A high-output day spent almost entirely on two trust-spine marketplaces. On Dari (Stellify/Hortensia stack) I closed out the §R33 UI-first slice ladder — wiring the viewing-booking front end and lifecycle jobs (U4 Batch 2), building the entire deposit/transaction surface across buyer, seller and admin (U5), shipping two-way mutual-blind reviews (U6), then a non-fiscal receipts pipeline (P1-30) and a multi-channel notification dispatch substrate (P1-33/34). On Kollabo I drove the plan-28 cold-start spine to completion and beyond: messaging over the lifted Socket.IO relay (U7), contracts + concierge activation + deliverables (U8), real Stripe escrow funding/payout/refund (U9), two-way reviews + full dispute lifecycle with money movement (U10), the notification dispatch spine (U11), money/cron hardening (idempotency sweeper + escrow reconciliation + trust snapshot), and creator Stripe Connect Express onboarding. Smaller passes: glowit mobile i18n repair (≈280 missing keys, slug-keyed category translation, phone-input styling), and a Stellify marketing-hero rebuild into a 3D coverflow with mobile carousel tuning. The remaining repos show large but near-symmetric uncommitted diffs — line-ending/whitespace re-normalization churn, not feature work.
Everything below is shipped booted-but-inert behind feature flags — nothing is live until these gates close. This is the pick-up list for tomorrow.
payoutToLandlord/refundPayment still throw PspOperationNotImplementedError (503) — the payout/refund API must be wired before FF_DEPOSITS_ENABLED=true in prod.FF_VIEWING_BOOK_ENABLED / FF_DEPOSITS_ENABLED / FF_REVIEWS_ENABLED / FF_RECEIPTS_ENABLED / FF_NOTIFICATIONS_ENABLED.uploads/receipts/).transaction_active_listing_exclusive_uniq references a non-existent Transaction.transactionType column → cannot migrate deploy; db:push dev DBs never had it. Needs a dedicated migration-correctness pass (alongside the §U0a CONCURRENTLY-in-tx migration).notif:{userId}:{dedupeKey} to close logic-eval F-02 (concurrent-dup push); build the in-app feed UI + bell badge + preference center; PUSH/SMS/WHATSAPP live dispatch; notifications i18n ×4.GET /api/v1/transactions/[id] + receipt/review reads still default preferredLocale='en' (web RSC path is locale-correct). Mobile S1–S4 viewing/transaction surfaces deferred (no API-shape change).runbooks/money-cron-hardening.md)./admin/disputes reachable only by ADMIN: app/admin/layout.tsx gates /admin to role==='ADMIN', so the OPS dispute UI is effectively ADMIN-only until that layout is widened (OPS can still resolve via the API/action).account.updated has no high-water-mark column — a stale out-of-order event can briefly overwrite newer gate flags. Bounded (Stripe is final authority at transfer → at worst a failed transfer, never a wrongful payout); flagged for 2nd-senior review, add lastConnectEventAt if it bites.BookingReview) — plan doc only, no implementation yet.Completed the §R33 UI-first slice sequence and opened the post-spine backlog. The day moved through four big verticals: U4 Batch 2 (viewing-booking UI + BullMQ lifecycle/reminder jobs), U5 (the full deposit/transaction surface — buyer reserve→pay, seller accept, admin dispute-resolve via a cookie→admin-bearer mint), U6 (two-way mutual-blind reviews), P1-30 (non-fiscal receipts with gapless numbering + Chromium PDF render), and P1-33/34 (a multi-channel notification dispatch substrate that finally lights up the delivery stubs U3/U4/U6/P1-30 all deferred). Every slice is no-schema-where-possible, FF-gated default-OFF, and money-paths emit as STRING centimes with anti-oracle 404s throughout.
VIEWING_SCHEDULED queue + pure-DI viewing-lifecycle-sweep (CAS-guarded markTerminal, CONFIRMED→COMPLETED/BOOKED→NO_SHOW) and viewing-reminder processors; syncViewingReminders post-commit best-effort enqueue (deterministic jobId, remove-then-add) wired into the book POST + PATCH routes. Booted-inert behind FF_VIEWING_BOOK_ENABLED.@dari/lib/transactions/serialize (5-stage timeline, deriveCallerRole, money-as-string DTOs); GET /transactions + GET /transactions/[id] (party-gated, 404 anti-oracle); POST /listings/[id]/reserve-request (server-derived parties, withMinTier(T2) + FF_DEPOSITS_ENABLED + idempotency + (listing,buyer) partial-unique).POST /api/v1/auth/admin-bearer — cookie→short-lived (15m, access-only) admin-bearer mint, CSRF-defended via custom x-dari-admin-mint header + Origin allowlist, isAdmin re-read from DB per request; listDisputedTransactionsForAdmin (urgent-first, omits forensic note).@dari/lib/reviews with blind-release confidentiality (PENDING counterparty → presence flag only), dual-submit atomic flip under the transaction:{id}:state advisory lock, direction-dedup (folded logic-eval F-01 BLOCKER), + a 14-day window-close sweep job.Receipt + per-year gapless ReceiptSequence (forward-only migration); triple-layer idempotency (FOR-UPDATE + in-lock paymentId re-check + P2002 catch); outbox-driven issue→render workers (Chromium via dynamic-imported playwright-core → MinIO); read/download(presigned)/email(own-address-only) routes.Notification + NotificationPreference schema (11 categories × 3 criticality tiers); @dari/lib/notifications dispatcher over Expo push + Resend email with server-derived criticality, per-category prefs, quiet-hours defer-not-drop, critical-bypass, and per-channel idempotency markers; booted-inert worker. Reused the pre-existing global opt-in/quiet-hours substrate rather than duplicating it./viewings booker list, /viewings/availability/[listingId] host calendar (Tunis-offset pinned, host-only→404), /viewings/host approval inbox + auto-confirm toggle, and BookViewingButton wired into StickyCtaDock (T2×T2 only).TransactionActions (seller accept/decline, buyer place-deposit with pre-redirect confirm, dispute consequence gate), and DepositReturnPoller that polls the authoritative GET and ignores the PSP redirect hint (with an aria-live notice after 2 network misses).(ops)/admin/disputes — two-step consequence gate echoing amount/party/reason, version-CAS, idempotency-key reuse across one 401 force-remint.StarRating radiogroup, blind-release notice form, 5-state ReviewsSection on the transaction page, profile reviews panel.dir=ltr-wrapped money, download + email actions).viewings, transactions, admin.disputes, reviews, receipts namespaces ×4 locales (en/fr/ar-MSA/tn-Tunisian), RTL logical props throughout.pnpm type-check 7/7 green with unit tests (viewing +16, transactions +18, reviews +28, receipts +26, notifications +36). Evaluators ran as subagents — mostly ACCEPT round-0, with folded findings on each. Integration/e2e specs authored but execution Docker-pending.
Drove the plan-28 cold-start spine to completion (U7→U10) and added two post-spine rungs. The thread: U7 messaging on the lifted Socket.IO relay (with a load-bearing fix — the relay's UUID-only threadId regex silently dropped every cuid Conversation.id), U8 contracts/sign/concierge-activation/deliverables, U9 real Stripe escrow funding→payout→refund (the provider stubs went from NOT_IMPLEMENTED_WAVE2 to implemented), U10 two-way reviews + full dispute lifecycle that moves escrow money by reusing the U9 primitives verbatim, U11 the notification dispatch spine, then money/cron hardening (idempotency sweeper + escrow↔Stripe reconciliation + trust snapshot) and creator Connect Express onboarding (closing the top U9 OWED item). No schema changes anywhere — every model pre-existed.
Message → Redis chat:thread:{id} → relay fans out); conversation-service with membership gate (404 anti-enum) + counterparty-PII-allowlist; SAFE_THREAD_ID cuid-accepting regex fix in socketio-server.classifyParty), HMAC-hashed signature provenance, idempotent sign, TOCTOU-safe concierge activation, and a bounded deliverable submit/revision/approve loop — 8 mirrored /api/v1 routes with withRoleStrict (no silent ADMIN auto-pass).money.ts (currency-exponent + zero-drift share split), implemented Stripe createPaymentIntent/createTransfer/createRefund; fund/refund/payout services + payout-dispatch and stripe-escrow-event Outbox workers; 4-layer idempotency (HTTP key / Outbox / Stripe key / ledger unique). Webhook route broadened to the escrow event family.resolveDispute moves money via the U9 release/refund primitives (refund-before-status-claim ordering, status-guarded flips); paired-reveal reviews with compute-on-write trust metrics; FeatureFlag-gated repeat-offender auto-suspend; public /trust stats computed on demand.notification:dispatch Outbox worker → IN_APP (Socket.IO) + EMAIL (Resend), per-channel idempotent delivery logs, money-safe two-mode emit (in-tx for non-financial, post-commit try/catch-guarded for escrow/payout so a notification can never roll back a money txn — caught + fixed an F-1 violation mid-build). 4 domain events wired.account.updated/deauthorized webhook → single-writer gate-sync worker, 3 /api/v1/connect/* routes (session-only account derivation, zero business disclosure of acct_*)./messages thread list + /messages/[id] realtime thread view with optimistic-send tick states, id-deduped echo, typing, mark-read, and a role=log aria-live stream./contracts list + detail with sign-panel (attestation gate), milestone deliverable submit/review cards, and an admin concierge-activate control./creator/payouts page; creator Connect payout-setup panel + status badge./trust public stats block.messaging, contracts, escrow, reviews/disputes/trust, notifications, connect namespaces ×en/fr/ar, logical-only RTL, OpenAPI regenerated each slice./ultrareview + 2nd-senior recommendation before merge. All work is uncommitted/staged per the slice posture.
A focused mobile i18n repair pass. About 280 keys were referenced via t() but absent from the locale files, so they rendered the inline English default (or raw key strings) in every locale — including search-bar placeholders and all 20 salon category slugs. Fixed the data and the two code-side resolution bugs that broke category translation, plus a phone-input restyle.
API_SLUG_TO_CATEGORY table in CategoryPillsNav and resolved labels directly via t(\`${ns}.${slug}\`); added a categorySlug field to Service/AvailableService so service-category chips translate on salon-detail and the booking picker.owner.appearanceLabel), and restyled PhoneInput to match sibling form fields (border, radius, 16px font, dropped iOS lineHeight hacks).A presentation-layer day on the marketing hero plus mobile carousel polish and small hydration/i18n fixes. The ranked-artist carousel was rebuilt twice into a 3D coverflow — first a spotlight that follows hover/auto-cycle, then a full cylinder/ring with proper pointer hit-zones — and the mobile track surfaces were tuned to match the app layout.
marketing-hero.tsx): desktop ranked artists now render together in a 3D Cover Flow with a spotlight; New Stars sit on a rotating cylinder; split into non-interactive 3D visual layers + flat hit-zone bands so hover/click always register; honors prefers-reduced-motion. Later dropped the heavy primary-glow halo on the active card.* { transition: transform } rule animating embla's instant loop repositions (!transition-none on the shared Carousel primitive); made the "simple" track card match the app's image-on-top/metadata-below layout below sm; tuned the Latest Songs carousel (compact see-all pill, stopOnInteraction:false so autoplay resumes after swipe, mobile-fit slides).app.pages.error block in en.json that left the 500 page rendering raw keys; deferred the ?period= nav query param until after mount to resolve a hydration mismatch.BookingReview. Confidence 8.5→8.7.No feature commits — these repos show working-tree changes only, and the diffs deserve scrutiny before any commit.
movom (+622,675/−622,624, 182 files), primavera (+166,788/−166,448, 722 files), thryve (+274,477/−274,471, 840 files), wamya (+44,276/−44,276), stelify_V2 (+46,163/−46,163), and autoflow/claude-contexts (+25,490/−25,314, 104 files) all show near-symmetric insert/delete counts across whole files — the signature of CRLF↔LF or trailing-whitespace re-normalization, not edits. Verify and discard rather than commit.project-curve-v3-react (+458/−26,009, 1942 files): a large deletion of the committed build/ directory (generated assets) plus a new package-lock.json — looks like dropping a checked-in build output.autoflow has a .mempalace-trial/ Chroma DB + hook scripts; several repos have new .claude/settings.local.json, pnpm-workspace.yaml, seed files, and a stray nul (thryve) / screenshot scripts. stelify-turbo has a .claude/scheduled_tasks.lock. None belong in a commit without review.