What’s new in Canv~Us

Phase 8 — Canvas Lock, Themed Portals & OFW Domination Pack

15 new co-parenting / family-life node types, tri-state Canvas Lock, 7 portal domain themes, and the ToneGuardian AI tone analyzer. Node count: 169.

• Added
  Canvas Lock: tri-state off/soft/hard cycling with localStorage persistence, 4 gesture guards (drag, zoom, spawn, resize blocked in hard mode), HUD button with visual feedback.
• Added
  Themed Portals: 7 domain themes (family, business, care, focus, creative, admin, archive) with live picker UI, PORTAL_DOMAIN_THEMES export, portalPreset extended to 7 values.
• Added
  OFW Domination Pack: 15 new node types across CoParentingExtNodes.tsx and FamilyLifeNodes.tsx — includes parallel parenting log, custody calendar, exchange tracker, legal vault, family mission board, and more.
• Added
  ToneGuardian API route (/api/ai/tone-analyze): scores co-parent message tone (0–100), classifies risk, and generates a kinder rewrite via Gemini 2.0 Flash.
• Security
  Gemini API key moved from URL query param to x-goog-api-key header (prevents key leakage in server logs).
• Security
  Cron auth hardened: query param secret support removed, timing-safe HMAC comparison replacing direct string equality.
• Security
  Calendar IDOR fix: Nylas PUT now verifies event ownership before update; all DELETE soft-deletes scoped to owner_id.
• Security
  Error stack traces gated behind NODE_ENV !== production in structuredLogger.
• Added
  X-Request-ID correlation header on all API responses for log tracing.
• Added
  /api/health endpoint: DB connectivity probe returning 200 ok or 503 error.
• Fixed
  Inbound webhook route now rejects non-JSON/non-form content types with 415 Unsupported Media Type.
• Fixed
  Focus rings inside canvas node cards changed from total suppression to subtle 1px outline (WCAG 2.4.7).
• Added
  Skip-to-content link in app layout for keyboard and screen reader navigation (WCAG 2.4.1).

Documentation Truth Refresh

141 registered node types, 8 canvas modes, 13 workspace roles, and integration docs aligned to the live runtime.

• Changed
  README, manuals, product spec, and technical stack updated to the current 141-node registry.
• Changed
  Role language normalized to 13 household workspace roles plus guest/token access flows and super-admin overlay.
• Changed
  Integration documentation refreshed for Supabase, Gemini, Stripe, Nylas, Resend, Twilio, QuickBooks, Xero, Web Push, Firebase FCM, and optional PostHog analytics.
• Fixed
  Removed stale Spotify integration claims from current product documentation and replaced them with the live push/notification stack.

Release-Readiness Wiring Audit

Backlinks, safety check-in, orchestrator brief, and node_created automation trigger.

• Added
  node_created consequence trigger — automation rules now fire when a node is first added to the canvas.
• Added
  Bidirectional backlinks in node editor — shows reverse links (←), forward links (→), and implicit text mentions (~).
• Added
  Safety check-in wiring — CaretakerEnvironment now surfaces real-time shift snapshot stats.
• Added
  Orchestrator brief in Command Horizon — shows top 5 cross-domain priority items above the daily brief.
• Added
  SpawnRadialWheel expanded — budget, calendar, goal_tracker, countdown, assistant now spawnable.
• Fixed
  Ghost-monitor GitHub Actions workflow — validates secrets before curl, retries 2×, handles empty responses.
• Fixed
  SpawnRadialWheel phantom project type replaced with valid kanban type.
• Security
  /api/integrations/status hardened with auth gate — was previously publicly accessible.

Account & Notifications Settings + Full-System QA

Settings pages for account and notifications, plus a comprehensive 13-part IP-sale QA audit.

• Added
  Account settings page — edit display name, avatar, view member-since date, send password reset.
• Added
  Notifications settings page — toggle email, push, and weekly digest; stored to user_metadata.
• Added
  Settings hub wired — Account and Notifications now fully linked (no longer "Coming soon").
• Fixed
  AssistantNode TypeScript AuthResponse mismatch — auth.refreshSession() return type corrected.
• Fixed
  Display settings ESLint set-state-in-effect — replaced effect with lazy useState initializer.
• Fixed
  Display settings silent 403 — non-superadmin users now see a lock icon + amber banner.

UX Organisation, Role-Gating & 5-Department Audit

• Added
  Display & Themes settings page — color mode, accent, glass blur, dock position, feature flags.
• Added
  Settings hub entries for Display & Themes and Advanced Features.
• Added
  Tour system improvements — landscape-mobile card anchors correctly; step counter shows N / M.
• Changed
  Tour steps trimmed from 17 → 6 steps; no tour exceeds 8 steps total.
• Changed
  Empty-state domain buttons role-gated — Business / Care hidden for child and viewer roles.
• Fixed
  FamilyMemorySurface and ReassuranceFeedSurface missing LayoutGroup.
• Fixed
  architect/config PATCH silent error — now captured in structured logs.

10-Persona Audit Sprint: Security, UX, AI, Conversion

The big security hardening release — JWT, prompt injection, UUID validation, and more.

• Security
  JWT fallback return true → return false — prevented unauthenticated access to admin and billing routes.
• Security
  E2E auth bypass production guard — ?e2eAuthBypass=1 now returns false immediately in production.
• Security
  Prompt injection sanitization — transcript sanitized + capped before LLM interpolation.
• Security
  UUID validation hardened — Zod schema changed to z.string().uuid() across 47+ validators.
• Security
  Centralized Gemini key resolver — lib/server/geminiKey.ts applied to all 6 AI routes.
• Security
  Injection detection strengthened — Unicode normalization + 4 new adversarial patterns.
• Added
  Settings hub — 7-section settings page with account, notifications, billing, integrations, privacy.
• Added
  Pricing page — 3 plans (Starter free, Family $24 CAD/mo, Business $49 CAD/mo).
• Added
  About page — mission, value pillars, stats, CTAs.
• Added
  Email capture / waitlist — EmailCaptureSection on landing, /api/waitlist endpoint.
• Added
  schema.org JSON-LD SoftwareApplication structured data for rich search results.
• Fixed
  AnimatePresence key props — 5 canvas panels fixed to prevent DOM node reuse.
• Fixed
  Touch targets ≥ 44px — 8 canvas panels updated for WCAG 2.5.5 compliance.
• Fixed
  Text contrast — body/label text raised from text-white/20–35 to text-white/50–60.

v1.5 Release — Gesture & Physics Hardening, Gold Master

141/141 node types, 14 roles, all 8 canvas views, AI prompts fully covered.

• Added
  141 node types — 100% theme and prompt coverage across all categories.
• Added
  14 roles — admin, partner, teen, child, caregiver, guest, business_owner, and more.
• Added
  8 canvas views — Motion canvas, Bento grid, Kanban, Fridge mode, and more.
• Added
  Real-time multiplayer — live cursors, presence, conflict-free sync via Supabase Realtime.
• Added
  Ghost Monitor escalation — 4-tier escalation ladder (in-app → notification → email → SMS).
• Added
  Morning Digest automation — daily AI briefing via SMS + in-app notification.
• Performance
  Inertia FRICTION upgraded: 0.966 → 0.975 (touch), 0.920 → 0.935 (mouse); STOP_VEL 0.15 → 0.05.
• Performance
  SpatialGrid culling — O(n) viewport intersection replaces O(n²) bounds scan.
• Fixed
  Node overflow — VideoPlayerNode, FamilyOS labels, and BusinessOS fields all truncate correctly.