feat(etapi): add attachments etapi endpoint

This reverts commit eea4cbbd6c.

.github/workflows/main-docker.yml

@@ -271,16 +271,13 @@ jobs:
           REF_NAME=$(echo "${GITHUB_REF}" | sed 's/refs\/heads\///' | sed 's/refs\/tags\///')
 
           # Create and push the manifest list with both the branch/tag name and the commit SHA
-          # Note: Images are only pushed to GHCR during build, so we always reference GHCR sources
-          # and copy to DockerHub using imagetools create
           docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
             -t ${{ env.GHCR_REGISTRY }}/${{ env.IMAGE_NAME }}:${REF_NAME} \
             $(printf '${{ env.GHCR_REGISTRY }}/${{ env.IMAGE_NAME }}@sha256:%s ' *)
 
-          # Copy from GHCR to DockerHub (source digests only exist on GHCR)
-          docker buildx imagetools create \
+          docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
             -t ${{ env.DOCKERHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${REF_NAME} \
-            $(printf '${{ env.GHCR_REGISTRY }}/${{ env.IMAGE_NAME }}@sha256:%s ' *)
+            $(printf '${{ env.DOCKERHUB_REGISTRY }}/${{ env.IMAGE_NAME }}@sha256:%s ' *)
 
           # If the ref is a tag, also tag the image as stable as this is part of a 'release'
           # and only go in the `if` if there is NOT a `-` in the tag's name, due to tagging of `-alpha`, `-beta`, etc...
@@ -290,10 +287,9 @@ jobs:
               -t ${{ env.GHCR_REGISTRY }}/${{ env.IMAGE_NAME }}:stable \
               $(printf '${{ env.GHCR_REGISTRY }}/${{ env.IMAGE_NAME }}@sha256:%s ' *)
 
-            # Copy stable tag from GHCR to DockerHub
-            docker buildx imagetools create \
+            docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
               -t ${{ env.DOCKERHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:stable \
-              $(printf '${{ env.GHCR_REGISTRY }}/${{ env.IMAGE_NAME }}@sha256:%s ' *)
+              $(printf '${{ env.DOCKERHUB_REGISTRY }}/${{ env.IMAGE_NAME }}@sha256:%s ' *)
 
             # Small delay to ensure stable tag is fully propagated
             sleep 5
@@ -305,7 +301,7 @@ jobs:
 
             docker buildx imagetools create \
               -t ${{ env.DOCKERHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:latest \
-              ${{ env.GHCR_REGISTRY }}/${{ env.IMAGE_NAME }}:stable
+              ${{ env.DOCKERHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:stable
 
           fi
 

apps/client/package.json

@@ -59,9 +59,9 @@
     "mind-elixir": "5.6.1",
     "normalize.css": "8.0.1",
     "panzoom": "9.4.3",
-    "preact": "10.28.2",
+    "preact": "10.28.3",
     "react-i18next": "16.5.4",
-    "react-window": "2.2.5",
+    "react-window": "2.2.6",
     "reveal.js": "5.2.1",
     "svg-pan-zoom": "3.6.2",
     "tabulator-tables": "6.3.1",

apps/server/etapi.openapi.yaml

@@ -337,6 +337,155 @@ paths:
                         application/json; charset=utf-8:
                             schema:
                                 $ref: "#/components/schemas/Error"
+    /notes/{noteId}/revisions:
+        parameters:
+            - name: noteId
+              in: path
+              required: true
+              schema:
+                  $ref: "#/components/schemas/EntityId"
+        get:
+            description: Returns all revisions for a note identified by its ID
+            operationId: getNoteRevisions
+            responses:
+                "200":
+                    description: list of revisions
+                    content:
+                        application/json; charset=utf-8:
+                            schema:
+                                type: array
+                                items:
+                                    $ref: "#/components/schemas/Revision"
+                default:
+                    description: unexpected error
+                    content:
+                        application/json; charset=utf-8:
+                            schema:
+                                $ref: "#/components/schemas/Error"
+    /notes/{noteId}/attachments:
+        parameters:
+            - name: noteId
+              in: path
+              required: true
+              schema:
+                  $ref: "#/components/schemas/EntityId"
+        get:
+            description: Returns all attachments for a note identified by its ID
+            operationId: getNoteAttachments
+            responses:
+                "200":
+                    description: list of attachments
+                    content:
+                        application/json; charset=utf-8:
+                            schema:
+                                type: array
+                                items:
+                                    $ref: "#/components/schemas/Attachment"
+                default:
+                    description: unexpected error
+                    content:
+                        application/json; charset=utf-8:
+                            schema:
+                                $ref: "#/components/schemas/Error"
+    /notes/{noteId}/undelete:
+        parameters:
+            - name: noteId
+              in: path
+              required: true
+              schema:
+                  $ref: "#/components/schemas/EntityId"
+        post:
+            description: Restore a deleted note. The note must be deleted and must have at least one undeleted parent.
+            operationId: undeleteNote
+            responses:
+                "200":
+                    description: note restored successfully
+                    content:
+                        application/json; charset=utf-8:
+                            schema:
+                                type: object
+                                properties:
+                                    success:
+                                        type: boolean
+                                        example: true
+                default:
+                    description: unexpected error
+                    content:
+                        application/json; charset=utf-8:
+                            schema:
+                                $ref: "#/components/schemas/Error"
+    /notes/history:
+        get:
+            description: Returns recent changes including note creations, modifications, and deletions
+            operationId: getNoteHistory
+            parameters:
+                - name: ancestorNoteId
+                  in: query
+                  required: false
+                  description: Limit changes to a subtree identified by this note ID. Defaults to "root" (all notes).
+                  schema:
+                      $ref: "#/components/schemas/EntityId"
+            responses:
+                "200":
+                    description: list of recent changes
+                    content:
+                        application/json; charset=utf-8:
+                            schema:
+                                type: array
+                                items:
+                                    $ref: "#/components/schemas/RecentChange"
+                default:
+                    description: unexpected error
+                    content:
+                        application/json; charset=utf-8:
+                            schema:
+                                $ref: "#/components/schemas/Error"
+    /revisions/{revisionId}:
+        parameters:
+            - name: revisionId
+              in: path
+              required: true
+              schema:
+                  $ref: "#/components/schemas/EntityId"
+        get:
+            description: Returns a revision identified by its ID
+            operationId: getRevisionById
+            responses:
+                "200":
+                    description: revision response
+                    content:
+                        application/json; charset=utf-8:
+                            schema:
+                                $ref: "#/components/schemas/Revision"
+                default:
+                    description: unexpected error
+                    content:
+                        application/json; charset=utf-8:
+                            schema:
+                                $ref: "#/components/schemas/Error"
+    /revisions/{revisionId}/content:
+        parameters:
+            - name: revisionId
+              in: path
+              required: true
+              schema:
+                  $ref: "#/components/schemas/EntityId"
+        get:
+            description: Returns revision content identified by its ID
+            operationId: getRevisionContent
+            responses:
+                "200":
+                    description: revision content response
+                    content:
+                        text/html:
+                            schema:
+                                type: string
+                default:
+                    description: unexpected error
+                    content:
+                        application/json; charset=utf-8:
+                            schema:
+                                $ref: "#/components/schemas/Error"
     /branches:
         post:
             description: >
@@ -1186,3 +1335,93 @@ components:
                     type: string
                     description: Human readable error, potentially with more details,
                     example: Note 'evnnmvHTCgIn' is protected and cannot be modified through ETAPI
+        Revision:
+            type: object
+            description: Revision represents a snapshot of note's title and content at some point in the past.
+            properties:
+                revisionId:
+                    $ref: "#/components/schemas/EntityId"
+                    readOnly: true
+                noteId:
+                    $ref: "#/components/schemas/EntityId"
+                    readOnly: true
+                type:
+                    type: string
+                    enum:
+                        [
+                            text,
+                            code,
+                            render,
+                            file,
+                            image,
+                            search,
+                            relationMap,
+                            book,
+                            noteMap,
+                            mermaid,
+                            webView,
+                            shortcut,
+                            doc,
+                            contentWidget,
+                            launcher,
+                        ]
+                mime:
+                    type: string
+                isProtected:
+                    type: boolean
+                    readOnly: true
+                title:
+                    type: string
+                blobId:
+                    type: string
+                    description: ID of the blob object which effectively serves as a content hash
+                dateLastEdited:
+                    $ref: "#/components/schemas/LocalDateTime"
+                    readOnly: true
+                dateCreated:
+                    $ref: "#/components/schemas/LocalDateTime"
+                    readOnly: true
+                utcDateLastEdited:
+                    $ref: "#/components/schemas/UtcDateTime"
+                    readOnly: true
+                utcDateCreated:
+                    $ref: "#/components/schemas/UtcDateTime"
+                    readOnly: true
+                utcDateModified:
+                    $ref: "#/components/schemas/UtcDateTime"
+                    readOnly: true
+                contentLength:
+                    type: integer
+                    format: int32
+                    readOnly: true
+        RecentChange:
+            type: object
+            description: Represents a recent change event (creation, modification, or deletion).
+            properties:
+                noteId:
+                    $ref: "#/components/schemas/EntityId"
+                    readOnly: true
+                title:
+                    type: string
+                    description: Title at the time of the change (may be "[protected]" for protected notes)
+                current_title:
+                    type: string
+                    description: Current title of the note (may be "[protected]" for protected notes)
+                current_isDeleted:
+                    type: boolean
+                    description: Whether the note is currently deleted
+                current_deleteId:
+                    type: string
+                    description: Delete ID if the note is deleted
+                current_isProtected:
+                    type: boolean
+                    description: Whether the note is protected
+                utcDate:
+                    $ref: "#/components/schemas/UtcDateTime"
+                    description: UTC timestamp of the change
+                date:
+                    $ref: "#/components/schemas/LocalDateTime"
+                    description: Local timestamp of the change
+                canBeUndeleted:
+                    type: boolean
+                    description: Whether the note can be undeleted (only present for deleted notes)

apps/server/spec/etapi/get-note-revisions.spec.ts

@@ -0,0 +1,77 @@
+import { Application } from "express";
+import { beforeAll, describe, expect, it } from "vitest";
+import supertest from "supertest";
+import { createNote, login } from "./utils.js";
+import config from "../../src/services/config.js";
+
+let app: Application;
+let token: string;
+
+const USER = "etapi";
+let createdNoteId: string;
+
+describe("etapi/get-note-revisions", () => {
+    beforeAll(async () => {
+        config.General.noAuthentication = false;
+        const buildApp = (await (import("../../src/app.js"))).default;
+        app = await buildApp();
+        token = await login(app);
+        createdNoteId = await createNote(app, token);
+
+        // Create a revision by updating the note content
+        await supertest(app)
+            .put(`/etapi/notes/${createdNoteId}/content`)
+            .auth(USER, token, { "type": "basic" })
+            .set("Content-Type", "text/plain")
+            .send("Updated content for revision")
+            .expect(204);
+
+        // Force create a revision
+        await supertest(app)
+            .post(`/etapi/notes/${createdNoteId}/revision`)
+            .auth(USER, token, { "type": "basic" })
+            .expect(204);
+    });
+
+    it("gets revisions for a note", async () => {
+        const response = await supertest(app)
+            .get(`/etapi/notes/${createdNoteId}/revisions`)
+            .auth(USER, token, { "type": "basic" })
+            .expect(200);
+
+        expect(Array.isArray(response.body)).toBe(true);
+        expect(response.body.length).toBeGreaterThan(0);
+
+        const revision = response.body[0];
+        expect(revision).toHaveProperty("revisionId");
+        expect(revision).toHaveProperty("noteId", createdNoteId);
+        expect(revision).toHaveProperty("type");
+        expect(revision).toHaveProperty("mime");
+        expect(revision).toHaveProperty("title");
+        expect(revision).toHaveProperty("isProtected");
+        expect(revision).toHaveProperty("blobId");
+        expect(revision).toHaveProperty("utcDateCreated");
+    });
+
+    it("returns empty array for note with no revisions", async () => {
+        // Create a new note without any revisions
+        const newNoteId = await createNote(app, token, "Brand new content");
+
+        const response = await supertest(app)
+            .get(`/etapi/notes/${newNoteId}/revisions`)
+            .auth(USER, token, { "type": "basic" })
+            .expect(200);
+
+        expect(Array.isArray(response.body)).toBe(true);
+        // New notes may or may not have revisions depending on settings
+    });
+
+    it("returns 404 for non-existent note", async () => {
+        const response = await supertest(app)
+            .get("/etapi/notes/nonexistentnote/revisions")
+            .auth(USER, token, { "type": "basic" })
+            .expect(404);
+
+        expect(response.body.code).toStrictEqual("NOTE_NOT_FOUND");
+    });
+});

apps/server/spec/etapi/get-revision.spec.ts

@@ -0,0 +1,71 @@
+import { Application } from "express";
+import { beforeAll, describe, expect, it } from "vitest";
+import supertest from "supertest";
+import { createNote, login } from "./utils.js";
+import config from "../../src/services/config.js";
+
+let app: Application;
+let token: string;
+
+const USER = "etapi";
+let createdNoteId: string;
+let revisionId: string;
+
+describe("etapi/get-revision", () => {
+    beforeAll(async () => {
+        config.General.noAuthentication = false;
+        const buildApp = (await (import("../../src/app.js"))).default;
+        app = await buildApp();
+        token = await login(app);
+        createdNoteId = await createNote(app, token, "Initial content");
+
+        // Update content to create a revision
+        await supertest(app)
+            .put(`/etapi/notes/${createdNoteId}/content`)
+            .auth(USER, token, { "type": "basic" })
+            .set("Content-Type", "text/plain")
+            .send("Updated content")
+            .expect(204);
+
+        // Force create a revision
+        await supertest(app)
+            .post(`/etapi/notes/${createdNoteId}/revision`)
+            .auth(USER, token, { "type": "basic" })
+            .expect(204);
+
+        // Get the revision ID
+        const revisionsResponse = await supertest(app)
+            .get(`/etapi/notes/${createdNoteId}/revisions`)
+            .auth(USER, token, { "type": "basic" })
+            .expect(200);
+
+        expect(revisionsResponse.body.length).toBeGreaterThan(0);
+        revisionId = revisionsResponse.body[0].revisionId;
+    });
+
+    it("gets revision metadata by ID", async () => {
+        const response = await supertest(app)
+            .get(`/etapi/revisions/${revisionId}`)
+            .auth(USER, token, { "type": "basic" })
+            .expect(200);
+
+        expect(response.body).toHaveProperty("revisionId", revisionId);
+        expect(response.body).toHaveProperty("noteId", createdNoteId);
+        expect(response.body).toHaveProperty("type", "text");
+        expect(response.body).toHaveProperty("mime", "text/html");
+        expect(response.body).toHaveProperty("title", "Hello");
+        expect(response.body).toHaveProperty("isProtected", false);
+        expect(response.body).toHaveProperty("blobId");
+        expect(response.body).toHaveProperty("utcDateCreated");
+        expect(response.body).toHaveProperty("utcDateModified");
+    });
+
+    it("returns 404 for non-existent revision", async () => {
+        const response = await supertest(app)
+            .get("/etapi/revisions/nonexistentrevision")
+            .auth(USER, token, { "type": "basic" })
+            .expect(404);
+
+        expect(response.body.code).toStrictEqual("REVISION_NOT_FOUND");
+    });
+});

apps/server/spec/etapi/note-history.spec.ts

@@ -0,0 +1,94 @@
+import { Application } from "express";
+import { beforeAll, describe, expect, it } from "vitest";
+import supertest from "supertest";
+import { createNote, login } from "./utils.js";
+import config from "../../src/services/config.js";
+
+let app: Application;
+let token: string;
+
+const USER = "etapi";
+let createdNoteId: string;
+
+describe("etapi/note-history", () => {
+    beforeAll(async () => {
+        config.General.noAuthentication = false;
+        const buildApp = (await (import("../../src/app.js"))).default;
+        app = await buildApp();
+        token = await login(app);
+
+        // Create a note to ensure there's some history
+        createdNoteId = await createNote(app, token, "History test content");
+
+        // Create a revision to ensure history has entries
+        await supertest(app)
+            .post(`/etapi/notes/${createdNoteId}/revision`)
+            .auth(USER, token, { "type": "basic" })
+            .expect(204);
+    });
+
+    it("gets recent changes history", async () => {
+        const response = await supertest(app)
+            .get("/etapi/notes/history")
+            .auth(USER, token, { "type": "basic" })
+            .expect(200);
+
+        expect(Array.isArray(response.body)).toBe(true);
+        expect(response.body.length).toBeGreaterThan(0);
+
+        // Check that history entries have expected properties
+        const entry = response.body[0];
+        expect(entry).toHaveProperty("noteId");
+        expect(entry).toHaveProperty("title");
+        expect(entry).toHaveProperty("utcDate");
+        expect(entry).toHaveProperty("date");
+        expect(entry).toHaveProperty("current_isDeleted");
+        expect(entry).toHaveProperty("current_isProtected");
+    });
+
+    it("filters history by ancestor note", async () => {
+        const response = await supertest(app)
+            .get("/etapi/notes/history?ancestorNoteId=root")
+            .auth(USER, token, { "type": "basic" })
+            .expect(200);
+
+        expect(Array.isArray(response.body)).toBe(true);
+        // All results should be descendants of root (which is everything)
+    });
+
+    it("returns empty array for non-existent ancestor", async () => {
+        const response = await supertest(app)
+            .get("/etapi/notes/history?ancestorNoteId=nonexistentancestor")
+            .auth(USER, token, { "type": "basic" })
+            .expect(200);
+
+        expect(Array.isArray(response.body)).toBe(true);
+        // Should be empty since no notes are descendants of a non-existent note
+        expect(response.body.length).toBe(0);
+    });
+
+    it("includes canBeUndeleted for deleted notes", async () => {
+        // Create and delete a note
+        const noteToDeleteId = await createNote(app, token, "Note to delete for history test");
+
+        await supertest(app)
+            .delete(`/etapi/notes/${noteToDeleteId}`)
+            .auth(USER, token, { "type": "basic" })
+            .expect(204);
+
+        // Check history - deleted note should appear with canBeUndeleted property
+        const response = await supertest(app)
+            .get("/etapi/notes/history")
+            .auth(USER, token, { "type": "basic" })
+            .expect(200);
+
+        const deletedEntry = response.body.find(
+            (entry: any) => entry.noteId === noteToDeleteId && entry.current_isDeleted === true
+        );
+
+        // Deleted entries should have canBeUndeleted property
+        if (deletedEntry) {
+            expect(deletedEntry).toHaveProperty("canBeUndeleted");
+        }
+    });
+});

apps/server/spec/etapi/revision-content.spec.ts

@@ -0,0 +1,64 @@
+import { Application } from "express";
+import { beforeAll, describe, expect, it } from "vitest";
+import supertest from "supertest";
+import { createNote, login } from "./utils.js";
+import config from "../../src/services/config.js";
+
+let app: Application;
+let token: string;
+
+const USER = "etapi";
+let createdNoteId: string;
+let revisionId: string;
+
+describe("etapi/revision-content", () => {
+    beforeAll(async () => {
+        config.General.noAuthentication = false;
+        const buildApp = (await (import("../../src/app.js"))).default;
+        app = await buildApp();
+        token = await login(app);
+        createdNoteId = await createNote(app, token, "Initial revision content");
+
+        // Update content to ensure we have content in the revision
+        await supertest(app)
+            .put(`/etapi/notes/${createdNoteId}/content`)
+            .auth(USER, token, { "type": "basic" })
+            .set("Content-Type", "text/plain")
+            .send("Content after first update")
+            .expect(204);
+
+        // Force create a revision
+        await supertest(app)
+            .post(`/etapi/notes/${createdNoteId}/revision`)
+            .auth(USER, token, { "type": "basic" })
+            .expect(204);
+
+        // Get the revision ID
+        const revisionsResponse = await supertest(app)
+            .get(`/etapi/notes/${createdNoteId}/revisions`)
+            .auth(USER, token, { "type": "basic" })
+            .expect(200);
+
+        expect(revisionsResponse.body.length).toBeGreaterThan(0);
+        revisionId = revisionsResponse.body[0].revisionId;
+    });
+
+    it("gets revision content", async () => {
+        const response = await supertest(app)
+            .get(`/etapi/revisions/${revisionId}/content`)
+            .auth(USER, token, { "type": "basic" })
+            .expect(200);
+
+        expect(response.headers["content-type"]).toMatch(/text\/html/);
+        expect(response.text).toBeTruthy();
+    });
+
+    it("returns 404 for non-existent revision content", async () => {
+        const response = await supertest(app)
+            .get("/etapi/revisions/nonexistentrevision/content")
+            .auth(USER, token, { "type": "basic" })
+            .expect(404);
+
+        expect(response.body.code).toStrictEqual("REVISION_NOT_FOUND");
+    });
+});

apps/server/spec/etapi/undelete-note.spec.ts

@@ -0,0 +1,103 @@
+import { Application } from "express";
+import { beforeAll, beforeEach, describe, expect, it } from "vitest";
+import supertest from "supertest";
+import { login } from "./utils.js";
+import config from "../../src/services/config.js";
+import { randomInt } from "crypto";
+
+let app: Application;
+let token: string;
+
+const USER = "etapi";
+
+describe("etapi/undelete-note", () => {
+    beforeAll(async () => {
+        config.General.noAuthentication = false;
+        const buildApp = (await (import("../../src/app.js"))).default;
+        app = await buildApp();
+        token = await login(app);
+    });
+
+    it("undeletes a deleted note", async () => {
+        // Create a note
+        const noteId = `testNote${randomInt(10000)}`;
+        await supertest(app)
+            .post("/etapi/create-note")
+            .auth(USER, token, { "type": "basic" })
+            .send({
+                "noteId": noteId,
+                "parentNoteId": "root",
+                "title": "Note to delete and restore",
+                "type": "text",
+                "content": "Content to restore"
+            })
+            .expect(201);
+
+        // Verify note exists
+        await supertest(app)
+            .get(`/etapi/notes/${noteId}`)
+            .auth(USER, token, { "type": "basic" })
+            .expect(200);
+
+        // Delete the note
+        await supertest(app)
+            .delete(`/etapi/notes/${noteId}`)
+            .auth(USER, token, { "type": "basic" })
+            .expect(204);
+
+        // Verify note is deleted (should return 404)
+        await supertest(app)
+            .get(`/etapi/notes/${noteId}`)
+            .auth(USER, token, { "type": "basic" })
+            .expect(404);
+
+        // Undelete the note
+        const response = await supertest(app)
+            .post(`/etapi/notes/${noteId}/undelete`)
+            .auth(USER, token, { "type": "basic" })
+            .expect(200);
+
+        expect(response.body).toHaveProperty("success", true);
+
+        // Verify note is restored
+        const restoredResponse = await supertest(app)
+            .get(`/etapi/notes/${noteId}`)
+            .auth(USER, token, { "type": "basic" })
+            .expect(200);
+
+        expect(restoredResponse.body.title).toStrictEqual("Note to delete and restore");
+    });
+
+    it("returns 404 for non-existent note", async () => {
+        const response = await supertest(app)
+            .post("/etapi/notes/nonexistentnote/undelete")
+            .auth(USER, token, { "type": "basic" })
+            .expect(404);
+
+        expect(response.body.code).toStrictEqual("NOTE_NOT_FOUND");
+    });
+
+    it("returns 400 when trying to undelete a non-deleted note", async () => {
+        // Create a note
+        const noteId = `testNote${randomInt(10000)}`;
+        await supertest(app)
+            .post("/etapi/create-note")
+            .auth(USER, token, { "type": "basic" })
+            .send({
+                "noteId": noteId,
+                "parentNoteId": "root",
+                "title": "Note not deleted",
+                "type": "text",
+                "content": "Content"
+            })
+            .expect(201);
+
+        // Try to undelete a note that isn't deleted
+        const response = await supertest(app)
+            .post(`/etapi/notes/${noteId}/undelete`)
+            .auth(USER, token, { "type": "basic" })
+            .expect(400);
+
+        expect(response.body.code).toStrictEqual("NOTE_NOT_DELETED");
+    });
+});

apps/server/src/etapi/attachments.ts

@@ -8,6 +8,12 @@ import type { AttachmentRow } from "@triliumnext/commons";
 import type { ValidatorMap } from "./etapi-interface.js";
 
 function register(router: Router) {
+    eu.route(router, "get", "/etapi/notes/:noteId/attachments", (req, res, next) => {
+        const note = eu.getAndCheckNote(req.params.noteId);
+        const attachments = note.getAttachments();
+        res.json(attachments.map((attachment) => mappers.mapAttachmentToPojo(attachment)));
+    });
+
     const ALLOWED_PROPERTIES_FOR_CREATE_ATTACHMENT: ValidatorMap = {
         ownerId: [v.notNull, v.isNoteId],
         role: [v.notNull, v.isString],

apps/server/src/etapi/etapi_utils.ts

@@ -121,6 +121,16 @@ function getAndCheckAttribute(attributeId: string) {
     }
 }
 
+function getAndCheckRevision(revisionId: string) {
+    const revision = becca.getRevision(revisionId);
+
+    if (revision) {
+        return revision;
+    } else {
+        throw new EtapiError(404, "REVISION_NOT_FOUND", `Revision '${revisionId}' not found.`);
+    }
+}
+
 function validateAndPatch(target: any, source: any, allowedProperties: ValidatorMap) {
     for (const key of Object.keys(source)) {
         if (!(key in allowedProperties)) {
@@ -152,5 +162,6 @@ export default {
     getAndCheckNote,
     getAndCheckBranch,
     getAndCheckAttribute,
-    getAndCheckAttachment
+    getAndCheckAttachment,
+    getAndCheckRevision
 };

apps/server/src/etapi/mappers.ts

@@ -2,6 +2,7 @@ import type BAttachment from "../becca/entities/battachment.js";
 import type BAttribute from "../becca/entities/battribute.js";
 import type BBranch from "../becca/entities/bbranch.js";
 import type BNote from "../becca/entities/bnote.js";
+import type BRevision from "../becca/entities/brevision.js";
 
 function mapNoteToPojo(note: BNote) {
     return {
@@ -64,9 +65,28 @@ function mapAttachmentToPojo(attachment: BAttachment) {
     };
 }
 
+function mapRevisionToPojo(revision: BRevision) {
+    return {
+        revisionId: revision.revisionId,
+        noteId: revision.noteId,
+        type: revision.type,
+        mime: revision.mime,
+        isProtected: revision.isProtected,
+        title: revision.title,
+        blobId: revision.blobId,
+        dateLastEdited: revision.dateLastEdited,
+        dateCreated: revision.dateCreated,
+        utcDateLastEdited: revision.utcDateLastEdited,
+        utcDateCreated: revision.utcDateCreated,
+        utcDateModified: revision.utcDateModified,
+        contentLength: revision.contentLength
+    };
+}
+
 export default {
     mapNoteToPojo,
     mapBranchToPojo,
     mapAttributeToPojo,
-    mapAttachmentToPojo
+    mapAttachmentToPojo,
+    mapRevisionToPojo
 };

apps/server/src/etapi/revisions.ts

@@ -0,0 +1,205 @@
+import becca from "../becca/becca.js";
+import sql from "../services/sql.js";
+import eu from "./etapi_utils.js";
+import mappers from "./mappers.js";
+import noteService from "../services/notes.js";
+import TaskContext from "../services/task_context.js";
+import protectedSessionService from "../services/protected_session.js";
+import utils from "../services/utils.js";
+import type { Router } from "express";
+import type { NoteRow, RecentChangeRow } from "@triliumnext/commons";
+
+function register(router: Router) {
+    // GET /etapi/notes/history - must be registered before /etapi/notes/:noteId routes
+    eu.route(router, "get", "/etapi/notes/history", (req, res, next) => {
+        const ancestorNoteId = (req.query.ancestorNoteId as string) || "root";
+
+        let recentChanges: RecentChangeRow[];
+
+        if (ancestorNoteId === "root") {
+            // Optimized path: no ancestor filtering needed, fetch directly from DB
+            recentChanges = sql.getRows<RecentChangeRow>(`
+                SELECT
+                    notes.noteId,
+                    notes.isDeleted AS current_isDeleted,
+                    notes.deleteId AS current_deleteId,
+                    notes.title AS current_title,
+                    notes.isProtected AS current_isProtected,
+                    revisions.title,
+                    revisions.utcDateCreated AS utcDate,
+                    revisions.dateCreated AS date
+                FROM revisions
+                JOIN notes USING(noteId)
+                UNION ALL
+                SELECT
+                    notes.noteId,
+                    notes.isDeleted AS current_isDeleted,
+                    notes.deleteId AS current_deleteId,
+                    notes.title AS current_title,
+                    notes.isProtected AS current_isProtected,
+                    notes.title,
+                    notes.utcDateCreated AS utcDate,
+                    notes.dateCreated AS date
+                FROM notes
+                UNION ALL
+                SELECT
+                    notes.noteId,
+                    notes.isDeleted AS current_isDeleted,
+                    notes.deleteId AS current_deleteId,
+                    notes.title AS current_title,
+                    notes.isProtected AS current_isProtected,
+                    notes.title,
+                    notes.utcDateModified AS utcDate,
+                    notes.dateModified AS date
+                FROM notes
+                WHERE notes.isDeleted = 1
+                ORDER BY utcDate DESC
+                LIMIT 500`);
+        } else {
+            // Use recursive CTE to find all descendants, then filter at DB level
+            // This pushes filtering to the database for much better performance
+            recentChanges = sql.getRows<RecentChangeRow>(`
+                WITH RECURSIVE descendants(noteId) AS (
+                    SELECT ?
+                    UNION
+                    SELECT branches.noteId
+                    FROM branches
+                    JOIN descendants ON branches.parentNoteId = descendants.noteId
+                )
+                SELECT
+                    notes.noteId,
+                    notes.isDeleted AS current_isDeleted,
+                    notes.deleteId AS current_deleteId,
+                    notes.title AS current_title,
+                    notes.isProtected AS current_isProtected,
+                    revisions.title,
+                    revisions.utcDateCreated AS utcDate,
+                    revisions.dateCreated AS date
+                FROM revisions
+                JOIN notes USING(noteId)
+                WHERE notes.noteId IN (SELECT noteId FROM descendants)
+                UNION ALL
+                SELECT
+                    notes.noteId,
+                    notes.isDeleted AS current_isDeleted,
+                    notes.deleteId AS current_deleteId,
+                    notes.title AS current_title,
+                    notes.isProtected AS current_isProtected,
+                    notes.title,
+                    notes.utcDateCreated AS utcDate,
+                    notes.dateCreated AS date
+                FROM notes
+                WHERE notes.noteId IN (SELECT noteId FROM descendants)
+                UNION ALL
+                SELECT
+                    notes.noteId,
+                    notes.isDeleted AS current_isDeleted,
+                    notes.deleteId AS current_deleteId,
+                    notes.title AS current_title,
+                    notes.isProtected AS current_isProtected,
+                    notes.title,
+                    notes.utcDateModified AS utcDate,
+                    notes.dateModified AS date
+                FROM notes
+                WHERE notes.isDeleted = 1 AND notes.noteId IN (SELECT noteId FROM descendants)
+                ORDER BY utcDate DESC
+                LIMIT 500`, [ancestorNoteId]);
+        }
+
+        for (const change of recentChanges) {
+            if (change.current_isProtected) {
+                if (protectedSessionService.isProtectedSessionAvailable()) {
+                    change.title = protectedSessionService.decryptString(change.title) || "[protected]";
+                    change.current_title = protectedSessionService.decryptString(change.current_title) || "[protected]";
+                } else {
+                    change.title = change.current_title = "[protected]";
+                }
+            }
+
+            if (change.current_isDeleted) {
+                const deleteId = change.current_deleteId;
+
+                const undeletedParentBranchIds = noteService.getUndeletedParentBranchIds(change.noteId, deleteId);
+
+                // note (and the subtree) can be undeleted if there's at least one undeleted parent (whose branch would be undeleted by this op)
+                change.canBeUndeleted = undeletedParentBranchIds.length > 0;
+            }
+        }
+
+        res.json(recentChanges);
+    });
+
+    // GET /etapi/notes/:noteId/revisions - List all revisions for a note
+    eu.route(router, "get", "/etapi/notes/:noteId/revisions", (req, res, next) => {
+        const note = eu.getAndCheckNote(req.params.noteId);
+
+        const revisions = becca.getRevisionsFromQuery(
+            `SELECT revisions.*, LENGTH(blobs.content) AS contentLength
+             FROM revisions
+             JOIN blobs USING (blobId)
+             WHERE noteId = ?
+             ORDER BY utcDateCreated DESC`,
+            [note.noteId]
+        );
+
+        res.json(revisions.map((revision) => mappers.mapRevisionToPojo(revision)));
+    });
+
+    // POST /etapi/notes/:noteId/undelete - Restore a deleted note
+    eu.route(router, "post", "/etapi/notes/:noteId/undelete", (req, res, next) => {
+        const { noteId } = req.params;
+
+        const noteRow = sql.getRow<NoteRow | null>("SELECT * FROM notes WHERE noteId = ?", [noteId]);
+
+        if (!noteRow) {
+            throw new eu.EtapiError(404, "NOTE_NOT_FOUND", `Note '${noteId}' not found.`);
+        }
+
+        if (!noteRow.isDeleted || !noteRow.deleteId) {
+            throw new eu.EtapiError(400, "NOTE_NOT_DELETED", `Note '${noteId}' is not deleted.`);
+        }
+
+        const undeletedParentBranchIds = noteService.getUndeletedParentBranchIds(noteId, noteRow.deleteId);
+
+        if (undeletedParentBranchIds.length === 0) {
+            throw new eu.EtapiError(400, "CANNOT_UNDELETE", `Cannot undelete note '${noteId}' - no undeleted parent found.`);
+        }
+
+        const taskContext = new TaskContext("no-progress-reporting", "undeleteNotes", null);
+        noteService.undeleteNote(noteId, taskContext);
+
+        res.json({ success: true });
+    });
+
+    // GET /etapi/revisions/:revisionId - Get revision metadata
+    eu.route(router, "get", "/etapi/revisions/:revisionId", (req, res, next) => {
+        const revision = eu.getAndCheckRevision(req.params.revisionId);
+
+        if (revision.isProtected) {
+            throw new eu.EtapiError(400, "REVISION_IS_PROTECTED", `Revision '${req.params.revisionId}' is protected and cannot be read through ETAPI.`);
+        }
+
+        res.json(mappers.mapRevisionToPojo(revision));
+    });
+
+    // GET /etapi/revisions/:revisionId/content - Get revision content
+    eu.route(router, "get", "/etapi/revisions/:revisionId/content", (req, res, next) => {
+        const revision = eu.getAndCheckRevision(req.params.revisionId);
+
+        if (revision.isProtected) {
+            throw new eu.EtapiError(400, "REVISION_IS_PROTECTED", `Revision '${req.params.revisionId}' is protected and content cannot be read through ETAPI.`);
+        }
+
+        const filename = utils.formatDownloadTitle(revision.title, revision.type, revision.mime);
+
+        res.setHeader("Content-Disposition", utils.getContentDisposition(filename));
+        res.setHeader("Cache-Control", "no-cache, no-store, must-revalidate");
+        res.setHeader("Content-Type", revision.mime);
+
+        res.send(revision.getContent());
+    });
+}
+
+export default {
+    register
+};

apps/server/src/routes/routes.ts

@@ -12,6 +12,7 @@ import etapiMetricsRoute from "../etapi/metrics.js";
 import etapiNoteRoutes from "../etapi/notes.js";
 import etapiSpecRoute from "../etapi/spec.js";
 import etapiSpecialNoteRoutes from "../etapi/special_notes.js";
+import etapiRevisionsRoutes from "../etapi/revisions.js";
 import auth from "../services/auth.js";
 import openID from '../services/open_id.js';
 import { isElectron } from "../services/utils.js";
@@ -361,6 +362,8 @@ function register(app: express.Application) {
     etapiAttachmentRoutes.register(router);
     etapiAttributeRoutes.register(router);
     etapiBranchRoutes.register(router);
+    // Register revisions routes BEFORE notes routes so /etapi/notes/history is matched before /etapi/notes/:noteId
+    etapiRevisionsRoutes.register(router);
     etapiNoteRoutes.register(router);
     etapiSpecialNoteRoutes.register(router);
     etapiSpecRoute.register(router);

apps/server/src/services/window.ts

@@ -237,18 +237,19 @@ function getWindowExtraOpts() {
             // Linux or other platforms.
             extraOpts.frame = false;
         }
-    }
 
-    // Window effects (Mica)
-    if (optionService.getOptionBool("backgroundEffects")) {
-        if (isMac) {
-            extraOpts.transparent = true;
-            extraOpts.visualEffectState = "active";
-        } else if (isWindows) {
-            extraOpts.backgroundMaterial = "auto";
-        } else {
-            // Linux or other platforms.
-            extraOpts.transparent = true;
+        // Window effects (Mica on Windows and Vibrancy on macOS)
+        // These only work if native title bar is not enabled.
+        if (optionService.getOptionBool("backgroundEffects")) {
+            if (isMac) {
+                extraOpts.transparent = true;
+                extraOpts.visualEffectState = "active";
+            } else if (isWindows) {
+                extraOpts.backgroundMaterial = "auto";
+            } else {
+                // Linux or other platforms.
+                extraOpts.transparent = true;
+            }
         }
     }
 

apps/website/package.json

@@ -11,7 +11,7 @@
 	"dependencies": {
 		"i18next": "25.8.0",
 		"i18next-http-backend": "3.0.2",
-		"preact": "10.28.2",
+		"preact": "10.28.3",
 		"preact-iso": "2.11.1",
 		"preact-render-to-string": "6.6.5",
 		"react-i18next": "16.5.4"

package.json

@@ -101,7 +101,7 @@
     },
     "overrides": {
       "mermaid": "11.12.2",
-      "preact": "10.28.2",
+      "preact": "10.28.3",
       "roughjs": "4.6.6",
       "@types/express-serve-static-core": "5.1.0",
       "flat@<5.0.1": ">=5.0.1",

pnpm-lock.yaml

@@ -6,7 +6,7 @@ settings:
 
 overrides:
   mermaid: 11.12.2
-  preact: 10.28.2
+  preact: 10.28.3
   roughjs: 4.6.6
   '@types/express-serve-static-core': 5.1.0
   flat@<5.0.1: '>=5.0.1'
@@ -214,7 +214,7 @@ importers:
         version: 2.11.8
       '@preact/signals':
         specifier: 2.6.2
-        version: 2.6.2(preact@10.28.2)
+        version: 2.6.2(preact@10.28.3)
       '@triliumnext/ckeditor5':
         specifier: workspace:*
         version: link:../../packages/ckeditor5
@@ -309,14 +309,14 @@ importers:
         specifier: 9.4.3
         version: 9.4.3
       preact:
-        specifier: 10.28.2
-        version: 10.28.2
+        specifier: 10.28.3
+        version: 10.28.3
       react-i18next:
         specifier: 16.5.4
         version: 16.5.4(i18next@25.8.0(typescript@5.9.3))(react-dom@19.2.4(react@19.2.4))(react@19.2.4)(typescript@5.9.3)
       react-window:
-        specifier: 2.2.5
-        version: 2.2.5(react-dom@19.2.4(react@19.2.4))(react@19.2.4)
+        specifier: 2.2.6
+        version: 2.2.6(react-dom@19.2.4(react@19.2.4))(react@19.2.4)
       reveal.js:
         specifier: 5.2.1
         version: 5.2.1
@@ -335,7 +335,7 @@ importers:
         version: 5.0.0
       '@prefresh/vite':
         specifier: 2.4.11
-        version: 2.4.11(preact@10.28.2)(vite@7.3.1(@types/node@24.10.9)(jiti@2.6.1)(less@4.1.3)(lightningcss@1.31.1)(sass-embedded@1.91.0)(sass@1.91.0)(terser@5.44.0)(tsx@4.21.0)(yaml@2.8.1))
+        version: 2.4.11(preact@10.28.3)(vite@7.3.1(@types/node@24.10.9)(jiti@2.6.1)(less@4.1.3)(lightningcss@1.31.1)(sass-embedded@1.91.0)(sass@1.91.0)(terser@5.44.0)(tsx@4.21.0)(yaml@2.8.1))
       '@types/bootstrap':
         specifier: 5.2.10
         version: 5.2.10
@@ -855,21 +855,21 @@ importers:
         specifier: 3.0.2
         version: 3.0.2(encoding@0.1.13)
       preact:
-        specifier: 10.28.2
-        version: 10.28.2
+        specifier: 10.28.3
+        version: 10.28.3
       preact-iso:
         specifier: 2.11.1
-        version: 2.11.1(preact-render-to-string@6.6.5(preact@10.28.2))(preact@10.28.2)
+        version: 2.11.1(preact-render-to-string@6.6.5(preact@10.28.3))(preact@10.28.3)
       preact-render-to-string:
         specifier: 6.6.5
-        version: 6.6.5(preact@10.28.2)
+        version: 6.6.5(preact@10.28.3)
       react-i18next:
         specifier: 16.5.4
         version: 16.5.4(i18next@25.8.0(typescript@5.9.3))(react-dom@19.2.4(react@19.2.4))(react@19.2.4)(typescript@5.9.3)
     devDependencies:
       '@preact/preset-vite':
         specifier: 2.10.3
-        version: 2.10.3(@babel/core@7.28.0)(preact@10.28.2)(rollup@4.52.0)(vite@7.3.1(@types/node@24.10.9)(jiti@2.6.1)(less@4.1.3)(lightningcss@1.31.1)(sass-embedded@1.91.0)(sass@1.91.0)(terser@5.44.0)(tsx@4.21.0)(yaml@2.8.1))
+        version: 2.10.3(@babel/core@7.28.0)(preact@10.28.3)(rollup@4.52.0)(vite@7.3.1(@types/node@24.10.9)(jiti@2.6.1)(less@4.1.3)(lightningcss@1.31.1)(sass-embedded@1.91.0)(sass@1.91.0)(terser@5.44.0)(tsx@4.21.0)(yaml@2.8.1))
       eslint:
         specifier: 9.39.2
         version: 9.39.2(jiti@2.6.1)
@@ -4284,7 +4284,7 @@ packages:
   '@preact/signals@2.6.2':
     resolution: {integrity: sha512-80PMfNS3d8t/J3cRNEJP14zRioWnavgqzX/+tsNGiCX6rpD26+eLkUQpa1sIeOERZMink+dAi34y0MJhg11LKQ==}
     peerDependencies:
-      preact: 10.28.2
+      preact: 10.28.3
 
   '@prefresh/babel-plugin@0.5.2':
     resolution: {integrity: sha512-AOl4HG6dAxWkJ5ndPHBgBa49oo/9bOiJuRDKHLSTyH+Fd9x00shTXpdiTj1W41l6oQIwUOAgJeHMn4QwIDpHkA==}
@@ -4292,7 +4292,7 @@ packages:
   '@prefresh/core@1.5.5':
     resolution: {integrity: sha512-H6GTXUl4V4fe3ijz7yhSa/mZ+pGSOh7XaJb6uP/sQsagBx9yl0D1HKDaeoMQA8Ad2Xm27LqvbitMGSdY9UFSKQ==}
     peerDependencies:
-      preact: 10.28.2
+      preact: 10.28.3
 
   '@prefresh/utils@1.2.1':
     resolution: {integrity: sha512-vq/sIuN5nYfYzvyayXI4C2QkprfNaHUQ9ZX+3xLD8nL3rWyzpxOm1+K7RtMbhd+66QcaISViK7amjnheQ/4WZw==}
@@ -4300,7 +4300,7 @@ packages:
   '@prefresh/vite@2.4.11':
     resolution: {integrity: sha512-/XjURQqdRiCG3NpMmWqE9kJwrg9IchIOWHzulCfqg2sRe/8oQ1g5De7xrk9lbqPIQLn7ntBkKdqWXIj4E9YXyg==}
     peerDependencies:
-      preact: 10.28.2
+      preact: 10.28.3
       vite: '>=2.0.0'
 
   '@promptbook/utils@0.69.5':
@@ -12318,16 +12318,16 @@ packages:
   preact-iso@2.11.1:
     resolution: {integrity: sha512-rLy0RmzP/hrDjnFdnEblxFgKtzUj4njkHrpGJBGS7S4QuYw1zv0lA38qsWpeAAB10JAz/hF2CsHrLen9ufCtbw==}
     peerDependencies:
-      preact: 10.28.2
+      preact: 10.28.3
       preact-render-to-string: '>=6.4.0'
 
   preact-render-to-string@6.6.5:
     resolution: {integrity: sha512-O6MHzYNIKYaiSX3bOw0gGZfEbOmlIDtDfWwN1JJdc/T3ihzRT6tGGSEWE088dWrEDGa1u7101q+6fzQnO9XCPA==}
     peerDependencies:
-      preact: 10.28.2
+      preact: 10.28.3
 
-  preact@10.28.2:
-    resolution: {integrity: sha512-lbteaWGzGHdlIuiJ0l2Jq454m6kcpI1zNje6d8MlGAFlYvP2GO4ibnat7P74Esfz4sPTdM6UxtTwh/d3pwM9JA==}
+  preact@10.28.3:
+    resolution: {integrity: sha512-tCmoRkPQLpBeWzpmbhryairGnhW9tKV6c6gr/w+RhoRoKEJwsjzipwp//1oCpGPOchvSLaAPlpcJi9MwMmoPyA==}
 
   prebuild-install@7.1.3:
     resolution: {integrity: sha512-8Mf2cbV7x1cXPUILADGI3wuhfqWvtiLA1iclTDbFRZkgRQS0NqsPZphna9V+HyTEadheuPmjaJMsbzKQFOzLug==}
@@ -12620,8 +12620,8 @@ packages:
     peerDependencies:
       react: ^18.0.0 || ^19.0.0
 
-  react-window@2.2.5:
-    resolution: {integrity: sha512-6viWvPSZvVuMIe9hrl4IIZoVfO/npiqOb03m4Z9w+VihmVzBbiudUrtUqDpsWdKvd/Ai31TCR25CBcFFAUm28w==}
+  react-window@2.2.6:
+    resolution: {integrity: sha512-v89O08xRdpCaEuf380B39D1C/0KgUDZA59xft6SVAjzjz/xQxSyXrgDWHymIsYI6TMrqE8WO+G0/PB9AGE8VNA==}
     peerDependencies:
       react: ^18.0.0 || ^19.0.0
       react-dom: ^18.0.0 || ^19.0.0
@@ -16076,6 +16076,8 @@ snapshots:
       '@ckeditor/ckeditor5-utils': 47.4.0
       '@ckeditor/ckeditor5-watchdog': 47.4.0
       es-toolkit: 1.39.5
+    transitivePeerDependencies:
+      - supports-color
 
   '@ckeditor/ckeditor5-dev-build-tools@54.3.2(@swc/helpers@0.5.17)(tslib@2.8.1)(typescript@5.9.3)':
     dependencies:
@@ -16252,8 +16254,6 @@ snapshots:
       '@ckeditor/ckeditor5-table': 47.4.0
       '@ckeditor/ckeditor5-utils': 47.4.0
       ckeditor5: 47.4.0
-    transitivePeerDependencies:
-      - supports-color
 
   '@ckeditor/ckeditor5-emoji@47.4.0':
     dependencies:
@@ -16436,8 +16436,6 @@ snapshots:
       '@ckeditor/ckeditor5-widget': 47.4.0
       ckeditor5: 47.4.0
       es-toolkit: 1.39.5
-    transitivePeerDependencies:
-      - supports-color
 
   '@ckeditor/ckeditor5-icons@47.4.0': {}
 
@@ -16583,6 +16581,8 @@ snapshots:
       '@ckeditor/ckeditor5-utils': 47.4.0
       '@ckeditor/ckeditor5-widget': 47.4.0
       ckeditor5: 47.4.0
+    transitivePeerDependencies:
+      - supports-color
 
   '@ckeditor/ckeditor5-mention@47.4.0(patch_hash=5981fb59ba35829e4dff1d39cf771000f8a8fdfa7a34b51d8af9549541f2d62d)':
     dependencies:
@@ -16934,6 +16934,8 @@ snapshots:
       '@ckeditor/ckeditor5-icons': 47.4.0
       '@ckeditor/ckeditor5-ui': 47.4.0
       '@ckeditor/ckeditor5-utils': 47.4.0
+    transitivePeerDependencies:
+      - supports-color
 
   '@ckeditor/ckeditor5-upload@47.4.0':
     dependencies:
@@ -18253,7 +18255,7 @@ snapshots:
 
   '@fullcalendar/core@6.1.20':
     dependencies:
-      preact: 10.28.2
+      preact: 10.28.3
 
   '@fullcalendar/daygrid@6.1.20(@fullcalendar/core@6.1.20)':
     dependencies:
@@ -19394,12 +19396,12 @@ snapshots:
 
   '@popperjs/core@2.11.8': {}
 
-  '@preact/preset-vite@2.10.3(@babel/core@7.28.0)(preact@10.28.2)(rollup@4.52.0)(vite@7.3.1(@types/node@24.10.9)(jiti@2.6.1)(less@4.1.3)(lightningcss@1.31.1)(sass-embedded@1.91.0)(sass@1.91.0)(terser@5.44.0)(tsx@4.21.0)(yaml@2.8.1))':
+  '@preact/preset-vite@2.10.3(@babel/core@7.28.0)(preact@10.28.3)(rollup@4.52.0)(vite@7.3.1(@types/node@24.10.9)(jiti@2.6.1)(less@4.1.3)(lightningcss@1.31.1)(sass-embedded@1.91.0)(sass@1.91.0)(terser@5.44.0)(tsx@4.21.0)(yaml@2.8.1))':
     dependencies:
       '@babel/core': 7.28.0
       '@babel/plugin-transform-react-jsx': 7.27.1(@babel/core@7.28.0)
       '@babel/plugin-transform-react-jsx-development': 7.27.1(@babel/core@7.28.0)
-      '@prefresh/vite': 2.4.11(preact@10.28.2)(vite@7.3.1(@types/node@24.10.9)(jiti@2.6.1)(less@4.1.3)(lightningcss@1.31.1)(sass-embedded@1.91.0)(sass@1.91.0)(terser@5.44.0)(tsx@4.21.0)(yaml@2.8.1))
+      '@prefresh/vite': 2.4.11(preact@10.28.3)(vite@7.3.1(@types/node@24.10.9)(jiti@2.6.1)(less@4.1.3)(lightningcss@1.31.1)(sass-embedded@1.91.0)(sass@1.91.0)(terser@5.44.0)(tsx@4.21.0)(yaml@2.8.1))
       '@rollup/pluginutils': 5.1.4(rollup@4.52.0)
       babel-plugin-transform-hook-names: 1.0.2(@babel/core@7.28.0)
       debug: 4.4.3(supports-color@8.1.1)
@@ -19413,27 +19415,27 @@ snapshots:
 
   '@preact/signals-core@1.12.2': {}
 
-  '@preact/signals@2.6.2(preact@10.28.2)':
+  '@preact/signals@2.6.2(preact@10.28.3)':
     dependencies:
       '@preact/signals-core': 1.12.2
-      preact: 10.28.2
+      preact: 10.28.3
 
   '@prefresh/babel-plugin@0.5.2': {}
 
-  '@prefresh/core@1.5.5(preact@10.28.2)':
+  '@prefresh/core@1.5.5(preact@10.28.3)':
     dependencies:
-      preact: 10.28.2
+      preact: 10.28.3
 
   '@prefresh/utils@1.2.1': {}
 
-  '@prefresh/vite@2.4.11(preact@10.28.2)(vite@7.3.1(@types/node@24.10.9)(jiti@2.6.1)(less@4.1.3)(lightningcss@1.31.1)(sass-embedded@1.91.0)(sass@1.91.0)(terser@5.44.0)(tsx@4.21.0)(yaml@2.8.1))':
+  '@prefresh/vite@2.4.11(preact@10.28.3)(vite@7.3.1(@types/node@24.10.9)(jiti@2.6.1)(less@4.1.3)(lightningcss@1.31.1)(sass-embedded@1.91.0)(sass@1.91.0)(terser@5.44.0)(tsx@4.21.0)(yaml@2.8.1))':
     dependencies:
       '@babel/core': 7.28.0
       '@prefresh/babel-plugin': 0.5.2
-      '@prefresh/core': 1.5.5(preact@10.28.2)
+      '@prefresh/core': 1.5.5(preact@10.28.3)
       '@prefresh/utils': 1.2.1
       '@rollup/pluginutils': 4.2.1
-      preact: 10.28.2
+      preact: 10.28.3
       vite: 7.3.1(@types/node@24.10.9)(jiti@2.6.1)(less@4.1.3)(lightningcss@1.31.1)(sass-embedded@1.91.0)(sass@1.91.0)(terser@5.44.0)(tsx@4.21.0)(yaml@2.8.1)
     transitivePeerDependencies:
       - supports-color
@@ -25073,7 +25075,7 @@ snapshots:
     dependencies:
       d3-selection: 3.0.0
       kapsule: 1.16.3
-      preact: 10.28.2
+      preact: 10.28.3
 
   flora-colossus@2.0.0:
     dependencies:
@@ -29174,16 +29176,16 @@ snapshots:
 
   potpack@2.1.0: {}
 
-  preact-iso@2.11.1(preact-render-to-string@6.6.5(preact@10.28.2))(preact@10.28.2):
+  preact-iso@2.11.1(preact-render-to-string@6.6.5(preact@10.28.3))(preact@10.28.3):
     dependencies:
-      preact: 10.28.2
-      preact-render-to-string: 6.6.5(preact@10.28.2)
+      preact: 10.28.3
+      preact-render-to-string: 6.6.5(preact@10.28.3)
 
-  preact-render-to-string@6.6.5(preact@10.28.2):
+  preact-render-to-string@6.6.5(preact@10.28.3):
     dependencies:
-      preact: 10.28.2
+      preact: 10.28.3
 
-  preact@10.28.2: {}
+  preact@10.28.3: {}
 
   prebuild-install@7.1.3:
     dependencies:
@@ -29501,7 +29503,7 @@ snapshots:
       prop-types: 15.8.1
       react: 19.2.4
 
-  react-window@2.2.5(react-dom@19.2.4(react@19.2.4))(react@19.2.4):
+  react-window@2.2.6(react-dom@19.2.4(react@19.2.4))(react@19.2.4):
     dependencies:
       react: 19.2.4
       react-dom: 19.2.4(react@19.2.4)