Release 202507281850

.clinerules

@@ -1,53 +0,0 @@
-# Cursor Rules
-
-- When merging tailwind classes, use the `cn` function.
-- When using Tailwind and you need to merge classes use the `cn` function if avilable.
-- We use Tailwind 4 (the latest version), make sure to not use outdated classes.
-- Instead of using the syntax`Array<T>`, use `T[]`.
-- Use TypeScript `type` over `interface`.
-- You are forbiddent o add comments unless explicitly stated by the user.
-- Avoid sending JavaScript to the client. The JS send should be optional.
-- In prisma preffer `select` over `include` when making queries.
-- Import the types from prisma instead of hardcoding duplicates.
-- Avoid duplicating similar html code, and parametrize it when possible or create separate components.
-- Remember to check the prisma schema when doing things related to the database.
-- Avoid hardcoding enums from the database, import them from prisma.
-- Avoid using client-side JavaScript as much as possible. And if it has to be done, make it optional.
-- The admin pages can use client-side JavaScript.
-- Keep README.md in sync with new capabilities.
-- The package manager is npm.
-- For icons use the `Icon` component from `astro-icon/components`.
-- For icons use the Remix Icon library preferably.
-- Use the `Image` component from `astro:assets` for images.
-- Use the `zod` library for schema validation.
-- In the astro actions return, don't return success: true, or similar, just return an object with the newly created/edited objects or nothing.
-- When adding actions, don't create and export a new variable called actions. Notice that Astro already provides that variable from `import { actions } from 'astro:actions'`. So just add the new actions to the `server` variable in `web/src/actions/index.ts` and that's it.
-- Don't forget that the astro files have thre dashes (`---`) at the begining of the file and where the server js ends. I noticed that sometimes you forget them.
-- The admin actions go into a separate folder.
-- In Actro actions when throwing errors use ActionError.
-- @deprecated Don't import this object, use {@link actions} instead, like: `import { actions } from 'astro:actions'`. Example:
-
-  ```ts
-  import { actions } from "astro:actions"; /* CORRECT */
-  import { server } from "~/actions"; /* WRONG!!!! DON'T DO THIS */
-  import { adminAttributeActions } from "~/actions/admin/attribute.ts"; /* WRONG!!!! DON'T DO THIS */
-
-  const result = Astro.getActionResult(actions.admin.attribute.create);
-  ```
-
-- Always use Astro actions instead of with API routes or `if (Astro.request.method === "POST")`.
-- When adding clientside js do it with HTMX.
-- When adding HTMX, the layout component BaseLayout accepts a prop htmx to load it in that page. No need to use a cdn.
-- When redirecting to login use the `makeLoginUrl` function from web/src/lib/redirectUrls.ts
-
-  ```ts
-  function makeLoginUrl(
-    currentUrl: URL,
-    options: {
-      redirect?: URL | string | null;
-      error?: string | null;
-      logout?: boolean;
-      message?: string | null;
-    } = {}
-  );
-  ```

.env.example

@@ -0,0 +1,49 @@
+# Database
+POSTGRES_USER=your_db_user
+POSTGRES_PASSWORD=your_db_password
+POSTGRES_DATABASE=your_db_name
+DATABASE_URL="postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@database:5432/${POSTGRES_DATABASE}?schema=public"
+DATABASE_UI_URL="https://db.example.com"
+
+# Generic Config
+UPLOAD_DIR=/app/uploads
+SITE_URL="https://your-site.example.com"
+SOURCE_CODE_URL="https://your-source-code.example.com"
+TIME_TRAP_SECRET=your_time_trap_secret
+LOGS_UI_URL="https://logs.example.com"
+
+# Release Info
+RELEASE_NUMBER=
+RELEASE_DATE=
+
+# Redis
+REDIS_URL="redis://redis:6379"
+
+# Crawl4AI
+CRAWL4AI_BASE_URL="http://crawl4ai:11235"
+CRAWL4AI_API_TOKEN=your_crawl4ai_token
+
+# Tor and I2P
+ONION_ADDRESS="http://youronionaddress.onion"
+I2P_ADDRESS="http://youri2paddress.b32.i2p"
+I2P_PASS=your_i2p_password
+
+# Push Notifications
+VAPID_PUBLIC_KEY=your_vapid_public_key
+VAPID_PRIVATE_KEY=your_vapid_private_key
+VAPID_SUBJECT="mailto:your-email@example.com"
+
+# OpenAI
+OPENAI_API_KEY=your_openai_api_key
+OPENAI_BASE_URL="https://your-openai-base-url.example.com"
+OPENAI_MODEL=your_openai_model
+OPENAI_RETRY=3
+
+# Task schedules ---------------------------------------------------
+CRON_TOSREVIEW_TASK="0 0 1 * *"           # every month
+CRON_USER_SENTIMENT_TASK="0 0 * * *"     # daily
+CRON_COMMENT_MODERATION_TASK="0 * * * *" # hourly
+CRON_FORCE_TRIGGERS_TASK="0 2 * * *"   # daily 02:00
+CRON_INACTIVE_USERS_TASK="0 6 * * *"      # daily 06:00
+CRON_SERVICE_SCORE_RECALC_TASK="*0 0 * * *"      # dayly
+CRON_SERVICE_SCORE_RECALC_ALL_TASK="0 0 * * *"    # daily

.vscode/extensions.json

@@ -7,7 +7,8 @@
     "golang.go",
     "bradlc.vscode-tailwindcss",
     "craigrbroughton.htmx-attributes",
-    "nefrob.vscode-just-syntax"
+    "nefrob.vscode-just-syntax",
+    "prisma.prisma"
   ],
   "unwantedRecommendations": []
 }

docker-compose.yml

@@ -7,12 +7,14 @@ services:
     volumes:
       - database:/var/lib/postgresql/data:z
     restart: unless-stopped
-    environment:
+    env_file:
-      POSTGRES_USER: ${POSTGRES_USER:-kycnot}
+      - .env
-      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-kycnot}
-      POSTGRES_DB: ${POSTGRES_DATABASE:-kycnot}
     healthcheck:
-      test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER:-kycnot} -d ${POSTGRES_DATABASE:-kycnot}"]
+      test:
+        [
+          'CMD-SHELL',
+          'pg_isready -U ${POSTGRES_USER:-kycnot} -d ${POSTGRES_DATABASE:-kycnot}',
+        ]
       interval: 10s
       timeout: 5s
       retries: 5
@@ -20,19 +22,17 @@ services:
   pyworker:
     build:
       context: ./pyworker
+    image: kycnotme/pyworker:${PYWORKER_IMAGE_TAG:-latest}
     restart: always
-    environment:
+    env_file:
-      DATABASE_URL: "postgresql://${POSTGRES_USER:-kycnot}:${POSTGRES_PASSWORD:-kycnot}@database:5432/${POSTGRES_DATABASE:-kycnot}?schema=public"
+      - .env
-      CRAWL4AI_BASE_URL: "http://crawl4ai:11235"
-      CRAWL4AI_API_TOKEN: ${CRAWL4AI_API_TOKEN:-testing}
 
   crawl4ai:
     image: unclecode/crawl4ai:basic-amd64
     expose:
-      - "11235"
+      - '11235'
-    environment:
+    env_file:
-      CRAWL4AI_API_TOKEN: ${CRAWL4AI_API_TOKEN:-testing} # Optional API security
+      - .env
-      MAX_CONCURRENT_TASKS: 10
     volumes:
       - /dev/shm:/dev/shm
     deploy:
@@ -46,22 +46,16 @@ services:
     image: redis:latest
     restart: unless-stopped
     healthcheck:
-      test: ["CMD", "redis-cli", "ping"]
+      test: ['CMD', 'redis-cli', 'ping']
       interval: 10s
       timeout: 5s
       retries: 5
 
   astro:
     build:
-      context: ./web
+      dockerfile: web/Dockerfile
     image: kycnotme/astro:${ASTRO_IMAGE_TAG:-latest}
     restart: unless-stopped
-    environment:
-      POSTGRES_USER: ${POSTGRES_USER:-kycnot}
-      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-kycnot}
-      POSTGRES_DB: ${POSTGRES_DATABASE:-kycnot}
-      DATABASE_URL: "postgresql://${POSTGRES_USER:-kycnot}:${POSTGRES_PASSWORD:-kycnot}@database:5432/${POSTGRES_DATABASE:-kycnot}?schema=public"
-      REDIS_URL: "redis://redis:6379"
     env_file:
       - .env
     depends_on:
@@ -72,7 +66,15 @@ services:
     expose:
       - 4321
     healthcheck:
-      test: ["CMD", "curl", "-k", "--silent", "--fail", "http://localhost:4321/health"]
+      test:
+        [
+          'CMD',
+          'curl',
+          '-k',
+          '--silent',
+          '--fail',
+          'http://localhost:4321/internal-api/healthcheck',
+        ]
       interval: 10s
       timeout: 5s
       retries: 5

justfile

@@ -51,42 +51,6 @@ import-db file="":
     fi
   fi
   
-  echo "Restoring database from $BACKUP_FILE..."
-  # First drop all connections to the database
-  docker compose exec -T database psql -U ${POSTGRES_USER:-kycnot} -c "SELECT pg_terminate_backend(pg_stat_activity.pid) FROM pg_stat_activity WHERE pg_stat_activity.datname = '${POSTGRES_DATABASE:-kycnot}' AND pid <> pg_backend_pid();" postgres
-  
-  # Drop and recreate database
-  echo "Dropping and recreating the database..."
-  docker compose exec -T database psql -U ${POSTGRES_USER:-kycnot} -c "DROP DATABASE IF EXISTS ${POSTGRES_DATABASE:-kycnot};" postgres
-  docker compose exec -T database psql -U ${POSTGRES_USER:-kycnot} -c "CREATE DATABASE ${POSTGRES_DATABASE:-kycnot};" postgres
-  
-  # Restore the database
-  cat "$BACKUP_FILE" | docker compose exec -T database pg_restore -U ${POSTGRES_USER:-kycnot} -d ${POSTGRES_DATABASE:-kycnot} --no-owner
-  echo "Database restored successfully!"
-  
-  # Import triggers
-  echo "Importing triggers..."
-  just import-triggers
-  
-  echo "Database import completed!"
-  # Check if migrations need to be run
-  cd web && npx prisma migrate status
-
-  #!/bin/bash
-  if [ -z "{{file}}" ]; then
-    BACKUP_FILE=$(find backups/ -name 'db_backup_*.dump' | sort -r | head -n 1)
-    if [ -z "$BACKUP_FILE" ]; then
-      echo "Error: No backup files found in the backups directory"
-      exit 1
-    fi
-  else
-    BACKUP_FILE="{{file}}"
-    if [ ! -f "$BACKUP_FILE" ]; then
-      echo "Error: Backup file '$BACKUP_FILE' not found"
-      exit 1
-    fi
-  fi
-  
   echo "=== STEP 1: PREPARING DATABASE ==="
   # Drop all connections to the database
   docker compose exec -T database psql -U ${POSTGRES_USER:-kycnot} -c "SELECT pg_terminate_backend(pg_stat_activity.pid) FROM pg_stat_activity WHERE pg_stat_activity.datname = '${POSTGRES_DATABASE:-kycnot}' AND pid <> pg_backend_pid();" postgres

pyworker/.env.example

@@ -14,8 +14,11 @@ OPENAI_BASE_URL="https://xxxxxx/api/v1"
 OPENAI_MODEL="xxxxxxxxx"
 OPENAI_RETRY=3
 
-CRON_TOSREVIEW_TASK=0 0 1 * * # Every month
+# Task schedules ---------------------------------------------------
-CRON_USER_SENTIMENT_TASK=0 0 * * * # Every day
+CRON_TOSREVIEW_TASK="0 0 1 * *"           # every month
-CRON_COMMENT_MODERATION_TASK=0 0 * * * # Every hour
+CRON_USER_SENTIMENT_TASK="0 0 * * *"     # daily
-CRON_FORCE_TRIGGERS_TASK=0 2 * * * # Every day
+CRON_COMMENT_MODERATION_TASK="0 * * * *" # hourly
-CRON_SERVICE_SCORE_RECALC_TASK=*/5 * * * * # Every 10 minutes
+CRON_FORCE_TRIGGERS_TASK="0 2 * * *"   # daily 02:00
+CRON_INACTIVE_USERS_TASK="0 6 * * *"      # daily 06:00
+CRON_SERVICE_SCORE_RECALC_TASK="*0 0 * * *"      # dayly
+CRON_SERVICE_SCORE_RECALC_ALL_TASK="0 0 * * *"    # daily

pyworker/README.md

@@ -38,6 +38,7 @@ Required environment variables:
 - `CRON_MODERATION_TASK`: Cron expression for comment moderation task
 - `CRON_FORCE_TRIGGERS_TASK`: Cron expression for force triggers task
 - `CRON_SERVICE_SCORE_RECALC_TASK`: Cron expression for service score recalculation task
+- `CRON_INACTIVE_USERS_TASK`: Cron expression for inactive users cleanup task
 
 ## Usage
 
@@ -60,6 +61,9 @@ uv run -m pyworker force-triggers
 
 # Run service score recalculation task
 uv run -m pyworker service-score-recalc [--service-id ID]
+
+# Run inactive users cleanup task
+uv run -m pyworker inactive-users
 ```
 
 ### Worker Mode
@@ -96,7 +100,7 @@ Tasks will run according to their configured cron schedules.
 ### Force Triggers Task
 
 - Maintains database triggers by forcing them to run under certain conditions
-- Currently handles updating the "isRecentlyListed" flag for services after 15 days
+- Currently handles updating the "isRecentlyApproved" flag for services after 15 days
 - Scheduled via `CRON_FORCE-TRIGGERS_TASK`
 
 ### Service Score Recalculation Task
@@ -106,6 +110,15 @@ Tasks will run according to their configured cron schedules.
 - Calculates privacy, trust, and overall scores
 - Scheduled via `CRON_SERVICE-SCORE-RECALC_TASK`
 
+### Inactive Users Task
+
+- Handles cleanup of inactive user accounts
+- Identifies users who have been inactive for 1 year (no comments, votes, suggestions, and 0 karma)
+- Sends deletion warning notifications at 30, 15, 5, and 1 day intervals
+- Deletes accounts that remain inactive after the warning period
+- Cancels deletion for users who become active again
+- Scheduled via `CRON_INACTIVE_USERS_TASK`
+
 ## Development
 
 ### Project Structure
@@ -124,6 +137,7 @@ pyworker/
 │   │   ├── base.py
 │   │   ├── comment_moderation.py
 │   │   ├── force_triggers.py
+│   │   ├── inactive_users.py
 │   │   ├── service_score_recalc.py
 │   │   ├── tos_review.py
 │   │   └── user_sentiment.py

pyworker/pyworker/cli.py

@@ -17,6 +17,7 @@ from pyworker.scheduler import TaskScheduler
 from .tasks import (
     CommentModerationTask,
     ForceTriggersTask,
+    InactiveUsersTask,
     ServiceScoreRecalculationTask,
     TosReviewTask,
     UserSentimentTask,
@@ -89,6 +90,23 @@ def parse_args(args: List[str]) -> argparse.Namespace:
     score_recalc_parser.add_argument(
         "--service-id", type=int, help="Specific service ID to process (optional)"
     )
+    score_recalc_parser.add_argument(
+        "--all",
+        action="store_true",
+        help="Recalculate scores for all services (ignores --service-id)",
+    )
+
+    # Service Score Recalculation task for all services
+    subparsers.add_parser(
+        "service-score-recalc-all",
+        help="Recalculate service scores for all services",
+    )
+
+    # Inactive users task
+    subparsers.add_parser(
+        "inactive-users",
+        help="Handle inactive users - send deletion warnings and clean up accounts",
+    )
 
     return parser.parse_args(args)
 
@@ -295,12 +313,15 @@ def run_force_triggers_task() -> int:
         close_db_pool()
 
 
-def run_service_score_recalc_task(service_id: Optional[int] = None) -> int:
+def run_service_score_recalc_task(
+    service_id: Optional[int] = None, all_services: bool = False
+) -> int:
     """
     Run the service score recalculation task.
 
     Args:
         service_id: Optional specific service ID to process.
+        all_services: Whether to recalculate scores for all services.
 
     Returns:
         Exit code.
@@ -310,7 +331,34 @@ def run_service_score_recalc_task(service_id: Optional[int] = None) -> int:
     try:
         # Initialize task and use as context manager
         with ServiceScoreRecalculationTask() as task:  # type: ignore
-            result = task.run(service_id)  # type: ignore
+            if all_services:
+                queued = task.recalculate_all_services()  # type: ignore
+                if not queued:
+                    logger.warning(
+                        "Failed to queue recalculation jobs for all services"
+                    )
+
+                # Continuously process queued jobs in batches until none remain
+                while True:
+                    _ = task.run()  # type: ignore
+
+                    # Check if there are still unprocessed jobs
+                    remaining = 0
+                    if task.conn:
+                        with task.conn.cursor() as cursor:
+                            cursor.execute(
+                                'SELECT COUNT(*) FROM "ServiceScoreRecalculationJob" WHERE "processedAt" IS NULL'
+                            )
+                            remaining = cursor.fetchone()[0]
+
+                    if remaining == 0:
+                        break
+
+                result = True  # All jobs processed successfully
+
+            else:
+                result = task.run(service_id)  # type: ignore
+
             if result:
                 logger.info("Successfully recalculated service scores")
             else:
@@ -323,6 +371,37 @@ def run_service_score_recalc_task(service_id: Optional[int] = None) -> int:
         close_db_pool()
 
 
+def run_service_score_recalc_all_task() -> int:
+    """
+    Run the service score recalculation task for all services.
+    """
+    return run_service_score_recalc_task(all_services=True)
+
+
+def run_inactive_users_task() -> int:
+    """
+    Run the inactive users task.
+
+    Returns:
+        Exit code.
+    """
+    logger.info("Starting inactive users task")
+
+    try:
+        # Initialize task and use as context manager
+        with InactiveUsersTask() as task:  # type: ignore
+            result = task.run()  # type: ignore
+            logger.info(f"Inactive users task completed. Results: {result}")
+
+        return 0
+    except Exception as e:
+        logger.exception(f"Error running inactive users task: {e}")
+        return 1
+    finally:
+        # Ensure connection pool is closed even if an error occurs
+        close_db_pool()
+
+
 def run_worker_mode() -> int:
     """
     Run in worker mode, scheduling tasks to run periodically.
@@ -334,42 +413,37 @@ def run_worker_mode() -> int:
 
     # Get task schedules from config
     task_schedules = config.task_schedules
-    if not task_schedules:
+    logger.info(
+        "Found %s cron schedule%s from environment variables: %s",
+        len(task_schedules),
+        "s" if len(task_schedules) != 1 else "",
+        ", ".join(task_schedules.keys()) if task_schedules else "<none>",
+    )
+
+    required_tasks: dict[str, Any] = {
+        "tosreview": run_tos_task,
+        "user_sentiment": run_sentiment_task,
+        "comment_moderation": run_moderation_task,
+        "force_triggers": run_force_triggers_task,
+        "inactive_users": run_inactive_users_task,
+        "service_score_recalc": run_service_score_recalc_task,
+        "service_score_recalc_all": run_service_score_recalc_all_task,
+    }
+
+    missing_tasks = [t for t in required_tasks if t not in task_schedules]
+    if missing_tasks:
         logger.error(
-            "No task schedules defined. Set CRON_TASKNAME_TASK environment variables."
+            "Missing cron schedule for task%s: %s. Set the corresponding CRON_<TASKNAME>_TASK environment variable%s.",
+            "s" if len(missing_tasks) != 1 else "",
+            ", ".join(missing_tasks),
+            "s" if len(missing_tasks) != 1 else "",
         )
         return 1
 
-    logger.info(
-        f"Found {len(task_schedules)} scheduled tasks: {', '.join(task_schedules.keys())}"
-    )
-
-    # Initialize the scheduler
     scheduler = TaskScheduler()
 
-    # Register tasks with their schedules
+    for task_name, task_callable in required_tasks.items():
-    for task_name, cron_expression in task_schedules.items():
+        scheduler.register_task(task_name, task_schedules[task_name], task_callable)
-        if task_name.lower() == "tosreview":
-            scheduler.register_task(task_name, cron_expression, run_tos_task)
-        elif task_name.lower() == "user_sentiment":
-            scheduler.register_task(task_name, cron_expression, run_sentiment_task)
-        elif task_name.lower() == "comment_moderation":
-            scheduler.register_task(task_name, cron_expression, run_moderation_task)
-        elif task_name.lower() == "force_triggers":
-            scheduler.register_task(task_name, cron_expression, run_force_triggers_task)
-        elif task_name.lower() == "service_score_recalc":
-            scheduler.register_task(
-                task_name, cron_expression, run_service_score_recalc_task
-            )
-        else:
-            logger.warning(f"Unknown task '{task_name}', skipping")
-
-    # Register service score recalculation task (every 5 minutes)
-    scheduler.register_task(
-        "service-score-recalc",
-        "*/5 * * * *",
-        run_service_score_recalc_task,
-    )
 
     # Start the scheduler if tasks were registered
     if scheduler.tasks:
@@ -419,7 +493,13 @@ def main() -> int:
         elif args.task == "force-triggers":
             return run_force_triggers_task()
         elif args.task == "service-score-recalc":
-            return run_service_score_recalc_task(args.service_id)
+            return run_service_score_recalc_task(
+                args.service_id, getattr(args, "all", False)
+            )
+        elif args.task == "service-score-recalc-all":
+            return run_service_score_recalc_all_task()
+        elif args.task == "inactive-users":
+            return run_inactive_users_task()
         elif args.task:
             logger.error(f"Unknown task: {args.task}")
             return 1

pyworker/pyworker/database.py

@@ -332,29 +332,33 @@ def remove_service_attribute_by_slug(service_id: int, attribute_slug: str) -> bo
     return remove_service_attribute(service_id, attribute_id)
 
 
-def save_tos_review(service_id: int, review: TosReviewType):
+def save_tos_review(service_id: int, review: Optional[TosReviewType]):
-    """
+    """Persist a TOS review and/or update the timestamp for a service.
-    Save a TOS review for a specific service.
 
-    Args:
+    If *review* is ``None`` the existing review (if any) is preserved while
-        service_id: The ID of the service.
+    only the ``tosReviewAt`` column is updated. This ensures we still track
-        review: A TypedDict containing the review data.
+    when the review task last ran even if the review generation failed or
+    produced no changes.
     """
     try:
-        # Serialize the dictionary to a JSON string for the database
-        review_json = json.dumps(review)
         with get_db_connection() as conn:
             with conn.cursor(row_factory=dict_row) as cursor:
-                cursor.execute(
+                if review is None:
-                    """
+                    cursor.execute(
-                    UPDATE "Service" 
+                        'UPDATE "Service" SET "tosReviewAt" = NOW() WHERE id = %s AND "tosReview" IS NULL',
-                    SET "tosReview" = %s, "tosReviewAt" = NOW()
+                        (service_id,),
-                    WHERE id = %s
+                    )
-                """,
+                else:
-                    (review_json, service_id),
+                    review_json = json.dumps(review)
-                )
+                    cursor.execute(
+                        'UPDATE "Service" SET "tosReview" = %s, "tosReviewAt" = NOW() WHERE id = %s',
+                        (review_json, service_id),
+                    )
+
                 conn.commit()
-                logger.info(f"Successfully saved TOS review for service {service_id}")
+                logger.info(
+                    f"Successfully saved TOS review (updated={review is not None}) for service {service_id}"
+                )
     except Exception as e:
         logger.error(f"Error saving TOS review for service {service_id}: {e}")
 

pyworker/pyworker/scheduler.py

@@ -14,6 +14,7 @@ from pyworker.database import close_db_pool
 from .tasks import (
     CommentModerationTask,
     ForceTriggersTask,
+    InactiveUsersTask,
     ServiceScoreRecalculationTask,
     TosReviewTask,
     UserSentimentTask,
@@ -62,25 +63,29 @@ class TaskScheduler:
             cron_expression: Cron expression defining the schedule.
             task_func: Function to execute.
             *args: Arguments to pass to the task function.
-            **kwargs: Keyword arguments to pass to the task function.
+            **kwargs: Keyword arguments to pass to the task function. `instantiate` is a special kwarg.
         """
+        instantiate = kwargs.pop("instantiate", True)
         # Declare task_instance variable with type annotation upfront
         task_instance: Any = None
 
-        # Initialize the appropriate task class based on the task name
+        if instantiate:
-        if task_name.lower() == "tosreview":
+            # Initialize the appropriate task class based on the task name
-            task_instance = TosReviewTask()
+            if task_name.lower() == "tosreview":
-        elif task_name.lower() == "user_sentiment":
+                task_instance = TosReviewTask()
-            task_instance = UserSentimentTask()
+            elif task_name.lower() == "user_sentiment":
-        elif task_name.lower() == "comment_moderation":
+                task_instance = UserSentimentTask()
-            task_instance = CommentModerationTask()
+            elif task_name.lower() == "comment_moderation":
-        elif task_name.lower() == "force_triggers":
+                task_instance = CommentModerationTask()
-            task_instance = ForceTriggersTask()
+            elif task_name.lower() == "force_triggers":
-        elif task_name.lower() == "service_score_recalc":
+                task_instance = ForceTriggersTask()
-            task_instance = ServiceScoreRecalculationTask()
+            elif task_name.lower() == "service_score_recalc":
-        else:
+                task_instance = ServiceScoreRecalculationTask()
-            self.logger.warning(f"Unknown task '{task_name}', skipping")
+            elif task_name.lower() == "inactive_users":
-            return
+                task_instance = InactiveUsersTask()
+            else:
+                self.logger.warning(f"Unknown task '{task_name}', skipping")
+                return
 
         self.tasks[task_name] = {
             "cron": cron_expression,
@@ -126,8 +131,12 @@ class TaskScheduler:
                     self.logger.info(f"Running task '{task_name}'")
                     # Use task instance as a context manager to ensure
                     # a single database connection is used for the entire task
-                    with task_info["instance"]:
+                    if task_info["instance"]:
-                        # Execute the registered task function with its arguments
+                        with task_info["instance"]:
+                            # Execute the registered task function with its arguments
+                            task_info["func"](*task_info["args"], **task_info["kwargs"])
+                    else:
+                        # Execute the registered task function without a context manager
                         task_info["func"](*task_info["args"], **task_info["kwargs"])
                     self.logger.info(f"Task '{task_name}' completed")
                 except Exception as e:

pyworker/pyworker/tasks/__init__.py

@@ -3,6 +3,7 @@
 from .base import Task
 from .comment_moderation import CommentModerationTask
 from .force_triggers import ForceTriggersTask
+from .inactive_users import InactiveUsersTask
 from .service_score_recalc import ServiceScoreRecalculationTask
 from .tos_review import TosReviewTask
 from .user_sentiment import UserSentimentTask
@@ -11,6 +12,7 @@ __all__ = [
     "Task",
     "CommentModerationTask",
     "ForceTriggersTask",
+    "InactiveUsersTask",
     "ServiceScoreRecalculationTask",
     "TosReviewTask",
     "UserSentimentTask",

pyworker/pyworker/tasks/force_triggers.py

@@ -9,7 +9,7 @@ class ForceTriggersTask(Task):
     Force triggers to run under certain conditions.
     """
 
-    RECENT_LISTED_INTERVAL_DAYS = 15
+    RECENT_APPROVED_INTERVAL_DAYS = 15
 
     def __init__(self):
         super().__init__("force_triggers")
@@ -24,10 +24,10 @@ class ForceTriggersTask(Task):
 
         update_query = f"""
         UPDATE "Service"
-        SET "isRecentlyListed" = FALSE, "updatedAt" = NOW()
+        SET "isRecentlyApproved" = FALSE, "updatedAt" = NOW()
-        WHERE "isRecentlyListed" = TRUE
+        WHERE "isRecentlyApproved" = TRUE
-        AND "listedAt" IS NOT NULL
+        AND "approvedAt" IS NOT NULL
-        AND "listedAt" < NOW() - INTERVAL '{self.RECENT_LISTED_INTERVAL_DAYS} days'
+        AND "approvedAt" < NOW() - INTERVAL '{self.RECENT_APPROVED_INTERVAL_DAYS} days'
         """
         try:
             with self.conn.cursor() as cursor:

pyworker/pyworker/tasks/inactive_users.py

@@ -0,0 +1,258 @@
+"""
+Task for handling inactive users - sending deletion warnings and cleaning up accounts.
+"""
+
+from datetime import datetime, timedelta, date
+from typing import Any, Dict, List, Optional
+
+from pyworker.database import execute_db_command, run_db_query
+from pyworker.tasks.base import Task
+
+
+class InactiveUsersTask(Task):
+    """Task for handling inactive users"""
+
+    def __init__(self):
+        """Initialize the inactive users task."""
+        super().__init__("inactive_users")
+
+    def run(self) -> Dict[str, Any]:
+        """
+        Run the inactive users task.
+        
+        This task:
+        1. Identifies users who have been inactive for 1 year
+        2. Schedules them for deletion 
+        3. Sends warning notifications at 30, 15, 5, and 1 day intervals
+        4. Deletes accounts that have reached their deletion date
+        """
+        results = {
+            "users_scheduled_for_deletion": 0,
+            "notifications_sent": 0,
+            "accounts_deleted": 0,
+            "deletions_cancelled": 0,
+        }
+
+        # Step 1: Cancel deletion for users who became active again
+        results["deletions_cancelled"] = self._cancel_deletion_for_active_users()
+
+        # Step 2: Schedule new inactive users for deletion
+        results["users_scheduled_for_deletion"] = self._schedule_inactive_users_for_deletion()
+        
+        # Step 3: Send warning notifications
+        results["notifications_sent"] = self._send_deletion_warnings()
+        
+        # Step 4: Delete accounts that have reached their deletion date
+        results["accounts_deleted"] = self._delete_scheduled_accounts()
+
+        self.logger.info(
+            f"Inactive users task completed. "
+            f"Deletions cancelled: {results['deletions_cancelled']}, "
+            f"Scheduled: {results['users_scheduled_for_deletion']}, "
+            f"Notifications sent: {results['notifications_sent']}, "
+            f"Accounts deleted: {results['accounts_deleted']}"
+        )
+
+        return results
+
+    def _schedule_inactive_users_for_deletion(self) -> int:
+        """
+        Schedule inactive users for deletion.
+        
+        A user is considered inactive if:
+        - Account was created more than 1 year ago
+        - Has 0 karma
+        - Has no comments, comment votes, or service suggestions
+        - Is not scheduled for deletion already
+        - Is not an admin or moderator
+        """
+        one_year_ago = datetime.now() - timedelta(days=365)
+        deletion_date = date.today() + timedelta(days=30)  # 30 days from today
+        
+        # Find inactive users
+        query = """
+        UPDATE "User" 
+        SET "scheduledDeletionAt" = %s, "updatedAt" = NOW()
+        WHERE "id" IN (
+            SELECT u."id" 
+            FROM "User" u
+            WHERE u."createdAt" < %s
+                AND u."scheduledDeletionAt" IS NULL
+                AND u."admin" = false
+                AND u."moderator" = false
+                AND u."totalKarma" = 0
+                AND NOT EXISTS (
+                    SELECT 1 FROM "Comment" c WHERE c."authorId" = u."id"
+                )
+                AND NOT EXISTS (
+                    SELECT 1 FROM "CommentVote" cv WHERE cv."userId" = u."id"
+                )
+                AND NOT EXISTS (
+                    SELECT 1 FROM "ServiceSuggestion" ss WHERE ss."userId" = u."id"
+                )
+        )
+        """
+        
+        count = execute_db_command(query, (deletion_date, one_year_ago))
+        self.logger.info(f"Scheduled {count} inactive users for deletion on {deletion_date}")
+        return count
+
+    def _send_deletion_warnings(self) -> int:
+        """
+        Send deletion warning notifications to users at appropriate intervals.
+        """
+        today = date.today()
+        notifications_sent = 0
+        
+        # Define warning intervals and their corresponding notification types
+        warning_intervals = [
+            (30, 'ACCOUNT_DELETION_WARNING_30_DAYS'),
+            (15, 'ACCOUNT_DELETION_WARNING_15_DAYS'),
+            (5, 'ACCOUNT_DELETION_WARNING_5_DAYS'),
+            (1, 'ACCOUNT_DELETION_WARNING_1_DAY'),
+        ]
+        
+        for days_before, notification_type in warning_intervals:
+            # Find users who should receive this warning (exact date match)
+            target_date = today + timedelta(days=days_before)
+            
+            # Check if user is still inactive (no recent activity)
+            users_query = """
+            SELECT u."id", u."name", u."scheduledDeletionAt"
+            FROM "User" u
+            WHERE u."scheduledDeletionAt" = %s
+                AND u."admin" = false
+                AND u."moderator" = false
+                AND u."totalKarma" = 0
+                AND NOT EXISTS (
+                    SELECT 1 FROM "Notification" n 
+                    WHERE n."userId" = u."id" 
+                        AND n."type" = %s 
+                        AND n."createdAt" > (u."scheduledDeletionAt" - INTERVAL '30 days')
+                )
+                -- Still check if user is inactive (no activity since being scheduled)
+                AND NOT EXISTS (
+                    SELECT 1 FROM "Comment" c 
+                    WHERE c."authorId" = u."id" 
+                        AND c."createdAt" > (u."scheduledDeletionAt" - INTERVAL '30 days')
+                )
+                AND NOT EXISTS (
+                    SELECT 1 FROM "CommentVote" cv 
+                    WHERE cv."userId" = u."id" 
+                        AND cv."createdAt" > (u."scheduledDeletionAt" - INTERVAL '30 days')
+                )
+                AND NOT EXISTS (
+                    SELECT 1 FROM "ServiceSuggestion" ss 
+                    WHERE ss."userId" = u."id" 
+                        AND ss."createdAt" > (u."scheduledDeletionAt" - INTERVAL '30 days')
+                )
+            """
+            
+            users = run_db_query(users_query, (target_date, notification_type))
+            
+            # Create notifications for these users
+            for user in users:
+                insert_notification_query = """
+                INSERT INTO "Notification" ("userId", "type", "createdAt", "updatedAt")
+                VALUES (%s, %s, NOW(), NOW())
+                ON CONFLICT DO NOTHING
+                """
+                
+                execute_db_command(insert_notification_query, (user['id'], notification_type))
+                notifications_sent += 1
+                
+                self.logger.info(
+                    f"Sent {notification_type} notification to user {user['name']} "
+                    f"(ID: {user['id']}) scheduled for deletion on {user['scheduledDeletionAt']}"
+                )
+        
+        return notifications_sent
+
+    def _delete_scheduled_accounts(self) -> int:
+        """
+        Delete accounts that have reached their scheduled deletion date and are still inactive.
+        """
+        today = date.today()
+        
+        # Find users scheduled for deletion who are still inactive
+        users_to_delete_query = """
+        SELECT u."id", u."name", u."scheduledDeletionAt"
+        FROM "User" u
+        WHERE u."scheduledDeletionAt" <= %s
+            AND u."admin" = false
+            AND u."moderator" = false
+            AND u."totalKarma" = 0
+            -- Double-check they're still inactive
+            AND NOT EXISTS (
+                SELECT 1 FROM "Comment" c 
+                WHERE c."authorId" = u."id" 
+                    AND c."createdAt" > (u."scheduledDeletionAt" - INTERVAL '30 days')
+            )
+            AND NOT EXISTS (
+                SELECT 1 FROM "CommentVote" cv 
+                WHERE cv."userId" = u."id" 
+                    AND cv."createdAt" > (u."scheduledDeletionAt" - INTERVAL '30 days')
+            )
+            AND NOT EXISTS (
+                SELECT 1 FROM "ServiceSuggestion" ss 
+                WHERE ss."userId" = u."id" 
+                    AND ss."createdAt" > (u."scheduledDeletionAt" - INTERVAL '30 days')
+            )
+        """
+        
+        users_to_delete = run_db_query(users_to_delete_query, (today,))
+        deleted_count = 0
+        
+        for user in users_to_delete:
+            try:
+                # Delete the user (this will cascade and delete related records)
+                delete_query = 'DELETE FROM "User" WHERE "id" = %s'
+                execute_db_command(delete_query, (user['id'],))
+                deleted_count += 1
+                
+                self.logger.info(
+                    f"Deleted inactive user {user['name']} (ID: {user['id']}) "
+                    f"scheduled for deletion on {user['scheduledDeletionAt']}"
+                )
+                
+            except Exception as e:
+                self.logger.error(
+                    f"Failed to delete user {user['name']} (ID: {user['id']}): {e}"
+                )
+        
+        return deleted_count
+
+    def _cancel_deletion_for_active_users(self) -> int:
+        """
+        Cancel scheduled deletion for users who have become active again.
+        """
+        # Find users scheduled for deletion who have recent activity or gained karma
+        query = """
+        UPDATE "User" 
+        SET "scheduledDeletionAt" = NULL, "updatedAt" = NOW()
+        WHERE "scheduledDeletionAt" IS NOT NULL
+            AND (
+                "totalKarma" > 0
+                OR EXISTS (
+                    SELECT 1 FROM "Comment" c 
+                    WHERE c."authorId" = "User"."id" 
+                        AND c."createdAt" > ("User"."scheduledDeletionAt" - INTERVAL '30 days')
+                )
+                OR EXISTS (
+                    SELECT 1 FROM "CommentVote" cv 
+                    WHERE cv."userId" = "User"."id" 
+                        AND cv."createdAt" > ("User"."scheduledDeletionAt" - INTERVAL '30 days')
+                )
+                OR EXISTS (
+                    SELECT 1 FROM "ServiceSuggestion" ss 
+                    WHERE ss."userId" = "User"."id" 
+                        AND ss."createdAt" > ("User"."scheduledDeletionAt" - INTERVAL '30 days')
+                )
+            )
+        """
+        
+        count = execute_db_command(query)
+        if count > 0:
+            self.logger.info(f"Cancelled deletion for {count} users who became active again or gained karma")
+        
+        return count 

pyworker/pyworker/tasks/service_score_recalc.py

@@ -205,8 +205,7 @@ class ServiceScoreRecalculationTask(Task):
                 cursor.execute(
                     """
                     SELECT id 
-                    FROM "Service" 
+                    FROM "Service"
-                    WHERE "isActive" = TRUE
                     """
                 )
                 services = cursor.fetchall()

pyworker/pyworker/tasks/tos_review.py

@@ -5,6 +5,8 @@ Task for retrieving Terms of Service (TOS) text.
 import hashlib
 from typing import Any, Dict, Optional
 
+import requests
+
 from pyworker.database import TosReviewType, save_tos_review, update_kyc_level
 from pyworker.tasks.base import Task
 from pyworker.utils.ai import prompt_check_tos_review, prompt_tos_review
@@ -32,8 +34,8 @@ class TosReviewTask(Task):
         service_name = service["name"]
         verification_status = service.get("verificationStatus")
 
-        # Only process verified or approved services
+        # Only process verified, approved, or community contributed services
-        if verification_status not in ["VERIFICATION_SUCCESS", "APPROVED"]:
+        if verification_status not in ["VERIFICATION_SUCCESS", "APPROVED", "COMMUNITY_CONTRIBUTED"]:
             self.logger.info(
                 f"Skipping TOS review for service: {service_name} (ID: {service_id}) - Status: {verification_status}"
             )
@@ -52,65 +54,97 @@ class TosReviewTask(Task):
         )
         self.logger.info(f"TOS URLs: {tos_urls}")
 
+        review = self.get_tos_review(tos_urls, service.get("tosReview"))
+
+        # Always update the processed timestamp, even if review is None
+        save_tos_review(service_id, review)
+
+        if review is None:
+            self.logger.warning(
+                f"TOS review could not be generated for service {service_name} (ID: {service_id})"
+            )
+            return None
+
+        # Update the KYC level based on the review, when present
+        if "kycLevel" in review:
+            new_level = review["kycLevel"]
+            old_level = service.get("kycLevel")
+
+            # Update DB
+            if update_kyc_level(service_id, new_level):
+                msg = f"{service.get('slug', service_name)}: kycLevel {old_level} -> {new_level}"
+
+                # Log to console
+                self.logger.info(msg)
+
+                # Send notification via ntfy
+                try:
+                    requests.post(
+                        "https://ntfy.sh/knm-kyc-lvl-changes-knm", data=msg.encode()
+                    )
+                except requests.RequestException as e:
+                    self.logger.error(
+                        f"Failed to send ntfy notification for KYC level change: {e}"
+                    )
+
+        return review
+
+    def get_tos_review(
+        self, tos_urls: list[str], current_review: Optional[TosReviewType]
+    ) -> Optional[TosReviewType]:
+        """
+        Get TOS review from a list of URLs.
+
+        Args:
+            tos_urls: List of TOS URLs to check
+            current_review: Current review data from the database
+
+        Returns:
+            Dict containing:
+            - status: Literal["skipped", "failed", "success"]
+            - review: Optional[TosReviewType] - The review data if successful
+        """
+        all_skipped = True
+
         for tos_url in tos_urls:
             api_url = f"{tos_url}"
             self.logger.info(f"Fetching TOS from URL: {api_url}")
 
-            # Sleep for 1 second to avoid rate limiting
             content = fetch_markdown(api_url)
 
-            if content:
+            if not content:
-                # Hash the content to avoid repeating the same content
-                content_hash = hashlib.sha256(content.encode()).hexdigest()
-                self.logger.info(f"Content hash: {content_hash}")
-
-                # service.get("tosReview") can be None if the DB field is NULL.
-                # Default to an empty dict to prevent AttributeError on .get()
-                tos_review_data_from_service: Optional[Dict[str, Any]] = service.get(
-                    "tosReview"
-                )
-                tos_review: Dict[str, Any] = (
-                    tos_review_data_from_service
-                    if tos_review_data_from_service is not None
-                    else {}
-                )
-
-                stored_hash = tos_review.get("contentHash")
-
-                # Skip processing if we've seen this content before
-                if stored_hash == content_hash:
-                    self.logger.info(
-                        f"Skipping already processed TOS content with hash: {content_hash}"
-                    )
-                    continue
-
-                # Skip incomplete TOS content
-                check = prompt_check_tos_review(content)
-                if not check:
-                    continue
-                elif not check["isComplete"]:
-                    continue
-
-                # Query OpenAI to summarize the content
-                review = prompt_tos_review(content)
-
-                if review:
-                    review["contentHash"] = content_hash
-                    # Save the review to the database
-                    save_tos_review(service_id, review)
-
-                    # Update the KYC level based on the review
-                    if "kycLevel" in review:
-                        kyc_level = review["kycLevel"]
-                        self.logger.info(
-                            f"Updating KYC level to {kyc_level} for service {service_name}"
-                        )
-                        update_kyc_level(service_id, kyc_level)
-                    # no need to check other TOS URLs
-                    break
-
-                return review
-            else:
                 self.logger.warning(
                     f"Failed to retrieve TOS content for URL: {tos_url}"
                 )
+                all_skipped = False
+                continue
+
+            # Hash the content to avoid repeating the same content
+            content_hash = hashlib.sha256(content.encode()).hexdigest()
+            self.logger.info(f"Content hash: {content_hash}")
+
+            # Skip processing if we've seen this content before
+            if current_review and current_review.get("contentHash") == content_hash:
+                self.logger.info(
+                    f"Skipping already processed TOS content with hash: {content_hash}"
+                )
+                continue
+
+            all_skipped = False
+
+            # Skip incomplete TOS content
+            check = prompt_check_tos_review(content)
+            if not check or not check["isComplete"]:
+                continue
+
+            # Query OpenAI to summarize the content
+            review = prompt_tos_review(content)
+
+            if review:
+                review["contentHash"] = content_hash
+                return review
+
+        if all_skipped:
+            return current_review
+
+        return None

pyworker/pyworker/utils/ai.py

@@ -92,7 +92,9 @@ def prompt_check_tos_review(content: str) -> TosReviewCheck:
         {"role": "user", "content": content},
     ]
 
-    result_dict = query_openai_json(messages, model="openai/gpt-4.1-mini")
+    result_dict = query_openai_json(
+        messages, model="openai/gemini-2.5-flash-preview-05-20"
+    )
 
     return cast(TosReviewCheck, result_dict)
 
@@ -173,27 +175,27 @@ type TosReview = {
         /** In regards to KYC, Privacy, Anonymity, Self-Sovereignity, etc. */
         /** anything that could harm the user's privacy, identity, self-sovereignity or anonymity is negative, anything that otherwise helps is positive. else it is neutral. */
         rating: 'negative' | 'neutral' | 'positive'
-    }[]
+    }[] // max 8 highlights, try to provide at least 3.
 }
 
 The rating is a number between 0 and 2, where 0 is informative, 1 is warning, and 2 is critical.
 
-Be concise but thorough, and make sure your output is properly formatted JSON.
+Focus on the most important information for the user. Be concise and thorough, and make sure your output is properly formatted JSON.
 """
 
 PROMPT_COMMENT_SENTIMENT_SUMMARY = """
 You will be given a list of user comments to a service.
 Your task is to summarize the comments in a way that is easy to understand and to the point.
-The summary should be concise and to the point, no more than 150 words.
+The summary should be concise and to the point, no more than 100 words. Keep it short and concise.
 Use markdown formatting to highlight in bold the most important information. Only bold is allowed.
 
 You must format your response as a valid JSON object with the following structure:
 
 interface CommentSummary {
-  summary: string;
+  summary: string; // Concise, 100 words max
   sentiment: 'positive'|'negative'|'neutral';
-  whatUsersLike: string[]; // Concise, 2-3 words, max 4
+  whatUsersLike: string[]; // Concise, 2-3 words max
-  whatUsersDislike: string[]; // Concise, 2-3 words, max 4
+  whatUsersDislike: string[]; // Concise, 2-3 words max
 }
 
 Always avoid repeating information in the list of what users like or dislike. Also, make sure you keep the summary short and concise, no more than 150 words. Ignore irrelevant comments. Make an item for each like/dislike, avoid something like 'No logs / Audited', it should be 'No logs' and 'Audited' as separate items.

web/.env.example

@@ -2,12 +2,12 @@ DATABASE_URL="postgresql://kycnot:kycnot@localhost:3399/kycnot?schema=public"
 REDIS_URL="redis://localhost:6379"
 SOURCE_CODE_URL="https://github.com"
 DATABASE_UI_URL="http://localhost:5555"
-SITE_URL="https://localhost:4321"
+SITE_URL="http://localhost:4321"
 ONION_ADDRESS="http://kycnotmezdiftahfmc34pqbpicxlnx3jbf5p7jypge7gdvduu7i6qjqd.onion"
 I2P_ADDRESS="http://nti3rj4j4disjcm2kvp4eno7otcejbbxv3ggxwr5tpfk4jucah7q.b32.i2p"
 RELEASE_NUMBER=123
 RELEASE_DATE="2025-05-23T19:00:00.000Z"
 # Generated with `npx web-push generate-vapid-keys`
-VAPID_PUBLIC_KEY="<vapid-public-key-placeholder>"
+VAPID_PUBLIC_KEY="BPmJbRXzG9zT181vyg1GlpyV8qu7rjVjfg6vkkOgtqeTZECyt6lR4MuzmlarEHSBF6gPpc77ZA0_tTVtmYh65iM"
-VAPID_PRIVATE_KEY="<vapid-private-key-placeholder>"
+VAPID_PRIVATE_KEY="eN_S2SMXDB2hpwVXbgDkDrPIPMqirllZaJcUgYTt9w0"
 VAPID_SUBJECT="mailto:no-reply@kycnot.me"

web/.nvmrc

@@ -1 +1 @@
-23
+24

web/Dockerfile

@@ -1,26 +1,29 @@
 FROM node:lts AS runtime
 WORKDIR /app
 
-COPY package.json package-lock.json ./
+COPY .env .env
+COPY web/package.json web/package-lock.json ./
 
-COPY .npmrc .npmrc
+COPY web/.npmrc .npmrc
 
 RUN npm ci
 
-COPY . .
+COPY web/ .
 
 ARG ASTRO_BUILD_MODE=production
+
 # Generate Prisma client
 RUN npx prisma generate
+
 # Build the application
-RUN npm run build -- --mode ${ASTRO_BUILD_MODE}
+RUN npm run build:astro -- --mode ${ASTRO_BUILD_MODE} && npm run build:server-init
 
 ENV HOST=0.0.0.0
 ENV PORT=4321
 EXPOSE 4321
 
 # Add knm-migrate command script and make it executable
-COPY migrate.sh /usr/local/bin/knm-migrate
+COPY web/migrate.sh /usr/local/bin/knm-migrate
 RUN chmod +x /usr/local/bin/knm-migrate
 
-CMD ["node", "./dist/server/entry.mjs"]
+CMD ["sh", "-c", "node ./dist/server/server-init.js & node ./dist/server/entry.mjs"]

web/astro.config.mjs

@@ -4,26 +4,82 @@ import mdx from '@astrojs/mdx'
 import node from '@astrojs/node'
 import sitemap from '@astrojs/sitemap'
 import tailwindcss from '@tailwindcss/vite'
+import { minimal2023Preset } from '@vite-pwa/assets-generator/config'
+import AstroPWA from '@vite-pwa/astro'
 import { defineConfig, envField } from 'astro/config'
 import icon from 'astro-icon'
-import { loadEnv } from 'vite'
+import devtoolsJson from 'vite-plugin-devtools-json'
 
-// @ts-expect-error process.env actually exists
+import { postgresListener } from './src/lib/postgresListenerIntegration'
-const { SITE_URL } = loadEnv(process.env.NODE_ENV, process.cwd(), '')
+import { getServerEnvVariable } from './src/lib/serverEnvVariables'
-if (!SITE_URL) throw new Error('SITE_URL environment variable is not set')
+
+const SITE_URL = getServerEnvVariable('SITE_URL')
+const ONION_ADDRESS = getServerEnvVariable('ONION_ADDRESS')
+const I2P_ADDRESS = getServerEnvVariable('I2P_ADDRESS')
 
 export default defineConfig({
   site: SITE_URL,
   vite: {
     build: {
-      sourcemap: true,
+      sourcemap: true, // Enable sourcemaps on production, so users can inspect the code
     },
 
-    plugins: [tailwindcss()],
+    plugins: [devtoolsJson(), tailwindcss()],
   },
   integrations: [
+    postgresListener(),
     icon(),
     mdx(),
+    AstroPWA({
+      mode: 'development',
+      base: '/',
+      scope: '/',
+      registerType: 'autoUpdate',
+      manifest: {
+        name: 'KYCnot.me',
+        short_name: 'KYCnot.me',
+        description: 'Find services that respect your privacy',
+        theme_color: '#040505',
+        background_color: '#171c1b',
+        display: 'minimal-ui',
+      },
+      pwaAssets: {
+        image: './public/favicon.svg',
+        preset: {
+          ...minimal2023Preset,
+          maskable: {
+            ...minimal2023Preset.maskable,
+            padding: 0.1,
+            resizeOptions: {
+              ...minimal2023Preset.maskable.resizeOptions,
+              background: '#3bdb78',
+            },
+          },
+          apple: {
+            ...minimal2023Preset.apple,
+            padding: 0.1,
+            resizeOptions: {
+              ...minimal2023Preset.apple.resizeOptions,
+              background: '#3bdb78',
+            },
+          },
+        },
+      },
+      workbox: {
+        navigateFallback: '/404',
+        globPatterns: ['**/*.{js,css,html,ico,jpg,jpeg,png,svg,webp,avif}'],
+      },
+      strategies: 'injectManifest',
+      srcDir: 'src',
+      filename: 'sw.ts',
+      devOptions: {
+        enabled: true,
+        type: 'module',
+      },
+      experimental: {
+        directoryAndTrailingSlashHandler: true,
+      },
+    }),
     sitemap({
       filter: (page) => {
         const url = new URL(page)
@@ -41,6 +97,19 @@ export default defineConfig({
   server: {
     open: false,
     allowedHosts: [new URL(SITE_URL).hostname],
+    headers: {
+      'Onion-Location': ONION_ADDRESS,
+      'X-I2P-Location': I2P_ADDRESS,
+      'X-Frame-Options': 'DENY',
+      // Astro is working on this feature, when it's stable use it instead of this.
+      // https://astro.build/blog/astro-590/#experimental-content-security-policy-support
+      'Content-Security-Policy':
+        SITE_URL === 'http://localhost:4321'
+          ? "frame-ancestors 'none'; upgrade-insecure-requests"
+          : "default-src 'self'; img-src 'self' *; frame-ancestors 'none'; upgrade-insecure-requests",
+      'Strict-Transport-Security':
+        SITE_URL === 'http://localhost:4321' ? undefined : 'max-age=31536000; includeSubdomains; preload;',
+    },
   },
   image: {
     domains: [new URL(SITE_URL).hostname],
@@ -56,6 +125,8 @@ export default defineConfig({
     '/attribute/[...slug]': '/attributes',
     '/attr/[...slug]': '/attributes',
     // #endregion
+
+    '/service/[...slug]/review': '/service/[...slug]#comments',
   },
   env: {
     schema: {
@@ -69,7 +140,7 @@ export default defineConfig({
       }),
       // Public URLs (can be accessed from both server and client)
       SOURCE_CODE_URL: envField.string({
-        context: 'server',
+        context: 'client',
         access: 'public',
         url: true,
         optional: false,
@@ -94,35 +165,6 @@ export default defineConfig({
         startsWith: 'redis://',
         default: 'redis://redis:6379',
       }),
-      REDIS_USER_SESSION_EXPIRY_SECONDS: envField.number({
-        context: 'server',
-        access: 'secret',
-        int: true,
-        gt: 0,
-        default: 60 * 60 * 24, // 24 hours in seconds
-      }),
-      REDIS_IMPERSONATION_SESSION_EXPIRY_SECONDS: envField.number({
-        context: 'server',
-        access: 'secret',
-        int: true,
-        gt: 0,
-        default: 60 * 60 * 24, // 24 hours in seconds
-      }),
-      REDIS_PREGENERATED_TOKEN_EXPIRY_SECONDS: envField.number({
-        context: 'server',
-        access: 'secret',
-        int: true,
-        gt: 0,
-        default: 60 * 5, // 5 minutes in seconds
-      }),
-
-      REDIS_ACTIONS_SESSION_EXPIRY_SECONDS: envField.number({
-        context: 'server',
-        access: 'secret',
-        int: true,
-        gt: 0,
-        default: 60 * 5, // 5 minutes in seconds
-      }),
 
       // Development tokens
       DEV_ADMIN_USER_SECRET_TOKEN: envField.string({

web/eslint.config.js

@@ -121,7 +121,7 @@ export default tseslint.config(
       'import/first': 'error',
       'import/newline-after-import': 'error',
       'import/no-duplicates': 'error',
-      'import/no-unresolved': ['error', { ignore: ['^astro:'] }],
+      'import/no-unresolved': ['error', { ignore: ['^astro:', '^virtual:'] }],
       '@typescript-eslint/no-explicit-any': 'warn',
       'no-console': ['warn', { allow: without(Object.keys(console), 'log') }],
       'import/namespace': 'off',

web/package.json

@@ -4,8 +4,10 @@
   "version": "0.0.1",
   "scripts": {
     "dev": "astro dev",
-    "build": "astro build --remote",
+    "build": "npm run build:astro && npm run build:server-init",
-    "preview": "astro preview",
+    "build:astro": "astro build --remote",
+    "build:server-init": "esbuild src/server-init.ts --bundle --platform=node --format=esm --packages=external --outfile=dist/server/server-init.js",
+    "preview": "node dist/server/server-init.js & astro preview",
     "astro": "astro",
     "db-admin": "prisma studio --browser=none",
     "db-gen": "prisma generate",
@@ -23,77 +25,89 @@
   },
   "dependencies": {
     "@astrojs/check": "0.9.4",
-    "@astrojs/db": "0.14.14",
+    "@astrojs/db": "0.15.0",
-    "@astrojs/mdx": "4.2.6",
+    "@astrojs/mdx": "4.3.0",
-    "@astrojs/node": "9.2.1",
+    "@astrojs/node": "9.3.0",
-    "@astrojs/sitemap": "3.4.0",
+    "@astrojs/rss": "4.0.12",
-    "@fontsource-variable/space-grotesk": "5.2.7",
+    "@astrojs/sitemap": "3.4.1",
-    "@fontsource/inter": "5.2.5",
+    "@fontsource-variable/space-grotesk": "5.2.8",
-    "@fontsource/space-grotesk": "5.2.7",
+    "@fontsource/inter": "5.2.6",
-    "@prisma/client": "6.8.2",
+    "@fontsource/space-grotesk": "5.2.8",
-    "@tailwindcss/vite": "4.1.7",
+    "@prisma/client": "6.11.1",
-    "@types/mime-types": "2.1.4",
+    "@tailwindcss/vite": "4.1.11",
-    "@vercel/og": "0.6.8",
+    "@types/mime-types": "3.0.1",
-    "astro": "5.7.13",
+    "@types/pg": "8.15.4",
+    "@vercel/og": "0.7.2",
+    "astro": "5.9.0",
     "astro-loading-indicator": "0.7.0",
     "astro-remote": "0.3.4",
     "astro-seo-schema": "5.0.0",
-    "canvas": "3.1.0",
+    "canvas": "3.1.2",
     "clsx": "2.1.1",
-    "htmx.org": "1.9.12",
+    "countries-list": "3.1.1",
+    "country-flag-icons": "1.5.19",
+    "he": "1.2.0",
+    "htmx.org": "2.0.6",
     "javascript-time-ago": "2.5.11",
-    "libphonenumber-js": "1.12.8",
+    "libphonenumber-js": "1.12.9",
     "lodash-es": "4.17.21",
     "mime-types": "3.0.1",
     "object-to-formdata": "4.5.1",
+    "pg": "8.16.3",
     "qrcode": "1.5.4",
     "react": "19.1.0",
-    "redis": "5.0.1",
+    "redis": "5.6.0",
     "schema-dts": "1.1.5",
     "seedrandom": "3.0.5",
-    "sharp": "0.34.1",
+    "sharp": "0.34.2",
     "slugify": "1.6.6",
-    "tailwind-merge": "3.3.0",
+    "tailwind-merge": "3.3.1",
     "tailwind-variants": "1.0.0",
-    "tailwindcss": "4.1.7",
+    "tailwindcss": "4.1.11",
     "typescript": "5.8.3",
     "unique-username-generator": "1.4.0",
-    "web-push": "3.6.7",
+    "web-push": "3.6.7"
-    "zod-form-data": "2.0.7"
   },
   "devDependencies": {
-    "@eslint/js": "9.27.0",
+    "@eslint/js": "9.30.1",
-    "@faker-js/faker": "9.8.0",
+    "@faker-js/faker": "9.9.0",
-    "@iconify-json/material-symbols": "1.2.21",
+    "@iconify-json/material-symbols": "1.2.29",
     "@iconify-json/mdi": "1.2.3",
     "@iconify-json/ri": "1.2.5",
-    "@stylistic/eslint-plugin": "4.2.0",
+    "@stylistic/eslint-plugin": "5.1.0",
     "@tailwindcss/forms": "0.5.10",
     "@tailwindcss/typography": "0.5.16",
     "@types/eslint__js": "9.14.0",
+    "@types/he": "1.2.3",
     "@types/lodash-es": "4.17.12",
     "@types/qrcode": "1.5.5",
-    "@types/react": "19.1.4",
+    "@types/react": "19.1.8",
     "@types/seedrandom": "3.0.8",
     "@types/web-push": "3.6.4",
-    "@typescript-eslint/parser": "8.32.1",
+    "@typescript-eslint/parser": "8.36.0",
+    "@vite-pwa/assets-generator": "1.0.0",
+    "@vite-pwa/astro": "1.1.0",
     "astro-icon": "1.1.5",
     "date-fns": "4.1.0",
-    "eslint": "9.27.0",
+    "esbuild": "0.25.6",
-    "eslint-import-resolver-typescript": "4.3.5",
+    "eslint": "9.30.1",
+    "eslint-import-resolver-typescript": "4.4.4",
     "eslint-plugin-astro": "1.3.1",
-    "eslint-plugin-import": "2.31.0",
+    "eslint-plugin-import": "2.32.0",
     "eslint-plugin-jsx-a11y": "6.10.2",
-    "globals": "16.1.0",
+    "globals": "16.3.0",
-    "prettier": "3.5.3",
+    "prettier": "3.6.2",
     "prettier-plugin-astro": "0.14.1",
-    "prettier-plugin-tailwindcss": "0.6.11",
+    "prettier-plugin-tailwindcss": "0.6.13",
-    "prisma": "6.8.2",
+    "prisma": "6.11.1",
-    "prisma-json-types-generator": "3.4.1",
+    "prisma-json-types-generator": "3.5.1",
     "tailwind-htmx": "0.1.2",
-    "ts-essentials": "10.0.4",
+    "ts-essentials": "10.1.1",
     "ts-toolbelt": "9.6.0",
-    "tsx": "4.19.4",
+    "tsx": "4.20.3",
-    "typescript-eslint": "8.32.1"
+    "typescript-eslint": "8.36.0",
+    "vite-plugin-devtools-json": "0.2.1",
+    "workbox-core": "7.3.0",
+    "workbox-precaching": "7.3.0"
   }
 }

web/prisma/migrations/20250603051814_default_clarification_to_none/migration.sql

@@ -0,0 +1,11 @@
+/*
+  Warnings:
+
+  - You are about to drop the column `kycLevelDetailsId` on the `Service` table. All the data in the column will be lost.
+  - Made the column `kycLevelClarification` on table `Service` required. This step will fail if there are existing NULL values in that column.
+
+*/
+-- AlterTable
+ALTER TABLE "Service" DROP COLUMN "kycLevelDetailsId",
+ALTER COLUMN "kycLevelClarification" SET NOT NULL,
+ALTER COLUMN "kycLevelClarification" SET DEFAULT 'NONE';

web/prisma/migrations/20250604164448_test_notification/migration.sql

@@ -0,0 +1,2 @@
+-- AlterEnum
+ALTER TYPE "NotificationType" ADD VALUE 'TEST';

web/prisma/migrations/20250606064639_add_withdrawn_order_status/migration.sql

@@ -0,0 +1,2 @@
+-- AlterEnum
+ALTER TYPE "OrderIdStatus" ADD VALUE 'WITHDRAWN';

web/prisma/migrations/20250609213656_suggestion_created_notification_type/migration.sql

@@ -0,0 +1,2 @@
+-- AlterEnum
+ALTER TYPE "NotificationType" ADD VALUE 'SUGGESTION_CREATED';

web/prisma/migrations/20250610163329_feedi_optional/migration.sql

@@ -0,0 +1,11 @@
+/*
+  Warnings:
+
+  - A unique constraint covering the columns `[feedId]` on the table `User` will be added. If there are existing duplicate values, this will fail.
+
+*/
+-- AlterTable
+ALTER TABLE "User" ADD COLUMN     "feedId" TEXT;
+
+-- CreateIndex
+CREATE UNIQUE INDEX "User_feedId_key" ON "User"("feedId");

web/prisma/migrations/20250610171300_required_feed_id/migration.sql

@@ -0,0 +1,8 @@
+/*
+  Warnings:
+
+  - Made the column `feedId` on table `User` required. This step will fail if there are existing NULL values in that column.
+
+*/
+-- AlterTable
+ALTER TABLE "User" ALTER COLUMN "feedId" SET NOT NULL;

web/prisma/migrations/20250613125943_warning_verification_step/migration.sql

@@ -0,0 +1,2 @@
+-- AlterEnum
+ALTER TYPE "VerificationStepStatus" ADD VALUE 'WARNING';

web/prisma/migrations/20250614101030_service_timestamps/migration.sql

@@ -0,0 +1,3 @@
+-- AlterTable
+ALTER TABLE "Service" ADD COLUMN     "approvedAt" TIMESTAMP(3),
+ADD COLUMN     "spamAt" TIMESTAMP(3);

web/prisma/migrations/20250614110959_rename_recently_listed/migration.sql

@@ -0,0 +1,21 @@
+/*
+  Warnings:
+
+  - You are about to drop the column `isRecentlyListed` on the `Service` table. All the data in the column will be lost.
+
+*/
+-- AlterTable
+ALTER TABLE "Service" DROP COLUMN "isRecentlyListed",
+ADD COLUMN     "isRecentlyApproved" BOOLEAN NOT NULL DEFAULT false;
+
+-- CreateIndex
+CREATE INDEX "Service_approvedAt_idx" ON "Service"("approvedAt");
+
+-- CreateIndex
+CREATE INDEX "Service_verifiedAt_idx" ON "Service"("verifiedAt");
+
+-- CreateIndex
+CREATE INDEX "Service_spamAt_idx" ON "Service"("spamAt");
+
+-- CreateIndex
+CREATE INDEX "Service_serviceVisibility_idx" ON "Service"("serviceVisibility");

web/prisma/migrations/20250615123257_remove_user_agent/migration.sql

@@ -0,0 +1,8 @@
+/*
+  Warnings:
+
+  - You are about to drop the column `userAgent` on the `PushSubscription` table. All the data in the column will be lost.
+
+*/
+-- AlterTable
+ALTER TABLE "PushSubscription" DROP COLUMN "userAgent";

web/prisma/migrations/20250618081020_add_operating_since/migration.sql

@@ -0,0 +1,2 @@
+-- AlterTable
+ALTER TABLE "Service" ADD COLUMN     "operatingSince" TIMESTAMP(3);

web/prisma/migrations/20250701075534_operating_since_date_only/migration.sql

@@ -0,0 +1,2 @@
+-- AlterTable
+ALTER TABLE "Service" ALTER COLUMN "operatingSince" SET DATA TYPE DATE;

web/prisma/migrations/20250701091334_delete_inactive_users/migration.sql

@@ -0,0 +1,15 @@
+-- AlterEnum
+-- This migration adds more than one value to an enum.
+-- With PostgreSQL versions 11 and earlier, this is not possible
+-- in a single migration. This can be worked around by creating
+-- multiple migrations, each migration adding only one value to
+-- the enum.
+
+
+ALTER TYPE "NotificationType" ADD VALUE 'ACCOUNT_DELETION_WARNING_30_DAYS';
+ALTER TYPE "NotificationType" ADD VALUE 'ACCOUNT_DELETION_WARNING_15_DAYS';
+ALTER TYPE "NotificationType" ADD VALUE 'ACCOUNT_DELETION_WARNING_5_DAYS';
+ALTER TYPE "NotificationType" ADD VALUE 'ACCOUNT_DELETION_WARNING_1_DAY';
+
+-- AlterTable
+ALTER TABLE "User" ADD COLUMN     "scheduledDeletionAt" DATE;

web/prisma/migrations/20250702094135_plural_category_names/migration.sql

@@ -0,0 +1,2 @@
+-- AlterTable
+ALTER TABLE "Category" ADD COLUMN     "namePluralLong" TEXT;

web/prisma/migrations/20250706140819_strict_commenting_enabled/migration.sql

@@ -0,0 +1,2 @@
+-- AlterTable
+ALTER TABLE "Service" ADD COLUMN     "strictCommentingEnabled" BOOLEAN NOT NULL DEFAULT false;

web/prisma/migrations/20250706180118_add_comment_section_message/migration.sql

@@ -0,0 +1,2 @@
+-- AlterTable
+ALTER TABLE "Service" ADD COLUMN     "commentSectionMessage" TEXT;

web/prisma/migrations/20250723070746_add_registered_country/migration.sql

@@ -0,0 +1,2 @@
+-- AlterTable
+ALTER TABLE "Service" ADD COLUMN     "registrationCountryCode" VARCHAR(2);

web/prisma/migrations/20250723073720_add_company_name_field/migration.sql

@@ -0,0 +1,2 @@
+-- AlterTable
+ALTER TABLE "Service" ADD COLUMN     "registeredCompanyName" TEXT;

web/prisma/schema.prisma

@@ -25,6 +25,7 @@ enum OrderIdStatus {
   PENDING
   APPROVED
   REJECTED
+  WITHDRAWN
 }
 
 model Comment {
@@ -128,11 +129,13 @@ enum AccountStatusChange {
 }
 
 enum NotificationType {
+  TEST
   COMMENT_STATUS_CHANGE
   REPLY_COMMENT_CREATED
   COMMUNITY_NOTE_ADDED
   /// Comment that is not a reply. May include a rating.
   ROOT_COMMENT_CREATED
+  SUGGESTION_CREATED
   SUGGESTION_MESSAGE
   SUGGESTION_STATUS_CHANGE
   // KARMA_UNLOCK // TODO: [KARMA_UNLOCK] Will be added later, when karma unloks are in the database, not in the code.
@@ -141,6 +144,10 @@ enum NotificationType {
   ACCOUNT_STATUS_CHANGE
   EVENT_CREATED
   SERVICE_VERIFICATION_STATUS_CHANGE
+  ACCOUNT_DELETION_WARNING_30_DAYS
+  ACCOUNT_DELETION_WARNING_15_DAYS
+  ACCOUNT_DELETION_WARNING_5_DAYS
+  ACCOUNT_DELETION_WARNING_1_DAY
 }
 
 enum CommentStatusChange {
@@ -338,62 +345,78 @@ model ServiceSuggestionMessage {
 }
 
 model Service {
-  id                     Int                          @id @default(autoincrement())
+  id                      Int                          @id @default(autoincrement())
-  name                   String
+  name                    String
-  slug                   String                       @unique
+  slug                    String                       @unique
-  previousSlugs          String[]                     @default([])
+  previousSlugs           String[]                     @default([])
-  description            String
+  description             String
-  categories             Category[]                   @relation("ServiceToCategory")
+  categories              Category[]                   @relation("ServiceToCategory")
-  kycLevel               Int                          @default(4)
+  kycLevel                Int                          @default(4)
-  kycLevelClarification  KycLevelClarification?
+  kycLevelClarification   KycLevelClarification        @default(NONE)
-  overallScore           Int                          @default(0)
+  /// Date only, no time.
-  privacyScore           Int                          @default(0)
+  operatingSince          DateTime?                    @db.Date
-  trustScore             Int                          @default(0)
+  overallScore            Int                          @default(0)
+  privacyScore            Int                          @default(0)
+  trustScore              Int                          @default(0)
   /// Computed via trigger. Do not update through prisma.
-  isRecentlyListed       Boolean                      @default(false)
+  averageUserRating       Float?
-  /// Computed via trigger. Do not update through prisma.
+  serviceVisibility       ServiceVisibility            @default(PUBLIC)
-  averageUserRating      Float?
+  serviceInfoBanner       ServiceInfoBanner            @default(NONE)
-  serviceVisibility      ServiceVisibility            @default(PUBLIC)
+  serviceInfoBannerNotes  String?
-  serviceInfoBanner      ServiceInfoBanner            @default(NONE)
+  verificationStatus      VerificationStatus           @default(COMMUNITY_CONTRIBUTED)
-  serviceInfoBannerNotes String?
+  verificationSummary     String?
-  verificationStatus     VerificationStatus           @default(COMMUNITY_CONTRIBUTED)
+  verificationRequests    ServiceVerificationRequest[]
-  verificationSummary    String?
+  verificationProofMd     String?
-  verificationRequests   ServiceVerificationRequest[]
-  verificationProofMd    String?
-  /// Computed via trigger when the service status is VERIFICATION_SUCCESS. Do not update through prisma.
-  verifiedAt             DateTime?
   /// [UserSentiment]
-  userSentiment          Json?
+  userSentiment           Json?
-  userSentimentAt        DateTime?
+  userSentimentAt         DateTime?
-  referral               String?
+  referral                String?
-  acceptedCurrencies     Currency[]                   @default([])
+  acceptedCurrencies      Currency[]                   @default([])
-  serviceUrls            String[]
+  serviceUrls             String[]
-  tosUrls                String[]                     @default([])
+  tosUrls                 String[]                     @default([])
-  onionUrls              String[]                     @default([])
+  onionUrls               String[]                     @default([])
-  i2pUrls                String[]                     @default([])
+  i2pUrls                 String[]                     @default([])
-  imageUrl               String?
+  imageUrl                String?
+  /// ISO 3166-1 alpha-2 country code where the service company is registered
+  registrationCountryCode String?                      @db.VarChar(2)
+  /// Official name of the registered company
+  registeredCompanyName   String?
   /// [TosReview]
-  tosReview              Json?
+  tosReview               Json?
-  tosReviewAt            DateTime?
+  tosReviewAt             DateTime?
-  createdAt              DateTime                     @default(now())
+  createdAt               DateTime                     @default(now())
-  updatedAt              DateTime                     @default(now()) @updatedAt
+  updatedAt               DateTime                     @default(now()) @updatedAt
-  listedAt               DateTime?
+  /// Computed via trigger when the visibility is PUBLIC or (ARCHIVED and listedAt was null). Do not update through prisma.
-  comments               Comment[]
+  listedAt                DateTime?
-  events                 Event[]
+  /// Computed via trigger when the verification status is APPROVED. Do not update through prisma.
-  contactMethods         ServiceContactMethod[]       @relation("ServiceToContactMethod")
+  approvedAt              DateTime?
-  attributes             ServiceAttribute[]
+  /// Computed via trigger when the verification status is VERIFICATION_SUCCESS. Do not update through prisma.
-  verificationSteps      VerificationStep[]
+  verifiedAt              DateTime?
-  suggestions            ServiceSuggestion[]
+  /// Computed via trigger when the verification status is VERIFICATION_FAILED. Do not update through prisma.
-  internalNotes          InternalServiceNote[]        @relation("ServiceRecievedNotes")
+  spamAt                  DateTime?
+  /// Computed via trigger. Do not update through prisma.
+  isRecentlyApproved      Boolean                      @default(false)
+  comments                Comment[]
+  events                  Event[]
+  contactMethods          ServiceContactMethod[]       @relation("ServiceToContactMethod")
+  attributes              ServiceAttribute[]
+  verificationSteps       VerificationStep[]
+  suggestions             ServiceSuggestion[]
+  internalNotes           InternalServiceNote[]        @relation("ServiceRecievedNotes")
 
   onEventCreatedForServices       NotificationPreferences[] @relation("onEventCreatedForServices")
   onRootCommentCreatedForServices NotificationPreferences[] @relation("onRootCommentCreatedForServices")
   onVerificationChangeForServices NotificationPreferences[] @relation("onVerificationChangeForServices")
   Notification                    Notification[]
   affiliatedUsers                 ServiceUser[]             @relation("ServiceUsers")
-  kycLevelDetailsId               Int?
+
+  strictCommentingEnabled Boolean @default(false)
+  commentSectionMessage   String?
 
   @@index([listedAt])
+  @@index([approvedAt])
+  @@index([verifiedAt])
+  @@index([spamAt])
   @@index([overallScore])
   @@index([privacyScore])
   @@index([trustScore])
@@ -405,6 +428,7 @@ model Service {
   @@index([updatedAt])
   @@index([slug])
   @@index([previousSlugs])
+  @@index([serviceVisibility])
 }
 
 model ServiceContactMethod {
@@ -485,19 +509,22 @@ model InternalServiceNote {
 }
 
 model User {
-  id              Int     @id @default(autoincrement())
+  id                  Int       @id @default(autoincrement())
-  name            String  @unique
+  name                String    @unique
-  displayName     String?
+  displayName         String?
-  link            String?
+  link                String?
-  picture         String?
+  picture             String?
-  spammer         Boolean @default(false)
+  spammer             Boolean   @default(false)
-  verified        Boolean @default(false)
+  verified            Boolean   @default(false)
-  admin           Boolean @default(false)
+  admin               Boolean   @default(false)
-  moderator       Boolean @default(false)
+  moderator           Boolean   @default(false)
-  verifiedLink    String?
+  verifiedLink        String?
-  secretTokenHash String  @unique
+  secretTokenHash     String    @unique
+  feedId              String    @unique @default(cuid(2))
   /// Computed via trigger. Do not update through prisma.
-  totalKarma      Int     @default(0)
+  totalKarma          Int       @default(0)
+  /// Date when user is scheduled for deletion due to inactivity
+  scheduledDeletionAt DateTime? @db.Date
 
   createdAt                DateTime                     @default(now())
   updatedAt                DateTime                     @default(now()) @updatedAt
@@ -575,6 +602,7 @@ enum VerificationStepStatus {
   IN_PROGRESS
   PASSED
   FAILED
+  WARNING
 }
 
 model VerificationStep {
@@ -594,10 +622,11 @@ model VerificationStep {
 }
 
 model Category {
-  id   Int    @id @default(autoincrement())
+  id             Int     @id @default(autoincrement())
-  name String @unique
+  name           String  @unique
-  icon String
+  namePluralLong String?
-  slug String @unique
+  icon           String
+  slug           String  @unique
 
   createdAt DateTime  @default(now())
   updatedAt DateTime  @default(now()) @updatedAt
@@ -674,8 +703,6 @@ model PushSubscription {
   p256dh    String
   /// Authentication secret
   auth      String
-  /// To identify different devices
-  userAgent String?
   createdAt DateTime @default(now())
   updatedAt DateTime @updatedAt
 

web/prisma/seed.ts

@@ -13,19 +13,22 @@ import {
   PrismaClient,
   ServiceSuggestionStatus,
   ServiceUserRole,
-  VerificationStatus,
   type Prisma,
   type User,
   type ServiceVisibility,
   ServiceSuggestionType,
   KycLevelClarification,
+  VerificationStepStatus,
+  type VerificationStatus,
 } from '@prisma/client'
+import { differenceInDays, isPast } from 'date-fns'
 import { omit, uniqBy } from 'lodash-es'
 import { generateUsername } from 'unique-username-generator'
 
 import { kycLevels } from '../src/constants/kycLevels'
 import { undefinedIfEmpty } from '../src/lib/arrays'
 import { transformCase } from '../src/lib/strings'
+import { countries } from '../src/constants/countries'
 
 // Exit if not in development mode
 if (process.env.NODE_ENV === 'production') {
@@ -139,81 +142,97 @@ const generateFakeAttribute = () => {
 const categoriesToCreate = [
   {
     name: 'Exchange',
+    namePluralLong: 'Exchanges',
     slug: 'exchange',
     icon: 'ri:arrow-left-right-fill',
   },
   {
     name: 'VPN',
+    namePluralLong: 'VPNs',
     slug: 'vpn',
     icon: 'ri:door-lock-fill',
   },
   {
     name: 'Email',
+    namePluralLong: 'Email providers',
     slug: 'email',
     icon: 'ri:mail-fill',
   },
   {
     name: 'Hosting',
+    namePluralLong: 'Hostings',
     slug: 'hosting',
     icon: 'ri:server-fill',
   },
   {
     name: 'VPS',
+    namePluralLong: 'VPS providers',
     slug: 'vps',
     icon: 'ri:function-add-fill',
   },
   {
     name: 'Gift Cards',
+    namePluralLong: 'Gift cards',
     slug: 'gift-cards',
     icon: 'ri:gift-line',
   },
   {
     name: 'Goods',
+    namePluralLong: 'Goods providers',
     slug: 'goods',
     icon: 'ri:shopping-basket-fill',
   },
   {
     name: 'Travel',
+    namePluralLong: 'Travel services',
     slug: 'travel',
     icon: 'ri:plane-fill',
   },
   {
     name: 'SMS',
+    namePluralLong: 'SMS providers',
     slug: 'sms',
     icon: 'ri:message-2-fill',
   },
   {
     name: 'Store',
+    namePluralLong: 'Stores',
     slug: 'store',
     icon: 'ri:store-2-line',
   },
   {
     name: 'Tool',
+    namePluralLong: 'Tools',
     slug: 'tool',
     icon: 'ri:tools-fill',
   },
   {
     name: 'Market',
+    namePluralLong: 'Markets',
     slug: 'market',
     icon: 'ri:price-tag-3-line',
   },
   {
     name: 'Aggregator',
+    namePluralLong: 'Aggregators',
     slug: 'aggregator',
     icon: 'ri:list-ordered',
   },
   {
     name: 'AI',
+    namePluralLong: 'AI services',
     slug: 'ai',
     icon: 'ri:ai-generate-2',
   },
   {
     name: 'CEX',
+    namePluralLong: 'CEXs',
     slug: 'cex',
     icon: 'ri:rotate-lock-fill',
   },
   {
     name: 'DEX',
+    namePluralLong: 'DEXs',
     slug: 'dex',
     icon: 'ri:fediverse-line',
   },
@@ -610,6 +629,18 @@ const generateFakeService = (users: User[]) => {
   const name = faker.helpers.arrayElement(serviceNames)
   const slug = `${faker.helpers.slugify(name).toLowerCase()}-${faker.string.alphanumeric({ length: 6, casing: 'lower' })}`
 
+  const tosReview = faker.helpers.maybe(() => faker.helpers.arrayElement(tosReviewExamples), {
+    probability: 0.8,
+  })
+  const serviceVisibility = faker.helpers.weightedArrayElement<ServiceVisibility>([
+    { weight: 80, value: 'PUBLIC' },
+    { weight: 10, value: 'UNLISTED' },
+    { weight: 5, value: 'HIDDEN' },
+    { weight: 5, value: 'ARCHIVED' },
+  ])
+  const approvedAt =
+    status === 'APPROVED' || status === 'VERIFICATION_SUCCESS' ? faker.date.recent({ days: 30 }) : null
+
   return {
     name,
     slug,
@@ -624,12 +655,7 @@ const generateFakeService = (users: User[]) => {
     overallScore: 0,
     privacyScore: 0,
     trustScore: 0,
-    serviceVisibility: faker.helpers.weightedArrayElement<ServiceVisibility>([
+    serviceVisibility,
-      { weight: 80, value: 'PUBLIC' },
-      { weight: 10, value: 'UNLISTED' },
-      { weight: 5, value: 'HIDDEN' },
-      { weight: 5, value: 'ARCHIVED' },
-    ]),
     verificationStatus: status,
     verificationSummary:
       status === 'VERIFICATION_SUCCESS' || status === 'VERIFICATION_FAILED' ? faker.lorem.paragraph() : null,
@@ -643,6 +669,19 @@ const generateFakeService = (users: User[]) => {
     },
     verificationProofMd:
       status === 'VERIFICATION_SUCCESS' || status === 'VERIFICATION_FAILED' ? faker.lorem.paragraphs() : null,
+    verificationSteps:
+      (status === 'VERIFICATION_SUCCESS' || status === 'VERIFICATION_FAILED') && faker.datatype.boolean(0.75)
+        ? {
+            create: Array.from({ length: faker.number.int({ min: 1, max: 5 }) }, () => ({
+              title: faker.lorem.sentence(),
+              description: faker.lorem.paragraph(),
+              status: faker.helpers.arrayElement(Object.values(VerificationStepStatus)),
+              evidenceMd: faker.lorem.paragraph(),
+              createdAt: faker.date.recent(),
+              updatedAt: faker.date.recent(),
+            })),
+          }
+        : undefined,
     referral: faker.helpers.arrayElement([
       `?ref=${faker.string.alphanumeric(6)}`,
       `/ref/${faker.string.alphanumeric(6)}`,
@@ -659,10 +698,24 @@ const generateFakeService = (users: User[]) => {
       { count: { min: 0, max: 2 } }
     ),
     imageUrl: `https://ui-avatars.com/api/?name=${encodeURIComponent(name)}&background=random&format=svg`,
-    listedAt: faker.date.past(),
+    registrationCountryCode: faker.helpers.maybe(() => faker.helpers.arrayElement(countries).code, {
-    verifiedAt: status === VerificationStatus.VERIFICATION_SUCCESS ? faker.date.past() : null,
+      probability: 0.7,
-    tosReview: faker.helpers.arrayElement(tosReviewExamples),
+    }),
-    tosReviewAt: faker.date.past(),
+    registeredCompanyName: faker.helpers.maybe(() => faker.company.name(), {
+      probability: 0.6,
+    }),
+    listedAt:
+      serviceVisibility === 'PUBLIC' || serviceVisibility === 'ARCHIVED'
+        ? faker.date.recent({ days: 30 })
+        : null,
+    verifiedAt: status === 'VERIFICATION_SUCCESS' ? faker.date.recent({ days: 30 }) : null,
+    spamAt: status === 'VERIFICATION_FAILED' ? faker.date.recent({ days: 30 }) : null,
+    approvedAt,
+    isRecentlyApproved: !!approvedAt && isPast(approvedAt) && differenceInDays(new Date(), approvedAt) < 15,
+    tosReview,
+    tosReviewAt: tosReview
+      ? faker.date.recent()
+      : faker.helpers.maybe(() => faker.date.recent(), { probability: 0.5 }),
     userSentiment: faker.helpers.maybe(() => generateFakeUserSentiment(), { probability: 0.8 }),
     userSentimentAt: faker.date.recent(),
     internalNotes: faker.helpers.maybe(
@@ -674,6 +727,8 @@ const generateFakeService = (users: User[]) => {
       }),
       { probability: 0.33 }
     ),
+    strictCommentingEnabled: faker.datatype.boolean(0.33333),
+    commentSectionMessage: faker.helpers.maybe(() => faker.lorem.paragraph(), { probability: 0.3 }),
   } as const satisfies Prisma.ServiceCreateInput
 }
 
@@ -888,7 +943,7 @@ const generateFakeServiceContactMethod = (serviceId: number) => {
       value: `https://linkedin.com/in/${faker.helpers.slugify(faker.person.fullName())}`,
     },
     {
-      label: faker.lorem.word({ length: 2 }),
+      label: 'Custom label',
       value: `https://bitcointalk.org/index.php?topic=${faker.number.int({ min: 1, max: 1000000 }).toString()}.0`,
     },
     {
@@ -898,7 +953,7 @@ const generateFakeServiceContactMethod = (serviceId: number) => {
       value: faker.internet.url(),
     },
     {
-      label: faker.lorem.word({ length: 2 }),
+      label: 'Custom label',
       value: faker.internet.url(),
     },
     {
@@ -1123,7 +1178,7 @@ async function main() {
   }
 
   let users = await Promise.all(
-    Array.from({ length: 10 }, async () => {
+    Array.from({ length: 570 }, async () => {
       const { user } = await createAccount()
       return user
     })
@@ -1287,7 +1342,7 @@ async function main() {
     const service = await prisma.service.create({
       data: {
         ...serviceData,
-        verificationStatus: VerificationStatus.COMMUNITY_CONTRIBUTED,
+        verificationStatus: 'COMMUNITY_CONTRIBUTED',
         categories: {
           connect: randomCategories.map((cat) => ({ id: cat.id })),
         },

web/prisma/triggers/01_karma_tx.sql

@@ -65,18 +65,36 @@ CREATE OR REPLACE FUNCTION handle_comment_approval(
     NEW RECORD,
     OLD RECORD
 ) RETURNS VOID AS $$
+DECLARE
+    is_user_related_to_service BOOLEAN;
+    is_user_admin_or_moderator BOOLEAN;
 BEGIN
     IF OLD.status = 'PENDING' AND NEW.status = 'APPROVED' THEN
-        PERFORM insert_karma_transaction(
+        -- Check if the user is related to the service (e.g., owns/manages it)
-            NEW."authorId",
+        SELECT EXISTS(
-            1,
+            SELECT 1 FROM "ServiceUser" 
-            'COMMENT_APPROVED',
+            WHERE "userId" = NEW."authorId" AND "serviceId" = NEW."serviceId"
-            NEW.id,
+        ) INTO is_user_related_to_service;
-            format('Your comment #comment-%s in %s has been approved!', 
+        
-                NEW.id, 
+        -- Check if the user is an admin or moderator
-                (SELECT name FROM "Service" WHERE id = NEW."serviceId"))
+        SELECT (admin = true OR moderator = true)
-        );
+        FROM "User"
-        PERFORM update_user_karma(NEW."authorId", 1);
+        WHERE id = NEW."authorId"
+        INTO is_user_admin_or_moderator;
+        
+        -- Only award karma if the user is NOT related to the service AND is NOT an admin/moderator
+        IF NOT is_user_related_to_service AND NOT COALESCE(is_user_admin_or_moderator, false) THEN
+            PERFORM insert_karma_transaction(
+                NEW."authorId",
+                1,
+                'COMMENT_APPROVED',
+                NEW.id,
+                format('Your comment #comment-%s in %s has been approved!', 
+                    NEW.id, 
+                    (SELECT name FROM "Service" WHERE id = NEW."serviceId"))
+            );
+            PERFORM update_user_karma(NEW."authorId", 1);
+        END IF;
     END IF;
 END;
 $$ LANGUAGE plpgsql;
@@ -86,18 +104,29 @@ CREATE OR REPLACE FUNCTION handle_comment_verification(
     NEW RECORD,
     OLD RECORD
 ) RETURNS VOID AS $$
+DECLARE
+    is_user_admin_or_moderator BOOLEAN;
 BEGIN
     IF NEW.status = 'VERIFIED' AND OLD.status != 'VERIFIED' THEN
-        PERFORM insert_karma_transaction(
+        -- Check if the comment author is an admin or moderator
-            NEW."authorId",
+        SELECT (admin = true OR moderator = true)
-            5,
+        FROM "User"
-            'COMMENT_VERIFIED',
+        WHERE id = NEW."authorId"
-            NEW.id,
+        INTO is_user_admin_or_moderator;
-            format('Your comment #comment-%s in %s has been verified!', 
+
-                NEW.id, 
+        -- Only award karma if the user is NOT an admin/moderator
-                (SELECT name FROM "Service" WHERE id = NEW."serviceId"))
+        IF NOT COALESCE(is_user_admin_or_moderator, false) THEN
-        );
+            PERFORM insert_karma_transaction(
-        PERFORM update_user_karma(NEW."authorId", 5);
+                NEW."authorId",
+                5,
+                'COMMENT_VERIFIED',
+                NEW.id,
+                format('Your comment #comment-%s in %s has been verified!', 
+                    NEW.id, 
+                    (SELECT name FROM "Service" WHERE id = NEW."serviceId"))
+            );
+            PERFORM update_user_karma(NEW."authorId", 5);
+        END IF;
     END IF;
 END;
 $$ LANGUAGE plpgsql;
@@ -146,12 +175,19 @@ DECLARE
     comment_author_id INT;
     service_name TEXT;
     upvote_change INT := 0; -- Variable to track change in upvotes
+    is_author_admin_or_moderator BOOLEAN;
 BEGIN
     -- Get comment author and service info
     SELECT c."authorId", s.name INTO comment_author_id, service_name
     FROM "Comment" c
     JOIN "Service" s ON c.id = COALESCE(NEW."commentId", OLD."commentId") AND c."serviceId" = s.id;
 
+    -- Check if the comment author is an admin or moderator
+    SELECT (admin = true OR moderator = true)
+    FROM "User"
+    WHERE id = comment_author_id
+    INTO is_author_admin_or_moderator;
+
     -- Calculate karma impact based on vote type
     IF TG_OP = 'INSERT' THEN
         -- New vote
@@ -181,16 +217,19 @@ BEGIN
         upvote_change := CASE WHEN NEW.downvote THEN -2 ELSE 2 END; -- -2 if upvote->downvote, +2 if downvote->upvote
     END IF;
 
-    -- Record karma transaction and update user karma
+    -- Only award karma if the author is NOT an admin/moderator
-    PERFORM insert_karma_transaction(
+    IF NOT COALESCE(is_author_admin_or_moderator, false) THEN
-        comment_author_id,
+        -- Record karma transaction and update user karma
-        karma_points,
+        PERFORM insert_karma_transaction(
-        vote_action,
+            comment_author_id,
-        COALESCE(NEW."commentId", OLD."commentId"),
+            karma_points,
-        vote_description
+            vote_action,
-    );
+            COALESCE(NEW."commentId", OLD."commentId"),
-    
+            vote_description
-    PERFORM update_user_karma(comment_author_id, karma_points);
+        );
+        
+        PERFORM update_user_karma(comment_author_id, karma_points);
+    END IF;
     
     -- Update comment's upvotes count incrementally
     UPDATE "Comment"
@@ -236,26 +275,40 @@ CREATE OR REPLACE FUNCTION handle_suggestion_status_change()
 RETURNS TRIGGER AS $$
 DECLARE
     service_name TEXT;
+    service_visibility "ServiceVisibility";
+    is_user_admin_or_moderator BOOLEAN;
 BEGIN
     -- Award karma for first approval
     -- Check that OLD.status is not NULL to handle the initial creation case if needed,
     -- and ensure it wasn't already APPROVED.
     IF OLD.status IS DISTINCT FROM 'APPROVED' AND NEW.status = 'APPROVED' THEN
-        -- Fetch service name for the description
+        -- Fetch service details for the description
-        SELECT name INTO service_name FROM "Service" WHERE id = NEW."serviceId";
+        SELECT name, "serviceVisibility" INTO service_name, service_visibility FROM "Service" WHERE id = NEW."serviceId";
+        
+        -- Only award karma if the service is public
+        IF service_visibility = 'PUBLIC' THEN
+            -- Check if the user is an admin or moderator
+            SELECT (admin = true OR moderator = true)
+            FROM "User"
+            WHERE id = NEW."userId"
+            INTO is_user_admin_or_moderator;
+            
+            -- Only award karma if the user is NOT an admin/moderator
+            IF NOT COALESCE(is_user_admin_or_moderator, false) THEN
+                -- Insert karma transaction, linking it to the suggestion
+                PERFORM insert_karma_transaction(
+                    NEW."userId",
+                    10,
+                    'SUGGESTION_APPROVED',
+                    NULL, -- p_comment_id (not applicable)
+                    format('Your suggestion for service ''%s'' has been approved!', service_name),
+                    NEW.id -- p_suggestion_id
+                );
 
-        -- Insert karma transaction, linking it to the suggestion
+                -- Update user's total karma
-        PERFORM insert_karma_transaction(
+                PERFORM update_user_karma(NEW."userId", 10);
-            NEW."userId",
+            END IF;
-            10,
+        END IF;
-            'SUGGESTION_APPROVED',
-            NULL, -- p_comment_id (not applicable)
-            format('Your suggestion for service ''%s'' has been approved!', service_name),
-            NEW.id -- p_suggestion_id
-        );
-
-        -- Update user's total karma
-        PERFORM update_user_karma(NEW."userId", 10);
     END IF;
 
     RETURN NEW; -- Result is ignored since this is an AFTER trigger

web/prisma/triggers/02_service_score.sql

@@ -1,7 +1,7 @@
 -- This script defines PostgreSQL functions and triggers for managing service scores:
 -- 1. Automatically calculates and updates privacy, trust, and overall scores 
 --    for services when services or their attributes change.
--- 2. Updates the isRecentlyListed flag for services listed within the last 15 days.
+-- 2. Updates the isRecentlyApproved flag for services approved within the last 15 days.
 -- 3. Queues asynchronous score recalculation in "ServiceScoreRecalculationJob" 
 --    when an "Attribute" definition (e.g., points) is updated, ensuring 
 --    efficient handling of widespread score updates.
@@ -22,14 +22,11 @@ DROP FUNCTION IF EXISTS recalculate_scores_for_attribute();
 CREATE OR REPLACE FUNCTION calculate_privacy_score(service_id INT) 
 RETURNS INT AS $$
 DECLARE
-    privacy_score INT := 50; -- Start from middle value (50)
+    privacy_score INT := 0;
     kyc_factor INT;
-    onion_factor INT := 0;
+    clarification_factor INT := 0;
-    i2p_factor INT := 0;
+    onion_or_i2p_factor INT := 0;
     monero_factor INT := 0;
-    open_source_factor INT := 0;
-    p2p_factor INT := 0;
-    decentralized_factor INT := 0;
     attributes_score INT := 0;
 BEGIN
     -- Get service data
@@ -46,20 +43,22 @@ BEGIN
     FROM "Service" 
     WHERE "id" = service_id;
     
-    -- Check for onion URLs
+    -- Adjust score based on KYC level clarification modifiers
-    IF EXISTS (
+    SELECT 
-        SELECT 1 FROM "Service" 
+        CASE 
-        WHERE "id" = service_id AND array_length("onionUrls", 1) > 0
+            WHEN "kycLevelClarification" = 'DEPENDS_ON_PARTNERS' THEN -5
-    ) THEN
+            ELSE 0 -- Default modifier when no clarification or unrecognized value
-        onion_factor := 5;
+        END
-    END IF;
+    INTO clarification_factor
+    FROM "Service"
+    WHERE "id" = service_id;
     
-    -- Check for i2p URLs
+    -- Check for onion or i2p URLs
     IF EXISTS (
         SELECT 1 FROM "Service" 
-        WHERE "id" = service_id AND array_length("i2pUrls", 1) > 0
+        WHERE "id" = service_id AND (array_length("onionUrls", 1) > 0 OR array_length("i2pUrls", 1) > 0)
     ) THEN
-        i2p_factor := 5;
+        onion_or_i2p_factor := 5;
     END IF;
     
     -- Check for Monero acceptance
@@ -75,10 +74,10 @@ BEGIN
     INTO attributes_score
     FROM "ServiceAttribute" sa
     JOIN "Attribute" a ON sa."attributeId" = a."id"
-    WHERE sa."serviceId" = service_id AND a."category" = 'PRIVACY';
+    WHERE sa."serviceId" = service_id;
     
     -- Calculate final privacy score (base 100)
-    privacy_score := privacy_score + kyc_factor + onion_factor + i2p_factor + monero_factor + open_source_factor + p2p_factor + decentralized_factor + attributes_score;
+    privacy_score := 50 + kyc_factor + clarification_factor + onion_or_i2p_factor + monero_factor + attributes_score;
     
     -- Ensure the score is in reasonable bounds (0-100)
     privacy_score := GREATEST(0, LEAST(100, privacy_score));
@@ -91,9 +90,13 @@ $$ LANGUAGE plpgsql;
 CREATE OR REPLACE FUNCTION calculate_trust_score(service_id INT) 
 RETURNS INT AS $$
 DECLARE
-    trust_score INT := 50; -- Start from middle value (50)
+    trust_score INT := 0;
     verification_factor INT;
     attributes_score INT := 0;
+    recently_approved_factor INT := 0;
+    tos_penalty_factor INT := 0;
+    operating_since_factor INT := 0;
+    legally_registered_factor INT := 0;
 BEGIN
     -- Get verification status factor
     SELECT 
@@ -113,32 +116,63 @@ BEGIN
     INTO attributes_score
     FROM "ServiceAttribute" sa
     JOIN "Attribute" a ON sa."attributeId" = a.id
-    WHERE sa."serviceId" = service_id AND a.category = 'TRUST';
+    WHERE sa."serviceId" = service_id;
 
-    -- Apply penalty if service was listed within the last 15 days
+    -- Apply penalty if service was approved within the last 15 days
     IF EXISTS (
         SELECT 1
         FROM "Service"
         WHERE id = service_id 
-        AND "listedAt" IS NOT NULL 
+        AND "approvedAt" IS NOT NULL 
         AND "verificationStatus" = 'APPROVED'
-        AND (NOW() - "listedAt") <= INTERVAL '15 days'
+        AND (NOW() - "approvedAt") <= INTERVAL '15 days'
     ) THEN
-        trust_score := trust_score - 10;
+        recently_approved_factor := -10;
-        -- Update the isRecentlyListed flag to true
+        -- Update the isRecentlyApproved flag to true
         UPDATE "Service"
-        SET "isRecentlyListed" = TRUE
+        SET "isRecentlyApproved" = TRUE
         WHERE id = service_id;
     ELSE
-        -- Update the isRecentlyListed flag to false
+        -- Update the isRecentlyApproved flag to false
         UPDATE "Service"
-        SET "isRecentlyListed" = FALSE
+        SET "isRecentlyApproved" = FALSE
         WHERE id = service_id;
     END IF;
+
+    -- Apply penalty if ToS cannot be analyzed
+    IF EXISTS (
+        SELECT 1
+        FROM "Service"
+        WHERE id = service_id 
+        AND "tosReviewAt" IS NOT NULL 
+        AND "tosReview" IS NULL
+    ) THEN
+        tos_penalty_factor := -3;
+    END IF;
     
+    -- Determine trust adjustment based on operatingSince
+    SELECT
+        CASE
+            WHEN "operatingSince" IS NULL THEN 0
+            WHEN AGE(NOW(), "operatingSince") < INTERVAL '1 year' THEN -4   -- New service penalty
+            WHEN AGE(NOW(), "operatingSince") >= INTERVAL '2 years' THEN 5   -- Mature service bonus
+            ELSE 0
+        END
+    INTO operating_since_factor
+    FROM "Service"
+    WHERE id = service_id;
+    
+    -- Check for legal registration (country code or company name)
+    IF EXISTS (
+        SELECT 1 FROM "Service" 
+        WHERE id = service_id AND ("registrationCountryCode" IS NOT NULL OR "registeredCompanyName" IS NOT NULL)
+    ) THEN
+        legally_registered_factor := 2;
+    END IF;
+
     -- Calculate final trust score (base 100)
-    trust_score := trust_score + verification_factor + attributes_score;
+    trust_score := 50 + verification_factor + attributes_score + recently_approved_factor + tos_penalty_factor + operating_since_factor + legally_registered_factor;
-    
+
     -- Ensure the score is in reasonable bounds (0-100)
     trust_score := GREATEST(0, LEAST(100, trust_score));
     
@@ -152,7 +186,7 @@ RETURNS INT AS $$
 DECLARE
     overall_score INT;
 BEGIN
-    overall_score := CAST(ROUND(((privacy_score * 0.6) + (trust_score * 0.4)) / 10.0) AS INT);
+    overall_score := CAST(((privacy_score * 0.6) + (trust_score * 0.4)) / 10.0 AS INT);
     RETURN GREATEST(0, LEAST(10, overall_score));
 END;
 $$ LANGUAGE plpgsql;

web/prisma/triggers/04_service_verification_status.sql

@@ -1,48 +1,60 @@
--- This script manages the  `listedAt`, `verifiedAt`, and `isRecentlyListed` timestamps 
+CREATE OR REPLACE FUNCTION manage_service_visibility_timestamps()
--- for services based on changes to their `verificationStatus`. It ensures these timestamps 
--- are set or cleared appropriately when a service's verification status is updated.
-
-CREATE OR REPLACE FUNCTION manage_service_timestamps()
 RETURNS TRIGGER AS $$
 BEGIN
-  -- Manage listedAt timestamp
+  IF NEW."serviceVisibility" = 'PUBLIC' OR NEW."serviceVisibility" = 'ARCHIVED' THEN
-  IF NEW."verificationStatus" IN ('APPROVED', 'VERIFICATION_SUCCESS') THEN
-    -- Set listedAt only on the first time status becomes APPROVED or VERIFICATION_SUCCESS
     IF OLD."listedAt" IS NULL THEN
       NEW."listedAt" := NOW();
-      NEW."isRecentlyListed" := TRUE;
     END IF;
-  ELSIF OLD."verificationStatus" IN ('APPROVED', 'VERIFICATION_SUCCESS') THEN
+  ELSE
-    -- Clear listedAt if the status changes FROM APPROVED or VERIFICATION_SUCCESS to something else
-    -- The trigger's WHEN clause ensures NEW."verificationStatus" is different.
     NEW."listedAt" := NULL;
-    NEW."isRecentlyListed" := FALSE;
-  END IF;
-
-  -- Manage verifiedAt timestamp
-  IF NEW."verificationStatus" = 'VERIFICATION_SUCCESS' THEN
-    -- Set verifiedAt when status changes TO VERIFICATION_SUCCESS
-    NEW."verifiedAt" := NOW();
-    NEW."isRecentlyListed" := FALSE;
-  ELSIF OLD."verificationStatus" = 'VERIFICATION_SUCCESS' THEN
-    -- Clear verifiedAt when status changes FROM VERIFICATION_SUCCESS
-    -- The trigger's WHEN clause ensures NEW."verificationStatus" is different.
-    NEW."verifiedAt" := NULL;
-    NEW."isRecentlyListed" := FALSE;
   END IF;
 
   RETURN NEW;
 END;
 $$ LANGUAGE plpgsql;
 
--- Drop the old trigger first if it exists under the old name
+CREATE OR REPLACE FUNCTION manage_service_verification_timestamps()
+RETURNS TRIGGER AS $$
+BEGIN
+  IF (NEW."verificationStatus" = 'APPROVED' OR NEW."verificationStatus" = 'VERIFICATION_SUCCESS') THEN
+    IF OLD."approvedAt" IS NULL THEN
+      NEW."approvedAt" := NOW();
+      NEW."isRecentlyApproved" := TRUE;
+    END IF;
+  ELSE
+    NEW."approvedAt" := NULL;
+    NEW."isRecentlyApproved" := FALSE;
+  END IF;
+
+  IF NEW."verificationStatus" = 'VERIFICATION_SUCCESS' THEN
+    NEW."verifiedAt" := NOW();
+  ELSE
+    NEW."verifiedAt" := NULL;
+  END IF;
+
+  IF NEW."verificationStatus" = 'VERIFICATION_FAILED' THEN
+    NEW."spamAt" := NOW();
+  ELSE
+    NEW."spamAt" := NULL;
+  END IF;
+
+  RETURN NEW;
+END;
+$$ LANGUAGE plpgsql;
+
+-- Drop the old triggers TODO: remove this some day
 DROP TRIGGER IF EXISTS trigger_set_service_listed_at ON "Service";
--- Drop the trigger if it exists under the new name
 DROP TRIGGER IF EXISTS trigger_manage_service_timestamps ON "Service";
 
-CREATE TRIGGER trigger_manage_service_timestamps
+DROP TRIGGER IF EXISTS trigger_manage_service_visibility_timestamps ON "Service";
+DROP TRIGGER IF EXISTS trigger_manage_service_verification_timestamps ON "Service";
+
+CREATE TRIGGER trigger_manage_service_visibility_timestamps
+BEFORE UPDATE OF "serviceVisibility" ON "Service"
+FOR EACH ROW
+EXECUTE FUNCTION manage_service_visibility_timestamps();
+
+CREATE TRIGGER trigger_manage_service_verification_timestamps
 BEFORE UPDATE OF "verificationStatus" ON "Service"
 FOR EACH ROW
--- Only execute the function if the verificationStatus value has actually changed
+EXECUTE FUNCTION manage_service_verification_timestamps();
-WHEN (OLD."verificationStatus" IS DISTINCT FROM NEW."verificationStatus")
-EXECUTE FUNCTION manage_service_timestamps();

web/prisma/triggers/07_notifications_service_suggestion.sql

@@ -3,7 +3,20 @@ RETURNS TRIGGER AS $$
 DECLARE
   suggestion_status_change "ServiceSuggestionStatusChange";
 BEGIN
-  IF TG_OP = 'INSERT' THEN -- Corresponds to ServiceSuggestionMessage insert
+  IF TG_OP = 'INSERT' AND TG_TABLE_NAME = 'ServiceSuggestion' THEN -- Corresponds to ServiceSuggestion insert
+    -- Notify all admins when a new suggestion is created
+    INSERT INTO "Notification" ("userId", "type", "aboutServiceSuggestionId")
+    SELECT u."id", 'SUGGESTION_CREATED', NEW."id"
+    FROM "User" u
+    WHERE u."admin" = true
+      AND NOT EXISTS (
+        SELECT 1 FROM "Notification" n
+        WHERE n."userId" = u."id"
+          AND n."type" = 'SUGGESTION_CREATED'
+          AND n."aboutServiceSuggestionId" = NEW."id"
+      );
+
+  ELSIF TG_OP = 'INSERT' AND TG_TABLE_NAME = 'ServiceSuggestionMessage' THEN -- Corresponds to ServiceSuggestionMessage insert
     -- Notify suggestion author (if not the sender)
     INSERT INTO "Notification" ("userId", "type", "aboutServiceSuggestionId", "aboutServiceSuggestionMessageId")
     SELECT s."userId", 'SUGGESTION_MESSAGE', NEW."suggestionId", NEW."id"
@@ -55,6 +68,13 @@ BEGIN
 END;
 $$ LANGUAGE plpgsql;
 
+-- Trigger for new suggestions
+DROP TRIGGER IF EXISTS service_suggestion_created_notifications_trigger ON "ServiceSuggestion";
+CREATE TRIGGER service_suggestion_created_notifications_trigger
+  AFTER INSERT ON "ServiceSuggestion"
+  FOR EACH ROW
+  EXECUTE FUNCTION trigger_service_suggestion_notifications();
+
 -- Trigger for new messages
 DROP TRIGGER IF EXISTS service_suggestion_message_notifications_trigger ON "ServiceSuggestionMessage";
 CREATE TRIGGER service_suggestion_message_notifications_trigger

web/prisma/triggers/12_notification_push_trigger.sql

@@ -0,0 +1,16 @@
+CREATE OR REPLACE FUNCTION trigger_notification_push()
+RETURNS TRIGGER AS $$
+BEGIN
+  PERFORM pg_notify('notification_created', json_build_object('id', NEW.id)::text);
+  RETURN NEW;
+END;
+$$ LANGUAGE plpgsql;
+
+-- Drop the trigger if it exists to ensure a clean setup
+DROP TRIGGER IF EXISTS notification_push_trigger ON "Notification";
+
+-- Create the trigger to fire after inserts
+CREATE TRIGGER notification_push_trigger
+  AFTER INSERT ON "Notification"
+  FOR EACH ROW
+  EXECUTE FUNCTION trigger_notification_push(); 

web/public/favicon-badge.svg

@@ -0,0 +1,8 @@
+<svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 32 32">
+  <title>KYCnot.me logo with badge</title>
+  <path fill="#00bfff" d="M32 8a8 8 0 1 1-16 0 8 8 0 0 1 16 0Z" />
+  <path fill="#040505" d="M12.7 4A12 12 0 0 0 28 19.3V28H4V4h8.7Z" />
+  <path fill="#3BDB78" fill-rule="evenodd"
+    d="M15 0a12 12 0 0 0-1.4 14H11a1 1 0 0 1-1-1V7c0-.6-.4-1-1-1H7a1 1 0 0 0-1 1v18c0 .6.4 1 1 1h2c.6 0 1-.4 1-1v-6c0-.6.4-1 1-1h6.4l.6.4V21c0 .6.4 1 1 1h3v-2.2A12 12 0 0 0 32 17V28a4 4 0 0 1-4 4H4a4 4 0 0 1-4-4V4a4 4 0 0 1 4-4h11Zm7 25c0 .6.4 1 1 1h2c.6 0 1-.4 1-1v-2c0-.6-.4-1-1-1h-3v3Z"
+    clip-rule="evenodd" />
+</svg>

web/public/favicon-dev-badge.svg

@@ -0,0 +1,8 @@
+<svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 32 32">
+  <title>KYCnot.me logo with badge</title>
+  <path fill="#fff" d="M32 8a8 8 0 1 1-16 0 8 8 0 0 1 16 0Z" />
+  <path fill="#040505" d="M12.7 4A12 12 0 0 0 28 19.3V28H4V4h8.7Z" />
+  <path fill="#FF0040" fill-rule="evenodd"
+    d="M15 0a12 12 0 0 0-1.4 14H11a1 1 0 0 1-1-1V7c0-.6-.4-1-1-1H7a1 1 0 0 0-1 1v18c0 .6.4 1 1 1h2c.6 0 1-.4 1-1v-6c0-.6.4-1 1-1h6.4l.6.4V21c0 .6.4 1 1 1h3v-2.2A12 12 0 0 0 32 17V28a4 4 0 0 1-4 4H4a4 4 0 0 1-4-4V4a4 4 0 0 1 4-4h11Zm7 25c0 .6.4 1 1 1h2c.6 0 1-.4 1-1v-2c0-.6-.4-1-1-1h-3v3Z"
+    clip-rule="evenodd" />
+</svg>

web/public/favicon-dev-lightmode-badge.svg

@@ -0,0 +1,8 @@
+<svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 32 32">
+  <title>KYCnot.me logo with badge</title>
+  <path fill="#000" d="M32 8a8 8 0 1 1-16 0 8 8 0 0 1 16 0Z" />
+  <path fill="#fff" d="M12.7 4A12 12 0 0 0 28 19.3V28H4V4h8.7Z" />
+  <path fill="#FF0040" fill-rule="evenodd"
+    d="M15 0a12 12 0 0 0-1.4 14H11a1 1 0 0 1-1-1V7c0-.6-.4-1-1-1H7a1 1 0 0 0-1 1v18c0 .6.4 1 1 1h2c.6 0 1-.4 1-1v-6c0-.6.4-1 1-1h6.4l.6.4V21c0 .6.4 1 1 1h3v-2.2A12 12 0 0 0 32 17V28a4 4 0 0 1-4 4H4a4 4 0 0 1-4-4V4a4 4 0 0 1 4-4h11Zm7 25c0 .6.4 1 1 1h2c.6 0 1-.4 1-1v-2c0-.6-.4-1-1-1h-3v3Z"
+    clip-rule="evenodd" />
+</svg>

web/public/favicon-dev-lightmode.svg

@@ -0,0 +1,7 @@
+<svg xmlns="http://www.w3.org/2000/svg" fill="#ff0040" viewBox="0 0 32 32" height="32" width="32">
+  <title>KYCnot.me logo</title>
+  <path fill="#fff" d="M4 4h24v24H4z" />
+  <path fill-rule="evenodd"
+    d="M32 28a4 4 0 0 1-4 4H4a4 4 0 0 1-4-4V4a4 4 0 0 1 4-4h24a4 4 0 0 1 4 4v24ZM7 6a1 1 0 0 0-1 1v18c0 .6.4 1 1 1h2c.6 0 1-.4 1-1v-6c0-.6.4-1 1-1h7v-3c0-.6-.4-1-1-1h-6a1 1 0 0 1-1-1V7c0-.6-.4-1-1-1H7Zm15 16v3c0 .6.4 1 1 1h2c.6 0 1-.4 1-1v-2c0-.6-.4-1-1-1h-3Zm-4-4v3c0 .6.4 1 1 1h3v-3c0-.6-.4-1-1-1h-3Zm1-12a1 1 0 0 0-1 1v3c0 .6.4 1 1 1h3c.6 0 1-.4 1-1V7c0-.6-.4-1-1-1h-3Z"
+    clip-rule="evenodd" />
+</svg>

web/public/favicon-dev.svg

@@ -1,5 +1,6 @@
-<svg xmlns="http://www.w3.org/2000/svg" fill="#FF0000" viewBox="0 0 32 32" height="32" width="32">
+<svg xmlns="http://www.w3.org/2000/svg" fill="#ff0040" viewBox="0 0 32 32" height="32" width="32">
   <title>KYCnot.me logo</title>
+  <path fill="#040505" d="M4 4h24v24H4z" />
   <path fill-rule="evenodd"
     d="M32 28a4 4 0 0 1-4 4H4a4 4 0 0 1-4-4V4a4 4 0 0 1 4-4h24a4 4 0 0 1 4 4v24ZM7 6a1 1 0 0 0-1 1v18c0 .6.4 1 1 1h2c.6 0 1-.4 1-1v-6c0-.6.4-1 1-1h7v-3c0-.6-.4-1-1-1h-6a1 1 0 0 1-1-1V7c0-.6-.4-1-1-1H7Zm15 16v3c0 .6.4 1 1 1h2c.6 0 1-.4 1-1v-2c0-.6-.4-1-1-1h-3Zm-4-4v3c0 .6.4 1 1 1h3v-3c0-.6-.4-1-1-1h-3Zm1-12a1 1 0 0 0-1 1v3c0 .6.4 1 1 1h3c.6 0 1-.4 1-1V7c0-.6-.4-1-1-1h-3Z"
     clip-rule="evenodd" />

web/public/favicon-lightmode-badge.svg

@@ -0,0 +1,8 @@
+<svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 32 32">
+  <title>KYCnot.me logo with badge</title>
+  <path fill="#0080FF" d="M32 8a8 8 0 1 1-16 0 8 8 0 0 1 16 0Z" />
+  <path fill="#fff" d="M12.7 4A12 12 0 0 0 28 19.3V28H4V4h8.7Z" />
+  <path fill="#33BE00" fill-rule="evenodd"
+    d="M15 0a12 12 0 0 0-1.4 14H11a1 1 0 0 1-1-1V7c0-.6-.4-1-1-1H7a1 1 0 0 0-1 1v18c0 .6.4 1 1 1h2c.6 0 1-.4 1-1v-6c0-.6.4-1 1-1h6.4l.6.4V21c0 .6.4 1 1 1h3v-2.2A12 12 0 0 0 32 17V28a4 4 0 0 1-4 4H4a4 4 0 0 1-4-4V4a4 4 0 0 1 4-4h11Zm7 25c0 .6.4 1 1 1h2c.6 0 1-.4 1-1v-2c0-.6-.4-1-1-1h-3v3Z"
+    clip-rule="evenodd" />
+</svg>

web/public/favicon-lightmode.svg

@@ -1,5 +1,6 @@
 <svg xmlns="http://www.w3.org/2000/svg" fill="#33BE00" viewBox="0 0 32 32" height="32" width="32">
   <title>KYCnot.me logo</title>
+  <path fill="#fff" d="M4 4h24v24H4z" />
   <path fill-rule="evenodd"
     d="M32 28a4 4 0 0 1-4 4H4a4 4 0 0 1-4-4V4a4 4 0 0 1 4-4h24a4 4 0 0 1 4 4v24ZM7 6a1 1 0 0 0-1 1v18c0 .6.4 1 1 1h2c.6 0 1-.4 1-1v-6c0-.6.4-1 1-1h7v-3c0-.6-.4-1-1-1h-6a1 1 0 0 1-1-1V7c0-.6-.4-1-1-1H7Zm15 16v3c0 .6.4 1 1 1h2c.6 0 1-.4 1-1v-2c0-.6-.4-1-1-1h-3Zm-4-4v3c0 .6.4 1 1 1h3v-3c0-.6-.4-1-1-1h-3Zm1-12a1 1 0 0 0-1 1v3c0 .6.4 1 1 1h3c.6 0 1-.4 1-1V7c0-.6-.4-1-1-1h-3Z"
     clip-rule="evenodd" />

web/public/favicon-stage-badge.svg

@@ -0,0 +1,8 @@
+<svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 32 32">
+  <title>KYCnot.me logo with badge</title>
+  <path fill="#fff" d="M32 8a8 8 0 1 1-16 0 8 8 0 0 1 16 0Z" />
+  <path fill="#040505" d="M12.7 4A12 12 0 0 0 28 19.3V28H4V4h8.7Z" />
+  <path fill="#00ffff" class="a" fill-rule="evenodd"
+    d="M15 0a12 12 0 0 0-1.4 14H11a1 1 0 0 1-1-1V7c0-.6-.4-1-1-1H7a1 1 0 0 0-1 1v18c0 .6.4 1 1 1h2c.6 0 1-.4 1-1v-6c0-.6.4-1 1-1h6.4l.6.4V21c0 .6.4 1 1 1h3v-2.2A12 12 0 0 0 32 17V28a4 4 0 0 1-4 4H4a4 4 0 0 1-4-4V4a4 4 0 0 1 4-4h11Zm7 25c0 .6.4 1 1 1h2c.6 0 1-.4 1-1v-2c0-.6-.4-1-1-1h-3v3Z"
+    clip-rule="evenodd" />
+</svg>

web/public/favicon-stage-lightmode-badge.svg

@@ -0,0 +1,8 @@
+<svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 32 32">
+  <title>KYCnot.me logo with badge</title>
+  <path fill="#000" d="M32 8a8 8 0 1 1-16 0 8 8 0 0 1 16 0Z" />
+  <path fill="#fff" d="M12.7 4A12 12 0 0 0 28 19.3V28H4V4h8.7Z" />
+  <path fill="#0080ff" class="a" fill-rule="evenodd"
+    d="M15 0a12 12 0 0 0-1.4 14H11a1 1 0 0 1-1-1V7c0-.6-.4-1-1-1H7a1 1 0 0 0-1 1v18c0 .6.4 1 1 1h2c.6 0 1-.4 1-1v-6c0-.6.4-1 1-1h6.4l.6.4V21c0 .6.4 1 1 1h3v-2.2A12 12 0 0 0 32 17V28a4 4 0 0 1-4 4H4a4 4 0 0 1-4-4V4a4 4 0 0 1 4-4h11Zm7 25c0 .6.4 1 1 1h2c.6 0 1-.4 1-1v-2c0-.6-.4-1-1-1h-3v3Z"
+    clip-rule="evenodd" />
+</svg>

web/public/favicon-stage-lightmode.svg

@@ -0,0 +1,7 @@
+<svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 32 32" height="32" width="32">
+  <title>KYCnot.me logo</title>
+  <path fill="#fff" class="b" d="M4 4h24v24H4z" />
+  <path fill="#0080ff" class="a" fill-rule="evenodd"
+    d="M32 28a4 4 0 0 1-4 4H4a4 4 0 0 1-4-4V4a4 4 0 0 1 4-4h24a4 4 0 0 1 4 4v24ZM7 6a1 1 0 0 0-1 1v18c0 .6.4 1 1 1h2c.6 0 1-.4 1-1v-6c0-.6.4-1 1-1h7v-3c0-.6-.4-1-1-1h-6a1 1 0 0 1-1-1V7c0-.6-.4-1-1-1H7Zm15 16v3c0 .6.4 1 1 1h2c.6 0 1-.4 1-1v-2c0-.6-.4-1-1-1h-3Zm-4-4v3c0 .6.4 1 1 1h3v-3c0-.6-.4-1-1-1h-3Zm1-12a1 1 0 0 0-1 1v3c0 .6.4 1 1 1h3c.6 0 1-.4 1-1V7c0-.6-.4-1-1-1h-3Z"
+    clip-rule="evenodd" />
+</svg>

web/public/favicon-stage.svg

@@ -1,13 +1,7 @@
 <svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 32 32" height="32" width="32">
   <title>KYCnot.me logo</title>
-  <style>
+  <path fill="#040505" class="b" d="M4 4h24v24H4z" />
-    @media (prefers-color-scheme: light) {
+  <path fill="#00ffff" class="a" fill-rule="evenodd"
-      path {
-        fill: #0080ff;
-      }
-    }
-  </style>
-  <path fill="#00ffff" fill-rule="evenodd"
     d="M32 28a4 4 0 0 1-4 4H4a4 4 0 0 1-4-4V4a4 4 0 0 1 4-4h24a4 4 0 0 1 4 4v24ZM7 6a1 1 0 0 0-1 1v18c0 .6.4 1 1 1h2c.6 0 1-.4 1-1v-6c0-.6.4-1 1-1h7v-3c0-.6-.4-1-1-1h-6a1 1 0 0 1-1-1V7c0-.6-.4-1-1-1H7Zm15 16v3c0 .6.4 1 1 1h2c.6 0 1-.4 1-1v-2c0-.6-.4-1-1-1h-3Zm-4-4v3c0 .6.4 1 1 1h3v-3c0-.6-.4-1-1-1h-3Zm1-12a1 1 0 0 0-1 1v3c0 .6.4 1 1 1h3c.6 0 1-.4 1-1V7c0-.6-.4-1-1-1h-3Z"
     clip-rule="evenodd" />
 </svg>

web/public/favicon.svg

@@ -1,5 +1,6 @@
 <svg xmlns="http://www.w3.org/2000/svg" fill="#3BDB78" viewBox="0 0 32 32" height="32" width="32">
   <title>KYCnot.me logo</title>
+  <path fill="#040505" d="M4 4h24v24H4z" />
   <path fill-rule="evenodd"
     d="M32 28a4 4 0 0 1-4 4H4a4 4 0 0 1-4-4V4a4 4 0 0 1 4-4h24a4 4 0 0 1 4 4v24ZM7 6a1 1 0 0 0-1 1v18c0 .6.4 1 1 1h2c.6 0 1-.4 1-1v-6c0-.6.4-1 1-1h7v-3c0-.6-.4-1-1-1h-6a1 1 0 0 1-1-1V7c0-.6-.4-1-1-1H7Zm15 16v3c0 .6.4 1 1 1h2c.6 0 1-.4 1-1v-2c0-.6-.4-1-1-1h-3Zm-4-4v3c0 .6.4 1 1 1h3v-3c0-.6-.4-1-1-1h-3Zm1-12a1 1 0 0 0-1 1v3c0 .6.4 1 1 1h3c.6 0 1-.4 1-1V7c0-.6-.4-1-1-1h-3Z"
     clip-rule="evenodd" />

web/public/notification-icon.svg

@@ -0,0 +1,6 @@
+<svg xmlns="http://www.w3.org/2000/svg" fill="#3BDB78" viewBox="0 0 32 32" height="32" width="32">
+  <title>KYCnot.me logo</title>
+  <path fill-rule="evenodd"
+    d="M30 26a4 4 0 0 1-4 4H6a4 4 0 0 1-4-4V6a4 4 0 0 1 4-4h20a4 4 0 0 1 4 4v20ZM7 6a1 1 0 0 0-1 1v18c0 .6.4 1 1 1h2c.6 0 1-.4 1-1v-6c0-.6.4-1 1-1h7v-3c0-.6-.4-1-1-1h-6a1 1 0 0 1-1-1V7c0-.6-.4-1-1-1H7Zm15 16v3c0 .6.4 1 1 1h2c.6 0 1-.4 1-1v-2c0-.6-.4-1-1-1h-3Zm-4-4v3c0 .6.4 1 1 1h3v-3c0-.6-.4-1-1-1h-3Zm1-12a1 1 0 0 0-1 1v3c0 .6.4 1 1 1h3c.6 0 1-.4 1-1V7c0-.6-.4-1-1-1h-3Z"
+    clip-rule="evenodd" />
+</svg>

web/public/sw.js

@@ -1,83 +0,0 @@
-// @ts-check
-
-/// <reference lib="webworker" />
-
-/** @type {ServiceWorkerGlobalScope} */
-// @ts-expect-error
-const typedSelf = self
-
-const CACHE_NAME = 'kycnot-sw-push-notifications-v1'
-
-typedSelf.addEventListener('install', (event) => {
-  console.log('Service Worker installing')
-  typedSelf.skipWaiting()
-})
-
-typedSelf.addEventListener('activate', (event) => {
-  console.log('Service Worker activating')
-  event.waitUntil(typedSelf.clients.claim())
-})
-
-typedSelf.addEventListener('push', (event) => {
-  console.log('Push event received:', event)
-
-  if (!event.data) {
-    console.log('Push event but no data')
-    return
-  }
-
-  let notificationData
-  try {
-    notificationData = event.data.json()
-  } catch (error) {
-    console.error('Error parsing push data:', error)
-    notificationData = {
-      title: 'New Notification',
-      options: {
-        body: event.data.text() || 'You have a new notification',
-      },
-    }
-  }
-
-  const { title, options } = notificationData
-
-  const notificationOptions = {
-    body: options.body || '',
-    icon: options.icon || '/favicon.svg',
-    badge: options.badge || '/favicon.svg',
-    data: options.data || {},
-    requireInteraction: false,
-    silent: false,
-    ...options,
-  }
-
-  event.waitUntil(typedSelf.registration.showNotification(title, notificationOptions))
-})
-
-typedSelf.addEventListener('notificationclick', (event) => {
-  console.log('Notification clicked:', event)
-
-  event.notification.close()
-
-  const url = event.notification.data?.url || '/'
-
-  event.waitUntil(
-    typedSelf.clients.matchAll({ type: 'window' }).then((clientList) => {
-      // If a window is already open, focus it
-      for (const client of clientList) {
-        if (client.url === url && 'focus' in client) {
-          return client.focus()
-        }
-      }
-
-      // Otherwise, open a new window
-      if (typedSelf.clients.openWindow) {
-        return typedSelf.clients.openWindow(url)
-      }
-    })
-  )
-})
-
-typedSelf.addEventListener('notificationclose', (event) => {
-  console.log('Notification closed:', event)
-})

web/src/actions/account.ts

@@ -1,5 +1,6 @@
 import { ActionError } from 'astro:actions'
 import { z } from 'astro:content'
+import { pick } from 'lodash-es'
 
 import { karmaUnlocksById } from '../constants/karmaUnlocks'
 import { createAccount } from '../lib/accountCreate'
@@ -7,7 +8,7 @@ import { captchaFormSchemaProperties, captchaFormSchemaSuperRefine } from '../li
 import { defineProtectedAction } from '../lib/defineProtectedAction'
 import { saveFileLocally } from '../lib/fileStorage'
 import { handleHoneypotTrap } from '../lib/honeypot'
-import { startImpersonating } from '../lib/impersonation'
+import { startImpersonating, stopImpersonating } from '../lib/impersonation'
 import { makeKarmaUnlockMessage, makeUserWithKarmaUnlocks } from '../lib/karmaUnlocks'
 import { prisma } from '../lib/prisma'
 import { redisPreGeneratedSecretTokens } from '../lib/redis/redisPreGeneratedSecretTokens'
@@ -225,4 +226,36 @@ export const accountActions = {
       return { user }
     },
   }),
+
+  delete: defineProtectedAction({
+    accept: 'form',
+    permissions: 'user',
+    input: z
+      .object({
+        ...captchaFormSchemaProperties,
+      })
+      .superRefine(captchaFormSchemaSuperRefine),
+    handler: async (_input, context) => {
+      if (context.locals.user.admin || context.locals.user.moderator) {
+        throw new ActionError({
+          code: 'FORBIDDEN',
+          message: 'Admins and moderators cannot delete their own accounts.',
+        })
+      }
+
+      await prisma.user.delete({
+        where: { id: context.locals.user.id },
+      })
+
+      const deletedUser = pick(context.locals.user, ['id', 'name', 'displayName', 'picture'])
+
+      if (context.locals.actualUser) {
+        await stopImpersonating(context)
+      } else {
+        await logout(context)
+      }
+
+      return { deletedUser }
+    },
+  }),
 }

web/src/actions/admin/notification.ts

@@ -1,80 +1,33 @@
 import { z } from 'astro/zod'
-import { sumBy } from 'lodash-es'
 
 import { defineProtectedAction } from '../../lib/defineProtectedAction'
 import { prisma } from '../../lib/prisma'
-import { sendPushNotification } from '../../lib/webPush'
 import { stringListOfSlugsSchemaRequired } from '../../lib/zodUtils'
 
 export const adminNotificationActions = {
-  webPush: {
+  test: defineProtectedAction({
-    test: defineProtectedAction({
+    accept: 'form',
-      accept: 'form',
+    permissions: 'admin',
-      permissions: 'admin',
+    input: z.object({
-      input: z.object({
+      userNames: stringListOfSlugsSchemaRequired,
-        userNames: stringListOfSlugsSchemaRequired,
-        title: z.string().min(1).nullable(),
-        body: z.string().nullable(),
-        url: z.string().url().optional(),
-      }),
-      handler: async (input) => {
-        const subscriptions = await prisma.pushSubscription.findMany({
-          where: { user: { name: { in: input.userNames } } },
-          select: {
-            id: true,
-            endpoint: true,
-            p256dh: true,
-            auth: true,
-            userAgent: true,
-            user: {
-              select: {
-                id: true,
-                name: true,
-              },
-            },
-          },
-        })
-
-        const results = await Promise.allSettled(
-          subscriptions.map(async (subscription) => {
-            const result = await sendPushNotification(
-              {
-                endpoint: subscription.endpoint,
-                keys: {
-                  p256dh: subscription.p256dh,
-                  auth: subscription.auth,
-                },
-              },
-              {
-                title: input.title ?? 'Test Notification',
-                body: input.body ?? 'This is a test push notification from KYCNot.me',
-                url: input.url ?? '/',
-              }
-            )
-
-            // If subscription is invalid, remove it from database
-            if (result.error && (result.error.statusCode === 410 || result.error.statusCode === 404)) {
-              await prisma.pushSubscription.delete({
-                where: { id: subscription.id },
-              })
-              console.info(`Removed invalid subscription for user ${subscription.user.name}`)
-            }
-
-            return result.success
-          })
-        )
-
-        const successCount = sumBy(results, (r) => (r.status === 'fulfilled' && r.value ? 1 : 0))
-        const failureCount = sumBy(results, (r) => (r.status === 'fulfilled' && r.value ? 0 : 1))
-        const now = new Date()
-        return {
-          message: `Sent to ${successCount.toLocaleString()} devices, ${failureCount.toLocaleString()} failed. Sent at ${now.toLocaleString()}`,
-          totalSubscriptions: subscriptions.length,
-          successCount,
-          failureCount,
-          sentAt: now,
-        }
-      },
     }),
-  },
+    handler: async (input) => {
+      const users = await prisma.user.findMany({
+        where: { name: { in: input.userNames } },
+        select: { id: true },
+      })
+
+      const notifications = await prisma.notification.createManyAndReturn({
+        data: users.map((user) => ({
+          type: 'TEST',
+          userId: user.id,
+        })),
+        select: { id: true },
+      })
+
+      return {
+        message: `Created ${notifications.length.toString()} notifications.`,
+      }
+    },
+  }),
 }

web/src/actions/admin/service.ts

@@ -4,11 +4,18 @@ import { ActionError } from 'astro:actions'
 import { uniq } from 'lodash-es'
 import slugify from 'slugify'
 
+import { countriesZodEnumById } from '../../constants/countries'
 import { defineProtectedAction } from '../../lib/defineProtectedAction'
-import { saveFileLocally } from '../../lib/fileStorage'
+import { saveFileLocally, deleteFileLocally } from '../../lib/fileStorage'
 import { prisma } from '../../lib/prisma'
 import { separateServiceUrlsByType } from '../../lib/urls'
-import { imageFileSchema, stringListOfUrlsSchemaRequired, zodCohercedNumber } from '../../lib/zodUtils'
+import {
+  imageFileSchema,
+  stringListOfContactMethodsSchema,
+  stringListOfUrlsSchemaRequired,
+  zodCohercedNumber,
+  zodContactMethod,
+} from '../../lib/zodUtils'
 
 const addSlugIfMissing = <
   T extends {
@@ -39,6 +46,7 @@ const serviceSchemaBase = z.object({
   description: z.string().min(1),
   allServiceUrls: stringListOfUrlsSchemaRequired,
   tosUrls: stringListOfUrlsSchemaRequired,
+  contactMethods: stringListOfContactMethodsSchema,
   kycLevel: z.coerce.number().int().min(0).max(4),
   kycLevelClarification: z.nativeEnum(KycLevelClarification).optional().nullable().default(null),
   attributes: z.array(z.coerce.number().int().positive()),
@@ -46,17 +54,27 @@ const serviceSchemaBase = z.object({
   verificationStatus: z.nativeEnum(VerificationStatus),
   verificationSummary: z.string().optional().nullable().default(null),
   verificationProofMd: z.string().optional().nullable().default(null),
-  acceptedCurrencies: z.array(z.nativeEnum(Currency)),
+  acceptedCurrencies: z.array(z.nativeEnum(Currency)).min(1),
   referral: z
     .string()
     .regex(/^(\?\w+=.|\/.+)/, 'Referral must be a valid URL parameter or path, not a full URL')
     .optional()
     .nullable()
     .default(null),
+  operatingSince: z.coerce.date().optional().nullable(),
+  registrationCountryCode: z
+    .union([countriesZodEnumById, z.literal('')])
+    .optional()
+    .nullable()
+    .refine((val) => val === null || val === undefined || val === '' || val.length === 2, {
+      message: 'Country code must be a valid 2-character code or empty',
+    }),
+  registeredCompanyName: z.string().trim().max(100).optional().nullable(),
   imageFile: imageFileSchema,
-  overallScore: zodCohercedNumber(z.number().int().min(0).max(10)).optional(),
   serviceVisibility: z.nativeEnum(ServiceVisibility),
   internalNote: z.string().optional(),
+  strictCommentingEnabled: z.boolean().optional().default(false),
+  commentSectionMessage: z.string().trim().min(3).max(1000).optional().nullable().default(null),
 })
 
 // Define schema for the create action input
@@ -69,6 +87,15 @@ const updateServiceInputSchema = serviceSchemaBase
   })
   .transform(addSlugIfMissing)
 
+const evidenceImageAddSchema = z.object({
+  serviceId: z.number().int().positive(),
+  imageFile: imageFileSchema,
+})
+
+const evidenceImageDeleteSchema = z.object({
+  fileUrl: z.string().startsWith('/files/evidence/', 'Must be a valid evidence file URL'),
+})
+
 export const adminServiceActions = {
   create: defineProtectedAction({
     accept: 'form',
@@ -107,15 +134,17 @@ export const adminServiceActions = {
           onionUrls,
           i2pUrls,
           kycLevel: input.kycLevel,
-          kycLevelClarification: input.kycLevelClarification,
+          kycLevelClarification: input.kycLevelClarification ?? undefined,
           verificationStatus: input.verificationStatus,
           verificationSummary: input.verificationSummary,
           verificationProofMd: input.verificationProofMd,
           acceptedCurrencies: input.acceptedCurrencies,
-          referral: input.referral,
+          strictCommentingEnabled: input.strictCommentingEnabled,
+          commentSectionMessage: input.commentSectionMessage,
+          // eslint-disable-next-line @typescript-eslint/prefer-nullish-coalescing
+          referral: input.referral || null,
           serviceVisibility: input.serviceVisibility,
           slug: input.slug,
-          overallScore: input.overallScore,
           categories: {
             connect: input.categories.map((id) => ({ id })),
           },
@@ -126,6 +155,11 @@ export const adminServiceActions = {
               },
             })),
           },
+          contactMethods: {
+            create: input.contactMethods.map((value) => ({
+              value,
+            })),
+          },
           imageUrl,
           internalNotes: input.internalNote
             ? {
@@ -135,6 +169,9 @@ export const adminServiceActions = {
                 },
               }
             : undefined,
+          operatingSince: input.operatingSince,
+          registrationCountryCode: input.registrationCountryCode ?? null,
+          registeredCompanyName: input.registeredCompanyName,
         },
         select: {
           id: true,
@@ -225,15 +262,17 @@ export const adminServiceActions = {
           onionUrls,
           i2pUrls,
           kycLevel: input.kycLevel,
-          kycLevelClarification: input.kycLevelClarification,
+          kycLevelClarification: input.kycLevelClarification ?? undefined,
           verificationStatus: input.verificationStatus,
           verificationSummary: input.verificationSummary,
           verificationProofMd: input.verificationProofMd,
           acceptedCurrencies: input.acceptedCurrencies,
-          referral: input.referral,
+          strictCommentingEnabled: input.strictCommentingEnabled,
+          commentSectionMessage: input.commentSectionMessage,
+          // eslint-disable-next-line @typescript-eslint/prefer-nullish-coalescing
+          referral: input.referral || null,
           serviceVisibility: input.serviceVisibility,
           slug: input.slug,
-          overallScore: input.overallScore,
           previousSlugs:
             existingService.slug !== input.slug
               ? {
@@ -242,7 +281,6 @@ export const adminServiceActions = {
                   ),
                 }
               : undefined,
-
           imageUrl,
           categories: {
             connect: categoriesToAdd.map((id) => ({ id })),
@@ -259,6 +297,9 @@ export const adminServiceActions = {
               attributeId,
             })),
           },
+          operatingSince: input.operatingSince,
+          registrationCountryCode: input.registrationCountryCode ?? null,
+          registeredCompanyName: input.registeredCompanyName,
         },
       })
 
@@ -272,7 +313,7 @@ export const adminServiceActions = {
       permissions: 'admin',
       input: z.object({
         label: z.string().min(1).max(50).nullable(),
-        value: z.string().url(),
+        value: zodContactMethod,
         serviceId: z.number().int().positive(),
       }),
       handler: async (input) => {
@@ -293,7 +334,7 @@ export const adminServiceActions = {
       input: z.object({
         id: z.number().int().positive(),
         label: z.string().min(1).max(50).nullable(),
-        value: z.string().url(),
+        value: zodContactMethod,
         serviceId: z.number().int().positive(),
       }),
       handler: async (input) => {
@@ -319,7 +360,6 @@ export const adminServiceActions = {
         await prisma.serviceContactMethod.delete({
           where: { id: input.id },
         })
-        return { success: true }
       },
     }),
   },
@@ -404,4 +444,48 @@ export const adminServiceActions = {
       },
     }),
   },
+
+  evidenceImage: {
+    add: defineProtectedAction({
+      accept: 'form',
+      permissions: 'admin',
+      input: evidenceImageAddSchema,
+      handler: async (input) => {
+        const service = await prisma.service.findUnique({
+          where: { id: input.serviceId },
+          select: { slug: true },
+        })
+
+        if (!service) {
+          throw new ActionError({
+            code: 'NOT_FOUND',
+            message: 'Service not found to associate image with.',
+          })
+        }
+
+        if (!input.imageFile) {
+          throw new ActionError({
+            code: 'BAD_REQUEST',
+            message: 'Image file is required.',
+          })
+        }
+
+        const imageUrl = await saveFileLocally(
+          input.imageFile,
+          input.imageFile.name,
+          `evidence/${service.slug}`
+        )
+
+        return { imageUrl }
+      },
+    }),
+    delete: defineProtectedAction({
+      accept: 'form',
+      permissions: 'admin',
+      input: evidenceImageDeleteSchema,
+      handler: async (input) => {
+        await deleteFileLocally(input.fileUrl)
+      },
+    }),
+  },
 }

web/src/actions/admin/user.ts

@@ -1,12 +1,10 @@
-import { type Prisma, type ServiceUserRole, type PrismaClient } from '@prisma/client'
+import { type Prisma, type ServiceUserRole } from '@prisma/client'
 import { ActionError } from 'astro:actions'
 import { z } from 'zod'
 
 import { defineProtectedAction } from '../../lib/defineProtectedAction'
 import { saveFileLocally } from '../../lib/fileStorage'
-import { prisma as prismaInstance } from '../../lib/prisma'
+import { prisma } from '../../lib/prisma'
-
-const prisma = prismaInstance as PrismaClient
 
 const selectUserReturnFields = {
   id: true,

web/src/actions/api/service.ts

@@ -2,6 +2,7 @@ import { z } from 'astro/zod'
 import { ActionError } from 'astro:actions'
 import { pick } from 'lodash-es'
 
+import { getKycLevelClarificationInfo } from '../../constants/kycLevelClarifications'
 import { getKycLevelInfo } from '../../constants/kycLevels'
 import { getVerificationStatusInfo } from '../../constants/verificationStatus'
 import { defineProtectedAction } from '../../lib/defineProtectedAction'
@@ -50,6 +51,7 @@ export const apiServiceActions = {
         slug: true,
         description: true,
         kycLevel: true,
+        kycLevelClarification: true,
         verificationStatus: true,
         categories: {
           select: {
@@ -63,13 +65,13 @@ export const apiServiceActions = {
         tosUrls: true,
         referral: true,
         listedAt: true,
+        approvedAt: true,
         verifiedAt: true,
         serviceVisibility: true,
       } as const satisfies Prisma.ServiceSelect
 
       let service = await prisma.service.findFirst({
         where: {
-          listedAt: { lte: new Date() },
           serviceVisibility: { in: ['PUBLIC', 'ARCHIVED', 'UNLISTED'] },
 
           OR: [
@@ -90,7 +92,6 @@ export const apiServiceActions = {
       if (!service && input.slug) {
         service = await prisma.service.findFirst({
           where: {
-            listedAt: { lte: new Date() },
             serviceVisibility: { in: ['PUBLIC', 'ARCHIVED', 'UNLISTED'] },
 
             previousSlugs: { has: input.slug },
@@ -103,9 +104,7 @@ export const apiServiceActions = {
         !service ||
         (service.serviceVisibility !== 'PUBLIC' &&
           service.serviceVisibility !== 'ARCHIVED' &&
-          service.serviceVisibility !== 'UNLISTED') ||
+          service.serviceVisibility !== 'UNLISTED')
-        !service.listedAt ||
-        service.listedAt > new Date()
       ) {
         throw new ActionError({
           code: 'NOT_FOUND',
@@ -128,8 +127,15 @@ export const apiServiceActions = {
           'description',
         ]),
         verifiedAt: service.verifiedAt,
+        approvedAt: service.approvedAt,
         kycLevel: service.kycLevel,
         kycLevelInfo: pick(getKycLevelInfo(service.kycLevel.toString()), ['value', 'name', 'description']),
+        kycLevelClarification: service.kycLevelClarification,
+        kycLevelClarificationInfo: pick(getKycLevelClarificationInfo(service.kycLevelClarification), [
+          'value',
+          'label',
+          'description',
+        ]),
         categories: service.categories,
         listedAt: service.listedAt,
         serviceUrls: [...service.serviceUrls, ...service.onionUrls, ...service.i2pUrls].map(

web/src/actions/comment.ts

@@ -17,6 +17,7 @@ import type { CommentStatus, Prisma } from '@prisma/client'
 const COMMENT_RATE_LIMIT_WINDOW_MINUTES = 2
 const MAX_COMMENTS_PER_WINDOW = 1
 const MAX_COMMENTS_PER_WINDOW_VERIFIED_USER = 10
+export const COMMENT_ORDER_ID_MAX_LENGTH = 600
 
 export const commentActions = {
   vote: defineProtectedAction({
@@ -103,7 +104,7 @@ export const commentActions = {
         issueFundsBlocked: z.coerce.boolean().optional(),
         issueScam: z.coerce.boolean().optional(),
         issueDetails: z.string().max(120).optional(),
-        orderId: z.string().max(100).optional(),
+        orderId: z.string().max(COMMENT_ORDER_ID_MAX_LENGTH).optional(),
       })
       .superRefine((data, ctx) => {
         if (data.rating && data.parentId) {
@@ -270,6 +271,18 @@ export const commentActions = {
             }
           }
 
+          const isRelatedToService = !!(await tx.serviceUser.findUnique({
+            where: {
+              userId_serviceId: {
+                userId: context.locals.user.id,
+                serviceId: input.serviceId,
+              },
+            },
+            select: {
+              id: true,
+            },
+          }))
+
           // Prepare data object with proper type safety
           const commentData: Prisma.CommentCreateInput = {
             content: input.content,
@@ -277,7 +290,12 @@ export const commentActions = {
             author: { connect: { id: context.locals.user.id } },
 
             // Change status to HUMAN_PENDING if there's an issue report, this is so that the AI worker does not pick it up for review
-            status: context.locals.user.admin ? 'APPROVED' : isIssueReport ? 'HUMAN_PENDING' : 'PENDING',
+            status:
+              context.locals.user.admin || context.locals.user.moderator || isRelatedToService
+                ? 'APPROVED'
+                : isIssueReport
+                  ? 'HUMAN_PENDING'
+                  : 'PENDING',
             requiresAdminReview,
             orderId: input.orderId?.trim() ?? null,
             kycRequested: input.issueKycRequested === true,
@@ -345,10 +363,11 @@ export const commentActions = {
         'order-id-status',
         'kyc-requested',
         'funds-blocked',
+        'toggle-rating-active',
       ]),
       value: z.union([
         z.enum(['PENDING', 'APPROVED', 'VERIFIED', 'REJECTED']),
-        z.enum(['PENDING', 'APPROVED', 'REJECTED']),
+        z.enum(['PENDING', 'APPROVED', 'REJECTED', 'WITHDRAWN']),
         z.boolean(),
         z.string(),
       ]),
@@ -411,7 +430,7 @@ export const commentActions = {
             updateData.privateContext = input.value as string
             break
           case 'order-id-status':
-            updateData.orderIdStatus = input.value as 'APPROVED' | 'PENDING' | 'REJECTED'
+            updateData.orderIdStatus = input.value as 'APPROVED' | 'PENDING' | 'REJECTED' | 'WITHDRAWN'
             break
           case 'kyc-requested':
             updateData.kycRequested = !!input.value
@@ -419,6 +438,9 @@ export const commentActions = {
           case 'funds-blocked':
             updateData.fundsBlocked = !!input.value
             break
+          case 'toggle-rating-active':
+            updateData.ratingActive = !!input.value
+            break
         }
 
         // Update the comment

web/src/actions/notifications.ts

@@ -32,7 +32,6 @@ export const notificationActions = {
         endpoint: z.string(),
         p256dhKey: z.string(),
         authKey: z.string(),
-        userAgent: z.string().optional(),
       }),
       handler: async (input, context) => {
         await prisma.pushSubscription.upsert({
@@ -43,14 +42,12 @@ export const notificationActions = {
           update: {
             p256dh: input.p256dhKey,
             auth: input.authKey,
-            userAgent: input.userAgent,
           },
           create: {
             userId: context.locals.user.id,
             endpoint: input.endpoint,
             p256dh: input.p256dhKey,
             auth: input.authKey,
-            userAgent: input.userAgent,
           },
         })
       },
@@ -58,25 +55,17 @@ export const notificationActions = {
 
     unsubscribe: defineProtectedAction({
       accept: 'json',
-      permissions: 'user',
+      permissions: 'guest',
       input: z.object({
-        endpoint: z.string().optional(),
+        endpoint: z.string(),
       }),
       handler: async (input, context) => {
-        if (input.endpoint) {
+        await prisma.pushSubscription.delete({
-          await prisma.pushSubscription.deleteMany({
+          where: {
-            where: {
+            userId: context.locals.user?.id ?? undefined,
-              userId: context.locals.user.id,
+            endpoint: input.endpoint,
-              endpoint: input.endpoint,
+          },
-            },
+        })
-          })
-        } else {
-          await prisma.pushSubscription.deleteMany({
-            where: {
-              userId: context.locals.user.id,
-            },
-          })
-        }
       },
     }),
   },

web/src/actions/serviceSuggestion.ts

@@ -3,6 +3,7 @@ import { z } from 'astro/zod'
 import { ActionError } from 'astro:actions'
 import { formatDistanceStrict } from 'date-fns'
 
+import { countriesZodEnumById } from '../constants/countries'
 import { captchaFormSchemaProperties, captchaFormSchemaSuperRefine } from '../lib/captchaValidation'
 import { defineProtectedAction } from '../lib/defineProtectedAction'
 import { saveFileLocally } from '../lib/fileStorage'
@@ -10,7 +11,12 @@ import { findServicesBySimilarity } from '../lib/findServicesBySimilarity'
 import { handleHoneypotTrap } from '../lib/honeypot'
 import { prisma } from '../lib/prisma'
 import { separateServiceUrlsByType } from '../lib/urls'
-import { imageFileSchemaRequired, stringListOfUrlsSchemaRequired, zodCohercedNumber } from '../lib/zodUtils'
+import {
+  imageFileSchemaRequired,
+  stringListOfContactMethodsSchema,
+  stringListOfUrlsSchemaRequired,
+  zodCohercedNumber,
+} from '../lib/zodUtils'
 
 import type { Prisma } from '@prisma/client'
 
@@ -31,6 +37,9 @@ const findPossibleDuplicates = async (input: { name: string }) => {
       id: {
         in: matches.map(({ id }) => id),
       },
+      serviceVisibility: {
+        in: ['PUBLIC', 'ARCHIVED', 'UNLISTED'],
+      },
     },
     select: {
       id: true,
@@ -41,31 +50,51 @@ const findPossibleDuplicates = async (input: { name: string }) => {
   })
 }
 
-const serializeExtraNotes = <T extends Record<string, unknown>>(
+const serializeExtraNotes = async <T extends Record<string, unknown>, NK extends keyof T>(
   input: T,
-  skipKeys: (keyof T)[] = []
+  skipKeys: NK[] = [],
-): string => {
+  mapKeys: { [P in Exclude<Extract<keyof T, string>, NK>]?: (value: T[P]) => unknown } = {}
-  return Object.entries(input)
+): Promise<string> => {
-    .filter(([key]) => !skipKeys.includes(key as keyof T))
+  return (
-    .map(([key, value]) => {
+    await Promise.all(
-      let serializedValue = ''
+      Object.entries(input)
-      if (typeof value === 'string') {
+        .filter(
-        serializedValue = value
+          (
-      } else if (value === undefined || value === null) {
+            entry
-        serializedValue = ''
+          ): entry is [Exclude<Extract<keyof T, string>, NK>, T[Exclude<Extract<keyof T, string>, NK>]] =>
-      } else if (typeof value === 'object' && 'toString' in value && typeof value.toString === 'function') {
+            !skipKeys.some((k) => k === entry[0])
-        // eslint-disable-next-line @typescript-eslint/no-base-to-string
+        )
-        serializedValue = value.toString()
+        .map(async ([key, originalValue]) => {
-      } else {
+          const value = mapKeys[key] ? await mapKeys[key](originalValue) : originalValue
-        try {
+          let serializedValue = ''
-          serializedValue = JSON.stringify(value)
+          if (typeof value === 'string') {
-        } catch (error) {
+            serializedValue = value
-          serializedValue = `Error serializing value: ${error instanceof Error ? error.message : 'Unknown error'}`
+          } else if (value === undefined || value === null) {
-        }
+            serializedValue = ''
-      }
+          } else if (Array.isArray(value)) {
-      return `- ${key}: ${serializedValue}`
+            serializedValue = value.map((item) => String(item)).join(', ')
-    })
+          } else if (typeof value === 'object' && value instanceof Date) {
-    .join('\n')
+            serializedValue = value.toISOString()
+          } else if (
+            typeof value === 'object' &&
+            'toString' in value &&
+            typeof value.toString === 'function' &&
+            // eslint-disable-next-line @typescript-eslint/no-base-to-string
+            value.toString() !== '[object Object]'
+          ) {
+            // eslint-disable-next-line @typescript-eslint/no-base-to-string
+            serializedValue = value.toString()
+          } else {
+            try {
+              serializedValue = JSON.stringify(value)
+            } catch (error) {
+              serializedValue = `Error serializing value: ${error instanceof Error ? error.message : 'Unknown error'}`
+            }
+          }
+          return `- ${key}: ${serializedValue}`
+        })
+    )
+  ).join('\n')
 }
 
 export const serviceSuggestionActions = {
@@ -139,26 +168,31 @@ export const serviceSuggestionActions = {
           .max(SUGGESTION_SLUG_MAX_LENGTH)
           .regex(/^[a-z0-9-]+$/, {
             message: 'Slug must contain only lowercase letters, numbers, and hyphens',
-          })
+          }),
-          .refine(
-            async (slug) => {
-              const exists = await prisma.service.findUnique({
-                select: { id: true },
-                where: { slug },
-              })
-              return !exists
-            },
-            { message: 'Slug must be unique, try a different one' }
-          ),
         description: z.string().min(1).max(SUGGESTION_DESCRIPTION_MAX_LENGTH),
         allServiceUrls: stringListOfUrlsSchemaRequired,
         tosUrls: stringListOfUrlsSchemaRequired,
+        contactMethods: stringListOfContactMethodsSchema,
         kycLevel: zodCohercedNumber(z.coerce.number().int().min(0).max(4)),
         kycLevelClarification: z.nativeEnum(KycLevelClarification),
         attributes: z.array(z.coerce.number().int().positive()),
         categories: z.array(z.coerce.number().int().positive()).min(1),
         acceptedCurrencies: z.array(z.nativeEnum(Currency)).min(1),
         imageFile: imageFileSchemaRequired,
+        rulesConfirm: z.literal('on', {
+          errorMap: () => ({
+            message: 'You must accept the suggestion rules and process to continue',
+          }),
+        }),
+        operatingSince: z.coerce.date().optional(),
+        registrationCountryCode: z
+          .union([countriesZodEnumById, z.literal('')])
+          .optional()
+          .nullable()
+          .refine((val) => val === null || val === undefined || val === '' || val.length === 2, {
+            message: 'Country code must be a valid 2-character code or empty',
+          }),
+        registeredCompanyName: z.string().trim().max(100).optional(),
         /** @deprecated Honey pot field, do not use */
         message: z.unknown().optional(),
         skipDuplicateCheck: z
@@ -178,24 +212,63 @@ export const serviceSuggestionActions = {
         location: 'serviceSuggestion.createService',
       })
 
+      const serviceWithSameSlug = await prisma.service.findUnique({
+        select: { id: true, name: true, slug: true, description: true },
+        where: { slug: input.slug },
+      })
+
       if (!input.skipDuplicateCheck) {
-        const possibleDuplicates = await findPossibleDuplicates(input)
+        const possibleDuplicates = [
+          ...(serviceWithSameSlug ? [serviceWithSameSlug] : []),
+          ...(await findPossibleDuplicates(input)),
+        ]
 
         if (possibleDuplicates.length > 0) {
           return {
             hasDuplicates: true,
             possibleDuplicates,
-            extraNotes: serializeExtraNotes(input, [
+            extraNotes: await serializeExtraNotes(
-              'skipDuplicateCheck',
+              input,
-              'message',
+              [
-              'imageFile',
+                'skipDuplicateCheck',
-              'captcha-value',
+                'message',
-              'captcha-solution-hash',
+                'imageFile',
-            ]),
+                'captcha-value',
+                'captcha-solution-hash',
+                'rulesConfirm',
+              ],
+              {
+                attributes: async (value) => {
+                  const dbAttributes = await prisma.attribute.findMany({
+                    select: {
+                      title: true,
+                    },
+                    where: { id: { in: value } },
+                  })
+                  return dbAttributes.map((attribute) => `\n  - ${attribute.title}`).join('')
+                },
+                categories: async (value) => {
+                  const dbCategories = await prisma.category.findMany({
+                    select: {
+                      name: true,
+                    },
+                    where: { id: { in: value } },
+                  })
+                  return dbCategories.map((category) => category.name)
+                },
+              }
+            ),
             serviceSuggestion: undefined,
             service: undefined,
           } as const
         }
+      } else {
+        if (serviceWithSameSlug) {
+          throw new ActionError({
+            message: 'Slug already in use, try a different one',
+            code: 'BAD_REQUEST',
+          })
+        }
       }
 
       const imageUrl = await saveFileLocally(input.imageFile, input.imageFile.name)
@@ -217,6 +290,9 @@ export const serviceSuggestionActions = {
             name: input.name,
             slug: input.slug,
             description: input.description,
+            operatingSince: input.operatingSince,
+            registrationCountryCode: input.registrationCountryCode ?? null,
+            registeredCompanyName: input.registeredCompanyName,
             serviceUrls,
             tosUrls: input.tosUrls,
             onionUrls,
@@ -229,7 +305,6 @@ export const serviceSuggestionActions = {
             overallScore: 0,
             privacyScore: 0,
             trustScore: 0,
-            listedAt: new Date(),
             serviceVisibility: 'UNLISTED',
             categories: {
               connect: input.categories.map((id) => ({ id })),
@@ -239,6 +314,11 @@ export const serviceSuggestionActions = {
                 attributeId: id,
               })),
             },
+            contactMethods: {
+              create: input.contactMethods.map((value) => ({
+                value,
+              })),
+            },
           },
           select: serviceSelect,
         })

web/src/assets/review-badge/long-black.svg

@@ -0,0 +1,8 @@
+<svg xmlns="http://www.w3.org/2000/svg" fill="none" height="32" width="216" viewBox="0 0 432 64">
+  <rect width="431" height="63" x=".5" y=".5" fill="#101413" stroke="#292B2A" rx="7.5" />
+  <path fill="#3BDB78" d="m37.5 18 4.1 8.3 9.2 1.4-6.6 6.5 1.5 9.1-8.2-4.3-8.2 4.3 1.5-9.1-6.6-6.5 9.2-1.4 4.1-8.3Z" />
+  <path fill="#BEBEBE"
+    d="M63.7 42V22.4h7c1.5 0 2.7.2 3.7.7 1 .6 1.8 1.3 2.3 2.2.5 1 .8 2 .8 3.2 0 1.2-.3 2.3-.8 3.2-.5.9-1.3 1.6-2.3 2.1-1 .5-2.2.8-3.8.8h-5.3V32h5c1 0 1.8-.1 2.4-.4.6-.3 1-.7 1.4-1.2a4 4 0 0 0 .4-1.9 4 4 0 0 0-.5-2c-.2-.5-.7-.9-1.3-1.2-.6-.2-1.4-.4-2.4-.4h-3.7V42h-3Zm9.7-8.9 4.8 8.9h-3.4l-4.7-8.9h3.3ZM87 42.3c-1.5 0-2.7-.3-3.8-1-1-.6-1.8-1.4-2.4-2.6a9 9 0 0 1-.8-4 9 9 0 0 1 .8-4c.6-1.1 1.4-2 2.4-2.7a7.2 7.2 0 0 1 6-.6 5.9 5.9 0 0 1 3.6 3.7c.3 1 .5 2 .5 3.4v1H81.6v-2.1h8.9c0-.8-.2-1.5-.5-2a3.5 3.5 0 0 0-3.2-2c-.8 0-1.5.2-2.1.6a4 4 0 0 0-1.4 1.6c-.3.6-.5 1.3-.5 2v1.7c0 1 .2 1.8.6 2.5.3.7.8 1.2 1.4 1.6.7.4 1.4.5 2.2.5.6 0 1 0 1.5-.2l1.2-.7c.3-.3.5-.7.7-1.2l2.7.5a5 5 0 0 1-1.1 2.1c-.6.6-1.3 1-2.1 1.4-.9.3-1.8.5-3 .5Zm21.7-15L103.3 42h-3l-5.4-14.7h3l3.8 11.3h.2l3.7-11.3h3Zm2.7 14.7V27.3h2.8V42h-2.8Zm1.4-17c-.5 0-1-.2-1.3-.5-.3-.3-.5-.7-.5-1.2s.2-.9.5-1.2c.4-.4.8-.5 1.3-.5s1 .1 1.3.5c.3.3.5.7.5 1.2s-.2.9-.5 1.2c-.4.3-.8.5-1.3.5Zm11.6 17.3c-1.4 0-2.7-.3-3.7-1-1-.6-1.9-1.4-2.4-2.6a9 9 0 0 1-.9-4 9 9 0 0 1 .9-4c.5-1.1 1.3-2 2.3-2.7a7.2 7.2 0 0 1 6-.6 5.9 5.9 0 0 1 3.6 3.7c.4 1 .6 2 .6 3.4v1H119v-2.1h9c0-.8-.2-1.5-.5-2a3.5 3.5 0 0 0-3.2-2c-.9 0-1.6.2-2.2.6a4 4 0 0 0-1.3 1.6c-.4.6-.5 1.3-.5 2v1.7c0 1 .2 1.8.5 2.5.4.7.8 1.2 1.5 1.6.6.4 1.3.5 2.2.5.5 0 1 0 1.4-.2.5-.2.9-.4 1.2-.7.3-.3.6-.7.8-1.2l2.7.5a5 5 0 0 1-1.2 2.1c-.6.6-1.3 1-2.1 1.4-.8.3-1.8.5-2.9.5Zm12.7-.3-4.3-14.7h3l2.8 10.8h.2l2.9-10.8h3l2.8 10.7h.1l2.9-10.7h3L149 42h-2.9l-3-10.6h-.2L140 42h-2.9Zm32.4.3c-1.3 0-2.6-.3-3.6-1-1-.6-1.8-1.5-2.4-2.6a8.8 8.8 0 0 1-.8-4c0-1.5.3-2.9.8-4a6.4 6.4 0 0 1 6-3.6c1.4 0 2.6.3 3.7 1 1 .6 1.8 1.5 2.3 2.6.6 1.1.9 2.5.9 4s-.3 2.9-.9 4a6.4 6.4 0 0 1-6 3.6Zm0-2.4c1 0 1.7-.2 2.3-.7.6-.5 1-1.1 1.3-2 .3-.7.4-1.6.4-2.5 0-1-.1-1.8-.4-2.6-.3-.8-.7-1.4-1.3-1.9-.6-.5-1.4-.7-2.3-.7-.9 0-1.6.2-2.2.7-.6.5-1 1.1-1.3 2-.3.7-.4 1.6-.4 2.5 0 1 .1 1.8.4 2.6.3.8.7 1.4 1.3 1.9.6.5 1.3.7 2.2.7Zm13-6.6V42h-2.9V27.3h2.8v2.4h.1c.4-.8.9-1.4 1.6-2a5 5 0 0 1 2.8-.6c1 0 1.9.2 2.6.6.8.4 1.4 1 1.8 1.9.4.8.6 1.8.6 3V42H189v-9c0-1-.3-2-.8-2.5a3 3 0 0 0-2.3-1c-.7 0-1.3.2-1.8.5s-.9.7-1.2 1.3c-.3.5-.4 1.2-.4 2Z" />
+  <path fill="#3BDB78"
+    d="M205.5 18a1 1 0 0 0-1 1v26a1 1 0 0 0 1 1h74a1 1 0 0 0 1-1V19a1 1 0 0 0-1-1h-74Zm4 4h2a1 1 0 0 1 1 1v6a1 1 0 0 0 1 1h6a1 1 0 0 1 1 1v3h3a1 1 0 0 1 1 1v3h3a1 1 0 0 1 1 1v2a1 1 0 0 1-1 1h-2a1 1 0 0 1-1-1v-3h-3a1 1 0 0 1-1-1v-3h-7a1 1 0 0 0-1 1v6a1 1 0 0 1-1 1h-2a1 1 0 0 1-1-1V23a1 1 0 0 1 1-1Zm12 0h3a1 1 0 0 1 1 1v3a1 1 0 0 1-1 1h-3a1 1 0 0 1-1-1v-3a1 1 0 0 1 1-1Zm12.8 0h2.4a1 1 0 0 1 .8.5l5 7.8 5-7.8a1 1 0 0 1 .8-.5h2.4a1 1 0 0 1 .8 1.5l-6.8 10.8a1 1 0 0 0-.2.6V41a1 1 0 0 1-1 1h-2a1 1 0 0 1-1-1v-6.1c0-.2 0-.4-.2-.6l-6.8-10.8a1 1 0 0 1 .3-1.4l.5-.1Zm27.2 0h14a1 1 0 0 1 1 1v2a1 1 0 0 1-1 1h-15v12h15a1 1 0 0 1 1 1v2a1 1 0 0 1-1 1h-14a1 1 0 0 1-1-1v-3h-3a1 1 0 0 1-1-1V27a1 1 0 0 1 1-1h3v-3a1 1 0 0 1 1-1Zm24 0a1 1 0 0 0-1 1v18a1 1 0 0 0 1 1h2a1 1 0 0 0 1-1V25.6l9.2 15.9c.2.3.5.5.8.5h5a1 1 0 0 0 1-1V23a1 1 0 0 0-1-1h-2a1 1 0 0 0-1 1v15.4l-9.2-15.9a1 1 0 0 0-.8-.5h-5Zm29 0a1 1 0 0 0-1 1v3h12v-3a1 1 0 0 0-1-1h-10Zm11 4v12h3a1 1 0 0 0 1-1V27a1 1 0 0 0-1-1h-3Zm0 12h-12v3a1 1 0 0 0 1 1h10a1 1 0 0 0 1-1v-3Zm-12 0V26h-3a1 1 0 0 0-1 1v10a1 1 0 0 0 1 1h3Zm21-16a1 1 0 0 0-1 1v6a1 1 0 0 0 1 1h2a1 1 0 0 0 1-1v-3h4v15a1 1 0 0 0 1 1h2a1 1 0 0 0 1-1V26h4v3a1 1 0 0 0 1 1h2a1 1 0 0 0 1-1v-6a1 1 0 0 0-1-1h-18Zm27 0a1 1 0 0 0-1 1v18a1 1 0 0 0 1 1h2a1 1 0 0 0 1-1V29.4l5.5 12a1 1 0 0 0 1 .6h3a1 1 0 0 0 1-.6l5.5-12V41a1 1 0 0 0 1 1h2a1 1 0 0 0 1-1V23a1 1 0 0 0-1-1h-3.4a1 1 0 0 0-.9.6l-6.7 14.6-6.7-14.6a1 1 0 0 0-1-.6h-3.3Zm32 0a1 1 0 0 0-1 1v3h15a1 1 0 0 0 1-1v-2a1 1 0 0 0-1-1h-14Zm-1 4h-3a1 1 0 0 0-1 1v14a1 1 0 0 0 1 1h18a1 1 0 0 0 1-1v-2a1 1 0 0 0-1-1h-14a1 1 0 0 1-1-1v-3h7a1 1 0 0 0 1-1v-2a1 1 0 0 0-1-1h-7v-4Zm-38 12a1 1 0 0 0-1 1v2a1 1 0 0 0 1 1h2a1 1 0 0 0 1-1v-2a1 1 0 0 0-1-1h-2Z" />
+</svg>

web/src/assets/review-badge/long-white.svg

@@ -0,0 +1,8 @@
+<svg xmlns="http://www.w3.org/2000/svg" fill="none" height="32" width="216" viewBox="0 0 432 64">
+  <rect width="431" height="63" x=".5" y=".5" fill="#fff" stroke="#ECF0EE" rx="7.5" />
+  <path fill="#28AE5B" d="m37.5 18 4.1 8.3 9.2 1.4-6.6 6.5 1.5 9.1-8.2-4.3-8.2 4.3 1.5-9.1-6.6-6.5 9.2-1.4 4.1-8.3Z" />
+  <path fill="#3F3F3F"
+    d="M63.7 42V22.4h7c1.5 0 2.7.2 3.7.7 1 .6 1.8 1.3 2.3 2.2.5 1 .8 2 .8 3.2 0 1.2-.3 2.3-.8 3.2-.5.9-1.3 1.6-2.3 2.1-1 .5-2.2.8-3.8.8h-5.3V32h5c1 0 1.8-.1 2.4-.4.6-.3 1-.7 1.4-1.2a4 4 0 0 0 .4-1.9 4 4 0 0 0-.5-2c-.2-.5-.7-.9-1.3-1.2-.6-.2-1.4-.4-2.4-.4h-3.7V42h-3Zm9.7-8.9 4.8 8.9h-3.4l-4.7-8.9h3.3ZM87 42.3c-1.5 0-2.7-.3-3.8-1-1-.6-1.8-1.4-2.4-2.6a9 9 0 0 1-.8-4 9 9 0 0 1 .8-4c.6-1.1 1.4-2 2.4-2.7a7.2 7.2 0 0 1 6-.6 5.9 5.9 0 0 1 3.6 3.7c.3 1 .5 2 .5 3.4v1H81.6v-2.1h8.9c0-.8-.2-1.5-.5-2a3.5 3.5 0 0 0-3.2-2c-.8 0-1.5.2-2.1.6a4 4 0 0 0-1.4 1.6c-.3.6-.5 1.3-.5 2v1.7c0 1 .2 1.8.6 2.5.3.7.8 1.2 1.4 1.6.7.4 1.4.5 2.2.5.6 0 1 0 1.5-.2l1.2-.7c.3-.3.5-.7.7-1.2l2.7.5a5 5 0 0 1-1.1 2.1c-.6.6-1.3 1-2.1 1.4-.9.3-1.8.5-3 .5Zm21.7-15L103.3 42h-3l-5.4-14.7h3l3.8 11.3h.2l3.7-11.3h3Zm2.7 14.7V27.3h2.8V42h-2.8Zm1.4-17c-.5 0-1-.2-1.3-.5-.3-.3-.5-.7-.5-1.2s.2-.9.5-1.2c.4-.4.8-.5 1.3-.5s1 .1 1.3.5c.3.3.5.7.5 1.2s-.2.9-.5 1.2c-.4.3-.8.5-1.3.5Zm11.6 17.3c-1.4 0-2.7-.3-3.7-1-1-.6-1.9-1.4-2.4-2.6a9 9 0 0 1-.9-4 9 9 0 0 1 .9-4c.5-1.1 1.3-2 2.3-2.7a7.2 7.2 0 0 1 6-.6 5.9 5.9 0 0 1 3.6 3.7c.4 1 .6 2 .6 3.4v1H119v-2.1h9c0-.8-.2-1.5-.5-2a3.5 3.5 0 0 0-3.2-2c-.9 0-1.6.2-2.2.6a4 4 0 0 0-1.3 1.6c-.4.6-.5 1.3-.5 2v1.7c0 1 .2 1.8.5 2.5.4.7.8 1.2 1.5 1.6.6.4 1.3.5 2.2.5.5 0 1 0 1.4-.2.5-.2.9-.4 1.2-.7.3-.3.6-.7.8-1.2l2.7.5a5 5 0 0 1-1.2 2.1c-.6.6-1.3 1-2.1 1.4-.8.3-1.8.5-2.9.5Zm12.7-.3-4.3-14.7h3l2.8 10.8h.2l2.9-10.8h3l2.8 10.7h.1l2.9-10.7h3L149 42h-2.9l-3-10.6h-.2L140 42h-2.9Zm32.4.3c-1.3 0-2.6-.3-3.6-1-1-.6-1.8-1.5-2.4-2.6a8.8 8.8 0 0 1-.8-4c0-1.5.3-2.9.8-4a6.4 6.4 0 0 1 6-3.6c1.4 0 2.6.3 3.7 1 1 .6 1.8 1.5 2.3 2.6.6 1.1.9 2.5.9 4s-.3 2.9-.9 4a6.4 6.4 0 0 1-6 3.6Zm0-2.4c1 0 1.7-.2 2.3-.7.6-.5 1-1.1 1.3-2 .3-.7.4-1.6.4-2.5 0-1-.1-1.8-.4-2.6-.3-.8-.7-1.4-1.3-1.9-.6-.5-1.4-.7-2.3-.7-.9 0-1.6.2-2.2.7-.6.5-1 1.1-1.3 2-.3.7-.4 1.6-.4 2.5 0 1 .1 1.8.4 2.6.3.8.7 1.4 1.3 1.9.6.5 1.3.7 2.2.7Zm13-6.6V42h-2.9V27.3h2.8v2.4h.1c.4-.8.9-1.4 1.6-2a5 5 0 0 1 2.8-.6c1 0 1.9.2 2.6.6.8.4 1.4 1 1.8 1.9.4.8.6 1.8.6 3V42H189v-9c0-1-.3-2-.8-2.5a3 3 0 0 0-2.3-1c-.7 0-1.3.2-1.8.5s-.9.7-1.2 1.3c-.3.5-.4 1.2-.4 2Z" />
+  <path fill="#28AE5B"
+    d="M205.5 18a1 1 0 0 0-1 1v26a1 1 0 0 0 1 1h74a1 1 0 0 0 1-1V19a1 1 0 0 0-1-1h-74Zm4 4h2a1 1 0 0 1 1 1v6a1 1 0 0 0 1 1h6a1 1 0 0 1 1 1v3h3a1 1 0 0 1 1 1v3h3a1 1 0 0 1 1 1v2a1 1 0 0 1-1 1h-2a1 1 0 0 1-1-1v-3h-3a1 1 0 0 1-1-1v-3h-7a1 1 0 0 0-1 1v6a1 1 0 0 1-1 1h-2a1 1 0 0 1-1-1V23a1 1 0 0 1 1-1Zm12 0h3a1 1 0 0 1 1 1v3a1 1 0 0 1-1 1h-3a1 1 0 0 1-1-1v-3a1 1 0 0 1 1-1Zm12.8 0h2.4a1 1 0 0 1 .8.5l5 7.8 5-7.8a1 1 0 0 1 .8-.5h2.4a1 1 0 0 1 .8 1.5l-6.8 10.8a1 1 0 0 0-.2.6V41a1 1 0 0 1-1 1h-2a1 1 0 0 1-1-1v-6.1c0-.2 0-.4-.2-.6l-6.8-10.8a1 1 0 0 1 .3-1.4l.5-.1Zm27.2 0h14a1 1 0 0 1 1 1v2a1 1 0 0 1-1 1h-15v12h15a1 1 0 0 1 1 1v2a1 1 0 0 1-1 1h-14a1 1 0 0 1-1-1v-3h-3a1 1 0 0 1-1-1V27a1 1 0 0 1 1-1h3v-3a1 1 0 0 1 1-1Zm24 0a1 1 0 0 0-1 1v18a1 1 0 0 0 1 1h2a1 1 0 0 0 1-1V25.6l9.2 15.9c.2.3.5.5.8.5h5a1 1 0 0 0 1-1V23a1 1 0 0 0-1-1h-2a1 1 0 0 0-1 1v15.4l-9.2-15.9a1 1 0 0 0-.8-.5h-5Zm29 0a1 1 0 0 0-1 1v3h12v-3a1 1 0 0 0-1-1h-10Zm11 4v12h3a1 1 0 0 0 1-1V27a1 1 0 0 0-1-1h-3Zm0 12h-12v3a1 1 0 0 0 1 1h10a1 1 0 0 0 1-1v-3Zm-12 0V26h-3a1 1 0 0 0-1 1v10a1 1 0 0 0 1 1h3Zm21-16a1 1 0 0 0-1 1v6a1 1 0 0 0 1 1h2a1 1 0 0 0 1-1v-3h4v15a1 1 0 0 0 1 1h2a1 1 0 0 0 1-1V26h4v3a1 1 0 0 0 1 1h2a1 1 0 0 0 1-1v-6a1 1 0 0 0-1-1h-18Zm27 0a1 1 0 0 0-1 1v18a1 1 0 0 0 1 1h2a1 1 0 0 0 1-1V29.4l5.5 12a1 1 0 0 0 1 .6h3a1 1 0 0 0 1-.6l5.5-12V41a1 1 0 0 0 1 1h2a1 1 0 0 0 1-1V23a1 1 0 0 0-1-1h-3.4a1 1 0 0 0-.9.6l-6.7 14.6-6.7-14.6a1 1 0 0 0-1-.6h-3.3Zm32 0a1 1 0 0 0-1 1v3h15a1 1 0 0 0 1-1v-2a1 1 0 0 0-1-1h-14Zm-1 4h-3a1 1 0 0 0-1 1v14a1 1 0 0 0 1 1h18a1 1 0 0 0 1-1v-2a1 1 0 0 0-1-1h-14a1 1 0 0 1-1-1v-3h7a1 1 0 0 0 1-1v-2a1 1 0 0 0-1-1h-7v-4Zm-38 12a1 1 0 0 0-1 1v2a1 1 0 0 0 1 1h2a1 1 0 0 0 1-1v-2a1 1 0 0 0-1-1h-2Z" />
+</svg>

web/src/assets/review-badge/short-black.svg

@@ -0,0 +1,8 @@
+<svg xmlns="http://www.w3.org/2000/svg" fill="none" height="48" width="128" viewBox="0 0 256 96">
+  <rect width="255" height="95" x=".5" y=".5" fill="#101413" stroke="#292B2A" rx="7.5" />
+  <path fill="#3BDB78" d="m56.5 16 4.1 8.3 9.2 1.4-6.6 6.5 1.5 9.1-8.2-4.3-8.2 4.3 1.5-9.1-6.6-6.5 9.2-1.4 4.1-8.3Z" />
+  <path fill="#BEBEBE"
+    d="M82.7 40V20.4h7c1.5 0 2.7.2 3.7.7 1 .6 1.8 1.3 2.3 2.2.5 1 .8 2 .8 3.2 0 1.2-.3 2.3-.8 3.2-.5.9-1.3 1.6-2.3 2.1-1 .5-2.2.8-3.8.8h-5.3V30h5c1 0 1.8-.1 2.4-.4.6-.3 1-.7 1.4-1.2a4 4 0 0 0 .4-1.9 4 4 0 0 0-.5-2c-.2-.5-.7-.9-1.3-1.2-.6-.2-1.4-.4-2.4-.4h-3.7V40h-3Zm9.7-8.9 4.8 8.9h-3.4l-4.7-8.9h3.3Zm13.6 9.2c-1.5 0-2.7-.3-3.8-1-1-.6-1.8-1.4-2.4-2.6a9 9 0 0 1-.8-4 9 9 0 0 1 .8-4c.6-1.1 1.4-2 2.4-2.7a7.2 7.2 0 0 1 6-.6 5.9 5.9 0 0 1 3.6 3.7c.3 1 .5 2 .5 3.4v1h-11.7v-2.1h8.9c0-.8-.2-1.5-.5-2a3.5 3.5 0 0 0-3.2-2c-.8 0-1.5.2-2.1.6a4 4 0 0 0-1.4 1.6c-.3.6-.5 1.3-.5 2v1.7c0 1 .2 1.8.6 2.5.3.7.8 1.2 1.4 1.6.7.4 1.4.5 2.2.5.6 0 1 0 1.5-.2l1.2-.7c.3-.3.5-.7.7-1.2l2.7.5a5 5 0 0 1-1.1 2.1c-.6.6-1.3 1-2.1 1.4-.9.3-1.8.5-3 .5Zm21.7-15L122.3 40h-3l-5.4-14.7h3l3.8 11.3h.2l3.7-11.3h3Zm2.7 14.7V25.3h2.8V40h-2.8Zm1.4-17c-.5 0-1-.2-1.3-.5-.3-.3-.5-.7-.5-1.2s.2-.9.5-1.2c.4-.4.8-.5 1.3-.5s1 .1 1.3.5c.3.3.5.7.5 1.2s-.2.9-.5 1.2c-.4.3-.8.5-1.3.5Zm11.6 17.3c-1.4 0-2.7-.3-3.7-1-1-.6-1.9-1.4-2.4-2.6a9 9 0 0 1-.9-4 9 9 0 0 1 .9-4c.5-1.1 1.3-2 2.3-2.7a7.2 7.2 0 0 1 6-.6 5.9 5.9 0 0 1 3.6 3.7c.4 1 .6 2 .6 3.4v1H138v-2.1h9c0-.8-.2-1.5-.5-2a3.5 3.5 0 0 0-3.2-2c-.9 0-1.6.2-2.2.6a4 4 0 0 0-1.3 1.6c-.4.6-.5 1.3-.5 2v1.7c0 1 .2 1.8.5 2.5.4.7.8 1.2 1.5 1.6.6.4 1.3.5 2.2.5.5 0 1 0 1.4-.2.5-.2.9-.4 1.2-.7.3-.3.6-.7.8-1.2l2.7.5a5 5 0 0 1-1.2 2.1c-.6.6-1.3 1-2.1 1.4-.8.3-1.8.5-2.9.5Zm12.7-.3-4.3-14.7h3l2.8 10.8h.2l2.9-10.8h3l2.8 10.7h.1l2.9-10.7h3L168 40h-2.9l-3-10.6h-.2L159 40h-2.9Zm32.4.3c-1.3 0-2.6-.3-3.6-1-1-.6-1.8-1.5-2.4-2.6a8.8 8.8 0 0 1-.8-4c0-1.5.3-2.9.8-4a6.4 6.4 0 0 1 6-3.6c1.4 0 2.6.3 3.7 1 1 .6 1.8 1.5 2.3 2.6.6 1.1.9 2.5.9 4s-.3 2.9-.9 4a6.4 6.4 0 0 1-6 3.6Zm0-2.4c1 0 1.7-.2 2.3-.7.6-.5 1-1.1 1.3-2 .3-.7.4-1.6.4-2.5 0-1-.1-1.8-.4-2.6-.3-.8-.7-1.4-1.3-1.9-.6-.5-1.4-.7-2.3-.7-.9 0-1.6.2-2.2.7-.6.5-1 1.1-1.3 2-.3.7-.4 1.6-.4 2.5 0 1 .1 1.8.4 2.6.3.8.7 1.4 1.3 1.9.6.5 1.3.7 2.2.7Zm13-6.6V40h-2.9V25.3h2.8v2.4h.1c.4-.8.9-1.4 1.6-2a5 5 0 0 1 2.8-.6c1 0 1.9.2 2.6.6.8.4 1.4 1 1.8 1.9.4.8.6 1.8.6 3V40H208v-9c0-1-.3-2-.8-2.5a3 3 0 0 0-2.3-1c-.7 0-1.3.2-1.8.5s-.9.7-1.2 1.3c-.3.5-.4 1.2-.4 2Z" />
+  <path fill="#3BDB78"
+    d="M27 52a1 1 0 0 0-1 1v26a1 1 0 0 0 1 1h74a1 1 0 0 0 1-1V53a1 1 0 0 0-1-1H27Zm4 4h2a1 1 0 0 1 1 1v6a1 1 0 0 0 1 1h6a1 1 0 0 1 1 1v3h3a1 1 0 0 1 1 1v3h3a1 1 0 0 1 1 1v2a1 1 0 0 1-1 1h-2a1 1 0 0 1-1-1v-3h-3a1 1 0 0 1-1-1v-3h-7a1 1 0 0 0-1 1v6a1 1 0 0 1-1 1h-2a1 1 0 0 1-1-1V57a1 1 0 0 1 1-1Zm12 0h3a1 1 0 0 1 1 1v3a1 1 0 0 1-1 1h-3a1 1 0 0 1-1-1v-3a1 1 0 0 1 1-1Zm12.8 0h2.4a1 1 0 0 1 .8.5l5 7.8 5-7.8a1 1 0 0 1 .8-.5h2.4a1 1 0 0 1 .8 1.5l-6.8 10.8a1 1 0 0 0-.2.6V75a1 1 0 0 1-1 1h-2a1 1 0 0 1-1-1v-6.1c0-.2 0-.4-.2-.6L55 57.5a1 1 0 0 1 .8-1.5ZM83 56h14a1 1 0 0 1 1 1v2a1 1 0 0 1-1 1H82v12h15a1 1 0 0 1 1 1v2a1 1 0 0 1-1 1H83a1 1 0 0 1-1-1v-3h-3a1 1 0 0 1-1-1V61a1 1 0 0 1 1-1h3v-3a1 1 0 0 1 1-1Zm24 0a1 1 0 0 0-1 1v18a1 1 0 0 0 1 1h2a1 1 0 0 0 1-1V59.6l9.2 15.9c.2.3.5.5.8.5h5a1 1 0 0 0 1-1V57a1 1 0 0 0-1-1h-2a1 1 0 0 0-1 1v15.4l-9.2-15.9a1 1 0 0 0-.8-.5h-5Zm29 0a1 1 0 0 0-1 1v3h12v-3a1 1 0 0 0-1-1h-10Zm11 4v12h3a1 1 0 0 0 1-1V61a1 1 0 0 0-1-1h-3Zm0 12h-12v3a1 1 0 0 0 1 1h10a1 1 0 0 0 1-1v-3Zm-12 0V60h-3a1 1 0 0 0-1 1v10a1 1 0 0 0 1 1h3Zm21-16a1 1 0 0 0-1 1v6a1 1 0 0 0 1 1h2a1 1 0 0 0 1-1v-3h4v15a1 1 0 0 0 1 1h2a1 1 0 0 0 1-1V60h4v3a1 1 0 0 0 1 1h2a1 1 0 0 0 1-1v-6a1 1 0 0 0-1-1h-18Zm27 0a1 1 0 0 0-1 1v18a1 1 0 0 0 1 1h2a1 1 0 0 0 1-1V63.4l5.5 12a1 1 0 0 0 1 .6h3a1 1 0 0 0 1-.6l5.5-12V75a1 1 0 0 0 1 1h2a1 1 0 0 0 1-1V57a1 1 0 0 0-1-1h-3.4a1 1 0 0 0-.9.6L194 71.2l-6.7-14.6a1 1 0 0 0-1-.6H183Zm32 0a1 1 0 0 0-1 1v3h15a1 1 0 0 0 1-1v-2a1 1 0 0 0-1-1h-14Zm-1 4h-3a1 1 0 0 0-1 1v14a1 1 0 0 0 1 1h18a1 1 0 0 0 1-1v-2a1 1 0 0 0-1-1h-14a1 1 0 0 1-1-1v-3h7a1 1 0 0 0 1-1v-2a1 1 0 0 0-1-1h-7v-4Zm-38 12a1 1 0 0 0-1 1v2a1 1 0 0 0 1 1h2a1 1 0 0 0 1-1v-2a1 1 0 0 0-1-1h-2Z" />
+</svg>

web/src/assets/review-badge/short-white.svg

@@ -0,0 +1,8 @@
+<svg xmlns="http://www.w3.org/2000/svg" fill="none" height="48" width="128" viewBox="0 0 256 96">
+  <rect width="255" height="95" x=".5" y=".5" fill="#fff" stroke="#ECF0EE" rx="7.5" />
+  <path fill="#28AE5B" d="m56.5 16 4.1 8.3 9.2 1.4-6.6 6.5 1.5 9.1-8.2-4.3-8.2 4.3 1.5-9.1-6.6-6.5 9.2-1.4 4.1-8.3Z" />
+  <path fill="#3F3F3F"
+    d="M82.7 40V20.4h7c1.5 0 2.7.2 3.7.7 1 .6 1.8 1.3 2.3 2.2.5 1 .8 2 .8 3.2 0 1.2-.3 2.3-.8 3.2-.5.9-1.3 1.6-2.3 2.1-1 .5-2.2.8-3.8.8h-5.3V30h5c1 0 1.8-.1 2.4-.4.6-.3 1-.7 1.4-1.2a4 4 0 0 0 .4-1.9 4 4 0 0 0-.5-2c-.2-.5-.7-.9-1.3-1.2-.6-.2-1.4-.4-2.4-.4h-3.7V40h-3Zm9.7-8.9 4.8 8.9h-3.4l-4.7-8.9h3.3Zm13.6 9.2c-1.5 0-2.7-.3-3.8-1-1-.6-1.8-1.4-2.4-2.6a9 9 0 0 1-.8-4 9 9 0 0 1 .8-4c.6-1.1 1.4-2 2.4-2.7a7.2 7.2 0 0 1 6-.6 5.9 5.9 0 0 1 3.6 3.7c.3 1 .5 2 .5 3.4v1h-11.7v-2.1h8.9c0-.8-.2-1.5-.5-2a3.5 3.5 0 0 0-3.2-2c-.8 0-1.5.2-2.1.6a4 4 0 0 0-1.4 1.6c-.3.6-.5 1.3-.5 2v1.7c0 1 .2 1.8.6 2.5.3.7.8 1.2 1.4 1.6.7.4 1.4.5 2.2.5.6 0 1 0 1.5-.2l1.2-.7c.3-.3.5-.7.7-1.2l2.7.5a5 5 0 0 1-1.1 2.1c-.6.6-1.3 1-2.1 1.4-.9.3-1.8.5-3 .5Zm21.7-15L122.3 40h-3l-5.4-14.7h3l3.8 11.3h.2l3.7-11.3h3Zm2.7 14.7V25.3h2.8V40h-2.8Zm1.4-17c-.5 0-1-.2-1.3-.5-.3-.3-.5-.7-.5-1.2s.2-.9.5-1.2c.4-.4.8-.5 1.3-.5s1 .1 1.3.5c.3.3.5.7.5 1.2s-.2.9-.5 1.2c-.4.3-.8.5-1.3.5Zm11.6 17.3c-1.4 0-2.7-.3-3.7-1-1-.6-1.9-1.4-2.4-2.6a9 9 0 0 1-.9-4 9 9 0 0 1 .9-4c.5-1.1 1.3-2 2.3-2.7a7.2 7.2 0 0 1 6-.6 5.9 5.9 0 0 1 3.6 3.7c.4 1 .6 2 .6 3.4v1H138v-2.1h9c0-.8-.2-1.5-.5-2a3.5 3.5 0 0 0-3.2-2c-.9 0-1.6.2-2.2.6a4 4 0 0 0-1.3 1.6c-.4.6-.5 1.3-.5 2v1.7c0 1 .2 1.8.5 2.5.4.7.8 1.2 1.5 1.6.6.4 1.3.5 2.2.5.5 0 1 0 1.4-.2.5-.2.9-.4 1.2-.7.3-.3.6-.7.8-1.2l2.7.5a5 5 0 0 1-1.2 2.1c-.6.6-1.3 1-2.1 1.4-.8.3-1.8.5-2.9.5Zm12.7-.3-4.3-14.7h3l2.8 10.8h.2l2.9-10.8h3l2.8 10.7h.1l2.9-10.7h3L168 40h-2.9l-3-10.6h-.2L159 40h-2.9Zm32.4.3c-1.3 0-2.6-.3-3.6-1-1-.6-1.8-1.5-2.4-2.6a8.8 8.8 0 0 1-.8-4c0-1.5.3-2.9.8-4a6.4 6.4 0 0 1 6-3.6c1.4 0 2.6.3 3.7 1 1 .6 1.8 1.5 2.3 2.6.6 1.1.9 2.5.9 4s-.3 2.9-.9 4a6.4 6.4 0 0 1-6 3.6Zm0-2.4c1 0 1.7-.2 2.3-.7.6-.5 1-1.1 1.3-2 .3-.7.4-1.6.4-2.5 0-1-.1-1.8-.4-2.6-.3-.8-.7-1.4-1.3-1.9-.6-.5-1.4-.7-2.3-.7-.9 0-1.6.2-2.2.7-.6.5-1 1.1-1.3 2-.3.7-.4 1.6-.4 2.5 0 1 .1 1.8.4 2.6.3.8.7 1.4 1.3 1.9.6.5 1.3.7 2.2.7Zm13-6.6V40h-2.9V25.3h2.8v2.4h.1c.4-.8.9-1.4 1.6-2a5 5 0 0 1 2.8-.6c1 0 1.9.2 2.6.6.8.4 1.4 1 1.8 1.9.4.8.6 1.8.6 3V40H208v-9c0-1-.3-2-.8-2.5a3 3 0 0 0-2.3-1c-.7 0-1.3.2-1.8.5s-.9.7-1.2 1.3c-.3.5-.4 1.2-.4 2Z" />
+  <path fill="#28AE5B"
+    d="M27 52a1 1 0 0 0-1 1v26a1 1 0 0 0 1 1h74a1 1 0 0 0 1-1V53a1 1 0 0 0-1-1H27Zm4 4h2a1 1 0 0 1 1 1v6a1 1 0 0 0 1 1h6a1 1 0 0 1 1 1v3h3a1 1 0 0 1 1 1v3h3a1 1 0 0 1 1 1v2a1 1 0 0 1-1 1h-2a1 1 0 0 1-1-1v-3h-3a1 1 0 0 1-1-1v-3h-7a1 1 0 0 0-1 1v6a1 1 0 0 1-1 1h-2a1 1 0 0 1-1-1V57a1 1 0 0 1 1-1Zm12 0h3a1 1 0 0 1 1 1v3a1 1 0 0 1-1 1h-3a1 1 0 0 1-1-1v-3a1 1 0 0 1 1-1Zm12.8 0h2.4a1 1 0 0 1 .8.5l5 7.8 5-7.8a1 1 0 0 1 .8-.5h2.4a1 1 0 0 1 .8 1.5l-6.8 10.8a1 1 0 0 0-.2.6V75a1 1 0 0 1-1 1h-2a1 1 0 0 1-1-1v-6.1c0-.2 0-.4-.2-.6L55 57.5a1 1 0 0 1 .8-1.5ZM83 56h14a1 1 0 0 1 1 1v2a1 1 0 0 1-1 1H82v12h15a1 1 0 0 1 1 1v2a1 1 0 0 1-1 1H83a1 1 0 0 1-1-1v-3h-3a1 1 0 0 1-1-1V61a1 1 0 0 1 1-1h3v-3a1 1 0 0 1 1-1Zm24 0a1 1 0 0 0-1 1v18a1 1 0 0 0 1 1h2a1 1 0 0 0 1-1V59.6l9.2 15.9c.2.3.5.5.8.5h5a1 1 0 0 0 1-1V57a1 1 0 0 0-1-1h-2a1 1 0 0 0-1 1v15.4l-9.2-15.9a1 1 0 0 0-.8-.5h-5Zm29 0a1 1 0 0 0-1 1v3h12v-3a1 1 0 0 0-1-1h-10Zm11 4v12h3a1 1 0 0 0 1-1V61a1 1 0 0 0-1-1h-3Zm0 12h-12v3a1 1 0 0 0 1 1h10a1 1 0 0 0 1-1v-3Zm-12 0V60h-3a1 1 0 0 0-1 1v10a1 1 0 0 0 1 1h3Zm21-16a1 1 0 0 0-1 1v6a1 1 0 0 0 1 1h2a1 1 0 0 0 1-1v-3h4v15a1 1 0 0 0 1 1h2a1 1 0 0 0 1-1V60h4v3a1 1 0 0 0 1 1h2a1 1 0 0 0 1-1v-6a1 1 0 0 0-1-1h-18Zm27 0a1 1 0 0 0-1 1v18a1 1 0 0 0 1 1h2a1 1 0 0 0 1-1V63.4l5.5 12a1 1 0 0 0 1 .6h3a1 1 0 0 0 1-.6l5.5-12V75a1 1 0 0 0 1 1h2a1 1 0 0 0 1-1V57a1 1 0 0 0-1-1h-3.4a1 1 0 0 0-.9.6L194 71.2l-6.7-14.6a1 1 0 0 0-1-.6H183Zm32 0a1 1 0 0 0-1 1v3h15a1 1 0 0 0 1-1v-2a1 1 0 0 0-1-1h-14Zm-1 4h-3a1 1 0 0 0-1 1v14a1 1 0 0 0 1 1h18a1 1 0 0 0 1-1v-2a1 1 0 0 0-1-1h-14a1 1 0 0 1-1-1v-3h7a1 1 0 0 0 1-1v-2a1 1 0 0 0-1-1h-7v-4Zm-38 12a1 1 0 0 0-1 1v2a1 1 0 0 0 1 1h2a1 1 0 0 0 1-1v-2a1 1 0 0 0-1-1h-2Z" />
+</svg>

web/src/components/AdminNavigationFixScript.astro

@@ -0,0 +1,24 @@
+---
+if (!Astro.locals.user?.admin) return
+---
+
+<script>
+  /////////////////////////////////////////////////////////////////////////////////////////////
+  // Script that adds data-astro-reload to all admin links or all links if on an admin page. //
+  // This is a workaround to prevent the client router messing up inputs.                    //
+  /////////////////////////////////////////////////////////////////////////////////////////////
+
+  document.addEventListener('astro:page-load', () => {
+    document.querySelectorAll<HTMLAnchorElement | HTMLFormElement>('a,form').forEach((element) => {
+      const isAdminPage = window.location.pathname.startsWith('/admin')
+      if (isAdminPage) {
+        element.setAttribute('data-astro-reload', '')
+      }
+
+      const url = element.href ? new URL(element.href) : null
+      if (url?.pathname.startsWith('/admin')) {
+        element.setAttribute('data-astro-reload', '')
+      }
+    })
+  })
+</script>

web/src/components/AnnouncementBanner.astro

@@ -6,20 +6,24 @@ import { cn } from '../lib/cn'
 
 import type { Prisma } from '@prisma/client'
 import type { HTMLAttributes } from 'astro/types'
+import type { O } from 'ts-toolbelt'
 
 type Props = HTMLAttributes<'div'> & {
-  announcement: Prisma.AnnouncementGetPayload<{
+  announcement: O.Optional<
-    select: {
+    Prisma.AnnouncementGetPayload<{
-      id: true
+      select: {
-      content: true
+        id: true
-      type: true
+        content: true
-      link: true
+        type: true
-      linkText: true
+        link: true
-      startDate: true
+        linkText: true
-      endDate: true
+        startDate: true
-      isActive: true
+        endDate: true
-    }
+        isActive: true
-  }>
+      }
+    }>,
+    'link' | 'linkText'
+  >
 }
 
 const { announcement, class: className, ...props } = Astro.props
@@ -31,12 +35,15 @@ const Tag = announcement.link ? 'a' : 'div'
 
 <Tag
   href={announcement.link}
-  target={announcement.link ? '_blank' : undefined}
+  target={announcement.link && new URL(announcement.link, Astro.url.origin).origin !== Astro.url.origin
+    ? '_blank'
+    : undefined}
   rel="noopener noreferrer"
   class={cn(
     'group xs:px-6 2xs:px-4 relative isolate z-50 flex items-center justify-center gap-x-2 overflow-hidden border-b border-zinc-800 bg-black px-2 py-2 focus-visible:outline-none sm:gap-x-6 sm:px-3.5',
     className
   )}
+  aria-label="Announcement banner"
   {...props}
 >
   <div
@@ -78,15 +85,15 @@ const Tag = announcement.link ? 'a' : 'div'
     </span>
   </div>
 
-  <div
+  {
-    class="text-day-300 group-focus-visible:outline-primary transition-background 2xs:px-4 relative inline-flex h-full shrink-0 cursor-pointer items-center justify-center gap-1.5 overflow-hidden rounded-full border border-white/20 bg-black/10 p-[1px] px-1 py-1 text-sm font-medium shadow-sm backdrop-blur-3xl transition-colors group-hover:bg-white/5 group-focus-visible:ring-2 group-focus-visible:ring-blue-500 group-focus-visible:ring-offset-2 group-focus-visible:ring-offset-black/80 sm:min-w-[120px]"
+    !!announcement.link && !!announcement.linkText && (
-  >
+      <div class="text-day-300 group-focus-visible:outline-primary transition-background 2xs:px-4 relative inline-flex h-full shrink-0 cursor-pointer items-center justify-center gap-1.5 overflow-hidden rounded-full border border-white/20 bg-black/10 p-[1px] px-1 py-1 text-sm font-medium shadow-sm backdrop-blur-3xl transition-colors group-hover:bg-white/5 group-focus-visible:ring-2 group-focus-visible:ring-blue-500 group-focus-visible:ring-offset-2 group-focus-visible:ring-offset-black/80 sm:min-w-[120px]">
-    <span class="2xs:inline-block hidden">
+        <span class="2xs:inline-block hidden">{announcement.linkText}</span>
-      {announcement.linkText}
+        <Icon
-    </span>
+          name="ri:arrow-right-line"
-    <Icon
+          class="size-4 shrink-0 transition-transform group-hover:translate-x-0.5"
-      name="ri:arrow-right-line"
+        />
-      class="size-4 shrink-0 transition-transform group-hover:translate-x-0.5"
+      </div>
-    />
+    )
-  </div>
+  }
 </Tag>

web/src/components/BadgeSmall.astro

@@ -2,13 +2,14 @@
 import { Icon } from 'astro-icon/components'
 import { tv, type VariantProps } from 'tailwind-variants'
 
+import type { AstroChildren } from '../lib/astro'
 import type { Polymorphic } from 'astro/types'
 
 const badge = tv({
   slots: {
     base: 'inline-flex h-4 items-center justify-center gap-0.75 rounded-full px-1.25 text-[10px] font-medium',
     icon: 'size-3 shrink-0',
-    text: 'mx-0.25 overflow-hidden text-ellipsis whitespace-nowrap',
+    text: 'mx-0.25 overflow-hidden text-ellipsis whitespace-nowrap [&>a]:hover:underline [&>a]:focus-visible:underline',
   },
   variants: {
     color: {
@@ -122,18 +123,22 @@ const badge = tv({
   },
 })
 
-type Props<Tag extends 'a' | 'div' | 'li' = 'div'> = Polymorphic<
+type Props<
+  Tag extends 'a' | 'div' | 'li' = 'div',
+  Text extends string | undefined = string | undefined,
+> = Polymorphic<
   VariantProps<typeof badge> & {
     as: Tag
     icon?: string
     endIcon?: string
-    text: string
+    text?: Text
     inlineIcon?: boolean
     classNames?: {
       icon?: string
       text?: string
       endIcon?: string
     }
+    children?: Text extends string ? never : AstroChildren
   }
 >
 
@@ -161,7 +166,7 @@ const { base, icon: iconSlot, text: textSlot } = badge({ color, variant })
       <Icon name={iconName} class={iconSlot({ class: classNames?.icon })} is:inline={inlineIcon} />
     )
   }
-  <span class={textSlot({ class: classNames?.text })}>{textContent}</span>
+  <span class={textSlot({ class: classNames?.text })}>{textContent ?? <slot />}</span>
   {
     !!endIconName && (
       <Icon name={endIconName} class={iconSlot({ class: classNames?.endIcon })} is:inline={inlineIcon} />

web/src/components/BaseHead.astro

@@ -1,13 +1,22 @@
 ---
 import LoadingIndicator from 'astro-loading-indicator/component'
 import { Schema } from 'astro-seo-schema'
+import { ONION_ADDRESS } from 'astro:env/server'
 import { ClientRouter } from 'astro:transitions'
+import { pwaAssetsHead } from 'virtual:pwa-assets/head'
+import { pwaInfo } from 'virtual:pwa-info'
 
 import { isNotArray } from '../lib/arrays'
-import { DEPLOYMENT_MODE } from '../lib/envVariables'
+import { DEPLOYMENT_MODE } from '../lib/client/envVariables'
 
+import AdminNavigationFixScript from './AdminNavigationFixScript.astro'
+import DevToolsMessageScript from './DevToolsMessageScript.astro'
+import DynamicFavicon from './DynamicFavicon.astro'
 import HtmxScript from './HtmxScript.astro'
+import NotificationEventsScript from './NotificationEventsScript.astro'
 import { makeOgImageUrl } from './OgImage'
+import ServerEventsScript from './ServerEventsScript.astro'
+import ServiceWorkerScript from './ServiceWorkerScript.astro'
 import TailwindJsPluggin from './TailwindJsPluggin.astro'
 
 import type { ComponentProps } from 'astro/types'
@@ -70,46 +79,49 @@ const fullTitle = `${pageTitle} | KYCnot.me ${modeName}`
 const ogImageUrl = makeOgImageUrl(ogImage, Astro.url)
 ---
 
-<!-- Favicon -->
+{/* Primary Meta Tags */}
-<link rel="icon" type="image/svg+xml" href="/favicon.svg" />
-<link rel="icon" type="image/svg+xml" href="/favicon-lightmode.svg" media="(prefers-color-scheme: light)" />
-{DEPLOYMENT_MODE === 'development' && <link rel="icon" type="image/svg+xml" href="/favicon-dev.svg" />}
-{DEPLOYMENT_MODE === 'staging' && <link rel="icon" type="image/svg+xml" href="/favicon-stage.svg" />}
-
-<!-- Primary Meta Tags -->
 <meta name="generator" content={Astro.generator} />
 <meta name="description" content={description} />
 <title>{fullTitle}</title>
-<!-- {canonicalUrl && <link rel="canonical" href={canonicalUrl} />} -->
+{/* canonicalUrl && <link rel="canonical" href={canonicalUrl} /> */}
+<meta http-equiv="onion-location" content={ONION_ADDRESS} />
 
-<!-- Open Graph / Facebook -->
+{/* Open Graph / Facebook */}
 <meta property="og:type" content="website" />
 <meta property="og:url" content={Astro.url} />
 <meta property="og:title" content={fullTitle} />
 <meta property="og:description" content={description} />
 {!!ogImageUrl && <meta property="og:image" content={ogImageUrl} />}
 
-<!-- Twitter -->
+{/* Twitter */}
 <meta property="twitter:card" content="summary_large_image" />
 <meta property="twitter:url" content={Astro.url} />
 <meta property="twitter:title" content={fullTitle} />
 <meta property="twitter:description" content={description} />
 {!!ogImageUrl && <meta property="twitter:image" content={ogImageUrl} />}
 
-<!-- Other -->
+{/* Other */}
 <link rel="sitemap" href="/sitemap-index.xml" />
-<meta name="theme-color" content="#040505" />
+<link rel="sitemap" href="/sitemaps/search.xml" />
+
+{/* PWA */}
+{pwaAssetsHead.themeColor && <meta name="theme-color" content={pwaAssetsHead.themeColor.content} />}
+{pwaAssetsHead.links.filter((link) => link.rel !== 'icon').map((link) => <link {...link} />)}
+{pwaInfo && <Fragment set:html={pwaInfo.webManifest.linkTag} />}
+
+<DynamicFavicon />
 
-<!-- Components -->
 <ClientRouter />
+<AdminNavigationFixScript />
+
 <LoadingIndicator color="green" />
 <TailwindJsPluggin />
 {htmx && <HtmxScript />}
 
-<!-- JSON-LD Schemas -->
+{/* JSON-LD Schemas */}
 {schemas?.map((item) => <Schema item={item} />)}
 
-<!-- Breadcrumbs -->
+{/* Breadcrumbs */}
 {
   breadcrumbLists.map((breadcrumbList) => (
     <Schema
@@ -131,3 +143,15 @@ const ogImageUrl = makeOgImageUrl(ogImage, Astro.url)
     />
   ))
 }
+
+{
+  Astro.locals.user && (
+    <>
+      <ServerEventsScript />
+      <ServiceWorkerScript />
+      <NotificationEventsScript />
+    </>
+  )
+}
+
+<DevToolsMessageScript />

web/src/components/Button.astro

@@ -288,6 +288,7 @@ const ActualTag = disabled && Tag === 'a' ? 'span' : Tag
   class={base({ class: cn({ 'opacity-20 hover:opacity-50': disabled }, className) })}
   role={role ?? (Tag === 'button' || Tag === 'label' || (disabled && Tag === 'a') ? undefined : 'button')}
   aria-disabled={disabled}
+  aria-label={label}
   {...dataAstroReload && { 'data-astro-reload': dataAstroReload }}
   {...htmlProps}
 >

web/src/components/CommentItem.astro

@@ -15,6 +15,7 @@ import {
 } from '../lib/commentsWithReplies'
 import { computeKarmaUnlocks } from '../lib/karmaUnlocks'
 import { formatDateShort } from '../lib/timeAgo'
+import { urlDomain } from '../lib/urls'
 
 import BadgeSmall from './BadgeSmall.astro'
 import CommentModeration from './CommentModeration.astro'
@@ -32,6 +33,7 @@ type Props = HTMLAttributes<'div'> & {
   highlightedCommentId: number | null
   serviceSlug: string
   itemReviewedId: string
+  strictCommentingEnabled?: boolean
 }
 
 const {
@@ -41,6 +43,7 @@ const {
   highlightedCommentId = null,
   serviceSlug,
   itemReviewedId,
+  strictCommentingEnabled,
   class: className,
   ...htmlProps
 } = Astro.props
@@ -150,13 +153,13 @@ const commentUrl = makeCommentUrl({ serviceSlug, commentId: comment.id, origin:
     checked={comment.suspicious}
   />
 
-  <div class="comment-header scrollbar-w-none flex items-center gap-2 overflow-auto text-sm">
+  <div class="comment-header flex items-center gap-2 text-sm">
     <label for={`collapse-${comment.id.toString()}`} class="cursor-pointer text-zinc-500 hover:text-zinc-300">
       <span class="collapse-symbol text-xs"></span>
       <span class="sr-only">Toggle comment visibility</span>
     </label>
 
-    <span class="flex items-center gap-1">
+    <span class="flex min-w-16 items-center gap-1">
       <UserBadge
         user={comment.author}
         size="md"
@@ -170,7 +173,7 @@ const commentUrl = makeCommentUrl({ serviceSlug, commentId: comment.id, origin:
               comment.author.admin || comment.author.moderator
                 ? `KYCnot.me ${comment.author.admin ? 'Admin' : 'Moderator'}${comment.author.verifiedLink ? '. ' : ''}`
                 : ''
-            }${comment.author.verifiedLink ? `Related to ${comment.author.verifiedLink}` : ''}`}
+            }${comment.author.verifiedLink ? `Related to ${urlDomain(comment.author.verifiedLink)}` : ''}`}
           >
             <Icon name="ri:verified-badge-fill" class="size-4 text-cyan-300" />
           </Tooltip>
@@ -179,7 +182,7 @@ const commentUrl = makeCommentUrl({ serviceSlug, commentId: comment.id, origin:
     </span>
 
     {/* User badges - more compact but still with text */}
-    <div class="flex flex-wrap items-center gap-1">
+    <div class="flex w-min grow flex-wrap items-center gap-1">
       {
         comment.author.admin && (
           <BadgeSmall icon="ri:shield-star-fill" color="green" text="Admin" variant="faded" inlineIcon />
@@ -240,18 +243,17 @@ const commentUrl = makeCommentUrl({ serviceSlug, commentId: comment.id, origin:
       }
 
       {
-        comment.author.serviceAffiliations.map((affiliation) => {
+        comment.author.serviceAffiliations
-          const roleInfo = getServiceUserRoleInfo(affiliation.role)
+          .filter((affiliation) => affiliation.service.slug === serviceSlug)
-          return (
+          .map((affiliation) => {
-            <BadgeSmall
+            const roleInfo = getServiceUserRoleInfo(affiliation.role)
-              icon={roleInfo.icon}
+            return (
-              color={roleInfo.color}
+              <BadgeSmall icon={roleInfo.icon} color={roleInfo.color} variant="faded" inlineIcon>
-              text={`${roleInfo.label} at ${affiliation.service.name}`}
+                {roleInfo.label} at
-              variant="faded"
+                <a href={`/service/${affiliation.service.slug}`}>{affiliation.service.name}</a>
-              inlineIcon
+              </BadgeSmall>
-            />
+            )
-          )
+          })
-        })
       }
     </div>
   </div>
@@ -492,6 +494,7 @@ const commentUrl = makeCommentUrl({ serviceSlug, commentId: comment.id, origin:
           serviceId={comment.serviceId}
           parentId={comment.id}
           commentId={comment.id}
+          strictCommentingEnabled={strictCommentingEnabled}
           class="mt-2 hidden peer-checked/collapse:hidden peer-checked/reply:block"
         />
       </>

web/src/components/CommentModeration.astro

@@ -20,6 +20,8 @@ type Props = HTMLAttributes<'div'> & {
       privateContext: true
       orderId: true
       orderIdStatus: true
+      rating: true
+      ratingActive: true
     }
   }>
 }
@@ -46,10 +48,10 @@ if (!user || !user.admin || !user.moderator) return null
   <div
     class="bg-night-600 border-night-500 mt-2 hidden overflow-hidden rounded-md border peer-checked:block peer-checked:p-2"
   >
-    <div class="border-night-500 flex flex-wrap gap-1 border-b pb-2">
+    <div class="border-night-500 flex flex-wrap items-center gap-1 border-b pb-2">
       <button
         class={cn(
-          'rounded-sm px-1.5 py-0.5 text-xs transition-colors',
+          'inline-flex items-center gap-1 rounded-sm px-1.5 py-0.5 text-xs transition-colors',
           comment.status === 'REJECTED'
             ? 'border border-red-500/30 bg-red-500/20 text-red-400'
             : 'bg-night-700 hover:bg-red-500/20 hover:text-red-400'
@@ -59,42 +61,13 @@ if (!user || !user.admin || !user.moderator) return null
         data-comment-id={comment.id}
         data-user-id={user.id}
       >
-        {comment.status === 'REJECTED' ? 'Unreject' : 'Reject'}
+        <Icon name="ri:close-circle-line" class="h-3.5 w-3.5" />
+        <span>{comment.status === 'REJECTED' ? 'Unreject' : 'Reject'}</span>
       </button>
 
       <button
         class={cn(
-          'rounded-sm px-1.5 py-0.5 text-xs transition-colors',
+          'inline-flex items-center gap-1 rounded-sm px-1.5 py-0.5 text-xs transition-colors',
-          comment.suspicious
-            ? 'border border-yellow-500/30 bg-yellow-500/20 text-yellow-400'
-            : 'bg-night-700 hover:bg-yellow-500/20 hover:text-yellow-400'
-        )}
-        data-action="suspicious"
-        data-value={!comment.suspicious}
-        data-comment-id={comment.id}
-        data-user-id={user.id}
-      >
-        {comment.suspicious ? 'Not Spam' : 'Spam'}
-      </button>
-
-      <button
-        class={cn(
-          'rounded-sm px-1.5 py-0.5 text-xs transition-colors',
-          comment.requiresAdminReview
-            ? 'border border-purple-500/30 bg-purple-500/20 text-purple-400'
-            : 'bg-night-700 hover:bg-purple-500/20 hover:text-purple-400'
-        )}
-        data-action="requires-admin-review"
-        data-value={!comment.requiresAdminReview}
-        data-comment-id={comment.id}
-        data-user-id={user.id}
-      >
-        {comment.requiresAdminReview ? 'No Admin Review' : 'Needs Admin Review'}
-      </button>
-
-      <button
-        class={cn(
-          'rounded-sm px-1.5 py-0.5 text-xs transition-colors',
           comment.status === 'VERIFIED'
             ? 'border border-green-500/30 bg-green-500/20 text-green-400'
             : 'bg-night-700 hover:bg-green-500/20 hover:text-green-400'
@@ -104,12 +77,13 @@ if (!user || !user.admin || !user.moderator) return null
         data-comment-id={comment.id}
         data-user-id={user.id}
       >
-        {comment.status === 'VERIFIED' ? 'Unverify' : 'Verify'}
+        <Icon name="ri:verified-badge-line" class="h-3.5 w-3.5" />
+        <span>{comment.status === 'VERIFIED' ? 'Unverify' : 'Verify'}</span>
       </button>
 
       <button
         class={cn(
-          'rounded-sm px-1.5 py-0.5 text-xs transition-colors',
+          'inline-flex items-center gap-1 rounded-sm px-1.5 py-0.5 text-xs transition-colors',
           comment.status === 'PENDING' || comment.status === 'HUMAN_PENDING'
             ? 'border border-blue-500/30 bg-blue-500/20 text-blue-400'
             : 'bg-night-700 hover:bg-blue-500/20 hover:text-blue-400'
@@ -121,12 +95,49 @@ if (!user || !user.admin || !user.moderator) return null
         data-comment-id={comment.id}
         data-user-id={user.id}
       >
-        {comment.status === 'PENDING' || comment.status === 'HUMAN_PENDING' ? 'Approve' : 'Pending'}
+        <Icon name="ri:checkbox-circle-line" class="h-3.5 w-3.5" />
+        <span>
+          {comment.status === 'PENDING' || comment.status === 'HUMAN_PENDING' ? 'Approve' : 'Pending'}
+        </span>
+      </button>
+
+      <div class="bg-night-500 h-5 w-px"></div>
+
+      <button
+        class={cn(
+          'inline-flex items-center gap-1 rounded-sm px-1.5 py-0.5 text-xs transition-colors',
+          comment.suspicious
+            ? 'border border-yellow-500/30 bg-yellow-500/20 text-yellow-400'
+            : 'bg-night-700 hover:bg-yellow-500/20 hover:text-yellow-400'
+        )}
+        data-action="suspicious"
+        data-value={!comment.suspicious}
+        data-comment-id={comment.id}
+        data-user-id={user.id}
+      >
+        <Icon name="ri:spam-2-line" class="h-3.5 w-3.5" />
+        <span>{comment.suspicious ? 'Not Spam' : 'Spam'}</span>
       </button>
 
       <button
         class={cn(
-          'rounded-sm px-1.5 py-0.5 text-xs transition-colors',
+          'inline-flex items-center gap-1 rounded-sm px-1.5 py-0.5 text-xs transition-colors',
+          comment.requiresAdminReview
+            ? 'border border-purple-500/30 bg-purple-500/20 text-purple-400'
+            : 'bg-night-700 hover:bg-purple-500/20 hover:text-purple-400'
+        )}
+        data-action="requires-admin-review"
+        data-value={!comment.requiresAdminReview}
+        data-comment-id={comment.id}
+        data-user-id={user.id}
+      >
+        <Icon name="ri:shield-user-line" class="h-3.5 w-3.5" />
+        <span>{comment.requiresAdminReview ? 'No Admin Review' : 'Needs Admin Review'}</span>
+      </button>
+
+      <button
+        class={cn(
+          'inline-flex items-center gap-1 rounded-sm px-1.5 py-0.5 text-xs transition-colors',
           comment.kycRequested
             ? 'border border-red-500/30 bg-red-500/20 text-red-400'
             : 'bg-night-700 hover:bg-red-500/20 hover:text-red-400'
@@ -136,12 +147,13 @@ if (!user || !user.admin || !user.moderator) return null
         data-comment-id={comment.id}
         data-user-id={user.id}
       >
-        {comment.kycRequested ? 'No KYC Issue' : 'KYC Issue'}
+        <Icon name="ri:bank-card-line" class="h-3.5 w-3.5" />
+        <span>{comment.kycRequested ? 'No KYC Issue' : 'KYC Issue'}</span>
       </button>
 
       <button
         class={cn(
-          'rounded-sm px-1.5 py-0.5 text-xs transition-colors',
+          'inline-flex items-center gap-1 rounded-sm px-1.5 py-0.5 text-xs transition-colors',
           comment.fundsBlocked
             ? 'border border-red-500/30 bg-red-500/20 text-red-400'
             : 'bg-night-700 hover:bg-red-500/20 hover:text-red-400'
@@ -151,8 +163,31 @@ if (!user || !user.admin || !user.moderator) return null
         data-comment-id={comment.id}
         data-user-id={user.id}
       >
-        {comment.fundsBlocked ? 'No Funds Issue' : 'Funds Issue'}
+        <Icon name="ri:lock-line" class="h-3.5 w-3.5" />
+        <span>{comment.fundsBlocked ? 'No Funds Issue' : 'Funds Issue'}</span>
       </button>
+
+      <div class="bg-night-500 h-5 w-px"></div>
+
+      {
+        comment.rating && (
+          <button
+            class={cn(
+              'inline-flex items-center gap-1 rounded-sm px-1.5 py-0.5 text-xs transition-colors',
+              comment.ratingActive
+                ? 'border border-blue-500/30 bg-blue-500/20 text-blue-400'
+                : 'bg-night-700 hover:bg-blue-500/20 hover:text-blue-400'
+            )}
+            data-action="toggle-rating-active"
+            data-value={!comment.ratingActive}
+            data-comment-id={comment.id}
+            data-user-id={user.id}
+          >
+            <Icon name="ri:star-line" class="h-3.5 w-3.5" />
+            <span>{comment.ratingActive ? 'Disable Rating' : 'Enable Rating'}</span>
+          </button>
+        )
+      }
     </div>
 
     <div class="mt-2 space-y-1.5">
@@ -208,7 +243,7 @@ if (!user || !user.admin || !user.moderator) return null
               <div class="flex gap-1">
                 <button
                   class={cn(
-                    'rounded-sm px-1.5 py-0.5 text-xs transition-colors',
+                    'inline-flex items-center gap-1 rounded-sm px-1.5 py-0.5 text-xs transition-colors',
                     comment.orderIdStatus === 'APPROVED'
                       ? 'border border-green-500/30 bg-green-500/20 text-green-400'
                       : 'bg-night-700 hover:bg-green-500/20 hover:text-green-400'
@@ -218,11 +253,12 @@ if (!user || !user.admin || !user.moderator) return null
                   data-comment-id={comment.id}
                   data-user-id={user.id}
                 >
-                  Approve
+                  <Icon name="ri:check-line" class="h-3.5 w-3.5" />
+                  <span>Approve</span>
                 </button>
                 <button
                   class={cn(
-                    'rounded-sm px-1.5 py-0.5 text-xs transition-colors',
+                    'inline-flex items-center gap-1 rounded-sm px-1.5 py-0.5 text-xs transition-colors',
                     comment.orderIdStatus === 'REJECTED'
                       ? 'border border-red-500/30 bg-red-500/20 text-red-400'
                       : 'bg-night-700 hover:bg-red-500/20 hover:text-red-400'
@@ -232,11 +268,12 @@ if (!user || !user.admin || !user.moderator) return null
                   data-comment-id={comment.id}
                   data-user-id={user.id}
                 >
-                  Reject
+                  <Icon name="ri:close-line" class="h-3.5 w-3.5" />
+                  <span>Reject</span>
                 </button>
                 <button
                   class={cn(
-                    'rounded-sm px-1.5 py-0.5 text-xs transition-colors',
+                    'inline-flex items-center gap-1 rounded-sm px-1.5 py-0.5 text-xs transition-colors',
                     comment.orderIdStatus === 'PENDING'
                       ? 'border border-blue-500/30 bg-blue-500/20 text-blue-400'
                       : 'bg-night-700 hover:bg-blue-500/20 hover:text-blue-400'
@@ -246,7 +283,23 @@ if (!user || !user.admin || !user.moderator) return null
                   data-comment-id={comment.id}
                   data-user-id={user.id}
                 >
-                  Pending
+                  <Icon name="ri:time-line" class="h-3.5 w-3.5" />
+                  <span>Pending</span>
+                </button>
+                <button
+                  class={cn(
+                    'inline-flex items-center gap-1 rounded-sm px-1.5 py-0.5 text-xs transition-colors',
+                    comment.orderIdStatus === 'WITHDRAWN'
+                      ? 'border-night-400 bg-night-500/50 text-night-300 border'
+                      : 'bg-night-700 hover:bg-night-500/50 hover:text-night-300'
+                  )}
+                  data-action="order-id-status"
+                  data-value="WITHDRAWN"
+                  data-comment-id={comment.id}
+                  data-user-id={user.id}
+                >
+                  <Icon name="ri:arrow-go-back-line" class="h-3.5 w-3.5" />
+                  <span>Withdrawn</span>
                 </button>
               </div>
             </div>
@@ -280,7 +333,8 @@ if (!user || !user.admin || !user.moderator) return null
               action === 'suspicious' ||
               action === 'requires-admin-review' ||
               action === 'kyc-requested' ||
-              action === 'funds-blocked'
+              action === 'funds-blocked' ||
+              action === 'toggle-rating-active'
                 ? value === 'true'
                 : value,
           })
@@ -290,7 +344,8 @@ if (!user || !user.admin || !user.moderator) return null
             if (action === 'status') {
               window.location.reload()
             } else if (action === 'suspicious') {
-              btn.textContent = value === 'true' ? 'Not Sus' : 'Sus'
+              const span = btn.querySelector('span')
+              if (span) span.textContent = value === 'true' ? 'Not Spam' : 'Spam'
               btn.classList.toggle('bg-yellow-500/20')
               btn.classList.toggle('text-yellow-400')
               btn.classList.toggle('border-yellow-500/30')
@@ -298,7 +353,8 @@ if (!user || !user.admin || !user.moderator) return null
               btn.classList.toggle('bg-night-700')
               btn.setAttribute('data-value', value === 'true' ? 'false' : 'true')
             } else if (action === 'requires-admin-review') {
-              btn.textContent = value === 'true' ? 'No Review' : 'Review'
+              const span = btn.querySelector('span')
+              if (span) span.textContent = value === 'true' ? 'No Admin Review' : 'Needs Admin Review'
               btn.classList.toggle('bg-purple-500/20')
               btn.classList.toggle('text-purple-400')
               btn.classList.toggle('border-purple-500/30')
@@ -309,7 +365,8 @@ if (!user || !user.admin || !user.moderator) return null
               // Refresh to show updated order ID status
               window.location.reload()
             } else if (action === 'kyc-requested') {
-              btn.textContent = value === 'true' ? 'No KYC Issue' : 'KYC Issue'
+              const span = btn.querySelector('span')
+              if (span) span.textContent = value === 'true' ? 'No KYC Issue' : 'KYC Issue'
               btn.classList.toggle('bg-red-500/20')
               btn.classList.toggle('text-red-400')
               btn.classList.toggle('border-red-500/30')
@@ -317,13 +374,23 @@ if (!user || !user.admin || !user.moderator) return null
               btn.classList.toggle('bg-night-700')
               btn.setAttribute('data-value', value === 'true' ? 'false' : 'true')
             } else if (action === 'funds-blocked') {
-              btn.textContent = value === 'true' ? 'No Funds Issue' : 'Funds Issue'
+              const span = btn.querySelector('span')
+              if (span) span.textContent = value === 'true' ? 'No Funds Issue' : 'Funds Issue'
               btn.classList.toggle('bg-red-500/20')
               btn.classList.toggle('text-red-400')
               btn.classList.toggle('border-red-500/30')
               btn.classList.toggle('border')
               btn.classList.toggle('bg-night-700')
               btn.setAttribute('data-value', value === 'true' ? 'false' : 'true')
+            } else if (action === 'toggle-rating-active') {
+              const span = btn.querySelector('span')
+              if (span) span.textContent = value === 'true' ? 'Disable Rating' : 'Enable Rating'
+              btn.classList.toggle('bg-blue-500/20')
+              btn.classList.toggle('text-blue-400')
+              btn.classList.toggle('border-blue-500/30')
+              btn.classList.toggle('border')
+              btn.classList.toggle('bg-night-700')
+              btn.setAttribute('data-value', value === 'true' ? 'false' : 'true')
             }
           } else {
             console.error('Error moderating comment:', error)

web/src/components/CommentReply.astro

@@ -1,7 +1,9 @@
 ---
 import { Icon } from 'astro-icon/components'
+import { Markdown } from 'astro-remote'
 import { actions } from 'astro:actions'
 
+import { COMMENT_ORDER_ID_MAX_LENGTH } from '../actions/comment'
 import { cn } from '../lib/cn'
 import { makeLoginUrl } from '../lib/redirectUrls'
 
@@ -20,6 +22,8 @@ type Props = Omit<HTMLAttributes<'form'>, 'action' | 'enctype' | 'method'> & {
   serviceId: number
   parentId?: number
   commentId?: number
+  strictCommentingEnabled?: boolean
+  commentSectionMessage?: string | null
   activeRatingComment?: Prisma.CommentGetPayload<{
     select: {
       id: true
@@ -28,7 +32,16 @@ type Props = Omit<HTMLAttributes<'form'>, 'action' | 'enctype' | 'method'> & {
   }> | null
 }
 
-const { serviceId, parentId, commentId, activeRatingComment, class: className, ...htmlProps } = Astro.props
+const {
+  serviceId,
+  parentId,
+  commentId,
+  activeRatingComment,
+  strictCommentingEnabled,
+  commentSectionMessage,
+  class: className,
+  ...htmlProps
+} = Astro.props
 
 const MIN_COMMENT_LENGTH = parentId ? 10 : 30
 
@@ -88,69 +101,83 @@ const userCommentsDisabled = user ? user.karmaUnlocks.commentsDisabled : false
             </div>
 
             {!parentId ? (
-              <div class="[&:has(input[name='rating'][value='']:checked)_[data-show-if-rating]]:hidden">
+              <>
-                <div class="flex flex-wrap gap-4">
+                <div class="[&:has(input[name='rating'][value='']:checked)_[data-show-if-rating]]:hidden">
-                  <InputRating name="rating" label="Rating" />
+                  <div class="flex flex-wrap gap-4">
+                    <InputRating name="rating" label="Rating" />
 
-                  <InputWrapper label="I experienced..." name="tags">
+                    <InputWrapper label="I experienced..." name="tags">
-                    <label class="flex cursor-pointer items-center gap-2">
+                      <label class="flex cursor-pointer items-center gap-2">
-                      <input type="checkbox" name="issueKycRequested" class="text-red-400" />
+                        <input type="checkbox" name="issueKycRequested" class="text-red-400" />
-                      <span class="flex items-center gap-1 text-xs text-red-400">
+                        <span class="flex items-center gap-1 text-xs text-red-400">
-                        <Icon name="ri:user-forbid-fill" class="size-3" />
+                          <Icon name="ri:user-forbid-fill" class="size-3" />
-                        KYC Issue
+                          KYC Issue
-                      </span>
+                        </span>
-                    </label>
+                      </label>
 
-                    <label class="flex cursor-pointer items-center gap-2">
+                      <label class="flex cursor-pointer items-center gap-2">
-                      <input type="checkbox" name="issueFundsBlocked" class="text-orange-400" />
+                        <input type="checkbox" name="issueFundsBlocked" class="text-orange-400" />
-                      <span class="flex items-center gap-1 text-xs text-orange-400">
+                        <span class="flex items-center gap-1 text-xs text-orange-400">
-                        <Icon name="ri:wallet-3-fill" class="size-3" />
+                          <Icon name="ri:wallet-3-fill" class="size-3" />
-                        Funds Blocked
+                          Funds Blocked
-                      </span>
+                        </span>
-                    </label>
+                      </label>
-                  </InputWrapper>
+                    </InputWrapper>
 
-                  <InputText
+                    <InputText
-                    label="Order ID"
+                      label="Order ID"
-                    name="orderId"
+                      name="orderId"
-                    inputProps={{
+                      inputProps={{
-                      maxlength: 100,
+                        maxlength: COMMENT_ORDER_ID_MAX_LENGTH,
-                      placeholder: 'Order ID / URL / Proof',
+                        placeholder: 'Order ID / URL / Proof',
-                      class: 'bg-night-800',
+                        class: 'bg-night-800',
-                    }}
+                        required: strictCommentingEnabled,
-                    descriptionLabel="Only visible to admins, to verify your comment"
+                      }}
-                    class="grow"
+                      descriptionLabel="Only visible to admins, to verify your comment"
-                  />
+                      class="grow"
-                </div>
+                    />
+                  </div>
 
-                <div class="mt-4 flex items-start justify-end gap-2">
+                  <div class="mt-4 flex flex-wrap items-start justify-end gap-x-4 gap-y-2">
-                  {!!activeRatingComment?.rating && (
+                    {!!activeRatingComment?.rating && (
-                    <div
+                      <div
-                      class="rounded-sm bg-yellow-500/10 px-2 py-1.5 text-xs text-yellow-400"
+                        class="mt-1 rounded-sm bg-yellow-500/10 px-2 py-1.5 text-xs text-yellow-400"
-                      data-show-if-rating
+                        data-show-if-rating
-                    >
-                      <Icon name="ri:information-line" class="mr-1 inline size-3.5" />
-                      <a
-                        href={`${Astro.url.origin}${Astro.url.pathname}#comment-${activeRatingComment.id}`}
-                        class="inline-flex items-center gap-1 underline"
-                        target="_blank"
-                        rel="noopener noreferrer"
                       >
-                        Your previous rating
+                        <Icon name="ri:information-line" class="mr-1 inline size-3.5" />
-                        <Icon name="ri:external-link-line" class="inline size-2.5 align-[-0.1em]" />
+                        <a
-                      </a>
+                          href={`${Astro.url.origin}${Astro.url.pathname}#comment-${activeRatingComment.id}`}
-                      of
+                          class="inline-flex items-center gap-1 underline"
-                      {[
+                          target="_blank"
-                        activeRatingComment.rating.toLocaleString(),
+                          rel="noopener noreferrer"
-                        <Icon name="ri:star-fill" class="inline size-3 align-[-0.1em]" />,
+                        >
-                      ]}
+                          Your previous rating
-                      won't count for the total.
+                          <Icon name="ri:external-link-line" class="inline size-2.5 align-[-0.1em]" />
-                    </div>
+                        </a>
-                  )}
+                        of
+                        {[
+                          activeRatingComment.rating.toLocaleString(),
+                          <Icon name="ri:star-fill" class="inline size-3 align-[-0.1em]" />,
+                        ]}
+                        won't count for the total.
+                      </div>
+                    )}
 
-                  <Button type="submit" label="Send" icon="ri:send-plane-2-line" />
+                    <div class="flex flex-wrap items-start justify-end gap-x-4 gap-y-2">
+                      {!!commentSectionMessage && (
+                        <div class="flex items-start gap-1 pt-1.5">
+                          <Icon name="ri:information-line" class="mt-1.25 inline size-3.5" />
+                          <div class="prose prose-invert prose-sm text-day-200 max-w-none grow">
+                            <Markdown content={commentSectionMessage} />
+                          </div>
+                        </div>
+                      )}
+
+                      <Button type="submit" label="Send" icon="ri:send-plane-2-line" />
+                    </div>
+                  </div>
                 </div>
-              </div>
+              </>
             ) : (
               <div class="flex items-center justify-end gap-2">
                 <Button type="submit" label="Reply" icon="ri:reply-line" />

web/src/components/CommentSection.astro

@@ -35,6 +35,8 @@ type Props = {
       name: true
       description: true
       createdAt: true
+      strictCommentingEnabled: true
+      commentSectionMessage: true
     }
   }>
 }
@@ -71,12 +73,13 @@ const [dbComments, pendingCommentsCount, activeRatingComment] = await Astro.loca
     'Failed to fetch comments',
     async () =>
       await prisma.comment.findMany(
-        makeCommentsNestedQuery({
+        await makeCommentsNestedQuery({
           depth: MAX_COMMENT_DEPTH,
           user,
           showPending: params.showPending,
           serviceId: service.id,
           sort: params.sort,
+          highlightedCommentId: params.comment,
         })
       ),
     [],
@@ -172,7 +175,13 @@ function makeReplySchema(comment: CommentWithRepliesPopulated): Comment {
       comment: comments.map(makeReplySchema),
     } as WithContext<DiscussionForumPosting>}
   />
-  <CommentReply serviceId={service.id} activeRatingComment={activeRatingComment} class="xs:mb-4 mb-2" />
+  <CommentReply
+    serviceId={service.id}
+    activeRatingComment={activeRatingComment}
+    strictCommentingEnabled={service.strictCommentingEnabled}
+    commentSectionMessage={service.commentSectionMessage}
+    class="xs:mb-4 mb-2"
+  />
 
   <div class="mb-6 flex flex-wrap items-center justify-between gap-2">
     <div class="flex items-center">
@@ -257,6 +266,7 @@ function makeReplySchema(comment: CommentWithRepliesPopulated): Comment {
             showPending={params.showPending}
             serviceSlug={service.slug}
             itemReviewedId={itemReviewedId}
+            strictCommentingEnabled={service.strictCommentingEnabled}
           />
         ))
       ) : (

web/src/components/DevToolsMessageScript.astro

@@ -0,0 +1,51 @@
+---
+
+---
+
+<script>
+  import { SOURCE_CODE_URL } from 'astro:env/client'
+
+  const logoStyle = `
+  padding: 0 119.5px;
+  display: block;
+  line-height: 64px;
+  background-size: auto 64px;
+  background-repeat: no-repeat;
+  background-position: 50% 0;
+  background-image: url("data:image/svg+xml,%3Csvg xmlns='http://www.w3.org/2000/svg' fill='none' viewBox='0 0 240 64'%3E%3Crect width='239' height='63' x='.5' y='.5' fill='%23101413' stroke='%23292B2A' rx='7.5'/%3E%3Cpath fill='%233BDB78' d='M19 18a1 1 0 0 0-1 1v26a1 1 0 0 0 1 1h74a1 1 0 0 0 1-1V19a1 1 0 0 0-1-1H19Zm4 4h2a1 1 0 0 1 1 1v6a1 1 0 0 0 1 1h6a1 1 0 0 1 1 1v3h3a1 1 0 0 1 1 1v3h3a1 1 0 0 1 1 1v2a1 1 0 0 1-1 1h-2a1 1 0 0 1-1-1v-3h-3a1 1 0 0 1-1-1v-3h-7a1 1 0 0 0-1 1v6a1 1 0 0 1-1 1h-2a1 1 0 0 1-1-1V23a1 1 0 0 1 1-1Zm12 0h3a1 1 0 0 1 1 1v3a1 1 0 0 1-1 1h-3a1 1 0 0 1-1-1v-3a1 1 0 0 1 1-1Zm12.8 0h2.4a1 1 0 0 1 .8.5l5 7.8 5-7.8a1 1 0 0 1 .8-.5h2.4a1 1 0 0 1 .8 1.5l-6.9 10.8a1 1 0 0 0-.1.6V41a1 1 0 0 1-1 1h-2a1 1 0 0 1-1-1v-6.1c0-.2 0-.4-.2-.6L47 23.5a1 1 0 0 1 .8-1.5ZM75 22h14a1 1 0 0 1 1 1v2a1 1 0 0 1-1 1H74v12h15a1 1 0 0 1 1 1v2a1 1 0 0 1-1 1H75a1 1 0 0 1-1-1v-3h-3a1 1 0 0 1-1-1V27a1 1 0 0 1 1-1h3v-3a1 1 0 0 1 1-1Zm24 0a1 1 0 0 0-1 1v18a1 1 0 0 0 1 1h2a1 1 0 0 0 1-1V25.6l9.2 15.9c.2.3.5.5.8.5h5a1 1 0 0 0 1-1V23a1 1 0 0 0-1-1h-2a1 1 0 0 0-1 1v15.4l-9.2-15.9a1 1 0 0 0-.8-.5h-5Zm29 0a1 1 0 0 0-1 1v3h12v-3a1 1 0 0 0-1-1h-10Zm11 4v12h3a1 1 0 0 0 1-1V27a1 1 0 0 0-1-1h-3Zm0 12h-12v3a1 1 0 0 0 1 1h10a1 1 0 0 0 1-1v-3Zm-12 0V26h-3a1 1 0 0 0-1 1v10a1 1 0 0 0 1 1h3Zm21-16a1 1 0 0 0-1 1v6a1 1 0 0 0 1 1h2a1 1 0 0 0 1-1v-3h4v15a1 1 0 0 0 1 1h2a1 1 0 0 0 1-1V26h4v3a1 1 0 0 0 1 1h2a1 1 0 0 0 1-1v-6a1 1 0 0 0-1-1h-18Zm27 0a1 1 0 0 0-1 1v18a1 1 0 0 0 1 1h2a1 1 0 0 0 1-1V29.4l5.5 12a1 1 0 0 0 1 .6h3a1 1 0 0 0 1-.6l5.5-12V41a1 1 0 0 0 1 1h2a1 1 0 0 0 1-1V23a1 1 0 0 0-1-1h-3.4a1 1 0 0 0-.9.6L186 37.2l-6.7-14.6a1 1 0 0 0-1-.6H175Zm32 0a1 1 0 0 0-1 1v3h15a1 1 0 0 0 1-1v-2a1 1 0 0 0-1-1h-14Zm-1 4h-3a1 1 0 0 0-1 1v14a1 1 0 0 0 1 1h18a1 1 0 0 0 1-1v-2a1 1 0 0 0-1-1h-14a1 1 0 0 1-1-1v-3h7a1 1 0 0 0 1-1v-2a1 1 0 0 0-1-1h-7v-4Zm-38 12a1 1 0 0 0-1 1v2a1 1 0 0 0 1 1h2a1 1 0 0 0 1-1v-2a1 1 0 0 0-1-1h-2Z'/%3E%3C/svg%3E");
+  `
+
+  setTimeout(
+    console.log.bind(
+      console,
+      `\n%c \n%c\n    👋%c  Hi there! %c\n\n‣ We included source maps, so you can easily inspect the code. 🕵🏻‍♂️\n‣ Everything works with JavaScript disabled.\n‣ Source code: ${SOURCE_CODE_URL}`,
+      logoStyle,
+      `
+        font-family: cursive;
+        font-size: 2rem;
+        font-weight: bold;
+      `,
+      `
+        font-family: cursive;
+        font-size: 2rem;
+        font-weight: bold;	
+        background: repeating-linear-gradient(
+          90deg,
+          #d97706 0%,
+          #f59e0b 20%,
+          #f97316 40%,
+          #ea580c 60%,
+          #f97316 80%,
+          #f59e0b 100%
+        ) -100%/ 200%;
+      	-webkit-background-clip: text;
+      	background-clip: text;
+      	color: transparent;
+      `,
+      `
+        font-size: 1rem;
+        font-family: system-ui, -apple-system, sans-serif;
+      `
+    )
+  )
+</script>

web/src/components/DynamicFavicon.astro

@@ -0,0 +1,79 @@
+---
+import { DEPLOYMENT_MODE } from '../lib/client/envVariables'
+import { prisma } from '../lib/prisma'
+
+const user = Astro.locals.user
+
+const hasUnreadNotifications = await Astro.locals.banners.try(
+  'Error getting unread notification count',
+  async () =>
+    user
+      ? !!(await prisma.notification.findFirst({
+          where: { userId: user.id, read: false },
+          select: { id: true },
+        }))
+      : false,
+  false
+)
+
+function addBadgeIfUnread(href: string) {
+  if (hasUnreadNotifications) return href.replace('.svg', '-badge.svg')
+  return href
+}
+---
+
+{
+  DEPLOYMENT_MODE === 'production' && (
+    <>
+      <link rel="icon" type="image/svg+xml" sizes="any" href={addBadgeIfUnread('/favicon.svg')} />
+      <link
+        rel="icon"
+        type="image/svg+xml"
+        sizes="any"
+        href={addBadgeIfUnread('/favicon-lightmode.svg')}
+        media="(prefers-color-scheme: light)"
+      />
+    </>
+  )
+}
+{
+  DEPLOYMENT_MODE === 'development' && (
+    <>
+      <link rel="icon" type="image/svg+xml" sizes="any" href={addBadgeIfUnread('/favicon-dev.svg')} />
+      <link
+        rel="icon"
+        type="image/svg+xml"
+        sizes="any"
+        href={addBadgeIfUnread('/favicon-dev-lightmode.svg')}
+        media="(prefers-color-scheme: light)"
+      />
+    </>
+  )
+}
+{
+  DEPLOYMENT_MODE === 'staging' && (
+    <>
+      <link rel="icon" type="image/svg+xml" sizes="any" href={addBadgeIfUnread('/favicon-stage.svg')} />
+      <link
+        rel="icon"
+        type="image/svg+xml"
+        sizes="any"
+        href={addBadgeIfUnread('/favicon-stage-lightmode.svg')}
+        media="(prefers-color-scheme: light)"
+      />
+    </>
+  )
+}
+
+<script>
+  document.addEventListener('sse:new-notification', () => {
+    const links = document.querySelectorAll('link[rel="icon"]')
+    links.forEach((link) => {
+      const href = link.getAttribute('href')
+      if (href && href.includes('favicon') && !href.endsWith('-badge.svg')) {
+        const newHref = href.replace('.svg', '-badge.svg')
+        link.setAttribute('href', newHref)
+      }
+    })
+  })
+</script>

web/src/components/Footer.astro

@@ -1,6 +1,7 @@
 ---
 import { Icon } from 'astro-icon/components'
-import { SOURCE_CODE_URL, I2P_ADDRESS, ONION_ADDRESS } from 'astro:env/server'
+import { SOURCE_CODE_URL } from 'astro:env/client'
+import { I2P_ADDRESS, ONION_ADDRESS } from 'astro:env/server'
 
 import { cn } from '../lib/cn'
 
@@ -33,6 +34,12 @@ const links = [
     icon: 'ri:plug-line',
     external: false,
   },
+  {
+    href: '/feeds',
+    label: 'RSS',
+    icon: 'ri:rss-line',
+    external: false,
+  },
   {
     href: '/about',
     label: 'About',
@@ -49,7 +56,10 @@ const links = [
 const { class: className, ...htmlProps } = Astro.props
 ---
 
-<footer class={cn('flex items-center justify-center gap-6 p-4', className)} {...htmlProps}>
+<footer
+  class={cn('xs:gap-x-6 flex flex-wrap items-center justify-center gap-x-3 gap-y-2 p-4', className)}
+  {...htmlProps}
+>
   {
     links.map(
       ({ href, label, icon, external }) =>
@@ -58,9 +68,9 @@ const { class: className, ...htmlProps } = Astro.props
             href={href}
             target={external ? '_blank' : undefined}
             rel={external ? 'noopener noreferrer' : undefined}
-            class="text-day-500 flex items-center gap-1 text-sm transition-colors hover:text-gray-200 hover:underline"
+            class="text-day-500 xs:gap-1 flex items-center gap-0.5 text-sm transition-colors hover:text-gray-200 hover:underline"
           >
-            <Icon name={icon} class="h-4 w-4" />
+            <Icon name={icon} class="xs:opacity-100 h-4 w-4 opacity-40" />
             {label}
           </a>
         )

web/src/components/Header.astro

@@ -3,8 +3,8 @@ import { Icon } from 'astro-icon/components'
 import { sample } from 'lodash-es'
 
 import { splashTexts } from '../constants/splashTexts'
+import { DEPLOYMENT_MODE } from '../lib/client/envVariables'
 import { cn } from '../lib/cn'
-import { DEPLOYMENT_MODE } from '../lib/envVariables'
 import { makeLoginUrl, makeUnimpersonateUrl } from '../lib/redirectUrls'
 
 import AdminOnly from './AdminOnly.astro'
@@ -37,6 +37,7 @@ const splashText = showSplashText ? sample(splashTexts) : null
     }
   )}
   transition:name="header-container"
+  aria-label="Header"
 >
   <nav class={cn('container mx-auto flex h-full w-full items-stretch justify-between px-4', classNames?.nav)}>
     <div class="@container -ml-4 flex max-w-[192px] grow-99999 items-center">
@@ -123,6 +124,7 @@ const splashText = showSplashText ? sample(splashTexts) : null
           transition:name="header-admin-link"
           text="Admin Dashboard"
           position="left"
+          aria-label="Admin Dashboard"
         >
           <Icon name="ri:home-gear-line" class="size-10" />
         </Tooltip>

web/src/components/HeaderNotificationIndicator.astro

@@ -27,6 +27,8 @@ const count =
   user && (
     <a
       href="/notifications"
+      data-notification-count-link
+      data-current-count={count}
       class={cn(
         'group relative flex cursor-pointer items-center justify-center text-gray-400 transition-colors duration-100 hover:text-white',
         className
@@ -35,11 +37,32 @@ const count =
       {...htmlProps}
     >
       <Icon name="material-symbols:notifications-outline" class="size-5" />
-      {count > 0 && (
+      <span
-        <span class="absolute top-[calc(50%-var(--spacing)*3.5)] right-[calc(50%-var(--spacing)*3.5)] flex size-3.5 items-center justify-center rounded-full bg-blue-600 text-[10px] font-bold tracking-tighter text-white group-hover:bg-blue-500">
+        data-notification-count-badge
-          {count > 99 ? '★' : count.toLocaleString()}
+        class="absolute top-[calc(50%-var(--spacing)*3.5)] right-[calc(50%-var(--spacing)*3.5)] flex size-3.5 items-center justify-center rounded-full bg-blue-600 text-[10px] font-bold tracking-tighter text-white group-hover:bg-blue-500 empty:hidden"
-        </span>
+      >
-      )}
+        {count > 0 ? (count > 99 ? '★' : count.toLocaleString()) : ''}
+      </span>
     </a>
   )
 }
+
+<script>
+  document.addEventListener('sse:new-notification', () => {
+    document.querySelectorAll<HTMLElement>('[data-notification-count-link]').forEach((link) => {
+      const currentCount = Number(link.getAttribute('data-current-count') || 0)
+      const newCount = currentCount + 1
+
+      link.querySelectorAll<HTMLElement>('[data-notification-count-badge]').forEach((badge) => {
+        badge.textContent = newCount > 0 ? (newCount > 99 ? '★' : newCount.toLocaleString()) : ''
+      })
+
+      link.setAttribute(
+        'aria-label',
+        `Go to notifications${newCount > 0 ? ` (${newCount.toLocaleString()} unread)` : ''}`
+      )
+
+      link.setAttribute('data-current-count', String(newCount))
+    })
+  })
+</script>

web/src/components/HtmxScript.astro

@@ -3,7 +3,7 @@
 ---
 
 <script>
-  import * as htmx from 'htmx.org'
+  import htmx from 'htmx.org'
 
   htmx.config.globalViewTransitions = false
 

web/src/components/InputCardGroup.astro

@@ -20,7 +20,6 @@ type Props<Multiple extends boolean = false> = Omit<
     iconClass?: string
     description?: MarkdownString
     disabled?: boolean
-    noTransitionPersist?: boolean
   }[]
   disabled?: boolean
   selectedValue?: Multiple extends true ? string[] : string
@@ -70,7 +69,7 @@ const hasError = !!wrapperProps.error && wrapperProps.error.length > 0
           )}
         >
           <input
-            transition:persist={option.noTransitionPersist || !multiple ? undefined : true}
+            transition:persist
             type={multiple ? 'checkbox' : 'radio'}
             name={wrapperProps.name}
             value={option.value}

web/src/components/InputCheckbox.astro

@@ -0,0 +1,63 @@
+---
+import { cn } from '../lib/cn'
+
+import type InputWrapper from './InputWrapper.astro'
+import type { AstroChildren } from '../lib/astro'
+import type { ComponentProps } from 'astro/types'
+
+type Props = Pick<ComponentProps<typeof InputWrapper>, 'error' | 'name' | 'required'> & {
+  disabled?: boolean
+  checked?: boolean
+  descriptionInline?: string
+  id?: string
+} & (
+    | {
+        label: string
+        children?: undefined
+      }
+    | {
+        label?: undefined
+        children: AstroChildren
+      }
+  )
+
+const { disabled, name, required, error, id, label, checked, descriptionInline } = Astro.props
+
+const hasError = !!error && error.length > 0
+---
+
+<div>
+  <label
+    class={cn(
+      'inline-flex cursor-pointer items-center gap-2',
+      hasError && 'text-red-300',
+      disabled && 'cursor-not-allowed opacity-50'
+    )}
+  >
+    <input
+      transition:persist
+      type="checkbox"
+      id={id}
+      name={name}
+      required={required}
+      disabled={disabled}
+      checked={checked}
+      class={cn(disabled && 'opacity-50')}
+    />
+    <span class="text-sm leading-none text-pretty">{label ?? <slot />}</span>
+    {descriptionInline && <p class="text-day-400 text-xs">{descriptionInline}</p>}
+  </label>
+
+  {
+    hasError &&
+      (typeof error === 'string' ? (
+        <p class="text-sm text-red-500">{error}</p>
+      ) : (
+        <ul class="text-sm text-red-500">
+          {error.map((e) => (
+            <li>{e}</li>
+          ))}
+        </ul>
+      ))
+  }
+</div>

web/src/components/InputSelect.astro

@@ -14,10 +14,11 @@ type Props = Omit<ComponentProps<typeof InputWrapper>, 'children' | 'inputId' |
     value: string
     disabled?: boolean
   }[]
-  selectProps?: Omit<HTMLAttributes<'select'>, 'name'>
+  selectProps?: Omit<HTMLAttributes<'select'>, 'name' | 'value'>
+  selectedValue?: string[] | string
 }
 
-const { options, selectProps, ...wrapperProps } = Astro.props
+const { options, selectProps, selectedValue, ...wrapperProps } = Astro.props
 
 const inputId = selectProps?.id ?? Astro.locals.makeId(`input-${wrapperProps.name}`)
 const hasError = !!wrapperProps.error && wrapperProps.error.length > 0
@@ -39,7 +40,15 @@ const hasError = !!wrapperProps.error && wrapperProps.error.length > 0
   >
     {
       options.map((option) => (
-        <option value={option.value} disabled={option.disabled}>
+        <option
+          value={option.value}
+          disabled={option.disabled}
+          selected={
+            Array.isArray(selectedValue)
+              ? selectedValue.includes(option.value)
+              : selectedValue === option.value
+          }
+        >
           {option.label}
         </option>
       ))

web/src/components/InputTextArea.astro

@@ -27,6 +27,7 @@ const hasError = !!wrapperProps.error && wrapperProps.error.length > 0
     class={cn(
       baseInputClassNames.input,
       baseInputClassNames.textarea,
+      !!inputProps?.rows && 'h-auto',
       inputProps?.class,
       hasError && baseInputClassNames.error,
       !!inputProps?.disabled && baseInputClassNames.disabled

web/src/components/InputWrapper.astro

@@ -48,7 +48,9 @@ const hasError = !!error && error.length > 0
       <div class={cn('contents', !!descriptionLabel && 'flex flex-wrap items-center gap-x-4')}>
         <legend class={cn('font-title block text-sm font-medium', hasError && 'text-red-500')}>
           {icon && <Icon name={icon} class="inline-block size-4 align-[-0.2em]" />}
-          <label for={inputId}>{label}</label>
+          <label for={inputId} transition:persist>
+            {label}
+          </label>
           {required && '*'}
         </legend>
         {!!descriptionLabel && (

web/src/components/NotificationEventsScript.astro

@@ -0,0 +1,32 @@
+---
+
+---
+
+<script>
+  import { isBrowserNotificationsEnabled, showBrowserNotification } from '../lib/client/browserNotifications'
+  import {
+    makeBrowserNotificationOptions,
+    makeBrowserNotificationTitle,
+  } from '../lib/client/notificationOptions'
+
+  document.addEventListener('sse:new-notification', (event) => {
+    if (isBrowserNotificationsEnabled()) {
+      const payload = event.detail
+      const notification = showBrowserNotification(
+        makeBrowserNotificationTitle(payload.title),
+        makeBrowserNotificationOptions(payload, { removeActions: true })
+      )
+
+      // Handle notification click
+      if (notification) {
+        notification.onclick = () => {
+          const defaultAction = payload.actions.find((a) => a.url) ?? payload.actions[0]
+          if (defaultAction?.url) {
+            window.open(defaultAction.url, '_blank')
+          }
+          notification.close()
+        }
+      }
+    }
+  })
+</script>

web/src/components/OgImage.tsx

@@ -9,6 +9,7 @@ import defaultOGImage from '../assets/ogimage.png'
 import { makeOverallScoreInfo } from '../lib/overallScore'
 import { urlWithParams } from '../lib/urls'
 
+import type { VerificationStatus } from '@prisma/client'
 import type { APIContext } from 'astro'
 import type { Prettify } from 'ts-essentials'
 
@@ -107,6 +108,7 @@ export const ogImageTemplates = {
       categories,
       score,
       imageUrl,
+      verificationStatus,
     }: {
       title: string
       description: string
@@ -116,6 +118,7 @@ export const ogImageTemplates = {
       }[]
       score: number
       imageUrl: string | null
+      verificationStatus: VerificationStatus | null
     },
     context
   ) => {
@@ -272,6 +275,37 @@ export const ogImageTemplates = {
           >
             <path d="M1 0a1 1 0 0 0-1 1v26a1 1 0 0 0 1 1h74a1 1 0 0 0 1-1V1a1 1 0 0 0-1-1Zm4 4h2a1 1 0 0 1 1 1v6a1 1 0 0 0 1 1h6a1 1 0 0 1 1 1v3h3a1 1 0 0 1 1 1v3h3a1 1 0 0 1 1 1v2a1 1 0 0 1-1 1h-2a1 1 0 0 1-1-1v-3h-3a1 1 0 0 1-1-1v-3H9a1 1 0 0 0-1 1v6a1 1 0 0 1-1 1H5a1 1 0 0 1-1-1V5a1 1 0 0 1 1-1Zm12 0h3a1 1 0 0 1 1 1v3a1 1 0 0 1-1 1h-3a1 1 0 0 1-1-1V5a1 1 0 0 1 1-1zm12.82 0h2.37a1 1 0 0 1 .85.46L38 12.27l4.97-7.8A1 1 0 0 1 43.8 4h2.37a1 1 0 0 1 .85 1.54l-6.87 10.8a1 1 0 0 0-.16.53V23a1 1 0 0 1-1 1h-2a1 1 0 0 1-1-1v-6.13a1 1 0 0 0-.15-.53l-6.87-10.8A1 1 0 0 1 29.82 4ZM57 4h14a1 1 0 0 1 1 1v2a1 1 0 0 1-1 1H56v12h15a1 1 0 0 1 1 1v2a1 1 0 0 1-1 1H57a1 1 0 0 1-1-1v-3h-3a1 1 0 0 1-1-1V9a1 1 0 0 1 1-1h3V5a1 1 0 0 1 1-1zm24 0a1 1 0 0 0-1 1v18a1 1 0 0 0 1 1h2a1 1 0 0 0 1-1V7.6l9.18 15.9c.18.3.5.5.86.5H99a1 1 0 0 0 1-1V5a1 1 0 0 0-1-1h-2a1 1 0 0 0-1 1v15.4L86.83 4.5a1 1 0 0 0-.87-.5Zm29 0a1 1 0 0 0-1 1v3h12V5a1 1 0 0 0-1-1zm11 4v12h3a1 1 0 0 0 1-1V9a1 1 0 0 0-1-1zm0 12h-12v3a1 1 0 0 0 1 1h10a1 1 0 0 0 1-1zm-12 0V8h-3a1 1 0 0 0-1 1v10a1 1 0 0 0 1 1zm21-16a1 1 0 0 0-1 1v6a1 1 0 0 0 1 1h2a1 1 0 0 0 1-1V8h4v15a1 1 0 0 0 1 1h2a1 1 0 0 0 1-1V8h4v3a1 1 0 0 0 1 1h2a1 1 0 0 0 1-1V5a1 1 0 0 0-1-1zm27 0a1 1 0 0 0-1 1v18a1 1 0 0 0 1 1h2a1 1 0 0 0 1-1V11.4l5.53 12.02a1 1 0 0 0 .91.58h3.12a1 1 0 0 0 .91-.58L176 11.4V23a1 1 0 0 0 1 1h2a1 1 0 0 0 1-1V5a1 1 0 0 0-1-1h-3.36a1 1 0 0 0-.9.58L168 19.21l-6.73-14.63a1 1 0 0 0-.9-.58Zm32 0a1 1 0 0 0-1 1v3h15a1 1 0 0 0 1-1V5a1 1 0 0 0-1-1zm-1 4h-3a1 1 0 0 0-1 1v14a1 1 0 0 0 1 1h18a1 1 0 0 0 1-1v-2a1 1 0 0 0-1-1h-14a1 1 0 0 1-1-1v-3h7a1 1 0 0 0 1-1v-2a1 1 0 0 0-1-1h-7zm-38 12a1 1 0 0 0-1 1v2a1 1 0 0 0 1 1h2a1 1 0 0 0 1-1v-2a1 1 0 0 0-1-1z" />
           </svg>
+          {verificationStatus === 'VERIFICATION_FAILED' && (
+            <div
+              style={{
+                position: 'absolute',
+                top: 0,
+                left: 0,
+                right: 0,
+                bottom: 0,
+                display: 'flex',
+                alignItems: 'center',
+                justifyContent: 'center',
+              }}
+            >
+              <div
+                style={{
+                  transform: 'rotate(-20deg)',
+                  fontSize: 200,
+                  fontWeight: 'bold',
+                  color: 'red',
+                  backgroundColor: 'rgba(0, 0, 0, 0.5)',
+                  boxShadow: '0 0 15px 30px rgba(0, 0, 0, 0.5)',
+                  border: '15px solid red',
+                  borderRadius: 15,
+                  padding: '10px 50px',
+                  textAlign: 'center',
+                }}
+              >
+                SCAM
+              </div>
+            </div>
+          )}
         </div>
       ),
       defaultOptions