[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-81733":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":9,"htmlUrl":10,"language":11,"languages":10,"totalLinesOfCode":10,"stars":12,"forks":13,"watchers":14,"openIssues":15,"contributorsCount":16,"subscribersCount":16,"size":16,"stars1d":17,"stars7d":18,"stars30d":19,"stars90d":16,"forks30d":16,"starsTrendScore":20,"compositeScore":21,"rankGlobal":10,"rankLanguage":10,"license":22,"archived":23,"fork":23,"defaultBranch":24,"hasWiki":23,"hasPages":23,"topics":25,"createdAt":10,"pushedAt":10,"updatedAt":26,"readmeContent":27,"aiSummary":28,"trendingCount":16,"starSnapshotCount":16,"syncStatus":29,"lastSyncTime":30,"discoverSource":31},81733,"mergeos","mergeos-bounties\u002Fmergeos","mergeos-bounties","AI-assisted software maintenance and bounty operating system for funding, reviewing, and paying MRG rewards.","https:\u002F\u002Fmergeos.shop",null,"Vue",41,43,31,7,0,1,4,11,3,4.93,"MIT License",false,"master",[],"2026-06-12 02:04:19","# MergeOS\n\n[![Build and deploy](https:\u002F\u002Fgithub.com\u002Fmergeos-bounties\u002Fmergeos\u002Factions\u002Fworkflows\u002Fdeploy.yml\u002Fbadge.svg?branch=master)](https:\u002F\u002Fgithub.com\u002Fmergeos-bounties\u002Fmergeos\u002Factions\u002Fworkflows\u002Fdeploy.yml?query=branch%3Amaster)\n[![GitHub stars](https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Fstars\u002Fmergeos-bounties\u002Fmergeos?style=flat&label=stars)](https:\u002F\u002Fgithub.com\u002Fmergeos-bounties\u002Fmergeos\u002Fstargazers)\n\nMergeOS is an AI-assisted software maintenance and bounty operating system. A customer funds a project, receives internal project tokens, and MergeOS turns the work into claimable tasks that can be completed by human contributors, AI agents, or hybrid teams.\n\nThis repository is the current MergeOS MVP: Go backend, Vue SSR frontend, project funding flow, bounty workspace generation, GitHub issue import, evidence attachments, notifications, admin review, and proof ledger.\n\n`scan\u002F` is the public MergeOS Scan explorer for `scan.mergeos.shop`. It reads the public ledger API and presents MRG token mints, escrow movements, task reserves, payouts, addresses, transaction hashes, and hash-chain proof in a BscScan-style interface.\n\n## Production\n\n- App: [https:\u002F\u002Fmergeos.shop](https:\u002F\u002Fmergeos.shop)\n- Admin: [https:\u002F\u002Futa.mergeos.shop](https:\u002F\u002Futa.mergeos.shop)\n- Scan explorer: [https:\u002F\u002Fscan.mergeos.shop](https:\u002F\u002Fscan.mergeos.shop)\n\n## Repository Documents\n\n- [README-INDEX.md](README-INDEX.md): docs map and bounty tracking index.\n- [BOUNTY-POLICY.md](BOUNTY-POLICY.md): bounty policy and reward rules.\n- [CONTRIBUTING.md](CONTRIBUTING.md): contributor setup, PR rules, tests, and bounty workflow.\n- [CODE_OF_CONDUCT.md](CODE_OF_CONDUCT.md): community behavior expectations and enforcement.\n- [SECURITY.md](SECURITY.md): private vulnerability reporting policy.\n- [SUPPORT.md](SUPPORT.md): support channels for bugs, features, bounties, and security.\n- [LICENSE](LICENSE): MIT license.\n- [Claim Token issue #1](https:\u002F\u002Fgithub.com\u002Fmergeos-bounties\u002Fmergeos\u002Fissues\u002F1): public bounty claim intake.\n\n## New Workflow\n\n1. The customer registers or logs in.\n2. The customer creates a new project or imports an existing repository.\n3. The customer funds escrow through PayPal, crypto, or the local development verifier.\n4. MergeOS records the funded project, mints internal `MRG` token credit, and creates a bounty workspace.\n5. The system splits the project into tasks with reward pools, worker type, agent suggestion, and acceptance criteria.\n6. Contributors claim available work and open PRs with implementation evidence.\n7. Maintainers review the PR, verify the work, merge valid changes, and release the token reward.\n\n## Product Scope\n\nMergeOS currently supports:\n\n- Customer auth with email\u002Fpassword bearer sessions.\n- GitHub App login that creates or links a MergeOS account to an MRG wallet.\n- Guest MRG wallet creation with BSC-style `0x...` addresses from MergeOS Scan.\n- Two environment modes: `local` and `production`.\n- Project creation with budget, payment method, attachments, and escrow status.\n- Local payment verification through `LOCAL-PAID`.\n- PayPal Orders v2 adapter.\n- EVM native or ERC-20 receipt verification.\n- GitHub open issue import with heuristic scoring.\n- GitHub reward aliases. If a worker has not linked a wallet yet, payouts can still target `github:username`; once linked, payouts route to the user's `0x...` wallet address.\n- Local git bounty workspaces or GitHub private bounty repos when `GITHUB_TOKEN` is configured.\n- Task reward allocation, worker kind, suggested agent type, and acceptance criteria.\n- Proof ledger entries with hash chaining.\n- SMTP notifications when configured, persisted notification records when SMTP is not configured.\n- Admin APIs for users, projects, tasks, attachments, notifications, ledger, and SSL review.\n\nRoadmap items include full AI codebase scanning, task dependency DAGs, automated PR verification, reputation scoring, fraud detection, and automatic real payout execution.\n\n## Stack\n\n- Backend: Go `net\u002Fhttp`\n- Storage: PostgreSQL when `DATABASE_URL` is set, with legacy JSON state fallback for local development\n- Frontend: Vue 3 + Vite SSR\n- Admin: Vue 3 + Vite SSR admin console\n- Scan: Vue 3 + Vite static explorer served from `scan.mergeos.shop`\n- Token symbol: `MRG` by default through `TOKEN_SYMBOL`\n- Bounty repos: local git under `BOUNTY_ROOT`, or GitHub private repos with `GITHUB_TOKEN`\n- Payments: local verifier, PayPal, EVM native\u002FERC-20 verifier\n\n## Local Testing\n\nUse Docker Compose for local testing. It starts PostgreSQL, the Go API, the Vue SSR frontend, the admin console, and the Scan explorer with the same wiring used by deployment.\n\nPrerequisites:\n\n- Docker Desktop or Docker Engine with the Compose plugin.\n- Local ports `5432`, `8080`, `5173`, `5174`, and `5175` available.\n\nStart everything:\n\n```powershell\ndocker compose up --build\n```\n\nOpen:\n\n- Frontend: `http:\u002F\u002F127.0.0.1:5173`\n- Admin: `http:\u002F\u002F127.0.0.1:5174`\n- Scan explorer: `http:\u002F\u002F127.0.0.1:5175`\n- API health: `http:\u002F\u002F127.0.0.1:8080\u002Fapi\u002Fhealth`\n- PostgreSQL: `127.0.0.1:5432`, database `mergeos_local`, user `mergeos`, password `mergeos`\n\nLocal test credentials:\n\n- Admin email: `admin@gmail.com`\n- Admin password: `Admin123`\n- Local payment reference: `LOCAL-PAID`\n\nUseful commands:\n\n```powershell\n# Stop containers but keep local Postgres and uploaded\u002Fbounty data volumes.\ndocker compose down\n\n# Reset all local Docker data and start from an empty PostgreSQL database.\ndocker compose down -v\ndocker compose up --build\n\n# Rebuild one service after changing its source.\ndocker compose up --build backend\ndocker compose up --build frontend\ndocker compose up --build admin\ndocker compose up --build scan\n```\n\nIf a host port is already busy, override only the published host port and keep the container port unchanged:\n\n```powershell\n$env:MERGEOS_BACKEND_PORT='18080'\n$env:MERGEOS_FRONTEND_PORT='15173'\n$env:MERGEOS_ADMIN_PORT='15174'\n$env:MERGEOS_SCAN_PORT='15175'\n$env:MERGEOS_POSTGRES_PORT='15432'\ndocker compose up --build\n```\n\nCompose storage:\n\n- `postgres-data`: PostgreSQL data.\n- `backend-data`: uploaded files, generated bounty repos, and optional legacy JSON import\u002Fexport path.\n\nThe backend runs in `MERGEOS_ENV=local`, sets `DATABASE_URL=postgres:\u002F\u002Fmergeos:mergeos@postgres:5432\u002Fmergeos_local?sslmode=disable`, disables SSL review calls for local tests, and runs the embedded PostgreSQL migrations automatically on startup.\n\nGitHub App user authorization for local testing is optional. To enable \"Continue with GitHub\" and wallet linking, create a GitHub App, enable user authorization, and set these before starting Compose:\n\n```powershell\n$env:MERGEOS_GITHUB_APP_ID='your-app-id'\n$env:MERGEOS_GITHUB_APP_CLIENT_ID='your-github-app-client-id'\n$env:MERGEOS_GITHUB_APP_CLIENT_SECRET='your-github-app-client-secret'\ndocker compose up --build\n```\n\nFor local callbacks, add these authorization callback URLs to the GitHub App as needed:\n\n- `http:\u002F\u002F127.0.0.1:5173\u002F`\n- `http:\u002F\u002F127.0.0.1:5175\u002F`\n\nGoogle login is also optional. To enable \"Continue with Google\", create a Google OAuth client and set these before starting Compose:\n\n```powershell\n$env:MERGEOS_GOOGLE_CLIENT_ID='your-google-client-id'\n$env:MERGEOS_GOOGLE_CLIENT_SECRET='your-google-client-secret'\ndocker compose up --build\n```\n\nFor local Google callbacks, add `http:\u002F\u002F127.0.0.1:5173\u002Fapi\u002Fauth\u002Fgoogle\u002Fcallback`.\n\n## Manual Service Development\n\nManual runs are optional and only useful when debugging one service outside Docker. For normal local testing, use Docker Compose above so PostgreSQL, ports, API proxying, and migrations stay consistent.\n\nRun the backend first:\n\n```powershell\ncd backend\nCopy-Item .env.local.example .env.local\ngo run .\u002Fcmd\u002Fmergeos\n```\n\nThen run the service you are changing:\n\n```powershell\ncd frontend\nCopy-Item .env.local.example .env.local\nnpm install\nnpm run local\n```\n\nAdmin:\n\n```powershell\ncd admin\nCopy-Item .env.local.example .env.local\nnpm install\nnpm run local\n```\n\nScan:\n\n```powershell\ncd scan\nCopy-Item .env.local.example .env.local\nnpm install\nnpm run dev\n```\n\n## Production\n\nBuild the SSR frontend:\n\n```powershell\ncd frontend\nCopy-Item .env.production.example .env.production\nnpm install\nnpm run build:production\n```\n\nBuild the admin frontend:\n\n```powershell\ncd admin\nCopy-Item .env.production.example .env.production\nnpm install\nnpm run build\n```\n\nBuild the scan explorer:\n\n```powershell\ncd scan\nCopy-Item .env.production.example .env.production\nnpm install\nnpm run build\n```\n\nStart the backend:\n\n```powershell\ncd backend\nCopy-Item .env.production.example .env.production\n$env:MERGEOS_ENV='production'\ngo run .\u002Fcmd\u002Fmergeos\n```\n\nStart the SSR frontend:\n\n```powershell\ncd frontend\nnpm run production\n```\n\nBefore real deployment, set production values in `backend\u002F.env.production`: `ADMIN_PASSWORD`, PayPal credentials, crypto verifier settings, GitHub repo settings, SMTP settings, receiver addresses, and SSL review domains. The GitHub deploy workflow builds `scan\u002F`, serves it statically from nginx, proxies `\u002Fapi\u002F` to the MergeOS backend, and requests certificates for `mergeos.shop`, `uta.mergeos.shop`, and `scan.mergeos.shop`.\n\n## Environment Reference\n\nBackend examples:\n\n- `backend\u002F.env.local.example`\n- `backend\u002F.env.production.example`\n- `backend\u002F.env.example`\n\nFrontend examples:\n\n- `frontend\u002F.env.local.example`\n- `frontend\u002F.env.production.example`\n\nAdmin examples:\n\n- `admin\u002F.env.local.example`\n- `admin\u002F.env.production.example`\n\nScan examples:\n\n- `scan\u002F.env.local.example`\n- `scan\u002F.env.production.example`\n\nImportant backend variables:\n\n- `MERGEOS_ENV`: `local` or `production`\n- `DATABASE_URL`: PostgreSQL connection string\n- `MERGEOS_STATE_PATH`: legacy JSON state path or import source\n- `TOKEN_SYMBOL`: token label shown by the app, default `MRG`\n- `PRIMARY_DOMAIN`, `ADMIN_DOMAIN`, `SCAN_DOMAIN`: production hostnames, defaulting to `mergeos.shop`, `uta.mergeos.shop`, and `scan.mergeos.shop`\n- `PLATFORM_FEE_BPS`: platform fee basis points\n- `DEV_PAYMENT_ENABLED` and `DEV_PAYMENT_CODE`: local verifier\n- `PAYPAL_ENV`, `PAYPAL_CLIENT_ID`, `PAYPAL_CLIENT_SECRET`: PayPal Orders v2\n- `CRYPTO_RPC_URL`, `CRYPTO_RECEIVER`, `CRYPTO_ASSET`, `CRYPTO_TOKEN_CONTRACT`: crypto verifier\n- `GITHUB_TOKEN`, `GITHUB_OWNER`, `GITHUB_OWNER_TYPE`: backend runtime values for GitHub bounty repo creation and admin PR merge actions\n- `MERGEOS_GITHUB_TOKEN`: Docker Compose and GitHub Actions secret name that maps into backend `GITHUB_TOKEN`; use a personal access token with repo write access, not the automatic GitHub Actions token\n- `GEMINI_API_KEYS`: comma-separated Gemini API key pool used to seed the initial LLM key table; admins can add Gemini, OpenAI, Anthropic, Groq, OpenRouter, DeepSeek, and Mistral tokens later in the admin UI, while request counts and key status are tracked in the database\n- `GEMINI_REVIEW_MODEL`: legacy Gemini reviewer model default. Admin settings can now select the active LLM provider and model at runtime.\n- `GEMINI_REVIEW_WEBHOOK_SECRET`: GitHub webhook secret used to verify `X-Hub-Signature-256`\n- `GEMINI_REVIEW_MAX_PATCH_BYTES`: max patch context sent to Gemini, default `70000`\n- `GITHUB_APP_ID`, `GITHUB_APP_CLIENT_ID`, `GITHUB_APP_CLIENT_SECRET`: backend runtime values for GitHub App user authorization, login, and MRG wallet linking\n- `MERGEOS_GITHUB_APP_ID`, `MERGEOS_GITHUB_APP_CLIENT_ID`, `MERGEOS_GITHUB_APP_CLIENT_SECRET`: Docker Compose and GitHub Actions secret names that map into the backend runtime values\n- `GITHUB_OAUTH_CLIENT_ID`, `GITHUB_OAUTH_CLIENT_SECRET`: legacy backend aliases still accepted for older OAuth configuration\n- `GOOGLE_CLIENT_ID`, `GOOGLE_CLIENT_SECRET`: backend runtime values for Google login\n- `MERGEOS_GOOGLE_CLIENT_ID`, `MERGEOS_GOOGLE_CLIENT_SECRET`: Docker Compose and GitHub Actions secret names that map into Google login runtime values\n- `BOUNTY_ROOT`: local child bounty repo root\n- `UPLOAD_ROOT`: attachment storage root\n- `SMTP_HOST`, `SMTP_PORT`, `SMTP_USERNAME`, `SMTP_PASSWORD`, `SMTP_FROM`: email notifications\n\n## API Surface\n\nPublic:\n\n- `GET \u002Fapi\u002Fhealth`\n- `GET \u002Fapi\u002Fconfig`\n- `GET \u002Fapi\u002Fpublic\u002Fledger`\n- `GET \u002Fapi\u002Fpublic\u002Fmarketplace`\n- `POST \u002Fapi\u002Fpublic\u002Frepo\u002Fissues`\n- `POST \u002Fapi\u002Fintegrations\u002Fgithub\u002Fpr-review` GitHub webhook receiver for automated LLM PR review. Configure GitHub Webhooks with Payload URL `https:\u002F\u002Futa.mergeos.shop\u002Fapi\u002Fintegrations\u002Fgithub\u002Fpr-review`, Content type `application\u002Fjson`, the same secret as `GEMINI_REVIEW_WEBHOOK_SECRET`, and events `Pull requests` plus `Issue comments`.\n\nAuth:\n\n- `POST \u002Fapi\u002Fauth\u002Fregister`\n- `POST \u002Fapi\u002Fauth\u002Flogin`\n- `POST \u002Fapi\u002Fauth\u002Fgithub`\n- `GET \u002Fapi\u002Fauth\u002Fme`\n- `POST \u002Fapi\u002Fauth\u002Flogout`\n\nWallet:\n\n- `POST \u002Fapi\u002Fwallets`\n- `GET \u002Fapi\u002Fwallets\u002F{address}`\n- `POST \u002Fapi\u002Fwallets\u002Flink`\n\nCustomer:\n\n- `POST \u002Fapi\u002Fpayments\u002Fpaypal\u002Forders`\n- `POST \u002Fapi\u002Fuploads`\n- `GET \u002Fapi\u002Fuploads\u002F{id}\u002Fdownload`\n- `POST \u002Fapi\u002Fprojects`\n- `GET \u002Fapi\u002Fprojects`\n- `GET \u002Fapi\u002Ftasks`\n- `POST \u002Fapi\u002Ftasks\u002F{id}\u002Faccept`\n- `GET \u002Fapi\u002Fnotifications`\n- `GET \u002Fapi\u002Fledger`\n\nAdmin:\n\n- `GET \u002Fapi\u002Fadmin\u002Fsummary`\n- `GET \u002Fapi\u002Fadmin\u002Fusers`\n- `GET \u002Fapi\u002Fadmin\u002Fprojects`\n- `GET \u002Fapi\u002Fadmin\u002Ftasks`\n- `GET \u002Fapi\u002Fadmin\u002Fnotifications`\n- `GET \u002Fapi\u002Fadmin\u002Fattachments`\n- `GET \u002Fapi\u002Fadmin\u002Fledger`\n- `GET \u002Fapi\u002Fadmin\u002Fssl`\n- `POST \u002Fapi\u002Fadmin\u002Fssl\u002Freview`\n- `GET \u002Fapi\u002Fadmin\u002Fgemini\u002Fkeys`\n- `POST \u002Fapi\u002Fadmin\u002Fgemini\u002Fkeys`\n- `PATCH \u002Fapi\u002Fadmin\u002Fgemini\u002Fkeys\u002F{id}`\n- `POST \u002Fapi\u002Fadmin\u002Fgemini\u002Fkeys\u002F{id}\u002Ftest`\n- `GET \u002Fapi\u002Fadmin\u002Fgemini\u002Fwebhooks`\n","MergeOS 是一个基于AI辅助的软件维护和赏金操作系统，用于资助、审核并支付MRG奖励。其核心功能包括项目资金管理、任务分配给人类贡献者或AI代理、以及通过智能合约自动处理支付流程。技术上，MergeOS采用Go语言构建后端服务，并使用Vue实现服务器端渲染的前端界面，支持从GitHub导入问题、证据附件上传、通知发送及管理员审查等功能。适用于需要外包开发工作、希望通过众包方式解决软件维护问题的企业或个人开发者场景中。",2,"2026-06-11 04:06:09","CREATED_QUERY"]