Scott.Idem/OSIT-AE-App-Svelte
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

docs: audit and archive completed Journals and Badges projects

Browse Source
This commit is contained in:
Scott Idem
2026-06-12 17:35:02 -04:00
parent fd7ccd7ecc
commit c6ef729c55
11 changed files with 201 additions and 66 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
documentation/AE__Permissions_and_Security.md
View File

@@ -1,6 +1,6 @@
# Aether — Permissions and Security
**Last Updated:** 2026-02-27
**Last Updated:** 2026-06-12
**Source of truth:** `src/lib/ae_utils/ae_utils__perm_checks.ts`, `src/lib/stores/ae_stores.ts`
---
@@ -76,15 +76,18 @@ $ae_loc.adv_mode // boolean — advanced mode toggle
| AE Username + Password | `trusted` and above | Staff with AE accounts |
| Novi UUID | `authenticated` | IDAA members (Novi membership system) |
Passcodes are stored per-level in `$ae_loc.site_access_code_kv`:
```typescript
site_access_code_kv: {
administrator: null, // highest passcode tier
trusted: null, // onsite staff passcode
public: 'public1980', // example
authenticated: 'auth1980'
}
```
### Site Passcode Security Warning
The current frontend receives every site passcode in `access_code_kv_json`, copies the map into
persisted `$ae_loc.site_access_code_kv`, and compares entered passcodes locally. Verbose logging
can also expose the complete map. This is a known active security gap, not the target design.
Do not add new consumers of `site_access_code_kv`, log passcodes, or treat persisted
`access_type` as durable proof of authentication. The target flow verifies passcodes through
`/authenticate_passcode`, stores a signed JWT with a role-specific TTL, and removes passcodes from
the public bootstrap response and client state.
See `documentation/PROJECT__AE_Site_Passcode_Security.md` for the active migration plan.
### `x-no-account-id` — Narrow Transport Exception

9
documentation/MODULE__AE_Events_Badge_Templates.md
View File

@@ -3,7 +3,7 @@
**Module Path:** `src/routes/events/[event_id]/(badges)/templates/`
**API Module:** `src/lib/ae_events/ae_events__event_badge_template.ts`
**Database Table:** `event_badge_template`
**Last Updated:** 2026-03-02
**Last Updated:** 2026-06-12
---
@@ -310,6 +310,10 @@ Controls which fields appear in the print controls panel for non-trusted users,
Valid field keys: `name`, `title`, `affiliations`, `location`, `pronouns`, `allow_tracking`.
This config applies to the onsite print controls. Remote review currently uses
`event.mod_badges_json.edit_permissions` instead. Consolidating or defining precedence between
these two permission sources is tracked in `documentation/TODO__Agents.md`.
---
## Template-Derived Features (component behavior)
@@ -342,7 +346,8 @@ in DB and may be needed:
- `footer_title`, `footer_left`, `footer_right` — not needed (legacy)
- `header_background`, `footer_background` — not needed (legacy)
- `script_src` — do not add; this field should not be used
- `duplex`**add when backend adds the field**
`duplex` is already saved to IDB and drives single-sided rendering.
---

30
documentation/MODULE__AE_Events_Badges.md
View File

@@ -58,13 +58,25 @@ Aether acts as a **Pull-Only** consumer for registration data. It does not push
| Level | Access |
|---|---|
| **Authenticated** | View own badge, limited self-edit (overrides only). |
| **Trusted** | Search all badges, view all, reprint existing badges. |
| **Administrator** | Full CRUD, bulk operations, override any field. |
| **Manager** | All Admin + Event/Template configuration. |
| **Public kiosk** | View badge and perform the first print; cannot edit fields without authenticated access. |
| **Authenticated** | Edit fields allowed by the active permission config. |
| **Trusted** | Search all badges, view all, and correct names; reprint requires global Edit Mode. |
| **Administrator** | Full CRUD, bulk operations, and override access. |
| **Manager** | All Administrator capabilities plus Event/Template configuration. |
### Attendee Self-Service (`/review`)
Attendees can access their own record via a passcode-gated link (typically `?passcode=...`). This allows them to verify their info and provide preferred name/title overrides before printing.
Attendees can access their own record via a passcode-gated link (typically `?passcode=...`).
Editable fields come from `event.mod_badges_json.edit_permissions`, with module defaults as fallback.
### Onsite Kiosk (`/print`)
The print controls update the badge preview live. Authenticated field editing is controlled by the
badge template's `cfg_json.controls_cfg` (`shown` and `auth_editable`). Trusted + global Edit Mode
overrides the template config and exposes all controls. This differs from the review page's
event-level permission source; consolidation is an active follow-up.
### Review-Link Email
Email Link actions are placeholders and do not currently send mail. When delivery is implemented,
it must use the imported `event_badge.email` address, never attendee-editable `email_override`.
---
@@ -101,7 +113,13 @@ The badge type dropdown in the search form uses a **hardcoded list**, not the te
---
## Print Tracking
## Print Rendering and Tracking
- The canonical badge render uses binary-search text fitting for name, title, affiliations, and location.
- Template `show_qr_front`/`show_qr_back` settings control QR placement.
- Template `style_href` loads event-specific CSS on the print page.
- Template `duplex = false` suppresses the badge back for single-sided stock.
- Chromium PDF proofing requires margins set to None; physical printer paper size remains driver-controlled.
Aether tracks the lifecycle of every physical badge to prevent unauthorized reprints and monitor kiosk activity.

37
documentation/MODULE__AE_Journals.md
View File

@@ -13,8 +13,9 @@ This module manages private personal journals and journal entries with offline-f
- Journal and journal-entry CRUD via V3 API wrappers.
- Dexie-backed local cache with liveQuery-driven UI updates.
- Private/passcode-aware access behavior.
- Entry editing flows including auto-save configuration.
- Private/passcode-aware access behavior and client-side content encryption.
- Quick Add, Append/Prepend, import/export, and entry auto-save workflows.
- Tabbed module, journal, and entry configuration modals.
---
@@ -38,15 +39,43 @@ Related config map:
---
## Implemented Entry Workflows
- Quick Add creates a plaintext note in a selected journal without opening the full editor.
- Append/Prepend injects timestamped content into an existing entry.
- Bulk import creates entries from parsed files; export supports centralized templates.
- Entry edits support debounced auto-save when `journals_loc.entry.auto_save` is enabled.
- Full entry saves encrypt `content` into `content_encrypted` when the entry's `private`
flag is enabled; disabling `private` clears encrypted content/history fields.
- The non-reactive `decrypt_journal_entry()` helper isolates decryption from Svelte effects.
- Entry configuration exposes Actions, Metadata, Security, and JSON views. Trusted users
can Remove (disable); managers and administrators can hard Delete.
## Current Security Limitations
- `passcode_hash` is editable but is not compared as secondary authentication before
decryption. This remains an active task.
- Quick Add explicitly creates entries with `private: false`; import creates plaintext
content without setting encryption fields. These paths do not currently offer E2EE.
- Successful decryption currently logs a short plaintext preview to the browser console.
Removal is tracked as an active privacy fix.
- Outbound email sharing is not implemented and requires a product/security decision
because journal content is private.
---
## Access and Privacy
Journals contain private personal data. Treat all journal and journal-entry routes as authenticated/private content.
Journals contain private personal data. The Journals layout renders module content only when
the user has `user_id`, `person_id`, and `trusted_access`. Treat all journal and journal-entry
routes, API responses, decrypted state, logs, exports, and future sharing features as private.
---
## Related Docs
- `documentation/PROJECT__AE_UI_Journals_Module_Update_2026.md`
- `documentation/archive/PROJECT__AE_UI_Journals_Module_Update_2026.md`
- `documentation/TODO__Agents.md`
- `documentation/GUIDE__SvelteKit2_Svelte5_DexieJS.md`
- `documentation/GUIDE__AE_API_V3_for_Frontend.md`
- `documentation/BOOTSTRAP__AI_Agent_Quickstart.md`

14
documentation/MODULE__AE_Journals_Config_Map.md
View File

@@ -53,9 +53,23 @@ This document tracks all available settings across the three levels of the Journ
| `sort` | integer | Manual sort order weight. | Manual (Done) |
| `archive_on` | datetime | Scheduled date for automatic archiving. | Manual (Done) |
| `private` | boolean | Trigger for E2EE (Encryption). | Manual (Done) |
| `content_encrypted` | encrypted string | Encrypted entry content written during a full save when `private` is enabled. | Generated on save |
| `history_encrypted` | encrypted string | Encrypted entry history when history encryption is available. | Generated on save |
| `passcode_hash` | string | Entry-level secondary-auth field; comparison logic is not yet implemented. | Manual (Done) |
| `alert` | boolean | Trigger for visual "Alert" state. | Manual (Done) |
| `group` | string | Grouping key for the list view. | Manual (JSON only) |
## Encryption Behavior and Gaps
1. Full entry saves combine the journal `passcode` and `private_passcode` to encrypt
plaintext content when the entry's `private` flag is enabled.
2. Decryption prefers a passcode typed in the current session, then falls back to the
journal `private_passcode`; the journal `passcode` is combined with that private key.
3. `passcode_hash` secondary-auth comparison is pending and must not be described as enforced.
4. Quick Add currently forces `private: false`, and bulk import creates plaintext entries
without encryption fields. Use the full editor to enable encryption until those workflows
are updated.
## 📐 Data Normalization Rules
To prevent infinite reactivity loops and trivial save cycles, the following normalizations are applied before comparison:
1. **Strings:** Trimmed and `null` treated as `""`.

31
documentation/PROJECT__AE_Site_Passcode_Security.md
View File

@@ -1,8 +1,14 @@
# PROJECT: Site Passcode Security — API-Verified Auth
**Last Updated:** 2026-04-10
**Status:** Backend work in progress — frontend pending backend completion
**Priority:** High — passcodes for trusted/administrator access currently in localStorage plaintext
**Last Updated:** 2026-06-12
**Last Verified Against Frontend Source:** 2026-06-12
**Status:** Active security gap — frontend migration not started
**Priority:** High — passcodes for trusted/administrator access currently remain in localStorage plaintext
The frontend still caches `access_code_kv_json`, compares passcodes locally, and can log the
full passcode map when verbose logging is enabled. No frontend call to `/authenticate_passcode`
or passcode-JWT expiry restoration exists. Backend implementation is documented as completed,
but deployment must be confirmed in the backend repository/environment before frontend cutover.
---
@@ -81,7 +87,11 @@ This gives session expiry without a network call on every page load.
## Backend Changes Required
**Note:** The backend fixes described below have been implemented and tested in the `aether_api_fastapi` repository (the `/authenticate_passcode` endpoint now uses explicit role priority, returns a full passcode JWT with `auth_type: 'passcode'`, applies per-role TTLs, and validates passcode length). Frontend changes can proceed once the backend deployment with these fixes is available.
**Backend status note:** The fixes below were reported implemented and tested in the
`aether_api_fastapi` repository. This frontend-only audit did not verify the backend source or
deployment. Confirm that the deployed `/authenticate_passcode` uses explicit role priority,
returns a complete passcode JWT with `auth_type: 'passcode'`, applies per-role TTLs, and validates
passcode length before starting frontend cutover.
### Backend Agent Follow-Up
@@ -316,6 +326,19 @@ async def authenticate_passcode(
---
## Frontend Implementation Status
Verified 2026-06-12:
- [ ] Confirm the corrected backend endpoint is deployed and reachable.
- [ ] Replace local passcode comparison with API verification and JWT storage.
- [ ] Add pending/error UI for passcode authentication.
- [ ] Stop copying `access_code_kv_json` into frontend auth state.
- [ ] Validate passcode JWT expiry during session restoration.
- [ ] Remove `site_access_code_kv` from auth store defaults and types.
- [ ] Remove any logging of passcode maps or entered passcodes.
- [ ] Backend Phase 2: remove `access_code_kv_json` from the public bootstrap model.
## Frontend Changes Required
**These depend on the backend fixes above being deployed first.**

12
documentation/PROJECT__Documentation_Refresh_and_Archive_Plan_2026.md
View File

@@ -49,6 +49,14 @@ Do not delete historical context; move to `documentation/archive/` with clear na
- Added `documentation/archive/README.md` to explain archive categories and restoration policy.
- Renamed `AE__Docker_CI_Cache_Policy.md` -> `GUIDE__Docker_CI_Cache_Policy.md`.
- Renamed `AE__UI_UX_future_ideas.md` -> `PROPOSAL__AE_UI_UX_Future_Ideas.md`.
- Audited the Journals UI update against current source and archived
`PROJECT__AE_UI_Journals_Module_Update_2026.md`; remaining security work was moved to
the active task list and module documentation.
- Audited the Badges review/print project against current source and archived
`PROJECT__AE_Events_Badges_Review_Print.md`; email delivery and permission-source
unification remain active follow-ups.
- Audited Site Passcode Security against current source. It remains an active high-priority
project because plaintext client storage and local passcode comparison are still present.
### Next archive candidates (review + approve)
- Older style-review snapshots once current style guide references are centralized.
@@ -65,7 +73,7 @@ Monthly lightweight review:
## 5) Immediate Follow-Up Tasks
1. Run a quarterly archive review: identify stale `PROJECT__` docs with no TODO or index linkage and move them to `documentation/archive/`.
2. Review `AE__Permissions_and_Security.md` against current permission helpers and IDAA authentication behavior.
1. Continue quarterly archive reviews for remaining stale `PROJECT__` docs; the Journals and Badges projects were archived on 2026-06-12, while Site Passcode Security remains active.
2. Continue the broader permission-helper and IDAA authentication review; the Site Passcode section was source-verified on 2026-06-12.
3. Review module docs against current routes and store names rather than relying only on filename/header freshness.
4. Add a lightweight reusable link-check script if manual path validation becomes frequent.

2
documentation/README__Docs_Index.md
View File

@@ -55,8 +55,6 @@ Use this file as the routing map for project documentation.
- `documentation/PROJECT__IDAA_Stores_Svelte5_Migration_2026.md`
- `documentation/PROJECT__Use_AE_API_V3_CRUD_upgrade.md`
- `documentation/PROJECT__AE_Events_PressMgmt_Config_Cleanup.md`
- `documentation/PROJECT__AE_Events_Badges_Review_Print.md`
- `documentation/PROJECT__AE_UI_Journals_Module_Update_2026.md`
- `documentation/PROJECT__AE_Object_Field_Editor_V3_upgrade.md`
- `documentation/PROJECT__AE_Site_Passcode_Security.md`

32
documentation/TODO__Agents.md
View File

@@ -72,6 +72,16 @@ wrong to users.
- [x] **[Badges] Epson C3500 fanfold badge layout** — `badge_4x6_fanfold` layout CSS created,
wired, and documented. First live use: Axonius Adapt DC, June 9, 2026. (2026-05-15)
### Badges follow-ups
- [ ] **[Badges] Implement review-link email delivery** — current Email Link actions only show
placeholder alerts. Send to `event_badge.email`, never the attendee-editable `email_override`.
- [ ] **[Badges] Unify review and kiosk edit permissions** — remote review reads
`event.mod_badges_json.edit_permissions`; print controls read template `cfg_json.controls_cfg`.
Define precedence or consolidate them so both flows enforce one documented policy.
- [ ] **[Badges] Use template badge types in search filter** — replace the hardcoded badge-type
list in `ae_comp__badge_search.svelte` with the active template's `badge_type_list`.
---
## 🚧 V3 CRUD Migration (Surgical Cleanup)
@@ -85,6 +95,19 @@ Finalizing the 100% adoption of V3 Standard endpoints and retirement of legacy w
## 🚧 High Priority Workstreams
### [Security] Site Passcode JWT Migration
- [ ] **[Security] Verify `/authenticate_passcode` deployment** — confirm explicit role priority,
complete role flags, `auth_type: 'passcode'`, per-role TTLs, and minimum length validation.
- [ ] **[Security] Replace local passcode comparison** — migrate
`e_app_access_type.svelte` to server verification, JWT storage, and pending/error UI.
- [ ] **[Security] Remove client-side passcode delivery/storage** — stop caching
`access_code_kv_json`, remove `site_access_code_kv` from auth state, and remove passcode logging.
- [ ] **[Security] Enforce passcode JWT expiry on restore** — expired passcode sessions must
return to anonymous without affecting user-login JWT handling.
Reference: `documentation/PROJECT__AE_Site_Passcode_Security.md`.
### [Stores] Svelte 4 → Svelte 5 State Migration
The app uses `svelte-persisted-store` (coarse reactivity). Migration target: replace with Svelte 5
`PersistedState` (from `runed`) for fine-grained updates. See `PROJECT__Stores_Svelte5_Migration.md`.
@@ -120,6 +143,15 @@ uses `build_tmp_sort` (overrides generic encoding in its `specific_processor`).
### [Journals] Journal Entry Config follow-ups
- [ ] **[Journals] Entry passcode secondary auth** — implement `passcode_hash` comparison.
- [ ] **[Journals] Quick Add/import encryption behavior** — both creation paths currently
create plaintext entries; define the intended privacy UX and add encryption support before
claiming that these paths honor entry E2EE.
- [ ] **[Journals] Remove decrypted-content console preview** —
`ae_journals_decryption.ts` logs the first 30 plaintext characters after successful decryption.
Never log private journal content.
- [ ] **[Journals] Confirm outbound email-sharing requirement** — the archived UI project listed
this as unfinished, but no implementation exists. Confirm product/security requirements before
creating an email workflow for private journal content.
---

55
documentation/PROJECT__AE_Events_Badges_Review_Print.md → documentation/archive/PROJECT__AE_Events_Badges_Review_Print.md
View File

@@ -1,11 +1,17 @@
# PROJECT: AE Events Badges — Review Form & Print Font Controls
# Archived Project: AE Events Badges — Review Form & Print Font Controls
**Created:** 2026-02-27
**Last Updated:** 2026-03-18
**Completed and Archived:** 2026-06-12
**Last Verified Against Source:** 2026-06-12
**Branch:** `ae_app_3x_llm`
**Priority:** HIGH — first live event is Axonius, NYC, mid-April 2026
**Owner:** Scott Idem / One Sky IT
**Status:** ✅ TASK 1 COMPLETE | ✅ TASK 2 COMPLETE | ✅ TASK 3 COMPLETE | ✅ TASK 4.1 COMPLETE | ⏳ TASK 4.0 OPEN
**Status:** Complete — review form, kiosk controls, auto-scaling, QR rendering, layouts, and print tracking are implemented.
The original project scope is complete and this document is retained as implementation history.
Current behavior is documented in `documentation/MODULE__AE_Events_Badges.md` and
`documentation/MODULE__AE_Events_Badge_Templates.md`. Remaining email-delivery and permission-config
unification work is tracked in `documentation/TODO__Agents.md`. Planning statements later in this
archived document describe the state at the time they were written and are not current instructions.
---
@@ -44,32 +50,24 @@ Both flows should respect the same permission model:
- Permissions are configured per-event in `event.mod_badges_json.edit_permissions`.
Hardcoded defaults are used until that config is implemented.
**Current gap (TASK 4):** The print page edit button is currently gated to trusted_access only.
It needs to be accessible to attendees at the kiosk (with appropriate field-level gating),
matching the permission model already implemented in `ae_comp__badge_review_form.svelte`.
**Task 4 outcome:** The print controls now implement field-level editing. Authenticated users
can edit template-approved fields, trusted staff can correct names, and trusted staff in global
Edit Mode can edit all fields. First printing is available at public kiosk access; reprinting
requires trusted access plus Edit Mode. Remote review uses event-level `edit_permissions`, while
the print controls currently use template-level `controls_cfg`; unification is tracked separately.
---
## Next Up for Badges (TASK 4)
## Task 4 Outcomes
### 0. Kiosk Editing — Print Page Permission Model Alignment
**This is the most important gap before the first live event.**
### 0. Kiosk Editing — Complete
Currently the print page edit button is staff-only (trusted_access gate). At the kiosk,
attendees need to be able to edit their own fields (same attendee-level permissions as the
review form), with staff-only fields gated appropriately.
`ae_comp__badge_print_controls.svelte` provides the inline controls and live preview. Its default
authenticated fields are title, affiliations, location, lead tracking, and pronouns; template
`controls_cfg` can narrow the fields shown and editable. Email delivery remains a placeholder;
when implemented it must send to `event_badge.email`, never `email_override`.
Work needed:
- Wire the same `can_edit_fields` / `can_edit(field)` permission logic into the print page
that `ae_comp__badge_review_form.svelte` already uses.
- The edit panel on the print page should show attendee-editable fields to all authenticated
users, and staff-only fields to trusted_access+.
- The badge render (v1 or v2) should update live as the attendee edits fields.
- Consider whether the print page needs its own inline edit panel (sidebar or overlay)
or whether it should share/reuse the review form component alongside the badge render.
- **Do NOT use `email_override` as the send-to address** — always use `event_badge.email`.
### 1. Auto-Scaling Badge Text — In Progress
### 1. Auto-Scaling Badge Text — Complete
`ae_comp__badge_obj_view.svelte` using `element_fit_text.svelte` (binary search auto-scale).
Toggle between v1 (heuristic) and v2 (auto-scale) on the print page via the `v1`/`v2` header button.
Heights tuned per layout in `fit_heights` derived object. Still needs visual tuning with real badges.
@@ -105,10 +103,11 @@ badge data, gated by `allow_tracking` on the badge.
## Implementation Status
### TASK 4.0: Kiosk Editing — NOT STARTED (updated 2026-03-18)
Print page edit access needs to be opened to attendee-level permissions, not just trusted_access.
The permission model, field list, and `can_edit()` helper from `ae_comp__badge_review_form.svelte`
should be the reference. See Design Intent section above.
### TASK 4.0: Kiosk Editing — COMPLETE (verified 2026-06-12)
The print controls implement authenticated field editing, trusted name correction, trusted + Edit
Mode full editing, and live preview. The print path uses template `controls_cfg`; the review path
uses event `mod_badges_json.edit_permissions`. Aligning those configuration sources is a follow-up,
not a blocker to the completed kiosk controls.
**Note (2026-03-18):** `style_href` and `duplex` are both fully implemented and verified in code —
the MODULE doc TODO list was stale. `duplex` is in `properties_to_save`; v2 badge render gates

22
documentation/PROJECT__AE_UI_Journals_Module_Update_2026.md → documentation/archive/PROJECT__AE_UI_Journals_Module_Update_2026.md
View File

@@ -1,9 +1,15 @@
# Aether Journals UI Update (2026)
# Archived Project: Aether Journals UI Update (2026)
> **Status:** 🚧 Phase 4 Active (Security/Encryption Blockers remain; Journal Entry config rework in progress)
> **Last Updated:** 2026-05-05
> **Status:** Completed and archived 2026-06-12
> **Last Verified Against Source:** 2026-06-12
> **Primary Agent:** Frontend SvelteKit Agent
The UI modernization scope is complete: V3 CRUD, Quick Add, Append/Prepend,
import/export, auto-save, configuration modals, decryption isolation, and the
Journals style pass are implemented. Unfinished security and product follow-ups
were transferred to `documentation/TODO__Agents.md`; current operational behavior
and limitations live in `documentation/MODULE__AE_Journals.md`.
## 1. Project Overview
This document outlines the modernization of the Journals module UI in the SvelteKit frontend (`aether_app_sveltekit`). The primary goals are to fully leverage the generic V3 API architecture and introduce high-velocity productivity features for journal management.
@@ -29,7 +35,7 @@ This document outlines the modernization of the Journals module UI in the Svelte
* **Definitions:** `app/ae_obj_types_def.py` -> `app/object_definitions/journals.py`
* **Endpoints:** `/v3/crud/journal/...` and `/v3/crud/journal_entry/...`
### Frontend (In Progress)
### Frontend (Completed UI modernization scope)
* **State Management:** `src/lib/ae_journals/ae_journals_stores.ts`
* **Local Storage:** Dexie.js (`db_journals`)
* **API Client:** `src/lib/api/api.ts` -> `get_ae_obj`
@@ -68,7 +74,7 @@ This document outlines the modernization of the Journals module UI in the Svelte
- [x] Implement Bulk Export/Import system.
- [x] Establish centralized Export Template engine.
### Phase 4: Polish & Security (ACTIVE)
### Phase 4: Polish & Security (UI scope complete; security follow-ups transferred)
- [x] Implement Auto-Save toggle and visual status indicators.
- [x] Extract decryption workflow to non-reactive helper.
- [x] **Standardize Configuration Modals:** Refactored Module, Journal, and Entry configuration into a unified tabbed UI.
@@ -81,9 +87,9 @@ This document outlines the modernization of the Journals module UI in the Svelte
- [x] **Dark mode fixes:** Entry content hover, journal view section/description background and text colors.
- [x] **Modal close button:** All 3 config modals use `dismissable={false}` + explicit `<X>` button in header snippet for correct right-aligned placement.
- [x] **Global select padding:** Added `padding-inline: 0.5rem` to `@layer base` in `app.css` (safe — utility `px-*` classes override it where intentional).
- [ ] Solidify E2EE passcode system for Journals and Entries.
- [ ] Audit encryption flow for Quick Added and Imported entries.
- [ ] Integrate Outbound Email sharing.
- [ ] Solidify E2EE passcode system for Journals and Entries. See active task list.
- [ ] Audit encryption flow for Quick Added and Imported entries. See active task list.
- [ ] Integrate Outbound Email sharing. Deferred pending product confirmation.
---