9 Commits

Author	SHA1	Message	Date
Dorian	7f03e39f58	feat: onboarding polish, splash screen, controller nav, dev script ... Onboarding flow: - Intro: improved layout and transitions - DID: better card styling and responsiveness - Path: added visual enhancements - Backup/Identity/Verify: streamlined markup - SplashScreen component added UI: - Controller navigation improvements (useControllerNav) - Style.css refinements Backend: - Runtime package fix Dev: - dev-start.sh improvements Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-28 13:41:52 +00:00
Dorian	013b724e02	feat: add boot branding dev option (0) to dev-start.sh ... Option 0 in dev-start.sh launches the branding development workflow: - Finds latest ISO on Desktop or results/ - Patches branding files into the ISO - Boots in QEMU for immediate visual feedback - Lists editable files if no ISO is available Edit background.png, theme.txt, or Plymouth files, re-run option 0, see changes in ~10 seconds without a full CI build. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-28 11:34:29 +00:00
Dorian	1a74a930f7	security+feat: v1.3.0 — pentest remediation, container reliability, UI overhaul ... Security (33 pentest findings addressed): - CRITICAL: backend binds 127.0.0.1, path traversal in tor.rs/dwn fixed - HIGH: federation requires signatures, XSS login redirect, RBAC viewer restricted - HIGH: tar slip prevention, S3 SSRF validation, backup ID validation - MEDIUM: remember-me random secret, TOTP session rotation, password re-auth - LOW: CSP unsafe-inline removed, CORS dev-only, onion/webhook validation Container reliability: - Memory limits on all 37 containers (OOM prevention) - Exited vs stopped state distinction with health-aware status badges - Crash recovery coordination (no more restart cascade) - User-stopped tracking survives reboots - Tiered boot recovery (databases → core → services → apps) UI: - Wallet TransactionsModal, health-aware app status badges - Restart button on containers, exited/crashed red state - Mesh view overhaul, glass button updates, BaseModal/ToggleSwitch - Apps sticky header removed, dev faucet, mutable mock wallet Infrastructure: - LND REST port 8080 exposed over Tor (LND Connect fix) - Nginx cookie_session fix, deploy script Tor config updated - Dev environment: podman auto-start, boot mode simulation Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-19 12:44:31 +00:00
Dorian	00bfd62393	chore: dev environment — signet testnet stack, mock LND RPCs, faucet button ... Switch docker-compose from regtest to signet, add standalone testnet stack (docker-compose.testnet.yml) with Bitcoin+LND+ThunderHub+Fedimint. Mock backend now auto-detects Podman/Docker sockets and includes full LND/Lightning RPC mocks. Dev scripts refactored with boot mode, testnet option, and macOS EAGAIN fix for port cleanup. Added dev faucet button to Home.vue. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-18 21:06:14 +00:00
Dorian	25ad68ac4c	fix: BUG-33 CPU threshold, TASK-27 tab icons, TASK-36 iframe errors ... - BUG-33: CPU load alert threshold increased from 2x to 4x core count (8→16 on 4-core machine) to reduce false alerts during container ops - TASK-27: Launch buttons for new-tab apps now show external link icon (BTCPay, Grafana, PhotoPrism, Portainer, OnlyOffice, etc.) - TASK-36: Iframe error screen now distinguishes between X-Frame-Options blocked vs container not reachable, with appropriate messaging Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-18 19:24:52 +00:00
Dorian	486fc39249	feat: complete Phase 1 foundation hardening + three-mode UI design doc ... Phase 1a — Gradient Removal: - Replaced all gradient-button/gradient-card with glass-button/path-option-card - Removed banned gradient CSS classes Phase 1b — Security Hardening: - SecretsManager: AES-256-GCM encryption (core/security) - electrs_status: credentials from env vars instead of hardcoded - port_manager: RwLock proper error handling (no unwrap) - Pinned all 11 :latest manifest images to specific versions - parmanode converter: pinned inferred image versions Phase 1c — Code Quality: - Split rpc.rs (1795 lines) into 6 handler modules (auth, node, container, package, peers) - Removed sideload code (UI, store, RPC client, 3 doc files) - Fixed body background flash on logout/refresh - Replaced 30 TypeScript `any` types with proper types - Deleted HelloWorld.vue, removed TODO comments - Added set -euo pipefail to all shell scripts - Made deploy script verbose with timestamps and elapsed time Also adds: - CLAUDE.md project guide - docs/three-mode-ui-design.md — design spec for Easy/Pro/Chat UI modes - OnlineStatusPill component Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-04 05:23:42 +00:00
Dorian	30ed48ad1b	Enhance Docker integration and API for container management ... - Implemented Docker container scanning and periodic updates in the Server initialization. - Added new RPC endpoints for managing Docker containers, including start, stop, and restart functionalities. - Updated the API to handle package management for Docker-based applications. - Improved environment variable handling for user-specific configurations in Podman and Docker clients. - Enhanced the development startup script to include Docker container management and provide clearer instructions for full stack setup.	2026-01-27 23:21:26 +00:00
Dorian	1c024c5d64	Update archipelago: API, auth, container, parmanode, performance, security ... - API handler, RPC, and server updates - Auth and coding rules - Container data manager, dev orchestrator, health monitor, podman client - Parmanode script runner - Performance resource manager - Security container policies and secrets manager - Add build scripts and documentation	2026-01-27 22:27:17 +00:00
zazawowow	731cd67cfb	mid coding commit	2026-01-24 22:59:20 +00:00