Commit Graph

64 Commits

Author SHA1 Message Date
Antigravity
e881004c77 feat(insights): fix DBSCAN, Persian embeddings crash, D3 physics layouts, and D3 node not found runtime error
Some checks failed
CI / Lint, Test & Build (push) Failing after 1m7s
CI / Deploy production (on server) (push) Has been skipped
2026-05-24 18:57:33 +00:00
Antigravity
e2672cd2c2 feat(notes): liens internes, onglet Réseau, living blocks et consentement IA
Some checks failed
CI / Lint, Test & Build (push) Failing after 1m19s
CI / Deploy production (on server) (push) Has been skipped
Rend les liens entre notes visibles et persistants (sync NoteLink au save, auto-save, graphe réseau rafraîchi), ajoute living blocks, Memory Echo, recherche globale, consentement IA explicite et consolide les prototypes design en architectural-grid.

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-05-24 14:27:29 +00:00
Antigravity
077e665dfc feat(cluster): implement cluster detection and bridge notes discovery
Add automatic note clustering using density-based algorithm (DBSCAN variant)
and bridge notes detection for connecting different thematic clusters.

Features:
- NoteCluster, ClusterMember, BridgeNote, BridgeSuggestion models
- Clustering service with pgvector cosine similarity
- Bridge notes detection (notes connecting >=2 clusters)
- AI-powered suggestions for missing cluster connections
- /insights page with React Flow visualization
- Cron endpoint for automatic recalculation

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-23 20:26:25 +00:00
Antigravity
10777b62b1 debug(chart): add cache logging to debug cache misses 2026-05-23 10:15:45 +00:00
Antigravity
af3a263a54 fix(chart): transaction mapping fix + add cache for suggestions
- Fix transaction.mapping.map usage - it returns a position, not mapping
- Add 5-minute in-memory cache for chart suggestions (max 50 entries)
- Cache key based on content hash + selection
- Significantly improves UX when re-analyzing same content

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-23 10:12:11 +00:00
Antigravity
d1395d9b81 fix(chart): show correct chart type in previews
- Use NoteChart directly with props instead of NoteChartFromCode
- Remove markdown ticks from chartSuggestionToMarkdown output
- Export NoteChart component for direct use in previews

Now the 3 suggestions correctly show different chart types.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-23 10:00:44 +00:00
Antigravity
18ffd76c1e fix(chart): improve error handling and color variety
- Add quotaExceeded flag to response for better error UX
- Show dedicated quota exceeded state with upgrade button
- Improve AI prompt to better detect data patterns
- Add chart type-specific colors (blue, indigo, emerald, violet, etc.)
- Replace generic primary/10 colors with varied accent colors

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-23 09:19:52 +00:00
Antigravity
a122a0eade feat(ai): add AI chart suggestions in TipTap editor
Implement slash command "/suggest-charts" that analyzes note content
and suggests 3 appropriate chart types with visual previews.

Created:
- chart-suggestion.tool.ts: AI tool for data extraction and chart recommendations
- suggest-charts/route.ts: API endpoint for chart suggestions
- chart-suggestion.service.ts: Frontend service layer
- chart-suggestions-dialog.tsx: Modal with 3 chart proposals and thumbnails
- tiptap-chart-extension.tsx: TipTap Node extension for rendering chart blocks

Modified:
- rich-text-editor.tsx: Added slash command, toolbar button, and dialog integration

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-23 08:58:46 +00:00
Antigravity
bfaacc557f fix(chart): simplify to single insert_chart tool that does everything
Some checks failed
CI / Lint, Test & Build (push) Failing after 15s
CI / Deploy production (on server) (push) Has been skipped
2026-05-22 18:30:11 +00:00
Antigravity
beca2c52c3 feat: add inline chart support for notes
Some checks failed
CI / Lint, Test & Build (push) Failing after 15s
CI / Deploy production (on server) (push) Has been skipped
- Add NoteChart component using Recharts (bar, line, area, pie, radar, funnel, gauge)
- Add generate_chart and insert_chart_in_note AI tools
- Add chart code block support in MarkdownContent (```chart ... ```)
- Support JSON and simple data formats (label: value)
- Add i18n translations for chart features

Chart syntax examples:
- JSON: ```chart {"type":"bar","data":[{"label":"A","value":10}]} ```
- Simple: ```chart\nbar\nSales Data\nJan: 120\nFeb: 150\n```

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-22 17:29:10 +00:00
Antigravity
5728452b4a feat: add slides generation tool with multiple slide types
Some checks failed
CI / Lint, Test & Build (push) Failing after 17s
CI / Deploy production (on server) (push) Has been skipped
- Add slides.tool.ts with support for title, bullets, chart, stats, table, cards, timeline, quote, comparison, equation, image, summary slide types
- Chart types: bar, horizontal-bar, line, donut, radar
- Integrate with agent executor and canvas system
- Add multilingual support (en/fr)
- Various UI improvements and bug fixes

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-22 17:18:48 +00:00
Antigravity
b935466480 fix: resolve Prisma 'vector' deserialization error and missing PDF canvas dependency
Some checks failed
CI / Lint, Test & Build (push) Failing after 5m29s
CI / Deploy production (on server) (push) Has been cancelled
2026-05-19 21:34:50 +00:00
Antigravity
6a8d0eb0a5 feat: embedding dimension validation + migration system
Some checks failed
CI / Lint, Test & Build (push) Failing after 8m1s
CI / Deploy production (on server) (push) Has been cancelled
- Add /api/admin/embeddings/dimension (GET column dim, POST test model dim)
- Add /api/admin/embeddings/migrate (alter column, clear, re-index)
- Admin form warns on dimension mismatch after save, offers migrate button
- Remove hardcoded 1536 from validate endpoint and embedding service
- Add validateDimension() utility to EmbeddingService
- Fix health route: import prisma correctly, use router instead of missing registry
- i18n keys for dimension warning (EN/FR)
2026-05-19 18:45:50 +00:00
Antigravity
878303a997 fix: resolve all 6 prefer-const eslint errors for CI
Some checks failed
CI / Lint, Test & Build (push) Failing after 5m33s
Deploy to Production / Build and Deploy (push) Has been cancelled
2026-05-16 22:47:38 +00:00
Antigravity
724474cb49 chore: remove dead code — 8 components, 5 libs, 4 API routes, 4 npm packages, 30+ scripts, dead CSS, dead exports
All checks were successful
Deploy to Production / Build and Deploy (push) Successful in 5s
Removed unused components:
- brainstorm-canvas, brainstorm-create-dialog, invite-dialog, manual-idea-dialog
- note-inline-editor, profile-page-header, quota-paywall, label-management-dialog

Removed dead lib files:
- api-auth.ts, color-harmony-recommendation.ts, label-storage.ts, modern-color-options.ts
- hooks/use-card-size-mode.ts

Removed dead API routes:
- ai/test-chat, ai/test-embeddings, ai/test-tags, admin/randomize-labels

Removed unused npm packages:
- cmdk, novel, tippy.js, react-force-graph-2d

Cleaned dead CSS from globals.css:
- acrylic-*, win11-shadow-*, muuri-grid/item, ai-glass, ai-tab-indicator, ai-send-btn, sidebar-view-toggle, memento-sidebar-depth

Removed 29 orphan scripts and 3 root orphan files

Cleaned dead exports from 8 lib files:
- NOTE_TYPE_CONFIG, getPublishableKey, PROVIDER_DEFAULTS, useNotes/useNote/invalidateNote, etc.
2026-05-16 20:34:58 +00:00
Antigravity
8c7ca69640 fix: brainstorm infinite loop, ghost cursor, embedding ::vector cast, semantic search, billing stats, usage meter accordion
All checks were successful
Deploy to Production / Build and Deploy (push) Successful in 5s
- Fix useBrainstormSocket: stable guestId via useRef, remove setState in cleanup
- Fix GhostCursor: direct DOM manipulation via refs, no useState re-renders
- Fix all SQL embedding queries: add ::vector cast on text columns
- Fix embedding truncation to 15000 chars (under 8192 token limit)
- Fix NoteEmbedding INSERT: remove non-existent updatedAt column
- Fix billing page: show all quota stats in grid instead of single metric
- Fix usage meter: accordion expand/collapse, per-feature detail
- Fix semantic search: rebuild 103 note embeddings, ::vector cast on vectorSearch
- Fix brainstorm expand/manual-idea/create: ::vector cast on embedding SQL
2026-05-16 18:50:34 +00:00
Antigravity
bd495be965 feat: design system overhaul — sidebar, AI chats, settings, brainstorm, color cleanup
All checks were successful
Deploy to Production / Build and Deploy (push) Successful in 12s
- Sidebar: dynamic brand-accent colors, brainstorm section restyled
- AI chat general: popup panel with expand/collapse, hides when contextual AI open
- AI chat contextual: tabs reordered (Actions first), X close button, height fix
- Settings: all tabs restyled, 6 new color presets (sage, terracotta, iron, etc.)
- Global color cleanup: emerald/orange hardcoded → brand-accent dynamic
- Brainstorm page: orange → brand-accent throughout
- PageEntry animation component added to key pages
- Floating AI button: bg-brand-accent instead of hardcoded black
- i18n: all 15 locales updated with new AI/billing keys
- Billing: freemium quota tracking, BYOK, stripe subscription scaffolding
- Admin: integrated into new design
- AGENTS.md + CLAUDE.md project rules added
2026-05-16 12:59:30 +00:00
Antigravity
1fcea6ed7d feat: brainstorm sessions, PDF document Q&A, embedding fixes, and UI improvements
All checks were successful
Deploy to Production / Build and Deploy (push) Successful in 7s
- Add brainstorm feature with collaborative canvas, AI idea generation, live cursors, playback, and export
- Add PDF upload/extraction/ingestion pipeline with pgvector document search (RAG)
- Add document Q&A overlay with streaming chat and PDF preview
- Add note attachments UI with status polling, grid layout, and auto-scroll
- Add task extraction AI tool and agent executor improvements
- Fix NoteEmbedding missing updatedAt column, re-index 66 notes with 1536-dim embeddings
- Fix brainstorm 'Create Note' button: add success toast and redirect to created note
- Fix memory echo notification infinite polling
- Fix chat route to always include document_search tool
- Add brainstorm i18n keys across all 14 locales
- Add socket server for real-time brainstorm collaboration
- Add hierarchical notebook selector and organize notebook dialog improvements
- Add sidebar brainstorm section with session management
- Update prisma schema with brainstorm tables, attachments, and document chunks
2026-05-14 17:43:21 +00:00
Antigravity
195e845f0a security: fix SQL injection in semantic search - use parameterized queries with bind params
All checks were successful
Deploy to Production / Build and Deploy (push) Successful in 5s
- Replace string interpolation in $queryRawUnsafe with bind params ($1, $2...)
- Add assertSafeId() validation for userId, notebookId, noteId
- ftsSearch: bind query, userId, notebookId as parameters
- vectorSearch: bind vector string, userId, notebookId, threshold as parameters
- indexNote: already used bind params, added noteId validation
- Fixes CRITICAL security audit finding #1
2026-05-12 11:51:40 +00:00
Antigravity
ff664f7523 fix: add missing await on reciprocalRankFusion call
All checks were successful
Deploy to Production / Build and Deploy (push) Successful in 5s
2026-05-12 10:53:34 +00:00
Antigravity
41596c2035 fix: openrouter provider fallback to CUSTOM_OPENAI_API_KEY when OPENROUTER_API_KEY missing
All checks were successful
Deploy to Production / Build and Deploy (push) Successful in 5s
2026-05-12 09:30:08 +00:00
Antigravity
4c1359ee39 Revert "fix: switch embedding dimension from 1536 to 2560 for qwen-embedding-4b"
All checks were successful
Deploy to Production / Build and Deploy (push) Successful in 4s
This reverts commit e09ea3a145.
2026-05-12 09:19:01 +00:00
Antigravity
e09ea3a145 fix: switch embedding dimension from 1536 to 2560 for qwen-embedding-4b
All checks were successful
Deploy to Production / Build and Deploy (push) Successful in 5s
2026-05-12 09:07:55 +00:00
Antigravity
03e6a62b80 feat: migrate semantic search to pgvector + full-text search
All checks were successful
Deploy to Production / Build and Deploy (push) Successful in 2m12s
Replace JSON-string embeddings with native pgvector(1536) storage and
add PostgreSQL full-text search (tsvector/GIN) with Reciprocal Rank Fusion
for hybrid keyword + semantic ranking.

Changes:
- NoteEmbedding.embedding: String → vector(1536) via pgvector
- NoteEmbedding: added updatedAt for reindex tracking
- Note: added tsv (tsvector) with auto-update trigger for FTS
- semantic-search.service: hybrid FTS + vector search with RRF fusion
- embedding.service: toVectorString() for pgvector SQL literals
- Removed JS-side cosine similarity loops (now DB-side via <=>)
- Added HNSW index on NoteEmbedding.embedding (cosine distance)
- Added GIN index on Note.tsv for FTS queries

Schema migration in: prisma/migrations/20260512120000_pgvector_and_fts_search/

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-12 07:03:56 +00:00
Antigravity
cf2786dec4 feat: integrate Google Gemini, MiniMax, and GLM providers; fix persistent agent loading toast
Some checks failed
Deploy to Production / Build and Deploy (push) Failing after 1m23s
2026-05-10 22:33:35 +00:00
Antigravity
330c0c61b6 feat: standardize UI theme, fix dark mode consistency, and implement editorial tags
All checks were successful
Deploy to Production / Build and Deploy (push) Successful in 1m24s
2026-05-10 18:43:13 +00:00
Antigravity
2fd435df6f feat: redesign agents page (architectural-grid style), add image description, fix AI limits, remove dead code
Some checks failed
Deploy to Production / Build and Deploy (push) Failing after 53s
- Redesign agents page with architectural-grid (8) design system:
  rounded-2xl cards, serif headings, motion tabs, dashed templates section
- Replace agent form popup with full-page detail view (SettingsView style)
  with dark planning card, section tooltips, and help button
- Hide advanced mode for slide/excalidraw generators
- Add 'describe images' action to contextual AI assistant
- Add copy button to action/resource preview with HTTP fallback
- Add delete history button to agent run log panel
- Increase AI word limit from 2000 to 5000 (reformulate + transform-markdown)
- Increase max steps slider from 25 to 50
- Fix image description error with clear model compatibility message
- Fix doubled execution count display in agent detail view
- Remove dead files: notes-list-view.tsx, notes-view-toggle.tsx
- Remove 'list' view mode from NotesViewMode type
- Add missing i18n keys (back, configuration, options, copy, cleared)
2026-05-09 17:18:47 +00:00
Antigravity
60a3fe5453 UI Stabilization: Global color theme updates (#75B2D6), AI Assistant styling refactor, and navigation fixes 2026-05-09 12:58:16 +00:00
Antigravity
97b08e5d0b feat: icon-only toolbar, versioning fixes, history modal, PanelRight repositioning
- Toolbar: remove text labels from all icon buttons (AI, Save, Preview, Convert)
  all buttons now icon-only with title tooltip for accessibility
- Toolbar: reposition PanelRight (info panel toggle) to far right after three-dot menu
- Versioning: decouple getNoteHistory/restoreNoteVersion from global userAISettings.noteHistory
  now checks note.historyEnabled directly — unblocks manual per-note history
- Versioning: add 'Sauvegarder cette version' button in Versions tab of info panel
  calls commitNoteHistory with visual feedback (spinner → success state)
- note-document-info-panel: import commitNoteHistory, add isSavingVersion state
- notes.ts: fix double guard that silently blocked all history operations
2026-05-09 07:28:03 +00:00
Antigravity
0d8252aec0 fix(ci): typings dagre (@types/dagre) et pptx (PptxGenJSModule, fill bullets)
All checks were successful
Deploy to Production / Build and Deploy (push) Successful in 2m8s
Corrige le typecheck Next Docker: module dagre sans .d.ts, et annotations
Presentation vs constructeur pptxgenjs.

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-05-05 22:04:07 +00:00
Antigravity
7326cfc98f fix: import type + lazy singleton pour dagre et pptxgenjs (Turbopack build)
Some checks failed
Deploy to Production / Build and Deploy (push) Failing after 23s
Co-authored-by: Cursor <cursoragent@cursor.com>
2026-05-05 21:48:54 +00:00
Antigravity
08a49a04ce fix: désactiver thinking mode DeepSeek pour fiabiliser le tool calling
Some checks failed
Deploy to Production / Build and Deploy (push) Failing after 23s
Co-authored-by: Cursor <cursoragent@cursor.com>
2026-05-05 21:37:55 +00:00
Antigravity
ab914f0587 fix: reasoning_content DeepSeek — retry avec maxSteps=1 si erreur thinking mode
Some checks failed
Deploy to Production / Build and Deploy (push) Failing after 23s
Co-authored-by: Cursor <cursoragent@cursor.com>
2026-05-05 21:33:16 +00:00
Antigravity
e7f28abccc fix(pptx): pre-fetch images server-side before passing to pptxgenjs
Some checks failed
Deploy to Production / Build and Deploy (push) Failing after 3s
pptxgenjs sur Node.js ne peut pas charger les URLs qui nécessitent une auth
ou des cookies. On fetch maintenant chaque imageUrl côté serveur et on la
convertit en data URI base64 avant d'appeler buildPresentation.
Si le fetch échoue (timeout 8s, 4xx/5xx), l'imageUrl est supprimée et
le placeholder texte s'affiche à la place.

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-05-05 20:57:29 +00:00
Antigravity
129d5541e6 feat(agents): refonte complète slide-generator + excalidraw-generator
Some checks failed
Deploy to Production / Build and Deploy (push) Failing after 3s
Slide generator (generate_pptx):
- Pivot vers génération PowerPoint natif (pptxgenjs) au lieu de Reveal.js HTML
- 4 nouveaux layouts diagramme : timeline, process, comparison, metrics
- 2 nouveaux layouts image : image-content (texte + image), image-full (plein cadre)
- Redesign visuel de tous les layouts (cover split, section full-bleed, header band)
- Palettes corrigées : bg blanc sur toutes les palettes, contrastes réels
- fit:shrink systématique sur tous les textes pour éviter les débordements
- Extraction automatique des images des notes (Markdown/HTML) et injection dans le prompt IA
- Prompt IA renforcé : impose "style" et "theme" explicitement dans le JSON, impose ≥2 layouts diagramme
- Fix overlap timeline : zones de texte calculées sans collision avec les cercles
- Notification agent mise à jour : bouton download .pptx au lieu d'ouvrir HTML

Excalidraw generator:
- Layout Dagre/ELK pour graphes auto-positionnés
- Styles visuels : coloré, austère, sketch-plus (Virgil font)
- Zones/containers pour architecture-cloud
- Sanitisation du graphe et métriques de qualité de layout

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-05-05 20:55:15 +00:00
Antigravity
718f4c6900 perf: optimize MCP server (O(1) auth, compact JSON, trashedAt fix) + memento-note performance (lazy loading, server-side filtering, XSS fixes, dead code removal, security hardening)
All checks were successful
Deploy to Production / Build and Deploy (push) Successful in 1m35s
MCP Server:
- Fix validateApiKey: O(1) direct lookup by shortId instead of loading all keys
- Add trashedAt:null filter to ALL note queries (trashed notes leaked in results)
- Compact JSON output (~40% smaller responses)
- Bounded session cache (Map with MAX_SESSIONS=500) to prevent memory leaks
- PostgreSQL connection pooling (connection_limit=10)
- Rewrite all 22 tool descriptions in clear English
- Fix /sse fallback to proper 307 redirect

memento-note Performance:
- loading=lazy on all note images
- Split notebooksRefreshKey from global refreshKey (note CRUD no longer re-fetches notebooks)
- Remove searchKey from trash count deps (no re-fetch on every keystroke)
- Server-side notebookId filter in getAllNotes() (biggest win)
- Skip collaborator fetch for non-shared notes (eliminates N+1 API calls)
- next/dynamic for MarkdownContent + 4 modals (code-split remark/rehype/KaTeX)
- Memoize DOMPurify sanitize with useMemo

Security:
- XSS: DOMPurify sanitize in note-card and note-history-modal
- Auth anti-enumeration: uniform errors in auth.ts
- CRON_SECRET mandatory on cron endpoints
- Rate limiting on login (5 attempts/min per email)
- Centralized API auth helpers (requireAuth/requireAdmin)
- randomize-labels changed GET→POST
- Removed debug endpoints (/api/debug/config, /api/debug/test-chat)

Cleanup:
- Removed dead code: .backup-keep, settings-backup, fix-*.js, debug-theme, fix-labels route
- Removed sensitive console.error in auth.ts
- Ollama fetchWithTimeout (30s/60s AbortController)
- i18n: full Arabic translation, Farsi missing keys
- Masonry drag-and-drop fix (localOrderMap, cross-section block)
- Sidebar notebook tooltip on truncation
2026-05-03 18:41:38 +00:00
54b7b4fcf1 fix(editor): custom image width parsing, fix image paste, add AI submenu features 2026-05-03 00:08:28 +02:00
e4ca7ba497 feat: slash menu navigation, removed gutter button, fixed AI richtext format, added image resize
All checks were successful
Deploy to Production / Build and Deploy (push) Successful in 44s
2026-05-02 23:31:40 +02:00
dc5f6b77d9 fix: note-input toolbar overflow and rename Assistant IA to IA Note
All checks were successful
Deploy to Production / Build and Deploy (push) Successful in 46s
2026-05-02 21:38:56 +02:00
Sepehr Ramezani
fcb5932d33 fix: agent notes default to markdown, add convert-to-rich-text option
All checks were successful
Deploy to Production / Build and Deploy (push) Successful in 45s
- Agent-created notes are now type 'markdown' by default (raw markdown content)
- Switching note type from markdown → richtext auto-converts content to HTML
  via /api/ai/convert-markdown endpoint using the existing markdownToHtml utility
- Users can freely switch between markdown and richtext in the note type selector

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-05-01 16:32:49 +02:00
Sepehr Ramezani
dbd49d6fcb feat: 8 AI providers, rich text editor, agent notifications, UI contrast & font settings
All checks were successful
Deploy to Production / Build and Deploy (push) Successful in 1m25s
- Add DeepSeek, OpenRouter, Mistral, Z.AI, LM Studio as AI providers
  with editable model names via Combobox in admin settings
- Fix OpenRouter broken by normalizeProvider bug in config.ts
- Convert agent-created notes from Markdown to HTML (TipTap rich text)
- Add Notification model + in-app notifications for agent results
- Agent notification click opens the created note directly
- Add note count display on notebook and inbox headers
- Fix checklist toggle in card view (persist state via localCheckItems)
- Add checklist creation option in tabs/list view (dropdown on + button)
- Fix image description ENOENT error with HTTP fallback
- Improve UI contrast across all themes (input, border, checkbox visibility)
- Add font family setting (Inter vs System Default) in Appearance settings
- Fix CSS font-sans variable conflict (removed dead Geist references)
- Update README with new features and 8 providers

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-05-01 16:14:07 +02:00
907dcf33d6 fix: increase reformulate word limit to 2000 + i18n error messages
Some checks failed
Deploy to Production / Build and Deploy (push) Failing after 4s
- Raise MAX_WORDS from 500 to 2000 for text reformulation
- Error messages now use i18n keys (ai.wordCountMin/Max) instead of
  hardcoded English strings
- Client translates server errors using the user's UI language

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-30 21:09:13 +02:00
fa72672aac security: fix critical auth gaps, SSRF, IDOR, and embedding error handling
Some checks failed
Deploy to Production / Build and Deploy (push) Failing after 39s
CRITICAL:
- Add auth + admin check to 10 unprotected API routes (test-*, debug/*,
  config, models, fix-labels)
- Add CRON_SECRET bearer auth to /api/cron/reminders (was fully open)
- Add SSRF protection to getOllamaModels (blocks private/internal IPs)

HIGH:
- Fix getAllLabels() missing userId filter (leaked all users' labels)
- Fix /api/labels OR clause leaking other users' labels
- Fix IDOR in toggleAgent/getAgentActions (add ownership check)
- Fix getEmbeddings() returning [] on error in all 5 providers (corrupted
  semantic search with NaN cosine similarity) — now throws instead

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-30 21:02:13 +02:00
07f8a60b69 fix: Ollama base URL not read from per-purpose config keys in Docker + i18n for all locales
All checks were successful
Deploy to Production / Build and Deploy (push) Successful in 44s
The admin form saves Ollama URLs as OLLAMA_BASE_URL_TAGS/EMBEDDING/CHAT,
but the factory only read OLLAMA_BASE_URL — causing 500 errors in Docker
where no localhost fallback exists.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-30 19:26:45 +02:00
a482aaaad6 fix: AI assistant in note-input still searches other notes when scoped to "this note"
When chatScope is "this note", the AI had access to note_search and note_read
tools which let it pull content from any note. Now these tools are excluded via
a webOnly flag in buildToolsForChat — only web_search/web_scrape remain if
the user toggled web search.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-30 19:10:20 +02:00
d91072ed6b feat: image AI titles (3 suggestions), describe-images action, pin/list fixes, i18n
All checks were successful
Deploy to Production / Build and Deploy (push) Successful in 44s
- Add image description service + API route for AI-powered image analysis
- Image title generation returns 3 selectable suggestions via TitleSuggestions component
- Add "Describe images" action in AI assistant (individual + collective)
- Fix pin refresh propagation in card and tabs view
- Fix note creation refresh in tabs mode, pass all notes to tabs view
- Add RTL support (dir="auto") on note content elements
- Pass UI language dynamically to AI endpoints instead of hardcoded 'fr'
- Add 18 missing i18n keys in both en.json and fr.json
- Sparkles button on images for AI title generation (bottom-right, pulse animation)

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-29 22:34:13 +02:00
0fbb8aa599 fix: serve uploaded images via API route (public/ is read-only in production)
All checks were successful
Deploy to Production / Build and Deploy (push) Successful in 42s
Next.js bakes public/ at build time — dynamically uploaded files were
never served in Docker standalone mode. Store uploads in data/uploads/
and serve via /api/uploads/ with a rewrite for backward compatibility.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-27 22:56:22 +02:00
ae89f8a014 feat: chat stop button, image paste, vision AI, search fixes
All checks were successful
Deploy to Production / Build and Deploy (push) Successful in 43s
- Add stop button to all chat interfaces (floating, contextual, full-page)
- Add conversation sliding window (50 messages) to prevent context overflow
- Add chat timeout warning (30s toast)
- Force response language in chat system prompt (mandatory per-locale)
- Add image paste from clipboard in all note editors (card, list, input)
- Fix upload API to infer extension from MIME type for clipboard images
- Add image description support in note AI chat (base64 vision)
- Fix search regex crash on special characters (escape user input)
- Fix search case-insensitivity on PostgreSQL (mode: 'insensitive')
- Add try/catch around semantic search in chat route (prevent blocking)
- Add new chat button to floating AI assistant
- Fix empty thinking bubbles for reasoning models (filter non-text parts)
- Remove duplicate AI assistant toggle from note editor header
- Improve link metadata scraping (timeout, content-type check, relative URLs)

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-27 22:34:07 +02:00
3b8152c7c0 fix: use AI SDK + language detection for label suggestions
All checks were successful
Deploy to Production / Build and Deploy (push) Successful in 43s
Same pattern as TitleSuggestionService: getModel() + generateText
with system/user prompts. LanguageDetectionService (tinyld) auto-detects
note content language. Labels now match note language (Persian note → Persian labels).

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-27 21:11:55 +02:00
c7e654afa6 fix: auto-detect note language for label suggestions (like title suggestions)
All checks were successful
Deploy to Production / Build and Deploy (push) Successful in 44s
Use LanguageDetectionService (tinyld) to detect the language of note
content, same pattern as TitleSuggestionService. No more hardcoded
per-language prompts — single prompt with detected language injected.
Labels now match the note content language (e.g. Persian note → Persian labels).

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-27 20:56:46 +02:00