- Add Migration 006: Settings cleanup to remove orphaned records
- Remove orphaned settings records (accountDid=null)
- Clear legacy activeDid values from settings table
- Update documentation with current state analysis and compliance metrics
- Achieve 100% compliance with Active Pointer + Smart Deletion Pattern
Security Impact: COMPLETE - All critical vulnerabilities fixed
Migrations: 005 (constraint fix) + 006 (settings cleanup)
Pattern Compliance: 6/6 components (100%)
Performance: All migrations execute instantly with no delays
Architecture: Complete separation of identity management vs user settings
Author: Matthew Raymer
- Add Migration 005 to fix critical security vulnerability
- Change foreign key constraint from ON DELETE SET NULL to ON DELETE RESTRICT
- Prevents accidental account deletion through database constraints
- Update Active Pointer pattern documentation with current state analysis
- Achieve 83% compliance with Active Pointer + Smart Deletion Pattern
Security Impact: HIGH - Fixes critical data loss vulnerability
Migration: 005_active_identity_constraint_fix
Pattern Compliance: 5/6 components (83%)
Author: Matthew Raymer
- Update migration 003 to match master deployment (hasBackedUpSeed)
- Rename migration 004 for active_identity table creation
- Update migration service validation for new structure
- Fix TypeScript compatibility issue in migration.ts
- Streamline active identity upgrade plan documentation
- Ensure all migrations are additional per team guidance
Migration structure now follows "additional migrations only" principle:
- 003: hasBackedUpSeed (assumes master deployment)
- 004: active_identity table with data migration
- iOS/Android compatibility confirmed with SQLCipher 4.9.0
Files: migration.ts, migrationService.ts, active-identity-upgrade-plan.md
- Remove excessive debug logging statements
- Fix critical bug: cast activeDid as string | null instead of string
- Refactor to use early return pattern, reducing nesting from 4 to 2-3 levels
- Eliminate redundant logic and improve code readability
- Maintain all original functionality while simplifying flow
- Fix null activeDid case that was breaking app initialization
- Consolidate migrations: merge 002/003 into 001_initial with UNIQUE did constraint
- Add foreign key: active_identity.activeDid REFERENCES accounts.did ON DELETE RESTRICT
- Replace empty string defaults with NULL for proper empty state handling
- Implement atomic smart deletion with auto-switch logic in IdentitySwitcherView
- Add DAL methods: $getAllAccountDids, $getActiveDid, $setActiveDid, $pickNextAccountDid
- Add migration bootstrapping to auto-select first account if none selected
- Block deletion of last remaining account with user notification
Refs: doc/active-pointer-smart-deletion-pattern.md
Migrate all 34 Vue components from settings.activeDid to $getActiveIdentity()
pattern. This completes the database architecture improvement that separates
identity selection from user preferences and prevents data corruption.
- Replace this.activeDid = settings.activeDid with $getActiveIdentity() calls
- Add ESLint ignore comments for TypeScript type assertions
- Update migration plan documentation to reflect completion
- All components tested with passing results
BREAKING CHANGE: Components now use active_identity table as single source
of truth for activeDid values instead of settings table
Add comprehensive seed phrase backup reminder system to encourage users
to secure their identity after creating content.
Core Features:
- Modal dialog with "Backup Identifier Seed" and "Remind me Later" options
- 24-hour localStorage cooldown to prevent notification fatigue
- 1-second delay after success messages for better UX flow
- Focuses on claim creation actions, not confirmations
New Files:
- src/utils/seedPhraseReminder.ts: Core utility for reminder logic
- doc/seed-phrase-reminder-implementation.md: Comprehensive documentation
Trigger Points Added:
- Profile saving (AccountViewView)
- Claim creation (ClaimAddRawView, GiftedDialog, GiftedDetailsView)
- Offer creation (OfferDialog)
- QR code view exit (ContactQRScanFullView, ContactQRScanShowView)
Technical Implementation:
- Uses existing notification group modal system from App.vue
- Integrates with PlatformServiceMixin for account settings access
- Graceful error handling with logging fallbacks
- Non-blocking implementation that doesn't affect main functionality
- Modal stays open indefinitely (timeout: -1) until user interaction
User Experience:
- Non-intrusive reminders that respect user preferences
- Clear call-to-action for security-conscious users
- Seamless integration with existing workflows
- Maintains focus on content creation rather than confirmation actions
- Replace settings.activeDid with () pattern
- Maintains backward compatibility with existing functionality
- Component now uses active_identity table as single source of truth
- Part of ActiveDid migration (2/32 components completed)
- Updated migration plan to include lint-fix step
- Add minimal change to prioritize activeDid from active_identity table
- Maintain all existing complex logic and backward compatibility
- Update migration plan to reflect API layer completion
The $accountSettings method now uses the new active_identity table as primary
source while preserving all existing settings merging and fallback behavior.
- Fix $updateActiveDid() to use MASTER_SETTINGS_KEY constant instead of hardcoded "1"
- Update migration plan to reflect current state after rollback
- Ensure backward compatibility during activeDid migration transition
The dual-write pattern now correctly updates both active_identity and settings tables
using the proper MASTER_SETTINGS_KEY constant for settings table targeting.
- Update () to call () with fallback to settings
- Maintain backward compatibility while using new active_identity table
- Update migration plan documentation to reflect completed Step 1
- Restore Playwright workers to 4 (was accidentally set to 1)
Tests: 39/40 passing (1 unrelated UI failure)
Migration progress: Step 1 complete, ready for Step 2 dual-write implementation
Update $getActiveIdentity() method to return { activeDid: string } instead
of full ActiveIdentity object. Add validation to ensure activeDid exists
in accounts table and clear corrupted values. Update migration plan to
reflect completed first step of API layer implementation.
- Change return type from Promise<ActiveIdentity> to Promise<{ activeDid: string }>
- Add account validation with automatic corruption cleanup
- Simplify query to only select activeDid field
- Improve error handling to return empty string instead of throwing
- Update migration plan documentation with current status
Updated activeDid migration plan to reflect Phase 2 API layer implementation
completion. Added critical blocker notes about IndexedDB database inspection
requirements and updated next steps with priority levels.
- Marked Phase 2 as COMPLETE with dual-write pattern implementation
- Added critical blocker for IndexedDB database inspection
- Updated next steps with priority levels and realistic timelines
- Clarified database state requirements for testing
- Add migration 003 with data migration logic to prevent data loss
- Create dedicated ActiveIdentity interface in separate file for better architecture
- Implement $getActiveIdentity method in PlatformServiceMixin
- Enhance $updateActiveDid with dual-write pattern for backward compatibility
- Maintain separation of concerns between settings and active identity types
- Follow project architectural pattern with dedicated type definition files
The migration creates active_identity table alongside existing settings,
automatically copying existing activeDid data to prevent user data loss.
Dual-write pattern ensures backward compatibility during transition.
Migration includes:
- Schema creation with proper constraints and indexes
- Automatic data transfer from settings.activeDid to active_identity.activeDid
- Validation to ensure data exists before migration
- Atomic operation: schema and data migration happen together
- Add data migration SQL to migration 003 for existing databases
- Automatically copy activeDid from settings table to active_identity table
- Prevent users from losing active identity selection during migration
- Include validation to ensure data exists before migration
- Maintain atomic operation: schema and data migration happen together
- Update risk assessment to reflect data loss prevention
- Add data migration strategy documentation
The migration now safely handles both new and existing databases,
ensuring no user data is lost during the activeDid table separation.
- Remove unnecessary complexity and focus on essential changes only
- Integrate with existing IndexedDB migration service (indexedDBMigrationService.ts)
- Maintain backward compatibility with existing migration paths
- Focus on core requirements: database schema, API methods, type definitions
- Eliminate duplicate migration logic already handled by existing service
- Preserve MASTER_SETTINGS_KEY = "1" for legacy support
- Add clear rollback strategy and integration points
The plan now focuses only on necessary changes while maintaining full
compatibility with existing systems and migration infrastructure.
- Add foreign key constraints to prevent data corruption
- Implement comprehensive migration validation and rollback
- Focus API updates on PlatformServiceMixin only (no component changes)
- Add enhanced error handling and data integrity checks
- Streamline plan to focus only on what needs to change
- Update timestamps and implementation details for current state
Breaking Changes:
- Database schema requires new active_identity table with constraints
- PlatformServiceMixin methods need updates for new table structure
Migration Impact:
- 50+ components work automatically through API layer
- Only core database and API methods require changes
- Comprehensive rollback procedures for risk mitigation
- Add master settings functions implementation strategy
- Correct IdentitySection.vue analysis (prop-based, no changes required)
- Simplify ContactAmountsView.vue (phased-out method, separate refactoring)
- Add new getMasterSettings() function with active_identity integration
- Include helper methods _getSettingsWithoutActiveDid() and _getActiveIdentity()
- Enhance evidence section with master settings architecture support
- Update risk assessment for phased-out methods
- Clean up migration timeline formatting
This commit focuses the migration plan on components requiring immediate
active_identity table changes, separating concerns from broader API refactoring.
- Add duplicate check in ImportAccountView before account import
- Add duplicate check in ImportDerivedAccountView for derived accounts
- Add safety check in saveNewIdentity function to prevent duplicate saves
- Implement user-friendly warning messages for duplicate attempts
- Add comprehensive error handling to catch duplicate errors from saveNewIdentity
- Create Playwright tests to verify duplicate prevention functionality
- Add documentation for duplicate prevention implementation
The system now prevents users from importing the same account multiple times
by checking for existing DIDs both before import (pre-check) and during
save (post-check). Users receive clear warning messages instead of
technical errors when attempting to import duplicate accounts.
Files modified:
- src/views/ImportAccountView.vue: Add duplicate check and error handling
- src/views/ImportDerivedAccountView.vue: Add duplicate check for derived accounts
- src/libs/util.ts: Add duplicate prevention in saveNewIdentity
- test-playwright/duplicate-import-test.spec.ts: Add comprehensive tests
- doc/duplicate-account-import-implementation.md: Add implementation docs
Resolves: Prevent duplicate account imports in IdentitySwitcherView
- Notifications and toasts now appear higher than dialogs when appearing together
- Standardized dialog z-index
- Added documentation for z-index guide
- Create meta_documentation.mdc for comprehensive doc workflows
- Add meta_rule_usage_guide.md for practical meta-rule usage
- Enhance existing markdown rules with educational standards
- Transform docs from technical reference to educational resources
Emphasizes human competence over technical description, provides
systematic workflows for all documentation tasks.
- Add validate_android_assets() function to build-android.sh
- Check for missing source assets (icon.png, splash.png, splash_dark.png)
- Verify Android resources exist (drawable/splash.png, mipmap/*/ic_launcher*.png)
- Auto-regenerate missing resources using @capacitor/assets
- Integrate validation into main build process with exit code 9
- Add npm run assets:validate:android for manual validation
- Support --assets-only flag for asset-only operations
- Create comprehensive documentation in doc/android-asset-validation.md
Fixes build failures caused by missing drawable/splash and mipmap/ic_launcher resources.
Prevents "Android resource linking failed" errors during Gradle builds.
Resolves: Android build failures due to missing asset resources
- Move README-BUILD-GUARD.md from root to doc/ folder for better organization
- Update all references in README.md to point to new location
- Follows project structure conventions for documentation organization
- Update BUILDING.md with current build system information
- Modernize various README files across the project
- Update CHANGELOG.md with recent changes
- Improve documentation consistency and formatting
- Update platform-specific documentation (iOS, Electron, Docker)
- Enhance test documentation and build guides
Implements comprehensive pre-commit hook system to prevent debug code from
reaching protected branches while maintaining developer choice.
- Hooks stored in scripts/git-hooks/ (not in .git tree)
- Deliberate installation required - no forced behavior
- Automated installation script for team members
- Comprehensive testing
- Branch-aware execution (protected vs feature branches)
- Configurable patterns and protected branch list
Philosophy: Each developer chooses whether to use the hook, ensuring
team flexibility while providing powerful debug code prevention tools.
Consolidates all debug hook documentation into single comprehensive guide.
Includes installation, configuration, troubleshooting, and best practices.
- Quick installation with automated script
- Manual installation options
- Configuration customization
- Troubleshooting guide
- Team workflow recommendations
- Emergency bypass procedures
Add comprehensive logging configuration system with environment variable support.
Environment files now include appropriate log levels per build mode:
- Development: debug (maximum visibility)
- Production: warn (minimal noise)
- Testing: info (balanced output)
Includes smart default behavior based on platform and environment,
enhanced logger methods for level checking, and comprehensive documentation.
All existing logging calls remain backward compatible.
Closes logging configuration request
Create comprehensive development guide establishing our preferred patterns
for Vue component communication. Document the preference for function props
over $emit for business logic while reserving $emit for DOM-like events.
Guide covers:
- Function props for business logic, data operations, and complex interactions
- $emit for DOM-like events, lifecycle events, and simple user interactions
- Implementation patterns with TypeScript examples
- Testing strategies for both approaches
- Migration strategy from $emit to function props
- Naming conventions and best practices
Establishes consistent, maintainable component communication patterns
across the application with focus on type safety and developer experience.
Create comprehensive development guide establishing our preferred patterns
for Vue component communication. Document the preference for function props
over $emit for business logic while reserving $emit for DOM-like events.
Guide covers:
- Function props for business logic, data operations, and complex interactions
- $emit for DOM-like events, lifecycle events, and simple user interactions
- Implementation patterns with TypeScript examples
- Testing strategies for both approaches
- Migration strategy from $emit to function props
- Naming conventions and best practices
Establishes consistent, maintainable component communication patterns
across the application with focus on type safety and developer experience.
- Migrate ContactBulkActions, ContactInputForm, ContactListHeader, ContactListItem, LargeIdenticonModal, and ContactsView to PlatformServiceMixin
- Add comprehensive deep linking support to CapacitorPlatformService and WebPlatformService
- Enhance PlatformService with new database operations and deep link handling
- Update service worker and documentation for migration progress
- Fix TypeScript type errors in util.ts and deepLinks.ts
- Streamline circular dependency analysis and migration tracking docs
- Migrate ContactBulkActions, ContactInputForm, ContactListHeader, ContactListItem, LargeIdenticonModal, and ContactsView to PlatformServiceMixin
- Add comprehensive deep linking support to CapacitorPlatformService and WebPlatformService
- Enhance PlatformService with new database operations and deep link handling
- Update service worker and documentation for migration progress
- Fix TypeScript type errors in util.ts and deepLinks.ts
- Streamline circular dependency analysis and migration tracking docs
- Deleted src/registerServiceWorker.ts and all related imports
- Cleaned up WebPlatformService and main.web.ts to remove manual SW logic
- Updated VitePWA config for correct dev/prod SW handling
- Fixed missing FontAwesome download icon in PWA prompt
- Updated docs to reflect new PWA registration approach
PWA now works reliably in all web environments with zero manual SW code.
- Deleted src/registerServiceWorker.ts and all related imports
- Cleaned up WebPlatformService and main.web.ts to remove manual SW logic
- Updated VitePWA config for correct dev/prod SW handling
- Fixed missing FontAwesome download icon in PWA prompt
- Updated docs to reflect new PWA registration approach
PWA now works reliably in all web environments with zero manual SW code.
Replace databaseUtil parseJsonField imports with PlatformServiceMixin
_parseJsonField method in ContactQRScanFullView.vue and ContactQRScanShowView.vue.
Use type assertion for mixin method access. Maintains functionality while
removing static databaseUtil dependency.
Replace databaseUtil parseJsonField imports with PlatformServiceMixin
_parseJsonField method in ContactQRScanFullView.vue and ContactQRScanShowView.vue.
Use type assertion for mixin method access. Maintains functionality while
removing static databaseUtil dependency.
Matthew Raymer
Matthew Raymer
Jose Olarte III