feat: transition to Convex Cloud and update environment configurations#53
Merged
evan-taylor merged 5 commits intodevfrom Apr 9, 2026
Merged
feat: transition to Convex Cloud and update environment configurations#53evan-taylor merged 5 commits intodevfrom
evan-taylor merged 5 commits intodevfrom
Conversation
Contributor
|
Note Reviews pausedIt looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the Use the following commands to manage reviews:
Use the checkboxes below for quick actions:
📝 WalkthroughWalkthroughMigrates project from self-hosted Convex to Convex Cloud: updates docs and quick-starts, replaces self-hosted env vars with a Convex deployment slug, adds Convex Cloud/local runbooks, adjusts backend auth URL resolution, and introduces SafeArea wrappers plus minor frontend UX and state changes. Changes
Estimated code review effort🎯 3 (Moderate) | ⏱️ ~25 minutes Possibly related PRs
Suggested reviewers
Poem
🚥 Pre-merge checks | ✅ 1 | ❌ 2❌ Failed checks (2 warnings)
✅ Passed checks (1 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
Actionable comments posted: 2
🧹 Nitpick comments (2)
backend/.env.example (1)
1-8: Document or clarify theCONVEX_CLOUD_URLvariable.The
auth.config.tsfile referencesCONVEX_CLOUD_URLas a fallback forproviderDomain, but this variable is not documented in.env.example. If Convex Cloud auto-injectsCONVEX_SITE_URLat runtime (makingCONVEX_CLOUD_URLunnecessary for new setups), consider adding a comment to clarify this.Additionally, for developers running in hybrid/transition scenarios, consider adding a commented-out section for optional legacy variables as mentioned in
SELF_HOSTED_CONVEX.md.📝 Suggested clarification
# Convex Cloud Configuration # Copy this file to .env.local and fill in the values # DO NOT commit .env.local to git! +# +# Note: CONVEX_SITE_URL is auto-injected by Convex Cloud at runtime. +# For self-hosted fallback (transition only), see docs/SELF_HOSTED_CONVEX.md.🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@backend/.env.example` around lines 1 - 8, Add documentation for CONVEX_CLOUD_URL in .env.example clarifying that auth.config.ts uses CONVEX_CLOUD_URL as a fallback for providerDomain and that on Convex Cloud CONVEX_SITE_URL is typically injected at runtime (so CONVEX_CLOUD_URL is not required for new cloud deployments); also add a short commented-out "Legacy / self-hosted (optional)" section showing the optional legacy variables (CONVEX_CLOUD_URL and any related legacy names referenced in SELF_HOSTED_CONVEX.md) for hybrid/transition scenarios so developers know when to set them and that they are optional.backend/convex/auth.config.ts (1)
1-2: Consider adding a runtime check for undefinedproviderDomainin non-Cloud environments.
CONVEX_SITE_URLis automatically injected by Convex Cloud, so the fallback chain will resolve in Cloud deployments. However, for self-hosted or local development setups where environment variables must be manually configured,providerDomaincould remainundefinedif none of the variables are set. While not a risk in Convex Cloud, a defensive check is good practice:🛡️ Proposed defensive check
const providerDomain = process.env.CONVEX_SITE_URL ?? process.env.CONVEX_CLOUD_URL ?? process.env.CONVEX_SELF_HOSTED_URL; + +if (!providerDomain) { + throw new Error('Auth provider domain not configured. Set CONVEX_SITE_URL, CONVEX_CLOUD_URL, or CONVEX_SELF_HOSTED_URL.'); +}🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@backend/convex/auth.config.ts` around lines 1 - 2, The variable providerDomain (assigned from CONVEX_SITE_URL, CONVEX_CLOUD_URL, or CONVEX_SELF_HOSTED_URL) can be undefined in self-hosted/local setups; add a runtime defensive check after its assignment that verifies providerDomain is defined and, if not, either throw a clear error or log and exit so the app fails fast with actionable message; update the check near the providerDomain declaration in backend/convex/auth.config.ts and reference providerDomain in the error text so maintainers know which env var is missing.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In `@docs/CONVEX_CLOUD_MIGRATION.md`:
- Around line 101-108: The current "Rollback plan" only repoints the frontend
and redeploys, which drops any post-cutover writes; update the Rollback plan
section to include either a reverse-migration/reconciliation step that
copies/merges new Convex Cloud writes back into the self-hosted DB (describe who
runs it and the tool/process), or mandate freezing writes by making the app
read-only until post-cutover validation completes; explicitly reference the
"Rollback plan" section and add clear steps for: (1) quiescing writes, (2)
extracting recent Convex Cloud transactions, (3) applying/merging them back to
self-hosted, and (4) validating data integrity before fully reverting traffic.
- Around line 79-91: The runbook misses deploying backend code/schema to
production before repointing the frontend: after running the data import step
(npx convex import --prod --replace convex-selfhost-final.zip) add an explicit
production deployment step using npx convex deploy --prod to register functions
and schema in the Convex Cloud deployment, then update EXPO_PUBLIC_CONVEX_URL
and redeploy/unfreeze traffic as described.
---
Nitpick comments:
In `@backend/.env.example`:
- Around line 1-8: Add documentation for CONVEX_CLOUD_URL in .env.example
clarifying that auth.config.ts uses CONVEX_CLOUD_URL as a fallback for
providerDomain and that on Convex Cloud CONVEX_SITE_URL is typically injected at
runtime (so CONVEX_CLOUD_URL is not required for new cloud deployments); also
add a short commented-out "Legacy / self-hosted (optional)" section showing the
optional legacy variables (CONVEX_CLOUD_URL and any related legacy names
referenced in SELF_HOSTED_CONVEX.md) for hybrid/transition scenarios so
developers know when to set them and that they are optional.
In `@backend/convex/auth.config.ts`:
- Around line 1-2: The variable providerDomain (assigned from CONVEX_SITE_URL,
CONVEX_CLOUD_URL, or CONVEX_SELF_HOSTED_URL) can be undefined in
self-hosted/local setups; add a runtime defensive check after its assignment
that verifies providerDomain is defined and, if not, either throw a clear error
or log and exit so the app fails fast with actionable message; update the check
near the providerDomain declaration in backend/convex/auth.config.ts and
reference providerDomain in the error text so maintainers know which env var is
missing.
ℹ️ Review info
⚙️ Run configuration
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro
Run ID: 39f2038d-3331-4536-9fb3-819547006ada
⛔ Files ignored due to path filters (2)
convex-selfhost-backup-dev.zipis excluded by!**/*.zipconvex-selfhost-final.zipis excluded by!**/*.zip
📒 Files selected for processing (11)
QUICK_START.mdREADME.mdbackend/.env.examplebackend/convex/auth.config.tsdocs/CONVEX_CLOUD_MIGRATION.mddocs/DEPENDENCIES.mddocs/SELF_HOSTED_CONVEX.mddocs/contributing.mdfrontend/app/(tabs)/_layout.tsxfrontend/app/(tabs)/my-listings.tsxfrontend/app/(tabs)/settings.tsx
evan-taylor
force-pushed
the
evan/convex-docs-update
branch
from
9529e0a to
bf5a52f
Compare
Contributor
There was a problem hiding this comment.
Actionable comments posted: 2
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In `@docs/contributing.md`:
- Around line 81-84: Replace the incorrect frontend env key mentioned in the
contributing docs: change the reference to `CONVEX_URL` in the
frontend/.env.local setup instruction to `EXPO_PUBLIC_CONVEX_URL` so it matches
the Expo app requirement and the later documentation (line referencing
EXPO_PUBLIC_CONVEX_URL); update the single-line example under the "Follow
LOCAL_DEV_WITHOUT_CONVEX_ACCOUNT.md" bullet to use `EXPO_PUBLIC_CONVEX_URL`
instead of `CONVEX_URL`.
- Around line 249-252: Remove the incorrect backend env var `CONVEX_URL` from
the Backend env section and update the text to only mention `CONVEX_DEPLOYMENT`;
alternatively, if `CONVEX_URL` is intended to be frontend-only, explicitly state
that and reference the actual backend-used vars `CONVEX_SITE_URL`,
`CONVEX_CLOUD_URL`, and `CONVEX_SELF_HOSTED_URL` so contributors aren’t misled
by a non-existent backend variable.
ℹ️ Review info
⚙️ Run configuration
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro
Run ID: 47bf5912-bae5-4b6c-b780-7377863ea1ec
📒 Files selected for processing (5)
.cursor/hooks/state/continual-learning.jsonREADME.mddocs/LOCAL_DEV_WITHOUT_CONVEX_ACCOUNT.mddocs/SELF_HOSTED_CONVEX.mddocs/contributing.md
💤 Files with no reviewable changes (1)
- docs/SELF_HOSTED_CONVEX.md
✅ Files skipped from review due to trivial changes (2)
- docs/LOCAL_DEV_WITHOUT_CONVEX_ACCOUNT.md
- .cursor/hooks/state/continual-learning.json
🚧 Files skipped from review as they are similar to previous changes (1)
- README.md
Contributor
There was a problem hiding this comment.
Actionable comments posted: 2
♻️ Duplicate comments (1)
docs/contributing.md (1)
81-84:⚠️ Potential issue | 🟠 MajorUse
EXPO_PUBLIC_CONVEX_URLinstead ofCONVEX_URLfor frontend configuration.Line 83 instructs contributors to set
frontend/.env.localto their localCONVEX_URL, but the frontend actually requiresEXPO_PUBLIC_CONVEX_URL(as correctly documented in line 247). This inconsistency will cause confusion.Proposed fix
Follow [LOCAL_DEV_WITHOUT_CONVEX_ACCOUNT.md](LOCAL_DEV_WITHOUT_CONVEX_ACCOUNT.md), including: - `cd backend && npx convex dev --local --once` - - setting `frontend/.env.local` to your local `CONVEX_URL` + - setting `EXPO_PUBLIC_CONVEX_URL` in `frontend/.env.local` to your local Convex URL - optional seed import from a backup ZIP🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@docs/contributing.md` around lines 81 - 84, Update the docs snippet that instructs setting frontend/.env.local to use the correct public env var name: replace the reference to CONVEX_URL with EXPO_PUBLIC_CONVEX_URL (consistent with the documentation at line 247 and the frontend's expected env var). Ensure the sentence in the block that currently reads "setting `frontend/.env.local` to your local `CONVEX_URL`" instead references `EXPO_PUBLIC_CONVEX_URL`, and keep the rest of the steps (npx convex dev, optional seed import) unchanged.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In `@docs/LOCAL_DEV_WITHOUT_CONVEX_ACCOUNT.md`:
- Line 50: Update the phrase "Shared google doc" to capitalize Google as a
proper noun (i.e., change "Shared google doc" to "Shared Google doc") in the
sentence that references backend secrets like AUTH_RESEND_KEY, AUTH_RESEND_FROM,
and OPENAI_API_KEY so the documentation uses the correct capitalization.
In `@frontend/app/`(tabs)/_layout.tsx:
- Around line 126-132: The root layout currently uses SafeAreaView (and other
components rely on useSafeAreaInsets) but does not mount SafeAreaProvider; wrap
the top-level returned UI in SafeAreaProvider from
react-native-safe-area-context (import SafeAreaProvider) so that SafeAreaView
and useSafeAreaInsets receive proper insets — e.g., in the RootLayout/ default
export function, wrap the existing providers and nativeTabs return value with
<SafeAreaProvider>...</SafeAreaProvider> (keep SafeAreaView where
Android-specific behavior is needed).
---
Duplicate comments:
In `@docs/contributing.md`:
- Around line 81-84: Update the docs snippet that instructs setting
frontend/.env.local to use the correct public env var name: replace the
reference to CONVEX_URL with EXPO_PUBLIC_CONVEX_URL (consistent with the
documentation at line 247 and the frontend's expected env var). Ensure the
sentence in the block that currently reads "setting `frontend/.env.local` to
your local `CONVEX_URL`" instead references `EXPO_PUBLIC_CONVEX_URL`, and keep
the rest of the steps (npx convex dev, optional seed import) unchanged.
ℹ️ Review info
⚙️ Run configuration
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro
Run ID: 9283ca1c-c9b5-4e5a-a80d-21b1183e8aab
⛔ Files ignored due to path filters (2)
convex-selfhost-backup-dev.zipis excluded by!**/*.zipconvex-selfhost-final.zipis excluded by!**/*.zip
📒 Files selected for processing (12)
.cursor/hooks/state/continual-learning.jsonQUICK_START.mdREADME.mdbackend/.env.examplebackend/convex/auth.config.tsdocs/DEPENDENCIES.mddocs/LOCAL_DEV_WITHOUT_CONVEX_ACCOUNT.mddocs/SELF_HOSTED_CONVEX.mddocs/contributing.mdfrontend/app/(tabs)/_layout.tsxfrontend/app/(tabs)/my-listings.tsxfrontend/app/(tabs)/settings.tsx
💤 Files with no reviewable changes (1)
- docs/SELF_HOSTED_CONVEX.md
🚧 Files skipped from review as they are similar to previous changes (7)
- backend/convex/auth.config.ts
- README.md
- frontend/app/(tabs)/my-listings.tsx
- docs/DEPENDENCIES.md
- backend/.env.example
- .cursor/hooks/state/continual-learning.json
- frontend/app/(tabs)/settings.tsx
Collaborator
Author
|
@cursor rebase this PR against |
|
I rebased
I also proactively fixed the still-open doc issues that were part of this PR context:
I verified the rebased branch with:
  |
- Updated backend configuration to use Convex Cloud instead of self-hosted setup. - Revised environment variable instructions in documentation for backend and frontend. - Enhanced the My Listings screen with delete functionality and improved user feedback. - Updated various documentation files to reflect the migration to Convex Cloud and removed references to the legacy self-hosted setup.
- Added instructions for local setup without a Convex account in README.md. - Revised contributing guide to clarify environment variable configuration options for both Convex Cloud and local development. - Removed outdated Convex Cloud migration documentation and legacy self-hosted references.
cursor
Bot
force-pushed
the
evan/convex-docs-update
branch
from
bf5a52f to
7c60fdc
Compare
Contributor
There was a problem hiding this comment.
Actionable comments posted: 3
🧹 Nitpick comments (2)
docs/CONVEX_CLOUD_MIGRATION.md (1)
21-25: Add an explicitnpx convex loginprerequisite beforenpx convex dev.Fresh/cloud-agent environments can fail this step without prior auth; calling it out avoids setup friction.
Suggested doc patch
From `backend/`: ```bash +npx convex login npx convex dev</details> Based on learnings: In cloud agent environments, complete the `npx convex login` flow via the Desktop pane before running `convex dev` for backend synchronization. <details> <summary>🤖 Prompt for AI Agents</summary>Verify each finding against the current code and only fix it if needed.
In
@docs/CONVEX_CLOUD_MIGRATION.mdaround lines 21 - 25, Add an explicit
prerequisite step to run "npx convex login" before "npx convex dev": update the
docs so the backend startup section shows that users must authenticate first by
running npx convex login (or completing the Desktop login flow) and only then
run npx convex dev to avoid cloud-agent auth failures; ensure the example
sequence includes the login command immediately above the dev command and
mention that it’s required in cloud/agent environments.</details> </blockquote></details> <details> <summary>frontend/app/(tabs)/settings.tsx (1)</summary><blockquote> `98-105`: **Add an internal re-entrancy guard for sign-out.** At Lines 98-99, two very fast taps can still invoke `handleAuthAction` twice before disabled state is rendered. Add an early guard inside the handler. <details> <summary>Suggested patch</summary> ```diff const handleAuthAction = async () => { + if (isSigningOut) return; if (!isAuthenticated) { router.replace('/auth/login?returnTo=%2Fsettings' as never); return; } try { setIsSigningOut(true); await signOut(); } catch (error) { const message = error instanceof Error ? error.message : 'Failed to sign out'; Alert.alert('Sign Out Failed', message); } finally { setIsSigningOut(false); } };🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@frontend/app/`(tabs)/settings.tsx around lines 98 - 105, The sign-out handler handleAuthAction can be invoked twice on rapid taps before the disabled state renders; add an internal re-entrancy guard at the top of handleAuthAction (e.g., a ref like signOutInProgressRef) that returns early if already true, then set signOutInProgressRef.current = true and call setIsSigningOut(true) before awaiting signOut(), finally clear both the ref and setIsSigningOut(false) in the finally block; reference handleAuthAction, signOut, setIsSigningOut, and the new signOutInProgressRef to locate and implement the change.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In `@docs/CONVEX_CLOUD_MIGRATION.md`:
- Around line 103-105: The three checklist bullets that all start with "Verify"
are repetitive; update the three lines ("Verify app reads/writes against Convex
Cloud.", "Verify no auth/email regressions.", "Verify file storage and listing
images are intact.") to use varied starters for readability (e.g., "Confirm app
reads/writes against Convex Cloud.", "Ensure no auth/email regressions.", "Check
file storage and image listing remain intact.") while preserving the same checks
and intent.
- Line 27: The docs currently only mention adding CONVEX_DEPLOYMENT to
backend/.env.local—update the Convex Cloud migration docs to list and instruct
adding the full set of backend environment variables required by this project:
CONVEX_DEPLOYMENT, CONVEX_URL, and CONVEX_SITE_URL as required, and note
optional keys AUTH_RESEND_KEY and OPENAI_API_KEY; include brief guidance that
these belong in backend/.env.local and any format expectations (e.g., KEY=value)
so users don’t misconfigure runtime envs.
In `@frontend/app/`(tabs)/settings.tsx:
- Line 138: The onPress currently calls router.push('/profile/edit' as never)
which circumvents route typing; create a typed Href constant (e.g. const
PROFILE_EDIT: Href = '/profile/edit') and replace the cast usage with
router.push(PROFILE_EDIT) in the onPress at the current location and the two
other occurrences referenced (lines near 185 and 195) so route-type validation
is preserved and refactors will be caught by the type system; update
imports/types if needed to reference the Href type used in your routing
utilities.
---
Nitpick comments:
In `@docs/CONVEX_CLOUD_MIGRATION.md`:
- Around line 21-25: Add an explicit prerequisite step to run "npx convex login"
before "npx convex dev": update the docs so the backend startup section shows
that users must authenticate first by running npx convex login (or completing
the Desktop login flow) and only then run npx convex dev to avoid cloud-agent
auth failures; ensure the example sequence includes the login command
immediately above the dev command and mention that it’s required in cloud/agent
environments.
In `@frontend/app/`(tabs)/settings.tsx:
- Around line 98-105: The sign-out handler handleAuthAction can be invoked twice
on rapid taps before the disabled state renders; add an internal re-entrancy
guard at the top of handleAuthAction (e.g., a ref like signOutInProgressRef)
that returns early if already true, then set signOutInProgressRef.current = true
and call setIsSigningOut(true) before awaiting signOut(), finally clear both the
ref and setIsSigningOut(false) in the finally block; reference handleAuthAction,
signOut, setIsSigningOut, and the new signOutInProgressRef to locate and
implement the change.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro
Run ID: 0cfdb0a4-aed2-406e-939a-79d9173c6dd1
⛔ Files ignored due to path filters (2)
convex-selfhost-backup-dev.zipis excluded by!**/*.zipconvex-selfhost-final.zipis excluded by!**/*.zip
📒 Files selected for processing (13)
.cursor/hooks/state/continual-learning.jsonQUICK_START.mdREADME.mdbackend/.env.examplebackend/convex/auth.config.tsdocs/CONVEX_CLOUD_MIGRATION.mddocs/DEPENDENCIES.mddocs/LOCAL_DEV_WITHOUT_CONVEX_ACCOUNT.mddocs/SELF_HOSTED_CONVEX.mddocs/contributing.mdfrontend/app/(tabs)/_layout.tsxfrontend/app/(tabs)/settings.tsxfrontend/app/_layout.tsx
💤 Files with no reviewable changes (1)
- docs/SELF_HOSTED_CONVEX.md
✅ Files skipped from review due to trivial changes (4)
- README.md
- .cursor/hooks/state/continual-learning.json
- backend/convex/auth.config.ts
- backend/.env.example
🚧 Files skipped from review as they are similar to previous changes (4)
- docs/DEPENDENCIES.md
- QUICK_START.md
- docs/LOCAL_DEV_WITHOUT_CONVEX_ACCOUNT.md
- docs/contributing.md
evan-taylor
added a commit
that referenced
this pull request
Apr 9, 2026
* implemented CRUD operations in backend * feat: implement Cal Poly email authentication with verification - Add user authentication using @convex-dev/auth with Password provider - Enforce @calpoly.edu email domain validation - Implement email verification flow with SendGrid integration - Create signup, login, and email verification screens - Add user schema and auth-related queries/mutations - Update shared types and utilities for email validation - Add AuthProvider to app layout with auth routes * docs: update environment variables documentation for auth * fix: secure email verification with token validation * feat: implemented profile viewing and editing * feat: add search and filtering for listings - Add condition field to listings (new, like_new, good, fair, poor) - Add searchAndFilterListings query with full-text search - Support category, price range, condition filters - Add sort options and cursor-based pagination (20 items/page) - Add compound indexes for performance * refactor: switch from Password+SendGrid to OTP+Resend - Replace Password provider with Resend OTP (8-digit code, 15 min expiry) - Add Cal Poly email domain validation - Simplify to single login screen (email → code) - Remove separate signup and verify-email screens - Switch from SendGrid to Resend for emails - Use @convex-dev/auth OTP pattern per reviewer feedback * Adding .env.examples back * fix: address CodeRabbit review suggestions for auth implementation * fix: configure ESM module resolution for backend typecheck * Normalize email to lowercase and trim whitespace * fix: added constraints to profile creation * POLY-10 add messaging and conversation schema and sendMessage mutation * POLY-10 test function for sendMessage mutation * POLY-10 feat: add retrieve conversation history query * POLY-10 feat: add listUserConversations query * POLY-10 fix: updated commenting and edited listingId in schema * feat: associate conversations with listings, read functionality, real-time message delivery * Sync Convex schema, generated files, and backend dependencies * POLY-10: Fix functions for updated schema * Add pagination to getProfiles query Updated getProfiles query to support pagination options. * Update package.json * Update convex dependency version to 1.31.5 * Update package.json * Update package.json * Downgrade convex dependency version to 1.17.2 * this should fix it * there we go * feat: implement custom OTP authentication backend (POLY-29) - Add otpCodes table with hashing and rate limiting - Implement requestOTP action with Cal Poly email validation - Implement verifyOTP mutation with attempt limiting - Replace @convex-dev/auth with custom OTP system - Add bcryptjs for secure OTP hashing - Integrate Resend for email delivery - Add emailVerified field to users table BREAKING CHANGE: Replaces @convex-dev/auth authentication system * chore: update package-lock.json for bcryptjs dependencies * fix: implement CodeRabbit security improvements - Make createAndStoreOTPInternal an internalMutation to prevent client access - Implement atomic rate-limit check and OTP storage in single transaction - Replace Math.random() with crypto.getRandomValues() for secure OTP generation - Add emailVerified field to User type to match backend schema Security improvements prevent race conditions and ensure cryptographically secure random number generation for OTP codes. * fix: make emailVerified optional for backward compatibility Make emailVerified field optional in schema and User type to prevent breaking existing user records that don't have this field. New users created via OTP will have emailVerified set to true, while existing users can be migrated gradually without validation errors. * feat: add report schema and submission endpoint (POLY-19) - Add reports table to Convex schema with indexes for target and reporter lookups - Implement createReport mutation with authentication, validation, and duplicate prevention - Add rate limiting (10 reports per 24 hours per user) - Create comprehensive test suite with 9 tests covering all acceptance criteria - Ensure reporterId is never exposed in responses * Fix(POLY-19): Address test failures and code review feedback & Feat(POLY-20): Implement auto-hide logic * fix: enforce auth in messaging queries and make debug mutation internal * feat: added tags field with validation * fix: fixed updateListing test cases * fix: add AsyncStorage for React Native auth storage * Fix(POLY-20): Prevent auto-hide from overwriting existing hidden context * feat(POLY-15): Add home feed sorting and filtering - Update getListings query with category, minPrice, maxPrice filters - Use by_status_createdAt index for deterministic newest-first ordering - Add price validation (min >= 0, max >= min) - Add FilterBar component with filter chips - Add CategoryPicker bottom sheet - Add PriceRangePicker bottom sheet with presets - Integrate filters into home screen with state management - Add 'No results' state with clear filters option - Add 7 tests for filter combinations * fix(POLY-15): address code review feedback - Refactor FilterBar to avoid nested TouchableOpacity - Add negative max price validation to PriceRangePicker * fix(POLY-15): add NaN/non-finite validation for price inputs - Trim whitespace from inputs before parsing - Treat empty/whitespace-only strings as undefined - Validate parsed values are finite with Number.isFinite - Show clear error message for invalid number input * done * done now * other issues done too * other issues done too * fixed errors * feat: add tag filters to getListings * fix: pass empty args to getListings useQuery * fix: modify listings.ts to pass local tests and ran npm install * fixed final errors * fixed final errors * fixed new errors * fixed new errors * fixed * Poly-16-Tags-Backend * removed redundancy * fix * fix * fix * Fix2 * fix: integrate coderabbit changes and edit testcases * fix: filter listings by tags in memory * feat: exclude hidden listings from getListings * Add validation for limit and price parameters in getListings query * Fix duplicate reports table in schema and update dependencies * Merge tag filtering with category/price filters - Add tag filtering to getListings query (OR logic) - Add category and price range filters - Create unified FilterBar with all three filter types - Add CategoryPicker and PriceRangePicker components - Support URL params for tag deep linking - Add comprehensive validation for price inputs * refactor: address code review feedback - Remove redundant arrayContaining assertion in schema test - Extract shared filter types to frontend/types/filters.ts - Remove duplicate CATEGORIES from CategoryPicker - Fix PriceRangePicker useEffect to only reset on modal open - Remove dead padding properties from chip style - Fix URL param sync in handleTagsChange * Fix duplicate useState import and unused styles in index.tsx * fix: exclude hidden listings from getListings query * fix: resolve merge conflicts and fix test configuration - Merge tag filtering tests with basic filtering tests from dev - Add @babel/preset-typescript to babel.config.js for proper TS support - Configure jest to use ts-jest for .ts files and babel-jest for .js files - Add price validation to getListings (minPrice/maxPrice checks) - Add getCurrentUserSubject query from dev branch - Fix test ordering by using _creationTime instead of createdAt - All 55 tests now passing * fix: remove duplicate functions from merge conflict - Remove duplicate getListings export (kept complete version with tag filtering) - Remove duplicate getCurrentUserSubject export - Remove unused normalizeTags function - All tests passing, linting clean * fix: remove duplicate listings variable declaration - Remove unfiltered listings query on line 13 - Keep filtered listings query that respects filter state - Fixes TypeScript error: Cannot redeclare block-scoped variable * fixed redundancy of validate/normalize * chore: upgrade Expo SDK to 54 and fix dependencies - Upgrade Expo from ~52.0.0 to ^54.0.33 - Upgrade React to 19.1.0 and React Native to 0.81.5 - Update all Expo packages to SDK 54 compatible versions - Add @auth/core dependency to backend to fix convex dev - Add .npmrc with legacy-peer-deps flag to handle peer dependency conflicts - Fix npm audit vulnerabilities * chore: add self-hosted Convex actions URL to environment configuration * testing * fixes * add docs for s3 convex config (#38) * fixes * delete * fixes * fixes * fixes * fixes * test added * fixes * update * tests * feat: integrate OpenAI Moderation API for listings and messages - Add moderationResults table to schema - Create moderation.ts with moderateContent internalAction - Refactor createListing/updateListing from mutations to actions - Refactor sendMessage from mutation to action - Add ConvexError responses for flagged content - Update all test files for action-based API with fetch mocks - Disable ts-jest diagnostics for convex-test ID serialization - Document OPENAI_API_KEY in .env.example Resolves: POLY-31, POLY-36, POLY-37 * fix: switch createListing/updateListing from useMutation to useAction in frontend Frontend was still using useMutation for createListing and updateListing, which are now actions after moderation integration. This caused TypeScript errors: FunctionReference<"action"> not assignable to FunctionReference<"mutation">. * fix: extract ConvexError.data for moderation rejection messages ConvexError stores the custom error string in .data, not .message. Without this fix, moderation rejection messages would not surface to the user in the Alert dialog. * feat: exclude hidden content from feed and handle hidden states * fix: code rabbit changes * WIP: messaging changes * chore: make POLY-38 schema rollout backward-compatible with backfill * feat: clean shareable links route and listing share action * feat: add production-ready report modal flow for listing detail * style: format ReportModal with Prettier * feat: rebuild clean image uploader with upload URL flow and timeout safeguards * feat: deep-linking listings rebased from nightly clean on latest dev * feat: expo upgrade, fix config, enhance ui, add animations - Deleted Babel configuration file as it is no longer needed. - Updated Jest configuration to specify Babel config file path. - Added environment variables for email handling in backend. - Enhanced email validation and error handling in ResendOTP function. - Improved frontend components with better loading states and animations. - Updated dependencies in package-lock.json for compatibility with new Expo version. * refactor: streamline auth configuration and improve search functionality - Updated auth configuration to use a unified provider domain from environment variables. - Simplified search component logic to enhance performance and maintain reactivity for first-page results. - Removed unnecessary cursor handling for improved clarity in state management. * chore: update expo-image-manipulator and expo-image-picker versions in package files - Upgraded expo-image-manipulator to version 55.0.9 and expo-image-picker to version 55.0.10 in both package-lock.json and package.json for improved functionality and compatibility. * fix: coderabbit feedback - Added a function to dynamically determine the app origin for shareable links in the ListingDetailScreen. - Updated the cancel button in both NewListingScreen and EditListingScreen to be disabled during submissions or pending uploads, with visual feedback for disabled state. * feat: enhance login functionality with return redirection - Integrated useLocalSearchParams to retrieve returnTo parameter for post-auth redirection. - Updated router.replace to redirect users to the specified return path after successful login, improving user experience. * feat: enhance login screen with verification step handling - Introduced a new state variable to manage the verification step in the login process. - Updated the rendering logic to display success messages conditionally based on the verification step, improving user feedback during authentication. * chore: update dependencies and enhance TypeScript configuration - Added expo-router version 55.0.3 to package.json and package-lock.json for improved routing capabilities. - Updated TypeScript configuration in tsconfig.json to include additional file types and improve module resolution. * feat: enhance listings and profiles management - Updated the updateListing action to return specific moderation error responses instead of throwing exceptions. - Added a new query to retrieve the current user's listings, including hidden and inactive items. - Introduced a new query to fetch the current authenticated user's full profile, including non-public fields. - Enhanced profile creation and update mutations to include additional fields and validation for email, year, and other profile attributes. - Improved error handling in listing creation and editing to provide user-friendly feedback for moderation issues. - Updated frontend components to reflect new profile and listing functionalities, including loading states and input validations. * refactor: improve error messaging in profile creation tests - Updated the test case for createProfile to clarify rejection conditions when no email is provided or available on identity. - Enhanced error message to be more user-friendly, specifying that an email is required to create a profile. * chore: update Node.js version in configuration files * fix: ci script * fix: ci checks * fix: ci linux lightningcss binary * fixed issue * fixed issue * potential redundent querires * null request bug * feat: implement push notifications and update dependencies - Added support for push notifications using @convex-dev/expo-push-notifications. - Updated the convex configuration to include push notification handling in message actions. - Enhanced tests to verify push notification functionality upon message creation. - Updated dependencies, including upgrading convex to version 1.32.0 and related Expo packages. - Modified configuration files to reflect changes in app identifiers and notification settings. * fix: improve push notification handling and enhance tests - Updated the sendMessage action to use a more structured approach for push notifications based on the environment. - Enhanced test setup for push notifications by refactoring the mock implementation for better clarity and maintainability. - Added error handling for push notification failures during message delivery. - Updated the useAuth hook to ensure push tokens are removed on sign-out, improving token management. * fix: update app slug for consistency * feat: add message seller button on listings * feat: create inbox screen * feat: create chat screen * feat: implement read receipts for inbox in nav bar * fix: remove errors when clicking inbox * fix: prevent duplicate conversations * feat: add read receipts to messages * fix: show buyer name for listing creator * fix: implemented code rabbit changes * fix: add more code rabbit changes * Development environment setup (#55) * docs: add AGENTS.md with Cursor Cloud development instructions * docs: update AGENTS.md with Convex cloud setup and login caveat * docs: update AGENTS.md to reflect Convex cloud only (no self-hosted) --------- Co-authored-by: Cursor Agent <cursoragent@cursor.com> * feat: UI overhaul (#57) * feat: add saved listings functionality and enhance listings queries - Implemented `savedListings` table with associated queries and mutations for saving, unsaving, and checking saved listings. - Added `getListingsBySeller` query to fetch public active listings by seller. - Updated `updateListingStatus` mutation to prevent changing status of sold listings. - Enhanced tests for new saved listings features and updated existing tests for listing status changes. - Improved UI components to support new functionalities and ensure better user experience. * fix: agent bugs * feat: integrate Sentry for error tracking and monitoring - Added `@sentry/react-native` dependency to the project. - Initialized Sentry in the application with the provided DSN for error tracking. - Updated `app.json` to include Sentry configuration for Expo. - Enhanced `_layout.tsx` to wrap the `RootLayout` component with Sentry for better error handling. * refactor: update Metro configuration for Sentry integration * feat: enhance authentication and profile management - Introduced AppReviewOTP for Apple App Review email verification. - Updated authentication flow to support specific email validation for the review process. - Refactored profile bounds to a shared constants module for better maintainability. - Improved error handling and user feedback in login and profile edit screens. - Enhanced saved listings functionality to mark deleted and hidden listings as unavailable. - Updated tests to cover new email validation logic and recent changes in saved listings. * feat: add optional App Review OTP configuration - Introduced optional App Review OTP functionality for Apple App Review login. - Updated backend and frontend to support dynamic email and code configuration via environment variables. - Enhanced email validation logic in the login process to accommodate the new OTP feature. - Updated documentation to reflect the new configuration options for App Review. * fix: icon and package mismatch (#59) * refactor: unify authentication handling across backend modules (#60) - Replaced direct calls to `getUserIdentity` with `requireAuthUserId` in various modules to ensure consistent user authentication checks. - Updated ownership and user ID retrieval logic in listings, messages, profiles, and saved listings to utilize stable user IDs. - Enhanced error handling for unauthorized actions across multiple mutations and queries. - Removed legacy participant ID handling in messages and conversations to streamline user identification. - Improved overall code maintainability and clarity by consolidating authentication logic. * feat: enhance My Listings screen with status filtering and action han… (#61) * feat: enhance My Listings screen with status filtering and action handling - Added status filter options ('all', 'active', 'inactive', 'sold') to the My Listings screen for better listing management. - Implemented action handling for editing, marking as sold, setting status, and deleting listings through a new action sheet. - Improved error handling with user-friendly alerts for various actions. - Updated UI components to reflect changes in listing management and enhance user experience. * feat: unify authentication redirection across screens - Implemented consistent use of `router.replace` for authentication redirection in various screens including Inbox, Home, My Listings, Search, Settings, and Listing Details. - Enhanced user experience by replacing sign-in prompts with loading indicators while redirecting to the login page. - Improved accessibility labels in ListingCard for better screen reader support. * feat: implement messaging block checks and notification preferences (#62) * feat: implement messaging block checks and notification preferences - Added functionality to prevent users from messaging each other if they have blocked one another, enhancing user experience and safety. - Introduced a new mutation to manage message notification preferences, allowing users to enable or disable notifications for incoming messages. - Updated the user schema to include a field for message notification settings. - Enhanced the login flow to prompt users for notification permissions, improving engagement with the messaging feature. - Added tests to ensure proper functionality of blocking and notification features. * chore: update package dependencies and app configuration - Updated various Expo package versions in package-lock.json and package.json for improved stability and features. - Added iOS icon path in app.json to enhance app branding on iOS devices. * feat: enhance user blocking functionality and notification handling - Implemented a new query to check if the current user is blocked by another user, improving user experience in conversations. - Updated the blockUser mutation to ensure proper user ID normalization and error handling for blocking actions. - Enhanced the Settings screen to provide better feedback during account deletion and sign-out processes. - Refactored notification handling to ensure users are informed about permission status and potential issues when enabling notifications. - Improved conversation detail screen to handle blocking states more effectively, preventing users from sending messages if blocked. * feat: improve user blocking and notification preference handling - Introduced a new function to validate peer user IDs in blocking mutations, enhancing error handling for user blocking actions. - Updated blockUser and unblockUser mutations to utilize the new validation function, ensuring proper user ID normalization. - Enhanced Settings screen to provide detailed alerts for notification preference updates, improving user feedback during push token management. - Improved conversation detail screen to handle blocking states more effectively, preventing message sending if users are blocked. * chore: update app configuration and package scripts - Removed iOS icon path from app.json to streamline configuration. - Updated package.json scripts for running Android and iOS to use 'expo run' commands, enhancing build process consistency. * feat: transition to Convex Cloud and update environment configurations (#53) * feat: transition to Convex Cloud and update environment configurations - Updated backend configuration to use Convex Cloud instead of self-hosted setup. - Revised environment variable instructions in documentation for backend and frontend. - Enhanced the My Listings screen with delete functionality and improved user feedback. - Updated various documentation files to reflect the migration to Convex Cloud and removed references to the legacy self-hosted setup. * docs: update README and contributing guide for local development setup - Added instructions for local setup without a Convex account in README.md. - Revised contributing guide to clarify environment variable configuration options for both Convex Cloud and local development. - Removed outdated Convex Cloud migration documentation and legacy self-hosted references. * fix: preserve settings route typing after rebase * fix: address Convex migration and settings review notes --------- Co-authored-by: Cursor Agent <cursoragent@cursor.com> * Improve messaging safety and polish the web experience (#63) * chore: update package dependencies and app configuration - Updated various Expo package versions in package-lock.json and package.json for improved stability and features. - Added iOS icon path in app.json to enhance app branding on iOS devices. * chore: update app configuration and package scripts - Removed iOS icon path from app.json to streamline configuration. - Updated package.json scripts for running Android and iOS to use 'expo run' commands, enhancing build process consistency. * feat: polish the Vercel web experience Make the Expo web app feel intentional on desktop while steering app-only flows back to mobile. Add Vercel-friendly config so preview and production builds resolve the right web origin. * fix: remove duplicate layout import after rebase * fix: clean up search list layout styles * fix: preserve web search state Keep the resolved app origin available at runtime and preserve active listing filters when web search updates or refreshes. * chore: manual GitHub Action for dev → main release PR (#64) * chore: update package dependencies and app configuration - Updated various Expo package versions in package-lock.json and package.json for improved stability and features. - Added iOS icon path in app.json to enhance app branding on iOS devices. * chore: update app configuration and package scripts - Removed iOS icon path from app.json to streamline configuration. - Updated package.json scripts for running Android and iOS to use 'expo run' commands, enhancing build process consistency. * feat: polish the Vercel web experience Make the Expo web app feel intentional on desktop while steering app-only flows back to mobile. Add Vercel-friendly config so preview and production builds resolve the right web origin. * fix: remove duplicate layout import after rebase * fix: clean up search list layout styles * fix: preserve web search state Keep the resolved app origin available at runtime and preserve active listing filters when web search updates or refreshes. * chore: add manual GitHub Action to open dev→main release PR - workflow_dispatch only; idempotent open PR or report existing - document usage in contributing releases section --------- Co-authored-by: dfed25 <domfederico21@gmail.com> Co-authored-by: Jaydon Chen <79879038+jaydonkc@users.noreply.github.com> Co-authored-by: Cole <hackman@calpoly.edu> Co-authored-by: Haixin <haixinhuang502@gmail.com> Co-authored-by: BoB121isawesome <79879038+BoB121isawesome@users.noreply.github.com> Co-authored-by: lheutchy <lheutchy@gmail.com> Co-authored-by: dfed25 <150391626+dfed25@users.noreply.github.com> Co-authored-by: MatthewPhan <Matthewminhphan@gmail.com> Co-authored-by: SamanSP1386 <saman.sepehr86@gmail.com> Co-authored-by: Jaydon Bot <jaydon-bot@local> Co-authored-by: Taye-Staats <tayestaats@outlook.com> Co-authored-by: Cursor Agent <cursoragent@cursor.com>
evan-taylor
added a commit
that referenced
this pull request
Apr 9, 2026
* implemented CRUD operations in backend * feat: implement Cal Poly email authentication with verification - Add user authentication using @convex-dev/auth with Password provider - Enforce @calpoly.edu email domain validation - Implement email verification flow with SendGrid integration - Create signup, login, and email verification screens - Add user schema and auth-related queries/mutations - Update shared types and utilities for email validation - Add AuthProvider to app layout with auth routes * docs: update environment variables documentation for auth * fix: secure email verification with token validation * feat: implemented profile viewing and editing * feat: add search and filtering for listings - Add condition field to listings (new, like_new, good, fair, poor) - Add searchAndFilterListings query with full-text search - Support category, price range, condition filters - Add sort options and cursor-based pagination (20 items/page) - Add compound indexes for performance * refactor: switch from Password+SendGrid to OTP+Resend - Replace Password provider with Resend OTP (8-digit code, 15 min expiry) - Add Cal Poly email domain validation - Simplify to single login screen (email → code) - Remove separate signup and verify-email screens - Switch from SendGrid to Resend for emails - Use @convex-dev/auth OTP pattern per reviewer feedback * Adding .env.examples back * fix: address CodeRabbit review suggestions for auth implementation * fix: configure ESM module resolution for backend typecheck * Normalize email to lowercase and trim whitespace * fix: added constraints to profile creation * POLY-10 add messaging and conversation schema and sendMessage mutation * POLY-10 test function for sendMessage mutation * POLY-10 feat: add retrieve conversation history query * POLY-10 feat: add listUserConversations query * POLY-10 fix: updated commenting and edited listingId in schema * feat: associate conversations with listings, read functionality, real-time message delivery * Sync Convex schema, generated files, and backend dependencies * POLY-10: Fix functions for updated schema * Add pagination to getProfiles query Updated getProfiles query to support pagination options. * Update package.json * Update convex dependency version to 1.31.5 * Update package.json * Update package.json * Downgrade convex dependency version to 1.17.2 * this should fix it * there we go * feat: implement custom OTP authentication backend (POLY-29) - Add otpCodes table with hashing and rate limiting - Implement requestOTP action with Cal Poly email validation - Implement verifyOTP mutation with attempt limiting - Replace @convex-dev/auth with custom OTP system - Add bcryptjs for secure OTP hashing - Integrate Resend for email delivery - Add emailVerified field to users table BREAKING CHANGE: Replaces @convex-dev/auth authentication system * chore: update package-lock.json for bcryptjs dependencies * fix: implement CodeRabbit security improvements - Make createAndStoreOTPInternal an internalMutation to prevent client access - Implement atomic rate-limit check and OTP storage in single transaction - Replace Math.random() with crypto.getRandomValues() for secure OTP generation - Add emailVerified field to User type to match backend schema Security improvements prevent race conditions and ensure cryptographically secure random number generation for OTP codes. * fix: make emailVerified optional for backward compatibility Make emailVerified field optional in schema and User type to prevent breaking existing user records that don't have this field. New users created via OTP will have emailVerified set to true, while existing users can be migrated gradually without validation errors. * feat: add report schema and submission endpoint (POLY-19) - Add reports table to Convex schema with indexes for target and reporter lookups - Implement createReport mutation with authentication, validation, and duplicate prevention - Add rate limiting (10 reports per 24 hours per user) - Create comprehensive test suite with 9 tests covering all acceptance criteria - Ensure reporterId is never exposed in responses * Fix(POLY-19): Address test failures and code review feedback & Feat(POLY-20): Implement auto-hide logic * fix: enforce auth in messaging queries and make debug mutation internal * feat: added tags field with validation * fix: fixed updateListing test cases * fix: add AsyncStorage for React Native auth storage * Fix(POLY-20): Prevent auto-hide from overwriting existing hidden context * feat(POLY-15): Add home feed sorting and filtering - Update getListings query with category, minPrice, maxPrice filters - Use by_status_createdAt index for deterministic newest-first ordering - Add price validation (min >= 0, max >= min) - Add FilterBar component with filter chips - Add CategoryPicker bottom sheet - Add PriceRangePicker bottom sheet with presets - Integrate filters into home screen with state management - Add 'No results' state with clear filters option - Add 7 tests for filter combinations * fix(POLY-15): address code review feedback - Refactor FilterBar to avoid nested TouchableOpacity - Add negative max price validation to PriceRangePicker * fix(POLY-15): add NaN/non-finite validation for price inputs - Trim whitespace from inputs before parsing - Treat empty/whitespace-only strings as undefined - Validate parsed values are finite with Number.isFinite - Show clear error message for invalid number input * done * done now * other issues done too * other issues done too * fixed errors * feat: add tag filters to getListings * fix: pass empty args to getListings useQuery * fix: modify listings.ts to pass local tests and ran npm install * fixed final errors * fixed final errors * fixed new errors * fixed new errors * fixed * Poly-16-Tags-Backend * removed redundancy * fix * fix * fix * Fix2 * fix: integrate coderabbit changes and edit testcases * fix: filter listings by tags in memory * feat: exclude hidden listings from getListings * Add validation for limit and price parameters in getListings query * Fix duplicate reports table in schema and update dependencies * Merge tag filtering with category/price filters - Add tag filtering to getListings query (OR logic) - Add category and price range filters - Create unified FilterBar with all three filter types - Add CategoryPicker and PriceRangePicker components - Support URL params for tag deep linking - Add comprehensive validation for price inputs * refactor: address code review feedback - Remove redundant arrayContaining assertion in schema test - Extract shared filter types to frontend/types/filters.ts - Remove duplicate CATEGORIES from CategoryPicker - Fix PriceRangePicker useEffect to only reset on modal open - Remove dead padding properties from chip style - Fix URL param sync in handleTagsChange * Fix duplicate useState import and unused styles in index.tsx * fix: exclude hidden listings from getListings query * fix: resolve merge conflicts and fix test configuration - Merge tag filtering tests with basic filtering tests from dev - Add @babel/preset-typescript to babel.config.js for proper TS support - Configure jest to use ts-jest for .ts files and babel-jest for .js files - Add price validation to getListings (minPrice/maxPrice checks) - Add getCurrentUserSubject query from dev branch - Fix test ordering by using _creationTime instead of createdAt - All 55 tests now passing * fix: remove duplicate functions from merge conflict - Remove duplicate getListings export (kept complete version with tag filtering) - Remove duplicate getCurrentUserSubject export - Remove unused normalizeTags function - All tests passing, linting clean * fix: remove duplicate listings variable declaration - Remove unfiltered listings query on line 13 - Keep filtered listings query that respects filter state - Fixes TypeScript error: Cannot redeclare block-scoped variable * fixed redundancy of validate/normalize * chore: upgrade Expo SDK to 54 and fix dependencies - Upgrade Expo from ~52.0.0 to ^54.0.33 - Upgrade React to 19.1.0 and React Native to 0.81.5 - Update all Expo packages to SDK 54 compatible versions - Add @auth/core dependency to backend to fix convex dev - Add .npmrc with legacy-peer-deps flag to handle peer dependency conflicts - Fix npm audit vulnerabilities * chore: add self-hosted Convex actions URL to environment configuration * testing * fixes * add docs for s3 convex config (#38) * fixes * delete * fixes * fixes * fixes * fixes * test added * fixes * update * tests * feat: integrate OpenAI Moderation API for listings and messages - Add moderationResults table to schema - Create moderation.ts with moderateContent internalAction - Refactor createListing/updateListing from mutations to actions - Refactor sendMessage from mutation to action - Add ConvexError responses for flagged content - Update all test files for action-based API with fetch mocks - Disable ts-jest diagnostics for convex-test ID serialization - Document OPENAI_API_KEY in .env.example Resolves: POLY-31, POLY-36, POLY-37 * fix: switch createListing/updateListing from useMutation to useAction in frontend Frontend was still using useMutation for createListing and updateListing, which are now actions after moderation integration. This caused TypeScript errors: FunctionReference<"action"> not assignable to FunctionReference<"mutation">. * fix: extract ConvexError.data for moderation rejection messages ConvexError stores the custom error string in .data, not .message. Without this fix, moderation rejection messages would not surface to the user in the Alert dialog. * feat: exclude hidden content from feed and handle hidden states * fix: code rabbit changes * WIP: messaging changes * chore: make POLY-38 schema rollout backward-compatible with backfill * feat: clean shareable links route and listing share action * feat: add production-ready report modal flow for listing detail * style: format ReportModal with Prettier * feat: rebuild clean image uploader with upload URL flow and timeout safeguards * feat: deep-linking listings rebased from nightly clean on latest dev * feat: expo upgrade, fix config, enhance ui, add animations - Deleted Babel configuration file as it is no longer needed. - Updated Jest configuration to specify Babel config file path. - Added environment variables for email handling in backend. - Enhanced email validation and error handling in ResendOTP function. - Improved frontend components with better loading states and animations. - Updated dependencies in package-lock.json for compatibility with new Expo version. * refactor: streamline auth configuration and improve search functionality - Updated auth configuration to use a unified provider domain from environment variables. - Simplified search component logic to enhance performance and maintain reactivity for first-page results. - Removed unnecessary cursor handling for improved clarity in state management. * chore: update expo-image-manipulator and expo-image-picker versions in package files - Upgraded expo-image-manipulator to version 55.0.9 and expo-image-picker to version 55.0.10 in both package-lock.json and package.json for improved functionality and compatibility. * fix: coderabbit feedback - Added a function to dynamically determine the app origin for shareable links in the ListingDetailScreen. - Updated the cancel button in both NewListingScreen and EditListingScreen to be disabled during submissions or pending uploads, with visual feedback for disabled state. * feat: enhance login functionality with return redirection - Integrated useLocalSearchParams to retrieve returnTo parameter for post-auth redirection. - Updated router.replace to redirect users to the specified return path after successful login, improving user experience. * feat: enhance login screen with verification step handling - Introduced a new state variable to manage the verification step in the login process. - Updated the rendering logic to display success messages conditionally based on the verification step, improving user feedback during authentication. * chore: update dependencies and enhance TypeScript configuration - Added expo-router version 55.0.3 to package.json and package-lock.json for improved routing capabilities. - Updated TypeScript configuration in tsconfig.json to include additional file types and improve module resolution. * feat: enhance listings and profiles management - Updated the updateListing action to return specific moderation error responses instead of throwing exceptions. - Added a new query to retrieve the current user's listings, including hidden and inactive items. - Introduced a new query to fetch the current authenticated user's full profile, including non-public fields. - Enhanced profile creation and update mutations to include additional fields and validation for email, year, and other profile attributes. - Improved error handling in listing creation and editing to provide user-friendly feedback for moderation issues. - Updated frontend components to reflect new profile and listing functionalities, including loading states and input validations. * refactor: improve error messaging in profile creation tests - Updated the test case for createProfile to clarify rejection conditions when no email is provided or available on identity. - Enhanced error message to be more user-friendly, specifying that an email is required to create a profile. * chore: update Node.js version in configuration files * fix: ci script * fix: ci checks * fix: ci linux lightningcss binary * fixed issue * fixed issue * potential redundent querires * null request bug * feat: implement push notifications and update dependencies - Added support for push notifications using @convex-dev/expo-push-notifications. - Updated the convex configuration to include push notification handling in message actions. - Enhanced tests to verify push notification functionality upon message creation. - Updated dependencies, including upgrading convex to version 1.32.0 and related Expo packages. - Modified configuration files to reflect changes in app identifiers and notification settings. * fix: improve push notification handling and enhance tests - Updated the sendMessage action to use a more structured approach for push notifications based on the environment. - Enhanced test setup for push notifications by refactoring the mock implementation for better clarity and maintainability. - Added error handling for push notification failures during message delivery. - Updated the useAuth hook to ensure push tokens are removed on sign-out, improving token management. * fix: update app slug for consistency * feat: add message seller button on listings * feat: create inbox screen * feat: create chat screen * feat: implement read receipts for inbox in nav bar * fix: remove errors when clicking inbox * fix: prevent duplicate conversations * feat: add read receipts to messages * fix: show buyer name for listing creator * fix: implemented code rabbit changes * fix: add more code rabbit changes * Development environment setup (#55) * docs: add AGENTS.md with Cursor Cloud development instructions * docs: update AGENTS.md with Convex cloud setup and login caveat * docs: update AGENTS.md to reflect Convex cloud only (no self-hosted) --------- * feat: UI overhaul (#57) * feat: add saved listings functionality and enhance listings queries - Implemented `savedListings` table with associated queries and mutations for saving, unsaving, and checking saved listings. - Added `getListingsBySeller` query to fetch public active listings by seller. - Updated `updateListingStatus` mutation to prevent changing status of sold listings. - Enhanced tests for new saved listings features and updated existing tests for listing status changes. - Improved UI components to support new functionalities and ensure better user experience. * fix: agent bugs * feat: integrate Sentry for error tracking and monitoring - Added `@sentry/react-native` dependency to the project. - Initialized Sentry in the application with the provided DSN for error tracking. - Updated `app.json` to include Sentry configuration for Expo. - Enhanced `_layout.tsx` to wrap the `RootLayout` component with Sentry for better error handling. * refactor: update Metro configuration for Sentry integration * feat: enhance authentication and profile management - Introduced AppReviewOTP for Apple App Review email verification. - Updated authentication flow to support specific email validation for the review process. - Refactored profile bounds to a shared constants module for better maintainability. - Improved error handling and user feedback in login and profile edit screens. - Enhanced saved listings functionality to mark deleted and hidden listings as unavailable. - Updated tests to cover new email validation logic and recent changes in saved listings. * feat: add optional App Review OTP configuration - Introduced optional App Review OTP functionality for Apple App Review login. - Updated backend and frontend to support dynamic email and code configuration via environment variables. - Enhanced email validation logic in the login process to accommodate the new OTP feature. - Updated documentation to reflect the new configuration options for App Review. * fix: icon and package mismatch (#59) * refactor: unify authentication handling across backend modules (#60) - Replaced direct calls to `getUserIdentity` with `requireAuthUserId` in various modules to ensure consistent user authentication checks. - Updated ownership and user ID retrieval logic in listings, messages, profiles, and saved listings to utilize stable user IDs. - Enhanced error handling for unauthorized actions across multiple mutations and queries. - Removed legacy participant ID handling in messages and conversations to streamline user identification. - Improved overall code maintainability and clarity by consolidating authentication logic. * feat: enhance My Listings screen with status filtering and action han… (#61) * feat: enhance My Listings screen with status filtering and action handling - Added status filter options ('all', 'active', 'inactive', 'sold') to the My Listings screen for better listing management. - Implemented action handling for editing, marking as sold, setting status, and deleting listings through a new action sheet. - Improved error handling with user-friendly alerts for various actions. - Updated UI components to reflect changes in listing management and enhance user experience. * feat: unify authentication redirection across screens - Implemented consistent use of `router.replace` for authentication redirection in various screens including Inbox, Home, My Listings, Search, Settings, and Listing Details. - Enhanced user experience by replacing sign-in prompts with loading indicators while redirecting to the login page. - Improved accessibility labels in ListingCard for better screen reader support. * feat: implement messaging block checks and notification preferences (#62) * feat: implement messaging block checks and notification preferences - Added functionality to prevent users from messaging each other if they have blocked one another, enhancing user experience and safety. - Introduced a new mutation to manage message notification preferences, allowing users to enable or disable notifications for incoming messages. - Updated the user schema to include a field for message notification settings. - Enhanced the login flow to prompt users for notification permissions, improving engagement with the messaging feature. - Added tests to ensure proper functionality of blocking and notification features. * chore: update package dependencies and app configuration - Updated various Expo package versions in package-lock.json and package.json for improved stability and features. - Added iOS icon path in app.json to enhance app branding on iOS devices. * feat: enhance user blocking functionality and notification handling - Implemented a new query to check if the current user is blocked by another user, improving user experience in conversations. - Updated the blockUser mutation to ensure proper user ID normalization and error handling for blocking actions. - Enhanced the Settings screen to provide better feedback during account deletion and sign-out processes. - Refactored notification handling to ensure users are informed about permission status and potential issues when enabling notifications. - Improved conversation detail screen to handle blocking states more effectively, preventing users from sending messages if blocked. * feat: improve user blocking and notification preference handling - Introduced a new function to validate peer user IDs in blocking mutations, enhancing error handling for user blocking actions. - Updated blockUser and unblockUser mutations to utilize the new validation function, ensuring proper user ID normalization. - Enhanced Settings screen to provide detailed alerts for notification preference updates, improving user feedback during push token management. - Improved conversation detail screen to handle blocking states more effectively, preventing message sending if users are blocked. * chore: update app configuration and package scripts - Removed iOS icon path from app.json to streamline configuration. - Updated package.json scripts for running Android and iOS to use 'expo run' commands, enhancing build process consistency. * feat: transition to Convex Cloud and update environment configurations (#53) * feat: transition to Convex Cloud and update environment configurations - Updated backend configuration to use Convex Cloud instead of self-hosted setup. - Revised environment variable instructions in documentation for backend and frontend. - Enhanced the My Listings screen with delete functionality and improved user feedback. - Updated various documentation files to reflect the migration to Convex Cloud and removed references to the legacy self-hosted setup. * docs: update README and contributing guide for local development setup - Added instructions for local setup without a Convex account in README.md. - Revised contributing guide to clarify environment variable configuration options for both Convex Cloud and local development. - Removed outdated Convex Cloud migration documentation and legacy self-hosted references. * fix: preserve settings route typing after rebase * fix: address Convex migration and settings review notes --------- * Improve messaging safety and polish the web experience (#63) * chore: update package dependencies and app configuration - Updated various Expo package versions in package-lock.json and package.json for improved stability and features. - Added iOS icon path in app.json to enhance app branding on iOS devices. * chore: update app configuration and package scripts - Removed iOS icon path from app.json to streamline configuration. - Updated package.json scripts for running Android and iOS to use 'expo run' commands, enhancing build process consistency. * feat: polish the Vercel web experience Make the Expo web app feel intentional on desktop while steering app-only flows back to mobile. Add Vercel-friendly config so preview and production builds resolve the right web origin. * fix: remove duplicate layout import after rebase * fix: clean up search list layout styles * fix: preserve web search state Keep the resolved app origin available at runtime and preserve active listing filters when web search updates or refreshes. * chore: manual GitHub Action for dev → main release PR (#64) * chore: update package dependencies and app configuration - Updated various Expo package versions in package-lock.json and package.json for improved stability and features. - Added iOS icon path in app.json to enhance app branding on iOS devices. * chore: update app configuration and package scripts - Removed iOS icon path from app.json to streamline configuration. - Updated package.json scripts for running Android and iOS to use 'expo run' commands, enhancing build process consistency. * feat: polish the Vercel web experience Make the Expo web app feel intentional on desktop while steering app-only flows back to mobile. Add Vercel-friendly config so preview and production builds resolve the right web origin. * fix: remove duplicate layout import after rebase * fix: clean up search list layout styles * fix: preserve web search state Keep the resolved app origin available at runtime and preserve active listing filters when web search updates or refreshes. * chore: add manual GitHub Action to open dev→main release PR - workflow_dispatch only; idempotent open PR or report existing - document usage in contributing releases section --------- Co-authored-by: dfed25 <domfederico21@gmail.com> Co-authored-by: Jaydon Chen <79879038+jaydonkc@users.noreply.github.com> Co-authored-by: Cole <hackman@calpoly.edu> Co-authored-by: Haixin <haixinhuang502@gmail.com> Co-authored-by: BoB121isawesome <79879038+BoB121isawesome@users.noreply.github.com> Co-authored-by: lheutchy <lheutchy@gmail.com> Co-authored-by: dfed25 <150391626+dfed25@users.noreply.github.com> Co-authored-by: MatthewPhan <Matthewminhphan@gmail.com> Co-authored-by: SamanSP1386 <saman.sepehr86@gmail.com> Co-authored-by: Jaydon Bot <jaydon-bot@local> Co-authored-by: Taye-Staats <tayestaats@outlook.com> Co-authored-by: Cursor Agent <cursoragent@cursor.com>
This was referenced Apr 9, 2026
Merged
5 tasks
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary by CodeRabbit
Bug Fixes
Improvements
Documentation