f28a48f560
docs: Update project plan for v1.1.0 completion
...
Comprehensive project plan updates to reflect v1.1.0 release:
New Documents:
- INDEX.md: Navigation index for all planning docs
- ROADMAP.md: Future version planning (v1.1.1 → v2.0.0)
- v1.1/RELEASE-STATUS.md: Complete v1.1.0 tracking
Updated Documents:
- v1/implementation-plan.md: Updated to v1.1.0, marked V1 100% complete
- v1.1/priority-work.md: Marked all items complete with actual effort
Changes:
- Fixed outdated status (was showing v0.9.5)
- Marked Micropub as complete (v1.0.0)
- Tracked all v1.1.0 features (search, slugs, migrations)
- Added clear roadmap for future versions
- Linked all ADRs and implementation reports
Project plan now fully synchronized with v1.1.0 "SearchLight" release.
🤖 Generated with [Claude Code](https://claude.com/claude-code )
Co-Authored-By: Claude <noreply@anthropic.com >
2025-11-25 11:31:43 -07:00
2eaf67279d
docs: Standardize all IndieAuth spec references to W3C URL
...
- Updated 42 references from indieauth.spec.indieweb.org to www.w3.org/TR/indieauth
- Ensures consistency across all documentation
- Points to the authoritative W3C specification
- No functional changes, documentation update only
Generated with Claude Code
Co-Authored-By: Claude <noreply@anthropic.com >
2025-11-24 11:54:04 -07:00
dca9604746
docs: Address Micropub design issues and clarify V1 scope
...
- Create ADR-029 for IndieAuth/Micropub integration strategy
- Address all critical issues from developer review:
- Add missing 'me' parameter to token endpoint
- Clarify PKCE as optional extension
- Define token security migration strategy
- Add authorization_codes table schema
- Define property mapping rules
- Clarify two authentication flows
- Simplify V1 scope per user decision:
- Remove update/delete operations from V1
- Focus on create-only functionality
- Reduce timeline from 8-10 to 6-8 days
- Update project plan with post-V1 roadmap:
- Phase 11: Update/delete operations (V1.1)
- Phase 12: Media endpoint (V1.2)
- Phase 13: Advanced IndieWeb features (V2.0)
- Phase 14: Enhanced features (V2.0+)
- Create token security migration documentation
- Update ADR-028 for consistency with simplified scope
BREAKING CHANGE: Token migration will invalidate all existing tokens for security
2025-11-24 11:39:13 -07:00
b184bc1316
docs: Update implementation plan to reflect v0.9.5 reality
...
Updated docs/projectplan/v1/implementation-plan.md to accurately track
current implementation status and clearly document unimplemented features.
Changes:
- Updated current version from 0.4.0 to 0.9.5
- Updated progress summary: Phases 1-5 complete (70% overall)
- Added "CRITICAL: Unimplemented Features" section with clear status
- Micropub endpoint: NOT IMPLEMENTED (critical V1 blocker)
- Notes CRUD API: NOT IMPLEMENTED (optional, deferred to V2)
- RSS feed: IMPLEMENTED (v0.6.0, needs verification)
- IndieAuth token endpoint: NOT IMPLEMENTED (for Micropub)
- Microformats validation: PARTIAL (markup exists, not validated)
- Updated summary checklist to reflect actual implementation:
- Admin web interface: COMPLETE (v0.5.2)
- Public web interface: COMPLETE (v0.5.0)
- RSS feed: COMPLETE (v0.6.0)
- Authentication: COMPLETE (v0.8.0 with PKCE)
- Test coverage: 87% overall
- Standards compliance: PARTIAL
- Updated timeline with realistic path to V1:
- Completed: ~35 hours (Phases 1-5)
- Remaining: ~15-25 hours (Micropub + validation)
- Path to V1: Micropub (12h), validation (4h), docs (3h), release (2h)
- Updated quality gates to reflect v0.9.5 achievements:
- Test coverage: 87% (exceeds 80% target)
- Manual testing: Complete (IndieLogin working)
- Production deployment: Complete (container + CI/CD)
- Security tests: Complete (PKCE, token hashing)
This update ensures the implementation plan accurately reflects the
significant progress made from v0.4.0 to v0.9.5 while clearly
documenting what remains for V1 release.
Related: Architect validation report identified discrepancies between
documented V1 scope and actual v0.9.5 implementation.
2025-11-24 11:03:05 -07:00
0cca8169ce
feat: Implement Phase 4 Web Interface with bugfixes (v0.5.2)
...
## Phase 4: Web Interface Implementation
Implemented complete web interface with public and admin routes,
templates, CSS, and development authentication.
### Core Features
**Public Routes**:
- Homepage with recent published notes
- Note permalinks with microformats2
- Server-side rendering (Jinja2)
**Admin Routes**:
- Login via IndieLogin
- Dashboard with note management
- Create, edit, delete notes
- Protected with @require_auth decorator
**Development Authentication**:
- Dev login bypass for local testing (DEV_MODE only)
- Security safeguards per ADR-011
- Returns 404 when disabled
**Templates & Frontend**:
- Base layouts (public + admin)
- 8 HTML templates with microformats2
- Custom responsive CSS (114 lines)
- Error pages (404, 500)
### Bugfixes (v0.5.1 → v0.5.2)
1. **Cookie collision fix (v0.5.1)**:
- Renamed auth cookie from "session" to "starpunk_session"
- Fixed redirect loop between dev login and admin dashboard
- Flask's session cookie no longer conflicts with auth
2. **HTTP 404 error handling (v0.5.1)**:
- Update route now returns 404 for nonexistent notes
- Delete route now returns 404 for nonexistent notes
- Follows ADR-012 HTTP Error Handling Policy
- Pattern consistency across all admin routes
3. **Note model enhancement (v0.5.2)**:
- Exposed deleted_at field from database schema
- Enables soft deletion verification in tests
- Follows ADR-013 transparency principle
### Architecture
**New ADRs**:
- ADR-011: Development Authentication Mechanism
- ADR-012: HTTP Error Handling Policy
- ADR-013: Expose deleted_at Field in Note Model
**Standards Compliance**:
- Uses uv for Python environment
- Black formatted, Flake8 clean
- Follows git branching strategy
- Version incremented per versioning strategy
### Test Results
- 405/406 tests passing (99.75%)
- 87% code coverage
- All security tests passing
- Manual testing confirmed working
### Documentation
- Complete implementation reports in docs/reports/
- Architecture reviews in docs/reviews/
- Design documents in docs/design/
- CHANGELOG updated for v0.5.2
### Files Changed
**New Modules**:
- starpunk/dev_auth.py
- starpunk/routes/ (public, admin, auth, dev_auth)
**Templates**: 10 files (base, pages, admin, errors)
**Static**: CSS and optional JavaScript
**Tests**: 4 test files for routes and templates
**Docs**: 20+ architectural and implementation documents
🤖 Generated with [Claude Code](https://claude.com/claude-code )
Co-Authored-By: Claude <noreply@anthropic.com >
2025-11-18 23:01:53 -07:00
a68fd570c7
that initial commit
2025-11-18 19:21:31 -07:00
