Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
33 changes: 33 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,39 @@ and this project adheres to [Semantic Versioning 2.0](https://semver.org/spec/v2

## [Unreleased]

## [0.8.0-beta] — 2026-07-13

A design + maintenance release on top of v0.7.0-beta: the frontend is
re-skinned to the sibling msk-shop look, board export gains CSV, and every
open Dependabot alert is closed. No schema or crypto-envelope change.

### Changed

- **Adopted the msk-shop design system** ([ADR 0025](docs/architecture/0025-adopt-msk-shop-design-system.md),
supersedes ADR 0024). The abandoned "Modern Minimal" direction (Geist fonts,
`#2ee6a6` accent) is replaced by the sibling msk-shop look for one consistent
MSK brand: GitHub-Dark surfaces (`#0d1117` / `#161b22`) + MSK green
(`#5eb131` dark / `#4ea426` light), Inter Variable + JetBrains Mono
(self-hosted via `@fontsource-variable`, no CDN), `next-themes` default dark.
The shadcn/ui + Radix primitives are kept and re-skinned; all screens are
migrated onto them with canonical tokens.

### Added

- **CSV board export** — `toCsv` / `downloadCsvExport` and an "Export CSV" button
next to JSON / Markdown / Trello. Flat, one row per card, custom fields as
columns, RFC-4180 escaping, UTF-8 BOM for spreadsheet apps. Completes the
export side of GDPR Art. 20 portability. `tests/unit/csv-export.test.ts`.

### Security

- **Dependency + security-alert sweep** — closed every open Dependabot alert:
overrides for vite 6.4.3, js-yaml 4.2.0, @babel/core 7.29.6; and bumps for
undici 7.28.0, nodemailer 9.0.3, next 16.2.9, react/react-dom 19.2.7,
react-hook-form 7.80.0, @types/node 26, prettier 3.9.5, plus the
actions/checkout v7 + actions/cache v6 CI actions. `pnpm audit` reports no
known vulnerabilities.

## [0.7.0-beta] — 2026-06-07

A post-backlog polish + portability release on top of v0.6.0-beta. Closes the
Expand Down
2 changes: 1 addition & 1 deletion CLAUDE.md
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
> **Repository-Pfad (lokal):** `C:\Users\morit\OneDrive\GitHub Repositories\FiveM Shop\mskanban`
> **Server-Deployment:** Debian + Apache2 + MariaDB
> **Lokale Entwicklung:** Next.js auf dem Host, MariaDB + Redis in Docker
> **Status:** **Latest release: `v0.7.0-beta` (2026-06-07) — Post-Backlog Polish + Portability: Offline-Create/Comment-Edit (ADR 0023), Live-Cursors default-on (ADR 0011), Trello-Export (DSGVO Art. 20), Mind-Map-Parent-Round-Trip (#49), CSP-style-src-Entscheidung (ADR 0022), externes Audit/Pen-Test-Readiness-Paket. Davor `v0.6.0-beta` (2026-05-30) — schließt den kompletten 25-Punkte-Lücken-Backlog (#27–#51): Auth-Hardening (per-User-Backoff + API-Ratelimit, opt-in HIBP ADR 0017, ReDoS-Guard, DB-append-only AuditLog), Transactional Email (ADR 0018), sanitized Markdown, user-picker Custom-Field, Board-Templates, Extra-Importer (GitHub/Jira/Wekan), Attachments-E2EE, DSGVO Export/Crypto-Shred, Admin-Bereich, Public REST API via PAT (ADR 0019), Mind-Map-View, WCAG-axe-Tests, Table-Virtual-Scrolling, Live-CRDT für Checklists/Comments (ADR 0020) und Offline-first (Precache-SW + card-scoped Write-Outbox, ADR 0021). Davor `v0.5.0-beta` (2026-05-28): account recovery (ADR 0012), workspace member management, WebAuthn 2FA (ADR 0013), public read-only boards (ADR 0014), wrapped BoardKeys (ADR 0015) + 20-bug-Audit. First beta `v0.1.0-beta` (2026-05-24), signed via cosign keyless OIDC.** Alle zehn Phasen (0–10) ✅, inklusive Phase 4 (E2EE-Layer): Krypto-Bibliothek + Key-Hierarchie + Recovery-Phrase voll gewired in Onboarding/Login/alle Board-/Card-/Comment-Pfade — Server sieht ausschließlich opake `v1.<nonce>.<ct>`-Envelopes. Phase-3-Plaintext-Pfad (`src/lib/encoding/plaintext-blob.ts` + Migration-Script) ist nach Cleanup entfernt; ADR 0007 ist damit "executed".
> **Status:** **Latest release: `v0.8.0-beta` (2026-07-13) — Design + Maintenance: msk-shop Design-System übernommen (ADR 0025, löst ADR 0024 „Modern Minimal" ab; GitHub-Dark + MSK-Grün, Inter/JetBrains Mono, shadcn/ui behalten + neu eingefärbt, alle ~40 Screens migriert), CSV-Board-Export, Dependency-+Security-Alert-Sweep (0 offene Dependabot-Alerts). Davor `v0.7.0-beta` (2026-06-07) — Post-Backlog Polish + Portability: Offline-Create/Comment-Edit (ADR 0023), Live-Cursors default-on (ADR 0011), Trello-Export (DSGVO Art. 20), Mind-Map-Parent-Round-Trip (#49), CSP-style-src-Entscheidung (ADR 0022), externes Audit/Pen-Test-Readiness-Paket. Davor `v0.6.0-beta` (2026-05-30) — schließt den kompletten 25-Punkte-Lücken-Backlog (#27–#51): Auth-Hardening (per-User-Backoff + API-Ratelimit, opt-in HIBP ADR 0017, ReDoS-Guard, DB-append-only AuditLog), Transactional Email (ADR 0018), sanitized Markdown, user-picker Custom-Field, Board-Templates, Extra-Importer (GitHub/Jira/Wekan), Attachments-E2EE, DSGVO Export/Crypto-Shred, Admin-Bereich, Public REST API via PAT (ADR 0019), Mind-Map-View, WCAG-axe-Tests, Table-Virtual-Scrolling, Live-CRDT für Checklists/Comments (ADR 0020) und Offline-first (Precache-SW + card-scoped Write-Outbox, ADR 0021). Davor `v0.5.0-beta` (2026-05-28): account recovery (ADR 0012), workspace member management, WebAuthn 2FA (ADR 0013), public read-only boards (ADR 0014), wrapped BoardKeys (ADR 0015) + 20-bug-Audit. First beta `v0.1.0-beta` (2026-05-24), signed via cosign keyless OIDC.** Alle zehn Phasen (0–10) ✅, inklusive Phase 4 (E2EE-Layer): Krypto-Bibliothek + Key-Hierarchie + Recovery-Phrase voll gewired in Onboarding/Login/alle Board-/Card-/Comment-Pfade — Server sieht ausschließlich opake `v1.<nonce>.<ct>`-Envelopes. Phase-3-Plaintext-Pfad (`src/lib/encoding/plaintext-blob.ts` + Migration-Script) ist nach Cleanup entfernt; ADR 0007 ist damit "executed".

**ADR 0009 (2026-05-24):** Master Key bleibt in Memory + sessionStorage-Envelope (per-Tab, wipe-on-logout). Card-Decrypt lazy beim Öffnen eines Boards.

Expand Down
65 changes: 38 additions & 27 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -151,10 +151,10 @@ ADRs 0003, 0004, 0007, 0009) and [`docs/threat-model.md`](docs/threat-model.md).
custom fields, card templates.
- **Milestones** group cards into deliverables with an optional date
window — drives the burn-down chart and timeline grouping.
- **Five views per board**: Kanban / Calendar / **Timeline (Gantt)** /
Table / Analytics. Analytics ships cycle time, lead time, CFD, aging
WIP, throughput, **burn-down per milestone** — all computed client-
side on decrypted data.
- **Six views per board**: Kanban / Calendar / **Timeline (Gantt)** /
Table / Analytics / **Mind-Map** (parent-child card links). Analytics
ships cycle time, lead time, CFD, aging WIP, throughput, **burn-down
per milestone** — all computed client-side on decrypted data.
- **Real-time collaboration** via Yjs CRDTs. Card descriptions sync
between users; **board-level presence** (Yjs awareness) shows who else
is online with an avatar stack + per-card "is viewing" dots. The
Expand All @@ -163,21 +163,31 @@ ADRs 0003, 0004, 0007, 0009) and [`docs/threat-model.md`](docs/threat-model.md).
— declarative `{when, do}` rules per board, fully E2EE. Server sees
only the plaintext trigger envelope (`trigger_type` + `trigger_meta`)
whitelisted on every write; rule bodies live in `enc_rule`.
- **Offline-first PWA** with IndexedDB snapshot cache and a live
online/offline indicator.
- **Offline-first PWA** ([ADR 0021](docs/architecture/0021-offline-first.md)) —
a hand-rolled precache service worker (cold-start offline) plus a
card-scoped write outbox that queues mutations offline and replays them
on reconnect, with a live online/offline indicator.
- **Activity feed + notifications** (server-visible metadata only).
- **Webhooks** with HMAC-SHA256 signing, SSRF guard, persistent
delivery queue with exponential backoff + DLQ surfaced in the UI.
- **Import** from MSKanban JSON, Trello JSON, generic CSV. **Export**
to JSON and Markdown.
- **Import** from MSKanban JSON, Trello, GitHub Projects, Jira (CSV),
Wekan and generic CSV. **Export** to MSKanban JSON, Markdown,
Trello-compatible JSON and CSV.
- **Public REST API** ([ADR 0019](docs/architecture/0019-personal-access-tokens.md))
via Personal Access Tokens (`/api/v1`, metadata + ciphertext only — the
server has no keys), and **public read-only boards** shared by a link
whose decryption key lives only in the URL fragment.
- **Server admin area** (metadata-only user management, `requireAdmin`) and
a built-in **board-template** set.
- **2FA**: TOTP **and** WebAuthn / Passkeys (both shipped), with a
status-aware enable/disable screen.
- **Account**: change email + password (zero-knowledge), active-session
list/revoke, password recovery via a 24-word phrase, optional
"stay unlocked on this device".
- **GDPR**: _planned, not yet shipped_ — account-level data export
(Art. 15/20) and crypto-shred deletion (Art. 17) are on the roadmap,
not yet implemented. (Board-level JSON/Markdown export exists today.)
- **GDPR**: account-level data export (Art. 15/20, `GET /api/me/export`)
and crypto-shred account deletion (Art. 17, `DELETE /api/me` with a
30-day grace) are **shipped**, alongside the per-board JSON / Markdown /
Trello / CSV exports above.

---

Expand Down Expand Up @@ -207,22 +217,23 @@ ADR 0006 for the reasoning.

## 📍 Status

`v0.1.0-beta` — released 2026-05-24, signed via cosign keyless OIDC.
All ten original roadmap phases shipped; post-beta features (milestones,
timeline, presence, automation) ship under `[Unreleased]` in
[`CHANGELOG.md`](CHANGELOG.md) and become `v0.2.0` when batched.

| Phase | What | Status |
| ------------- | --------------------------------------------------------------- | -------------------------- |
| 0–3 | Setup + foundation + auth + core Kanban (plaintext MVP) | ✅ |
| 4 | Zero-knowledge E2EE | ✅ |
| 5 | Advanced UX (labels, custom fields, views, templates, activity) | ✅ |
| 6 | Real-time SSE + PWA + IndexedDB + Yjs WS relay | ✅ |
| 7 | Analytics | ✅ |
| 8 | Integrations & I/O (export, import, webhooks) | ✅ |
| 9 | Hardening (CSP nonces, webhook DLQ, SBOM, Cosign) | ✅ |
| 10 | Public Beta (`v0.1.0-beta`) | ✅ |
| **post-beta** | Milestones, Burn-Down, Timeline, Presence, Automation v1 | ✅ shipped, not yet tagged |
**Latest release: `v0.7.0-beta`** (2026-06-07), signed via cosign keyless
OIDC. All ten original roadmap phases **and** the full 25-point post-beta
backlog (#27–#51) are shipped. `main` additionally carries the
[msk-shop design-system redesign](docs/architecture/0025-adopt-msk-shop-design-system.md)
and CSV export under `[Unreleased]` in [`CHANGELOG.md`](CHANGELOG.md).

| Phase | What | Status |
| --------------------------- | ------------------------------------------------------------------------------------------------------------------ | :----: |
| 0–3 | Setup + foundation + auth + core Kanban | ✅ |
| 4 | Zero-knowledge E2EE | ✅ |
| 5 | Advanced UX (custom fields, views, templates, activity) | ✅ |
| 6 | Real-time SSE + PWA + IndexedDB + Yjs WS relay | ✅ |
| 7 | Analytics | ✅ |
| 8 | Integrations & I/O (export, import, webhooks) | ✅ |
| 9 | Hardening (CSP nonces, webhook DLQ, SBOM, Cosign) | ✅ |
| 10 | Public Beta (`v0.1.0-beta`) | ✅ |
| Post-beta backlog (#27–#51) | Auth hardening, transactional email, admin area, public REST API (PAT), attachments E2EE, GDPR export/delete, mind-map, live CRDT, offline-first, WCAG axe tests | ✅ |

Tracker, roadmap and the running design log live in
[`CLAUDE.md`](CLAUDE.md) (German — the rest of the docs and code are
Expand Down
Loading