1.4.0

Full Changelog: 1.3.1...1.4.0

1.3.1

This release carries the marketplace review fixes on top of the 1.3.0 startup work. It keeps the fast local-first startup path, the attachment startup gate, and the stale queued-download cleanup, and additionally clears the remaining required ObsidianReviewBot findings.

Fixes

• Cleared the remaining required review-bot findings in the worker and plugin code
• Removed unnecessary async signatures from synchronous code paths
• Simplified blob reconcile typing and its call sites
• Tightened the worker CORS response typing around websocket upgrade responses

1.3.0

This release fixes the slow startup path that could trigger Obsidian’s “plugin is taking too long to load” warning on cold or flaky
networks. Core sync startup now begins immediately, while server capabilities are refreshed in the background and cached for later
boots.

Attachment startup is also more conservative and reliable. YAOS now waits until both Obsidian’s layout and YAOS startup are ready
before draining startup-time attachment downloads, which avoids false attachment downloads and create races during early boot.

Fixes

• Removed blocking server capability fetches from the plugin load path
• Cached last-known server capabilities locally and reused them on startup
• Deferred the initial debug server-trace fetch so it no longer competes with boot
• Added startup timing traces for capability refresh and sync initialization
• Gated startup attachment downloads until the vault model is warm enough to trust
• Added a narrow filesystem race fallback for attachment create collisions
• Pruned stale queued attachment downloads at gate-open when local cached hashes already match

Notes

• This release keeps the intentional sync-core hard-delete behavior used for replicated deletes and conflict cleanup
• Existing startup and worker validation passed before release:
  • npm run build
  • npm run lint with 0 errors, 3 warnings
  • npm run test:regressions
  • npm run test:integration:worker

Full Changelog

Full Changelog: 1.2.1...1.3.0

1.2.1

Beta release focused on marketplace review fixes.

Breaking change for beta users: command IDs were normalized to remove the plugin prefix. Rebind any custom hotkeys once after updating.

Also includes the Obsidian review cleanup, UI/settings compliance fixes, configDir-aware exclusions, and plugin-side requestUrl hardening.

1.2.0

Full Changelog: 1.1.6...1.2.0

1.1.6

Full Changelog: 1.1.5...1.1.6

1.1.5

Full Changelog: 1.1.0...1.1.5

1.1.0

Full Changelog: 1.0.0...1.1.0

1.0.0 🎉

This release marks the transition of YAOS from a PartyKit prototype to a hardened, native Cloudflare Worker system with an MVCC-inspired storage engine. It represents a complete rewrite of the underlying server infrastructure, the data persistence layer, and the user onboarding experience.

It is now faster, vastly more scalable, and requires absolutely zero terminal interaction to deploy and configure.

• Zero-Terminal Deployment & Claim Flow: Self-hosting usually dies at the onboarding step. We have completely eliminated the need for CLI tools, OpenSSL secret generation, and .env files.
  • 1-Click Deploy: The server can now be deployed directly from the browser using Cloudflare's "Deploy to Cloudflare" button.
  • Browser Claim Flow: The Worker boots in an "Unclaimed" state. Visiting the URL provides a secure, single-use setup page that generates a hashed token on the edge.
  • Deep-link Pairing: The setup page generates an obsidian://yaos URI that instantly configures the plugin and boots the sync engine. No copy-pasting required.
• Checkpoint & Journal Persistence: We have replaced the persistence layer with a true database engine model.
  • MVCC Architecture: The Durable Object now utilizes a chunked Checkpoint + Delta Journal storage engine.
  • The Math: Instead of writing a 5MB payload to disk every time you type a character, YAOS now appends a tiny, coalesced delta segment to a sequential journal.
  • Hibernation Safety: The baseline state vector is now cryptographically anchored (via SHA-256) into the checkpoint manifest, ensuring that the Durable Object reconstructs exact, mathematically sound state upon waking from hibernation.
  • Fail-Closed Integrity: Any gap, missing chunk, or hash mismatch during journal replay immediately halts the load, preventing partial state corruption.
• Native Cloudflare Workers: We have ripped out the PartyKit framework wrapper and ported the entire transport layer to native Cloudflare Workers using y-partyserver.
  • The "Deploy to Cloudflare" button now flawlessly targets the server subdirectory, meaning you can spin up the backend directly from the GitHub repository in 15 seconds.
  • Native R2 Proxy: Deleted the complex two-phase S3 presigned-URL flow. The client now authenticates via Bearer token and PUTs bytes directly to the Worker, which natively proxies them to the bucket.
  • Graceful Degradation: Because Cloudflare requires a credit card to provision R2, the default 1-click deployment is now text-only. The server performs capability negotiation (GET /api/capabilities) and the plugin gracefully disables attachment UI if R2 is unbound.
• Architectural & Performance Hardening
  • Hot-Start Attachments: The plugin now dynamically hot-starts the attachment engine if it detects capability changes, without requiring a full reload.
  • DOM-Containment Editor Binding: Replaced private CodeMirror access with safer DOM-containment resolution for editor stability.
  • Rename Chains: Hardened rename-batch chain resolution and pending-target tracking to survive complex directory restructures.
  • Fail-Closed Integrity: Journal replays now strictly enforce sequential ordering and SHA-256 hash validation. If a chunk is missing or tampered with, the system fails closed to protect the CRDT graph.
  • State Vector Anchoring: The CRDT state vector is now safely persisted alongside checkpoints, allowing the Durable Object to hibernate and wake up without losing its delta-sync baseline.
  • Optimized Chunking: Subarray-based chunking now batches payload writes for significantly lower CPU overhead during persistence.
• Architecture Documentation: Added a comprehensive engineering/ documentation hub detailing the mathematical and operational tradeoffs of the system, including the monolithic vs. sharded CRDT debate, the filesystem bridge invariants, and the queue pool behavior.

0.1.5

This release is the first major hardening pass since 0.1.2, covering 24 commits focused on sync correctness, editor stability, server hardening, and regression coverage.

Reliability and correctness

• Replaced the old quadratic diff implementation with fast-diff, removing a major large-file performance and memory risk.
• Hardened disk self-write suppression so local file events are acknowledged by observed content, not just timing windows.
• Serialized plugin persistence writes to prevent saved-state races between settings, disk index, and blob queue updates.
• Switched markdown filesystem ingest to a coalescing dirty-set drain loop, so bursty local file events are processed with natural backpressure instead of per-event churn.

Collaboration and editor stability

• Hardened editor binding lifecycle and recovery to better handle stale or broken live bindings.
• Improved degraded-mode handling if Obsidian changes its internal editor API, with clearer user-visible warnings instead of silent failure.
• Reduced cursor and awareness glitches, including hiding inline remote device-name labels that could look like inserted text.

Server and security hardening

• Moved HTTP sync requests to Authorization: Bearer authentication.
• Added a server-side 10 MB blob upload limit to match the default attachment policy.
• Bounded Cloudflare-side R2 and snapshot fan-out concurrency for safer operation under Workers limits.
• Hardened snapshot ID generation and replaced regex-based XML parsing with a proper parser.

Tooling and test coverage

• CI now runs the local regression suite and server typecheck instead of build-only verification.
• Added focused regression coverage for:
  • diff behavior
  • disk mirror suppression and locking
  • markdown ingest coalescing
  • closed-file mirroring
  • folder rename handling
• Pinned build inputs for more reproducible builds.