- Add safe-db-push.mjs script for safer database migrations
- Update docker-entrypoint.sh with db:push fallback when migrations fail
- Add validate-migrations.mjs script for CI migration validation
- Update CI workflow to use migration validation
- Update drizzle.config.ts with improved configuration
Add centralized error logging endpoint to mana-core-auth:
- Error logs database schema with app_id, error message, stack traces
- POST /error-logs endpoint for single errors
- POST /error-logs/batch endpoint for batch submissions
- Error logs service with automatic cleanup of old entries
- DTOs with validation for error log submissions
Add @manacore/shared-error-tracking package with:
- Frontend error tracker with batching and offline support
- SvelteKit integration with hooks handler
- Expo/React Native integration with global error handler
- NestJS module with exception filter and service
- Shared TypeScript types for error log entries
If db:migrate fails (e.g., due to migration hash mismatch after
modifying an already-applied migration), fall back to db:push
which syncs the schema directly.
This ensures the database schema is always up-to-date even when
migration tracking gets out of sync.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The DO block approach in migration 0001 may not work correctly with
Drizzle's migration parser. This new migration 0002 uses PostgreSQL's
native ALTER TABLE ADD COLUMN IF NOT EXISTS syntax which is simpler
and more reliable.
Each column addition is a separate statement for maximum compatibility.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The sessions table on staging was missing newer columns like remember_me,
refresh_token, device_id, etc. because the initial migration uses
CREATE TABLE IF NOT EXISTS which skips if the table already exists.
This migration adds all potentially missing columns to the sessions table
using IF NOT EXISTS checks for each column.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The migration was failing on staging because the auth schema already
existed from previous db:push operations. This fix makes all DDL
statements idempotent:
- CREATE SCHEMA IF NOT EXISTS for all schemas
- DO $$ BEGIN ... EXCEPTION WHEN duplicate_object ... END $$ for ENUMs
- CREATE TABLE IF NOT EXISTS for all tables
- CREATE INDEX IF NOT EXISTS for all indexes
- DO $$ BEGIN ... EXCEPTION WHEN duplicate_object ... END $$ for constraints
This ensures migrations can run safely against databases that already
have the schema partially or fully created.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Added rootDir: "./src" to tsconfig.json so that main.ts compiles to
dist/main.js instead of dist/src/main.js. This matches the CMD path
in the Dockerfile.
Also added include/exclude and moduleResolution to match other backends.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The mana-core-auth configuration.ts was already splitting CORS_ORIGINS
into an array, but createCorsConfig expected a string and called .split()
on it, causing "corsOriginsEnv.split is not a function" TypeError.
Now handles both string and array inputs gracefully.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The Docker build was failing because adapter-netlify outputs to .netlify/
directory but the Dockerfile expected build output in build/ directory.
Switched to adapter-node with explicit `out: 'build'` configuration
which matches the Dockerfile expectations.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add picture-backend and picture-web to CI Docker build matrix
- Add picture services to staging deployment workflow
- Add picture-backend to production deployment workflow
- Create Dockerfile and docker-entrypoint.sh for picture-web
- Fix picture-backend Dockerfile port (3003→3006) and health endpoint
- Add picture routes to Caddyfile.staging
- Add REPLICATE_API_TOKEN and MANA_CORE_SERVICE_KEY env vars
The shared-nestjs-cors package was exporting raw TypeScript files, which caused
runtime errors in production Docker containers:
SyntaxError: Unexpected token 'export'
Changes:
- Add build script to compile TypeScript to JavaScript
- Update package.json to export compiled dist files instead of src
- Add build step to all backend Dockerfiles that use this package
- Package now builds to CommonJS in dist/ folder
Fixes staging deployment failures for mana-core-auth and other backends.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Add clear error messages when pre-commit checks fail
- Add clear error messages when pre-push builds fail
- Explicitly warn against using --no-verify flag
- Encourage developers to fix issues rather than bypass checks
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Add includeAllManaApps option to enable all ManaCore apps to communicate
with each other without manually listing each app's domains.
**Changes:**
- Added MANACORE_STAGING_ORIGINS, MANACORE_PRODUCTION_ORIGINS, and
MANACORE_ALL_APP_ORIGINS constants
- Added includeAllManaApps flag to CorsConfigOptions interface
- Updated createCorsConfig() and createCorsConfigWithCallback() to support
the new flag
- Updated mana-core-auth to use includeAllManaApps: true (auth needs to be
accessible by all apps)
- Updated documentation with usage examples and decision matrix
**Benefits:**
- One-line configuration enables cross-app communication
- Automatically stays in sync as new apps are added
- No need to manually update CORS_ORIGINS for each app
- Works in both staging and production environments
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Add required name field (min 2 chars) to all registration forms to fix
Better Auth validation error. Updates backend DTO, shared-auth service,
shared-auth-ui RegisterPage component, i18n translations, and all app
auth stores and register pages.
- Add StatsSidebarSection component with event statistics, weekly trend chart, and calendar activity
- Show stats sidebar when heatmap mode is enabled instead of todo section
- Add heatmap level classes (1-5) to YearView with GitHub-style coloring
- Only show StatsOverlay when sidebar is collapsed
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Create SettingsModal component with all settings sections
- Update layout to show settings modal when clicking Settings in PillNav
- Modal appears above the input bar with glassmorphism styling
- Settings changes are saved immediately via settingsStore
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add network view as "N" option in view switcher (like contacts app pattern)
- Create view-mode store to switch between calendar/network modes
- Move NetworkView from /network route to embedded component
- Add heatmap mode with StatsOverlay for event density visualization
- Extend network service to create connections by:
- Shared tags (highest priority, variable strength)
- Same calendar (strength 50%)
- Same date (strength 40%)
- Same location (strength 60%)
- Fix network controller route prefix (was /api/v1/api/v1/network)
- Remove separate /network and /statistics pages
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add selectedTagIds to settings store with toggle/clear methods
- Update TagStrip to select tags for filtering instead of navigation
- Add filterByTags function to eventFiltering utils
- Apply tag filtering across all calendar views:
- MultiDayView (timed & all-day events)
- AgendaView (with empty group removal)
- MonthView
- YearView (event counts)
- Add "Filter löschen" button (hidden when no tags selected)
- Rename buttons: "Mehr" → "Alle Tags", "Neu" → "Neuer Tag"
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Fix flexbox layout for month view grid cells by:
- Adding height: 100% and min-height: 0 to .month-view container
- Using flex: 1 1 0 on week rows for equal distribution
- Adding overflow: hidden on day cells to prevent content overflow
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Optimize CLAUDE.md based on industry best practices from HN and HumanLayer:
Changes:
- Trim CLAUDE.md from 678 to 176 lines (74% reduction, 5.7KB)
- Add "Critical Gotchas" section for common AI mistakes
- Add verification signature (🏗️ ManaCore Monorepo)
- Create docs/README.md navigation hub with "I want to..." index
- Delete 5 outdated audit files (ENV_AUDIT_*, DEPENDENCY_ALIGNMENT)
- Archive 7 analysis/historical docs to docs/archive/
- Keep authentication docs separate per request (.claude/guidelines/)
Benefits:
- Better AI instruction adherence (within ~150-200 line budget)
- Progressive disclosure via signposting to detailed docs
- Cleaner navigation with topic-based organization
- Reduced maintenance burden (stale docs archived)
Backup: CLAUDE.md.backup preserves original 678-line version
Change log: docs/archive/RESTRUCTURE_2025-12-16.md
Calendar app was using $env/dynamic/public for TODO and Contacts API
URLs, which doesn't work in SPA mode. Updated to use runtime config:
- Add TODO_API_URL and CONTACTS_API_URL to runtime config
- Update docker-entrypoint.sh to include new env vars
- Refactor todos.ts and birthdays.ts to use lazy-loaded clients
- Refactor user-settings.svelte.ts with lazy store initialization
- Add env vars to docker-compose.staging.yml
This fixes staging deployment where cross-app integrations were
calling localhost instead of staging URLs.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
SvelteKit pre-compresses static files (config.json.br, config.json.gz)
during build. When docker-entrypoint.sh regenerates config.json at
runtime, the server still serves the stale compressed versions.
This fix removes the .br and .gz files after generating the fresh
config.json, ensuring browsers receive the correct runtime configuration.
Affected apps: calendar, chat, clock, contacts, manacore
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add missing @manacore/better-auth-types package to backend Docker builds.
The shared-nestjs-auth package depends on this new types package.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add missing @manacore/better-auth-types package to Docker builds.
The shared-auth package now depends on this new types package.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add comprehensive tests for role field security:
- Default role assignment verification
- input:false security (prevents role escalation)
- JWT payload role validation
- Role consistency across sessions
- Minimal JWT claims (no sensitive data)
Test infrastructure improvements:
- Add jose mock for ESM compatibility
- Update better-auth mock response format
- Configure Jest e2e to use mocks
Create new shared package for Better Auth type definitions:
- UserRole, JWTPayload, CurrentUserData types
- Type guards: isValidUserRole, isValidOrganizationRole
- Utility functions: jwtPayloadToCurrentUser
- userAdditionalFields for client type inference
Migrate shared packages to use centralized types:
- @manacore/shared-auth re-exports from new package
- @manacore/shared-nestjs-auth uses new package as dependency
- Fix `requestPasswordReset` method name (was incorrectly `forgetPassword`)
- Add proper TypeScript types for password reset, session, and JWT methods
- Consolidate API accessor from `orgApi` to `api` for all Better Auth calls
- Remove unnecessary `as any` casts by extending BetterAuthAPI interface
- Clean up unused imports
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Refactor @manacore/shared-storage to use single `manacore-storage` bucket
- Add generateStorageKey() for path structure: {userId}/{appName}/...
- Update docker-compose.dev.yml for unified MinIO bucket
- Migrate CD workflow to use GitHub Environment Secrets
- Update picture and contacts backends to use unified storage
- Remove per-app bucket configuration (cleaner architecture)
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Critical fixes for runtime configuration:
- auth.svelte.ts: Added missing await on getAuthUrl() in validateReferralCode()
- user-settings.svelte.ts: Replaced window injection with runtime config loading
This fixes ERR_CONNECTION_REFUSED on staging by ensuring auth URL is properly loaded from config.json before making API calls.
The entrypoint was trying to write to /app/build/client/config.json with an
absolute path, but since WORKDIR is /app/apps/manacore/apps/web, it should
use relative paths instead.
Changes:
- Use relative path 'build/client/config.json' instead of '/app/build/client/config.json'
- Add 'mkdir -p build/client' to ensure directory exists
- Update cat command to use relative path
This fixes the "nonexistent directory" error causing manacore-web to crash
in staging environment.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Fixes CI/CD frozen-lockfile failure. The pnpm-lock.yaml had zod entries for
Calendar and Chat web apps, but their package.json files were missing the
dependency. This mismatch caused CI builds to fail.
Added zod@^3.25.76 to:
- apps/calendar/apps/web/package.json
- apps/chat/apps/web/package.json
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Added zod ^3.25.76 to package.json dependencies for:
- @clock/web
- @contacts/web
This fixes build failures in pre-push hook where runtime.ts config validation
required zod but it wasn't listed as a dependency.
Calendar and Chat apps already had zod installed (^4.2.0).
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
