Commits · 8cdcd7b28410be6b0b081ef1f21f656a5f3112f8 · Vũ Hoàng Anh / canifa_note

10 Apr, 2026 2 commits

refactor(attachments): extract visual gallery layout and tile style tokens · 8cdcd7b2
boojack authored Apr 10, 2026

8cdcd7b2

fix: preserve draft content when tab is suspended or editor remounts · 9ca71229

boojack authored Apr 10, 2026

Gate auto-save on initialization to prevent empty content from overwriting
cached drafts on remount. Flush drafts synchronously on visibilitychange/
pagehide so Chromium tab suspension cannot drop pending debounced saves.
Restore cached draft over saved memo content when they differ (inline editing).

9ca71229

08 Apr, 2026 3 commits
- refactor: move embedded content styles from global CSS to Tailwind · 938c405b
  boojack authored Apr 08, 2026
  
  938c405b
- chore: refactor attachment media layout and insert menu organization · 124708f1
  boojack authored Apr 08, 2026
  
  124708f1
- fix: harden memo content iframe and HTML sanitization · 7e21b728
  boojack authored Apr 08, 2026
  
  7e21b728
07 Apr, 2026 3 commits
- refactor(attachments): compact audio item layout and playback logic · 2d682ae1
  boojack authored Apr 07, 2026
```
Made-with: Cursor
```
  2d682ae1
- Polish share-as-image UI and sidebar sharing actions · 5b78023f
  boojack authored Apr 07, 2026
```
Made-with: Cursor
```
  5b78023f
- feat(memo-editor): add compact live waveform recorder panel (#5817) · e51985a2
  boojack authored Apr 07, 2026
  
  e51985a2
06 Apr, 2026 16 commits
- chore(web): polish dark theme and calendar UI · 61c96384
  boojack authored Apr 06, 2026
```
- simplify ActivityCalendar state handling and shared max-count utilities
- remove calendar ring styling and darken the default dark theme primary colors
- tighten the audio recorder panel layout and action sizing
```
  61c96384
- feat(mentions): add memo mention parsing, notifications, and rendering (#5811) · 24fc8ab8
  memoclaw authored Apr 06, 2026
```
Co-authored-by: memoclaw <265580040+memoclaw@users.noreply.github.com>
```
  24fc8ab8
- feat(memo): add image sharing in detail view · 38fc22b7
  boojack authored Apr 06, 2026
```
Keep the unpublished image-sharing flow scoped to memo detail pages.

- add a dedicated share-image preview and export pipeline
- measure the rendered memo card so preview and exported image stay aligned
- move the entry point into the detail sidebar and drawer only
```
  38fc22b7
- refactor(attachments): simplify the attachment library · 2cbc7076
  boojack authored Apr 06, 2026
```
- split attachment page states and primitives into focused components
- unify card and list item presentation across media, audio, documents, and unused uploads
- move attachment paging and cleanup flows onto shared query and view-model hooks
```
  2cbc7076
- fix(map): align dark mode map styling · 7ac9989d
  boojack authored Apr 06, 2026
  
  7ac9989d
- chore: update locale translations for new i18n entries · 15d8ec10
  boojack authored Apr 06, 2026
  
  15d8ec10
- chore: refactor memo editor audio recording flow · 067d7ff0
  boojack authored Apr 06, 2026
  
  067d7ff0
- fix: normalize attachment MIME types before validation · c3e7e2c3
  boojack authored Apr 06, 2026
  
  c3e7e2c3
- fix: improve image preview dialog and live photo trigger · aafcc21a
  boojack authored Apr 06, 2026
  
  aafcc21a
- fix: unify live photo previews around LIVE badge playback · 6b0487dc
  boojack authored Apr 06, 2026
  
  6b0487dc
- fix: backend tests action · 065e8174
  boojack authored Apr 06, 2026
  
  065e8174
- refactor: move plugin packages under internal · 10a955fd
  boojack authored Apr 06, 2026
  
  10a955fd
- feat(attachments): add Live Photo and Motion Photo support (#5810) · 4b4e7194
  boojack authored Apr 06, 2026
  
  4b4e7194
- fix(map): refine Leaflet controls and memo map styling · 894b3eb0
  boojack authored Apr 06, 2026
  
  894b3eb0
- fix(api): tolerate missing related users in memo conversions (#5809) · 25feef3a
  boojack authored Apr 06, 2026
  
  25feef3a
- docs(agents): align contributor guidance with current CI workflows (#5808) · 87d411bc
  boojack authored Apr 06, 2026
  
  87d411bc
02 Apr, 2026 2 commits
- refactor: simplify memo metadata components · f403f8c0
  memoclaw authored Apr 02, 2026
  
  f403f8c0
- refactor: simplify audio attachment playback component · 0e4d2d25
  memoclaw authored Apr 02, 2026
  
  0e4d2d25
01 Apr, 2026 4 commits
- i18n: complete Turkish (tr) translations to 100% coverage (#5802) · 9676e725
  Serhat authored Apr 01, 2026
```
Signed-off-by: Serhat <49079271+onwp@users.noreply.github.com>
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
```
  9676e725
- feat(editor): add voice note recording to the memo composer (#5801) · c0d5854f
  memoclaw authored Apr 01, 2026
```
Co-authored-by: memoclaw <265580040+memoclaw@users.noreply.github.com>
```
  c0d5854f
- fix(web): refine attachment media layout · a0d83e1a
  memoclaw authored Apr 01, 2026
  
  a0d83e1a
- chore: update security.md · cdbe40a3
  memoclaw authored Apr 01, 2026
  
  cdbe40a3
31 Mar, 2026 4 commits
- refactor: split audio attachment view into reusable components · 63a17d89
  memoclaw authored Mar 31, 2026
  
  63a17d89
- fix(tags): allow blur-only tag metadata (#5800) · 1921b576
  memoclaw authored Mar 31, 2026
```
Co-authored-by: memoclaw <265580040+memoclaw@users.noreply.github.com>
```
  1921b576
- chore: add rc release handling · 201c8a8e
  boojack authored Mar 31, 2026
  
  201c8a8e
- fix(filter): enforce CEL syntax semantics · 0e89407e
  boojack authored Mar 31, 2026
```
Reject non-standard truthy numeric expressions in filters and document the parser as a supported subset of standard CEL syntax.

- remove legacy filter rewrites
- support standard equality in tag exists predicates
- add regression coverage for accepted and rejected expressions
```
  0e89407e
30 Mar, 2026 4 commits
- chore: harden MCP access control and origin validation · d3f6e8ee
  boojack authored Mar 30, 2026
  
  d3f6e8ee
- chore: add migration upgrade coverage (#5796) · 7c708ee2
  boojack authored Mar 30, 2026
  
  7c708ee2
- fix: prevent stale comment drafts from being restored · e520b637
  memoclaw authored Mar 30, 2026
  
  e520b637
- fix(webhooks): trigger memo updates for attachment and relation changes (#5795) · acbc914d
  memoclaw authored Mar 30, 2026
```
Co-authored-by: memoclaw <265580040+memoclaw@users.noreply.github.com>
```
  acbc914d
29 Mar, 2026 1 commit

fix(lint): correct goimports struct literal alignment after removing... · 9610ed8f

memoclaw authored Mar 29, 2026

fix(lint): correct goimports struct literal alignment after removing write-only credential fields (#5794)
Co-authored-by: Claude <noreply@anthropic.com>

9610ed8f

28 Mar, 2026 1 commit

fix(api): make credentials write-only and restrict sensitive settings to admins · 9d3a74bc

memoclaw authored Mar 28, 2026

Security fixes for credential leakage across three resources:

- NOTIFICATION setting: restrict GetInstanceSetting to admin-only
  (was publicly accessible, exposing SMTP credentials)
- SMTP password: never return SmtpPassword in API responses (write-only)
- S3 secret: never return AccessKeySecret in API responses (write-only)
- OAuth2 ClientSecret: never return in API responses for any role
  (was previously returned to admins); remove redactIdentityProviderResponse
  in favor of omitting the field at the conversion layer
- Preserve-on-empty: when updating settings with an empty credential
  field, preserve the existing stored value instead of overwriting
  (applies to SmtpPassword, AccessKeySecret, and ClientSecret)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

9d3a74bc