Jitsi's built-in meetingintelligence toolbar button hit their paid API
(404). Replaced with customToolbarButtons entry that opens our own MI
page. Also serve favicon.png for /favicon.ico requests (was 503).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Guard SW controllerchange to only reload on updates (not first install),
remove duplicate SW registration from canvas.html, skip async module
fetch when shell already provided data, hide module-gated toolbar items
by default via CSS. Also collapse toolbar on click-off.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
rTime now pulls tasks from rTasks boards instead of maintaining its own
Task type. New WeavingDoc stores canvas overlay data (needs, position,
notes, links) while rTasks BoardDoc remains source of truth for task
metadata. 6 new /api/weave routes, updated connections/exec-state to
WeavingDoc, compat shims on legacy endpoints, task picker for unplaced
rTasks items, MCP tools updated (rtime_list_woven_tasks, rtime_place_task),
migration script for existing data.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Fix 401 errors on rNetwork by passing encryptid-token as Bearer auth
on /api/info, /api/graph, /api/workspaces fetch calls
- Add blender-multiuser replication server (multi-user-server:0.5.8)
to docker-compose with health check and resource limits
- Add Multiplayer tab to folk-blender shape with connection info,
server status check, and setup instructions
- Add /api/blender-multiuser/status endpoint for TCP health probe
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Restrict CORS to known rSpace domains (no more open wildcard)
- Add tiered rate limiting per IP (anon vs authenticated, per endpoint tier)
- UA filtering blocks scrapers/scanners, allows browsers and AI agents
- Prompt injection sanitization: strip MI_ACTION markers, system tags, and
known attack patterns from user-supplied content before LLM ingestion
- Space access control: private/permissioned spaces gate MI data to members
- Auth required on /triage, /execute-server-action, data-driven /suggestions
- MCP guard: require auth or agent UA for /api/mcp/*
- Anonymous WebSocket cap: max 3 per IP with proper cleanup on close
- Knowledge index + conversation memory gated to members+ (viewers get
public canvas data only)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Office documents dropped onto canvas or imported via rDocs are now converted
to Markdown using Microsoft's markitdown CLI. Canvas drops trigger triage;
rDocs imports create rich notes with the original file kept as an attachment.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
community-sync: remove DOM shapes that are deleted/forgotten from doc.
shell: treat user's saved tabs as authoritative over Automerge, pass
fromUserAction flag to reconcileRemoteLayers to allow intentional close-all.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add r<emoji> badges for rDocs, rDesign, rSheets, rTime, rGov, rAgents,
rExchange to both MODULE_BADGES and FAVICON_BADGE_MAP
- Add MODULE_CATEGORIES entries for all new modules
- Add "Govern" category for rGov
- Sort modules alphabetically within each function category
- Add sort toggle (By Function / A-Z) at bottom of sidebar, persisted
in localStorage
- Add star/pin button on each rApp — pinned items appear in a "Pinned"
section above "Recent", persisted in localStorage
- Fix rAuctions module ID: 'auctions' → 'rauctions' for consistency,
with alias in MODULE_ALIASES for backward compat
- Change rAuctions emoji from 🏛 to 🎭
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Replace the 265-line data dump (35 modules × 3 items) in MI system prompts
with a trigram-ranked knowledge index that surfaces only the top-18 most
relevant entries per query. Adds per-space conversation memory persisted
to disk for cross-session context.
New files:
- server/mi-trigrams.ts — trigram + Jaccard similarity utilities
- server/space-knowledge.ts — SpaceKnowledgeIndex with 5-min TTL cache
- server/space-memory.ts — SpaceMemory with debounced disk persistence
Changes:
- mi-routes.ts: ~280 lines removed, replaced with ranked index call
- sync-instance.ts: cache invalidation on doc changes
- rauctions/mod.ts: fix ModuleScoping type (defaultScope, userConfigurable)
- mcp-tools/ragents.ts: fix AccessResult property access (claims.username, claims.sub)
~80% token reduction per MI request (~6,300 → ~1,320 tokens).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Use the status_url returned by fal.ai submit instead of constructing
it manually. Add logging for submit success and poll HTTP errors to
debug Seedance queue status polling.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Moltbook-inspired agent exchange where members' MI agents can:
- Register with name, capabilities, and avatar per space
- Post to topic-based channels (general, packages, custom)
- Reply in threaded discussions
- Share structured JSON data packages alongside posts
- Upvote/downvote to surface the best contributions
Includes Automerge CRDT schemas, 9 REST API endpoints,
6 MCP tools, MI data query integration, and landing page.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Remove erroneous fal-ai/ prefix for bytedance models and fix fast
variant path (seedance-2.0/fast/ not seedance-2.0-fast/).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add Seedance 2.0 / 2.0 Fast to video gen with model selector UI,
duration/resolution/aspect-ratio/audio controls. Fix broken port
outputs on both video-gen and image-gen shapes so arrow connections
propagate generated content to downstream shapes. Add input port
listeners for prompt and image data flow.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The auth proxy only covered /api/auth/*, /api/register/*, /api/account/*
but the identity component also calls /api/session/verify, /api/session/refresh,
/api/guardians, /api/user/*, /api/device-link/*, /api/recovery/* — all of which
were hitting 404 on the rspace server. The session verify 404 was interpreted
as "session revoked", clearing localStorage and logging users out on every page
load after the 5-minute validation interval.
Also fix profile/recovery links in header that opened empty string (same-origin
root) instead of auth.rspace.online.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add per-object visibility levels (viewer/member/moderator/admin) across
all rSpace modules. Objects default to 'viewer' (open), so existing data
remains visible. Server-side GET handlers resolve caller role and filter;
MCP tools filter lists and check single-item access; frontend components
do defense-in-depth filtering with visibility picker (mod+) and lock badges.
- shared/membrane.ts: types + isVisibleTo, filterByVisibility, filterArrayByVisibility
- 9 schema files: visibility field on TaskItem, NoteItem, CalendarEvent, etc.
- 8 module routes: GET handlers filter by caller role
- 6 MCP tool files: list filtering + single-item visibility checks
- 4 frontend components: client filtering, picker, lock badges
- 18 unit tests (all passing)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- MI bar z-index lowered to 1 so dropdowns render above it; panel
gets z-index 10001 only when open
- SW registration URL bumped to v=8 to match cache version
- rtime: pool and weaving are now two separate scrollable sections
on mobile (50vh/60vh min-heights) with a "Commitment Weaving"
section header visible on constrained screens
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add /api/auth/*, /api/register/*, /api/account/* proxy routes to
rspace-online server, forwarding to encryptid container internally.
This eliminates cross-origin requests that Safari blocks via ITP or
Cloudflare security challenges.
- Change client auth URLs from https://auth.rspace.online to same-origin
in rstack-identity, rspace-header, login-button, and session modules.
- Add PRF extension try/catch fallback in webauthn.ts — Safari throws
TypeError on the unsupported PRF extension, now retries without it.
- Bump SW cache version v7→v8 to bust stale cached bundles.
Fixes passkey login for Safari/macOS users (e.g. christina) who were
getting "Network error when attempting to reach resource".
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Previously, visiting a private space on *.rspace.online without a session
redirected to rspace.online, causing a redirect loop after login. Now shows
the sign-in gate in-place so the user logs in and stays on the same page.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Adds always-visible home button in tab bar, toggleable dashboard overlay,
widget card system with 8 widgets (tasks, calendar, activity, members,
tools, quick actions, wallet, flows), customize mode with toggle/reorder,
and dashboard summary API endpoint.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Browser-side:
- Fix switchSpace() to LRU-evict idle space WebSocket connections (cap: 3)
- Add runtime.unsubscribe() to disconnectedCallback in 24 components
- Fix DocSyncManager.unsubscribe() to clean up syncStates, timers, listeners
- Fix 14 components leaking RAF loops, ResizeObservers, MutationObservers,
document/window listeners, setIntervals, MapLibre WebGL contexts, and
AbortControllers on disconnect
- Deduplicate Automerge WASM: module builds now use global shim from
shell-offline instead of bundling ~2.5MB each (8 modules affected)
Server-side:
- Add LRU eviction to SyncServer.#docs (cap: 500, evicts idle docs with
no subscribers, persists to disk before eviction)
- registerWatcher() now returns unsubscribe function
Data:
- Cap unbounded CRDT arrays: rexchange chatMessages (200), rcart events (200)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Phase 2-3 of the rNotes/rDocs split. Rewrites rNotes from a full TipTap
editor (~1800 lines) into a lightweight Obsidian/Logseq vault sync and
browse module (~560 lines). Rich editing features remain in rDocs.
rNotes vault browser:
- VaultDoc schema: metadata-only in Automerge (title, tags, hash, wikilinks)
- ZIP vault uploads stored on disk at /data/files/uploads/vaults/
- File tree browser, search, read-only markdown preview
- Wikilink graph data endpoint for visualization
- 5 MCP tools: list_vaults, browse_vault, search_vault, get_vault_note, sync_status
- Browser extension compat shim redirects old API calls to rDocs
Cleanup:
- Removed dead editor files from rnotes (converters, components, local-first-client)
- Updated MI integration to use getRecentVaultNotesForMI
- Updated ONTOLOGY.md with new module descriptions
- Bumped JS cache versions
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
New folk-makereal shape converts hand-drawn wireframes into functional
HTML/CSS using Gemini Flash 2.5 vision. Drawing canvas + live iframe
preview with framework selector (HTML/Tailwind/React), code view toggle,
and copy/open-tab actions.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The rsheet→rsheets rename was partially applied - server/index.ts
imported rsheets/mod but the files still lived at rsheet/. This
caused a crash on startup: "Cannot find module '../modules/rsheets/mod'".
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Adds Figma-style threaded comment markers anchored to data-collab-id
elements across all module pages. Comments stored in per-space Automerge
doc, synced via existing local-first stack. Bell is now context-aware
(canvas pins on canvas, module pins on module pages). Notifications
route through existing WS/push/email system with new module_comment
and module_mention event types.
New files: module-comment-types, module-comment-schemas,
rstack-module-comments component. Updated: shell, comment bell,
notification routes. Added data-collab-id to crowdsurf, rtime, rmeets.
Fixed pre-existing SKILL_LABELS import error in rtime/mod.ts.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Adds a ✕ button next to the + tab button that closes all open rApp tabs
and returns to the user dashboard. Shows a confirm() prompt with tab count
before proceeding.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Broadcasts in-app, push, and email notifications to all space members
when a comment pin is created or replied to. @mentioned users get their
specific mention notification instead (no double-notify). Fixes pre-existing
TS error in rtasks local-first-client (missing dueDate default).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Adds a small bug icon (bottom-right) that opens a modal to collect
errors, device info, comments, and optional screenshots, then emails
the report to jeff@jeffemmett.com via the existing SMTP transport.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The oven/bun:1-slim image lacks system CA certs, causing TLS verification
failures on outbound HTTPS for link-preview. Also implements the
/api/design-agent SSE endpoint — Gemini Flash tool loop driving the
Scribus bridge for DTP layout generation.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
HMAC-signed stateless tokens let external respondents vote on rChoices
polls or RSVP to rCal events via a single tap — no account required.
Routes mounted at /respond/:token bypass space auth. Typed EventAttendee
schema replaces unknown[] on CalendarEvent.attendees. Invite endpoints
on both modules generate tokens and optionally send email invitations.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Docker Engine 29.0.4 on Netcup requires minimum API version 1.44,
causing all sidecar starts (Blender, FreeCAD, KiCad, Ollama) to fail
with "client version 1.43 is too old".
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The clf space is private, so all API calls were getting 401'd by the
space access middleware before reaching the rtasks routes. Add
/rtasks/api/ to the public endpoint exemption list (like rwallet,
rdesign, rvote already are).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Root route now sends no-cache headers to bust stale 301s from the
rcal standaloneDomain mishap. Standalone domain redirects changed from
301 (permanent/browser-cached) to 302 (temporary) so misconfiguration
can never stick in user browsers again.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Ranking: replace broken :hover drop-target with getBoundingClientRect hit testing
- Spider: add #isSliding guard to prevent slider destruction during drag
- Video gen: bump timeout to 10min, show real fal.ai queue position/status
- Fix NotificationCategory type to include 'payment' in db.ts
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- rCal landing: strip inline style overrides, use standard rl-* CSS classes
- rCal mod: update standaloneDomain from rcal.online to rspace.online
- Info popup: change from per-rApp auto-show to global one-time auto-show
- Update banner: track dismissal in sessionStorage so it stops re-showing
on every page load within the same session (likely the "persistent banner")
- rpubs landing: fix stale rcart.online URLs → demo.rspace.online/rcart
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Community members post buy/sell intents for CRDT tokens (cUSDC, $MYCO, fUSDC)
against 8 fiat currencies. Bipartite solver matches intents every 60s. Escrow
via token-service burn/mint trio. Reputation scoring with badges. 14 API routes,
canvas shape with physics orbs, and landing page.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Module onInit functions (rvote, rtasks, rcal, etc.) call seedDemoIfEmpty
which checks the sync server for existing docs. Previously onInit ran
as an IIFE before loadAllDocs completed, so it always found empty docs
and re-seeded demo data — overwriting user deletions/changes. Now
onInit runs inside the loadAllDocs .then() chain, ensuring persisted
data is loaded before any seed checks run.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add internal endpoints for payment infrastructure integration:
- GET /api/internal/user-by-wallet — resolve wallet to email/username
- POST /api/internal/notify — trigger in-app notifications by wallet/DID
- Add 'payment' notification category and payment_sent/received event types
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
SMTP auth on port 587 was broken across all modules due to stale
credentials. Since rspace is on the mailcow Docker network, all 6
SMTP transports now use unauthenticated relay on port 25 when the
host is the internal postfix container. Fixes emails for: payment
receipts, space invitations, inbox approvals, agent notifications,
scheduled emails, and publication sharing.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The ascii-art service returns raw HTML, not JSON. Wrap response in
{html, text} JSON envelope and strip tags for plain text version.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add folk-ascii-gen canvas shape with pattern/palette selectors
- Add POST /api/ascii-gen proxy to ascii-art service
- Register create_ascii_art in canvas tools + triage panel
- Fix WAN 2.1 t2v endpoint URL (fal-ai/wan/v2.1 → fal-ai/wan-t2v)
- Convert video gen to async job queue (avoids Cloudflare timeouts)
- Fix Docker API Content-Type bug in sidecar-manager
- Convert scribus-novnc and open-notebook to on-demand sidecars
- Add ensureSidecar("scribus-novnc") to rDesign bridge proxy
- Fix Hono ContextVariableMap and handleTransakMessage type errors
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Audit and fix ~60 violations across 47 files where URLs were constructed
as /{space}/moduleId instead of /moduleId (subdomain provides the space).
- Add getModuleApiBase() helper to shared/url-helpers.ts
- Fix client components: use getModuleApiBase() for fetch URLs,
rspaceNavUrl() for navigation
- Fix server routes: use c.get("isSubdomain") for redirects and
JSON response URLs
- Fix OAuth callbacks (notion, google, clickup): subdomain-aware redirects
- Fix email notification URLs (rvote): use {space}.rspace.online format
- Fix webhook registration (rtasks/clickup): subdomain-aware endpoint URL
- Replace broken #getSpaceSlug() methods in folk-feed, folk-splat
- Replace NODE_ENV checks with proper isSubdomain checks (rdata, rnetwork)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Jeff Emmett
Jeff Emmett