aboutsummaryrefslogtreecommitdiff
path: root/src/routes
Commit message (Collapse)AuthorAgeFilesLines
* feat(a11y): respect prefers-reduced-motionFuwn25 hours1-2/+4
| | | | | | | Add a global reduced-motion media query that collapses animation and transition durations and disables smooth scroll. Skip Lenis init when the same preference is set so the JS-driven smooth scroll falls back to the browser default, which the spec already honours.
* refactor(motion): introduce easing/duration tokensFuwn8 days1-4/+4
| | | | Add --ease-out-quart, --ease-in-out-quart, --duration-fast, --duration-slow in motion.css and migrate the global anchor, header, and theme-switch transitions to use them. Establishes a shared motion vocabulary for future polish.
* style(header): soften hide/show curve with ease-out-quartFuwn8 days1-1/+1
| | | | Replace transform 0.3s ease with 0.4s cubic-bezier(0.22, 1, 0.36, 1) so the header settles instead of snapping, pairing with Lenis-smoothed scroll.
* style(anchor): narrow global anchor transition to color/opacityFuwn8 days1-1/+4
| | | | Replace transition: all with explicit color, opacity, and text-decoration-color so unrelated property changes (transform, background) do not get incidentally tweened.
* fix(scroll): route LandingHero scroll-down through LenisFuwn8 days1-0/+5
| | | | Lenis disables native CSS smooth scroll, so window.scrollTo({behavior:"smooth"}) jumps instantly. Expose the Lenis instance via a store and scroll through it, falling back to native when unavailable.
* feat(scroll): add global smooth scrolling via LenisFuwn8 days1-0/+7
|
* feat(command-palette): add quick toggles, sync, and auth actionsFuwn2026-04-261-1/+12
| | | | | | | | Adds 13 reactive quick toggles (24h time, animations, blur adult, cover modes, hover cover, schedule list, reverse sort, data saver, notifications, language, title format cycle, outbound link target cycle), three sync actions (push/pull/disable), and login/logout entries gated on auth state. Names reflect current state so the palette doubles as a status surface.
* Revert "fix(api): drop unused redirect query param from oauth refresh"Fuwn2026-04-181-1/+3
| | | | This reverts commit 13226aaeb7c4dc1ce01074ef1ba1eeb87b53d5f5.
* fix(api): await setShadowHidden in badges PUTFuwn2026-04-181-1/+4
| | | | | | | setShadowHidden is async and hits Supabase. The PUT handler called it without await, so the handler could respond before the database write landed (and any error was silently lost). Add the missing await so the response only goes out after the update settles.
* fix(api): drop unused redirect query param from oauth refreshFuwn2026-04-181-3/+1
| | | | | | | | | | | | The refresh endpoint accepted a ?redirect query param and, when present, called redirect(303, "/") instead of returning the refreshed token as JSON. The target was hardcoded to "/" regardless of the param's value, so the feature was dead — and the pattern of reading a "redirect" param invited future open-redirect bugs if someone wired the value through to redirect() directly. The sole in-tree caller (feeds/activity-notifications) reads the JSON response, so always return JSON and drop the redirect import.
* fix(api): gate badge click-count on Origin and fix 401 response reuseFuwn2026-04-181-9/+11
| | | | | | | | | | | | | The PUT ?incrementClickCount path ran before any auth guard, letting unauthenticated callers spam-increment arbitrary badges. Require the request Origin to match appOrigin() so legitimate in-browser clicks (authenticated or not) still count while direct scripted calls are rejected. Also convert the shared `unauthorised` Response singleton into a factory. The singleton's body was consumed on first use, so subsequent 401 paths returned a `Response body is locked` error instead of the intended "Unauthorised" body.
* fix(api): encode subsplease timezone to prevent query-param injectionFuwn2026-04-181-5/+6
| | | | | | | The `tz` query value was interpolated raw into the upstream URL, letting callers append arbitrary query segments (e.g. `tz=foo&f=hax`). Wrap the value in encodeURIComponent and rename the local variable away from the banned `tz` abbreviation.
* fix(ui): balance homepage media panelsFuwn2026-04-121-62/+220
|
* revert(ui): remove april fools executive modeFuwn2026-04-023-99/+22
|
* fix(ui): tune april fools notification copyFuwn2026-04-011-1/+1
|
* fix(ui): simplify april fools controlsFuwn2026-04-011-15/+52
|
* feat(ui): add april fools executive modeFuwn2026-04-013-22/+62
|
* fix(badges): hide outbound link noticeFuwn2026-04-011-1/+1
|
* fix(state): restore persisted list UI stateFuwn2026-03-282-4/+6
|
* fix(cache): preserve hydrated client stateFuwn2026-03-281-1/+2
|
* fix(auth): ignore malformed user cookiesFuwn2026-03-286-24/+54
|
* fix(api): keep preferences publicly readableFuwn2026-03-271-4/+1
|
* fix(profile): restore owner controls for new accountsFuwn2026-03-272-21/+41
|
* refactor(supabase): move app access to service roleFuwn2026-03-272-40/+56
|
* fix(actions): resolve quality and trigger deploy driftFuwn2026-03-221-6/+8
|
* perf: lazy-load authenticated list surfacesFuwn2026-03-222-25/+145
|
* refactor: centralise site origin usageFuwn2026-03-2211-61/+44
|
* refactor(effect): add request body schema decoders to api routesFuwn2026-03-034-5/+36
|
* refactor(effect): migrate api auth cookie decodingFuwn2026-03-034-57/+18
|
* refactor(effect): migrate core auth decode boundariesFuwn2026-03-032-18/+6
|
* chore(cleanup): remove stale eslint directivesFuwn2026-03-012-3/+0
|
* chore(biome): drop formatter style overridesFuwn2026-03-0153-1463/+1597
|
* chore(biome): re-enable noImplicitAnyLet ruleFuwn2026-03-0111-11/+22
|
* chore(biome): enable svelte lintingFuwn2026-03-012-3/+3
|
* chore(biome): enable svelte formattingFuwn2026-03-0121-955/+954
|
* chore(biome): re-enable noDoubleEquals ruleFuwn2026-03-011-1/+1
|
* chore(types): decouple app code from fragile generated route typesFuwn2026-03-011-1/+1
|
* perf: optimise list hot paths and shared timersFuwn2026-03-013-9/+9
|
* fix: Resolve all ESLint errors and warningsFuwn2026-01-298-12/+12
|
* feat(Landing): Update to match LandingHeroFuwn2026-01-281-5/+1
|
* feat: Add hero for landing and welcome pageFuwn2026-01-272-0/+11
|
* feat(+layout.svelte): Add Web AnalyticsFuwn2026-01-261-0/+3
|
* fix: Add null guards and improve error messaging for user lookupsFuwn2026-01-234-6/+27
|
* fix: Resolve unused imports, dead code, and type definitionsFuwn2026-01-231-1/+0
|
* refactor: Migrate event handlers to new Svelte 5 syntaxFuwn2026-01-2310-39/+39
|
* refactor(layout): Replace empty p elements with reusable Spacer componentFuwn2026-01-2312-39/+51
|
* fix(html): Replace self-closing non-void HTML elements with proper closing tagsFuwn2026-01-2311-38/+38
|
* fix(notifications): Replace svelte-notifications with custom store for Svelte 5Fuwn2026-01-221-4/+3
|
* format: Apply Prettier formattingFuwn2026-01-221-7/+21
|
* deps(svelte): Migrate to Svelte 5 with compatibility modeFuwn2026-01-221-3/+8
|
generated by cgit v1.2.3 (git 2.25.1) at 2026-05-16 09:35:53 +0000