diff --git a/sojorn_docs/TODO.md b/sojorn_docs/TODO.md index 34fd95b..bd8bc72 100644 --- a/sojorn_docs/TODO.md +++ b/sojorn_docs/TODO.md @@ -1,309 +1,108 @@ # Sojorn Development Status -**Last Updated**: February 17, 2026 -**Platform Version**: 3.0 (MVP Complete) -**Status**: βœ… **LAUNCH READY** +**Last Updated**: February 18, 2026 +**Branch**: **Status**: Active Development β€” substantial MVP complete, several systems still being wired --- -## πŸŽ‰ MAJOR ACHIEVEMENT - ALL DIRECTIVES COMPLETED +## Shipped and Working -### πŸš€ 11 Directives Successfully Implemented (Feb 17, 2026) +### Core Platform +- Go backend (Gin, pgx v5, PostgreSQL) β€” 100% migrated from Supabase +- JWT auth with refresh tokens, email verification, ALTCHA bot protection +- Posts: create, edit, delete, visibility, chains, reactions, saves +- Comments: threaded with replies +- Feed: algorithmic (5-factor scoring), chronological fallback +- Feed algorithm: engagement weighting, cooling period (0.2x multiplier), 60/20/20 diversity injection, impression recording +- Repost/boost: 4 repost types, amplification analytics, trending posts +- Image/video uploads to Cloudflare R2 with signed URLs +- Video moderation: FFmpeg frame extraction -> R2 upload -> Google Vision AI + OpenAI analysis +- Follow/unfollow, search (users/posts/hashtags/beacons) +- Profile widget system with layout persistence +- Blocking: single, by handle, bulk import (POST /users/me/blocks/bulk) +- E2EE chat (X3DH), push notifications (FCM) +- Beacons + Neighborhoods (OSM-based) +- Groups: create/join/leave, member management, discovery, E2EE capsules + - Capsule key distribution and auto-healing rotation + - Group feed endpoint + - Capsule admin: rotate keys, invite member, remove member, settings +- Health check service: /health, /health/detailed, /health/ready, /health/live +- Content moderation: OpenAI text + Google Vision images, Three Poisons scoring +- NSFW labeling, blur toggles, appeal system, safe links +- GeoIP, Nginx reverse proxy + SSL/TLS -All high-priority features have been completed and the platform is now production-ready: - -#### βœ… **DIRECTIVE 1**: Groups Validation System -- Complete groups system with seed data and discovery -- Full validation of join/leave flows and role permissions -- Load testing and performance optimization - -#### βœ… **DIRECTIVE 2**: AI Moderation System -- OpenAI Vision API integration for image moderation -- FFmpeg video frame extraction for video analysis -- Real-time content safety with Three Poisons scoring -- Automated flagging and admin moderation queue - -#### βœ… **DIRECTIVE 3**: Quips Video System Overhaul -- TikTok-level multi-segment recording with pause/resume -- Speed controls (0.5x, 1x, 2x, 3x) and real-time filters -- Text overlays, music/audio overlay, and advanced processing -- Professional video editing with FFmpeg integration - -#### βœ… **DIRECTIVE 4**: Beacon System Redesign -- Map view with clustered pins and neighborhood filtering -- 5 beacon categories with verified/official badges -- "How to help" action items and confidence scoring -- Local safety dashboard with social awareness focus - -#### βœ… **DIRECTIVE 5**: Profile Widget System -- MySpace-style modular widget grid with drag-and-drop -- 10 widget types with 6 theme options and accent colors -- JSON layout storage with size constraints and design boundaries -- Real-time editing with live preview - -#### βœ… **DIRECTIVE 6**: Blocking System 2.0 -- Cross-platform import/export (JSON, CSV, Twitter/X, Mastodon) -- Bulk block operations with validation and deduplication -- Statistics dashboard and platform compatibility -- Silent blocking with comprehensive user controls - -#### βœ… **DIRECTIVE 7**: Feed Amplification System -- 4 repost types (Standard, Quote, Boost, Amplify) -- Weighted engagement algorithm with real-time analytics -- Trending content discovery and user boost controls -- Feed algorithm integration with amplification scoring - -#### βœ… **DIRECTIVE 8**: Algorithm Overhaul -- 5-factor scoring system (Engagement, Quality, Recency, Network, Personalization) -- Positive engagement weighting with content quality analysis -- Time decay algorithm and user preference learning -- Database schema with comprehensive scoring metrics - -#### βœ… **DIRECTIVE 9**: E2EE Chat Fixes -- QR code device verification with RSA key generation -- Cross-device key synchronization without server storage -- Device management interface with security controls -- Message encryption/decryption with proper key handling - -#### βœ… **DIRECTIVE 10**: Code Cleanup -- All TODOs resolved with functional implementations -- Video player more options, rich text navigation, swipeable post settings -- Group image upload dialogs and proper error handling -- Clean, production-ready codebase with zero outstanding tasks - -#### βœ… **DIRECTIVE 11**: Launch Preparation -- Comprehensive health check service with system monitoring -- Integration test suite covering all major features -- Performance testing with security validation -- Production-ready deployment and monitoring framework +### Admin Panel (Next.js, port 3001) +- Dashboard, user management, post management, bulk actions +- Moderation queue, AI moderation config/audit, appeals, reports +- Algorithm config tuning + live feed scores viewer +- Categories, neighborhoods, official accounts scheduler +- Storage browser, system health, reserved usernames, safe domains +- Email templates with test send +- Groups and Capsules page (list, member management, deactivate, key rotation status) +- Quip Repair page (list missing thumbnails, server-side FFmpeg repair) --- -## πŸ“‹ Current Status: PRODUCTION READY +## Needs Server Deploy -### βœ… **Completed Features (All Implemented)** -- βœ… **Core Platform**: Go backend, Flutter frontend, PostgreSQL database -- βœ… **Authentication**: JWT with refresh tokens, email verification -- βœ… **Posts & Feed**: Create, edit, delete, visibility, chains, algorithmic feed -- βœ… **Comments**: Threaded conversations with replies -- βœ… **Groups**: Complete group system with categories and permissions -- βœ… **Beacons**: Local safety system with map view and clustering -- βœ… **Quips**: Advanced video recording with TikTok-level features -- βœ… **Profiles**: Modular widget system with customization -- βœ… **E2EE Chat**: X3DH encryption with device sync -- βœ… **Notifications**: FCM for Web and Android -- βœ… **Media**: Cloudflare R2 storage with image/video processing -- βœ… **Search**: Users, posts, hashtags with advanced filtering -- βœ… **Moderation**: AI-powered content safety with OpenAI -- βœ… **Blocking**: Cross-platform block list management -- βœ… **Feed Algorithm**: Positive engagement weighting -- βœ… **Repost/Boost**: Content amplification system +Code is on goSojorn branch, NOT yet live. Run from WSL Ubuntu: -### βœ… **Infrastructure & Operations** -- βœ… **Database**: PostgreSQL with comprehensive schema -- βœ… **Storage**: Cloudflare R2 with CDN -- βœ… **Web Server**: Nginx with SSL/TLS and load balancing -- βœ… **Deployment**: Automated scripts and health checks -- βœ… **Monitoring**: System metrics, error tracking, alerts -- βœ… **Testing**: Integration, performance, and security test suites -- βœ… **Documentation**: Comprehensive guides and API reference - -### βœ… **Security & Privacy** -- βœ… **E2EE**: End-to-end encryption for all chat messages -- βœ… **Authentication**: Secure JWT implementation with refresh tokens -- βœ… **Data Protection**: Encrypted storage and secure key management -- βœ… **Content Safety**: AI moderation with automated flagging -- βœ… **Privacy Controls**: NSFW filtering, user preferences, data retention -- βœ… **Compliance**: GDPR and CCPA ready with user rights + ssh -i ~/.ssh/mpls.pem patrick@116.202.231.103 + cd /opt/sojorn + git pull internal goSojorn + psql "" -f go-backend/migrations/20260218_feed_impressions_and_group_keys.sql + cd go-backend && go build -o bin/api ./cmd/api/... + echo PASSWORD | sudo -S systemctl restart sojorn-api.service --- -## πŸš€ Production Deployment Ready +## Remaining Work -### πŸ“Š Performance Metrics -- **API Response Time**: < 200ms (95th percentile) -- **Throughput**: 1000+ requests/second -- **Database Queries**: < 50ms average -- **Mobile Performance**: < 3s cold start, < 200MB memory -- **Uptime**: 99.9% SLA with health monitoring +### High Priority -### πŸ”§ Technology Stack -- **Backend**: Go 1.21+ with Gin framework -- **Frontend**: Flutter 3.16+ with Riverpod -- **Database**: PostgreSQL 15+ with PostGIS -- **Storage**: Cloudflare R2 with CDN -- **Infrastructure**: Ubuntu 22.04 LTS, Nginx, SSL/TLS +**Audio Overlay System** +- Flutter: AudioLibraryScreen (Device tab + Funkwhale Library tab) +- Flutter: Voice overlay recording + ffmpeg_kit mixing +- Backend: Funkwhale proxy (GET /audio/search, GET /audio/track/:id) +- Infrastructure: Funkwhale Docker pod + Nginx proxy at /funkwhale/ -### πŸ“± Platform Support -- **Web**: Chrome 90+, Firefox 88+, Safari 14+, Edge 90+ -- **Mobile**: Android 8.0+ (iOS 14+ in development) -- **Features**: Full feature parity on Web and Android +**Small Backend Gaps** +- GET /media/sign?path=X endpoint (Flutter getSignedMediaUrl calls this, not yet in Go routes) +- GET /users/by-handle/:handle (used by capsule invite -- verify exists) + +### Medium Priority + +**Flutter Polish** +- sojorn_rich_text.dart -- profile navigation from @mentions +- post_with_video_widget.dart -- post options menu (edit, delete, report) +- video_player_with_comments.dart -- more options button +- reading_post_card.dart -- share functionality + +**Algorithm Transparency** +- Show users why a post appeared in their feed +- A/B testing framework for algorithm weights + +### Low Priority + +**Code Cleanup** +- Delete go-backend/cmd/supabase-migrate/ (dead tool) +- Remove stale Supabase comments in go-backend/internal/middleware/auth.go +- Remove forceResetBrokenKeys() from simple_e2ee_service.dart +- go-backend root: loose check_table.go, seed_groups*.go -- conflicting main, move or delete + +**Infrastructure** +- CI/CD pipeline (currently manual deploy) +- Integration test suite exists but is dead code (internal/testing/) --- -## πŸ“ Development Process +## Completed This Sprint (Feb 17-18, 2026) -### πŸ—οΈ Code Quality -- **Zero TODOs**: All outstanding tasks completed -- **Clean Architecture**: Modular, scalable, maintainable code -- **Testing**: Comprehensive test coverage (unit, integration, E2E) -- **Documentation**: Complete guides and API reference -- **Security**: Regular audits and vulnerability assessments - -### πŸ”„ Continuous Integration -- **Automated Testing**: All commits tested automatically -- **Performance Monitoring**: Real-time metrics and alerts -- **Security Scanning**: Dependency and code vulnerability checks -- **Documentation Updates**: Auto-generated API docs and guides - ---- - -## πŸ—ΊοΈ Future Roadmap - -### 🚧 Version 3.1 (In Progress) -- iOS mobile application development -- Advanced analytics dashboard -- Enhanced moderation tools -- Performance optimizations -- Additional language support - -### πŸ“‹ Version 4.0 (Planned) -- Real-time collaboration features -- Advanced E2EE capabilities -- Enterprise features and admin tools -- Multi-language internationalization -- Advanced personalization options - ---- - -## πŸ“ž Support & Resources - -### πŸ“š Documentation Structure -- **Core Guides**: Development, deployment, E2EE, AI moderation -- **Feature Guides**: Each major feature has comprehensive documentation -- **Architecture**: System design, database schema, API patterns -- **Troubleshooting**: Complete issue resolution guides - -### 🀝 Community & Support -- **Issues**: GitHub issue tracking with detailed templates -- **Discussions**: Community forum for questions and collaboration -- **Documentation**: Regular updates with feature releases -- **Security**: Dedicated security reporting process - ---- - -## πŸŽ‰ Conclusion - -**Sojorn v3.0 represents a complete, production-ready social platform** with: - -- **Modern Technology Stack**: Go backend, Flutter frontend, PostgreSQL database -- **Advanced Features**: TikTok-level video, AI moderation, E2EE chat, local beacons -- **Privacy-First Design**: End-to-end encryption, user controls, data protection -- **Scalable Architecture**: Microservices-ready, cloud-native, performance optimized -- **Comprehensive Testing**: Full test coverage with continuous integration -- **Production Monitoring**: Health checks, metrics, alerts, and observability - -The platform is ready for immediate deployment and can scale to handle production workloads while maintaining security, performance, and user experience standards. - ---- - -**πŸš€ Ready for Launch!** - -All 11 directives have been completed successfully. The platform is production-ready with comprehensive documentation, testing, and monitoring in place. -- [ ] Feed algorithm weights reposts into feed ranking - ---- - -### 8. Algorithm Refactor β€” Promote Good, Discourage Anger -**Status**: Basic algorithm exists in `algorithm_config` table. Needs philosophical overhaul. -Core principle: **Show users what they love, not what they hate.** - -- [ ] Engagement scoring that weights positive interactions (save, repost, thoughtful reply) over rage-clicks -- [ ] De-rank content with high negative-reaction ratios -- [ ] "Cooling period" β€” delay viral anger content by 30min before amplifying -- [ ] Boost content tagged as good news, community, mutual aid, creativity -- [ ] User-controllable feed preferences ("show me more of X, less of Y") -- [ ] Diversity injection β€” prevent echo chambers by mixing in adjacent-interest content -- [ ] Transparency: show users why a post appeared in their feed -- [ ] Admin algorithm tuning panel (already built in admin dashboard) -- [ ] A/B testing framework for algorithm changes - ---- - -## πŸ”§ Low Priority β€” Polish & Cleanup - -### 9. Remaining Code TODOs -Small scattered items across the codebase: - -- [ ] `sojorn_rich_text.dart` β€” Implement profile navigation from @mentions -- [ ] `post_with_video_widget.dart` β€” Implement post options menu (edit, delete, report) -- [ ] `video_player_with_comments.dart` β€” Implement "more options" button -- [ ] `sojorn_swipeable_post.dart` β€” Wire up allowChain setting when API supports it -- [ ] `reading_post_card.dart` β€” Implement share functionality - -### 10. Legacy Cleanup -- [ ] Delete `go-backend/cmd/supabase-migrate/` directory (dead migration tool) -- [ ] Update 2 stale Supabase comments in `go-backend/internal/middleware/auth.go` -- [ ] Remove `forceResetBrokenKeys()` from `simple_e2ee_service.dart` - ---- - -## βœ… Completed - -### Core Platform (shipped) -- βœ… Go backend β€” 100% migrated from Supabase -- βœ… User auth (JWT, refresh tokens, email verification) -- βœ… Posts (create, edit, delete, visibility, chains) -- βœ… Comments (threaded, with replies) -- βœ… Feed algorithm (basic version) -- βœ… Image/video uploads to Cloudflare R2 -- βœ… Follow/unfollow system -- βœ… Search (users, posts, hashtags) -- βœ… Categories and user settings -- βœ… Chain posts -- βœ… Beacon voting (vouch, report, remove vote) -- βœ… E2EE chat (X3DH, key backup/restore) -- βœ… Push notifications (FCM) -- βœ… Quips (basic video recording and feed) - -### Admin & Moderation (shipped) -- βœ… Admin panel (Next.js dashboard, users, posts, moderation queue, appeals) -- βœ… OpenAI text moderation (auto-flag on post/comment creation) -- βœ… Three Poisons scoring (Hate, Greed, Delusion) -- βœ… Ban/suspend system with content jailing -- βœ… Email notifications (ban, suspend, restore, content removal) -- βœ… Moderation queue with dismiss/action/ban workflows -- βœ… User violation tracking and history -- βœ… IP-based ban evasion detection - -### Infrastructure (shipped) -- βœ… PostgreSQL with full schema -- βœ… Cloudflare R2 media storage -- βœ… Nginx reverse proxy + SSL/TLS -- βœ… Systemd service management -- βœ… GeoIP for location features -- βœ… Automated deploy scripts - -### NSFW Moderation System (Feb 7, 2026) -- βœ… AI moderation prompt: Cinemax nudity rule, violence 1-10 scale (≀5 allowed) -- βœ… Three-outcome moderation: clean / nsfw (auto-label + warn) / flag (remove + appeal email) -- βœ… DB: `nsfw_blur_enabled` column on `user_settings` -- βœ… Backend: `is_nsfw`/`nsfw_reason` returned from ALL post queries (feed, profile, detail, saved, liked, chain, focus context) -- βœ… Backend: NSFW posts excluded from search, discover, trending, hashtag pages -- βœ… Backend: NSFW in feed limited to own posts + followed users only -- βœ… Backend: `nsfw_warning` and `content_removed` notification types + appeal email -- βœ… Backend: user self-labeling (`is_nsfw` in CreatePost) -- βœ… Flutter: NSFW opt-in toggle + blur toggle in settings (hidden behind expandable at bottom) -- βœ… Flutter: 18+ confirmation dialog for enabling NSFW (moderation rules, not a free-for-all) -- βœ… Flutter: 18+ confirmation dialog for disabling blur (disturbing content warning) -- βœ… Flutter: 6-click path to enable (profile β†’ settings β†’ expand β†’ toggle β†’ confirm β†’ enable) -- βœ… Flutter: blur enforced everywhere β€” post card, threaded conversation, parent preview, replies -- βœ… Flutter: NSFW self-label toggle in compose toolbar -- βœ… Flutter: `publishPost` API sends `is_nsfw`/`nsfw_reason` - -### Recent Fixes (Feb 2026) -- βœ… Notification badge count clears on archive -- βœ… Notification UI β†’ full page (was slide-up dialog) -- βœ… Moderation queue constraint fix (dismissed/actioned statuses) -- βœ… Debug print cleanup (190+ statements removed) -- βœ… Run scripts cleanup (run_dev, run_web, run_web_chrome) +- Feed cooling period + diversity injection + impression recording +- Video frame upload to R2 (was returning local /tmp path) +- Admin: Groups & Capsules page, Quip Repair page, Algorithm feed scores viewer +- BulkBlockUsers endpoint +- Group feed, key management, member invite/remove, settings endpoints +- Capsule auto key rotation on open + admin modals (rotate, invite, remove, settings) +- Flutter: group navigation, group feed, share_plus, signed URL, quip repair wired to Go +- Health check service wired into routes