cpatpa/PIP
Deep Supabase-to-pg migration with firm-specific auth, workspaces, and a growing roadmap through vector RAG
cpatpa/PIP is a fork being rebuilt ground-up for Piper Alderman, an Australian law firm. The defining change is a complete replacement of the Supabase JS backend with plain parameterised pg queries across all routes - about 130 call sites converted in ordered migrations. On top of that: Auth.js v5 with a Credentials provider and Microsoft Entra OIDC, a mandatory post-signup onboarding wizard collecting AU-specific practice profile data, workspaces as a team-scope layer above users, join-table sharing replacing JSONB email arrays, and a full admin panel with per-field audit events.
The fork has now completed nine phases. Phase 9 landed per-user memory with model-driven capture and - critically - actually implemented the four-layer system-prompt assembly (org → workspace → user custom instructions → memory block) that the upstream architecture doc described but never wired up. Phases 10-14 exist as detailed design documents covering web search with SSRF defence, group-based RBAC, multi-model comparison, pgvector hybrid retrieval, and knowledge collections.
Infrastructure is Docker Compose: postgres, backend, frontend, Ollama for local LLM, Caddy for TLS, and a nightly pg_dump sidecar. Local storage uses AES-256-GCM per-file encryption. The Ollama adapter supports the full OpenAI-style tool-call loop.
What's in it
- Self-hosted, offline-capable AI Runs end-to-end on a firm's own hardware, with a local model path hardened for deployments where no cloud provider is allowed to leave the building.
- Enterprise sign-in Microsoft Entra OIDC and a tightened password-reset flow replace the original consumer-style auth, so users log in with the same account they use for everything else.
- Admin-controlled AI A single admin console decides which providers and models users see, with curated local models and tunable rate limits - the user-facing model picker is no longer a free-for-all.
- Workspaces and granular sharing A team layer sits between user and firm, and projects and reviews have a real membership system instead of a list of email addresses.
- Persistent memory and honest instructions The assistant remembers things between chats, and the custom-instructions box the product always advertised is now actually wired into every prompt.
- Firm-customisable branding A top-to-bottom rebrand from Mike to Pip, plus an admin surface so a firm can swap in its own colours and logos without redeploying.
- One-command deployment A bare-metal installer turns a fresh Ubuntu box into a running PIP, seeds a working admin login on day one, and ships operator tools to keep it alive. Document retention is staged so accidental deletes are recoverable.
Direction
infrastructuremulti-tenantbranding
Activity
Threads of work (detailed view)
cpatpa teaches Mike to remember who it's talking to
Per-user memory plus a layered instruction system that finally lets an org, a workspace, and an individual all shape how the AI behaves.
cpatpa ships per-user memory and finally wires the layered system prompt
Phase 9 is two features: a `user_memories` table with model-driven capture, LRU eviction, and a pin cap enforced by a Postgres trigger; and the four-layer system-prompt assembly that the fork's architecture doc had always described but never implemented. Both are behind opposite-default flags.
cpatpa is drawing up the blueprints before laying any code
Five commits add no features at all - just detailed designs for the next five, and together they point somewhere ambitious.
cpatpa lands design docs for five roadmap phases - web search through knowledge collections
Five docs-only commits covering Phases 10-14: web search with SSRF defence, groups and granular RBAC, multi-model side-by-side comparison, pgvector RAG with hybrid retrieval, and knowledge collections. No code yet, but the data model and migration plans are detailed enough to preview where this fork is heading.
cpatpa decides which AI models a firm is actually allowed to use
Access control for the AI engine now runs through one gate, with a default that exposes nothing until an admin signs off.
LLM policy: admin-driven provider switches, curated local models, IPv6 rate-limit fix
Three commits moving LLM configuration from hardcoded defaults into `org_settings`, fixing an IPv6 rate-limiter bug that logged an error on every backend boot, and bumping rate-limit defaults from debug-obstacle levels to something suited for normal firm use.
cpatpa makes Mike stop crashing when external AI is switched off
A multi-layer fix so chat falls back gracefully instead of dying with a confusing policy error.
LLM dispatch bug hunt: local/* prefix ignored, stale model ids crash chat
Seven commits tracing one user-visible symptom - `POST /chat` throwing "External AI providers are disabled" on a deployment where only Ollama was provisioned - through four layers of the dispatch stack before landing on the real root cause: `resolveModel` in `lib/llm/models.ts` didn't recognise `local/*` model ids and silently reset them to the Gemini default.
cpatpa rebrands Mike as PIP and teaches it to think in Australian law
A wholesale makeover for law firm Piper Alderman, with the assistant retuned to local legal conventions.
Mike-to-PIP rename: identifiers, localStorage keys, DnD MIME types, admin branding
Four commits sweeping "Mike" out of cpatpa's codebase - browser-visible strings first, then internal TypeScript identifiers, then package names and localStorage keys - plus an admin-managed branding system for firm colour tokens and logo variants.
cpatpa untangles the routing trap every Mike fork walks into
When your backend and your web app live at the same address, the proxy in front can't always tell a click from a data call - cpatpa worked out a fix.
cpatpa turns standing up PIP into a single command
One guided script takes a bare Linux server to a running, secured deployment - no DevOps team required.
Bare-metal installer: whiptail wizard, self-signed TLS, operator tools
A `sudo bash install.sh` flow that takes a clean Ubuntu 22.04+ or Debian 12+ host from nothing to a running deployment. Fourteen commits of iterative hardening, fixing real bugs found on actual boxes. None of this is in upstream; most is firm-deployment-specific, but the gotchas it patches are generic.
cpatpa hardwires Piper Alderman into the account page
The fork is shedding the parts of Mike that only make sense if you're serving many firms at once.
Account page: hardcoded org name, role label replaces usage tier
Single commit reshaping the Account page for a single-tenant deployment. The per-user organisation field and the Usage Plan section are gone; in their place, a hardcoded "Piper Alderman" line and an "Account type" field showing "Administrator" or "User" derived from the JWT role.
cpatpa makes Mike log you in the moment it's installed
The installer can now hand the first administrator a working password, so there's no signup dance before anyone can get into a fresh deployment.
Installer seeds bootstrap admin password; Postgres parameter-type bug fixed
Two commits. The installer now asks for a `BOOTSTRAP_ADMIN_PASSWORD` so the operator can sign in immediately after deploy without going through the signup form. The follow-up fixes a silent Postgres transaction abort that prevented the admin account from ever being created.
cpatpa rebrands Mike as Piper Alderman's own in-house tool
The fork sheds its cloud dependencies and turns into something a firm can run entirely on infrastructure it controls.
cpatpa builds retention that deletes on a timer but gives you a way back
A new auto-deletion system clears out aged documents, chats, and review tables on schedule - with a grace period so nothing vanishes the instant the clock runs out.
Phase 10: two-phase document retention with grace window and admin recovery UI
A daily retention job that flag-then-hard-deletes documents, chats, and tabular reviews past their retention horizon. A 7-day grace window between flag and deletion lets admins recover items before bytes are gone, and an `/admin/retention` tab makes that recovery visible.
cpatpa makes PIP something a firm can run entirely on its own servers
Local AI, encrypted storage, and admin controls turn this fork into a self-hosted deployment that never has to phone home.
cpatpa ships five phases in one squash: admin API, local storage, Ollama adapter, Docker, and rate-limiting
A single mega-commit (`9166a01d`, 1349 added lines across 24 files) bundles Phases 4-8: the admin backend, an AES-256-GCM local storage driver, an Ollama adapter, Docker Compose deployment, and per-user rate limiting. A follow-on commit adds tool-call support to the Ollama adapter.
cpatpa makes Mike learn who you are before you can use it
A new onboarding gate, a personal-instructions panel, and an editable practice profile turn Mike from a generic tool into one that knows your jurisdictions and how you work.
cpatpa adds a mandatory onboarding wizard and per-user custom instructions
Three commits build the post-signup data-capture flow: a redirect-enforced onboarding wizard, a custom instructions panel with a 4096-char server-side cap, and a practice profile panel for updating the same fields after signup. The org-specific content (Piper Alderman's AU jurisdictions and practice areas) is seeded directly in `org_settings`.
cpatpa slots a team layer between the firm and its lawyers
Mike's base fork treats everyone as one big pool of users; cpatpa's version carves it into walled-off team spaces, each with its own AI rules.
cpatpa adds a workspaces layer between users and the organisation
Three commits build a team-scope container that sits above individual users: the `workspaces` and `workspace_members` tables, workspace_id foreign keys on projects/chats/reviews/workflows with backfill, and a full frontend workspace switcher and management UI. Each user gets an auto-provisioned Personal workspace on signup.
cpatpa rebuilds how shared projects know who's allowed in
Sharing moves off a loose list of email addresses and onto a real membership model with roles.
cpatpa replaces shared_with JSONB arrays with proper join tables
Two migrations swap the upstream `shared_with text[]` pattern for `project_members` and `review_members` join tables, both with FK to `users(id)`, RLS forced, and a live backfill of existing rows. The legacy JSONB columns stay in the schema for one cycle as a rollback net.
cpatpa rips out the rented database and rebuilds the plumbing in-house
Phase 2 swaps a hosted database service for a self-run Postgres setup - and hardens how user data lives and dies along the way.
cpatpa replaces the entire Supabase JS backend with plain pg queries
Nine commits rip out `@supabase/supabase-js` from the backend and replace every PostgREST call with parameterised pg queries - 29 call sites in projects.ts alone, 49 in tabular.ts, roughly 130 total across all routes. The package is gone from package.json by the end of the sequence.
cpatpa swaps the lock on the front door for Microsoft sign-in
This fork drops its old hosted login for a self-owned system that lets people sign in with their work Microsoft accounts.
Phase 2: Auth.js v5 replaces Supabase Auth; Entra OIDC; password reset
Full replacement of Supabase Auth with Auth.js v5, plus Microsoft Entra OIDC as a second provider and a complete password-reset flow. The session model is worth reading if you're evaluating the fork's auth approach; the individual security patterns (non-enumerating reset endpoint, hash-before-store) are portable regardless of stack.
cpatpa closes the security findings before anyone ships on them
Phase 1 of cpatpa's fork works through a numbered list of audit findings and shuts each one down.
Phase 1 security hardening: dead secrets files deleted, body limits, CSP, error redaction
Three commits closing the bulk of an upstream security audit. The most urgent finding - two dead frontend files that referenced god-mode credentials - is fixed first. The rest cover body size limits, zip/XML bomb guards, JWT email validation, a CSP policy, multer upgrade, and scrubbing raw Postgres errors from API responses.
cpatpa opens the Piper Alderman fork with the locks on, not the features
Before shipping anything new, cpatpa spent the first commit on security triage and a governance rulebook for everything that follows.