john/tractatus
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
885 commits 1 branch 0 tags 125 MiB
Commit graph

5 commits

Author SHA1 Message Date
TheFlow
2298d36bed fix(submissions): restructure Economist package and fix article display 
- Create Economist SubmissionTracking package correctly:
  * mainArticle = full blog post content
  * coverLetter = 216-word SIR— letter
  * Links to blog post via blogPostId
- Archive 'Letter to The Economist' from blog posts (it's the cover letter)
- Fix date display on article cards (use published_at)
- Target publication already displaying via blue badge

Database changes:
- Make blogPostId optional in SubmissionTracking model
- Economist package ID: 68fa85ae49d4900e7f2ecd83
- Le Monde package ID: 68fa2abd2e6acd5691932150

Next: Enhanced modal with tabs, validation, export

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2025-10-24 08:47:42 +13:00
TheFlow
43fa6cca61 SECURITY: Remove all internal/confidential files from public repository 
CRITICAL SECURITY FIX:
Removed 226 internal and sensitive files from git tracking to protect
the public tractatus-framework repository from exposing confidential
development information, server details, and internal strategies.

SCOPE:
This cleanup separates the INTERNAL repository (tractatus) from the
PUBLIC repository (tractatus-framework on GitHub).

REMOVED DIRECTORIES (entire):
- .claude/ (framework session state, metrics, archives)
- governance/ (internal operational governance)
- For Claude Web/ (internal development specs)
- scripts/hook-validators/ (internal enforcement)
- scripts/framework-components/ (internal components)
- docs/planning/, docs/testing/, docs/outreach/
- docs/stripe-analysis/, docs/economist-analysis/
- docs/framework-incidents/, docs/deployment-logs/
- docs/analysis-archive-2025-10/

REMOVED ROOT FILES:
- CLAUDE_*.md, ClaudeWeb*.md (internal development)
- PITCH-*.md (internal pitch documents)
- PHASE-*.md, MEETING_NOTES*.md (internal planning)
- SESSION*.md, OPTIMAL_NEXT_SESSION*.md (session handoffs)
- ARCHIVE_SUMMARY*.md, CLOSEDOWN*.* (session archives)
- EXECUTIVE_BRIEF*.md (internal briefs)
- Tractatus-Website-Complete-Specification*.md (internal specs)
- UI_TRANSFORMATION_PROJECT_PLAN.md, SITE_IMPROVEMENT_PRIORITIES.md
- SCHEDULED_TASKS.md, TRACTATUS_BRAND_SYSTEM.md
- .stripe-ids.json, .rsyncignore (sensitive/deployment)
- deployment-output.txt, migration-output.txt (logs)
- ECONOMIST_LETTER*.docx, PERPLEXITY_USER_PROMPT.txt (correspondence)

REMOVED SCRIPTS:
- scripts/deploy-*.sh (contain server IPs)
- scripts/session-init.js, scripts/check-session-pressure.js
- scripts/analyze-violations.js
- scripts/hook-validators/*.js (5 files)
- scripts/framework-components/*.js

REMOVED DOCS (96 files):
- docs/SESSION*.md, docs/session-handoff-*.md
- docs/DEPLOYMENT*.md, docs/MULTI_PROJECT*.md
- docs/DOCUMENT_AUDIT*.md, docs/DOCUMENT_*.md
- docs/BLOG-POST-OUTLINES.md
- docs/PHASE-*.md, docs/STRIPE_*.md, docs/KOHA*.md
- docs/SECURITY_AUDIT*.md, docs/FRAMEWORK_FAILURE*.md
- docs/BENCHMARK*.md, docs/IMPLEMENTATION_PROGRESS*.md
- docs/BOOTSTRAPPING*.md, docs/GOVERNANCE-RULE-LIBRARY.md
- docs/SIMULATION*.md, docs/API_MEMORY*.md

ADDED PROTECTIONS:
1. Comprehensive .gitignore (172 lines)
   - Blocks all internal directories
   - Blocks all internal file patterns
   - Prevents accidental commits

2. PUBLIC_REPO_CHECKLIST.md
   - Security verification checklist
   - Weekly maintenance procedures
   - Clear guidelines for public vs internal

REMAINING PUBLIC FILES: 6,435
- src/: 85 (open source services)
- tests/: 35 (unit/integration tests)
- public/: 178 (website frontend)
- scripts/: 111 (public utilities)
- docs/: 107 (public documentation)
- root: 13 (README, LICENSE, package.json, configs)

VERIFICATION:
✓ No server IPs
✓ No SSH keys or credentials
✓ No payment system secrets
✓ No internal planning documents
✓ No session handoffs or development logs
✓ No deployment scripts with production details

RESULT:
Public tractatus-framework repository now contains ONLY:
- Open source code
- Public documentation
- Implementation guides
- Apache 2.0 licensed content

Internal tractatus repository (local) retains ALL files for development.

🤖 Generated with Claude Code
Co-Authored-By: Claude <noreply@anthropic.com>
 2025-10-21 18:50:16 +13:00
TheFlow
9d8fe404df chore: update dependencies and documentation 
Update project dependencies, documentation, and supporting files:
- i18n improvements for multilingual support
- Admin dashboard enhancements
- Documentation updates for Koha/Stripe and deployment
- Server middleware and model updates
- Package dependency updates

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2025-10-19 12:48:37 +13:00
TheFlow
b3bd3b2348 feat: add multi-currency support and privacy policy to Koha system 
Multi-Currency Implementation:
- Add currency configuration with 10 supported currencies (NZD, USD, EUR, GBP, AUD, CAD, JPY, CHF, SGD, HKD)
- Create client-side and server-side currency utilities for conversion and formatting
- Implement currency selector UI component with auto-detection and localStorage persistence
- Update Donation model to store multi-currency transactions with NZD equivalents
- Update Koha service to handle currency conversion and exchange rate tracking
- Update donation form UI to display prices in selected currency
- Update transparency dashboard to show donations with currency indicators
- Update Stripe setup documentation with currency_options configuration guide

Privacy Policy:
- Create comprehensive privacy policy page (GDPR compliant)
- Add shared footer component with privacy policy link
- Update all Koha pages with footer component

Technical Details:
- Exchange rates stored at donation time for historical accuracy
- All donations tracked in both original currency and NZD for transparency
- Base currency: NZD (New Zealand Dollar)
- Uses Stripe currency_options for monthly subscriptions
- Dynamic currency for one-time donations

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2025-10-08 15:17:23 +13:00
TheFlow
ebfeadb900 feat: implement Koha donation system backend (Phase 3) 
Backend API complete for NZD donation processing via Stripe.

**New Backend Components:**

Database Model:
- src/models/Donation.model.js - Donation schema with privacy-first design
  - Anonymous donations by default, opt-in public acknowledgement
  - Monthly recurring and one-time donation support
  - Stripe integration (customer, subscription, payment tracking)
  - Public transparency metrics aggregation
  - Admin statistics and reporting

Service Layer:
- src/services/koha.service.js - Stripe integration service
  - Checkout session creation (monthly + one-time)
  - Webhook event processing (8 event types)
  - Subscription management (cancel, update)
  - Receipt email generation (placeholder)
  - Transparency metrics calculation
  - Based on passport-consolidated StripeService pattern

Controller:
- src/controllers/koha.controller.js - HTTP request handlers
  - POST /api/koha/checkout - Create donation checkout
  - POST /api/koha/webhook - Stripe webhook receiver
  - GET /api/koha/transparency - Public metrics
  - POST /api/koha/cancel - Cancel recurring donation
  - GET /api/koha/verify/:sessionId - Verify payment status
  - GET /api/koha/statistics - Admin statistics

Routes:
- src/routes/koha.routes.js - API endpoint definitions
- src/routes/index.js - Koha routes registered

**Infrastructure:**

Server Configuration:
- src/server.js - Raw body parsing for Stripe webhooks
  - Required for webhook signature verification
  - Route-specific middleware for /api/koha/webhook

Environment Variables:
- .env.example - Koha/Stripe configuration template
  - Stripe API keys (reuses passport-consolidated account)
  - Price IDs for NZD monthly tiers ($5, $15, $50)
  - Webhook secret for signature verification
  - Frontend URL for payment redirects

**Documentation:**

- docs/KOHA_STRIPE_SETUP.md - Complete setup guide
  - Step-by-step Stripe Dashboard configuration
  - Product and price creation instructions
  - Webhook endpoint setup
  - Testing procedures with test cards
  - Security and compliance notes
  - Production deployment checklist

**Key Features:**

 Privacy-first design (anonymous by default)
 NZD currency support (New Zealand Dollars)
 Monthly recurring subscriptions ($5, $15, $50 NZD)
 One-time custom donations
 Public transparency dashboard metrics
 Stripe webhook signature verification
 Subscription cancellation support
 Receipt tracking (email generation ready)
 Admin statistics and reporting

**Architecture:**

- Reuses existing Stripe account from passport-consolidated
- Separate webhook endpoint (/api/koha/webhook vs /api/stripe/webhook)
- Separate MongoDB collection (koha_donations)
- Compatible with existing infrastructure

**Next Steps:**

- Create Stripe products in Dashboard (use setup guide)
- Build donation form frontend UI
- Create transparency dashboard page
- Implement receipt email service
- Test end-to-end with Stripe test cards
- Deploy to production

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2025-10-08 13:35:40 +13:00