platphorm-fortune

fix: reduce fog clear threshold for earlier reveal Agent-Logs-Url: https://github.com/mbarbine/platphorm-fortune/sessions/b11f9be9-54cb-4223-91fd-74974e5a7637 Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>

Merge pull request #39 from mbarbine/copilot/fix-ui-clearing-fog Refocus reveal UI on fog-swiping and require near-complete clear before advancing

Fix fallback mount path and finalize fog-first human UI Agent-Logs-Url: https://github.com/mbarbine/fortune-cookie-webby-yj/sessions/f341bc15-8862-4be5-a9e9-576a015f7ee6 Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>

Remove human on-screen fortune selection and raise fog clear threshold Agent-Logs-Url: https://github.com/mbarbine/fortune-cookie-webby-yj/sessions/f341bc15-8862-4be5-a9e9-576a015f7ee6 Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>

update

Merge pull request #38 from mbarbine/copilot/merge-all-pull-requests Consolidate open PR branches into a single merge-ready integration branch

Merge remote-tracking branch 'origin/jules-5541606933802964857-b84cefc8' into copilot/merge-all-pull-requests Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>

Merge pull request #37 from mbarbine/jules-testing-improvement-fortunes-create-11646911466758043400 🧪 [testing improvement] Add validation tests for fortunes/create API

🧪 [testing improvement] Add validation tests for fortunes/create API 🎯 **What:** Addressed testing gap for the fortunes/create API route by adding a comprehensive suite of validation tests. 📊 **Coverage:** Covered scenarios include enforcing minimum length (10 characters), maximum length (500 characters), and validating fortune categories, as well as the valid request happy path. ✨ **Result:** Improved test coverage and reliability for user-submitted fortune validation logic.

🧪 [testing] add vercel analytics tracking test coverage 🎯 What: The useAnalytics hook was missing actual tracking calls to Vercel Analytics and corresponding tests. 📊 Coverage: Added tests to ensure track() from @vercel/analytics is called with the expected event names and properties for reveal, favorite, and share actions. ✨ Result: Increased test coverage and confidence in analytics tracking integration.

🧪 Add test for ShareFortune copy fallback logic

Merge pull request #17 from mbarbine/sentinel/fix-securecompare-timing-leak-7061961677359638096 🛡️ Sentinel: [HIGH] Fix timing leak in secureCompare

Merge pull request #20 from mbarbine/bolt-optimize-canvas-render-loop-13834764147686257151 ⚡ Bolt: Optimize Canvas render loop by removing dynamic string allocations

Merge branch 'main' into bolt-optimize-canvas-render-loop-13834764147686257151

Merge pull request #16 from mbarbine/palette/download-card-feedback-localization-6674408197168723471 🎨 Palette: Add localized success feedback to Download Card button

Merge pull request #18 from mbarbine/bolt/canvas-color-allocation-optimization-17075110897646642814 ⚡ Bolt: [performance improvement] Optimize canvas color allocation to avoid string generation garbage collection overhead

Merge branch 'main' into bolt/canvas-color-allocation-optimization-17075110897646642814

Merge pull request #19 from mbarbine/bolt-optimize-fog-canvas-11082685091219606732 ⚡ Bolt: [performance improvement] optimize fog canvas rendering loops

Merge branch 'main' into bolt-optimize-fog-canvas-11082685091219606732

Merge pull request #21 from mbarbine/performance-word-wrap-optimization-11248462863955277867 ⚡ Bolt: optimize string concatenation in word wrap loop

⚡ Bolt: optimize string concatenation in word wrap loop Optimized the word-wrapping logic in the `FortuneCard` component by replacing template literals with standard string concatenation (`+`) and using explicit empty string checks. In the canvas text measurement loop, these micro-optimizations reduce overhead and improve throughput. Measured Improvement: - ~22% performance improvement in the word-wrapping logic (measured via standalone Node.js benchmark with mock canvas context). - Verified identical output results between original and optimized implementations. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>

Optimize Canvas render loop by removing dynamic string allocations Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>

perf: optimize fog-canvas rendering loops by reducing string allocations - Replaced dynamic \`rgba(...)\` string templates in 20,000 particle noise loops and gradient generation with static color strings and dynamic \`globalAlpha\`. - Prevents tens of thousands of string allocations and CSS color parses per frame in the main requestAnimationFrame loop. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>

perf: optimize canvas color allocation in render loops Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>

fix: fix timing attack in secureCompare length check Replaced early return on string length mismatch with a constant-time iteration over the expected secret's length in `secureCompare`. This prevents the length of the expected secret from being leaked via a timing side-channel. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>

Merge pull request #15 from mbarbine/sentinel-fix-timing-attack-9551204138411210608 🛡️ Sentinel: [CRITICAL] Fix authorization timing attack vulnerability

Merge branch 'main' into sentinel-fix-timing-attack-9551204138411210608

Merge branch 'main' into bolt-canvas-optimization-1627651576296394871

Merge pull request #13 from mbarbine/sentinel/fix-timing-attack-auth-16352997542432727686 🛡️ Sentinel: [CRITICAL] Fix Timing Attack in Auth Header Comparisons

Merge branch 'main' into bolt/optimize-particle-rendering-1783625462523625750

Merge pull request #11 from mbarbine/bolt-particle-canvas-perf-1141884729453141493 ⚡ Bolt: [performance improvement] Optimize Canvas rendering inside ParticleField animation loop

🛡️ Sentinel: [CRITICAL] Fix authorization timing attack vulnerability Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>

⚡ Bolt: optimize particle field canvas rendering Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>

🛡️ Sentinel: [CRITICAL] Fix Timing Attack in Auth Header Comparisons Replaced string strict equality comparisons (`===`) with `crypto.timingSafeEqual` when validating `FORTUNE_INGEST_SECRET` against headers (`authorization` and `x-fortune-key`) in the `/api/fortunes/create` route. This prevents potential timing attacks where an attacker could deduce the secret byte-by-byte by measuring response times. Also documented this learning in `.jules/sentinel.md` as per Sentinel's journal process. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>

⚡ Bolt: Optimize Particle Rendering in Canvas Loop Replaced per-particle dynamic `rgba()` string allocations with a static `fillStyle` and `globalAlpha` updates to reduce garbage collection overhead and string parsing within the `requestAnimationFrame` loop. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>

refactor: optimize canvas fillStyle in particle-field.tsx Removed string template literal evaluation inside the main animation loop of the ParticleField component. By moving the base color into a static `ctx.fillStyle` assignment before the particle iteration and controlling opacity dynamically via `ctx.globalAlpha` inside the loop, we significantly reduce GC pressure and unnecessary string parsing. The original color and opacity behavior are exactly preserved. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>

Merge pull request #10 from mbarbine/bolt/optimize-canvas-gradient-2644681654944594401 ⚡ Bolt: [performance improvement] Optimize canvas gradient creation during fog wipe

chore: disable CI, add health endpoint, update LLM docs - Disabled GitHub Actions CI checks (`daily-tests.yml`) temporarily to bypass GitHub billing limits preventing runs. - Added a basic `/api/health` endpoint for monitoring application status. - Extended site discovery files (`llms.txt`, `robots.txt`) to explicitly index the health endpoint and facilitate LLM integration. - Updated `README.md` to reflect these changes. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>

Merge pull request #9 from mbarbine/bolt-perf-fog-canvas-16099787544136416153 ⚡ Bolt: Optimize measureClear via off-screen subsampling

Merge pull request #8 from mbarbine/copilot/modify-fortune-sound-effect Tone down scary/startling fortunes and soften reveal sound effects

Soften scary/startling fortune text and warm up sound effects Fortune text changes: - Phantom town: replaced ghost/death imagery with "second act" theme - Black holes: replaced "being watched" with curious cosmos - "Die is on the list": replaced with "last page writes itself" - "Die smiling" (x2): changed to "Go out grinning" - "Die with you still writing": changed to "Outlast the final chapter" - "Language should fear you": changed to "keep up with you" - Séance: changed to "listening session" Sound effect changes: - Reveal: warmer frequency range (G4-G5 vs C5-C6), softer attack, lower gain - Streak: reduced squeaky resonance gain/Q, gentler LFO modulation Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>

update

update

update

update

update