Skip to content

feat(settings): expose FRED/iWenCai API keys and visualize Feature Flags in Settings UI#300

Open
skloxo wants to merge 6 commits into
HKUDS:mainfrom
skloxo:contrib/feat-settings-ui
Open

feat(settings): expose FRED/iWenCai API keys and visualize Feature Flags in Settings UI#300
skloxo wants to merge 6 commits into
HKUDS:mainfrom
skloxo:contrib/feat-settings-ui

Conversation

@skloxo

@skloxo skloxo commented Jun 24, 2026

Copy link
Copy Markdown
Contributor

This PR exposes essential environment parameters (like macroeconomic data keys and semantic screening keys) to the frontend Settings page, and adds status indicator cards for core runtime components.

Key Changes

  • Added Settings input fields for FRED API key and iWenCai API key in Settings.tsx.
  • Introduced /settings/feature-flags API endpoint on the backend to detect active environment flags.
  • Rendered status indicator cards for Shell Tools, Scheduler, and Session Runtime in the settings UI.
  • Restored standard secure behavior in _is_local_client (reverting the insecure ip.is_private check in developer mode).

Verification

  • Tested settings API actions using uv run pytest agent/tests/test_settings_api.py (100% success).
  • Built frontend cleanly (npm run build completed with zero errors).

skloxo added 6 commits June 24, 2026 10:20
@skloxo
chore: update uv.lock to fix zigzag build Cython dependency issue
149198a
@skloxo
fix: default shell tools on for authenticated API and local MCP SSE
2e7a0fb 
The bash/background_run tools were silently disabled when using SSE/API
transport because include_shell_tools defaulted to False for non-stdio
modes. This forced operators to discover and set
VIBE_TRADING_ENABLE_SHELL_TOOLS=1 — an undocumented requirement.

- api_server.py: trust authenticated requests (API_AUTH_KEY present) by
  default; explicit VIBE_TRADING_ENABLE_SHELL_TOOLS still overrides.
- mcp_server.py: default to True for SSE when no explicit env var is
  set (MCP SSE is a local integration layer). Explicit env var still
  overrides for production hardening.

Fixes the common deployment pitfall where agents lose bash capability
after switching from stdio to SSE/API transport.
@skloxo
feat: expose hidden env vars in settings page (iwencai key, fred key,…
3652aea 
… feature flags)
@skloxo
feat: add translation keys for extra Settings page fields
e83dfe1
@skloxo
feat: translate new Settings fields (iwencai, fred, feature flags)
c607091
@skloxo
Merge remote-tracking branch 'upstream/main' into contrib/feat-settin…
fb4bb98 
…gs-ui
@warren618

warren618 commented Jun 27, 2026

Copy link
Copy Markdown
Collaborator

Thanks for the PR — we’ve seen it and will review as soon as we can.

For settings changes, we’ll check that secrets stay local/config-driven, UI strings go through i18n, and feature-flag display does not expose anything unsafe or misleading.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@skloxo @warren618