Raise guacamole memory 1Gi→2Gi to stop OOM mid-RDP-session
The Tomcat webapp idles near ~800Mi, so a 1Gi ceiling left almost no headroom. Opening an RDP session pushed RSS over 1Gi and the container was OOMKilled (exit ...
Extract benefit/award income (SSA, pension, child support)
Adds extraction prompts for SSA_AWARD / PENSION / CHILD_SUP (AI reads the gross monthly amount + a label), and stamps the OtherIncomeSource id deterministically...
Reconcile otherIncome.* facts into OtherIncome rows
Extends fact reconciliation with an otherIncome.* branch: award/benefit documents (Social Security, pension/retirement, child support) land a real OtherIncome r...
Auto-classify uploads to catch wrong-document uploads
A cheap LIGHT-tier "what is this document?" pass on the first page classifies the upload into a coarse family and compares it to the requirement's asserted type...
Extract 12-month bank statements + written VOE
Widens vision extraction to two more borrower doc types that reuse the existing reconciliation vocabulary (zero reconciliation risk): BANK12MO reads as an asset...
Multi-page PDF document extraction (Phase 2)
The vision path was image-URL only, so a borrower's multi-page PDF (bank statement, tax return) couldn't be read. Now: - VaultDocPublicController serves ?page=...
Full-res per-page PDF render for document extraction
Adds DocPageRenderService + POST /api/conversion/render-page (page N → PNG at 150 DPI, capped 300) and /page-count. This is the read-quality companion to the 30...
Rebuild against kamo-shared-library SSN encrypt-on-write
No SecurityService source change — this empty commit triggers the CI, which clones kamo-shared-library main at build time, so the deployed image picks up the ne...
Capture + encrypt full SSN on the borrower application
The application posture needs the borrower's REAL Social, not a last-4 (a lender can't do anything with 4 digits). Borrower.ssnEncrypted existed but was never w...
Optional ?phone= reverse lookup on GET /api/security/leads
The softphone CRM tab resolves an active caller number to a lead. Add an optional phone RequestParam that filters the org lead list by canonical (last-10-digit)...
Wire CRM Integration tab to real data
Replace the mock CRM tab with a live reverse-phone-lookup panel. - Resolve the active call / dialpad number to a CRM lead via leadsApi.searchByPhone (new ?pho...
Support "unblock forever" remote-image consent
Adds a wildcard consent (allowAll / isAlwaysAllowed) so a member can opt to display external images in every message. Reuses the existing consent table via a re...
Add "unblock forever" option for blocked external images
The external-images gate now offers two actions: Unblock (this message, as before) and Unblock forever, which displays external images in every message going fo...
A different preferred name forks a new lead
A genuinely different preferred name (compared case-insensitively with outer spacing trimmed) is a different person, so create a brand-new lead instead of renam...
Reach the borrower's OWN officer directly, no support-right gate
Drop the ACCEPT_SUPPORT_TICKETS requirement from assignToPreferredAgent: the borrower's assigned loan officer is reachable regardless of whether they're a confi...
Proxy GET /lo-presence to MediaService
The support-session proxy already forwards the raw body, so the merged widget's preferredAgentMemberId reaches MediaService untouched. Add the presence proxy so...
Direct-to-assigned-LO routing + LO presence endpoint
Powers the borrower portal's merged LO/chat widget: - **************** direct-assigns a public-chat ticket to a SPECIFIC agent (the borrower's assigned loan o...
Expose assigned-LO member id + phone for direct chat + presence
The merged LO/chat widget needs to (a) target the assigned officer directly in the borrower's live-support session and (b) query the officer's live presence. Bo...
Assign a loan officer to a NAME-ONLY lead (before email/phone)
The borrower portal already creates the lead the instant a name is given, but enterAssignmentPoolIfActionable kept a name-only lead OUT of the credit accept poo...
Load history via per-tab OTK path + retry/error UI; drop preview toggle
- Root cause of empty chat history on long-lived tabs: media proxy routes forwarded only the *** cookie (lapses ~30min) instead of the per-tab X-***-Token; ...
Stop putting message content into missed-message emails
Remove messagePreview computation, the ledger PREVIEW write, and the messagePreview template variable; drop the includePreview preference. Emails now carry send...
Inline-CID org logo (SVG->PNG) so it renders in Gmail; remove message content; preserve From-domain case
- FIX (security): notification emails carry no message body — remove messagePreview from template vars, ledger, samples and the settings toggle. - FIX (logo):...
Drop message-body preview paragraph from missed-message email templates
Security: notification emails no longer render any message content; the member signs in to read messages. Sender + count + CTA only.
Missed-message email deep links, auth-continuity stash, unread chat auto-popup, notification settings
DeepLinkToolBootstrap opens ?openChat/?openTicket tool windows (params survive the login round-trip via a sessionStorage stash captured pre-auth and preserved a...
Missed-message email notifications (chat + support) with per-source suppression
Durable NATS consumer chat-email-notifier on chat.session.> feeding a MESSAGE_EMAIL_NOTICES ledger (PENDING/SENT, per-sender for chat, per-ticket for support), ...
Editor sample variables for missed-message notification templates
Preview samples for MISSED_CHAT_MESSAGE and SUPPORT_TICKET_REPLY incl. raw vs html-escaped sender/title variants used by the canonical bodies.
Missed-message email notification ledger + canonical templates
MessageEmailNotice entity (MESSAGE_EMAIL_NOTICES, unique recipient+sourceKey+channel) with PENDING/SENT suppression states, repository incl. sudo-safe markRead/...
Update Microsoft 365 setup instructions for Graph app-only
The M365 help described registering a per-org Azure app (client secret, redirect URI) — stale: Kamo uses one platform-verified multi-tenant app, so customers ju...
Microsoft 365 mail via Microsoft Graph app-only (zero per-mailbox setup)
Microsoft 365 mail now reads/sends through Microsoft Graph app-only (Mail.ReadWrite/Mail.Send application permissions) instead of IMAP — one app credential cove...
GraphMessageIdMap entity for Microsoft 365 Graph mail id mapping
Maps opaque Microsoft Graph message ids to stable synthetic numeric UIDs per mailbox, so Graph mailboxes flow through the existing numeric-uid mail contract (co...
Raise memory 1Gi→2Gi; pod idled at ~900Mi and OOM-killed during background uploads
Bump GENERATOR_VERSION 7 — backfill GBIF fauna into all cities
The bird engine now consumes the fauna block, so backfill it everywhere: the fill job re-drains stale rows at 24/min (user-requested cities first), so real loca...
Sample locally-common birds from GBIF into city fauna
FaunaClient (mirrors PetrologyClient): GBIF occurrence facet on class Aves in a ~27km box around the city → top ~10 species by record count → resolve taxonomy (...
63 US-ecoregion signature flora overrides (fully populate the biomes)
Cities within a state looked the same because flora came from just 15 coarse biome defaults (+1 Mojave override). Now curated real signature species for 63 US e...
Crystalline/metamorphic basement classifies correctly (was VOLCANIC)
Macrostrat 'metamorphic and undivided crystalline (...may include volcanic...)' tripped the volcan substring; check metamorphic/crystalline before volcanic. Als...
Ridge petrology search to 25km, no relief gate
The gazetteer point often sits in the valley floor with the range 15-20km off; the 15km search + relief gate missed them (Yucca Valley returned alluvium despite...
Petrology reads the ridge bedrock, not the valley floor
A town centroid usually sits on valley ALLUVIUM while the mountains the scene draws are bedrock — so a granite-ringed desert town returned 'alluvium' and got no...
Petrology (Macrostrat) + roads (.trf) + waterfalls (.hyf) — level up the KamoUniverse systems
GLiM never downloaded (PANGAEA 404s; KamoUniverse itself falls back to default lithology), so petrology comes from the Macrostrat global geologic-map API: per-p...
Register mlos.notification JPA repos so SecurityService starts
EconsentService autowires DisclosureTextRepository **************** but that package was absent from @EnableJpaRepositories — the context failed to start, Crash...
City-scene sampler over the KamoUniverse earth tiles
- EdtTile: byte-exact reader for EDT4 tiles (Copernicus DEM + ESA WorldCover + WorldClim + HydroSHEDS + RESOLVE ecoregions + ocean mask), memory-mapped, offse...
Expose full geo fields + city-scene profile API
- geoip/me now returns **************** (already loaded by the single block+location lookup, previously discarded) — powers city scenes and client personali...
CitySceneProfile entity + GeoLite city-lookup indexes for city-based portal scenes
- CitySceneProfile (city_scene_profile): per-city environmental scene factors (terrain/relief/silhouette, climate/koppen, hydrology, RESOLVE ecoregion + flo...
E-consent with WRITTEN ESIGN Act text + the real credit-bureau adapter rail — no owner input required
E-CONSENT: full ESIGN Act §101(c) disclosure authored in-code (scope of consent, right to paper copies, right to withdraw + effect, contact upkeep, hardware/sof...
Prepare-signin authenticates on api.<root> — the auth path can't resolve the myloan.* alias
Same constraint as in-cluster login: provider resolution keys on the canonical api host, not the portal alias, so a correct password still 401'd.
AntPathRequestMatcher — immune to multi-servlet contexts
Belt-and-braces with the shared-lib SoapClientOnlyGuard (c4a3b2c): the 891c58c build raced the guard's push into shared-lib main and kept crash-looping on 'more...
Account bridge — email check, existing-user sign-in provisioning, portal registration
Owner flow: after the funnel captures full name + contact, the next step keys on EMAIL. /portal/account/check → exists?; /prepare-signin verifies the password t...
Rebuild for shared-lib servlet-bean guard (c4a3b2c)
The servlet guard must define the SERVLET bean — Boot conditions on the type, not the registration
f8bcc82's ServletRegistrationBean alone name-collided with the auto-config **************** WebServicesAutoConfiguration's bean is **************** Define the s...
Rebuild for shared-lib SoapClientOnlyGuard (f8bcc82) — servlet guard clears the crash-loop
Disabled MessageDispatcherServlet registration — kills the multi-servlet landmine for real
Removing the web-services STARTER (55eae0a) was not enough: spring-ws-core itself carries MessageDispatcherServlet, and Boot's WebServicesAutoConfiguration cond...