oxfmt was reformatting generated drizzle migration snapshots and
crashing on .ona/review/comments.json. Also runs the formatter
across the full codebase.
Co-authored-by: Ona <no-reply@ona.com>
- saveSourceConfig: upsert + credential update run atomically
- updateSourceConfig: SELECT FOR UPDATE prevents lost updates
- Widen Database type to accept transaction handles
Co-authored-by: Ona <no-reply@ona.com>
* fix: unified source config + credentials
Accept optional credentials in PUT /api/sources/:sourceId so the
dashboard can send config and credentials in a single request,
eliminating the race condition between parallel config/credential
updates that left sources uninitialized until server restart.
The existing /credentials endpoint is preserved for independent
credential updates.
Co-authored-by: Ona <no-reply@ona.com>
* refactor: rename upsertSourceConfig to saveSourceConfig
Co-authored-by: Ona <no-reply@ona.com>
---------
Co-authored-by: Ona <no-reply@ona.com>
* feat: migrate to TypeScript 6 and add tsgo
- Upgrade typescript from ^5 to ^6 across all packages
- Address TS6 breaking changes in tsconfig files:
- Add explicit types array (new default is [])
- Remove deprecated baseUrl (paths work without it)
- Remove redundant esModuleInterop: true
- Merge DOM.Iterable into DOM lib
- Install @typescript/native-preview for tsgo CLI
- Enable tsgo in VS Code settings
Co-authored-by: Ona <no-reply@ona.com>
* chore: remove redundant tsconfig comments
Co-authored-by: Ona <no-reply@ona.com>
---------
Co-authored-by: Ona <no-reply@ona.com>
Add source definition for aelis.caldav with server URL, username,
password, look-ahead days, and timezone fields.
Route per-user credentials through /api/sources/:id/credentials
instead of the admin provider config endpoint, controlled by a
perUserCredentials flag on the source definition.
Co-authored-by: Ona <no-reply@ona.com>
Wire CalDavSourceProvider into the backend to support CalDAV
calendar sources (e.g. iCloud) with basic auth. Config accepts
serverUrl, username, lookAheadDays, and timeZone. Credentials
(app-specific password) are stored encrypted via the existing
credential storage infrastructure.
Co-authored-by: Ona <no-reply@ona.com>
Add credentials parameter to FeedSourceProvider.feedSourceForUser so
providers can receive decrypted per-user credentials (OAuth tokens,
passwords) from the user_sources table.
Wire CredentialEncryptor into UserSessionManager to handle
encrypt/decrypt. Providers receive plaintext and handle validation
internally. Existing providers ignore the new parameter.
Co-authored-by: Ona <no-reply@ona.com>
strict: true requires all property names to be known upfront,
which is incompatible with the dynamic-key maps in slotFills.
Also replace type array with anyOf for nullable slot values.
Wrap the session check in beforeLoad with a try/catch so
network errors, 404s, and other failures redirect to the
login page instead of showing an error boundary.
Co-authored-by: Ona <no-reply@ona.com>
* fix(backend): add CORS middleware and disable CSRF in dev
- Add CORS middleware for /api/auth/* and global routes
- Disable better-auth CSRF origin check when NODE_ENV != production
Co-authored-by: Ona <no-reply@ona.com>
* fix: gate permissive CORS to dev only
In production, only origins listed in CORS_ORIGINS env
var are allowed. In dev, any origin is reflected back.
Co-authored-by: Ona <no-reply@ona.com>
---------
Co-authored-by: Ona <no-reply@ona.com>
Set reasoning effort to none in the LLM client to reduce latency
and token usage. Fall back to the reasoning field when content is
absent in the response.
Co-authored-by: Ona <no-reply@ona.com>
Add "+": "reject" to all arktype schemas so undeclared
keys return 400. Sources without a configSchema now
reject the config field entirely at the HTTP layer.
Co-authored-by: Ona <no-reply@ona.com>
Add a PUT endpoint that inserts or fully replaces a user's source
config. Unlike PATCH (which deep-merges and requires an existing row),
PUT requires both `enabled` and `config`, performs an upsert via
INSERT ... ON CONFLICT DO UPDATE, and replaces config entirely.
- Add `upsertConfig` to user-sources data layer
- Add `upsertSourceConfig` to UserSessionManager
- Add `addSource` to UserSession for new source registration
- 12 new tests covering insert, replace, validation, and session refresh
Co-authored-by: Ona <no-reply@ona.com>
Add endpoint for users to update their source config
and enabled state. Config is deep-merged with existing
values via lodash.merge and validated against the
provider's schema before persisting.
Co-authored-by: Ona <no-reply@ona.com>
UserSessionManager now queries the user_sources table for enabled
sources before calling any provider. Providers receive the per-user
JSON config directly instead of querying the DB themselves, removing
their db dependency and eliminating redundant round-trips.
Co-authored-by: Ona <no-reply@ona.com>
* feat(session): add per-user source refresh
Add refreshSource(provider) to UserSession so per-user
config changes can re-resolve a source without replacing
the global provider.
- UserSession now carries userId
- Simplify UserSessionManager sessions map
- replaceProvider delegates to session.refreshSource
- Remove updateSessionSource from manager
Co-authored-by: Ona <no-reply@ona.com>
* docs: fix stale jsdoc on provider failure behavior
Co-authored-by: Ona <no-reply@ona.com>
---------
Co-authored-by: Ona <no-reply@ona.com>
* feat(backend): add admin API with provider config endpoint
Add /api/admin/* route group with admin role middleware and a
PUT /api/admin/:sourceId/config endpoint for updating feed source
provider config at runtime. Currently supports aelis.weather.
Co-authored-by: Ona <no-reply@ona.com>
* test: remove weak active session test
Co-authored-by: Ona <no-reply@ona.com>
---------
Co-authored-by: Ona <no-reply@ona.com>
Add ability to replace a FeedSourceProvider at runtime and propagate
the new source to all active (and pending) user sessions, invalidating
their feed caches.
Co-authored-by: Ona <no-reply@ona.com>
* feat(backend): add admin plugin and create-admin script
Add Better Auth admin plugin for role-based user management.
Includes a CLI script to create admin accounts.
Co-authored-by: Ona <no-reply@ona.com>
* fix(backend): guard against missing BETTER_AUTH_SECRET
Co-authored-by: Ona <no-reply@ona.com>
---------
Co-authored-by: Ona <no-reply@ona.com>
* feat(backend): add DB persistence layer
Replace raw pg Pool with Drizzle ORM backed by Bun.sql.
Add per-user source configuration table (user_sources).
Migrate Better Auth to drizzle-adapter.
Add AES-256-GCM credential encryption.
Co-authored-by: Ona <no-reply@ona.com>
* fix(backend): set updatedAt explicitly in all mutations
onConflictDoUpdate bypasses Drizzle's $onUpdate hook.
Set updatedAt explicitly in all mutation methods.
Co-authored-by: Ona <no-reply@ona.com>
* fix(backend): add composite index on user_sources
Add (user_id, enabled) index for the enabled() query path.
Co-authored-by: Ona <no-reply@ona.com>
---------
Co-authored-by: Ona <no-reply@ona.com>
* feat(backend): make FeedSourceProvider async
Make feedSourceForUser and FeedSourceProviderFn return promises.
Use Promise.allSettled to tolerate partial provider failures.
Guard concurrent getOrCreate calls with in-flight promise dedup.
Return 503 from HTTP handlers when session creation fails.
Co-authored-by: Ona <no-reply@ona.com>
* fix(backend): handle remove() during in-flight session creation
Cancel pending getOrCreate when remove() is called mid-flight.
Destroy the resulting session to prevent it from leaking.
Co-authored-by: Ona <no-reply@ona.com>
---------
Co-authored-by: Ona <no-reply@ona.com>
* feat(client): wire up API client and react-query
Add ApiClient class, auth middleware placeholder, feed query,
and wrap the app in QueryClientProvider.
Co-authored-by: Ona <no-reply@ona.com>
* fix(client): append base url on api client req
Co-authored-by: Ona <no-reply@ona.com>
* fix(client): allow req middlewares to run on empty init
* fix(client): rm unused private route declr
* fix(client): handle empty url in client.request
Co-authored-by: ona-patrol <ona@nym.sh>
---------
Co-authored-by: Ona <no-reply@ona.com>
Co-authored-by: ona-patrol <ona@nym.sh>
Each FeedSource implementation now sets sourceId on items
it produces, allowing consumers to trace items back to
their originating source.
Co-authored-by: Ona <no-reply@ona.com>
Introduce Button.Icon to enforce consistent icon styling
(size, theme-aware color) instead of hardcoding Feather
props at each call site. Update showcase and json-render
registry to use it.
Co-authored-by: Ona <no-reply@ona.com>
* feat(client): add component library and simplify routing
Remove tab layout, explore page, modal, and unused template
components. Replace with single-page layout and a dev component
showcase with per-component detail pages.
- Add Button with label prop, leading/trailing icon support
- Add FeedCard, SerifText, SansSerifText, MonospaceText
- Add colocated *.showcase.tsx files for each component
- Use Stack navigator with themed headers
Co-authored-by: Ona <no-reply@ona.com>
* fix(client): render showcase as JSX component
Co-authored-by: Ona <no-reply@ona.com>
* chore(client): remove dead code chain
Remove ThemedText, useThemeColor, useColorScheme hook,
Colors, and Fonts — none referenced by current screens.
Co-authored-by: Ona <no-reply@ona.com>
---------
Co-authored-by: Ona <no-reply@ona.com>
* feat(backend): add GET /api/context endpoint
Query context values by key with exact/prefix match
support. Default mode tries exact first, falls back
to prefix.
Co-authored-by: Ona <no-reply@ona.com>
* fix(backend): validate context key element types
Reject booleans, nulls, and nested arrays in the key
param. Only string, number, and plain objects with
primitive values are accepted.
Co-authored-by: Ona <no-reply@ona.com>
---------
Co-authored-by: Ona <no-reply@ona.com>
Use mockAuthSessionMiddleware with a fully populated dev
user when NODE_ENV is not production. Auth handlers are
only registered in production.
Co-authored-by: Ona <no-reply@ona.com>
Rename all references across the codebase: package names,
imports, source IDs, directory names, docs, and configs.
Co-authored-by: Ona <no-reply@ona.com>
