- Pin Caddy image to 2.11-alpine to prevent breaking changes from
floating tags
- Validate Caddyfile syntax before deploying to catch config errors
early
- Check all container states after startup to detect crashes before
waiting on the HTTPS health check
- Show logs from all services on failure, not just supersync
Prisma's $queryRaw tagged template treats ${} as parameterized values, not
raw SQL. Conditional fragments like `${userId ? \`WHERE ...\` : ''}` were
sent as string parameters, causing PostgreSQL syntax error 42601.
Mask user emails by default (--unmask to reveal). Replace all any[]
query results with typed interfaces. Fix showUsageHistory sort that
compared formatted byte strings. Add parseIntArg validation for CLI
flags. Fix unbounded recursion in analyzePayload. Replace execSync with
execFileSync for DATA_DIR to prevent shell injection. Add --no-save flag
for usage command.
* feat(sync): add active-users command to monitor CLI
Adds a new `active-users` command to the SuperSync monitor script that reports:
- Total registered and verified user counts
- Active users by time period (24h, 7d, 30d, 90d) based on device and sync activity
- New registration counts
- Recently active users table with device count and ops
- Users who never synced
Usage: npm run monitor -- active-users
https://claude.ai/code/session_014Tc5vtXW4Z8QZFMDFWKErP
* feat(sync): add engaged users metric to active-users report
Shows users who were active on 3+ distinct days in the last 2 weeks
with new sync operations, giving a measure of genuine recurring usage.
https://claude.ai/code/session_014Tc5vtXW4Z8QZFMDFWKErP
* docs(sync): add active-users to docker monitoring docs
Add missing active-users command to docker-monitor.sh case statement,
help text, and DOCKER-MONITORING.md guide.
https://claude.ai/code/session_014Tc5vtXW4Z8QZFMDFWKErP
* refactor(sync): improve active-users command from review feedback
- Fix timezone-unsafe DATE(): use AT TIME ZONE 'UTC' with explicit
double precision cast for consistent day boundaries
- Replace correlated subquery with LEFT JOIN for ops_7d count
- Show total active count when LIMIT truncates the table
- Add --threshold and --limit CLI flags for flexibility
- Combine device/ops metrics into single line (connected / syncing)
- Add skipInQuick to run-all-monitoring.ts
- Update docker-monitor.sh header, help text, and DOCKER-MONITORING.md
with active-users command, flags, and performance notes
- Clarify "never synced" output label
https://claude.ai/code/session_014Tc5vtXW4Z8QZFMDFWKErP
---------
Co-authored-by: Claude <noreply@anthropic.com>
Translate all missing keys to achieve full coverage (2086/2086)
for fr, pt-br, zh-tw, ro, ro-md, zh, es, de, and cs.
Also remove stale keys and include updated translations
for other locales. Remaining languages still have partial coverage.
Adds git pull --ff-only before docker compose pull so scripts,
docker-compose.yml, and other repo files are updated on each deploy.
Falls back gracefully if pull fails.
- Remove email addresses from all log messages (~18 locations) for GDPR
compliance, replacing with userId where available
- Downgrade debug credential logs from info to debug level
- Remove options.user from passkey registration log (contained email in
JSON payload)
- Add container security hardening to docker-compose.yml:
- no-new-privileges on all containers
- cap_drop: ALL on supersync and caddy
- Memory limits (supersync 512m, postgres 1g, caddy 256m)
- CPU limit on supersync (1.0)
- Add .health-alert/ to gitignore
- Add health-alert.sh cron script for container monitoring with
OOM detection, disk checks, and email alerting
- Add accounts-only pg_dump (users + passkeys) to backup script for
lightweight disaster recovery when clients still have data
- Add pipefail to backup script to catch silent dump failures
- Add test endpoint to simulate partial server revert (ops-after/:serverSeq)
- Add 6 e2e tests covering all disaster recovery scenarios:
complete data loss, partial revert, accounts-only restore (API + SQL),
full dump restore + reset account, and all-clients-lost recovery
- Add backup-and-recovery.md with setup, recovery procedures, and
decision tree
- Add automated Docker build/push workflow for SuperSync server
- Update docker-compose.yml to use super-productivity org GHCR image
- Add --no-cache flag support to build-and-push.sh script
- Workflow triggers on SuperSync changes or manual dispatch
- Uses GitHub's built-in token (no personal token needed)
Add reusable investigation scripts for analyzing SuperSync storage patterns,
user behavior, and operation anomalies.
New scripts:
- analyze-storage.ts: 9 specialized analysis commands (operation sizes,
timeline, types, large ops, rapid-fire detection, snapshots, user deep-dive,
export, compare users)
- run-all-monitoring.ts: Complete monitoring suite runner with quick mode
and save-to-file options
- MONITORING-README.md: Complete documentation with investigation workflows
New npm scripts:
- npm run analyze-storage -- <command>: Run specific analysis
- npm run monitor:all: Run complete monitoring suite
- npm run monitor:all:quick: Quick health check (skip deep analysis)
- npm run monitor:all:save: Save timestamped report to file
These tools provide structured workflows for investigating storage issues
like rapid-fire operations, unusually large operations, and sync loops.
Tombstones were used for tracking deleted entities but are no longer
needed with the operation log architecture. This removes:
- Tombstone table from Prisma schema
- Tombstone-related methods from SyncService
- Tombstone mocks and tests from all test files
- Database migration to drop tombstones table
The operation log now handles deletions through DEL operations,
making the separate tombstone tracking redundant.
- Add 'ops' command to analyze operation payload sizes
- Show breakdown by entity type with count, total, avg, max sizes
- Display largest operation with payload structure analysis
- Enhance 'usage' command to show ops vs snapshot breakdown
- Show operation count, average size per user
Each run of `npm run monitor -- usage` now saves a snapshot to
logs/usage-history.jsonl. New command `usage-history` shows past
snapshots with growth stats between runs.
- Add disk space info to monitor stats (root filesystem, data dir)
- Add top 5 tables by size to database stats
- Add GHCR login to deploy.sh for private image pulls
Switch from server-side builds to pre-built images:
- Add build-and-push.sh for local builds to GHCR
- Update deploy.sh to pull from registry (30s vs 20min)
- Add docker-compose.build.yml for local build fallback
- Update docker-compose.yml to use registry image
- Add GHCR_USER/GHCR_TOKEN to env.example
- Add npm scripts: docker:build, docker:deploy, docker:backup
This commit introduces a lightweight monitoring CLI tool for the super-sync-server.
Changes include:
- Enhanced logging: now supports writing logs to a file () when is set, enabling persistent log storage.
- New monitoring script: provides commands for:
- : Displays system vitals (CPU, RAM) and database connectivity/size.
- : Shows top 20 users by data storage usage within the database.
- : Allows tailing, searching, and filtering server logs from the file.
- update: Added a script to easily run the tool.
Refactored 'delete-user.ts' and 'clear-data.ts' to use Prisma Client, aligning them with the current PostgreSQL architecture.
Updated 'packages/super-sync-server/README.md' to reflect the Docker-based, PostgreSQL setup and added documentation for the administrative scripts.
Removed '@types/better-sqlite3' from 'package.json' as it's no longer needed.
SYNC_IMPORT, BACKUP_IMPORT, and Repair operations contain full app state
in their payload. When these operations were downloaded by another client
and applied via applyOperations(), convertOpToAction() was spreading the
payload directly into the action. But reducers expect action.appDataComplete,
so they received undefined and fell back to empty/initial state.
This caused complete data loss (no projects, no tags, tasks in wrong project)
when syncing SYNC_IMPORT operations between clients.
Fix: Add extractFullStatePayload() that wraps the payload in appDataComplete
for full-state operation types, matching what loadAllData action expects.
Also clears file-based storage directories in the clear-data script.
Previously, would silently create a new empty database if the configured was incorrect or missing, leading to a confusing 'success' message (deleting 0 rows) while the actual data remained untouched. Now, the script verifies that exists at the expected path before proceeding, and exits with an error if it's missing.