Implements passwordless authentication via passkeys using @simplewebauthn:
Backend (mana-core-auth):
- New passkeys table in auth schema (credentialId, publicKey, counter, etc.)
- PasskeyService with registration/authentication flows and challenge storage
- 7 new API endpoints (register, authenticate, list, delete, rename)
- createSessionAndTokens helper for non-password auth flows
- Security event types for passkey operations
Client (shared-auth):
- signInWithPasskey() and registerPasskey() with dynamic @simplewebauthn/browser imports
- isPasskeyAvailable() browser capability check
- Passkey management methods (list, delete, rename)
UI (shared-auth-ui):
- Passkey button on LoginPage with key icon, shown when browser supports WebAuthn
- Divider between passkey and email/password form
App integration:
- All 19 web app auth stores have isPasskeyAvailable() and signInWithPasskey()
- All 19 web app login pages pass passkeyAvailable and onSignInWithPasskey props
- rpID=mana.how in production enables cross-app passkey usage (SSO-compatible)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
No external auth providers to keep authentication fully self-sovereign
and avoid dependency on third-party services. Removes Google Sign-In,
Apple Sign-In components, utilities, endpoints, translations, and
mobile dependencies across all apps and shared packages.
Google/Apple integrations for data sync (Contacts import, Calendar sync)
are intentionally preserved as they serve a different purpose.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Svelte 5 restricts {@const} to block contexts only. Use direct
isOpenNow() calls in {#if} conditions instead.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add NutriPhiEvents (mealAdded, mealDeleted, photoAnalyzed, textAnalyzed,
goalsUpdated, favoriteSaved, favoriteUsed) to shared analytics utils.
Add deckDeleted and cardDeleted to ManaDeckEvents. Wire up event calls
in NutriPhi meals store and ManaDeck deck/card stores.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add bilingual (DE/EN) help content and help page routes for Clock,
Context, ManaCore, ManaDeck, NutriPhi, Photos, Planta, Presi,
Questions, and SkillTree. Uses shared-help-types and shared-help-ui
packages consistent with already-committed help pages in other apps.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Nutriphi, Photos, Planta, and Presi backends had MetricsModule imported
but were missing the prom-client peer dependency, causing /metrics to
return 404 and VictoriaMetrics to report them as down (73% healthy).
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Validator now checks 52 Dockerfiles (web + backend + service).
Fixed 10 missing COPYs across backends, services, and nestjs-base.
Generator also supports backend/service Dockerfiles with markers.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Replace copy-pasted appReady/loading/redirect logic in all 13 layouts
with a shared AuthGate component. Supports guest mode, onReady callback
for app-specific data loading, and configurable login redirect.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Added to: clock, photos, storage, mukke, planta, picture, skilltree,
nutriphi, chat. Now all 13 web apps show a re-login banner when
token refresh permanently fails.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
New script generates COPY blocks between marker comments, eliminating
manual maintenance. All 17 web Dockerfiles updated with markers.
Supports --check flag for CI validation.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Base parser: multilingual (DE/EN/FR/ES/IT) date, time, weekday, month parsing
- Base parser: fuzzy/typo tolerance (Levenshtein), recurrence (RRULE), relative time
- Base parser: timezone extraction, date ranges, ordinal dates, confidence scoring
- Base parser: past dates (gestern/yesterday), this/next week distinction
- Base parser: compose helper (createAppParser), multiple @references
- Calendar: event-parser with duration, time ranges, location, all-day, calendar ref
- Calendar: wire up UnifiedBar with onCreate/onParseCreate for quick event creation
- Todo: task-parser multilingual priority keywords (urgent/important/normal/later)
- Planta: plant-parser with acquisition keywords (gekauft/bought/acheté)
- Mukke: song-parser with Artist-Title format, BPM, genre, playlist/project creation
- NutriPhi: meal-parser with meal type detection, add QuickInputBar to layout
- All parsers: 210 tests across 7 test suites, all passing
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
New script validates that all workspace deps in package.json have
matching COPY statements in Dockerfiles. Fixed missing shared-pwa,
shared-vite-config, patches/, and project-specific package COPYs
across 7 web app Dockerfiles.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Remove unnecessary wrapper div in WidgetContainer
- Increase grid gap from gap-4 to gap-5 for breathing room
- Add auto-rows-fr for equal row heights
- Add min-h on widget content so empty widgets aren't tiny
- Change default layout to 3 equal columns (small)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Align all 20 web app auth stores to a consistent pattern:
- Use DEV_* constants with import.meta.env.DEV guard (no localhost leak in prod)
- Pass backendUrl to initializeWebAuth for automatic 401 token refresh
- Add redirectTo to forgotPassword for correct post-reset redirect
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
mana-media uses NestJS 11 while shared-nestjs-metrics targets NestJS 10,
causing DynamicModule type incompatibility. Use prom-client directly with
a simple MetricsController to expose /metrics endpoint.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The previous commit added MetricsModule to these backends but their
Dockerfiles didn't COPY the shared-nestjs-metrics package into the
build context, causing Docker builds to fail.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add MetricsModule to 8 backends missing it (photos, zitare, mukke,
planta, picture, storage, presi, nutriphi)
- Enable Prometheus scraping for all 15 backends in prometheus.yml
(was only 6, with 3 commented out and 6 missing entirely)
- Update ServiceDown alert rule to cover all 15 backends
- Update Grafana dashboards (backends, master-overview, system-overview)
with all backend services in health panels
- Fix imprecise regex in application-details dashboard
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The browser error tracking hooks.client.ts added earlier requires the
shared-error-tracking package to be copied and built in the Docker image.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add @sentry/browser integration via shared-error-tracking/browser export
and hooks.client.ts in every web app for client-side error reporting to GlitchTip.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Create Analytics.astro component in @manacore/shared-landing-ui that
automatically tracks CTA clicks and pricing section views via Umami.
The component uses event delegation and auto-detection of section
context (hero/pricing/footer) from section IDs or DOM position,
requiring zero changes to existing landing page content.
Tracked events: cta_click (with location), pricing_viewed,
pricing_plan_selected (with plan name)
Added to all 10 landing page Layout.astro files.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Replace hardcoded Umami website IDs in all 10 Astro landing pages with
import.meta.env.PUBLIC_UMAMI_WEBSITE_ID, following the same pattern
as the web apps.
- Add UMAMI_WEBSITE_ID_*_LANDING vars for all 10 landings in .env.development
- Add landing page configs to generate-env.mjs
- Replace hardcoded IDs with env var in 7 existing Layout.astro files
- Add Umami tracking to 3 missing landings (NutriPhi, Presi, Mukke)
- Fix Todo Landing invalid ID ("todo-landing" -> proper UUID)
- Update ANALYTICS.md with new landing page IDs
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Create @manacore/shared-utils/security-headers with setSecurityHeaders()
utility that sets standard security headers (CSP, X-Frame-Options,
X-Content-Type-Options, Referrer-Policy, Permissions-Policy).
CSP includes stats.mana.how (Umami) and glitchtip.mana.how by default.
Each app passes its own connectSrc origins (auth URL, backend URL, etc.).
Previously only Calendar and Storage had CSP headers - now all 17 web
apps have consistent security headers via the shared utility.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The production domain is mana.how, not manacore.app. Updated all
references across shared-branding APP_URLS, app configs, landing pages,
docs, help content, calendar iCal UIDs, and deploy scripts.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Move Umami analytics from hardcoded script tags in app.html to
server-side injection via hooks.server.ts. Website IDs are now
managed centrally in .env.development and distributed via
generate-env.mjs as PUBLIC_UMAMI_WEBSITE_ID.
- Add @manacore/shared-utils/analytics-server with injectUmamiAnalytics()
- Add UMAMI_WEBSITE_ID_* for all 17 web apps to .env.development
- Add PUBLIC_UMAMI_WEBSITE_ID mapping in generate-env.mjs for all web apps
- Update 10 existing hooks.server.ts to use shared utility
- Create 7 new hooks.server.ts (picture, planta, presi, photos, clock,
questions, manadeck)
- Remove hardcoded Umami scripts from all 17 app.html files
- Add missing Umami tracking to Mukke and Questions
- Add shared-utils dependency to 6 web apps that lacked it
- Update ANALYTICS.md with architecture docs and "add new app" guide
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Remove hand-written sw.js, offline.html, and manifest.json from todo/skilltree/zitare web apps
in favor of the Workbox-based service worker generated by @vite-pwa/sveltekit. This fixes an
issue where the custom SW could get stuck serving the offline fallback page even when the server
was reachable. Also extracts the duplicated offline page (~80 lines each across 19 apps) into a
shared OfflinePage component in @manacore/shared-ui with 3 props (appName, offlineMessage,
accentColor), reducing each app's offline route to an 8-line wrapper.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add BUILD_TIME and BUILD_HASH exports to all version.ts files
- Add getBuildDefines() to all vite.config.ts for compile-time injection
- Add buildTime prop to shared LoginPage component
- Display formatted date/time next to version number (e.g. "v1.0.0 · 21.03.2026 10:30")
- Add app.d.ts type declarations for __BUILD_TIME__ and __BUILD_HASH__
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Dockerfile, docker-compose service (port 5100), Caddy and cloudflared
routing for the WhoPixels game. PORT is now configurable via env var.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add import './instrument' to 15 remaining backend main.ts files
- Add GLITCHTIP_DSN to 10 additional backends in docker-compose.macmini.yml
- Total: 13/13 deployed backends have DSNs configured
- Total: 18/18 backends have instrument.ts + import
Backends with live error tracking after next rebuild:
chat, todo, calendar, clock, contacts, storage, presi, nutriphi,
skilltree, photos, zitare, mukke, planta
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add batch cover-url endpoint (POST /library/cover-urls) to efficiently
resolve multiple cover art presigned URLs in a single request. Integrate
cover art display across all UI surfaces: album grid, album detail header,
song list thumbnails, playlist grid, and playlist detail song list.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Create instrument.ts for: chat, clock, context, manadeck, mukke,
nutriphi, photos, picture, planta, presi, questions, skilltree,
storage, traces, zitare
- Add import './instrument' as first line in all main.ts files
- Add @manacore/shared-error-tracking dependency to all package.json files
- Create 10 new GlitchTip projects (mukke→18, total: 18 projects)
- All 18 backends now have error tracking (active when GLITCHTIP_DSN is set)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Assign version numbers based on app maturity: Calendar/Contacts/Todo (1.0.0),
Chat/Picture (0.3.0), 11 beta apps (0.2.0), Context/Planta/Questions (0.1.0),
Traces (0.0.1). Set up @changesets/cli for future version management.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
All SvelteKit web apps now have complete auth flows:
- login, register, forgot-password, and reset-password
Changes:
- Add reset-password page to: chat, clock, contacts, context,
manadeck, nutriphi, planta, presi, questions, skilltree,
todo, zitare, photos
- Add forgot-password page to photos (was also missing)
- Add resetPasswordWithToken() method to all 13 auth stores
- Each page customized with app-specific logo, colors, branding
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Restructure standalone traces app into monorepo pattern with mobile + backend + shared types.
Add NestJS backend with Drizzle ORM schema for locations, cities, places, POIs, and AI guides.
Add mobile sync layer, cities tab, and guide generation UI. Fix pre-existing type errors across
mobile codebase, matrix-mana-bot (sendDirectMessage), llm-playground, and all web auth stores
(signUp call signature).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add @vite-pwa/sveltekit and @manacore/shared-pwa devDependencies
to enable unified PWA architecture across all web applications:
- Calendar, Chat, Clock, Contacts, LightWrite
- ManaCore, ManaDeck, Matrix, NutriPhi, Photos
- Picture, Planta, Presi, Questions, Skilltree
- Storage, Todo, Zitare
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add all new organization management endpoints to API table
- Add new Invitations section for invitation endpoints
- Update controller JSDoc with complete endpoint list
- Update last updated date
Better Auth generates string IDs, not UUIDs. Updated schema to match
other apps like Calendar that use text for user_id.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Don't call $t() before i18n is loaded
- Use loading spinner instead of translated text during load
- Conditionally render title in svelte:head
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Use transparent background to adapt to Element theme
- Remove min-height and centering (content starts at top)
- Reduce font sizes and spacing for compact display
- Use semi-transparent backgrounds for theme compatibility
- Add flex-wrap for narrow panels
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Updated Technology Stack to reflect gemini-2.5-flash model
- Added note about getting API key from Google AI Studio
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The experimental model gemini-2.0-flash-exp no longer exists. Updated to
the stable gemini-2.5-flash model.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Update all 15 web apps with correct Umami website IDs:
- calendar, chat, clock, contacts, manacore, manadeck, picture, planta, todo: updated IDs
- zitare, storage, nutriphi, skilltree, photos, presi: added tracking
All IDs now match the websites configured in Umami.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The root package.json postinstall script runs scripts/generate-env.mjs
which doesn't exist in the Docker build context. Using --ignore-scripts
skips this postinstall step since env generation isn't needed in Docker.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Added shared-tsconfig, shared-nestjs-setup, and shared-nestjs-health
packages required for the backend build.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The NutriPhi bot was failing with 413 "request entity too large" when
analyzing images via Base64. Added configurable bodyLimit option to
shared-nestjs-setup and set NutriPhi backend to 50mb.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
