You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This epic tracks the work coming from a downstream fork that has been running on release/2.0-rc in production. We are filing the work as a coordinated set of PRs + RFC issues to keep review tractable.
OpenSpec changes governing this epic (in-fork only)
These three OpenSpec changes live inside our fork (in a gitignored openspec/ tree) and govern the scope, freeze, and audit of this work:
align-fork-with-upstream-rc — original 14-PR fork-alignment proposal
freeze-upstream-alignment-pr-scope — PR-scope freeze that pinned each PR to its current scope
These PRs collect remaining PUSH-classified divergent files into capability-coherent batches. All five planned theme PRs from audit-and-sanitize-meitu-develop Phase 6 are now open as of 2026-04-23.
PR-N2 — feat(auth): pluggable OA / SSO frontend with env-driven configuration #2474 — feat(auth): pluggable OA / SSO frontend with env-driven configuration. Audit A2 finding: 23 of the 25 files in this PR are Meitu-OA-specific (oa-auth namespace, non-standard OAuth dialect with appid/wx_user_id/oauth2/authorize_new, DEERFLOW_POSTGRES_URL env var, deerflow_oa_session cookie, brand template strings). Only frontend/src/core/api/gateway-fetch.ts and its test are upstream-friendly after a small refactor (split out the isOaAuthEnabled import). Per a downstream decision (audit-summary-for-review.md Decision 2: leave_as_is), the PR is left open as-is for the maintainer team to accept or reject — we have not force-pushed a smaller scope. Treat the maintainer's decision as authoritative. The upstream-friendly subset has been re-extracted into PR-N7 (feat(frontend): pluggable Gateway SSO header injection + workspace polish (PR-N7, fork-alignment) #2475) below.
This epic covers everything our fork has carried on top of release/2.0-rc that we believe belongs upstream. The remainder of the fork divergence is internal-only (Matrix deployment manifests, brand strings, fork-internal docs, the Meitu GitLab CI pipeline, etc.) and is recorded in our internal divergence registry (six-class routing: PUSH / BASELINE-DRIFT / KEEP-V / KEEP-I / REVERT / DROP).
Final empirical distribution of the 330 divergent paths between our meitu/develop and upstream/release/2.0-rc (post-Audit-B reclassification, 2026-04-23):
Label
Count
%
Notes
PUSH
154
46.7%
Going upstream via the PRs above (or already in flight)
KEEP-V
127
38.5%
Non-intrusive internal retention (Matrix docs ×84, fork-internal AI helper docs, brand UI shells, brand-stripping i18n locales, OA-Auth-namespaced files, deletion-of-upstream-test files no longer compatible after fork API reshape)
BASELINE-DRIFT
35
10.6%
Files byte-identical with upstream/main already; will absorb naturally on next sync
The previous distribution snapshot (177 / 104 / 35 / 14 / 0 / 0) was based on the registry as initially populated by the Phase 2 batch process. After a third-pass line-by-line review of every "orphan PUSH" path's diff (Audit B), 23 paths originally labelled PUSH were reclassified to KEEP-V because they turned out to be brand-stripping ({{brand}} template injection, brand color theming, GitHub-Star removal), Meitu-internal use cases (visitor-booking prompt template), Meitu OA-Auth namespace dependents, deploy-policy choices (extensions_config.py skill default, app/page.tsx redirect to /workspace), or deletions of upstream tests that became incompatible after the fork's API reshape. The CI infrastructure (divergence_registry_check, rebase_dry_run, baseline_drift_monthly_review) is unchanged — only the data was relabelled.
How we plan to keep this in sync going forward
An automated divergence-registry-check job runs on every fork MR and blocks unregistered divergence.
A daily rebase_dry_run cross-checks the registry against fresh upstream/release/2.0-rc.
A monthly baseline_drift_monthly_review job reports BASELINE-DRIFT rows that have converged with release.
A scripts/sync-upstream.sh --update-registry advisory check refuses zero exit when a planned merge contradicts the registry.
We are happy to coordinate review timing — please ping us in any of the linked PRs if a particular order works better for the maintainer team.
OpenSpec changes governing this epic (in-fork only)
These three OpenSpec changes live inside our fork (in a gitignored
openspec/tree) and govern the scope, freeze, and audit of this work:align-fork-with-upstream-rc— original 14-PR fork-alignment proposalfreeze-upstream-alignment-pr-scope— PR-scope freeze that pinned each PR to its current scopeaudit-and-sanitize-meitu-develop— divergence registry + governance overlay (CLA, body annotations, sync SOP)Reading order (suggested)
Stage 1: pluggable auth (RFC + 3 implementation PRs)
Reading order: RFC → #2430 → #2431 → #2432
feat(auth): add AuthProvider.authenticate_request optional hookfeat(auth): add TrustedHeaderAuthProvider for reverse-proxy deploymentsfeat(auth): wire authenticate_request into AuthMiddlewareStage 2: multi-replica infrastructure (umbrella RFC + 4 implementation PRs)
Reading order: RFC → #2433 → #2434 → #2453 → #2455
feat(stream_bridge): implement Redis backend for multi-replica SSE deliveryfeat(memory): add PostgresMemoryStorage and MongoMemoryStorage backendsfeat(thread-mapping): add persistence-backed user thread mappingfeat(model-feedback): add model usage and feedback countersStage 3: queued memory pipeline + follow-ups (3 PRs)
Reading order: #2454 → #2456 → #2459
chore(followup): align gateway compat and frontend validation(carries the BASELINE-DRIFT backports fromupstream/main)feat(memory): add queued memory update pipeline improvements(planned to be force-push split: BASELINE-DRIFT moved to chore(followup): align gateway compat and frontend validation #2454, Meitu-extension kept here)docs(memory): clarify memory pipeline extraction pathStage 4: capability-merged new PRs (8 open)
These PRs collect remaining
PUSH-classified divergent files into capability-coherent batches. All five planned theme PRs fromaudit-and-sanitize-meitu-developPhase 6 are now open as of 2026-04-23.feat(observability+agents): daily-rotating log + multi-tenant agent config. Audit A1 verified clean — all 7 files are realPUSH(no brand-strip / Meitu-internal leakage).feat(auth): pluggable OA / SSO frontend with env-driven configuration. Audit A2 finding: 23 of the 25 files in this PR are Meitu-OA-specific (oa-authnamespace, non-standard OAuth dialect withappid/wx_user_id/oauth2/authorize_new,DEERFLOW_POSTGRES_URLenv var,deerflow_oa_sessioncookie, brand template strings). Onlyfrontend/src/core/api/gateway-fetch.tsand its test are upstream-friendly after a small refactor (split out theisOaAuthEnabledimport). Per a downstream decision (audit-summary-for-review.mdDecision 2:leave_as_is), the PR is left open as-is for the maintainer team to accept or reject — we have not force-pushed a smaller scope. Treat the maintainer's decision as authoritative. The upstream-friendly subset has been re-extracted into PR-N7 (feat(frontend): pluggable Gateway SSO header injection + workspace polish (PR-N7, fork-alignment) #2475) below.9f20096b feat(model-feedback): wire per-call counters into model factoryalready pushed onto feat(model-feedback): add model usage and feedback counters #2455's branch. Audit A3 verified clean.feat(multi-tenant): backend skill+agent+runtime+gateway+lead_agent multi-tenant bundle. 27 backend paths threadinguser_id/effective_user_idthrough skills, agents, runtime, gateway routers, and the sandbox-provider data-mount flag. Validated on a composed branch with feat(auth): add TrustedHeaderAuthProvider for reverse-proxy deployments #2431 + feat(auth): wire authenticate_request into AuthMiddleware #2432 + feat(model-feedback): add model usage and feedback counters #2455 + feat(observability+agents): daily-rotating log + multi-tenant agent config #2473 merged: 283 targeted + 1417 broader tests pass. Depends-on: feat(auth): add TrustedHeaderAuthProvider for reverse-proxy deployments #2431, feat(auth): wire authenticate_request into AuthMiddleware #2432, feat(model-feedback): add model usage and feedback counters #2455, feat(observability+agents): daily-rotating log + multi-tenant agent config #2473.feat(frontend): plumb multi-tenant context through memory + threads + agents. Frontend half of the multi-tenant pivot — 8 PUSH paths (memory api/hooks, agent-card, thread hooks, settings page) + 1 substantive new i18n key (needChatThreadForMemory). Validated typecheck + lint + format + 9/9 tests on a composed branch with PR-N7 merged. Depends-on: feat(frontend): pluggable Gateway SSO header injection + workspace polish (PR-N7, fork-alignment) #2475, feat(multi-tenant): backend skill+agent+runtime+gateway+lead_agent multi-tenant bundle (27 paths) #2478.feat(middlewares): tighten 4 agent middlewares (LLM-error / loop-detection / summarization / title) + uploads polish. 7 backend paths. 47/47 unit + 421 middleware/lead_agent integration tests pass.feat(runtime+channels+tools): focused production-tested patches. 8 backend paths covering runtime event-store, journal, channels manager, MCP cache, present_file_tool. 128 targeted + 201 broader tests pass. Multi-tenant-flavored runtime files moved to PR-N4.feat(frontend): pluggable Gateway SSO header injection + workspace polish. 15 frontend paths PUSH — re-extracts the upstream-friendly subset of PR-N2 (feat(auth): pluggable OA / SSO frontend with env-driven configuration #2474) and decouples it from the Meitu-OA-specific imports via a generic credentials hook. 9/9 unit tests pass.Coverage
This epic covers everything our fork has carried on top of
release/2.0-rcthat we believe belongs upstream. The remainder of the fork divergence is internal-only (Matrix deployment manifests, brand strings, fork-internal docs, the Meitu GitLab CI pipeline, etc.) and is recorded in our internal divergence registry (six-class routing:PUSH/BASELINE-DRIFT/KEEP-V/KEEP-I/REVERT/DROP).Final empirical distribution of the 330 divergent paths between our
meitu/developandupstream/release/2.0-rc(post-Audit-B reclassification, 2026-04-23):PUSHKEEP-VBASELINE-DRIFTupstream/mainalready; will absorb naturally on next syncKEEP-I.gitlab-ci.yml,Dockerfile, brand strings)DROPREVERTHow we plan to keep this in sync going forward
divergence-registry-checkjob runs on every fork MR and blocks unregistered divergence.rebase_dry_runcross-checks the registry against freshupstream/release/2.0-rc.baseline_drift_monthly_reviewjob reportsBASELINE-DRIFTrows that have converged with release.scripts/sync-upstream.sh --update-registryadvisory check refuses zero exit when a planned merge contradicts the registry.We are happy to coordinate review timing — please ping us in any of the linked PRs if a particular order works better for the maintainer team.