Merged shared-feedback-types + shared-feedback-service + shared-feedback-ui
into a single @manacore/feedback package. Updated imports in all 21 apps.
Before: 3 packages (types, service, ui) with cross-dependencies
After: 1 package with direct imports, no circular refs
Note: ESLint warnings from pre-existing unused vars in chat/mukke
servers are unrelated to this change.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Todo: Replace manual fetch/state stores with useLiveQuery() for tasks,
projects, and tags. Components use Svelte context instead of store imports.
Stores reduced to mutation-only services. Removes ~200 lines of manual
state management. Enables multi-tab sync and auto-refresh on data changes.
- Tags (all 16 apps): Migrate from API-based createTagStore() to shared
local-first IndexedDB ('manacore-tags'). Tags now work offline and in
guest mode with default seed data. All apps share the same tag DB via
tagLocalStore + useAllTags() + setContext pattern.
- Cleanup: Delete unused Todo API files (projects.ts, labels.ts,
reminders.ts), remove dead labels store, clean up barrel exports.
Apps migrated: Todo, Zitare, Questions, Planta, Clock, Presi, Mukke,
Context, CityCorners, ManaDeck, Chat, Contacts, Calendar, Picture,
Storage, Photos
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add IndexedDB data layer (Dexie.js via @manacore/local-store) to 6 more apps,
bringing the total to 12/22 apps with local-first architecture.
For each app:
- Create local-store.ts with typed collections and sync config
- Create guest-seed.ts with onboarding data for guest mode
- Update layout with AuthGate allowGuest={true} + handleAuthReady()
- Add GuestWelcomeModal for first-visit experience
- Add @manacore/local-store dependency
App-specific changes:
- Presi: Rewrite decks store from API to IndexedDB, conditional share button
- Picture: Rewrite gallery + boards pages to read from IndexedDB
- Inventar: Replace manual auth $effect with AuthGate, keep localStorage stores
- NutriPhi: Add onReady handler to existing AuthGate
- Planta: Add allowGuest + sync init to existing AuthGate
- Storage: Add local store init to existing handleAuthReady
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Password strength (zxcvbn-ts):
- PasswordStrength component with 4-segment color bar and German feedback
- Lazy-loaded with 150ms debounce to avoid SSR/bundle issues
- Integrated into RegisterPage and ChangePassword components
Magic Links (passwordless email):
- Better Auth magicLink plugin (10-minute expiry)
- sendMagicLinkEmail() in email service (German template)
- Passthrough route for /magic-link/* endpoints
- sendMagicLink() in shared-auth client
- "Login-Link per E-Mail senden" button on all 20 login pages
- All 21 auth stores have sendMagicLink() method
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Migrated apps with existing local tags (photos, storage, picture):
- Replace local tag stores with createTagStore wrapper
- Add shared TagStrip to layouts with tag filtering support
- Storage: new tag store, /tags management page
- Picture: migrated from Svelte 4 writables to createTagStore
New TagStrip added to 12 apps without prior tag system:
- chat, citycorners, clock, context, manadeck, manacore, matrix,
mukke, planta, presi, questions, zitare
- Each gets: tag store, Tags toggle pill in PillNav, TagStrip overlay,
/tags management page, fetchTags on auth ready
- All backed by central mana-core-auth Tags API
All 18 apps now have:
- Tags pill in PillNav (toggles TagStrip overlay)
- Shared TagStrip component from @manacore/shared-ui
- Tag store using createTagStore from @manacore/shared-stores
- /tags management page
- Cross-app tags via central mana-core-auth
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Expand FAQ entries from ~5 to 8-14 per app with app-specific feature documentation
- Add comprehensive features, shortcuts, and keyboard shortcut sections
- Integrate shared getManaFAQs() in 10 apps with /mana page
- Integrate shared getPrivacyFAQs() in all 18 apps with app-specific data types
- Add unit tests for help content in all 18 apps (72 tests total)
- Tests verify: DE/EN content, matching FAQ/feature counts, unique IDs, contact info
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Prevents potential XSS by safely serializing env values instead of using
raw string interpolation. Also creates missing hooks.server.ts for context
app and standardizes citycorners to use the same injection pattern.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Playwright tests that verify real API interactions:
- Create folder via UI modal
- File upload via drag zone
- Search with results/no-results handling
- File preview modal opening
- Share modal from file actions
- Trash/favorites page loading
- Settings page with real storage usage stats
Tests auto-skip if backend is not available.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Selection state in files store with toggle/selectAll/clearSelection
- Checkboxes appear on FileCard/FolderCard when selection is active
- BulkActionBar with count display, delete, select all, clear
- Click toggles selection when in selection mode, normal click otherwise
- Selection cleared on folder navigation
- Animated slide-in action bar with primary color accent
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Backend: Add endpoints for file-tag operations (GET/POST/DELETE)
Frontend: TagPicker component with:
- View/add/remove tags on files in FilePreviewModal
- Create new tags inline with random color assignment
- Dropdown with existing tags and create-new input
- Colored tag pills with remove button
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Fetch actual file count, total size, and favorites from /files/stats
endpoint. Replace hardcoded 2.5GB/10GB placeholder with real data
and animated progress bar.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Setup nestjs-pino for structured JSON logging in production and
pretty-printed colorized logs in development. Health/metrics
endpoints excluded from auto-logging to reduce noise.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Setup @nestjs/swagger with auto-generated API docs at /api/docs.
Documents all 35 endpoints with bearer auth support.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Register and add complete locale files for FR, ES, IT.
All 5 supported languages (DE/EN/FR/ES/IT) now have translations.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Replace placeholder toast with full share modal featuring:
- Access level selection (view/download/edit)
- Expiration date (1/7/30/90 days)
- Max downloads limit
- Optional password protection
- Copy-to-clipboard for generated share URL
- Works for both files and folders
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Replace plain text empty states with themed SVG illustrations:
- files/folder: cloud folder with upload arrows
- trash: empty bin with checkmark
- favorites: star outline
- search: magnifying glass
- shared: connected nodes
Reusable EmptyState component with snippet-based action slots.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add FileSkeletonGrid and FileSkeletonList components that match the
real card/row layout. Applied to files, folders, favorites, and trash
pages with view-mode-aware skeleton selection.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Implements passwordless authentication via passkeys using @simplewebauthn:
Backend (mana-core-auth):
- New passkeys table in auth schema (credentialId, publicKey, counter, etc.)
- PasskeyService with registration/authentication flows and challenge storage
- 7 new API endpoints (register, authenticate, list, delete, rename)
- createSessionAndTokens helper for non-password auth flows
- Security event types for passkey operations
Client (shared-auth):
- signInWithPasskey() and registerPasskey() with dynamic @simplewebauthn/browser imports
- isPasskeyAvailable() browser capability check
- Passkey management methods (list, delete, rename)
UI (shared-auth-ui):
- Passkey button on LoginPage with key icon, shown when browser supports WebAuthn
- Divider between passkey and email/password form
App integration:
- All 19 web app auth stores have isPasskeyAvailable() and signInWithPasskey()
- All 19 web app login pages pass passkeyAvailable and onSignInWithPasskey props
- rpID=mana.how in production enables cross-app passkey usage (SSO-compatible)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Extend FilePreviewModal with rich previews for more file types:
- Video: native <video> player with controls via presigned S3 URL
- PDF: embedded browser PDF viewer via <iframe>
- Text/Code: fetched content displayed in monospace with scroll
- Markdown: rendered to HTML with basic formatting support
- Modal widened to 700px for better content display
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add full audio playback system to the Storage web app, inspired by the Mukke music app:
- MiniPlayer bar at bottom with frequency visualizer, progress bar, and controls
- FullPlayer fullscreen overlay with mirrored frequency bars background
- Inline audio preview in FilePreviewModal with play button
- Audio queue from all audio files in the current folder
- Presigned S3 URLs for playback, Media Session API for OS controls
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The MiniOnboardingModal was placed inside the .layout-container flex div,
which interfered with its fixed positioning and caused it to render
unstyled at the bottom of the screen. Moved it to the same level as
SessionExpiredBanner, outside the layout container.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The shared-pwa package exports from dist/ and needs to be built before
the storage-web app. Also adds shared-help-types, shared-help-ui, and
shared-help-content COPY statements for the new help pages.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The createUserSettingsStore was receiving a static auth URL evaluated at
module load time, before window.__PUBLIC_MANA_CORE_AUTH_URL__ was
injected by hooks.server.ts. In production this caused CSP violations
as settings API calls went to localhost:3001 instead of auth.mana.how.
Changes:
- Accept string | (() => string) for authUrl in shared-theme config
- Resolve authUrl lazily at fetch time instead of module load
- Fix fallback to empty string in non-dev environments (was localhost)
- Pass getAuthUrl as getter function in all 17 web apps
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add defaultTranslationsDE/EN and getHelpTranslations() to shared-help-ui
so apps only need to override the subtitle instead of duplicating ~80 lines
- Refactor all 6 existing help pages to use getHelpTranslations()
(Contacts, Calendar, Todo, Storage, Chat, Picture)
- Add help page to Zitare (FAQ, features, contact — no shortcuts)
- Migrate Mukke from custom SettingsPage-based help to shared HelpPage
(FAQ with audio formats, lyrics editor, playlists; features; shortcuts)
All 8 web apps now use the unified shared help system.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add help pages to the remaining high-maturity production apps:
- Storage (84/100): FAQ (upload, sharing, versioning, trash, privacy),
features (cloud storage, sharing, versioning, search), shortcuts
- Chat (82/100): FAQ (AI models, spaces, templates, comparison, privacy),
features (multi-model, spaces, comparison, templates), shortcuts
- Picture (81/100): FAQ (generation, credits, moodboards, explore, privacy),
features (AI generation, gallery, moodboards, explore), shortcuts
All 6 production web apps now have standardized help pages using the
shared help system.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Replace copy-pasted appReady/loading/redirect logic in all 13 layouts
with a shared AuthGate component. Supports guest mode, onReady callback
for app-specific data loading, and configurable login redirect.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Added to: clock, photos, storage, mukke, planta, picture, skilltree,
nutriphi, chat. Now all 13 web apps show a re-login banner when
token refresh permanently fails.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
New script generates COPY blocks between marker comments, eliminating
manual maintenance. All 17 web Dockerfiles updated with markers.
Supports --check flag for CI validation.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The prerendered /offline page referenced /favicon.png which didn't exist,
causing Docker build failure. Added favicon.svg, generated all PWA icons,
and added proper PWA meta tags to app.html.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Remove unnecessary wrapper div in WidgetContainer
- Increase grid gap from gap-4 to gap-5 for breathing room
- Add auto-rows-fr for equal row heights
- Add min-h on widget content so empty widgets aren't tiny
- Change default layout to 3 equal columns (small)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add onboarding with feature overview, preference selection, and tips to
Zitare, Mukke, Photos, Planta, SkillTree, and Questions. Insert a new
first "features" info step into all 10 existing onboarding flows so every
app now starts with a core-features overview page.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Align all 20 web app auth stores to a consistent pattern:
- Use DEV_* constants with import.meta.env.DEV guard (no localhost leak in prod)
- Pass backendUrl to initializeWebAuth for automatic 401 token refresh
- Add redirectTo to forgotPassword for correct post-reset redirect
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add MetricsModule to 8 backends missing it (photos, zitare, mukke,
planta, picture, storage, presi, nutriphi)
- Enable Prometheus scraping for all 15 backends in prometheus.yml
(was only 6, with 3 commented out and 6 missing entirely)
- Update ServiceDown alert rule to cover all 15 backends
- Update Grafana dashboards (backends, master-overview, system-overview)
with all backend services in health panels
- Fix imprecise regex in application-details dashboard
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The browser error tracking hooks.client.ts added earlier requires the
shared-error-tracking package to be copied and built in the Docker image.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add @sentry/browser integration via shared-error-tracking/browser export
and hooks.client.ts in every web app for client-side error reporting to GlitchTip.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Build fails because @manacore/shared-pwa is imported in vite.config.ts
but not copied into the Docker build context.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Create @manacore/shared-utils/security-headers with setSecurityHeaders()
utility that sets standard security headers (CSP, X-Frame-Options,
X-Content-Type-Options, Referrer-Policy, Permissions-Policy).
CSP includes stats.mana.how (Umami) and glitchtip.mana.how by default.
Each app passes its own connectSrc origins (auth URL, backend URL, etc.).
Previously only Calendar and Storage had CSP headers - now all 17 web
apps have consistent security headers via the shared utility.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Move Umami analytics from hardcoded script tags in app.html to
server-side injection via hooks.server.ts. Website IDs are now
managed centrally in .env.development and distributed via
generate-env.mjs as PUBLIC_UMAMI_WEBSITE_ID.
- Add @manacore/shared-utils/analytics-server with injectUmamiAnalytics()
- Add UMAMI_WEBSITE_ID_* for all 17 web apps to .env.development
- Add PUBLIC_UMAMI_WEBSITE_ID mapping in generate-env.mjs for all web apps
- Update 10 existing hooks.server.ts to use shared utility
- Create 7 new hooks.server.ts (picture, planta, presi, photos, clock,
questions, manadeck)
- Remove hardcoded Umami scripts from all 17 app.html files
- Add missing Umami tracking to Mukke and Questions
- Add shared-utils dependency to 6 web apps that lacked it
- Update ANALYTICS.md with architecture docs and "add new app" guide
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
