- Defaults to true (authenticated_access required) — no change to existing consumers
- Launcher file buttons set require_auth=false to allow unauthenticated downloads
- Remove vestigial try_cache param from generate_qr_code (never used in body)
- Remove vestigial try_cache from ae_core_functions: load_ae_obj_id__site_domain,
update_ae_obj_id_crud, update_ae_obj_id_crud_v2 (none referenced it in body)
- Add proper SWR pattern to load_ae_obj_id__sponsorship_cfg and
load_ae_obj_id__sponsorship; change defaults from false to true
- Change load_ae_obj_id__event_file default try_cache from false to true
(consistent with load_ae_obj_li__event_file)
- Change load_ae_obj_id__hosted_file default try_cache from false to true
(consistent with load_ae_obj_li__hosted_file)
- Remove stale try_cache arg from element_ae_crud.svelte caller
- core__crud_generic.ts: guard patch result logs (lines 246/252) with
if (log_lvl) — these fired on every successful patch call
- e_app_sign_in_out.svelte: already committed in previous round
- element_manage_hosted_file_li.svelte: already committed in previous round
All other console.log calls in launcher/lib files confirmed already guarded
via $B2 context check. Remaining unguarded logs are in event handlers
(fire on user action only, not hot render paths) or testing/admin pages.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Fixed all 27 remaining instances across 19 files. Keys used:
- Object ID fields where available (e.g. account_id_random, event_file_id)
- index for logger lists with no reliable unique key
- Property name for Object.entries() loops
Miscellaneous small changes to events (badges, launcher, leads, pres_mgmt,
settings), journals, reusable elements (crud, field editor), app components,
core components, and test README. Mostly 1-2 line changes per file.
- Updated V3 lookup API and core timezone loader to support the 'only_priority' flag.
- Enabled high-priority timezone filtering in IDAA Recovery Meeting and Archive editors to streamline selection lists.
- Created 'src/lib/ae_api/api_get__lookup_v3.ts' to handle the new '/v3/lookup/{lu_type}/list' endpoint.
- Refactored 'get_ae_obj_li_for_lu' in 'api.ts' to prioritize the V3 system for countries, subdivisions, and time zones, with V2 fallback for legacy types.
- Ensured lookups use the 'x-no-account-id' bypass for unauthenticated site bootstrapping.
- Updated core country, subdivision, and time zone loaders to use the refined API interface.
Added 'activity_log' table to Dexie 'ae_core_db' (v4) to support local caching of tracking data.
Implemented 'process_ae_obj__activity_log_props' with robust timestamp fallbacks.
Refactored 'qry__jitsi_report' to follow the Frontier module pattern, ensuring consistent V3 search and local cache synchronization.
Implemented critical security and architectural fixes to align the frontend with the Aether API V3 standard and resolve 403 Forbidden race conditions.
- Unified CRUD Helpers: Updated get, create, update, and delete helpers to use the standard /v3/crud/{obj_type}/{id} paths, ensuring correct backend isolation context.
- Auth Scavenging: Implemented direct localStorage scavenging for 'x-account-id' in core fetch helpers to prevent hydration race conditions in Svelte 5.
- Header Cleanup: Purged redundant 'x-aether-api-token' and fixed misplaced protocol headers in global stores.
- Reliability: Fixed 'Content-Type' typos and standardized kebab-case header normalization.
- Updated 'handle_open_file' in launcher_file_cont.svelte to correctly pass filename to API.
- Fixed WebSocket ae_download command in launcher layout to include filename.
- Implemented a safety net in api_get_object.ts to extract filename from params if missing.
- Added 'download' attribute to Hosted Files download button for direct links.
- Refactored launcher menu components to use Svelte 5 global 'page' state instead of obsolete 'data_url' prop.
- Convert decorative labels to spans to fix a11y warnings in Accounts and Sites pages
- Add rel="noopener noreferrer" to external links for security
- Use untrack for Svelte 5 state initialization from props in e_app_sign_in_out.svelte
- Make TipTap editor styles global to fix scoping warnings for dynamic content
- Integrated TipTap rich text editor for Booth Descriptions and Exhibitor Notes.
- Implemented strip_html utility for clean search/preview of rich text fields.
- Renamed exhibit loading functions to follow load_ae_obj_id__event_exhibit* pattern.
- Hardened property processors with 'undefined' string guards and automatic reload triggers.
- Resolved type mismatches and naming inconsistencies across the Leads module.
- Verified zero-error state via svelte-check.
- Refactored layouts to derive account data from stable props instead of reactive stores.
- Wrapped store updates in untrack() with deep equality guards to prevent infinite re-renders.
- Resolved duplicate untrack declarations and missing imports across the project.
- Added fetch safeguards to Element_data_store to prevent redundant API calls.
- Standardized hydration patterns to break circular dependencies during initial load.
- Fixed 'Captured initial value' warnings in 65+ components by implementing
proper sync effects with 'untrack' and derived states.
- Hardened Event Settings JSON editors using a temporary string-buffer pattern
to safely decouple object-based data from CodeMirror's string requirements.
- Resolved strict TypeScript mismatches across core routes (Accounts, Sites, etc.)
and improved property indexing safety in views.
- Patched Flowbite-Svelte Drawer transitions for Svelte 5 compatibility using
prop spreading.
- Added comprehensive safety comments to high-risk reactivity blocks.
- Synchronized 'ae_types.ts' with V3 backend models.
- Updated 'process_ae_obj__event_file_props' to synchronize generic 'for_id' with specific object IDs (e.g., 'event_presenter_id').
- Standardized 'element_manage_event_file_li_direct.svelte' to use specific ID filtering.
- Fixed missing 'prevent_default' in 'ae_comp__hosted_files_clip_video.svelte'.
- Resolved miscellaneous type and syntax errors identified by svelte-check.
- Applied snake_case helper standardization and formatting to element_input_file, hosted_files_clip_video, and websocket_v2.
- Cleaned up deprecated legacy imports.
- Harden 'ae_events__event_presenter.ts' to ensure both ID and ID_random fields are synced during refreshes.
- Update presenter list wrapper to use '_id_random' for reliable Dexie queries.
- Enable 'inc_all_file_li' and 'inc_file_li' in session loaders to pre-cache nested files.
- Introduce 'Launcher_presentation_view.svelte' to explicitly display files linked to presentations.
- Refactor presenter views to focus exclusively on speaker-specific files, avoiding UI duplication.
- Roll out platform-wide standard for unauthenticated binary access using '?key=[account_id]' query parameter.
- Update API helpers (get, post, patch) to recognize 'key' bypass and strip account context headers accordingly.
- Refactor IDAA Bulletin Board to restore inline image rendering and edit-mode previews.
- Modernize Events Launcher (Layout, Sync, Session View) to use V3 Action URLs with verified auth.
- Update HTML generators in 'ae_utils.ts' to support the new authenticated URL structure.
- Harden 'ae_comp__event_file_obj_tbl' CSV export and clipboard links with V3 standard patterns.
- Add 'show_direct_download' prop to support native browser downloads via V3 Action paths (/v3/action/...).
- Integrate 'shorten_filename' logic directly into the component via 'max_filename' prop.
- Refactor internal UI to snippets for consistent rendering across button and anchor modes.
- Update 'ae_HostedFile' type with new SQL view fields: 'filename_no_ext' and 'filename_w_ext'.
- Add direct download toggle and edit mode indicator to testing dashboard.
- Simplify 'ae_comp__event_file_obj_tbl' by removing manual snippets in favor of standardized component logic.
- Created AE_Comp_Hosted_Files_Download_Button using Svelte 5 and Lucide icons.
- Added file_extension_icon_lucide utility for direct Lucide icon mapping.
- Refactored download logic to core__hosted_files.ts using V3 Action endpoint (/v3/action/hosted_file/.../download).
- Integrated new component into Event File Object Table.
- Cleaned up legacy window.postMessage calls in several file management views.
NOTE: The new download component is currently in development and may not be fully functional.
- Refactored lookup_site_domain_v3 to be cache-first, unblocking root layout.
- Implemented Stale-While-Revalidate (SWR) pattern for load_ae_obj_id__event.
- Added global hydration overlay and loading spinner to +layout.svelte.
- Updated site domain whitelist to persist critical account/styling metadata in Dexie.
- Refactored root load function to return immediately if cached site data is found.
- Hardened 'find_object_id' in Dexie to support 'event_' prefixed IDs.
- Implemented singleton 'LauncherBackgroundSync' in root launcher layout.
- Added V3-compliant heartbeat and room refresh cycles.
- Fixed redundant component imports and Skeleton UI prop errors.
- Added 'inc_file_li' support to event API loader.
- Restored legacy query aliases (qry_ae_obj_li__event, qry__event_file, etc.) across Event modules to fix build errors.
- Fixed Hosted File deletion logic in core__hosted_files.ts to use specialized /hosted_file/{id} endpoint with fake_delete support.
- Standardized ID field usage (hosted_file_id vs hosted_file_id_random) in Archive Content and Event File upload components.
- Updated TODO.md to reflect completed search restoration tasks.
- API Migration: Refactored core__hosted_files.ts and ae_events__event_file.ts to use AE API CRUD V3.
- Logic Hardening: Unified property processing via '_process_generic_props' and ensured 'id_random' string identifier consistency.
- Reliability: Hardened orphan cleanup logic in delete_ae_obj_id__hosted_file and aligned with V3 generic delete patterns.
- Search Hardening: Implemented 'Inclusive OR' logic for physical/virtual filters and restored robust full-text search using 'default_qry_str' with wildcards.
- Crash Fix: Added null checks for 'contact_li_json' in meeting detail view to prevent TypeError.
- ID Stability: Enhanced 'core__idb_dexie.ts' to support 'id_random' mapping and fixed misleading save logging.
- Reliability: Both V2 and V3 search paths now consistently return processed objects with standardized IDs.
- Resolved 'Ghost Account' warning by updating layout hydration to align with V3 ID Vision (account_id vs account_id_random).
- Improved site lookup reliability using Agent API Key and structured EQ filters for exact FQDN matching (including ports).
- Modernized PWA manifest with maskable icons (PNG/WebP), app shortcuts, and unique installation IDs.
- Implemented automatic Electron 'Native' mode detection in root layout.
- Fixed stale API URLs in Launcher native file download logic.
- Added V3 migration documentation and JWT verification test scripts.
- API: Standardized 'order_by_li' types in event and archive modules.
- API: Corrected 'enabled'/'hidden' parameter types in event exhibit and device search/list functions.
- Type Safety: Addressed generic type casting issues in _process_generic_props across event modules.
- Data Handling: Resolved return type consistency in journal creation and DB save operations.
- Parameter Management: Fixed missing 'try_cache' parameters in event exhibit functions.
- Core Logic: Ensured correct object properties in DB put operations for hosted files.
- Core: Use FormData in video clip components to fix EventTarget errors.
- DB: Rename 'File' to 'ae_LocalFile' in db_core to prevent DOM type shadowing.
- API: Strictly type 'order_by_li' across archives, events, and journals to match API definition.
- API: Fix 'enabled'/'hidden' parameter types in search functions.
- Generics: Add 'any' cast to 'processed_obj' in generic processors to fix indexing errors.
- Journals: Update journal_entry creation to return null on failure, fix missing ID fields in DB save.
- Update ae_types.ts with joined fields for deep layout loading
- Fix OrderBy vs OrderBy[] type mismatch in API v2/v3 and generic CRUD
- Apply 'as const' to order_by_li defaults in core/event libraries
- Resolve type errors in reports_presenters and reports_files Svelte components
- Resolved Svelte 5 $bindable() prop errors in Analytics and Person Table components.
- Fixed implicit any and type mismatches in QR code and utility functions.
- Corrected OrderBy type mismatch pattern in systemic loaders.
- Improved type safety for BlobPart and ArrayBuffer handling.
- Down to 700 errors from ~731.
