", "External uptime monitoring (no UptimeRobot account/key)", - "Deploy browser fix to production (v0.4.4 tag needed — investor decision)" + "Deploy all staging features to production (v0.5.0 tag needed — investor decision)" ], "stripeProducts": { "starter": { @@ -73,6 +76,6 @@ "priceId": "price_1T2XHpRtlDv9c8GoThHfd8kS" } }, - "lastSession": "2026-02-23T17:00:00Z", + "lastSession": "2026-02-24T08:00:00Z", "codeLocation": "Forgejo repo openclawd/SnapAPI. Clone: git clone forgejo-snapapi:openclawd/SnapAPI.git" }