migrations.py
- schema_migrations table tracks applied versions (version, description, applied_at)
- MIGRATIONS list is append-only; each entry is (version, description, sql)
- backup() dumps all user-data tables to a timestamped JSON file in backups/
before any schema changes so data can be recovered if something goes wrong
- run_migrations() is idempotent: already-applied versions are skipped
Integration
- app.py calls _run_startup_migrations() at module load so every restart
applies any pending migrations (no-op if schema is current)
- setup_routes.py calls run_migrations() after the initial setup form is
submitted so all tables exist before the user hits the main page for the
first time
- notes.py and admin.py: removed all per-request CREATE TABLE DDL; schema is
now owned entirely by the migration system
Docker
- docker-compose.dev.yml: add backups-data volume so JSON backups survive
container restarts and rebuilds
- Dockerfile: pre-create /app/backend/logs and /app/backend/backups so the
directories exist even before volumes are mounted
Adding future schema changes
- Append a new (version, description, sql) tuple to MIGRATIONS in migrations.py
- The next restart will detect it as pending, back up first, then apply it
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Move SECRET_KEY out of docker-compose into .env (env_file), add .env.example
- Add flask-limiter with 10 req/min on login route; introduce util/limiter.py
- Replace direct mysql.connector.connect() calls with MySQLConnectionPool via util/db_pool.py
- Fix deprecated datetime.utcnow() -> datetime.now(timezone.utc) in auth/login.py
- Remove dead /api/scripts 410 route from admin.py
- Add MD5 security warning in Md5Tool.jsx
- Add ErrorBoundary component and wrap App.jsx
- Expand README with setup guide, screenshot and project structure
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Nirodan