Commit Graph

12 Commits

Author SHA1 Message Date
Antigravity
0311c97a35 fix: add /health endpoint before auth middleware for Docker healthcheck (was 401 with MCP_REQUIRE_AUTH=true)
All checks were successful
Deploy to Production / Build and Deploy (push) Successful in 16s
2026-05-03 19:45:27 +00:00
Antigravity
718f4c6900 perf: optimize MCP server (O(1) auth, compact JSON, trashedAt fix) + memento-note performance (lazy loading, server-side filtering, XSS fixes, dead code removal, security hardening)
All checks were successful
Deploy to Production / Build and Deploy (push) Successful in 1m35s
MCP Server:
- Fix validateApiKey: O(1) direct lookup by shortId instead of loading all keys
- Add trashedAt:null filter to ALL note queries (trashed notes leaked in results)
- Compact JSON output (~40% smaller responses)
- Bounded session cache (Map with MAX_SESSIONS=500) to prevent memory leaks
- PostgreSQL connection pooling (connection_limit=10)
- Rewrite all 22 tool descriptions in clear English
- Fix /sse fallback to proper 307 redirect

memento-note Performance:
- loading=lazy on all note images
- Split notebooksRefreshKey from global refreshKey (note CRUD no longer re-fetches notebooks)
- Remove searchKey from trash count deps (no re-fetch on every keystroke)
- Server-side notebookId filter in getAllNotes() (biggest win)
- Skip collaborator fetch for non-shared notes (eliminates N+1 API calls)
- next/dynamic for MarkdownContent + 4 modals (code-split remark/rehype/KaTeX)
- Memoize DOMPurify sanitize with useMemo

Security:
- XSS: DOMPurify sanitize in note-card and note-history-modal
- Auth anti-enumeration: uniform errors in auth.ts
- CRON_SECRET mandatory on cron endpoints
- Rate limiting on login (5 attempts/min per email)
- Centralized API auth helpers (requireAuth/requireAdmin)
- randomize-labels changed GET→POST
- Removed debug endpoints (/api/debug/config, /api/debug/test-chat)

Cleanup:
- Removed dead code: .backup-keep, settings-backup, fix-*.js, debug-theme, fix-labels route
- Removed sensitive console.error in auth.ts
- Ollama fetchWithTimeout (30s/60s AbortController)
- i18n: full Arabic translation, Farsi missing keys
- Masonry drag-and-drop fix (localOrderMap, cross-section block)
- Sidebar notebook tooltip on truncation
2026-05-03 18:41:38 +00:00
49e076a4bb refactor: remove dangerous, AI proxy, and API key tools from MCP server
- Remove delete_all_notes, 11 AI proxy tools, 3 API key management tools
- Clean up unused imports (auth helpers, resolveUser, clearAuthCaches)
- Remove fetchWithTimeout helper and appBaseUrl option (no longer needed)
- Update tool counts in health endpoint and startup banner (37 → 22 tools)
- Keep only CRUD notes/notebooks/labels + reminders + search/export/import

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-26 16:15:50 +02:00
2f1837560b fix: align MCP server schema with memento-note + per-request user isolation
All checks were successful
Deploy to Production / Build and Deploy (push) Successful in 12s
- Remove `embedding` column from MCP Note model (dropped by migration 20260425120000)
- Add missing columns: trashedAt, dismissedFromRecent, contentUpdatedAt, cardSizeMode
- Add NoteEmbedding model and Label.notebook relation
- Use AsyncLocalStorage to pass authenticated userId from API key to tool handlers
- Enable SSE mode and auth in docker-compose for N8N integration

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-26 14:44:01 +02:00
Sepehr Ramezani
cff36d9619 fix: MCP server Docker deployment, healthchecks, and minor fixes
MCP server:
- Fix Prisma imports from stale client-generated path to @prisma/client
- Switch schema from SQLite to PostgreSQL for Docker compatibility
- Add prisma generate step to Dockerfile with proper binaryTargets
- Include index-sse.js in Docker build (was excluded by .dockerignore)
- Install openssl and libc6-compat in Alpine image for Prisma runtime

Docker:
- Fix memento-note healthcheck (wget unavailable in bullseye-slim)

Minor fixes:
- scrape.service SSRF protection, middleware route coverage
- canvas-board and note-input type fixes
- next.config turbopack and devIndicators adjustments

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-04-21 22:22:02 +02:00
Sepehr Ramezani
e4d4e23dc7 chore: clean up repo for public release
- Remove BMAD framework, IDE configs, dev screenshots, test files,
  internal docs, and backup files
- Rename keep-notes/ to memento-note/
- Update all references from keep-notes to memento-note
- Add Apache 2.0 license with Commons Clause (non-commercial restriction)
- Add clean .gitignore and .env.docker.example
2026-04-20 22:48:06 +02:00
Sepehr Ramezani
cb8bcd13ba perf: Phase 1+2+3 — Turbopack, Prisma select, RSC page, CSS masonry + dnd-kit
- Turbopack activé (dev: next dev --turbopack)
- NOTE_LIST_SELECT: exclut embedding (~6KB/note) des requêtes de liste
- getAllNotes/getNotes/getArchivedNotes/getNotesWithReminders optimisés
- searchNotes: filtrage DB-side au lieu de full-scan JS en mémoire
- getAllNotes: requêtes ownNotes + sharedNotes parallélisées avec Promise.all
- syncLabels: upsert en transaction () vs N boucles séquentielles
- app/(main)/page.tsx converti en Server Component (RSC)
- HomeClient: composant client hydraté avec données pré-chargées
- NoteEditor/BatchOrganizationDialog/AutoLabelSuggestionDialog: lazy-loaded avec dynamic()
- MasonryGrid: remplace Muuri par CSS grid auto-fill + @dnd-kit/sortable
- 13 packages supprimés: muuri, web-animations-js, react-masonry-css, react-grid-layout
- next.config.ts nettoyé: suppression webpack override, activation image optimization
2026-04-17 21:39:21 +02:00
Sepehr Ramezani
2eceb32fd4 chore: snapshot before performance optimization 2026-04-17 21:14:43 +02:00
Sepehr Ramezani
fa7e166f3e feat: add reminders page, BMad skills upgrade, MCP server refactor
- Add reminders page with navigation support
- Upgrade BMad builder module to skills-based architecture
- Refactor MCP server: extract tools and auth into separate modules
- Add connections cache, custom AI provider support
- Update prisma schema and generated client
- Various UI/UX improvements and i18n updates
- Add service worker for PWA support

Made-with: Cursor
2026-04-13 21:02:53 +02:00
ddb67ba9e5 fix: unify theme system - fix theme switching persistence
- Unified localStorage key to 'theme-preference' across all components
- Fixed header.tsx using wrong localStorage key ('theme' instead of 'theme-preference')
- Added localStorage hybrid persistence for instant theme changes
- Removed router.refresh() which was causing stale data revert
- Replaced Blue theme with Sepia
- Consolidated auth() calls to prevent race conditions
- Updated UserSettingsData types to include all themes
2026-01-18 22:33:41 +01:00
f0b41572bc feat: Memento avec dates, Markdown, reminders et auth
Tests Playwright validés :
- Création de notes: OK
- Modification titre: OK
- Modification contenu: OK
- Markdown éditable avec preview: OK

Fonctionnalités:
- date-fns: dates relatives sur cards
- react-markdown + remark-gfm
- Markdown avec toggle edit/preview
- Recherche améliorée (titre/contenu/labels/checkItems)
- Reminder recurrence/location (schema)
- NextAuth.js + User/Account/Session
- userId dans Note (optionnel)
- 4 migrations créées

Ready for production + auth integration
2026-01-04 16:04:24 +01:00
8d95f34fcc fix: Add debounced Undo/Redo system to avoid character-by-character history
- Add debounced state updates for title and content (500ms delay)
- Immediate UI updates with delayed history saving
- Prevent one-letter-per-undo issue
- Add cleanup for debounce timers on unmount
2026-01-04 14:28:11 +01:00