Go to file

saravanakumardb1 3c4d46f3ad fix(web): resolve the 5 actionable React-compiler lint advisories Web lint warnings reduced from 20 → 15 by fixing the categories that flag real architectural smells rather than the canonical fetch-on-mount setState pattern. Real fixes: 1. web/src/lib/use-theme.ts — replace useEffect + setState mount-sync pattern with React.useSyncExternalStore. The hook now subscribes to browser storage events, returns a stable snapshot for SSR, and uses a manual storage-event dispatch so same-document setters refresh correctly. Eliminates the cascading-render advisory and gains free cross-tab theme sync. 2. web/src/lib/use-keyboard-shortcuts.ts — move ref assignment from render time into a useEffect. Fixes the 'Cannot access refs during render' advisory without behavior change. 3. web/src/components/NoteEditor.tsx — move onSaveRef.current = onSave from render time into a useEffect for the same reason. 4. web/src/app/(app)/reviews/page.tsx — wrap handleDecision and handleBatchDecision in useCallback so the useEffect that depends on them no longer re-subscribes the keydown listener on every render. Fixes both react-hooks/exhaustive-deps warnings and the underlying perf bug they pointed at. 5. web/src/app/(app)/prompts/page.tsx — wrap loadTemplates in useCallback declared before the useEffect that calls it. Fixes the 'Cannot access variable before it is declared' advisory. Remaining 15 warnings are React-compiler runtime hints about fetchData().then(setData) patterns inside useEffect, which is the canonical fetch-on-mount pattern shown in React's own docs. Resolving them properly requires Suspense + use() or risky startTransition wraps; both are out of scope and tracked under future tech debt. Verified: - pnpm --filter @notelett/web run typecheck: passes - pnpm --filter @notelett/web run lint: 0 errors, 15 warnings (down 5) - pnpm run verify: backend 380/380, web 96/96, mobile 97/97		2026-05-23 00:20:02 -07:00
.gitea/workflows	ci: fix YAML formatting — normalize blank lines	2026-03-29 11:04:16 -07:00
.github	feat(ci): one-way UI drift ratchet to prevent regressions	2026-05-23 00:13:50 -07:00
.husky	chore: add Husky pre-commit hooks + secret-scan scripts	2026-03-27 23:07:30 -07:00
backend	feat(backend): emit task.created + workspace.created events; add share revocation regression test	2026-05-22 23:23:08 -07:00
docs	feat(ci): one-way UI drift ratchet to prevent regressions	2026-05-23 00:13:50 -07:00
mobile	test(mobile): verify platform lifecycle clients	2026-05-05 13:02:14 -07:00
scripts	feat(ci): one-way UI drift ratchet to prevent regressions	2026-05-23 00:13:50 -07:00
shared	fix: normalize product.json + replace --ml-* with --nl-* CSS namespace	2026-03-21 20:20:40 -07:00
web	fix(web): resolve the 5 actionable React-compiler lint advisories	2026-05-23 00:20:02 -07:00
.aider.conf.yml	chore(docs): regenerate AI agent config files	2026-03-10 22:56:39 -07:00
.clinerules	chore(docs): regenerate AI agent config files	2026-03-10 22:56:39 -07:00
.cursorrules	chore(docs): regenerate AI agent config files	2026-03-10 22:56:39 -07:00
.dockerignore	feat(repo): migrate notelett workspace to pnpm	2026-03-22 15:50:54 -07:00
.editorconfig	chore(docs): regenerate AI agent config files	2026-03-10 22:56:39 -07:00
.gitignore	chore: gitignore .docker-deps/ directory	2026-04-13 14:36:43 -07:00
.npmrc	feat(ux): add UX testing setup guide and common platform integration	2026-05-09 22:09:43 +00:00
.npmrc.docker	fix: Update docker configuration for production deployment	2026-05-12 08:20:12 +00:00
.nvmrc	chore: add .nvmrc pinning Node 22	2026-03-29 10:48:30 -07:00
.pnpmfile.cjs	fix(workspace): canonicalize common-plat path to ../learning_ai_common_plat	2026-05-22 15:08:30 -07:00
.windsurfrules	chore(docs): regenerate AI agent config files	2026-03-10 22:56:39 -07:00
AGENTS.md	docs(cleanup): move historical roadmaps to docs/archive/ and update AGENTS.md	2026-05-22 23:23:50 -07:00
CLAUDE.md	feat(repo): migrate notelett workspace to pnpm	2026-03-22 15:50:54 -07:00
docker-compose.yml	fix: Update docker configuration for production deployment	2026-05-12 08:20:12 +00:00
package.json	feat(ci): one-way UI drift ratchet to prevent regressions	2026-05-23 00:13:50 -07:00
pnpm-lock.yaml	fix(workspace): pin React and React-DOM to a single version via pnpm overrides	2026-05-23 00:05:31 -07:00
pnpm-workspace.yaml	fix(workspace): canonicalize common-plat path to ../learning_ai_common_plat	2026-05-22 15:08:30 -07:00
README.md	docs(sprint-a): record build restoration and refreshed sprint plan	2026-05-22 15:08:42 -07:00

README.md

NoteLett

Structured notes platform for humans and AI agents — part of the ByteLyst ecosystem.

Quick Start

Prerequisites:

pnpm 10.6.5
sibling common-platform checkout at ../learning_ai_common_plat (override with BYTELYST_COMMON_PLAT_ROOT if your layout differs)
optional local ByteLyst services from common platform:
- platform-service on port 4003 for auth, flags, telemetry, diagnostics, billing, and blob
- extraction-service on port 4005 for URL/task extraction
- mcp-server on port 4007 for agent tooling

# Install against the local common-platform workspace packages.
pnpm run install:common-plat --frozen-lockfile

# Registry fallback when explicitly needed.
source ~/.zshrc
pnpm run install:gitea --frozen-lockfile

# Backend in local memory mode (port 4016)
DB_PROVIDER=memory JWT_SECRET=dev-secret-do-not-use-in-prod \
pnpm --filter @notelett/backend run dev

# Web (port 3000)
pnpm --filter @notelett/web run dev

# Mobile
pnpm --filter @notelett/mobile run start

Auth is expected to come from platform-service. Local development can use the repo's dev/test helpers and memory datastore, but production must use real platform auth, Cosmos, and encryption configuration.

Docker path:

docker compose build
docker compose up -d
curl -sf http://localhost:4016/health
curl -sf http://localhost:4016/api/bootstrap

Local production-readiness smoke:

pnpm run smoke:local

# Use an already-running backend or skip shared service checks when isolating product behavior.
SMOKE_START_BACKEND=0 pnpm run smoke:local -- --no-start
pnpm run smoke:local -- --skip-platform

# Docker compose build/start/health smoke
pnpm run smoke:compose

Architecture

Surface	Stack	Port
Backend	Fastify 5 + TypeScript ESM	4016
Web	Next.js 16 + React 19	3000
Mobile	Expo + React Native	8081
Platform	platform-service (shared)	4003
Extraction	extraction-service (shared)	4005
MCP	mcp-server (shared)	4007

Architecture Boundaries

NoteLett keeps product-local domain behavior in this repo: note/workspace CRUD, relationships, tasks, artifacts, agent action audit trails, saved views, prompt templates/runners, intake rules/jobs, note sharing/collaboration, version history, Palace memory/KG UX, and all NoteLett-specific web/mobile workflows.

Common-platform responsibilities come from ../learning_ai/learning_ai_common_plat: auth/session primitives, API clients, datastore/Cosmos abstractions, shared error/config/logging conventions, telemetry, diagnostics, feature flags, kill switch, blob access, extraction-service clients, design tokens, shared UI primitives where appropriate, MCP server integration, webhook dispatch, encryption helpers, and cross-repo automation scripts.

Package resolution defaults to local common-platform packages through .pnpmfile.cjs (BYTELYST_PACKAGE_SOURCE=common-plat). Use pnpm run install:common-plat for local development and pnpm run install:gitea only when you intentionally want registry versions. Override the local checkout with BYTELYST_COMMON_PLAT_ROOT=/path/to/learning_ai_common_plat.

Do not move NoteLett-specific notes logic into common platform unless another product has a concrete reuse need. Do not create repo-local substitutes for platform concerns already covered by @bytelyst/* packages or platform services.

Key Features

Backend modules: notes, workspaces, relationships, tasks, artifacts, agent actions, saved views, Smart Actions, intake, collaborators, shares, versions, Palace, and ecosystem import routes
8 MCP tools: list, get, search, create_draft, update, link_notes, extract_tasks, attach_artifact
Smart Actions: 20 built-in prompt templates, copilot text transforms, scheduler, webhooks, URL extraction
Intake and Palace: URL/text intake jobs, intake rules, MemPalace memory/search/KG/wake-up routes
Agent audit trail: every write tool records agent action history
Datastore abstraction: Cosmos DB in production, in-memory for tests
Platform integrations: auth (JWT), telemetry, diagnostics, feature flags, kill-switch, blob storage
LLM integration: @bytelyst/llm with retry, timeout, and fallback heuristics

Environment

Copy backend/.env.example to backend/.env and web/.env.example to web/.env.local as needed.

Local memory mode:

NODE_ENV=development
DB_PROVIDER=memory
JWT_SECRET=dev-secret-do-not-use-in-prod
LLM_PROVIDER=mock
shared service URLs can point at local common-platform ports or remain disabled for isolated backend tests

Production requirements:

NODE_ENV=production
strong JWT_SECRET shared with platform-service or the production auth verification mechanism
DB_PROVIDER=cosmos
COSMOS_ENDPOINT, COSMOS_KEY, and COSMOS_DATABASE
FIELD_ENCRYPT_ENABLED=true with FIELD_ENCRYPT_KEY_PROVIDER=akv or a managed key provider and required key material
PLATFORM_SERVICE_URL, EXTRACTION_SERVICE_URL, and MCP_SERVER_URL
NEXT_PUBLIC_MCP_SERVER_URL=http://localhost:4007/api for local web settings/agent guidance
TELEMETRY_ENABLED=true and FEATURE_FLAGS_ENABLED=true when platform services are available
LLM_PROVIDER plus provider credentials (OPENAI_API_KEY or Azure OpenAI settings) for non-mock AI behavior

The May 5 production-readiness pass hardened production config to fail closed on unsafe defaults; see docs/PRODUCTION_READINESS_HANDOFF_ROADMAP.md.

Tests

pnpm --filter @notelett/backend run typecheck
pnpm --filter @notelett/backend run test
pnpm --filter @notelett/backend run lint
pnpm --filter @notelett/web run typecheck
pnpm --filter @notelett/web run test
pnpm --filter @notelett/web run lint
pnpm --filter @notelett/web run test:e2e
pnpm --filter @notelett/mobile run typecheck
pnpm --filter @notelett/mobile run test
pnpm --filter @notelett/mobile run lint
pnpm run verify

Current May 5 production-readiness status:

pnpm run verify passes backend/web/mobile typecheck and tests, plus backend/web production builds.
backend, web, and mobile lint commands exit 0 with tracked advisory warnings.
web Playwright release flows pass.
release-guard audits pass common-platform secret scan, hardcoded color/token checks, and active product/API drift checks.
Docker compose smoke and live shared-service smoke are explicit environment deferrals on this host because Docker is unavailable and platform-service/extraction-service/mcp-server are not running with Cosmos credentials.

See docs/PRODUCTION_READINESS_HANDOFF_ROADMAP.md Phase P10 for exact commands, commit hashes, warnings, and deferral notes.

Docs

AGENTS.md — AI agent onboarding guide
docs/PRD.md — Product requirements
docs/ROADMAP.md — Master execution tracker
docs/PRODUCTION_READINESS_HANDOFF_ROADMAP.md — Active production-readiness checklist
docs/PLATFORM_SMOKE_CHECKS.md — Shared platform and NoteLett smoke commands
docs/MOBILE_PRODUCTION_BUILD_AND_SMOKE.md — Expo build notes and iOS/Android smoke checklist
docs/RELEASE_CHECKLIST.md — Release notes template, deploy checklist, rollback, migrations, and monitoring placeholders
docs/COSMOS_DATA_OPERATIONS.md — Cosmos containers, indexes, retention, and backup/restore approach
docs/SEED_BOOTSTRAP_STRATEGY.md — Built-in prompt, intake rule, onboarding workspace, and feature-flag bootstrap strategy
docs/DATA_MIGRATION_AND_BACKFILL_PLAN.md — Encrypted-field, schema-change, and backfill migration plan
docs/TELEMETRY_AND_DIAGNOSTICS_TAXONOMY.md — Event taxonomy and diagnostic breadcrumb contract
docs/OPERATOR_RUNBOOK.md — Incident triage and recovery steps for dependencies, scheduler/webhooks, blob, LLM/extraction, reviews, and MCP
docs/UI_UX_PLATFORM_CORE_ROADMAP.md — UI/UX migration plan for moving reusable components into common-platform core UI while keeping a thin NoteLett adapter