github dongdongbh/Mindwtr v0.6.16
on GitHub

10 hours ago

Mindwtr 0.6.16

Highlights

  • Security hardening for cloud sync attachments and auth handling (safer path decoding, symlink-safe writes, stricter bearer token validation, and improved route-level rate limit scoping).
  • Sync correctness and race-condition fixes across desktop, mobile, and core (re-entrant sync serialization, listener lifecycle safety, deterministic project ordering, and safer timestamp parsing in merge).
  • Mobile UX/performance upgrades (bulk action progress + restore flow, task list getItemLayout, task editor memoization, and stricter link attachment validation).
  • GTD workflow and UI improvements (multi-step inbox project checks, waiting-person filters, richer markdown rendering in task descriptions, and additional accessibility polish).

Security / Sync / Cloud

  • Hardened cloud attachment path normalization to block multi-encoded traversal variants.
  • Prevented TOCTOU write-window issues for cloud attachment writes using safer write flow and symlink checks.
  • Added bearer token format validation before lookup and tightened /v1/data rate-limit scoping.
  • Fixed desktop and mobile sync orchestration races and cleanup ordering for stability under rapid update events.
  • Improved core merge behavior for updatedAt edge cases and ignored purgedAt in content conflict diffing.

Mobile / Desktop

  • Added mobile bulk delete progress UI and restore action.
  • Improved mobile list performance with measured getItemLayout support and reduced large modal re-renders.
  • Improved keyboard/safe-area/task-edit stability across multiple mobile screens.
  • Added desktop quick-add error toast visibility and prompt confirmation validation for empty input.
  • Added missing accessibility labels for project/section actions.

Data Model / Refactor / Docs

  • Centralized default project/area color constants and removed scattered hardcoded defaults.
  • Shared duplicated reference-task clear logic in core store helpers.
  • Expanded wiki coverage for cloud deployment, MCP usage, performance guidance, and release-note discoverability.

Full Change List (since 0.6.15)

  • 6e99c7b test(desktop): stabilize re-entrant sync listener assertion
  • f9ea032 docs(wiki): link docker deployment from data and sync
  • 4932092 docs(wiki): add mcp server link to home toc
  • 2cf8894 refactor(theme): centralize default project color usage
  • 6bc5a76 test(desktop): relax re-entrant sync call count assertion
  • 7231549 refactor(core): share reference task clear logic
  • 679d228 docs: expand cloud, mcp, and release note guides
  • 1f6ac6b feat(mobile): add bulk action progress and restore option
  • 945b1c1 refactor(ui): replace hardcoded default project color
  • 3880b97 fix(sync): ignore purgedAt in conflict content diff
  • 44df2b9 fix(mobile): validate link attachment URLs
  • 48a85e2 fix(desktop): label add section action for a11y
  • 69f80c7 fix(desktop): disable prompt confirm for empty input
  • a8392e6 perf(mobile): hoist default context suggestions
  • 31c47f1 perf(mobile): add getItemLayout for task list
  • e01b599 fix(mobile): avoid reusing aborted retry signals
  • 75eb240 perf(mobile): memoize task edit modal component
  • 5ef0295 fix(desktop): show toast on quick-add project failure
  • 45a0f3d fix(core): handle empty updatedAt safely in merge
  • 5b87b8a fix(core): make project order allocation deterministic
  • 5c3e790 fix(mobile): guarantee sync listener cleanup
  • e007be1 fix(desktop): serialize re-entrant sync runs
  • 8a5eaee chore(release): bump cloud and mcp package versions
  • 719740b chore(version): align cloud and mcp package versions
  • c9538b9 fix(cloud): scope data rate limits per method
  • 464ebdd fix(cloud): validate bearer token format
  • a4dba4a fix(cloud): make attachment writes symlink-safe
  • 0b9fba1 fix(cloud): harden attachment path decoding
  • 436d564 fix(mobile): harden foss ai and update behavior
  • 108485b fix(mobile): improve iOS keyboard input visibility
  • 6143d9c fix(mobile): stabilize first-open task modal pager layout
  • d2586a3 fix(mobile): prevent over-scroll on keyboard focus
  • 02dcbbf fix(mobile): stabilize task edit pager after keyboard changes
  • 0057df2 fix(mobile): keep quick add controls above android keyboard
  • a906c73 ci(appstore): always push external testflight and auto-release
  • 9268245 feat(ai): require consent before enabling desktop assistant
  • e48cd1d fix(ci): export fastlane metadata dir in appstore workflows
  • b24d0f4 feat(desktop): expand list details metadata badges
  • 9b9e8cb fix(core): keep due unset for start-only recurrences
  • 26957f9 fix(mobile): respect bottom safe area in daily review
  • 519d183 chore(security): resolve bun and cargo audit findings
  • 04a6a0a fix(ios-review): require AI consent and clarify privacy policy
  • bc7346e docs(readme): add iOS roadmap items and community PR call
  • 49d8043 ci(linux): target ubuntu-20.04 and AppImageHub naming
  • 23b93b5 fix: loose equality to null on all 6 optional timestamp checks in validateAppData (#161)
  • e8f479a fix(ci): harden workflows and resolve edge-case regressions
  • c06b626 fix(inbox): prefill next action for project conversion
  • c9b1a5b fix(ui): portal confirm modal out of virtualized rows
  • 98688e2 fix(tests): satisfy Project type in inbox processor test
  • d29687b ci(release): automate AUR source package updates
  • a823b91 feat(inbox): add multi-step project check in processor
  • 25d1d86 fix(sync): improve mac file sync path handling
  • 22caeee docs(contributing): clarify external contribution workflow
  • c56e854 feat(waiting): add person filter for waiting tasks
  • b96d5a0 fix(tests): stabilize mobile ai-key loading and bun test globals
  • 80012c9 feat(desktop): allow area selection in inbox processing
  • 21cc375 docs(readme): restore top App Store badge and link formatting
  • 9919236 fix(desktop): resolve lint violations in review list and logging
  • 0c97e01 fix(sync): handle iOS temp inbox paths and align mac update/docs
  • a64c7c4 Merge pull request #151 from aaamaroq/feat/markdown-task-description
  • 2563849 feat(desktop): disable image rendering in task descriptions
  • c84c08f fix(mobile): make weekly review calendar step scrollable
  • fa6bd32 feat(attachments): add smart link labels
  • 6c9e25e fix(desktop): prevent clipped sidebar focus rings
  • 380813f fix(TaskItem): render markdown outside toggle button and fix syntax error
  • a93eeff Merge branch 'main' into feat/markdown-task-description
  • 9d474cf fix(mobile): allow custom AI model ids with suggestions
  • bbaac72 fix(desktop): allow custom AI model ids in settings
  • 919d25a fix(desktop): tune settings layout width and constraints
  • 380a26a fix(ci): resolve homebrew cask from tap without api cache
  • 6283f03 fix(ci): add manual homebrew bump and gate chocolatey publish
  • 0cb454a fix(ci): retry homebrew cask bump on tap conflict
  • 4138bba fix(update): prioritize install-source checks with github fallback
  • bb50c95 docs(roadmap): add obsidian deep-link integration item
  • 9890bbe docs(faq): clarify priority and estimated time toggle
  • b58b42d feat: implement rich markdown rendering for task descriptions
Check out latest releases or
releases around dongdongbh/Mindwtr v0.6.16

Don't miss a new Mindwtr release

NewReleases is sending notifications on new releases.

Get notifications