Till JS e99fea1938 feat(forms): M3b public-submit endpoint — schließt den Public-Loop ... Server-side Public-Submit für unlisted-shared Forms (Plan docs/plans/forms-module.md M3.b): - POST /api/v1/forms/public/:token/submit (apps/api): - Token-resolve via unlistedSnapshots-Tabelle (eq, limit 1). - Hard-blocks: 404 unbekannt, 410 revoked/expired, 400 wrong collection, 400 invalid JSON. - Schema-validiert serverseitig: filtert eingehende answers auf field-IDs aus dem Snapshot (anti-injection), prüft required Antwort-Felder + required consent-Felder. - Hashed IP (SHA-256, hex) als Anti-Spam-Fingerprint, plus User-Agent + Referer truncated, in submitterMeta. - Schreibt sync_changes(table='formResponses', op='insert', data, field_meta, actor='system:forms-public-submit', origin='system') in einer Transaktion mit set_config('app.current_user_id') für RLS — mirror vom articles import-extractor. - Token-scoped rate-limit (10/min) + IP-scoped (30/min), gleiche Architektur wie unlisted/public-routes. - Returns { ok: true, responseId, submittedAt }. - SharedFormView (apps/mana/apps/web): handleSubmit POSTet jetzt an ${PUBLIC_MANA_API_URL || origin:3060}/api/v1/forms/public/:token/submit. Submitting-State (Disabled-Button + "Sende ..."), Error-Block bei Server-Fehlern, Submitter-Block (Name + Email, beide optional). Der DEV-Hinweis ist weg. Encryption: server speichert plaintext im sync_changes-Blob. Der Client-side Decrypt-Path ist no-op für non-encrypted shapes (record-helpers.ts:241), also kein Crash beim Pull. Encrypted-at-rest für public submissions ist M6 ZK-Mode (eigener per-Form-Key der Form-Owner client-seitig hält). Mounted pre-auth in apps/api/src/index.ts neben unlisted/public. apps/api buildet (1769 modules, no TS errors). svelte-check: 0 errors in forms/. Forms-Modul ist End-to-End nutzbar — User legt Form an, publisht, setzt visibility=unlisted, kopiert Share-Link, externe Person füllt aus + sendet, Antwort landet im ResponsesView des Owners. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>		2026-04-29 00:44:42 +02:00
..
api	feat(forms): M3b public-submit endpoint — schließt den Public-Loop	2026-04-29 00:44:42 +02:00
calc/packages/shared	chore: delete 25 web-archived directories, remove stale stubs, clean workspace config	2026-04-03 13:03:49 +02:00
calendar	refactor(shared-tailwind): rewrite themes.css to single-layer shadcn convention	2026-04-09 01:13:06 +02:00
cards	chore(mobile): remove 6 of 7 mobile apps — keep only memoro	2026-04-20 15:31:47 +02:00
chat	chore(mobile): remove 6 of 7 mobile apps — keep only memoro	2026-04-20 15:31:47 +02:00
citycorners	chore: complete ManaCore → Mana rename (docs, go modules, plists, images)	2026-04-07 12:26:10 +02:00
contacts	refactor(shared-tailwind): rewrite themes.css to single-layer shadcn convention	2026-04-09 01:13:06 +02:00
docs	feat(ai): Mission Grant rollout gating — flag, alerts, runbook, user docs	2026-04-15 14:02:47 +02:00
food	refactor: rename nutriphi module to food (Essen)	2026-04-14 15:30:07 +02:00
guides	refactor(shared-tailwind): rewrite themes.css to single-layer shadcn convention	2026-04-09 01:13:06 +02:00
inventory	refactor(mana): rename inventar → inventory across the codebase	2026-04-09 15:50:24 +02:00
mana	feat(forms): M3b public-submit endpoint — schließt den Public-Loop	2026-04-29 00:44:42 +02:00
manavoxel	fix(type-check): clear the last five failures — monorepo type-check is now 76/76 green	2026-04-20 15:53:07 +02:00
memoro	chore(geocoding): remove Pelias + close 3 bypass paths to public Nominatim	2026-04-28 22:12:26 +02:00
moodlit	refactor(shared-tailwind): rewrite themes.css to single-layer shadcn convention	2026-04-09 01:13:06 +02:00
mukke	feat: rename ManaCore to Mana across entire codebase	2026-04-05 20:00:13 +02:00
news	refactor(shared-tailwind): rewrite themes.css to single-layer shadcn convention	2026-04-09 01:13:06 +02:00
photos	refactor: rename nutriphi module to food (Essen)	2026-04-14 15:30:07 +02:00
picture	chore(mobile): remove 6 of 7 mobile apps — keep only memoro	2026-04-20 15:31:47 +02:00
plants	refactor: rename planta → plants, clean up codebase	2026-04-12 18:59:44 +02:00
presi	fix(presi): wire up db:push for presi schema via @mana/api	2026-04-12 14:32:44 +02:00
questions	refactor(shared-tailwind): rewrite themes.css to single-layer shadcn convention	2026-04-09 01:13:06 +02:00
quotes/packages/content	fix(mana-llm): google-genai v1.73 keyword-only Part.from_text()	2026-04-16 12:47:23 +02:00
skilltree	chore: delete 25 web-archived directories, remove stale stubs, clean workspace config	2026-04-03 13:03:49 +02:00
storage	refactor(shared-tailwind): rewrite themes.css to single-layer shadcn convention	2026-04-09 01:13:06 +02:00
times	chore: complete ManaCore → Mana rename (docs, go modules, plists, images)	2026-04-07 12:26:10 +02:00
todo	fix(tsconfig): unblock shared-types consumers	2026-04-21 18:53:55 +02:00
traces	chore(mobile): remove 6 of 7 mobile apps — keep only memoro	2026-04-20 15:31:47 +02:00
uload	fix(type-check): clear the last five failures — monorepo type-check is now 76/76 green	2026-04-20 15:53:07 +02:00