Skip to content

[dashboards] Add Open Brain dashboard#57

Closed
headcrest wants to merge 1 commit intoNateBJones-Projects:mainfrom
headcrest:add-open-brain-dashboard
Closed

[dashboards] Add Open Brain dashboard#57
headcrest wants to merge 1 commit intoNateBJones-Projects:mainfrom
headcrest:add-open-brain-dashboard

Conversation

@headcrest
Copy link
Copy Markdown
Contributor

@headcrest headcrest commented Mar 16, 2026

What this adds

  • Adds a new dashboard contribution under dashboards/open-brain-dashboard/.
  • Includes a working SvelteKit dashboard with authentication, thought search/list/capture workflows, and MCP proxying.
  • Includes contribution metadata in metadata.json and full setup documentation in README.md.

What it requires

  • Working Open Brain instance
  • Node.js 18+
  • Supabase URL + anon key
  • Open Brain MCP function URL + MCP access key

Validation

  • I copied the existing working dashboard from my local Open Brain web app and verified it runs locally after copying .env.local.
  • Confirmed required contribution files and categories are present and documented.

@headcrest headcrest mentioned this pull request Mar 16, 2026
Closed
matthallett1
matthallett1 reviewed Mar 17, 2026
View reviewed changes
Copy link
Copy Markdown
Collaborator

@matthallett1 matthallett1 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review — PR #57: Open Brain Dashboard

Great first dashboard contribution, @headcrest! This is well-structured SvelteKit with good patterns. A few items to address before merge:

✅ What's good

  • Clean architecture: Server-side auth via hooks.server.ts, MCP calls proxied through /api/mcp so keys stay server-side — exactly right
  • Proper SSR auth guard: +layout.server.ts redirects unauthenticated users to /signin
  • Follows contribution template: metadata.json, README.md, credential tracker, troubleshooting — all present
  • .env.example with both private + public fallback: Nice progressive approach for MCP credentials
  • Dark theme with custom design tokens: Looks intentional and polished
  • Svelte 5 runes: Modern $state(), $derived(), $props() — not legacy stores
  • Custom favicons: Light/dark mode variants, SVG brain icon — nice touch

🟡 Should fix before merge

  1. package.json name is "web" — should be "open-brain-dashboard" to avoid confusion if someone runs npm install in a monorepo context

  2. MCP key in query string (?key=${mcpKey}) — this leaks the key into server logs, Vercel function logs, and any proxy. Should use Authorization: Bearer ${mcpKey} header instead. Check whether your MCP function accepts this (the standard OB1 edge functions do via Authorization header check).

  3. robots.txt allows all crawling — this is a personal dashboard with auth. Should be:

    User-agent: *
Disallow: /

  4. package-lock.json is 3,350 lines — consider adding it to .gitignore for the contribution (users will regenerate it with npm install). This inflates the diff and makes review harder. Or at minimum, the name field inside it should match the package.json name.

  5. app.d.ts still references PUBLIC_MCP_URL / PUBLIC_MCP_KEY in ImportMetaEnv — but the preferred path uses private env vars (MCP_URL / MCP_KEY). The type declaration should reflect the preferred approach, or note both.

  6. Indentation inconsistency in +server.ts (MCP proxy) — line 56 has misaligned return json(:

    if (!mcpUrl || !mcpKey) {
return json(  // ← should be indented

💡 Nice to have (not blocking)

  • No signup flow — the README says "sign in with an existing user" but doesn't explain how to create one. A one-liner about creating a user in Supabase Dashboard would help.
  • crypto.randomUUID() for thought IDs — these are ephemeral client-side IDs since the MCP response doesn't return the DB UUID. Fine for display, but worth a comment explaining why.
  • Response parsing is fragileparseSearchResults and parseListResults parse formatted text output from MCP tools. If the MCP tool output format changes, these break silently. Consider a comment noting this coupling.
  • No error toast/notification — errors only go to console.error. A simple visible error banner would improve UX.
  • svelte.config.js hardcodes nodejs22.x — Vercel may not support this runtime yet on all plans. Consider nodejs20.x for broader compatibility.

Verdict

Approve with changes — fix items 1-6 above, then this is ready to merge. This is exactly the kind of contribution the dashboards directory was waiting for. 🎉

cc @matthallett1

@matthallett1
Copy link
Copy Markdown
Collaborator

matthallett1 commented Mar 17, 2026

Hey @headcrest — we're excited to get this merged. Rather than send it back and forth, we're going to make the 6 fixes from the review directly on your branch and test locally. Will push the changes back once verified. Thanks for the great contribution!

matthallett1 added a commit that referenced this pull request Mar 17, 2026
@matthallett1 @claude
[dashboards] Review fixes for open-brain-dashboard (#57)
20dc22b 
Addresses 6 items from code review:
1. Package name "web" → "open-brain-dashboard"
2. MCP key moved from query string to Authorization header
3. robots.txt disallows crawling (personal dashboard)
4. package-lock.json removed from git + gitignored
5. app.d.ts: MCP env vars optional, comment explains preferred vs fallback
6. Indentation fix in MCP proxy error return

svelte-check: 0 errors, 0 warnings
vite build: clean production build

Original dashboard by @headcrest.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
matthallett1 added a commit that referenced this pull request Mar 17, 2026
@matthallett1 @claude
[dashboards] Review fixes for open-brain-dashboard (#57)
c4ba86f 
Addresses 6 items from code review:
1. Package name "web" → "open-brain-dashboard"
2. MCP key moved from query string to Authorization header
3. robots.txt disallows crawling (personal dashboard)
4. package-lock.json removed from git + gitignored
5. app.d.ts: MCP env vars optional, comment explains preferred vs fallback
6. Indentation fix in MCP proxy error return

svelte-check: 0 errors, 0 warnings
vite build: clean production build

Original dashboard by @headcrest.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@matthallett1 matthallett1 mentioned this pull request Mar 17, 2026
Closed
3 tasks
justfinethanku pushed a commit that referenced this pull request Mar 19, 2026
@matthallett1 @claude @justfinethanku
[dashboards] Review fixes for open-brain-dashboard (#57)
bb64e6a 
Addresses 6 items from code review:
1. Package name "web" → "open-brain-dashboard"
2. MCP key moved from query string to Authorization header
3. robots.txt disallows crawling (personal dashboard)
4. package-lock.json removed from git + gitignored
5. app.d.ts: MCP env vars optional, comment explains preferred vs fallback
6. Indentation fix in MCP proxy error return

svelte-check: 0 errors, 0 warnings
vite build: clean production build

Original dashboard by @headcrest.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@justfinethanku justfinethanku mentioned this pull request Mar 19, 2026
Merged
4 tasks
@justfinethanku
Copy link
Copy Markdown
Collaborator

justfinethanku commented Mar 19, 2026

Combined into PR #83 along with the fixes from #66. Thanks for the dashboard @headcrest — the foundation is solid.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@matthallett1 matthallett1 matthallett1 left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@headcrest @matthallett1 @justfinethanku