FolkJS collaborative canvas with subdomain routing for community spaces

Jeff Emmett bc810d34e4 fix(security): low-severity hardening and security headers ... - L-1: Remove internal error details from SIWE verify response - L-2: Stop forwarding raw Safe API error bodies to clients (log server-side) - L-3: Evict stale keys from nonce rate limiter to prevent memory leak - L-4: Add input length/type guards on wallet-link verify body fields - L-5: Sanitize and cap limit query param on Safe transfers route (max 200) - L-6: Server recomputes addressHash from SIWE address instead of trusting client-supplied value for dedup - L-7: Reset LinkedWalletStore singleton on logout to clear cached keys - I-1: Add X-Content-Type-Options, X-Frame-Options, Referrer-Policy headers - I-9: Build EIP712Domain type array dynamically from domain fields in ExternalSigner.signTypedData (was hardcoded to empty, dropping fields) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>		2026-03-09 18:06:07 -07:00
backlog	feat: inline config panel for rFlows elements with tabbed Config/Analytics/Alloc	2026-03-04 18:03:09 -08:00
db	Add rSplat module — Gaussian splat viewer with x402 gated uploads	2026-02-21 20:55:45 +00:00
deploy/twenty-crm	fix: disable Twenty multi-workspace to prevent subdomain redirect loop	2026-03-04 20:23:57 -08:00
docs	feat: layered local-first data architecture — encrypted backup, relay persistence, at-rest encryption	2026-03-02 17:09:07 -08:00
lib	feat(rcal): add swipe/pan navigation and pinch-to-zoom gestures	2026-03-09 15:12:47 -07:00
modules	fix(security): low-severity hardening and security headers	2026-03-09 18:06:07 -07:00
public/.well-known	fix: change WebAuthn RP ID from jeffemmett.com to rspace.online	2026-02-18 14:32:57 -07:00
scripts	feat: add Twenty CRM setup scripts for pipeline, fields, and views	2026-03-05 14:06:52 -08:00
server	feat: scope system, cross-space navigation, and spaces-as-layers	2026-03-09 06:33:32 +00:00
shared	feat: scope system, cross-space navigation, and spaces-as-layers	2026-03-09 06:33:32 +00:00
src	fix(security): low-severity hardening and security headers	2026-03-09 18:06:07 -07:00
types	fix: resolve all TypeScript build errors across modules	2026-02-23 19:42:44 -08:00
website	fix(rwallet): use CSS variable theming + soften global light mode	2026-03-09 15:27:07 -07:00
.dockerignore	fix: make Docker build self-contained with local context	2026-02-16 18:51:24 -07:00
.gitignore	refactor: rename module directories to match r-prefixed module IDs	2026-02-28 19:49:26 -08:00
Dockerfile	fix: copy src/ directory into Docker image for notification module	2026-03-03 19:45:13 -08:00
Dockerfile.encryptid	fix: add notification-service to encryptid Docker image	2026-03-04 11:15:19 -08:00
MODULE_SPEC.md	docs: add MODULE_SPEC.md with permission model and capabilities	2026-02-17 12:30:14 -07:00
ONTOLOGY.md	feat: add rSchedule module — persistent cron-based job scheduling	2026-03-03 14:34:53 -08:00
bun.lock	feat(rflows): move on-ramp directly into rspace-online	2026-03-06 18:20:35 -08:00
docker-compose.encryptid.yml	fix(encryptid): fix Docker build context for encryptid compose	2026-03-09 16:40:32 -07:00
docker-compose.standalone.yml	refactor: complete rfunds → rflows rename across configs and references	2026-03-03 19:13:14 -08:00
docker-compose.yml	refactor: complete rfunds → rflows rename across configs and references	2026-03-03 19:13:14 -08:00
entrypoint.sh	feat: Gemini AI integration + zine generator + fix Ollama network	2026-03-02 21:27:11 -08:00
package-lock.json	fix: switch all module shell themes from light to dark	2026-02-24 19:42:33 -08:00
package.json	feat(rflows): move on-ramp directly into rspace-online	2026-03-06 18:20:35 -08:00
tsconfig.json	fix: resolve all TypeScript build errors across modules	2026-02-23 19:42:44 -08:00
vite.config.ts	fix: add wasm plugin to campaign-planner vite build entry	2026-03-05 18:22:14 -08:00