mai
/
posimai-root
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
191 Commits 1 Branch 0 Tags 3.9 GiB
Commit Graph

191 Commits

Author SHA1 Message Date
posimai d257bd75ac chore: atlas・roadmap サブモジュールを posimai-sc 登録後のコミットに更新 
Made-with: Cursor
 2026-04-20 01:41:36 +09:00
posimai 36293e5ec7 feat: posimai-sc 支援士学習PWAを同梱し本番用設定を追加 
Made-with: Cursor
 2026-04-20 01:40:48 +09:00
posimai 222238f2b9 fix(together): require member auth on GET /together/groups/:groupId 
invite_code was accessible without authentication to anyone who knew
the groupId (sequential integer). Now requires ?u= + member check.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-20 01:04:24 +09:00
posimai 6cae7daa87 fix(together): revert broken userCheck that caused 403 for all JWT users 
userCheck required username to match users.user_id/name, but Together
usernames (mai, EIJI) never matched users table entries (maita, partner).
All JWT-bearing clients were getting 403. Reverts to member-row-only
check until user_id backfill is complete (Phase 1).

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-19 19:08:36 +09:00
posimai a1483ed00b docs: refresh STATUS for posimai-boki and remove stale deploy note 
Made-with: Cursor
 2026-04-19 16:49:21 +09:00
posimai 925638250b fix(together): include invite_code in GET /together/groups/:id response 
Was accidentally excluded from SELECT, causing invite code to disappear
in the settings panel.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-19 13:37:24 +09:00
posimai 96f22b6a82 fix(together): close JWT legacy-fallback impersonation hole 
When JWT is present but strict member check fails, verify the body
username belongs to the JWT user before allowing legacy access.
JWT-less clients (no Authorization header) are unaffected.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-19 13:06:14 +09:00
posimai c1173e5625 chore: enforce vercel alias set on new app creation — add to CLAUDE.md/AGENTS.md/create-app.sh/new-app-guide.md 2026-04-18 23:15:33 +09:00
posimai 276ae2dc9d chore(status): add mai pending tasks section (Firebase key, Stripe, etc.) 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-18 09:55:54 +09:00
posimai 1eb94565d5 fix(together): add member auth to GET endpoints, remove comment_count JOIN 2026-04-18 08:51:16 +09:00
posimai 8f41c4736f feat(together): add 'read' to reaction type allowlist 2026-04-17 23:37:22 +09:00
posimai 59b8ff76ea chore: update posimai-guard submodule pointer 2026-04-17 19:01:44 +09:00
posimai b5b721cd60 fix(security): add SRI to xterm CDN, add manifest id, noreferrer to target=_blank 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-17 18:42:38 +09:00
posimai 147d85abf6 feat(together): cursor-based pagination API — limit/cursor クエリパラメーター追加 2026-04-17 18:34:06 +09:00
posimai f3cc672051 fix(security): add SRI integrity hashes to lucide CDN scripts in posimai-dev 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-17 08:12:36 +09:00
posimai 4b3b778f85 chore: update posimai-guard submodule pointer 2026-04-16 18:04:23 +09:00
posimai cedc4e0951 chore: update posimai-guard submodule pointer 2026-04-15 13:28:15 +09:00
posimai d1e254215b chore: update posimai-guard submodule pointer 2026-04-15 12:43:59 +09:00
posimai e960b9e2ac fix(brain): comprehensive review fixes — placeholder persistence, count accuracy, dead code 
- Gemini null 時: プレースホルダーを NULL で上書き(永続化バグ解消)
- /articles カウント: LIMIT後rows.filter()→専用COUNTクエリで正確化
- genAITogether 削除(genAI の alias で不要)
- quick-save: e.message のクライアント露出を固定メッセージに置換

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-15 09:11:27 +09:00
posimai 65ec560ebe chore: update posimai-guard submodule pointer 2026-04-15 09:08:41 +09:00
posimai bbb66a7ce8 chore: update posimai-guard submodule pointer 2026-04-15 08:31:20 +09:00
posimai e20296d297 chore: update posimai-guard submodule pointer (deploy script fix) 2026-04-15 08:19:35 +09:00
posimai 31a6243ae4 chore: update posimai-guard submodule pointer (dart/scan ext fixes) 2026-04-15 08:18:50 +09:00
posimai 47f82586d2 fix(brain): retry 503 once, don't persist failure message to DB 
- analyzeWithGemini: 503(一時高負荷)は4秒後に1回リトライ
- 失敗時は null を返し、呼び出し側で DB を更新しない
  → 「AI分析に失敗しました」がsummaryとして永続化されなくなる

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-14 23:39:46 +09:00
posimai b0e77839c2 chore: add src-tauri/target to .gitignore (prevent large build artifacts) 2026-04-14 23:30:31 +09:00
posimai 5bcd60eefd chore: update STATUS.md — ponshu APK + guard-ext + VS Code fix done 2026-04-14 23:22:25 +09:00
posimai b25b3f640e fix(brain): switch analyzeWithGemini from gemini-2.0-flash-lite to gemini-2.5-flash 
gemini-2.0-flash-lite のフリー枠日次クォータが枯渇し AI 分析が全件失敗していた。
gemini-2.5-flash に統一してクォータ問題を解消する。

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-14 23:12:50 +09:00
posimai e7594370e7 feat(ext): integrate rule engine — scan works without API key 
- runRuleEngine() now runs first on every scan (133 rules, instant)
- Gemini/Claude become optional enhancement layers (deeper semantic scan)
- Removed hard requirement for API key to run scanWorkspace/scanFile
- tsconfig: remove rootDir restriction to allow relative import from guard app
- Status bar tooltip updated to reflect API-key-free scanning
- Bundle: 120kb minified (ruleEngine + RULE_FIXES included via esbuild)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-14 23:05:19 +09:00
posimai 48272ad19b chore: update STATUS.md — Guard static fix templates + security fixes done 2026-04-14 18:20:28 +09:00
posimai 4bb35568ab ci: move Linux build workflow to repo root .github/workflows/ 
Previous location (posimai-guard-app/.github/workflows/) was wrong —
GitHub Actions only reads .github/workflows/ at repository root.
Renamed to build-guard-linux.yml, added working-directory default.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-13 16:32:42 +09:00
posimai e7f2a3a3ad ci: add GitHub Actions workflow for Linux build (.deb + .AppImage) 
- Triggers on workflow_dispatch (manual) or version tag push (v*)
- Ubuntu 22.04 runner with Tauri prerequisites
- Uploads .deb and .AppImage as artifacts
- Creates GitHub Release on tag push

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-13 14:49:26 +09:00
posimai fb90a7b328 chore: update STATUS.md — Guard installers built, build method documented 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-13 10:13:22 +09:00
posimai 377a118273 chore: update STATUS.md — Guard release build complete, next steps updated 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-13 10:10:00 +09:00
posimai 35bb426e84 fix(guard-app): remove unused Manager import (Rust warning) 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-13 10:09:47 +09:00
posimai 54e50fabf1 docs(design): prohibit colored borderLeft on card lists 
Card-type components must not use borderLeft for severity color.
Severity is expressed via icon + dim-bg badge only.
Navigation tree active state remains an exception.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-13 09:19:13 +09:00
posimai 251e5316eb docs: add posimai-bg.md aurora/background reusable reference, link from DESIGN.md 2026-04-12 22:20:37 +09:00
posimai 15257dfc71 feat: posimai-guard-app Tauri v2 desktop app scaffold (pending MSVC install) 2026-04-12 22:05:06 +09:00
posimai db0fd6a88e chore: *.vsix を .gitignore に追加、バイナリをgit管理外に 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-12 21:02:24 +09:00
posimai 43c650c2d8 feat(guard): Station風グリッド背景・バイナリオーロラ・severity色刷新 
- バイナリ01が降るオーロラアニメーション追加(canvas, opacity 13%)
- グリッド背景 + 上部オレンジグロー(Station風)
- severity色: 赤→鮮明な赤(#FF453A) / 黄→Guard orange / info→violet(#A78BFA)
- IssueCard左ボーダーをseverity色に / ガラス質backdrop-filter

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-12 18:39:26 +09:00
posimai 9e6178791f feat: VS Code拡張 posimai-guard-ext v0.1.0 を追加 
Gemini直接呼び出し(Vercel経由なし)でAIコードセキュリティスキャンを実行。
APIキーはOS keychain(SecretStorage)に安全保存。Claudeオプション対応。

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-12 17:46:00 +09:00
posimai 6d0df5faae docs: update lucide-react version rule for React 19 projects 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-12 17:09:02 +09:00
posimai 75e34733a8 chore(station-b): remove dead renderBinBar function 
Made-with: Cursor
 2026-04-12 13:10:08 +09:00
posimai 4110de7239 fix(station): real monitoring for Vercel/GitHub via proxy, fix ok logic, health content check 
Made-with: Cursor
 2026-04-12 13:07:23 +09:00
posimai 65c358c58d fix(station): dead code cleanup, 0pct ring bug, Syncthing removal, SRI, canvas pause 
Made-with: Cursor
 2026-04-12 10:43:17 +09:00
posimai 7aa79f4a7d fix: station VPS Users/Node ハイフン・CPU リング 0% 表示修正 
Made-with: Cursor
 2026-04-12 08:13:58 +09:00
posimai b8b8cf9c52 docs: update DESIGN.md based on Claude Code feedback 
Made-with: Cursor
 2026-04-12 06:46:31 +09:00
posimai c4d7a1d787 docs: add DESIGN.md and update AI rules to reference it 
Made-with: Cursor
 2026-04-12 00:54:59 +09:00
posimai b2a8f60cc0 chore: STATUS.md 更新(セッション3 セキュリティ修正記録) 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-11 23:05:28 +09:00
posimai 47c75cae4f fix: Together API に投稿前グループメンバー確認を追加 
/together/share, /together/react, /together/comments の各書き込みエンドポイントに
together_members テーブルでのメンバーチェックを追加。
非メンバーによる投稿・リアクション・コメントを 403 で拒否する。

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-11 23:03:49 +09:00
posimai 10402464c5 feat: 購入後マジックリンクメール自動送信 + TTS に purchaseMiddleware 接続 
Made-with: Cursor
 2026-04-11 15:05:23 +09:00