Replace docker/metadata GH Action with a docker-publish.sh driven workflow (supports auto-versioning, extra tags, multi-arch builds and optional builder). Update docs and READMEs to use the updater and new publish flow. Add server-side swarm/node blocklist support and admin nodes API. Improve auth endpoints (me, logout, switch, session accounts) and support account switching. Extend bots API to support custom LLM provider and optional endpoint. Enforce node blocklist on chat send/receive, refactor link preview handling into dedicated preview modules, and enhance notifications and posts like/repost handlers to accept both signed actions and regular auth flows. Misc: remove admin update UI details, add helper libs (media previews, node-blocklist, reposts, notifications, etc.), and minor housekeeping (pyc, workflow tweaks).
Introduce a one‑line Docker installer and environment examples, add CI and docker validation workflows, and update docs and tests.
Key changes:
- Add docker/install.sh installer that bootstraps /opt/synapsis, downloads compose files, optionally installs Docker, and generates secrets.
- Add top-level .env.example and docker/.env.example entries for shared storage and local development.
- Add GitHub Actions CI (ci.yml) with type checks, targeted vitest runs, build and docker-compose validation.
- Update existing docker workflow to set up QEMU and build multi‑arch images (amd64, arm64).
- Update README and docker/README to use the installer, point to the new repo, adjust local setup instructions, and note shared S3 env vars.
- Update docker-compose comments and include shared S3 env variables and defaults.
- Update .gitignore to ignore site-work mirrors.
- Tests: expand supported bot source types (add brave_news, youtube), increase POST_MAX_LENGTH from 400 to 600, add minimal user handle in mention handler tests, and add mocks & test adjustments in scheduler tests to keep them unit-scoped.
These changes simplify installation, add CI coverage (including Docker config validation), enable multi‑arch builds, and align tests with expanded bot source/validation behavior.
- Add logoData and faviconData columns to nodes table
- Create /api/admin/node/upload endpoint for direct DB storage
- Create /api/node/logo and /api/node/favicon endpoints to serve images
- Update admin page to use new upload endpoint
- Remove dependency on admin's personal S3 storage for node assets
Removed all E2EE chat endpoints, crypto logic, and related API routes, transitioning chat to plain text storage and transport. Updated chat send/receive endpoints to use signed actions and enforce DM privacy settings. Cleaned up Swarm chat inbox, key management, and related debug endpoints. Updated user profile to support DM privacy, improved search for handle queries, and refactored conversation/message logic to support the new model. Migrated bot settings and privacy settings to new locations.
Added `{ cache: 'no-store' }` to fetch requests for chat keys in both the chat page and useSodiumChat hook to prevent stale key data. Also updated the chat key query to order by `lastSeenAt` descending, ensuring the most recent bundle is retrieved.
Simplifies and clarifies the logic for selecting Base64 variants by using a Set to ensure uniqueness and order. This change improves maintainability and robustness when decoding Base64 strings with different variants.
Removed 'healing' logic and authoritative update propagation from handle registry and gossip code, simplifying handle upserts to only update on strictly newer timestamps. Enhanced sodium-chat key handling with robust base64 decoding and key repair logic. Added scripts for key inspection and crypto testing. Deleted unused healing module.
Added healing utilities to update the handle registry when a user profile is found at a new node domain. Enhanced upsertHandleEntries to accept a sourceDomain parameter, allowing authoritative updates from the owning node. Updated gossip logic to pass sender/target domains for proper trust handling during handle propagation. Integrated healing logic into chat key lookup to keep the registry accurate.
Adds the missing third argument (null) to sodium.crypto_generichash to ensure correct hashing behavior when generating the salt for storage key derivation.
Replaces legacy chat encryption modules with new sodium-based implementation. Adds and updates API routes for chat key management and debugging, introduces new hooks and scripts for sodium chat, and updates related database schema and configuration. Removes old crypto modules and updates dependencies accordingly.
The messages API now resolves and includes sender DIDs for received messages, enabling proper decryption in the chat UI. The chat page adds logic to decrypt self-encrypted messages for sent items and improves V2 envelope handling, while useChatEncryption now serializes ratchet state before storage.
Introduces helper functions to encrypt and decrypt a copy of sent messages for the sender using AES-GCM with a key derived from the identity public key. Updates message sending to include a self-encrypted payload, and modifies message reading logic to allow the sender to decrypt their own messages on any device.
Introduces support for V2 encrypted chat envelopes in the swarm inbox route, allowing storage and processing of new message formats. Enhances error handling and logging in both chat send and encryption hooks, including detection of remote nodes that do not support the V2 protocol and providing clearer error messages for users and developers.
Adds robust session serialization/deserialization for ratchet state, session cleanup for corrupted data, and improved error handling in chat encryption hooks. Enhances chat delivery to support both local and remote recipients, ensures conversation creation, and adds timeouts to key fetches. Also introduces utilities for deleting and clearing encrypted session data from storage.
Introduced a 'signature' field with a placeholder value ('signed-by-did-envelope') in the bundle payload to satisfy expected structure and prevent potential issues with undefined values. Added detailed comments explaining the reasoning and context for this change, particularly regarding the signing of the signedPreKey and the use of the DID key.
Refactors the chat key fetch API to support fallback lookups using user handle and did:web aliasing, improving reliability when primary lookups fail. Updates useChatEncryption to detect and repair 'Zombie State' where local keys exist but are missing on the server, ensuring keys are republished as needed. Modifies sendMessage to pass recipient handle and bind sessions to the correct DID, supporting aliasing scenarios.
Introduces an API route to proxy remote key bundle fetches, improving CORS handling for secure chat. Updates chat UI to handle error states and retries, enhances key/identity synchronization, and refactors message sending to support remote node domains. Also adds CORS preflight support to the .well-known chat route and improves in-memory key store management.
Introduces a 'did' field to SwarmUserProfile and related API routes to support decentralized identifiers. Refactors login flow to use soft navigation and synchronize AuthContext state, including new 'login' and enhanced 'unlockIdentity' methods for better user state management.
Major update to chat page with new conversation list, message thread view, and support for V2 end-to-end encrypted messaging using DIDs. Adds chat lock state, message sending, conversation deletion, and improved polling. Updates user API and types to include DID and chatPublicKey. Fixes race conditions in feed loading, adds message button to user profile, and improves crypto and identity hooks for better locked/unlocked state detection.
Introduces encrypted private key storage for nodes and users, updates chat message schema to support sender-side encryption, and adds supporting libraries and tests for cryptographic signing and identity unlock flows. Includes new database migrations, API route updates, and React components for identity unlock prompts.
Introduces a new chat page with end-to-end encryption, conversation list, and message thread UI. Adds new API endpoints for unread message count and debugging chat keys/messages. Improves chat key validation and reciprocal conversation/message creation for local recipients. Removes the old ChatWidget component. Updates login and chat API logic for better Turnstile and key handling.