- Renamed `due_date` field on Task struct to `date` (Rust, TypeScript, all usages)
- Renamed `group_by_due_date` field on TaskList/ListMetadata to `group_by_date`
- Renamed `set_group_by_due_date`/`get_group_by_due_date` methods to `set_group_by_date`/`get_group_by_date` in repository, Tauri commands, and JS store
- Renamed `with_due_date()` builder method to `with_date()`
- Renamed `parse_due_date` CLI function to `parse_date`
- Updated UI text "Group by due date" → "Group by date" in TasksScreen.svelte kebab menu
- Renamed JS variables `dueDate`/`dueDateHasTime` → `date`/`dateHasTime` in NewTaskInput.svelte
- Updated all test names and assertions across models.rs and repository.rs
- Updated CLAUDE.md documentation to use "date" terminology consistently
Close kebab menu when toggling subtasks
When toggling the "show subtasks" option from the main panel kebab menu,
the menu remained open which could obscure UI and lead to unexpected
interactions. Ensure that opening/closing the subtasks list also closes
the kebab (showListMenu = false) so the menu is dismissed when the user
chooses to view subtasks.
can we animate opening and closing of the kebab menus? Also, lets move the "NO DATE" section when selecting Group By Date to the top of the list before OVERDUE
- app.css: added CSS @starting-style + display transition on .dropdown-menu for open/close scale+fade animation
- app.svelte.ts: moved "No Date" group to the top (before "Overdue") in groupedPendingTasks
Introduce a new Google Tasks workspace mode that performs a one-way,
read-only pull from the Google Tasks API into the local
FileSystemStorage format. This adds a Google Tasks client (token
refresh, paginated list fetching, stable UUID v5 mapping), desktop
PKCE+loopback OAuth flow (Android stub), credential storage, workspace
creation and sync commands, UI flows for sign-in/creation, and guards to
disable write operations for Google Tasks workspaces. Changes also
include Cargo dependency updates and exports to wire the new module into
the app.
Hide editing UI for Google Tasks workspaces
Make Google Tasks workspaces read-only by hiding editing controls and
the FAB when app.isGoogleTasks is true. This prevents rename,
delete-completed, and new-task actions in read-only Google Tasks
workspaces and adjusts menu options (Rename removed, Group by due date
and Show subtasks remain with proper toggles). The change clarifies the
UX for Google Tasks by disabling interaction where appropriate and
conditionally showing the FAB only for editable workspaces.
Add Google Tasks workspace (read-only)
Introduce Google Tasks as a third workspace mode to allow one-way,
read-only sync from the Google Tasks API into local FileSystemStorage.
This includes a new WorkspaceMode::GoogleTasks, workspace google_account
metadata, a GoogleTasks client and sync logic (with stable UUID v5 task
IDs), OAuth PKCE+loopback flow for desktop (Android uses a
credential-manager stub), UI changes to mark Google Tasks workspaces as
read-only and disable write operations, and commands to create and sync
Google Tasks workspaces. Dependency updates add sha2/sha1_smol/reqwest
for OAuth and API calls.
when I go to create a google tasks workspace, I see the content associated with creating a webdav workspace as part of the interface
- SetupScreen.svelte: fixed template structure where WebDAV branches lacked mode === "webdav" guards, causing them to render when mode === "googletasks"; folded Google Tasks steps into the main if/else chain and removed the separate Google Tasks {#if} block that was appending below the WebDAV content
The kebab menu and docs referred to a task "due date" but the field was
just a date; this change renames due_date/group_by_due_date and related
identifiers to date/group_by_date across Rust, TypeScript, Svelte, CLI,
docs and tests to keep terminology consistent. Updates include
API/command names, storage/models, repository methods, UI text, JS
variables and builder/parse functions so code, tests and documentation
all use "date" semantics.
Preserve old "group_by_due_date" field name
Add serde alias to ListMetadata.group_by_date so older .listdata.json
files that used the previous field name (group_by_due_date) can still be
deserialized correctly. This fixes serialization/deserialization issues
encountered at /home/trztn/Documents/Onyx and
/var/home/trztn/Nextcloud/Onyx.
the frontmatter due should be date... I don't want due anywhere
- Renamed `TaskFrontmatter.due` → `TaskFrontmatter.date`; YAML key on disk is now `date:` instead of `due:`
- Added `#[serde(alias = "due")]` so existing task files with `due:` frontmatter still deserialize correctly
- Updated google_tasks.rs to write `date:` instead of `due:` in generated YAML
- Renamed CLI `--due` flag to `--date`; updated function signature and display string "Due:" → "Date:"
Remove serde aliases and rename due→date
Drop backwards-compat aliases and update frontmatter/metadata to use the
canonical "date"/"group_by_date" fields. The aliases for
group_by_due_date and due were removed to avoid maintaining
backward-compatibility and to reflect the current schema. Updated
storage types to rename the fields and adjusted serialization attributes
so YAML/JSON frontmatter and .listdata.json files now use group_by_date
and date consistently.
Add grouping of pending tasks into Overdue/Today/Tomorrow/This
Week/Later/No Date buckets when the active list has group_by_due_date
enabled. This provides a grouped view in TasksScreen (section headers,
no drag-and-drop) and a new derived store groupedPendingTasks exported
from the app store to supply the UI. Dated groups are sorted by due_date
while the No Date group preserves the custom order.
Few changes: lets make the date chip red when in the overdue section. In all other sections, lets hide the date chip for individual tasks. Then, for the Later section, lets break that up into individual days.
- Replaced single "Later" group with per-day groups (e.g. "Mon, Apr 20"), each sorted by due_date
- Added `dateChipStyle` prop to TaskItem ("normal" | "overdue" | "hidden"), default "normal"
- Date chip is red (border-red-400 text-red-400) in "overdue" style, hidden in "hidden" style
- TasksScreen passes dateChipStyle="overdue" for Overdue group, "hidden" for all others
Fix date chips and include year in future group labels
Replace dynamic ternary class strings with explicit {#if} blocks for the
date chip so Tailwind v4's scanner picks up the classes and theme tokens
are respected. Use text-danger and border-danger for overdue chips and
proper border/token classes for non-overdue chips to fix the overdue
chip appearance and prevent chips from showing in sections that should
be hidden.
Also include the year in per-day group labels when the date is not in
the current year (e.g. "Mon, Apr 20, 2027") by passing the appropriate
Intl.DateTimeFormat options, so tasks scheduled in future years display
an unambiguous header.
yes (remove This Week, extend per-day grouping to everything beyond tomorrow)
- Removed "This Week" group entirely
- Everything beyond tomorrow now gets a per-day group label (same as what "Later" was doing), giving a consistent Overdue → Today → Tomorrow → [per-day] → No Date structure
Respect manual order within same-day groups
Ensure tasks that fall on the same day keep the user's manual ordering
by using a task_order index as a tiebreaker when sorting. Also add
drag-and-drop group tracking so drags and drops are confined to their
originating group and wire full DnD handlers into the grouped view.
- Use a taskOrderIndex map in sortByDue to break ties when due dates are equal so same-day tasks respect manual order.
- Add dragGroup state and record it on handleDragStart; ignore dragOver/drop events when the event group differs from the originating dragGroup to prevent cross-group drops.
- Reset dragGroup on drag end.
- Wrap grouped TaskItem entries with draggable divs and hook up dragstart/dragover/dragend/drop to match the flat view's DnD behavior.
Update drag-and-drop to set task due dates
Support dragging tasks between date-grouped columns by updating the
task's due_date to the target group's date (or clearing it when dropped
into No Date). Preserve the task's time-of-day when has_time is set,
block dropping into the computed Overdue group, and allow dragging out
of Overdue. Also add TaskGroup.date to the grouping data and expose a
showSubtaskCount prop and optional subtask rendering in the task list
UI.
fix null taskId error when reordering after cross-group drag
- Capture dragId and dragGroup into local variables at the top of handleDrop before any awaits — prevents the race where dragend fires during updateTask and nulls out dragId before reorderTask is called
Allow dragging tasks to update date groups
Add date handling to task groups so dragging a task into another group
updates its due_date. Introduce date: Date | null for TaskGroup (null
represents Overdue/No Date), update cross-group drops to set or clear a
task's due_date based on the target group while preserving time-of-day
for tasks with has_time, and keep within-group drops as reorders. Also
ensure Overdue remains a computed-only target (cannot drop into it)
while allowing dragging out.
Additionally, add GoogleTasks workspace support fields
(WorkspaceMode::GoogleTasks and an optional google_account) and include
the new field in WorkspaceConfig::new to initialize google_account to
None.
Add onyx theme as a new dark theme option. Register it in the dark
themes set, add the theme option to the settings dropdown, and define
complete color variables and scrollbar styling for the onyx theme.
Also improve sync error handling to gracefully skip upload and conflict
resolution actions when files are missing, preventing sync failures due
to files moved or deleted between action computation and execution.
Introduce a new sync interval configuration for when the app is
in the background, allowing users to set a longer sync period to
reduce resource usage. Replace the fixed focus threshold with
dynamic interval switching based on app focus state. Add
syncIntervalUnfocused setting to the UI with a new background
sync interval selector. Refactor sync interval management into
a restartSyncInterval function to handle both focused and
unfocused intervals consistently.
- CLAUDE.md: Fix drawer width unit (80vw -> 80cqi), clarify group-by-due-date
is toggle-only (sorting not yet implemented), clarify Phase 4 status
- PLAN.md: Fix conflict resolution label (last-write-wins -> remote wins),
add username to keyring key format, mark fallback credential storage as
not yet implemented
- sync.rs: Fix comment table to say "conflict" instead of "last-write-wins"
for both-modified and both-added cases (matches actual Conflict action)
- config.rs: Add temp file cleanup on atomic write rename failure to match
the pattern already used in storage.rs
https://claude.ai/code/session_01YWvxpzeT3hEUxD9aNvfNuL
Security:
- Fix path traversal via backslash bypass in sync validate_sync_path()
- Replace silent HTTP client fallback with proper error propagation
- Add 64KB YAML frontmatter size limit to prevent DoS via crafted files
Data integrity:
- Reorder delete operations: update metadata before removing files to
prevent orphaned metadata entries on crash
- Fix task deduplication to use file mtime as tiebreaker when versions
are equal, preventing non-deterministic data loss
- Add rollback on conflict recovery failure (remove orphaned duplicate
files when metadata update fails)
- Clean up temp files on atomic write rename failure
- Add file-based sync lock to prevent concurrent sync operations
- Use saturating_add for task version to prevent overflow
Error handling:
- Surface move_task rollback failures as structured errors instead of
silent warnings
- Log WebDAV parallel request failures instead of silently swallowing
- Emit watcher-error events to frontend instead of only printing to stderr
Frontend:
- Fix focus listener leak in auto-sync (clean up if stopAutoSync called
while promise pending)
- Add prefers-reduced-motion CSS media query for accessibility
- Add ARIA labels, roles, and keyboard handlers to TaskItem, BottomSheet,
and ConfirmDialog components
- Replace BottomSheet children: any with Snippet type
https://claude.ai/code/session_01AJoK28N4vqLqzskq6ybGri
- Replace 2 production unwrap() calls in workspace.rs with proper error
handling to prevent panics on inconsistent state
- Add AppState::save_config() helper to eliminate 11 duplicated
save_to_file patterns in Tauri lib.rs
- Log file watcher errors instead of silently swallowing them
- Harden path traversal check in storage.rs: re-verify after
canonicalization to catch symlink escapes
- Add Windows reserved device name handling (CON, NUL, etc.) to
sanitize_filename
- Clean up stale .tmp files from interrupted atomic writes on startup
All 107 core tests pass.
https://claude.ai/code/session_01EnSrQsowc64rAwzD9BnJpc
Remove created_at/updated_at from Task struct and frontmatter. Add a
version counter (u64) that increments on every write, defaults to 1 for
old files. list_tasks now groups by UUID and auto-deletes stale
duplicates (keeping highest version), preventing sync-induced dupes from
surfacing in the UI. has_time and parent are omitted from frontmatter
when false/null.
Update CLI, Tauri frontend types, and Svelte components to match.
Add a configurable per-workspace sync interval (sync_interval_secs) with
Tauri command set_sync_interval, UI dropdown in Settings, and store
support to restart auto-sync when changed. Remove the redundant
main-panel sync status chip and surface upload/download counts in the
drawer footer and Tasks screen. Fix the sync logic to record the remote
file's last_modified timestamp when downloading (instead of local mtime)
so subsequent diffs don’t falsely trigger downloads.
These changes were needed to allow users to control auto-sync frequency
per workspace, simplify the UI by moving sync counts to the drawer
footer, and correct a bug where downloads were always considered new
because the local file mtime was used instead of the authoritative
remote timestamp.
Rework sync conflict handling to stop using timestamp-based
last-write-wins and use a single Conflict action. The conflict handler
now downloads the remote file and compares SHA-256 checksums: identical
content is treated as a false conflict and skipped; when different, the
remote version wins and the local task file is recovered as a duplicate
with a new UUID and a "[RECOVERED FROM CONFLICT]" prefix. Duplicates are
inserted adjacent to the original in .listdata.json; non-task files
still use remote-wins without duplication. Removed local_wins() and its
tests, simplified action variants to a single Conflict, and updated
conflict-related tests and reporting accordingly.
Fix compute_sync_actions to properly treat the case where a file has
been deleted on the remote but remains unchanged locally: previously the
code always emitted an Upload (re-uploading the local copy). Now it
checks the base checksum and emits DeleteLocal when the local copy
matches the base (unchanged), and emits Upload only when the local copy
differs (modified).
Updated tests: adjusted test_remote_deleted_local_unchanged to assert
DeleteLocal, and added test_remote_deleted_local_modified to verify the
upload behavior when the local file is modified while remote was
deleted.
Add WebDAV MOVE support and update workspace rename flow to handle both
local and WebDAV-backed workspaces. The Tauri rename_workspace command
is made async and now performs filesystem rename for local workspaces
and issues a WebDAV MOVE (via a new WebDavClient::move_resource) for
remote workspaces, updating stored paths and credentials accordingly. A
confirmation dialog is added to SettingsScreen to prompt users before
renaming, and minor UI/default tweaks are included (SetupScreen default
name). This ensures renames update both local folders and remote WebDAV
folders reliably and with user confirmation.
Change workspace identifiers from display names to UUID strings so
multiple workspaces can share the same display name. WorkspaceConfig now
stores a name field; add_workspace returns a generated UUID. Update all
CLI, Tauri commands, frontend stores and screens, WebDAV managed
directories, and tests to use/resolve workspace IDs; add helpers
find_by_name/resolve_name to map display names to IDs when needed. This
removes duplicate-name checks, avoids filesystem conflicts, and
preserves display names while using stable unique IDs internally.
Rework WebDAV workspace setup to use .onyx-workspace.json instead of
.metadata.json and to let users pick a remote folder instead of forcing
an Onyx/ subfolder. This updates storage, sync, config types, tests, and
CLI/Tauri commands to store a webdav_path in WorkspaceConfig and to
combine webdav_url + webdav_path for sync.
Changes include:
- Rename .metadata.json → .onyx-workspace.json across storage, sync, and tests so workspace detection and root metadata use the new filename.
- Remove hardcoded automatic "Onyx/" subfolder in sync and use the user-selected remote path directly.
- Add webdav_path field to WorkspaceConfig (Rust and TypeScript types) and thread it through add_webdav_workspace and frontend addWebdavWorkspace.
- Add three Tauri commands (list_remote_folder, inspect_remote_workspace, create_remote_workspace) to support remote folder browsing, workspace preview, and remote workspace creation.
- Rewrite SetupScreen WebDAV flow to Connect → Browse (lazy folder explorer) → Preview or Create, and wire UI state/handlers to the new commands.
- Update CLAUDE.md to document the new on-disk filename and note development phase allowing breaking changes.
Full-stack workspace rename: renames folder on disk, updates config
key/path, refreshes frontend. Restructure settings screen with generic
'Workspace Settings' header, workspace name row with kebab menu
(Rename + Delete). Replace per-workspace kebab dropdown in workspace
list with a direct settings gear button. Remove Appearance heading
and border box from theme section. Clean up unused wsMenuName state.
- Use :: separator in scoped keyring keys to prevent ambiguity with
usernames containing dots (e.g. com.onyx.webdav.host::user)
- Auto-migrate legacy credentials to scoped format on load, removing
old unscoped entries after successful migration
- Add 10MB response size limit on PROPFIND to prevent memory exhaustion
from malicious servers (checks Content-Length header + actual body)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Handle Result from WebDavClient::new in CLI sync, core sync, and Tauri
- Unwrap Zeroizing<String> at Tauri serialization boundary
- Use .as_str() for basic_auth calls with Zeroizing<String> fields
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Enforce HTTPS for WebDAV URLs (reject http:// to prevent plaintext credentials)
- Replace String with Zeroizing<String> for credential fields and load_credentials return
- Remove manual Drop impl (Zeroizing handles zeroize-on-drop automatically)
- Scope keyring password entries by domain+username to prevent collisions
- Add migration fallback for legacy unscoped keyring entries
- Sanitize error messages to not leak keyring service patterns or env var names
- Add log warnings when falling back to env var credentials
- Add log dependency to onyx-core
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Introduces WorkspaceMode enum with local and webdav variants, plus a
theme field on WorkspaceConfig. Adds set_workspace_theme and
add_webdav_workspace Tauri commands. WebDAV workspaces auto-manage
local files in app data dir.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Back up local files before overwriting during ConflictRemoteWins so data
is never silently lost. Fix false-positive change detection by parsing
timestamps before comparing (different formats like RFC3339 vs HTTP date
were never equal as strings). Add zeroize crate to zero WebDAV credentials
in memory on drop, preventing exposure in core dumps.
Add rollback to move_task: if delete-from-source fails after write-to-
destination, clean up the duplicate. Reject list names with path separators
or '..' to prevent traversal; canonicalize() failures now return errors
instead of silently falling back to unchecked paths. Add validation and
rollback to CLI workspace migration: check destination is empty, track
moved files, and reverse on failure.
This crate references a non-existent bevy-tasks-core dependency and is
an artifact from the project's predecessor. It is not in the workspace
members list and cannot compile.
Restrict is_syncable() to validate path depth: .md files and .listdata.json
must be at depth 2 (inside list dirs), .metadata.json only at depth 1 (root).
Prevents syncing arbitrary files at unexpected depths. Back up corrupted
sync queue files before resetting, and log warnings on parse failures
instead of silently dropping queued operations.
Replace .expect() in config path resolution with a fallback default.
Replace all .lock().unwrap() on Tauri AppState mutex with a helper that
converts poisoned locks into error strings. Replace .expect() on Android
app data dir with proper error propagation. Handle LAST_WRITE and WATCHER
global mutex locks gracefully. Propagate subtask cascade delete errors
instead of silently ignoring them.
Validate that resolved list paths stay within the workspace root to prevent
directory traversal via malicious list names. Enable Content Security Policy
in Tauri config instead of leaving it null. Fix CLI domain extraction to
strip userinfo (user:pass@) from URLs before using as keyring service name.
Make keyring optional behind keyring-storage feature in onyx-core.
Make notify/notify-debouncer-mini optional behind desktop feature in Tauri.
Gate all file watcher code behind #[cfg(not(target_os = "android"))].
Provide env-var-only credential fallbacks when keyring is disabled.
Replace the hours==0 && minutes==0 heuristic with an explicit has_time
bool field on Task. Existing files without the field deserialize as false
(date-only), preserving current behavior. Frontend components pass and
receive has_time through DateTimePicker's onchange callback.
Add TaskRepository::move_task() to move tasks between lists and
rename_list() to rename lists on the filesystem. Adds rename_list
to the Storage trait with FileSystemStorage implementation.
Includes tests for both operations plus duplicate-name error case.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add header(), detail(), item(), blank() functions to output.rs
- Replace all raw println!() calls with output::* equivalents
- Fix {:?} debug format for paths — use .display() for clean output
- Extract print_tasks() helper to deduplicate task display logic
- Consistent formatting: info for empty states, item for list entries
- Replace redundant closures with function references (webdav.rs, sync.rs)
- Use is_some_and instead of map_or(false, ...) (sync.rs)
- Use map instead of and_then(|x| Some(...)) (sync.rs)
- Use if-let instead of single-arm match (webdav.rs)
Replace illegal filesystem characters (/ \ : * ? " < > |) and control
characters with underscores. Fall back to task ID as filename if the
sanitized title is empty.
- Add GPL-3.0 LICENSE file
- Update README with current project status (all 3 phases), fix structure
- Update PLAN.md Phase 2 API signatures to match actual implementation
- Add WebDAV & Sync section to docs/API.md
- Update docs/DEVELOPMENT.md with Tauri app structure and setup
- Add metadata (description, license, repository) to all Cargo.toml files
- Update .gitignore with node_modules, .env, dist, build entries
- Remove stale Cargo.lock from .gitignore (apps should track it)
- Update example dates from 2025 to 2026 across all docs
- Update CLAUDE.md date to 2026-03-30
- Remove Flutter app and egui placeholder crate, commit to Tauri as sole GUI
- Update PLAN.md to replace egui with Tauri across all phases (v4.0)
- Redesign task screen: sliding drawer for list picker, floating FAB for new tasks,
bottom sheet toast for task creation with title + description fields
- Add description support to create_task Tauri command
- Lighten dark theme to GNOME-style neutral grays, shift primary to cyan-blue
- Fix Wayland compatibility (dev port change)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Tristan Michael