till/managarten
1
0
Fork 0
mirror of https://github.com/Memo-2023/mana-monorepo.git synced 2026-05-14 23:21:08 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 4
Mirror of github.com/Memo-2023/mana-monorepo
2610 commits 34 branches 38 tags 143 MiB
Find a file
Till JS 24001e9545 feat(vault): rotate recovery code while zero-knowledge is active 
Closes backlog #2 from the Phase 9 audit. Lets a user replace their
recovery code without going through the disable→generate→re-enable
dance. Works in BOTH standard and zero-knowledge modes.

vault-client
------------
New rotateRecoveryCode() method on the VaultClient interface.
Returns RecoveryCodeSetupResult, identical shape to setupRecoveryCode.

Branches on the current vault state via getStatus():

  Standard mode:
    Re-fetches the plaintext MK from the server (same path as the
    initial setupRecoveryCode), generates a fresh 32-byte recovery
    secret, derives the new wrap key via HKDF, seals the MK, posts
    the wrap to /recovery-wrap (idempotent server-side, replaces
    the existing row in place).

  Zero-knowledge mode:
    Server can't hand out the plaintext MK any more, so we use the
    cachedUnwrappedMkBytes that unlockWithRecoveryCode stashed when
    the user typed in their old recovery code earlier this session.
    Throws with a clear message if the cache is empty (e.g. user
    landed on the page via init rather than recovery-unlock):
    "sign out and back in with your current recovery code first"
    so the cache gets repopulated.

Both branches:
  - Wipe the raw MK reference after sealing
  - Wipe the recovery secret after format
  - Return the formatted code for the UI to display

The OLD recovery code is now permanently invalid. Using it on a
future unlock attempt will fail with the standard generic
"wrong recovery code" error.

Settings UI
-----------
New rotateStep state machine ('idle' / 'rotated') runs alongside
the existing zkSetupStep so the user can rotate without leaving the
active-state UI.

In the active-mode card (zkSetupStep === 'enabled'):
  - Two side-by-side buttons:
    "🔁 Recovery-Code rotieren" + "Zero-Knowledge-Modus wieder deaktivieren …"
  - When the user clicks rotate, handleRotateRecoveryCode() runs the
    flow and renders an inline "Neuer Recovery-Code" subsection
    (same .recovery-code monospace block + Copy button as the
    initial setup) with explicit warning that the old code is now
    invalid.
  - "Ich habe den neuen Code gesichert" button wipes the displayed
    code and drops back to idle.
  - The disable flow stays available (the rotate UI hides itself
    when the user has clicked into the disable confirmation path).

The 28 vault integration tests still pass (39 total in
encryption-vault/, including the existing 11 KEK tests). The new
rotateRecoveryCode method reuses the already-tested
setRecoveryWrap server endpoint, so no new server-side tests are
needed for this commit.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-07 23:43:10 +02:00
.changeset feat(versioning): add semantic versioning and changesets to all apps 2026-03-19 16:20:18 +01:00
.claude feat(manacore/web): wire TagField, FavoriteButton, ColorPicker into module UIs 2026-04-02 17:20:46 +02:00
.github chore: complete ManaCore → Mana rename (docs, go modules, plists, images) 2026-04-07 12:26:10 +02:00
.husky fix(devtools): fix pre-commit hook - add eslint-config dep, remove type-check 2026-03-17 13:08:51 +01:00
apps feat(vault): rotate recovery code while zero-knowledge is active 2026-04-07 23:43:10 +02:00
docker chore(macmini): infra cleanup — compose env, blackbox mem, prometheus gpu probes 2026-04-07 22:59:38 +02:00
docs docs: PRE_LAUNCH_CLEANUP.md — what we removed before launch and why 2026-04-07 22:32:14 +02:00
games chore: complete ManaCore → Mana rename (docs, go modules, plists, images) 2026-04-07 12:26:10 +02:00
load-tests chore: rename mukke to music in infra, scripts, and CI/CD 2026-04-05 16:47:57 +02:00
NewAppIdeas/Roblox Reimagined chore: complete ManaCore → Mana rename (docs, go modules, plists, images) 2026-04-07 12:26:10 +02:00
packages feat(cycles): add menstrual cycle tracking module 2026-04-07 14:35:33 +02:00
patches fix(traces): configure EAS Build for TestFlight and fix bot-services build 2026-03-17 13:16:38 +01:00
scripts chore(macmini/scripts): runbook hardening — status diff + ingress walk 2026-04-07 22:31:53 +02:00
services test(mana-auth): vault service integration tests against real postgres 2026-04-07 23:39:48 +02:00
tests/e2e first implementation 2025-11-27 17:26:18 +01:00
.dockerignore make auth working 2025-11-26 01:31:12 +01:00
.editorconfig feat: add monorepo configuration and shared packages structure 2025-11-22 23:41:52 +01:00
.env.development feat(memoro): voice recording → mana-stt transcription pipeline 2026-04-07 18:48:41 +02:00
.env.macmini.example chore(macmini): pin COMPOSE_PROJECT_NAME=manacore-monorepo 2026-04-07 22:31:25 +02:00
.gitignore chore: misc fixes, new services, lockfile cleanup 2026-03-28 10:27:35 +01:00
.npmrc fix(monorepo): add .npmrc with node-linker=hoisted for EAS Build compatibility 2026-03-15 08:50:18 +01:00
.nvmrc feat: add monorepo configuration and shared packages structure 2025-11-22 23:41:52 +01:00
.prettierignore chore: complete ManaCore → Mana rename (docs, go modules, plists, images) 2026-04-07 12:26:10 +02:00
.prettierrc.json fix(cicd): docker paths, formatting config, 2025-11-27 18:33:08 +01:00
CLAUDE.md chore: complete ManaCore → Mana rename (docs, go modules, plists, images) 2026-04-07 12:26:10 +02:00
cloudflared-config.yml feat: rename ManaCore to Mana across entire codebase 2026-04-05 20:00:13 +02:00
docker-compose.dev.yml feat: rename ManaCore to Mana across entire codebase 2026-04-05 20:00:13 +02:00
docker-compose.macmini.yml chore(macmini): infra cleanup — compose env, blackbox mem, prometheus gpu probes 2026-04-07 22:59:38 +02:00
eslint.config.mjs chore: complete ManaCore → Mana rename (docs, go modules, plists, images) 2026-04-07 12:26:10 +02:00
gift-codes-2026-02-14.txt feat(gifts): add gift code creation script and initial codes 2026-02-14 11:23:08 +01:00
lint-staged.config.js chore: archive 17 standalone app servers (replaced by unified API) 2026-04-02 21:37:45 +02:00
mac-mini-setup.sh feat: rename ManaCore to Mana across entire codebase 2026-04-05 20:00:13 +02:00
package.json feat(events): add mana-events service + public RSVP flow (Phase 1b) 2026-04-07 14:27:48 +02:00
playwright.config.ts style: auto-format codebase with Prettier 2025-11-27 18:33:16 +01:00
pnpm-lock.yaml chore(workspace): unify vitest to ^4.1.2 across all packages 2026-04-07 13:58:29 +02:00
pnpm-workspace.yaml chore: delete 25 web-archived directories, remove stale stubs, clean workspace config 2026-04-03 13:03:49 +02:00
README.md chore: complete ManaCore → Mana rename (docs, go modules, plists, images) 2026-04-07 12:26:10 +02:00
test-chat-auth.sh feat: rename ManaCore to Mana across entire codebase 2026-04-05 20:00:13 +02:00
TROUBLESHOOTING.md chore: complete ManaCore → Mana rename (docs, go modules, plists, images) 2026-04-07 12:26:10 +02:00
turbo.json feat: rename ManaCore to Mana across entire codebase 2026-04-05 20:00:13 +02:00
vitest.config.ts feat: rename ManaCore to Mana across entire codebase 2026-04-05 20:00:13 +02:00

README.md

Mana Monorepo

Monorepo containing all Mana projects — a self-hosted multi-app ecosystem with shared packages and unified tooling.

Projects

Project Description Apps
mana Multi-app ecosystem platform Expo mobile, SvelteKit web
chat AI chat application NestJS backend, Expo mobile, SvelteKit web, Astro landing
todo Task management NestJS backend, SvelteKit web, Astro landing
calendar Calendar & scheduling NestJS backend, SvelteKit web, Astro landing
clock Pomodoro & time tracking NestJS backend, SvelteKit web, Astro landing
contacts Contact management NestJS backend, SvelteKit web
picture AI image generation NestJS backend, Expo mobile, SvelteKit web, Astro landing
cards Card/deck management NestJS backend, Expo mobile, SvelteKit web
zitare Daily inspiration quotes NestJS backend, Expo mobile, SvelteKit web, Astro landing
mukke Music player NestJS backend, SvelteKit web
planta Plant care tracker NestJS backend, SvelteKit web
storage Cloud storage NestJS backend, SvelteKit web
questions Q&A with web search SvelteKit web
skilltree Skill tree visualization NestJS backend, SvelteKit web
nutriphi Nutrition tracking NestJS backend, SvelteKit web
citycorners City guide NestJS backend, SvelteKit web, Astro landing
presi Presentation tool NestJS backend, SvelteKit web
photos Photo management NestJS backend, SvelteKit web

Getting Started

Prerequisites

  • Node.js 20+
  • pnpm 9.15.0+
  • Docker (for PostgreSQL, Redis, MinIO)

Installation

pnpm install

Development

# Start infrastructure (PostgreSQL, Redis, MinIO)
pnpm docker:up

# Start any app with auto DB setup
pnpm dev:chat:full
pnpm dev:todo:full
pnpm dev:calendar:full
pnpm dev:contacts:full

# Build & quality
pnpm run build
pnpm run type-check
pnpm run format

See CLAUDE.md for comprehensive development documentation.

Architecture

mana-monorepo/
├── apps/                    # Product applications
├── services/                # Microservices (auth, search, LLM, bots)
├── packages/                # Shared packages
├── docker/                  # Docker configuration
└── scripts/                 # Development & deployment scripts

Tooling

  • Package Manager: pnpm 9.15.0
  • Build System: Turborepo
  • Formatting: Prettier (tabs, single quotes, 100 char width)
  • Hosting: Mac Mini (self-hosted) via Docker + Cloudflare Tunnel
  • Analytics: Umami (stats.mana.how)

License

Private - All rights reserved