- payments/src/main.rs: fail-fast on BEECEPTOR_URL and DATABASE_URL
- gateway/src/main.rs: fail-fast on all service URLs and CORS URLs
- users/src/handlers/ai.rs: fail-fast on LEADS_SERVICE_URL
- leads/src/main.rs: fail-fast on OLLAMA_BASE_URL and OLLAMA_CHAT_MODEL
- storage/Cargo.toml: replace rustls-aws-lc with rustls for aws-config/aws-sdk-s3
- Update jsonwebtoken from 9.3 to 10.3 in crates/auth/Cargo.toml and crates/contracts/Cargo.toml
- Create .cargo/audit.toml to ignore false positives for local workspace crates 'cache' and 'users'
- Fix pre-existing compile errors in crates/cache/src/ollama.rs (missing reqwest dep, broken format! string literals)
- Add reqwest workspace dependency to crates/cache/Cargo.toml
- Add AI credit management endpoints for companies
- Add AI usage history tracking
- Add AI content generation with Ollama integration
- Add Ollama client for generating job descriptions, resume analysis, and cover letters
- Integrate AI router into companies service
- Change if: success() to if: always() on gitops update step
- Add final fallback push with no cache if all builds fail
- Ensure high-performance-latest is always pushed even on partial failures
- Add missing AI intents: generate_cover_letter, improve_resume, request_view_contact, auto_apply_job, unknown
- Add is_internal_admin helper to prevent admin/super_admin users from using user-facing AI flows
- Add admin guards to: ai_generate_job_field, ai_generate_cover_letter, ai_tailor_resume, ai_auto_apply, ai_auto_respond_to_lead
- Add professional approval check in ai_auto_respond_to_lead - must be APPROVED status
- Add tracecoin balance check before contact reveal (requires 30 tracecoins)
- Add KB escalation: when no articles found, suggest creating support ticket
- Add explicit unknown intent handler with helpful message
- Generate 6-digit code instead of UUID token for password reset
- Store in Redis with 15 min TTL (was 1 hour)
- Update email template to show code instead of reset link
- Update ResetPasswordPayload to accept code instead of token
- Update send_password_reset_email to accept code parameter
- Add cache::ai module with Redis rate limiting for AI generations
- Add functions: check_ai_rate_limit, get_ai_usage, cache_ai_response,
get_cached_ai_response, invalidate_ai_cache, reset_daily_usage
- Update check_and_increment_usage to use Redis fast-path before DB
- Redis key pattern: ai:rate:{user_id} for 24hr sliding window counter
- Fix gateway: add /api/ai route to users_url
- Add AI job field generation endpoints (generate-job-field, generate-cover-letter, tailor-resume, auto-apply)
- Add AI usage tracking and rate limiting
- Add professional auto-respond-to-lead endpoint (30 tracecoins)
- Add DB migrations for AI usage tracking tables
- Update leads service with AI auto-respond functionality
