write_task used plain fs::write for the .md payload even though every
other write path in this module (metadata files, sync state, offline
queue, config) uses atomic_write. A crash mid-write left a truncated
.md file whose malformed YAML frontmatter then failed list_tasks for
the entire list. Route through atomic_write so a failed write either
leaves the old file intact or produces the full new file.
storage.rs and google_tasks.rs had near-identical sanitize_filename
implementations. Extract the shared logic to a crate-level function
so both modules reuse it. The google_tasks version also gains Windows
reserved device name handling it previously lacked.
https://claude.ai/code/session_013ooJht2HrZUTXgNJFU79cV
- Fix debouncedSave in TaskDetailView losing edits when title and
description are changed within 400ms (shared timer only saved the
last-changed field)
- Return errors from Tauri commands when workspace ID doesn't exist
instead of silently succeeding (set_webdav_config, set_workspace_theme,
set_sync_interval, set_sync_interval_unfocused)
- Remove duplicate atomic_write_bytes in google_tasks.rs; reuse
pub(crate) atomic_write from storage.rs
- Fix failing test using wrong frontmatter field name (due → date)
- Add Audit.md log
https://claude.ai/code/session_0186pnnUJxj2uv1KhHjWoAGA
- Renamed `TaskFrontmatter.due` → `TaskFrontmatter.date`; YAML key on disk is now `date:` instead of `due:`
- Added `#[serde(alias = "due")]` so existing task files with `due:` frontmatter still deserialize correctly
- Updated google_tasks.rs to write `date:` instead of `due:` in generated YAML
- Renamed CLI `--due` flag to `--date`; updated function signature and display string "Due:" → "Date:"
- Renamed `due_date` field on Task struct to `date` (Rust, TypeScript, all usages)
- Renamed `group_by_due_date` field on TaskList/ListMetadata to `group_by_date`
- Renamed `set_group_by_due_date`/`get_group_by_due_date` methods to `set_group_by_date`/`get_group_by_date` in repository, Tauri commands, and JS store
- Renamed `with_due_date()` builder method to `with_date()`
- Renamed `parse_due_date` CLI function to `parse_date`
- Updated UI text "Group by due date" → "Group by date" in TasksScreen.svelte kebab menu
- Renamed JS variables `dueDate`/`dueDateHasTime` → `date`/`dateHasTime` in NewTaskInput.svelte
- Updated all test names and assertions across models.rs and repository.rs
- Updated CLAUDE.md documentation to use "date" terminology consistently
Close kebab menu when toggling subtasks
When toggling the "show subtasks" option from the main panel kebab menu,
the menu remained open which could obscure UI and lead to unexpected
interactions. Ensure that opening/closing the subtasks list also closes
the kebab (showListMenu = false) so the menu is dismissed when the user
chooses to view subtasks.
can we animate opening and closing of the kebab menus? Also, lets move the "NO DATE" section when selecting Group By Date to the top of the list before OVERDUE
- app.css: added CSS @starting-style + display transition on .dropdown-menu for open/close scale+fade animation
- app.svelte.ts: moved "No Date" group to the top (before "Overdue") in groupedPendingTasks
The kebab menu and docs referred to a task "due date" but the field was
just a date; this change renames due_date/group_by_due_date and related
identifiers to date/group_by_date across Rust, TypeScript, Svelte, CLI,
docs and tests to keep terminology consistent. Updates include
API/command names, storage/models, repository methods, UI text, JS
variables and builder/parse functions so code, tests and documentation
all use "date" semantics.
Preserve old "group_by_due_date" field name
Add serde alias to ListMetadata.group_by_date so older .listdata.json
files that used the previous field name (group_by_due_date) can still be
deserialized correctly. This fixes serialization/deserialization issues
encountered at /home/trztn/Documents/Onyx and
/var/home/trztn/Nextcloud/Onyx.
the frontmatter due should be date... I don't want due anywhere
- Renamed `TaskFrontmatter.due` → `TaskFrontmatter.date`; YAML key on disk is now `date:` instead of `due:`
- Added `#[serde(alias = "due")]` so existing task files with `due:` frontmatter still deserialize correctly
- Updated google_tasks.rs to write `date:` instead of `due:` in generated YAML
- Renamed CLI `--due` flag to `--date`; updated function signature and display string "Due:" → "Date:"
Remove serde aliases and rename due→date
Drop backwards-compat aliases and update frontmatter/metadata to use the
canonical "date"/"group_by_date" fields. The aliases for
group_by_due_date and due were removed to avoid maintaining
backward-compatibility and to reflect the current schema. Updated
storage types to rename the fields and adjusted serialization attributes
so YAML/JSON frontmatter and .listdata.json files now use group_by_date
and date consistently.
Security:
- Fix path traversal via backslash bypass in sync validate_sync_path()
- Replace silent HTTP client fallback with proper error propagation
- Add 64KB YAML frontmatter size limit to prevent DoS via crafted files
Data integrity:
- Reorder delete operations: update metadata before removing files to
prevent orphaned metadata entries on crash
- Fix task deduplication to use file mtime as tiebreaker when versions
are equal, preventing non-deterministic data loss
- Add rollback on conflict recovery failure (remove orphaned duplicate
files when metadata update fails)
- Clean up temp files on atomic write rename failure
- Add file-based sync lock to prevent concurrent sync operations
- Use saturating_add for task version to prevent overflow
Error handling:
- Surface move_task rollback failures as structured errors instead of
silent warnings
- Log WebDAV parallel request failures instead of silently swallowing
- Emit watcher-error events to frontend instead of only printing to stderr
Frontend:
- Fix focus listener leak in auto-sync (clean up if stopAutoSync called
while promise pending)
- Add prefers-reduced-motion CSS media query for accessibility
- Add ARIA labels, roles, and keyboard handlers to TaskItem, BottomSheet,
and ConfirmDialog components
- Replace BottomSheet children: any with Snippet type
https://claude.ai/code/session_01AJoK28N4vqLqzskq6ybGri
- Replace 2 production unwrap() calls in workspace.rs with proper error
handling to prevent panics on inconsistent state
- Add AppState::save_config() helper to eliminate 11 duplicated
save_to_file patterns in Tauri lib.rs
- Log file watcher errors instead of silently swallowing them
- Harden path traversal check in storage.rs: re-verify after
canonicalization to catch symlink escapes
- Add Windows reserved device name handling (CON, NUL, etc.) to
sanitize_filename
- Clean up stale .tmp files from interrupted atomic writes on startup
All 107 core tests pass.
https://claude.ai/code/session_01EnSrQsowc64rAwzD9BnJpc
Remove created_at/updated_at from Task struct and frontmatter. Add a
version counter (u64) that increments on every write, defaults to 1 for
old files. list_tasks now groups by UUID and auto-deletes stale
duplicates (keeping highest version), preventing sync-induced dupes from
surfacing in the UI. has_time and parent are omitted from frontmatter
when false/null.
Update CLI, Tauri frontend types, and Svelte components to match.
Rework WebDAV workspace setup to use .onyx-workspace.json instead of
.metadata.json and to let users pick a remote folder instead of forcing
an Onyx/ subfolder. This updates storage, sync, config types, tests, and
CLI/Tauri commands to store a webdav_path in WorkspaceConfig and to
combine webdav_url + webdav_path for sync.
Changes include:
- Rename .metadata.json → .onyx-workspace.json across storage, sync, and tests so workspace detection and root metadata use the new filename.
- Remove hardcoded automatic "Onyx/" subfolder in sync and use the user-selected remote path directly.
- Add webdav_path field to WorkspaceConfig (Rust and TypeScript types) and thread it through add_webdav_workspace and frontend addWebdavWorkspace.
- Add three Tauri commands (list_remote_folder, inspect_remote_workspace, create_remote_workspace) to support remote folder browsing, workspace preview, and remote workspace creation.
- Rewrite SetupScreen WebDAV flow to Connect → Browse (lazy folder explorer) → Preview or Create, and wire UI state/handlers to the new commands.
- Update CLAUDE.md to document the new on-disk filename and note development phase allowing breaking changes.
Add rollback to move_task: if delete-from-source fails after write-to-
destination, clean up the duplicate. Reject list names with path separators
or '..' to prevent traversal; canonicalize() failures now return errors
instead of silently falling back to unchecked paths. Add validation and
rollback to CLI workspace migration: check destination is empty, track
moved files, and reverse on failure.
Validate that resolved list paths stay within the workspace root to prevent
directory traversal via malicious list names. Enable Content Security Policy
in Tauri config instead of leaving it null. Fix CLI domain extraction to
strip userinfo (user:pass@) from URLs before using as keyring service name.
Replace the hours==0 && minutes==0 heuristic with an explicit has_time
bool field on Task. Existing files without the field deserialize as false
(date-only), preserving current behavior. Frontend components pass and
receive has_time through DateTimePicker's onchange callback.
Add TaskRepository::move_task() to move tasks between lists and
rename_list() to rename lists on the filesystem. Adds rename_list
to the Storage trait with FileSystemStorage implementation.
Includes tests for both operations plus duplicate-name error case.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Tristan Michael