Issue Tracker
A project management application for tracking issues, sprints, epics, and time logs. Built for the script-development organization.
Tech Stack
- Backend: Laravel 12, PHP 8.4
- Frontend: Vue 3, TypeScript
- Database: MySQL
- Default branch:
development
Compliance
The script-development organization operates under ISO 27001 certification. This means:
- User activities and security events must be logged (Audit Logging)
- Records must be tamper-resistant (hash chains on audit logs)
- Information must be classified and protected appropriately
Architecture Overview
The backend follows the Action pattern — all business logic lives in final readonly action classes. The full pipeline is:
Controller → FormRequest → DTO → Action → ModelAuthorization uses a two-tier model:
- Route level: Model-based permissions via
->can()middleware - Action level: Interaction-based permissions via
Gate::authorize()
Key Decisions
| Decision | Status | Impact |
|---|---|---|
| Audit Logging | Accepted | Per-entity audit tables with tamper detection |
| Two-Tier Authorization | Accepted | Split route-level and action-level permissions |
| AI Interaction Logging | Proposed | Logging for AI calls, MCP tools, and AI runs |
| Multi-Tenancy | Proposed | Database-per-tenant for 3 companies |
| Cascade Deletion | Accepted | Explicit deletion, no database cascading |
| ResourceData Pattern | Proposed | Replacing JsonResource with typed DTOs |
AI Integration
The application integrates AI in three ways:
- Story generation — Generates user stories via Claude API
- MCP server — Exposes 12 tools for external AI actors (Claude Code, IDE integrations) to interact with issues, comments, and time logs via OAuth tokens
- AI run tracking — GitHub Actions AI runs report completion with cost and outcome data