Conceptual vision for integrating the global catalog into the add/edit
flow — search-first UX, tag system, catalog submission with review,
and thread-driven research from catalog items.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add auth redirect in root layout for unauthenticated users
- Proxy OIDC routes (/login, /callback, /logout) through Vite dev server
- Strip Secure flag from OIDC cookies in dev mode (HTTP localhost)
- Disable retry on auth query to prevent stale cookie loops
- Fix SQLite .get()/.all()/.run() calls in category and global-item
services for PostgreSQL compatibility
- Add userId scoping to category service functions
- Add OIDC error logging in auth middleware
- Apply linter auto-formatting across affected files
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- SUMMARY.md with task commits and decisions
- STATE.md updated with progress and decisions
- ROADMAP.md updated with plan progress (4/5 plans complete)
- REQUIREMENTS.md: GLOB-03, GLOB-04, GLOB-05 marked complete
- Create public profile page at /users/$userId with avatar, name, bio, setups
- Create PublicSetupCard component for profile page setup listing
- Add isPublic toggle button on setup detail page
- Add Public badge to SetupCard in list view
- Update useSetups hook with isPublic field on interfaces
- Search-based dropdown to find and link global catalog items
- Shows linked status with link to global item detail page
- Unlink button to remove association
- Debounced search with loading and empty states
- GET /api/users/:id/profile: public profile with public setups (no auth)
- PUT /api/auth/profile: update own profile (requires auth)
- GET /api/setups/:id/public: public setup view with items (no auth)
- Auth middleware skips public profile and public setup GET endpoints
- Register profileRoutes at /api/users in index.ts
- Add getOrCreateUncategorized to category service (Rule 3 fix)
- 10 route tests covering auth, public access, and 404 cases
- SUMMARY.md with full task/commit/deviation documentation
- STATE.md updated to Phase 18, Plan 2/5
- ROADMAP.md progress updated
- REQUIREMENTS.md: GLOB-01 through GLOB-05 marked complete
- GET /api/global-items with optional q search parameter
- GET /api/global-items/:id with ownerCount
- POST /api/items/:id/link to link user item to global item
- DELETE /api/items/:id/link to unlink
- Route registered in index.ts
- 10 route tests covering all endpoints
- updateProfile: update displayName, avatarUrl, bio for a user
- getPublicProfile: return user info with only public setups
- getPublicSetupWithItems: return setup details only if isPublic is true
- createSetup now accepts and persists isPublic field
- updateSetup can toggle isPublic
- getAllSetups includes isPublic in response
- searchGlobalItems with LIKE-based case-insensitive search and wildcard escaping
- getGlobalItemWithOwnerCount with owner count from junction table
- linkItemToGlobal/unlinkItemFromGlobal for item-global linking
- seedGlobalItems idempotent seed from JSON catalog
- Integrated seed into seedDefaults startup
- 10 test cases covering search, owner count, link/unlink, seed idempotency
- Added globalItems/itemGlobalLinks tables to SQLite schema
- Added Zod schemas and types for global items
- Created 18-item bikepacking gear seed data JSON
- Profile CRUD tests: updateProfile, getPublicProfile, getPublicSetupWithItems
- Setup service isPublic tests: create with isPublic, toggle, list includes isPublic
- Reads all image files from uploads/ directory
- Uploads each to S3 bucket preserving original filenames as object keys
- Handles errors per-file without aborting entire migration
- Preserves original files (manual deletion after verification)
- Replace all /uploads/ path construction with imageUrl presigned URLs
- Add imageUrl prop to ItemCard, CandidateCard, CandidateListItem, ComparisonTable
- Update ImageUpload to use presigned URLs + local preview for new uploads
- Pass imageUrl through from parent components (CollectionView, forms, routes)
- Replace Bun.write/mkdir with uploadImage() from storage.service
- Remove uploadsDir parameter from fetchImageFromUrl
- Update tests to mock storage service instead of checking filesystem
- Add MinIO + mc init container to docker-compose.dev.yml (fixed creds, console on :9001)
- Add MinIO + mc init container to docker-compose.yml (env var creds, no console)
- Add S3 env vars to app service in production compose
- Remove uploads volume from production compose (replaced by MinIO)
- Add S3 configuration section to .env.example
Route and MCP test files were calling createTestDb() without await,
causing db to be a Promise object instead of a Drizzle instance.
Also rewrote auth route tests for OIDC-based auth (merge picked old version).
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Merge conflict resolution picked the old password-based oauth tests.
Restored the OIDC session mock version with proper userId destructuring.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
