// SYSTEM_LOG

CHANGELOG

Every mutation to the VibeFix codebase, logged and timestamped.

v0.4.1FEATURE2025-03-29

FEEDBACK_SYSTEM

  • +Added feedback modal accessible from footer
  • +Feedback types: bug report, feature request, general feedback, UI/UX issue
  • +Collects user message, email (optional), user agent, and page URL
  • +Feedback stored in Firestore with admin-only read access
  • +Added Firestore security rules for feedback collection
v0.4.0FIX2025-03-29

COMPREHENSIVE_BUG_FIXES

  • +Fixed edit page auth race condition - now waits for auth state before checking user
  • +Fixed waitlist API collection name mismatch with Firestore rules
  • +Fixed mobile vote buttons not calling handleVote properly
  • +Fixed admin allowlist default to enable email-based admin check
  • +Added auto-load for notifications and admin data when tabs are selected
  • +Added client-side comment nesting for proper reply threading
  • +Improved profile lookup efficiency for fallback usernames
  • +Fixed report modal to use fresh auth.currentUser
  • +Added search debounce (300ms) to reduce Firestore queries
  • +Smart Vibe Log title extraction - analyzes whole description for meaningful titles
  • +Added clickable library links after form/vibe-log submission
  • +Lowered moderation thresholds: approve at 60+ (was 75+), pending at 40+
  • +Moved Sign Out to SESSION section, added DELETE_ACCOUNT in Danger Zone
  • +Implemented full account deletion with data cleanup
  • +Updated footer with Velox Studio branding and social links
v0.3.1FEATURE2025-01-20

NOTIFICATIONS_SYSTEM

  • +Added notifications tab to user dashboard with unread count badge
  • +Implemented notification types: modification_request, comment_reply, post_approved, post_rejected, changelog
  • +Auto-notify post authors when admin requests modifications
  • +Added mark as read and mark all as read functionality
  • +Updated Firestore security rules for notifications collection
v0.3.0FEATURE2025-01-20

ADMIN_REPORT_MANAGEMENT

  • +Added full report management for admins: view, accept (delete post), reject (dismiss), request modification
  • +Added modification note text box for admin feedback to post authors
  • +Reports now show post links, status badges, and resolved history
  • +Fixed public profile 404 error - now fetches author info from Firestore
  • +Fixed sign-up 503 error - migrated to client-side Firebase Auth
v0.2.10FIX2025-01-20

CLIENT_SDK_MIGRATION

  • +Migrated all Firestore operations to Firebase Client SDK (bypasses server timeout)
  • +User-specific vote persistence using votes collection
  • +User-specific solved tracking using solved collection
  • +Report functionality saves to Firestore reports collection
  • +User stats on dashboard now fetch real data from Firestore
  • +Removed debug console.log statements for production
v0.2.9FEATURE2026-03-17

FIREBASE_AUTH_DB_MIGRATION

  • +Migrated auth client flows to Firebase Authentication
  • +Replaced Supabase sign-up and forgot-password API routes with Firebase Identity Toolkit
  • +Migrated shared content and waitlist data access from Supabase to Firestore
  • +Added Firebase admin token verification for protected API routes
v0.2.8FIX2026-03-17

AUTH_EMAIL_THROTTLING

  • +Added POST /api/auth/sign-up and POST /api/auth/forgot-password routes
  • +Applied server-side per-IP and per-email rate limiting for email-triggering auth flows
  • +Switched auth page sign-up and forgot-password to server endpoints
  • +Added client-side cooldown timer and retry messaging for sign-up/reset email actions
v0.2.6FIX2026-03-17

EMAIL_PASSWORD_AUTH

  • +Replaced magic-link-first auth UX with email/password sign-in flow
  • +Added sign-up and forgot-password modes to /auth
  • +Removed OTP resend dependency from primary login path to avoid Supabase OTP 429 friction
  • +Updated setup docs to reflect current auth behavior
v0.2.7FEATURE2026-03-17

PASSWORD_RESET_COMPLETION

  • +Added reset-password completion mode to /auth
  • +Auto-detects Supabase recovery links and switches to password reset form
  • +Updates password in-app and signs users out to re-authenticate with the new password
v0.2.5FEATURE2026-03-17

REAL_DATA_ENFORCEMENT

  • +Disabled mock fallback in shared content data layer and enforced Supabase service-role configuration
  • +Updated library feed to use API data only with explicit loading/error states
  • +Updated admin dashboard to remove mock fallback defaults and show explicit loading/error states
  • +Marked Priority 0 database migration milestone as completed in project tracker
v0.2.4FIX2026-03-17

ADMIN_CLAIMS_ACTIVATION

  • +Activated claims-based admin access by setting Supabase app_metadata role to admin
  • +Verified admin API guard path for /api/admin/dashboard uses claims-first authorization
  • +Hidden waitlist CTA/modal for signed-in users in navbar
  • +Replaced signed-in homepage waitlist prompts with product flow CTAs
v0.2.3FEATURE2026-03-17

OBSERVABILITY_AND_TEST_BASELINE

  • +Finalized claims-first admin authorization with nested claims support
  • +Kept legacy admin allowlist as an explicit bridge via ADMIN_ALLOWLIST_ENABLED
  • +Integrated Sentry runtime wiring for client, server, and edge environments
  • +Added Vitest + jsdom testing baseline with initial admin guard coverage
  • +Updated environment template and setup docs for monitoring and auth policy
v0.2.2FEATURE2026-03-17

PRIORITY0_COMPLETION

  • +Added /auth page with Supabase magic-link sign-in flow and session-aware navbar controls
  • +Added Supabase-backed content APIs for posts, post detail, profile detail, and admin dashboard
  • +Wired library, post detail, profile, and admin pages to backend APIs with mock fallback safety
  • +Added Zod request validation and rate limiting to waitlist, vibe-log, and moderation APIs
  • +Added structured JSON API logging and /api/health/supabase observability endpoint
  • +Expanded Supabase schema with users, posts, comments, and reports tables for migration
v0.2.1FIX2026-03-17

SUPABASE_BASELINE

  • +Integrated Supabase client setup for browser/server/admin usage
  • +Migrated waitlist API from local file storage to Supabase Postgres
  • +Added SQL schema for waitlist_entries and environment setup docs
  • +Protected /admin and /api/moderate with middleware and admin guards
  • +Added runtime checks for missing Supabase configuration with clear 503 responses
  • +Fixed environment loading issue by standardizing on .env.local
v0.2.0FEATURE2026-03-17

PLATFORM_EXPANSION

  • +Shipped full Library experience: searchable feed, category/sort filters, and detailed post pages
  • +Added Submit flows: structured form mode + AI-assisted Vibe Logger mode
  • +Launched profile and admin surfaces with moderation queue, reports, user management, and settings panels
  • +Implemented API routes for /api/waitlist, /api/vibe-log, and /api/moderate
  • +Enabled persistent local waitlist storage via data/waitlist.json and excluded /data from git
  • +Upgraded global metadata and SEO: Open Graph, Twitter cards, robots, and sitemap generation
  • +Integrated shared UI primitives (Navbar, Footer, WaitlistModal) across app routes
  • +Enabled remote image loading for Unsplash assets in Next.js image config
v0.1.0LAUNCH2026-03-10

GENESIS_DEPLOY

  • +Landing page live with dark hacker aesthetic
  • +Waitlist system — ACCESS_BETA, CLAIM_INVITE_NOW, JOIN THE SWARM all collecting emails
  • +Library placeholder page deployed
  • +Changelog page deployed
  • +Responsive design with mobile hamburger nav
  • +Scrolling ticker animation with community values
v0.0.1INIT2026-03-09

PROJECT_INIT

  • +Next.js + TypeScript + Tailwind CSS project scaffolded
  • +JetBrains Mono font integrated
  • +PRD finalized — MVP scope defined
  • +GitHub repository initialized

// END_OF_LOG