mai
/
posimai-root
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
168 Commits 1 Branch 0 Tags 3.9 GiB
Commit Graph

168 Commits

Author SHA1 Message Date
posimai 47f82586d2 fix(brain): retry 503 once, don't persist failure message to DB 
- analyzeWithGemini: 503(一時高負荷)は4秒後に1回リトライ
- 失敗時は null を返し、呼び出し側で DB を更新しない
  → 「AI分析に失敗しました」がsummaryとして永続化されなくなる

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-14 23:39:46 +09:00
posimai b0e77839c2 chore: add src-tauri/target to .gitignore (prevent large build artifacts) 2026-04-14 23:30:31 +09:00
posimai 5bcd60eefd chore: update STATUS.md — ponshu APK + guard-ext + VS Code fix done 2026-04-14 23:22:25 +09:00
posimai b25b3f640e fix(brain): switch analyzeWithGemini from gemini-2.0-flash-lite to gemini-2.5-flash 
gemini-2.0-flash-lite のフリー枠日次クォータが枯渇し AI 分析が全件失敗していた。
gemini-2.5-flash に統一してクォータ問題を解消する。

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-14 23:12:50 +09:00
posimai e7594370e7 feat(ext): integrate rule engine — scan works without API key 
- runRuleEngine() now runs first on every scan (133 rules, instant)
- Gemini/Claude become optional enhancement layers (deeper semantic scan)
- Removed hard requirement for API key to run scanWorkspace/scanFile
- tsconfig: remove rootDir restriction to allow relative import from guard app
- Status bar tooltip updated to reflect API-key-free scanning
- Bundle: 120kb minified (ruleEngine + RULE_FIXES included via esbuild)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-14 23:05:19 +09:00
posimai 48272ad19b chore: update STATUS.md — Guard static fix templates + security fixes done 2026-04-14 18:20:28 +09:00
posimai 4bb35568ab ci: move Linux build workflow to repo root .github/workflows/ 
Previous location (posimai-guard-app/.github/workflows/) was wrong —
GitHub Actions only reads .github/workflows/ at repository root.
Renamed to build-guard-linux.yml, added working-directory default.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-13 16:32:42 +09:00
posimai e7f2a3a3ad ci: add GitHub Actions workflow for Linux build (.deb + .AppImage) 
- Triggers on workflow_dispatch (manual) or version tag push (v*)
- Ubuntu 22.04 runner with Tauri prerequisites
- Uploads .deb and .AppImage as artifacts
- Creates GitHub Release on tag push

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-13 14:49:26 +09:00
posimai fb90a7b328 chore: update STATUS.md — Guard installers built, build method documented 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-13 10:13:22 +09:00
posimai 377a118273 chore: update STATUS.md — Guard release build complete, next steps updated 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-13 10:10:00 +09:00
posimai 35bb426e84 fix(guard-app): remove unused Manager import (Rust warning) 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-13 10:09:47 +09:00
posimai 54e50fabf1 docs(design): prohibit colored borderLeft on card lists 
Card-type components must not use borderLeft for severity color.
Severity is expressed via icon + dim-bg badge only.
Navigation tree active state remains an exception.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-13 09:19:13 +09:00
posimai 251e5316eb docs: add posimai-bg.md aurora/background reusable reference, link from DESIGN.md 2026-04-12 22:20:37 +09:00
posimai 15257dfc71 feat: posimai-guard-app Tauri v2 desktop app scaffold (pending MSVC install) 2026-04-12 22:05:06 +09:00
posimai db0fd6a88e chore: *.vsix を .gitignore に追加、バイナリをgit管理外に 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-12 21:02:24 +09:00
posimai 43c650c2d8 feat(guard): Station風グリッド背景・バイナリオーロラ・severity色刷新 
- バイナリ01が降るオーロラアニメーション追加(canvas, opacity 13%)
- グリッド背景 + 上部オレンジグロー(Station風)
- severity色: 赤→鮮明な赤(#FF453A) / 黄→Guard orange / info→violet(#A78BFA)
- IssueCard左ボーダーをseverity色に / ガラス質backdrop-filter

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-12 18:39:26 +09:00
posimai 9e6178791f feat: VS Code拡張 posimai-guard-ext v0.1.0 を追加 
Gemini直接呼び出し(Vercel経由なし)でAIコードセキュリティスキャンを実行。
APIキーはOS keychain(SecretStorage)に安全保存。Claudeオプション対応。

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-12 17:46:00 +09:00
posimai 6d0df5faae docs: update lucide-react version rule for React 19 projects 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-12 17:09:02 +09:00
posimai 75e34733a8 chore(station-b): remove dead renderBinBar function 
Made-with: Cursor
 2026-04-12 13:10:08 +09:00
posimai 4110de7239 fix(station): real monitoring for Vercel/GitHub via proxy, fix ok logic, health content check 
Made-with: Cursor
 2026-04-12 13:07:23 +09:00
posimai 65c358c58d fix(station): dead code cleanup, 0pct ring bug, Syncthing removal, SRI, canvas pause 
Made-with: Cursor
 2026-04-12 10:43:17 +09:00
posimai 7aa79f4a7d fix: station VPS Users/Node ハイフン・CPU リング 0% 表示修正 
Made-with: Cursor
 2026-04-12 08:13:58 +09:00
posimai b8b8cf9c52 docs: update DESIGN.md based on Claude Code feedback 
Made-with: Cursor
 2026-04-12 06:46:31 +09:00
posimai c4d7a1d787 docs: add DESIGN.md and update AI rules to reference it 
Made-with: Cursor
 2026-04-12 00:54:59 +09:00
posimai b2a8f60cc0 chore: STATUS.md 更新(セッション3 セキュリティ修正記録) 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-11 23:05:28 +09:00
posimai 47c75cae4f fix: Together API に投稿前グループメンバー確認を追加 
/together/share, /together/react, /together/comments の各書き込みエンドポイントに
together_members テーブルでのメンバーチェックを追加。
非メンバーによる投稿・リアクション・コメントを 403 で拒否する。

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-11 23:03:49 +09:00
posimai 10402464c5 feat: 購入後マジックリンクメール自動送信 + TTS に purchaseMiddleware 接続 
Made-with: Cursor
 2026-04-11 15:05:23 +09:00
posimai 5f371c3eee chore: STATUS.md 更新(認証統一・Eiji テスト準備完了) 
Made-with: Cursor
 2026-04-11 14:54:28 +09:00
posimai 85bd0cc879 fix: store URL を store.posimai.soar-enrich.com に統一 
Made-with: Cursor
 2026-04-11 14:36:33 +09:00
posimai 1d9c2b5f3d docs: new-app-guide.md を現行状態に全面更新 
- create-app.sh の Step 8(ダッシュボード自動更新)を反映
- テンプレートを _template-minimal 一本化に変更
- Alpine.js をパターンBとして追加(ビルド不要・reactive state)
- SW キャッシュ更新タイミングの方針を明記
- 実装チェックリストを追加
- 旧手動ステップ(自動化済み)を削除・整理

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-11 12:05:03 +09:00
posimai 5538cde753 chore: _template-minimal 現行化 + create-app.sh ダッシュボード自動更新 
- _template-minimal/sw.js: skipWaiting() 追加(デプロイ後の旧キャッシュ残留防止)
- _template-minimal/index.html: JWT token handoff 追加(ダッシュボードからのSSO対応)
- create-app.sh: コピー元を _template → _template-minimal に変更
- create-app.sh: Step 8 追加 — projects.json / timeline / roadmap を自動更新してデプロイまで完結

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-11 11:44:15 +09:00
posimai ee7b3053e2 fix: 初回アクティベートのレースコンディションを修正 
WHERE device_id IS NULL を追加してアトミックにし、
競合した場合は再取得して照合する

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-11 06:42:42 +09:00
posimai 04b40a5b67 chore: deploy-server.shにroutes/ディレクトリの転送を追加 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-11 00:19:05 +09:00
posimai 2cd7795202 feat: Ponshu Room Proライセンス管理をserver.jsへ統合 
- routes/ponshu.js: ライセンス検証・失効エンドポイントを新規追加
  POST /api/ponshu/license/validate (認証不要、モバイルから直接呼ぶ)
  POST /api/ponshu/admin/license/revoke (APIキー認証必須)
- routes/stripe.js: 既存のStripe Webhookハンドラーを抽出し拡張
  metadata.product === 'ponshu_room_pro' の場合にライセンスキーを発行
  Stripe Webhook 冪等性チェック (stripe_session_id) を追加
  Resend でライセンスキーをメール送信
- server.js: ponshu_licenses テーブルをスキーマに追加
  インラインのhandleStripeWebhook関数を routes/stripe.js に置き換え
  ponshuRouterとstripeRouterをマウント

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-11 00:16:57 +09:00
posimai ada6eba333 fix: security — invite_code leakage, Atlas token in URL, RSS err.message exposure 
- GET /together/groups/🆔 SELECT * -> SELECT id, name, created_at (invite_code 除外)
- Atlas github/vercel/tailscale-scan: token を query param から Authorization header へ移行
- /events/rss: err.message をクライアント返却しないよう固定メッセージに置換

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-11 00:05:18 +09:00
posimai dbc30494bd fix: emoji violation in shadow-logger, SW lifecycle fix in veil, doc analytics exception 2026-04-10 21:34:44 +09:00
posimai 8007371daa docs: update STATUS.md with 2026-04-10 session work and clarify deferred tasks 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-10 17:11:58 +09:00
posimai 5b17d9215c docs: merge security fixes and next steps into server-refactor-plan 
- Add section 6: 7 security/reliability fixes applied 2026-04-10
  (SSRF guard, size limits, pool config, error handler)
- Add section 7: POST /save async pattern documentation
- Add section 10: prioritized next steps (commercialization + refactor tracks)
- Add completion history table
- Update line number estimates to reflect additions
- Update current line count to ~3130

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-10 14:00:15 +09:00
posimai 8fdc047b7f docs: add server.js refactor plan for shared AI context 
- 現状構造・セクション別行数・共有変数依存マップを記録
- 目標構造(lib/ + routes/ 分割案)を設計
- 実施タイミング判断基準・フェーズ別手順を記載
- CLAUDE.md / AGENTS.md の参照ドキュメントリストに追加

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-10 08:25:43 +09:00
posimai e3e6ebca7d docs: update design-system font to Geist + fix create-app.sh Gitea auth 
- design-system.md: Inter → Geist
- create-app.sh: GITEA_TOKEN fallback → git credential store

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-10 08:13:04 +09:00
posimai 7cf305fdc0 chore: update templates — Geist font, Lucide integrity, JWT token handoff 
- Inter → Geist font
- Lucide SRI integrity hash added
- init_key (legacy API key) → token (JWT) cross-domain handoff

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-10 08:09:36 +09:00
posimai 82a094f2f2 fix: refuse to start if JWT_SECRET is not set in environment 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-10 07:55:08 +09:00
posimai 5de1174363 fix: Together/Jina に SSRF ガード + Jina レスポンスサイズ上限 1MB 2026-04-09 23:49:25 +09:00
posimai 5a3a510331 fix: SSRF blocklist + レスポンスサイズ制限 + DB pool max 15 + pool.on(error) 2026-04-09 23:45:55 +09:00
posimai 1336b20c90 fix: POST /save と quick-save を即時保存に変更 — fetchMeta/Jina/AI をバックグラウンドへ移動してラグ解消 2026-04-09 20:48:17 +09:00
posimai e4bd0a1901 docs: update master-architecture to 2026-04-06 — Supabase撤退・DNS確定・残タスク整理 
- Together VPS移行完了・Supabase撤退を反映
- ワイルドカードDNS確認済み・reading_history VPS修正済みを記録
- セキュリティ修正(WebSocket/SSRF/e.message)をdecision logに追加
- STATUS.md を 2026-04-06 版に更新
 2026-04-06 17:05:47 +09:00
posimai d65ccba724 chore: remove stale Supabase Edge Function deploy reference 2026-04-06 16:54:01 +09:00
posimai 3cd8ebd0b6 fix: Feed API POST auth gate + sanitize e.message in error responses 2026-04-06 09:09:26 +09:00
posimai 9e90008575 fix: WebSocket auth gate + SSRF private IP blocklist in posimai-dev 2026-04-06 00:39:18 +09:00
posimai c24c710f33 chore: add STATUS.md, AI execution permissions, code source-of-truth to CLAUDE.md/AGENTS.md 2026-04-05 23:25:19 +09:00