Calendar: validate startTime < endTime on event create/update, verify
share invitation recipient matches accepting user, add @MaxLength on
search DTO, use ConfigService for FRONTEND_URL, fix Docker default port.
Contacts: replace Error with NotFoundException in tag controller, verify
contact ownership before tag operations, add @ArrayMaxSize(100) on batch
DTOs, add unique constraint on contact tags (userId, name), add
@MaxLength(10000) on note content, reorder photo upload for safety.
Todo: add self-referencing FK on parentTaskId with cascade delete,
validate parent task ownership on create, add @Min/@Max on query
limit/offset, add @MaxLength(500) on search, add error handling to
quick add in web app.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Covers all working days with commits since the last devlog (Feb 15):
- 2026-02-16: LightWrite launch, PWA rollout, Stripe SEPA
- 2026-02-17: spiral-db, Planta bot, Mana Values manifest
- 2026-03-06: Manalink mobile Matrix client
- 2026-03-07: Manalink Expo SDK 55 fixes
- 2026-03-11: CD pipeline with Mac Mini self-hosted runner
- 2026-03-12: Manalink EAS Build fixes
- 2026-03-15: Traces app, Calendar production hardening
- 2026-03-17: Mukke mobile, E2E tests, pre-commit hook
- 2026-03-18: Unit test coverage for contacts and todo
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The lightwrite app was renamed to mukke in commit 7a56699d.
This removes the leftover tracked files from the old location.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
All SvelteKit web apps now have complete auth flows:
- login, register, forgot-password, and reset-password
Changes:
- Add reset-password page to: chat, clock, contacts, context,
manadeck, nutriphi, planta, presi, questions, skilltree,
todo, zitare, photos
- Add forgot-password page to photos (was also missing)
- Add resetPasswordWithToken() method to all 13 auth stores
- Each page customized with app-specific logo, colors, branding
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Critical bugs: fix contacts delete() inverted logic, fix photo URLs
hardcoded to localhost:9000. Add missing DB indexes across all three
apps (27 indexes total). Add data integrity constraints: cascade delete
on tasks.projectId, unique label names per user, unique default calendar
per user with race condition handling. Wrap 12 multi-step operations in
transactions (todo). Replace contacts duplicate detection full-table scan
with targeted SQL GROUP BY queries. Fix calendar N+1 event tag queries
with batch loading. Fix contacts tagId filter not being applied. Add
proper RRULE error logging. Clear calendar auth store on sign-out.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Combines LightWrite (beat/lyrics editor) and Mukke (iOS music player) into
a single web-based music workspace app. Archives the old Mukke mobile app.
- Rename: @lightwrite/* → @mukke/*, all branding, configs, Dockerfiles
- New DB schemas: songs, playlists, playlist_songs + songId FK on projects
- New backend modules: SongModule, PlaylistModule, LibraryModule
- New web: app shell with sidebar, library (songs/albums/artists/genres),
web player (queue/shuffle/repeat/MediaSession), playlists, search,
upload, dashboard, album/artist/genre detail pages
- Auth: add forgot-password + reset-password pages, extend auth store
- Tests: 40 backend unit tests (song, playlist, library services)
- Config: env generation, MinIO bucket, docker-compose prod, cloudflare
- Docs: update CLAUDE.md, auth guidelines with SvelteKit checklist
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Create NestJS backend on port 3020 with 4 modules (space, document, ai, token)
- Add Drizzle schema with 5 tables (spaces, documents, token_transactions, model_prices, user_tokens)
- Rewrite web services (spaces, documents, tokens, ai) to use shared API client instead of Supabase
- Move AI API keys server-side (Azure OpenAI, Google Gemini)
- Add seed script for model prices (gpt-4.1, gemini-pro, gemini-flash)
- Add 70 unit tests across 4 test suites (space, document, token, ai services)
- Add monorepo integration (setup-databases.sh, generate-env.mjs, docker init-db, root scripts)
- Remove @supabase/supabase-js dependency and delete supabase.ts from web app
- Update CLAUDE.md with full API documentation
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Calendar backend: upgrade jest 29→30 to fix broken pnpm symlink
(jest 29 wasn't resolving in pnpm store, all 63 tests now pass)
- Contacts backend: add @nestjs/throttler (100 req/min)
- Todo backend: add @nestjs/throttler (100 req/min)
- Consistent rate limiting across all three backends (calendar already had it)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Mukke is a local, offline-first music player for iOS. Songs are imported
from iCloud/local files via document picker, stored on device, and played
with expo-audio including background playback and lock screen controls.
Stack: Expo SDK 55, expo-audio, expo-sqlite, expo-document-picker,
@missingcore/audio-metadata, Zustand, NativeWind, Expo Router with NativeTabs.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Traces:
- Change bundle ID from com.memoro.locations to com.mana.traces
- Update BGTask identifiers to match new bundle ID
- Add react-native-worklets dependency for reanimated compatibility
- Configure eas.json with monorepo-optimized build settings
- Add pnpm patch for reanimated 4.1.x to accept worklets 0.7.x
- Skip auto-fingerprint on EAS (pnpm hoisted mode)
- Disable default cache paths to avoid ENOENT
Bot-services:
- Add types: ["node"] to tsconfig to prevent RN type conflicts in hoisted mode
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add @manacore/eslint-config as root devDependency so eslint.config.mjs
can resolve the shared config
- Remove full monorepo type-check from pre-commit hook (too slow for
commit-time, belongs in CI). Keep lint-staged (eslint + prettier on
changed files).
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add 22 E2E tests across 5 test suites covering auth, calendar views,
settings, event CRUD, and calendar management. Tests that require the
calendar backend gracefully skip when it's not running.
Also fixes: hooks.server.ts env fallbacks, ThrottlerGuard DI error,
and auth metrics service TypeScript error.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Better Auth throws APIError("FORBIDDEN") when email is not verified,
but the signIn catch block didn't handle this case, causing a 500.
Now returns ForbiddenException with EMAIL_NOT_VERIFIED code so the
client can show the resend verification link.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The ResetPasswordDto required 12 characters while registration and
change-password only required 8, causing a mismatch with frontend UI.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Adds a step to the CD pipeline that ensures CALENDAR_ENCRYPTION_KEY
exists in .env.macmini, generating one if missing.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
patch-package fails when packages are hoisted to monorepo root
(node-linker=hoisted). Making it non-fatal prevents EAS Build
failures for other apps in the workspace.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The package was imported but not listed in package.json, causing
Docker builds to fail since hoisted node_modules aren't available.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
pnpm's default isolated dependency resolution prevents Metro/Babel from
finding transitive dependencies like babel-preset-expo and
@babel/plugin-transform-react-jsx during EAS Build. Using hoisted mode
creates a flat node_modules structure compatible with React Native tooling.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Backend/Web Dockerfiles: use PORT env var in healthcheck (was hardcoded)
- Web Dockerfile: align default port to 5012 (matching docker-compose)
- docker-compose.macmini.yml: add ENCRYPTION_KEY env var for calendar-backend
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add AES-256-GCM encryption for CalDAV/Apple passwords in sync service
- Add rate limiting (100 req/min) via @nestjs/throttler
- Add pagination (limit/offset) to events API with metadata response
- Add security headers (CSP, X-Frame-Options, etc.) to web app
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Restructure standalone traces app into monorepo pattern with mobile + backend + shared types.
Add NestJS backend with Drizzle ORM schema for locations, cities, places, POIs, and AI guides.
Add mobile sync layer, cities tab, and guide generation UI. Fix pre-existing type errors across
mobile codebase, matrix-mana-bot (sendDirectMessage), llm-playground, and all web auth stores
(signUp call signature).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
pnpm's strict isolated dependency resolution prevents @babel/core from
finding babel-preset-expo and @babel/plugin-transform-react-jsx during
Metro bundling. The pre-install hook creates .npmrc with node-linker=hoisted
at the monorepo root so pnpm uses a flat node_modules on EAS Build.
Also simplified metro.config.js by removing manual monorepo watchFolders
config (handled automatically by expo/metro-config since SDK 52).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
pnpm strict module resolution prevents @babel/core from finding
babel-preset-expo as a transitive dependency during Metro bundling.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
expo-av was removed in Expo SDK 55, causing 'EXEventEmitter.h' not found
build errors. Migrated VoiceRecorder and VoiceMessage to use expo-audio.
Also changed EAS build image from "latest" (Xcode 26.2 beta) to "default".
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Downgrade react-native from 0.84.1 to 0.83.2 and fix all other
dependency version mismatches that caused iOS build failures
(bundleConfiguration, RCTDevMenuConfiguration errors).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Update runner setup guide to reflect completed installation status
- Simplify docs: runner is active, show maintenance commands instead of install steps
- Fix SSH config in server docs (user mana, local IP, add CI/CD section)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Adds Part A covering SSH key setup, SSH config for local and remote
access, and useful SSH commands for manual server management.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Adds a GitHub Actions workflow that detects changed services on push to
main and automatically rebuilds/restarts only the affected Docker containers
on the Mac Mini. Includes setup guide for the self-hosted runner.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Replace padding-bottom on .main-content with a flex spacer element to
properly reserve space for the fixed PillNavigation, and remove redundant
lg:pb-20 from MessageInput.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The WASM crypto module uses import.meta which Hermes doesn't support.
Since E2EE is not implemented, resolve it as empty module.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Upgrade all expo packages to SDK 55 (expo 55.0.5, react-native 0.84.1, react 19.2.4)
- Migrate expo-file-system to new File/Paths API (cacheDirectory removed)
- Import SharedValue directly from react-native-reanimated (Animated namespace change)
- Simplify polyfills to use globalThis instead of global
- Remove events import (no longer needed)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
sharp native compilation fails on EAS build servers. It's not needed
for mobile app builds, so skip its postinstall build step.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
