58254b492b
Some checks failed
CI / Unit & Component Tests (pull_request) Failing after 2m52s
CI / OCR Service Tests (pull_request) Successful in 21s
CI / Backend Unit Tests (pull_request) Successful in 3m48s
CI / fail2ban Regex (pull_request) Successful in 44s
CI / Semgrep Security Scan (pull_request) Successful in 20s
CI / Compose Bucket Idempotency (pull_request) Successful in 1m4s
Introduces `csrfFetch` (= `makeCsrfFetch(fetch)`) in cookies.ts as a drop-in fetch replacement that auto-injects X-XSRF-TOKEN on POST/PUT/PATCH/DELETE. Previously 8 call sites sent mutating requests without the CSRF header — annotation resize, comment POST/PATCH/DELETE, Geschichte CRUD, Stammbaum relationship creation, bulk-edit PATCH, and file upload — all would fail with CSRF_TOKEN_MISSING if the backend's cookie-based protection triggered. All 14 client-side mutating fetches now use csrfFetch; withCsrf/makeCsrfFetch remain in the API for injectable-fetch use cases (e.g. useTranscriptionBlocks). Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
person (frontend)
UI for historical family members: typeahead selection, chip display, hover cards, genealogy graph, relationship management.
What this domain owns
Components: PersonTypeahead.svelte, PersonMultiSelect.svelte, PersonChip.svelte, PersonChipRow.svelte, PersonHoverCard.svelte, PersonTypeBadge.svelte, PersonTypeSelector.svelte.
Utilities: personFormat.ts (full-name formatting), personLifeDates.ts (birth/death display), person-validation.ts (form validation), personHoverCard.ts (hover-card controller).
Sub-folders: genealogy/ (Stammbaum view components), relationship/ (relationship graph components).
What this domain does NOT own
- Document content — displayed in
document/ - AppUser accounts — managed in
user/
Key components
| Component | Used in | Notes |
|---|---|---|
PersonTypeahead.svelte |
document edit, geschichte, search filters | Single-person selector with debounced typeahead. Exported for use by other domains. |
PersonMultiSelect.svelte |
document edit (receivers) | Chip-based multi-person selector |
PersonChip.svelte |
document rows, conversation view | Compact display chip with link and hover card |
PersonHoverCard.svelte |
person chips | Floating card with person summary on hover |
Cross-domain imports
shared/primitives/— generic UI primitivesshared/hooks/useTypeahead.svelte.ts— typeahead keyboard/focus logic
Accessibility notes
PersonChipfocus ring:focus-visible:ring-2 focus-visible:ring-brand-navyPersonTypeaheaddropdown navigable via keyboard (↑↓ Enter Escape)
Backend counterpart
backend/src/main/java/org/raddatz/familienarchiv/person/README.md