v0.36.1 - Pointless security updates but also some useful stuff
2025-10-31
Added encryption scaffolding with runtime toggles and KMS settings, expanded experience entries with encryption metadata, supplied an Alembic migration, documented crypto/key/KMS interfaces for future implementations, and ensured supporting dependencies are declared.
Introduced a HEXL dispatcher that normalizes timestamps and emits anonymized metric payloads after decryption via the trusted backend pipeline.
Refactored HEXL record aggregation to share sanitized data for admin and public analytics, navigation, statistics, and Stroop pages.
Added configurable login throttling defaults and ensured clinician login attempt tables are created during app startup.
Introduced shared throttling utilities and wired them into the primary user login API to enforce exponential backoff with retry hints.
Hardened clinician authentication by logging attempts, applying throttling with retry headers, and enforcing a 30-minute inactivity timeout across protected routes and logout handling.
Added a Demo User settings card so admins can store or clear the demo login email and password while masking password changes in the admin audit log.
Created a reusable helper to fetch stored demo credentials and wired them into both the public login flow and the admin preview context so the button only appears when fully configured.
Updated the login page shortcut and client script to use the configured demo credentials and show a disabled state with messaging when no demo user is available.
Extended _delete_user_data to clear Fitbit, clinician, study, notification, and other dependent records while supporting optional transaction control so account removals no longer leave foreign key violations.
Reused the shared cleanup helper in the admin delete endpoint and reassigned any admin log entries to a surviving administrator before dropping the user record.
Added a regression test that signs up an admin and a study creator to confirm the admin deletion flow succeeds without integrity errors.
Added a fallback in _collect_hexl_record_components so HEXL records always expose a pseudonym derived from the user ID when no profile metadata exists.
Added a regression test ensuring the admin aggregates endpoint returns the fallback pseudonym for users lacking a HEXL profile row.
v0.35.0 - Hotfix HEXL comparison in user statistics
2025-10-30
Declared the SOS threshold constant at module scope so computeHexlComparison and other helpers share the same value without scope errors.
Updated the trigger bucket computation to rely on the shared SOS threshold rather than a shadowed local definition.
Fixed version number. The last update was supposed to be 0.35.0 so I just went ahead and made this one that.
v0.34.5 - PHI tagging and sleep data refinement
2025-10-29
Added X, Y, and SoS to Trigger Words table in user and HEXL Statistics page and made them sortable by column.
Highlighted Fitbit data as PHI, surfaced saved-data counts, and added deletion controls on the integration and Fitbit data pages so participants can manage stored imports explicitly.
Added helpers that describe requested Fitbit scopes, summarize stored Fitbit records, protect revoke/delete forms with CSRF, and introduced a deletion route that clears snapshots, sleep logs, and experience metrics only when the user requests it.
Added a “Display options” control group to the 3D scatter analytics card so viewers can toggle markers, trajectory lines, SoS coloring, and SoS-based sizing directly from the dashboard UI.
Set the Sleep Data chart controls to make Hypnogram the default selection, clarified the default label copy, and synchronized stored preferences across pages through local-storage handling and storage events.
v0.34.4 - Security fix and graph cleanup
2025-10-28
Enforced a non-placeholder SECRET_KEY, applied secure session cookie defaults with an opt-out flag, and documented the new configuration switches for local development and diagnostics.
Scrubbed Discord webhooks of PHI by only passing the message contents to Discord instead of the screenshot and username.
Replaced hard-coded clinician invite codes with generated or configurable values and updated clinician/admin flows to rely on the new role definitions.
Added the following to Context Event data: sleep quality, Fitbit steps, Fitbit active minutes, and inebriation levels.
Disabled 3D data graphs and merged 3D Scatter Plot with 3D Trajectory Plot. Moved the newly merged 3D graph to the Graphs page.
Added 3D scatter plot to HEXL Graphs page.
Resurfaced the Logs Over Time graph on the user Graphs page.
Included very active minutes with Fitbit data.
v0.34.0 - Password reset fix
2025-10-26
Auto-enabled login with email at user login to allow password resetting without losing access to AES-encrypted experience logs.
Fixed password reset requirements to adhere to the same standards as signup.
Added an admin security dashboard with navigation entry, rich activity summaries, and superadmin deletion controls to review unusual password reset patterns.
Delayed context-event “after” metrics until at least one minute after the event ends, reusing the current timestamp for ongoing events and adding a pending note when the after window has not started yet.
Added start and end timestamps to Context Events on the /logs/calendar page.
