53 lines
2.7 KiB
Markdown
53 lines
2.7 KiB
Markdown
# CODEX_REPORT
|
|
|
|
Last updated: 2026-02-13
|
|
|
|
## Snapshot
|
|
- Product: "WhatToPlay" game library manager (PWA) aggregating libraries (Steam implemented; GOG WIP) with local persistence (IndexedDB).
|
|
- Frontend: React + TypeScript + Ionic (Vite).
|
|
- Backend: Node/Express in `server/` (Uberspace deployment; see `UBERSPACE.md`).
|
|
- Optional enrichment: IGDB canonical IDs via Twitch credentials (managed via 1Password CLI).
|
|
|
|
## How To Run
|
|
- Install: `npm install`
|
|
- Dev:
|
|
- `npm run dev` (uses `op run --env-file=.env.1password -- vite`)
|
|
- `npm run dev:no-op` (runs Vite without 1Password, no IGDB enrichment)
|
|
- Tests: `npm test` (Node test runner over `server/**/*.test.mjs`)
|
|
- Deploy: `npm run deploy` (script is `./deploy.sh`; see `UBERSPACE.md`)
|
|
|
|
## Current Working Tree
|
|
- Modified:
|
|
- `.gitignore`, `UBERSPACE.md`, `package.json`, `vite.config.ts`
|
|
- `server/index.js`, `server/steam-api.mjs`
|
|
- `src/pages/Library/LibraryPage.tsx`
|
|
- `src/pages/Settings/SettingsPage.tsx`, `src/pages/Settings/SettingsDetailPage.tsx`
|
|
- `src/services/ConfigService.ts`, `src/services/Database.ts`
|
|
- Untracked:
|
|
- `.env.1password` (intended to be safe to commit: 1Password references, not plaintext secrets)
|
|
- `deploy.sh`
|
|
- `server/data/` (currently contains `.gitkeep`)
|
|
- `server/gog-api.mjs`, `server/gog-backend.mjs`, `server/igdb-cache.mjs`
|
|
- `CODEX_REPORT.md` (this file)
|
|
|
|
## What Changed Recently (Observed)
|
|
- Added GOG connect flow scaffolding in settings UI and backend endpoints (`/gog/auth`, `/gog/refresh`).
|
|
- Added IGDB enrichment/caching plumbing (cache stored under `server/data/`).
|
|
- Config storage now prefers IndexedDB with localStorage fallback (`src/services/ConfigService.ts`, `src/services/Database.ts`).
|
|
|
|
## Plan
|
|
1. Make `npm test` deterministic and offline-safe:
|
|
- Current failure on this machine (Node `v25.6.1`): `npm test` fails with `Unable to deserialize cloned data due to invalid or unsupported version.`
|
|
- Tests also include optional live Steam API calls gated on `config.local.json`; replace with mocked `fetch` and fixtures.
|
|
2. Decide what should be committed vs local-only:
|
|
- Ensure `.env.1password`, `deploy.sh`, and new backend helpers are either committed intentionally or ignored.
|
|
3. Tighten backend security defaults:
|
|
- Avoid `ALLOWED_ORIGIN || "*"` in production.
|
|
- Restrict the catch-all proxy route (`app.all("/*")`) to a narrow allowlist or remove if not required.
|
|
4. Localization/UX hygiene:
|
|
- UI/strings currently mix German/English; align on an English-first source-of-truth and add localization scaffolding if desired.
|
|
|
|
## Next actions
|
|
1. Fix the test runner failure and convert backend tests to pure unit tests (mocked network).
|
|
2. Add/ignore the current untracked files based on intent (deployment + backend helpers vs local-only).
|