Root cause: run_cmd uses exec() which blocks until the child exits. The
direct VLC binary forks its GUI process and exits — exec returns and the
post_script begins. The old post_script polled for VLC focus (up to 10s)
then sent Cmd+F, which fired mid-playback and stopped the video.
Fix 1 — nohup + &: detaches VLC from exec immediately so run_cmd returns
in ~0ms. This decouples the launcher flow from VLC's lifecycle.
Fix 2 — --fullscreen flag: VLC opens fullscreen directly via CLI option.
Eliminates the Cmd+F keystroke that was the proximate cause of the stop.
Fix 3 — > /dev/null 2>&1: silences VLC's verbose logging to prevent
exec's 1MB stdout buffer from overflowing and killing the process.
post_script simplified to a single `tell application "VLC" activate`
to bring VLC to the foreground after the 3s startup delay.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Adds a presenter-accessible "Reset Apps" button to menu_launcher_controls
that is always visible (no edit mode required). Kills presentation apps
(PowerPoint, Keynote, Acrobat, VLC, soffice) — critical recovery path for
presenters stuck on stage with a frozen app.
Also: warning colors on All Files / All Sessions when showing non-default
(hidden) content, and state-aware tooltips on the Display Mode toggle that
describe current state and what pressing will do.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Kills the standard conference presentation app set between sessions:
Microsoft PowerPoint, Keynote, Adobe Acrobat Reader DC, VLC, soffice.
- Calls native.kill_processes({ process_name_li }) via existing relay
- Process list overridable per device via event_device.other_json.launcher.kill_process_li
- Button lives in Native OS config > System Actions (edit mode only)
- Reuses system_status for feedback — shows which apps are being killed
- Original list recovered from git history of legacy architecture docs
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Tooltip now shows file size, created/updated timestamps, and open_in_os
setting alongside the existing SHA256 and hosted ID info.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- open_in_os='win' now routes to Windows launch profiles (pptxwin/pptwin/odpwin/pdfwin)
via WIN_EXTENSION_MAP in get_launch_profile() — was silently ignored before
- Display override migrated from non-existent cfg_json backend field to localStorage
($events_loc.launcher.file_display_overrides) — only visible in edit mode; TODO added
for proper backend column when event_file gains cfg_json
- Onsite mode WIN extension rename now covers all 4 types (pptx, ppt, odp, pdf)
instead of only pptx/ppt
- open_in_os button shows LoaderCircle spinner during API call
- Remove cfg_json from properties_to_save (column does not exist on event_file table)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Without this, the button depended on the liveQuery round-trip to show
the new state — invisible on stale IDB caches that predate the cfg_json
properties_to_save fix. Now mutates event_file_obj locally on click so
the button reflects the new state immediately, with the background
refresh as confirmation.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
open_in_os = 'win': get_launch_profile() now maps pptx→pptxwin, ppt→pptwin,
odp→odpwin, pdf→pdfwin when open_in_os is 'win', routing to the Windows-variant
launch profiles (Parallels/CrossOver). Was never wired in native mode — feature
was silently lost in the MasterKey→Launcher port.
cfg_json missing from properties_to_save: the per-file display override was
always read as undefined from Dexie because cfg_json was never saved. Added
cfg_json to properties_to_save so display_override and any other cfg fields
persist correctly. NOTE: IDB_CONTENT_VERSIONS for event_file is not yet wired;
existing devices need a manual cache clear to pick up the new field.
Display override button: removed $ae_loc.is_native gate — must be configurable
from any device ahead of the event, not only on the podium Mac.
Display toggle persistence: quick_display_mode now reads from and writes to
$events_loc.launcher.display_mode so the last-set state survives page reloads
instead of always defaulting to 'extend'.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
All app post-scripts called activate once before the poll loop, then only
checked `frontmost` passively. When Electron retains focus (common when the
app is spawned via run_cmd), macOS focus-stealing prevention blocks the one-
shot activate and VLC/PowerPoint/etc. never come to front. The poll loop
times out and fires the keystroke at Electron instead.
Fix: move activate inside the repeat loop so it re-fires every 0.5s until
macOS yields focus. Also bumped VLC post_delay_ms 1000→2000 and iterations
15→20 for slow conference machines.
Affected profiles: VLC (mac), PowerPoint (mac), LibreOffice (mac+win),
Acrobat (mac+win).
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Combine Extend/Mirror into a single toggle button, moved behind edit_mode
- All edit-mode controls (All Files, All Sessions, Display) now share consistent preset-tonal-tertiary styling
- Remove the always-visible display row and its non-native-mode disclaimer
- Wrap Menu_launcher_controls in mt-auto to keep it pinned to the bottom of the sidebar regardless of session count
- Add min-w-20 to file size chip to prevent collapse on narrow sessions
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Moved PROJECT__AE_Events_Badges_Config_Cleanup.md to archive.
- Updated PROJECT__Use_AE_API_V3_CRUD_upgrade.md with latest audit and migration status.
- Migrated ae_comp__event_presenter_form_agree.svelte to modern V3 update_ae_obj helper.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Archived completed May 2026 tasks and streamlined the active list to
focus on upcoming events and the final V3 API surgical cleanup.
- Created TODO__Agents__ARCHIVE_2026-05.md with completed items.
- Streamlined TODO__Agents.md for active show support (CMSC, Axonius).
- Added V3 CRUD migration tracking for core site and utility helpers.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Standardized documentation structure for Badges and Leads modules into
focused technical references and practical onsite guides.
- Refined MODULE__AE_Events_Badges.md (Core data integrity & sync logic)
- Renamed MODULE__AE_Events_Exhibitor_Leads.md to MODULE__AE_Events_Leads.md
- Renamed MODULE__AE_Events_Badges_Onsite.md to GUIDE__AE_Events_Badges_Onsite.md
- Expanded GUIDE__AE_Events_Onsite_Runbook.md with Badge and Leads sections.
- Maintained all critical business logic, including the 'Override Fields' pattern.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Split the monolithic MODULE__AE_Events_PressMgmt_Launcher.md into focused,
granular modules to improve maintainability and onsite utility.
- Created MODULE__AE_Events_Presentation_Management.md (Back-office focus)
- Created MODULE__AE_Events_Launcher.md (Podium display focus)
- Created GUIDE__AE_Events_Onsite_Runbook.md (SRR and onsite workflows)
- Promoted PROJECT__AE_Events_Launcher_Native_integration.md to
MODULE__AE_Events_Launcher_Native.md (Permanent technical reference)
- Renamed 'Press Mgmt' references to 'Presentation Management' for clarity.
- Removed redundant README.md in launcher route.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Onsite operators can now manually trigger a full pre-sync of all location
materials via a "Force Sync Location" button in the Launcher config.
This ensures podium Macs have all content cached before an event starts.
- Added trigger__force_location_sync to launcher session store.
- Implemented force_location_sync() in background sync engine to perform
recursive metadata fetches for all sessions in a location.
- Optimized download queue with a 4-tier chronological sort:
1. Event/Location assets (Global)
2. Sessions by start time (Earliest first)
3. Presentations by start time (Sequential order)
4. File creation date (First-in fairness for on-time uploads)
- Updated module and native integration documentation.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
TODO__Agents.md:
- Added the two additional fixes from the review pass to the PATCH/DELETE
retry hardening entry: default timeout 60s→20s, and DELETE missing
ae_auth_error banner on 401/403.
BOOTSTRAP__AI_Agent_Quickstart.md:
- Added mistake #13: breaking the API retry loop by returning errors from
the TypeError/AbortError block instead of throwing them. Documents the
Jan 2026 regression (commit a10accfaa), the three retry classes that must
be preserved, and a quick verification method.
- Filled the gap at item #7 (was missing, causing off-by-one numbering
from item 8 onward). Items renumbered 8-14 → 7-13.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Two gaps found during review of the recent retry-hardening commits:
1. api_patch_object.ts and api_delete_object.ts still defaulted to 60s
timeout while GET/POST were lowered to 20s. No callers set an explicit
timeout, so the default was the only value used. With retry_count=5 and
the new backoff policy, 60s per attempt = 5+ minutes worst-case wait.
Lowered to 20s to match GET/POST and keep worst-case under ~2 minutes.
2. api_delete_object.ts had no ae_auth_error import and no session-expired
banner on 401/403. A stale-session DELETE would silently return false
with no user feedback. Added browser + ae_auth_error imports and the
ae_auth_error.set() call matching the pattern in GET/POST/PATCH.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
The Jan 2026 "offline-first fast-paths" commit (a10accfaa) inadvertently
broke retries for transient network failures (ERR_NETWORK_CHANGED, WiFi
roam events, etc.). The original code's .catch() returned undefined, which
fell through to the `if (!response) throw` path and correctly entered the
retry loop. After a10accfaa, .catch() returned the error as a value, and
the subsequent `instanceof Error` check returned false immediately —
bypassing all retries for the most common failure mode in
hotel/conference environments.
Changes:
- TypeError now throws into the retry loop instead of returning false
- AbortError still returns false immediately (intentional cancel, no retry)
- Per-attempt AbortController: moved inside the loop in both files so each
retry gets its own independent timeout (previously GET retries had no
timeout at all after the first attempt's clearTimeout ran)
- clearTimeout() added to catch block so timer is always cancelled on error
- Exponential backoff added: 2s→4s→6s→8s (capped) between attempts;
rapid retries on a flaky network accomplish nothing without a delay
- Default timeout lowered: 90s → 20s (generous for search/GET but avoids
the 90s worst-case hang that amplified ERR_NETWORK_CHANGED exposure)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
"Try Again" resets auto_retry_count but reuses the same localStorage state — if
ae_loc or ae_idaa_loc holds a stale account_id or api_secret_key, every retry
fails identically and the user is stuck in an infinite error loop.
New button clears ae_loc + ae_idaa_loc from localStorage and db_events.event
from IDB, then reloads via the sessionStorage-preserved UUID URL (same logic as
the IDAA layout's Clear Cache & Reload). Forces a fresh FQDN handshake and
re-derives correct auth state. Guidance text shown so users know to try it when
Try Again keeps failing.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- macOS: Uses direct binary path (/Applications/VLC.app/Contents/MacOS/VLC)
with --no-play-and-exit --play-and-pause flags and AppleScript fullscreen toggle.
Confirmed working: pause on last frame, stays in window.
- Linux: Uses shell command (vlc --no-play-and-exit --play-and-pause).
Known issue: not going fullscreen, not pausing on end. Deferred for later
investigation of flag interpretation vs launcher execution layer.
- Created separate profile constants: VLC_MIRROR_MAC_PROFILE and
VLC_MIRROR_LINUX_PROFILE in ae_launcher__default_launch_profiles.ts
- Updated TODO__Agents.md with Linux VLC issue for future debugging
Files: ae_launcher__default_launch_profiles.ts, documentation/TODO__Agents.md
- Add Extend/Mirror toggle to Native OS config section (always visible,
no Technical Mode required). Default: Extend. State updates on success.
- Replace .catch(() => {}) swallowing with console.warn logging on both
set_display_layout call sites so failures appear in the Electron console
- Remove old edit-mode-only Extend button (replaced by new toggle)
- Update PROJECT doc: displayplacer install note, binary lookup order, GitHub link
- Clean up TODO__Agents.md: resolve stale items, add new low-priority Electron items
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
set_wallpaper: update signature in PROJECT doc (§5.3 and §7) — actual params
are {path?, url?, url_external?, display?, api_key?, account_id?}, not just {path}.
set_display_layout: clarify in PROJECT doc (§5.3 and §7) — now auto-detects
displays via displayplacer list; configStr is optional manual override, not required.
MODULE profiles table: correct post_delay_ms values (Mac 2000→1000ms,
Win 3000→1500ms) and add polling-loop note explaining the new timing behavior.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
ring-1 uses CSS box-shadow which nearly disappears when the UI is scaled
down through VNC. Switched all preset chips and action buttons to border-2
so they remain clearly distinct at reduced resolution.
preset-tonal-surface + border-2 border-surface-400 for unselected chips;
disabled:opacity-60 (vs default 50) on Save & Apply so it is still
identifiable as a button when no URL is entered yet.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
`open -a App` returns immediately; a fixed delay is unreliable for cold starts.
Each post_script now polls every 500 ms (up to 7.5 s) until the target process is
frontmost before firing the automation keystroke. Keynote polls document count
instead of frontmost since start(front document) requires the file to be loaded.
Mac profiles: post_delay_ms 2000 → 1000. Win/Parallels profiles: 3000 → 1500.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Bumps chip buttons h-6→h-8 with text-xs and ring-1 borders so active/inactive
states are clearly distinct at VNC/remote scale. Save & Apply bumped to h-10
text-sm. Fixes: /50 opacity modifier in class: directives (uses class expression
instead), stale svelte-ignore comments replaced with onkeydown handlers, each
block key added. Documents wallpaper repeat-apply macOS caching bug in TODO with
workaround and fix location (Electron temp filename).
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Replaces free-text-only inputs with quick-select preset chips (1 primary,
4 client external/projector) that populate the URL field on click.
Consolidates Save/Apply/Save&Apply/Restore into a single Save & Apply
primary button plus an icon-only Restore button. All status messages
merged into one shared state variable.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
All Access Denied root causes fixed and deployed 2026-05-19. 503 auto-retry
regression also documented and fixed same session.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
CLIENT__IDAA_and_customized_mods.md:
- Verification Flow: describe Aether proxy call, not direct browser-to-Novi fetch
- Replace old fetch() code snippet with new Aether endpoint call
- Update novi_idaa_api_key / novi_api_root_url field descriptions (server-side only now)
- Security notes: key never sent to browser; shape changes go in backend method
- Rate limit note: 12h TTL (was 5-min), add 503 auto-retry behavior
- Fix Redis cache key: idaa:novi_member:{uuid} (account_id was dropped from key)
GUIDE__AE_API_V3_for_Frontend.md §12:
- 503 frontend action: auto-retry once after 3s before api_error
- Mark migration section complete (2026-05-19); update table to show retry behavior
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Before: a 503 response from /v3/action/idaa/novi_member/{uuid} hit !response.ok
immediately, set verify_failed_for_uuid, and showed "Verification Unavailable" —
no automatic retry. In the old client-to-Novi flow an unreachable server threw
TypeError (auto-retried); the new server-side path returns a clean HTTP 503
(plain Error), bypassing the is_network_or_timeout branch.
After: 503 gets the same 3s wait + one retry that network/timeout errors get.
Only if the retry also 503s does it fall through to the error UI.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
The server-side migration removed the old novi_idaa_api_key check, which was
also acting as an implicit 'is IDAA configured here?' guard. Without it, any
domain that resolves (including ghost/domain-not-found with account_id='ghost')
would fire the Aether endpoint and get an error response, showing 'Verification
Unavailable' over the root layout's 'Domain Not Found' message.
Restore the site_cfg.novi_idaa_api_key presence check as the first guard:
- key absent → site_cfg_json still loading OR this is not an IDAA site → skip
- account_id='ghost' → domain lookup failed → added explicit ghost guard too
The key itself is unused for auth (server holds it); we only test its presence.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
verify_novi_uuid() now calls GET /v3/action/idaa/novi_member/{uuid} instead
of fetching Novi directly from the browser. The Aether backend handles the
Novi call server-to-server, eliminating false Access Denied failures caused
by hotel/conference WiFi, VPNs, and Cloudflare IP filtering.
Response parsing simplified — full_name and email are normalized server-side.
Empty-200 anti-pattern handling, email space→+ normalization, and display-name
formatting moved to the backend (confirmed working per API agent).
Retry logic and error classification unchanged (429→rate_limited, network
error→retry once, all others→api_error).
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Classify persistent network/timeout failures as 'network_error' (separate from
generic 'api_error') so the UI can show a targeted message
- Add actionable hint for members on hotel WiFi, VPN, or corporate networks:
turn off VPN, switch to cellular, try a different network
- Extend VERIFIED_TTL_MS_DEFAULT from 45 min to 12 hours — covers a full workday
so members at conferences do not need to re-verify mid-day
- Document planned server-side Novi verification FastAPI endpoint in
CLIENT__IDAA_and_customized_mods.md (once implemented, eliminates client-side
Cloudflare/IP-reputation exposure entirely)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
All 10 fixes applied and verified as of 2026-05-19. Collapsed the three
open issues into the completed checklist with commit references.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
VERIFY_TIMEOUT_MS 8s → 35s: worst-case auto-retry cycle is 27s (12s abort +
3s wait + 12s abort). At 8s the "Reset & Retry" banner fired while the second
retry was still in flight; members who clicked it cleared their stores and
reloaded mid-attempt, landing on Access Denied. At 35s the escape hatch only
appears if verification is genuinely stuck (slow Novi server or missing api_key).
sessionStorage try-catch: iOS Safari Private Browsing and certain iframe sandbox
configs throw on sessionStorage access. Wrap setItem (onMount) and getItem
(reload_with_uuid) in try-catch so the component degrades gracefully to
location.reload() rather than crashing silently.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
'origin' is a reserved web term (protocol+domain); the function restores the
initial Novi-provided iframe URL (which includes the ?uuid= param), not the
site root. Renamed to reload_with_uuid to make that clear.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Wrap Novi API fetch in AbortController with 12s hard timeout — prevents
verify_in_flight from getting stuck if Novi's server hangs with no response
- Auto-retry once (after 3s) on network errors (TypeError: Failed to fetch)
and timeouts (AbortError) — these are almost always transient cellular/WiFi
blips and previously hard-failed with no second chance
- Rate-limit retries (429) already had a 10s wait; network retry is separate
- Update status message to "Connection issue — retrying..." during network retry
- Update error panel hint to suggest closing/reopening the Novi page as last resort
- Update Access Denied hint with same guidance
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Add reload_to_origin(): saves initial iframe URL (with ?uuid=) to sessionStorage
on mount; all reload buttons use it instead of bare location.reload() so the UUID
is preserved after internal SvelteKit navigation strips it from the URL
- Fix TTL short-circuit to also check $ae_loc permissions — without this, a store
reset (browser restart, stale localStorage) while the TTL was still valid would
skip re-verification and fall straight to Access Denied
- Extend Novi verification TTL from 5 to 25 minutes
- Add Clear Cache & Reload option to the Access Denied state (iframe mode)
- Move Novi UUID debug info on Access Denied page to edit_mode only; UUID line
at bottom of auth'd pages stays always visible for troubleshooting
- Remove expired temporary tech-notice variables (template block was already commented out)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- app.html: comment out 3 Google Fonts <link> tags (Noto Sans, Noto Serif,
Roboto Mono) — no theme or component applies these families; all themes use
system-ui. Saves 3 blocking network requests on every page load.
- app.html: add subtle CSS-only #ae_loader spinner (1.75rem ring, pointer-events:none)
that shows during JS download + root load function, before Svelte mounts.
- +layout.svelte: add onMount to remove #ae_loader as soon as Svelte bootstraps;
the existing is_hydrating frosted-glass overlay takes over from there.
- app.css: comment out orphaned Quicksand @font-face — font-family was never
applied to any element so browser never fetched it anyway.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
