{"id":51145341,"url":"https://github.com/magnexis/signalnest","last_synced_at":"2026-06-26T02:04:00.943Z","repository":{"id":356955700,"uuid":"1234743337","full_name":"magnexis/signalnest","owner":"magnexis","description":"SignalNest is a premium personal internet intelligence workspace for monitoring the modern internet without turning the product into a chatbot. It combines signal boards, trackers, change detection, alerts, research vaults, developer APIs, custom skills, and operational dashboards into one dense, polished application.","archived":false,"fork":false,"pushed_at":"2026-05-10T15:52:16.000Z","size":2331,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-06-13T00:23:16.846Z","etag":null,"topics":["api","cli","dockerfile","html","javascript","release","site","typescript"],"latest_commit_sha":null,"homepage":"","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/magnexis.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-05-10T15:30:30.000Z","updated_at":"2026-05-10T15:52:20.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/magnexis/signalnest","commit_stats":null,"previous_names":["theworker02/signalnest","magnexis/signalnest"],"tags_count":1,"template":false,"template_full_name":null,"purl":"pkg:github/magnexis/signalnest","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/magnexis%2Fsignalnest","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/magnexis%2Fsignalnest/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/magnexis%2Fsignalnest/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/magnexis%2Fsignalnest/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/magnexis","download_url":"https://codeload.github.com/magnexis/signalnest/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/magnexis%2Fsignalnest/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34799574,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-26T02:00:06.560Z","response_time":106,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["api","cli","dockerfile","html","javascript","release","site","typescript"],"created_at":"2026-06-26T02:03:57.752Z","updated_at":"2026-06-26T02:04:00.917Z","avatar_url":"https://github.com/magnexis.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# SignalNest\n\n![TypeScript](https://img.shields.io/badge/TypeScript-5.9-3178c6?logo=typescript\u0026logoColor=white)\n![React](https://img.shields.io/badge/React-19-61dafb?logo=react\u0026logoColor=111)\n![Vite](https://img.shields.io/badge/Vite-7-646cff?logo=vite\u0026logoColor=white)\n![Fastify](https://img.shields.io/badge/Fastify-5-111827?logo=fastify\u0026logoColor=white)\n![License](https://img.shields.io/badge/License-Apache%202.0-blue)\n![Status](https://img.shields.io/badge/Status-local%20prototype-cyan)\n\nSignalNest is a premium personal internet intelligence workspace for monitoring the modern internet without turning the product into a chatbot. It combines signal boards, trackers, change detection, alerts, research vaults, developer APIs, custom skills, and operational dashboards into one dense, polished application.\n\nThe product is designed for people who need to notice meaningful changes early: price shifts, release notes, website diffs, outages, weather alerts, public notices, GitHub activity, social movement, cybersecurity signals, and API responses.\n\n## Contents\n\n- [Product Vision](#product-vision)\n- [UI Screenshots](#ui-screenshots)\n- [Feature Map](#feature-map)\n- [Architecture](#architecture)\n- [Project Structure](#project-structure)\n- [Requirements](#requirements)\n- [Quick Start](#quick-start)\n- [Environment Files](#environment-files)\n- [Scripts](#scripts)\n- [API CLI](#api-cli)\n- [Release Artifacts](#release-artifacts)\n- [Deployment Notes](#deployment-notes)\n- [API Surface](#api-surface)\n- [Marketplace And Custom Skills](#marketplace-and-custom-skills)\n- [Developer Console](#developer-console)\n- [Documentation Routes](#documentation-routes)\n- [Security Notes](#security-notes)\n- [Database And Monitoring](#database-and-monitoring)\n- [Testing](#testing)\n- [Project Policy](#project-policy)\n- [License](#license)\n\n## Product Vision\n\nSignalNest is not a social network, a generic productivity board, or a mock analytics shell. The core unit of the product is a **signal**: a meaningful change captured from a source the user cares about.\n\nExamples of signals include:\n\n- A competitor pricing page changes.\n- A tracked API starts returning a different JSON field.\n- A GitHub repository publishes a new release.\n- A city alert feed posts a new emergency notice.\n- A product comes back in stock.\n- A weather source reports severe conditions.\n- A status page moves from operational to degraded.\n- A public document or policy page changes language.\n\nSignals can be collected by trackers, marketplace skills, API integrations, custom scripts, or manual research. Once captured, they can be routed into boards, alerts, timelines, maps, vault entries, and analytics views.\n\nThe interface is intentionally dark, dense, keyboard friendly, and operational. The design inspiration sits closer to Linear, Arc, Raycast, Vercel, Bloomberg-style dashboards, and modern security tooling than to a traditional SaaS landing page.\n\n## UI Screenshots\n\n### Landing Page\n\nThe landing page introduces SignalNest with a cinematic product preview and direct routes into the app, sign in, signup, pricing, and documentation flows.\n\n![SignalNest landing page desktop screenshot](docs/screenshots/landing-desktop.png)\n\n### Workspace Dashboard\n\nThe main app dashboard presents monitoring health, active signals, operational panels, and quick access into the platform routes.\n\n![SignalNest dashboard desktop screenshot](docs/screenshots/dashboard-desktop.png)\n\n### Skill Marketplace\n\nThe marketplace includes searchable signal packs, animated previews, install actions, free extension policy, installed skills, and a custom skill builder.\n\n![SignalNest skill marketplace desktop screenshot](docs/screenshots/skill-marketplace-desktop.png)\n\n### Developer Console\n\nThe developer console includes API keys, webhooks, request logs, usage, documentation links, and API pricing entry points.\n\n![SignalNest developer console desktop screenshot](docs/screenshots/developers-desktop.png)\n\n## Feature Map\n\n| Area | Purpose |\n| --- | --- |\n| Landing | Introduces the platform and previews real app screens. |\n| Dashboard | Summarizes workspace health, signal activity, and active systems. |\n| Monitoring | Creates and manages tracker-like signal sources. |\n| Change Engine | Shows website, text, price, and outage detection workflows. |\n| Signal Map | Visualizes related entities with graph-based interaction. |\n| Research Vault | Stores links, notes, screenshots, saved research, and tags. |\n| Alerts | Creates and reviews threshold or status-based alert rules. |\n| Workspace | Demonstrates multi-panel operational layouts. |\n| Analytics | Shows usage, activity, signal distribution, and trend views. |\n| Settings | Controls theme, density, sound, notifications, shortcuts, and layout preferences. |\n| Security | Summarizes account and session safety concepts. |\n| Skills | Hosts the marketplace and custom skill builder. |\n| Developers | Provides API keys, webhooks, request logs, usage, docs, and pricing. |\n| Docs | Provides multi-page API and developer documentation. |\n| Auth | Provides login and signup routes. |\n\n## Architecture\n\nSignalNest is a TypeScript monorepo with three npm workspaces:\n\n- `frontend`: React, Vite, Tailwind, Framer Motion, Zustand, TanStack Query, D3, React Flow, and Lucide React.\n- `backend`: Node.js, Fastify, Zod, security plugins, rate limiting, WebSockets, metrics, PostgreSQL wiring, and Redis wiring.\n- `shared`: `@signalnest/sdk`, an ESM SDK package with a terminal CLI.\n\nThe current project is a functional local prototype. The UI, routes, local state flows, API foundation, SDK, CLI, release artifacts, documentation pages, and tests are present. A full production deployment still needs durable database persistence, background workers, billing fulfillment, hardened auth, and real hosted secret management before accepting customers.\n\n## Project Structure\n\n```text\nsignalnest/\n├── .github/          GitHub workflow and repository automation files\n├── backend/          Fastify API workspace\n├── database/         SQL schema, indexes, retention, and seed data\n├── docker/           Container support files\n├── docs/             API, architecture, deployment, and production docs\n├── frontend/         React/Vite application workspace\n├── infrastructure/   Infrastructure notes and deployment support\n├── monitoring/       Metrics and dashboard support assets\n├── nginx/            Reverse proxy configuration\n├── release/          Generated release archives and checksums\n├── scripts/          Environment, seed, cleanup, and release scripts\n├── shared/           SDK and CLI workspace\n└── tests/            API, repository, SDK, security, and utility tests\n```\n\nGenerated build outputs, local logs, environment files, QA screenshots, and release staging files are intentionally ignored by Git.\n\n## Requirements\n\n- Node.js `22` or newer.\n- npm with workspace support.\n- A modern browser for the frontend.\n- PowerShell on Windows for ZIP artifact generation.\n- `zip` on macOS/Linux for ZIP artifact generation.\n- Optional PostgreSQL for database script usage.\n- Optional Redis for cache and coordination wiring.\n- Optional Docker Desktop for compose-based infrastructure.\n\n## Quick Start\n\n```bash\nnpm install\ncp frontend/.env.example frontend/.env\ncp backend/.env.example backend/.env\nnpm run dev\n```\n\nOpen the frontend at:\n\n```text\nhttp://127.0.0.1:5173\n```\n\nCheck API health at:\n\n```text\nhttp://127.0.0.1:4040/api/health\n```\n\nThe root `npm run dev` command starts the frontend and backend together. Use `Ctrl+C` to stop both processes.\n\n## Environment Files\n\nSignalNest uses split environment files so browser-visible values and server-only secrets do not get mixed.\n\n| File | Purpose |\n| --- | --- |\n| `.env` | Root pointer/local convenience file only. Do not store production secrets here. |\n| `frontend/.env` | Frontend Vite values that may be exposed to the browser. |\n| `frontend/.env.example` | Committed frontend environment template. |\n| `backend/.env` | Server-only values such as database URLs, Redis URLs, JWT secrets, and billing URLs. |\n| `backend/.env.example` | Committed backend environment template. |\n\nImportant rules:\n\n- Do not commit `.env` files.\n- Do not place backend secrets in `frontend/.env`.\n- Do not expose JWT secrets, database URLs, Redis URLs, or hosted billing secrets to the frontend.\n- Use separate secrets for development, staging, and production.\n- Rotate local secrets before any public deployment.\n\n## Scripts\n\n### Root Scripts\n\n| Command | Description |\n| --- | --- |\n| `npm run dev` | Starts frontend and backend together. |\n| `npm run dev:frontend` | Starts only the Vite frontend. |\n| `npm run dev:backend` | Starts only the Fastify API. |\n| `npm run build` | Builds SDK, frontend, and backend. |\n| `npm run typecheck` | Runs TypeScript checks across all workspaces. |\n| `npm run lint` | Runs frontend ESLint. |\n| `npm test` | Runs the Node test suite. |\n| `npm run api -- help` | Prints CLI help. |\n| `npm run check:env` | Validates environment readiness. |\n| `npm run db:seed` | Runs the database seed helper. |\n| `npm run clean` | Removes local generated artifacts. |\n| `npm run release` | Builds and packages release artifacts. |\n| `npm run release:artifacts` | Packages artifacts from existing build output. |\n\n### Frontend Scripts\n\n```bash\nnpm run dev --workspace frontend\nnpm run build --workspace frontend\nnpm run preview --workspace frontend\nnpm run typecheck --workspace frontend\nnpm run lint --workspace frontend\n```\n\nThe frontend build output is `frontend/dist`. The site release artifact packages this output as `public/`.\n\n### Backend Scripts\n\n```bash\nnpm run dev --workspace backend\nnpm run build --workspace backend\nnpm run start --workspace backend\nnpm run typecheck --workspace backend\n```\n\nThe backend build output is `backend/dist`. The API release artifact packages this compiled output with backend metadata, SQL assets, and documentation.\n\n### SDK Scripts\n\n```bash\nnpm run build --workspace @signalnest/sdk\nnpm run typecheck --workspace @signalnest/sdk\n```\n\nThe SDK build output is `shared/dist`. The SDK release artifact packages the compiled SDK and CLI entrypoint.\n\n## API CLI\n\nThe CLI talks to the backend API from a terminal.\n\n```bash\nnpm run api -- health\nnpm run api -- trackers list --limit 20\nnpm run api -- trackers create --title \"Competitor pricing\" --kind website --source https://example.com/pricing\nnpm run api -- trackers refresh --id TRACKER_ID\nnpm run api -- trackers archive --id TRACKER_ID\nnpm run api -- alerts list\nnpm run api -- alerts create --name \"High severity move\" --condition \"severity = high\" --priority high\nnpm run api -- init-env\nnpm run api -- docs\n```\n\nThe CLI reads these environment variables:\n\n```bash\nSIGNALNEST_API_URL=http://127.0.0.1:4040/api\nSIGNALNEST_API_KEY=sn_live_key_replace_me\n```\n\nTo link the CLI locally:\n\n```bash\nnpm run build --workspace @signalnest/sdk\nnpm link --workspace @signalnest/sdk\nsignalnest health\n```\n\n## Release Artifacts\n\nRun:\n\n```bash\nnpm run release\n```\n\nThis builds the SDK, frontend, and backend, then writes release files into `release/`.\n\n| Artifact | Contents |\n| --- | --- |\n| `signalnest-*-site.zip` | Static frontend build, nginx config, deployment docs, production checklist, license, and README. |\n| `signalnest-*-api.zip` | Compiled Fastify API, backend package metadata, backend env template, SQL assets, API docs, architecture docs, Dockerfile, license, and README. |\n| `signalnest-*-sdk-cli.zip` | Compiled SDK, CLI executable entry, package metadata, SDK README, and license. |\n| `release-manifest.json` | Machine-readable summary of generated artifacts. |\n| `SHA256SUMS.txt` | SHA-256 checksum list for archive verification. |\n\nUse `npm run release:artifacts` only when build outputs already exist and you only need to repackage them.\n\n## Deployment Notes\n\n### Site Artifact\n\n1. Unzip the site artifact.\n2. Serve the `public/` directory with a static web server.\n3. Configure SPA fallback so application routes return `index.html`.\n4. Use the included `nginx/` config as a starting point.\n5. Use HTTPS, compression, and long cache headers for hashed assets.\n6. Keep HTML cache headers short so deployments roll forward cleanly.\n\n### API Artifact\n\n1. Unzip the API artifact.\n2. Install production dependencies in the backend package context.\n3. Configure `backend/.env`.\n4. Run database setup if PostgreSQL is enabled.\n5. Start the server with `node backend/dist/server.js`.\n6. Place the API behind a reverse proxy.\n7. Use strict CORS origins, secure cookies, real JWT secrets, and production rate limits.\n\n## API Surface\n\n| Method | Path | Purpose |\n| --- | --- | --- |\n| `GET` | `/api/health` | Returns API health. |\n| `GET` | `/api/metrics` | Returns operational metrics. |\n| `GET` | `/api/trackers` | Lists trackers. |\n| `POST` | `/api/trackers` | Creates a tracker. |\n| `POST` | `/api/trackers/:id/refresh` | Refreshes one tracker. |\n| `POST` | `/api/trackers/:id/archive` | Archives one tracker. |\n| `GET` | `/api/alerts` | Lists alert rules. |\n| `POST` | `/api/alerts` | Creates an alert rule. |\n| `POST` | `/api/auth/login` | Handles local login behavior. |\n| `POST` | `/api/auth/register` | Handles signup behavior. |\n| `POST` | `/api/checkout/skill` | Creates a hosted skill checkout response when configured. |\n| `POST` | `/api/checkout/developer-subscription` | Creates developer subscription checkout when configured. |\n\nSee `docs/API.md` for deeper API notes.\n\n## Marketplace And Custom Skills\n\nThe marketplace installs free signal packs into local workspace state. These skills can add monitors, alert rules, vault notes, and workflow shortcuts.\n\nCurrent marketplace concepts include:\n\n- API connector skills that model calls to external REST APIs.\n- Weather API skills that compare multi-provider conditions.\n- Price watcher skills for retail, SaaS, hotels, flights, hardware, subscriptions, tickets, and markets.\n- Security, civic, legal, infrastructure, research, and local monitoring packs.\n\nThe custom skill builder supports:\n\n- Skill name.\n- Skill goal.\n- Trigger style.\n- JavaScript, Python, and C# examples.\n- A code box for custom implementation logic.\n- A local security scan before the skill can be saved.\n- Vault-note storage for saved scripts.\n\nThe security scanner blocks obvious harmful patterns, but it is a guardrail rather than a production sandbox. Production custom code execution should use true isolation, resource limits, audit logging, and dependency controls.\n\n## Developer Console\n\nThe developer area includes:\n\n- Overview cards.\n- API key generation.\n- One-time API secret reveal behavior.\n- Subscription gating after the first API key.\n- Webhook generation.\n- Request logs.\n- Usage and analytics panels.\n- Environment variable guidance.\n- API documentation links.\n- API pricing at `/app/pricing-api`.\n\n## Documentation Routes\n\n| Route | Purpose |\n| --- | --- |\n| `/app/developers/docs` | Documentation overview. |\n| `/app/developers/docs/quickstart` | First API request walkthrough. |\n| `/app/developers/docs/authentication` | Auth and API key guidance. |\n| `/app/developers/docs/api-keys` | API key management. |\n| `/app/developers/docs/webhooks` | Webhook setup and events. |\n| `/app/developers/docs/trackers` | Tracker API usage. |\n| `/app/developers/docs/alerts` | Alert API usage. |\n| `/app/developers/docs/workspaces` | Workspace concepts. |\n| `/app/developers/docs/change-detection` | Change detection guide. |\n| `/app/developers/docs/research-vault` | Vault guide. |\n| `/app/developers/docs/skills` | Skills and marketplace guide. |\n| `/app/developers/docs/sdk` | SDK usage. |\n| `/app/developers/docs/cli` | Terminal CLI usage. |\n| `/app/developers/docs/pagination` | Pagination conventions. |\n| `/app/developers/docs/rate-limits` | Rate limit behavior. |\n| `/app/developers/docs/errors` | Error response conventions. |\n| `/app/developers/docs/changelog` | API changelog. |\n| `/app/developers/docs/api-reference` | API reference. |\n\n## Security Notes\n\nThe backend uses Fastify security plugins, secure headers, request validation, rate limiting, CORS configuration, compression, CSRF protection hooks, WebSocket support, and typed token helpers.\n\nBefore public deployment:\n\n- Replace development secrets.\n- Use a production identity provider or hardened auth implementation.\n- Store API secrets encrypted.\n- Verify webhook signatures.\n- Use strict CORS origins.\n- Add durable audit logging.\n- Add background worker isolation.\n- Add true sandboxing for user-provided code.\n- Review CSP and cookie behavior.\n\nSee `SECURITY.md` for the current security reporting stance.\n\n## Database And Monitoring\n\nThe database assets model the expected relational foundation:\n\n- Users\n- Workspaces\n- Boards\n- Trackers\n- Alerts\n- Snapshots\n- Notifications\n- Sessions\n- Feeds\n- Saved items\n- Analytics\n- Settings\n\nSQL assets live in `database/`:\n\n- `001_core_indexes.sql`\n- `retention.sql`\n- `seed.sql`\n\nOperational health should be checked through `/api/health`, and metrics should be scraped from `/api/metrics`. Production deployments should also monitor database availability, Redis availability, worker throughput, webhook retries, alert dedupe behavior, and release checksum traceability.\n\n## Testing\n\nRun these before releasing:\n\n```bash\nnpm run typecheck\nnpm run lint\nnpm test\nnpm run build\nnpm run release\n```\n\nFor UI changes, also verify desktop, mobile, deep links, route transitions, keyboard flows, marketplace interactions, developer docs, and browser console output.\n\nFor API changes, verify request logs, health checks, metrics, CLI behavior, SDK behavior, and tests in `tests/`.\n\n## Project Policy\n\nSignalNest is not currently seeking outside contributions. Pull requests, feature requests, and external security submissions may not be reviewed or triaged.\n\nSee:\n\n- `CONTRIBUTING.md`\n- `SECURITY.md`\n\n## License\n\nSignalNest is licensed under the Apache License 2.0. See `LICENSE` for the complete license text.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmagnexis%2Fsignalnest","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmagnexis%2Fsignalnest","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmagnexis%2Fsignalnest/lists"}