docs: add file browser as next major feature, close mod lifecycle thread

OPEN_THREADS.md

@@ -15,41 +15,53 @@ This document tracks **known open questions and deferred decisions**.
 - ✅ Agent Phase 1 mod management endpoints
 - ✅ Agent process metrics endpoint
 - ✅ Minecraft readiness probe + restart race mitigation (initial)
+- ✅ Modrinth resolver + full mod lifecycle (install / enable / disable / delete)
 
 ---
 
 ## Still Open (Phase 1 / Go-to-market)
 
-### API: proxy the new agent capabilities
-- Add game-mod endpoints behind auth + ownership:
-  - `GET    /api/game/servers/:vmid/mods`
-  - `POST   /api/game/servers/:vmid/mods/install`
-  - `PATCH  /api/game/servers/:vmid/mods/:mod_id`
-  - `DELETE /api/game/servers/:vmid/mods/:mod_id`
-- Add process metrics proxy:
-  - `GET /api/game/servers/:vmid/metrics/process`
-- Decide caching shape (Redis keys + TTLs) for:
-  - mods list (agent already caches 5m internally)
-  - process metrics (likely low TTL, e.g. 5–10s)
+### File Browser (Next Major Feature)
 
-### Artifacts: Modrinth / NeoForge supply-chain workflow
-- Define a **local-first** artifact ingestion workflow:
-  - detect → pending → verified → active → deprecated
-- Decide Phase 1 scope:
-  - curated mod list vs modpack-first
-  - whether to ingest only Modrinth + NeoForge initially
-- Standardize loader naming contracts:
-  - `minecraft/neoforge/<mc_version>/neoforge-installer.jar` (Phase 1)
-  - confirm similar conventions for Forge/Fabric installers
+Planned endpoints:
 
-### Frontend: Mods UI (Phase 1)
-- Add "Mods" surface for game servers:
-  - installed mods list (enabled/disabled)
-  - enable/disable toggle
-  - remove mod
-  - curated install flow (no arbitrary URLs)
-- Decide if "upload custom mods" is Phase 1 or Phase 2:
-  - Phase 2 is preferred unless there is sandboxing/scanning/allowlist.
+**Agent:**
+- `GET    /game/files?path=`
+- `GET    /game/files/download?path=`
+- `POST   /game/files/upload?path=`
+- `DELETE /game/files?path=`
+- `PATCH  /game/files` (rename)
+
+**API:**
+- Mirror under `/api/game/servers/:id/files`
+
+**Frontend:**
+- Directory tree
+- Upload
+- Delete
+- Download
+- Restore deleted mods from `/mods-removed`
+
+**Security requirements:**
+- Hard-root to `serverRoot` — no escaping
+- Prevent path traversal
+- Enforce size limits on upload
+- Auth + ownership required on all endpoints
+
+### API: Error mapping refinement
+- `"mod already exists"` → `409 Conflict` (currently returns `502`)
+
+### API: Response corruption verification
+- One early `curl` output appeared corrupted during mod install testing
+- Reproduce cleanly with `curl -sS -D headers.txt -o body.txt ...` before portal wiring
+
+### API: Process metrics proxy
+- `GET /api/game/servers/:vmid/metrics/process`
+- Decide caching shape (Redis keys + TTLs): likely low TTL (5–10s)
+
+### Artifacts: Vanilla MC versions
+- Currently at 1.21.7; need to add 1.21.8 through 1.21.11
+- Source: `piston-meta.mojang.com/mc/game/version_manifest_v2.json`
 
 ### Provisioning & scale validation
 - Validate concurrent provisioning (multi-user, parallel creates)
@@ -68,10 +80,20 @@ This document tracks **known open questions and deferred decisions**.
 - Rollback behavior if a new agent fails health checks after update
 - Optional manifest signing (minisign/GPG)
 
+### Mod system hardening
+- Deterministic Modrinth project ID persistence (replace heuristic installed-detection)
+- Install queue for concurrent requests
+- Auto-update detection logic
+- Retention policy for `/mods-removed`
+
 ### Game platform roadmap
 - Modpack-first install flow (server files + manifests)
 - Engine abstraction for additional games (Rust/Terraria/Valheim)
 
+### Dev → Game pipeline
+- See `docs/architecture/dev-to-game-artifact-pipeline.md`
+- Blocked on: file browser complete + mod system stable
+
 ---
 
 ## Explicit Non-Goals (for now)