V0.1.1 release, close to actual release. Bug & security fixes/improvements.

AI_CHECKPOINT.md

@@ -0,0 +1,79 @@
+# AI Checkpoint — cg.cx Refinement Pass
+
+## Phase
+**ALL BATCHES COMPLETE.** Refinement pass finished. No blockers.
+
+## Final State
+- `cargo check --workspace` ✅ passes
+- `cargo test --workspace` ✅ passes (0 tests, all crates compile)
+- Frontend `npm run build` ✅ passes
+- All 10 batches implemented, verified, and merged.
+
+## Completed Work Summary
+
+### Batch 1 — Security + Stability
+- **B:** `/get_id` extended to channels (`msg.chat.is_channel()`)
+- **C:** `/help` HTML parse errors fixed (`<arg>` → `[arg]`)
+- **E:** `/blacklist_uid` and `/whitelist_uid` restricted to configured admin groups + admins
+- **I:** HEAD requests no longer consume auto-destroy views in `serve_file`
+
+### Batch 2 — Misc Report Section
+- Backend: `POST /api/content/:cxid/report` endpoint added to server
+- `reqwest` added to `cgcx-server/Cargo.toml`
+- Server seeds web-reporter user (id=0) to satisfy FK constraint
+- Frontend: Direct report wired to API; hardcoded `harmfulmeowbot` replaced with dynamic `BOT_USERNAME`
+
+### Batch 3 — Password/Autodestroy + UX
+- Homepage password flow fixed: `fetchMetadata` now passes password; 401 handled correctly (`needsPassword = true` or "Incorrect password.")
+- Removed redundant `verifyPassword` call from `Home.svelte`
+
+### Batch 4 — Submission/Review Batching + Hardening
+- Existing batching logic verified correct
+- **Fixes applied:**
+  - `serve_raw_file` now increments views (mirrors `serve_file`)
+  - Approval caption truncated to 1024 chars
+  - Video/audio sent as native `InputMediaVideo`/`InputMediaAudio`
+
+### Batch 5 — Review Action Buttons
+- Verified: `[ Ban ]`, `[ Blackl. ]`, `[ Ban/BL u. ]` present in review keyboard
+- Verified: handlers for `ban`, `blk`, `banblk`, `approve`, `ignore` all work with permission checks
+
+### Batch 6 — GLOBAL_BAN
+- Verified: `GroupsConfig.global_ban` config option present
+- Verified: `propagate_punishment` checks flag and propagates to all known chats
+
+### Batch 7 — Upload Privacy + Metadata
+- Verified: `show_author` toggle in upload options
+- Verified: metadata bar in `ViewContent.svelte` shows date, size, author hyperlink
+
+### Batch 8 — Deduplication + Hash Blacklist
+- Verified: `plaintext_hash` computed, dedup lookup works, ref_count incremented
+- Verified: `HashBlacklistRepo` blocks re-uploads with `BlockedHash` error
+
+### Batch 9 — Username Tracking
+- Verified: `UserRepo::ensure_exists` logs changes to configurable `uname_changes_path`
+
+### Batch 10 — Homepage Bot Link + Docs
+- **Q:** Bot link reordered between Content ID field and "-- cannibal girls --" subtitle
+- **Q:** Link color changed to `var(--retro-accent)` (very dark green)
+- **P:** `docs/API.md`, `docs/COMMANDS.md`, `docs/MODERATION.md`, `README.md` all updated
+
+## Files Touched in This Pass
+- `crates/cgcx-server/src/main.rs` — view increment, report endpoint, web user seed
+- `crates/cgcx-server/Cargo.toml` — reqwest dependency
+- `crates/cgcx-bot/src/main.rs` — channel support, help escaping, admin-group gates, media types, caption truncation
+- `frontend/src/routes/Home.svelte` — password flow, report wiring, bot link reorder
+- `frontend/src/lib/api.js` — API_BASE export
+- `docs/API.md`, `docs/COMMANDS.md`, `docs/MODERATION.md`, `README.md` — documentation updates
+
+## Known Limitations (Not Fixed in This Pass)
+1. **Zero test coverage** across the workspace.
+2. **Memory usage:** Forward approval/review decrypts entire files into memory (`decrypt_bytes` + `InputFile::memory`). Large files risk OOM.
+3. **TOCTOU race:** Concurrent requests to `serve_file` can overserve past `max_views` by 1.
+4. **Multi-file view counting:** Each file request increments `view_count`, so multi-file content with low `max_views` may become unavailable before all files are viewed.
+
+## Blockers
+None.
+
+## Next Step
+None — refinement pass is complete. Future work (if any) should start from this checkpoint.