Live from GitHub · Refreshed continuously

Software Updates

Every change we ship to katura1999.com — features, fixes, security patches, the lot. Pulled straight from our private GitHub repository so you can see exactly what was built and when.

By the numbers

Lines of code

828,292

Web platform — TypeScript, React, Prisma, CSS

iOS

78,204

Swift + SwiftUI lines

Android

3,117

Kotlin + Jetpack Compose lines

All platforms

909,613

Web + iOS + Android combined (44.5× the King James Bible)

Characters written

35.04M

35,041,420 total characters

Updates pushed

1,893

exact commit count on main

Current version

v1.18.93

build 1893 · 1c76417

Database models

392

across 47 schema files — most SaaS platforms have 20–50

API endpoints

955

individually routed — Stripe's public API has ~400

Translated strings

82,512

every string, in 24 languages

System permutations

10^287

2^955 endpoint combinations — more than atoms in the observable universe (10^80)

Project age

6mo 15d

since Dec 14, 2025

Pre-AI dev hours

30.3K hrs

909,613 lines ÷ 30 LOC/hr — equivalent to 14.6 years (senior engineer, no AI)

With-AI dev hours

7.6K hrs

4× AI productivity multiplier (2024–2026 studies) — equivalent to 948 days

Equivalent firm cost

$7,859,055

live ticker · Katura rate: $60 USD/hr

Hours estimated from source line count at 30 LOC/hr (industry benchmark for production-quality TypeScript/React without AI assistance), with a 4× multiplier for AI-assisted development per published 2024–2026 enterprise studies. Equivalent Firm Cost uses a $250/hr loaded billable rate reflecting a premium engineering firm building enterprise-grade SaaS — and ticks up live, because the project is still being actively built.

Commit history

1,893 updates pushed

Showing page 11 of 40 · 501–550 of 2,000 fetched

Sunday, May 10, 2026
15 updates pushed
Feature7:01 AM · ZRosserMcIntosh
harden /admin/meetings security+perf, add Yen risk-class taxonomy
- B.1 CRITICAL: lock down /api/guest/translate
- require inviteToken + validate against MeetingInvite (expiry + status)
- per-token + per-IP rate limits
- CORS lock to katura1999.com / *.vercel.app / dev localhost
- use real invite.meetingId for cache bucketing (kill 'guest_shared' hack)
- B.3: escape HTML in invite email body (guestName/hostName/title/email)
- B.4: realtime-session route now binds to [id] meeting, validates active, attaches metadata (meetingId/adminEmail), audit-logs to MeetingTranslationSession
- B.5: cap MeetingInvite joins at 5; force-expire all invites on End meeting
- B.7: random per-session LiveKit identity (randomBytes 8) — no inviteId leak
- B.8: hashed guest chat identity via XOR-fold (no token prefix exposure)
- B.9: tight Permissions-Policy on /g/:token* in next.config.ts (camera/mic/display-capture self only; X-Frame DENY; noindex)
- B.10: rate-limit invite GET endpoint per-IP
- B.11: Brevo emails tagged [meeting:id, invite:id] for searchable audit
- A.2: SR interimResults=true + interim caption render (instant feedback)
- A.7: skip MeetingTranslationCache write for utterances <= 120 chars
- New: prisma/migrations/add-meeting-translation-session.sql
- New: src/lib/security/escape-html.ts (shared escaper)
- src/lib/rate-limit.ts: 5 new RATE_LIMITS entries for meetings
- src/lib/yen/risk-classes.ts: 6-class taxonomy (READ_ONLY / REVERSIBLE_INTERNAL_WRITE / EXTERNAL_NOISY / FINANCIAL / IDENTITY / DESTRUCTIVE) + CLASS_POLICY + TOOL_RISK_CLASS for every shipped + Tier-1 tool + SUBAGENT_DEFAULT_BUDGET (canCreateSubAgents:false hardcoded)
- src/lib/yen/sensitivity.ts: tag() / redactForModel() / redactForAdmin() for field-level visibility labels (public/internal_only/never_model)
- src/lib/yen/outbound-scrubber.ts: pre-approval pattern scanner (SSN, Luhn-valid cards, API keys, internal markers, cost-basis terms, supplier refs, HR notes) — scrubOutboundMessage + scrubArtifact
- src/lib/yen/guardrails.ts: evaluateGuard now falls through to CLASS_POLICY default (BLOCK/GATE/ALLOW) after explicit SOFT_GATED check
- YEN-CLAUDE-CAPABILITIES.md (9-section capabilities + roadmap doc)
- MEETINGS-TRANSLATION-AUDIT.md (perf A.1-A.11 + security B.1-B.12)
- YEN-VIRGIL-REVIEW-RESPONSE.md (point-by-point response with code evidence)
333b07eView on GitHub →
Feature6:25 AM · ZRosserMcIntosh
Claude/Anthropic provider, tracking dialog, hotkey spinner, email help button
- Yen: Add Anthropic (Claude) as a first-class provider
- New 'anthropic' case in providers.ts (claude-sonnet-4-5 default)
- src/lib/yen/anthropic-adapter.ts — full bidirectional translation between OpenAI-compat format used internally and Anthropic Messages API format (tools, tool_use blocks, tool_result, image parts, system prompt)
- chat/route.ts: branches on provider.name==='anthropic' → callAnthropic() instead of fetch to /chat/completions; all guardrails/approval gating unchanged
- Validates ANTHROPIC_API_KEY at request time with clear error message
- Set YEN_PROVIDER=anthropic in Vercel env to activate
- System prompt updated: identifies as Claude-powered
- Email: Wire up tracking details dialog (T-TRACK-01)
- thread-view.tsx: import EmailTrackingDialog; add trackingMsgId state; pass onOpenTracking to each MessageCard; render EmailTrackingDialog at bottom
- MessageCard: accepts onOpenTracking prop; shows EmailStatusBadge with onClick next to timestamp — click badge to open full timeline (opens, unique opens, forwards, IP, device, location, time-after-send)
- Cmd+/ support hotkey: instant open with screenshot loading indicator
- Modal now opens IMMEDIATELY on keypress (setOpen(true) before capture)
- Added 'capturing' state; shows animated spinner 'Capturing screenshot…' in the modal header while html-to-image renders in the background
- Spinner disappears automatically when screenshot arrives or times out
- Email: Add '?' help button explaining all features
- email-shell.tsx: HelpCircle button in top search bar → opens Dialog
- Covers: AI Summary, Translate, Smart Replies, To Task, Tracking, Print, Compose (C shortcut), Schedule Send, Undo Send, Search
- HelpSection component at bottom of file (icon + title + description)
- Yen page: sends pageContext (url, kind, label) with every chat message
b22ea21View on GitHub →
Featureemail6:08 AM · ZRosserMcIntosh
AI email translation — inbound + outbound (T-FE54K)
- POST /api/admin/email/[messageId]/translate Detects language of last inbound message and translates to English (or any target language) via gpt-4o-mini. Single call handles both detection and translation. Returns detectedLanguage, detectedLanguageName, translatedText, isAlreadyTargetLanguage.
- POST /api/admin/email/translate-outbound Translates an admin-written reply from English to a target language before sending. Supports pt-BR vs pt-PT distinction. Returns translatedHtml and translatedSubject.
- thread-view.tsx: Translate button in toolbar (Globe icon, next to AI Summary). Clicking fetches translation and renders a two-column panel: original on the left, English on the right. Below the panel, two reply buttons: 'English (they receive English)' and '[Language] (they receive [Language])'. The latter opens compose with translateToLanguage set.
- compose-dialog.tsx: ComposePrefill gains translateToLanguage field. When set, handleSend calls translate-outbound before /email/send, swaps body+subject with translated versions, and shows a 'Translating…' spinner + '🌐 Sending in Portuguese' badge in the footer so the user always knows which language will actually be delivered.
31a17adView on GitHub →
Update5:57 AM · ZRosserMcIntosh
build error + meeting cam/mic auto-activate + signatures use-case doc
- fix(build): correct import path in saturday-request/route.ts sendBrevoTransactionalEmail lives in @/lib/marketing/brevo-campaigns, not @/lib/brevo — was causing Turbopack build failure for last 4 deploys
- fix(meetings): auto-activate camera+mic when permission previously granted (T-29244) Two root causes: 1. Permissions-Policy: 'camera=(), microphone=()' blocks getUserMedia in Firefox at the top-level document (Chrome ignores this; Firefox enforces it). Changed to 'camera=(self), microphone=(self)' — allows same-origin access, still blocks cross-origin iframes. 2. Admin <LiveKitRoom> was missing 'video' and 'audio' props. Guest room always had them. Added both — browser auto-activates silently if permission was previously granted, prompts once if not.
- docs: add KATURA-SIGNATURES-USE-CASES.md — 29 extended use cases for Katura Signatures with full implementation details and priority matrix
2c172fcView on GitHub →
Featuresignatures5:46 AM · ZRosserMcIntosh
Katura Signatures — internal e-sign + Stripe payment system
- SQL schema: SignatureTemplate, SignatureDocument, SignatureField, SignatureAuditLog with 10 seeded templates (custom deposit, engagement ring, lab diamond, natural stone release, employee W-4, contractor W-9, bench jeweler, casting house, wholesale, NDA)
- Domain layer: types, tokens, repo, Stripe integration
- Public API: GET/POST /api/signatures/[token]/{sign,decline,pay}
- Admin API: GET/POST /api/admin/signatures + [id]/send + /templates
- Public UI: /signatures/[token] — single-page sign + pay with embedded Stripe Payment Element and TYPED/DRAWN/UPLOADED signature methods
- Admin UI: /admin/signatures list/new/detail with audit log
- Webhook: extends /api/webhooks/stripe to route signature payments via metadata.katura_signature_id (falls through to existing handlers if not a sig)
f614e13View on GitHub →
Featuremeetings5:29 AM · ZRosserMcIntosh
CC icon, gear settings panel, 7 fonts, draggable PiP, iOS subtitles fix
- Replace Brain icon with Captions (CC) icon from lucide-react
- Add Settings gear button (visible while subtitles active)
- Subtitle settings panel: all-caps toggle (default ON), 7 font options (Katura Display, Sans, Serif, Mono, Rounded, Condensed, Humanist), 5 size options (S → 2XL) — styles applied imperatively via useEffect
- Draggable self-view PiP: FaceTime-style pointer-drag with corner snapping (BR → BL → TR → TL) using setPointerCapture + onPointerUp release detection
- Fix iOS subtitles: remove disabled state from CC button on iOS; toggleAiNotes now enables subtitle display on iOS (remote captions still work via LiveKit data packets) without attempting to start unsupported local STT
9798688View on GitHub →
Feature5:17 AM · ZRosserMcIntosh
Phase 1 invoice engine — commercial spine (no Stripe)
- prisma/add-sales-invoices.sql: 5 tables (SalesInvoice, SalesInvoiceLineItem, SalesInvoiceAgreement, SalesInvoicePayment, SalesAgreementTemplate), 5 enums, global sequence sales_invoice_number_seq, 7 seeded EN agreement templates
- types.ts: enums, status colors, computeTotals (bp-based tax), formatMoney, STATUS_TRANSITIONS state machine
- numbering.ts: KAT-YYYY-NNNNN via Postgres sequence
- repo.ts: createInvoice, getInvoiceById, listInvoices, listLineItems, listPayments, recordManualPayment, markSent, markViewed, voidInvoice, getActiveAgreementTemplate
- GET/POST /api/admin/invoices
- GET/DELETE /api/admin/invoices/:id
- POST /api/admin/invoices/:id/payments (manual; $25K approval gate)
- POST /api/admin/invoices/:id/send
- /admin/invoices (list + KPI strip: outstanding, paid this month, drafts, overdue)
- /admin/invoices/new (60-second builder: type, customer, line items, tax rate, notes — save draft / save & send)
- /admin/invoices/:id (detail: line items, payment history, record manual payment form, void/send actions)
- /admin/invoices/:id/print (print-stylesheet view, Cmd-P)
- /[locale]/account/invoices
- /[locale]/account/invoices/:id (email-gated: owner only)
- 'Invoices' entry under Sales & CRM group
- 'New Invoice' quick action in command palette
- admin-i18n-provider: salesInvoices + newSalesInvoice keys
- docs/invoicing-architecture-2026-05-10.md (Virgil memo, 4-phase plan)
- docs/sales-priority-consultation-positioning-2026-05-10.md
a70d51eView on GitHub →
Featuremeetings+sales4:52 AM · ZRosserMcIntosh
consultation engine, sales OS, meetings reliability+latency
- Sales region routing with GDPR consent + 2-hr lead time
- Slot engine: Sunday closed, Saturday request-only, priority slot (1/day for 3 days, 45min, $100 surcharge — 'Priority Consultation' scarcity, not fake-busy)
- Inspiration upload to Supabase, ICS calendar invites, reminders cron
- Consultation cancel/reschedule by token, Saturday-request endpoint
- /admin/sales hub + regions CRUD + API
- /admin/meetings/[id]/prep brief, /admin/meetings/health page
- Branded force-end AlertDialog (no more browser confirm)
- Interim flush via navigator.sendBeacon on rec.onend — fixes 'no notes were taken' bug when host force-ends mid-utterance
- Empty-transcript fallback explains the cause + chat-only recap
- /api/admin/meetings/[id]/regenerate-minutes route
- TranscriptHealth admin diagnostic panel on /minutes page
- LiveKit data-packet caption broadcast (lossy interim, reliable final) so REMOTE viewers see captions in real time, bypassing Postgres
- Debounced + token-cancelled interim translation per viewer
- In-memory LRU translation cache + cross-meeting DB lookup
- Direct browser→OpenAI realtime translation WebSocket via ephemeral token (audio never traverses Vercel)
- /api/admin/people/search backend with employees > contractors > clients ranking, @username + prefix matching, multi-channel hints
- meetings-latency-deep-dive-2026-05-10.md
- meetings-invite-search-2026-05-10.md
- MEETINGS-STRATEGY.md updated
30e01d0View on GitHub →
Featuremeetings2:38 AM · ZRosserMcIntosh
timestamps+timeline, smart end/leave, PiP, screen share picker, grace period rejoin, MEETINGS-STRATEGY.md
a96cafeView on GitHub →
Updatemeetings2:06 AM · ZRosserMcIntosh
camera OverconstrainedError on Chrome, minutes from transcript regardless of aiNotesEnabled flag, Brain button disabled in Firefox
7c1bb8bView on GitHub →
Updatemeetings1:39 AM · ZRosserMcIntosh
6 live-call bugs — camera zoom, iOS STT, name contrast, end-call lag, chat Realtime SQL, fire-and-forget end API
d0c635fView on GitHub →
Featuresupport1:22 AM · ZRosserMcIntosh
post-closure reply bell, support@ sender fix, address table migration, mailbox signature
14b1c40View on GitHub →
Updatemeetings12:48 AM · ZRosserMcIntosh
FaceTime PiP layout, C-SPAN captions, visible control buttons
98186f1View on GitHub →
Updatecheckout,addresses12:31 AM · ZRosserMcIntosh
autofill fixes, postal code lookup, country-first form
- SavedAddressesSection: when user has no saved addresses and clicks 'Add address', the form now fetches /api/user/recent-order-address and pre-fills all fields (firstName, lastName, address, city, state, ZIP, country, phone). Label defaults to 'Primary' and isDefault=true.
- Empty state message updated with 'Add your first address — we'll try to pre-fill it from your order history' link text.
- New API route: GET /api/user/recent-order-address
- Checks the most recent Order.shippingAddress JSON (normalizes across multiple field-name conventions: address1/addressLine1/line1, etc.)
- Falls back to User model denormalized fields (addressLine1, city, provinceCode, countryCode, zipCode, addressPhone) — these are populated by Shopify import + default-address saves.
- Returns { suggestion: {...} | null }, always 200 (never breaks the form)
- prefillAddress() was reading addr.address / addr.apartment / addr.zip but /api/user/addresses returns addressLine1 / addressLine2 / postalCode.
- Corrected all three field names. Addresses now actually fill the form.
- session useEffect now splits session.user.name into firstName / lastName and fills the first/last name inputs when they're empty.
- Works even when the user has no saved addresses (Shopify customers, etc.)
- prefillAddress() now has a second fetch to /api/user/profile when no saved addresses exist, using firstName, lastName, addressLine1, addressLine2, city, provinceCode, countryCode, zipCode, addressPhone.
- /api/user/profile GET extended to return all address fields.
- Phone is set from saved address, then profile phone, then addressPhone.
- The currency-based setCountry useEffect is now guarded by sessionStatus: if the user is authenticated, we skip the currency guess entirely and let prefillAddress() set the country from their saved address.
- For unauthenticated guests, BRL→BR, MXN→MX, EUR+pt→PT, etc. still apply.
- Country selector moved to the TOP of the shipping address form (above name fields) so the form adapts immediately when country changes.
- For BR, US, and CA the ZIP/CEP input is shown ABOVE the address lines with an autofill note ('Cidade e estado serão preenchidos...' for PT, English equivalent for US/CA).
Featuremeetings12:10 AM · ZRosserMcIntosh
in-room chat panel, AI notes toggle, smart subtitle defaults
- New reusable MeetingChatPanel component (src/components/meetings/meeting-chat-panel.tsx)
- Right-side collapsible panel with unread badge on the floating bubble
- Supabase Realtime (postgres_changes INSERT) for live message delivery
- Read receipts: marks messages read on panel open (admin rooms only)
- File uploads to Supabase Storage bucket 'meeting-files', images shown inline
- Link auto-detection: URLs rendered with external-link icon
- Enter to send, Shift+Enter for newline
- New MeetingChatMessage Prisma model (prisma/schema/meetings.prisma)
- Fields: id, meetingId, senderIdentity, senderName, type (text|file|link), content, fileName, fileUrl, fileSize, fileMime, readBy[], createdAt
- SQL migration ready at prisma/add-meeting-chat.sql
- New API routes:
- GET/POST /api/admin/meetings/[id]/chat — admin auth via requireKaturaAdmin
- POST /api/admin/meetings/[id]/chat/read — marks messages read by identity
- GET/POST /api/guest/meetings/[token]/chat — guest auth via invite token
- Wired into admin room (meeting-room-client.tsx) with admin chat endpoints
- Wired into guest room (guest-room-client.tsx) with guest chat endpoints
- Guest identity = 'guest_<first8charsOfToken>', read receipts disabled
- meetings-client.tsx: new 'Enable AI notes' checkbox (default: true)
- When disabled, notice text updates to explain no transcript/summary generated
- end/route.ts: respects aiNotesEnabled flag from Meeting row
- If disabled, skips generateMinutes() and returns a placeholder summary
- If enabled, includes chat messages in the AI prompt under '## In-Meeting Chat'
- summarize.ts: generateMinutes() now accepts optional chatMessages param
- Chat messages formatted with timestamp, sender, and type label ([file]/[link])
- Appended to transcript prompt so Claude/GPT-4o summarises chat in minutes
- Admin room: subtitle auto-enable logic now uses host's defaultLanguage from join API response (previously hardcoded 'en' comparison)
- join/route.ts: now returns defaultLanguage alongside aiNotesEnabled
- Guest join API: now returns meetingId in POST response (needed by chat panel)
Saturday, May 9, 2026
35 updates pushed
Updatemeetings11:12 PM · ZRosserMcIntosh
guest 404 (middleware /g/ bypass), STT mobile/Safari, subtitle/translation UX overhaul, guest room subtitles
5fc9ce6View on GitHub →
Updateemail10:55 PM · ZRosserMcIntosh
support emails dark theme + text wordmark; feat(admin): copy-for-copilot button; feat(checkout): prefill shipping address from saved addresses
b655114View on GitHub →
Updatecsp10:42 PM · ZRosserMcIntosh
add wss://*.livekit.cloud to connect-src — this was blocking all LiveKit WebSocket connections

Page 11 of 40

← Newer Older →

Want to see the source?

github.com/ZRosserMcIntosh/katura

Software Updates

By the numbers

1,893 updates pushed

Sunday, May 10, 2026

harden /admin/meetings security+perf, add Yen risk-class taxonomy

Claude/Anthropic provider, tracking dialog, hotkey spinner, email help button

AI email translation — inbound + outbound (T-FE54K)

build error + meeting cam/mic auto-activate + signatures use-case doc

Katura Signatures — internal e-sign + Stripe payment system

CC icon, gear settings panel, 7 fonts, draggable PiP, iOS subtitles fix

Phase 1 invoice engine — commercial spine (no Stripe)

consultation engine, sales OS, meetings reliability+latency

timestamps+timeline, smart end/leave, PiP, screen share picker, grace period rejoin, MEETINGS-STRATEGY.md

camera OverconstrainedError on Chrome, minutes from transcript regardless of aiNotesEnabled flag, Brain button disabled in Firefox

6 live-call bugs — camera zoom, iOS STT, name contrast, end-call lag, chat Realtime SQL, fire-and-forget end API

post-closure reply bell, support@ sender fix, address table migration, mailbox signature

FaceTime PiP layout, C-SPAN captions, visible control buttons

autofill fixes, postal code lookup, country-first form

in-room chat panel, AI notes toggle, smart subtitle defaults

Saturday, May 9, 2026

guest 404 (middleware /g/ bypass), STT mobile/Safari, subtitle/translation UX overhaul, guest room subtitles

support emails dark theme + text wordmark; feat(admin): copy-for-copilot button; feat(checkout): prefill shipping address from saved addresses

add wss://*.livekit.cloud to connect-src — this was blocking all LiveKit WebSocket connections

resolution email dark theme, logo URL hardened, share dialog wider

eagerly create LiveKit room before issuing tokens to fix silent connect failures

stats i18n+currency, remove TrustBar, lock ticket priority, remove High option

repair corrupted meetings-client + polished support emails

roomCreate token grant + onError handler + full en/pt i18n

loading skeleton + sidebar INP fix + mobile meeting room optimization

close tab on end/disconnect + connection timeout diagnostic

full-screen room, robust camera/mic, broadcast subtitles, per-viewer minutes translation

LiveKit webhook handler — room_finished auto-ends + AI minutes, participant_left stamps leftAt

restore meeting-room-client export (was empty after manual edit)

Apple FaceTime redesign + fix camera/disconnect bugs

guest invite system + K99 API key structure

auto-terminate zombie rooms + force-end + invite link

internal video calling infrastructure

remove icons from metals page + overhaul resolution email template

support escalation chain, bell notifications, settings page, stats page

priority support tickets + IT admin mgmt + labor edit/delete + SQL fix + title edit

Client View Mode for project share links

emails stuck as SCHEDULED — only treat scheduledAt >30s in future as a real schedule

wrap email tracking tooltips in TooltipProvider — fixes sent-box crash

harden public share-links and support intake

cut build time — cpus: 2, optimizePackageImports (lucide-react etc), expand serverExternalPackages, Sentry widenClientFileUpload: false, .vercelignore

header — Education moved left, per-trigger dropdowns (viewport=false), frosted glass menus

software-updates enhanced hints — 'Fix' → 'Update', dynamic LOC-to-years, AI hours-to-days, Bible equivalent calculations

software-updates 3-row stats grid — DB models, API endpoints, translations, 10^234 permutations + $250/hr rate

software-updates reorder stats grid + add Characters card (32.7 Million format)

software-updates show exact line count with commas, not abbreviated K notation + refresh stats

tasks Asana overhaul — dark mode, animations, inline editing, completed section

support UX — desktop notifications, dialog fixes, close+notify flow

support ticket security hardening + storage retention + redirect fix

calendar reminders, visibility, animations, dark mode + Google Calendar plan

Katura/K99 labels, messages URL routing, calendar management + privacy