| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | fix(security): sanitize badge_wall_css server-side, render via textContent | Fuwn | 18 hours | 1 | -12/+1 |
| | | | | | | | | | | | | | | | | | Custom badge-wall CSS was sanitised only client-side with a fragile regex and injected via innerHTML, while the stored value stayed raw. Sanitise at the write boundary instead (setCSS, covering both the REST and GraphQL paths) with a css-tree pass that parses leniently and drops @import, behavior/-moz-binding, expression()/javascript: values, and </style> break-out attempts; render with textContent instead of innerHTML so break-out is impossible by construction (CSP already blocks inline script). css-tree stays server-only. A behaviour-gate test confirms ordinary CSS (backdrop-filter, content, url(), @media, @keyframes) is preserved while the dangerous constructs are removed. The previous regex also silently stripped all `content:` declarations; those now render correctly. | ||||
| * | style: apply biome autofixes and resolve remaining lint findings | Fuwn | 4 days | 2 | -28/+27 |
| | | | | | | | | | | | | | | | Auto-fixed cosmetic findings (import ordering, obj["k"]->obj.k, optional chaining, template literals, Date.now, parseInt radix, useless ternaries/ switch cases). Resolved the non-autofixable rest by hand: - Senpy: static-only class -> object literal (no this/static reliance). - app.html: var global shim -> window.global = window (keeps the shim, drops the unused-var flag). - biome-ignore with rationale for the logout document.cookie clear and the holodule scrape non-null assertion. Verified: biome check 0 diagnostics, svelte-check 0/0, 24/24 unit tests. | ||||
| * | feat(analytics): track umami events across core actions | Fuwn | 4 days | 1 | -2/+7 |
| | | | | | | | | | | Add a guarded track() wrapper (src/lib/analytics.ts) so programmatic events no-op instead of throwing when umami is absent (localhost), lazily loaded, or ad-blocked. Instrument the core loop (progress increment, roulette, list filter, force refresh), the auth funnel (log in/out, command palette), settings toggles/selects at the wrapper level, sync/debug/feed actions, and tool/sharing actions. | ||||
| * | refactor(locale): move hardcoded UI strings into english locale | Fuwn | 9 days | 1 | -47/+56 |
| | | | | | | | | | | | | | | | | | | Adds optional namespaces (common, errors, commandPalette, headTitle, notifications, schedule, events, home, reader, routes, badgePreview, badgeWall) and extends existing ones (settings.*, lists.*, tools.*, user.*, hololive.*) on the Locale interface. New fields are optional so japanese.ts can omit them; svelte-i18n's fallbackLocale handles the runtime miss. HeadTitle gains an optional routeKey prop for type-safe lookup. defaultActions becomes a factory so the command palette re-reads locale on language toggle. The existing JP feedback translation in routes/settings is preserved via japanese.ts. Out of scope (kept hardcoded): service-worker.ts, app.html, Landing*.svelte, tools.ts registry, Easter Event 2025 pages. | ||||
| * | fix(badges): hide outbound link notice | Fuwn | 2026-04-01 | 1 | -1/+1 |
| | | |||||
| * | chore(biome): drop formatter style overrides | Fuwn | 2026-03-01 | 3 | -345/+377 |
| | | |||||
| * | chore(biome): re-enable noImplicitAnyLet rule | Fuwn | 2026-03-01 | 1 | -1/+2 |
| | | |||||
| * | chore(biome): enable svelte formatting | Fuwn | 2026-03-01 | 1 | -337/+337 |
| | | |||||
| * | chore(types): decouple app code from fragile generated route types | Fuwn | 2026-03-01 | 1 | -1/+1 |
| | | |||||
| * | fix: Resolve all ESLint errors and warnings | Fuwn | 2026-01-29 | 1 | -3/+3 |
| | | |||||
| * | fix: Add null guards and improve error messaging for user lookups | Fuwn | 2026-01-23 | 2 | -5/+22 |
| | | |||||
| * | refactor: Migrate event handlers to new Svelte 5 syntax | Fuwn | 2026-01-23 | 1 | -19/+19 |
| | | |||||
| * | refactor(layout): Replace empty p elements with reusable Spacer component | Fuwn | 2026-01-23 | 1 | -17/+18 |
| | | |||||
| * | fix(html): Replace self-closing non-void HTML elements with proper closing tags | Fuwn | 2026-01-23 | 1 | -17/+17 |
| | | |||||
| * | format: Apply Prettier formatting | Fuwn | 2025-12-15 | 1 | -18/+20 |
| | | |||||
| * | feat(badges): Add a no-load query parameter | Fuwn | 2025-09-06 | 1 | -8/+15 |
| | | |||||
| * | style(src): Remove self-closing p and div tags | Fuwn | 2025-06-23 | 1 | -17/+17 |
| | | |||||
| * | feat: Move remaining localStorage usages to localforage | Fuwn | 2025-06-12 | 1 | -3/+4 |
| | | |||||
| * | fix(badges): Ignore empty user-set time | Fuwn | 2025-05-04 | 1 | -1/+1 |
| | | |||||
| * | fix(badges): Properly set badge time when mutating | Fuwn | 2025-05-02 | 1 | -1/+1 |
| | | |||||
| * | chore(prettier): use spaces instead of tabs | Fuwn | 2024-10-09 | 2 | -1047/+1047 |
| | | |||||
| * | fix(graphql): wait for database update on badge mutation | Fuwn | 2024-10-07 | 1 | -1/+0 |
| | | |||||
| * | fix(badges): fix field clearing regression | Fuwn | 2024-10-07 | 1 | -0/+2 |
| | | |||||
| * | chore(badges): remove old comments | Fuwn | 2024-10-06 | 1 | -40/+0 |
| | | |||||
| * | feat(badges): use locally cached identity | Fuwn | 2024-10-06 | 1 | -327/+301 |
| | | |||||
| * | feat(badges): return user for badge mutations | Fuwn | 2024-10-06 | 2 | -40/+62 |
| | | |||||
| * | feat(badges): use preferences graphql api | Fuwn | 2024-10-06 | 3 | -43/+55 |
| | | |||||
| * | feat(badges): move badge operations to graphql | Fuwn | 2024-10-06 | 4 | -400/+495 |
| | | |||||
| * | refactor(Data): rename database references | Fuwn | 2024-08-24 | 1 | -2/+2 |
| | | |||||
| * | refactor(Database): move Supabase user modules to User module | Fuwn | 2024-07-25 | 1 | -6/+6 |
| | | |||||
| * | refactor(Database): separate providers | Fuwn | 2024-07-25 | 1 | -2/+2 |
| | | |||||
| * | feat(BadgePreview): move seek buttons to preview panel | Fuwn | 2024-06-14 | 1 | -22/+4 |
| | | |||||
| * | feat(badges): overseer wording | Fuwn | 2024-06-13 | 1 | -5/+6 |
| | | |||||
| * | fix(match): delayed and subtitled time compatibility | Fuwn | 2024-05-24 | 1 | -4/+4 |
| | | |||||
| * | fix(badges): shadow hide refresh | Fuwn | 2024-05-21 | 1 | -1/+1 |
| | | |||||
| * | feat(badges): display number of shadow hidden | Fuwn | 2024-05-21 | 1 | -2/+4 |
| | | |||||
| * | fix(badges): use correct id when hiding | Fuwn | 2024-05-21 | 1 | -1/+1 |
| | | |||||
| * | feat(badges): individual badges shadow hiding | Fuwn | 2024-05-20 | 1 | -0/+24 |
| | | |||||
| * | fix(badges): null check preferences | Fuwn | 2024-05-20 | 1 | -3/+6 |
| | | |||||
| * | feat(badges): move admin panel into owner panel | Fuwn | 2024-05-15 | 1 | -198/+203 |
| | | |||||
| * | feat(badges): allow dismiss notice | Fuwn | 2024-05-15 | 1 | -1/+14 |
| | | |||||
| * | refactor(badges): move badges display to component | Fuwn | 2024-05-13 | 1 | -98/+11 |
| | | |||||
| * | refactor(badges): move awc to component | Fuwn | 2024-05-13 | 1 | -104/+3 |
| | | |||||
| * | fix(badges): maintain pinned category order | Fuwn | 2024-05-05 | 1 | -6/+7 |
| | | |||||
| * | feat(badges): pinned categories | Fuwn | 2024-05-04 | 1 | -0/+10 |
| | | |||||
| * | feat(BadgePreview): navigate using badge side | Fuwn | 2024-05-02 | 1 | -1/+5 |
| | | |||||
| * | feat(badges): dropdown designers | Fuwn | 2024-05-01 | 1 | -10/+43 |
| | | |||||
| * | feat(badges): sort by time after grouping | Fuwn | 2024-04-30 | 1 | -1/+5 |
| | | |||||
| * | feat(badges): allow awc badges hiding | Fuwn | 2024-04-28 | 1 | -33/+35 |
| | | |||||
| * | fix(badges): awc badge tooltip | Fuwn | 2024-04-24 | 1 | -21/+13 |
| | | |||||