- Move board view management (ViewSelector, activeViewId, ViewEditorModal)
from +page.svelte to +layout.svelte
- Layout pill in PillNav now toggles ViewSelector strip visibility
- +page.svelte reduced to minimal BoardViewRenderer with context-provided view
- Provide activeView via Svelte context from layout
- Fix broken import in TaskItem.svelte (linter artifact)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Migrate inline SVG icon paths to Phosphor components in chat, zitare,
times, citycorners, inventar, manacore, todo, playground, presi, and
more. Part of repo-wide icon unification effort.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Consolidate the two separate view systems (homepage paper pages + /kanban board)
into one unified system on `/`. All three layout modes (Fokus, Übersicht, Matrix)
share the same LocalBoardView data model and BoardViewRenderer, with layout
switching via PillNav tabs instead of route navigation.
- Add FokusLayout component (scroll-snap paper sheets with DnD)
- Add activeLayoutMode setting (fokus/uebersicht/matrix)
- Add layoutOverride prop to BoardViewRenderer
- Rewrite homepage to use BoardViewRenderer + ViewSelector
- Unify DnD type to 'task-dnd' across all layouts
- Convert PillNav from route-based to state-based view switching
- Delete /kanban route (redirect to / with uebersicht mode)
- Update PWA shortcuts, settings, onboarding, help content
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Remove floating edit FAB from +page.svelte
- Add "Layout" pill (grid icon) to PillNav, only visible on homepage
- Share editMode state between layout and page via Svelte context
- Label toggles between "Layout" and "Fertig" when active
- Escape key exits edit mode
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Introduces a tiered access control system so apps can be released
gradually (founder → alpha → beta → public) without extra infrastructure.
Users are gated at the AuthGate level based on their tier vs the app's
requiredTier. All apps remain deployed and reachable, but only users
with sufficient tier can enter.
- Add accessTier enum + column to users schema (default: 'public')
- Add tier claim to JWT payload in better-auth config
- Add requiredTier field to ManaApp interface + all 25 apps
- Add hasAppAccess(), getAccessibleManaApps(), ACCESS_TIER_LABELS
- Update AuthGate with tier check + access denied screen
- Update getPillAppItems + Home page to filter by user tier
- Update all 22 app layouts to pass user tier to PillNav
- Add admin API: GET/PUT /api/v1/admin/users/:id/tier
- Document access tier system in CLAUDE.md
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
New modal component that searches across app databases (calendar events,
contacts) and creates bidirectional links with cached display data.
Integrated into Todo's TaskEditModal with "+ Verknüpfen" button.
Search uses debounced text matching against IndexedDB records with
lazy-initialized cross-app readers.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Duration estimation now auto-applies without requiring a button click.
When no explicit duration is typed, the system uses history-based
estimation (weighted by project/calendar, title, labels) with the
configurable default as fallback. Both apps get a "Smarte Dauer" toggle
and default duration picker in Settings. The learned duration improves
over time as more tasks/events are completed.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
New shared package enabling bidirectional links between records across
apps (e.g. todo→calendar, task→file). Each link creates a forward+reverse
pair sharing a pairId for efficient queries from both sides. Stored in
dedicated IndexedDB (manacore-links), synced via mana-sync.
Includes: types, store, mutations, reactive queries, cached display data
resolvers, ManaLinkBadge and ManaLinkList UI components.
Integrates into Todo app as first consumer — link store initialized in
layout, ManaLinkList rendered in TaskEditModal.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Extend the natural language parser with duration recognition (30min, 2h,
1.5 Stunden), multi-task splitting on keywords (danach, dann, ;) with
context inheritance (date/time/project), and a history-based time estimator
that suggests durations from similar completed tasks. QuickAdd now shows
a live parse preview and duration suggestion. All features run offline
against IndexedDB — no AI/API calls needed.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
After extensive package restructuring (deletions, consolidations, new
packages), the frozen lockfile causes resolution failures in Docker.
Use --no-frozen-lockfile until lockfile stabilizes.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Homepage fixes:
- Add loading state: show TaskListSkeleton while liveQuery loads
- Fix $derived(() => ...) anti-pattern → $derived.by()
- Stabilize date calculations (compute once, not per re-render)
- Remove double error check (mutation errors shown via toast)
TaskItem improvements:
- Show completed-at date (small, 50% opacity) on right side of
completed tasks
- Click completed date to toggle showing created-at date above it
Shared: Add `loading` field to useLiveQueryWithDefault (was missing,
prevented proper loading states in consumers)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
All 15 local-first apps now use CSR-only (ssr=false in +layout.ts).
Since all data comes from IndexedDB (not server), SSR adds unnecessary
roundtrip latency (~3-4s FCP improvement expected).
Apps affected: todo, calendar, clock, contacts, zitare, skilltree,
citycorners, inventar, photos, mukke, planta, presi, storage,
context, questions.
Chat and manacore keep SSR for SEO.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Created createManaAuthStore in @manacore/shared-auth-stores that replaces
~350 lines of duplicated auth.svelte.ts per app with a ~10 line factory call.
The factory handles: SSO, passkeys, 2FA, magic links, token management,
password reset, sign up/in/out — everything the old stores did.
Each app only provides devBackendPort and optional onAuthenticated callback.
Before: 21 apps × ~350 lines = 6,800 lines of duplicated auth code
After: 21 apps × ~10 lines = 182 lines total (97% reduction)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Merged shared-subscription-types + shared-subscription-ui into
@manacore/subscriptions. Updated imports in 15 web apps.
Package count: 49 → 47
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- New ViewEditorModal with form fields for name, icon, groupBy, layout,
and column configuration with inline color picker
- ViewSelector updated with "+" button to create views, three-dot menu
and right-click to edit active/any view
- Auto-generated column presets for status, priority, dueDate groupBy
- Custom columns mode for manual task grouping
- Live preview showing column layout (kanban or grid)
- Two-step delete confirmation
- Glass-morphism styling, dark mode, responsive
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Merged shared-feedback-types + shared-feedback-service + shared-feedback-ui
into a single @manacore/feedback package. Updated imports in all 21 apps.
Before: 3 packages (types, service, ui) with cross-dependencies
After: 1 package with direct imports, no circular refs
Note: ESLint warnings from pre-existing unused vars in chat/mukke
servers are unrelated to this change.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Calendar: Rewrite events.test.ts and events-recurrence.test.ts to test
pure functions (getEventsForDay, getEventsInRange, expandRecurringEvents)
from queries.ts instead of removed store methods.
Todo: Delete projects.test.ts and reminders.test.ts — the API files they
tested were removed in the local-first migration.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
NutriPhi meals store: Replace apiClient calls with mealCollection
reads/writes. Daily summary now computed locally from IndexedDB.
Mukke library store: Replace backend API aggregations (albums, artists,
genres, stats) with local computation from songCollection.getAll().
Server-only operations (upload, cover URLs, metadata extraction) remain
as fire-and-forget API calls.
Store migration status: All 19 apps now use IndexedDB as primary
data source. Server API calls only remain for:
- File upload/download (S3 presigned URLs)
- Image generation (Replicate API)
- AI analysis (Gemini)
- Cover art URLs (S3 presigned)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Todo: Replace manual fetch/state stores with useLiveQuery() for tasks,
projects, and tags. Components use Svelte context instead of store imports.
Stores reduced to mutation-only services. Removes ~200 lines of manual
state management. Enables multi-tab sync and auto-refresh on data changes.
- Tags (all 16 apps): Migrate from API-based createTagStore() to shared
local-first IndexedDB ('manacore-tags'). Tags now work offline and in
guest mode with default seed data. All apps share the same tag DB via
tagLocalStore + useAllTags() + setContext pattern.
- Cleanup: Delete unused Todo API files (projects.ts, labels.ts,
reminders.ts), remove dead labels store, clean up barrel exports.
Apps migrated: Todo, Zitare, Questions, Planta, Clock, Presi, Mukke,
Context, CityCorners, ManaDeck, Chat, Contacts, Calendar, Picture,
Storage, Photos
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
New lightweight server replacing NestJS for server-side compute:
- RRULE expansion (next occurrence, validation, DoS protection)
- Reminders (CRUD with reminder time calculation)
- Admin (GDPR user data counts + deletion)
- JWT auth middleware + service key auth for admin
- Port 3019, ~10 packages vs ~50 for NestJS
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Auth store starts/stops sync on login/logout
- LocalStore queues all existing records for initial sync (guest→auth transition)
- LocalCollection.queueAllForSync() creates pending inserts for all local records
- Skips initial queue if sync cursor exists (already synced before)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Password strength (zxcvbn-ts):
- PasswordStrength component with 4-segment color bar and German feedback
- Lazy-loaded with 150ms debounce to avoid SSR/bundle issues
- Integrated into RegisterPage and ChangePassword components
Magic Links (passwordless email):
- Better Auth magicLink plugin (10-minute expiry)
- sendMagicLinkEmail() in email service (German template)
- Passthrough route for /magic-link/* endpoints
- sendMagicLink() in shared-auth client
- "Login-Link per E-Mail senden" button on all 20 login pages
- All 21 auth stores have sendMagicLink() method
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Implement the foundational local-first data layer for ManaCore apps:
- New @manacore/local-store package (Dexie.js IndexedDB, sync engine, Svelte 5 reactive queries)
- New mana-sync Go service (sync protocol, WebSocket push, field-level LWW conflict resolution)
- Todo app migrated as pilot: stores read/write IndexedDB, guest mode with onboarding seed data
- PillNavigation: prominent login pill for unauthenticated users
- SyncIndicator component showing local/syncing/offline status
- GuestWelcomeModal on first visit for Todo app
- Removed demo-mode auth_required checks from Todo components (all writes are now local)
- CSP fix for local development (localhost:3001, localhost:3050)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add createTagStore factory to @manacore/shared-stores (Svelte 5 runes, backed by @manacore/shared-tags)
- Replace Todo's local TagStrip with shared TagStrip from @manacore/shared-ui
- Replace Todo's labels store with createTagStore wrapper (backward-compatible)
- Remove "Tags" tab from PillNav TabGroup, add it as toggle pill (like Filter)
- Tags pill toggles TagStrip overlay visibility instead of navigating to /tags
- TagStrip has "Tags verwalten" pill linking to /tags management page
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Expand FAQ entries from ~5 to 8-14 per app with app-specific feature documentation
- Add comprehensive features, shortcuts, and keyboard shortcut sections
- Integrate shared getManaFAQs() in 10 apps with /mana page
- Integrate shared getPrivacyFAQs() in all 18 apps with app-specific data types
- Add unit tests for help content in all 18 apps (72 tests total)
- Tests verify: DE/EN content, matching FAQ/feature counts, unique IDs, contact info
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Prevents potential XSS by safely serializing env values instead of using
raw string interpolation. Also creates missing hooks.server.ts for context
app and standardizes citycorners to use the same injection pattern.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add docker/Dockerfile.sveltekit-base: pre-built base with all 34 shared
packages (mirrors nestjs-base pattern), eliminates redundant COPY/build
steps from individual web Dockerfiles
- Add scripts/mac-mini/build-app.sh: stops monitoring stack before build
to free RAM, auto-restarts on exit (trap cleanup)
- Migrate todo web Dockerfile to use sveltekit-base:local (47 COPY lines
→ 2, 4 build steps → 0)
- Update CD workflow to build sveltekit-base when deploying web apps
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Implements passwordless authentication via passkeys using @simplewebauthn:
Backend (mana-core-auth):
- New passkeys table in auth schema (credentialId, publicKey, counter, etc.)
- PasskeyService with registration/authentication flows and challenge storage
- 7 new API endpoints (register, authenticate, list, delete, rename)
- createSessionAndTokens helper for non-password auth flows
- Security event types for passkey operations
Client (shared-auth):
- signInWithPasskey() and registerPasskey() with dynamic @simplewebauthn/browser imports
- isPasskeyAvailable() browser capability check
- Passkey management methods (list, delete, rename)
UI (shared-auth-ui):
- Passkey button on LoginPage with key icon, shown when browser supports WebAuthn
- Divider between passkey and email/password form
App integration:
- All 19 web app auth stores have isPasskeyAvailable() and signInWithPasskey()
- All 19 web app login pages pass passkeyAvailable and onSignInWithPasskey props
- rpID=mana.how in production enables cross-app passkey usage (SSO-compatible)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
No external auth providers to keep authentication fully self-sovereign
and avoid dependency on third-party services. Removes Google Sign-In,
Apple Sign-In components, utilities, endpoints, translations, and
mobile dependencies across all apps and shared packages.
Google/Apple integrations for data sync (Contacts import, Calendar sync)
are intentionally preserved as they serve a different purpose.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
shared-help-ui depends on shared-help-content but it was missing from the Docker build context, causing build failures.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Integrate priority indicator into checkbox (color fill + border weight + dashed for low + ! for urgent) for better a11y
- Reduce notepad border-radius and enable rounding on mobile
- Fix reorder route being shadowed by :id param route
- Improve drag & drop styling: remove container highlight, add lifted effect on dragged item
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Svelte 5 restricts {@const} to block contexts only. Use direct
isOpenNow() calls in {#if} conditions instead.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The MiniOnboardingModal was nested inside .layout-container (flex) divs
in Chat, Clock, Contacts, Context, ManaDeck, Picture, Presi, and Todo.
This could interfere with fixed positioning, causing the modal to render
incorrectly. Moved all modals to the same nesting level as
SessionExpiredBanner, outside layout containers.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The createUserSettingsStore was receiving a static auth URL evaluated at
module load time, before window.__PUBLIC_MANA_CORE_AUTH_URL__ was
injected by hooks.server.ts. In production this caused CSP violations
as settings API calls went to localhost:3001 instead of auth.mana.how.
Changes:
- Accept string | (() => string) for authUrl in shared-theme config
- Resolve authUrl lazily at fetch time instead of module load
- Fix fallback to empty string in non-dev environments (was localhost)
- Pass getAuthUrl as getter function in all 17 web apps
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add defaultTranslationsDE/EN and getHelpTranslations() to shared-help-ui
so apps only need to override the subtitle instead of duplicating ~80 lines
- Refactor all 6 existing help pages to use getHelpTranslations()
(Contacts, Calendar, Todo, Storage, Chat, Picture)
- Add help page to Zitare (FAQ, features, contact — no shortcuts)
- Migrate Mukke from custom SettingsPage-based help to shared HelpPage
(FAQ with audio formats, lyrics editor, playlists; features; shortcuts)
All 8 web apps now use the unified shared help system.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
