mirror of https://github.com/Memo-2023/mana-monorepo.git synced 2026-05-15 01:01:09 +02:00

Mirror of github.com/Memo-2023/mana-monorepo

Find a file

Till JS 109de61e21 feat(picture,storage): pre-wired insert helpers for future generate/upload flows Closes backlog #3+4 from the Phase 9 audit. The original framing — "server-pushed records bypass client-side encryption" — turned out to overstate the problem after a code audit: - apps/mana/apps/web/src/routes/(app)/picture/generate/+page.svelte is currently a TODO stub. The handleGenerate() function returns "requires connection to Picture-Server (port 3006)" without inserting anything. - There is no fileTable.add() call site anywhere in the unified mana app. File uploads still happen via the standalone storage server in apps/storage and arrive via legacy mana-sync push. So the production code path that would write plaintext images or files to the user's IndexedDB doesn't yet exist. The risk only materialises when someone wires up the in-app generate / upload UI in the unified app. The right action is to leave behind a clearly-labelled, encryption- aware insert() helper on each store so the future implementation has an obvious "do the right thing" path to call. This commit does exactly that. picture/stores/images.svelte.ts ------------------------------- New imagesStore.insert(image: LocalImage) method: - Calls encryptRecord('images', image) to seal `prompt` + `negativePrompt` (the two registered encrypted fields) - Calls imageTable().add(image) - Fires the PictureEvents.imageCreated analytic (replaces the old plain-table-add path) A long doc comment on the method explains the architectural reasoning: the server cannot encrypt under the user's master key (the key only lives in the browser), so the generation flow MUST round-trip through the client store even if the AI call itself happens server-side. The pattern is documented as: 1. Client posts { prompt, negativePrompt, ... } to image-gen API 2. Server returns { storagePath, generationId, dimensions, ... } 3. Client calls imagesStore.insert(...) with both halves 4. encryptRecord seals the prompt fields before the IndexedDB write The mixed-state guarantee from picture/queries.ts already covers the migration window where some images came in via legacy server-side push and others through this path — decryptRecord passes plaintext through and unwraps ciphertext blobs. storage/stores/files.svelte.ts ------------------------------ New filesStore.insert(file: LocalFile) method: - Calls encryptRecord('files', file) to seal `name` + `originalName` - Calls fileTable.add(file) Same architectural reasoning applies. The doc comment also flags a SEPARATE concern that this commit does NOT address: encrypting the actual file bytes on S3 (so the storage provider can't read the content) needs streaming AES-GCM and is a much bigger lift. Tracked as "backlog #4b" in the comment for whoever picks it up next. (No analytic call yet on the storage side because StorageEvents doesn't have a fileUploaded() event — the upload UI is unbuilt, so adding the analytic event is up to whoever lands the UI.) Pre-existing TS error on line 46 of images.svelte.ts (the `toggleField(imageTable(), ...)` Drizzle/Dexie type variance bug) is unchanged — it predates Phase 9 and is not introduced by this commit. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>		2026-04-07 23:52:20 +02:00
.changeset	feat(versioning): add semantic versioning and changesets to all apps	2026-03-19 16:20:18 +01:00
.claude	feat(manacore/web): wire TagField, FavoriteButton, ColorPicker into module UIs	2026-04-02 17:20:46 +02:00
.github	chore: complete ManaCore → Mana rename (docs, go modules, plists, images)	2026-04-07 12:26:10 +02:00
.husky	fix(devtools): fix pre-commit hook - add eslint-config dep, remove type-check	2026-03-17 13:08:51 +01:00
apps	feat(picture,storage): pre-wired insert helpers for future generate/upload flows	2026-04-07 23:52:20 +02:00
docker	chore(macmini): infra cleanup — compose env, blackbox mem, prometheus gpu probes	2026-04-07 22:59:38 +02:00
docs	docs: PRE_LAUNCH_CLEANUP.md — what we removed before launch and why	2026-04-07 22:32:14 +02:00
games	chore: complete ManaCore → Mana rename (docs, go modules, plists, images)	2026-04-07 12:26:10 +02:00
load-tests	chore: rename mukke to music in infra, scripts, and CI/CD	2026-04-05 16:47:57 +02:00
NewAppIdeas/Roblox Reimagined	chore: complete ManaCore → Mana rename (docs, go modules, plists, images)	2026-04-07 12:26:10 +02:00
packages	feat(cycles): add menstrual cycle tracking module	2026-04-07 14:35:33 +02:00
patches	fix(traces): configure EAS Build for TestFlight and fix bot-services build	2026-03-17 13:16:38 +01:00
scripts	chore(macmini/scripts): runbook hardening — status diff + ingress walk	2026-04-07 22:31:53 +02:00
services	test(mana-auth): vault service integration tests against real postgres	2026-04-07 23:39:48 +02:00
tests/e2e	first implementation	2025-11-27 17:26:18 +01:00
.dockerignore	make auth working	2025-11-26 01:31:12 +01:00
.editorconfig	feat: add monorepo configuration and shared packages structure	2025-11-22 23:41:52 +01:00
.env.development	feat(memoro): voice recording → mana-stt transcription pipeline	2026-04-07 18:48:41 +02:00
.env.macmini.example	chore(macmini): pin COMPOSE_PROJECT_NAME=manacore-monorepo	2026-04-07 22:31:25 +02:00
.gitignore	chore: misc fixes, new services, lockfile cleanup	2026-03-28 10:27:35 +01:00
.npmrc	fix(monorepo): add .npmrc with node-linker=hoisted for EAS Build compatibility	2026-03-15 08:50:18 +01:00
.nvmrc	feat: add monorepo configuration and shared packages structure	2025-11-22 23:41:52 +01:00
.prettierignore	chore: complete ManaCore → Mana rename (docs, go modules, plists, images)	2026-04-07 12:26:10 +02:00
.prettierrc.json	fix(cicd): docker paths, formatting config,	2025-11-27 18:33:08 +01:00
CLAUDE.md	chore: complete ManaCore → Mana rename (docs, go modules, plists, images)	2026-04-07 12:26:10 +02:00
cloudflared-config.yml	feat: rename ManaCore to Mana across entire codebase	2026-04-05 20:00:13 +02:00
docker-compose.dev.yml	feat: rename ManaCore to Mana across entire codebase	2026-04-05 20:00:13 +02:00
docker-compose.macmini.yml	fix(macmini): blackbox-exporter uses 1.1.1.1/8.8.8.8 directly for DNS	2026-04-07 23:47:57 +02:00
eslint.config.mjs	chore: complete ManaCore → Mana rename (docs, go modules, plists, images)	2026-04-07 12:26:10 +02:00
gift-codes-2026-02-14.txt	✨ feat(gifts): add gift code creation script and initial codes	2026-02-14 11:23:08 +01:00
lint-staged.config.js	chore: archive 17 standalone app servers (replaced by unified API)	2026-04-02 21:37:45 +02:00
mac-mini-setup.sh	feat: rename ManaCore to Mana across entire codebase	2026-04-05 20:00:13 +02:00
package.json	feat(events): add mana-events service + public RSVP flow (Phase 1b)	2026-04-07 14:27:48 +02:00
playwright.config.ts	style: auto-format codebase with Prettier	2025-11-27 18:33:16 +01:00
pnpm-lock.yaml	chore(workspace): unify vitest to ^4.1.2 across all packages	2026-04-07 13:58:29 +02:00
pnpm-workspace.yaml	chore: delete 25 web-archived directories, remove stale stubs, clean workspace config	2026-04-03 13:03:49 +02:00
README.md	chore: complete ManaCore → Mana rename (docs, go modules, plists, images)	2026-04-07 12:26:10 +02:00
test-chat-auth.sh	feat: rename ManaCore to Mana across entire codebase	2026-04-05 20:00:13 +02:00
TROUBLESHOOTING.md	chore: complete ManaCore → Mana rename (docs, go modules, plists, images)	2026-04-07 12:26:10 +02:00
turbo.json	feat: rename ManaCore to Mana across entire codebase	2026-04-05 20:00:13 +02:00
vitest.config.ts	feat: rename ManaCore to Mana across entire codebase	2026-04-05 20:00:13 +02:00

README.md

Mana Monorepo

Monorepo containing all Mana projects — a self-hosted multi-app ecosystem with shared packages and unified tooling.

Projects

Project	Description	Apps
mana	Multi-app ecosystem platform	Expo mobile, SvelteKit web
chat	AI chat application	NestJS backend, Expo mobile, SvelteKit web, Astro landing
todo	Task management	NestJS backend, SvelteKit web, Astro landing
calendar	Calendar & scheduling	NestJS backend, SvelteKit web, Astro landing
clock	Pomodoro & time tracking	NestJS backend, SvelteKit web, Astro landing
contacts	Contact management	NestJS backend, SvelteKit web
picture	AI image generation	NestJS backend, Expo mobile, SvelteKit web, Astro landing
cards	Card/deck management	NestJS backend, Expo mobile, SvelteKit web
zitare	Daily inspiration quotes	NestJS backend, Expo mobile, SvelteKit web, Astro landing
mukke	Music player	NestJS backend, SvelteKit web
planta	Plant care tracker	NestJS backend, SvelteKit web
storage	Cloud storage	NestJS backend, SvelteKit web
questions	Q&A with web search	SvelteKit web
skilltree	Skill tree visualization	NestJS backend, SvelteKit web
nutriphi	Nutrition tracking	NestJS backend, SvelteKit web
citycorners	City guide	NestJS backend, SvelteKit web, Astro landing
presi	Presentation tool	NestJS backend, SvelteKit web
photos	Photo management	NestJS backend, SvelteKit web

Getting Started

Prerequisites

Node.js 20+
pnpm 9.15.0+
Docker (for PostgreSQL, Redis, MinIO)

Installation

pnpm install

Development

# Start infrastructure (PostgreSQL, Redis, MinIO)
pnpm docker:up

# Start any app with auto DB setup
pnpm dev:chat:full
pnpm dev:todo:full
pnpm dev:calendar:full
pnpm dev:contacts:full

# Build & quality
pnpm run build
pnpm run type-check
pnpm run format

See CLAUDE.md for comprehensive development documentation.

Architecture

mana-monorepo/
├── apps/                    # Product applications
├── services/                # Microservices (auth, search, LLM, bots)
├── packages/                # Shared packages
├── docker/                  # Docker configuration
└── scripts/                 # Development & deployment scripts

Tooling

Package Manager: pnpm 9.15.0
Build System: Turborepo
Formatting: Prettier (tabs, single quotes, 100 char width)
Hosting: Mac Mini (self-hosted) via Docker + Cloudflare Tunnel
Analytics: Umami (stats.mana.how)