Closes the silent-deploy-rot gap caught by Phase 3n's triage. The
problem: a missing Gitea webhook left 11 commits stuck on an old
container while /healthz kept reporting 200 from the stale binary. With
no commit-level evidence on the wire, "deploy rolled" was unverifiable.
Mechanism:
- Dockerfile installs git, reads `git rev-parse --short HEAD` at build
time, injects via `-ldflags="-X main.gitCommit=<sha>"`. Works under
Dokploy's `git clone --depth 1` flow (the .git/ folder is in the
build context) and under plain `docker build .` (same). Local
`go run` falls back to "unknown".
- main.gitCommit assigns to web.Server.Version in main().
- /healthz now emits two lines: "ok" and "version: <sha>". Endpoint
remains unauthenticated so any worker / monitor can verify "deploy
rolled" without a session.
CLAUDE.md gets a mandatory "Post-deploy verification" section: after
every push, compare `git rev-parse --short HEAD` against
`curl /healthz | tail -1`. Mismatch = webhook broken; inspect Gitea
hook 172 (URL pattern `http://mlake.horse-ayu.ts.net:3000/api/deploy/
<refreshToken>` per the working webhooks on m/msbls.de + m/flexsiebels.de).
TestHealthzSurfacesVersion regression-guards the new line. Existing
TestHealthz updated to accept the multi-line body.
- web/static/manifest.webmanifest: name/short_name/start_url=/dashboard/
display=standalone/theme_color/background_color + three icons (192, 512,
512-maskable with ~12% safe-zone padding)
- web/static/sw.js: minimal SW — install caches /static/* shell assets,
fetch is network-first with cache fallback on GETs only, skips /mcp/
and non-GETs entirely. CACHE_NAME versioned for clean activate-time
prune.
- cmd/icongen: stdlib-only generator that produces the three PNG icons
from a stylised "p" monogram. Run once at brand-change, commit output.
- web.init() registers .webmanifest → application/manifest+json with
mime.AddExtensionType so Chrome accepts the manifest at all
- layout.tmpl + login.tmpl: manifest link, apple-touch-icon, theme-color,
apple-mobile-web-app-* metas, inline SW-register on load (silent on
failure — older browsers still work)
- design.md gets §"PWA install (Phase 3j)"; CLAUDE.md "Out of scope"
drops the Phase-3j line and adds push/background-sync as the
remaining Otto-PWA territory
- 4 new tests cover manifest MIME, sw.js delivery, all 3 icons, layout
meta tags
- viewport meta on layout.tmpl + login.tmpl (iOS won't render legibly without)
- two breakpoints: tablet (≤768px), phone (≤480px)
- chip strips: horizontal-scroll with sticky labels instead of wrapping
- tables → card lists: classify + bulk render as stacked cards on mobile
- forms: single column on phone; min 44px touch targets on buttons
- dashboard: cards already 1-col, polish for narrow widths; grid jumps to
2 columns at ≥1280px with stale card spanning both
- /graph: SVG scrolls inside .graph-canvas (max-width 100vw, max-height
75vh, overflow auto); "fit to screen" toggle flips natural vs viewport
- TestLayoutHasViewportMeta verifies every chrome-bearing route ships the
meta tag
- CLAUDE.md "Out of scope" drops mobile/Otto-PWA exclusion (head approved
on m/mAi#1861); replaced with native-PWA-install line for Phase 3j
- design.md adds §"Mobile responsiveness" with breakpoint + principle notes
- Drop the "Open design questions (Phase 1)" section — answered in
docs/design.md.
- Replace "Tech stack: TBD by inventor" with the actual stack
(Go + pgx + html/template + HTMX, msupabase schema projax, Dokploy).
- Replace "Worker preferences: inventor / coder shifts" with the
current state (PRD landed, Phase 1 implementation underway, Phase 2
and 3 deferred per docs/design.md).
- Point readers at docs/design.md as the live spec, and add a layout
map so a fresh agent knows where each concern lives.
No code touched; this is the last commit in the Phase 1 branch before
merge to main per head's review (msg #1775).
