rspace.online/{moduleId} was rewriting to /demo/{moduleId}, serving the
internal nav hub. Now calls renderModuleLanding() with the module's rich
landing page when available, falling back to demo rewrite otherwise.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
When switching rApps from the dropdown, TabCache now requests
?fragment=1 which returns a lightweight JSON payload (~200 bytes)
instead of re-rendering the full 2000-line shell HTML template.
This eliminates server-side shell rendering and client-side
DOMParser overhead. Also prefetches fragments on hover.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Expand MI system prompt "Available shape types" from 20 → 48 shapes,
organized by category (Core, AI, Creative, Social, Decisions, Travel,
Tokens, Geo, Video)
- Expand Shape Mapping Rules from 12 → 30 triage rules covering all
shape types with prop hints
- Expand KNOWN_TRIAGE_SHAPES from 15 → 48 so Gemini triage no longer
silently downgrades unknown shapes to folk-markdown
- Add 22 missing TOOL_HINTS to mi-tool-schema.ts (travel, tokens, CAD,
creative, geo, meta shapes) for keyword-based chip suggestions
- Add all 48 shapes to SHAPE_ICONS in mi-triage-panel.ts (was 13)
- Register folk-image-studio and folk-transaction-builder in canvas.html
(were ghost shapes — imported but never defined/registered)
- Add SHAPE_DEFAULTS for folk-social-thread/campaign/newsletter,
folk-design-agent, folk-image-studio
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add GET /api/threads, /api/threads/:id, /api/campaigns, /api/campaigns/:id
REST endpoints so other rApps can fetch rsocials data
- Register folk-social-thread/campaign/newsletter in MI triage panel,
tool schema, system prompt, and KNOWN_TRIAGE_SHAPES
- Add rsocials MODULE_PORTS (threads-out, campaigns-out, post-published,
campaign-data) and WIDGET_API to folk-rapp for embed/widget mode
- Add rsocials to folk-feed FEED_ENDPOINTS (threads, campaigns, newsletter)
and normalize response arrays (threads, campaigns, drafts)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Space invites: Convert both username-add and email-invite (existing user)
paths from direct-add to invite flow — creates space_invite via EncryptID,
sends invite email with Accept button, dispatches space_invite notification
with Accept/Decline buttons in the notification bell. No one gets forcefully
added to a space anymore.
rSocials content linking: All generated campaign content now links through
to actual editable content. Draft post cards in thread gallery are clickable
(thread editor or campaign view). Campaign manager post cards expand on click
and thread badges link to thread editor. Wizard success screen shows
individual thread links. CampaignPost schema gains threadId field, stored on
commit so posts maintain their thread association.
Also includes canvas social media tools, social shape components
(folk-social-thread, folk-social-campaign, folk-social-newsletter),
and MI context-aware suggestion registry.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
One-shot migration to fix visibility for spaces that were changed
by stale client sync. Also imports updateSpaceMeta in index.ts.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Automerge CRDT sync could overwrite space visibility when a client
with a stale cached doc reconnects and merges. Now the server
snapshots visibility and ownerDID before processing sync messages
and reverts any client-side changes to these fields.
These fields can only be changed through the authenticated API
(PATCH /api/spaces/:slug), not through CRDT sync.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add ?v=4 to all SW registration URLs to bypass stale CF CDN cache
- Set Cache-Control: no-cache for sw.js and manifest.json so future
SW updates are never blocked by CDN caching
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Cloudflare was caching sw.js for 4 hours (default JS caching),
preventing service worker updates from reaching clients.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- KiCad, FreeCAD, Blender, Scribus: add .wrapper flex container with
height:100% + min-height:0 so content stays within element bounds
- KiCad assembler: regex fallback for non-JSON tool results (SVG, Gerber, PDF)
- Scribus image gen: actually write downloaded fal.ai images to disk
(was creating imagePath but never saving bytes)
- Mount rspace-files volume in scribus-novnc so generated images are
accessible from both containers
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Blender: add wrapper with height:100%, min-height:0 for flex shrink,
object-fit:contain on img — render stays within shape bounds.
FreeCAD: update assembleFreecadResult to scan all tool results for file
paths (.step, .stl, .png), not just execute_python_script JSON parsing.
Add preview PNG rendering instruction to system prompt. Add subdirectory
file serving routes for /data/files/generated/:subdir/:filename. Add
STEP/STL/SVG/PDF mime types.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
MI now loads space doc to filter module list, capabilities, and fallback
by enabledModules. Canvas fetches /api/modules and space modules in
parallel via Promise.all, calling setModules once with filtered list.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
EEVEE needs GPU; Cycles CPU works headless. Added libegl1, libgl1-mesa-dri,
libglx-mesa0 to Dockerfile. Updated Gemini prompt to specify Cycles engine
with 64 samples.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
When a module script (e.g. canvas-*.js) fails to load (502 during
deploy, network error), the pane stayed in cache with a blank canvas.
Subsequent tab switches showed the broken cached pane instead of
re-fetching. Now script onerror removes the failed tag and evicts
the pane, so the next switchTo does a fresh fetch.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Extract autoShowIfFirstVisit() so it runs both on initial page load
and on SPA tab switches. Uses localStorage rapp_info_seen_{moduleId}
to ensure each rApp's landing popup shows exactly once.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
SSE transport crashes on concurrent connections (supergateway
single-session limit). StreamableHTTP supports multiple sessions.
Also set KICAD_PYTHON=/usr/bin/python3 for existsSync validation
and install missing requests package.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Server now relays presence-leave alongside presence messages for immediate peer removal
- Overlay properly unsubscribes leave listener on disconnectedCallback
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Register rDesign in folk-rapp MODULE_META and shell FAVICON_BADGE_MAP
- Handle explicit presence-leave messages for immediate peer cleanup
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Mobile toolbar collapsed position now flush with bottom-toolbar (bottom: 8px)
- Toolbar defaults to collapsed on mobile (<768px)
- Zoom expand/minimize uses distinct icons (magnifier +/-) instead of CSS rotation
- SW update banner on all pages: "New version available — Tap to update"
- Detects controllerchange + updatefound events
- Purple gradient bar, dismissible, reloads on tap
- Added to both shell.ts (module pages) and canvas.html (standalone)
- folk-rapp: filter picker/switcher by enabled modules
- server/shell: react to modules-changed event for runtime module toggling
- collab-presence: minor overlay updates
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Switch from broken StdioClientTransport (child process) to
SSEClientTransport (HTTP to sidecar containers via supergateway).
Both sidecars share rspace-files volume so generated CAD files
(STEP, STL, Gerber, SVG) are directly servable without copying.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
qwen2.5:14b doesn't exist on the server, causing silent 404 from
Ollama and 502 to the client. Also added error logging for non-ok
Ollama responses.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Fix invite accept fetch URL in shell.ts (was missing /api/spaces prefix)
- After accepting invite, redirect to the invited space instead of reloading
- Notification actionUrls now point to the space subdomain (https://slug.rspace.online)
- Direct-add email includes inviter name, role, and space description
- Identity invite email includes space name/role context when inviting to a space
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
RunPod was hard-gated — returned 503 when RUNPOD_API_KEY missing,
blocking even LLM script generation. Now generates script via Ollama
regardless, only attempts RunPod render if key is configured. Health
check returns warnings (non-blocking) vs issues (blocking). Default
model switched to qwen2.5:14b (available on server). Regex also
handles non-python-tagged code blocks.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Space Settings section in dropdown with visibility (public/permissioned/private)
and description fields, matching the full edit space modal
- GET /api/spaces/:slug now includes description field
- listSpaceInvites merges both space_invites and identity_invites tables
so email invites appear in Pending Invites
- revokeSpaceInvite falls through to identity_invites table
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Increase .rapp-subnav top from 92px to 93px so pill buttons
don't clip under the fixed header + tab-row border.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Abort previous in-flight fetch when switchTo() is called again, and
guard the shell's fallback navigation against stale callbacks.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Fix server-side redirect to always use canonical rspace.online as base
domain instead of deriving from hostClean (prevents demo.rspace.rspace.online)
- Fix bare-domain check to exact match instead of .includes() (prevents
stacked subdomains from triggering bare-domain routing)
- Fix client-side rspaceNavUrl to guard against reserved subdomain names
being used as space subdomains (e.g. rspace.rspace.online)
- Fix identity component _navUrl with same canonical domain guards
- Remove "Try Demo" header button from all shell rendering functions
- Remove demo-btn CSS styles
- Fix pre-existing SchemaType error in Gemini tool declarations
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Transform MI from single-shot chat into an agentic system:
- LiteLLM provider with Claude Sonnet/Haiku models via proxy
- Agentic loop (max 5 turns): stream → parse actions → execute server-side → feed results back
- Server-side media generation (fal.ai + Gemini) as first-class MI actions
- Module data queries (rnotes, rtasks, rcal) read directly from Automerge
- System prompt enriched with recent notes, open tasks, and calendar events
- Client handles new NDJSON types (turn, action-start, action-result)
- Extracted shared media helpers, refactored image/video endpoints
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The IIFE raced with doc loading so listCommunities returned empty.
Moved into the .then() callback to ensure all docs are loaded first.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
On subdomain routing (e.g. demo.rspace.online), the space slug belongs
only in the subdomain — never in the URL path. This fixes all server
and client code that was generating /{space}/module paths on subdomains.
Server fixes:
- index.ts: notification actionUrls, template/disabled-module redirects,
subdomain passthrough (now redirects HTML, rewrites API), WS notifications
- output-list.ts: subdomain-aware path prefix for hrefs and fetch URLs
- shell.ts: dashboard pushState URL
Client fixes (basePath getter pattern):
- folk-book-shelf.ts, folk-splat-viewer.ts: _basePath getter
- folk-campaign-wizard.ts: basePath subdomain check
- folk-trips-planner.ts: use __rspaceNavUrl for canvas export
- rschedule/landing.ts: onclick handlers use __rspaceNavUrl
- rsplat/mod.ts: legacy view redirect subdomain check
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Provision {space}@rspace.online forwarding aliases that route to
opted-in members' personal emails. Admins/mods opted in by default;
regular members can opt in via PUT /api/spaces/:slug/email-forwarding/me.
New: space-alias-service.ts, schema tables, 8 DB functions, 6 API routes.
Hooks: rinbox onSpaceCreate/Delete, spaces.ts member lifecycle, startup migration.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add bidirectional sync between rTasks and ClickUp:
- API client with 100 req/min rate limiter
- OAuth2 + personal API token connection flows
- Import wizard (workspace → space → list picker)
- Outbound push queue (5s intervals, 10-item batches)
- Inbound webhook with HMAC-SHA256 validation
- Field-level conflict detection (rTasks wins)
- Source badges (purple CU) with sync status dots on task cards
- Sync status indicator in board header for connected boards
Also fix 6 pre-existing TS errors across crowdsurf, rcal, rnotes.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Adds diagnostic console.log to layer-switch handler, TabCache.switchTo,
fetchAndInject, and reconcileRemoteLayers to identify why clicking the
rspace tab closes all tabs and shows the dashboard.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
reconcileRemoteLayers() could wipe all local tabs when Automerge sync
or BroadcastChannel delivered empty layer data (CRDT initial state,
sync race). This caused clicking tabs to show an infinite-loading
dashboard. Now: empty remote layers are rejected when an active module
exists, and the current module always stays in the tab list.
Also adds 10s fetch timeout to TabCache.fetchAndInject() to prevent
infinite loading spinners on slow/failed module fetches.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The access gate and space dashboard redirect scripts checked only
localStorage, which is per-origin. When navigating between subdomains
(e.g. demo → jeff), the session wasn't found. Now both scripts also
check the eid_token cross-subdomain cookie and sync it to localStorage.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add Gemini Flash agentic loop that converts natural language prompts
into real MCP tool call sequences for PCB design (KiCad) and parametric
CAD (FreeCAD). Dynamic schema conversion from MCP tools to Gemini
function declarations, 8-turn/60s loop with real execution and result
feedback.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Automerge docs created before the tags schema don't have the field.
The migration runs 5s after startup (after loadAllDocs completes),
patches missing tags onto events, and assigns known demo event tags.
Also removes debug endpoint and tracing logs.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Phase 1: MI now knows the current date/time and upcoming events (14-day
lookahead, 5 events max) via direct Automerge read — no HTTP overhead.
Phase 2: Tags (string[] | null) on CalendarEvent for first-class filtering.
Saved views (named filter presets) with full CRUD API. Tag filter on
GET /api/events via comma-separated AND logic. Demo events seeded with tags.
Phase 3: Calendar MCP server (5 tools: cal_list_events, cal_get_event,
cal_list_sources, cal_list_views, cal_create_event) registered in .mcp.json.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The demo Automerge doc had visibility: "private" from initial creation.
ensureDemoCommunity now forces visibility to "public" on every startup
if it drifted.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
1. Add GET /rvote/api/* to public endpoint whitelist so proposal
listings work on private/permissioned spaces without auth.
2. Campaign wizard now checks for auth token before POSTing,
showing "Please sign in" instead of a cryptic 401.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The sub-path middleware (/:space/:moduleId/*) already blocked disabled
modules, but the root path (/:space/:moduleId) didn't. Now both paths
consistently check enabledModules before allowing access.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Two fixes:
1. Bare-domain routing used url.protocol (always http: behind TLS
termination) for redirects, causing mixed-content blocks. Added
proto helper that uses https: on production domains. Also rewrite
/{space}/api/... calls internally instead of redirecting to the
subdomain.
2. rDesign SSE stream reader now catches QUIC protocol errors on
stream close gracefully.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Non-demo space dashboards now redirect logged-out visitors to
rspace.online/ instead of showing another user's rApp grid. Private
space module pages redirect to rspace.online/{moduleId} instead of
showing the sign-in gate overlay.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
After logout, reload the page so the server re-renders the current rApp
in logged-out/demo mode instead of showing a blank screen. Cross-tab
logout also triggers a reload. Space dashboard now redirects logged-in
users to the rSpace canvas instead of showing the rApp grid.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Changed syncTabsFromServer to replace local tabs with server tabs
instead of merging (union). This prevents tabs closed in browser A
from being resurrected when browser B refreshes. Also added server
sync to the iframe module landing path which was localStorage-only.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The demo space auth middleware was blocking POST requests with 403.
Add /rdesign/api/ to isPublicEndpoint list, matching rwallet pattern.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The "N online" collab badge was position:fixed at top:8px, overlapping
the header login area. Move it into the tab bar slot (main shell) or
header-right section (standalone shells) so it flows inline with other
chrome elements.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Balance queries, Safe detection, and chain analysis are blockchain
reads that should work for any authenticated user regardless of
space membership. The route handlers enforce their own auth.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Replace the global "Your Spaces" grid with a space-centric dashboard showing
members, previously open tools, recent activity, active votes, and quick
actions. Fix layout cut-off by positioning dashboard fixed below header+tab
row (top: 92px) with sidebar-push support.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The TabCache fetchAndInject() was sending fetch() without Accept: text/html,
causing the server to treat it as an API request and return 401 on private
spaces. Also adds .catch() fallbacks to shell tab handlers for resilience.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Payment creation, QR codes, and pay pages should be accessible to any
authenticated user regardless of space visibility, since the payment
goes to the creator's wallet. The route handlers enforce their own auth.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Space visibility defaults to "private", blocking unauthenticated API calls.
The on-ramp and webhook endpoints are designed for unauthenticated users,
so they need to bypass the space-level auth check.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Move the "Leave Comment" button from the bottom canvas toolbar to the
top header bar as <rstack-comment-bell>, positioned left of the
notification bell. Shows a red badge with unresolved comment pin count.
Wires canvas via comment-pin-activate/comment-pins-changed custom events.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
c.req.path in Hono returns the full path, not the relative path
within the sub-router, causing the /api/notifications prefix to
be doubled.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The rspace container cannot resolve encryptid-db hostname, causing
/api/notifications/count to 524 timeout on every 30s poll. Rewrites
notification-routes.ts as an HTTP proxy to encryptid (which has DB
access), adds notification API endpoints to encryptid server, and
wraps BroadcastChannel.postMessage in try/catch to prevent uncaught
errors during navigation.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Store known personas in localStorage, auto-register on login. Dropdown
shows other personas with one-click switch (triggers passkey re-auth),
add/remove persona buttons, and cross-tab sync.
Also fix pre-existing TS errors: non-null assert on filtered functionCall,
add optional VerifyOptions param to authenticateWSUpgrade type declaration.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Adds an intermediate modal when creating a space: name/slug editing with
availability check, description, visibility radio cards, discoverable
toggle, member search with @username lookup and email invites, and a
shareable invite link generated post-creation.
Server: adds discoverable field to CommunityMeta, extends PATCH /:slug,
adds POST /:slug/invites for generic invite token creation.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Overlay markers at canvas or shape-relative coords with threaded
comments, @mention notifications, and rSchedule reminder integration.
Toolbar "Leave Comment" button (/) next to Note tool.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
evaluateSpaceAccess and authenticateWSUpgrade were calling the SDK
without the secret option, forcing remote verification. Also adds
auth header to rpubs editor generate fetch (was getting 401 on
private spaces).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
folk-prompt can now spawn shapes on the canvas when Tools mode is
enabled. Gemini calls functions (create_map, create_note, create_embed,
create_image, create_bookmark, create_image_gen) and the client
executes them via window.__canvasApi. Multi-turn loop on server (max 5
rounds) with synthetic success responses. Extensible via registerCanvasTool().
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Consolidates token verification into server/auth.ts, removing the
external SDK dependency. All modules now import from the local module.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
getSpaceConfig() read stored visibility without the demo override,
so the client-side access gate blocked unauthenticated users from
accessing the demo space.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The single quote in "don't" broke the JS string literal inside the
inline script, causing a SyntaxError that killed the entire script
block including tab bar and header initialization.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Added shapesSeeded flag to community doc metadata. Once shapes are
seeded (demo, template, or campaign), deleting all shapes no longer
triggers re-seeding on server restart. The demo reset endpoint clears
the flag so it can re-seed intentionally.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Personal space rename only applies when isPersonal flag is set (not all
private spaces). Demo forced to public visibility. Public spaces no
longer filtered out. Sections: Private → Permissioned → Public →
✦ Discover → Create.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Server-side HTML gates can't work because auth tokens are in
localStorage, not cookies. Replaced with:
- Client-side gate checks session, then verifies membership via
new /api/space-access/:slug endpoint
- Shows "Sign In" for unauthenticated users
- Shows "no access + return to your space" for non-members
- Server-side gates remain for API/JSON requests and WebSocket
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Non-members of private spaces are now blocked at three layers:
- WebSocket upgrade rejects with 403
- Module middleware shows access denied page (browser) or JSON 403 (API)
- Space root dashboard shows access denied page
Friendly "Private Space" page with link back to user's own space.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Both dropdown-wrap buttons now sit in header-left directly after the
space switcher, keeping space-related controls grouped together.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
rspace.online/rcal was redirecting to rcal.online (standalone domain) via
the landing page proxy. Now rewrites to /demo/{moduleId} so it loads the
actual app within the rSpace shell with app/space switchers, matching the
behavior of {space}.rspace.online/{moduleId}.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Replace full-height slide-in panels with compact dropdowns that appear
beneath header icons. Both icons now grouped in header-right with
mutual exclusion and click-outside-to-close behavior.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Ensure disabled modules redirect to space root on subdomain routing,
and pre-load community doc before checking enabled modules list.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Force authenticatorAttachment: 'platform' across all WebAuthn registration
flows to prevent USB security key prompts. Redirect browser navigations to
space root when accessing disabled modules instead of returning JSON error.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Inject enabledModules into client, tag 25 module-specific toolbar buttons
with data-requires-module, and filter out disabled items (plus empty groups)
at page init. Spaces with all modules enabled are unaffected.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Live spaces with no CRDT data were showing a generic onboarding page
instead of the module's actual UI. Demo always bypassed this check,
causing visual parity issues between demo.rspace.online and live spaces.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
renderSpaceDashboard was showing all modules regardless of space's
enabledModules setting — both in the app cards grid and the app-switcher
dropdown. Now filters using getSpaceShellMeta, same as renderShell.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
renderExternalAppShell was passing the full unfiltered module list to
both the app-switcher and tab-bar dropdowns. Now filters by the space's
enabledModules, matching the existing renderShell behavior.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Replaces the "Welcome to rSpace" popup with a 6-step interactive tour
that spotlights key UI features (app switcher, MI bar, spaces, identity,
canvas, tabs/tools). Skippable at any time via button, Escape, or
clicking the backdrop. Navigable with Back/Next buttons and arrow keys.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add POST /api/users/resolve-dids batch endpoint in EncryptID, proxy
/api/users/* through rspace server, and batch-resolve missing displayNames
in the space settings panel so owners and members show usernames not DIDs.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Adds catch-all proxy route so client tab sync requests (saveTabs/syncTabsFromServer)
reach the EncryptID container. Also fixes rstack-mi panel positioning and
Shadow DOM click-outside handling.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
New users get sent to /join for passkey registration + auto-space-join.
Existing users are directly added with in-app + email notification.
Add-by-username now also sends email notification if email is on file.
- Add id to /api/users/lookup response
- Enhance /api/internal/user-email/:userId with recovery + profile email
- Add GET /api/internal/user-by-email for email→DID resolution
- Rewrite POST /:slug/invite to use identity invite flow
- Add email notification to POST /:slug/members/add
- Add success/error feedback to space settings invite UI
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Spaces with missing/undefined visibility were falling through to "public"
in 7 places: normalizeVisibility fallback, migrateVisibility early return,
renderShell default, getSpaceConfig, space list APIs, and the HTML
injection middleware. All now default to "private". The migrateVisibility
function now writes "private" to docs with missing visibility on load.
Also fixed jeff and hash spaces on production (were undefined → private).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Progressive approval workflow: paste brief → AI extracts structure →
AI generates per-platform posts → review with per-post regen →
commit (saves campaign, creates threads, drafts newsletters, builds workflow DAG).
Includes MI integration for Cmd+K campaign creation and vite build entry.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Connects x402 (on-chain USDC via Base) and CRDT token system (Automerge cUSDC)
in both directions: on-chain payments auto-mint cUSDC to payer's DID, and users
can pay with cUSDC balance via new "crdt" payment scheme. 402 responses now
return both exact and crdt payment options.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
New spaces start with an empty canvas instead of 25+ template shapes.
Each space gets a {slug}@rspace.online team inbox (multi-sig ready)
via the rinbox onSpaceCreate hook. Fix EncryptID auto-provision passing
raw string instead of SpaceLifecycleContext to module hooks.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add transferTokens() and getAllTransfers() to token service
- Seed DAO ecosystem: cUSDC + BFT tokens, 3 treasuries, 6 participants,
~30 transactions spread over 60 days
- Add /api/crdt-tokens/transfers endpoint for ledger history
- Wire CRDT transfers into loadTransfers() with DID→pseudo-address mapping
- Update data transforms (timeline, sankey, multichain) to support
_fromLabel/_toLabel for human-readable CRDT participant names
- Show viz tabs (Timeline, Flow Map, Sankey) when CRDT tokens exist
- Add "local"/"CRDT" chain to color and name maps
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Restore CrowdSurf as standalone module with full integration (server,
app-switcher, shell favicon, rchoices tab, vite build). Add sortition-
based pairwise Elo ranking: users compare two activities head-to-head,
updating Elo ratings. Includes API endpoints (/api/crowdsurf/pair,
/api/crowdsurf/compare), Rank tab with leaderboard, and Elo badges.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Auto-seed calendar sources and events on first visit to any space's
rcal page, and during space creation via seedTemplate hooks.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Create-space form redirected to /{slug}/rspace which 404s on subdomain
hosts (jeff.rspace.online/mycofi/rspace → rewritten to /jeff/mycofi/rspace).
Now redirects to https://{slug}.rspace.online/rspace.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Declarative onboardingActions on RSpaceModule lets each rApp define its
own onboarding cards (import, upload, link, create). renderOnboarding()
renders them as a responsive card grid with upload handling. Adds ICS
import endpoint to rCal (POST /api/import-ics). 15 modules wired up.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add BroadcastChannel for instant same-browser tab sync — opening/closing
tabs in one window propagates immediately to sibling tabs. Extract
reconcileRemoteLayers() helper shared by BroadcastChannel and Automerge,
which cleans up cached DOM panes on remote removal and handles
active-tab-closed scenarios.
Also adds configurable rApp shortcuts (Ctrl/Alt+1-9), header swipe
gestures for rApp cycling, and body data-module-id attr for swipe context.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Fix DID mismatch: server now stores and reads proper did🔑z6Mk... DIDs
from database instead of deriving truncated did🔑${slice(0,32)}
- Add PRF extension to WebAuthn create/get flows for client-side key derivation
- Derive DID, signing keys, encryption keys, and EOA wallet from passkey PRF
- Auto-upgrade truncated DIDs to proper format on sign-in
- Add POST /api/account/upgrade-did endpoint for DID migration
- Add 5-step educational registration wizard (identity, passkey, DID, wallet, security)
- Add email/username field to sign-in for scoped passkey selection
- Add magic link email login for external devices without passkeys
- Add POST /api/auth/magic-link and GET /magic-login verification page
- Add mintWelcomeBalance() for 5 fUSDC to new users
- Store EOA wallet address during registration when PRF available
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Space creation was broken because the canvas module has id "rspace" but
all navigation URLs used "/canvas". On production subdomain routing this
resulted in 404s after creating a space.
- Switch create-space form from deprecated /api/communities to /api/spaces
- Replace all /canvas navigation URLs with /rspace to match module ID
- Fix DID matching in space listing to check both sub and did:key formats
- Add proper client DID support in EncryptID registration flow
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add global polyfills for AbortSignal.timeout() (Safari <17, Firefox <122)
and crypto.randomUUID() (Safari <15.4, Firefox <95) in shell HTML templates.
Add -webkit-backdrop-filter prefix across 13 files for older Safari support.
Add Firefox scrollbar (scrollbar-width/scrollbar-color), range input
(::-moz-range-thumb/track), and color-mix() rgba fallbacks. Create shared
compat.ts utility module. Lowers browser floor from Safari 17/Firefox 122
to Safari 15.4/Firefox 95.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Jeff Emmett
Jeff Emmett