Skip to content
Gatelet
GitHub

Development

Prerequisites

Section titled “Prerequisites”
  • Node.js v22+
  • npm

Setup

Section titled “Setup”
Terminal window
git clone https://github.com/hannesill/gatelet.git
cd gatelet
npm install

Development server

Section titled “Development server”
Terminal window
npm run dev

This starts both the API and the dashboard (Vite dev server) with hot reload.

Testing

Section titled “Testing”
Terminal window
npm test             # Run all tests
npm run test:watch   # Watch mode

The test suite includes 590 tests across 43 files covering:

  • Admin API routes and authentication
  • Database operations and encryption
  • Policy engine (constraints, mutations, parsing)
  • Provider implementations (Google Calendar, Outlook Calendar, Gmail, Outlook Mail)
  • MCP server pipeline (tool registry, parameter filtering, error sanitization)
  • Security edge cases (auth bypass, prototype pollution, rate limiting, audit integrity)
  • Content filters (subject blocking, domain blocking, PII redaction)

Building

Section titled “Building”
Terminal window
npm run build        # Build dashboard + API (tsup → dist/)
npm start            # Run production build

Docker

Section titled “Docker”
Terminal window
npm run docker:build
docker compose up -d

Project structure

Section titled “Project structure”
src/
  admin/       Admin API + routes (Hono on :4001)
  db/          SQLite + encrypted credential storage
  doctor/      Health checks
  mcp/         MCP server (Streamable HTTP on :4000)
  policy/      Policy engine (pure functions)
  providers/   Provider implementations
  config.ts    Environment configuration
  index.ts     Server entry point
  cli.ts       CLI entry point
dashboard/     React + Vite + Tailwind admin dashboard
website/       Astro + Starlight documentation site
tests/         Vitest test suite

Architecture notes

Section titled “Architecture notes”
  • Policy engine is pure functional — no side effects, easy to test
  • Admin API uses HonocreateAdminApp() is exported separately from startAdminServer() so tests can use app.request() without starting HTTP
  • Config uses getter/setterconfig.ADMIN_TOKEN is backed by a private _adminToken variable because vitest module caching can cause stale values across test files
  • Providers implement a common interfaceProvider with execute(), refreshCredentials(), tools array, and default policy
  • Database uses WAL mode — better concurrent read performance for audit queries