Functional fixes:
- Add isDirtyRef to distinguish user edits from note selection; auto-save now
only fires after the user actually modifies content, not on every click
- Add selected and isNew to auto-save effect deps so the closure is never stale
when switching between notes (previously could save to the wrong note)
- Double-check isDirtyRef inside the debounce callback to handle rapid note
switches within the 1-second window
- Reset isDirtyRef to false after every successful save (manual and auto)
CSS fixes:
- Add button.ghost and button.ghost.danger styles to buttons.css; delete button
was invisible/identical to the save button because .ghost was never defined
- Add select element styling to base.css to match input/textarea theming;
language picker was unstyled browser-default in both dark and light mode
- Add .error class (red text) to base.css; error messages had no colour
- Add .notes-layout grid class with responsive media query (stacks below 680px);
remove inline gridTemplateColumns that overflowed on small screens
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- auth/login.py: guard against missing JSON body (get_json silent=True, empty-string check)
- app.py: replace infinite redirect with 404 for unknown /api/* and /setup/* paths
- tools/jwtdecoder.py: add algorithms list to jwt.decode() for PyJWT 2.x compatibility
- util/setup_routes.py: call reset_pool() after save_config() so pool re-initialises with new DB credentials
- util/logger.py: set ERROR level on error.log handler so it no longer receives INFO/WARNING messages
- LoginForm.jsx: remove dead navigate() call that was immediately overridden by window.location.href
- main.jsx: remove base.css, dark.css, light.css that were already imported in App.jsx (duplicate imports)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- backend/tools/hasher.py: POST /api/hash/sha256 and /api/hash/bcrypt (bcrypt added to requirements)
- backend/tools/base64tool.py: POST /api/base64/encode and /api/base64/decode
- backend/tools/jwtdecoder.py: POST /api/jwt/decode (signature verification disabled)
- backend/tools/passwordgen.py: POST /api/password/generate with charset and length options
- backend/tools/timestamp.py: POST /api/timestamp/convert (unix<->date, ISO 8601 + German format)
- backend/tools/textdiff.py: POST /api/text/diff returning structured added/removed/unchanged lines
- All blueprints registered in app.py and tools/__init__.py
- React components with copy button, dark/light mode support via CSS variables
- ToolOverview rebuilt as card grid; App.jsx routes added for all tools
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Move SECRET_KEY out of docker-compose into .env (env_file), add .env.example
- Add flask-limiter with 10 req/min on login route; introduce util/limiter.py
- Replace direct mysql.connector.connect() calls with MySQLConnectionPool via util/db_pool.py
- Fix deprecated datetime.utcnow() -> datetime.now(timezone.utc) in auth/login.py
- Remove dead /api/scripts 410 route from admin.py
- Add MD5 security warning in Md5Tool.jsx
- Add ErrorBoundary component and wrap App.jsx
- Expand README with setup guide, screenshot and project structure
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Nirodan