fix: merge main into feat/issue-177 and fix cache key pattern

- Resolve merge conflicts: redisRateLimit import, fetchChannelCached
  error handling, discordCache comments, reputationCache parallel
  invalidation, and redis.test.js async reset
- Fix cache key inconsistency: leaderboard:${guildId}* → leaderboard:${guildId}:*
  in config-listeners.js (caught by Greptile code review)
- Update config-listeners.test.js to match corrected key pattern
- Use Promise.allSettled for parallel cache invalidation in reputationCache

Author: BillChirico

.gitattributes

@@ -0,0 +1,18 @@
+# Enforce LF line endings for all text files.
+# Overrides core.autocrlf on Windows checkouts.
+* text=auto eol=lf
+
+# Explicitly mark binary formats as binary (no line-ending conversion).
+*.png binary
+*.jpg binary
+*.jpeg binary
+*.gif binary
+*.ico binary
+*.woff binary
+*.woff2 binary
+*.ttf binary
+*.eot binary
+*.otf binary
+*.zip binary
+*.tar binary
+*.gz binary

README.md

@@ -200,6 +200,11 @@ All configuration lives in `config.json` and can be updated at runtime via the `
 | `logging.channels.timeouts` | string | Channel for timeout events |
 | `logging.channels.purges` | string | Channel for purge events |
 | `logging.channels.locks` | string | Channel for lock/unlock events |
+| `protectRoles.enabled` | boolean | Enable role protection (prevents moderating admins/mods/owner) |
+| `protectRoles.includeServerOwner` | boolean | Include server owner in protection |
+| `protectRoles.includeAdmins` | boolean | Include admin role in protection |
+| `protectRoles.includeModerators` | boolean | Include moderator role in protection |
+| `protectRoles.roleIds` | string[] | Additional role IDs to protect from moderation |
 
 **Escalation thresholds** are objects with: `warns` (count), `withinDays` (window), `action` ("timeout" or "ban"), `duration` (for timeout, e.g. "1h").
 

config.json

@@ -1,14 +1,18 @@
 {
   "ai": {
     "enabled": true,
-    "systemPrompt": "You are Volvox Bot, the friendly AI assistant for the Volvox developer community Discord server.\n\nYou're witty, snarky (but warm), and deeply knowledgeable about programming, software development, and tech.\n\nKey traits:\n- Helpful but not boring\n- Can roast people lightly when appropriate\n- Enthusiastic about cool tech and projects\n- Supportive of beginners learning to code\n- Concise - this is Discord, not an essay\n\nIf asked about your own infrastructure, model, or internals — say you don't know the specifics\nand suggest asking a server admin. Don't guess or speculate about what you run on.\n\nCRITICAL RULES:\n- NEVER type @everyone or @here — these ping hundreds of people\n- NEVER use mass mention pings under any circumstances\n- If you need to address the group, say \"everyone\" or \"folks\" without the @ symbol\n\nKeep responses under 2000 chars. Use Discord markdown when helpful.",
+    "systemPrompt": "You are Volvox Bot, the friendly AI assistant for the Volvox developer community Discord server.\n\nYou're witty, snarky (but warm), and deeply knowledgeable about programming, software development, and tech.\n\nKey traits:\n- Helpful but not boring\n- Can roast people lightly when appropriate\n- Enthusiastic about cool tech and projects\n- Supportive of beginners learning to code\n- Concise - this is Discord, not an essay\n\nIf asked about your own infrastructure, model, or internals \u2014 say you don't know the specifics\nand suggest asking a server admin. Don't guess or speculate about what you run on.\n\nCRITICAL RULES:\n- NEVER type @everyone or @here \u2014 these ping hundreds of people\n- NEVER use mass mention pings under any circumstances\n- If you need to address the group, say \"everyone\" or \"folks\" without the @ symbol\n\nKeep responses under 2000 chars. Use Discord markdown when helpful.",
     "channels": [],
     "historyLength": 20,
     "historyTTLDays": 30,
     "threadMode": {
       "enabled": false,
       "autoArchiveMinutes": 60,
       "reuseWindowMinutes": 30
+    },
+    "blockedChannelIds": [],
+    "feedback": {
+      "enabled": false
     }
   },
   "triage": {
@@ -43,7 +47,7 @@
   "welcome": {
     "enabled": true,
     "channelId": "1438631182379253814",
-    "message": "Welcome to Volvox, {user}! 🌱 You're member #{memberCount}!\n\nWe're a community of developers building cool stuff together. Feel free to introduce yourself!\n\nCheck out <#1446317676988465242> to see what we're working on, share your projects in <#1444154471704957069>, or just say hi in <#1438631182379253814>.\n\nHave questions? Just ask — we're here to help. 💚",
+    "message": "Welcome to Volvox, {user}! \ud83c\udf31 You're member #{memberCount}!\n\nWe're a community of developers building cool stuff together. Feel free to introduce yourself!\n\nCheck out <#1446317676988465242> to see what we're working on, share your projects in <#1444154471704957069>, or just say hi in <#1438631182379253814>.\n\nHave questions? Just ask \u2014 we're here to help. \ud83d\udc9a",
     "dynamic": {
       "enabled": true,
       "timezone": "America/New_York",
@@ -104,6 +108,13 @@
         "purges": null,
         "locks": null
       }
+    },
+    "protectRoles": {
+      "enabled": true,
+      "roleIds": [],
+      "includeAdmins": true,
+      "includeModerators": true,
+      "includeServerOwner": true
     }
   },
   "memory": {
@@ -213,19 +224,19 @@
     "activityBadges": [
       {
         "days": 90,
-        "label": "👑 Legend"
+        "label": "\ud83d\udc51 Legend"
       },
       {
         "days": 30,
-        "label": "🌳 Veteran"
+        "label": "\ud83c\udf33 Veteran"
       },
       {
         "days": 7,
-        "label": "🌿 Regular"
+        "label": "\ud83c\udf3f Regular"
       },
       {
         "days": 0,
-        "label": "🌱 Newcomer"
+        "label": "\ud83c\udf31 Newcomer"
       }
     ]
   },
@@ -271,4 +282,4 @@
     "enabled": false,
     "maxPerUser": 25
   }
-}
+}

migrations/003_ai_feedback.cjs

@@ -0,0 +1,40 @@
+/**
+ * Migration 003: AI Response Feedback Table
+ *
+ * Stores 👍/👎 reactions from users on AI-generated messages.
+ * Per-user per-message deduplication via UNIQUE constraint.
+ * Gated behind ai.feedback.enabled in config (opt-in per guild).
+ */
+
+/** @param {import('node-pg-migrate').MigrationBuilder} pgm */
+exports.up = (pgm) => {
+  pgm.sql(`
+    CREATE TABLE IF NOT EXISTS ai_feedback (
+      id SERIAL PRIMARY KEY,
+      message_id TEXT NOT NULL,
+      channel_id TEXT NOT NULL,
+      guild_id TEXT NOT NULL,
+      user_id TEXT NOT NULL,
+      feedback_type TEXT NOT NULL CHECK (feedback_type IN ('positive', 'negative')),
+      created_at TIMESTAMP NOT NULL DEFAULT NOW(),
+      UNIQUE(message_id, user_id)
+    )
+  `);
+
+  pgm.sql(`
+    CREATE INDEX IF NOT EXISTS idx_ai_feedback_guild_id
+    ON ai_feedback(guild_id)
+  `);
+
+  pgm.sql(`
+    CREATE INDEX IF NOT EXISTS idx_ai_feedback_message_id
+    ON ai_feedback(message_id)
+  `);
+};
+
+/** @param {import('node-pg-migrate').MigrationBuilder} pgm */
+exports.down = (pgm) => {
+  pgm.sql(`DROP INDEX IF EXISTS idx_ai_feedback_message_id`);
+  pgm.sql(`DROP INDEX IF EXISTS idx_ai_feedback_guild_id`);
+  pgm.sql(`DROP TABLE IF EXISTS ai_feedback`);
+};

src/api/index.js

@@ -6,6 +6,7 @@
 import { Router } from 'express';
 import { auditLogMiddleware } from './middleware/auditLog.js';
 import { requireAuth } from './middleware/auth.js';
+import aiFeedbackRouter from './routes/ai-feedback.js';
 import auditLogRouter from './routes/auditLog.js';
 import authRouter from './routes/auth.js';
 import communityRouter from './routes/community.js';
@@ -36,6 +37,9 @@ router.use('/config', requireAuth(), auditLogMiddleware(), configRouter);
 // (mounted before guilds to handle /:id/members/* before the basic guilds endpoint)
 router.use('/guilds', requireAuth(), auditLogMiddleware(), membersRouter);
 
+// AI Feedback routes — require API secret or OAuth2 JWT
+router.use('/guilds/:id/ai-feedback', requireAuth(), auditLogMiddleware(), aiFeedbackRouter);
+
 // Conversation routes — require API secret or OAuth2 JWT
 // (mounted before guilds to handle /:id/conversations/* before the catch-all guild endpoint)
 router.use('/guilds/:id/conversations', requireAuth(), auditLogMiddleware(), conversationsRouter);

src/api/routes/ai-feedback.js

@@ -0,0 +1,208 @@
+/**
+ * AI Feedback Routes
+ * Endpoints for reading AI response feedback (👍/👎) stats.
+ *
+ * Mounted at /api/v1/guilds/:id/ai-feedback
+ */
+
+import { Router } from 'express';
+import { getFeedbackStats, getFeedbackTrend, getRecentFeedback } from '../../modules/aiFeedback.js';
+import { rateLimit } from '../middleware/rateLimit.js';
+import { requireGuildAdmin, validateGuild } from './guilds.js';
+
+const router = Router({ mergeParams: true });
+
+/** Rate limiter: 60 requests / 1 min per IP */
+const feedbackRateLimit = rateLimit({ windowMs: 60 * 1000, max: 60 });
+
+// ── GET /stats ─────────────────────────────────────────────────────────────
+
+/**
+ * @openapi
+ * /guilds/{id}/ai-feedback/stats:
+ *   get:
+ *     tags:
+ *       - AI Feedback
+ *     summary: Get AI feedback statistics
+ *     description: Returns aggregate 👍/👎 feedback counts and daily trend for a guild.
+ *     security:
+ *       - ApiKeyAuth: []
+ *       - BearerAuth: []
+ *     parameters:
+ *       - in: path
+ *         name: id
+ *         required: true
+ *         schema:
+ *           type: string
+ *         description: Guild ID
+ *       - in: query
+ *         name: days
+ *         schema:
+ *           type: integer
+ *           default: 30
+ *           minimum: 1
+ *           maximum: 90
+ *         description: Number of days for the trend window
+ *     responses:
+ *       "200":
+ *         description: Feedback statistics
+ *         content:
+ *           application/json:
+ *             schema:
+ *               type: object
+ *               properties:
+ *                 positive:
+ *                   type: integer
+ *                 negative:
+ *                   type: integer
+ *                 total:
+ *                   type: integer
+ *                 ratio:
+ *                   type: integer
+ *                   nullable: true
+ *                   description: Positive feedback percentage (0–100), or null if no feedback
+ *                 trend:
+ *                   type: array
+ *                   items:
+ *                     type: object
+ *                     properties:
+ *                       date:
+ *                         type: string
+ *                         format: date
+ *                       positive:
+ *                         type: integer
+ *                       negative:
+ *                         type: integer
+ *       "401":
+ *         $ref: "#/components/responses/Unauthorized"
+ *       "403":
+ *         $ref: "#/components/responses/Forbidden"
+ *       "429":
+ *         $ref: "#/components/responses/RateLimited"
+ *       "500":
+ *         $ref: "#/components/responses/ServerError"
+ *       "503":
+ *         $ref: "#/components/responses/ServiceUnavailable"
+ */
+router.get(
+  '/stats',
+  feedbackRateLimit,
+  requireGuildAdmin,
+  validateGuild,
+  async (req, res, next) => {
+    try {
+      const guildId = req.params.id;
+
+      let days = 30;
+      if (req.query.days !== undefined) {
+        const parsed = Number.parseInt(req.query.days, 10);
+        if (!Number.isNaN(parsed) && parsed >= 1 && parsed <= 90) {
+          days = parsed;
+        }
+      }
+
+      const [stats, trend] = await Promise.all([
+        getFeedbackStats(guildId),
+        getFeedbackTrend(guildId, days),
+      ]);
+
+      res.json({
+        ...stats,
+        trend,
+      });
+    } catch (err) {
+      next(err);
+    }
+  },
+);
+
+// ── GET /recent ──────────────────────────────────────────────────────────────
+
+/**
+ * @openapi
+ * /guilds/{id}/ai-feedback/recent:
+ *   get:
+ *     tags:
+ *       - AI Feedback
+ *     summary: Get recent feedback entries
+ *     description: Returns the most recent feedback entries for a guild (newest first).
+ *     security:
+ *       - ApiKeyAuth: []
+ *       - BearerAuth: []
+ *     parameters:
+ *       - in: path
+ *         name: id
+ *         required: true
+ *         schema:
+ *           type: string
+ *         description: Guild ID
+ *       - in: query
+ *         name: limit
+ *         schema:
+ *           type: integer
+ *           default: 25
+ *           maximum: 100
+ *     responses:
+ *       "200":
+ *         description: Recent feedback entries
+ *         content:
+ *           application/json:
+ *             schema:
+ *               type: object
+ *               properties:
+ *                 feedback:
+ *                   type: array
+ *                   items:
+ *                     type: object
+ *                     properties:
+ *                       id:
+ *                         type: integer
+ *                       messageId:
+ *                         type: string
+ *                       channelId:
+ *                         type: string
+ *                       userId:
+ *                         type: string
+ *                       feedbackType:
+ *                         type: string
+ *                         enum: [positive, negative]
+ *                       createdAt:
+ *                         type: string
+ *                         format: date-time
+ *       "401":
+ *         $ref: "#/components/responses/Unauthorized"
+ *       "403":
+ *         $ref: "#/components/responses/Forbidden"
+ *       "429":
+ *         $ref: "#/components/responses/RateLimited"
+ *       "500":
+ *         $ref: "#/components/responses/ServerError"
+ *       "503":
+ *         $ref: "#/components/responses/ServiceUnavailable"
+ */
+router.get(
+  '/recent',
+  feedbackRateLimit,
+  requireGuildAdmin,
+  validateGuild,
+  async (req, res, next) => {
+    try {
+      const guildId = req.params.id;
+
+      let limit = 25;
+      if (req.query.limit !== undefined) {
+        const parsed = Number.parseInt(req.query.limit, 10);
+        if (!Number.isNaN(parsed) && parsed >= 1 && parsed <= 100) {
+          limit = parsed;
+        }
+      }
+
+      const feedback = await getRecentFeedback(guildId, limit);
+      res.json({ feedback });
+    } catch (err) {
+      next(err);
+    }
+  },
+);
+
+export default router;

src/api/utils/configValidation.js

@@ -17,6 +17,7 @@ export const CONFIG_SCHEMA = {
       enabled: { type: 'boolean' },
       systemPrompt: { type: 'string' },
       channels: { type: 'array' },
+      blockedChannelIds: { type: 'array' },
       historyLength: { type: 'number' },
       historyTTLDays: { type: 'number' },
       threadMode: {
@@ -110,6 +111,16 @@ export const CONFIG_SCHEMA = {
           },
         },
       },
+      protectRoles: {
+        type: 'object',
+        properties: {
+          enabled: { type: 'boolean' },
+          roleIds: { type: 'array' },
+          includeAdmins: { type: 'boolean' },
+          includeModerators: { type: 'boolean' },
+          includeServerOwner: { type: 'boolean' },
+        },
+      },
     },
   },
   triage: {