eliott/worldmonitor
1
0
Fork 0
mirror of https://github.com/koala73/worldmonitor.git synced 2026-04-25 17:14:57 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
e40b2eb47e480f223e96113c8a1c5d3268edd579
worldmonitor/docs/DESKTOP_CONFIGURATION.md
Elie Habib 07d0803014 Add WTO trade policy intelligence service with tariffs, flows, and barriers (#364) 
* feat: add WTO trade policy service with 4 RPC endpoints and TradePolicyPanel

Adds a new `trade` RPC domain backed by the WTO API (apiportal.wto.org) for
trade policy intelligence: quantitative restrictions, tariff timeseries,
bilateral trade flows, and SPS/TBT barrier notifications.

New files: 6 protos, generated server/client, 4 server handlers + shared WTO
fetch utility, client service with circuit breakers, TradePolicyPanel (4 tabs),
and full API key infrastructure (Rust keychain, sidecar, runtime config).

Panel registered for FULL and FINANCE variants with data loader integration,
command palette entry, status panel tracking, data freshness monitoring, and
i18n across all 17 locale files.

https://claude.ai/code/session_01HZXyoQp6xK3TX8obDzv6Ye

* chore: update package-lock.json

https://claude.ai/code/session_01HZXyoQp6xK3TX8obDzv6Ye

* fix: move tab click listener to constructor to prevent leak

The delegated click handler was added inside render(), which runs
on every data update (4× per load cycle). Since the listener targets
this.content (a persistent container), each call stacked a duplicate
handler. Moving it to the constructor binds it exactly once.

https://claude.ai/code/session_01HZXyoQp6xK3TX8obDzv6Ye

---------

Co-authored-by: Claude <noreply@anthropic.com>
2026-02-25 10:50:12 +00:00

2.1 KiB
Raw Blame History

Desktop Runtime Configuration Schema

World Monitor desktop now uses a runtime configuration schema with per-feature toggles and secret-backed credentials.

Secret keys

The desktop vault schema (Rust SUPPORTED_SECRET_KEYS) supports the following 22 keys:

  • GROQ_API_KEY
  • OPENROUTER_API_KEY
  • FRED_API_KEY
  • EIA_API_KEY
  • FINNHUB_API_KEY
  • CLOUDFLARE_API_TOKEN
  • ACLED_ACCESS_TOKEN
  • URLHAUS_AUTH_KEY
  • OTX_API_KEY
  • ABUSEIPDB_API_KEY
  • NASA_FIRMS_API_KEY
  • WINGBITS_API_KEY
  • WS_RELAY_URL
  • VITE_WS_RELAY_URL
  • VITE_OPENSKY_RELAY_URL
  • OPENSKY_CLIENT_ID
  • OPENSKY_CLIENT_SECRET
  • AISSTREAM_API_KEY
  • OLLAMA_API_URL
  • OLLAMA_MODEL
  • WORLDMONITOR_API_KEY — gates cloud fallback access (min 16 chars)
  • WTO_API_KEY

Note: UC_DP_KEY exists in the TypeScript RuntimeSecretKey union but is not in the desktop Rust keychain or sidecar.

Feature schema

Each feature includes:

  • id: stable feature identifier.
  • requiredSecrets: list of keys that must be present and valid.
  • enabled: user-toggle state from runtime settings panel.
  • available: computed (enabled && requiredSecrets valid).
  • fallback: user-facing degraded behavior description.

Desktop secret storage

Desktop builds persist secrets in OS credential storage through Tauri command bindings backed by Rust keyring entries (world-monitor service namespace).

Secrets are not stored in plaintext files by the frontend.

Degradation behavior

If required secrets are missing/disabled:

  • Summarization: Groq/OpenRouter disabled, browser model fallback.
  • FRED / EIA / Finnhub: economic, oil analytics, and stock data return empty state.
  • Cloudflare / ACLED: outages/conflicts return empty state.
  • Cyber threat feeds (URLhaus, OTX, AbuseIPDB): cyber threat layer returns empty state.
  • NASA FIRMS: satellite fire detection returns empty state.
  • Wingbits: flight enrichment disabled, heuristic-only flight classification remains.
  • AIS / OpenSky relay: live tracking features are disabled cleanly.
  • WorldMonitor API key: cloud fallback is blocked; desktop operates local-only.
Reference in New Issue View Git Blame Copy Permalink