Bug Reporting & Transparency
New Features
In-app bug reporting: Users can now report bugs directly from the sidebar via a modal dialog. Captures title, description, severity (critical/high/medium/low), current page URL, browser metadata (viewport, platform, language, theme), and a snapshot of recent API calls for debugging context. Success toast confirms submission. Available from any page via the bug icon in the sidebar footer.
Admin bug reports page: Platform-wide bug triage at
/admin/bug-reports. Filterable by status (open, acknowledged, investigating, resolved, won’t fix, duplicate) and severity. Master-detail layout with inline status updates and admin notes. Includes resolution time tracking for resolved bugs.Public transparency page: Marketing site now includes
/transparencyshowing live bug tracking metrics. Displays total bugs reported, resolved count, resolution rate, and average resolution time. Recent reports listed with severity/status badges (titles only, anonymised). Severity breakdown with progress bars. All data fetched client-side from public API endpoints — no authentication required.Report Bug sidebar item: New bug icon between Logs and Settings in the app sidebar. Opens the bug report modal.
Bug age indicators: Transparency page now shows relative age for each report (“6h ago”, “1d 6h ago”) with visual urgency indicators. Open bugs older than 24 hours show amber highlighting; bugs older than 3 days show red. Progress bars indicate age at a glance.
Resolution time display: Resolved bugs show time-to-resolution with a ↻ prefix (e.g. ”↻ 2h”). Helps demonstrate response times publicly.
Email notifications on resolution: When an admin marks a bug as resolved, won’t fix, or duplicate, the reporter receives an email notification with the bug title and status. Sent via AWS SES.
Random bug IDs: Bug reports now use random 4-character suffixes (e.g.
bug_vtp0,bug_6ec0) instead of sequential numbers. Prevents information leakage about bug volume. Uses a 32-character alphabet excluding ambiguous characters (i, l, o, u).
API
POST /api/v1/bug-reports— Submit a bug report (authenticated users or API keys)GET /api/v1/bug-reports— List own bug reports with paginationGET /api/v1/bug-reports/:id— Get single report detailGET /admin/bug-reports— Admin: list all reports, filterable by status and severityGET /admin/bug-reports/:id— Admin: full report with browser/API contextPATCH /admin/bug-reports/:id— Admin: update status/notes, triggers email on terminal statusGET /v1/transparency/stats— Public: aggregate metrics (totals, resolution rate, averages)GET /v1/transparency/recent— Public: recent reports with timestamps for age calculation
Database
- New bug reports table storing organisation reference, optional user reference (nullable for API key submissions), random public ID for external reference, title, description, severity, page URL, browser metadata, API call context, status workflow, admin notes, resolution timestamp, and audit timestamps.
- Indexed for efficient filtering by status, severity, date, and public ID lookup.
Marketing Site
- New Transparency link in header navigation and footer (Developers column).
- Transparency page styled with animated counters, severity progress bars, status badges, and age urgency indicators.
- “Open bug age” legend explaining colour coding (<24h, 1-3d, >3d).
- “Our commitment” section with transparency pledges.
- Client-side fetch from public API endpoints.
- CORS configuration updated to allow marketing site origin.
Architecture
- Bug report routes split across three contexts: public transparency (no auth), admin (platform admin only), and user (tenant-scoped).
- Transparency endpoints bypass authentication via public paths configuration.
- Bug report modal component with validation and automatic API call capture.
- Admin page with master-detail layout, filter dropdowns, and inline editing.
- Email service integration for resolution notifications.
- Random public ID generation with collision retry for external-facing bug references.