bretton.dev
code
Clone this repository
https://tangled.org/bretton.dev/coves
git@knot.bretton.dev:bretton.dev/coves
For self-hosted knots, clone URLs may differ based on your setup.
Major updates to community PRDs based on lexicon vs implementation
gap analysis:
PRD_COMMUNITIES.md:
- Add "Alpha Blockers" section with clear must-haves
- Mark 6 XRPC endpoints as E2E tested (create, get, list, update,
subscribe, unsubscribe)
- Reorganize into Alpha vs Beta priorities
- Defer posts, wiki, moderation, membership to Beta
- Add note to remove unused categories field
PRD_BACKLOG.md:
- Add P1: Subscription visibility level (1-5 scale feed slider)
- Add P1: Community blocking implementation
- Add P2: Remove categories cleanup task
- Mark OAuth and token refresh as ALPHA BLOCKERS
PRD_GOVERNANCE.md:
- Update status: basic authorization exists (creator-only updates)
- Clarify moderator management is post-alpha (Beta Phase 1)
Key Findings from Analysis:
- Lexicon has many features not yet implemented (wiki, blocking,
advanced rules)
- Current alpha scope: basic CRUD + OAuth + token refresh
- Categories field exists but adds no value - marked for removal
- Membership design decisions deferred to Beta
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Adds comprehensive end-to-end tests for community XRPC endpoints:
Update Endpoint:
- Tests full write-forward flow (HTTP → PDS → Firehose → AppView)
- Verifies displayName, description, visibility updates
- Confirms CID changes after update
- Validates AppView indexing via Jetstream consumer
Subscribe/Unsubscribe Endpoints:
- Tests subscription creation in user's repository
- Verifies records written to PDS and queryable
- Tests unsubscribe deletes records from PDS
- Validates write-forward pattern for user actions
All tests use real PDS instance and Jetstream firehose for
true end-to-end validation.
Test Results: All 6 core XRPC endpoints now have E2E coverage
- create, get, list, update, subscribe, unsubscribe
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Fixes data loss bug where moderationType and contentWarnings
would be erased if not explicitly provided in update request.
Previously, omitting these fields in an update request would
remove them from the PDS record. Now follows the same pattern
as other optional fields (displayName, description, etc.) by
preserving existing values when not being updated.
Impact: Prevents accidental erasure of moderation configuration
when updating other community properties.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Implements social.coves.community.update endpoint for updating
community profiles (displayName, description, visibility, etc.).
Changes:
- Add UpdateHandler with XRPC endpoint support
- Register update route in community routes
- Uses community's own PDS credentials (V2 architecture)
- Preserves OAuth TODO for production deployment
Related: Update endpoint was defined in service layer but had
no HTTP handler or route registration.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
V2.0 Communities Architecture: PDS-Managed Keys & Password Encryption
This major refactor simplifies community provisioning by delegating all
cryptographic operations to the PDS, enabling faster shipping and better
atProto compliance.
Key Changes:
- Password encryption (not hashing) for session recovery
- PDS-managed DID and key generation
- Removed Coves-side DID generator
- Local PLC directory for E2E testing
- Comprehensive integration tests
Architecture Benefits:
- Simpler codebase (less cryptography to maintain)
- Faster community creation
- Standard atProto migration support
- Better separation of concerns
Migration Path:
- V2.0 (current): PDS-managed keys, Coves-to-Coves migration
- V2.1 (future): Optional Coves rotation key for external migration
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Update development configuration and project documentation to reflect
V2.0 architecture changes and improve code review guidelines.
Changes:
- .env.dev: Add PLC directory configuration for local development
- CLAUDE.md: Enhance PR review checklist with V2-specific concerns
Documentation Updates:
- Clarify atProto write-forward architecture requirements
- Add federation and DID resolution verification steps
- Improve security review checklist
- Add performance and testing coverage guidelines
Environment Updates:
- Configure PLC_DIRECTORY_URL for local PLC directory
- Update IS_DEV_ENV flag documentation
These changes support better code review practices and local
development workflow for V2.0 communities.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>