easterbrooka/mike

A production-hardened fork deployed on AWS under a new product name, with substantive work on encryption, email parsing, auth, and security controls.

Active development on a live AWS deployment. The encryption work is multi-PR and methodical - additive primitives, then wire-format fixes, then call-site cutover - suggesting an operator taking incremental production steps rather than shipping a big-bang refactor. Email parsing work has real test coverage (16 cases for attachment inlining, 6 for the .msg parser fixes). The Entra SSO change is opinionated and hard to disentangle from the useful system-key-fallback piece. Several security changes (IDOR fix, project boundary enforcement, Phase 1 hardening) indicate active security attention. The rebrand to "Michelle" and the presence of an `amplify.yml` confirm this is a production product deployment, not an experimental fork.

View on GitHub →

easterbrooka's fork of willchen96/mike is a working deployment - the commits reflect an operator shipping a product on AWS ECS and Amplify under the name "Michelle," not someone exploring the codebase. The substantive work falls into two clusters.

The first is an envelope-encryption programme running across multiple PRs. Phase 1 hardened logging, transport, and object storage and decoupled download-link signing from the Supabase service-role key. Phase 2 landed the cryptography primitives - AES-256-GCM envelopes, a KMS wrapper, HMAC email lookup, per-tenant DEK table - as an additive schema change. A follow-up commit then fixed the wire-format bug that would have made every encrypted write fail (raw Node Buffers need hex-literal conversion before they reach PostgREST). The dual-read/dual-write call-site cutover is in a separate PR.

The second cluster is email-document handling. easterbrooka added .msg upload support, fixed two silent parser failures affecting Outlook-exported files (blank bodies, dropped forwarded-message attachments), and extended the LLM read path to inline attachment text from within .msg and .eml files - PDFs, DOCX, XLSX, and nested messages up to three levels deep.

Other notable changes: Microsoft Entra SSO replaces email/password login, with a system-level LLM key fallback that lets users without personal API keys use models configured at the deployment level. The project folder boundary was promoted to a security control. Several smaller fixes addressed drag-and-drop uploads, disabled-button tooltips, and an IDOR in tabular review document access.

What's in it

Direction

securitybrandinginfrastructure

Activity

Themed changes and pull requests touching this fork, newest first. Themed changes that haven't been turned into a public post yet still appear — they're real work even without a published writeup.

✅ #11 Accept .msg (Outlook) uploads alongside .eml +217 -10 2mo ago self by easterbrooka ↗ analysis ↗ GitHub
Outlook saves emails as proprietary binary OLE compound documents (.msg), not RFC 822. Extends the .eml work to also handle .msg by adding a parser that maps @kenjiuno/msgreader output onto the same ParsedEml shape - so …
✅ #10 Fix workflow shares causing crash +7 -1 2mo ago self by easterbrooka ↗ analysis ↗ GitHub
getAdminClient() was reading NEXT_PUBLIC_SUPABASE_URL - that's a Next.js frontend convention that the backend never had defined. The empty fallback made supabase-js throw "supabaseUrl is required" synchronously from insi…
📝 Operational handoff doc removed from repo 1 commit 3mo ago minor change
Show 20 more
📝 Fix projects allowlist drift 0 commits minor change
📝 Import Karpathy-style coding discipline guide 0 commits minor change
📝 Envelope encryption primitives land; nothing uses them yet 0 commits securityinfrastructure draft
easterbrooka added the full cryptography layer for envelope-encrypted API keys and workflow shares - KMS wrapper, AES-256-GCM envelope, HMAC email lookup - without wiring any of it into the running backend. The split is …
📝 Buffer-to-hex conversion fixes bytea writes through PostgREST 0 commits securityinfrastructure draft
When easterbrooka's envelope encryption started writing ciphertext columns, the first production insert would have 500'd. `JSON.stringify` serialises a Node Buffer as `{"type":"Buffer","data":[...]}`, which PostgREST can…
📝 Fix admin Supabase client env var crashing /workflows 0 commits minor change
📝 easterbrooka/mike: Outlook .msg uploads added alongside .eml 0 commits intakediscovery draft
easterbrooka extended the existing .eml ingestion path to cover Outlook's binary .msg format, mapping both onto a shared parsed-email shape so the viewer, the read_document tool, and the structure-tree extraction see no …
📝 Fix HTML body and inner-message rendering in the chat surface 0 commits chat-ui draft
easterbrooka patched the message rendering path to fix how assistant turns compose HTML bodies and how nested sub-messages get displayed. No diff was captured, but the branch name points at both problems sharing a common…

Threads of work (detailed view)

23 threads have been distilled into posts.

Radix tooltip explains why the Create button is disabled

The "Review name" and "Workflow name" inputs in the creation modals are styled as large serif headings, so users miss them and assume the greyed-out Create button is broken. easterbrooka iterated through three commits to fix it, landing on a Radix tooltip as the final approach.

easterbrooka/mike: Outlook .msg uploads added alongside .eml

easterbrooka extended the existing .eml ingestion path to cover Outlook's binary .msg format, mapping both onto a shared parsed-email shape so the viewer, the read_document tool, and the structure-tree extraction see no difference.

Buffer-to-hex conversion fixes bytea writes through PostgREST

When easterbrooka's envelope encryption started writing ciphertext columns, the first production insert would have 500'd. `JSON.stringify` serialises a Node Buffer as `{"type":"Buffer","data":[...]}`, which PostgREST cannot coerce to bytea. This commit fixes that before any data hits the wire.

Envelope encryption primitives land; nothing uses them yet

easterbrooka added the full cryptography layer for envelope-encrypted API keys and workflow shares - KMS wrapper, AES-256-GCM envelope, HMAC email lookup - without wiring any of it into the running backend. The split is deliberate: call-site changes come in a follow-up PR.

Pull requests (detailed view)

17 PRs touch this fork — inbound (filed against it) or outbound (filed from it). State icons match the editorial dashboard.

✅ Merged (17)

Show 7 more merged