feat(webhooks): UX improvements — per-provider errors, one-time admin tokens, auto callback URL

[zbigniewsobiecki]

Summary

• Per-provider error surfacing: webhooks.list now uses Promise.allSettled instead of silently swallowing failures. Returns an errors object alongside data so the UI can show which providers failed (e.g. GitHub 404) while others still work.
• One-time admin tokens: New oneTimeTokens input on list/create/delete endpoints lets users provide elevated credentials (e.g. GitHub PAT with admin:repo_hook scope) for webhook management without persisting them. Collapsible UI section in the PM wizard + CLI flags (--github-token, --trello-api-key, etc.).
• Auto callback URL: The PM wizard now computes the callback URL from VITE_API_URL instead of requiring manual input. CLI --callback-url is now optional (defaults to the configured server URL).
• Better error UX: Per-provider amber warning banners with retry buttons. Contextual success message when webhook creation succeeds but list refresh has errors.

Files changed

File	Change
src/api/routers/webhooks.ts	Promise.allSettled + errors object, oneTimeTokens schema on all 3 endpoints
web/src/components/projects/pm-wizard.tsx	Auto URL, error banners, collapsible one-time token UI
src/cli/dashboard/webhooks/create.ts	Optional --callback-url, one-time token flags, JIRA output
src/cli/dashboard/webhooks/delete.ts	Optional --callback-url, one-time token flags, JIRA output
src/cli/dashboard/webhooks/list.ts	One-time token flags, per-provider error warnings, JIRA section
tests/unit/api/routers/webhooks.test.ts	7 new tests: per-provider errors, oneTimeTokens override
CLAUDE.md	Updated webhook CLI examples

Test plan

• npm run typecheck — clean
• npm run lint — clean
• npm test — 168 files, 2802 tests passing
• CI pipeline passes
• Manual: open webhook step with a project that has GitHub 404 — should show GitHub error, Trello still works
• Manual: create webhook with one-time GitHub PAT — succeeds, token not persisted
• CLI: cascade webhooks create <id> (no --callback-url) — uses server URL
• CLI: cascade webhooks list <id> --github-token ghp_xxx — uses provided token

🤖 Generated with Claude Code

[aaight]

🤔 Just a sec, looking into those UX improvements now

[aaight]

Thanks for the review! This PR adds several UX improvements to webhook management:

Key Changes

Per-provider error handling: The webhooks.list endpoint now uses Promise.allSettled to surface individual provider failures (e.g., GitHub 404) while other providers continue to work. The UI shows amber warning banners for each failed provider with a retry button.

One-time admin tokens: All three webhook endpoints (list, create, delete) now accept an optional oneTimeTokens input, allowing users to provide elevated credentials (GitHub PAT with admin:repo_hook, Trello API key/token, JIRA email/token) for webhook operations without persisting them to the database. The PM wizard includes a collapsible "Use admin credentials" section, and the CLI supports flags like --github-token, --trello-api-key, etc.

Auto callback URL: The PM wizard now computes the callback URL from VITE_API_URL/API_URL instead of requiring manual input. The CLI --callback-url flag is now optional and defaults to the configured server URL.

Better error UX: Per-provider amber warning banners with retry buttons, plus a contextual success message when webhook creation succeeds but the list refresh encounters errors.

Test Coverage

Added 7 new unit tests covering:

• Per-provider error scenarios (one provider fails, others succeed)
• oneTimeTokens override for all three endpoints
• Error object structure validation

All existing tests pass (2802 tests across 168 files). CI is currently running to verify the full pipeline.