[ { "path": "CONTRIBUTING.md", "content": "> Thank you for considering a contribution to **SafeNova**. This document explains how to do it properly so your effort isn't wasted and the review process goes smoothly.\n\n\n\n## πŸ“š Table of Contents\n\n- [🧭 Before you start](#before-you-start)\n- [πŸ› Reporting bugs](#reporting-bugs)\n- [πŸ’‘ Suggesting features](#suggesting-features)\n- [πŸ”€ Submitting a pull request](#submitting-a-pull-request)\n - [Setting up the environment](#setup)\n - [Branch naming](#branch-naming)\n - [Commit messages](#commit-messages)\n - [Pull request checklist](#pr-checklist)\n- [🎨 Code style](#code-style)\n - [General rules](#style-general)\n - [JavaScript specifics](#style-js)\n - [HTML & CSS](#style-html-css)\n- [πŸ” Security contribution rules](#security-rules)\n- [🚫 What we do NOT accept](#not-accepted)\n\n---\n\n\n\n## 🧭 Before you start\n\nSafeNova is a security-first project. Before touching anything, spend time understanding how it actually works:\n\n- Read the full [README](./README.md) β€” especially the [SafeNova Proactive](./README.md#safenova-proactive), [Encryption](./README.md#encryption), and [How containers work](./README.md#how-containers-work) sections\n- Understand the [project structure](./README.md#project-structure) β€” each file has a specific, narrow responsibility\n- Look at the existing code style before writing a single line\n\n> **The codebase is small and intentional.** There are no dead files, no legacy layers, no placeholder code. If something looks unusual, there is almost always a documented reason for it β€” read the surrounding comments before assuming it is wrong.\n\n---\n\n\n\n## πŸ› Reporting bugs\n\nUse [GitHub Issues](https://github.com/DosX-dev/SafeNova/issues) to report bugs. Before opening a new issue:\n\n- Check if the issue already exists\n- Reproduce the bug on the latest version\n- Make sure it happens in a supported browser (Chrome 90+, Firefox 90+, Safari 15+, Edge 90+)\n\nA good bug report includes:\n\n| Field | What to provide |\n| --------------- | ----------------------------------------------------------------------------- |\n| **Description** | What happened vs. what you expected |\n| **Steps** | Exact numbered steps to reproduce |\n| **Environment** | Browser name + version, OS, online vs. local |\n| **Logs** | DevTools console output if relevant β€” paste as text, not a screenshot |\n| **Severity** | Does it cause data loss? Does it affect security? Does it only affect the UI? |\n\n> **If the bug is security-related** (data exposure, bypass of any protection layer, key material leakage), do **not** file a public issue. See [Security contribution rules](#security-rules) below.\n\n---\n\n\n\n## πŸ’‘ Suggesting features\n\nOpen a [GitHub Issue](https://github.com/DosX-dev/SafeNova/issues) with the `enhancement` label. Describe:\n\n- **What problem it solves** β€” not just what it does, but why it matters\n- **Who benefits** β€” casual user, power user, security-conscious user?\n- **Alternatives you considered** β€” shows you thought it through\n- **Any security implications** β€” SafeNova handles encrypted data; new features can introduce new attack surface\n\nFeatures that don't have a clear security story or that add complexity without proportional value will likely be declined. That's not a rejection of effort β€” it's a design constraint.\n\n---\n\n\n\n## πŸ”€ Submitting a pull request\n\n\n\n### Setting up the environment\n\nThere is no build step. The project runs as static files:\n\n```powershell\n# Clone the repo\ngit clone https://github.com/DosX-dev/SafeNova.git\ncd SafeNova\n\n# Start the local server\n.\\.server.ps1\n```\n\nThe server starts on port `7777` (or the next free port) and opens the app in your browser. Edit files directly in `src/` β€” no bundler, no transpiler, no `npm install`.\n\n\n\n### Branch naming\n\n| Prefix | Use for | Example |\n| ----------- | -------------------------------------------- | -------------------------------- |\n| `fix/` | Bug fixes | `fix/export-blob-url` |\n| `feature/` | New functionality | `feature/keyboard-shortcut-copy` |\n| `refactor/` | Code cleanup with no behavior change | `refactor/vfs-node-validation` |\n| `docs/` | Documentation only | `docs/contributing-guide` |\n| `security/` | Security improvements (discuss in DMs first) | `security/csp-worker-src` |\n\n\n\n### Commit messages\n\nKeep them short and imperative:\n\n```\nFix export producing HTML instead of blob data\nAdd keyboard shortcut for container lock\nRefactor VFS orphan detection to O(n) pass\n```\n\nNo issue numbers in the subject line β€” put those in the PR description instead. No `WIP:` commits in the final branch.\n\n\n\n### Pull request checklist\n\nBefore marking the PR as ready for review:\n\n- [ ] Tested in at least one supported browser\n- [ ] No `console.log` or debug artifacts left in the code\n- [ ] No new external dependencies introduced\n- [ ] Existing behavior is not broken for cases you didn't touch\n- [ ] If you changed `daemon.js` β€” read [Security contribution rules](#security-rules) first\n- [ ] PR description explains **what** changed and **why**, not just **how**\n\n---\n\n\n\n## 🎨 Code style\n\n\n\n### General rules\n\n- **Match the style of the file you're editing.** Indentation, spacing, quote style, comment language β€” all of it. Don't mix styles within a file\n- **No unnecessary abstractions.** Don't create a helper for something used once. Don't design for hypothetical future requirements\n- **Comments explain _why_, not _what_.** If the code is obvious, don't comment it. If it isn't obvious, explain the reasoning β€” not the mechanics\n- **No dead code.** Don't comment out unused blocks and leave them β€” delete them\n\n\n\n### JavaScript specifics\n\nThe codebase is vanilla ES2020+ JavaScript β€” no frameworks, no TypeScript. A few conventions to follow:\n\n- Use `const` for everything that doesn't need reassignment, `let` otherwise. No `var`\n- Prefer early returns over deep nesting\n- Async functions use `async/await` β€” no raw `.then()` chains unless combining with `Promise.allSettled` or similar\n- String concatenation uses template literals `` `${x}` `` for readability; the concatenation operator `'' + x` is reserved for places where `String()` calls must be avoided for security reasons (see `daemon.js` for context)\n- `for` loops with index variables for performance-critical paths; `for...of` for readability in non-critical paths\n- Group related declarations on one line when they are semantically linked:\n ```js\n // Good β€” same logical unit\n let offset = 0,\n count = 0,\n valid = true;\n ```\n\n\n\n### HTML & CSS\n\n- HTML attributes stay on one line unless there are more than ~4 and readability suffers\n- CSS follows the existing class naming β€” BEM is not enforced, but names should be descriptive and scoped to their component\n- No inline styles in HTML except where dynamic values make them unavoidable (e.g. `style=\"left: ${x}px\"`)\n- No `!important` except where intentional override is the documented purpose (e.g. lockdown veil)\n\n---\n\n\n\n## πŸ” Security contribution rules\n\nSafeNova handles **encrypted data and derived cryptographic keys in a live browser environment**. This makes security changes fundamentally different from normal feature work.\n\n**If your change touches any of the following, open a discussion issue or contact the maintainer before writing code:**\n\n- `daemon.js` β€” the Proactive anti-tamper runtime guard\n- `crypto.js` β€” AES-256-GCM + Argon2id layer\n- `state.js` β€” session key storage and three-source key wrapping\n- `db.js` β€” IndexedDB abstraction (container and file record layout)\n- The Content Security Policy in `index.html`\n- Any change that relaxes an existing restriction (e.g. whitelisting a new URL scheme, removing a hook)\n\n> **Why the extra step?** Security changes that look correct can introduce subtle regressions. The Proactive guard in particular has carefully documented reasons for every design decision β€” a change that seems like a simplification may silently remove a specific defense. Discussing first prevents a PR that cannot be merged from wasting your time.\n\n**Responsible disclosure for vulnerabilities:** If you find a security vulnerability (bypass of the Proactive guard, key material leakage, CSP bypass, etc.), please **do not file a public issue**. Contact the maintainer directly through GitHub. You will get credit in the changelog.\n\n---\n\n\n\n## 🚫 What we do NOT accept\n\nTo save everyone's time β€” PRs in the following categories will be closed without merge:\n\n| Category | Reason |\n| ---------------------------------- | ------------------------------------------------------------------------------------------------------- |\n| External runtime dependencies | SafeNova has zero external dependencies by design. Adding `npm` packages is a non-starter |\n| Framework migrations | React, Vue, Svelte, etc. β€” no. The codebase is intentionally framework-free |\n| TypeScript conversion | Not planned. |\n| Weakened security controls | Any change that removes or relaxes an existing Proactive check, CSP directive, or encryption constraint |\n| UI cosmetic overhauls | Minor tweaks are fine; wholesale redesigns need prior discussion |\n| Localization / i18n infrastructure | Out of scope for the current version |\n\n---\n\nIf you're unsure whether your idea fits β€” just open an issue and ask. It's faster than writing code that doesn't land.\n" }, { "path": "LICENSE", "content": "MIT License\n\nCopyright (c) 2023-2026 DosX\n\nPermission is hereby granted, free of charge, to any person obtaining a copy\nof this software and associated documentation files (the \"Software\"), to deal\nin the Software without restriction, including without limitation the rights\nto use, copy, modify, merge, publish, distribute, sublicense, and/or sell\ncopies of the Software, and to permit persons to whom the Software is\nfurnished to do so, subject to the following conditions:\n\nThe above copyright notice and this permission notice shall be included in all\ncopies or substantial portions of the Software.\n\nTHE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\nIMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,\nFITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE\nAUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER\nLIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,\nOUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE\nSOFTWARE.\n" }, { "path": "README.md", "content": "\n\n> ### Try it online: [https://safenova.dosx.su/](https://safenova.dosx.su/)\n\n\n\n## ❔ What it is\n\nSafeNova is a single-page web app that lets you create encrypted **containers** β€” isolated vaults where you can organize files in a folder structure, much like a regular desktop file manager. Everything is encrypted client-side before being written to storage. Nothing ever leaves your device.\n\n![](./pics/screenshot.png)\n\nKey properties:\n\n- **Zero-knowledge** β€” the app never sees your password or plaintext data\n- **Offline-first** β€” works entirely without network access\n- **No installation** β€” start the local server and you're running (or use online)\n\n---\n\n## πŸ“š Table of Contents\n\n- [❔ What it is](#what-it-is)\n- [πŸš€ Getting started](#getting-started)\n - [Option A β€” Use online version](#getting-started-online)\n - [Option B β€” Local server](#getting-started-local)\n- [πŸ“‹ Requirements](#requirements)\n- [βš™οΈ Features](#features)\n- [βš”οΈ SafeNova vs. the Competition](#comparison)\n- [πŸ“ Project structure](#project-structure)\n- [πŸ”’ How containers work](#how-containers-work)\n- [πŸ“„ The `.safenova` Container Format](#container-format)\n - [Archive sections](#container-format-archive-sections)\n - [Design properties](#container-format-design-properties)\n- [πŸ” Encryption](#encryption)\n - [Session token security](#session-token-security)\n - [Current tab session](#current-tab-session)\n - [Stay signed in](#stay-signed-in)\n - [Three-source key wrapping](#three-source-key-wrapping)\n - [Session payload format](#session-payload-format)\n - [Remaining trade-off](#remaining-trade-off)\n- [πŸ” Content Security Policy](#content-security-policy)\n - [Meta tag](#csp-meta-tag)\n - [Server-level headers](#csp-server-headers)\n- [πŸ›‘οΈ Cross-Tab Session Protection](#cross-tab-session-protection)\n- [πŸ›‘ Duress Password](#duress-password)\n - [How it works](#duress-how-it-works)\n - [Why this design](#duress-why-this-design)\n - [Technical details](#duress-technical-details)\n- [πŸ”¬ SafeNova Proactive Anti-Tamper](#safenova-proactive-antitamper)\n - [Startup sequence](#proactive-startup-sequence)\n - [Why native restoration matters](#proactive-native-restoration-advantage)\n - [Real-time watchdog](#proactive-watchdog)\n - [Watchdog resilience](#proactive-watchdog-resilience)\n - [Intentionally excluded from checks](#proactive-excluded-checks)\n - [Network request interception](#proactive-network-interception)\n - [DOM exfiltration defense](#proactive-dom-exfiltration)\n - [Threat response](#proactive-threat-response)\n - [Design philosophy](#proactive-design-philosophy)\n - [Hook opacity](#proactive-hook-opacity)\n- [πŸ” Container Integrity Scanner](#container-integrity-scanner)\n - [Phase 1 β€” VFS structural checks](#scanner-phase-1)\n - [Phase 2 β€” Database-level checks](#scanner-phase-2)\n- [⚑ Performance](#performance)\n - [Adaptive concurrency](#adaptive-concurrency)\n - [Bulk upload](#bulk-upload)\n - [ZIP export](#zip-export)\n - [Password change](#password-change)\n - [Container export](#container-export)\n - [Drag-and-drop performance](#drag-drop-performance)\n- [πŸ“± Mobile Touch Support](#mobile-touch-support)\n - [Long-press to drag](#mobile-long-press)\n - [Multi-file drag](#mobile-multi-file-drag)\n - [Context menu](#mobile-context-menu)\n - [Paste at finger position](#mobile-paste-at-finger-position)\n - [Overscroll](#mobile-overscroll)\n- [�️ Security Audit Changelog](#security-audit)\n- [οΏ½πŸ› οΈ Contribute](#contribute)\n- [πŸ’¬ Community](#community)\n- [🀝 Thanks to all contributors](#thanks)\n\n---\n\n\n\n## πŸš€ Getting started\n\n\n\n### Option A β€” Use online version\n\nSafeNova is hosted on: [https://safenova.dosx.su/](https://safenova.dosx.su/)\n\n\n\n### Option B β€” Local server\n\nA zero-dependency PowerShell server is included:\n\n```powershell\n.\\\\.server.ps1\n```\n\nOr right-click the file β†’ **Run with PowerShell**. It starts an HTTP server on port `7777` (or the next free port) and opens the app in your default browser.\n\nNo external installs needed β€” it uses the Windows built-in `HttpListener`.\n\n---\n\n\n\n## πŸ“‹ Requirements\n\n- A modern browser: **Chrome 90+**, **Firefox 90+**, **Safari 15+**, or **Edge 90+**\n- Web Crypto API must be available β€” this requires either **HTTPS** or **`localhost`**\n- No plugins, no extensions, no backend\n\n---\n\n\n\n## βš™οΈ Features\n\n- **Multiple containers** β€” each with its own password and independent storage limit (8 GB per container)\n- **Virtual filesystem** β€” nested folders, drag-to-reorder icons, customizable folder colors\n- **File operations** β€” upload (drag & drop or browse; folder upload with 4Γ— parallel encryption), download, copy, cut, paste, rename, delete\n- **Built-in viewers** β€” text editor, image viewer, audio/video player, PDF viewer\n- **Hardware key support** β€” optionally use a WebAuthn passkey to strengthen the container salt\n- **Session memory** β€” optionally remember your session per tab (ephemeral, recommended) or persistently until manually signed out, using AES-GCM-encrypted session tokens; persistent sessions survive browser restarts\n- **Cross-tab session protection** β€” a container can only be actively open in one browser tab at a time; a lightweight lock protocol detects conflicts and offers instant session takeover\n- **Container import / export** β€” portable `.safenova` container files; import reads the archive via streaming `File.slice()` without loading the full file into memory, making multi-gigabyte imports possible; export streams data chunk-by-chunk requiring no single contiguous allocation regardless of container size\n- **Export password guard** β€” configurable setting (on by default) to require password confirmation before exporting; when disabled, the container key is taken directly from the active session if one is open; if no session is present, a pre-generated encrypted export cache stored in IDB is used β€” the cache payload is deflate-compressed before encryption, reducing its IDB footprint significantly for containers with many files; the compressed bytes are then wrapped with a per-container HKDF-SHA-256 derived key (AES-256-GCM), making the cache browser-independent; if the cache is absent or stale (file count or sizes changed), the context menu shows a red dot and falls back to a password prompt β€” after a successful password-prompted export the cache is rebuilt automatically so subsequent exports require no password; the cache is invalidated on password change or settings re-enable\n- **Quick export button** β€” dedicated **Export** button in the desktop toolbar provides one-click passwordless export when the export password guard is disabled\n- **Sort & arrange** β€” sort icons by name, date, size, or type; drag to custom positions\n- **Secure container deletion** β€” before permanent erasure, every encrypted blob is cryptographically pre-shredded: inline files have random bytes XOR-flipped (position and delta are unknown and unlogged); large chunked files have their AES-GCM IV zeroed, making decryption unconditionally impossible and the operation maximally fast; heavy internal blobs (deferred workspace data, export cache, audit log) are explicitly nullified before the record is deleted so that the browser immediately releases persistent storage and the freed space is reflected without waiting for lazy garbage collection\n- **Duress password** β€” optional panic password that, when entered anywhere (unlock, change password, export), looks exactly like an incorrect password but silently destroys all encrypted data in the background; see [Duress Password](#duress-password) below\n- **SafeNova Proactive** β€” runtime protection module that loads first in ``, captures all security-critical native function references at startup (including `String.prototype.toLowerCase`, `String.prototype.indexOf`, and `String.prototype.slice` for tamper-proof string operations), validates every capture is truly native (pre-capture tampering guard), hooks outbound network APIs (fetch, XHR, sendBeacon, WebSocket, window.open, EventSource, Worker/SharedWorker β€” including `data:` and same-origin `blob:` workers) and DOM exfiltration vectors (setAttribute, innerHTML/outerHTML, insertAdjacentHTML, document.write, Location navigation, form submit, resource property setters) to block external requests, silently removes dynamically injected external scripts via MutationObserver, blocks `eval` and `new Function()` constructors, guards string callbacks in setTimeout/setInterval, and runs a quadruple-redundant watchdog with timer-ID protection and a dead man's switch heartbeat β€” if the watchdog is killed, the app auto-locks all containers\n- **Container integrity scanner** β€” 28 automated checks (21 VFS structural + 7 database-level) with one-click auto-repair, **Deep Clean** (flattens over-nested folder trees, repairs all metadata), and a backup prompt before any destructive operation; includes file decryption verification that detects corrupted or unreadable blobs (including those silently destroyed by the duress trigger)\n- **Settings** β€” three tabs: personalization, statistics, activity logs\n- **Keyboard shortcuts** β€” `Delete`, `F2`, `Ctrl+A`, `Ctrl+C/X/V`, `Ctrl+S` (save in editor), `Escape`, `End` (lock container β€” only when focus is not in a text field)\n- **Incognito / private-mode detection** β€” on first visit the app detects if the browser is in private/incognito mode (Chrome, Firefox, Safari) using engine-fingerprint-based checks (no UA sniffing). If detected, a one-time warning explains that IndexedDB is ephemeral in private mode and encrypted containers will be lost when the tab is closed; the user can acknowledge and continue normally, or switch to a regular browser window first\n- **Mobile-friendly** β€” long-press to drag icons, rubber-band selection, single/double-tap gestures, paste at finger position, multi-file drag with per-item snap previews\n\n---\n\n\n\n## βš”οΈ SafeNova vs. the Competition\n\nWe think SafeNova has real strengths worth knowing about β€” but every tool has its place. Compare for yourself and pick what fits your use case.\n\nLegend: βœ… Advantage / works well  Β·  ❌ Disadvantage / not supported  Β·  🟑 Partial / situational\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n
FeatureSafeNovaVeraCryptBitLockerCryptomator
Best suited forPersonal files on shared or managed machines β€” zero-install, browser-only, no disk tracesLarge encrypted volumes on own hardware; plausible deniabilityIT-managed Windows with full-disk encryption and central key recoveryEncrypting files before syncing to cloud (Dropbox, Google Drive, OneDrive…)
Cross-platformβœ… Any browser β€” Windows, macOS, Linux, Android, iOS🟑 Desktop only β€” Windows, macOS, Linux❌ Windows onlyβœ… Windows, macOS, Linux, Android, iOS
No installationβœ… Zero install, runs in the browser❌ Requires system installation❌ Windows Pro/Enterprise only❌ Requires a desktop or mobile app
Admin / root rightsβœ… None required❌ Required for mounting❌ Required🟑 None on Windows/iOS; macOS needs macFUSE; Linux needs FUSE
Encryption algorithmβœ… AES-256-GCM β€” authenticated encryption; every ciphertext has an integrity tagβœ… AES / Twofish / Serpent (configurable)🟑 AES-128/256 XTS β€” no authentication tagβœ… AES-256-GCM per file
Key derivationβœ… Argon2id β€” memory-hard; GPU brute-force is expensive🟑 PBKDF2-SHA-512 / Whirlpool β€” not memory-hard; GPU-crackable🟑 TPM-bound; password KDF is comparatively weakβœ… scrypt β€” memory-hard; comparable to Argon2id
Per-item authenticationβœ… GCM tag per chunk β€” tampering always detected❌ Block-level only; no per-file MAC❌ XTS provides no authenticationβœ… GCM tag per file
Portable containerβœ… Single .safenova file β€” copy anywhere, open anywhere🟑 Single container file, but fixed pre-allocated size❌ Tied to the Windows NTFS partition🟑 Folder of encrypted files β€” portable, but not a single archive
File stealer protectionβœ… Encrypted in IDB; never plaintext on disk❌ Mounted volume exposes all files to every process❌ Once unlocked, all files accessible to all processes🟑 Encrypted on disk; plaintext only in the virtual drive while open
Session / key managementβœ… Three-source HKDF wrap key; tab + browser sessions; cross-tab invalidation❌ Key in RAM while mounted; no session concept❌ TPM-derived at boot; no session control❌ Key in memory while open; no session tokens or expiry
Duress / emergency wipeβœ… Duress password silently destroys the container❌ Not supported❌ Not supported❌ Not supported
Runtime anti-tamperβœ… SafeNova Proactive β€” native API restoration, 20+ hooks, quadruple watchdog🟑 N/A β€” native binary; no browser JS attack surface🟑 N/A β€” same🟑 N/A β€” same
Content Security Policyβœ… Strict CSP (meta tag + server headers); blocks inline scripts and external loads🟑 N/A β€” browser mechanism; not applicable to native apps🟑 N/A β€” same🟑 N/A β€” same
Integrity scannerβœ… 28 automated checks (VFS + DB); auto-repair; decryption verification❌ No built-in scanning❌ No per-file integrity🟑 Detects corrupt files; no automated repair
Export / backupβœ… One-click export as .safenova or ZIP🟑 Container file is portable but fixed size; no incremental backup❌ Cannot export; tied to the Windows volumeβœ… Files sync individually β€” cloud acts as continuous backup
Data deletionβœ… Blob shredding + full IDB purge on delete🟑 Delete the file; OS journaling may retain fragments❌ Decryption leaves files; separate secure-erase needed🟑 Delete the vault; journaling applies; cloud may retain versions
Code auditabilityβœ… Open source; plain JS; no build pipelineβœ… Open source; multiple independent audits❌ Closed source; no audit possibleβœ… Open source; independent audits conducted
Performance at scale🟑 Good for typical files; slower than native for bulk operationsβœ… Native + AES-NI; minimal overheadβœ… Kernel driver + AES-NI; transparent to the OSβœ… Native; per-file overhead is minimal; handles large libraries
Targeted attack protection🟑 Blocks JS injection; limited against full-OS compromise🟑 Anti-forensic; cannot stop OS-level keyloggers❌ TPM bus sniffing (Evil Maid) is a known vector🟑 No special runtime protection; same OS-level limits
Storage size❌ Max 8 GB per container; IDB quota applies; not for large or industrial-scale dataβœ… Disk-only limit; terabyte-scale supportedβœ… Full drive at any capacityβœ… No built-in limit; disk / cloud quota only
Hidden volumes❌ Not supportedβœ… Hidden volumes + hidden OS partition❌ Not supported❌ Not supported
OS / filesystem integration❌ Browser sandbox only; no virtual drive mountβœ… Mounts as a real drive letter; full shell integrationβœ… Transparent OS encryption; Group Policy; BitLocker To Goβœ… Mounts as a virtual drive (WebDAV / FUSE)
Multi-user access❌ Single user per container❌ Single user at a time🟑 Multiple recovery keys; enterprise AD deployment❌ Single shared password; per-user control requires Cryptomator Hub (separate server)
\n\n---\n\n\n\n## πŸ“ Project structure\n\n```\nSafeNova/\nβ”‚\nβ”œβ”€β”€ index.html # Single-page app entry point\nβ”œβ”€β”€ favicon.png # Application icon\nβ”œβ”€β”€ .server.ps1 # Local PowerShell dev server (Windows)\nβ”‚\nβ”œβ”€β”€ css/\nβ”‚ └── app.css # All application styles\nβ”‚\n└── js/\n β”œβ”€β”€ proactive/\n β”‚ └── daemon.js # SafeNova Proactive β€” anti-tamper runtime integrity guard (loads first of all)\n β”œβ”€β”€ libs/\n β”‚ └── argon2.umd.min.js # Argon2id WASM/JS implementation (hashwasm)\n β”œβ”€β”€ detectors/\n β”‚ └── incognito.js # Incognito / private-mode detector β€” warns on first visit about limitations and risks\n β”œβ”€β”€ docmode.js # Pre-CSS docmode guard (runs before stylesheet loads)\n β”œβ”€β”€ initlog.js # Initialization stage console logger (InitLog)\n β”œβ”€β”€ constants.js # Shared constants (IDB names, limits, chunk size), utilities, icon SVGs, duress hash helpers\n β”œβ”€β”€ db.js # IDB abstraction β€” SafeNovaEFS (containers / files / vfs / chunks stores)\n β”œβ”€β”€ crypto.js # AES-256-GCM + Argon2id encryption layer\n β”œβ”€β”€ vfs.js # In-memory virtual filesystem (nodes, positions, child index)\n β”œβ”€β”€ state.js # App state singleton β€” key, session encrypt/decrypt, three-source wrap key\n β”œβ”€β”€ home.js # Container management: create, unlock, import, export, change password\n β”œβ”€β”€ desktop.js # Desktop UI: icons, folder windows, drag & drop, integrity scanner\n β”œβ”€β”€ fileops.js # File operations: upload, download, open, copy/paste, rename, delete, ZIP export; export cache management for passwordless export\n └── main.js # App boot, event binding, console security warning\n```\n\n---\n\n\n\n## πŸ”’ How containers work\n\n1. **Create** a container with a name and password\n2. **Unlock** the container β€” Argon2id derives the key from your password\n3. Files you upload are encrypted with AES-256-GCM before being saved to IDB\n4. The virtual filesystem (folder tree + icon positions) is also encrypted and saved separately\n5. **Lock** the container β€” the derived container key is wiped from memory; if the **Export password guard** setting is disabled, a pre-generated export cache (built when the setting was disabled and kept up to date after every file operation) remains in the database, ready for the next passwordless export\n6. **Delete** the container β€” first, every encrypted blob is cryptographically pre-shredded (random bytes XOR-flipped for inline files; IV zeroed for large chunked files); then heavy internal blobs (deferred workspace data, export cache, audit log) are nullified to force immediate browser-level storage release; finally all encrypted records, the VFS blob, and the container metadata are permanently deleted from IDB\n\nAll container data is scoped to the current browser and device. Use **Export Container** to back up or transfer to another device.\n\n---\n\n\n\n## πŸ“„ The `.safenova` Container Format\n\nExported containers are saved as `.safenova` files. This is a **self-contained structured archive** with a versioned, deterministic layout. It is designed so that no file content or filesystem metadata is ever present in plaintext within the archive.\n\n\n\n### Archive sections\n\n| Section | Role |\n| ---------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |\n| `container.xml` | Plaintext container manifest: name, creation timestamp, Argon2id salt, and the AES-GCM verification IV and blob needed to authenticate a password at import. No file names or content appear here |\n| `meta/0` | The IV (initialization vector) used to encrypt the VFS blob |\n| `meta/1` | The encrypted VFS blob β€” the complete folder hierarchy, file names, MIME types, sizes, timestamps, icon positions, and folder colors, all ciphertext |\n| `meta/2` | The IV for the encrypted file manifest |\n| `meta/3` | The encrypted file manifest β€” a JSON structure mapping each file's internal ID to its byte offset and length within `workspace.bin`, encrypted with the container key. When the export password guard is disabled, this blob is taken directly from the pre-built export cache stored in the container record, avoiding re-encryption at export time |\n| `safenova_efs/workspace.bin` | A single contiguous block of raw ciphertext β€” the encrypted content of every file, concatenated end-to-end. Without the decryption key, file boundaries and content are indistinguishable |\n| `meta/activity_logs/0` | _(Optional)_ The encrypted activity log, included only when the `exportWithLogs` container setting is enabled |\n\n\n\n### Design properties\n\n#### Zero plaintext leakage\n\nThe only identifiable plaintext in the archive is the container name in `container.xml` and the Argon2id salt. All file names, folder structure, and content are ciphertext.\n\n#### Lazy import\n\nA `.safenova` file can be imported without entering the container password. The archive is parsed via streaming slicing β€” only the directory and small metadata entries are fully read into memory; the `workspace.bin` payload is handled as a lightweight reference. The encrypted workspace is stored as-is internally and flagged as a deferred workspace. It is expanded into the local database only on first unlock β€” so import is instantaneous regardless of container size.\n\n#### Self-authenticating\n\nThe salt and verification blob in `container.xml` allow the application to confirm the correctness of a supplied password before touching any file data, preventing unnecessary decryption work.\n\n#### Versioned\n\nThe `version` attribute in the XML manifest distinguishes between format generations, enabling forward-compatible import logic. Currently only version 3 is supported; earlier formats have been retired.\n\n---\n\n\n\n## πŸ” Encryption\n\n| Layer | Algorithm |\n| ---------------- | ------------------------------------------------------ |\n| Key derivation | Argon2id (19 MB memory, 2 iterations, 1 thread) |\n| File encryption | AES-256-GCM (random 96-bit IV per file) |\n| VFS encryption | AES-256-GCM (same key, independent IV) |\n| Session tokens | AES-256-GCM, dual-key: per-tab ephemeral or persistent |\n| Browser key wrap | HKDF-SHA-256 from fingerprint + cookie + IDB |\n| Integrity check | AES-256-GCM verification blob authenticated on open |\n| Duress hash | SHA-256(random 32-byte salt β€– password), IDB-only |\n\nEvery file is encrypted individually β€” each with its own freshly generated IV. The virtual filesystem (folder tree, file names, sizes, positions) is encrypted as a separate blob using the same derived key. The plaintext password is never stored; only the derived key is held in JavaScript memory for the duration of an active session.\n\nFile keys are derived from passwords through **Argon2id** with OWASP-recommended minimum parameters (19 MB memory cost, 2 iterations), providing strong resistance against brute-force and GPU-accelerated attacks.\n\n\n\n### Session token security\n\nSafeNova uses a **dual-key model** for session storage β€” an ephemeral per-tab key and a persistent shared key β€” each scoped to a distinct user intent.\n\n\n\n#### Current tab session _(Recommended)_\n\nThe 32-byte Argon2id key material is encrypted with **`snv-sk`** β€” a per-tab AES-256-GCM key stored in `sessionStorage`. `snv-sk` is itself wrap-encrypted with the same three-source HKDF key as `snv-bsk` before being written to `sessionStorage`. This means:\n\n- The session blob (`snv-s-{cid}`) lives in `sessionStorage` and is readable only by the exact tab that created it\n- Closing the tab permanently destroys `snv-sk` β€” no residue remains in any persistent storage\n- An attacker with access to `localStorage`, `sessionStorage`, or disk snapshots gains nothing β€” even a raw `sessionStorage` dump does not expose the decryption key without also possessing the browser fingerprint, the `snv-kc` cookie, and the `SafeNovaKS` IDB record\n\nThis is the recommended option: the session is automatically gone as soon as the tab is closed.\n\n\n\n#### Stay signed in\n\nThe key material is encrypted with **`snv-bsk`** β€” a shared AES-256-GCM key available to all tabs of the same browser origin.\n\n\n\n#### Three-source key wrapping\n\nBefore `snv-bsk` is written to `localStorage`, it is itself encrypted with a separate _wrap key_ that is derived on-the-fly via **HKDF-SHA-256** from **three independent sources** and **never stored anywhere**:\n\n| # | Source | Storage | Purpose |\n| --- | ------------------- | --------------------------------------------- | ------------------------------------------------------------------------------------------------ |\n| 1 | Browser fingerprint | _(computed)_ | `origin \\0 userAgent \\0 platform \\0 language \\0 hardwareConcurrency \\0 colorDepth \\0 pixelDepth` |\n| 2 | `snv-kc` cookie | Cookie jar (`SameSite=Strict`, ~400 days TTL) | 32 random bytes, isolated from localStorage |\n| 3 | `snv-ki` record | Separate IDB `SafeNovaKS` | 32 random bytes, independent from main `SafeNovaEFS` database |\n\n```\nikm = fingerprint \\0 cookie_bytes(32) \\0 idb_bytes(32)\nwrap_key = HKDF-SHA-256( ikm, salt=0Γ—32, info=\"snv-browser-wrap-v3\" )\nsnv-bsk (localStorage) = IV(12) || AES-256-GCM( wrap_key, raw_bsk_bytes )\nsnv-sk (sessionStorage) = IV(12) || AES-256-GCM( wrap_key, raw_sk_bytes )\n```\n\nConsequences:\n\n- Any tab in the **same browser** recomputes the identical fingerprint, reads the same cookie and IDB secret β†’ identical wrap key β†’ can decrypt `snv-bsk` and resume the session seamlessly\n- An attacker must compromise **all three storage mechanisms** simultaneously to reconstruct the wrap key β€” `localStorage` alone, a disk image, or a partial export will not suffice:\n - Copying `localStorage` without the cookie and `SafeNovaKS` database β†’ wrap key cannot be derived β†’ `snv-bsk` is opaque\n - Clearing cookies invalidates the cookie component β†’ sessions become undecryptable\n - Deleting or moving the `SafeNovaKS` database invalidates the IDB component β†’ same effect\n- The fingerprint includes `navigator.userAgent` and `navigator.platform`, binding sessions to the specific browser version and OS. **Browser updates that change the UA string will invalidate existing sessions** β€” the user re-enters their password once and a new session is established automatically\n- If any of the three components change (fingerprint shift, cookie clearing, IDB loss), the stored `snv-bsk` can no longer be decrypted; a new key is generated automatically and the user must re-enter the password once β€” any `snv-sb-{cid}` blobs encrypted with the old key are silently dropped\n- **Legacy format migration:** `snv-bsk` and `snv-sk` entries written before wrap-encryption was introduced (raw 32-byte keys, no IV prefix) are detected by their exact byte length and silently re-wrapped in the current `IV(12) || AES-GCM` format on first access β€” no user action required\n- The session expires after **7 days** (TTL baked into the encrypted payload), or immediately on explicit sign-out\n\n\n\n#### Session payload format\n\nBoth scope types use the same blob layout: `IV(12) || AES-256-GCM(scope_key, expiry(8 bytes, uint64 LE) || raw_key(32 bytes))`. The AES-GCM call is authenticated with the container ID as additional data (`snv-session:{cid}`), preventing a blob from one container from being replayed to unlock a different container. Tab-scope sessions use `expiry = Number.MAX_SAFE_INTEGER` (no TTL β€” the tab's `sessionStorage` is the only lifetime bound); browser-scope sessions carry a hard 7-day expiry.\n\n\n\n#### Remaining trade-off\n\nAn attacker with live access to the running browser process (e.g. malicious extension, XSS) can still call the same fingerprint function, read the cookie, and query the `SafeNovaKS` IDB to derive the wrap key. The three-source wrapping layer protects against _offline_ credential theft (disk images, direct `localStorage` dumps, partial storage exports), not against in-browser code execution.\n\n---\n\n\n\n## πŸ”’ Content Security Policy\n\n\n\n### Meta tag (inline)\n\n`index.html` declares a strict per-directive CSP via ``:\n\n| Directive | Value |\n| ------------- | --------------------------- |\n| `default-src` | `'none'` |\n| `script-src` | `'self' 'wasm-unsafe-eval'` |\n| `style-src` | `'self' 'unsafe-inline'` |\n| `img-src` | `'self' blob: data:` |\n| `media-src` | `blob:` |\n| `frame-src` | `blob: about:` |\n| `font-src` | `'self'` |\n| `connect-src` | `'self'` |\n| `worker-src` | `'self' blob:` |\n| `base-uri` | `'self'` |\n| `form-action` | `'none'` |\n| `object-src` | `'none'` |\n\n`'unsafe-inline'` is absent from `script-src`. There are no inline `\n \n \n\n\n\n\n \n
\n
\n
Processing...
\n
\n\n \n
\n
\n
\n \n \n \n \n \n Private / Incognito Mode Detected\n
\n
\n

SafeNova stores encrypted containers in IndexedDB. Private mode imposes severe restrictions:

\n
    \n
  • Containers will be permanently lost when you close this window
    • \n
  • Sessions cannot persist between browser restarts
    • \n
  • Storage quota is capped
    • \n
\n

For reliable use, open SafeNova in a normal browser window.

\n
\n
\n \n
\n
\n
\n\n \n
\n
\n
\n \"logo\"\n SafeNovaEnterprise\n
\n \n
\n \n \n
\n
\n\n
\n
\n \n \n \n \n \n
\n All files are stored directly in your browser and are never sent to any server.\n Clearing site data, reinstalling the browser, or using a different browser/device will\n permanently erase all containers and files. Use the Export function to back up your data.\n
\n \n
\n
\n
SafeNova Containers
\n
\n
\n \n \n \n \n \n

No containers yet. Create your first one.

\n
\n
\n
\n\n
\n
\n \n Enterprise Security Platform\n
SafeNova — Keep it private.
\n

Store and manage your sensitive files in encrypted containers that never leave your browser — no servers, no accounts, no cloud. Your password is never saved anywhere; close the tab and access is gone instantly. The duress password silently destroys everything if you’re ever forced to open it. Runtime anti-tamper protection SafeNova Proactive shields your data in the background at all times.

\n
\n AES-256-GCM\n Argon2id\n Web Crypto API\n WebAuthn\n IndexedDB\n WASM\n
\n \n \n \n \n DosX-dev/SafeNova\n \n \n \n \n
\n \n
\n
\n\n
\n \n \n \n \n \n Low storage\n
\n\n
\n
\n Device Storage\n
\n
\n
\n -\n
\n
\n SafeNova\n
\n
\n
\n -\n
\n
\n
\n\n \n
\n
\n \n
\n \n \n \n \n \n
\n
\n
SafeNova
\n
-
\n
\n
\n
\n \n \n
\n
\n
\n
\n Deriving key (AES-256 / Argon2id)...\n
\n
\n
\n \n
\n \n \n
\n
\n \n
\n AES-256-GCM · Argon2id\n
\n
\n
\n\n \n
\n
\n \n
\n\n \n
\n \n \n \n\n \n \n
\n\n \n
\n \n
\n \n \n \n
\n\n
\n
\n \n \n \n Drop files to upload and encrypt\n
\n
\n
\n\n
\n \"logo\"\n -\n \n
\n -\n
\n
\n
\n 0%\n
\n \n
\n
\n\n \n \n \n\n \n
\n\n \n
\n\n \n
\n
\n Create New Container\n \n
\n
\n
\n \n \n
\n
\n \n
\n \n \n
\n
\n
\n
\n
\n \n \n
\n
\n \n \n \n \n \n The password cannot be recovered. If lost, all data in this container will be permanently inaccessible.\n
\n
\n \n \n \n \n \n SafeNova has no access to your data and takes no responsibility for data loss. All containers are stored exclusively in your browser.
Clearing browser data or switching devices will permanently destroy all files without the ability to recover them.\n
\n \n
\n
\n \n \n \n
\n
\n\n \n
\n
\n Text Editor\n
\n AES-256\n \n \n \n
\n
\n
\n
\n \n
\n
\n 0 chars\n 0 lines\n Modified\n
\n \n
\n
\n
Unsaved Changes
\n
You have unsaved changes. What would you like to do?
\n
\n \n \n \n
\n
\n
\n
\n\n \n
\n
\n File Viewer\n
\n \n \n
\n
\n
\n
\n\n \n
\n
\n Properties\n \n
\n
\n
\n \n
\n
\n\n \n
\n
\n Rename\n \n
\n
\n
\n \n \n
\n
\n
\n \n \n
\n
\n\n \n
\n
\n Confirm Delete\n \n
\n
\n

\n
\n
\n \n \n
\n
\n\n \n
\n
\n Container Already Open\n
\n
\n

\n is currently open in another tab or window.\n

\n

\n Opening it here will immediately lock the other session. Any unsaved state in that tab will be lost.\n

\n
\n
\n \n \n
\n
\n\n \n
\n
\n Disable Activity Logs?\n
\n
\n

All recorded activity history will be permanently cleared. Are you sure?

\n
\n
\n \n \n
\n
\n\n \n
\n
\n Clear Activity Logs?\n
\n
\n

All recorded activity history will be permanently cleared. Are you sure?

\n
\n
\n \n \n
\n
\n\n\n\n \n
\n
\n New Text File\n \n
\n
\n
\n \n \n
\n
\n
\n \n \n
\n
\n\n \n
\n
\n New Folder\n \n
\n
\n
\n \n \n
\n
\n
\n \n \n
\n
\n\n \n
\n
\n Delete Container\n \n
\n
\n
\n \n \n \n \n \n
\n
This action is irreversible!
\n
All files inside container will be permanently erased. There is no recovery.
\n
\n
\n

\n
\n
\n \n \n
\n
\n\n \n
\n
\n Change Password\n \n
\n
\n
\n \n
\n \n \n
\n
\n
\n \n
\n \n \n
\n
\n
\n
\n
\n \n \n
\n
\n \n \n \n \n \n All files will be re-encrypted with the new password. Do not close the browser during this process.\n
\n
\n
\n
\n \n \n
\n
\n\n \n
\n
\n Rename Container\n \n
\n
\n
\n \n \n
\n
\n
\n
\n \n \n
\n
\n\n \n
\n
\n Cannot Preview File\n \n
\n
\n

This file type cannot be opened in the browser.

\n
\n β€” export this file to your computer?\n
\n
\n
\n \n \n
\n
\n\n \n
\n
\n
\n
\n \n \n \n
\n
\n
Export Container
\n
Confirm your identity to export
\n
\n
\n \n
\n
\n
\n \n \n \n Container will be exported as a .safenova file. Enter the password to authorize the export.\n
\n
\n \n
\n \n \n
\n
\n
\n
\n
\n \n \n \n \n \n AES-256-GCM encrypted\n \n
\n \n \n
\n
\n
\n\n \n
\n
\n Import Container\n \n
\n
\n

Container has an encrypted file manifest. Enter the password to complete the import.

\n
\n \n \n
\n
\n
\n
\n \n \n
\n
\n\n \n
\n
\n Environment\n \n
\n
\n \n \n \n
\n
\n \n
\n
\n
Security
\n
\n Require password on export\n \n
\n
\n Activity logs\n \n
\n
\n \n Export with activity logs\n \n
\n
\n Auto-lock (inactivity)\n
\n
\n 1 hour\n \n \n \n
\n
\n
Never
\n
5 minutes
\n
10 minutes
\n
15 minutes
\n
20 minutes
\n
30 minutes
\n
1 hour
\n
\n
\n
\n
\n
\n
Personalization
\n
\n Icon size\n
\n \n \n \n
\n
\n
\n Show grid dots\n \n
\n
\n Disable animations\n \n
\n
\n Show drag position preview\n \n
\n
\n
\n
Diagnostics
\n
\n Run a full integrity scan of the container's virtual file system and database records. Detects orphaned nodes, broken parent references, duplicate names, missing blobs, and other structural issues β€” with one-click auto-repair.\n
\n
\n Container integrity\n \n
\n
\n
\n
Danger Zone
\n
\n
\n
\n
\n \n \n \n \n \n Duress password\n
\n
\n A secondary password entered under coercion. When used anywhere β€” unlock, change password, or export β€” it behaves exactly like an incorrect password, but silently and irreversibly destroys every encrypted file in the background. The real password still works afterward, but all data inside is already gone β€” indistinguishable from storage corruption.\n
\n
\n \n
\n
\n
\n \n
\n \n \n
\n
\n
\n
\n
\n \n \n
\n
\n \n
\n
\n
\n \n Active β€” entering this password will silently destroy all files\n
\n \n
\n
\n
\n
\n \n
\n
\n
\n
\n File Types\n
\n
\n
\n Storage Usage\n
\n
\n
\n
\n Largest Files\n
\n
\n
\n
\n \n
\n
\n
\n \n
\n
\n \n \n \n Activity Logs are disabled\n \n
\n
\n \n \n \n No activity recorded yet\n
\n
\n
\n
\n
\n\n
\n
\n \n
\n
\n\n \n
\n
\n Container Integrity Scanner\n \n
\n
\n
\n \n \n \n \n
\n
Full container scan
\n
Deep analysis of the virtual disk image, encrypted file table, folder hierarchy, desktop layout, and workspace environment of this crypto-container.
\n
\n
\n
\n
\n
\n
\n \n \n \n
\n
\n\n
\n\n \n
\n
\n
\n \n \n \n \n \n
\n
Export before repair
\n
Auto-Repair may delete unrecoverable files and restructure the virtual disk. It is strongly recommended to export a backup of your container before proceeding.
\n
\n \n \n \n
\n
\n
\n\n \n
\n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n\n\n" }, { "path": "src/js/constants.js", "content": "'use strict';\n\n/* ============================================================\n CONSTANTS\n ============================================================ */\nconst DB_NAME = 'SafeNovaEFS',\n DB_VERSION = 3,\n CONTAINER_LIMIT = 8 * 1024 * 1024 * 1024, // 8 GB per container\n FILE_CHUNK_SIZE = 50 * 1024 * 1024, // 50 MB per IDB chunk β€” avoids browser ~2 GB read limit\n DEVICE_LIMIT = 20 * 1024 * 1024 * 1024, // 20 GB total device display limit\n\n ARGON2_MEM = 19456, // 19 MB memory cost (OWASP minimum)\n ARGON2_ITER = 2, // time cost (iterations)\n ARGON2_PAR = 1, // parallelism\n VERIFY_TEXT = 'SafeNovaEFS-VERIFY-OK';\n// Degree of parallelism for AES-GCM operations: cap at 8 to avoid\n// flooding the thread with microtasks on high-core-count machines.\nconst _CRYPTO_CONCURRENCY = Math.min(8, navigator.hardwareConcurrency || 4);\nlet ICON_W = 84,\n ICON_H = 90;\nlet GRID_X = 96, // horizontal grid cell size\n GRID_Y = 96; // vertical grid cell size\n\n/* ============================================================\n UTILITIES\n ============================================================ */\nfunction uid() {\n return crypto.randomUUID\n ? crypto.randomUUID()\n : Date.now().toString(36) + Math.random().toString(36).slice(2);\n}\n\n/* ============================================================\n TAB IDENTITY\n Each browser tab gets a stable UUID so we can detect when\n the same container is being opened in two different tabs.\n Stored in sessionStorage so a page refresh keeps the same ID,\n while a brand-new tab always gets a fresh one.\n ============================================================ */\nconst _TAB_ID = (() => {\n let id = sessionStorage.getItem('snv-tab-id');\n if (!id) { id = uid(); sessionStorage.setItem('snv-tab-id', id); }\n return id;\n})();\n\nfunction fmtSize(b) {\n if (!Number.isFinite(b) || b <= 0) return '0 B';\n const k = 1024, s = ['B', 'KB', 'MB', 'GB', 'TB'],\n i = Math.min(Math.floor(Math.log(b) / Math.log(k)), s.length - 1);\n return (b / Math.pow(k, i)).toFixed(i > 0 ? 1 : 0) + ' ' + s[i];\n}\n\nfunction fmtDate(ts) {\n const d = new Date(ts);\n return d.toLocaleDateString('en-US', { month: 'short', day: 'numeric', year: 'numeric' }) + ' ' +\n d.toLocaleTimeString('en-US', { hour: '2-digit', minute: '2-digit' });\n}\n\nfunction getExt(name) {\n const p = name.lastIndexOf('.');\n return p > 0 ? name.slice(p + 1).toLowerCase() : '';\n}\n\nfunction getMime(name) {\n const e = getExt(name);\n return ({\n txt: 'text/plain', md: 'text/markdown', html: 'text/html', htm: 'text/html',\n css: 'text/css', js: 'text/javascript', ts: 'text/typescript', json: 'application/json',\n xml: 'application/xml', csv: 'text/csv', py: 'text/x-python', rs: 'text/x-rust',\n go: 'text/x-go', java: 'text/x-java', c: 'text/x-c', cpp: 'text/x-c++',\n sh: 'text/x-sh', bat: 'text/x-bat', yaml: 'text/yaml', yml: 'text/yaml',\n png: 'image/png', jpg: 'image/jpeg', jpeg: 'image/jpeg', gif: 'image/gif',\n webp: 'image/webp', svg: 'image/svg+xml', bmp: 'image/bmp', ico: 'image/x-icon',\n avif: 'image/avif',\n pdf: 'application/pdf',\n mp3: 'audio/mpeg', wav: 'audio/wav', ogg: 'audio/ogg', flac: 'audio/flac', m4a: 'audio/m4a',\n mp4: 'video/mp4', webm: 'video/webm', mov: 'video/quicktime', avi: 'video/x-msvideo',\n zip: 'application/zip', rar: 'application/x-rar-compressed',\n gz: 'application/gzip', '7z': 'application/x-7z-compressed', tar: 'application/x-tar',\n doc: 'application/msword',\n docx: 'application/vnd.openxmlformats-officedocument.wordprocessingml.document',\n xls: 'application/vnd.ms-excel',\n xlsx: 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet',\n ppt: 'application/vnd.ms-powerpoint',\n pptx: 'application/vnd.openxmlformats-officedocument.presentationml.presentation',\n woff: 'font/woff', woff2: 'font/woff2', ttf: 'font/ttf', otf: 'font/otf',\n arj: 'application/x-arj', dbf: 'application/x-dbf',\n so: 'application/x-sharedlib',\n arj: 'application/x-arj', dbf: 'application/x-dbf',\n so: 'application/x-sharedlib',\n deb: 'application/vnd.debian.binary-package',\n iso: 'application/x-compressed-iso',\n })[e] || 'application/octet-stream';\n}\n\nfunction isText(mime, name) {\n return mime.startsWith('text/') ||\n ['application/json', 'application/xml', 'application/javascript'].includes(mime);\n}\nfunction isImage(mime) { return mime.startsWith('image/'); }\nfunction isAudio(mime) { return mime.startsWith('audio/'); }\nfunction isVideo(mime) { return mime.startsWith('video/'); }\nfunction isPDF(mime) { return mime === 'application/pdf'; }\n\nfunction buf2b64(buf) {\n const u8 = buf instanceof Uint8Array ? buf : new Uint8Array(buf),\n CHUNK = 8192;\n let s = '';\n for (let i = 0; i < u8.length; i += CHUNK)\n s += String.fromCharCode.apply(null, u8.subarray(i, Math.min(i + CHUNK, u8.length)));\n return btoa(s);\n}\nfunction b642buf(s) {\n const b = atob(s), u = new Uint8Array(b.length);\n for (let i = 0; i < b.length; i++) u[i] = b.charCodeAt(i);\n return u.buffer;\n}\n\nfunction pwStrength(pw) {\n let s = 0;\n if (pw.length >= 8) s++;\n if (pw.length >= 12) s++;\n if (/[a-z]/.test(pw) && /[A-Z]/.test(pw)) s++;\n if (/\\d/.test(pw)) s++;\n if (/[^a-zA-Z0-9]/.test(pw)) s++;\n return s; // 0–5\n}\n\nfunction escHtml(str) {\n return String(str)\n .replace(/&/g, '&').replace(//g, '>').replace(/\"/g, '"');\n}\n\n/* Shared error/cooldown SVG fragments reused across all password forms */\nconst _ERR_SVG = '';\nconst _WAIT_SVG = '';\n\n/* Shared brute-force cooldown β€” disables btn and shows 3-second countdown in errEl */\nfunction _startAttemptCooldown(errEl, btn, onClear) {\n let remaining = 3;\n const upd = s => { errEl.innerHTML = `${_WAIT_SVG} Too many attempts β€” wait ${s}s`; errEl.style.color = 'var(--orange)'; };\n upd(remaining);\n btn.disabled = true;\n const _t = setInterval(() => {\n if (--remaining <= 0) {\n clearInterval(_t);\n errEl.innerHTML = ''; errEl.style.color = '';\n btn.disabled = false;\n onClear?.();\n } else {\n upd(remaining);\n }\n }, 1000);\n}\n\n/* SHA-256(salt_32 || pw_bytes) β€” used for duress password detection */\nasync function hashDuress(pw, salt) {\n const saltU8 = new Uint8Array(salt),\n pwU8 = new TextEncoder().encode(pw),\n combined = new Uint8Array(saltU8.length + pwU8.length);\n combined.set(saltU8);\n combined.set(pwU8, saltU8.length);\n return Array.from(new Uint8Array(await crypto.subtle.digest('SHA-256', combined)));\n}\n\n/* Check whether pw matches the duress hash stored on a container.\n Returns true if the container has a duress password and pw matches it. */\nasync function checkDuress(pw, container) {\n if (!container.duressHash || pw.length < 4) return false;\n const hash = await hashDuress(pw, container.duressHash.salt);\n return hash.every((b, i) => b === container.duressHash.hash[i]);\n}\n\n/* ============================================================\n FOLDER COLOR PALETTE\n ============================================================ */\nconst FOLDER_COLORS = [\n { label: 'Default (Blue)', color: '#0078d4' },\n { label: 'Teal', color: '#4ec9b0' },\n { label: 'Purple', color: '#9b59d0' },\n { label: 'Orange', color: '#f18800' },\n { label: 'Red', color: '#e84040' },\n { label: 'Green', color: '#3cb371' },\n { label: 'Pink', color: '#e879a0' },\n { label: 'Yellow', color: '#d4b030' },\n { label: 'Grey', color: '#7a7a7a' },\n];\n\n/* ============================================================\n SVG ICON LIBRARY β€” 16Γ—16 UI icons\n ============================================================ */\nconst Icons = {\n open: ``,\n file: ``,\n folder: ``,\n download: ``,\n upload: ``,\n rename: ``,\n trash: ``,\n info: ``,\n paste: ``,\n sort: ``,\n unlock: ``,\n copy: ``,\n cut: ``,\n newfile: ``,\n newfolder: ``,\n warning: ``,\n lock: ``,\n key: ``,\n navup: ``,\n fileup: ``,\n filedoc: ``,\n filedir: ``,\n plus: ``,\n close: ``,\n eye: ``,\n eyeoff: ``, save: ``,\n dlbtn: ``,\n sortAsc: ``,\n sortDesc: ``,\n sortName: ``,\n sortDate: ``,\n sortSize: ``,\n sortType: ``,\n refresh: ``,\n};\n\n/* ============================================================\n LARGE (48Γ—48) FILE TYPE ICONS β€” for desktop thumbnails\n ============================================================ */\nfunction getFolderSVG(color) {\n // Validate: only allow CSS hex colors to prevent SVG attribute injection\n const c = /^#[0-9a-fA-F]{3,8}$/.test(color) ? color : '#0078d4';\n return `\n \n \n `;\n}\n\nfunction getFileIconSVG(mime, name) {\n const ext = getExt(name || '');\n if (isImage(mime)) return _bigIcon('#9cdcfe', _imgPath());\n if (isAudio(mime)) return _bigIcon('#c678dd', _audioPath());\n if (isVideo(mime)) return _bigIcon('#c678dd', _videoPath());\n if (isPDF(mime)) return _bigIcon('#f44747', _pdfPath());\n if (isText(mime, name)) {\n if (['js', 'ts', 'py', 'rs', 'go', 'java', 'c', 'cmd', 'cpp', 'cs', 'php', 'rb', 'sh', 'bat', 'ps1', 'vbs'].includes(ext))\n return _bigIcon('#dcdcaa', _codePath());\n if (['json', 'yaml', 'yml', 'xml', 'csv'].includes(ext))\n return _bigIcon('#4ec9b0', _dataPath());\n return _bigIcon('#d4d4d4', _textPath());\n }\n if (['zip', 'rar', 'gz', '7z', 'tar', 'stk', 'itk', 'ltk', 'jtk', 'arj', 'deb', 'iso', 'cso', 'rpm', 'pkg', 'appx', 'msix'].includes(ext)) return _bigIcon('#ce9178', _archivePath());\n if (['doc', 'docx', 'odt', 'rtf'].includes(ext)) return _bigIcon('#569cd6', _docPath());\n if (['xls', 'xlsx', 'xlsb', 'xlsm', 'ods'].includes(ext)) return _bigIcon('#4ec9b0', _dataPath());\n if (['ppt', 'pptx', 'odp'].includes(ext)) return _bigIcon('#ce9178', _slidePath());\n // Unknown type β€” show extension label inside icon (≀ 4 chars only)\n if (ext && ext.length <= 4) return _bigIconExt('#858585', ext.toUpperCase());\n return _bigIcon('#858585', _filePath());\n}\n\nfunction _bigIcon(color, inner) {\n return `\n \n \n ${inner.replace(/COLOR/g, color)}\n `;\n}\n\nfunction _filePath() { return ``; }\nfunction _textPath() { return ``; }\nfunction _codePath() { return ``; }\nfunction _dataPath() { return ``; }\nfunction _imgPath() { return ``; }\nfunction _audioPath() { return ``; }\nfunction _videoPath() { return ``; }\nfunction _pdfPath() { return ``; }\nfunction _archivePath() { return ``; }\nfunction _docPath() { return ``; }\nfunction _slidePath() { return ``; }\n\nfunction _bigIconExt(color, extText) {\n const fs = extText.length <= 2 ? 14 : extText.length === 3 ? 12 : 10;\n // HTML-escape the extension before inserting into SVG text content\n const safe = extText.replace(/[&<>\"]/g, ch => ({ '&': '&', '<': '<', '>': '>', '\"': '"' }[ch]));\n return `\n \n \n ${safe}\n `;\n}\n" }, { "path": "src/js/crypto.js", "content": "'use strict';\n\n/* ============================================================\n CRYPTO β€” AES-256-GCM + Argon2id (WASM)\n ============================================================ */\nconst Crypto = (() => {\n\n // Returns raw 32-byte Argon2id hash as Uint8Array\n async function deriveRaw(password, salt) {\n return hashwasm.argon2id({\n password,\n salt,\n parallelism: ARGON2_PAR,\n iterations: ARGON2_ITER,\n memorySize: ARGON2_MEM,\n hashLength: 32,\n outputType: 'binary',\n });\n }\n\n async function deriveKey(password, salt) {\n const hash = await deriveRaw(password, salt);\n return crypto.subtle.importKey(\n 'raw', hash,\n { name: 'AES-GCM' },\n false,\n ['encrypt', 'decrypt']\n );\n }\n\n // Derives both the CryptoKey and the raw bytes in a single Argon2id pass.\n // Use instead of calling deriveKey + deriveRaw separately to avoid double hashing.\n async function deriveKeyAndRaw(password, salt) {\n const raw = await deriveRaw(password, salt),\n key = await crypto.subtle.importKey('raw', raw, { name: 'AES-GCM' }, false, ['encrypt', 'decrypt']);\n return { key, raw };\n }\n\n // Import a pre-derived 32-byte key (skips Argon2id for session resume)\n async function importRawKey(rawBytes) {\n return crypto.subtle.importKey(\n 'raw', rawBytes,\n { name: 'AES-GCM' },\n false,\n ['encrypt', 'decrypt']\n );\n }\n\n async function encrypt(key, data) {\n const iv = crypto.getRandomValues(new Uint8Array(12));\n const buf = data instanceof ArrayBuffer\n ? data\n : (data instanceof Uint8Array\n ? data.buffer\n : new TextEncoder().encode(typeof data === 'string' ? data : JSON.stringify(data)));\n const ct = await crypto.subtle.encrypt({ name: 'AES-GCM', iv }, key, buf);\n return { iv: Array.from(iv), blob: buf2b64(ct) };\n }\n\n async function decrypt(key, iv, blobB64) {\n const ivU8 = new Uint8Array(iv),\n buf = b642buf(blobB64);\n return crypto.subtle.decrypt({ name: 'AES-GCM', iv: ivU8 }, key, buf);\n }\n\n async function encryptBin(key, buf) {\n const iv = crypto.getRandomValues(new Uint8Array(12)),\n ct = await crypto.subtle.encrypt({ name: 'AES-GCM', iv }, key, buf);\n return { iv: Array.from(iv), blob: ct };\n }\n\n async function decryptBin(key, iv, blob) {\n return crypto.subtle.decrypt({ name: 'AES-GCM', iv: new Uint8Array(iv) }, key, blob);\n }\n\n async function makeVerification(key) {\n const { iv, blob } = await encrypt(key, VERIFY_TEXT);\n return { iv, blob };\n }\n\n async function checkVerification(key, iv, blob) {\n try {\n const buf = await decrypt(key, iv, blob);\n return new TextDecoder().decode(buf) === VERIFY_TEXT;\n } catch { return false; }\n }\n\n return { deriveRaw, deriveKey, deriveKeyAndRaw, importRawKey, encrypt, decrypt, encryptBin, decryptBin, makeVerification, checkVerification };\n})();\n" }, { "path": "src/js/db.js", "content": "'use strict';\n\n/* ============================================================\n DATABASE β€” IndexedDB abstraction\n ============================================================ */\nconst DB = (() => {\n let _db = null;\n\n async function init() {\n InitLog.step('DB open (SafeNovaEFS)');\n return new Promise((res, rej) => {\n let settled = false;\n const timer = setTimeout(() => {\n if (!settled) { settled = true; InitLog.error('DB open (SafeNovaEFS)', 'timeout'); rej(new Error('SafeNovaEFS open timeout')); }\n }, 8000);\n const done = (db) => { if (!settled) { settled = true; clearTimeout(timer); _db = db; InitLog.done('DB open (SafeNovaEFS)'); res(); } };\n const fail = (e) => { if (!settled) { settled = true; clearTimeout(timer); InitLog.error('DB open (SafeNovaEFS)', e); rej(e); } };\n\n const req = indexedDB.open(DB_NAME, DB_VERSION);\n req.onupgradeneeded = e => {\n InitLog.step('DB schema upgrade');\n try {\n const db = e.target.result;\n if (!db.objectStoreNames.contains('containers')) {\n db.createObjectStore('containers', { keyPath: 'id' });\n }\n if (!db.objectStoreNames.contains('files')) {\n const fs = db.createObjectStore('files', { keyPath: 'id' });\n fs.createIndex('cid', 'cid');\n }\n if (!db.objectStoreNames.contains('vfs')) {\n db.createObjectStore('vfs', { keyPath: 'cid' });\n }\n if (!db.objectStoreNames.contains('chunks')) {\n db.createObjectStore('chunks', { keyPath: 'id' });\n }\n InitLog.done('DB schema upgrade');\n } catch (err) { InitLog.error('DB schema upgrade', err); fail(err); }\n };\n req.onsuccess = e => done(e.target.result);\n req.onerror = () => fail(req.error);\n req.onblocked = () => {\n // Another connection prevents upgrade; close it by requesting versionchange on self\n InitLog.error('DB open (SafeNovaEFS)', 'blocked β€” waiting for other connections to close');\n // Keep waiting β€” the blocked event does NOT mean failure, just delay.\n // If it takes longer than the timeout above, we fail gracefully.\n };\n });\n }\n\n function rw(store) { return _db.transaction(store, 'readwrite').objectStore(store); }\n function ro(store) { return _db.transaction(store, 'readonly').objectStore(store); }\n function wrap(req) { return new Promise((r, j) => { req.onsuccess = () => r(req.result); req.onerror = () => j(req.error); }); }\n\n // Reassemble a chunked file record: reads N chunks from 'chunks' store,\n // merges them into a single ArrayBuffer, sets rec.blob, deletes rec._chunked.\n function _reassemble(rec) {\n return new Promise((resolve, reject) => {\n const count = rec._chunked, id = rec.id;\n const tx = _db.transaction('chunks', 'readonly'),\n store = tx.objectStore('chunks'),\n parts = new Array(count);\n let totalSize = 0, pending = count;\n for (let i = 0; i < count; i++) {\n const req = store.get(id + '_' + i);\n req.onsuccess = () => {\n const d = req.result?.data;\n if (d) { parts[i] = d; totalSize += d.byteLength; }\n if (--pending === 0) {\n // Reject if any chunk is missing β€” silently skipping a missing chunk\n // corrupts all subsequent offsets and produces garbled data.\n for (let k = 0; k < count; k++) {\n if (!parts[k]) { reject(new Error('Missing chunk ' + id + '_' + k)); return; }\n }\n const merged = new Uint8Array(totalSize);\n let off = 0;\n for (const p of parts) { merged.set(new Uint8Array(p), off); off += p.byteLength; }\n rec.blob = merged.buffer;\n delete rec._chunked;\n resolve(rec);\n }\n };\n req.onerror = () => reject(req.error);\n }\n });\n }\n\n // Returns 2 distinct non-adjacent random indices within [0, size).\n // Falls back gracefully for very small buffers.\n function _twoRandPos(size) {\n if (size < 2) return size ? [0] : [];\n if (size < 4) return [0, size - 1]; // small buffer β€” take ends\n const a = Math.floor(Math.random() * size);\n let b;\n do { b = Math.floor(Math.random() * size); } while (Math.abs(b - a) <= 1);\n return [a, b];\n }\n\n // XOR-flips 2 random non-adjacent bytes in the buffer with a random non-zero value.\n // Position and delta are unknown and unreproducible β€” guaranteed to change each byte.\n function _corruptRandBytes(buf) {\n if (!buf || buf.byteLength < 1) return;\n const arr = new Uint8Array(buf);\n for (const p of _twoRandPos(arr.length)) {\n arr[p] ^= (Math.floor(Math.random() * 255) + 1);\n }\n }\n\n // Cryptographic pre-shredding β€” makes every encrypted blob irrecoverable:\n // β€’ Inline files : XOR-flip 2 random non-adjacent bytes in the ciphertext.\n // Any 1-byte change in AES-GCM ciphertext causes GCM auth-tag failure\n // for the entire file. Position and XOR delta are unknown and unlogged.\n // β€’ Chunked files: zero the IV stored in the file record β€” no chunk data\n // is read at all, making this path maximally fast for large files.\n // Without a valid IV, AES-GCM decryption cannot even begin.\n // Best-effort β€” always resolves so deletion / duress flow can continue.\n function _corruptFileBlobs(ids) {\n return new Promise((resolve) => {\n if (!ids.length) { resolve(); return; }\n const tx = _db.transaction(['files', 'chunks'], 'readwrite'),\n fs = tx.objectStore('files'),\n cs = tx.objectStore('chunks');\n tx.oncomplete = () => resolve();\n tx.onerror = (e) => { e.preventDefault(); resolve(); };\n tx.onabort = () => resolve();\n ids.forEach(id => {\n const req = fs.get(id);\n req.onsuccess = () => {\n const rec = req.result;\n if (!rec) return;\n if (rec._chunked) {\n // Large file: zero the IV β€” avoids reading any chunk data entirely.\n // AES-GCM without a valid IV is unconditionally undecryptable.\n // rec.iv is stored as a plain JS Array (via Array.from()), not an ArrayBuffer,\n // so we must fill in-place rather than wrapping in a TypedArray view.\n if (Array.isArray(rec.iv)) {\n for (let _i = 0; _i < rec.iv.length; _i++) rec.iv[_i] = 0;\n } else if (rec.iv instanceof ArrayBuffer) {\n new Uint8Array(rec.iv).fill(0);\n } else if (ArrayBuffer.isView(rec.iv)) {\n new Uint8Array(rec.iv.buffer, rec.iv.byteOffset, rec.iv.byteLength).fill(0);\n }\n fs.put(rec);\n } else if (rec.blob) {\n // Inline file: XOR-flip 2 random non-adjacent bytes in the ciphertext.\n _corruptRandBytes(rec.blob);\n fs.put(rec);\n }\n };\n req.onerror = (e) => e.preventDefault();\n });\n });\n }\n\n return {\n init,\n /* containers */\n getContainers: () => wrap(ro('containers').getAll()),\n saveContainer: (c) => wrap(rw('containers').put(c)),\n deleteContainer: (id) => wrap(rw('containers').delete(id)),\n\n /* files */\n saveFile: async (f) => {\n const blobSize = f.blob ? (f.blob.byteLength ?? 0) : 0;\n if (blobSize > FILE_CHUNK_SIZE) {\n const chunkCount = Math.ceil(blobSize / FILE_CHUNK_SIZE),\n tx = _db.transaction(['files', 'chunks'], 'readwrite'),\n fs = tx.objectStore('files'),\n cs = tx.objectStore('chunks');\n fs.put({ id: f.id, cid: f.cid, iv: f.iv, blob: null, _chunked: chunkCount, _blobSize: blobSize });\n for (let i = 0; i < chunkCount; i++) {\n const start = i * FILE_CHUNK_SIZE;\n cs.put({ id: f.id + '_' + i, data: f.blob.slice(start, Math.min(start + FILE_CHUNK_SIZE, blobSize)) });\n }\n return new Promise((r, j) => { tx.oncomplete = () => r(); tx.onerror = () => j(tx.error); });\n }\n return wrap(rw('files').put(f));\n },\n getFile: async (id) => {\n let rec;\n try { rec = await wrap(ro('files').get(id)); }\n catch (e) { console.error('[DB] Failed to read file record:', id, e); return null; }\n if (!rec) return rec;\n if (rec._chunked) return _reassemble(rec);\n return rec;\n },\n getFilesByCid: async (cid) => {\n let recs;\n try {\n recs = await wrap(ro('files').index('cid').getAll(cid));\n } catch {\n // Fallback: key cursor β†’ individual reads (handles unreadable oversized records)\n const keys = await new Promise((res, rej) => {\n const tx = _db.transaction('files', 'readonly'),\n idx = tx.objectStore('files').index('cid'),\n r = [],\n req = idx.openKeyCursor(IDBKeyRange.only(cid));\n req.onsuccess = () => { const c = req.result; if (!c) { res(r); return; } r.push(c.primaryKey); c.continue(); };\n req.onerror = () => rej(req.error);\n });\n recs = [];\n for (const key of keys) {\n try { const r = await wrap(ro('files').get(key)); if (r) recs.push(r); }\n catch (e) { console.error('[DB] Skipping unreadable file:', key, e); }\n }\n }\n const chunked = recs.filter(r => r._chunked);\n if (chunked.length) await Promise.all(chunked.map(r => _reassemble(r)));\n return recs;\n },\n // Lightweight: returns [{id, iv, sz}] without chunk reassembly\n getFileMetaByCid: (cid) => new Promise((resolve, reject) => {\n const tx = _db.transaction('files', 'readonly'),\n idx = tx.objectStore('files').index('cid'),\n req = idx.openCursor(IDBKeyRange.only(cid)),\n results = [];\n req.onsuccess = () => {\n const c = req.result;\n if (c) {\n const r = c.value;\n results.push({\n id: r.id, iv: r.iv,\n sz: r._chunked ? (r._blobSize ?? -1) : (r.blob ? (r.blob.byteLength || 0) : 0)\n });\n c.continue();\n } else resolve(results);\n };\n req.onerror = () => reject(req.error);\n }),\n deleteFile: async (id) => {\n let chunked = 0;\n try { const rec = await wrap(ro('files').get(id)); if (rec?._chunked) chunked = rec._chunked; }\n catch { /* unreadable record β€” not chunked */ }\n if (chunked) {\n const tx = _db.transaction(['files', 'chunks'], 'readwrite');\n tx.objectStore('files').delete(id);\n const cs = tx.objectStore('chunks');\n for (let i = 0; i < chunked; i++) cs.delete(id + '_' + i);\n return new Promise((r, j) => { tx.oncomplete = () => r(); tx.onerror = () => j(tx.error); });\n }\n return wrap(rw('files').delete(id));\n },\n // Batch-delete multiple file records (and their chunks) in IndexedDB\n deleteFiles: async (ids) => {\n if (!ids || !ids.length) return;\n // Phase 1: check which files are chunked (read-only, safe for broken records)\n const chunkInfo = new Map();\n await new Promise((resolve) => {\n const tx = _db.transaction('files', 'readonly'),\n store = tx.objectStore('files');\n let pending = ids.length;\n const done = () => { if (--pending === 0) resolve(); };\n ids.forEach(id => {\n const req = store.get(id);\n req.onsuccess = () => { if (req.result?._chunked) chunkInfo.set(id, req.result._chunked); done(); };\n req.onerror = (e) => { e.preventDefault(); done(); };\n });\n });\n // Phase 2: delete file records + associated chunks\n const stores = chunkInfo.size ? ['files', 'chunks'] : ['files'],\n tx = _db.transaction(stores, 'readwrite'),\n fs = tx.objectStore('files');\n ids.forEach(id => fs.delete(id));\n if (chunkInfo.size) {\n const cs = tx.objectStore('chunks');\n for (const [id, count] of chunkInfo) {\n for (let i = 0; i < count; i++) cs.delete(id + '_' + i);\n }\n }\n return new Promise((r, j) => { tx.oncomplete = () => r(); tx.onerror = () => j(tx.error); });\n },\n // Batch-save multiple file records in a single IndexedDB transaction (with chunking for large blobs)\n saveFiles: (files) => new Promise((res, rej) => {\n if (!files || !files.length) { res(); return; }\n const hasChunked = files.some(f => f.blob && (f.blob.byteLength ?? 0) > FILE_CHUNK_SIZE),\n stores = hasChunked ? ['files', 'chunks'] : ['files'],\n tx = _db.transaction(stores, 'readwrite'),\n fileStore = tx.objectStore('files'),\n chunkStore = hasChunked ? tx.objectStore('chunks') : null;\n files.forEach(f => {\n const blobSize = f.blob ? (f.blob.byteLength ?? 0) : 0;\n if (blobSize > FILE_CHUNK_SIZE) {\n const chunkCount = Math.ceil(blobSize / FILE_CHUNK_SIZE);\n fileStore.put({ id: f.id, cid: f.cid, iv: f.iv, blob: null, _chunked: chunkCount, _blobSize: blobSize });\n for (let i = 0; i < chunkCount; i++) {\n const start = i * FILE_CHUNK_SIZE;\n chunkStore.put({ id: f.id + '_' + i, data: f.blob.slice(start, Math.min(start + FILE_CHUNK_SIZE, blobSize)) });\n }\n } else {\n fileStore.put(f);\n }\n });\n tx.oncomplete = () => res();\n tx.onerror = () => rej(tx.error);\n }),\n // Batch-read specific file records by id array in a single IDB transaction.\n // Returns a Map so callers can look up by id in O(1).\n getFilesByIds: (ids) => new Promise((res, rej) => {\n if (!ids || !ids.length) { res(new Map()); return; }\n const tx = _db.transaction('files', 'readonly'),\n store = tx.objectStore('files'),\n result = new Map(),\n chunkedRecs = [];\n let pending = ids.length;\n ids.forEach(id => {\n const req = store.get(id);\n req.onsuccess = () => {\n if (req.result) {\n result.set(id, req.result);\n if (req.result._chunked) chunkedRecs.push(req.result);\n }\n if (--pending === 0) {\n if (chunkedRecs.length) {\n Promise.all(chunkedRecs.map(r => _reassemble(r))).then(() => res(result)).catch(rej);\n } else res(result);\n }\n };\n req.onerror = (event) => {\n console.error('[DB] Failed to read file:', id, req.error);\n event.preventDefault();\n if (--pending === 0) {\n if (chunkedRecs.length) {\n Promise.all(chunkedRecs.map(r => _reassemble(r))).then(() => res(result)).catch(rej);\n } else res(result);\n }\n };\n });\n }),\n\n /* vfs */\n saveVFS: (cid, iv, blob) => wrap(rw('vfs').put({ cid, iv, blob })),\n getVFS: (cid) => wrap(ro('vfs').get(cid)),\n deleteVFS: (cid) => wrap(rw('vfs').delete(cid)),\n\n /* nuke container β€” corrupts blobs, then deletes everything (uses key cursor to avoid deserializing large blobs) */\n async nukeContainer(cid) {\n const ids = await new Promise((resolve, reject) => {\n const tx = _db.transaction('files', 'readonly'),\n idx = tx.objectStore('files').index('cid'),\n r = [],\n req = idx.openKeyCursor(IDBKeyRange.only(cid));\n req.onsuccess = () => { const c = req.result; if (!c) { resolve(r); return; } r.push(c.primaryKey); c.continue(); };\n req.onerror = () => reject(req.error);\n });\n if (ids.length) {\n await _corruptFileBlobs(ids); // XOR-flip 2 random bytes (inline) / zero IV (chunked)\n await this.deleteFiles(ids);\n }\n await this.deleteVFS(cid);\n // Null out lazyWorkspace/heavy blobs before deleting the container record.\n // Chrome stores large Blobs in external files; IDB delete queues them for\n // lazy GC but navigator.storage.estimate() still counts them as used.\n // Overwriting with null forces immediate blob file release.\n try {\n const c = await wrap(ro('containers').get(cid));\n if (c && (c.lazyWorkspace || c._alogZ || c._exportCache)) {\n c.lazyWorkspace = null;\n c._alogZ = null;\n c._exportCache = null;\n await wrap(rw('containers').put(c));\n }\n } catch { /* read failed β€” proceed to delete */ }\n await this.deleteContainer(cid);\n },\n\n /* duress trigger β€” zero-overwrites blobs but does NOT delete anything */\n async corruptContainerBlobs(cid) {\n const ids = await new Promise((resolve, reject) => {\n const tx = _db.transaction('files', 'readonly'),\n idx = tx.objectStore('files').index('cid'),\n r = [],\n req = idx.openKeyCursor(IDBKeyRange.only(cid));\n req.onsuccess = () => { const c = req.result; if (!c) { resolve(r); return; } r.push(c.primaryKey); c.continue(); };\n req.onerror = () => reject(req.error);\n });\n if (ids.length) await _corruptFileBlobs(ids);\n }\n };\n})();\n" }, { "path": "src/js/desktop.js", "content": "'use strict';\n\n/* ============================================================\n SAVE VFS\n ============================================================ */\nasync function saveVFS() {\n if (!App.key || !App.container) return;\n try {\n const jsonBuf = new TextEncoder().encode(JSON.stringify(VFS.toObj())),\n { iv, blob } = await Crypto.encryptBin(App.key, jsonBuf);\n await DB.saveVFS(App.container.id, iv, blob);\n App.container.totalSize = VFS.totalSize();\n // Strip raw log so only compressed _alogZ gets persisted\n const _tmpLog = App.container.activityLog;\n delete App.container.activityLog;\n await DB.saveContainer(App.container);\n if (_tmpLog) App.container.activityLog = _tmpLog;\n Desktop.updateTaskbar();\n } catch (e) { console.error('saveVFS error', e); }\n}\n\n/* ============================================================\n ACTIVITY LOGS\n ============================================================ */\nconst ALOG_MAX = 2048;\nlet _alogSaveTimer = null, _alogRafId = null, _alogFilters = null;\nlet _activityLog = []; // in-memory ring buffer; never stored raw on the container\n\n// ── Compression (deflate, built-in, zero-dependency) ────────\nasync function _compressBytes(bytes) {\n const cs = new Blob([bytes]).stream().pipeThrough(new CompressionStream('deflate'));\n return new Uint8Array(await new Response(cs).arrayBuffer());\n}\nasync function _decompressBytes(bytes) {\n const ds = new Blob([bytes]).stream().pipeThrough(new DecompressionStream('deflate'));\n return new Uint8Array(await new Response(ds).arrayBuffer());\n}\n// Compress with a 5 s safety timeout β€” returns compressed bytes on success,\n// or the original bytes unchanged if compression fails or times out.\nasync function _compressBytesOrRaw(bytes) {\n try {\n return await Promise.race([\n _compressBytes(bytes),\n new Promise((_, rej) => setTimeout(() => rej(new Error('compress timeout')), 5000))\n ]);\n } catch { return bytes; }\n}\nasync function _compressLog(arr) {\n return _compressBytes(new TextEncoder().encode(JSON.stringify(arr)));\n}\nasync function _decompressLog(bytes) {\n return JSON.parse(new TextDecoder().decode(await _decompressBytes(bytes)));\n}\nasync function _loadActivityLog() {\n const pending = _activityLog.length ? _activityLog.slice() : [];\n _activityLog = [];\n if (!App.container) return;\n if (App.container._alogZ) {\n try {\n const z = App.container._alogZ;\n // New format: { iv, blob } β€” AES-256-GCM encrypted, then zlib-compressed\n const raw = (z && z.iv && z.blob)\n ? new Uint8Array(await Crypto.decrypt(App.key, z.iv, z.blob))\n : z; // legacy: plain compressed bytes (migrate on next flush)\n _activityLog = await _decompressLog(raw);\n } catch { }\n }\n // Migrate old uncompressed plaintext format\n if (Array.isArray(App.container.activityLog)) {\n _activityLog = _activityLog.concat(App.container.activityLog);\n delete App.container.activityLog;\n }\n // Merge any entries pushed during async decompress\n if (pending.length) _activityLog = _activityLog.concat(pending);\n if (_activityLog.length > ALOG_MAX) _activityLog.splice(0, _activityLog.length - ALOG_MAX);\n}\nasync function _flushActivityLog() {\n _alogSaveTimer = null;\n if (!App.container || !App.key || !_activityLog.length) return;\n try {\n // Compress then encrypt β€” attacker must NOT read activity logs\n const compressed = await _compressLog(_activityLog);\n const { iv, blob } = await Crypto.encrypt(App.key, compressed);\n App.container._alogZ = { iv, blob };\n delete App.container.activityLog;\n await DB.saveContainer(App.container);\n } catch (e) { console.error('_flushActivityLog', e); }\n}\n\n/* ============================================================\n OPEN-FOLDER GUARD β€” shared by drag handlers and file ops\n Returns the id of the first open-folder in ids, or null.\n ============================================================ */\nfunction _getOpenFolderIds() {\n if (typeof WinManager === 'undefined') return new Set();\n const ids = new Set();\n WinManager._wins.forEach(w => {\n let cur = w.folderId;\n while (cur && cur !== 'root') { ids.add(cur); cur = (VFS.node(cur) || {}).parentId; }\n });\n return ids;\n}\nfunction _openFolderGuard(ids) {\n const open = _getOpenFolderIds();\n return [...ids].find(id => { const n = VFS.node(id); return n && n.type === 'folder' && open.has(id); }) ?? null;\n}\n\n// ── logActivity ─────────────────────────────────────────────\nfunction logActivity(op, detail, count, itemPath, destPath) {\n if (!App.container) return;\n if (_getSettings().activityLogs === false) return;\n const entry = { t: Date.now(), o: op, d: detail };\n if (count > 1) entry.n = count;\n let p = itemPath ?? null;\n if (!p && App.folder) {\n p = VFS.fullPath(App.folder);\n }\n if (p && p !== '/') entry.p = p;\n if (destPath && destPath !== '/') entry.p2 = destPath;\n _activityLog.push(entry);\n if (_activityLog.length > ALOG_MAX) _activityLog.splice(0, _activityLog.length - ALOG_MAX);\n if (_alogSaveTimer) clearTimeout(_alogSaveTimer);\n _alogSaveTimer = setTimeout(_flushActivityLog, 3000);\n}\n\n// ── Helpers ─────────────────────────────────────────────────\nfunction _alogRelTime(ts) {\n const d = Date.now() - ts;\n if (d < 60000) return 'Just now';\n if (d < 3600000) return Math.floor(d / 60000) + 'm ago';\n if (d < 86400000) return Math.floor(d / 3600000) + 'h ago';\n if (d < 604800000) return Math.floor(d / 86400000) + 'd ago';\n return new Date(ts).toLocaleDateString(undefined, { month: 'short', day: 'numeric', year: 'numeric' });\n}\n// Show path compactly: /~/Container/…/parent/name for deep paths\nfunction _alogPathDisplay(p) {\n if (!p) return '';\n const segs = p.split('/').filter(Boolean); // ['~', 'Container', 'a', 'b', 'file']\n if (p.length <= 58 || segs.length <= 4) return p;\n const prefix = '/~/' + segs[1] + '/\\u2026/',\n tail = segs.slice(-2).join('/') + (p.endsWith('/') ? '/' : ''),\n result = prefix + tail;\n // If still too long, keep only the last segment\n return result.length <= 62 ? result : prefix + segs[segs.length - 1] + (p.endsWith('/') ? '/' : '');\n}\nfunction _alogOpLabel(op) {\n const map = {\n upload: 'Uploaded', delete: 'Deleted', rename: 'Renamed', move: 'Moved',\n copy: 'Copied', cut: 'Cut', paste: 'Pasted', 'create-file': 'Created',\n 'create-folder': 'New Folder', color: 'Color', edit: 'Saved',\n download: 'Exported', 'export-zip': 'ZIP Export', sort: 'Sorted',\n 'export-container': 'Container Export'\n };\n return map[op] || op;\n}\nconst _ALOG_COLORS = {\n upload: '#3a8a4f', delete: '#c44040', rename: '#b07a20', move: '#3a6ea0',\n copy: '#2a8a8a', cut: '#b06020', paste: '#7a309a', 'create-file': '#3a8a4f',\n 'create-folder': '#3a8a4f', color: '#a03060', edit: '#8a7020',\n download: '#2a6aaa', 'export-zip': '#3a6ea0', sort: '#6a6a6a',\n 'export-container': '#3a6ea0'\n};\nconst _ALOG_ICONS = {\n upload: Icons.upload,\n delete: Icons.trash,\n rename: Icons.rename,\n move: ``,\n copy: Icons.copy,\n cut: Icons.cut,\n paste: Icons.paste,\n 'create-file': Icons.newfile,\n 'create-folder': Icons.newfolder,\n color: ``,\n edit: Icons.save,\n download: Icons.download,\n 'export-zip': ``,\n sort: Icons.sort,\n 'export-container': ``\n};\n\n// ── Render: date-grouped list with badge layout ─────────────\nfunction _renderActivityLogs() {\n const listEl = document.getElementById('alog-list'),\n offEl = document.getElementById('alog-off'),\n emptyEl = document.getElementById('alog-empty'),\n contentEl = document.getElementById('alog-content'),\n filtersEl = document.getElementById('alog-filters'),\n toolbarEl = document.getElementById('alog-toolbar'),\n s = _getSettings(),\n log = _activityLog;\n\n if (s.activityLogs === false) {\n offEl.style.display = 'flex';\n emptyEl.style.display = 'none';\n listEl.style.display = 'none';\n toolbarEl.style.display = 'none';\n return;\n }\n offEl.style.display = 'none';\n if (!log.length) {\n emptyEl.style.display = 'flex';\n listEl.style.display = 'none';\n toolbarEl.style.display = 'none';\n return;\n }\n\n toolbarEl.style.display = '';\n emptyEl.style.display = 'none';\n listEl.style.display = '';\n\n // Count ops for filter chips\n const opCounts = {};\n log.forEach(e => { opCounts[e.o] = (opCounts[e.o] || 0) + 1; });\n const ops = Object.keys(opCounts).sort((a, b) => opCounts[b] - opCounts[a]);\n let filterHtml = '';\n for (const op of ops) {\n const active = !_alogFilters || _alogFilters.has(op);\n filterHtml += ``;\n }\n filtersEl.innerHTML = filterHtml;\n filtersEl.querySelectorAll('.alog-filter').forEach(btn => {\n btn.onclick = () => {\n const op = btn.dataset.op;\n if (!_alogFilters) {\n _alogFilters = new Set(ops);\n _alogFilters.delete(op);\n } else if (_alogFilters.has(op)) {\n _alogFilters.delete(op);\n if (!_alogFilters.size) _alogFilters = null;\n } else {\n _alogFilters.add(op);\n if (_alogFilters.size === ops.length) _alogFilters = null;\n }\n _renderActivityLogs();\n };\n });\n\n // Build filtered list (newest first)\n const items = [];\n for (let i = log.length - 1; i >= 0; i--) {\n if (!_alogFilters || _alogFilters.has(log[i].o)) items.push(log[i]);\n }\n\n if (!items.length) {\n listEl.style.display = 'none';\n emptyEl.style.display = 'flex';\n return;\n }\n\n // Group by date\n const now = new Date(),\n todayStart = new Date(now.getFullYear(), now.getMonth(), now.getDate()).getTime(),\n yesterdayStart = todayStart - 86400000,\n weekStart = todayStart - 6 * 86400000;\n let html = '', lastGroup = '';\n for (const it of items) {\n let group;\n if (it.t >= todayStart) group = 'Today';\n else if (it.t >= yesterdayStart) group = 'Yesterday';\n else if (it.t >= weekStart) group = 'This Week';\n else group = 'Earlier';\n if (group !== lastGroup) {\n html += `
${escHtml(group)}
`;\n lastGroup = group;\n }\n const color = _ALOG_COLORS[it.o] || '#666',\n label = _alogOpLabel(it.o),\n mainText = it.d || '',\n pathFull = it.p ? (it.n > 1 && !it.p.endsWith('/') ? it.p + '/' : it.p) : '',\n pathShort = _alogPathDisplay(pathFull),\n destFull = it.p2 || '',\n destShort = _alogPathDisplay(destFull),\n time = _alogRelTime(it.t);\n let pathHtml = '';\n if (pathShort && destShort) {\n pathHtml = `${escHtml(pathShort)}\\u2192${escHtml(destShort)}`;\n } else if (pathShort) {\n pathHtml = `${escHtml(pathShort)}`;\n }\n html += `
${escHtml(label)}${escHtml(mainText)}${pathHtml}${escHtml(time)}
`;\n }\n contentEl.innerHTML = html;\n listEl.onscroll = null;\n}\n\n// ── Clear / export helpers ──────────────────────────────────\nasync function _clearActivityLog() {\n _activityLog = [];\n if (App.container) {\n delete App.container._alogZ;\n delete App.container.activityLog;\n await DB.saveContainer(App.container);\n }\n _alogFilters = null;\n}\n\n\n\n/* ============================================================\n CONTEXT MENU\n ============================================================ */\nlet _activeSubmenu = null;\n\nfunction showCtxMenu(x, y, items) {\n hideSubmenu();\n const menu = document.getElementById('ctx-menu');\n menu.innerHTML = '';\n items.forEach(item => {\n if (item.sep) {\n const d = document.createElement('div'); d.className = 'ctx-sep'; menu.appendChild(d); return;\n }\n const li = document.createElement('div');\n li.className = 'ctx-item' + (item.danger ? ' danger' : '') + (item.disabled ? ' disabled' : '');\n if (item.submenu) {\n li.innerHTML = `${item.icon || ''}${escHtml(item.label)}β€Ί`;\n li.addEventListener('mouseenter', () => showSubmenu(li, item.submenu));\n li.addEventListener('mouseleave', e => { if (!e.relatedTarget?.closest('#ctx-menu-sub')) hideSubmenu(); });\n } else if (item.disabled && item._tooltip) {\n li.innerHTML = `${item.icon || ''}${escHtml(item.label)}${item._keyHint ? `${item._keyHint}` : ''}`;\n let _tip = null;\n li.addEventListener('mouseenter', () => {\n _tip = document.createElement('div');\n _tip.className = 'ctx-tooltip';\n _tip.textContent = item._tooltip;\n document.body.appendChild(_tip);\n const r = li.getBoundingClientRect();\n _tip.style.left = r.right + 6 + 'px'; _tip.style.top = r.top + 'px';\n const tr = _tip.getBoundingClientRect();\n if (tr.right > window.innerWidth) _tip.style.left = Math.max(0, r.left - tr.width - 6) + 'px';\n });\n li.addEventListener('mouseleave', () => { if (_tip) { _tip.remove(); _tip = null; } });\n } else {\n li.innerHTML = `${item.icon || ''}${escHtml(item.label)}${item._keyHint ? `${item._keyHint}` : ''}`;\n li.addEventListener('click', () => { hideCtxMenu(); item.action?.(); });\n li.addEventListener('mouseenter', hideSubmenu);\n }\n menu.appendChild(li);\n });\n menu.style.left = x + 'px';\n menu.style.top = y + 'px';\n menu.classList.add('show');\n const r = menu.getBoundingClientRect();\n // Account for taskbar at the bottom (36px + 1px border)\n const taskbarH = document.querySelector('.taskbar')?.offsetHeight || 37,\n maxBottom = window.innerHeight - taskbarH;\n if (r.right > window.innerWidth) menu.style.left = Math.max(0, x - r.width) + 'px';\n if (r.bottom > maxBottom) menu.style.top = Math.max(0, y - r.height) + 'px';\n}\n\nfunction showSubmenu(parentEl, items) {\n hideSubmenu();\n let sub = document.getElementById('ctx-menu-sub');\n if (!sub) {\n sub = document.createElement('div');\n sub.className = 'ctx-menu'; sub.id = 'ctx-menu-sub';\n document.body.appendChild(sub);\n }\n sub.innerHTML = '';\n let _activeSub2 = null;\n\n function hideSub2() {\n if (_activeSub2) { _activeSub2.remove(); _activeSub2 = null; }\n }\n\n items.forEach(item => {\n if (item.sep) { const d = document.createElement('div'); d.className = 'ctx-sep'; sub.appendChild(d); return; }\n const li = document.createElement('div');\n li.className = 'ctx-item' + (item.danger ? ' danger' : '') + (item.disabled ? ' disabled' : '');\n if (item.submenu) {\n li.innerHTML = `${item.icon || ''}${escHtml(item.label)}β€Ί`;\n li.addEventListener('mouseenter', () => {\n hideSub2();\n const sub2 = document.createElement('div');\n sub2.className = 'ctx-menu show';\n item.submenu.forEach(si => {\n if (si.sep) { const d = document.createElement('div'); d.className = 'ctx-sep'; sub2.appendChild(d); return; }\n const li2 = document.createElement('div');\n li2.className = 'ctx-item' + (si.danger ? ' danger' : '');\n li2.innerHTML = `${si.icon || ''}${escHtml(si.label)}`;\n li2.addEventListener('click', () => { hideCtxMenu(); si.action?.(); });\n sub2.appendChild(li2);\n });\n document.body.appendChild(sub2);\n const pr = li.getBoundingClientRect();\n sub2.style.position = 'fixed';\n sub2.style.left = pr.right + 'px'; sub2.style.top = pr.top + 'px';\n const sr = sub2.getBoundingClientRect();\n const _taskbarH2 = document.querySelector('.taskbar')?.offsetHeight || 37,\n _maxB2 = window.innerHeight - _taskbarH2;\n if (window.innerWidth <= 640) {\n sub2.style.left = Math.max(0, Math.min(pr.left, window.innerWidth - sr.width)) + 'px';\n sub2.style.top = Math.min(pr.bottom, _maxB2 - sr.height) + 'px';\n } else {\n if (sr.right > window.innerWidth) sub2.style.left = Math.max(0, pr.left - sr.width) + 'px';\n if (sr.bottom > _maxB2) sub2.style.top = Math.max(0, pr.top - (sr.bottom - _maxB2)) + 'px';\n }\n _activeSub2 = sub2;\n sub2.addEventListener('mouseleave', e => {\n if (e.relatedTarget && li.contains(e.relatedTarget)) return;\n hideSub2();\n });\n });\n li.addEventListener('mouseleave', e => {\n if (_activeSub2 && _activeSub2.contains(e.relatedTarget)) return;\n hideSub2();\n });\n } else {\n li.innerHTML = `${item.icon || ''}${escHtml(item.label)}`;\n li.addEventListener('click', () => { hideCtxMenu(); item.action?.(); });\n li.addEventListener('mouseenter', hideSub2);\n }\n sub.appendChild(li);\n });\n sub.classList.add('show');\n const pr = parentEl.getBoundingClientRect();\n sub.style.left = pr.right + 'px'; sub.style.top = pr.top + 'px';\n const sr = sub.getBoundingClientRect();\n const _taskbarH = document.querySelector('.taskbar')?.offsetHeight || 37,\n _maxB = window.innerHeight - _taskbarH;\n if (window.innerWidth <= 640) {\n // Mobile: open below parent item to prevent horizontal overflow\n sub.style.left = Math.max(0, Math.min(pr.left, window.innerWidth - sr.width)) + 'px';\n sub.style.top = Math.min(pr.bottom, _maxB - sr.height) + 'px';\n } else {\n if (sr.right > window.innerWidth) sub.style.left = Math.max(0, pr.left - sr.width) + 'px';\n if (sr.bottom > _maxB) sub.style.top = Math.max(0, pr.top - (sr.bottom - _maxB)) + 'px';\n }\n _activeSubmenu = sub;\n}\n\nfunction hideSubmenu() {\n // Remove any third-level submenus\n document.querySelectorAll('body > .ctx-menu:not(#ctx-menu):not(#ctx-menu-sub)').forEach(el => el.remove());\n if (_activeSubmenu) { _activeSubmenu.classList.remove('show'); _activeSubmenu = null; }\n}\n\nfunction hideCtxMenu() {\n document.getElementById('ctx-menu').classList.remove('show');\n document.querySelectorAll('body > .ctx-menu:not(#ctx-menu):not(#ctx-menu-sub)').forEach(el => el.remove());\n document.querySelectorAll('.ctx-tooltip').forEach(el => el.remove());\n hideSubmenu();\n}\n\n/* ============================================================\n HOVER TOOLTIP\n ============================================================ */\nlet _tooltipTimer = null,\n _tooltipEl = null,\n _isDragging = false,\n _touchDragActive = false, // true while touch-drag is active β€” suppresses contextmenu event\n _lastTouchTs = 0; // timestamp of last touchstart β€” suppresses spurious mouseenter tooltips\n\nfunction _startHoverTooltip(el, node) {\n if (_isDragging) return;\n if (Date.now() - _lastTouchTs < 1200) return; // suppress tooltip shortly after any touch\n _cancelHoverTooltip();\n _tooltipTimer = setTimeout(() => {\n _tooltipEl = document.createElement('div');\n _tooltipEl.className = 'file-tooltip';\n const mime = node.type === 'folder' ? 'Folder' : (node.mime || getMime(node.name)),\n childCount = node.type === 'folder' ? VFS.children(node.id).length : null,\n folderSize = node.type === 'folder' && typeof _folderSize === 'function' ? _folderSize(node.id) : null;\n _tooltipEl.innerHTML =\n `
${escHtml(node.name)}
` +\n `
Path: ${escHtml(VFS.fullPath(node.id))}
` +\n `
Type: ${escHtml(node.type === 'folder' ? 'Folder' : mime)}
` +\n (node.size != null ? `
Size: ${fmtSize(node.size)}
` : '') +\n (folderSize !== null ? `
Size: ${fmtSize(folderSize)}
` : '') +\n (childCount !== null ? `
Items: ${childCount}
` : '') +\n `
Modified: ${fmtDate(node.mtime)}
` +\n `
Created: ${fmtDate(node.ctime)}
`;\n _tooltipEl.style.cssText = 'position:fixed;left:0;top:0;visibility:hidden';\n document.body.appendChild(_tooltipEl);\n const rect = el.getBoundingClientRect();\n // If element was removed from DOM or has zero size, abort\n if (!document.contains(el) || (rect.width === 0 && rect.height === 0)) {\n _tooltipEl.remove(); _tooltipEl = null; return;\n }\n const tw = _tooltipEl.offsetWidth, th = _tooltipEl.offsetHeight;\n let left = rect.right + 10, top = rect.top;\n if (left + tw > window.innerWidth - 8) left = rect.left - tw - 10;\n if (top + th > window.innerHeight - 8) top = window.innerHeight - th - 8;\n left = Math.max(4, left);\n top = Math.max(4, top);\n _tooltipEl.style.cssText = `position:fixed;left:${left}px;top:${top}px`;\n }, 750);\n}\n\nfunction _cancelHoverTooltip() {\n if (_tooltipTimer) { clearTimeout(_tooltipTimer); _tooltipTimer = null; }\n if (_tooltipEl) { _tooltipEl.remove(); _tooltipEl = null; }\n}\n\n/* ============================================================\n SETTINGS\n ============================================================ */\nconst SETTINGS_DEFAULTS = { iconSize: 'normal', gridDots: true, autoLock: '60', disableAnimations: false, requireExportPassword: true, activityLogs: true, exportWithLogs: false, snapHighlight: true };\n\nlet _autoLockTimerId = null;\n\nfunction _resetContainerSettings() {\n // Cancel any pending auto-lock timer\n if (_autoLockTimerId) { clearTimeout(_autoLockTimerId); _autoLockTimerId = null; }\n // Reset body icon-size and animation classes to defaults\n document.body.classList.remove('icons-small', 'icons-normal', 'icons-large', 'no-animations', 'no-snap-highlight');\n document.body.classList.add('icons-normal');\n // Reset grid constants\n GRID_X = 96;\n GRID_Y = 96;\n // Reset desktop grid dots to default (visible)\n const area = document.getElementById('desktop-area');\n if (area) area.classList.remove('no-grid-dots');\n}\n\nfunction _getSettings() {\n const s = App.container?.settings;\n return { ...SETTINGS_DEFAULTS, ...s };\n}\n\nfunction _applySettings(s, skipRemap = false) {\n // Icon Size β€” apply to body so it covers desktop + all folder windows\n document.body.classList.remove('icons-small', 'icons-normal', 'icons-large');\n document.body.classList.add('icons-' + (s.iconSize || 'normal'));\n // Update internal grid size depending on scale\n const oldGX = GRID_X, oldGY = GRID_Y;\n let scale = 1;\n if (s.iconSize === 'small') scale = 0.75;\n if (s.iconSize === 'large') scale = 1.25;\n GRID_X = Math.round(96 * scale);\n GRID_Y = Math.round(96 * scale);\n\n // Remap all saved positions to the new grid if grid changed.\n // skipRemap=true is passed on initial container load β€” positions are already\n // stored in the correct grid space and must NOT be converted again.\n if (!skipRemap && (oldGX !== GRID_X || oldGY !== GRID_Y)) {\n VFS.remapPositions(oldGX, oldGY, GRID_X, GRID_Y);\n saveVFS();\n Desktop._renderIcons();\n if (typeof WinManager !== 'undefined') WinManager.renderAll();\n }\n\n // Grid Dots\n const area = document.getElementById('desktop-area');\n area.classList.toggle('no-grid-dots', !s.gridDots);\n document.querySelectorAll('.fw-area').forEach(a => a.classList.toggle('no-grid-dots', !s.gridDots));\n // Animations\n document.body.classList.toggle('no-animations', !!s.disableAnimations);\n // Snap preview highlight\n document.body.classList.toggle('no-snap-highlight', s.snapHighlight === false);\n}\n\nasync function _saveSettings(s) {\n if (!App.container) return;\n App.container.settings = s;\n await DB.saveContainer(App.container);\n}\n\nfunction _resetAutoLockTimer() {\n if (_autoLockTimerId) {\n clearTimeout(_autoLockTimerId);\n _autoLockTimerId = null;\n }\n const s = _getSettings();\n if (s.autoLock && s.autoLock !== '0') {\n const min = parseInt(s.autoLock, 10);\n if (!isNaN(min) && min > 0) {\n _autoLockTimerId = setTimeout(() => {\n App.lockContainer();\n }, min * 60 * 1000);\n }\n }\n}\n\nlet _ddCloseListener = null;\nfunction openSettings() {\n const s = _getSettings();\n // Populate UI\n document.querySelectorAll('#settings-icon-size .settings-toggle-btn').forEach(btn => {\n btn.classList.toggle('active', btn.dataset.value === s.iconSize);\n });\n document.querySelector('#settings-grid-dots input').checked = s.gridDots;\n document.querySelector('#settings-animations input').checked = !!s.disableAnimations;\n\n // Setup custom dropdown for auto-lock\n const dd = document.getElementById('settings-autolock-dd'),\n currentAl = s.autoLock || '60';\n\n const updateDdUI = (val) => {\n dd.querySelectorAll('.custom-dd-opt').forEach(opt => {\n const isSel = opt.dataset.value === val;\n opt.classList.toggle('selected', isSel);\n if (isSel) dd.querySelector('.custom-dd-val').textContent = opt.textContent;\n });\n };\n\n // Remove old listeners to prevent duplicates (clone head and menu)\n const ddHead = dd.querySelector('.custom-dd-head'),\n newDdHead = ddHead.cloneNode(true);\n ddHead.parentNode.replaceChild(newDdHead, ddHead);\n\n // Set initial value AFTER cloning so we update the live DOM element\n updateDdUI(currentAl);\n\n newDdHead.onclick = (e) => {\n e.stopPropagation();\n document.querySelectorAll('.custom-dd').forEach(d => { if (d !== dd) d.classList.remove('open'); });\n dd.classList.toggle('open');\n };\n\n const ddMenu = dd.querySelector('.custom-dd-menu'),\n newDdMenu = ddMenu.cloneNode(true);\n ddMenu.parentNode.replaceChild(newDdMenu, ddMenu);\n\n newDdMenu.querySelectorAll('.custom-dd-opt').forEach(opt => {\n opt.onclick = async (e) => {\n e.stopPropagation();\n const val = opt.dataset.value;\n updateDdUI(val);\n dd.classList.remove('open');\n const ns = { ..._getSettings(), autoLock: val };\n _applySettings(ns);\n await _saveSettings(ns);\n _resetAutoLockTimer();\n };\n });\n\n // Close dropdowns on outside click β€” replace previous listener to avoid accumulation\n if (_ddCloseListener) document.removeEventListener('click', _ddCloseListener);\n _ddCloseListener = (e) => {\n if (!e.target.closest('.custom-dd')) {\n document.querySelectorAll('.custom-dd').forEach(d => d.classList.remove('open'));\n }\n };\n document.addEventListener('click', _ddCloseListener);\n\n // Tab state\n document.querySelectorAll('.settings-tab').forEach(t => t.classList.toggle('active', t.dataset.tab === 'personalization'));\n document.getElementById('settings-personalization').style.display = '';\n document.getElementById('settings-statistics').style.display = 'none';\n document.getElementById('settings-activity-logs').style.display = 'none';\n // Bind tabs\n document.querySelectorAll('.settings-tab').forEach(t => {\n t.onclick = () => {\n document.querySelectorAll('.settings-tab').forEach(t2 => t2.classList.remove('active'));\n t.classList.add('active');\n document.getElementById('settings-personalization').style.display = t.dataset.tab === 'personalization' ? '' : 'none';\n document.getElementById('settings-statistics').style.display = t.dataset.tab === 'statistics' ? '' : 'none';\n document.getElementById('settings-activity-logs').style.display = t.dataset.tab === 'activity-logs' ? '' : 'none';\n if (t.dataset.tab === 'statistics') _renderStats();\n if (t.dataset.tab === 'activity-logs') _renderActivityLogs();\n };\n });\n // Bind icon size buttons\n document.querySelectorAll('#settings-icon-size .settings-toggle-btn').forEach(btn => {\n btn.onclick = async () => {\n document.querySelectorAll('#settings-icon-size .settings-toggle-btn').forEach(b => b.classList.remove('active'));\n btn.classList.add('active');\n const ns = { ..._getSettings(), iconSize: btn.dataset.value };\n _applySettings(ns);\n await _saveSettings(ns);\n };\n });\n // Bind grid dots\n document.querySelector('#settings-grid-dots input').onchange = async function () {\n const ns = { ..._getSettings(), gridDots: this.checked };\n _applySettings(ns);\n await _saveSettings(ns);\n };\n // Bind disabled animations\n document.querySelector('#settings-animations input').onchange = async function () {\n const ns = { ..._getSettings(), disableAnimations: this.checked };\n _applySettings(ns);\n await _saveSettings(ns);\n };\n // Bind snap highlight\n document.querySelector('#settings-snap-highlight input').checked = s.snapHighlight !== false;\n document.querySelector('#settings-snap-highlight input').onchange = async function () {\n const ns = { ..._getSettings(), snapHighlight: this.checked };\n _applySettings(ns);\n await _saveSettings(ns);\n };\n // Bind require export password\n document.querySelector('#settings-export-pw input').checked = s.requireExportPassword !== false;\n document.querySelector('#settings-export-pw input').onchange = async function () {\n if (!this.checked) {\n // Disabling password β€” build export cache first; save setting only on success\n this.disabled = true;\n const ok = typeof _updateExportCache === 'function'\n ? await _updateExportCache(true)\n : false;\n this.disabled = false;\n if (ok) {\n const ns = { ..._getSettings(), requireExportPassword: false };\n await _saveSettings(ns);\n } else {\n this.checked = true; // revert toggle\n toast('Failed to generate export cache β€” setting not changed', 'error');\n }\n } else {\n // Re-enabling password requirement β€” save immediately and clear any existing cache\n const ns = { ..._getSettings(), requireExportPassword: true };\n await _saveSettings(ns);\n if (typeof _updateExportCache === 'function') await _updateExportCache();\n }\n };\n // Bind duress password toggle + inline form\n const duressCb = document.getElementById('settings-duress-cb'),\n duressForm = document.getElementById('duress-form'),\n duressActiveInfo = document.getElementById('duress-active-info'),\n hasDuress = !!App.container?.duressHash;\n duressCb.checked = hasDuress;\n _updateDuressUI(hasDuress);\n duressCb.onchange = function () {\n if (this.checked) {\n _updateDuressUI(false); // show form with animation\n _resetDuressForm();\n } else {\n // unchecking β€” if duress is active, remove it; otherwise just collapse\n if (App.container?.duressHash) {\n _removeDuressPassword();\n } else {\n _updateDuressUI(false);\n }\n }\n };\n document.getElementById('duress-set-ok').onclick = () => _handleDuressSet();\n document.getElementById('duress-remove-btn').onclick = () => _removeDuressPassword();\n document.getElementById('duress-pw').oninput = function () {\n updatePwStrength(this.value, 'duress-pw-strength', 'duress-pw-strength-label');\n };\n // Bind activity logs toggle\n const alogToggle = document.querySelector('#settings-activity-logs-toggle input'),\n expLogsToggle = document.querySelector('#settings-export-logs input'),\n expLogsRow = document.getElementById('settings-export-logs-row');\n alogToggle.checked = s.activityLogs !== false;\n expLogsToggle.checked = !!s.exportWithLogs;\n expLogsRow.classList.toggle('disabled', s.activityLogs === false);\n expLogsToggle.disabled = s.activityLogs === false;\n alogToggle.onchange = async function () {\n if (!this.checked) {\n // Show confirmation before disabling\n this.checked = true; // revert, let modal decide\n Overlay.show('modal-alog-disable');\n document.getElementById('alog-disable-ok').onclick = async () => {\n Overlay.hide();\n alogToggle.checked = false;\n const ns = { ..._getSettings(), activityLogs: false };\n await _saveSettings(ns);\n await _clearActivityLog();\n expLogsRow.classList.add('disabled');\n expLogsToggle.disabled = true;\n Overlay.show('modal-settings');\n };\n document.getElementById('alog-disable-cancel').onclick = () => {\n Overlay.hide();\n Overlay.show('modal-settings');\n };\n return;\n }\n const ns = { ..._getSettings(), activityLogs: true };\n await _saveSettings(ns);\n expLogsRow.classList.remove('disabled');\n expLogsToggle.disabled = false;\n };\n expLogsToggle.onchange = async function () {\n const ns = { ..._getSettings(), exportWithLogs: this.checked };\n await _saveSettings(ns);\n };\n document.getElementById('alog-enable-btn').onclick = async () => {\n const ns = { ..._getSettings(), activityLogs: true };\n await _saveSettings(ns);\n alogToggle.checked = true;\n expLogsRow.classList.remove('disabled');\n expLogsToggle.disabled = false;\n _renderActivityLogs();\n };\n // Bind clear logs button (with confirmation)\n document.getElementById('alog-clear-btn').onclick = () => {\n Overlay.show('modal-alog-clear');\n document.getElementById('alog-clear-ok').onclick = async () => {\n Overlay.hide();\n await _clearActivityLog();\n Overlay.show('modal-settings');\n document.querySelectorAll('.settings-tab').forEach(t2 => t2.classList.toggle('active', t2.dataset.tab === 'activity-logs'));\n document.getElementById('settings-personalization').style.display = 'none';\n document.getElementById('settings-statistics').style.display = 'none';\n document.getElementById('settings-activity-logs').style.display = '';\n _renderActivityLogs();\n };\n document.getElementById('alog-clear-cancel').onclick = () => {\n Overlay.hide();\n Overlay.show('modal-settings');\n };\n };\n // ── File System check β€” opens scanner modal ────────────────\n document.getElementById('fs-check-open').onclick = () => {\n Overlay.hide();\n _openScannerModal();\n };\n Overlay.show('modal-settings');\n}\n\n/* ── Duress password β€” inline form helpers ───────────────────── */\nfunction _updateDuressUI(isActive) {\n const form = document.getElementById('duress-form'),\n info = document.getElementById('duress-active-info'),\n cb = document.getElementById('settings-duress-cb');\n if (isActive) {\n form.classList.remove('open');\n info.style.display = 'block';\n cb.checked = true;\n } else {\n info.style.display = '';\n if (cb.checked) form.classList.add('open');\n else form.classList.remove('open');\n }\n}\n\nfunction _resetDuressForm() {\n const pw = document.getElementById('duress-pw'),\n pw2 = document.getElementById('duress-pw2'),\n eye1 = document.getElementById('duress-pw-eye');\n pw.value = ''; pw2.value = '';\n pw.type = 'password'; pw2.type = 'password';\n eye1.style.color = ''; eye1.innerHTML = Icons.eye;\n document.getElementById('duress-pw-strength').style.width = '0%';\n document.getElementById('duress-pw-strength').style.height = '0';\n document.getElementById('duress-pw-strength').style.marginTop = '0';\n document.getElementById('duress-pw-strength-label').textContent = '';\n document.getElementById('duress-pw-strength-label').style.display = 'none';\n document.getElementById('duress-set-error').style.display = '';\n}\n\nasync function _handleDuressSet() {\n const pw = document.getElementById('duress-pw').value,\n pw2 = document.getElementById('duress-pw2').value,\n errEl = document.getElementById('duress-set-error'),\n okBtn = document.getElementById('duress-set-ok');\n\n const showErr = msg => { errEl.textContent = msg; errEl.style.display = 'block'; };\n errEl.style.display = '';\n\n if (pw.length < 4) { showErr('Duress password must be at least 4 characters'); return; }\n if (pw !== pw2) { showErr('Passwords do not match'); return; }\n\n // Verify that duress password differs from the main container password\n okBtn.disabled = true;\n try {\n const c = App.container,\n testKey = await Crypto.deriveKey(pw, new Uint8Array(c.salt)),\n isMain = await Crypto.checkVerification(testKey, c.verIv, c.verBlob);\n if (isMain) { showErr('Duress password must be different from the main password'); okBtn.disabled = false; return; }\n\n const salt = Array.from(crypto.getRandomValues(new Uint8Array(32))),\n hash = await hashDuress(pw, salt),\n updated = { ...c, duressHash: { salt, hash } };\n await DB.saveContainer(updated);\n App.container = updated;\n _updateDuressUI(true);\n toast('Duress password set', 'success');\n } catch (e) {\n showErr(e.message);\n }\n okBtn.disabled = false;\n}\n\nasync function _removeDuressPassword() {\n const c = { ...App.container };\n delete c.duressHash;\n await DB.saveContainer(c);\n App.container = c;\n document.getElementById('settings-duress-cb').checked = false;\n _updateDuressUI(false);\n _resetDuressForm();\n toast('Duress password removed', 'success');\n}\n\n/* ============================================================\n CONTAINER INTEGRITY SCANNER MODAL\n ============================================================ */\nconst _SCAN_ICONS = {\n pass: '',\n fail: '',\n warn: '',\n spin: '
',\n};\n\nfunction _delay(ms) { return new Promise(r => setTimeout(r, ms)); }\n\nfunction _addScanRow(log, name) {\n const row = document.createElement('div');\n row.className = 'scanner-step';\n row.innerHTML = `${_SCAN_ICONS.spin}${escHtml(name)}…`;\n log.appendChild(row);\n log.scrollTop = log.scrollHeight;\n return row;\n}\n\nfunction _resolveScanRow(row, status, detail) {\n row.classList.add(status);\n row.querySelector('.scanner-step-icon').innerHTML = _SCAN_ICONS[status] || _SCAN_ICONS.pass;\n row.querySelector('.scanner-step-result').textContent = detail;\n}\n\n/* --- Async DB-level checks (file data, IVs, orphan records, size consistency) --- */\nasync function _runDbChecks(repair, isAborted) {\n const steps = [];\n function mkStep(name, iss, fxd) {\n const hasCrit = iss.some(i => i.sev === 'critical'),\n status = iss.length === 0 ? 'pass' : hasCrit ? 'fail' : 'warn',\n detail = iss.length === 0 ? 'OK' : `${iss.length} issue${iss.length !== 1 ? 's' : ''}${repair && fxd.length ? `, ${fxd.length} fixed` : ''}`;\n steps.push({ name, status, detail, issues: iss, fixed: fxd });\n }\n\n // Build the DB file map once (expensive IndexedDB call)\n const allDbFiles = await DB.getFilesByCid(App.container.id),\n dbFileMap = new Map(allDbFiles.map(f => [f.id, f]));\n\n // Snapshot VFS file IDs β€” refresh after each destructive step\n let vfsFileIds = new Set(VFS.fileIds());\n const _abort = () => isAborted?.();\n\n // 1. File data existence β€” VFS file nodes whose encrypted data is missing from IndexedDB\n {\n const issues = [], fixed = [];\n for (const id of vfsFileIds) {\n if (_abort()) break;\n const node = VFS.node(id);\n if (!dbFileMap.has(id)) {\n issues.push({ sev: 'critical', msg: `\"${node?.name || id}\": encrypted data not found in storage` });\n if (repair) {\n VFS.remove(id);\n fixed.push(`Removed broken file node \"${node?.name || id}\"`);\n }\n }\n }\n mkStep('File data existence', issues, fixed);\n if (repair && fixed.length) vfsFileIds = new Set(VFS.fileIds());\n }\n\n // 2. Encryption IV integrity\n // Files are stored with iv = Array.from(Uint8Array(12)) β€” plain Array is the canonical format.\n // Uint8Array / ArrayBuffer / ArrayBufferView are also accepted.\n // Only flag if iv is missing, wrong length, or an unrecognized type.\n {\n if (_abort()) return steps;\n const issues = [], fixed = [];\n\n function ivValid(iv) {\n if (!iv) return false;\n if (Array.isArray(iv)) return iv.length >= 12;\n if (iv instanceof Uint8Array || ArrayBuffer.isView(iv)) return iv.byteLength >= 12;\n if (iv instanceof ArrayBuffer) return iv.byteLength >= 12;\n return false;\n }\n\n for (const [id, rec] of dbFileMap) {\n if (_abort()) break;\n if (!vfsFileIds.has(id)) continue;\n const node = VFS.node(id);\n\n if (!rec.iv) {\n issues.push({ sev: 'critical', msg: `\"${node?.name || id}\": missing encryption IV` });\n if (repair) {\n VFS.remove(id);\n await DB.deleteFile(id);\n fixed.push(`Purged file missing IV: \"${node?.name || id}\"`);\n }\n continue;\n }\n\n let ok = ivValid(rec.iv);\n\n // Try to salvage IVs stored as unusual types (e.g. base64 string in very old data)\n if (!ok && repair) {\n let coerced = null;\n const origType = typeof rec.iv;\n if (typeof rec.iv === 'string') {\n try { coerced = new Uint8Array(atob(rec.iv).split('').map(c => c.charCodeAt(0))); } catch { }\n }\n if (coerced && coerced.length >= 12) {\n rec.iv = Array.from(coerced); // store as canonical Array format\n await DB.saveFile(rec);\n fixed.push(`Coerced IV for \"${node?.name || id}\" (${origType} β†’ array)`);\n ok = true;\n }\n }\n\n if (!ok) {\n const ivDesc = Array.isArray(rec.iv) ? `array[${rec.iv.length}]` : typeof rec.iv;\n issues.push({ sev: 'critical', msg: `\"${node?.name || id}\": invalid IV (${ivDesc})` });\n if (repair) {\n VFS.remove(id);\n await DB.deleteFile(id);\n fixed.push(`Purged file with invalid IV: \"${node?.name || id}\"`);\n }\n }\n }\n mkStep('Encryption IV integrity', issues, fixed);\n if (repair && fixed.length) vfsFileIds = new Set(VFS.fileIds());\n }\n\n // 3. File blob integrity β€” sized files must have non-empty blob\n {\n if (_abort()) return steps;\n const issues = [], fixed = [];\n for (const [id, rec] of dbFileMap) {\n if (!vfsFileIds.has(id)) continue;\n const node = VFS.node(id);\n if (!node) continue;\n const blobLen = rec.blob ? (rec.blob.byteLength ?? rec.blob.length ?? 0) : 0;\n if (node.size > 0 && blobLen === 0) {\n issues.push({ sev: 'warn', msg: `\"${node.name || id}\": expected ${node.size} bytes but blob is empty` });\n if (repair) {\n // Zero the declared size instead of deleting the file β€” preserves metadata\n node.size = 0;\n fixed.push(`Reset size to 0 for \"${node.name || id}\"`);\n }\n }\n }\n mkStep('File blob integrity', issues, fixed);\n }\n\n // 4. Orphaned DB records β€” DB files not referenced by any VFS node\n {\n if (_abort()) return steps;\n const issues = [], fixed = [];\n const liveIds = new Set(VFS.fileIds());\n for (const [id] of dbFileMap) {\n if (_abort()) break;\n if (!liveIds.has(id)) {\n issues.push({ sev: 'warn', msg: `Orphaned DB record \"${id}\"` });\n if (repair) {\n await DB.deleteFile(id);\n fixed.push(`Deleted orphaned DB record \"${id}\"`);\n }\n }\n }\n mkStep('Orphaned storage records', issues, fixed);\n }\n\n // 5. Record container binding β€” verify DB records belong to current container\n {\n if (_abort()) return steps;\n const issues = [], fixed = [];\n for (const [id, rec] of dbFileMap) {\n if (rec.cid && rec.cid !== App.container.id) {\n issues.push({ sev: 'warn', msg: `Record \"${id}\": bound to different container` });\n if (repair) {\n rec.cid = App.container.id;\n await DB.saveFile(rec);\n fixed.push(`Rebound record \"${id}\" to current container`);\n }\n }\n }\n mkStep('Record container binding', issues, fixed);\n }\n\n // 6. Container size consistency\n {\n const issues = [], fixed = [];\n const vfsTotal = VFS.totalSize();\n const containerTotal = App.container.totalSize || 0;\n if (Math.abs(vfsTotal - containerTotal) > 1024) {\n issues.push({ sev: 'warn', msg: `Container reports ${containerTotal} bytes but VFS sums to ${vfsTotal} bytes` });\n if (repair) {\n App.container.totalSize = vfsTotal;\n await DB.saveContainer(App.container);\n fixed.push(`Corrected container totalSize to ${vfsTotal}`);\n }\n }\n mkStep('Container size consistency', issues, fixed);\n }\n\n // 7. File decryption verification β€” attempt to decrypt each file blob\n {\n if (_abort()) return steps;\n const issues = [], fixed = [];\n for (const [id, rec] of dbFileMap) {\n if (_abort()) break;\n if (!vfsFileIds.has(id)) continue;\n const node = VFS.node(id);\n if (!node) continue;\n const blobLen = rec.blob ? (rec.blob.byteLength ?? rec.blob.length ?? 0) : 0;\n if (blobLen === 0) continue;\n try {\n await Crypto.decryptBin(App.key, rec.iv, rec.blob);\n } catch {\n issues.push({ sev: 'critical', msg: `\"${node.name || id}\": decryption failed β€” data is unreadable` });\n if (repair) {\n VFS.remove(id);\n await DB.deleteFile(id);\n fixed.push(`Removed unreadable file \"${node.name || id}\"`);\n }\n }\n }\n mkStep('File decryption verification', issues, fixed);\n if (repair && fixed.length) vfsFileIds = new Set(VFS.fileIds());\n }\n\n return steps;\n}\n\nfunction _openScannerModal() {\n const log = document.getElementById('scanner-log'),\n summary = document.getElementById('scanner-summary'),\n repairBtn = document.getElementById('scanner-repair'),\n deepCleanBtn = document.getElementById('scanner-deep-clean'),\n startBtn = document.getElementById('scanner-start'),\n closeBtn = document.getElementById('scanner-close');\n\n log.innerHTML = '';\n summary.style.display = 'none';\n repairBtn.style.display = 'none';\n deepCleanBtn.style.display = 'none';\n startBtn.style.display = '';\n startBtn.disabled = false;\n startBtn.textContent = 'Start Scan';\n let _hasIssues = false, _aborted = false;\n\n startBtn.onclick = () => {\n if (_hasIssues || startBtn.textContent === 'Done') {\n Overlay.hide();\n return;\n }\n startBtn.disabled = true;\n startBtn.textContent = 'Scanning…';\n repairBtn.style.display = 'none';\n deepCleanBtn.style.display = 'none';\n _runScanAnimated(false);\n };\n\n repairBtn.onclick = () => {\n // Show confirmation dialog over scanner\n _showRepairConfirm().then(proceed => {\n if (!proceed) return;\n repairBtn.style.display = 'none';\n deepCleanBtn.style.display = 'none';\n startBtn.style.display = 'none';\n log.innerHTML = '';\n summary.style.display = 'none';\n _runScanAnimated(true);\n });\n };\n\n deepCleanBtn.onclick = () => {\n _showRepairConfirm().then(proceed => {\n if (!proceed) return;\n repairBtn.style.display = 'none';\n deepCleanBtn.style.display = 'none';\n startBtn.style.display = 'none';\n log.innerHTML = '';\n summary.style.display = 'none';\n _runDeepCleanAnimated();\n });\n };\n\n closeBtn.onclick = () => { _aborted = true; Overlay.hide(); };\n\n async function _runDeepCleanAnimated() {\n log.innerHTML = '';\n summary.style.display = 'none';\n _aborted = false;\n\n // Show 5 progress rows updated via onProgress callback\n const rowStorage = _addScanRow(log, 'Scanning storage records…'),\n rowPurge = _addScanRow(log, 'Purging dead nodes…'),\n rowFlatten = _addScanRow(log, 'Flattening deep folder chains…'),\n rowMeta = _addScanRow(log, 'Repairing metadata…'),\n rowClean = _addScanRow(log, 'Cleaning storage records…');\n log.scrollTop = log.scrollHeight;\n await _delay(20);\n\n let phase = 0;\n const result = await _runDeepClean(() => _aborted, (msg) => {\n if (phase === 0) { _resolveScanRow(rowStorage, 'pass', 'OK'); phase = 1; }\n else if (phase === 1) { _resolveScanRow(rowPurge, 'pass', 'OK'); phase = 2; }\n else if (phase === 2) { _resolveScanRow(rowFlatten, 'pass', 'OK'); phase = 3; }\n else if (phase === 3) { _resolveScanRow(rowMeta, 'pass', 'OK'); phase = 4; }\n });\n if (_aborted) return;\n\n // Resolve any rows not yet resolved\n if (phase === 0) _resolveScanRow(rowStorage, 'pass', 'OK');\n if (phase <= 1) _resolveScanRow(rowPurge, 'pass', 'Clean');\n _resolveScanRow(rowFlatten, 'pass',\n result.flattened > 0 ? `${result.flattened} folder${result.flattened !== 1 ? 's' : ''} collapsed` : 'Clean');\n _resolveScanRow(rowMeta, 'pass',\n result.metadataFixed > 0 ? `${result.metadataFixed} node${result.metadataFixed !== 1 ? 's' : ''} patched` : 'Clean');\n _resolveScanRow(rowClean, 'pass', 'OK');\n log.scrollTop = log.scrollHeight;\n\n const totalRemoved = (result.removed || 0) + (result.flattened || 0) + (result.metadataFixed || 0);\n if (totalRemoved > 0) {\n await saveVFS();\n Desktop.render();\n if (typeof _scheduleExportCacheRefresh === 'function') _scheduleExportCacheRefresh();\n await _delay(600);\n if (!_aborted) await _runScanAnimated(false);\n } else {\n summary.style.display = '';\n summary.className = 'scanner-summary critical';\n summary.innerHTML = `\n Deep Clean found nothing to remove. All nodes are structurally valid. The remaining warnings are informational and require no action.`;\n startBtn.style.display = '';\n startBtn.disabled = false;\n startBtn.textContent = 'Done';\n }\n }\n\n async function _runScanAnimated(repair) {\n log.innerHTML = '';\n summary.style.display = 'none';\n _hasIssues = false;\n _aborted = false;\n\n // Phase 1: VFS structural checks β€” run synchronously, display per step\n const vfsSteps = VFS.check(repair);\n for (const s of vfsSteps) {\n if (_aborted) return;\n const row = _addScanRow(log, s.name);\n await _delay(15);\n _resolveScanRow(row, s.status, s.detail);\n log.scrollTop = log.scrollHeight;\n }\n\n // Phase 2: DB async checks\n const dbCheckNames = [\n 'File data existence',\n 'Encryption IV integrity',\n 'File blob integrity',\n 'Orphaned storage records',\n 'Record container binding',\n 'Container size consistency',\n 'File decryption verification',\n ];\n const dbRows = dbCheckNames.map(name => _addScanRow(log, name));\n log.scrollTop = log.scrollHeight;\n\n if (_aborted) return;\n const dbSteps = await _runDbChecks(repair, () => _aborted);\n if (_aborted) return;\n for (let i = 0; i < dbSteps.length; i++) {\n if (_aborted) return;\n await _delay(30);\n _resolveScanRow(dbRows[i], dbSteps[i].status, dbSteps[i].detail);\n log.scrollTop = log.scrollHeight;\n }\n\n // Combine all steps for summary\n const allSteps = [...vfsSteps, ...dbSteps];\n const actionableIssues = allSteps.filter(s => !s.informational).reduce((s, st) => s + st.issues.length, 0),\n infoIssues = allSteps.filter(s => s.informational).reduce((s, st) => s + st.issues.length, 0),\n totalIssues = actionableIssues + infoIssues,\n totalFixed = allSteps.reduce((s, st) => s + st.fixed.length, 0),\n allPass = allSteps.every(s => s.status === 'pass');\n\n summary.style.display = '';\n if (repair && totalFixed > 0) {\n await saveVFS();\n Desktop.render();\n if (typeof _scheduleExportCacheRefresh === 'function') _scheduleExportCacheRefresh();\n // Auto-re-scan to verify the repair result\n summary.className = 'scanner-summary repaired';\n summary.innerHTML = `\n ${totalFixed} issue${totalFixed !== 1 ? 's' : ''} repaired. Running verification scan…`;\n summary.style.display = '';\n await _delay(900);\n if (!_aborted) { await _runScanAnimated(false); }\n return;\n } else if (repair && totalFixed === 0 && actionableIssues > 0) {\n // Repair ran but couldn't fix actionable issues β€” offer Deep Clean\n summary.className = 'scanner-summary critical';\n summary.innerHTML = `\n ${actionableIssues} issue${actionableIssues !== 1 ? 's' : ''} could not be auto-repaired. Click Deep Clean for aggressive recovery (flattens deep trees, repairs all metadata). A backup will be offered first β€” no need to exit.`;\n deepCleanBtn.style.display = '';\n } else if (repair && totalFixed === 0 && actionableIssues === 0 && infoIssues > 0) {\n // All remaining issues are informational warnings only β€” no action needed\n summary.className = 'scanner-summary healthy';\n summary.innerHTML = `\n All structural issues are resolved. ${infoIssues} informational warning${infoIssues !== 1 ? 's' : ''} (e.g., folder depth) are noted but require no action.`;\n } else if (allPass) {\n summary.className = 'scanner-summary healthy';\n summary.innerHTML = `\n All checks passed. Your container's virtual disk image and workspace environment are in perfect condition.`;\n } else if (actionableIssues === 0 && infoIssues > 0) {\n // Only informational warnings on first scan β€” no repair needed\n summary.className = 'scanner-summary warnings';\n summary.innerHTML = `\n ${infoIssues} informational warning${infoIssues !== 1 ? 's' : ''} noted. Advisory only (e.g., folder nesting depth) β€” no data loss, no action required.`;\n } else {\n summary.className = 'scanner-summary issues';\n summary.innerHTML = `\n ${actionableIssues} issue${actionableIssues !== 1 ? 's' : ''} detected. Click Auto-Repair β€” you'll be offered a backup option first, no need to exit the scanner.`;\n _hasIssues = true;\n repairBtn.style.display = '';\n }\n\n startBtn.style.display = '';\n startBtn.disabled = false;\n startBtn.textContent = 'Done';\n }\n\n Overlay.show('modal-scanner');\n}\n\n/* ── Deep Clean β€” purge all phantom/empty nodes that normal repair can't fix ── */\n// O(n) rebuild: marks ancestors of real files as \"keep\", deletes everything else.\nasync function _runDeepClean(isAborted, onProgress) {\n const _abort = () => isAborted?.();\n\n // 1. Load DB records (real data)\n onProgress?.('Scanning storage records…');\n const allDbFiles = await DB.getFilesByCid(App.container.id);\n if (_abort()) return { removed: 0 };\n const dbIds = new Set(allDbFiles.map(f => f.id));\n\n // 2. Determine truly live file IDs: exist in VFS AND have a DB record\n const allVfsFileIds = VFS.fileIds(),\n liveFileIds = allVfsFileIds.filter(id => dbIds.has(id));\n if (_abort()) return { removed: 0 };\n\n // 3. Single-pass bulk purge via VFS.purgeDeadBranches (O(n))\n onProgress?.(`Purging dead nodes…`);\n const removed = VFS.purgeDeadBranches(liveFileIds);\n if (_abort()) return { removed: 0, flattened: 0 };\n\n // 4. Flatten folders nested deeper than 50 levels β€” reparents all files to\n // their closest depth-≀50 ancestor, then deletes the now-empty deep folders.\n // All file data is preserved; only folder hierarchy is truncated.\n onProgress?.('Flattening deep folder chains…');\n const flattened = VFS.flattenDeepContent(50);\n if (_abort()) return { removed, flattened: 0 };\n\n // 5. Repair all corrupted/missing metadata (timestamps β†’ today's date)\n onProgress?.('Repairing metadata…');\n const metadataFixed = VFS.repairMetadata();\n if (_abort()) return { removed, flattened, metadataFixed: 0 };\n\n // 6. Remove orphaned DB records in a single IndexedDB transaction\n onProgress?.('Cleaning storage records…');\n const liveNow = new Set(VFS.fileIds());\n const orphanIds = allDbFiles.filter(f => !liveNow.has(f.id)).map(f => f.id);\n if (orphanIds.length) await DB.deleteFiles(orphanIds);\n\n return { removed, flattened, metadataFixed };\n}\n\n/* ── Repair confirmation dialog (shown above scanner overlay) ─────── */\nfunction _showRepairConfirm() {\n return new Promise(resolve => {\n const ov = document.getElementById('repair-confirm-overlay'),\n exportBtn = document.getElementById('repair-confirm-export'),\n proceedBtn = document.getElementById('repair-confirm-proceed'),\n cancelBtn = document.getElementById('repair-confirm-cancel');\n\n function close(val) {\n ov.classList.remove('show');\n exportBtn.onclick = proceedBtn.onclick = cancelBtn.onclick = null;\n resolve(val);\n }\n\n cancelBtn.onclick = () => close(false);\n proceedBtn.onclick = () => close(true);\n exportBtn.onclick = async () => {\n // Export container via existing exportContainerFile\n if (typeof exportContainerFile === 'function') {\n await exportContainerFile(App.container, false);\n }\n };\n\n ov.classList.add('show');\n });\n}\n\n\nconst STATS_COLORS = ['#569cd6', '#4ec9b0', '#ce9178', '#c586c0', '#6a9955', '#dcdcaa', '#9cdcfe', '#d7ba7d'];\n\nfunction _renderStats() {\n // Gather all nodes recursively\n let totalFiles = 0, totalFolders = 0, totalSize = 0;\n const typeCounts = {}, typeSizes = {};\n let largestSize = 0, largestName = '';\n const allFiles = [];\n function walk(pid) {\n VFS.children(pid).forEach(n => {\n if (n.type === 'folder') {\n totalFolders++;\n walk(n.id);\n } else {\n totalFiles++;\n const sz = n.size || 0;\n totalSize += sz;\n const ext = n.name.includes('.') ? n.name.split('.').pop().toLowerCase() : 'other';\n typeCounts[ext] = (typeCounts[ext] || 0) + 1;\n typeSizes[ext] = (typeSizes[ext] || 0) + sz;\n allFiles.push({ name: n.name, size: sz, ext });\n if (sz > largestSize) { largestSize = sz; largestName = n.name; }\n }\n });\n }\n walk('root');\n\n // ── Stats cards (3Γ—2) ────────────────────────────────────\n const grid = document.getElementById('stats-grid');\n grid.innerHTML = '';\n const _shortDate = ts => ts ? new Date(ts).toLocaleDateString('en-US', { month: 'short', day: 'numeric', year: 'numeric' }) : 'β€”';\n const cards = [\n { value: totalFiles.toLocaleString(), label: 'Files' },\n { value: totalFolders.toLocaleString(), label: 'Folders' },\n { value: fmtSize(totalSize), label: 'Total Size' },\n { value: totalFiles ? fmtSize(Math.round(totalSize / totalFiles)) : 'β€”', label: 'Avg File Size' },\n { value: largestSize ? fmtSize(largestSize) : 'β€”', label: largestSize ? (largestName.length > 18 ? largestName.slice(0, 17) + '\\u2026' : largestName) : 'Largest File' },\n { value: _shortDate(App.container?.createdAt), label: 'Created' },\n ];\n cards.forEach(c => {\n const card = document.createElement('div'); card.className = 'stats-card';\n card.innerHTML = `${escHtml(String(c.value))}${escHtml(c.label)}`;\n grid.appendChild(card);\n });\n\n // ── File type bar chart (top 6) ──────────────────────────\n const chart = document.getElementById('stats-bar-chart');\n chart.innerHTML = '';\n const sorted = Object.entries(typeCounts).sort((a, b) => b[1] - a[1]).slice(0, 6),\n maxCount = sorted.length ? sorted[0][1] : 1;\n sorted.forEach(([ext, count], i) => {\n const row = document.createElement('div'); row.className = 'stats-bar-row';\n row.innerHTML =\n `.${escHtml(ext)}` +\n `
` +\n `${count}${fmtSize(typeSizes[ext] || 0)}`;\n chart.appendChild(row);\n });\n if (!sorted.length) chart.innerHTML = 'No files yet';\n\n // ── Storage bar ──────────────────────────────────────────\n const storBar = document.getElementById('stats-storage-bar'),\n storLabels = document.getElementById('stats-storage-labels'),\n pctUsed = Math.min(100, Math.round(totalSize / CONTAINER_LIMIT * 100)),\n fillColor = pctUsed >= 90 ? 'var(--red)' : pctUsed >= 75 ? '#e8a020' : 'linear-gradient(90deg, var(--accent), #5aadff)';\n storBar.innerHTML =\n `
` +\n `${pctUsed}%`;\n if (storLabels) {\n storLabels.innerHTML =\n `${fmtSize(totalSize)} used` +\n `${fmtSize(Math.max(0, CONTAINER_LIMIT - totalSize))} free of ${fmtSize(CONTAINER_LIMIT)}`;\n }\n\n // ── Top 5 largest files ──────────────────────────────────\n const topEl = document.getElementById('stats-top-files');\n if (topEl) {\n topEl.innerHTML = '';\n const top5 = allFiles.sort((a, b) => b.size - a.size).slice(0, 5);\n if (!top5.length) {\n topEl.innerHTML = 'No files yet';\n } else {\n top5.forEach((f, i) => {\n const row = document.createElement('div'); row.className = 'stats-top-file';\n row.innerHTML =\n `` +\n `${escHtml(f.name)}` +\n `${fmtSize(f.size)}`;\n topEl.appendChild(row);\n });\n }\n }\n}\n\n/* ============================================================\n SNAP TO FREE GRID CELL\n occupied = Map<\"cx_cy\", id> (cells already taken)\n ============================================================ */\nfunction _snapFreeCell(rawX, rawY, occupied, extra) {\n const cx0 = Math.max(0, Math.round((rawX - 8) / GRID_X)),\n cy0 = Math.max(0, Math.round((rawY - 8) / GRID_Y));\n for (let r = 0; r <= 80; r++) {\n for (let dy = -r; dy <= r; dy++) {\n for (let dx = -r; dx <= r; dx++) {\n if (Math.abs(dx) !== r && Math.abs(dy) !== r) continue;\n const cx = cx0 + dx, cy = cy0 + dy;\n if (cx < 0 || cy < 0) continue;\n const key = `${cx}_${cy}`;\n if (!occupied.has(key) && !(extra && extra.has(key))) return { x: 8 + cx * GRID_X, y: 8 + cy * GRID_Y };\n }\n }\n }\n return { x: 8 + cx0 * GRID_X, y: 8 + cy0 * GRID_Y };\n}\n\n/* ============================================================\n THUMBNAIL QUEUE β€” limits concurrent generateThumb calls to avoid memory spikes\n ============================================================ */\nconst _thumbQueue = [];\nlet _thumbActive = 0;\nconst THUMB_MAX_CONCURRENT = 8;\n\nfunction _cancelThumbQueue() {\n _thumbQueue.length = 0;\n _thumbActive = 0;\n}\n\nfunction _enqueueThumb(node) {\n _thumbQueue.push(node);\n _drainThumbQueue();\n}\nfunction _drainThumbQueue() {\n while (_thumbActive < THUMB_MAX_CONCURRENT && _thumbQueue.length > 0) {\n const n = _thumbQueue.shift();\n _thumbActive++;\n generateThumb(n).then(url => {\n _thumbActive--;\n _drainThumbQueue();\n if (!url) return;\n App.thumbCache[n.id] = url;\n const el = document.querySelector(`.file-item[data-id=\"${n.id}\"] .file-thumb`);\n if (el) { const i = document.createElement('img'); i.src = url; i.draggable = false; el.innerHTML = ''; el.appendChild(i); }\n });\n }\n}\n\n/* ============================================================\n SHARED ICON ELEMENT BUILDER\n ============================================================ */\nfunction _buildIconEl(node, pos) {\n const div = document.createElement('div');\n div.className = 'file-item';\n div.dataset.id = node.id;\n div.style.left = pos.x + 'px';\n div.style.top = pos.y + 'px';\n\n const thumb = document.createElement('div');\n if (node.type === 'folder') {\n thumb.className = 'file-thumb folder-icon';\n thumb.innerHTML = getFolderSVG(node.color);\n } else {\n thumb.className = 'file-thumb';\n const mime = node.mime || getMime(node.name);\n if (App.thumbCache[node.id]) {\n const img = document.createElement('img');\n img.src = App.thumbCache[node.id];\n img.draggable = false;\n thumb.appendChild(img);\n } else {\n thumb.innerHTML = getFileIconSVG(mime, node.name);\n if (isImage(mime)) _enqueueThumb(node);\n }\n }\n\n const name = document.createElement('div');\n name.className = 'file-name';\n name.textContent = node.name;\n div.appendChild(thumb);\n div.appendChild(name);\n return div;\n}\n\n/* ============================================================\n AREA-LEVEL EVENT DELEGATION FOR ICONS\n Replaces per-element listeners β€” one set of listeners per container,\n covering all .file-item[data-id] children regardless of count.\n owner must implement: _onIconMousedown(e,el,node), _openNode(node), _contextIcon(e,node)\n ============================================================ */\nfunction _setupAreaDelegation(area, owner) {\n // Prevent native drag ghost on icons\n area.addEventListener('dragstart', e => {\n if (e.target.closest('.file-item[data-id]')) e.preventDefault();\n });\n // Hover tooltips via mouseover/mouseout (simulate mouseenter/mouseleave per icon)\n area.addEventListener('mouseover', e => {\n const el = e.target.closest('.file-item[data-id]');\n if (!el) return;\n if (e.relatedTarget?.closest('.file-item[data-id]') !== el) {\n const node = VFS.node(el.dataset.id);\n if (node) _startHoverTooltip(el, node);\n }\n });\n area.addEventListener('mouseout', e => {\n const el = e.target.closest('.file-item[data-id]');\n if (!el) return;\n if (e.relatedTarget?.closest('.file-item[data-id]') !== el) _cancelHoverTooltip();\n });\n // Mousedown on icons\n area.addEventListener('mousedown', e => {\n const el = e.target.closest('.file-item[data-id]');\n if (!el) return;\n const node = VFS.node(el.dataset.id);\n if (node) owner._onIconMousedown(e, el, node);\n });\n // Double-click β†’ open\n area.addEventListener('dblclick', e => {\n const el = e.target.closest('.file-item[data-id]');\n if (!el) return;\n e.stopPropagation();\n const node = VFS.node(el.dataset.id);\n if (node) owner._openNode(node);\n });\n // Context menu on icons\n area.addEventListener('contextmenu', e => {\n const el = e.target.closest('.file-item[data-id]');\n if (!el) return;\n e.preventDefault();\n if (_touchDragActive || el._tsIsTouch) return;\n e.stopPropagation();\n const node = VFS.node(el.dataset.id);\n if (node) owner._contextIcon(e, node);\n });\n // Touch: state stored on element to avoid per-icon closure overhead\n area.addEventListener('touchstart', e => {\n const el = e.target.closest('.file-item[data-id]');\n if (!el) return;\n e.stopPropagation(); // prevent FW icon touch bubbling to parent Desktop handlers\n el._tsTime = Date.now(); el._tsMoved = false; el._tsIsTouch = true;\n _cancelHoverTooltip();\n }, { passive: true });\n area.addEventListener('touchmove', e => {\n const el = e.target.closest('.file-item[data-id]');\n if (!el) return;\n el._tsMoved = true;\n e.stopPropagation();\n }, { passive: true });\n area.addEventListener('touchend', e => {\n const el = e.target.closest('.file-item[data-id]');\n if (!el) return;\n e.stopPropagation(); // prevent FW icon touch bubbling to parent Desktop handlers\n setTimeout(() => { el._tsIsTouch = false; }, 500);\n if (el._tsMoved || Date.now() - (el._tsTime || 0) > 350) return;\n e.preventDefault();\n const now = Date.now(), t = e.changedTouches[0],\n node = VFS.node(el.dataset.id);\n if (!node) return;\n if (now - (el._tsLastTap || 0) < 300) {\n el._tsLastTap = 0;\n owner._openNode(node);\n } else {\n el._tsLastTap = now;\n owner._contextIcon({ clientX: t.clientX, clientY: t.clientY, ctrlKey: false, metaKey: false, preventDefault() { }, stopPropagation() { } }, node);\n }\n });\n area.addEventListener('touchcancel', e => {\n const el = e.target.closest('.file-item[data-id]');\n if (el) el._tsIsTouch = false;\n }, { passive: true });\n}\n\n/* ---- Shared touch rubber-band selection on empty area + long-press context menu ----\n owner implements: selection (Set), _updateStatus(), _contextDesktop(e) */\nfunction _initAreaTouchRubberBand(area, owner) {\n let _lpTimer = null,\n _rbBand = null, _rbSX = 0, _rbSY = 0, _rbActive = false, _rbMoved = false, _rbOnEmpty = false;\n\n area.addEventListener('touchstart', e => {\n if (e.touches.length !== 1) return;\n const t = e.touches[0];\n // BUGFIX: when this handler is on #desktop-area, a touch inside a FolderWindow bubbles up\n // here too β€” ignore it so we don't open the Desktop context menu over the FW's own menu.\n if (!area.closest('.folder-window') && t.target?.closest('.folder-window')) return;\n if (_lpTimer) { clearTimeout(_lpTimer); _lpTimer = null; }\n if (_rbBand) { _rbBand.remove(); _rbBand = null; }\n _rbActive = false; _rbMoved = false;\n _rbSX = t.clientX; _rbSY = t.clientY;\n const iconEl = t.target?.closest('.file-item[data-id]');\n _rbOnEmpty = !iconEl || !area.contains(iconEl);\n if (_rbOnEmpty) {\n _lpTimer = setTimeout(() => {\n if (_rbMoved) return;\n owner._contextDesktop({ clientX: t.clientX, clientY: t.clientY, preventDefault() { }, stopPropagation() { } });\n }, 600);\n }\n }, { passive: true });\n\n area.addEventListener('touchmove', e => {\n if (e.touches.length !== 1) return;\n const t = e.touches[0],\n dx = t.clientX - _rbSX, dy = t.clientY - _rbSY;\n if (!_rbMoved && (Math.abs(dx) > 8 || Math.abs(dy) > 8)) {\n _rbMoved = true;\n if (_lpTimer) { clearTimeout(_lpTimer); _lpTimer = null; }\n }\n if (!_rbOnEmpty) return;\n if (!_rbActive && _rbMoved) {\n _rbActive = true;\n owner.selection.clear();\n area.querySelectorAll(':scope > .file-item.selected').forEach(i => i.classList.remove('selected'));\n owner._updateStatus();\n const aR = area.getBoundingClientRect();\n _rbBand = document.createElement('div');\n _rbBand.className = 'rubberband';\n _rbBand.style.cssText = `left:${_rbSX - aR.left + area.scrollLeft}px;top:${_rbSY - aR.top + area.scrollTop}px;width:0;height:0`;\n area.appendChild(_rbBand);\n }\n if (_rbActive && _rbBand) {\n if (e.cancelable) e.preventDefault();\n const aR = area.getBoundingClientRect(),\n sx = _rbSX - aR.left + area.scrollLeft, sy = _rbSY - aR.top + area.scrollTop,\n cx = t.clientX - aR.left + area.scrollLeft, cy = t.clientY - aR.top + area.scrollTop,\n x = Math.min(sx, cx), y = Math.min(sy, cy),\n w = Math.abs(cx - sx), h = Math.abs(cy - sy);\n _rbBand.style.cssText = `left:${x}px;top:${y}px;width:${w}px;height:${h}px`;\n const bx2 = x + w, by2 = y + h;\n for (const item of (area._iconMap?.values() ?? area.querySelectorAll(':scope > .file-item'))) {\n const ix = parseInt(item.style.left), iy = parseInt(item.style.top),\n hit = ix < bx2 && (ix + ICON_W) > x && iy < by2 && (iy + ICON_H) > y;\n if (hit) { owner.selection.add(item.dataset.id); item.classList.add('selected'); }\n else { owner.selection.delete(item.dataset.id); item.classList.remove('selected'); }\n }\n owner._updateStatus();\n }\n }, { passive: false });\n\n area.addEventListener('touchend', () => {\n if (_lpTimer) { clearTimeout(_lpTimer); _lpTimer = null; }\n if (_rbBand) { _rbBand.remove(); _rbBand = null; }\n _rbActive = false; _rbMoved = false; _rbOnEmpty = false;\n }, { passive: true });\n}\n\n/* ---- Compute max icon extent and set canvas size for both scrollbars ---- */\nfunction _syncAreaWidth(area) {\n const canvas = area._canvas ?? (area._canvas = area.querySelector(':scope > .fw-canvas'));\n if (!canvas) return; // Desktop has no fw-canvas β€” skip\n let maxRight = 0, maxBottom = 0;\n for (const el of (area._iconMap?.values() ?? area.querySelectorAll(':scope > .file-item'))) {\n const r = parseInt(el.style.left) + (el.offsetWidth || 96);\n const b = parseInt(el.style.top) + (el.offsetHeight || 96);\n if (r > maxRight) maxRight = r;\n if (b > maxBottom) maxBottom = b;\n }\n canvas.style.width = maxRight > 0 ? (maxRight + 24) + 'px' : '';\n canvas.style.height = maxBottom > 0 ? (maxBottom + 24) + 'px' : '';\n}\n\n/* ---- Shared touch-drag for icons (Desktop + FolderWindow) ----\n owner implements: selection (Set-like), folderId, _updateStatus().\n opts.showSnap: boolean β€” true for Desktop (show snap preview dot)\n opts.afterDrop: () => void β€” extra callback after drop (e.g. updateTaskbar) */\nfunction _initTouchDragCommon(area, owner, opts = {}) {\n if (typeof window.ontouchstart === 'undefined' && !navigator.maxTouchPoints) return;\n\n let _tdNode = null, _tdSelEls = null,\n _tdSX = 0, _tdSY = 0, _tdOffX = 0, _tdOffY = 0,\n _tdMoved = false, _tdTimer = null, _tdActive = false,\n _tdStartPos = {}, _tdHover = null, _tdSnapPrevs = [],\n _tdOccupied = null, _tdLastCx = -1, _tdLastCy = -1;\n\n function _tdReset() {\n if (_tdTimer) { clearTimeout(_tdTimer); _tdTimer = null; }\n _tdActive = false; _touchDragActive = false;\n if (_tdSelEls) { _tdSelEls.forEach(el => el.classList.remove('dragging')); _tdSelEls = null; }\n if (_tdHover) { area.querySelector(`.file-item[data-id=\"${_tdHover}\"]`)?.classList.remove('drag-target'); _tdHover = null; }\n _tdSnapPrevs.forEach(p => p.remove()); _tdSnapPrevs = [];\n _tdOccupied = null; _tdLastCx = _tdLastCy = -1;\n _tdNode = null;\n }\n\n area.addEventListener('touchstart', e => {\n if (e.touches.length !== 1) return;\n const t = e.touches[0],\n iconEl = t.target?.closest('.file-item[data-id]');\n if (!iconEl || !area.contains(iconEl)) return;\n\n const nodeId = iconEl.dataset.id,\n node = VFS.node(nodeId);\n if (!node) return;\n\n // Prevent native long-press context menu (Android vibration + touchcancel)\n // Only when touch lands on an icon β€” scrolling on empty area stays unaffected.\n e.preventDefault();\n\n _tdMoved = false; _tdActive = false;\n _tdSX = t.clientX; _tdSY = t.clientY;\n const r = iconEl.getBoundingClientRect();\n _tdOffX = t.clientX - r.left;\n _tdOffY = t.clientY - r.top;\n\n _tdTimer = setTimeout(() => {\n if (_tdMoved) return;\n // Guard: if a context menu was opened during the hold (e.g. Android fires\n // contextmenu + touchcancel before our 400ms timer), do not start drag.\n if (document.getElementById('ctx-menu').classList.contains('show')) return;\n _tdActive = true;\n _touchDragActive = true;\n _tdNode = node;\n if (!owner.selection.has(nodeId)) {\n owner.selection.clear();\n area.querySelectorAll('.file-item.selected').forEach(i => i.classList.remove('selected'));\n owner.selection.add(nodeId);\n iconEl.classList.add('selected');\n owner._updateStatus();\n }\n _tdStartPos = {}; _tdSelEls = new Map();\n owner.selection.forEach(id => {\n const el = area._iconMap?.get(id) ?? area.querySelector(`.file-item[data-id=\"${id}\"]`);\n if (!el) return;\n _tdStartPos[id] = { x: parseInt(el.style.left), y: parseInt(el.style.top) };\n _tdSelEls.set(id, el);\n el.classList.add('dragging');\n });\n // Build occupied map once at drag start (avoids O(N) per frame)\n _tdOccupied = new Map(); _tdLastCx = _tdLastCy = -1;\n VFS.children(owner.folderId).forEach(n => {\n if (owner.selection.has(n.id)) return;\n const p = VFS.getPos(owner.folderId, n.id);\n if (p) _tdOccupied.set(`${Math.round((p.x - 8) / GRID_X)}_${Math.round((p.y - 8) / GRID_Y)}`, n.id);\n });\n _cancelHoverTooltip();\n }, 400);\n }, { passive: false });\n\n area.addEventListener('touchmove', e => {\n if (e.touches.length !== 1) return;\n const t = e.touches[0];\n if (Math.abs(t.clientX - _tdSX) + Math.abs(t.clientY - _tdSY) > 5) _tdMoved = true;\n if ((_tdTimer && !_tdMoved) || _tdActive) { if (e.cancelable) e.preventDefault(); }\n if (!_tdActive || !_tdNode) return;\n\n const aR = area.getBoundingClientRect(),\n mainSp = _tdStartPos[_tdNode.id],\n rawX = t.clientX - aR.left + area.scrollLeft - _tdOffX,\n rawY = t.clientY - aR.top + area.scrollTop - _tdOffY,\n ddx = rawX - mainSp.x, ddy = rawY - mainSp.y;\n\n _tdSelEls.forEach((el, id) => {\n const sp = _tdStartPos[id];\n if (sp) { el.style.left = (sp.x + ddx) + 'px'; el.style.top = (sp.y + ddy) + 'px'; }\n });\n\n // Highlight folder under finger\n _tdSelEls.forEach(el => { el.style.pointerEvents = 'none'; });\n const hit = document.elementFromPoint(t.clientX, t.clientY);\n _tdSelEls.forEach(el => { el.style.pointerEvents = ''; });\n const folderEl = hit?.closest('.file-item[data-id]');\n const newHover = folderEl && area.contains(folderEl) &&\n !owner.selection.has(folderEl.dataset.id) &&\n VFS.node(folderEl.dataset.id)?.type === 'folder' ? folderEl.dataset.id : null;\n if (newHover !== _tdHover) {\n if (_tdHover) area.querySelector(`.file-item[data-id=\"${_tdHover}\"]`)?.classList.remove('drag-target');\n _tdHover = newHover;\n if (_tdHover && folderEl) folderEl.classList.add('drag-target');\n }\n\n // Snap preview β€” one per selected item (mirrors mouse _showPreviews)\n if (opts.showSnap) {\n if (_tdHover || document.body.classList.contains('no-snap-highlight')) {\n _tdSnapPrevs.forEach(p => { p.style.display = 'none'; });\n _tdLastCx = _tdLastCy = -1;\n } else {\n const _scx = Math.round((rawX - 8) / GRID_X), _scy = Math.round((rawY - 8) / GRID_Y);\n if (_scx !== _tdLastCx || _scy !== _tdLastCy) {\n _tdLastCx = _scx; _tdLastCy = _scy;\n const selIds = [...owner.selection];\n // grow / shrink pool\n while (_tdSnapPrevs.length < selIds.length) {\n const p = document.createElement('div'); p.className = 'snap-preview';\n area.appendChild(p); _tdSnapPrevs.push(p);\n }\n while (_tdSnapPrevs.length > selIds.length) _tdSnapPrevs.pop().remove();\n const extra = new Map();\n selIds.forEach((id, i) => {\n const sp = _tdStartPos[id],\n offX = sp && mainSp ? sp.x - mainSp.x : 0,\n offY = sp && mainSp ? sp.y - mainSp.y : 0,\n sn = _snapFreeCell(rawX + offX, rawY + offY, _tdOccupied, extra),\n cx = Math.round((sn.x - 8) / GRID_X), cy = Math.round((sn.y - 8) / GRID_Y);\n extra.set(`${cx}_${cy}`, id);\n _tdSnapPrevs[i].style.left = sn.x + 'px';\n _tdSnapPrevs[i].style.top = sn.y + 'px';\n _tdSnapPrevs[i].style.display = '';\n });\n }\n }\n }\n }, { passive: false });\n\n area.addEventListener('touchend', async () => {\n if (!_tdActive || !_tdNode) { _tdReset(); return; }\n const hoverTarget = _tdHover;\n _tdReset();\n\n if (hoverTarget) {\n // open-folder guard\n const blocked = _openFolderGuard(owner.selection);\n if (blocked) {\n _snapBack();\n toast(`\\u201C${VFS.node(blocked)?.name}\\u201D is open in Explorer \\u2014 close the window first`, 'error');\n return;\n }\n const cycled = [...owner.selection].filter(id => VFS.wouldCycle(id, hoverTarget));\n if (cycled.length) {\n _snapBack();\n toast(`Cannot move \"${VFS.node(cycled[0])?.name}\" into itself`, 'error');\n return;\n }\n const tgtChildren = VFS.children(hoverTarget),\n existing = new Set(tgtChildren.map(n => n.name.toLowerCase())),\n dupe = [...owner.selection].find(id => id !== hoverTarget && existing.has(VFS.node(id)?.name?.toLowerCase()));\n if (dupe) {\n _snapBack();\n toast(`\"${VFS.node(dupe)?.name}\" already exists in target folder`, 'error');\n return;\n }\n const moved = [];\n owner.selection.forEach(id => {\n if (id === hoverTarget) return;\n if (VFS.move(id, hoverTarget) === 'ok') {\n moved.push(id);\n area.querySelector(`.file-item[data-id=\"${id}\"]`)?.remove();\n area._iconMap?.delete(id);\n }\n });\n if (moved.length) logActivity('move', moved.length === 1 ? (VFS.node(moved[0])?.name ?? '1 item') : `${moved.length} items`, moved.length, VFS.fullPath(owner.folderId), VFS.fullPath(hoverTarget));\n moved.forEach(id => owner.selection.delete(id));\n } else {\n // Snap to grid in place\n const occupied = new Map();\n VFS.children(owner.folderId).forEach(n => {\n if (owner.selection.has(n.id)) return;\n const p = VFS.getPos(owner.folderId, n.id);\n if (p) occupied.set(`${Math.round((p.x - 8) / GRID_X)}_${Math.round((p.y - 8) / GRID_Y)}`, n.id);\n });\n owner.selection.forEach(id => {\n const el = area.querySelector(`.file-item[data-id=\"${id}\"]`);\n if (!el) return;\n const snapped = _snapFreeCell(parseInt(el.style.left), parseInt(el.style.top), occupied),\n cx = Math.round((snapped.x - 8) / GRID_X), cy = Math.round((snapped.y - 8) / GRID_Y);\n occupied.set(`${cx}_${cy}`, id);\n el.style.transition = 'left .12s ease,top .12s ease';\n el.style.left = snapped.x + 'px'; el.style.top = snapped.y + 'px';\n setTimeout(() => { if (el.parentNode) el.style.transition = ''; }, 150);\n VFS.setPos(owner.folderId, id, snapped.x, snapped.y);\n });\n }\n owner._updateStatus();\n // Wait for the snap transition to finish (120ms) before the heavy DB write\n await new Promise(r => setTimeout(r, 130));\n await saveVFS();\n if (opts.afterDrop) opts.afterDrop();\n if (typeof WinManager !== 'undefined') WinManager.renderAll();\n\n function _snapBack() {\n Object.entries(_tdStartPos).forEach(([id, sp]) => {\n const el = area.querySelector(`.file-item[data-id=\"${id}\"]`);\n if (el && sp) {\n el.style.transition = 'left .12s ease,top .12s ease';\n el.style.left = sp.x + 'px'; el.style.top = sp.y + 'px';\n setTimeout(() => { if (el.parentNode) el.style.transition = ''; }, 150);\n }\n });\n }\n });\n\n area.addEventListener('touchcancel', () => { _tdReset(); }, { passive: true });\n\n // On Android, long-press fires a native contextmenu event (~500-600ms).\n // If drag is already active, suppress contextmenu so it doesn't kill the drag.\n // If drag hasn't started yet (timer still pending), reset to avoid ghost state.\n area.addEventListener('contextmenu', e => {\n if (_tdActive) { e.preventDefault(); return; }\n _tdReset();\n });\n}\n\n/* ---- Shared rubber-band mouse selection ----\n sel = Set, onUpdate = () => void */\nfunction _rubberBandSelect(e, area, sel, onUpdate) {\n const rect = area.getBoundingClientRect(),\n sx = e.clientX - rect.left + area.scrollLeft,\n sy = e.clientY - rect.top + area.scrollTop,\n band = document.createElement('div');\n band.className = 'rubberband';\n band.style.cssText = `left:${sx}px;top:${sy}px;width:0;height:0`;\n area.appendChild(band);\n const onMove = mv => {\n const cx = mv.clientX - rect.left + area.scrollLeft,\n cy = mv.clientY - rect.top + area.scrollTop,\n x = Math.min(sx, cx), y = Math.min(sy, cy),\n w = Math.abs(cx - sx), h = Math.abs(cy - sy);\n band.style.cssText = `left:${x}px;top:${y}px;width:${w}px;height:${h}px`;\n const bx1 = x, by1 = y, bx2 = x + w, by2 = y + h;\n for (const item of (area._iconMap?.values() ?? area.querySelectorAll(':scope > .file-item'))) {\n const ix = parseInt(item.style.left), iy = parseInt(item.style.top),\n hit = ix < bx2 && (ix + ICON_W) > bx1 && iy < by2 && (iy + ICON_H) > by1;\n if (hit) { sel.add(item.dataset.id); item.classList.add('selected'); }\n else if (!e.ctrlKey && !e.metaKey) { sel.delete(item.dataset.id); item.classList.remove('selected'); }\n }\n onUpdate();\n };\n const onUp = () => { band.remove(); document.removeEventListener('mousemove', onMove); document.removeEventListener('mouseup', onUp); };\n document.addEventListener('mousemove', onMove);\n document.addEventListener('mouseup', onUp);\n}\n\n/* ============================================================\n UNIFIED ICON DRAG β€” shared by Desktop and FolderWindow\n srcCtx = { area, folderId, selection, winEl, updateUI, clearAll }\n winEl = null β†’ source is the desktop\n winEl = elem β†’ source is a folder window\n ============================================================ */\nfunction _startIconDrag(e, node, el, srcCtx) {\n e.stopPropagation(); e.preventDefault();\n _cancelHoverTooltip();\n\n const wasSelected = srcCtx.selection.has(node.id);\n if (!e.ctrlKey && !e.metaKey && !wasSelected) srcCtx.clearAll();\n srcCtx.selection.add(node.id);\n el.classList.add('selected');\n srcCtx.updateUI();\n\n const isDesktop = srcCtx.winEl === null,\n srcArea = srcCtx.area;\n\n // Build O(1) element lookup for hot-path drag operations (uses iconMap when available)\n const selEls = new Map();\n srcCtx.selection.forEach(id => {\n const it = srcArea._iconMap?.get(id) ?? srcArea.querySelector(`.file-item[data-id=\"${id}\"]`);\n if (it) selEls.set(id, it);\n });\n\n // Elevate z-index for desktop items during drag\n if (isDesktop) {\n selEls.forEach(it => { it.style.zIndex = '7900'; });\n }\n\n const areaRect = srcArea.getBoundingClientRect(),\n elRect = el.getBoundingClientRect(),\n clickOffX = e.clientX - elRect.left,\n clickOffY = e.clientY - elRect.top,\n startX = e.clientX,\n startY = e.clientY;\n\n // Snapshot start positions of all selected icons (reuse selEls β€” no extra querySelector)\n const startPosMap = {};\n selEls.forEach((it, id) => { startPosMap[id] = { x: parseInt(it.style.left), y: parseInt(it.style.top) }; });\n\n // Build occupied map for snap preview excluding dragged items\n const srcOccupied = new Map();\n VFS.children(srcCtx.folderId).forEach(n => {\n if (srcCtx.selection.has(n.id)) return;\n const p = VFS.getPos(srcCtx.folderId, n.id);\n if (p) srcOccupied.set(`${Math.round((p.x - 8) / GRID_X)}_${Math.round((p.y - 8) / GRID_Y)}`, n.id);\n });\n\n let snapPreviewEls = [], // previews inside the source area\n deskSnapPreviewEls = [], // previews on desktop (when FW item escapes to desktop)\n winSnapPreviewEls = [], // previews inside a hovered FW\n ghostEls = [], // ghost clones on desktop when FW item escapes\n moved = false,\n escaped = false, // FW item currently outside its window\n hoverFolder = null,\n hoverWin = null,\n lastX = e.clientX,\n lastY = e.clientY,\n deskOccCached = null,\n winOccCached = null,\n lastPrevCx = -1, lastPrevCy = -1, lastPrevMode = '';\n\n // ---- helpers ----------------------------------------------------------\n\n function _showPreviews(previewArr, selIds, dropX, dropY, occMap, targetArea) {\n while (previewArr.length < selIds.length) {\n const p = document.createElement('div'); p.className = 'snap-preview';\n targetArea.appendChild(p); previewArr.push(p);\n }\n while (previewArr.length > selIds.length) previewArr.pop().remove();\n const extra = new Map(),\n mainSp = startPosMap[node.id];\n selIds.forEach((id, i) => {\n const sp = startPosMap[id],\n offX = sp && mainSp ? sp.x - mainSp.x : 0,\n offY = sp && mainSp ? sp.y - mainSp.y : 0,\n snapped = _snapFreeCell(dropX + offX, dropY + offY, occMap, extra),\n cx = Math.round((snapped.x - 8) / GRID_X), cy = Math.round((snapped.y - 8) / GRID_Y);\n extra.set(`${cx}_${cy}`, id);\n previewArr[i].style.left = snapped.x + 'px';\n previewArr[i].style.top = snapped.y + 'px';\n previewArr[i].style.display = '';\n });\n }\n\n function _snapBackSrc() {\n srcCtx.selection.forEach(id => {\n const item = selEls.get(id),\n sp = startPosMap[id];\n if (item && sp) {\n item.style.transition = 'left 0.12s ease, top 0.12s ease';\n item.style.left = sp.x + 'px'; item.style.top = sp.y + 'px';\n setTimeout(() => { if (item.parentNode) item.style.transition = ''; }, 150);\n }\n });\n }\n\n async function _dropIntoFolder(destFid, dropX, dropY) {\n // pre-check: cycles (includes self-move: wouldCycle(A,A) β†’ true)\n const cycled = [];\n srcCtx.selection.forEach(id => {\n if (VFS.wouldCycle(id, destFid)) cycled.push(VFS.node(id)?.name || id);\n });\n if (cycled.length) {\n _snapBackSrc();\n toast(`Cannot move \"${cycled[0]}\" into itself or a subfolder`, 'error');\n return false;\n }\n // pre-check: duplicates\n const existing = new Set(VFS.children(destFid).map(n => n.name.toLowerCase())),\n conflicts = [];\n srcCtx.selection.forEach(id => {\n const n = VFS.node(id); if (!n) return;\n if (n.parentId !== destFid && existing.has(n.name.toLowerCase())) conflicts.push(n.name);\n });\n if (conflicts.length) {\n _snapBackSrc();\n toast(`Cannot move: \"${conflicts[0]}\" already exists in target folder`, 'error');\n return false;\n }\n // perform move\n const movedIds = [],\n occupied = new Map();\n VFS.children(destFid).forEach(n => {\n const p = VFS.getPos(destFid, n.id);\n if (p) occupied.set(`${Math.round((p.x - 8) / GRID_X)}_${Math.round((p.y - 8) / GRID_Y)}`, n.id);\n });\n const mainSp = startPosMap[node.id];\n for (const id of srcCtx.selection) {\n if (id === destFid) continue;\n const n = VFS.node(id); if (!n) continue;\n const result = VFS.move(id, destFid);\n if (result === 'duplicate') { toast(`\"${n.name}\" already exists in target folder`, 'error'); continue; }\n if (result === 'cycle') { toast(`Cannot move \"${n.name}\" into itself or a subfolder`, 'error'); continue; }\n if (result !== 'ok') { continue; }\n if (dropX !== null) {\n const sp = startPosMap[id],\n offX = sp && mainSp ? sp.x - mainSp.x : 0,\n offY = sp && mainSp ? sp.y - mainSp.y : 0,\n sn = _snapFreeCell(dropX + offX, dropY + offY, occupied);\n VFS.setPos(destFid, id, sn.x, sn.y);\n occupied.set(`${Math.round((sn.x - 8) / GRID_X)}_${Math.round((sn.y - 8) / GRID_Y)}`, id);\n }\n movedIds.push(id);\n }\n if (movedIds.length) {\n logActivity('move',\n movedIds.length === 1 ? (VFS.node(movedIds[0])?.name ?? '1 item') : `${movedIds.length} items`,\n movedIds.length, VFS.fullPath(srcCtx.folderId), VFS.fullPath(destFid));\n }\n return movedIds;\n }\n\n // ---- onMove -----------------------------------------------------------\n\n const onMove = mv => {\n lastX = mv.clientX; lastY = mv.clientY;\n if (!moved && (Math.abs(mv.clientX - startX) + Math.abs(mv.clientY - startY)) > 4) {\n moved = true; _isDragging = true; _cancelHoverTooltip();\n }\n if (!moved) return;\n\n const mainSp = startPosMap[node.id],\n curAreaRect = srcArea.getBoundingClientRect(),\n targetMainX = mv.clientX - curAreaRect.left + srcArea.scrollLeft - clickOffX,\n targetMainY = mv.clientY - curAreaRect.top + srcArea.scrollTop - clickOffY,\n dx = targetMainX - mainSp.x,\n dy = targetMainY - mainSp.y;\n\n // ---- FW-specific: escape / re-enter --------------------------------\n if (!isDesktop) {\n const winRect = srcCtx.winEl.getBoundingClientRect();\n const outsideWindow = mv.clientX < winRect.left || mv.clientX > winRect.right ||\n mv.clientY < winRect.top || mv.clientY > winRect.bottom;\n\n if (!outsideWindow && escaped) {\n // Re-entered source window β€” cancel escape\n escaped = false;\n ghostEls.forEach(g => g.remove()); ghostEls = [];\n deskSnapPreviewEls.forEach(p => p.remove()); deskSnapPreviewEls = [];\n winSnapPreviewEls.forEach(p => p.remove()); winSnapPreviewEls = [];\n selEls.forEach(orig => { orig.style.visibility = ''; });\n }\n if (outsideWindow && !escaped) {\n // Escaping β€” hide originals, spawn ghosts on desktop\n escaped = true;\n selEls.forEach(orig => { orig.style.visibility = 'hidden'; });\n const deskArea = document.getElementById('desktop-area'),\n selIds = [...srcCtx.selection].sort((a, b) => a === node.id ? -1 : b === node.id ? 1 : 0);\n selIds.forEach(id => {\n const n = VFS.node(id); if (!n) return;\n const g = _buildIconEl(n, { x: 0, y: 0 });\n g.classList.add('selected');\n g.style.cssText += ';position:absolute;z-index:7900;opacity:0.7;pointer-events:none;will-change:left,top';\n g.dataset.ghostFor = id;\n deskArea.appendChild(g);\n ghostEls.push(g);\n });\n }\n }\n\n // ---- position items / ghosts ---------------------------------------\n if (!escaped) {\n srcCtx.selection.forEach(id => {\n const it = selEls.get(id),\n sp = startPosMap[id];\n if (it && sp) { it.style.left = (sp.x + dx) + 'px'; it.style.top = (sp.y + dy) + 'px'; }\n });\n } else {\n const deskArea = document.getElementById('desktop-area'),\n deskRect = deskArea.getBoundingClientRect(),\n baseX = mv.clientX - deskRect.left + deskArea.scrollLeft - clickOffX,\n baseY = mv.clientY - deskRect.top + deskArea.scrollTop - clickOffY;\n ghostEls.forEach(g => {\n const sp = startPosMap[g.dataset.ghostFor],\n offX = sp && mainSp ? sp.x - mainSp.x : 0,\n offY = sp && mainSp ? sp.y - mainSp.y : 0;\n g.style.left = (baseX + offX) + 'px';\n g.style.top = (baseY + offY) + 'px';\n });\n }\n\n // ---- hover-folder highlight ----------------------------------------\n if (!escaped) {\n selEls.forEach(it => { it.style.pointerEvents = 'none'; });\n }\n const target = document.elementFromPoint(mv.clientX, mv.clientY);\n if (!escaped) {\n selEls.forEach(it => { it.style.pointerEvents = ''; });\n }\n const folderEl = target?.closest('.file-item[data-id]');\n const newHover = folderEl && !srcCtx.selection.has(folderEl.dataset.id) &&\n VFS.node(folderEl.dataset.id)?.type === 'folder' ? folderEl.dataset.id : null;\n if (newHover !== hoverFolder) {\n if (hoverFolder) document.querySelectorAll(`.file-item[data-id=\"${hoverFolder}\"]`).forEach(i => i.classList.remove('drag-target'));\n hoverFolder = newHover;\n if (hoverFolder) document.querySelectorAll(`.file-item[data-id=\"${hoverFolder}\"]`).forEach(i => i.classList.add('drag-target'));\n }\n\n // ---- hovered FW (excluding source window) -------------------------\n const fwElt = !hoverFolder ? target?.closest('.folder-window') : null,\n curWin = fwElt ? (typeof WinManager !== 'undefined' ? WinManager._wins.find(w => w.el === fwElt) : null) : null,\n effectiveHoverWin = (curWin && curWin.el !== srcCtx.winEl) ? curWin : null;\n if (effectiveHoverWin !== hoverWin) {\n winSnapPreviewEls.forEach(p => p.remove()); winSnapPreviewEls = [];\n hoverWin = effectiveHoverWin;\n if (hoverWin) {\n winOccCached = new Map();\n VFS.children(hoverWin.folderId).forEach(n => {\n const p = VFS.getPos(hoverWin.folderId, n.id);\n if (p) winOccCached.set(`${Math.round((p.x - 8) / GRID_X)}_${Math.round((p.y - 8) / GRID_Y)}`, n.id);\n });\n } else { winOccCached = null; }\n lastPrevMode = '';\n }\n\n // ---- snap previews ------------------------------------------------\n if (!moved) return;\n\n if (hoverFolder) {\n snapPreviewEls.forEach(p => p.style.display = 'none');\n deskSnapPreviewEls.forEach(p => p.style.display = 'none');\n winSnapPreviewEls.forEach(p => p.style.display = 'none');\n lastPrevMode = '';\n } else if (hoverWin) {\n snapPreviewEls.forEach(p => p.style.display = 'none');\n deskSnapPreviewEls.forEach(p => p.style.display = 'none');\n const winArea = hoverWin.el.querySelector('.fw-area'),\n wRect = winArea.getBoundingClientRect(),\n dropX = mv.clientX - wRect.left + winArea.scrollLeft - clickOffX,\n dropY = mv.clientY - wRect.top + winArea.scrollTop - clickOffY,\n _cx = Math.round((dropX - 8) / GRID_X), _cy = Math.round((dropY - 8) / GRID_Y);\n if (_cx !== lastPrevCx || _cy !== lastPrevCy || lastPrevMode !== 'win') {\n lastPrevCx = _cx; lastPrevCy = _cy; lastPrevMode = 'win';\n _showPreviews(winSnapPreviewEls, [...srcCtx.selection], dropX, dropY, winOccCached, winArea);\n }\n } else if (escaped) {\n // on desktop (FW items that escaped)\n snapPreviewEls.forEach(p => p.style.display = 'none');\n winSnapPreviewEls.forEach(p => p.style.display = 'none');\n const deskArea = document.getElementById('desktop-area'),\n dRect = deskArea.getBoundingClientRect(),\n dropX = mv.clientX - dRect.left + deskArea.scrollLeft - clickOffX,\n dropY = mv.clientY - dRect.top + deskArea.scrollTop - clickOffY,\n _cx = Math.round((dropX - 8) / GRID_X), _cy = Math.round((dropY - 8) / GRID_Y);\n if (!deskOccCached) {\n deskOccCached = new Map();\n VFS.children(Desktop._desktopFolder).forEach(n => {\n const p = VFS.getPos(Desktop._desktopFolder, n.id);\n if (p) deskOccCached.set(`${Math.round((p.x - 8) / GRID_X)}_${Math.round((p.y - 8) / GRID_Y)}`, n.id);\n });\n }\n if (_cx !== lastPrevCx || _cy !== lastPrevCy || lastPrevMode !== 'desk') {\n lastPrevCx = _cx; lastPrevCy = _cy; lastPrevMode = 'desk';\n _showPreviews(deskSnapPreviewEls, [...srcCtx.selection], dropX, dropY, deskOccCached, deskArea);\n }\n } else {\n // within source area (desktop or FW)\n deskSnapPreviewEls.forEach(p => p.style.display = 'none');\n winSnapPreviewEls.forEach(p => p.style.display = 'none');\n const _cx = Math.round((mainSp.x + dx - 8) / GRID_X), _cy = Math.round((mainSp.y + dy - 8) / GRID_Y);\n if (_cx !== lastPrevCx || _cy !== lastPrevCy || lastPrevMode !== 'src') {\n lastPrevCx = _cx; lastPrevCy = _cy; lastPrevMode = 'src';\n _showPreviews(snapPreviewEls, [...srcCtx.selection], mainSp.x + dx, mainSp.y + dy, srcOccupied, srcArea);\n }\n }\n };\n\n // ---- onUp -------------------------------------------------------------\n\n const onUp = async () => {\n document.removeEventListener('mousemove', onMove);\n document.removeEventListener('mouseup', onUp);\n _isDragging = false;\n snapPreviewEls.forEach(p => p.remove()); snapPreviewEls = [];\n deskSnapPreviewEls.forEach(p => p.remove()); deskSnapPreviewEls = [];\n winSnapPreviewEls.forEach(p => p.remove()); winSnapPreviewEls = [];\n if (hoverFolder) document.querySelectorAll(`.file-item[data-id=\"${hoverFolder}\"]`).forEach(i => i.classList.remove('drag-target'));\n ghostEls.forEach(g => g.remove()); ghostEls = [];\n\n // Restore desktop z-index\n if (isDesktop) {\n selEls.forEach(it => { it.style.zIndex = ''; });\n }\n\n if (!moved) {\n // Ctrl+click on already-selected item β†’ deselect it\n if ((e.ctrlKey || e.metaKey) && wasSelected) {\n srcCtx.selection.delete(node.id);\n el.classList.remove('selected');\n srcCtx.updateUI();\n }\n // Click without drag β€” restore visibility for FW items\n if (!isDesktop) {\n selEls.forEach(orig => { orig.style.visibility = ''; });\n }\n return;\n }\n\n // ---- pre-check: open-folder guard (only when changing folder) ------\n // Note: for desktop items, `escaped` is never true; desktopβ†’FW drops are caught\n // by the extra elementFromPoint check below.\n if (escaped || hoverFolder || document.elementFromPoint(lastX, lastY)?.closest('.folder-window')) {\n const blocked = _openFolderGuard(srcCtx.selection);\n if (blocked) {\n _snapBackSrc();\n if (!isDesktop) selEls.forEach(orig => { orig.style.visibility = ''; });\n toast(`\\u201C${VFS.node(blocked)?.name}\\u201D is open in Explorer \\u2014 close the window first`, 'error');\n return;\n }\n }\n\n // ---- Case 1: FW item escaped β†’ dropped back in same window (race) --\n if (!isDesktop && escaped) {\n const srcR = srcCtx.winEl.getBoundingClientRect();\n if (lastX >= srcR.left && lastX <= srcR.right && lastY >= srcR.top && lastY <= srcR.bottom) {\n selEls.forEach(orig => { orig.style.visibility = ''; });\n return;\n }\n }\n\n // Determine actual drop zone\n const dropTarget = document.elementFromPoint(lastX, lastY),\n tFwEl = dropTarget?.closest('.folder-window'),\n tWin = tFwEl ? (typeof WinManager !== 'undefined' ? WinManager._wins.find(w => w.el === tFwEl) : null) : null,\n actualHoverWin = (tWin && tWin.el !== srcCtx.winEl) ? tWin : null;\n\n // ---- Case 2: dropped onto a folder icon ----------------------------\n if (hoverFolder) {\n const movedIds = await _dropIntoFolder(hoverFolder, null, null);\n if (movedIds === false) {\n if (!isDesktop) selEls.forEach(orig => { orig.style.visibility = ''; });\n return;\n }\n const targetWinForFolder = typeof WinManager !== 'undefined' ? WinManager._wins.find(w => w.folderId === hoverFolder) : null;\n if (targetWinForFolder) targetWinForFolder._clearSelection();\n movedIds.forEach(id => {\n srcCtx.selection.delete(id);\n if (targetWinForFolder) targetWinForFolder.selection.add(id);\n selEls.get(id)?.remove();\n srcArea._iconMap?.delete(id);\n });\n // snap back failures\n if (!isDesktop) srcCtx.selection.forEach(id => {\n const orig = selEls.get(id);\n if (orig) orig.style.visibility = '';\n });\n srcCtx.updateUI();\n await saveVFS();\n if (typeof WinManager !== 'undefined') WinManager.renderAll();\n return;\n }\n\n // ---- Case 3: dropped onto a folder window -------------------------\n if (actualHoverWin || (!isDesktop && escaped && !hoverFolder)) {\n const targetWin = actualHoverWin;\n if (targetWin) {\n const tArea = targetWin.el.querySelector('.fw-area'),\n tRect = tArea.getBoundingClientRect(),\n dropPosX = lastX - tRect.left + tArea.scrollLeft - clickOffX,\n dropPosY = lastY - tRect.top + tArea.scrollTop - clickOffY,\n movedIds = await _dropIntoFolder(targetWin.folderId, dropPosX, dropPosY);\n if (movedIds === false) {\n if (!isDesktop) selEls.forEach(orig => { orig.style.visibility = ''; });\n return;\n }\n const srcWin = !isDesktop ? (typeof WinManager !== 'undefined' ? WinManager._wins.find(w => w.el === srcCtx.winEl) : null) : null;\n targetWin._clearSelection();\n movedIds.forEach(id => {\n srcCtx.selection.delete(id);\n targetWin.selection.add(id);\n selEls.get(id)?.remove();\n srcArea._iconMap?.delete(id);\n });\n // snap back failures\n if (!isDesktop) srcCtx.selection.forEach(id => {\n const orig = selEls.get(id);\n if (orig) orig.style.visibility = '';\n });\n srcCtx.updateUI();\n await saveVFS();\n targetWin.render();\n return;\n }\n }\n\n // ---- Case 4a: FW item dropped onto desktop ------------------------\n if (!isDesktop && escaped) {\n const deskArea = document.getElementById('desktop-area'),\n dRect = deskArea.getBoundingClientRect(),\n dropPosX = lastX - dRect.left + deskArea.scrollLeft - clickOffX,\n dropPosY = lastY - dRect.top + deskArea.scrollTop - clickOffY,\n deskFid = Desktop._desktopFolder,\n occupied = new Map();\n VFS.children(deskFid).forEach(n => {\n const p = VFS.getPos(deskFid, n.id);\n if (p) occupied.set(`${Math.round((p.x - 8) / GRID_X)}_${Math.round((p.y - 8) / GRID_Y)}`, n.id);\n });\n const mainSp = startPosMap[node.id],\n movedIds = [];\n for (const id of srcCtx.selection) {\n const n = VFS.node(id); if (!n) continue;\n const result = VFS.move(id, deskFid);\n if (result === 'duplicate') { toast(`\"${n.name}\" already exists on desktop`, 'error'); continue; }\n if (result === 'cycle') { toast(`Cannot move \"${n.name}\" into itself`, 'error'); continue; }\n const sp = startPosMap[id],\n offX = sp && mainSp ? sp.x - mainSp.x : 0,\n offY = sp && mainSp ? sp.y - mainSp.y : 0,\n sn = _snapFreeCell(dropPosX + offX, dropPosY + offY, occupied);\n VFS.setPos(deskFid, id, sn.x, sn.y);\n occupied.set(`${Math.round((sn.x - 8) / GRID_X)}_${Math.round((sn.y - 8) / GRID_Y)}`, id);\n movedIds.push(id);\n }\n Desktop._sel.clear();\n document.querySelectorAll('#desktop-area > .file-item.selected').forEach(i => i.classList.remove('selected'));\n movedIds.forEach(id => {\n srcCtx.selection.delete(id);\n Desktop._sel.add(id);\n selEls.get(id)?.remove();\n srcArea._iconMap?.delete(id);\n });\n // snap back failures\n srcCtx.selection.forEach(id => {\n const orig = selEls.get(id);\n if (orig) {\n orig.style.visibility = '';\n const sp = startPosMap[id];\n if (sp) {\n orig.style.transition = 'left 0.15s ease, top 0.15s ease';\n orig.style.left = sp.x + 'px'; orig.style.top = sp.y + 'px';\n setTimeout(() => { if (orig.parentNode) orig.style.transition = ''; }, 160);\n }\n }\n });\n if (movedIds.length) logActivity('move',\n movedIds.length === 1 ? (VFS.node(movedIds[0])?.name ?? '1 item') : `${movedIds.length} items`,\n movedIds.length, VFS.fullPath(srcCtx.folderId), VFS.fullPath(deskFid));\n srcCtx.updateUI();\n await saveVFS();\n Desktop._patchIcons();\n return;\n }\n\n // ---- Case 4b: within-source snap ----------------------------------\n if (!isDesktop) {\n // restore visibility first\n selEls.forEach(orig => { orig.style.visibility = ''; });\n }\n // Grid snap within source area\n const occupied = new Map();\n VFS.children(srcCtx.folderId).forEach(n => {\n if (srcCtx.selection.has(n.id)) return;\n const p = VFS.getPos(srcCtx.folderId, n.id);\n if (p) occupied.set(`${Math.round((p.x - 8) / GRID_X)}_${Math.round((p.y - 8) / GRID_Y)}`, n.id);\n });\n srcCtx.selection.forEach(id => {\n const item = selEls.get(id);\n if (!item) return;\n const rawX = parseInt(item.style.left), rawY = parseInt(item.style.top),\n snapped = _snapFreeCell(rawX, rawY, occupied),\n cx = Math.round((snapped.x - 8) / GRID_X), cy = Math.round((snapped.y - 8) / GRID_Y);\n occupied.set(`${cx}_${cy}`, id);\n item.style.transition = 'left 0.12s ease, top 0.12s ease';\n item.style.left = snapped.x + 'px'; item.style.top = snapped.y + 'px';\n setTimeout(() => { if (item.parentNode) item.style.transition = ''; }, 150);\n VFS.setPos(srcCtx.folderId, id, snapped.x, snapped.y);\n });\n // Wait for the snap transition to finish (120ms) before the heavy DB write\n await new Promise(r => setTimeout(r, 130));\n await saveVFS();\n if (isDesktop) {\n srcCtx.updateUI();\n } else {\n _syncAreaWidth(srcArea);\n }\n };\n\n document.addEventListener('mousemove', onMove);\n document.addEventListener('mouseup', onUp);\n}\n\n/* ============================================================\n SHARED KEYBOARD HANDLER β€” Desktop & FolderWindow\n syncCtx: fn to set App.folder/selection/winCtx before an operation\n withSync: fn(op) to set context β†’ run op β†’ restore context (sync only)\n opts.area: icon container element\n opts.refresh: fn() called on F5\n opts.extraKeys: fn(e) β†’ true if handled (for FW-specific keys like Backspace=navup)\n ============================================================ */\nfunction _handleKey(e, owner, syncCtx, withSync, opts = {}) {\n if ((e.key === 'Delete' || e.key === 'Backspace') && owner.selection.size > 0) {\n syncCtx(); deleteSelected();\n } else if ((e.ctrlKey || e.metaKey) && e.code === 'KeyC' && owner.selection.size > 0) {\n withSync(() => copyItems());\n } else if ((e.ctrlKey || e.metaKey) && e.code === 'KeyX' && owner.selection.size > 0) {\n withSync(() => cutItems());\n } else if ((e.ctrlKey || e.metaKey) && e.code === 'KeyV') {\n syncCtx(); pasteItems();\n } else if ((e.ctrlKey || e.metaKey) && e.code === 'KeyA') {\n syncCtx(); selectAll();\n } else if (e.key === 'Escape') {\n if (App.clipboard?.op === 'cut') cancelClipboard();\n owner.selection.clear();\n (opts.area || document).querySelectorAll('.file-item.selected').forEach(i => i.classList.remove('selected'));\n owner._updateStatus();\n } else if (e.key === 'F2' && owner.selection.size === 1) {\n renameNode(VFS.node([...owner.selection][0]));\n } else if (e.key === 'F5') {\n e.preventDefault();\n if (opts.refresh) opts.refresh();\n } else if (opts.extraKeys) {\n opts.extraKeys(e);\n }\n}\n\n/* ============================================================\n SHARED CONTEXT MENU BUILDERS β€” Desktop & FolderWindow\n ============================================================ */\nfunction _buildSortSubmenu(sortTarget) {\n return [\n {\n label: 'By Name', icon: Icons.sortName, submenu: [\n { label: 'A β†’ Z', icon: Icons.sortAsc, action: () => sortIcons('name', 'asc', sortTarget) },\n { label: 'Z β†’ A', icon: Icons.sortDesc, action: () => sortIcons('name', 'desc', sortTarget) },\n ]\n },\n {\n label: 'By Date Modified', icon: Icons.sortDate, submenu: [\n { label: 'Newest first', icon: Icons.sortDesc, action: () => sortIcons('mtime', 'desc', sortTarget) },\n { label: 'Oldest first', icon: Icons.sortAsc, action: () => sortIcons('mtime', 'asc', sortTarget) },\n ]\n },\n {\n label: 'By Date Created', icon: Icons.sortDate, submenu: [\n { label: 'Newest first', icon: Icons.sortDesc, action: () => sortIcons('ctime', 'desc', sortTarget) },\n { label: 'Oldest first', icon: Icons.sortAsc, action: () => sortIcons('ctime', 'asc', sortTarget) },\n ]\n },\n { sep: true },\n {\n label: 'By Size', icon: Icons.sortSize, submenu: [\n { label: 'Largest first', icon: Icons.sortDesc, action: () => sortIcons('size', 'desc', sortTarget) },\n { label: 'Smallest first', icon: Icons.sortAsc, action: () => sortIcons('size', 'asc', sortTarget) },\n ]\n },\n { sep: true },\n { label: 'By Type', icon: Icons.sortType, action: () => sortIcons('type', 'asc', sortTarget) },\n ];\n}\n\nfunction _buildAreaMenuItems(e, syncFn, sortTarget, refreshFn) {\n const items = [\n { label: 'New Text File', icon: Icons.newfile, action: () => { syncFn(); App._ctxScreenPos = { x: e.clientX, y: e.clientY }; newTextFile(); } },\n { label: 'New Folder', icon: Icons.newfolder, action: () => { syncFn(); App._ctxScreenPos = { x: e.clientX, y: e.clientY }; newFolder(); } },\n { sep: true },\n { label: 'Import Files...', icon: Icons.upload, action: () => { syncFn(); document.getElementById('file-input').click(); } },\n ];\n if (App.clipboard) {\n items.push({ sep: true });\n items.push({ label: 'Paste', icon: Icons.paste, action: () => { syncFn(); App._ctxScreenPos = { x: e.clientX, y: e.clientY }; pasteItems(); } });\n }\n items.push({ sep: true });\n items.push({ label: 'Sort', icon: Icons.sort, submenu: _buildSortSubmenu(sortTarget) });\n items.push({ sep: true });\n items.push({ label: 'Refresh', icon: Icons.refresh, action: refreshFn });\n return items;\n}\n\nfunction _buildIconMenuItems(node, sel, opts) {\n const items = [];\n if (node.type === 'folder') {\n items.push({ label: 'Open', icon: Icons.open, action: () => opts.openFn(node) });\n items.push({ label: 'Open in New Window', icon: Icons.newfolder, action: () => WinManager.open(node.id) });\n items.push({\n label: 'Folder Color', icon: Icons.folder, submenu: FOLDER_COLORS.map(fc => ({\n label: fc.label,\n icon: ``,\n action: async () => { node.color = fc.color === '#0078d4' ? undefined : fc.color; await saveVFS(); opts.colorCb(); logActivity('color', `${node.name} β†’ ${fc.label}`, 1, VFS.fullPath(node.id)); }\n }))\n });\n } else {\n items.push({ label: 'Open', icon: Icons.file, action: () => opts.openFn(node) });\n items.push({ label: 'Edit as plain text', icon: Icons.rename, action: () => openFileAsText(node) });\n items.push({ label: 'Export', icon: Icons.download, action: () => downloadFile(node) });\n }\n items.push({ label: 'Export as ZIP', icon: Icons.download, action: opts.exportZipFn });\n items.push({ sep: true });\n if (opts.hasCopy) items.push({ label: 'Copy', icon: Icons.copy, action: opts.copyFn });\n items.push({ label: 'Cut', icon: Icons.cut, action: opts.cutFn });\n items.push({ sep: true });\n items.push({ label: 'Rename', icon: Icons.rename, action: () => renameNode(node) });\n items.push({ sep: true });\n items.push({\n label: sel.size > 1 ? `Delete ${sel.size} items` : 'Delete', icon: Icons.trash, danger: true,\n action: opts.deleteFn,\n });\n items.push({ sep: true });\n items.push({ label: 'Properties', icon: Icons.info, action: () => showProps(node) });\n return items;\n}\n\n/* ---- Shared icon-area render (Desktop + FolderWindow): full rebuild or incremental ---- */\nfunction _renderIconArea(area, folderId, selection, updateStatusFn, forceRebuild) {\n const items = VFS.children(folderId);\n items.sort((a, b) => a.type !== b.type ? (a.type === 'folder' ? -1 : 1) : a.name.localeCompare(b.name));\n area.classList.toggle('no-grid-dots', !_getSettings().gridDots);\n const iconMap = area._iconMap || (area._iconMap = new Map());\n const afterRender = () => {\n updateStatusFn();\n if (typeof _applyCutStyles !== 'undefined') _applyCutStyles();\n _syncAreaWidth(area);\n };\n if (forceRebuild) {\n iconMap.forEach(el => el.remove());\n iconMap.clear();\n if (!items.length) { afterRender(); return; }\n const needPos = items.filter(n => !VFS.getPos(folderId, n.id));\n if (needPos.length) VFS.autoPosBatch(folderId, needPos, area);\n const useAnim = items.length <= 200;\n const token = (area._renderToken = (area._renderToken || 0) + 1);\n const renderChunk = (start) => {\n if (area._renderToken !== token) return;\n const frag = document.createDocumentFragment(),\n end = Math.min(start + 300, items.length);\n for (let i = start; i < end; i++) {\n const n = items[i], pos = VFS.getPos(folderId, n.id) || { x: 8, y: 8 },\n div = _buildIconEl(n, pos);\n if (selection.has(n.id)) div.classList.add('selected');\n if (useAnim) div.style.animation = `iconPop 0.12s ease ${Math.min(i * 15, 200)}ms both`;\n iconMap.set(n.id, div);\n frag.appendChild(div);\n }\n area.appendChild(frag);\n if (end < items.length) requestAnimationFrame(() => renderChunk(end));\n else afterRender();\n };\n renderChunk(0);\n // Immediate status/cut-styles refresh (visible before async chunks complete)\n updateStatusFn();\n if (typeof _applyCutStyles !== 'undefined') _applyCutStyles();\n } else {\n // Incremental: animate-out removed items, add new ones\n const nodeMap = new Map(items.map(n => [n.id, n]));\n iconMap.forEach((el, id) => {\n if (!nodeMap.has(id)) {\n if (!el.isConnected) { iconMap.delete(id); }\n else {\n el.style.transition = 'opacity .1s, transform .1s';\n el.style.opacity = '0'; el.style.transform = 'scale(.85)';\n setTimeout(() => { el.remove(); iconMap.delete(id); }, 110);\n }\n }\n });\n const needPos = items.filter(n => !VFS.getPos(folderId, n.id));\n if (needPos.length) VFS.autoPosBatch(folderId, needPos, area);\n for (const [idx, n] of items.entries()) {\n let existing = iconMap.get(n.id);\n if (existing && !existing.isConnected) { iconMap.delete(n.id); existing = null; }\n if (existing) {\n const nameEl = existing.querySelector('.file-name');\n if (nameEl && nameEl.textContent !== n.name) nameEl.textContent = n.name;\n if (n.type === 'folder') {\n const thumbEl = existing.querySelector('.file-thumb.folder-icon');\n if (thumbEl) thumbEl.innerHTML = getFolderSVG(n.color);\n }\n } else {\n const pos = VFS.getPos(folderId, n.id) || { x: 8, y: 8 },\n div = _buildIconEl(n, pos);\n if (selection.has(n.id)) div.classList.add('selected');\n div.style.animation = `iconPop 0.12s ease ${Math.min(idx * 15, 200)}ms both`;\n iconMap.set(n.id, div);\n area.appendChild(div);\n }\n }\n afterRender();\n }\n}\n\n/* ============================================================\n DESKTOP\n ============================================================ */\nconst Desktop = {\n _desktopFolder: 'root',\n _sel: App.selection, // main desktop's own selection (same reference as App.selection initially)\n // Unified interface aliases used by shared helpers (_setupAreaDelegation, _initAreaTouchRubberBand, _rubberBandSelect)\n get selection() { return this._sel; },\n get folderId() { return this._desktopFolder; },\n _updateStatus() { this._updateSelectionBar(); },\n\n render() {\n // Restore main desktop's folder + selection as the active App context\n App._winCtx = null;\n App.folder = this._desktopFolder;\n App.selection = this._sel;\n\n this._renderBreadcrumb();\n this._renderIcons();\n this.updateTaskbar();\n document.title = 'SafeNova β€” ' + (App.container?.name || 'Container');\n // Re-render all open folder windows\n if (typeof WinManager !== 'undefined') WinManager.renderAll();\n // Load activity log from compressed storage (async)\n _loadActivityLog();\n },\n\n _renderBreadcrumb() {\n const bc = document.getElementById('breadcrumb'),\n crumbs = VFS.breadcrumb(this._desktopFolder);\n bc.innerHTML = '';\n crumbs.forEach((n, i) => {\n const span = document.createElement('span');\n span.className = 'breadcrumb-item' + (i === crumbs.length - 1 ? ' current' : '');\n span.textContent = n.id === 'root' ? ('/~/' + App.container.name) : n.name;\n if (i < crumbs.length - 1) {\n span.addEventListener('click', () => {\n this._desktopFolder = n.id;\n this._sel.clear();\n this.render();\n });\n }\n bc.appendChild(span);\n if (i < crumbs.length - 1) {\n const sep = document.createElement('span');\n sep.className = 'breadcrumb-sep';\n sep.textContent = ' β€Ί ';\n bc.appendChild(sep);\n }\n });\n },\n\n _renderIcons() {\n _renderIconArea(\n document.getElementById('desktop-area'),\n this._desktopFolder, this._sel,\n () => this._updateSelectionBar(), true\n );\n },\n\n // Incremental update: add new icons, remove gone ones, sync names β€” NO re-animation for existing\n _patchIcons() {\n App._winCtx = null;\n App.folder = this._desktopFolder;\n App.selection = this._sel;\n _renderIconArea(\n document.getElementById('desktop-area'),\n this._desktopFolder, this._sel,\n () => { this._updateSelectionBar(); this.updateTaskbar(); }, false\n );\n if (typeof WinManager !== 'undefined') WinManager.renderAll();\n },\n\n _onIconMousedown(e, el, node) {\n if (e.button !== 0) return;\n hideCtxMenu();\n _startIconDrag(e, node, el, {\n area: document.getElementById('desktop-area'),\n folderId: this._desktopFolder,\n selection: this._sel,\n winEl: null,\n updateUI: () => { this._updateSelectionBar(); this.updateTaskbar(); },\n clearAll: () => {\n this._sel.clear();\n document.querySelectorAll('#desktop-area > .file-item.selected').forEach(i => i.classList.remove('selected'));\n },\n });\n },\n\n\n /* ---- Touch-drag for mobile: long-press (400ms) + drag icons ---- */\n _initTouchDrag(area) {\n _initTouchDragCommon(area, this, { showSnap: true, afterDrop: () => this.updateTaskbar() });\n },\n\n _openNode(node) {\n hideCtxMenu();\n if (node.type === 'folder') {\n // Folders always open in a new floating window\n WinManager.open(node.id);\n } else {\n openFile(node);\n }\n },\n\n _contextIcon(e, node) {\n if (!e.ctrlKey && !e.metaKey && !this._sel.has(node.id)) {\n this._sel.clear();\n document.querySelectorAll('#desktop-area > .file-item.selected').forEach(i => i.classList.remove('selected'));\n }\n this._sel.add(node.id);\n document.querySelector(`#desktop-area > .file-item[data-id=\"${node.id}\"]`)?.classList.add('selected');\n this._updateSelectionBar();\n const _sync = () => { App.folder = this._desktopFolder; App.selection = this._sel; App._winCtx = null; };\n showCtxMenu(e.clientX, e.clientY, _buildIconMenuItems(node, this._sel, {\n openFn: n => n.type === 'folder' ? WinManager.open(n.id) : this._openNode(n),\n colorCb: () => Desktop._patchIcons(),\n hasCopy: true,\n copyFn: () => { _sync(); copyItems(); },\n cutFn: () => { _sync(); cutItems(); },\n exportZipFn: () => { _sync(); exportAsZip([...this._sel]); },\n deleteFn: () => { _sync(); deleteSelected(); },\n }));\n },\n\n _contextDesktop(e) {\n this._sel.clear();\n document.querySelectorAll('#desktop-area > .file-item.selected').forEach(i => i.classList.remove('selected'));\n this._updateSelectionBar();\n const _sync = () => { App.folder = this._desktopFolder; App.selection = this._sel; App._winCtx = null; };\n showCtxMenu(e.clientX, e.clientY, _buildAreaMenuItems(e, _sync, undefined,\n () => { Desktop._renderIcons(); if (typeof WinManager !== 'undefined') WinManager.renderAll(); }));\n },\n\n // Clear selection: empties both the Set AND removes .selected CSS classes from DOM\n _clearSelection() {\n this._sel.clear();\n document.querySelectorAll('#desktop-area > .file-item.selected').forEach(i => i.classList.remove('selected'));\n this._updateSelectionBar();\n },\n\n _updateSelectionBar() {\n const bar = document.getElementById('selection-bar');\n if (this._sel.size > 0) {\n const totalSz = [...this._sel].reduce((s, id) => {\n const n = VFS.node(id); return s + (n && n.size ? n.size : 0);\n }, 0);\n bar.textContent = `${this._sel.size} item${this._sel.size !== 1 ? 's' : ''} selected${totalSz > 0 ? ' Β· ' + fmtSize(totalSz) : ''}`;\n bar.classList.add('show');\n } else {\n bar.classList.remove('show');\n }\n },\n\n updateTaskbar() {\n if (!App.container) return;\n const tot = App.container.totalSize || 0,\n pct = Math.min(tot / CONTAINER_LIMIT * 100, 100),\n cls = pct > 90 ? 'danger' : pct > 70 ? 'warn' : '';\n document.getElementById('taskbar-name').textContent = App.container.name;\n document.getElementById('taskbar-size-text').textContent = `${fmtSize(tot)} / ${fmtSize(CONTAINER_LIMIT)}`;\n document.getElementById('taskbar-size-pct').textContent = pct.toFixed(1) + '%';\n const bar = document.getElementById('taskbar-bar-fill');\n bar.style.width = pct + '%';\n bar.className = 'taskbar-bar-fill ' + cls;\n },\n\n initEvents() {\n const area = document.getElementById('desktop-area');\n // Delegated icon events: mousedown, dblclick, contextmenu, touch tap\n _setupAreaDelegation(area, this);\n // Mobile touch-drag for icons\n this._initTouchDrag(area);\n\n area.addEventListener('contextmenu', e => {\n if (e.target === area || e.target.classList.contains('drop-overlay') ||\n e.target.classList.contains('selection-bar')) {\n e.preventDefault();\n this._contextDesktop(e);\n }\n });\n\n area.addEventListener('mousedown', e => {\n if (e.target !== area) return;\n if (!e.ctrlKey && !e.metaKey) {\n this._sel.clear();\n document.querySelectorAll('#desktop-area > .file-item.selected').forEach(i => i.classList.remove('selected'));\n this._updateSelectionBar();\n }\n this._startRubberBand(e);\n });\n\n area.addEventListener('keydown', e => this._onKey(e));\n\n let _deskDndHoverFolder = null;\n area.addEventListener('dragover', e => {\n e.preventDefault();\n const overFW = !!e.target.closest('.folder-window');\n if (!overFW) {\n const folderEl = e.target?.closest?.('#desktop-area > .file-item[data-id]'),\n newHover = folderEl && VFS.node(folderEl.dataset.id)?.type === 'folder' ? folderEl.dataset.id : null;\n if (newHover !== _deskDndHoverFolder) {\n if (_deskDndHoverFolder) document.querySelector(`#desktop-area > .file-item[data-id=\"${_deskDndHoverFolder}\"]`)?.classList.remove('drag-target');\n _deskDndHoverFolder = newHover;\n if (_deskDndHoverFolder) document.querySelector(`#desktop-area > .file-item[data-id=\"${_deskDndHoverFolder}\"]`)?.classList.add('drag-target');\n }\n }\n document.getElementById('drop-overlay').classList.toggle('show', !overFW && !_deskDndHoverFolder);\n });\n area.addEventListener('dragleave', e => {\n if (!area.contains(e.relatedTarget)) {\n if (_deskDndHoverFolder) document.querySelector(`#desktop-area > .file-item[data-id=\"${_deskDndHoverFolder}\"]`)?.classList.remove('drag-target');\n _deskDndHoverFolder = null;\n document.getElementById('drop-overlay').classList.remove('show');\n }\n });\n area.addEventListener('drop', e => {\n e.preventDefault();\n if (_deskDndHoverFolder) document.querySelector(`#desktop-area > .file-item[data-id=\"${_deskDndHoverFolder}\"]`)?.classList.remove('drag-target');\n const targetFolderId = _deskDndHoverFolder || this._desktopFolder;\n _deskDndHoverFolder = null;\n document.getElementById('drop-overlay').classList.remove('show');\n App._winCtx = null;\n App.folder = targetFolderId;\n App.selection = this._sel;\n uploadEntries(e.dataTransfer.items, targetFolderId);\n });\n\n /* ---- Touch: rubber-band select on empty area + long-press context menu ---- */\n _initAreaTouchRubberBand(area, this);\n\n // Global: dismiss context menu on any LMB click outside the menu\n document.addEventListener('mousedown', e => {\n if (e.button !== 0) return;\n if (e.target.closest('#ctx-menu, #ctx-menu-sub, body > .ctx-menu')) return;\n hideCtxMenu();\n });\n // Track last touch to suppress spurious mouseenter tooltips fired by the browser after touchend\n document.addEventListener('touchstart', () => { _lastTouchTs = Date.now(); }, { passive: true, capture: true });\n },\n\n _startRubberBand(e) {\n _rubberBandSelect(e, document.getElementById('desktop-area'), this._sel, () => this._updateSelectionBar());\n },\n\n _onKey(e) {\n const sync = () => { App.folder = this._desktopFolder; App.selection = this._sel; App._winCtx = null; };\n _handleKey(e, this, sync, fn => { sync(); fn(); }, {\n area: document.getElementById('desktop-area'),\n refresh: () => { Desktop._renderIcons(); if (typeof WinManager !== 'undefined') WinManager.renderAll(); },\n });\n }\n};\n\n/* ============================================================\n FOLDER WINDOW MANAGER\n ============================================================ */\nconst WinManager = {\n _wins: [],\n _z: 300,\n\n open(folderId) {\n hideCtxMenu();\n // Auto-cancel cut if the opened folder (or its ancestor) is in the clipboard\n if (App.clipboard?.op === 'cut') {\n const cutIds = new Set(App.clipboard.ids);\n let cur = folderId;\n while (cur && cur !== 'root') {\n if (cutIds.has(cur)) { cancelClipboard(); break; }\n cur = (VFS.node(cur) || {}).parentId;\n }\n }\n // Bring existing window to front if already open\n const existing = this._wins.find(w => w.folderId === folderId && !w._navStack.length);\n if (existing) { existing.bringToFront(); return existing; }\n const win = new FolderWindow(folderId);\n this._wins.push(win);\n return win;\n },\n\n close(win) {\n this._wins = this._wins.filter(w => w !== win);\n win.el.remove();\n },\n\n closeAll() {\n this._wins.forEach(w => w.el.remove());\n this._wins = [];\n },\n\n renderAll() {\n this._wins.forEach(w => w.render());\n },\n\n nextZ() { return ++this._z; }\n};\n\n/* ============================================================\n FOLDER WINDOW (floating explorer)\n ============================================================ */\nclass FolderWindow {\n constructor(folderId) {\n this.folderId = folderId;\n this.selection = new Set();\n this._navStack = []; // for back navigation (not used in default: navigate in window)\n this.el = null;\n this._build();\n }\n\n /* ---- DOM BUILD ---- */\n _build() {\n const node = VFS.node(this.folderId),\n el = document.createElement('div');\n el.className = 'folder-window';\n el.style.zIndex = WinManager.nextZ();\n\n // Cascade position\n const area = document.getElementById('desktop-area'),\n count = WinManager._wins.length,\n defW = 680, defH = 440,\n cx = Math.max(20, Math.min((area.clientWidth - defW) / 2 + count * 28, area.clientWidth - defW - 10)),\n cy = Math.max(20, Math.min((area.clientHeight - defH) / 2 + count * 28, area.clientHeight - defH - 10));\n el.style.left = cx + 'px';\n el.style.top = cy + 'px';\n el.style.width = defW + 'px';\n el.style.height = defH + 'px';\n\n el.innerHTML = `\n
\n
\n ${getFolderSVG(node.color)}\n ${escHtml(node.name)}\n
\n
\n \n \n
\n
\n
\n \n \n \n
\n
\n
\n
\n
\n \n Drop files to import\n
\n
\n
\n 0 items\n
\n
\n `;\n\n this.el = el;\n area.appendChild(el);\n this._bindEvents();\n this.render();\n }\n\n /* ---- EVENTS ---- */\n _bindEvents() {\n const el = this.el;\n el.addEventListener('mousedown', () => this.bringToFront(), true);\n\n // Title bar drag (move window)\n this._makeDraggable(el.querySelector('.fw-drag-area'));\n\n // Buttons\n el.querySelector('.fw-btn-close').addEventListener('click', e => {\n e.stopPropagation(); WinManager.close(this);\n });\n el.querySelector('.fw-btn-navup').addEventListener('click', e => {\n e.stopPropagation();\n const n = VFS.node(this.folderId);\n if (n && n.parentId && n.parentId !== 'root') { this.folderId = n.parentId; this.selection.clear(); this.render(); }\n });\n el.querySelector('.fw-btn-upload').addEventListener('click', e => {\n e.stopPropagation();\n this._setCtx();\n document.getElementById('file-input').click();\n });\n el.querySelector('.fw-btn-newfile').addEventListener('click', e => {\n e.stopPropagation(); App._ctxScreenPos = null; this._setCtx(); newTextFile();\n });\n el.querySelector('.fw-btn-newfolder').addEventListener('click', e => {\n e.stopPropagation(); App._ctxScreenPos = null; this._setCtx(); newFolder();\n });\n\n // Content area events\n const area = el.querySelector('.fw-area');\n // Delegated icon events: mousedown, dblclick, contextmenu, touch tap\n _setupAreaDelegation(area, this);\n area.addEventListener('contextmenu', e => {\n if (e.target === area) { e.preventDefault(); e.stopPropagation(); this._contextDesktop(e); }\n });\n area.addEventListener('mousedown', e => {\n if (e.target !== area) return;\n hideCtxMenu();\n area.focus();\n if (!e.ctrlKey && !e.metaKey) {\n this.selection.clear();\n area.querySelectorAll('.file-item.selected').forEach(i => i.classList.remove('selected'));\n this._updateStatus();\n }\n this._startRubberBand(e);\n });\n area.addEventListener('keydown', e => this._onKey(e));\n const fwDropOv = area.querySelector('.fw-drop-overlay');\n let _fwDndHoverFolder = null;\n area.addEventListener('dragover', e => {\n e.preventDefault();\n const folderEl = e.target?.closest?.('.file-item[data-id]'),\n newHover = folderEl && VFS.node(folderEl.dataset.id)?.type === 'folder' ? folderEl.dataset.id : null;\n if (newHover !== _fwDndHoverFolder) {\n if (_fwDndHoverFolder) area.querySelector(`.file-item[data-id=\"${_fwDndHoverFolder}\"]`)?.classList.remove('drag-target');\n _fwDndHoverFolder = newHover;\n if (_fwDndHoverFolder) area.querySelector(`.file-item[data-id=\"${_fwDndHoverFolder}\"]`)?.classList.add('drag-target');\n }\n if (fwDropOv) fwDropOv.classList.toggle('show', !_fwDndHoverFolder);\n });\n area.addEventListener('dragleave', e => {\n if (!area.contains(e.relatedTarget)) {\n if (_fwDndHoverFolder) area.querySelector(`.file-item[data-id=\"${_fwDndHoverFolder}\"]`)?.classList.remove('drag-target');\n _fwDndHoverFolder = null;\n if (fwDropOv) fwDropOv.classList.remove('show');\n }\n });\n area.addEventListener('drop', e => {\n e.preventDefault();\n e.stopPropagation(); // prevent desktop from also receiving this drop\n if (_fwDndHoverFolder) area.querySelector(`.file-item[data-id=\"${_fwDndHoverFolder}\"]`)?.classList.remove('drag-target');\n const targetFolderId = _fwDndHoverFolder || this.folderId;\n _fwDndHoverFolder = null;\n if (fwDropOv) fwDropOv.classList.remove('show');\n App._winCtx = this;\n App.folder = targetFolderId;\n App.selection = this.selection;\n uploadEntries(e.dataTransfer.items, targetFolderId);\n });\n\n /* ---- Touch: rubber-band select on empty area + long-press context menu ---- */\n _initAreaTouchRubberBand(area, this);\n\n this._initFwTouchDrag(area);\n this._addResizeHandle();\n }\n\n /* ---- SET CONTEXT for modal-based and async ops ---- */\n // Clear selection: empties both the Set AND removes .selected CSS classes from DOM\n _clearSelection() {\n this.selection.clear();\n this.el.querySelectorAll('.file-item.selected').forEach(i => i.classList.remove('selected'));\n this._updateStatus();\n }\n\n _setCtx() {\n App._winCtx = this;\n App.folder = this.folderId;\n App.selection = this.selection;\n }\n\n /* ---- SET CONTEXT for sync ops (save+restore immediately) ---- */\n _withCtxSync(fn) {\n const pF = App.folder, pS = App.selection, pW = App._winCtx;\n App.folder = this.folderId; App.selection = this.selection; App._winCtx = this;\n try { fn(); } finally { App.folder = pF; App.selection = pS; App._winCtx = pW; }\n }\n\n /* ---- WINDOW DRAG ---- */\n _makeDraggable(handle) {\n handle.addEventListener('mousedown', e => {\n if (e.button !== 0) return;\n e.preventDefault();\n const startMouseX = e.clientX, startMouseY = e.clientY,\n startLeft = parseInt(this.el.style.left) || 0,\n startTop = parseInt(this.el.style.top) || 0;\n const onMove = mv => {\n const area = document.getElementById('desktop-area'),\n maxL = area.clientWidth - this.el.offsetWidth,\n maxT = area.clientHeight - this.el.offsetHeight;\n this.el.style.left = Math.max(0, Math.min(maxL, startLeft + mv.clientX - startMouseX)) + 'px';\n this.el.style.top = Math.max(0, Math.min(maxT, startTop + mv.clientY - startMouseY)) + 'px';\n };\n const onUp = () => { document.removeEventListener('mousemove', onMove); document.removeEventListener('mouseup', onUp); };\n document.addEventListener('mousemove', onMove);\n document.addEventListener('mouseup', onUp);\n });\n }\n\n bringToFront() { this.el.style.zIndex = WinManager.nextZ(); }\n\n /* ---- RENDER ---- */\n render() {\n const node = VFS.node(this.folderId);\n if (!node) { WinManager.close(this); return; }\n\n // Update title β€” full path\n this.el.querySelector('.fw-title').textContent = VFS.fullPath(this.folderId);\n // Hide navup button when at top-level folder (parent is root)\n const _navB = this.el.querySelector('.fw-btn-navup');\n if (_navB) _navB.style.display = (node.parentId && node.parentId !== 'root') ? '' : 'none';\n // Update title bar folder icon (reflects current color)\n const _folderIconEl = this.el.querySelector('.fw-folder-icon');\n if (_folderIconEl) _folderIconEl.innerHTML = getFolderSVG(node.color);\n\n // Update breadcrumb inside toolbar\n const bcId = `fw-bc-${this.el.querySelector('.fw-breadcrumb').id.replace('fw-bc-', '')}`,\n bc = this.el.querySelector('.fw-breadcrumb');\n bc.innerHTML = '';\n VFS.breadcrumb(this.folderId).forEach((n, i, arr) => {\n if (i === 0) return; // skip root\n const sp = document.createElement('span');\n sp.className = 'fw-bc-item' + (i === arr.length - 1 ? ' current' : '');\n sp.textContent = n.name;\n if (i < arr.length - 1) sp.addEventListener('click', () => { this.folderId = n.id; this.selection.clear(); this.render(); });\n bc.appendChild(sp);\n if (i < arr.length - 1) { const s = document.createElement('span'); s.className = 'fw-bc-sep'; s.textContent = ' β€Ί '; bc.appendChild(s); }\n });\n\n // Render icons β€” incremental when same folder to avoid flash, full rebuild on navigation\n const area = this.el.querySelector('.fw-area'),\n folderChanged = this._renderedFolderId !== this.folderId;\n this._renderedFolderId = this.folderId;\n _renderIconArea(area, this.folderId, this.selection, () => this._updateStatus(), folderChanged);\n }\n\n /* ---- ICON DRAG (within window + escape to desktop/other windows) ---- */\n _onIconMousedown(e, el, node) {\n if (e.button !== 0) return;\n hideCtxMenu();\n _startIconDrag(e, node, el, {\n area: this.el.querySelector('.fw-area'),\n folderId: this.folderId,\n selection: this.selection,\n winEl: this.el,\n updateUI: () => this._updateStatus(),\n clearAll: () => {\n this.selection.clear();\n this.el.querySelectorAll('.fw-area > .file-item.selected').forEach(i => i.classList.remove('selected'));\n },\n });\n }\n\n /* ---- OPEN NODE: default = navigate within window ---- */\n _openNode(node) {\n hideCtxMenu();\n if (node.type === 'folder') {\n // Auto-cancel cut if navigating into a cut folder\n if (App.clipboard?.op === 'cut') {\n const cutIds = new Set(App.clipboard.ids);\n let cur = node.id;\n while (cur && cur !== 'root') {\n if (cutIds.has(cur)) { cancelClipboard(); break; }\n cur = (VFS.node(cur) || {}).parentId;\n }\n }\n this.folderId = node.id; this.selection.clear(); this.render();\n } else {\n openFile(node);\n }\n }\n\n /* ---- TOUCH DRAG for mobile (inside folder window) ---- */\n _initFwTouchDrag(area) {\n _initTouchDragCommon(area, this, { showSnap: true });\n }\n\n /* ---- RUBBER BAND selection ---- */\n _startRubberBand(e) {\n _rubberBandSelect(e, this.el.querySelector('.fw-area'), this.selection, () => this._updateStatus());\n }\n\n /* ---- CONTEXT MENUS ---- */\n _contextDesktop(e) {\n this.selection.clear();\n this.el.querySelectorAll('.file-item.selected').forEach(i => i.classList.remove('selected'));\n this._updateStatus();\n const syncFn = () => this._setCtx();\n showCtxMenu(e.clientX, e.clientY, _buildAreaMenuItems(e, syncFn, this,\n () => { this._renderedFolderId = null; this.render(); }));\n }\n\n _contextIcon(e, node) {\n if (!e.ctrlKey && !e.metaKey && !this.selection.has(node.id)) {\n this.selection.clear();\n this.el.querySelectorAll('.file-item.selected').forEach(i => i.classList.remove('selected'));\n }\n this.selection.add(node.id);\n this.el.querySelector(`.file-item[data-id=\"${node.id}\"]`)?.classList.add('selected');\n this._updateStatus();\n showCtxMenu(e.clientX, e.clientY, _buildIconMenuItems(node, this.selection, {\n openFn: n => n.type === 'folder' ? this._openNode(n) : openFile(n),\n colorCb: () => this.render(),\n hasCopy: false,\n copyFn: null,\n cutFn: () => this._withCtxSync(() => cutItems()),\n exportZipFn: () => this._withCtxSync(() => exportAsZip([...this.selection])),\n deleteFn: () => { this._setCtx(); deleteSelected(); },\n }));\n }\n\n /* ---- RESIZE HANDLE ---- */\n _addResizeHandle() {\n const handle = this.el.querySelector('.fw-resize-handle');\n if (!handle) return;\n handle.addEventListener('mousedown', e => {\n if (e.button !== 0) return;\n e.preventDefault(); e.stopPropagation();\n const startX = e.clientX, startY = e.clientY,\n startW = this.el.offsetWidth, startH = this.el.offsetHeight;\n const onMove = mv => {\n this.el.style.width = Math.max(420, Math.min(1400, startW + mv.clientX - startX)) + 'px';\n this.el.style.height = Math.max(260, Math.min(900, startH + mv.clientY - startY)) + 'px';\n };\n const onUp = () => { document.removeEventListener('mousemove', onMove); document.removeEventListener('mouseup', onUp); };\n document.addEventListener('mousemove', onMove);\n document.addEventListener('mouseup', onUp);\n });\n }\n\n /* ---- STATUS BAR & KEYBOARD ---- */\n _updateStatus() {\n const count = VFS.children(this.folderId).length,\n sel = this.selection.size;\n this.el.querySelector('.fw-status-text').textContent =\n sel > 0 ? `${sel} of ${count} selected` : `${count} item${count !== 1 ? 's' : ''}`;\n }\n\n _onKey(e) {\n _handleKey(e, this, () => this._setCtx(), fn => this._withCtxSync(fn), {\n area: this.el,\n refresh: () => { this.render(); this.el.querySelector('.fw-area')?.focus(); },\n extraKeys: ev => {\n if (ev.key === 'Backspace' && !ev.ctrlKey && !ev.metaKey) {\n const n = VFS.node(this.folderId);\n if (n && n.parentId && n.parentId !== 'root') { this.folderId = n.parentId; this.selection.clear(); this.render(); }\n return true;\n }\n },\n });\n }\n}\n" }, { "path": "src/js/detectors/incognito.js", "content": "'use strict';\n\n/* ============================================================\n INCOGNITO DETECTOR v1.6.2 (adapted)\n\n Algorithm ported from:\n https://github.com/Joe12387/detectIncognito\n MIT License β€” Copyright (c) 2021-2025 Joe Rutkowski \n\n Re-implemented as plain ES6 (no TypeScript, no bundler).\n Covers: Chrome 76+, Edge, Brave, Opera, Safari 13+, Firefox, IE.\n ============================================================ */\n\n/**\n * Detect whether the current tab is running in a private / incognito context.\n * @returns {Promise<{isPrivate: boolean, browserName: string}>}\n */\nfunction detectIncognito() {\n return new Promise(function (resolve, reject) {\n let browserName = 'Unknown';\n let callbackSettled = false;\n\n function __callback(isPrivate) {\n if (callbackSettled) return;\n callbackSettled = true;\n resolve({ isPrivate, browserName });\n }\n\n // ── Engine fingerprint ────────────────────────────────────\n // Each JS engine produces a unique error.message.length for (-1).toFixed(-1):\n // V8 (Chrome/Edge/…) β†’ 51\n // JavaScriptCore (Safari) β†’ 44 or 43\n // SpiderMonkey (Firefox) β†’ 25\n function feid() {\n let id = 0;\n try { (-1).toFixed(-1); } catch (e) { id = e.message.length; }\n return id;\n }\n\n function isSafari() { const f = feid(); return f === 44 || f === 43; }\n function isChrome() { return feid() === 51; }\n function isFirefox() { return feid() === 25; }\n function isMSIE() { return navigator.msSaveBlob !== undefined; }\n\n function identifyChromium() {\n const ua = navigator.userAgent;\n if (ua.match(/Chrome/)) {\n if (navigator.brave !== undefined) return 'Brave';\n if (ua.match(/Edg/)) return 'Edge';\n if (ua.match(/OPR/)) return 'Opera';\n return 'Chrome';\n }\n return 'Chromium';\n }\n\n // ── Safari ───────────────────────────────────────────────\n\n async function currentSafariTest() {\n // Modern Safari private mode: getDirectory() throws \"unknown transient reason\"\n try {\n await navigator.storage.getDirectory();\n __callback(false);\n } catch (e) {\n const msg = (e instanceof Error) ? e.message : String(e);\n __callback(msg.includes('unknown transient reason'));\n }\n }\n\n function safari13to18Test() {\n // Safari 13-18: storing a Blob in IDB throws \"are not yet supported\" in private mode\n const tmp = String(Math.random());\n try {\n const dbReq = indexedDB.open(tmp, 1);\n dbReq.onupgradeneeded = (ev) => {\n const db = ev.target.result;\n const finish = (priv) => { __callback(priv); };\n try {\n db.createObjectStore('t', { autoIncrement: true }).put(new Blob());\n finish(false);\n } catch (err) {\n const msg = (err instanceof Error) ? err.message : String(err);\n finish(msg.includes('are not yet supported'));\n } finally {\n db.close();\n indexedDB.deleteDatabase(tmp);\n }\n };\n dbReq.onerror = () => __callback(false);\n } catch {\n __callback(false);\n }\n }\n\n function oldSafariTest() {\n const openDB = window.openDatabase;\n const storage = window.localStorage;\n try { openDB(null, null, null, null); } catch { __callback(true); return; }\n try { storage.setItem('test', '1'); storage.removeItem('test'); } catch { __callback(true); return; }\n __callback(false);\n }\n\n async function safariPrivateTest() {\n if (typeof navigator.storage?.getDirectory === 'function') {\n await currentSafariTest();\n } else if (navigator.maxTouchPoints !== undefined) {\n safari13to18Test();\n } else {\n oldSafariTest();\n }\n }\n\n // ── Chrome / Chromium ─────────────────────────────────────\n\n function getQuotaLimit() {\n return window?.performance?.memory?.jsHeapSizeLimit ?? 1073741824;\n }\n\n // Chrome 76+: private mode caps webkitTemporaryStorage quota to ~2Γ— jsHeapSizeLimit\n function storageQuotaChromePrivateTest() {\n navigator.webkitTemporaryStorage.queryUsageAndQuota(\n function (_used, quota) {\n const quotaInMib = Math.round(quota / (1024 * 1024));\n const quotaLimitInMib = Math.round(getQuotaLimit() / (1024 * 1024)) * 2;\n __callback(quotaInMib < quotaLimitInMib);\n },\n function (e) {\n reject(new Error('detectIncognito failed to query storage quota: ' + e.message));\n }\n );\n }\n\n // Chrome 50-75: webkitRequestFileSystem fails in private mode\n function oldChromePrivateTest() {\n window.webkitRequestFileSystem(0, 1, () => __callback(false), () => __callback(true));\n }\n\n function chromePrivateTest() {\n if (self.Promise !== undefined && self.Promise.allSettled !== undefined) {\n storageQuotaChromePrivateTest();\n } else {\n oldChromePrivateTest();\n }\n }\n\n // ── Firefox ──────────────────────────────────────────────\n\n async function firefoxPrivateTest() {\n if (typeof navigator.storage?.getDirectory === 'function') {\n // Modern Firefox private mode: getDirectory() throws \"Security error\"\n try {\n await navigator.storage.getDirectory();\n __callback(false);\n } catch (e) {\n const msg = (e instanceof Error) ? e.message : String(e);\n __callback(msg.includes('Security error'));\n }\n } else {\n // Older Firefox: IDB open fails immediately in private mode\n const req = indexedDB.open('inPrivate');\n req.onerror = (event) => {\n if (req.error && req.error.name === 'InvalidStateError') event.preventDefault();\n __callback(true);\n };\n req.onsuccess = () => {\n indexedDB.deleteDatabase('inPrivate');\n __callback(false);\n };\n }\n }\n\n // ── IE ───────────────────────────────────────────────────\n\n function msiePrivateTest() {\n __callback(window.indexedDB === undefined);\n }\n\n // ── Main ─────────────────────────────────────────────────\n\n async function main() {\n if (isSafari()) {\n browserName = 'Safari';\n await safariPrivateTest();\n } else if (isChrome()) {\n browserName = identifyChromium();\n chromePrivateTest();\n } else if (isFirefox()) {\n browserName = 'Firefox';\n await firefoxPrivateTest();\n } else if (isMSIE()) {\n browserName = 'Internet Explorer';\n msiePrivateTest();\n } else {\n reject(new Error('detectIncognito cannot determine the browser'));\n }\n }\n\n main().catch(reject);\n });\n}\n\n/* ============================================================\n INCOGNITO WARNING UI\n ============================================================ */\n\n/**\n * Show the full-screen incognito warning and wait for the user to dismiss it.\n * Uses a 3-second countdown before \"Continue\" is enabled β€” same pattern\n * as confirmDeleteContainer() in home.js.\n * @returns {Promise} resolves when the user clicks Continue.\n */\nfunction showIncognitoWarning() {\n return new Promise((resolve) => {\n const el = document.getElementById('incognito-warning');\n const btn = document.getElementById('incognito-continue-btn');\n const lbl = document.getElementById('incognito-continue-lbl');\n\n el.style.display = 'flex';\n\n let remaining = 3;\n lbl.textContent = `Wait\\u2026 ${remaining}`;\n btn.disabled = true;\n\n const timer = setInterval(() => {\n remaining--;\n if (remaining > 0) {\n lbl.textContent = `Wait\\u2026 ${remaining}`;\n } else {\n clearInterval(timer);\n btn.disabled = false;\n lbl.textContent = 'I understand, Continue';\n }\n }, 1000);\n\n btn.onclick = () => {\n clearInterval(timer);\n btn.onclick = null;\n el.style.display = 'none';\n resolve();\n };\n });\n}\n" }, { "path": "src/js/docmode.js", "content": "if (localStorage.getItem('snv-doc-hide') === '1') document.documentElement.classList.add('snv-doc-hidden');\n" }, { "path": "src/js/fileops.js", "content": "ο»Ώ'use strict';\n\n/* ============================================================\n FILENAME SANITIZATION\n ============================================================ */\nfunction sanitizeFilename(name) {\n // Strip null bytes, path separators, HTML/XML special chars, and prevent . / .. as names\n const s = (name || 'unnamed')\n .replace(/[\\x00-\\x1f\\\\/]/g, '_')\n .replace(/[<>&\"']/g, '_')\n .trim();\n return /^\\.{1,2}$/.test(s) || s === '' ? 'unnamed' : s;\n}\n\n/* ============================================================\n UPLOAD FILES (from OS drag-drop or file picker β€” flat list)\n ============================================================ */\nasync function uploadFiles(files) {\n if (!App.key || !App.container) return;\n if (!files || !files.length) return;\n\n // Container size check\n const remaining = CONTAINER_LIMIT - VFS.totalSize();\n let totalNew = 0;\n for (const f of files) totalNew += f.size;\n if (totalNew > remaining) {\n toast(`Not enough space in container. Need ${fmtSize(totalNew)}, have ${fmtSize(remaining)}`, 'error');\n return;\n }\n\n // Device storage check\n const spCheck = await checkStorageSpace(totalNew * 1.1); // +10% for encryption overhead\n if (!spCheck.ok) {\n toast(\n `Not enough device storage. Need ~${fmtSize(totalNew)}, only ${fmtSize(spCheck.available)} free.`,\n 'error'\n );\n return;\n }\n\n showLoading(`Encrypting ${files.length} file${files.length > 1 ? 's' : ''}...`);\n let ok = 0, _okIds = [];\n const fileArr = Array.from(files);\n const BATCH = _CRYPTO_CONCURRENCY;\n for (let i = 0; i < fileArr.length; i += BATCH) {\n const batch = fileArr.slice(i, i + BATCH);\n // Read all file buffers in this batch concurrently before encrypting\n const bufs = await Promise.all(batch.map(f => f.arrayBuffer()));\n const results = await Promise.allSettled(batch.map(async (f, bi) => {\n const name = sanitizeFilename(f.name),\n mime = f.type || getMime(name),\n { iv, blob } = await Crypto.encryptBin(App.key, bufs[bi]),\n nodeId = uid();\n VFS.add({\n id: nodeId, type: 'file', name, mime, size: f.size,\n parentId: App.folder, ctime: Date.now(), mtime: Date.now()\n });\n return { nodeId, rec: { id: nodeId, cid: App.container.id, iv: Array.from(iv), blob } };\n }));\n // Batch-save all encrypted records in a single IDB transaction\n const recs = [];\n for (let j = 0; j < results.length; j++) {\n if (results[j].status === 'fulfilled') {\n ok++;\n _okIds.push(results[j].value.nodeId);\n recs.push(results[j].value.rec);\n } else {\n console.error('upload error', batch[j].name, results[j].reason);\n toast('Failed to encrypt: ' + batch[j].name, 'error');\n }\n }\n if (recs.length) await DB.saveFiles(recs);\n showLoading(`Encrypting... ${Math.min(i + BATCH, fileArr.length)}/${fileArr.length}`);\n }\n await saveVFS();\n Desktop._patchIcons();\n hideLoading();\n if (ok > 0) {\n toast(`${ok} file${ok > 1 ? 's' : ''} imported`, 'success');\n logActivity('upload', ok === 1 ? files[0].name : `${ok} files`, ok, ok === 1 && _okIds[0] ? VFS.fullPath(_okIds[0]) : null);\n _scheduleExportCacheRefresh();\n }\n}\n\n/* ============================================================\n UPLOAD ENTRIES (from OS drag-drop β€” supports folders)\n Handles DataTransferItemList containing files AND directories.\n ============================================================ */\n\n// Read all entries from a FileSystemDirectoryReader.\n// The API only returns up to 100 entries per call β€” must batch until empty.\nfunction _readAllEntries(reader) {\n return new Promise(resolve => {\n const results = [];\n function batch() {\n reader.readEntries(entries => {\n if (!entries.length) { resolve(results); return; }\n results.push(...entries);\n batch();\n }, () => resolve(results)); // on error, return what we have\n }\n batch();\n });\n}\n\n// Encrypt a single FileSystemFileEntry and add it to the VFS under targetFolderId.\nasync function _uploadFileEntry(fileEntry, targetFolderId) {\n const file = await new Promise((res, rej) => fileEntry.file(res, rej));\n const name = sanitizeFilename(file.name);\n if (VFS.hasChildNamed(targetFolderId, name)) {\n toast(`\"${name}\" already exists β€” skipped`, 'warn');\n return false;\n }\n if (VFS.totalSize() + file.size > CONTAINER_LIMIT) {\n _uploadLimitHit = true;\n return false;\n }\n const spCheck = await checkStorageSpace(file.size * 1.1);\n if (!spCheck.ok) {\n _uploadDeviceFullHit = true;\n return false;\n }\n const buf = await file.arrayBuffer(),\n mime = file.type || getMime(name),\n { iv, blob } = await Crypto.encryptBin(App.key, buf),\n nodeId = uid(), now = Date.now();\n VFS.add({\n id: nodeId, type: 'file', name, mime, size: file.size,\n parentId: targetFolderId, ctime: now, mtime: now\n });\n await DB.saveFile({ id: nodeId, cid: App.container.id, iv: Array.from(iv), blob });\n return true;\n}\n\n// Recursively upload a FileSystemDirectoryEntry into the VFS under targetFolderId.\nasync function _uploadDirEntry(dirEntry, targetFolderId, depth) {\n if (depth > 32) { toast('Folder nesting too deep β€” stopped at 32 levels', 'warn'); return false; }\n const name = sanitizeFilename(dirEntry.name);\n if (VFS.hasChildNamed(targetFolderId, name)) {\n toast(`Folder \"${name}\" already exists β€” skipped`, 'warn');\n return false;\n }\n const folderId = uid(), now = Date.now();\n VFS.add({ id: folderId, type: 'folder', name, parentId: targetFolderId, ctime: now, mtime: now });\n const entries = await _readAllEntries(dirEntry.createReader());\n const fileEntries = entries.filter(e => e.isFile);\n const subDirEntries = entries.filter(e => e.isDirectory);\n // Encrypt files in this directory in parallel batches\n const BATCH = _CRYPTO_CONCURRENCY;\n for (let i = 0; i < fileEntries.length; i += BATCH) {\n await Promise.allSettled(\n fileEntries.slice(i, i + BATCH).map(e => _uploadFileEntry(e, folderId))\n );\n }\n // Recurse into subdirectories sequentially\n for (const subDir of subDirEntries) {\n await _uploadDirEntry(subDir, folderId, depth + 1);\n }\n return true;\n}\n\nlet _uploadLimitHit = false;\nlet _uploadDeviceFullHit = false;\n\n// Main drop entry point for desktop and folder-window drop events.\n// Accepts DataTransferItemList (supports both files and folders).\nasync function uploadEntries(dataTransferItems, targetFolderId) {\n if (!App.key || !App.container) return;\n const itemArr = Array.from(dataTransferItems || []);\n if (!itemArr.length) return;\n _uploadLimitHit = false;\n _uploadDeviceFullHit = false;\n\n const entries = itemArr.map(i => i.webkitGetAsEntry?.()).filter(Boolean);\n if (!entries.length) {\n // Fallback: no Entry API support β€” treat all as flat files\n const files = itemArr.map(i => i.getAsFile?.()).filter(Boolean);\n if (files.length) await uploadFiles(files);\n return;\n }\n\n const fileEntries = entries.filter(e => e.isFile),\n folderEntries = entries.filter(e => e.isDirectory);\n const label = [\n fileEntries.length && `${fileEntries.length} file${fileEntries.length !== 1 ? 's' : ''}`,\n folderEntries.length && `${folderEntries.length} folder${folderEntries.length !== 1 ? 's' : ''}`,\n ].filter(Boolean).join(' and ');\n\n showLoading(`Encrypting ${label}…`);\n let ok = 0;\n for (const entry of entries) {\n try {\n const added = entry.isDirectory\n ? await _uploadDirEntry(entry, targetFolderId, 0)\n : await _uploadFileEntry(entry, targetFolderId);\n if (added) ok++;\n } catch (err) {\n console.error('upload entry error', entry.name, err);\n toast(`Failed to import: ${entry.name}`, 'error');\n }\n }\n await saveVFS();\n Desktop._patchIcons();\n if (typeof WinManager !== 'undefined') WinManager.renderAll();\n hideLoading();\n if (ok > 0) {\n toast(`${ok} item${ok !== 1 ? 's' : ''} imported`, 'success');\n {\n const _sn = ok === 1 ? VFS.children(targetFolderId).find(n => n.name === sanitizeFilename(entries[0]?.name || '')) : null;\n logActivity('upload', ok === 1 ? (entries[0]?.name ?? '1 item') : `${ok} items`, ok, _sn ? VFS.fullPath(_sn.id) : null);\n }\n _scheduleExportCacheRefresh();\n }\n if (_uploadLimitHit) toast(`Container is full (${fmtSize(CONTAINER_LIMIT)}) β€” some files were not imported`, 'error');\n if (_uploadDeviceFullHit) toast('Not enough device storage β€” some files were not imported', 'error');\n}\n\n/* ============================================================\n OPEN / DOWNLOAD FILE\n ============================================================ */\nasync function openFile(node) {\n if (!App.key || !App.container) return;\n showLoading('Decrypting file...');\n try {\n const rec = await DB.getFile(node.id);\n if (!rec) { toast('File data not found', 'error'); hideLoading(); return; }\n const mime = node.mime || getMime(node.name);\n let buf;\n // Empty file: blob may be missing or decrypt may fail for 0-byte content\n if (!rec.blob || (rec.blob instanceof ArrayBuffer && rec.blob.byteLength === 0)) {\n buf = new ArrayBuffer(0);\n } else {\n buf = await Crypto.decryptBin(App.key, rec.iv, rec.blob);\n }\n hideLoading();\n\n if (isText(mime, node.name)) {\n openEditor(node, buf);\n } else if (isImage(mime) || isAudio(mime) || isVideo(mime) || isPDF(mime)) {\n openViewer(node, buf, mime);\n } else {\n _confirmExport(node, buf, mime);\n }\n } catch (e) { hideLoading(); toast('Decryption failed: ' + e.message, 'error'); console.error(e); }\n}\n\nasync function downloadFile(node) {\n if (!App.key || !App.container) return;\n showLoading('Decrypting...');\n try {\n const rec = await DB.getFile(node.id);\n if (!rec) { toast('File data not found', 'error'); hideLoading(); return; }\n let buf;\n if (!rec.blob || (rec.blob instanceof ArrayBuffer && rec.blob.byteLength === 0)) {\n buf = new ArrayBuffer(0);\n } else {\n buf = await Crypto.decryptBin(App.key, rec.iv, rec.blob);\n }\n downloadBuf(buf, node.name, node.mime || getMime(node.name));\n toast('Exported: ' + node.name, 'success');\n logActivity('download', node.name, 1, VFS.fullPath(node.id));\n } catch (e) { toast('Decryption failed: ' + e.message, 'error'); }\n hideLoading();\n}\n\nfunction downloadBuf(buf, name, mime) {\n const blob = new Blob(Array.isArray(buf) ? buf : [buf], { type: mime });\n const url = URL.createObjectURL(blob);\n const a = document.createElement('a');\n a.href = url; a.download = name;\n // Append to DOM before click β€” some Chrome builds require a connected\n // element for the download attribute to trigger blob saves correctly.\n document.body.appendChild(a);\n a.click();\n a.remove();\n setTimeout(() => URL.revokeObjectURL(url), 5000);\n}\n\nfunction _confirmExport(node, buf, mime) {\n const fnEl = document.getElementById('ec-filename');\n if (fnEl) fnEl.textContent = node.name;\n Overlay.show('modal-export-confirm');\n document.getElementById('ec-ok').onclick = () => {\n Overlay.hide();\n downloadBuf(buf, node.name, mime);\n toast('Exported: ' + node.name, 'success');\n logActivity('download', node.name, 1, VFS.fullPath(node.id));\n };\n}\n\n/* ============================================================\n DELETE SELECTED\n ============================================================ */\nasync function deleteSelected() {\n if (!App.selection.size) return;\n const selRef = App.selection; // capture the active selection Set at call time\n const ids = [...selRef];\n\n // Prevent deleting folders currently open in Explorer windows\n const blocked = _openFolderGuard(ids);\n if (blocked) {\n toast(`\"${VFS.node(blocked)?.name}\" is open in Explorer β€” close the window first`, 'error');\n return;\n }\n\n const names = ids.map(id => VFS.node(id)?.name || '').filter(Boolean);\n const msg = ids.length === 1\n ? `Delete \"${names[0]}\"? This action cannot be undone.`\n : `Delete ${ids.length} items? This action cannot be undone.`;\n\n document.getElementById('delete-msg').textContent = msg;\n Overlay.show('modal-delete');\n document.getElementById('delete-ok').onclick = async () => {\n Overlay.hide();\n showLoading('Deleting...');\n const allFileIds = [];\n for (const id of ids) {\n const n = VFS.node(id); if (!n) continue;\n if (n.type === 'file') {\n allFileIds.push(id);\n } else {\n const _walkSeen = new Set();\n const walk = fid => {\n if (_walkSeen.has(fid)) return;\n _walkSeen.add(fid);\n VFS.children(fid).forEach(c => { if (c.type === 'file') allFileIds.push(c.id); else walk(c.id); });\n };\n walk(id);\n }\n }\n if (allFileIds.length) await DB.deleteFiles(allFileIds).catch(() => { });\n allFileIds.forEach(fid => { delete App.thumbCache[fid]; });\n const _delSinglePath = ids.length === 1 ? VFS.fullPath(ids[0]) : null;\n for (const id of ids) VFS.remove(id);\n selRef.clear();\n await saveVFS();\n Desktop._patchIcons();\n if (typeof WinManager !== 'undefined') WinManager.renderAll();\n hideLoading();\n toast('Deleted', 'info');\n logActivity('delete', ids.length === 1 ? names[0] : `${ids.length} items`, ids.length, _delSinglePath);\n _scheduleExportCacheRefresh();\n };\n}\n\n/* ============================================================\n NEW TEXT FILE β€” BUG FIX: just creates the file, does NOT open editor\n ============================================================ */\nfunction newTextFile() {\n const targetFolder = App.folder;\n let name = 'Document.txt';\n if (VFS.hasChildNamed(targetFolder, name)) {\n let i = 2;\n while (VFS.hasChildNamed(targetFolder, `Document (${i}).txt`)) i++;\n name = `Document (${i}).txt`;\n }\n document.getElementById('nf-name').value = name;\n Overlay.show('modal-new-text');\n setTimeout(() => {\n const inp = document.getElementById('nf-name');\n inp.focus();\n const dot = name.lastIndexOf('.');\n if (dot > 0) inp.setSelectionRange(0, dot); else inp.select();\n }, 100);\n}\n\nasync function createTextFile() {\n const name = sanitizeFilename(document.getElementById('nf-name').value.trim());\n if (!name || name === 'unnamed') { toast('Enter a valid file name', 'error'); return; }\n // Capture context BEFORE Overlay.hide() clears it\n const targetFolder = App.folder,\n winCtx = App._winCtx;\n // Duplicate name check\n if (VFS.hasChildNamed(targetFolder, name)) {\n toast(`β€œ${name}” already exists in this folder`, 'error'); return;\n }\n Overlay.hide();\n\n const nodeId = uid();\n const mime = getMime(name);\n const emptyBuf = new ArrayBuffer(0);\n const { iv, blob } = await Crypto.encryptBin(App.key, emptyBuf);\n VFS.add({\n id: nodeId, type: 'file', name, mime, size: 0,\n parentId: targetFolder, ctime: Date.now(), mtime: Date.now()\n });\n // Position at context menu cursor if available\n if (App._ctxScreenPos) {\n const area2 = winCtx ? winCtx.el.querySelector('.fw-area') : document.getElementById('desktop-area');\n const rect2 = area2.getBoundingClientRect();\n const rawX = App._ctxScreenPos.x - rect2.left + area2.scrollLeft;\n const rawY = App._ctxScreenPos.y - rect2.top + area2.scrollTop;\n const occ = new Map();\n VFS.children(targetFolder).forEach(n => {\n if (n.id === nodeId) return;\n const p = VFS.getPos(targetFolder, n.id);\n if (p) occ.set(`${Math.round((p.x - 8) / GRID_X)}_${Math.round((p.y - 8) / GRID_Y)}`, n.id);\n });\n const snapped = _snapFreeCell(rawX, rawY, occ);\n VFS.setPos(targetFolder, nodeId, snapped.x, snapped.y);\n App._ctxScreenPos = null;\n }\n await DB.saveFile({ id: nodeId, cid: App.container.id, iv: Array.from(iv), blob });\n await saveVFS();\n if (winCtx) winCtx.render(); else Desktop._patchIcons();\n toast(`File β€œ${name}” created`, 'success');\n logActivity('create-file', name, 1, VFS.fullPath(nodeId));\n}\n\n/* ============================================================\n NEW FOLDER\n ============================================================ */\nfunction newFolder() {\n const targetFolder = App.folder;\n let name = 'New Folder';\n if (VFS.hasChildNamed(targetFolder, name)) {\n let i = 2;\n while (VFS.hasChildNamed(targetFolder, `New Folder (${i})`)) i++;\n name = `New Folder (${i})`;\n }\n document.getElementById('nd-name').value = name;\n Overlay.show('modal-new-folder');\n setTimeout(() => {\n const inp = document.getElementById('nd-name');\n inp.focus(); inp.select();\n }, 100);\n}\n\nasync function createFolder() {\n const name = sanitizeFilename(document.getElementById('nd-name').value.trim());\n if (!name || name === 'unnamed') { toast('Enter a valid folder name', 'error'); return; }\n // Capture context BEFORE Overlay.hide() clears it\n const targetFolder = App.folder,\n winCtx = App._winCtx;\n // Duplicate name check\n if (VFS.hasChildNamed(targetFolder, name)) {\n toast(`β€œ${name}” already exists in this folder`, 'error'); return;\n }\n Overlay.hide();\n const nodeId = uid();\n VFS.add({ id: nodeId, type: 'folder', name, parentId: targetFolder, ctime: Date.now(), mtime: Date.now() });\n // Position at context menu cursor if available\n if (App._ctxScreenPos) {\n const area2 = winCtx ? winCtx.el.querySelector('.fw-area') : document.getElementById('desktop-area');\n const rect2 = area2.getBoundingClientRect();\n const rawX = App._ctxScreenPos.x - rect2.left + area2.scrollLeft;\n const rawY = App._ctxScreenPos.y - rect2.top + area2.scrollTop;\n const occ = new Map();\n VFS.children(targetFolder).forEach(n => {\n if (n.id === nodeId) return;\n const p = VFS.getPos(targetFolder, n.id);\n if (p) occ.set(`${Math.round((p.x - 8) / GRID_X)}_${Math.round((p.y - 8) / GRID_Y)}`, n.id);\n });\n const snapped = _snapFreeCell(rawX, rawY, occ);\n VFS.setPos(targetFolder, nodeId, snapped.x, snapped.y);\n App._ctxScreenPos = null;\n }\n await saveVFS();\n if (winCtx) winCtx.render(); else Desktop._patchIcons();\n toast(`Folder \"${name}\" created`, 'success');\n logActivity('create-folder', name, 1, VFS.fullPath(nodeId));\n}\n\n/* ============================================================\n RENAME\n ============================================================ */\nfunction renameNode(node) {\n if (!node) return;\n\n // Prevent renaming folders currently open in Explorer windows\n if (node.type === 'folder') {\n const blocked = _openFolderGuard([node.id]);\n if (blocked) {\n toast(`β€œ${node.name}” is open in Explorer β€” close the window first`, 'error');\n return;\n }\n }\n\n document.getElementById('rename-input').value = node.name;\n const capturedWinCtx = App._winCtx;\n Overlay.show('modal-rename');\n setTimeout(() => {\n const i = document.getElementById('rename-input');\n i.focus();\n const dot = i.value.lastIndexOf('.');\n if (dot > 0) i.setSelectionRange(0, dot); else i.select();\n }, 100);\n document.getElementById('rename-ok').onclick = async () => {\n const newName = sanitizeFilename(document.getElementById('rename-input').value.trim());\n if (!newName || newName === 'unnamed') { toast('Enter a valid name', 'error'); return; }\n // Duplicate check (ignore if same name, case-insensitive)\n const pid = VFS.node(node.id)?.parentId;\n if (pid && newName.toLowerCase() !== node.name.toLowerCase() && VFS.hasChildNamed(pid, newName)) {\n toast(`β€œ${newName}” already exists in this folder`, 'error'); return;\n }\n Overlay.hide();\n const _oldName = node.name;\n VFS.rename(node.id, newName);\n await saveVFS();\n\n // Patch only the affected icon(s) in-place β€” no full desktop re-render needed.\n // node.mime was already updated by VFS.rename; recompute for the thumb.\n const _patchIconEl = (el) => {\n if (!el) return;\n const nameEl = el.querySelector('.file-name');\n if (nameEl) nameEl.textContent = newName;\n if (node.type === 'file') {\n const newMime = node.mime || getMime(newName);\n const thumb = el.querySelector('.file-thumb');\n if (thumb) {\n // If extension changed to a non-image type, drop the thumbnail cache\n if (!isImage(newMime) && App.thumbCache[node.id]) {\n delete App.thumbCache[node.id];\n }\n if (App.thumbCache[node.id]) {\n const img = document.createElement('img');\n img.src = App.thumbCache[node.id];\n img.draggable = false;\n thumb.innerHTML = '';\n thumb.appendChild(img);\n } else {\n thumb.innerHTML = getFileIconSVG(newMime, newName);\n if (isImage(newMime)) _enqueueThumb(node);\n }\n }\n }\n };\n document.querySelectorAll(`.file-item[data-id=\"${node.id}\"]`).forEach(_patchIconEl);\n\n logActivity('rename', `${_oldName} β†’ ${newName}`, 1, VFS.fullPath(node.id));\n };\n}\n\n/* ============================================================\n COPY / CUT / PASTE\n ============================================================ */\nfunction copyItems() {\n App.clipboard = { op: 'copy', ids: [...App.selection] };\n toast(`${App.clipboard.ids.length} item(s) copied`, 'info');\n logActivity('copy', App.clipboard.ids.length === 1 ? (VFS.node(App.clipboard.ids[0])?.name ?? '1 item') : `${App.clipboard.ids.length} items`, App.clipboard.ids.length, App.clipboard.ids.length === 1 ? VFS.fullPath(App.clipboard.ids[0]) : null);\n}\nfunction cutItems() {\n // Prevent cutting folders currently open in Explorer windows\n const blocked = _openFolderGuard(App.selection);\n if (blocked) {\n toast(`β€œ${VFS.node(blocked)?.name}” is open in Explorer β€” close the window first`, 'error');\n return;\n }\n\n App.clipboard = { op: 'cut', ids: [...App.selection] };\n toast(`${App.clipboard.ids.length} item(s) cut`, 'info');\n logActivity('cut', App.clipboard.ids.length === 1 ? (VFS.node(App.clipboard.ids[0])?.name ?? '1 item') : `${App.clipboard.ids.length} items`, App.clipboard.ids.length, App.clipboard.ids.length === 1 ? VFS.fullPath(App.clipboard.ids[0]) : null);\n _applyCutStyles();\n}\n\nfunction _dedupName(folderId, name) {\n const dot = name.lastIndexOf('.');\n const hasExt = dot > 0;\n const base = hasExt ? name.slice(0, dot) : name;\n const ext = hasExt ? name.slice(dot) : '';\n let i = 2;\n while (VFS.hasChildNamed(folderId, `${base} (${i})${ext}`)) i++;\n return `${base} (${i})${ext}`;\n}\n\nasync function pasteItems() {\n if (!App.clipboard) return;\n const { op, ids } = App.clipboard;\n\n // Prevent pasting a cut folder if it's currently open in Explorer windows\n if (op === 'cut') {\n const blocked = _openFolderGuard(ids);\n if (blocked) {\n toast(`β€œ${VFS.node(blocked)?.name}” is open in Explorer β€” close the window first`, 'error');\n // Abort the entire paste operation to prevent partial moves\n return;\n }\n }\n\n const _srcParent = VFS.node(ids[0])?.parentId,\n _srcFolderPath = _srcParent ? VFS.fullPath(_srcParent) : null;\n let _pastedSn = null;\n const _pastedIds = [];\n for (const id of ids) {\n const n = VFS.node(id); if (!n) continue;\n if (op === 'cut') {\n if (n.parentId === App.folder) continue;\n const result = VFS.move(id, App.folder);\n if (result === 'duplicate') { toast(`\"${n.name}\" already exists in this folder`, 'error'); continue; }\n if (result === 'cycle') { toast(`Cannot paste \"${n.name}\" into itself or a subfolder`, 'error'); continue; }\n _pastedSn = n.name;\n _pastedIds.push(id);\n } else {\n let name = n.name;\n if (VFS.hasChildNamed(App.folder, name)) name = _dedupName(App.folder, name);\n const newId = await deepCopy(id, App.folder, name !== n.name ? name : undefined);\n _pastedSn = name;\n if (newId) _pastedIds.push(newId);\n }\n }\n // Position pasted items at the context-menu cursor (set by right-click / long-press Paste)\n if (App._ctxScreenPos && _pastedIds.length > 0) {\n const winCtx = App._winCtx;\n const area2 = winCtx ? winCtx.el.querySelector('.fw-area') : document.getElementById('desktop-area');\n const rect2 = area2.getBoundingClientRect();\n const rawX = App._ctxScreenPos.x - rect2.left + area2.scrollLeft;\n const rawY = App._ctxScreenPos.y - rect2.top + area2.scrollTop;\n const occ = new Map();\n VFS.children(App.folder).forEach(n => {\n if (_pastedIds.includes(n.id)) return;\n const p = VFS.getPos(App.folder, n.id);\n if (p) occ.set(`${Math.round((p.x - 8) / GRID_X)}_${Math.round((p.y - 8) / GRID_Y)}`, n.id);\n });\n _pastedIds.forEach(id => {\n const snapped = _snapFreeCell(rawX, rawY, occ);\n VFS.setPos(App.folder, id, snapped.x, snapped.y);\n occ.set(`${Math.round((snapped.x - 8) / GRID_X)}_${Math.round((snapped.y - 8) / GRID_Y)}`, id);\n });\n App._ctxScreenPos = null;\n }\n if (op === 'cut') App.clipboard = null;\n _applyCutStyles();\n await saveVFS();\n // Refresh all open views so both source and target folders update\n Desktop._patchIcons();\n if (typeof WinManager !== 'undefined') WinManager.renderAll();\n logActivity('paste', ids.length === 1 ? (_pastedSn ?? VFS.node(ids[0])?.name ?? '1 item') : `${ids.length} items`, ids.length, _srcFolderPath, VFS.fullPath(App.folder));\n // Copy paste creates new file blobs β€” refresh the export cache\n if (op === 'copy') _scheduleExportCacheRefresh();\n}\n\nasync function deepCopy(nodeId, newParent, newName, _depth = 0) {\n if (_depth > 64 || nodeId === 'root') return null;\n const n = VFS.node(nodeId); if (!n) return null;\n const newId = uid();\n const name = newName || n.name;\n if (n.type === 'file') {\n VFS.add({ ...n, id: newId, name, parentId: newParent, ctime: Date.now(), mtime: Date.now() });\n const rec = await DB.getFile(nodeId);\n if (rec) await DB.saveFile({ ...rec, id: newId, cid: App.container.id });\n } else {\n VFS.add({ ...n, id: newId, name, parentId: newParent, ctime: Date.now(), mtime: Date.now() });\n for (const child of VFS.children(nodeId)) await deepCopy(child.id, newId, undefined, _depth + 1);\n }\n return newId;\n}\n\n/* ============================================================\n SELECT ALL / SORT\n ============================================================ */\nfunction selectAll() {\n VFS.children(App.folder).forEach(n => {\n App.selection.add(n.id);\n // Look in both main desktop and any folder windows\n const el = document.querySelector(`.file-item[data-id=\"${n.id}\"]`);\n if (el) el.classList.add('selected');\n });\n if (App._winCtx) App._winCtx._updateStatus();\n else if (typeof Desktop !== 'undefined') Desktop._updateSelectionBar();\n}\n\nfunction sortIcons(by = 'name', dir = 'asc', winCtx = null) {\n const fid = winCtx ? winCtx.folderId : Desktop._desktopFolder;\n const area = winCtx ? winCtx.el.querySelector('.fw-area') : document.getElementById('desktop-area');\n const items = VFS.children(fid);\n items.sort((a, b) => {\n // Folders always come first\n if (a.type !== b.type) return a.type === 'folder' ? -1 : 1;\n let va, vb;\n switch (by) {\n case 'mtime': va = a.mtime || 0; vb = b.mtime || 0; break;\n case 'ctime': va = a.ctime || 0; vb = b.ctime || 0; break;\n case 'size': va = a.size || 0; vb = b.size || 0; break;\n case 'type': va = getExt(a.name) || ''; vb = getExt(b.name) || ''; break;\n default: va = a.name.toLowerCase(); vb = b.name.toLowerCase();\n }\n const cmp = va < vb ? -1 : va > vb ? 1 : 0;\n return dir === 'desc' ? -cmp : cmp;\n });\n // Compute sequential grid positions directly (don't use autoPos which sees old positions as occupied)\n const W = (area && area.clientWidth) || 800,\n cols = Math.max(1, Math.floor((W - 16) / GRID_X));\n items.forEach((n, i) => {\n const col = i % cols, row = Math.floor(i / cols);\n const x = 8 + col * GRID_X, y = 8 + row * GRID_Y;\n VFS.setPos(fid, n.id, x, y);\n const el = area._iconMap?.get(n.id) ?? area.querySelector(`.file-item[data-id=\"${n.id}\"]`);\n if (el) {\n el.style.transition = 'left 0.12s ease, top 0.12s ease';\n el.style.left = x + 'px'; el.style.top = y + 'px';\n setTimeout(() => { if (el.parentNode) el.style.transition = ''; }, 150);\n }\n });\n saveVFS();\n logActivity('sort', `by ${by} (${dir})`);\n}\n\n/* ============================================================\n CAN EDIT AS PLAIN TEXT (whitelist of text-ish types)\n ============================================================ */\nfunction canEditAsText(node) {\n if (node.type === 'folder') return false;\n const mime = node.mime || getMime(node.name);\n if (mime.startsWith('text/')) return true;\n if (['application/json', 'application/xml', 'application/javascript',\n 'application/x-yaml', 'application/sql'].includes(mime)) return true;\n const ext = getExt(node.name).toLowerCase();\n return ['txt', 'md', 'log', 'logs', 'conf', 'config', 'cfg', 'ini', 'env',\n 'sh', 'bash', 'zsh', 'fish', 'bat', 'cmd', 'ps1',\n 'js', 'ts', 'jsx', 'tsx', 'mjs', 'cjs',\n 'py', 'pyw', 'rb', 'php', 'phps',\n 'java', 'c', 'cpp', 'cc', 'cxx', 'h', 'hpp',\n 'cs', 'fs', 'fsx', 'vb',\n 'go', 'rs', 'swift', 'kt', 'kts', 'groovy', 'scala',\n 'lua', 'pl', 'r', 'sql', 'graphql', 'gql',\n 'json', 'xml', 'yaml', 'yml', 'toml', 'csv', 'tsv',\n 'html', 'htm', 'css', 'scss', 'sass', 'less',\n 'vue', 'svelte', 'astro',\n 'dockerfile', 'makefile', 'cmake',\n 'gitignore', 'gitattributes', 'editorconfig',\n 'prettierrc', 'eslintrc', 'babelrc', 'map',\n 'csproj'].includes(ext);\n}\n\n/* ============================================================\n OPEN FILE AS PLAIN TEXT (force text editor, any file type)\n ============================================================ */\nasync function openFileAsText(node) {\n if (!App.key || !App.container) return;\n showLoading('Decrypting file...');\n const TIMEOUT_MS = 5000;\n try {\n const rec = await DB.getFile(node.id);\n if (!rec) { toast('File data not found', 'error'); hideLoading(); return; }\n let buf;\n if (!rec.blob || (rec.blob instanceof ArrayBuffer && rec.blob.byteLength === 0)) {\n buf = new ArrayBuffer(0);\n } else {\n const decryptPromise = Crypto.decryptBin(App.key, rec.iv, rec.blob);\n const timeoutPromise = new Promise((_, reject) =>\n setTimeout(() => reject(new Error('timeout')), TIMEOUT_MS)\n );\n buf = await Promise.race([decryptPromise, timeoutPromise]);\n }\n hideLoading();\n openEditor(node, buf);\n } catch (e) {\n hideLoading();\n if (e.message === 'timeout') {\n toast('Operation timed out after 5 seconds', 'warn');\n } else {\n toast('Decryption failed: ' + e.message, 'error');\n }\n }\n}\n\n/* ============================================================\n FOLDER SIZE (recursive sum of all file descendants)\n ============================================================ */\nfunction _folderSize(folderId, _visited = new Set()) {\n if (_visited.has(folderId)) return 0;\n _visited.add(folderId);\n let size = 0;\n VFS.children(folderId).forEach(n => {\n size += n.type === 'file' ? (n.size || 0) : _folderSize(n.id, _visited);\n });\n return size;\n}\n\n/* ============================================================\n PROPERTIES\n ============================================================ */\nfunction showProps(node) {\n const body = document.getElementById('props-body');\n const icon = node.type === 'folder' ? getFolderSVG(node.color) : getFileIconSVG(node.mime || getMime(node.name), node.name);\n const folderSz = node.type === 'folder' ? _folderSize(node.id) : null;\n body.innerHTML = `\n
${icon}
\n \n \n \n \n ${node.size != null ? `` : ''}\n ${folderSz !== null ? `` : ''}\n \n \n ${node.type === 'folder' ? `` : ''}\n \n
Name${escHtml(node.name)}
Path${escHtml(VFS.fullPath(node.id))}
Type${escHtml(node.type === 'folder' ? 'Folder' : (node.mime || getMime(node.name)))}
Size${fmtSize(node.size)}
Size${fmtSize(folderSz)}
Created${fmtDate(node.ctime)}
Modified${fmtDate(node.mtime)}
Items${VFS.children(node.id).length}
EncryptedAES-256-GCM βœ“
\n `;\n Overlay.show('modal-props');\n}\n\n/* ============================================================\n LINE NUMBER HELPERS\n ============================================================ */\nlet _lineNumCanvas = null;\nlet _lineNumTimer = null;\n\nfunction _measureWrappedLineHeights(ta, lines) {\n const cs = window.getComputedStyle(ta);\n const lh = parseFloat(cs.lineHeight);\n const taW = ta.clientWidth - parseFloat(cs.paddingLeft) - parseFloat(cs.paddingRight);\n if (taW <= 0) return lines.map(() => lh);\n if (!_lineNumCanvas) _lineNumCanvas = document.createElement('canvas');\n const ctx = _lineNumCanvas.getContext('2d');\n const tabSize = parseInt(cs.tabSize) || 2;\n const tabStr = '\\u00a0'.repeat(tabSize);\n ctx.font = `${cs.fontWeight} ${cs.fontSize} ${cs.fontFamily}`;\n return lines.map(line => {\n if (!line) return lh;\n const expanded = line.replace(/\\t/g, tabStr);\n const w = ctx.measureText(expanded).width;\n return Math.max(1, Math.ceil(w / taW)) * lh;\n });\n}\n\nfunction _updateLineNumbers() {\n const ta = document.getElementById('editor-textarea');\n const gutter = document.getElementById('editor-line-numbers');\n if (!gutter || !ta) return;\n const lines = ta.value.split('\\n');\n const isWrapped = ta.classList.contains('word-wrap');\n const lh = parseFloat(window.getComputedStyle(ta).lineHeight) || 20.8;\n const heights = isWrapped ? _measureWrappedLineHeights(ta, lines) : null;\n const frag = document.createDocumentFragment();\n for (let i = 0; i < lines.length; i++) {\n const d = document.createElement('div');\n d.textContent = i + 1;\n d.style.height = (heights ? heights[i] : lh) + 'px';\n frag.appendChild(d);\n }\n gutter.innerHTML = '';\n gutter.appendChild(frag);\n gutter.scrollTop = ta.scrollTop;\n}\n\nfunction _scheduleLineNumberUpdate() {\n clearTimeout(_lineNumTimer);\n _lineNumTimer = setTimeout(_updateLineNumbers, 80);\n}\n\n/* ============================================================\n TEXT EDITOR\n ============================================================ */\nlet _editorNode = null;\nlet _editorOriginal = '';\n\nfunction openEditor(node, buf) {\n _editorNode = node;\n const raw = new TextDecoder().decode(buf);\n // Normalize line endings to \\n to match what