Full Transcriptions, Faster Auth, and Cleaner Analytics

The bot now waits for the discussion to actually end instead of leaving at the scheduled time. The Conference Bot exit logic has been updated; instead of leaving strictly at the planned meeting end time, the bot now stays in the call for at least 25% longer than the scheduled duration and actively monitors transcription activity. It only exists when no new transcriptions have been detected for 5 minutes after the planned end time, confirming that the discussion has genuinely wrapped up.

IMPACT: Teams using Conference Bot now receive complete transcriptions of overrun meetings without losing critical content. The previous issue, where the last 10–20 minutes of a discussion were cut off because the bot left on a timer, right as key conclusions, decisions, and action items were being finalized, has been eliminated. Overtime sessions and extended meetings are now fully recorded, and AI summaries contain the complete context of decisions made and commitments given by the team. This is especially critical for subsequent analysis through PM Agent, and for strategic client calls or planning sessions where discussions regularly run past the scheduled end time.

Stateless JWT-based authorization mechanism with full role and permission hierarchy. The authorization architecture has been overhauled: the server no longer stores session state between requests. JWT tokens now contain the user's full role and permission hierarchy, including inherited rights, calculated recursively on the backend at token issuance and embedded directly in the token payload. All microservices have been updated to perform access control checks exclusively against JWT claims, with no database calls per request. In addition, the payload structure has been updated and documented, refresh token support has been added, and forced session termination is now triggered when a user's roles or permissions change.

IMPACT: The system has seen a significant improvement in performance and scalability. A critical overhead issue has been resolved: previously, each request required multiple service calls to retrieve tokens, roles, permissions, and user data. Authorization is now instantaneous, handled entirely through JWT claim verification with no database queries. The microservice codebase has been substantially simplified through a unified authorization mechanism. On the frontend, the need for multiple API calls to verify access rights has been eliminated, making the interface noticeably more responsive.

Unified NATS_HOSTS configuration across all servers for fault-tolerant cluster connectivity. The approach to NATS connection configuration has been standardized: instead of a mix of formats (NATS_URL, NATS_HOSTS as a string, and others), a single NATS_HOSTS parameter is now used as an array of strings (a list of hosts). All existing services have been updated to the new format, with backward compatibility ensured through automatic conversion of comma-separated strings to a list. The fastapi_template has been updated so that new services will follow this standard automatically.

Duplicate worklogs and artifacts are no longer created when tasks are moved between Jira projects or boards. A data duplication issue when moving tasks between workspaces in Jira has been resolved: when a task is moved from one board to another (for example, DS-*** → KIG-***), the system now updates the task key and transfers all associated worklogs and artifacts to the new board instead of creating duplicates.

IMPACT: Reporting distortion during project reorganizations has been eliminated. Previously, all worklogs recorded before a task was moved would be duplicated, attached simultaneously to both the old and new task. This led to inflated employee hours in reports, incorrect Labor Cost and Margin calculations, confusion during payroll processing, and corrupted historical data when reviewing past reports. Worklogs now transfer correctly to the new project along with the task, ensuring analytics accuracy regardless of any structural changes to Jira boards. This is especially critical for enterprise clients with dynamic teams and project reorganizations.

The Projects column and filter on the Colleagues page now show all actual projects from the SoW, regardless of the user's access rights. The project display logic on the Colleagues page has been corrected; the Projects column now shows all of an employee's actual projects from the current SoW, regardless of whether the viewing user has access to those projects. The Project filter now contains the full list of actual projects across all employees, enabling colleague search by any project; access restrictions are applied only when a user attempts to navigate into a project by clicking on it. Correct data visibility for different roles has also been ensured.

A dynamic employee counter has been added to the Colleagues page, synchronized with the current table contents. The counter displays the number of active employees currently engaged by default, and updates to reflect the total number of employees, both active and former, when the "Show inactive" toggle is enabled.

Critical parsing errors in the dag_read_calendar_and_meetings DAG have been fixed. The dag_read_calendar_and_meetings DAG has been restored to working order; Google Calendar data parsing errors have been resolved, correct event processing is now ensured, and meetings are saved to the database as expected. The DAG now completes successfully and passes data through to the system for display in the Meetings interface.