Verhindert DatabaseLockError beim Neustart wenn flintlock durch harten Abbruch liegen bleibt.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Backend: neue Routen POST /api/upload + GET /api/upload/{jobID}/progress (nur Auth, kein Admin)
- api.ts: uploadMailFilesUser + getUploadProgressUser für /api/upload
- search/page.tsx: Importieren-Button + Upload-Dialog mit Drag-and-Drop, Fortschrittsanzeige und automatischer Suchlisten-Aktualisierung nach Import
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- CLAUDE.md: vollständig auf archivmail-Kontext umgeschrieben (Go/Xapian Stack, On-Premise Deploy, keine Supabase/Vercel)
- package.json: name und description auf archivmail aktualisiert
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Der systemd-Service nutzt /opt/archivmail/archivmail direkt.
Das neue Binary wurde nur nach /opt/archivmail/bin/ deployed,
wodurch der Service das alte Binary weiter verwendete.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- seedDefaultUsers: generiert kryptographisch zufällige Passwörter (crypto/rand)
statt hartkodiertes "archivmailrockz" — Passwörter werden einmalig im Terminal
angezeigt und können danach nicht wiederhergestellt werden
- generateJTI: verwendet crypto/rand (16 Byte, hex) statt time.UnixNano XOR deadbeef
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- bcrypt cost erhöht von DefaultCost (10) auf 12
- Rate-Limiting: max 5 Fehlversuche in 15 Min → HTTP 429
- last_login_at in DB gespeichert und bei jedem Login aktualisiert
- login_attempts Tabelle für Fehlversuche
- PATCH /api/users/{id}: Passwort-Reset, Rolle, E-Mail, Active
- DELETE /api/users/{id}: Löschen mit Schutz für letzten Admin
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- GET /api/export/pdf/{id}: PDF-Generierung (stdlib, kein ext. Paket)
- POST /api/export/zip: Streaming-ZIP mit manifest.csv, Anhänge optional
- Max. 500 Mails pro Export, Zugriffscheck per Rolle
- Audit-Log für jeden Export
- Frontend: PDF-Button in Mail-Ansicht
- Frontend: Checkboxen + ZIP-Export-Dialog in Suchergebnissen
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Systemauslastungs-Sektion wird immer gerendert (nicht nur bei Erfolg)
- Fehlermeldung wenn /api/admin/system/stats nicht erreichbar ist
- Feature-Status auf In Review gesetzt
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Add paths frontmatter to frontend, backend, and security rules so
they only load when editing relevant files
- Add mandatory new-project detection to general rules that redirects
to /requirements before any implementation
- Add write-then-verify protocol for feature tracking updates to
prevent hallucinated file edits
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Replace the manual "read .claude/agents/*.md" workflow with native
Claude Code features for a more efficient, scalable development experience:
- **Skills** (.claude/skills/): 7 auto-discovered slash commands
(/requirements, /architecture, /frontend, /backend, /qa, /deploy, /help)
with forked sub-agents for heavy tasks and inline execution for interactive ones
- **Rules** (.claude/rules/): 4 modular rule files (general, frontend, backend,
security) auto-applied based on file context
- **Sub-Agents** (.claude/agents/): Lightweight configs for frontend-dev,
backend-dev, and qa-engineer with model, tool, and turn limit settings
- **Context Engineering**: Layered context loading, context isolation via
forked skills, built-in context recovery after compaction, and
"always read, never guess" rules to prevent hallucinated code references
- **CLAUDE.md**: Auto-loaded project context replacing PROJECT_CONTEXT.md
- **Feature tracking**: features/INDEX.md as persistent state across sessions
- **Production guides**: docs/production/ for error tracking, security,
performance, database optimization, and rate limiting
- **Init Mode**: /requirements detects empty PRD and bootstraps full project
setup (PRD + all feature specs) from a single project description
Removed: 6 monolithic agent files, PROJECT_CONTEXT.md, HOW_TO_USE_AGENTS.md,
TEMPLATE_CHANGELOG.md
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
globals.css:
- Add all shadcn/ui CSS variables in HSL format (without hsl() wrapper)
- Include: card, popover, primary, secondary, muted, accent, destructive
- Include: input, ring, radius, chart colors
- Complete light and dark mode definitions
tailwind.config.ts:
- Map all CSS variables with hsl(var(--...)) wrapper
- Add borderRadius config for --radius variable
- Add chart colors mapping
This ensures all shadcn/ui components render correctly out of the box.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add missing --border CSS variable for light and dark mode
- Add border color to Tailwind config using hsl(var(--border))
- Fix import paths in sidebar.tsx (@/hooks/ instead of @/components/hooks/)
- Fix import path in toaster.tsx (@/hooks/ instead of @/components/hooks/)
These fixes ensure npm run dev / npm run build work out of the box.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add critical section: always check shadcn/ui before creating components
- List all 35 installed shadcn components with categories
- Add VERBOTEN section: never create own versions of shadcn components
- Update example component to use shadcn Card/Button/Badge
- Add shadcn checklist items before marking work as done
This ensures Claude Code always uses shadcn/ui instead of building
custom implementations of standard UI elements.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Revert accidental removal of design-vorgaben section while keeping
the new Supabase auth best practices.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Extend QA Engineer responsibilities to include security analysis
and permission checks with a Red Team pentester approach.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- New Phase 5: Update PROJECT_CONTEXT.md with current status and roadmap
- Updates "Aktueller Status", "Features Roadmap", optionally "Vision"
- New checklist item ensures PROJECT_CONTEXT.md stays current
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- New workflow step: Check for design files before implementing
- Interactive questions for style, colors, inspiration
- Uses AskUserQuestion for structured input
- New checklist item for design clarification
Also: Refactored TEMPLATE_CHANGELOG to compact bullet-point format
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Enforce Single Responsibility Principle for feature specifications:
- Each feature file should be one testable, deployable unit
- Clear rules on what NOT to combine in one file
- 5 decision criteria for splitting features
- Dependency documentation between features
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
BREAKING CHANGE: Removed FEATURE_CHANGELOG.md and test-reports/
**What changed:**
- All 6 agents now use Git commands to check existing features/components
- Feature specs include test results and deployment status (no separate files)
- Git commits are the single source of truth for implementation details
- Git tags for deployment versioning (e.g., v1.0.0-PROJ-1)
**Why:**
- Prevents context bloat (no growing FEATURE_CHANGELOG.md)
- Scales better (Git is built for large projects)
- No manual changelog maintenance
- Better developer experience (native Git workflow)
**Migration:**
- Requirements Engineer: Uses `ls features/` and `git ls-files` instead of FEATURE_CHANGELOG
- Solution Architect: Uses `git ls-files src/components/` to check existing code
- Frontend/Backend Devs: Use `git log --grep="PROJ-X"` to see feature history
- QA Engineer: Adds test results directly to feature spec
- DevOps: Updates feature spec with deployment status + creates Git tags
**Files changed:**
- Updated all 6 agent instructions (.claude/agents/*.md)
- Deleted FEATURE_CHANGELOG.md
- Deleted test-reports/ folder
- Updated PROJECT_CONTEXT.md (removed references)
- Updated README.md (v1.4.0, updated workflow)
- Updated features/README.md (new format with QA + Deployment sections)
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
sysops