Home Explore Help
Sign In
pi5claw
Repositories Public Activity

pi5claw pushed to main at kingkong/vidreview

  • 34a932758b feat: add rate limiting, pagination, search, and improve auth security - Add express-rate-limit for auth routes (5 attempts/15min per IP) - Remove JWT_SECRET fallback, require env var or throw - Add pagination (page/limit) to projects, assets, comments endpoints - Add search filter to projects, assets, users endpoints - Fix storageUsed to use stored field instead of computed on each request - Fix restore comment: only global ADMIN or project owner can restore - Fix cookies secure flag based on NODE_ENV - Fix N+1 in folders listing by batching FolderAsset queries - Fix canSeeDeletedComments to check global role not project role - Add search support to assets, comments listing - Add isGlobalAdmin prop to CommentItem for restore permission Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

1 month ago

pi5claw pushed to main at kingkong/vidreview

  • 6daccd3f9e fix: restore button, folder tags, download name, folder tree - Fix canRestore condition: was checking !isDeleted, always false. Restore button now appears for project owner/ADMIN on deleted comments. - Fix folder tag display: video now shows only deepest (leaf) folder, not all ancestor folders. - Fix download filename: save originalFilename on upload and use it for download attribute (falls back to UID filename). - Fix FolderTree: merge 2 collapse/expand buttons into 1 toggle. Default state is now fully collapsed on page load. - Fix comment count in project grid: only count non-deleted comments via _count filter in Prisma. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

1 month ago

pi5claw pushed to main at kingkong/vidreview

  • 3a108fffab fix: comment toggle icons, folder tree icons, counter, avatar consistency + admin deleted comments UI fixes: - Comment panel toggle: chevron direction swapped (left=expand, right=collapse) - FolderTree collapse icon: added explicit rotate-0 for collapsed state - Comment counter badge: now shows total/visible when resolved are hidden - Deleted comments toggle for project ADMIN: button shows "N deleted" count, toggles show/hide deleted comments in the panel Avatar consistency (Avatar component with src=avatarUrl everywhere): - users/page.tsx: replaced custom div with Avatar component - projects/[projectId]/page.tsx: member list avatar replaced with Avatar - AssetCard: uploader avatar replaced with Avatar (removed SVG silhouette) Also: backend allows admin to load deleted comments via ?includeDeleted=true Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

1 month ago

pi5claw pushed to main at kingkong/vidreview

  • 7d694d1fe4 fix: load image synchronously for canvas crop — avoids drawImage type error Load image via FileReader + new Image() directly in handleFileChange instead of relying on img.onLoad event from the preview <img> element. This avoids the React synthetic event type mismatch and ensures originalImageRef is always set before handleConfirm runs. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

1 month ago

pi5claw pushed to main at kingkong/vidreview

  • 32a73bf62a fix: show avatar photos in all comment locations — speech bubble, panel, timeline SpeechBubble.tsx: replace hardcoded gradient avatar with Avatar component using comment.user?.avatarUrl + comment.user?.name. Also fixes review page new-comment form avatar (user?.avatarUrl from auth context) and existing-comment card avatar (already had the data but was not passing src prop). Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

1 month ago

pi5claw pushed to main at kingkong/vidreview

  • f4d8cbc59b fix: pass avatarUrl to comment avatar renders in review page Three Avatar instances in review page were missing src={comment.user?.avatarUrl} — dashboard sidebar, settings, and CommentPanel already had it correct. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

1 month ago

pi5claw pushed to main at kingkong/vidreview

  • ff8b00a701 feat: add public share links, folder system, file/timeline modes, and UI polish Features: - Public share links with password, download, and view-limit controls - Hierarchical folder organization with drag-and-drop asset management - File mode and timeline mode toggle in project view - Frame-accurate comment system with speech bubble UI - Client-side profile picture crop and upload to ~30KB JPEG - Full marketing landing page at / - Share button highlights when video already has a share link - Remove video from folder via hover X on folder tags - Share page auto-redirects logged-in users to review page - Login page respects redirect param for seamless comment flow Also: reprocess failed transcode tasks, compact upload widget, storage quota bar Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

1 month ago

pi5claw pushed tag v0.1 to kingkong/vidreview

1 month ago

pi5claw pushed to main at kingkong/vidreview

  • 9bdd684a31 fix: improve video player scrubber hover and drag UX - Hover: show thumbnail + timecode tooltip only, NO playhead movement, NO main video seek. Playhead stays at currentTime until user clicks. Thumbnail drawn from hidden scrubVideoRef for instant response. - Background cache: when user hovers at a timecode for ≥400 ms, silently pre-seek the main video so a subsequent click-to-seek feels instant. cacheDebounceRef cancels in-flight work when cursor moves away. - Drag/scrub: instant playhead update + thumbnail preview via scrubVideoRef. Fixed event-bubble bug where mousemove on track bubbled to wrapper and caused stale isDragging closures to call setDraggedTime. Added clientX bounds check so cursor in wrapper padding area (outside track bar) is ignored — prevents playhead jumping to t≈0 or t≈duration. - VideoPlayer: pass mainVideoRef down to Timeline so it can pre-seek without going through React state callbacks. - Review page: clean up globals.css unused CSS, expand comment panel resize grip visual, touch up compare-mode comment display layout. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

1 month ago

pi5claw pushed to main at kingkong/vidreview

  • 0d69f5256b add CADDY_HTTP_PORT and CADDY_HTTPS_PORT to .env, .env.example and README

1 month ago

pi5claw pushed to main at kingkong/vidreview

  • 58d6af863d add CADDY_HTTP_PORT and CADDY_HTTPS_PORT env vars for Caddy

1 month ago

pi5claw pushed to main at kingkong/vidreview

  • 20ba93b6b0 security: move all secrets to .env, remove hardcoded credentials docker-compose.yml: - All hardcoded credentials removed (postgres password, DB URL, IPs) - Now uses ${VAR:?Required} for required secrets so deploy fails fast if .env missing - Removed stale local IPs from ALLOWED_ORIGINS - init/admin: now reads DB credentials from .env via env vars .env / .env.example: - All vars now consolidated: DB (POSTGRES_*), auth (JWT_*), server, CORS, email, admin - NEXT_PUBLIC_API_URL added (was missing from .env, causing blank var) - .env.example updated with placeholder values and clear comments Security audit: - POSTGRES_PASSWORD: exposed in compose but from .env (already in .gitignore) - JWT_SECRET: placeholder (user must replace) - RESEND_API_KEY: empty by default (user fills in if they want email) - No Resend key leaked - No JWT secret leaked - No real IPs leaked README.md: Updated deployment section and env var table to reflect .env-based config

1 month ago

pi5claw pushed to main at kingkong/vidreview

  • 18c7a1d31c fix: auth init always sets loading=false so app renders after reload

1 month ago

pi5claw pushed to main at kingkong/vidreview

  • 3f929e85eb fix: auth init loads storageQuota from server on first mount

1 month ago

pi5claw pushed to main at kingkong/vidreview

  • c00960a96a fix: sidebar overlap, storage quota API, frame icons, prev/next comment buttons Backend: - auth: include storageQuota + storageUsed in login and /me responses UI: - Sidebar: add md:ml-56 to main so fixed sidebar doesn't overlap content - Compare mode: use mainVideoRef for seek so timestamp clicks always work - Frame step icons: clear left/right bracket arrows instead of confusing skip icons - Controls: add prev-comment (⏮ double-chevron) and next-comment (⏭ double-chevron) buttons flanking the play controls

1 month ago

pi5claw pushed to main at kingkong/vidreview

  • 24ba1ec838 UI: storage quota in sidebar, fixed sidebar overflow, compare mode improvements - Sidebar: add storage quota bar (used/quota bytes + progress bar) in the user/logout footer section - Sidebar: add h-screen + overflow-hidden to aside so it never stretches the page even with many nav items - Compare mode: Annot. toggle button above each video to show/hide annotations and speech bubbles per video independently - Compare mode: comment panels now fill available height (flex-1 min-h-0) instead of fixed max-h-32 — scroll to see all comments - Stroke: lineWidth 3→6, arrow headLen 16→32 for better visibility - User interface: add storageQuota/storageUsed fields to User type

1 month ago

pi5claw pushed to main at kingkong/vidreview

  • 588d8d906e fix: keyboard shortcuts, compare layout, annotation visibility, stroke/arrow size - Arrow keys: ±1 frame (stepFrame), Shift+Arrow: ±1s seek - Compare mode: comment panel hidden, comments moved below each video - rVFC closure bug: update visibleAnnotationsRef AFTER redrawAnnotationsRef assignment so compare player's annotations always use latest array - Stroke lineWidth: 3 → 4.5 (1.5×), arrow headLen: 16 → 24 - Avatar: add xs size for inline compare comment lists

1 month ago

pi5claw pushed to main at kingkong/vidreview

  • 096724c3a7 fix compare mode: playhead movement, timecode update, per-video annotations - VideoPlayer rVFC onFrame: compare player now calls setCurrentTime so its own playhead/timeline thumb updates during playback. onTimeUpdate is skipped to avoid parent feedback loop. redrawAnnotationsRef still fires so compare video's own annotations render. - onSeeked handler: compare player calls setCurrentTime on external seek so its seeker thumb follows the main player. - Compare comments: fetch comments for the compare asset on selection (duration match) so it has its own annotation data. - Compare annotations: derive compareVisibleAnnotations from compareComments, pass to compare VideoPlayer. Reset on exit compare.

1 month ago

pi5claw pushed to main at kingkong/vidreview

  • 778956402a fix: compare mode duration gating + dual playhead sync + per-video annotations Duration gating: - If 2 videos differ by >5 frames, enter "mismatch mode": banner with Cancel button shown, second video NOT rendered, user must cancel or pick another - compareAsset shown in header during mismatch so user knows what was picked Dual playhead sync: - Added onTimelineSeek prop to VideoPlayer - handleSeek calls parent via onTimelineSeek + seeks self immediately - Main player in compare mode: onTimelineSeek={handleTimeUpdate} - Compare player: receives updated currentTime via externalCurrentTime - Both players seek to same time on timeline drag/click Per-video annotations: - Main player in compare mode gets allComments + visibleAnnotations (its own) - Compare player gets empty arrays (has no annotations from this asset) - Both players show their own speech bubbles if they have timestamped comments Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

1 month ago

pi5claw pushed to main at kingkong/vidreview

  • 5993957162 feat: side-by-side video compare + speech bubble opacity + annotation isolation Side-by-side compare: - Compare button in header opens a picker modal listing completed videos in the same project - Duration mismatch check: warns if videos differ by >5 frames, allows compare anyway (user can still choose to proceed) - Selected compare video renders in a second VideoPlayer (isComparePlayer), synchronized to main video's currentTime and playing state via externalCurrentTime/externalPlaying props - Both players run independently; compare player skips rVFC state updates - Compare mode: comment input disabled with placeholder, keyboard shortcuts hidden, draw mode button visible but annotation tools on video are off (both players get drawMode=false, comments=[], visibleAnnotations=[]) - "Compare mode" badge shown in comment panel header; Exit Compare button in header to leave the mode Speech bubble: - Opacity reduced from 95% to 75% for a lighter visual feel Annotations: - In compare mode both players get drawMode=false and empty visibleAnnotations so annotations are isolated to single-video mode Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

1 month ago