* fix(ui): prevent stored XSS in enlarge-img directive
The enlarged-image element was built by interpolating the image URL into an innerHTML string, so a crafted synced/imported note.imgUrl could break out of the src attribute and inject an event handler (stored DOM-XSS). Build the <img> with createElement and property assignment instead, so the URL is never parsed as HTML. Adds a regression spec.
Refs: GHSA-78rv-m663-4fph
* fix(plugins): authorize nodeExecution from main-process state
The Electron main process authorized Node execution from the manifest the renderer passes on each IPC call, and window.ea.pluginExecNodeScript is callable by any renderer code — so injected renderer JS could forge {permissions:['nodeExecution']} and run arbitrary Node (CWE-501).
The main process now keeps its own grantedPlugins set, populated via a dedicated PLUGIN_SET_NODE_CONSENT channel. The renderer registers a grant in _fireOnReady (before the first node call, covering every load path including zip upload) and revokes it on teardown. The executor requires set membership.
Defense in depth, not a hard boundary: the registration channel is itself renderer-reachable, so a fully-compromised renderer could register a grant itself. It blocks the disclosed PoC (forged manifest for a never-loaded plugin) and removes per-call manifest trust. A hard boundary needs a main-process consent dialog.
Refs: GHSA-78rv-m663-4fph
* fix(security): add object-src 'none' and document CSP constraints
Adds object-src 'none' (the app embeds no <object>/<embed>) and replaces the stale TODO with an accurate note on why 'unsafe-eval'/'unsafe-inline' cannot be dropped yet: the plugin runtime and the inline bootstrap script use new Function, and the packaged app loads the renderer over file:// (opaque origin), so tightening script-src to 'self' is unreliable.
Refs: GHSA-78rv-m663-4fph
The global :where(h1..h6):not(...):not(...):not(...) rule in page.scss
pins h2 color to --text-color-most-intense, which defaults to black on
:root and only flips to white once body.isDarkTheme is added at
bootstrap. During the pre-bootstrap splash the heading was therefore
black on the dark body background. Target the heading by id so the
selector clears the page rule's (0,3,0) specificity and let it inherit
the body color (already correct for both prefers-color-scheme modes).
Move the prefers-color-scheme media query after the default fill rule
so the light theme override (fill: #000) is not overridden by the
later default (fill: #fff) due to CSS cascade ordering.
The app targets ES2022+/Safari 18+ but the iOS deployment target was 14.0.
On older iOS versions (e.g., 15), the JavaScript fails to parse, leaving
users stuck on a white splash screen with no feedback.
- Add an inline ES5-compatible browser check in index.html that detects
unsupported browsers and shows a helpful update message
- Raise iOS deployment target from 14.0 to 16.0 in both project.pbxproj
and Podfile
- Guard productivity tips script against null elements when compat check
replaces splash screen content
Show a native FAB button during app startup so users can add tasks
while Angular bootstraps. Tapping the FAB expands a themed input bar
with keyboard tracking. Submitted tasks queue in SharedPreferences
via WidgetTaskQueue and are processed by AndroidEffects after
hydration. Partial (unsubmitted) text transfers to the web AddTaskBar
via sessionStorage.
Design:
- Two-phase dismiss keeps native overlay visible until web input mounts
- MutationObserver with resolved guard detects AddTaskBar readiness
- Day/night theme support with primary-colored border
- FAB color (#6495ED) matches the loading spinner
- Overlay cleaned up in onDestroy to prevent listener leaks
Also removes the old Quick Add Widget (QuickAddActivity,
QuickAddWidgetProvider, and all associated resources).
Also modernizes the loading spinner from double-bounce to a subtle
pulse animation.
* Making a good first impression! ;)
The first animated element the user sees is a productivity tip. But they had an issue when presented in the snackbar: a colon appears after the heading and before the rest of the text. This caused many of the tips to not look right.
The solution was to modify the code that adds that colon or to modify this code. I chose to modify this code.
While I was here, I cleaned things up a bit.
I also added several new productivity tips!
I'm currently only using SP on the desktop (that will hopefully be changing soon), so please be sure these improvements work for all platforms before integrating this PR.
* Added missing comment.
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
* Create _prettier_01
* Rename _prettier_01 to code_prettier_01.yml
* Ran Prettier on code
* Delete .github/workflows/code_prettier_01.yml
* Even Prettier Prettier
* Prettier
---------
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
* docs(clipboard): Added the plan to guide AI implementation.
* feat(clipboard): Changed requirement to reflect the fact that some functions can't be done in browsers.
* feat(clipboard): Added Ctrl-v pasting functionality from clipboard.
- Storing image in IndexedDB in browser, and storing image in userdata path in Electron.
- Added image resizing in markdown.
* docs(clipboard): Removed requirement file since it's implemented.
* feat(clipboard): Added clipboard images management in settings.
* feat(tests): Enhance focus mode and inline markdown tests with mock store and actions
* feat(clipboard): Add electron-only annotation to findImageFile function
* feat(clipboard): Prevent memory leaks by revoking cached blob URLs on image deletion
* feat(clipboard): Improve paste handling by tracking current placeholder and cleaning up old progress
* Merge branch 'master' into feat/clipboard-files
* feat(marked-options): Refactor renderer methods and add hooks for image sizing syntax
* feat(clipboard): Added feature that pasted image will be added to task attachment.
* revert: Revert the change of lock file from last merge.
* revert: Removed unwanted changes.
* refactor(clipboard): Cleaned up code that seems not necessary.
* feat(clipboard): Handle storage quota exceeded error and update messages
* feat(clipboard): Implement validated IPC handlers for clipboard image operations
* feat(clipboard): Add error handling for clipboard image URL resolution
* feat(clipboard): Refactor file operations to use async fs promises
* feat(clipboard): Integrate ClipboardPasteHandlerService for improved paste handling
* feat(clipboard): Rename resolveUrl to resolveIndexedDbUrl for clarity and update references
* feat(clipboard): Add defaultPath option to showOpenDialog for improved user experience
* feat(clipboard): Implement getDefaultClipboardImagesPath utility for consistent image path retrieval
* feat(clipboard): Refactor MIME type handling to use centralized mapping for improved maintainability
* feat(clipboard): Add computed property to toggle markdown parsing based on formatting settings
* revert: Removed unwanted changes.
* revert: Removed unwanted chagnes.
* revert: Removed unwanted chagnes.
* fix(clipboard-images-cfg): remove debug log from selectImagePath method
* refactor(paste-handler): update currentPlaceholder to use getter/setter methods
* fix(docs): correct formatting and improve clarity in multiple wiki pages
* fix: update dialog handling in initLocalFileSyncAdapter for type safety
* revert: Revert space change.
* fix(inline-markdown): ensure model is set to an empty string instead of undefined
* fix(tests): update clipboard images section locator to use collapsible title
Add viewport-fit=cover to the viewport meta tag so iOS extends the web
view behind the home indicator area, allowing the bottom navigation
background color to fill the entire screen.