eliott/worldmonitor
1
0
Fork 0
mirror of https://github.com/koala73/worldmonitor.git synced 2026-04-25 17:14:57 +02:00
Code Issues Packages Projects Releases Wiki Activity
3,613 Commits 138 Branches 48 Tags
main
Commit Graph

74 Commits

Author SHA1 Message Date
Sebastien Melki
58e42aadf9 chore(api): enforce sebuf contract + migrate drifting endpoints (#3207) (#3242) 
* chore(api): enforce sebuf contract via exceptions manifest (#3207)

Adds api/api-route-exceptions.json as the single source of truth for
non-proto /api/ endpoints, with scripts/enforce-sebuf-api-contract.mjs
gating every PR via npm run lint:api-contract. Fixes the root-only blind
spot in the prior allowlist (tests/edge-functions.test.mjs), which only
scanned top-level *.js files and missed nested paths and .ts endpoints —
the gap that let api/supply-chain/v1/country-products.ts and friends
drift under proto domain URL prefixes unchallenged.

Checks both directions: every api/<domain>/v<N>/[rpc].ts must pair with
a generated service_server.ts (so a deleted proto fails CI), and every
generated service must have an HTTP gateway (no orphaned generated code).

Manifest entries require category + reason + owner, with removal_issue
mandatory for temporary categories (deferred, migration-pending) and
forbidden for permanent ones. .github/CODEOWNERS pins the manifest to
@SebastienMelki so new exceptions don't slip through review.

The manifest only shrinks: migration-pending entries (19 today) will be
removed as subsequent commits in this PR land each migration.

* refactor(maritime): migrate /api/ais-snapshot → maritime/v1.GetVesselSnapshot (#3207)

The proto VesselSnapshot was carrying density + disruptions but the frontend
also needed sequence, relay status, and candidate_reports to drive the
position-callback system. Those only lived on the raw relay passthrough, so
the client had to keep hitting /api/ais-snapshot whenever callbacks were
registered and fall back to the proto RPC only when the relay URL was gone.

This commit pushes all three missing fields through the proto contract and
collapses the dual-fetch-path into one proto client call.

Proto changes (proto/worldmonitor/maritime/v1/):
  - VesselSnapshot gains sequence, status, candidate_reports.
  - GetVesselSnapshotRequest gains include_candidates (query: include_candidates).

Handler (server/worldmonitor/maritime/v1/get-vessel-snapshot.ts):
  - Forwards include_candidates to ?candidates=... on the relay.
  - Separate 5-min in-memory caches for the candidates=on and candidates=off
    variants; they have very different payload sizes and should not share a slot.
  - Per-request in-flight dedup preserved per-variant.

Frontend (src/services/maritime/index.ts):
  - fetchSnapshotPayload now calls MaritimeServiceClient.getVesselSnapshot
    directly with includeCandidates threaded through. The raw-relay path,
    SNAPSHOT_PROXY_URL, DIRECT_RAILWAY_SNAPSHOT_URL and LOCAL_SNAPSHOT_FALLBACK
    are gone — production already routed via Vercel, the "direct" branch only
    ever fired on localhost, and the proto gateway covers both.
  - New toLegacyCandidateReport helper mirrors toDensityZone/toDisruptionEvent.

api/ais-snapshot.js deleted; manifest entry removed. Only reduced the codegen
scope to worldmonitor.maritime.v1 (buf generate --path) — regenerating the
full tree drops // @ts-nocheck from every client/server file and surfaces
pre-existing type errors across 30+ unrelated services, which is not in
scope for this PR.

Shape-diff vs legacy payload:
  - disruptions / density: proto carries the same fields, just with the
    GeoCoordinates wrapper and enum strings (remapped client-side via
    existing toDisruptionEvent / toDensityZone helpers).
  - sequence, status.{connected,vessels,messages}: now populated from the
    proto response — was hardcoded to 0/false in the prior proto fallback.
  - candidateReports: same shape; optional numeric fields come through as
    0 instead of undefined, which the legacy consumer already handled.

* refactor(sanctions): migrate /api/sanctions-entity-search → LookupSanctionEntity (#3207)

The proto docstring already claimed "OFAC + OpenSanctions" coverage but the
handler only fuzzy-matched a local OFAC Redis index — narrower than the
legacy /api/sanctions-entity-search, which proxied OpenSanctions live (the
source advertised in docs/api-proxies.mdx). Deleting the legacy without
expanding the handler would have been a silent coverage regression for
external consumers.

Handler changes (server/worldmonitor/sanctions/v1/lookup-entity.ts):
  - Primary path: live search against api.opensanctions.org/search/default
    with an 8s timeout and the same User-Agent the legacy edge fn used.
  - Fallback path: the existing OFAC local fuzzy match, kept intact for when
    OpenSanctions is unreachable / rate-limiting.
  - Response source field flips between 'opensanctions' (happy path) and
    'ofac' (fallback) so clients can tell which index answered.
  - Query validation tightened: rejects q > 200 chars (matches legacy cap).

Rate limiting:
  - Added /api/sanctions/v1/lookup-entity to ENDPOINT_RATE_POLICIES at 30/min
    per IP — matches the legacy createIpRateLimiter budget. The gateway
    already enforces per-endpoint policies via checkEndpointRateLimit.

Docs:
  - docs/api-proxies.mdx — dropped the /api/sanctions-entity-search row
    (plus the orphaned /api/ais-snapshot row left over from the previous
    commit in this PR).
  - docs/panels/sanctions-pressure.mdx — points at the new RPC URL and
    describes the OpenSanctions-primary / OFAC-fallback semantics.

api/sanctions-entity-search.js deleted; manifest entry removed.

* refactor(military): migrate /api/military-flights → ListMilitaryFlights (#3207)

Legacy /api/military-flights read a pre-baked Redis blob written by the
seed-military-flights cron and returned flights in a flat app-friendly
shape (lat/lon, lowercase enums, lastSeenMs). The proto RPC takes a bbox,
fetches OpenSky live, classifies server-side, and returns nested
GeoCoordinates + MILITARY_*_TYPE_* enum strings + lastSeenAt — same data,
different contract.

fetchFromRedis in src/services/military-flights.ts was doing nothing
sebuf-aware. Renamed it to fetchViaProto and rewrote to:

  - Instantiate MilitaryServiceClient against getRpcBaseUrl().
  - Iterate MILITARY_QUERY_REGIONS (PACIFIC + WESTERN) in parallel — same
    regions the desktop OpenSky path and the seed cron already use, so
    dashboard coverage tracks the analytic pipeline.
  - Dedup by hexCode across regions.
  - Map proto → app shape via new mapProtoFlight helper plus three reverse
    enum maps (AIRCRAFT_TYPE_REVERSE, OPERATOR_REVERSE, CONFIDENCE_REVERSE).

The seed cron (scripts/seed-military-flights.mjs) stays put: it feeds
regional-snapshot mobility, cross-source signals, correlation, and the
health freshness check (api/health.js: 'military:flights:v1'). None of
those read the legacy HTTP endpoint; they read the Redis key directly.
The proto handler uses its own per-bbox cache keys under the same prefix,
so dashboard traffic no longer races the seed cron's blob — the two paths
diverge by a small refresh lag, which is acceptable.

Docs: dropped the /api/military-flights row from docs/api-proxies.mdx.

api/military-flights.js deleted; manifest entry removed.

Shape-diff vs legacy:
  - f.location.{latitude,longitude} → f.lat, f.lon
  - f.aircraftType: MILITARY_AIRCRAFT_TYPE_TANKER → 'tanker' via reverse map
  - f.operator: MILITARY_OPERATOR_USAF → 'usaf' via reverse map
  - f.confidence: MILITARY_CONFIDENCE_LOW → 'low' via reverse map
  - f.lastSeenAt (number) → f.lastSeen (Date)
  - f.enrichment → f.enriched (with field renames)
  - Extra fields registration / aircraftModel / origin / destination /
    firstSeenAt now flow through where proto populates them.

* fix(supply-chain): thread includeCandidates through chokepoint status (#3207)

Caught by tsconfig.api.json typecheck in the pre-push hook (not covered
by the plain tsc --noEmit run that ran before I pushed the ais-snapshot
commit). The chokepoint status handler calls getVesselSnapshot internally
with a static no-auth request — now required to include the new
includeCandidates bool from the proto extension.

Passing false: server-internal callers don't need per-vessel reports.

* test(maritime): update getVesselSnapshot cache assertions (#3207)

The ais-snapshot migration replaced the single cachedSnapshot/cacheTimestamp
pair with a per-variant cache so candidates-on and candidates-off payloads
don't evict each other. Pre-push hook surfaced that tests/server-handlers
still asserted the old variable names. Rewriting the assertions to match
the new shape while preserving the invariants they actually guard:

  - Freshness check against slot TTL.
  - Cache read before relay call.
  - Per-slot in-flight dedup.
  - Stale-serve on relay failure (result ?? slot.snapshot).

* chore(proto): restore // @ts-nocheck on regenerated maritime files (#3207)

I ran 'buf generate --path worldmonitor/maritime/v1' to scope the proto
regen to the one service I was changing (to avoid the toolchain drift
that drops @ts-nocheck from 60+ unrelated files — separate issue). But
the repo convention is the 'make generate' target, which runs buf and
then sed-prepends '// @ts-nocheck' to every generated .ts file. My
scoped command skipped the sed step. The proto-check CI enforces the
sed output, so the two maritime files need the directive restored.

* refactor(enrichment): decomm /api/enrichment/{company,signals} legacy edge fns (#3207)

Both endpoints were already ported to IntelligenceService:
  - getCompanyEnrichment  (/api/intelligence/v1/get-company-enrichment)
  - listCompanySignals    (/api/intelligence/v1/list-company-signals)

No frontend callers of the legacy /api/enrichment/* paths exist. Removes:
  - api/enrichment/company.js, signals.js, _domain.js
  - api-route-exceptions.json migration-pending entries (58 remain)
  - docs/api-proxies.mdx rows for /api/enrichment/{company,signals}
  - docs/architecture.mdx reference updated to the IntelligenceService RPCs

Verified: typecheck, typecheck:api, lint:api-contract (89 files / 58 entries),
lint:boundaries, tests/edge-functions.test.mjs (136 pass),
tests/enrichment-caching.test.mjs (14 pass — still guards the intelligence/v1
handlers), make generate is zero-diff.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

* refactor(leads): migrate /api/{contact,register-interest} → LeadsService (#3207)

New leads/v1 sebuf service with two POST RPCs:
  - SubmitContact    → /api/leads/v1/submit-contact
  - RegisterInterest → /api/leads/v1/register-interest

Handler logic ported 1:1 from api/contact.js + api/register-interest.js:
  - Turnstile verification (desktop sources bypass, preserved)
  - Honeypot (website field) silently accepts without upstream calls
  - Free-email-domain gate on SubmitContact (422 ApiError)
  - validateEmail (disposable/offensive/typo-TLD/MX) on RegisterInterest
  - Convex writes via ConvexHttpClient (contactMessages:submit, registerInterest:register)
  - Resend notification + confirmation emails (HTML templates unchanged)

Shared helpers moved to server/_shared/:
  - turnstile.ts (getClientIp + verifyTurnstile)
  - email-validation.ts (disposable/offensive/MX checks)

Rate limits preserved via ENDPOINT_RATE_POLICIES:
  - submit-contact:    3/hour per IP (was in-memory 3/hr)
  - register-interest: 5/hour per IP (was in-memory 5/hr; desktop
    sources previously capped at 2/hr via shared in-memory map —
    now 5/hr like everyone else, accepting the small regression in
    exchange for Upstash-backed global limiting)

Callers updated:
  - pro-test/src/App.tsx contact form → new submit-contact path
  - src-tauri/sidecar/local-api-server.mjs cloud-fallback rewrites
    /api/register-interest → /api/leads/v1/register-interest when
    proxying; keeps local path for older desktop builds
  - src/services/runtime.ts isKeyFreeApiTarget allows both old and
    new paths through the WORLDMONITOR_API_KEY-optional gate

Tests:
  - tests/contact-handler.test.mjs rewritten to call submitContact
    handler directly; asserts on ValidationError / ApiError
  - tests/email-validation.test.mjs + tests/turnstile.test.mjs
    point at the new server/_shared/ modules

Deleted: api/contact.js, api/register-interest.js, api/_ip-rate-limit.js,
api/_turnstile.js, api/_email-validation.js, api/_turnstile.test.mjs.
Manifest entries removed (58 → 56). Docs updated (api-platform,
api-commerce, usage-rate-limits).

Verified: npm run typecheck + typecheck:api + lint:api-contract
(88 files / 56 entries) + lint:boundaries pass; full test:data
(5852 tests) passes; make generate is zero-diff.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

* chore(pro-test): rebuild bundle for leads/v1 contact form (#3207)

Updates the enterprise contact form to POST to /api/leads/v1/submit-contact
(old path /api/contact removed in the previous commit).

Bundle is rebuilt from pro-test/src/App.tsx source change in 9ccd309d.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

* fix(review): address HIGH review findings 1-3 (#3207)

Three review findings from @koala73 on the sebuf-migration PR, all
silent bugs that would have shipped to prod:

### 1. Sanctions rate-limit policy was dead code

ENDPOINT_RATE_POLICIES keyed the 30/min budget under
/api/sanctions/v1/lookup-entity, but the generated route (from the
proto RPC LookupSanctionEntity) is /api/sanctions/v1/lookup-sanction-entity.
hasEndpointRatePolicy / getEndpointRatelimit are exact-string pathname
lookups, so the mismatch meant the endpoint fell through to the
generic 600/min global limiter instead of the advertised 30/min.

Net effect: the live OpenSanctions proxy endpoint (unauthenticated,
external upstream) had 20x the intended rate budget. Fixed by renaming
the policy key to match the generated route.

### 2. Lost stale-seed fallback on military-flights

Legacy api/military-flights.js cascaded military:flights:v1 →
military:flights:stale:v1 before returning empty. The new proto
handler went straight to live OpenSky/relay and returned null on miss.

Relay or OpenSky hiccup used to serve stale seeded data (24h TTL);
under the new handler it showed an empty map. Both keys are still
written by scripts/seed-military-flights.mjs on every run — fix just
reads the stale key when the live fetch returns null, converts the
seed's app-shape flights (flat lat/lon, lowercase enums, lastSeenMs)
to the proto shape (nested GeoCoordinates, enum strings, lastSeenAt),
and filters to the request bbox.

Read via getRawJson (unprefixed) to match the seed cron's writes,
which bypass the env-prefix system.

### 3. Hex-code casing mismatch broke getFlightByHex

The seed cron writes hexCode: icao24.toUpperCase() (uppercase);
src/services/military-flights.ts:getFlightByHex uppercases the lookup
input: f.hexCode === hexCode.toUpperCase(). The new proto handler
preserved OpenSky's lowercase icao24, and mapProtoFlight is a
pass-through. getFlightByHex was silently returning undefined for
every call after the migration.

Fix: uppercase in the proto handler (live + stale paths), and document
the invariant in a comment on MilitaryFlight.hex_code in
military_flight.proto so future handlers don't re-break it.

### Verified

- typecheck + typecheck:api clean
- lint:api-contract (56 entries) / lint:boundaries clean
- tests/edge-functions.test.mjs 130 pass
- make generate zero-diff (openapi spec regenerated for proto comment)

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

* fix(review): restore desktop 2/hr rate cap on register-interest (#3207)

Addresses HIGH review finding #4 from @koala73. The legacy
api/register-interest.js applied a nested 2/hr per-IP cap when
`source === 'desktop-settings'`, on top of the generic 5/hr endpoint
budget. The sebuf migration lost this — desktop-source requests now
enjoy the full 5/hr cap.

Since `source` is an unsigned client-supplied field, anyone sending
`source: 'desktop-settings'` skips Turnstile AND gets 5/hr. Without
the tighter cap the Turnstile bypass is cheaper to abuse.

Added `checkScopedRateLimit` to `server/_shared/rate-limit.ts` — a
reusable second-stage Upstash limiter keyed on an opaque scope string
+ caller identifier. Fail-open on Redis errors to match existing
checkRateLimit / checkEndpointRateLimit semantics. Handlers that need
per-subscope caps on top of the gateway-level endpoint budget use this
helper.

In register-interest: when `isDesktopSource`, call checkScopedRateLimit
with scope `/api/leads/v1/register-interest#desktop`, limit=2, window=1h,
IP as identifier. On exceeded → throw ApiError(429).

### What this does not fix

This caps the blast radius of the Turnstile bypass but does not close
it — an attacker sending `source: 'desktop-settings'` still skips
Turnstile (just at 2/hr instead of 5/hr). The proper fix is a signed
desktop-secret header that authenticates the bypass; filed as
follow-up #3252. That requires coordinated Tauri build + Vercel env
changes out of scope for #3207.

### Verified

- typecheck + typecheck:api clean
- lint:api-contract (56 entries)
- tests/edge-functions.test.mjs + contact-handler.test.mjs (147 pass)

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

* fix(review): MEDIUM + LOW + rate-limit-policy CI check (#3207)

Closes out the remaining @koala73 review findings from #3242 that
didn't already land in the HIGH-fix commits, plus the requested CI
check that would have caught HIGH #1 (dead-code policy key) at
review time.

### MEDIUM #5 — Turnstile missing-secret policy default

Flip `verifyTurnstile`'s default `missingSecretPolicy` from `'allow'`
to `'allow-in-development'`. Dev with no secret = pass (expected
local); prod with no secret = reject + log. submit-contact was
already explicitly overriding to `'allow-in-development'`;
register-interest was silently getting `'allow'`. Safe default now
means a future missing-secret misconfiguration in prod gets caught
instead of silently letting bots through. Removed the now-redundant
override in submit-contact.

### MEDIUM #6 — Silent enum fallbacks in maritime client

`toDisruptionEvent` mapped `AIS_DISRUPTION_TYPE_UNSPECIFIED` / unknown
enum values → `gap_spike` / `low` silently. Refactored to return null
when either enum is unknown; caller filters nulls out of the array.
Handler doesn't produce UNSPECIFIED today, but the `gap_spike`
default would have mislabeled the first new enum value the proto
ever adds — dropping unknowns is safer than shipping wrong labels.

### LOW — Copy drift in register-interest email

Email template hardcoded `435+ Sources`; PR #3241 bumped marketing to
`500+`. Bumped in the rewritten file to stay consistent.

The `as any` on Convex mutation names carried over from legacy and
filed as follow-up #3253.

### Rate-limit-policy coverage lint

`scripts/enforce-rate-limit-policies.mjs` validates every key in
`ENDPOINT_RATE_POLICIES` resolves to a proto-generated gateway route
by cross-referencing `docs/api/*.openapi.yaml`. Fails with the
sanctions-entity-search incident referenced in the error message so
future drift has a paper trail.

Wired into package.json (`lint:rate-limit-policies`) and the pre-push
hook alongside `lint:boundaries`. Smoke-tested both directions —
clean repo passes (5 policies / 175 routes), seeded drift (the exact
HIGH #1 typo) fails with the advertised remedy text.

### Verified
- `lint:rate-limit-policies` ✓
- `typecheck` + `typecheck:api` ✓
- `lint:api-contract` ✓ (56 entries)
- `lint:boundaries` ✓
- edge-functions + contact-handler tests (147 pass)

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

* refactor(commit 5): decomm /api/eia/* + migrate /api/satellites → IntelligenceService (#3207)

Both targets turned out to be decomm-not-migration cases. The original
plan called for two new services (economic/v1.GetEiaSeries +
natural/v1.ListSatellitePositions) but research found neither was
needed:

### /api/eia/[[...path]].js — pure decomm, zero consumers

The "catch-all" is a misnomer — only two paths actually worked,
/api/eia/health and /api/eia/petroleum, both Redis-only readers.
Zero frontend callers in src/. Zero server-side readers. Nothing
consumes the `energy:eia-petroleum:v1` key that seed-eia-petroleum.mjs
writes daily.

The EIA data the frontend actually uses goes through existing typed
RPCs in economic/v1: GetEnergyPrices, GetCrudeInventories,
GetNatGasStorage, GetEnergyCapacity. None of those touch /api/eia/*.

Building GetEiaSeries would have been dead code. Deleted the legacy
file + its test (tests/api-eia-petroleum.test.mjs — it only covered
the legacy endpoint, no behavior to preserve). Empty api/eia/ dir
removed.

**Note for review:** the Redis seed cron keeps running daily and
nothing consumes it. If that stays unused, seed-eia-petroleum.mjs
should be retired too (separate PR). Out of scope for sebuf-migration.

### /api/satellites.js — Learning #2 strikes again

IntelligenceService.ListSatellites already exists at
/api/intelligence/v1/list-satellites, reads the same Redis key
(intelligence:satellites:tle:v1), and supports an optional country
filter the legacy didn't have.

One frontend caller in src/services/satellites.ts needed to switch
from `fetch(toApiUrl('/api/satellites'))` to the typed
IntelligenceServiceClient.listSatellites. Shape diff was tiny —
legacy `noradId` became proto `id` (handler line 36 already picks
either), everything else identical. alt/velocity/inclination in the
proto are ignored by the caller since it propagates positions
client-side via satellite.js.

Kept the client-side cache + failure cooldown + 20s timeout (still
valid concerns at the caller level).

### Manifest + docs
- api-route-exceptions.json: 56 → 54 entries (both removed)
- docs/api-proxies.mdx: dropped the two rows from the Raw-data
  passthroughs table

### Verified
- typecheck + typecheck:api ✓
- lint:api-contract (54 entries) / lint:boundaries / lint:rate-limit-policies ✓
- tests/edge-functions.test.mjs 127 pass (down from 130 — 3 tests were
  for the deleted eia endpoint)
- make generate zero-diff (no proto changes)

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

* refactor(commit 6): migrate /api/supply-chain/v1/{country-products,multi-sector-cost-shock} → SupplyChainService (#3207)

Both endpoints were hand-rolled TS handlers sitting under a proto URL prefix —
the exact drift the manifest guardrail flagged. Promoted both to typed RPCs:

- GetCountryProducts → /api/supply-chain/v1/get-country-products
- GetMultiSectorCostShock → /api/supply-chain/v1/get-multi-sector-cost-shock

Handlers preserve the existing semantics: PRO-gate via isCallerPremium(ctx.request),
iso2 / chokepointId validation, raw bilateral-hs4 Redis read (skip env-prefix to
match seeder writes), CHOKEPOINT_STATUS_KEY for war-risk tier, and the math from
_multi-sector-shock.ts unchanged. Empty-data and non-PRO paths return the typed
empty payload (no 403 — the sebuf gateway pattern is empty-payload-on-deny).

Client wrapper switches from premiumFetch to client.getCountryProducts/
client.getMultiSectorCostShock. Legacy MultiSectorShock / MultiSectorShockResponse /
CountryProductsResponse names remain as type aliases of the generated proto types
so CountryBriefPanel + CountryDeepDivePanel callsites compile with zero churn.

Manifest 54 → 52. Rate-limit gateway routes 175 → 177.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

* fix(gateway): add cache-tier entries for new supply-chain RPCs (#3207)

Pre-push tests/route-cache-tier.test.mjs caught the missing entries.
Both PRO-gated, request-varying — match the existing supply-chain PRO cohort
(get-country-cost-shock, get-bypass-options, etc.) at slow-browser tier.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

* refactor(commit 7): migrate /api/scenario/v1/{run,status,templates} → ScenarioService (#3207)

Promote the three literal-filename scenario endpoints to a typed sebuf
service with three RPCs:

  POST /api/scenario/v1/run-scenario        (RunScenario)
  GET  /api/scenario/v1/get-scenario-status (GetScenarioStatus)
  GET  /api/scenario/v1/list-scenario-templates (ListScenarioTemplates)

Preserves all security invariants from the legacy handlers:
- 405 for wrong method (sebuf service-config method gate)
- scenarioId validation against SCENARIO_TEMPLATES registry
- iso2 regex ^[A-Z]{2}$
- JOB_ID_RE path-traversal guard on status
- Per-IP 10/min rate limit (moved to gateway ENDPOINT_RATE_POLICIES)
- Queue-depth backpressure (>100 → 429)
- PRO gating via isCallerPremium
- AbortSignal.timeout on every Redis pipeline (runRedisPipeline helper)

Wire-level diffs vs legacy:
- Per-user RL now enforced at the gateway (same 10/min/IP budget).
- Rate-limit response omits Retry-After header; retryAfter is in the
  body per error-mapper.ts convention.
- ListScenarioTemplates emits affectedHs2: [] when the registry entry
  is null (all-sectors sentinel); proto repeated cannot carry null.
- RunScenario returns { jobId, status } (no statusUrl field — unused
  by SupplyChainPanel, drop from wire).

Gateway wiring:
- server/gateway.ts RPC_CACHE_TIER: list-scenario-templates → 'daily'
  (matches legacy max-age=3600); get-scenario-status → 'slow-browser'
  (premium short-circuit target, explicit entry required by
  tests/route-cache-tier.test.mjs).
- src/shared/premium-paths.ts: swap old run/status for the new
  run-scenario/get-scenario-status paths.
- api/scenario/v1/{run,status,templates}.ts deleted; 3 manifest
  exceptions removed (63 → 52 → 49 migration-pending).

Client:
- src/services/scenario/index.ts — typed client wrapper using
  premiumFetch (injects Clerk bearer / API key).
- src/components/SupplyChainPanel.ts — polling loop swapped from
  premiumFetch strings to runScenario/getScenarioStatus. Hard 20s
  timeout on run preserved via AbortSignal.any.

Tests:
- tests/scenario-handler.test.mjs — 18 new handler-level tests
  covering every security invariant + the worker envelope coercion.
- tests/edge-functions.test.mjs — scenario sections removed,
  replaced with a breadcrumb pointer to the new test file.

Docs: api-scenarios.mdx, scenario-engine.mdx, usage-rate-limits.mdx,
usage-errors.mdx, supply-chain.mdx refreshed with new paths.

Verified: typecheck, typecheck:api, lint:api-contract (49 entries),
lint:rate-limit-policies (6/180), lint:boundaries, route-cache-tier
(parity), full edge-functions (117) + scenario-handler (18).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

* refactor(commit 8): migrate /api/v2/shipping/{route-intelligence,webhooks} → ShippingV2Service (#3207)

Partner-facing endpoints promoted to a typed sebuf service. Wire shape
preserved byte-for-byte (camelCase field names, ISO-8601 fetchedAt, the
same subscriberId/secret formats, the same SET + SADD + EXPIRE 30-day
Redis pipeline). Partner URLs /api/v2/shipping/* are unchanged.

RPCs landed:
- GET  /route-intelligence  → RouteIntelligence  (PRO, slow-browser)
- POST /webhooks            → RegisterWebhook    (PRO)
- GET  /webhooks            → ListWebhooks       (PRO, slow-browser)

The existing path-parameter URLs remain on the legacy edge-function
layout because sebuf's HTTP annotations don't currently model path
params (grep proto/**/*.proto for `path: "{…}"` returns zero). Those
endpoints are split into two Vercel dynamic-route files under
api/v2/shipping/webhooks/, behaviorally identical to the previous
hybrid file but cleanly separated:
- GET  /webhooks/{subscriberId}                → [subscriberId].ts
- POST /webhooks/{subscriberId}/rotate-secret  → [subscriberId]/[action].ts
- POST /webhooks/{subscriberId}/reactivate     → [subscriberId]/[action].ts

Both get manifest entries under `migration-pending` pointing at #3207.

Other changes
- scripts/enforce-sebuf-api-contract.mjs: extended GATEWAY_RE to accept
  api/v{N}/{domain}/[rpc].ts (version-first) alongside the canonical
  api/{domain}/v{N}/[rpc].ts; first-use of the reversed ordering is
  shipping/v2 because that's the partner contract.
- vite.config.ts: dev-server sebuf interceptor regex extended to match
  both layouts; shipping/v2 import + allRoutes entry added.
- server/gateway.ts: RPC_CACHE_TIER entries for /api/v2/shipping/
  route-intelligence + /webhooks (slow-browser; premium-gated endpoints
  short-circuit to slow-browser but the entries are required by
  tests/route-cache-tier.test.mjs).
- src/shared/premium-paths.ts: route-intelligence + webhooks added.
- tests/shipping-v2-handler.test.mjs: 18 handler-level tests covering
  PRO gate, iso2/cargoType/hs2 coercion, SSRF guards (http://, RFC1918,
  cloud metadata, IMDS), chokepoint whitelist, alertThreshold range,
  secret/subscriberId format, pipeline shape + 30-day TTL, cross-tenant
  owner isolation, `secret` omission from list response.

Manifest delta
- Removed: api/v2/shipping/route-intelligence.ts, api/v2/shipping/webhooks.ts
- Added:   api/v2/shipping/webhooks/[subscriberId].ts (migration-pending)
- Added:   api/v2/shipping/webhooks/[subscriberId]/[action].ts (migration-pending)
- Added:   api/internal/brief-why-matters.ts (internal-helper) — regression
  surface from the #3248 main merge, which introduced the file without a
  manifest entry. Filed here to keep the lint green; not strictly in scope
  for commit 8 but unblocking.

Net result: 49 → 47 `migration-pending` entries (one net-removal even
though webhook path-params stay pending, because two files collapsed
into two dynamic routes).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

* fix(review HIGH 1): SupplyChainServiceClient must use premiumFetch (#3207)

Signed-in browser pro users were silently hitting 401 on 8 supply-chain
premium endpoints (country-products, multi-sector-cost-shock,
country-chokepoint-index, bypass-options, country-cost-shock,
sector-dependency, route-explorer-lane, route-impact). The shared
client was constructed with globalThis.fetch, so no Clerk bearer or
X-WorldMonitor-Key was injected. The gateway's validateApiKey runs
with forceKey=true for PREMIUM_RPC_PATHS and 401s before isCallerPremium
is consulted. The generated client's try/catch collapses the 401 into
an empty-fallback return, leaving panels blank with no visible error.

Fix is one line at the client constructor: swap globalThis.fetch for
premiumFetch. The same pattern is already in use for insider-transactions,
stock-analysis, stock-backtest, scenario, trade (premiumClient) — this
was an omission on this client, not a new pattern.

premiumFetch no-ops safely when no credentials are available, so the
5 non-premium methods on this client (shippingRates, chokepointStatus,
chokepointHistory, criticalMinerals, shippingStress) continue to work
unchanged.

This also fixes two panels that were pre-existing latently broken on
main (chokepoint-index, bypass-options, etc. — predating #3207, not
regressions from it). Commit 6 expanded the surface by routing two more
methods through the same buggy client; this commit fixes the class.

From koala73 review (#3242 second-pass, HIGH new #1):
> Exact class PR #3233 fixed for RegionalIntelligenceBoard /
> DeductionPanel / trade / country-intel. Supply-chain was not in
> #3233's scope.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

* fix(review HIGH 2): restore 400 on input-shape errors for 2 supply-chain handlers (#3207)

Commit 6 collapsed all non-happy paths into empty-200 on
`get-country-products` and `get-multi-sector-cost-shock`, including
caller-bug cases that legacy returned 400 for:

- get-country-products: malformed iso2 → empty 200 (was 400)
- get-multi-sector-cost-shock: malformed iso2 / missing chokepointId /
  unknown chokepointId → empty 200 (was 400)

The commit message for 6 called out the 403-for-non-pro → empty-200
shift ("sebuf gateway pattern is empty-payload-on-deny") but not the
400 shift. They're different classes:

- Empty-payload-200 for PRO-deny: intentional contract change, already
  documented and applied across the service. Generated clients treat
  "you lack PRO" as "no data" — fine.
- Empty-payload-200 for malformed input: caller bug silently masked.
  External API consumers can't distinguish "bad wiring" from "genuinely
  no data", test harnesses lose the signal, bad calling code doesn't
  surface in Sentry.

Fix: `throw new ValidationError(violations)` on the 3 input-shape
branches. The generated sebuf server maps ValidationError → HTTP 400
(see src/generated/server/.../service_server.ts and leads/v1 which
already uses this pattern).

PRO-gate deny stays as empty-200 — that contract shift was intentional
and is preserved.

Regression tests added at tests/supply-chain-validation.test.mjs (8
cases) pinning the three-way contract:
- bad input                         → 400 (ValidationError)
- PRO-gate deny on valid input      → 200 empty
- valid PRO input, no data in Redis → 200 empty (unchanged)

From koala73 review (#3242 second-pass, HIGH new #2).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

* fix(review HIGH 3): restore statusUrl on RunScenarioResponse + document 202→200 wire break (#3207)

Commit 7 silently shifted /api/scenario/v1/run-scenario's response
contract in two ways that the commit message covered only partially:

1. HTTP 202 Accepted → HTTP 200 OK
2. Dropped `statusUrl` string from the response body

The `statusUrl` drop was mentioned as "unused by SupplyChainPanel" but
not framed as a contract change. The 202 → 200 shift was not mentioned
at all. This is a same-version (v1 → v1) migration, so external callers
that key off either signal — `response.status === 202` or
`response.body.statusUrl` — silently branch incorrectly.

Evaluated options:
  (a) sebuf per-RPC status-code config — not available. sebuf's
      HttpConfig only models `path` and `method`; no status annotation.
  (b) Bump to scenario/v2 — judged heavier than the break itself for
      a single status-code shift. No in-repo caller uses 202 or
      statusUrl; the docs-level impact is containable.
  (c) Accept the break, document explicitly, partially restore.

Took option (c):

- Restored `statusUrl` in the proto (new field `string status_url = 3`
  on RunScenarioResponse). Server computes
  `/api/scenario/v1/get-scenario-status?jobId=<encoded job_id>` and
  populates it on every successful enqueue. External callers that
  followed this URL keep working unchanged.
- 202 → 200 is not recoverable inside the sebuf generator, so it is
  called out explicitly in two places:
    - docs/api-scenarios.mdx now includes a prominent `<Warning>` block
      documenting the v1→v1 contract shift + the suggested migration
      (branch on response body shape, not HTTP status).
    - RunScenarioResponse proto comment explains why 200 is the new
      success status on enqueue.
  OpenAPI bundle regenerated to reflect the restored statusUrl field.

- Regression test added in tests/scenario-handler.test.mjs pinning
  `statusUrl` to the exact URL-encoded shape — locks the invariant so
  a future proto rename or handler refactor can't silently drop it
  again.

From koala73 review (#3242 second-pass, HIGH new #3).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

* fix(review HIGH 1/2): close webhook tenant-isolation gap on shipping/v2 (#3207)

Koala flagged this as a merge blocker in PR #3242 review.

server/worldmonitor/shipping/v2/{register-webhook,list-webhooks}.ts
migrated without reinstating validateApiKey(req, { forceKey: true }),
diverging from both the sibling api/v2/shipping/webhooks/[subscriberId]
routes and the documented "X-WorldMonitor-Key required" contract in
docs/api-shipping-v2.mdx.

Attack surface: the gateway accepts Clerk bearer auth as a pro signal.
A Clerk-authenticated pro user with no X-WorldMonitor-Key reaches the
handler, callerFingerprint() falls back to 'anon', and every such
caller collapses into a shared webhook:owner:anon:v1 bucket. The
defense-in-depth ownerTag !== ownerHash check in list-webhooks.ts
doesn't catch it because both sides equal 'anon' — every Clerk-session
holder could enumerate / overwrite every other Clerk-session pro
tenant's registered webhook URLs.

Fix: reinstate validateApiKey(ctx.request, { forceKey: true }) at the
top of each handler, throwing ApiError(401) when absent. Matches the
sibling routes exactly and the published partner contract.

Tests:
- tests/shipping-v2-handler.test.mjs: two existing "non-PRO → 403"
  tests for register/list were using makeCtx() with no key, which now
  fails at the 401 layer first. Renamed to "no API key → 401
  (tenant-isolation gate)" with a comment explaining the failure mode
  being tested. 18/18 pass.

Verified: typecheck:api, lint:api-contract (no change), lint:boundaries,
lint:rate-limit-policies, test:data (6005/6005).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

* fix(review HIGH 2/2): restore v1 path aliases on scenario + supply-chain (#3207)

Koala flagged this as a merge blocker in PR #3242 review.

Commits 6 + 7 of #3207 renamed five documented v1 URLs to the sebuf
method-derived paths and deleted the legacy edge-function files:

  POST /api/scenario/v1/run                       → run-scenario
  GET  /api/scenario/v1/status                    → get-scenario-status
  GET  /api/scenario/v1/templates                 → list-scenario-templates
  GET  /api/supply-chain/v1/country-products      → get-country-products
  GET  /api/supply-chain/v1/multi-sector-cost-shock → get-multi-sector-cost-shock

server/router.ts is an exact static-match table (Map keyed on `METHOD
PATH`), so any external caller — docs, partner scripts, grep-the-
internet — hitting the old documented URL would 404 on first request
after merge. Commit 8 (shipping/v2) preserved partner URLs byte-for-
byte; the scenario + supply-chain renames missed that discipline.

Fix: add five thin alias edge functions that rewrite the pathname to
the canonical sebuf path and delegate to the domain [rpc].ts gateway
via a new server/alias-rewrite.ts helper. Premium gating, rate limits,
entitlement checks, and cache-tier lookups all fire on the canonical
path — aliases are pure URL rewrites, not a duplicate handler pipeline.

  api/scenario/v1/{run,status,templates}.ts
  api/supply-chain/v1/{country-products,multi-sector-cost-shock}.ts

Vite dev parity: file-based routing at api/ is a Vercel concern, so the
dev middleware (vite.config.ts) gets a matching V1_ALIASES rewrite map
before the router dispatch.

Manifest: 5 new entries under `deferred` with removal_issue=#3282
(tracking their retirement at the next v1→v2 break). lint:api-contract
stays green (89 files checked, 55 manifest entries validated).

Docs:
- docs/api-scenarios.mdx: migration callout at the top with the full
  old→new URL table and a link to the retirement issue.
- CHANGELOG.md + docs/changelog.mdx: Changed entry documenting the
  rename + alias compat + the 202→200 shift (from commit 23c821a1).

Verified: typecheck:api, lint:api-contract, lint:rate-limit-policies,
lint:boundaries, test:data (6005/6005).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

---------

Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
 2026-04-22 09:55:59 +03:00
Elie Habib
e1c3b28180 feat(notifications): Phase 6 — web-push channel for PWA notifications (#3173) 
* feat(notifications): Phase 6 — web-push channel for PWA notifications

Adds a web_push notification channel so PWA users receive native
notifications when this tab is closed. Deep-links click to the
brief magazine URL for brief_ready events, to the event link for
everything else.

Schema / API:
- channelTypeValidator gains 'web_push' literal
- notificationChannels union adds { endpoint, p256dh, auth,
  userAgent? } variant (standard PushSubscription identity triple +
  cosmetic UA for the settings UI)
- new setWebPushChannelForUser internal mutation upserts the row
- /relay/deactivate allow-list extended to accept 'web_push'
- api/notification-channels: 'set-web-push' action validates the
  triple, rejects non-https, truncates UA to 200 chars

Client (src/services/push-notifications.ts + src/config/push.ts):
- isWebPushSupported guards Tauri webview + iOS Safari
- subscribeToPush: permission + pushManager.subscribe + POST triple
- unsubscribeFromPush: pushManager.unsubscribe + DELETE row
- VAPID_PUBLIC_KEY constant (with VITE_VAPID_PUBLIC_KEY env override)
- base64 <-> Uint8Array helpers (VAPID key encoding)

Service worker (public/push-handler.js):
- Imported into VitePWA's generated sw.js via workbox.importScripts
- push event: renders notification; requireInteraction=true for
  brief_ready so a lock-screen swipe does not dismiss the CTA
- notificationclick: focuses+navigates existing same-origin client
  when present, otherwise opens a new window
- Malformed JSON falls back to raw text body, missing data falls
  back to a minimal WorldMonitor default

Relay (scripts/notification-relay.cjs):
- sendWebPush() with lazy-loaded web-push dep. 404/410 triggers
  deactivateChannel('web_push'). Missing VAPID env vars logs once
  and skips — other channels keep delivering.
- processEvent dispatch loop + drainHeldForUser both gain web_push
  branches

Settings UI (src/services/notifications-settings.ts):
- New 'Browser Push' tile with bell icon
- Enable button lazy-imports push-notifications, calls subscribe,
  renders 'Not supported' on Tauri/in-app webviews
- Remove button routes web_push specifically through
  unsubscribeFromPush so the browser side is cleaned up too

Env vars required on Railway services:
  VAPID_PUBLIC_KEY   public key
  VAPID_PRIVATE_KEY  private key
  VAPID_SUBJECT      mailto:support@worldmonitor.app (optional)

Public key is also committed as the default in src/config/push.ts
so the client bundle works without a build-time override.

Tests: 11 new cases in tests/brief-web-push.test.mjs
- base64 <-> Uint8Array round-trip + null guards
- VAPID default fallback when env absent
- SW push event rendering, requireInteraction gating, malformed JSON
  + no-data fallbacks
- SW notificationclick: openWindow vs focus+navigate, default url

154/154 tests pass. Both tsconfigs typecheck clean.

* fix(brief): address PR #3173 review findings + drop hardcoded VAPID

P1 (security): VAPID private key leaked in PR description.
Rotated the keypair. Old pair permanently invalidated. Structural fix:

  Removed DEFAULT_VAPID_PUBLIC_KEY entirely. Hardcoding the public
  key in src/config/push.ts gave rotations two sources of truth
  (code vs env) — exactly the friction that caused me to paste the
  private key in a PR description in the first place. VAPID_PUBLIC_KEY
  now comes SOLELY from VITE_VAPID_PUBLIC_KEY at build time.
  isWebPushConfigured() gates the subscribe flow so builds without
  the env var surface as 'Not supported' rather than crashing
  pushManager.subscribe.

  Operator setup (one-time):
    Vercel build:      VITE_VAPID_PUBLIC_KEY=<public>
    Railway services:  VAPID_PUBLIC_KEY=<public>
                       VAPID_PRIVATE_KEY=<private>
                       VAPID_SUBJECT=mailto:support@worldmonitor.app

  Rotation: update env on both sides, redeploy. No code change, no
  PR body — no chance of leaking a key in a commit.

P2: single-device fan-out — setWebPushChannelForUser replaces the
previous subscription silently. Per-device fan-out is a schema change
deferred to follow-up. Fix for now: surface the replacement in
settings UI copy ('Enabling here replaces any previously registered
browser.') so users who expect multi-device see the warning.

P2: 24h push TTL floods offline devices on reconnect. Event-type-aware:
  brief_ready:       12h  (daily editorial — still interesting)
  quiet_hours_batch:  6h  (by definition queued-on-wake)
  everything else:   30m  (transient alerts: noise after 30min)

REGRESSION test: VAPID_PUBLIC_KEY must be '' when env var is unset.
If a committed default is reintroduced, the test fails loudly.

11/11 web-push tests pass. Both tsconfigs typecheck clean.

* fix(notifications): deliver channel_welcome push for web_push connects (#3173 P2)

The settings UI queues a channel_welcome event on first web_push
subscribe (api/notification-channels.ts:240 via publishWelcome), but
processWelcome() in the relay only branched on slack/discord/email —
no web_push arm. The welcome event was consumed off the queue and
then silently dropped, leaving first-time subscribers with no
'connection confirmed' signal.

Fix: add a web_push branch to processWelcome. Calls sendWebPush with
eventType='channel_welcome' which maps to the 30-minute TTL tier in
the push-delivery switch — a welcome that arrives >30 min after
subscribe is noise, not confirmation.

Short body (under 80 chars) so Chrome/Firefox/Safari notification
shelves don't clip past ellipsis.

11/11 web-push tests pass.

* fix(notifications): address two P1 review findings on #3173

P1-A: SSRF via user-supplied web_push endpoint.
The set-web-push edge handler accepted any https:// URL and wrote
it to Convex. The relay's sendWebPush() later POSTs to whatever
endpoint sits in that row, giving any Pro user a server-side-request
primitive bounded only by the relay's network egress.

Fix: isAllowedPushEndpointHost() allow-list in api/notification-
channels.ts. Only the four known browser push-service hosts pass:

  fcm.googleapis.com                (Chrome / Edge / Brave)
  updates.push.services.mozilla.com (Firefox)
  web.push.apple.com                (Safari, macOS 13+)
  *.notify.windows.com              (Windows Notification Service)

Fail-closed: unknown hosts rejected with 400 before the row ever
reaches Convex. If a future browser ships a new push service we'll
need to widen this list (guarded by the SSRF regression tests).

P1-B: cross-account endpoint reuse on shared devices.
The browser's PushSubscription is bound to the origin, NOT to the
Clerk session. User A subscribes on device X, signs out, user B
signs in on X and subscribes — the browser hands out the SAME
endpoint/p256dh/auth triple. The previous setWebPushChannelForUser
upsert keyed only by (userId, channelType), so BOTH rows now carry
the same endpoint. Every push the relay fans out for user A also
lands on device X which is now showing user B's session.

Fix: setWebPushChannelForUser scans all web_push rows and deletes
any that match the new endpoint BEFORE upserting. Effectively
transfers ownership of the subscription to the current caller.
The previous user will need to re-subscribe on that device if they
sign in again.

No endpoint-based index on notificationChannels — the scan happens
at <10k rows and is well-bounded to the one write-path per user
per connect. If volume grows, add an  + migration.

Regression tests (tests/brief-web-push.test.mjs, 3 new cases):
  - allow-list defines all four browser hosts + fail-closed return
  - allow-list is invoked BEFORE convexRelay() in the handler
  - setWebPushChannelForUser compares + deletes rows by endpoint

14/14 web-push tests pass. Both tsconfigs typecheck clean.
 2026-04-18 20:27:08 +04:00
Lucas Passos
4b67012260 feat(resilience): add service proto and stub handlers (#2657) 
* feat(resilience): add service proto and stub handlers

Add the worldmonitor.resilience.v1 proto package, generated client/server artifacts, edge routing, and zero-state handler stubs so the domain is deployable before the seed and scoring layers land.

Validation:
- PATH="/Users/lucaspassos/go/bin:/Users/lucaspassos/.codex/tmp/arg0/codex-arg06nbVvG:/Users/lucaspassos/.antigravity/antigravity/bin:/Users/lucaspassos/.local/bin:/Users/lucaspassos/.codeium/windsurf/bin:/Users/lucaspassos/Library/Python/3.12/bin:/Library/Frameworks/Python.framework/Versions/3.12/bin:/usr/local/bin:/System/Cryptexes/App/usr/bin:/usr/bin:/bin:/usr/sbin:/sbin:/var/run/com.apple.security.cryptexd/codex.system/bootstrap/usr/local/bin:/var/run/com.apple.security.cryptexd/codex.system/bootstrap/usr/bin:/var/run/com.apple.security.cryptexd/codex.system/bootstrap/usr/appleinternal/bin:/opt/pkg/env/active/bin:/opt/pmk/env/global/bin:/Library/Apple/usr/bin:/opt/homebrew/bin:/Applications/Codex.app/Contents/Resources" make generate
- PATH="/Users/lucaspassos/go/bin:/Users/lucaspassos/.codex/tmp/arg0/codex-arg06nbVvG:/Users/lucaspassos/.antigravity/antigravity/bin:/Users/lucaspassos/.local/bin:/Users/lucaspassos/.codeium/windsurf/bin:/Users/lucaspassos/Library/Python/3.12/bin:/Library/Frameworks/Python.framework/Versions/3.12/bin:/usr/local/bin:/System/Cryptexes/App/usr/bin:/usr/bin:/bin:/usr/sbin:/sbin:/var/run/com.apple.security.cryptexd/codex.system/bootstrap/usr/local/bin:/var/run/com.apple.security.cryptexd/codex.system/bootstrap/usr/bin:/var/run/com.apple.security.cryptexd/codex.system/bootstrap/usr/appleinternal/bin:/opt/pkg/env/active/bin:/opt/pmk/env/global/bin:/Library/Apple/usr/bin:/opt/homebrew/bin:/Applications/Codex.app/Contents/Resources" npx tsx --test tests/route-cache-tier.test.mjs tests/edge-functions.test.mjs
- npm run typecheck (fails on upstream Dodo/Clerk baseline)
- npm run typecheck:api (fails on upstream vitest baseline)
- npm run test:data (fails on upstream dodopayments-checkout baseline via tests/runtime-config-panel-visibility.test.mjs)

* fix(resilience): add countryCode validation to get-resilience-score

Throw ValidationError when countryCode is missing instead of silently
returning a zero-state response with an empty string country code.

* fix(resilience): validate countryCode format and mark required in spec

- Trim whitespace and reject non-ISO-3166-1 alpha-2 codes to prevent
  cache pollution from malformed aliases (e.g. 'USA', '  us  ', 'foobar')
- Add required: true to proto QueryConfig so generated OpenAPI spec
  matches runtime validation behavior
- Regenerated OpenAPI artifacts via make generate

---------

Co-authored-by: Elie Habib <elie.habib@gmail.com>
 2026-04-04 08:04:46 +04:00
randommanguy
827cf886a5 refactor: dynamically load environment variables within Vite config a… (#1791) 
* refactor: dynamically load environment variables within Vite config and pass them to plugins.

* fix(vite): type htmlVariantPlugin activeMeta as VariantMeta instead of any

* fix(deps): restore package-lock.json to fix npm ci in CI

The PR's lockfile was generated on a different npm version, removing
commander@13.1.0 and dev flags from optional packages. This breaks
npm ci (strict mode) in GitHub Actions. Restore to origin/main state.

---------

Co-authored-by: Elie Habib <elie.habib@gmail.com>
 2026-03-18 09:38:26 +04:00
Elie Habib
4353c20637 feat(widgets): AI widget builder with live WorldMonitor data (#1732) 2026-03-17 09:23:04 +04:00
Elie Habib
bcccb3fb9c test: cover runtime env guardrails (#1650) 
* fix(data): restore bootstrap and cache test coverage

* test: cover runtime env guardrails

* fix(test): align security header tests with current vercel.json

Update catch-all source pattern, geolocation policy value, and
picture-in-picture origins to match current production config.
 2026-03-15 16:54:42 +04:00
Elie Habib
5778e63cc3 fix: restore desktop bootstrap timeouts and SW NetworkOnly (#1653) 
- Bootstrap: keep 1.2s/1.8s for web, restore 5s/8s for desktop
  (sidecar IPC + token resolution needs the headroom)
- SW: revert navigation handler to NetworkOnly to prevent stale
  HTML caching that causes 404 storms on deploy
 2026-03-15 16:13:10 +04:00
Elie Habib
222dd99f75 fix(data): restore bootstrap and cache test coverage (#1649) 
* fix(data): restore bootstrap and cache test coverage

* fix: resolve linting and test failures

- Remove dead writeSeedMeta/estimateRecordCount functions from redis.ts
  (intentionally removed from cachedFetchJson; seed-meta now written
  only by explicit seed flows, not generic cache reads)
- Fix globe dayNight test to match actual code (forces dayNight: false
  + hideLayerToggle, not catalog-based exclusion)
- Fix country-geometry test mock URL from CDN to /data/countries.geojson
  (source changed to use local bundled file)

* fix(lint): remove duplicate llm-health key in redis-caching test

Duplicate object key '../../../_shared/llm-health' caused the stub
to be overwritten by the real module. Removed the second entry so
the test correctly uses the stub.
 2026-03-15 15:42:27 +04:00
Elie Habib
39cf56dd4d perf: reduce ~14M uncached API calls/day via client caches + workbox fix + USNI Railway migration (#1605) 
* perf: reduce uncached API calls via client-side circuit breaker caches

Add client-side circuit breaker caches with IndexedDB persistence to the
top 3 uncached API endpoints (CF analytics: 10.5M uncached requests/day):

- classify-events (5.37M/day): 6hr cache per normalized title, shouldCache
  guards against caching null/transient failures
- get-population-exposure (3.45M/day): 6hr cache per coordinate key
  (toFixed(4) for ~11m precision), 64-entry LRU
- summarize-article (1.68M/day): 2hr cache per headline-set hash via
  buildSummaryCacheKey, eliminates both cache-check and summarize RPCs

Fix workbox-*.js getting no-cache headers (3.62M/day): exclude from SPA
catch-all regex in vercel.json, add explicit immutable cache rule for
content-hashed workbox files.

Migrate USNI fleet fetch from Vercel edge to Railway relay (gold standard):
- Add seedUSNIFleet() loop to ais-relay.cjs (6hr interval, gzip support)
- Make server handler Redis-read-only (435 lines reduced to 38)
- Move usniFleet from ON_DEMAND to BOOTSTRAP_KEYS in health.js
- Add persistCache + shouldCache to client breaker

Estimated reduction: ~14.3M uncached requests/day.

* fix: address code review findings (P1 + P2)

P1: Include SummarizeOptions in summary cache key to prevent cross-option
cache pollution (e.g. cloud summary replayed after user disables cloud LLMs).

P2: Document that forceRefresh is intentionally ignored now that USNI
fetching moved to Railway relay (Vercel is Redis-read-only).

* fix: reject forceRefresh explicitly instead of silently ignoring it

Return an error response with explanation when forceRefresh=true is sent,
rather than silently returning cached data. Makes the behavior regression
visible to any caller instead of masking it.

* fix(build): set worker.format to 'es' for Vite 6 compatibility

Vite 6 defaults worker.format to 'iife' which fails with code-splitting
workers (analysis.worker.ts uses dynamic imports). Setting 'es' fixes
the Vercel production build.

* fix(test): update deploy-config test for workbox regex exclusion

The SPA catch-all regex test hard-coded the old pattern without the
workbox exclusion. Update to match the new vercel.json source pattern.
 2026-03-15 00:52:10 +04:00
Elie Habib
2f7fd6421f feat(gpsjam): migrate GPS jamming from gpsjam.org to Wingbits API (#1240) 
* feat(gpsjam): migrate GPS jamming from gpsjam.org to Wingbits API

Replace gpsjam.org CSV scraping with Wingbits customer API for GPS/GNSS
interference data. This is a proper API with structured JSON responses
instead of fragile web scraping.

Key changes:
- Rewrite fetch-gpsjam.mjs seeder for Wingbits API (x-api-key auth)
- Delete ~150-line gpsjam seed loop from ais-relay.cjs (now standalone cron)
- Simplify api/gpsjam.js to Redis-only reads with v1→v2 fallback
- Update data shape: pct/good/bad/total → npAvg/sampleCount/aircraftCount
- Redis key: intelligence:gpsjam:v1 → v2 (with dual-write transition)
- Add vite dev plugin for local development
- Update all frontend components (MapPopup, DeckGLMap, GlobeMap, locales)

Zero-downtime: seeder dual-writes both v1 and v2 keys, edge handler
falls back to v1 with shape normalization. Remove v1 code after 24-72h.

* fix(gpsjam): improve v1 fallback normalization and update all locale files

- v1 fallback now derives npAvg from severity thresholds (high: 0.3,
  medium: 0.8) instead of hardcoding 0, uses bad/total for counts
- Update all 20 non-English locale files to use new gpsJamming keys
  (navPerformance, samples, aircraft) with English fallback values

* fix(gpsjam): dual-write v1 in old schema shape and catch Redis errors

- Seeder now converts v2 data back to v1 shape (pct/good/bad/total)
  for the dual-write, so old deployments and rollbacks parse correctly
- Edge handler wraps readFromRedis calls in try-catch so network/timeout
  errors return graceful 503 instead of platform 500s
 2026-03-08 02:15:34 +04:00
Elie Habib
7134e3dade fix(sw): remove 206 from cacheable statuses for PMTiles (#1129) 
The Cache API spec forbids storing partial responses (HTTP 206).
Workbox's cacheableResponse plugin passes them through, but the
browser's Cache.put() throws TypeError. PMTiles Range responses
are already cached by the browser HTTP cache and CF edge.
 2026-03-06 16:55:27 +04:00
Elie Habib
fce836039b feat(map): migrate basemap from CARTO to self-hosted PMTiles on R2 (#1064) 
* feat(map): migrate basemap from CARTO to self-hosted PMTiles on Cloudflare R2

Replace CARTO tile provider (frequent 403 errors) with self-hosted PMTiles
served from Cloudflare R2. Uses @protomaps/basemaps for style generation
with OpenFreeMap as automatic fallback when VITE_PMTILES_URL is unset.

- Add pmtiles and @protomaps/basemaps dependencies
- Create src/config/basemap.ts for PMTiles protocol registration and style building
- Update DeckGLMap.ts to use PMTiles styles (non-happy variants)
- Fix fallback detection using data event instead of style.load
- Update SW cache rules: replace CARTO/MapTiler with PMTiles NetworkFirst
- Add Protomaps preconnect hints in index.html
- Bundle pmtiles + @protomaps/basemaps in maplibre chunk
- Upload 3.4GB world tiles (zoom 0-10) to R2 bucket worldmonitor-maps

* fix(map): use CDN custom domain maps.worldmonitor.app for PMTiles

Replace r2.dev URL with custom domain backed by Cloudflare CDN edge.
Update preconnect hint and .env.example with production URL.

* fix(map): harden PMTiles fallback detection to prevent false triggers

- Require 2+ network errors before triggering OpenFreeMap fallback
- Use persistent data listener instead of once (clears timeout on first tile load)
- Increase fallback timeout to 10s for PMTiles header + initial tile fetch
- Add console.warn for map errors to aid debugging
- Remove redundant style.load listener (fires immediately for inline styles)

* feat(settings): add Map Tile Provider selector in settings

Add dropdown in Settings → Map section to switch between:
- Auto (PMTiles → OpenFreeMap fallback)
- PMTiles (self-hosted)
- OpenFreeMap
- CARTO

Choice persists in localStorage and reloads basemap instantly.

* fix(map): make OSS-friendly — default to free OpenFreeMap, hide PMTiles when unconfigured

- Default to OpenFreeMap when VITE_PMTILES_URL is unset (zero config for OSS users)
- Hide PMTiles/Auto options from settings dropdown when no PMTiles URL configured
- If user previously selected PMTiles but env var is removed, gracefully fall back
- Remove production URL from .env.example to avoid exposing hosted tiles
- Add docs link for self-hosting PMTiles in .env.example

* docs: add map tile provider documentation to README and MAP_ENGINE.md

Document the tile provider system (OpenFreeMap, CARTO, PMTiles) in
MAP_ENGINE.md with self-hosting instructions, fallback behavior, and
OSS-friendly defaults. Update README to reference tile providers in
the feature list, tech stack, and environment variables table.

* fix: resolve rebase conflicts and fix markdown lint errors

- Restore OSS-friendly basemap defaults (MAP_PROVIDER_OPTIONS as IIFE,
  getMapProvider with hasTilesUrl check)
- Fix markdown lint: add blank lines after ### headings in README
- Reconcile UnifiedSettings import with MAP_PROVIDER_OPTIONS constant
 2026-03-06 08:40:14 +04:00
Elie Habib
9384bdbe90 fix: prevent service worker from caching stale HTML (#1060) 
* perf: reduce Vercel data transfer costs with CDN optimization

- Increase polling intervals (markets 8→12min, feeds 15→20min, crypto 8→12min)
- Increase background tab hiddenMultiplier from 10→30 (polls 3x less when hidden)
- Double CDN s-maxage TTLs across all cache tiers in gateway
- Add CDN-Cache-Control header for Cloudflare-specific longer edge caching
- Add ETag generation + 304 Not Modified support in gateway (zero-byte revalidation)
- Add CDN-Cache-Control to bootstrap endpoint
- Add explicit SPA rewrite rule in vercel.json for CF proxy compatibility
- Add Cache-Control headers for /map-styles/, /data/, /textures/ static paths

* fix: prevent CF from caching SPA HTML + reduce Polymarket bandwidth 95%

- vercel.json: apply no-cache headers to ALL SPA routes (same regex as
  rewrite rule), not just / and /index.html — prevents CF proxy from
  caching stale HTML that references old content-hashed bundle filenames
- Polymarket: add server-side aggregation via Railway seed script that
  fetches all tags once and writes to Redis, eliminating 11-request
  fan-out per user per poll cycle
- Bootstrap: add predictions to hydration keys for zero-cost page load
- RPC handler: read Railway-seeded bootstrap key before falling back to
  live Gamma API fetch
- Client: 3-strategy waterfall (bootstrap → RPC → fan-out fallback)

* fix: prevent service worker from serving stale HTML after deploys

- Change navigation handler from NetworkFirst (3s timeout) to NetworkOnly
  so HTML always comes from the network, never from stale SW cache
- Reduce SW update check interval from 60min to 5min so new deploys
  propagate to users faster
- Root cause: SW precached all .js files, and NetworkFirst with 3s timeout
  would fall back to stale cached HTML referencing old content-hashed
  bundles that no longer exist after deploy → 404
 2026-03-05 16:52:29 +04:00
Elie Habib
4de2f74210 feat: move EONET/GDACS to server-side with Redis caching (#983) 
* feat: move EONET/GDACS to server-side with Redis caching and bootstrap hydration

Browser-direct fetches to eonet.gsfc.nasa.gov and gdacs.org caused CORS
errors and had no server-side caching. This moves both to the standard
Vercel edge → cachedFetchJson → Redis → bootstrap hydration pattern.

- Add proto definitions for NaturalService with ListNaturalEvents RPC
- Create server handler merging EONET + GDACS with 30min Redis TTL
- Add Vercel edge function at /api/natural/v1/list-natural-events
- Register naturalEvents in bootstrap SLOW_KEYS for CDN hydration
- Replace browser-direct fetches with RPC client + circuit breaker
- Delete src/services/gdacs.ts (logic moved server-side)

* fix: restore @ts-nocheck on generated files stripped by buf generate
 2026-03-04 15:02:03 +04:00
Elie Habib
c2f17dec45 fix(supply-chain): resolve P1 threat zeroing and P2 geo-first misclassification (#964) 
* enhance supply chain panel

* fix(supply-chain): resolve P1 threat zeroing and P2 geo-first misclassification

P1: threat baseline is now always applied regardless of config
staleness — stale config only adds a review-recommended note,
never zeros the score.

P2: resolveChokepointId now checks text evidence first and only
falls back to proximity when text has no confident match.

Adds regression test: text "Bab el-Mandeb" with location near
Suez correctly resolves to bab_el_mandeb.

---------

Co-authored-by: fayez bast <fayezbast15@gmail.com>
 2026-03-04 08:47:21 +04:00
Elie Habib
034ab9916f feat(globe): add interactive 3D globe view with 28 live data layers (#926) 
* feat(globe): add 3D globe view powered by globe.gl

Replicate the Sentinel.axonia.us globe locally and expose it via Settings.

- Add GlobeMap.ts: new globe.gl v2 component with night-sky starfield,
  earth topobathy texture, specular water map, atmosphere glow, auto-rotate
  (pauses on interaction, resumes after 60 s), and HTML marker layer for
  conflict zones, intel hotspots, and other data categories
- Update MapContainer with switchToGlobe() / switchToFlat() runtime
  methods and isGlobeMode() query; constructor accepts preferGlobe param
- Wire globe toggle in UnifiedSettings General tab (MAP section);
  persisted to worldmonitor-map-mode via loadFromStorage/saveToStorage
- Add mapMode storage key to STORAGE_KEYS
- Download earth textures to public/textures/ (topo-bathy, night-sky,
  water specular, day)
- Add globe.gl ^2.45.0 and @types/three dependencies
- Add globe CSS + @keyframes globe-pulse for pulsing conflict markers

* feat(globe): wire region selector & CMD+K navigation to 3D globe

* feat(globe): add zoom controls, layer panel, marker tooltips; fix Vercel build

* feat(globe): expand to all 28 world-variant layers with live data rendering

* refactor(globe): use proper keyof MapLayers types

* fix(globe): route AIS/flight data to globe, implement ship traffic markers, hide dayNight toggle

- MapContainer: add globe guard to setAisData and setFlightDelays (data was silently dropped)
- GlobeMap: implement setAisData with AisDisruptionMarker (typed, no any casts); renders
  disruption events with severity-colored ship icons and full tooltip (name/type/severity)
- GlobeMap: three-point dayNight suppression — disabled in initGlobe(), overridden in
  setLayers(), ignored in enableLayer(); toggle removed from layer panel UI
- MapContainer: add globe guards to 5 happy-variant setters (P3: keep no-op stubs in globe)
- Add tests/globe-2d-3d-parity.test.mjs: 13 static-analysis tests covering routing,
  AIS marker fields, and dayNight suppression (all passing)
 2026-03-03 21:08:06 +04:00
Elie Habib
c956b73470 feat: consolidate 4 Vercel deployments into 1 via runtime variant detection (#756) 
Replace build-time VITE_VARIANT resolution with hostname-based detection
for web deployments. A single build now serves all 4 variants (full, tech,
finance, happy) via subdomain routing, eliminating 3 redundant Vercel
projects and their build minutes.

- Extract VARIANT_META into shared src/config/variant-meta.ts
- Detect variant from hostname (tech./finance./happy. subdomains)
- Preserve VITE_VARIANT env var for desktop builds and localhost dev
- Add social bot OG responses in middleware for variant subdomains
- Swap favicons and meta tags at runtime per resolved variant
- Restrict localStorage variant reads to localhost/Tauri only
 2026-03-02 16:39:02 +04:00
Elie Habib
5a6ad1b25f fix(server): return 405 Method Not Allowed for wrong HTTP method (#757) 
Add allowedMethods(pathname) to the Router interface so the gateway
can distinguish "path exists but method is wrong" from "path not found".
Returns 405 with Allow header instead of a misleading 404.

Adapted from #751 to work with the per-domain edge function split (#753).

Closes #197.
 2026-03-02 14:20:22 +04:00
Elie Habib
36e36d8b57 Cost/traffic hardening, runtime fallback controls, and PostHog removal (#638) 
- Remove PostHog analytics runtime and configuration
- Add API rate limiting (api/_rate-limit.js)
- Harden traffic controls across edge functions
- Add runtime fallback controls and data-loader improvements
- Add military base data scripts (fetch-mirta-bases, fetch-osm-bases)
- Gitignore large raw data files
- Settings playground prototypes
 2026-03-01 11:53:20 +04:00
Elie Habib
e2f6c46e45 fix(relay): block rsshub.app requests with 410 Gone (#526) 
Stale clients still send RSS requests to rsshub.app (NHK, MOFCOM, MIIT).
These feeds were migrated to Google News RSS but cached PWA clients keep
hitting the relay, which forwards to rsshub.app and gets 403.

- Add explicit blocklist returning 410 Gone before allowlist check
- Remove rsshub.app from all allowlists (relay, edge proxy, vite)
- Remove dead AP News dev proxy target
 2026-02-28 14:52:45 +04:00
Elie Habib
f2cd9a62f4 feat(rss): add Axios (api.axios.com/feed) as US news source (#494) 
Add api.axios.com to proxy allowlist and CSP connect-src, register
Axios feed under US category as Tier 2 mainstream source.
 2026-02-28 07:54:25 +04:00
Elie Habib
3983278f53 feat: dynamic sidecar port with EADDRINUSE fallback + let scoping bug (#375) 
* feat: dynamic sidecar port with EADDRINUSE fallback

Rust probes port 46123 via TcpListener::bind; if busy, binds port 0 for
an OS-assigned ephemeral port. The actual port is stored in LocalApiState,
passed to sidecar via LOCAL_API_PORT env, and exposed to frontend via
get_local_api_port IPC command.

Frontend resolves the port lazily on first API call (with retry-on-failure
semantics) and caches it. All hardcoded 46123 references replaced with
dynamic getApiBaseUrl()/getLocalApiPort() accessors. CSP connect-src
broadened to http://127.0.0.1:* (frame-src unchanged).

* fix: scope CSP to desktop builds and eliminate port TOCTOU race

P1: Remove http://127.0.0.1:* from index.html (web build CSP). The
wildcard allowed web app JS to probe arbitrary localhost services.
Vite's htmlVariantPlugin now injects localhost CSP only when
VITE_DESKTOP_RUNTIME=1 (desktop builds).

P2: Replace Rust probe_available_port() (bind→release→spawn race)
with a confirmed port handshake. Sidecar now handles EADDRINUSE
fallback internally and writes the actual bound port to a file.
Rust polls the port file (up to 5s) to store only the confirmed port.

* fix: isSafeUrl ReferenceError — addresses scoped inside try block

`let addresses = []` was declared inside the outer `try` block but
referenced after the `catch` on line 200. `let` is block-scoped so
every request through isSafeUrl crashed with:
  ReferenceError: addresses is not defined

Move the declaration before the `try` so it's in scope for the return.
 2026-02-26 08:51:59 +04:00
Elie Habib
07d0803014 Add WTO trade policy intelligence service with tariffs, flows, and barriers (#364) 
* feat: add WTO trade policy service with 4 RPC endpoints and TradePolicyPanel

Adds a new `trade` RPC domain backed by the WTO API (apiportal.wto.org) for
trade policy intelligence: quantitative restrictions, tariff timeseries,
bilateral trade flows, and SPS/TBT barrier notifications.

New files: 6 protos, generated server/client, 4 server handlers + shared WTO
fetch utility, client service with circuit breakers, TradePolicyPanel (4 tabs),
and full API key infrastructure (Rust keychain, sidecar, runtime config).

Panel registered for FULL and FINANCE variants with data loader integration,
command palette entry, status panel tracking, data freshness monitoring, and
i18n across all 17 locale files.

https://claude.ai/code/session_01HZXyoQp6xK3TX8obDzv6Ye

* chore: update package-lock.json

https://claude.ai/code/session_01HZXyoQp6xK3TX8obDzv6Ye

* fix: move tab click listener to constructor to prevent leak

The delegated click handler was added inside render(), which runs
on every data update (4× per load cycle). Since the listener targets
this.content (a persistent container), each call stacked a duplicate
handler. Moving it to the constructor binds it exactly once.

https://claude.ai/code/session_01HZXyoQp6xK3TX8obDzv6Ye

---------

Co-authored-by: Claude <noreply@anthropic.com>
 2026-02-25 10:50:12 +00:00
Sebastien Melki
b1d835b69f feat: HappyMonitor — positive news dashboard (happy.worldmonitor.app) (#229) 
* chore: add project config

* docs: add domain research (stack, features, architecture, pitfalls)

* docs: define v1 requirements

* docs: create roadmap (9 phases)

* docs(01): capture phase context

* docs(state): record phase 1 context session

* docs(01): research phase domain

* docs(01): create phase plan

* fix(01): revise plans based on checker feedback

* feat(01-01): register happy variant in config system and build tooling

- Add 'happy' to allowed stored variants in variant.ts
- Create variants/happy.ts with panels, map layers, and VariantConfig
- Add HAPPY_PANELS, HAPPY_MAP_LAYERS, HAPPY_MOBILE_MAP_LAYERS inline in panels.ts
- Update ternary export chains to select happy config when SITE_VARIANT === 'happy'
- Add happy entry to VARIANT_META in vite.config.ts
- Add dev:happy and build:happy scripts to package.json

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat(01-01): update index.html for variant detection, CSP, and Google Fonts

- Add happy.worldmonitor.app to CSP frame-src directive
- Extend inline script to detect variant from hostname (happy/tech/finance) and localStorage
- Set data-variant attribute on html element before first paint to prevent FOUC
- Add Google Fonts preconnect and Nunito stylesheet links
- Add favicon variant path replacement in htmlVariantPlugin for non-full variants

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat(01-01): create happy variant favicon assets

- Create SVG globe favicon in sage green (#6B8F5E) and warm gold (#C4A35A)
- Generate PNG favicons at all required sizes (16, 32, 180, 192, 512)
- Generate favicon.ico with PNG-in-ICO wrapper
- Create branded OG image (1200x630) with cream background, sage/gold scheme

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(01-01): complete variant registration plan

- Create 01-01-SUMMARY.md documenting variant registration
- Update STATE.md with plan 1 completion, metrics, decisions
- Update ROADMAP.md with phase 01 progress (1/3 plans)
- Mark INFRA-01, INFRA-02, INFRA-03 requirements complete

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat(01-02): create happy variant CSS theme with warm palette and semantic overrides

- Complete happy-theme.css with light mode (cream/sage), dark mode (navy/warm), and semantic colors
- 179 lines covering all CSS custom properties: backgrounds, text, borders, overlays, map, panels
- Nunito typography and 14px panel border radius for soft rounded aesthetic
- Semantic colors remapped: gold (critical), sage (growth), blue (hope), pink (kindness)
- Dark mode uses warm navy/sage tones, never pure black
- Import added to main.css after panels.css

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat(01-02): add happy variant skeleton shell overrides and theme-color meta

- Inline skeleton styles for happy variant light mode (cream bg, Nunito font, sage dot, warm shimmer)
- Inline skeleton styles for happy variant dark mode (navy bg, warm borders, sage tones)
- Rounded corners (14px) on skeleton panels and map for soft aesthetic
- Softer pill border-radius (8px) in happy variant
- htmlVariantPlugin: theme-color meta updated to #FAFAF5 for happy variant mobile chrome

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(01-02): complete happy theme CSS plan

- SUMMARY.md with execution results and self-check
- STATE.md advanced to plan 2/3, decisions logged
- ROADMAP.md progress updated (2/3 plans complete)
- REQUIREMENTS.md: THEME-01, THEME-03, THEME-04 marked complete

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat(01-03): create warm basemap styles and wire variant-aware map selection

- Add happy-light.json: sage land, cream background, light blue ocean (forked from CARTO Voyager)
- Add happy-dark.json: dark sage land, navy background, dark navy ocean (forked from CARTO Dark Matter)
- Both styles preserve CARTO CDN source/sprite/glyph URLs for tile loading
- DeckGLMap.ts selects happy basemap URLs when SITE_VARIANT is 'happy'

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat(01-03): style panel chrome, empty states, and loading for happy variant

- Panels get 14px rounded corners with subtle warm shadows
- Panel titles use normal casing (no uppercase) for friendlier feel
- Empty states (.panel-empty, .empty-state) show nature-themed sprout SVG icon
- Loading radar animation softened to 3s rotation with sage-green glow
- Status dots use gentle happy-pulse animation (2.5s ease-in-out)
- Error states use warm gold tones instead of harsh red
- Map controls, tabs, badges all get rounded corners
- Severity badges use warm semantic colors
- Download banner and posture radar adapted to warm theme

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix(01-03): bridge SITE_VARIANT to data-variant attribute on <html>

The CSS theme overrides rely on [data-variant="happy"] on the document root,
but the inline script only detects variant from hostname/localStorage. This
leaves local dev (VITE_VARIANT=happy) and Vercel deployments without the
attribute set. Two fixes:

1. main.ts sets document.documentElement.dataset.variant from SITE_VARIANT
2. Vite htmlVariantPlugin injects build-time variant fallback into inline script

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix(01-03): boost CSS specificity so happy theme wins over :root

The happy-theme.css was imported before :root in main.css, and both
[data-variant="happy"] and :root have equal specificity (0-1-0), so
:root variables won after in the cascade. Fix by using :root[data-variant="happy"]
(specificity 0-2-0) which always beats :root (0-1-0).

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix(01): fix CSS cascade — import happy-theme after main.css in main.ts

The root cause: happy-theme.css was @imported inside main.css (line 4),
which meant Vite loaded it BEFORE the :root block (line 9+). With equal
specificity, the later :root variables always won.

Fix: remove @import from main.css, import happy-theme.css directly in
main.ts after main.css. This ensures cascade order is correct — happy
theme variables come last and win. No !important needed.

Also consolidated semantic color variables into the same selector blocks
to reduce redundancy.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix(01): fix CSS cascade with @layer base and theme toggle for happy variant

- Wrap main.css in @layer base via base-layer.css so happy-theme.css
  (unlayered) always wins the cascade for custom properties
- Remove duplicate <link> stylesheet from index.html (was double-loading)
- Default happy variant to light theme (data-theme="light") so the
  theme toggle works on first click instead of requiring two clicks
- Force build-time variant in inline script — stale localStorage can no
  longer override the deployment variant
- Prioritize VITE_VARIANT env over localStorage in variant.ts so
  variant-specific builds are deterministic

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(01-03): complete map basemap & panel chrome plan — Phase 1 done

- Add 01-03-SUMMARY.md with task commits, deviations, and self-check
- Update STATE.md: Phase 1 complete, advance to ready for Phase 2
- Update ROADMAP.md: mark Phase 1 plans 3/3 complete
- Update REQUIREMENTS.md: mark THEME-02 and THEME-05 complete

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(phase-01): complete phase execution

* docs(phase-02): research curated content pipeline

* docs(02): create phase plan — curated content pipeline

* feat(02-01): add positive RSS feeds for happy variant

- Add HAPPY_FEEDS record with 8 feeds across 5 categories (positive, science, nature, health, inspiring)
- Update FEEDS export ternary to route happy variant to HAPPY_FEEDS
- Add happy source tiers to SOURCE_TIERS (Tier 2 for main sources, Tier 3 for category feeds)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat(02-01): extend GDELT with tone filtering and positive topic queries

- Add tone_filter (field 4) and sort (field 5) to SearchGdeltDocumentsRequest proto
- Regenerate TypeScript client/server types via buf generate
- Handler appends toneFilter to GDELT query string, uses req.sort for sort param
- Add POSITIVE_GDELT_TOPICS array with 5 positive topic queries
- Add fetchPositiveGdeltArticles() with tone>5 and ToneDesc defaults
- Add fetchPositiveTopicIntelligence() and fetchAllPositiveTopicIntelligence() helpers
- Existing fetchGdeltArticles() backward compatible (empty toneFilter/sort = no change)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(02-01): complete positive feeds & GDELT tone filtering plan

- Create 02-01-SUMMARY.md with execution results
- Update STATE.md: phase 2, plan 1 of 2, decisions, metrics
- Update ROADMAP.md: phase 02 progress (1/2 plans)
- Mark FEED-01 and FEED-03 requirements complete

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat(02-02): add positive content classifier and extend NewsItem type

- Create positive-classifier.ts with 6 content categories (science-health, nature-wildlife, humanity-kindness, innovation-tech, climate-wins, culture-community)
- Source-based pre-mapping for GNN category feeds (fast path)
- Priority-ordered keyword classification for general positive feeds (slow path)
- Add happyCategory optional field to NewsItem interface
- Export HAPPY_CATEGORY_LABELS and HAPPY_CATEGORY_ALL for downstream UI use

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* chore(02-02): clean up happy variant config and verify feed wiring

- Remove dead FEEDS placeholder from happy.ts (now handled by HAPPY_FEEDS in feeds.ts)
- Remove unused Feed type import
- Verified SOURCE_TIERS has all 8 happy feed entries (Tier 2: GNN/Positive.News/RTBC/Optimist, Tier 3: GNN category feeds)
- Verified FEEDS export routes to HAPPY_FEEDS when SITE_VARIANT=happy
- Verified App.ts loadNews() dynamically iterates FEEDS keys
- Happy variant builds successfully

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(02-02): complete content category classifier plan

- SUMMARY.md documenting classifier implementation and feed wiring cleanup
- STATE.md updated: Phase 2 complete, 5 total plans done, 56% progress
- ROADMAP.md updated: Phase 02 marked complete (2/2 plans)
- REQUIREMENTS.md: FEED-04 marked complete

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(02-03): create gap closure plan for classifier wiring

* feat(02-03): wire classifyNewsItem into happy variant news ingestion

- Import classifyNewsItem from positive-classifier service
- Add classification step in loadNewsCategory() after fetchCategoryFeeds
- Guard with SITE_VARIANT === 'happy' to avoid impact on other variants
- In-place mutation via for..of loop sets happyCategory on every NewsItem

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(02-03): complete classifier wiring gap closure plan

- Add 02-03-SUMMARY.md documenting classifier wiring completion
- Update STATE.md with plan 3/3 position and decisions
- Update ROADMAP.md with completed plan checkboxes
- Include 02-VERIFICATION.md phase verification document

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(phase-2): complete phase execution

* test(02): complete UAT - 1 passed, 1 blocker diagnosed

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(phase-3): research positive news feed & quality pipeline

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(03): create phase plan for positive news feed and quality pipeline

* fix(03): revise plans based on checker feedback

* feat(03-02): add imageUrl to NewsItem and extract images from RSS

- Add optional imageUrl field to NewsItem interface
- Add extractImageUrl() helper to rss.ts with 4-strategy image extraction
  (media:content, media:thumbnail, enclosure, img-in-description)
- Wire image extraction into fetchFeed() for happy variant only

* feat(03-01): add happy variant guards to all App.ts code paths

- Skip DEFCON/PizzInt indicator for happy variant
- Add happy variant link (sun icon) to variant switcher header
- Show 'Good News Map' title for happy variant map section
- Skip LiveNewsPanel, LiveWebcams, TechEvents, ServiceStatus, TechReadiness, MacroSignals, ETFFlows, Stablecoin panels for happy
- Gate live-news first-position logic with happy exclusion
- Only load 'news' data for happy variant (skip markets, predictions, pizzint, fred, oil, spending, intelligence, military layers)
- Only schedule 'news' refresh interval for happy (skip all geopolitical/financial refreshes)
- Add happy-specific search modal with positive placeholder and no military/geopolitical sources

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat(03-02): create PositiveNewsFeedPanel with filter bar and card rendering

- New PositiveNewsFeedPanel component extending Panel with:
  - Category filter bar (All + 6 positive categories)
  - Rich card rendering with image, title, source, category badge, time
  - Filter state preserved across data refreshes
  - Proper cleanup in destroy()
- Add CSS styles to happy-theme.css for cards and filter bar
  - Category-specific badge colors using theme variables
  - Scoped under [data-variant="happy"] to avoid affecting other variants

* feat(03-01): return empty channels for happy variant in LiveNewsPanel

- Defense-in-depth: LIVE_CHANNELS returns empty array for happy variant
- Ensures zero Bloomberg/war streams even if panel is somehow instantiated
- Combined with createPanels() guard from Task 1 for belt-and-suspenders safety

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(03-02): complete positive news feed panel plan

- Created 03-02-SUMMARY.md with execution results
- Updated STATE.md with position, decisions, and metrics
- Updated ROADMAP.md with phase 03 progress (2/3 plans)
- Marked NEWS-01, NEWS-02 requirements as complete

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(03-01): complete Happy Variant App.ts Integration plan

- SUMMARY.md with execution results and decisions
- STATE.md updated with 03-01 decisions and session info
- ROADMAP.md progress updated (2/3 phase 3 plans)
- NEWS-03 requirement marked complete

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat(03-03): create sentiment gate service for ML-based filtering

- Exports filterBySentiment() wrapping mlWorker.classifySentiment()
- Default threshold 0.85 with localStorage override for tuning
- Graceful degradation: returns all items if ML unavailable
- Batches titles at 20 items per call (ML_THRESHOLDS.maxTextsPerBatch)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat(03-03): wire multi-stage quality pipeline and positive-feed panel into App.ts

- Register 'positive-feed' in HAPPY_PANELS replacing 'live-news'
- Import PositiveNewsFeedPanel, filterBySentiment, fetchAllPositiveTopicIntelligence
- Add positivePanel + happyAllItems class properties
- Create PositiveNewsFeedPanel in createPanels() for happy variant
- Accumulate curated items in loadNewsCategory() for happy variant
- Implement loadHappySupplementaryAndRender() 4-stage pipeline:
  1. Curated feeds render immediately (non-blocking UX)
  2. GDELT positive articles fetched as supplementary
  3. Sentiment-filtered via DistilBERT-SST2 (filterBySentiment)
  4. Merged + sorted by date, re-rendered
- Auto-refresh on REFRESH_INTERVALS.feeds re-runs full pipeline
- ML failure degrades gracefully to curated-only display

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(03-03): complete quality pipeline plan - phase 3 done

- Summary: multi-stage positive news pipeline with ML sentiment gate
- STATE.md: phase 3 complete (3/3), 89% progress
- ROADMAP.md: phase 03 marked complete
- REQUIREMENTS.md: FEED-02, FEED-05 marked complete

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix(03): wire positive-feed panel key in panels.ts and add happy map layer/legend config

The executor updated happy.ts but the actual HAPPY_PANELS export comes from
panels.ts — it still had 'live-news' instead of 'positive-feed', so the panel
never rendered. Also adds happyLayers (natural only) and happy legend to Map.ts
to hide military layer toggles and geopolitical legend items.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(phase-3): complete phase execution

* docs(phase-4): research global map & positive events

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(04): create phase plan — global map & positive events

* fix(04): revise plans based on checker feedback

* feat(04-01): add positiveEvents and kindness keys to MapLayers interface and all variant configs

- Add positiveEvents and kindness boolean keys to MapLayers interface
- Update all 10 variant layer configs (8 in panels.ts + 2 in happy.ts)
- Happy variant: positiveEvents=true, kindness=true; all others: false
- Fix variant config files (full, tech, finance) and e2e harnesses for compilation

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat(04-01): add happy variant layer toggles and legend in DeckGLMap

- Add happy branch to createLayerToggles with 3 toggles: Positive Events, Acts of Kindness, Natural Events
- Add happy branch to createLegend with 4 items: Positive Event (green), Breakthrough (gold), Act of Kindness (light green), Natural Event (orange)
- Non-happy variants unchanged

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(04-01): complete map layer config & happy variant toggles plan

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat(04-02): add positive events geocoding pipeline and map layer

- Proto service PositiveEventsService with ListPositiveGeoEvents RPC
- Server-side GDELT GEO fetch with positive topic queries, dedup, classification
- Client-side service calling server RPC + RSS geocoding via inferGeoHubsFromTitle
- DeckGLMap green/gold ScatterplotLayer with pulse animation for significant events
- Tooltip shows event name, category, and report count
- Routes registered in api gateway and vite dev server

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat(04-02): wire positive events loading into App.ts happy variant pipeline

- Import fetchPositiveGeoEvents and geocodePositiveNewsItems
- Load positive events in loadAllData() for happy variant with positiveEvents toggle
- loadPositiveEvents() merges GDELT GEO RPC + geocoded RSS items, deduplicates by name
- loadDataForLayer switch case for toggling positiveEvents layer on/off
- MapContainer.setPositiveEvents() delegates to DeckGLMap

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(04-02): complete positive events geocoding pipeline plan

- SUMMARY.md with task commits, decisions, deviations
- STATE.md updated with position, metrics, decisions
- ROADMAP.md and REQUIREMENTS.md updated

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat(04-03): create kindness-data service with baseline generator and curated events

- Add KindnessPoint interface for map visualization data
- Add MAJOR_CITIES constant with ~60 cities worldwide (population-weighted)
- Implement generateBaselineKindness() producing 50-80 synthetic points per cycle
- Implement extractKindnessEvents() for real kindness items from curated news
- Export fetchKindnessData() merging baseline + real events

* feat(04-03): add kindness layer to DeckGLMap and wire into App.ts pipeline

- Add createKindnessLayers() with solid green fill + gentle pulse ring for real events
- Add kindness-layer tooltip showing city name and description
- Add setKindnessData() setter in DeckGLMap and MapContainer
- Wire loadKindnessData() into App.ts loadAllData and loadDataForLayer
- Kindness layer gated by mapLayers.kindness toggle (happy variant only)
- Pulse animation triggers when real kindness events are present

* docs(04-03): complete kindness data pipeline & map layer plan

- Create 04-03-SUMMARY.md documenting kindness layer implementation
- Update STATE.md: phase 04 complete (3/3 plans), advance position
- Update ROADMAP.md: phase 04 marked complete
- Mark KIND-01 and KIND-02 requirements as complete

* docs(phase-4): complete phase execution

* docs(phase-5): research humanity data panels domain

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(05-humanity-data-panels): create phase plan

* feat(05-01): create humanity counters service with metric definitions and rate calculations

- Define 6 positive global metrics with annual totals from UN/WHO/World Bank/UNESCO
- Calculate per-second rates from annual totals / 31,536,000 seconds
- Absolute-time getCounterValue() avoids drift across tabs/throttling
- Locale-aware formatCounterValue() using Intl.NumberFormat

* feat(05-02): install papaparse and create progress data service

- Install papaparse + @types/papaparse for potential OWID CSV fallback
- Create src/services/progress-data.ts with 4 World Bank indicators
- Export PROGRESS_INDICATORS (life expectancy, literacy, child mortality, poverty)
- Export fetchProgressData() using existing getIndicatorData() RPC
- Null value filtering, year sorting, invertTrend-aware change calculation

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat(05-01): create CountersPanel component with 60fps animated ticking numbers

- Extend Panel base class with counters-grid of 6 counter cards
- requestAnimationFrame loop updates all values at 60fps
- Absolute-time calculation via getCounterValue() prevents drift
- textContent updates (not innerHTML) avoid layout thrashing
- startTicking() / destroy() lifecycle methods for App.ts integration

* feat(05-02): create ProgressChartsPanel with D3.js area charts

- Extend Panel base class with id 'progress', title 'Human Progress'
- Render 4 stacked D3 area charts (life expectancy, literacy, child mortality, poverty)
- Warm happy-theme colors: sage green, soft blue, warm gold, muted rose
- d3.area() with curveMonotoneX for smooth filled curves
- Header with label, change badge (e.g., "+58.0% since 1960"), and unit
- Hover tooltip with bisector-based nearest data point detection
- ResizeObserver with 200ms debounce for responsive re-rendering
- Clean destroy() lifecycle with observer disconnection

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(05-01): complete ticking counters service & panel plan

- SUMMARY.md with execution results and self-check
- STATE.md updated to phase 5, plan 1/3
- ROADMAP.md progress updated
- Requirements COUNT-01, COUNT-02, COUNT-03 marked complete

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(05-02): complete progress charts panel plan

- Create 05-02-SUMMARY.md with execution results
- Update STATE.md: plan 2/3, decisions, metrics
- Update ROADMAP.md: phase 05 progress (2/3 plans)
- Mark PROG-01, PROG-02, PROG-03 complete in REQUIREMENTS.md

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat(05-03): wire CountersPanel and ProgressChartsPanel into App.ts lifecycle

- Import CountersPanel, ProgressChartsPanel, and fetchProgressData
- Add class properties for both new panels
- Instantiate both panels in createPanels() gated by SITE_VARIANT === 'happy'
- Add progress data loading task in refreshAll() for happy variant
- Add loadProgressData() private method calling fetchProgressData + setData
- Add destroy() cleanup for both panels (stops rAF loop and ResizeObserver)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat(05-03): add counter and progress chart CSS styles to happy-theme.css

- Counters grid: responsive 3-column layout (3/2/1 at 900px/500px breakpoints)
- Counter cards: hover lift, tabular-nums for jitter-free 60fps updates
- Counter icon/value/label/source typography hierarchy
- Progress chart containers: stacked with border dividers
- Chart header with label, badge, and unit display
- D3 SVG axis styling (tick text fill, domain stroke)
- Hover tooltip with absolute positioning and shadow
- Dark mode adjustments for card hover shadow and tooltip shadow
- All selectors scoped under [data-variant='happy']

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(05-03): complete panel wiring & CSS plan

- Create 05-03-SUMMARY.md with execution results
- Update STATE.md: phase 5 complete (3/3 plans), decisions, metrics
- Update ROADMAP.md: phase 05 progress (3/3 summaries, Complete)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(phase-5): complete phase execution

* docs(06): research phase 6 content spotlight panels

* docs(phase-6): create phase plan

* feat(06-01): add science RSS feeds and BreakthroughsTickerPanel

- Expand HAPPY_FEEDS.science from 1 to 5 feeds (ScienceDaily, Nature News, Live Science, New Scientist)
- Create BreakthroughsTickerPanel extending Panel with horizontal scrolling ticker
- Doubled content rendering for seamless infinite CSS scroll animation
- Sanitized HTML output using escapeHtml/sanitizeUrl

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat(06-01): create HeroSpotlightPanel with photo, map location, and hero card

- Create HeroSpotlightPanel extending Panel for daily hero spotlight
- Render hero card with image, source, title, time, and optional map button
- Conditionally show "Show on map" button only when both lat and lon exist
- Expose onLocationRequest callback for App.ts map integration wiring
- Sanitized HTML output using escapeHtml/sanitizeUrl

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat(06-02): add GoodThingsDigestPanel with progressive AI summarization

- Panel extends Panel base class with id 'digest', title '5 Good Things'
- Renders numbered story cards with titles immediately (progressive rendering)
- Summarizes each story in parallel via generateSummary() with Promise.allSettled
- AbortController cancels in-flight summaries on re-render or destroy
- Graceful fallback to truncated title on summarization failure
- Passes [title, source] to satisfy generateSummary's 2-headline minimum

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(06-02): complete Good Things Digest Panel plan

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(06-01): complete content spotlight panels plan

- Add 06-01-SUMMARY.md with execution results
- Update STATE.md with position, decisions, metrics
- Update ROADMAP.md and REQUIREMENTS.md progress

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat(06-03): wire Phase 6 panels into App.ts lifecycle and update happy.ts config

- Import and instantiate BreakthroughsTickerPanel, HeroSpotlightPanel, GoodThingsDigestPanel in createPanels()
- Wire heroPanel.onLocationRequest callback to map.setCenter + map.flashLocation
- Distribute data to all three panels after content pipeline in loadHappySupplementaryAndRender()
- Add destroy calls for all three panels in App.destroy()
- Add digest key to DEFAULT_PANELS in happy.ts config

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat(06-03): add CSS styles for ticker, hero card, and digest panels

- Add happy-ticker-scroll keyframe animation for infinite horizontal scroll
- Add breakthroughs ticker styles (wrapper, track, items with hover pause)
- Add hero spotlight card styles (image, body, source, title, location button)
- Add digest list styles (numbered cards, titles, sources, progressive summaries)
- Add dark mode overrides for all three panel types
- All selectors scoped under [data-variant="happy"]

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(06-03): complete panel wiring & CSS plan

- Create 06-03-SUMMARY.md with execution results
- Update STATE.md: phase 6 complete, 18 plans done, 78% progress
- Update ROADMAP.md: phase 06 marked complete (3/3 plans)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(phase-6): complete phase execution

* docs(07): research conservation & energy trackers phase

* docs(07-conservation-energy-trackers): create phase plan

* feat(07-02): add renewable energy data service

- Fetch World Bank EG.ELC.RNEW.ZS indicator (IEA-sourced) for global + 7 regions
- Return global percentage, historical time-series, and regional breakdown
- Graceful degradation: individual region failures skipped, complete failure returns zeroed data
- Follow proven progress-data.ts pattern for getIndicatorData() RPC usage

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat(07-01): add conservation wins dataset and data service

- Create conservation-wins.json with 10 species recovery stories and population timelines
- Create conservation-data.ts with SpeciesRecovery interface and fetchConservationWins() loader
- Species data sourced from USFWS, IUCN, NOAA, WWF, and other published reports

* feat(07-02): add RenewableEnergyPanel with D3 arc gauge and regional breakdown

- Animated D3 arc gauge showing global renewable electricity % with 1.5s easeCubicOut
- Historical trend sparkline using d3.area() + curveMonotoneX below gauge
- Regional breakdown with horizontal bars sorted by percentage descending
- All colors use getCSSColor() for theme-aware rendering
- Empty state handling when no data available

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat(07-01): add SpeciesComebackPanel with D3 sparklines and species cards

- Create SpeciesComebackPanel extending Panel base class
- Render species cards with photo (lazy loading + error fallback), info badges, D3 sparkline, and summary
- D3 sparklines use area + line with curveMonotoneX and viewBox for responsive sizing
- Recovery status badges (recovered/recovering/stabilized) and IUCN category badges
- Population values formatted with Intl.NumberFormat for readability

* docs(07-02): complete renewable energy panel plan

- SUMMARY.md with task commits, decisions, self-check
- STATE.md updated to phase 7 plan 2, 83% progress
- ROADMAP.md phase 07 progress updated
- REQUIREMENTS.md: ENERGY-01, ENERGY-02, ENERGY-03 marked complete

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(07-01): complete species comeback panel plan

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat(07-03): wire species and renewable panels into App.ts lifecycle

- Add imports for SpeciesComebackPanel, RenewableEnergyPanel, and data services
- Add class properties for speciesPanel and renewablePanel
- Instantiate both panels in createPanels() gated by SITE_VARIANT === 'happy'
- Add loadSpeciesData() and loadRenewableData() tasks in refreshAll()
- Add destroy cleanup for both panels before map cleanup
- Add species and renewable entries to happy.ts DEFAULT_PANELS config

* feat(07-03): add CSS styles for species cards and renewable energy gauge

- Species card grid layout with 2-column responsive grid
- Photo, info, badges (recovered/recovering/stabilized/IUCN), sparkline, summary styles
- Renewable energy gauge section, historical sparkline, and regional bar chart styles
- Dark mode overrides for species card hover shadow and IUCN badge background
- All styles scoped with [data-variant='happy'] using existing CSS variables

* docs(07-03): complete panel wiring & CSS plan

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix(happy): add missing panel entries and RSS proxy for dev mode

HAPPY_PANELS in panels.ts was missing digest, species, and renewable
entries — panels were constructed but never appended to the grid because
the panelOrder loop only iterated the 6 original keys.

Also adds RSS proxy middleware for Vite dev server, fixes sebuf route
regex to match hyphenated domains (positive-events), and adds happy
feed domains to the rss-proxy allowlist.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix: progress data lookup, ticker speed, ultrawide layout gap

1. Progress/renewable data: World Bank API returns countryiso3code "WLD"
   for world aggregate, but services were looking up by request code "1W".
   Changed lookups to use "WLD".

2. Breakthroughs ticker: slowed animation from 30s to 60s duration.

3. Ultrawide layout (>2000px): replaced float-based layout with CSS grid.
   Map stays in left column (60%), panels grid in right column (40%).
   Eliminates dead space under the map where panels used to wrap below.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix: UI polish — counter overflow, ticker speed, monitors panel, filter tabs

- Counter values: responsive font-size with clamp(), overflow protection,
  tighter card padding to prevent large numbers from overflowing
- Breakthroughs ticker: slowed from 60s to 120s animation duration
- My Monitors panel: gate monitors from panel order in happy variant
  (was unconditionally pushed into panelOrder regardless of variant)
- Filter tabs: smaller padding/font, flex-shrink:0, fade mask on right
  edge to hint at scrollable overflow

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix(happy): exclude APT groups layer from happy variant map

The APT groups layer (cyber threat actors like Fancy Bear, Cozy Bear)
was only excluded for the tech variant. Now also excluded for happy,
since cyber threat data has no place on a Good News Map.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat(happy-map): labeled markers, remove fake baseline, fix APT leak

- Positive events now show category emoji + location name as colored
  text labels (TextLayer) instead of bare dots. Labels filter by zoom
  level to avoid clutter at global view.
- Removed synthetic kindness baseline (50-80 fake "Volunteers at work"
  dots in random cities). Only real kindness events from news remain.
- Kindness events also get labeled dots with headlines.
- Improved tooltips with proper category names and source counts.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix(happy-map): disable earthquakes, fix GDELT query syntax

- Disable natural events layer (earthquakes) for happy variant —
  not positive news
- Fix GDELT GEO positive queries: OR terms require parentheses
  per GDELT API syntax, added third query for charity/volunteer news
- Updated both desktop and mobile happy map layer configs

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix(happy): ultrawide grid overflow, panel text polish

Ultrawide: set min-height:0 on map/panels grid children so they
respect 1fr row constraint and scroll independently instead of
pushing content below the viewport.

Panel CSS: softer word-break on counters, line-clamp on digest
and species summaries, ticker title max-width, consistent
text-dim color instead of opacity hacks.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(08-map-data-overlays): research phase domain

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(08-map-data-overlays): create phase plan

* Add Global Giving Activity Index with multi-platform aggregation (#255)

* feat(08-01): add static data for happiness scores, renewable installations, and recovery zones

- Create world-happiness.json with 152 country scores from WHR 2025
- Create renewable-installations.json with 92 global entries (solar/wind/hydro/geothermal)
- Extend conservation-wins.json with recoveryZone lat/lon for all 10 species

* feat(08-01): add service loaders, extend MapLayers with happiness/species/energy keys

- Create happiness-data.ts with fetchHappinessScores() returning Map<ISO2, score>
- Create renewable-installations.ts with fetchRenewableInstallations() returning typed array
- Extend SpeciesRecovery interface with optional recoveryZone field
- Add happiness, speciesRecovery, renewableInstallations to MapLayers interface
- Update all 8 variant MapLayers configs (happiness=true in happy, false elsewhere)
- Update e2e harness files with new layer keys

* docs(08-01): complete data foundation plan summary and state updates

- Create 08-01-SUMMARY.md with execution results
- Update STATE.md to phase 8, plan 1/2
- Update ROADMAP.md progress for phase 08
- Mark requirements MAP-03, MAP-04, MAP-05 complete

* feat(08-02): add happiness choropleth, species recovery, and renewable installation overlay layers

- Add three Deck.gl layer creation methods with color-coded rendering
- Add public data setters for happiness scores, species recovery zones, and renewable installations
- Wire layers into buildLayers() gated by MapLayers keys
- Add tooltip cases for all three new layer types
- Extend happy variant layer toggles (World Happiness, Species Recovery, Clean Energy)
- Extend happy variant legend with choropleth, species, and renewable entries
- Cache country GeoJSON reference in loadCountryBoundaries() for choropleth reuse

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat(08-02): wire MapContainer delegation and App.ts data loading for map overlays

- Add MapContainer delegation methods for happiness, species recovery, and renewable installations
- Add happiness scores and renewable installations map data loading in App.ts refreshAll()
- Chain species recovery zone data to map from existing loadSpeciesData()
- All three overlay datasets flow from App.ts through MapContainer to DeckGLMap

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(08-02): complete map overlay layers plan

- Create 08-02-SUMMARY.md with execution results
- Update STATE.md: phase 8 complete (2/2 plans), 22 total plans, decisions logged
- Update ROADMAP.md: phase 08 marked complete

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(phase-8): complete phase execution

* docs(roadmap): add Phase 7.1 gap closure for renewable energy installation & coal data

Addresses Phase 7 verification gaps (ENERGY-01, ENERGY-03): renewable panel
lacks solar/wind installation growth and coal plant closure visualizations.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(7.1): research renewable energy installation & coal retirement data

* docs(71): create phase plans for renewable energy installation & coal retirement data

* feat(71-01): add GetEnergyCapacity RPC proto and server handler

- Create get_energy_capacity.proto with request/response messages
- Add GetEnergyCapacity RPC to EconomicService in service.proto
- Implement server handler with EIA capability API integration
- Coal code fallback (COL -> BIT/SUB/LIG/RC) for sub-type support
- Redis cache with 24h TTL for annual capacity data
- Register handler in economic service handler

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat(71-01): add client-side fetchEnergyCapacity with circuit breaker

- Add GetEnergyCapacityResponse import and capacityBreaker to economic service
- Export fetchEnergyCapacityRpc() with energyEia feature gating
- Add CapacitySeries/CapacityDataPoint types to renewable-energy-data.ts
- Export fetchEnergyCapacity() that transforms proto types to domain types

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(71-01): complete EIA energy capacity data pipeline plan

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat(71-02): add setCapacityData() with D3 stacked area chart to RenewableEnergyPanel

- setCapacityData() renders D3 stacked area (solar yellow + wind blue) with coal decline (red)
- Chart labeled 'US Installed Capacity (EIA)' with compact inline legend
- Appends below existing gauge/sparkline/regions without replacing content
- CSS styles for capacity section, header, legend in happy-theme.css

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat(71-02): wire EIA capacity data loading in App.ts loadRenewableData()

- Import fetchEnergyCapacity from renewable-energy-data service
- Call fetchEnergyCapacity() after World Bank gauge data, pass to setCapacityData()
- Wrapped in try/catch so EIA failure does not break existing gauge

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(71-02): complete EIA capacity visualization plan

- SUMMARY.md documenting D3 stacked area chart implementation
- STATE.md updated: Phase 7.1 complete (2/2 plans), progress 100%
- ROADMAP.md updated with plan progress

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(phase-71): complete phase execution

* docs(phase-09): research sharing, TV mode & polish domain

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(09): create phase plan for sharing, TV mode & polish

* docs(phase-09): plan Sharing, TV Mode & Polish

3 plans in 2 waves covering share cards (Canvas 2D renderer),
TV/ambient mode (fullscreen panel cycling + CSS particles),
and celebration animations (canvas-confetti milestones).

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat(09-01): create Canvas 2D renderer for happy share cards

- 1080x1080 branded PNG with warm gradient per category
- Category badge, headline word-wrap, source, date, HappyMonitor branding
- shareHappyCard() with Web Share API -> clipboard -> download fallback
- wrapText() helper for Canvas 2D manual line breaking

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat(09-02): create TvModeController and TV mode CSS

- TvModeController class manages fullscreen, panel cycling with configurable 30s-2min interval
- CSS [data-tv-mode] attribute drives larger typography, hidden interactive elements, smooth panel transitions
- Ambient floating particles (CSS-only, opacity 0.04) with reduced motion support
- TV exit button appears on hover, hidden by default outside TV mode

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat(09-02): wire TV mode into App.ts header and lifecycle

- TV mode button with monitor icon in happy variant header
- TV exit button at page level, visible on hover in TV mode
- Shift+T keyboard shortcut toggles TV mode
- TvModeController instantiated lazily on first toggle
- Proper cleanup in destroy() method

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat(09-01): add share button to positive news cards with handler

- Share button (SVG upload icon) appears on card hover, top-right
- Delegated click handler prevents link navigation, calls shareHappyCard
- Brief .shared visual feedback (green, scale) for 1.5s on click
- Dark mode support for share button background
- Fix: tv-mode.ts panelKeys index guard (pre-existing build blocker)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(09-02): complete TV Mode plan

- SUMMARY.md with task commits, deviations, decisions
- STATE.md updated: position, metrics, decisions, session
- ROADMAP.md updated: phase 09 progress (2/3 plans)
- REQUIREMENTS.md updated: TV-01, TV-02, TV-03 marked complete

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(09-01): complete positive news share cards plan

- SUMMARY.md with Canvas 2D renderer and share button accomplishments
- STATE.md updated with decisions and session continuity
- ROADMAP.md progress updated (2/3 plans in phase 09)
- REQUIREMENTS.md: SHARE-01, SHARE-02, SHARE-03 marked complete

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat(09-03): add celebration service with canvas-confetti

- Install canvas-confetti + @types/canvas-confetti
- Create src/services/celebration.ts with warm nature-inspired palette
- Session-level dedup (Set<string>) prevents repeat celebrations
- Respects prefers-reduced-motion media query
- Milestone detection for species recovery + renewable energy records
- Moderate particle counts (40-80) for "warm, not birthday party" feel

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat(09-03): wire milestone celebrations into App.ts data pipelines

- Import checkMilestones in App.ts
- Call checkMilestones after species data loads with recovery statuses
- Call checkMilestones after renewable energy data loads with global percentage
- All celebration calls gated behind SITE_VARIANT === 'happy'
- Placed after panel setData() so data is visible before confetti fires

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(09-03): complete celebration animations plan

- 09-03-SUMMARY.md with execution results
- STATE.md updated: phase 09 complete, 26 plans total, 100% progress
- ROADMAP.md updated with phase 09 completion
- REQUIREMENTS.md: THEME-06 marked complete

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(phase-09): complete phase execution

* fix(happy): remove natural events layer from happy variant

Natural events (earthquakes, volcanoes, storms) were leaking into the
happy variant through stale localStorage and the layer toggle UI. Force
all non-happy layers off regardless of localStorage state, and remove
the natural events toggle from both DeckGL and SVG map layer configs.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(phase-7.1): complete phase execution — mark all phases done

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(v1): complete milestone audit — 49/49 requirements satisfied

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix(happy): close audit tech debt — map layer defaults, theme-color meta

- Enable speciesRecovery and renewableInstallations layers by default
  in HAPPY_MAP_LAYERS (panels.ts + happy.ts) so MAP-04/MAP-05 are
  visible on first load
- Use happy-specific theme-color meta values (#FAFAF5 light, #1A2332
  dark) in setTheme() and applyStoredTheme() instead of generic colors

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs: add checkpoint for giving integration handoff

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat(giving): integrate Global Giving Activity Index from PR #254

Cherry-pick the giving feature that was left behind when PR #255
batch-merged without including #254's proto/handler/panel files.

Adds:
- Proto definitions (GivingService, GivingSummary, PlatformGiving, etc.)
- Server handler: GoFundMe/GlobalGiving/JustGiving/crypto/OECD aggregation
- Client service with circuit breaker
- GivingPanel with tabs (platforms, categories, crypto, institutional)
- Full wiring: API routes, vite dev server, data freshness, panel config
- Happy variant panel config entry

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix(giving): move panel init and data fetch out of full-variant-only blocks

The GivingPanel was instantiated inside `if (SITE_VARIANT === 'full')` and
the data fetch was inside `loadIntelligenceSignals()` (also full-only).
Moved both to variant-agnostic scope so the panel works on happy variant.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix(giving): bypass debounced setContent so tab buttons are clickable

Panel.setContent() is debounced (150ms), so event listeners attached
immediately after it were binding to DOM elements that got replaced by
the deferred innerHTML write. Write directly to this.content.innerHTML
like other interactive panels do.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* chore: remove .planning/ from repo and gitignore it

Planning files served their purpose during happy monitor development.
They remain on disk for reference but no longer tracked.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix: merge new panels into saved panelSettings so they aren't hidden

When panelSettings is loaded from localStorage, any panels added since
the user last saved settings would be missing from the config. The
applyPanelSettings loop wouldn't touch them, but without a config entry
they also wouldn't appear in the settings toggle UI correctly.

Now merges DEFAULT_PANELS entries into loaded settings for any keys
that don't exist yet, so new panels are visible by default.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix: giving data baselines, theme toggle persistence, and client caching

- Replace broken GoFundMe (301→404) and GlobalGiving (401) API calls
  with hardcoded baselines from published annual reports. Activity index
  rises from 42 to 56 as all 3 platforms now report non-zero volumes.
- Fix happy variant theme toggle not persisting across page reloads:
  applyStoredTheme() couldn't distinguish "no preference" from "user
  chose dark" — both returned DEFAULT_THEME. Now checks raw localStorage.
- Fix inline script in index.html not setting data-theme="dark" for
  happy variant, causing CSS :root[data-variant="happy"] (light) to
  win over :root[data-variant="happy"][data-theme="dark"].
- Add client-side caching to giving service: persistCache on circuit
  breaker, 30min in-memory TTL, and request deduplication.
- Add Playwright E2E tests for theme toggle (8 tests, all passing).

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* perf: add persistent cache to all 29 circuit breakers across 19 services

Enable persistCache and set appropriate cacheTtlMs on every circuit
breaker that lacked them. Data survives page reloads via IndexedDB
fallback and reduces redundant API calls on navigation.

TTLs matched to data freshness: 5min for real-time feeds (weather,
earthquakes, wildfires, aviation), 10min for event data (conflict,
cyber, unrest, climate, research), 15-30min for slow-moving data
(economic indicators, energy capacity, population exposure).

Market quotes breaker intentionally left at cacheTtlMs: 0 (real-time).

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat: expand map labels progressively as user zooms in

Labels now show more text at higher zoom levels instead of always
truncating at 30 chars. Zoom <3: 20 chars, <5: 35, <7: 60, 7+: full.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix: keep 30-char baseline for map labels, expand to full text at zoom 6+

Previous change was too aggressive with low-zoom truncation (20 chars).
Now keeps original 30-char limit at global view, progressively expands
to 50/80/200 chars as user zooms in. Also scales font size with zoom.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* Revert "fix: keep 30-char baseline for map labels, expand to full text at zoom 6+"

This reverts commit 33b8a8accc2d48acd45f3dcea97a083b8bcebbf0.

* Revert "feat: expand map labels progressively as user zooms in"

This reverts commit 285f91fe471925ca445243ae5d8ac37723f2eda7.

* perf: stale-while-revalidate for instant page load

Circuit breaker now returns stale cached data immediately and refreshes
in the background, instead of blocking on API calls when cache exceeds
TTL. Also persists happyAllItems to IndexedDB so Hero, Digest, and
Breakthroughs panels render instantly from cache on page reload.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix: address PR #229 review — 4 issues from koala

1. P1: Fix duplicate event listeners in PositiveNewsFeedPanel.renderCards()
   — remove listener before re-adding to prevent stacking on re-renders

2. P1: Fix TV mode cycling hidden panels causing blank screen
   — filter out user-disabled panels from cycle list, rebuild keys on toggle

3. P2: Fix positive classifier false positives for short keywords
   — "ai" and "art" now use space-delimited matching to avoid substring hits
     (e.g. "aid", "rain", "said", "start", "part")

4. P3: Fix CSP blocking Google Fonts stylesheet for Nunito
   — add https://fonts.googleapis.com to style-src directive

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* refactor: decompose App.ts into focused modules under src/app/

Break the 4,597-line monolithic App class into 7 focused modules plus a
~460-line thin orchestrator. Each module implements the AppModule lifecycle
(init/destroy) and communicates via a shared AppContext state object with
narrow callback interfaces — no circular dependencies.

Modules extracted:
- app-context.ts: shared state types (AppContext, AppModule, etc.)
- desktop-updater.ts: desktop version checking + update badge
- country-intel.ts: country briefs, timeline, CII signals
- search-manager.ts: search modal, result routing, index updates
- refresh-scheduler.ts: periodic data refresh with jitter/backoff
- panel-layout.ts: panel creation, grid layout, drag-drop
- data-loader.ts: all 36 data loading methods
- event-handlers.ts: DOM events, shortcuts, idle detection, URL sync

Verified: tsc --noEmit (zero errors), all 3 variant builds pass
(full, tech, finance), runtime smoke test confirms no regressions.

* fix: resolve test failures and missing CSS token from PR review

1. flushStaleRefreshes test now reads from refresh-scheduler.ts (moved
   during App.ts modularization)
2. e2e runtime tests updated to import DesktopUpdater and DataLoaderManager
   instead of App.prototype for resolveUpdateDownloadUrl and loadMarkets
3. Add --semantic-positive CSS variable to main.css and happy-theme.css
   (both light and dark variants)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* chore: hide happy variant button from other variants

The button is only visible when already on the happy variant. This
allows merging the modularized App.ts without exposing the unfinished
happy layout to users — layout work continues in a follow-up PR.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

---------

Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Co-authored-by: Elie Habib <elie.habib@gmail.com>
 2026-02-25 10:05:26 +04:00
toasterbook88
b667b189ff Build/runtime hardening and dependency security updates (#286) 
* Simplify RSS freshness update to static import

* Refine vendor chunking for map stack in Vite build

* Patch transitive XML parser vulnerability via npm override

* Shim Node child_process for browser bundle warnings

* Filter known onnxruntime eval warning in Vite build

* test: add loaders XML/WMS parser regression coverage

* chore: align fast-xml-parser override with merged dependency set

---------

Co-authored-by: Elie Habib <elie.habib@gmail.com>
 2026-02-24 08:21:03 +00:00
Elie Habib
6271fafd40 feat(live): custom channel management with review fixes (#282) 
* feat(live): custom channel management — add/remove/reorder, standalone window, i18n

- Standalone channel management window (?live-channels=1) with list, add form, restore defaults
- LIVE panel: gear icon opens channel management; channel tabs reorderable via DnD
- Row click to edit; custom modal for delete confirmation (no window.confirm)
- i18n for all locales (manage, addChannel, youtubeHandle, displayName, etc.)
- UI: margin between channel list and add form in management window
- settings-window: panel display settings comment in English

Co-authored-by: Cursor <cursoragent@cursor.com>

* feat(tauri): channel management in desktop app, dev base_url fix

- Add live-channels.html and live-channels-main.ts for standalone window
- Tauri: open_live_channels_window_command, close_live_channels_window, open live-channels window (WebviewUrl::App or External from base_url)
- LiveNewsPanel: in desktop runtime invoke Tauri command with base_url (window.location.origin) so dev works when Vite runs on a different port than devUrl
- Vite: add liveChannels entry to build input
- capabilities: add live-channels window
- tauri.conf: devUrl 3000 to match vite server.port
- docs: PR_LIVE_CHANNEL_MANAGEMENT.md for PR #276

Co-authored-by: Cursor <cursoragent@cursor.com>

* fix: address review issues in live channel management PR

- Revert settings button to open modal (not window.open popup)
- Revert devUrl from localhost:3000 to localhost:5173
- Guard activeChannel against empty channels (fall back to defaults)
- Escape i18n strings in innerHTML with escapeHtml() to prevent XSS
- Only store displayNameOverrides for actually renamed channels
- Use URL constructor for live-channels window URL
- Add CSP meta tag to live-channels.html
- Remove unused i18n keys (edit, editMode, done) from all locales
- Remove unused CSS classes (live-news-manage-btn/panel/wrap)
- Delete PR instruction doc (PR_LIVE_CHANNEL_MANAGEMENT.md)

---------

Co-authored-by: Masaki <yukkurihakutaku@gmail.com>
Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-23 22:51:44 +00:00
Elie Habib
f790f3f63c fix: restrict SW route patterns to same-origin only (#247) 
The broad regex /^https?:\/\/.*\/api\/.*/i matched ANY URL with /api/
in the path, including external APIs like NASA EONET
(eonet.gsfc.nasa.gov/api/v3/events). Workbox intercepted these
cross-origin requests with NetworkOnly, causing no-response errors
when CORS failed.

Changed all /api/, /ingest/, and /rss/ SW route patterns to use
sameOrigin callback check so only our Vercel routes get NetworkOnly
handling. External APIs now pass through without SW interference.
 2026-02-23 08:45:35 +00:00
Elie Habib
b8be2f6890 fix: sentry triage + SW POST method for PostHog ingest (#246) 
- Fix PostHog /ingest 404: Workbox registerRoute defaults to GET only,
  PostHog sends POST. Add POST routes for /api/ and /ingest/.
- Fix fullscreen crash: optional chaining on exitFullscreen()?.catch()
  for browsers returning undefined instead of Promise.
- Add 6 noise filters: __firefox__, ifameElement.contentDocument,
  Invalid video id, Fetch is aborted, Stylesheet append timeout,
  Cannot assign to read only property.
- Widen Program failed to link filter (remove ": null" suffix).
 2026-02-23 08:26:54 +00:00
Elie Habib
8504d5649a fix: layer help, SW ingest routing, toggle colors, v2.5.5 (#244) 
* feat: make intelligence alert popup opt-in via dropdown toggle

Auto-popup was interrupting users every 10s refresh cycle. Badge still
counts and pulses silently. New toggle in dropdown (default OFF) lets
users explicitly opt in to auto-popup behavior.

* chore: bump version to 2.5.5

## Changelog

### Features
- Intelligence alert popup is now opt-in (default OFF) — badge counts silently, toggle in dropdown to enable auto-popup

### Bug Fixes
- Linux: disable DMA-BUF renderer on WebKitGTK to prevent blank white screen (NVIDIA/immutable distros)
- Linux: add DejaVu Sans Mono + Liberation Mono font fallbacks for monospace rendering
- Consolidate monospace font stacks into --font-mono CSS variable (fixes undefined var bug)
- Reduce dedup coordinate rounding from 0.5° to 0.1° (~10km precision)
- Vercel build: handle missing previous deploy SHA
- Panel base class: add missing showRetrying method
- Vercel ignoreCommand shortened to fit 256-char limit

### Infrastructure
- Upstash Redis shared caching for all RPC handlers + cache key contamination fix
- Format Rust code and fix Windows focus handling

### Docs
- Community guidelines: contributing, code of conduct, security policy
- Updated .env.example

* chore: track Cargo.lock for reproducible Rust builds

* fix: update layer help popup with all current map layers

Added missing layers to the ? help popup across all 3 variants:
- Full: UCDP Events, Displacement, Spaceports, Cyber Threats, Fires,
  Climate Anomalies, Critical Minerals; renamed Shipping→Ship Traffic
- Tech: Tech Events, Cyber Threats, Fires
- Finance: GCC Investments

* docs: update README with crypto prices, analytics, typography, and dedup grid fix

* fix: add /ingest to service worker NetworkOnly routes

The SW was intercepting PostHog /ingest/* requests and returning
no-response (404) because no cache match existed. Adding NetworkOnly
ensures analytics requests pass through to Vercel's rewrite proxy.

* chore: update Cargo.lock for v2.5.5

* fix: use explicit colors for findings toggle switch visibility
 2026-02-23 08:01:46 +00:00
Sebastien Melki
c939cc6296 Proto-first API rebuild: sebuf contracts, handlers, gateway, and generated docs (#106) 
* docs: initialize sebuf integration project with codebase map

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* chore: add project config

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs: complete project research

* docs: define v1 requirements (34 requirements, 8 categories)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs: create roadmap (8 phases)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(01): capture phase context

* docs(state): record phase 1 context session

* docs(01): research phase domain - buf toolchain, sebuf codegen, proto patterns

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(01-proto-foundation): create phase plan

* chore(01-01): configure buf toolchain with buf.yaml, buf.gen.yaml, buf.lock

- buf.yaml v2 with STANDARD+COMMENTS lint, FILE+PACKAGE+WIRE_JSON breaking, deps on protovalidate and sebuf
- buf.gen.yaml configures protoc-gen-ts-client, protoc-gen-ts-server, protoc-gen-openapiv3 plugins
- buf.lock generated with resolved dependency versions

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat(01-01): add shared core proto type definitions

- geo.proto: GeoCoordinates with lat/lng validation, BoundingBox for spatial queries
- time.proto: TimeRange with google.protobuf.Timestamp start/end
- pagination.proto: cursor-based PaginationRequest (1-100 page_size) and PaginationResponse
- i18n.proto: LocalizableString for pre-localized upstream API strings
- identifiers.proto: typed ID wrappers (HotspotID, EventID, ProviderID) for cross-domain refs
- general_error.proto: GeneralError with RateLimited, UpstreamDown, GeoBlocked, MaintenanceMode

All files pass buf lint (STANDARD+COMMENTS) and buf build with zero errors.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(01-01): complete buf toolchain and core proto types plan

- SUMMARY.md documents 2 tasks, 9 files created, 2 deviations auto-fixed
- STATE.md updated: plan 1/2 in phase 1, decisions recorded
- ROADMAP.md updated: phase 01 in progress (1/2 plans)
- REQUIREMENTS.md updated: PROTO-01, PROTO-02, PROTO-03 marked complete

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* refactor(01-01): use int64 epoch millis instead of google.protobuf.Timestamp

User preference: all time fields use int64 (Unix epoch milliseconds)
instead of google.protobuf.Timestamp for simpler serialization and
JS interop. Applied to TimeRange and MaintenanceMode.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat(01-02): create test domain proto files with core type imports

- Add test_item.proto with GeoCoordinates import and int64 timestamps
- Add get_test_items.proto with TimeRange and Pagination imports
- Add service.proto with HTTP annotations for TestService
- All proto files pass buf lint and buf build

* feat(01-02): run buf generate and create Makefile for code generation pipeline

- Add Makefile with generate, lint, clean, install, check, format, breaking targets
- Update buf.gen.yaml with managed mode and paths=source_relative for correct output paths
- Generate TypeScript client (TestServiceClient class) at src/generated/client/
- Generate TypeScript server (TestServiceHandler interface) at src/generated/server/
- Generate OpenAPI 3.1.0 specs (JSON + YAML) at docs/api/
- Core type imports (GeoCoordinates, TimeRange, Pagination) flow through to generated output

* docs(01-02): complete test domain code generation pipeline plan

- Create 01-02-SUMMARY.md with pipeline validation results
- Update STATE.md: phase 1 complete, 2/2 plans done, new decisions recorded
- Update ROADMAP.md: phase 1 marked complete (2/2)
- Update REQUIREMENTS.md: mark PROTO-04 and PROTO-05 complete

* docs(phase-01): complete phase execution and verification

* test(01): complete UAT - 6 passed, 0 issues

* feat(2A): define all 17 domain proto packages with generated clients, servers, and OpenAPI specs

Remove test domain protos (Phase 1 scaffolding). Add core enhancements
(severity.proto, country.proto, expanded identifiers.proto). Define all
17 domain services: seismology, wildfire, climate, conflict, displacement,
unrest, military, aviation, maritime, cyber, market, prediction, economic,
news, research, infrastructure, intelligence. 79 proto files producing
34 TypeScript files and 34 OpenAPI specs. buf lint clean, tsc clean.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(2B): add server runtime phase context and handoff checkpoint

Prepare Phase 2B with full context file covering deliverables,
key reference files, generated code patterns, and constraints.
Update STATE.md with resume pointer.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(2B): research phase domain

* docs(2B): create phase plan

* feat(02-01): add shared server infrastructure (router, CORS, error mapper)

- router.ts: Map-based route matcher from RouteDescriptor[] arrays
- cors.ts: TypeScript port of api/_cors.js with POST/OPTIONS methods
- error-mapper.ts: onError callback handling ApiError, network, and unknown errors

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat(02-01): implement seismology handler as first end-to-end proof

- Implements SeismologyServiceHandler from generated server types
- Fetches USGS M4.5+ earthquake GeoJSON feed and transforms to proto-shaped Earthquake[]
- Maps all fields: id, place, magnitude, depthKm, location, occurredAt (String), sourceUrl

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(02-01): complete server infrastructure plan

- SUMMARY.md with task commits, decisions, and self-check
- STATE.md updated: position, decisions, session info
- REQUIREMENTS.md: SERVER-01, SERVER-02, SERVER-06 marked complete

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat(02-02): create Vercel catch-all gateway, tsconfig.api.json, and typecheck:api script

- api/[[...path]].ts mounts seismology routes via catch-all with CORS on every response path
- tsconfig.api.json extends base config without vite/client types for edge runtime
- package.json adds typecheck:api script

* feat(02-02): add Vite dev server plugin for sebuf API routes

- sebufApiPlugin() intercepts /api/{domain}/v1/* in dev mode
- Uses dynamic imports to lazily load handler modules inside configureServer
- Converts Connect IncomingMessage to Web Standard Request
- CORS headers applied to all plugin responses (200, 204, 403, 404)
- Falls through to existing proxy rules for non-sebuf /api/* paths

* docs(02-02): complete gateway integration plan

- SUMMARY.md documenting catch-all gateway + Vite plugin implementation
- STATE.md updated: Phase 2B complete, decisions recorded
- ROADMAP.md updated: Phase 02 marked complete (2/2 plans)
- REQUIREMENTS.md: SERVER-03, SERVER-04, SERVER-05 marked complete

* docs(02-server-runtime): create gap closure plan for SERVER-05 Tauri sidecar

* feat(02-03): add esbuild compilation step for sebuf sidecar gateway bundle

- Create scripts/build-sidecar-sebuf.mjs that bundles api/[[...path]].ts into a single ESM .js file
- Add build:sidecar-sebuf npm script and chain it into the main build command
- Install esbuild as explicit devDependency
- Gitignore the compiled api/[[...path]].js build artifact

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(02-03): verify sidecar discovery and annotate SERVER-05 gap closure

- Confirm compiled bundle handler returns status 200 for POST requests
- Add gap closure note to SERVER-05 in REQUIREMENTS.md
- Verify typecheck:api and full build pipeline pass without regressions

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(02-03): complete sidecar sebuf bundle plan

- Create 02-03-SUMMARY.md documenting esbuild bundle compilation
- Update STATE.md with plan 03 position, decisions, and metrics
- Update ROADMAP.md plan progress (3/3 plans complete)
- Annotate SERVER-05 gap closure in REQUIREMENTS.md

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(phase-02): complete phase execution

* docs(2C): capture seismology migration phase context

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(state): record phase 2C context session

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(2C): research seismology migration phase

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(2C): create seismology migration phase plan

* feat(2C-01): annotate all int64 time fields with INT64_ENCODING_NUMBER

- Vendor sebuf/http/annotations.proto locally with Int64Encoding extension (50010)
- Remove buf.build/sebmelki/sebuf BSR dep, use local vendored proto instead
- Add INT64_ENCODING_NUMBER annotation to 34 time fields across 20 proto files
- Regenerate all TypeScript client and server code (time fields now `number` not `string`)
- Fix seismology handler: occurredAt returns number directly (no String() wrapper)
- All non-time int64 fields (displacement counts, population) left as string
- buf lint, buf generate, tsc, and sidecar build all pass with zero errors

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(2C-01): complete INT64_ENCODING_NUMBER plan

- Create 2C-01-SUMMARY.md with execution results and deviations
- Update STATE.md: plan 01 complete, int64 blocker resolved, new decisions
- Update ROADMAP.md: mark 2C-01 plan complete
- Update REQUIREMENTS.md: mark CLIENT-01 complete

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix(lint): exclude .planning/ from markdownlint

GSD planning docs use formatting that triggers MD032 -- these are
machine-generated and not user-facing.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat(2C-02): rewrite earthquake adapter to use SeismologyServiceClient and adapt all consumers to proto types

- Replace legacy fetch/circuit-breaker adapter with port/adapter wrapping SeismologyServiceClient
- Update 7 consuming files to import Earthquake from @/services/earthquakes (the port)
- Adapt all field accesses: lat/lon -> location?.latitude/longitude, depth -> depthKm, time -> occurredAt, url -> sourceUrl
- Remove unused filterByTime from Map.ts (only called for earthquakes, replaced with inline filter)
- Update e2e test data to proto Earthquake shape

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* chore(2C-02): delete legacy earthquake endpoint, remove Vite proxy, clean API_URLS config

- Delete api/earthquakes.js (legacy Vercel edge function proxying USGS)
- Remove /api/earthquake Vite dev proxy (sebufApiPlugin handles seismology now)
- Remove API_URLS.earthquakes entry from base config (no longer referenced)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(2C-02): complete seismology client wiring plan

- Create 2C-02-SUMMARY.md with execution results
- Update STATE.md: phase 2C complete, decisions, metrics
- Update ROADMAP.md: mark 2C-02 and phase 2C complete
- Mark requirements CLIENT-02, CLIENT-04, CLEAN-01, CLEAN-02 complete

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(phase-2C): complete phase execution

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(2D): create wildfire migration phase plan

* feat(2D-01): enhance FireDetection proto and implement wildfire handler

- Add region (field 8) and day_night (field 9) to FireDetection proto
- Regenerate TypeScript client and server types
- Implement WildfireServiceHandler with NASA FIRMS CSV proxy
- Fetch all 9 monitored regions in parallel via Promise.allSettled
- Graceful degradation to empty list when API key is missing

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat(2D-01): wire wildfire routes into gateway and rebuild sidecar

- Import createWildfireServiceRoutes and wildfireHandler in catch-all
- Mount wildfire routes alongside seismology in allRoutes array
- Rebuild sidecar-sebuf bundle with wildfire endpoint included

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(2D-01): complete wildfire handler plan

- Create 2D-01-SUMMARY.md with execution results
- Update STATE.md position to 2D plan 01 complete
- Update ROADMAP.md with 2D progress (1/2 plans)
- Mark DOMAIN-01 requirement complete

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat(2D-02): create wildfires service module and rewire all consumers

- Add src/services/wildfires/index.ts with fetchAllFires, computeRegionStats, flattenFires, toMapFires
- Rewire App.ts to import from @/services/wildfires with proto field mappings
- Rewire SatelliteFiresPanel.ts to import FireRegionStats from @/services/wildfires
- Update signal-aggregator.ts source comment

* chore(2D-02): delete legacy wildfire endpoint and service module

- Remove api/firms-fires.js (replaced by api/server/worldmonitor/wildfire/v1/handler.ts)
- Remove src/services/firms-satellite.ts (replaced by src/services/wildfires/index.ts)
- Zero dangling references confirmed
- Full build passes (tsc, vite, sidecar)

* docs(2D-02): complete wildfire consumer wiring plan

- Create 2D-02-SUMMARY.md with execution results
- Update STATE.md: phase 2D complete, progress ~52%
- Update ROADMAP.md: phase 2D plan progress

* docs(phase-2D): complete phase execution

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(phase-2E): research climate migration domain

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(2E): create phase plan

* feat(2E-01): implement climate handler with 15-zone monitoring and baseline comparison

- Create ClimateServiceHandler with 15 hardcoded monitored zones matching legacy
- Parallel fetch from Open-Meteo Archive API via Promise.allSettled
- 30-day baseline comparison: last 7 days vs preceding baseline
- Null filtering with paired data points, minimum 14-point threshold
- Severity classification (normal/moderate/extreme) and type (warm/cold/wet/dry/mixed)
- 1-decimal rounding for tempDelta and precipDelta
- Proto ClimateAnomaly mapping with GeoCoordinates

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat(2E-01): wire climate routes into gateway and rebuild sidecar

- Import createClimateServiceRoutes and climateHandler in catch-all gateway
- Mount climate routes alongside seismology and wildfire
- Rebuild sidecar-sebuf bundle with climate routes included

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(2E-01): complete climate handler plan

- Create 2E-01-SUMMARY.md with execution results
- Update STATE.md: position to 2E plan 01, add decisions
- Update ROADMAP.md: mark 2E-01 complete, update progress table

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat(2E-02): rewrite climate service module and rewire all consumers

- Replace src/services/climate.ts with src/services/climate/index.ts directory module
- Port/adapter pattern: ClimateServiceClient maps proto shapes to legacy consumer shapes
- Rewire ClimateAnomalyPanel, DeckGLMap, MapContainer, country-instability, conflict-impact
- All 6 consumers import ClimateAnomaly from @/services/climate instead of @/types
- Drop dead getSeverityColor function, keep getSeverityIcon and formatDelta
- Fix minSeverity required param in listClimateAnomalies call

* chore(2E-02): delete legacy climate endpoint and remove dead types

- Delete api/climate-anomalies.js (replaced by sebuf climate handler)
- Remove ClimateAnomaly and AnomalySeverity from src/types/index.ts
- Full build passes with zero errors

* docs(2E-02): complete climate client wiring plan

- Create 2E-02-SUMMARY.md with execution results
- Update STATE.md: phase 2E complete, decisions, session continuity
- Update ROADMAP.md: phase 2E progress

* docs(phase-2E): complete phase execution

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(2F): research prediction migration domain

* docs(2F): create prediction migration phase plans

* feat(2F-01): implement prediction handler with Gamma API proxy

- PredictionServiceHandler proxying Gamma API with 8s timeout
- Maps events/markets to proto PredictionMarket with 0-1 yesPrice scale
- Graceful degradation: returns empty markets on any failure (Cloudflare expected)
- Supports category-based events endpoint and default markets endpoint

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat(2F-01): wire prediction routes into gateway

- Import createPredictionServiceRoutes and predictionHandler
- Mount prediction routes in allRoutes alongside seismology, wildfire, climate
- Sidecar bundle rebuilt successfully (21.2 KB)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(2F-01): complete prediction handler plan

- SUMMARY.md with handler implementation details and deviation log
- STATE.md updated to 2F in-progress position with decisions
- ROADMAP.md updated to 1/2 plans complete for phase 2F
- REQUIREMENTS.md marked DOMAIN-02 complete

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat(2F-02): create prediction service module and rewire all consumers

- Create src/services/prediction/index.ts preserving all business logic from polymarket.ts
- Replace strategy 4 (Vercel edge) with PredictionServiceClient in polyFetch
- Update barrel export from polymarket to prediction in services/index.ts
- Rewire 7 consumers to import PredictionMarket from @/services/prediction
- Fix 3 yesPrice bugs: CountryIntelModal (*100), App.ts search (*100), App.ts snapshot (1-y)
- Drop dead code getPolymarketStatus()

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* chore(2F-02): delete legacy endpoint and remove dead types

- Delete api/polymarket.js (replaced by sebuf handler)
- Delete src/services/polymarket.ts (replaced by src/services/prediction/index.ts)
- Remove PredictionMarket interface from src/types/index.ts (now in prediction module)
- Type check and sidecar build both pass

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(2F-02): complete prediction consumer wiring plan

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(phase-2F): complete phase execution

* docs(phase-2F): fix roadmap plan counts and completion status

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(2G): research displacement migration phase

* docs(2G): create displacement migration phase plans

* feat(2G-01): implement displacement handler with UNHCR API pagination and aggregation

- 40-entry COUNTRY_CENTROIDS map for geographic coordinates
- UNHCR Population API pagination (10,000/page, 25-page guard)
- Year fallback: current year to current-2 until data found
- Per-country origin + asylum aggregation with unified merge
- Global totals computation across all raw records
- Flow corridor building sorted by refugees, capped by flowLimit
- All int64 fields returned as String() per proto types
- Graceful empty response on any failure

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat(2G-01): wire displacement routes into gateway and rebuild sidecar

- Import createDisplacementServiceRoutes and displacementHandler
- Mount displacement routes alongside seismology, wildfire, climate, prediction
- Sidecar bundle rebuilt with displacement included (31.0 KB)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(2G-01): complete displacement handler plan

- SUMMARY.md with execution metrics and decisions
- STATE.md updated to 2G phase position
- ROADMAP.md updated with 2G-01 plan progress

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat(2G-02): create displacement service module and rewire all consumers

- Create src/services/displacement/index.ts as port/adapter using DisplacementServiceClient
- Map proto int64 strings to numbers and GeoCoordinates to flat lat/lon
- Preserve circuit breaker, presentation helpers (getDisplacementColor, formatPopulation, etc.)
- Rewire App.ts, DisplacementPanel, MapContainer, DeckGLMap, conflict-impact, country-instability
- Delete legacy src/services/unhcr.ts

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* chore(2G-02): delete legacy endpoint and remove dead displacement types

- Delete api/unhcr-population.js (replaced by displacement handler from 2G-01)
- Remove DisplacementFlow, CountryDisplacement, UnhcrSummary from src/types/index.ts
- All consumers now import from @/services/displacement
- Sidecar rebuild, tsc, and full Vite build pass clean

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(2G-02): complete displacement consumer wiring plan

- SUMMARY.md with 2 task commits, decisions, deviation documentation
- STATE.md updated: phase 2G complete, 02/02 plans done
- ROADMAP.md updated with plan progress

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(phase-2G): complete phase execution

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(2H): research aviation migration phase

* docs(2H): create aviation migration phase plans

* feat(2H-01): implement aviation handler with FAA XML parsing and simulated delays

- Install fast-xml-parser for server-side XML parsing (edge-compatible)
- Create AviationServiceHandler with FAA NASSTATUS XML fetch and parse
- Enrich US airports with MONITORED_AIRPORTS metadata (lat, lon, name, icao)
- Generate simulated delays for non-US airports with rush-hour weighting
- Map short-form strings to proto enums (FlightDelayType, FlightDelaySeverity, etc.)
- Wrap flat lat/lon into GeoCoordinates for proto response
- Graceful empty alerts on any upstream failure

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat(2H-01): wire aviation routes into gateway and rebuild sidecar

- Mount createAviationServiceRoutes in catch-all gateway alongside 5 existing domains
- Import aviationHandler for route wiring
- Rebuild sidecar-sebuf bundle with aviation routes included

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(2H-01): complete aviation handler plan

- Create 2H-01-SUMMARY.md with execution results
- Update STATE.md position to 2H-01 with aviation decisions
- Update ROADMAP.md progress for phase 2H (1/2 plans)
- Mark DOMAIN-08 requirement as complete

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat(2H-02): create aviation service module and rewire all consumers

- Create src/services/aviation/index.ts as port/adapter wrapping AviationServiceClient
- Map proto enum strings to short-form (severity, delayType, region, source)
- Unwrap GeoCoordinates to flat lat/lon, convert epoch-ms updatedAt to Date
- Preserve circuit breaker with identical name string
- Rewire Map, DeckGLMap, MapContainer, MapPopup, map-harness to import from @/services/aviation
- Update barrel export: flights -> aviation
- Delete legacy src/services/flights.ts

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* chore(2H-02): delete legacy endpoint and remove dead aviation types

- Delete api/faa-status.js (replaced by aviation handler in 2H-01)
- Remove FlightDelaySource, FlightDelaySeverity, FlightDelayType, AirportRegion, AirportDelayAlert from src/types/index.ts
- Preserve MonitoredAirport with inlined region type union
- Full build (tsc + vite + sidecar) passes with zero errors

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(2H-02): complete aviation consumer wiring plan

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(phase-2H): complete phase execution

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(2I): research phase domain

* docs(2I): create phase plan

* feat(2I-01): implement ResearchServiceHandler with 3 RPCs

- arXiv XML parsing with fast-xml-parser (ignoreAttributes: false for attributes)
- GitHub trending repos with primary + fallback API URLs
- Hacker News Firebase API with 2-step fetch and bounded concurrency (10)
- All RPCs return empty arrays on failure (graceful degradation)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat(2I-01): mount research routes in gateway and rebuild sidecar

- Import createResearchServiceRoutes and researchHandler in catch-all gateway
- Add research routes to allRoutes array (after aviation)
- Sidecar bundle rebuilt (116.6 KB)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(2I-01): complete research handler plan

- SUMMARY.md with self-check passed
- STATE.md updated to phase 2I, plan 01 of 02
- ROADMAP.md updated with plan 2I-01 complete
- REQUIREMENTS.md: DOMAIN-05 marked complete

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat(2I-02): create research service module and delete legacy code

- Add src/services/research/index.ts with fetchArxivPapers, fetchTrendingRepos, fetchHackernewsItems backed by ResearchServiceClient
- Re-export proto types ArxivPaper, GithubRepo, HackernewsItem (no enum mapping needed)
- Circuit breakers wrap all 3 client calls with empty-array fallback
- Delete legacy API endpoints: api/arxiv.js, api/github-trending.js, api/hackernews.js
- Delete legacy service files: src/services/arxiv.ts, src/services/github-trending.ts, src/services/hackernews.ts
- Remove arxiv, githubTrending, hackernews entries from API_URLS and REFRESH_INTERVALS in config

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(2I-02): complete research consumer wiring plan

- SUMMARY.md documenting service module creation and 6 legacy file deletions
- STATE.md updated: phase 2I complete, decisions recorded
- ROADMAP.md updated: phase 2I marked complete

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(phase-2I): complete phase execution

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(2J): complete unrest migration research

* docs(2J): create unrest migration phase plans

* feat(2J-01): implement UnrestServiceHandler with ACLED + GDELT dual-fetch

- Create handler with listUnrestEvents RPC proxying ACLED API and GDELT GEO API
- ACLED fetch uses Bearer auth from ACLED_ACCESS_TOKEN env var, returns empty on missing token
- GDELT fetch returns GeoJSON protest events with no auth required
- Deduplication uses 0.5-degree grid + date key, preferring ACLED over GDELT on collision
- Severity classification and event type mapping ported from legacy protests.ts
- Sort by severity (high first) then recency (newest first)
- Graceful degradation: returns empty events on any upstream failure

* feat(2J-01): mount unrest routes in gateway and rebuild sidecar

- Import createUnrestServiceRoutes and unrestHandler in catch-all gateway
- Add unrest service routes to allRoutes array
- Sidecar bundle rebuilt to include unrest endpoint
- RPC routable at POST /api/unrest/v1/list-unrest-events

* docs(2J-01): complete unrest handler plan

- Create 2J-01-SUMMARY.md with execution results and self-check
- Update STATE.md with phase 2J position, decisions, session continuity
- Update ROADMAP.md with plan 01 completion status

* feat(2J-02): create unrest service module with proto-to-legacy type mapping

- Full adapter maps proto UnrestEvent to legacy SocialUnrestEvent shape
- 4 enum mappers: severity, eventType, sourceType, confidence
- fetchProtestEvents returns ProtestData with events, byCountry, highSeverityCount, sources
- getProtestStatus infers ACLED configuration from response event sources
- Circuit breaker wraps client call with empty fallback

* feat(2J-02): update services barrel, remove vite proxies, delete legacy files

- Services barrel: protests -> unrest re-export
- Vite proxy entries removed: /api/acled, /api/gdelt-geo
- Legacy files deleted: api/acled.js, api/gdelt-geo.js, src/services/protests.ts
- Preserved: api/acled-conflict.js (conflict domain), SocialUnrestEvent type

* docs(2J-02): complete unrest service module plan

- SUMMARY.md created with full adapter pattern documentation
- STATE.md updated: 2J-02 complete, decisions recorded
- ROADMAP.md updated: Phase 2J marked complete

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(phase-2J): complete phase execution

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(phase-2K): complete conflict migration research

* docs(2K): create phase plan

* feat(2K-01): implement ConflictServiceHandler with 3 RPCs

- listAcledEvents proxies ACLED API for battles/explosions/violence with Bearer auth
- listUcdpEvents discovers UCDP GED API version dynamically, fetches backward with 365-day trailing window
- getHumanitarianSummary proxies HAPI API with ISO-2 to ISO-3 country mapping
- All RPCs have graceful degradation returning empty on failure

* feat(2K-01): mount conflict routes in gateway and rebuild sidecar

- Add createConflictServiceRoutes and conflictHandler imports to catch-all gateway
- Spread conflict routes into allRoutes array (3 RPC endpoints)
- Rebuild sidecar bundle with conflict endpoints included

* docs(2K-01): complete conflict handler plan

- Create 2K-01-SUMMARY.md with execution details and self-check
- Update STATE.md: position to 2K-01, add 5 decisions
- Update ROADMAP.md: mark 2K-01 complete (1/2 plans done)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat(2K-02): create conflict service module with 4-shape proto-to-legacy type mapping

- Port/adapter mapping AcledConflictEvent -> ConflictEvent, UcdpViolenceEvent -> UcdpGeoEvent, HumanitarianCountrySummary -> HapiConflictSummary
- UCDP classifications derived heuristically from GED events (deaths/events thresholds -> war/minor/none)
- deduplicateAgainstAcled ported exactly with haversine + date + fatality matching
- 3 circuit breakers for 3 RPCs, exports 5 functions + 2 group helpers + all legacy types

* feat(2K-02): rewire consumer imports and delete 9 legacy conflict files

- App.ts consolidated from 4 direct imports to single @/services/conflict import
- country-instability.ts consolidated from 3 type imports to single ./conflict import
- Deleted 4 API endpoints: acled-conflict.js, ucdp-events.js, ucdp.js, hapi.js
- Deleted 4 service files: conflicts.ts, ucdp.ts, ucdp-events.ts, hapi.ts
- Deleted 1 dead code file: conflict-impact.ts
- UcdpGeoEvent preserved in src/types/index.ts (scope guard for map components)

* docs(2K-02): complete conflict service module plan

- SUMMARY.md with 4-shape proto adapter, consumer consolidation, 9 legacy deletions
- STATE.md updated: Phase 2K complete (2/2 plans), progress ~100%
- ROADMAP.md updated: Phase 2K marked complete

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(phase-2K): complete conflict migration phase execution

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(2L): research maritime migration phase domain

* docs(2L): create maritime migration phase plans

* feat(2L-01): implement MaritimeServiceHandler with 2 RPCs

- getVesselSnapshot proxies WS relay with wss->https URL conversion
- Maps density/disruptions to proto shape with GeoCoordinates nesting
- Disruption type/severity mapped from lowercase to proto enums
- listNavigationalWarnings proxies NGA MSI broadcast warnings API
- NGA military date parsing (081653Z MAY 2024) to epoch ms
- Both RPCs gracefully degrade to empty on upstream failure
- No caching (client-side polling manages refresh intervals)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat(2L-01): mount maritime routes in gateway and rebuild sidecar

- Import createMaritimeServiceRoutes and maritimeHandler
- Add maritime routes to allRoutes array in catch-all gateway
- Sidecar bundle rebuilt (148.0 KB) with maritime endpoints
- RPCs routable at /api/maritime/v1/get-vessel-snapshot and /api/maritime/v1/list-navigational-warnings

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(2L-01): complete maritime handler plan

- SUMMARY.md with 2 task commits documented
- STATE.md updated to 2L phase, plan 01/02 complete
- ROADMAP.md progress updated for phase 2L
- REQUIREMENTS.md: DOMAIN-06 marked complete

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat(2L-02): create maritime service module with hybrid fetch and polling/callback preservation

- Port/adapter wrapping MaritimeServiceClient for proto RPC path
- Full polling/callback architecture preserved from legacy ais.ts
- Hybrid fetch: proto RPC for snapshot-only, raw WS relay for candidates
- Proto-to-legacy type mapping for AisDisruptionEvent and AisDensityZone
- Exports fetchAisSignals, initAisStream, disconnectAisStream, getAisStatus, isAisConfigured, registerAisCallback, unregisterAisCallback, AisPositionData

* feat(2L-02): rewire consumer imports and delete 3 legacy maritime files

- cable-activity.ts: fetch NGA warnings via MaritimeServiceClient.listNavigationalWarnings() with NgaWarning shape reconstruction from proto fields
- military-vessels.ts: imports updated from './ais' to './maritime'
- Services barrel: updated from './ais' to './maritime'
- desktop-readiness.ts: service/api references updated to maritime handler paths
- Deleted: api/ais-snapshot.js, api/nga-warnings.js, src/services/ais.ts
- AisDisruptionEvent/AisDensityZone/AisDisruptionType preserved in src/types/index.ts

* docs(2L-02): complete maritime service module plan

- SUMMARY.md with hybrid fetch pattern, polling/callback preservation, 3 legacy files deleted
- STATE.md updated: phase 2L complete, 5 decisions recorded
- ROADMAP.md updated: 2L plans marked complete

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix: bind globalThis.fetch in all sebuf service clients

Generated sebuf clients store globalThis.fetch as a class property,
then call it as this.fetchFn(). This loses the window binding and
throws "Illegal invocation" in browsers. Pass { fetch: fetch.bind(globalThis) }
to all 11 client constructors.

Also includes vite.config.ts with all 10 migrated domain handlers
registered in the sebuf dev server plugin.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat: migrate cyber + economic domains to sebuf (12/17)

Cyber (Phase 2M):
- Create handler aggregating 5 upstream sources (Feodo, URLhaus, C2Intel, OTX, AbuseIPDB)
  with dedup, GeoIP hydration, country centroid fallback
- Create service module with CyberServiceClient + circuit breaker
- Delete api/cyber-threats.js, api/cyber-threats.test.mjs, src/services/cyber-threats.ts

Economic (Phase 2N) — consolidates 3 legacy services:
- Create handler with 3 RPCs: getFredSeries (FRED API), listWorldBankIndicators
  (World Bank API), getEnergyPrices (EIA API)
- Create unified service module replacing fred.ts, oil-analytics.ts, worldbank.ts
- Preserve all exported functions/types for EconomicPanel and TechReadinessPanel
- Delete api/fred-data.js, api/worldbank.js, src/services/fred.ts,
  src/services/oil-analytics.ts, src/services/worldbank.ts

Both domains registered in vite.config.ts and api/[[...path]].ts.
TypeScript check and vite build pass cleanly.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat: migrate infrastructure domain to sebuf (13/17)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat: migrate market domain to sebuf (14/17)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat: migrate news domain to sebuf (15/17)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat: migrate intelligence domain to sebuf (16/17)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat: migrate military domain to sebuf (17/17)

All 17 domains now have sebuf handlers registered in the gateway.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat: migrate intelligence services to sebuf client

Rewire pizzint.ts, cached-risk-scores.ts, and threat-classifier.ts
to use IntelligenceServiceClient instead of legacy /api/ fetch calls.
Handler now preserves raw threat level in subcategory field.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat: migrate military theater posture to sebuf client

Rewire cached-theater-posture.ts to use MilitaryServiceClient instead
of legacy /api/theater-posture fetch. Adds theater metadata map for
proto→legacy TheaterPostureSummary adapter. UI gracefully falls back
to total counts when per-type breakdowns aren't available.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat: rewire country-intel to sebuf client

Replace legacy fetch('/api/country-intel') with typed
IntelligenceServiceClient.getCountryIntelBrief() RPC call in App.ts.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat: migrate stablecoin-markets to sebuf (market domain)

Add ListStablecoinMarkets RPC to market service. Port CoinGecko
stablecoin peg-health logic from api/stablecoin-markets.js into
the market handler. Rewire StablecoinPanel to use typed sebuf client.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat: migrate etf-flows to sebuf (market domain)

Add ListEtfFlows RPC to market service. Port Yahoo Finance BTC spot
ETF flow estimation logic from api/etf-flows.js into the market handler.
Rewire ETFFlowsPanel to use typed sebuf client.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat: migrate worldpop-exposure to sebuf (displacement domain)

Add GetPopulationExposure RPC to displacement service. Port country
population data and radius-based exposure estimation from
api/worldpop-exposure.js into the displacement handler. Rewire
population-exposure.ts to use typed sebuf client.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* chore: remove superseded legacy edge functions

Delete 4 legacy api/*.js files that are now fully replaced by
sebuf handlers:
- api/stablecoin-markets.js -> market/ListStablecoinMarkets
- api/etf-flows.js -> market/ListEtfFlows
- api/worldpop-exposure.js -> displacement/GetPopulationExposure
- api/classify-batch.js -> intelligence/ClassifyEvent

Remaining legacy files are still actively used by client code
(stock-index, opensky, gdelt-doc, rss-proxy, summarize endpoints,
macro-signals, tech-events) or are shared utilities.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* chore: delete dead legacy files and unused API_URLS config

Remove coingecko.js, debug-env.js, cache-telemetry.js, _cache-telemetry.js
(all zero active consumers). Delete unused API_URLS export from base config.
Update desktop-readiness market-panel metadata to reference sebuf paths.
Remove dead CoinGecko dev proxy from vite.config.ts.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat: migrate stock-index and opensky to sebuf

- Add GetCountryStockIndex RPC to market domain (Yahoo Finance + cache)
- Fill ListMilitaryFlights stub in military handler (OpenSky with bounding box)
- Rewire App.ts stock-index fetch to MarketServiceClient.getCountryStockIndex()
- Delete api/stock-index.js and api/opensky.js edge functions
- OpenSky client path unchanged (relay primary, vite proxy for dev)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* wip: sebuf legacy migration paused at phase 3/10

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(03): capture phase context

* docs(state): record phase 3 context session

* docs(03): research phase domain

* docs(03): create phase plan — 5 plans in 2 waves

* feat(03-01): commit wingbits migration (step 3) -- 3 RPCs added to military domain

- Add GetAircraftDetails, GetAircraftDetailsBatch, GetWingbitsStatus RPCs
- Rewire src/services/wingbits.ts to use MilitaryServiceClient
- Update desktop-readiness.ts routes to match new RPC paths
- Delete legacy api/wingbits/ edge functions (3 files)
- Regenerate military service client/server TypeScript + OpenAPI docs

* feat(03-02): add SummarizeArticle proto and implement handler

- Create summarize_article.proto with request/response messages
- Add SummarizeArticle RPC to NewsService proto
- Implement full handler with provider dispatch (ollama/groq/openrouter)
- Port cache key builder, deduplication, prompt builder, think-token stripping
- Inline Upstash Redis helpers for edge-compatible caching

* feat(03-01): migrate gdelt-doc to intelligence RPC + delete _ip-rate-limit.js

- Add SearchGdeltDocuments RPC to IntelligenceService proto
- Implement searchGdeltDocuments handler (port from api/gdelt-doc.js)
- Rewire src/services/gdelt-intel.ts to use IntelligenceServiceClient
- Delete legacy api/gdelt-doc.js edge function
- Delete dead api/_ip-rate-limit.js (zero importers)
- Regenerate intelligence service client/server TypeScript + OpenAPI docs

* feat(03-02): rewire summarization client to NewsService RPC, delete 4 legacy files

- Replace direct fetch to /api/{provider}-summarize with NewsServiceClient.summarizeArticle()
- Preserve identical fallback chain: ollama -> groq -> openrouter -> browser T5
- Delete api/groq-summarize.js, api/ollama-summarize.js, api/openrouter-summarize.js
- Delete api/_summarize-handler.js and api/_summarize-handler.test.mjs
- Update desktop-readiness.ts to reference new sebuf route

* feat(03-03): rewire MacroSignalsPanel to EconomicServiceClient + delete legacy

- Replace fetch('/api/macro-signals') with EconomicServiceClient.getMacroSignals()
- Add mapProtoToData() to convert proto optional fields to null for rendering
- Delete legacy api/macro-signals.js edge function

* feat(03-04): add ListTechEvents proto, city-coords data, and handler

- Create list_tech_events.proto with TechEvent, TechEventCoords messages
- Add ListTechEvents RPC to ResearchService proto
- Extract 360-city geocoding table to api/data/city-coords.ts
- Implement listTechEvents handler with ICS+RSS parsing, curated events, dedup, filtering
- Regenerate TypeScript client/server from proto

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(03-01): complete wingbits + GDELT doc migration plan

- Create 03-01-SUMMARY.md with execution results
- Update STATE.md with plan 01 completion, steps 3-4 done
- Update ROADMAP.md plan progress (2/5 plans complete)
- Mark DOMAIN-10 requirement complete

* docs(03-02): complete summarization migration plan

- Create 03-02-SUMMARY.md with execution results
- Update STATE.md position to step 6/10
- Update ROADMAP.md plan progress
- Mark DOMAIN-09 requirement complete

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat(03-04): rewire TechEventsPanel and App to ResearchServiceClient, delete legacy

- Replace fetch('/api/tech-events') with ResearchServiceClient.listTechEvents() in TechEventsPanel
- Replace fetch('/api/tech-events') with ResearchServiceClient.listTechEvents() in App.loadTechEvents()
- Delete legacy api/tech-events.js (737 lines)
- TypeScript compiles cleanly with no references to legacy endpoint

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(03-03): complete macro-signals migration plan

- Create 03-03-SUMMARY.md with execution results
- Mark DOMAIN-04 requirement complete in REQUIREMENTS.md

* docs(03-04): complete tech-events migration plan

- Add 03-04-SUMMARY.md with execution results
- Update STATE.md: advance to plan 5/step 8, add decisions
- Update ROADMAP.md: 4/5 plans complete for phase 03

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat(03-05): add temporal baseline protos + handler with Welford's algorithm

- GetTemporalBaseline RPC: anomaly detection with z-score thresholds
- RecordBaselineSnapshot RPC: batch update via Welford's online algorithm
- Inline mgetJson helper for Redis batch reads
- Inline getCachedJson/setCachedJson Redis helpers
- Generated TypeScript client/server + OpenAPI docs

* feat(03-05): migrate temporal-baseline + tag non-JSON + final cleanup

- Rewire temporal-baseline.ts to InfrastructureServiceClient RPCs
- Delete api/temporal-baseline.js (migrated to sebuf handler)
- Delete api/_upstash-cache.js (no importers remain)
- Tag 6 non-JSON edge functions with // Non-sebuf: comment header
- Update desktop-readiness.ts: fix stale cloudflare-outages reference

* docs(03-05): complete temporal-baseline + non-JSON tagging + final cleanup plan

- SUMMARY.md with Welford algorithm migration details
- STATE.md updated: Phase 3 complete (100%)
- ROADMAP.md updated: 5/5 plans complete

* chore(03): delete orphaned ollama-summarize test after RPC migration

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(phase-3): complete phase execution

* docs(v1): create milestone audit report

Audits all 13 phases of the v1 sebuf integration milestone.
12/13 phases verified (2L maritime missing VERIFICATION.md).
25/34 requirements satisfied, 6 superseded, 2 partial, 1 unsatisfied (CLEAN-03).
All 17 domains wired end-to-end. Integration check passes.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(v1): update audit — mark CLEAN-03/04 + MIGRATE-* as superseded

CLEAN-03 superseded by port/adapter architecture (internal types
intentionally decoupled from proto wire types). MIGRATE-01-05
superseded by direct cutover approach. DOMAIN-03 checkbox updated.
Milestone status: tech_debt (no unsatisfied requirements).

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(roadmap): add gap closure phase 4 — v1 milestone cleanup

Closes all audit gaps: CLIENT-03 circuit breaker coverage, DOMAIN-03/06
verification gaps, documentation staleness, orphaned code cleanup.
Fixes traceability table phase assignments to match actual roadmap phases.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* chore(03): commit generated NewsService OpenAPI specs + checkpoint update

SummarizeArticle RPC was added during Phase 3 plan 02 but generated
OpenAPI specs were not staged with that commit.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(04): research phase domain

* docs(04): create phase plan

* docs(04-01): fix ROADMAP.md Phase 3 staleness and delete .continue-here.md

- Change Phase 3 heading from IN PROGRESS to COMPLETE
- Check off plans 03-03, 03-04, 03-05 (all were already complete)
- Delete stale .continue-here.md (showed task 3/10 in_progress but all 10 done)

* feat(04-02): add circuit breakers to seismology, wildfire, climate, maritime

- Seismology: wrap listEarthquakes in breaker.execute with empty-array fallback
- Wildfire: replace manual try/catch with breaker.execute for listFireDetections
- Climate: replace manual try/catch with breaker.execute for listClimateAnomalies
- Maritime: wrap proto getVesselSnapshot RPC in snapshotBreaker.execute, preserve raw relay fallback

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat(04-02): add circuit breakers to news summarization and GDELT intelligence

- Summarization: wrap newsClient.summarizeArticle in summaryBreaker.execute for both tryApiProvider and translateText
- GDELT: wrap client.searchGdeltDocuments in gdeltBreaker.execute, replace manual try/catch
- Fix: include all required fields (tokens, reason, error, errorType, query) in fallback objects
- CLIENT-03 fully satisfied: all 17 domains have circuit breaker coverage

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat(04-01): create 2L-VERIFICATION.md, fix desktop-readiness.ts, complete service barrel

- Create retroactive 2L-VERIFICATION.md with 12/12 must-haves verified
- Fix map-layers-core and market-panel stale file refs in desktop-readiness.ts
- Fix opensky-relay-cloud stale refs (api/opensky.js deleted)
- Add missing barrel re-exports: conflict, displacement, research, wildfires, climate
- Skip military/intelligence/news barrels (would cause duplicate exports)
- TypeScript compiles cleanly with zero errors

* docs(04-02): complete circuit breaker coverage plan

- SUMMARY.md: 6 domains covered, CLIENT-03 satisfied, 1 deviation (fallback type fix)
- STATE.md: Phase 4 plan 02 complete, position and decisions updated
- ROADMAP.md: Phase 04 marked complete (2/2 plans)
- REQUIREMENTS.md: CLIENT-03 marked complete

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(04-01): complete documentation fixes plan

- Create 04-01-SUMMARY.md with execution results
- Update STATE.md with Plan 01 completion and decisions
- Update ROADMAP.md: Plan 04-01 checked, progress 1/2

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs(phase-04): complete phase verification and fix tracking gaps

ROADMAP.md Phase 4 status updated to Complete, 04-02 checkbox checked,
progress table finalized. REQUIREMENTS.md coverage summary updated
(27 complete, 0 partial/pending). STATE.md reflects verified phase.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat(military): migrate USNI fleet tracker to sebuf RPC

Port all USNI Fleet Tracker parsing logic from api/usni-fleet.js into
MilitaryService.GetUSNIFleetReport RPC with proto definitions, inline
Upstash caching (6h fresh / 7d stale), and client adapter mapping.
Deletes legacy edge function and _upstash-cache.js dependency.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* refactor: add proto validation annotations and split all 17 handler files into per-RPC modules

Phase A: Added buf.validate constraints to ~25 proto files (~130 field annotations
including required IDs, score ranges, coordinate bounds, page size limits).

Phase B: Split all 17 domain handler.ts files into per-RPC modules with thin
re-export handler.ts files. Extracted shared Redis cache helpers to
api/server/_shared/redis.ts.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs: add ADDING_ENDPOINTS guide and update Contributing section

All JSON endpoints must use sebuf — document the complete workflow for
adding RPCs to existing services and creating new services, including
proto conventions, validation annotations, and generated OpenAPI docs.

Update DOCUMENTATION.md Contributing section to reference the new guide
and remove the deprecated "Adding a New API Proxy" pattern.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix: add blank lines before lists to pass markdown lint (MD032)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix: disambiguate duplicate city keys in city-coords

Vercel's TypeScript check treats duplicate object keys as errors (TS1117).
Rename 'san jose' (Costa Rica) -> 'san jose cr' and
'cambridge' (UK) -> 'cambridge uk' to avoid collision.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix: resolve Vercel deployment errors — relocate hex-db + fix TS strict-null

- Move military-hex-db.js next to handler (fixes Edge Function unsupported module)
- Fix strict-null TS errors across 12 handler files (displacement, economic,
  infrastructure, intelligence, market, military, research, wildfire)
- Add process declare to wildfire handler, prefix unused vars, cast types

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix: convert military-hex-db to .ts for Edge Function compatibility

Vercel Edge bundler can't resolve .js data modules from .ts handlers.
Also remove unused _region variable.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix: inline military hex db as packed string to avoid Edge Function module error

Vercel Edge bundler can't resolve separate data modules. Inline 20K hex
IDs as a single concatenated string, split into Set at runtime.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix: remove broken export { process } from 4 _shared files

declare const is stripped in JS output, making export { process }
reference nothing. No consumers import it — each handler file has
its own declare.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix: move server/ out of api/ to fix Vercel catch-all routing

Vercel's file-based routing was treating api/server/**/*.ts as individual
API routes, overriding the api/[[...path]].ts catch-all for multi-segment
paths like /api/infrastructure/v1/list-service-statuses (3 segments).
Moving to server/ at repo root removes the ambiguity.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix: rename catch-all to [...path] — [[...path]] is Next.js-only syntax

Vercel's native edge function routing only supports [...path] for
multi-segment catch-all matching. The [[...path]] double-bracket syntax
is a Next.js feature and was only matching single-segment paths.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix: add dynamic segment route for multi-segment API paths

Vercel's native file-based routing for non-Next.js projects doesn't
support [...path] catch-all matching multiple segments. Use explicit
api/[domain]/v1/[rpc].ts which matches /api/{domain}/v1/{rpc} via
standard single-segment dynamic routing that Vercel fully supports.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix: remove conflicting [...path] catch-all — replaced by [domain]/v1/[rpc]

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix: widen CORS pattern to match all Vercel preview URL formats

Preview URLs use elie-ab2dce63 not elie-habib-projects as the team slug.
Broaden pattern to elie-[a-z0-9]+ to cover both.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix: update sidecar build script for new api/[domain]/v1/[rpc] path

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* chore: trigger Vercel rebuild for all variants

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix: address PR #106 review — critical bugs, hardening, and cleanup

Fixes from @koala73's code review:

Critical:
- C-1: Add max-size eviction (2048 cap) to GeoIP in-memory cache
- C-2: Move type/source/severity filters BEFORE .slice(pageSize) in cyber handler
- C-3: Atomic SET with EX in Redis helper (single Upstash REST call)
- C-4: Add AbortSignal.timeout(30s) to LLM fetch in summarize-article

High:
- H-1: Add top-level try/catch in gateway with CORS-aware 500 response
- H-3: Sanitize error messages — generic text for 5xx, passthrough for 4xx only
- H-4: Add timeout (10s) + Redis cache (5min) to seismology handler
- H-5: Add null guards (optional chaining) in seismology USGS feature mapping
- H-6: Race OpenSky + Wingbits with Promise.allSettled instead of sequential fallback
- H-8: Add Redis cache (5min TTL) to infrastructure service-status handler

Medium:
- M-12/M-13: Fix HAPI summary field mappings (iso3 from countryCode, internallyDisplaced)

Infrastructure:
- R-1: Remove .planning/ from git tracking, add to .gitignore
- Port UCDP parallel page fetching from main branch (#198)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix: address PR #106 review issues — hash, CORS, router, cache, LLM, GeoIP

Fixes/improvements from PR #106 code review tracking issues:

- #180: Replace 32-bit hash (Java hashCode/DJB2) with unified FNV-1a 52-bit
  hash in server/_shared/hash.ts, greatly reducing collision probability
- #182: Cache router construction in Vite dev plugin — build once, invalidate
  on HMR changes to server/ files
- #194: Add input length limits for LLM prompt injection (headlines 500 chars,
  title 500 chars, geoContext 2000 chars, max 10 headlines)
- #195/#196: GeoIP AbortController — cancel orphaned background workers on
  timeout instead of letting them fire after response is sent
- #198: Port UCDP partial-result caching from main — 10min TTL for partial
  results vs 6hr for complete, with in-memory fallback cache

Proto codegen regenerated for displacement + conflict int64_encoding changes.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix: restore fast-xml-parser dependency needed by sebuf handlers

Main branch removed fast-xml-parser in v2.5.1 (legacy edge functions
no longer needed it), but sebuf handlers in aviation/_shared.ts and
research/list-arxiv-papers.ts still import it for XML API parsing.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs: fix stale paths, version badge, and local-backend-audit for sebuf

- ADDING_ENDPOINTS.md: fix handler paths from api/server/ to server/,
  fix import depth (4 levels not 5), fix gateway extension (.js not .ts)
- DOCUMENTATION.md: update version badge 2.1.4 -> 2.5.1, fix broken
  ROADMAP.md links to .planning/ROADMAP.md, fix handler path reference
- COMMUNITY-PROMOTION-GUIDE.md: add missing v2.5.1 to version table
- local-backend-audit.md: rewrite for sebuf architecture — replace all
  stale api/*.js references with sebuf domain handler paths

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs: use make commands, add generation-before-push warning, bump sebuf to v0.7.0

- ADDING_ENDPOINTS.md: replace raw `cd proto && buf ...` with `make check`,
  `make generate`, `make install`; add warning that `make generate` must run
  before pushing proto changes (links to #200)
- Makefile: bump sebuf plugin versions from v0.6.0 to v0.7.0
- PR description also updated to use make commands

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* chore: make install installs everything, document setup

- Makefile: `make install` now installs buf, sebuf plugins, npm deps,
  and proto deps in one command; pin buf and sebuf versions as variables
- ADDING_ENDPOINTS.md: updated prerequisites to show `make install`
- DOCUMENTATION.md: updated Installation section with `make install`
  and generation reminder

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix: address PR #106 re-review issues — timeouts, iso3, pagination, CORS, dedup

- NEW-1: HAPI handler now returns ISO-3 code (via ISO2_TO_ISO3 lookup) instead of ISO-2
- NEW-3: Aviation FAA fetch now has AbortSignal.timeout(15s)
- NEW-4: Climate Open-Meteo fetch now has AbortSignal.timeout(20s)
- NEW-5: Wildfire FIRMS fetch now has AbortSignal.timeout(15s)
- NEW-6: Seismology now respects pagination.pageSize (default 500)
- NEW-9: Gateway wraps getCorsHeaders() in try/catch with safe fallback
- NEW-10: Tech events dedup key now includes start year to avoid dropping yearly variants

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix: address PR #106 round 2 — seismology crash, tsconfig, type contracts

- Fix _req undefined crash in seismology handler (renamed to req)
- Cache full earthquake set, slice on read (avoids cache pollution)
- Add server/ to tsconfig.api.json includes (catches type errors at build)
- Remove String() wrappers on numeric proto fields in displacement/HAPI
- Fix hashString re-export not available locally in news/_shared.ts

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix: loadMarkets heatmap regression, stale test, Makefile playwright

- Add finnhub_skipped + skip_reason to ListMarketQuotesResponse proto
- Wire skipped signal through handler → adapter → App.loadMarkets
- Fix circuit breaker cache conflating different symbol queries (cacheTtlMs: 0)
- Use dynamic fetch wrapper so e2e test mocks intercept correctly
- Update e2e test mocks from old endpoints to sebuf proto endpoints
- Delete stale summarization-chain.test.mjs (imports deleted files)
- Add install-playwright target to Makefile

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix: add missing proto fields to emptyStockFallback (build fix)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix(quick-1): fix country fallback, ISO-2 contract, and proto field semantics

- BLOCKING-1: Return undefined when country has no ISO3 mapping instead of wrong country data
- BLOCKING-2: country_code field now returns ISO-2 per proto contract
- MEDIUM-1: Rename proto fields from humanitarian to conflict-event semantics (populationAffected -> conflictEventsTotal, etc.)
- Update client service adapter to use new field names
- Regenerate TypeScript types from updated proto

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat(quick-1): add in-memory cache + in-flight dedup to AIS vessel snapshot

- HIGH-1: 10-second TTL cache matching client poll interval
- Concurrent requests share single upstream fetch (in-flight dedup)
- Follows same pattern as get-macro-signals.ts cache
- No change to RPC response shape

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix(quick-1): stub RPCs throw UNIMPLEMENTED, remove hardcoded politics, add tests

- HIGH-2: listNewsItems, summarizeHeadlines, listMilitaryVessels now throw UNIMPLEMENTED
- LOW-1: Replace hardcoded "Donald Trump" with date-based dynamic LLM context
- LOW-1 extended: Also fix same issue in intelligence/get-country-intel-brief.ts (Rule 2)
- MEDIUM-2: Add tests/server-handlers.test.mjs with 20 tests covering all review items

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix(quick-2): remove 3 dead stub RPCs (ListNewsItems, SummarizeHeadlines, ListMilitaryVessels)

- Delete proto definitions, handler stubs, and generated code for dead RPCs
- Clean _shared.ts: remove tryGroq, tryOpenRouter, buildPrompt, dead constants
- Remove 3 UNIMPLEMENTED stub tests from server-handlers.test.mjs
- Regenerate proto codegen (buf generate) and OpenAPI docs
- SummarizeArticle and all other RPCs remain intact

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix: address PR #106 review findings (stale snapshot, iso naming, scoring, test import)

- Serve stale AIS snapshot on relay failure instead of returning undefined
- Rename HapiConflictSummary.iso3 → iso2 to match actual ISO-2 content
- Fix HAPI fallback scoring: use weight 3 for combined political violence
  (civilian targeting is folded in, was being underweighted at 0)
- Extract deduplicateHeadlines to shared .mjs so tests import production code

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* test: add coverage for PR106 iso2 and fallback regressions

---------

Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Co-authored-by: Elie Habib <elie.habib@gmail.com>
 2026-02-21 03:39:56 +04:00
Elie Habib
7a57d39408 perf: split i18next, sentry, and panels into separate chunks 
Add manual chunk rules for i18next → i18n, @sentry/* → sentry, and
*Panel.ts → panels. Improves caching (stable vendor chunks) and
reduces main bundle size via parallel loading.

Closes #148
 2026-02-20 09:25:38 +04:00
Elie Habib
7ab3a8e76d fix: widen SW globIgnore to exclude all ML JS chunks 
Closes #169 — the `ml-*` pattern missed chunks without a hyphen,
causing ~60 MB of ML code to be precached by the service worker.
 2026-02-20 09:05:45 +04:00
Claude
cbd7c29f03 Merge main into tree-shake-locale-files, resolve workbox conflict 
Resolve conflict in vite.config.ts workbox config by combining both
branches: keep main's navigateFallback: null fix (prevents stale HTML
precache) while preserving the PR's locale-*.js glob ignore and
runtime cache strategy for lazy-loaded locale chunks.

https://claude.ai/code/session_01Hd1kUsbZaAw5vzhBWS9Mkx
 2026-02-20 04:32:14 +00:00
Elie Habib
86b83bae78 Add Brotli pre-compression for Vite build assets (#162) 
### Motivation
- Reduce client transfer sizes for static assets by emitting
pre-compressed Brotli artifacts at build time so edge/origin can serve
`.br` directly.
- Avoid dependency on third-party Vite compression packages when npm
registry/policy blocks installation by implementing a small,
self-contained build plugin.

### Description
- Added an inlined Vite build plugin `brotliPrecompressPlugin()` to
`vite.config.ts` that uses Node's `zlib.brotliCompress` to write `.br`
files for emitted assets with extensions
`(.js,.mjs,.css,.html,.svg,.json,.txt,.xml,.wasm)` larger than `1024`
bytes.
- Registered the plugin in the Vite `plugins` array so Brotli artifacts
are generated automatically during `vite build`.
- Documented build-time Brotli pre-compression and recommended Hetzner
Nginx settings (`gzip_static on` and `brotli_static on`) and Cloudflare
serving behavior in `README.md` under the Bandwidth Optimization
section.

### Testing
- Attempted to install `vite-plugin-compression2` and
`vite-plugin-compression`, but both `npm install -D` runs failed with a
`403 Forbidden` from the registry in this environment. (expected
fallback)
- Ran `npm run build` successfully and observed build completion without
errors.
- Verified generated Brotli files exist under `dist/` (examples:
`dist/index.html.br`, `dist/settings.html.br`, and multiple
`dist/assets/*.br`).

------
[Codex
Task](https://chatgpt.com/codex/tasks/task_e_6997827871e483339853aaae2971d2a3)
 2026-02-20 08:27:09 +04:00
Elie Habib
380f1b7235 Implement YouTube live stream detection via HTML parsing (#144) 
## Summary

Implements proper YouTube live stream detection by fetching the
channel's live page and parsing the HTML response for video ID and live
status, replacing the previous placeholder implementation.

## Type of change

- [x] New feature
- [ ] Bug fix
- [ ] New data source / feed
- [ ] New map layer
- [ ] Refactor / code cleanup
- [ ] Documentation
- [ ] CI / Build / Infrastructure

## Affected areas

- [x] API endpoints (`/api/*`)
- [ ] Other

## Changes

The YouTube Live plugin now:
- Constructs the proper YouTube channel live URL (handling both
`@handle` and plain channel names)
- Fetches the live page with appropriate User-Agent headers
- Parses the HTML response to extract `videoId` and `isLive` status
using regex patterns
- Returns structured JSON with video ID and live status, or null values
if no live stream is detected
- Maintains 5-minute cache control headers for performance

## Checklist

- [x] TypeScript compiles without errors
- [ ] No API keys or secrets committed
- [ ] Tested on [worldmonitor.app](https://worldmonitor.app) variant
- [ ] Tested on [tech.worldmonitor.app](https://tech.worldmonitor.app)
variant (if applicable)

## Test Plan

The implementation uses standard HTTP fetching and regex parsing. Verify
that:
- The endpoint correctly identifies live streams on active YouTube
channels
- The endpoint returns null values for channels without active streams
- Response caching works as expected (5-minute TTL)
 2026-02-20 08:22:33 +04:00
Claude
fb1efd2ebc fix: scope videoId and isLive to same videoDetails block 
The previous regex matched the first "videoId" anywhere in the YouTube
HTML and independently checked for "isLive": true anywhere else. On
channel pages with multiple video objects this could combine fields
from different objects, returning a non-live or unrelated video ID.

Now both fields are extracted from within the same "videoDetails" block
(the primary player's data), ensuring the videoId and live status
always correspond to each other. Fixed in both the Vite dev plugin and
the production edge function.

https://claude.ai/code/session_01684qa7XvS7sf9CShqU8zNg
 2026-02-20 04:19:37 +00:00
Elie Habib
0735ce5c78 Add build-time Brotli precompression for static assets 2026-02-20 08:04:02 +04:00
Lawyered
f2a1a2ccb5 fix(pwa): disable default navigateFallback in generated SW 2026-02-19 20:14:11 -05:00
Lawyered
7b7fe3cbdd fix(pwa): prevent stale HTML precache regression 2026-02-19 20:14:09 -05:00
Claude
4121113547 perf: tree-shake unused locale files from initial bundle 
Replace the static LOCALE_LOADERS map (14 explicit dynamic imports) with
import.meta.glob for lazy loading. English is now statically imported as
the always-needed fallback; all other 13 locales are loaded on demand.

- Statically import en.json so it's bundled eagerly (no extra fetch)
- Use import.meta.glob with negative pattern to lazy-load non-English
  locales only when the user actually switches language
- Add manualChunks rule to prefix lazy locale chunks with `locale-`
- Exclude locale-*.js from service worker precache via globIgnores
- Add CacheFirst runtime caching for locale files when loaded on demand

SW precache reduced from 43 entries (5587 KiB) to 29 entries (4840 KiB),
saving ~747 KiB from the initial download.

https://claude.ai/code/session_01TfRgC5GWsv51swxRSGxxeJ
 2026-02-19 21:47:27 +00:00
Claude
9fd1bf293d fix: implement live-stream detection in youtubeLivePlugin dev middleware 
The Vite dev plugin was hardcoding `{ videoId: null }` with a TODO,
causing LiveNewsPanel to never resolve actual live streams during local
development. Replace the stub with the same fetch-and-scrape approach
used by the production edge function (api/youtube/live.js): fetch the
channel's /live page and extract videoId + isLive from the HTML.

https://claude.ai/code/session_01684qa7XvS7sf9CShqU8zNg
 2026-02-19 21:34:02 +00:00
Elie Habib
bf2c0b1598 fix: replace Polymarket prod proxy with local Vite middleware plugin 
Removes circular dev→prod dependency. The new polymarketPlugin()
mirrors the edge function logic locally: validates params, fetches
from gamma-api.polymarket.com, and gracefully returns [] when
Cloudflare JA3 blocks server-side TLS (expected behavior).
 2026-02-20 01:33:24 +04:00
Elie Habib
98797c9b02 fix: restore update link fallback and PWA nav precache 2026-02-19 13:30:06 +04:00
Elie Habib
aa823bbb60 fix: exclude HTML from Workbox precache glob 2026-02-19 12:28:41 +04:00
Elie Habib
572f380856 release: v2.4.0 — live webcams, mobile detection fix, sentry triage 
- Live Webcams Panel with region filters and grid/single view (#111)
- Mobile detection: width-only, touch notebooks get desktop layout (#113)
- Le Monde RSS URL fix, workbox precache HTML, panel ordering migration
- Sentry: ML timeout catch, YT player guards, maplibre noise filters
- Changelog for v2.4.0
 2026-02-19 01:25:05 +04:00
Elie Habib
54f1a5d578 test: add coverage for finance/trending/reload and stabilize map harness 2026-02-17 19:22:55 +04:00
Elie Habib
a78a072079 fix(deploy): prevent stale chunk 404s after Vercel redeployment 
- vercel.json: add no-cache headers for / and /index.html so CDN never serves stale HTML
- main.ts: add vite:preloadError listener to auto-reload once on chunk 404s
- vite.config.ts: remove HTML from SW precache, add NetworkFirst for navigation requests
 2026-02-17 11:30:58 +04:00
Claude
01fb23df5c feat: add finance/trading variant with market-focused dashboard 
Add a new 'finance' site variant (finance.worldmonitor.app) following the
same pattern as the existing tech variant. Includes:

- Finance-specific RSS feeds: markets, forex, bonds, commodities, crypto,
  central banks, economic data, IPOs/M&A, derivatives, fintech, regulation,
  institutional investors, and market analysis (all free/open RSS sources)
- Finance-focused panels with trading-themed labels (Market Headlines,
  Live Markets, Forex & Currencies, Fixed Income, etc.)
- Geographic data for stock exchanges (30+), financial centers (20+),
  central banks (14), and commodity hubs (10) worldwide
- Four new map layers: stockExchanges, financialCenters, centralBanks,
  commodityHubs with tier-based icons and zoom-dependent labels
- Map popup rendering for all finance marker types
- Variant switcher updated with FINANCE tab in header
- Search modal with finance-specific sources and icons
- Vite HTML variant plugin metadata for SEO
- Build scripts (dev:finance, build:finance, test:e2e:finance)
- Tauri desktop config for Finance Monitor app

https://claude.ai/code/session_01CCmkws2EYuUHjYDonzXEtY
 2026-02-16 11:22:17 +01:00
Elie Habib
7e7ab126c8 fix: force immediate SW activation to prevent stale asset errors 
Add skipWaiting, clientsClaim, and cleanupOutdatedCaches to workbox
config. Fixes NS_ERROR_CORRUPTED_CONTENT / MIME type errors when
users have a cached service worker serving old HTML that references
asset hashes no longer on the CDN after redeployment.
 2026-02-15 20:37:23 +04:00
Elie Habib
e1925e735c Consolidate variant naming and fix PWA tile caching 
- Rename variant default from 'world' to 'full' across config files
- Replace all startups.worldmonitor.app references with tech.worldmonitor.app
- Add CARTO basemap tile caching to Workbox runtime config (basemaps.cartocdn.com)
 2026-02-15 00:15:33 +04:00