The column holds OpenRouter's delete handle (data.hash) used to revoke a key,
not a hash of the key. Migration 0003 renames the column; update repository,
admin revoke action, and the reconcile script.
Persist the raw key (migration 0002 adds openrouter_key) so users can copy it
again from the dashboard instead of a one-time-only reveal; admin console shows
the full key. Retain openrouter_key_hash for revocation. Keys remain in the
unexposed llmapikey schema (deny-all RLS, server-only direct connection).
- activate() stores the raw key; dashboard + generate-key return the full key.
- key-display warning updated (no longer shown-once).
- admin table renders the full key.
Self-contained GitHub OAuth (Arctic) with a stateless HS256 signed-cookie
session (jose); Supabase is downgraded to the Postgres host only.
- Origin-derived callback (no redirect-uri env); read:user scope; access
token read once at callback and discarded (no token storage).
- CSRF via single-use state cookie; open-redirect guard on next.
- getCurrentGithubIdentity() now reads the session cookie, preserving the
numeric provider_id identity contract for admin/dashboard/mint.
- Remove @supabase/ssr + @supabase/supabase-js, middleware, and the
supabase-dependent rls test; delete lib/supabase clients.
- replace stale plan-reference comments with intent-describing ones
- move inline nav style to a .site-nav CSS class
- drop dummy placeholder return in generate-key resolveConflict
tiennm99