cinny/LOTUS_BUGS.md

# Lotus Chat — Open Bugs & Technical Debt

**Only OPEN and awaiting-verification items live here.** Resolved findings
(fixed-and-verified, false-positives, won't-fix) have been removed to keep this
actionable — the full history is in git. Items fixed in code but not yet
verified in a real environment are in **Needs Verification** below and have
step-by-step checks in [`LOTUS_TESTING.md`](./LOTUS_TESTING.md).

> Design rules for any fix here: follow the **Native-Cinny Law** and **TDS
> Design Law** in [`LOTUS_TODO.md`](./LOTUS_TODO.md).

---

## ⚠️ Needs Verification — fixed in code, awaiting live testing

Implemented and gate-green; confirm each per `LOTUS_TESTING.md`, then delete the row.

| ID   | Item                                                     | File / area                                          | Test  |
| :--- | :------------------------------------------------------- | :--------------------------------------------------- | :---- |
| #1   | Camera focus during screenshare ("Focus camera" menu)    | `CallControl.ts`, `MemberGlance.tsx`                 | A5    |
| #2   | Chat-background animation flicker (`contain:paint`)      | `lotus/chatBackground.ts`                            | F1    |
| #3   | Avatar decorations on call tiles                         | `call/CallMemberCard.tsx`                            | A6    |
| #4   | DM/group ringtone selection + in-call banner             | `CallEmbedProvider.tsx`, `ringtones.ts`              | A1–A4 |
| #6   | Background vs. seasonal theme mutual exclusion           | `state/settings.ts`, `General.tsx`                   | F2    |
| #7   | Composer toolbar touch targets (≥44px)                   | `room/RoomInput.tsx`                                 | E1    |
| #8   | Room Settings horizontal overflow (mobile)               | `components/page/style.css.ts`                       | E2    |
| #9   | Modal fullscreen on mobile (`useModalStyle`)             | 22+ modal files                                      | E3    |
| #10  | Composer not hidden by keyboard (`100dvh`)               | `src/index.css`                                      | E4    |
| #12  | PiP mute badge attribution (you vs. all-muted)           | `CallEmbedProvider.tsx`                              | G1    |
| N96  | Call-recovery overlay single "Back" button               | `call/CallView.tsx`                                  | A7    |
| N95  | AFK-monitor mic released on mute (OS indicator clears)   | `hooks/useAfkAutoMute.ts`                            | L1    |
| N108 | Maskable PWA icons (Android adaptive)                    | `public/manifest.json` + `res/android/maskable-*`    | L2    |
| EC   | EC iframe load watchdog + self-heal + recovery UI        | `plugins/call/CallEmbed.ts`, `CallView.tsx`          | A7    |
| Gal  | MediaGallery lazy-decrypt (true virtualization deferred) | `room/MediaGallery.tsx`                              | H1    |
| a11y | aria-labels: edit-history / reaction / thread / reply    | `message/*` (`FallbackContent`, `Reaction`, `Reply`) | I     |

---

## 🔴 Open — Actionable

### Calls / Audio

- **N127 — ML denoise shim is never injected in `vite dev`.** The `lotusDenoise` plugin injects only on `closeBundle` (build), so ML noise suppression is silently inactive during local dev. Add a dev-mode injection (`configureServer` / `transformIndexHtml`). Dev-only impact.

### Security & Privacy

- **N97 — Access token stored in plaintext `localStorage`** (`state/sessions.ts`), vulnerable to XSS; device ID likewise. Architectural — needs a token-protection / session-storage redesign.
- **Session writes are non-atomic and not cross-tab synced** (`state/sessions.ts`) — risks inconsistent state / races across tabs.
- **Persisted PII without encryption:** user status message + expiry (`settings/account/Profile.tsx`), unsent composer drafts (`room/RoomInput.tsx`). Leak risk on shared devices.

### PWA / Offline / Notifications

- **N105 — Service worker has no `notificationclick` handler** — notification clicks are broken when the tab is closed. Needs `showNotification()` via the SW + a `notificationclick` listener.
- **N107 — SW has no `push` handler** — Web Push delivery is entirely non-functional. Needs a `push` listener + a Matrix push-gateway integration.
- **No app-asset caching strategy** (`src/sw.ts`) — no offline capability.
- **`manifest: false`** in `vite.config.js` — may block correct PWA install if not handled externally.

### Dependencies & Build

- **`matrix-js-sdk` pinned to a Release Candidate** (`41.6.0-rc.0`); `@atlaskit` and build tools (`vite`, `typescript`, `eslint`) on unstable/experimental pins — review for stable versions; RC SDK is a tree-shaking/bundle-size risk.
- **Build-time overhead:** `lotusDenoise` does heavy sequential `fs` work in `closeBundle`; `viteStaticCopy` config is complex with redundant renames — could be streamlined.

### Code Hygiene / DevEx

- **No automated test suite** (`src/`) — no unit/integration tests configured.
- **Extensive `as any` casts** across `src/` — gradual typing cleanup.
- **`types/matrix/` mirrors SDK types** instead of importing them — drift risk.
- **Hardcoded CDN URL** should move to an env var (the decoration CDN is now single-sourced in `avatarDecorations.ts`, but the literal is still in-repo).
- **`patch-folds.mjs` edits `node_modules` directly** — consider `patch-package`.
- **Infra docs:** `contrib/nginx` lacks security headers (HSTS/CSP) + uses rewrites over `try_files`; `contrib/caddy` has a placeholder path. CI/CD (`prod-deploy.yml`): sequential deploy, aggressive 1-min Netlify timeout, `package-manager-cache: false`.
- **README:** keep the fork-sync version + logo path current. (`CONTRIBUTING.md` is intentionally left as upstream Cinny's — not a Lotus concern.)
- **Architecture notes (low priority):** deep `features/` + `hooks/` nesting, many small coupled hooks, possible dead CSS/components, `SpacingVariant` / `DropTarget` recipe simplification.
- **Git workflow (forward-looking):** keep commits scoped — past monolithic "fix all bugs" commits and inconsistent prefixes hurt `git bisect`.

### Native-Cinny polish (remaining from the design-law audit)

The "renders-broken-on-stock-themes" cluster (ungated invented CSS vars across
~13 files + the toast rebuild) is fixed; Sentry was removed. Lower-priority
pattern items left:

- **Profile timezone `<select>`** (`settings/account/Profile.tsx`) — still a raw native select (`colorScheme:'dark'`); it's wired to native form submission + a disabled state, so converting to `SettingsSelect` needs care.
- **MediaGallery lightbox** (`room/MediaGallery.tsx`) — raw `<div role="dialog">` + `#fff`/rgba chrome over forced-black media. Should be folds `Overlay`/`Modal`; the over-media light-on-dark scheme is a borderline-justified scrim.
- **Nits:** scattered `opacity:` → `priority`, the poll `✓` Unicode glyph → folds `Icon`, a few `zIndex` magic numbers.

### Big Projects

- **#5 — Seasonal themes & chat-background redesign.** Current backgrounds are basic CSS; goal is high-fidelity, research-backed, GPU-accelerated designs (layered `oklch`, `backdrop-filter`, `contain:paint`) with WCAG-AA overlay contrast. Treat each as its own design sprint.