Remove readonly and auto-focus the username webauthn input so mobile
browsers show passkey suggestions immediately when the sign-in modal
opens, matching the desktop experience.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add conditional mediation to sign-in modal so mobile browsers show
saved passkeys with usernames in the autofill area (desktop parity)
- Add publicWrite to rcred module so recompute route's own auth runs
instead of being blocked by the global write-access middleware
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add pool-out port to folk-commitment-pool, two new applets (weaving-coverage
for rTime, resource-coverage for rTasks), fetchLiveData polling in FolkApplet,
and canvas AI tool declarations for both new applets.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
One-click extraction of generated artifacts (images, videos, SVGs) from
generator tools into standalone canvas objects visible to all collaborators.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Fix 401 errors on rNetwork by passing encryptid-token as Bearer auth
on /api/info, /api/graph, /api/workspaces fetch calls
- Add blender-multiuser replication server (multi-user-server:0.5.8)
to docker-compose with health check and resource limits
- Add Multiplayer tab to folk-blender shape with connection info,
server status check, and setup instructions
- Add /api/blender-multiuser/status endpoint for TCP health probe
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Restrict CORS to known rSpace domains (no more open wildcard)
- Add tiered rate limiting per IP (anon vs authenticated, per endpoint tier)
- UA filtering blocks scrapers/scanners, allows browsers and AI agents
- Prompt injection sanitization: strip MI_ACTION markers, system tags, and
known attack patterns from user-supplied content before LLM ingestion
- Space access control: private/permissioned spaces gate MI data to members
- Auth required on /triage, /execute-server-action, data-driven /suggestions
- MCP guard: require auth or agent UA for /api/mcp/*
- Anonymous WebSocket cap: max 3 per IP with proper cleanup on close
- Knowledge index + conversation memory gated to members+ (viewers get
public canvas data only)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Registers rauctions as an embedded rSpace module that proxies the
standalone rauctions.online Next.js app. Includes hub page with active
auction listings, landing page, and MODULE_META entry for canvas display.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Store shape listener refs in Map, remove in unregisterShape() (critical leak)
- Compact Automerge history every 500 changes via clone() to cap WASM heap
- Clean shapeLastPos entries on shape removal
- Store outside-click handler ref, clean up in disconnectedCallback()
- Cap MI messages at 50 and prompt messages at 30 to prevent unbounded growth
- Store keep-alive interval handle
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
community-sync: remove DOM shapes that are deleted/forgotten from doc.
shell: treat user's saved tabs as authoritative over Automerge, pass
fromUserAction flag to reconcileRemoteLayers to allow intentional close-all.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add Seedance 2.0 / 2.0 Fast to video gen with model selector UI,
duration/resolution/aspect-ratio/audio controls. Fix broken port
outputs on both video-gen and image-gen shapes so arrow connections
propagate generated content to downstream shapes. Add input port
listeners for prompt and image data flow.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The auth proxy only covered /api/auth/*, /api/register/*, /api/account/*
but the identity component also calls /api/session/verify, /api/session/refresh,
/api/guardians, /api/user/*, /api/device-link/*, /api/recovery/* — all of which
were hitting 404 on the rspace server. The session verify 404 was interpreted
as "session revoked", clearing localStorage and logging users out on every page
load after the 5-minute validation interval.
Also fix profile/recovery links in header that opened empty string (same-origin
root) instead of auth.rspace.online.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add /api/auth/*, /api/register/*, /api/account/* proxy routes to
rspace-online server, forwarding to encryptid container internally.
This eliminates cross-origin requests that Safari blocks via ITP or
Cloudflare security challenges.
- Change client auth URLs from https://auth.rspace.online to same-origin
in rstack-identity, rspace-header, login-button, and session modules.
- Add PRF extension try/catch fallback in webauthn.ts — Safari throws
TypeError on the unsupported PRF extension, now retries without it.
- Bump SW cache version v7→v8 to bust stale cached bundles.
Fixes passkey login for Safari/macOS users (e.g. christina) who were
getting "Network error when attempting to reach resource".
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add switchable Holon/Graph views within the same shape instance.
Holon view retains the orbital 220° arc layout; Graph view renders
children as hexagons in a full 360° ring with radial labels. View
preference persists via serialization.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
New folk-holon-explorer shape unifying H3 geospatial holons and nested
rSpace spaces into a zoomable circular navigator with appreciation weight
normalization and MetatronGrid sacred geometry background. Endorsements
logged to trust engine via new POST /api/trust/endorse endpoint.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Shapes deleted (forgotten) by a user no longer reappear on reload —
forgottenBy[localDID] filtering in #applyDocToDOM and #applyPatchesToDOM
means one delete = gone permanently for that user while preserving CRDT
data for others.
IntersectionObserver on FolkShape base class defers heavy init (API calls,
iframes, feed polling) until shapes enter viewport (+500px margin),
reducing initial load from 100+ concurrent requests to ~5-10 visible.
Also: folk-rapp #getModulePath always uses subdomain routing (no subpath
fallback), and DID re-syncs on auth-change events.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Browser-side:
- Fix switchSpace() to LRU-evict idle space WebSocket connections (cap: 3)
- Add runtime.unsubscribe() to disconnectedCallback in 24 components
- Fix DocSyncManager.unsubscribe() to clean up syncStates, timers, listeners
- Fix 14 components leaking RAF loops, ResizeObservers, MutationObservers,
document/window listeners, setIntervals, MapLibre WebGL contexts, and
AbortControllers on disconnect
- Deduplicate Automerge WASM: module builds now use global shim from
shell-offline instead of bundling ~2.5MB each (8 modules affected)
Server-side:
- Add LRU eviction to SyncServer.#docs (cap: 500, evicts idle docs with
no subscribers, persists to disk before eviction)
- registerWatcher() now returns unsubscribe function
Data:
- Cap unbounded CRDT arrays: rexchange chatMessages (200), rcart events (200)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Phase 2-3 of the rNotes/rDocs split. Rewrites rNotes from a full TipTap
editor (~1800 lines) into a lightweight Obsidian/Logseq vault sync and
browse module (~560 lines). Rich editing features remain in rDocs.
rNotes vault browser:
- VaultDoc schema: metadata-only in Automerge (title, tags, hash, wikilinks)
- ZIP vault uploads stored on disk at /data/files/uploads/vaults/
- File tree browser, search, read-only markdown preview
- Wikilink graph data endpoint for visualization
- 5 MCP tools: list_vaults, browse_vault, search_vault, get_vault_note, sync_status
- Browser extension compat shim redirects old API calls to rDocs
Cleanup:
- Removed dead editor files from rnotes (converters, components, local-first-client)
- Updated MI integration to use getRecentVaultNotesForMI
- Updated ONTOLOGY.md with new module descriptions
- Bumped JS cache versions
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
FreeCAD, KiCad, and Blender shapes were permanently disabling the
generate button when their sidecar containers were stopped. Since these
are on-demand sidecars that start via ensureSidecar() when generate is
clicked, the health check should not disable the button.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
New folk-makereal shape converts hand-drawn wireframes into functional
HTML/CSS using Gemini Flash 2.5 vision. Drawing canvas + live iframe
preview with framework selector (HTML/Tailwind/React), code view toggle,
and copy/open-tab actions.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Implements $1 Unistroke Recognizer for detecting circles, rectangles,
triangles, lines, arrows, and checkmarks from freehand strokes. Detected
gestures are converted to clean geometric shapes with a confidence badge.
Fixes applyData() to restore strokes, prompt text, and generated images
from Automerge sync data, enabling collaborative drawing across clients.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Split layout: drawing canvas (left) + AI result (right)
- Prompt input with Generate button using /api/image-gen/img2img
- Auto-generate toggle: debounced generation after each stroke
- Provider selector (fal.ai / Gemini) and strength slider
- Loading spinner overlay with shimmer animation
- Image preloading before display for smooth transitions
- Port descriptors for folk-arrow connections (prompt, sketch, image)
- Wider default size (700x520) for split view
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Broadcasts in-app, push, and email notifications to all space members
when a comment pin is created or replied to. @mentioned users get their
specific mention notification instead (no double-notify). Fixes pre-existing
TS error in rtasks local-first-client (missing dueDate default).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Three client-side registration flows still had authenticatorAttachment: 'platform'
hardcoded, blocking Samsung Passkey and Linux users:
- lib/rspace-header.ts (main site header registration)
- shared/components/rstack-identity.ts (2 occurrences)
Also added server-side validation for missing userId in register/complete
to return 400 instead of crashing with TypeError.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Ranking: replace broken :hover drop-target with getBoundingClientRect hit testing
- Spider: add #isSliding guard to prevent slider destruction during drag
- Video gen: bump timeout to 10min, show real fal.ai queue position/status
- Fix NotificationCategory type to include 'payment' in db.ts
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Replace thin 4px progress bar on task nodes with a prominent 12px fuel
gauge showing committed (green) + proposed (amber) hours vs total needed.
When an orb is dropped on open canvas, auto-find nearest unfulfilled task
and show a pulsing preview wire with confirm/dismiss buttons — human
approval required before creating the connection.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Community members post buy/sell intents for CRDT tokens (cUSDC, $MYCO, fUSDC)
against 8 fiat currencies. Bipartite solver matches intents every 60s. Escrow
via token-service burn/mint trio. Reputation scoring with badges. 14 API routes,
canvas shape with physics orbs, and landing page.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Orb radius now uses 8-15% of basket radius with sqrt(hours) scaling
instead of fixed pixel sizes (18+hours*9). Prevents orbs from being
oversized on small baskets or undersized on large ones. Hover expansion
also scales proportionally (15% instead of fixed 5px).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add touch-action:none on canvas and preventDefault on pointerdown to
prevent the browser from claiming touch events for scroll/pan gestures.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add folk-ascii-gen canvas shape with pattern/palette selectors
- Add POST /api/ascii-gen proxy to ascii-art service
- Register create_ascii_art in canvas tools + triage panel
- Fix WAN 2.1 t2v endpoint URL (fal-ai/wan/v2.1 → fal-ai/wan-t2v)
- Convert video gen to async job queue (avoids Cloudflare timeouts)
- Fix Docker API Content-Type bug in sidecar-manager
- Convert scribus-novnc and open-notebook to on-demand sidecars
- Add ensureSidecar("scribus-novnc") to rDesign bridge proxy
- Fix Hono ContextVariableMap and handleTransakMessage type errors
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Audit and fix ~60 violations across 47 files where URLs were constructed
as /{space}/moduleId instead of /moduleId (subdomain provides the space).
- Add getModuleApiBase() helper to shared/url-helpers.ts
- Fix client components: use getModuleApiBase() for fetch URLs,
rspaceNavUrl() for navigation
- Fix server routes: use c.get("isSubdomain") for redirects and
JSON response URLs
- Fix OAuth callbacks (notion, google, clickup): subdomain-aware redirects
- Fix email notification URLs (rvote): use {space}.rspace.online format
- Fix webhook registration (rtasks/clickup): subdomain-aware endpoint URL
- Replace broken #getSpaceSlug() methods in folk-feed, folk-splat
- Replace NODE_ENV checks with proper isSubdomain checks (rdata, rnetwork)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Modules now declare their canvas shapes and AI tools (canvasShapes/canvasToolIds
on RSpaceModule), creating a single source of truth that the canvas enforces:
- Phase 1: Extended RSpaceModule + ModuleInfo, added moduleId to CanvasToolDefinition
with getToolsForModules() filter, added moduleOf() to ShapeRegistry, populated
declarations in 9 modules, fixed 8 ungated toolbar buttons (rchoices, rwallet, rsocials)
- Phase 2: AI prompt sends enabledModules, server filters Gemini tool declarations
- Phase 3: folk-commitment-pool and folk-task-request show lock overlay when rtime disabled
- Phase 4: Extracted MODULE_META into shared lib/module-display.ts
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Two new FolkShape subclasses enable drag-from-pool-to-task interactions on
the canvas. Orbs dragged from the commitment pool highlight matching skill
slots on task request cards and POST connections via the rTime API. Adds
commitment_requested notification type so commitment owners are notified
when their time is requested.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add folk-mermaid-gen web component: AI-powered diagram generation via
Ollama, client-side SVG preview via mermaid.js, animated GIF export via
mermaid.rspace.online API
- Register in canvas tools, toolbar, and shape registry
- Add role selector dropdown to share panel invite form (backend already
supports role parameter)
- Fix pre-existing TS errors: SankeyNode missing address field,
SpaceMember type mismatch in WebSocket auth fallback
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Remove Ollama model options (cold start timeouts via CF tunnel)
- Keep only Gemini Flash/Pro which are reliable cloud APIs
- Fix messages overflowing shape: min-height:0 on flex scroll container,
word-break on messages, max-width on pre blocks
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Disabled rApp modules now show a grayed lock overlay on the canvas
instead of loading their iframe/widget. Uses a static instance registry
so setEnabledModules() broadcasts to all live shapes immediately.
Re-enabling a module reloads its content.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Rendered 3D images now center-fit on load and support:
- Mouse wheel zoom (toward cursor)
- Click-drag pan (mouse, pen, touch)
- Pinch-to-zoom (multi-touch)
- Double-click to reset view
- Reset button on hover
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Expand MI system prompt "Available shape types" from 20 → 48 shapes,
organized by category (Core, AI, Creative, Social, Decisions, Travel,
Tokens, Geo, Video)
- Expand Shape Mapping Rules from 12 → 30 triage rules covering all
shape types with prop hints
- Expand KNOWN_TRIAGE_SHAPES from 15 → 48 so Gemini triage no longer
silently downgrades unknown shapes to folk-markdown
- Add 22 missing TOOL_HINTS to mi-tool-schema.ts (travel, tokens, CAD,
creative, geo, meta shapes) for keyword-based chip suggestions
- Add all 48 shapes to SHAPE_ICONS in mi-triage-panel.ts (was 13)
- Register folk-image-studio and folk-transaction-builder in canvas.html
(were ghost shapes — imported but never defined/registered)
- Add SHAPE_DEFAULTS for folk-social-thread/campaign/newsletter,
folk-design-agent, folk-image-studio
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add GET /api/threads, /api/threads/:id, /api/campaigns, /api/campaigns/:id
REST endpoints so other rApps can fetch rsocials data
- Register folk-social-thread/campaign/newsletter in MI triage panel,
tool schema, system prompt, and KNOWN_TRIAGE_SHAPES
- Add rsocials MODULE_PORTS (threads-out, campaigns-out, post-published,
campaign-data) and WIDGET_API to folk-rapp for embed/widget mode
- Add rsocials to folk-feed FEED_ENDPOINTS (threads, campaigns, newsletter)
and normalize response arrays (threads, campaigns, drafts)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Space invites: Convert both username-add and email-invite (existing user)
paths from direct-add to invite flow — creates space_invite via EncryptID,
sends invite email with Accept button, dispatches space_invite notification
with Accept/Decline buttons in the notification bell. No one gets forcefully
added to a space anymore.
rSocials content linking: All generated campaign content now links through
to actual editable content. Draft post cards in thread gallery are clickable
(thread editor or campaign view). Campaign manager post cards expand on click
and thread badges link to thread editor. Wizard success screen shows
individual thread links. CampaignPost schema gains threadId field, stored on
commit so posts maintain their thread association.
Also includes canvas social media tools, social shape components
(folk-social-thread, folk-social-campaign, folk-social-newsletter),
and MI context-aware suggestion registry.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
All CAD shapes (KiCad, FreeCAD, Blender) now retry health checks up to
3 times with 3s delay before disabling the generate button. Prevents
transient failures during container startup from permanently greying
out the button.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- KiCad, FreeCAD, Blender, Scribus: add .wrapper flex container with
height:100% + min-height:0 so content stays within element bounds
- KiCad assembler: regex fallback for non-JSON tool results (SVG, Gerber, PDF)
- Scribus image gen: actually write downloaded fal.ai images to disk
(was creating imagePath but never saving bytes)
- Mount rspace-files volume in scribus-novnc so generated images are
accessible from both containers
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Blender: add wrapper with height:100%, min-height:0 for flex shrink,
object-fit:contain on img — render stays within shape bounds.
FreeCAD: update assembleFreecadResult to scan all tool results for file
paths (.step, .stl, .png), not just execute_python_script JSON parsing.
Add preview PNG rendering instruction to system prompt. Add subdirectory
file serving routes for /data/files/generated/:subdir/:filename. Add
STEP/STL/SVG/PDF mime types.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Three-tier touch interaction on mobile canvas:
- Immediate drag on finger movement (8px threshold)
- Long press (500ms) selects shape with haptic feedback
- Extra long press (1000ms) opens context menu
- Cancel timers on movement or two-finger gesture
Skip pointerdown selection for touch events in canvas.html,
handle via touch-select custom event from folk-shape instead.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Replace minimal rDesign landing with full rl-* pattern (hero, features,
how-it-works, capabilities, open source, data protection, CTA)
- Add Scribus button to Create toolbar group in canvas (folk-design-agent)
- Export FolkDesignAgent from lib/index.ts, register in canvas.html
- Update module icon from 🎯 to 🎨 (matches favicon + MODULE_META)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Register rDesign in folk-rapp MODULE_META and shell FAVICON_BADGE_MAP
- Handle explicit presence-leave messages for immediate peer cleanup
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Mobile toolbar collapsed position now flush with bottom-toolbar (bottom: 8px)
- Toolbar defaults to collapsed on mobile (<768px)
- Zoom expand/minimize uses distinct icons (magnifier +/-) instead of CSS rotation
- SW update banner on all pages: "New version available — Tap to update"
- Detects controllerchange + updatefound events
- Purple gradient bar, dismissible, reloads on tap
- Added to both shell.ts (module pages) and canvas.html (standalone)
- folk-rapp: filter picker/switcher by enabled modules
- server/shell: react to modules-changed event for runtime module toggling
- collab-presence: minor overlay updates
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Jeff Emmett
Jeff Emmett