Rianell is a web-based health tracking app (live site rianell.com). This repository builds the same UI for web, PWA, and Capacitor (Android/iOS project zips), with data visualisation, analytics, and optional cloud sync.
Latest changes: CHANGELOG.md (current v1.46.21 - PWA settings scroll, MOTD spring charge, RN parity).
docs/next-phase-development-plan.md currently states there are no new planned features in active development; shipped work is summarized in the changelog and app overview.
React Native (Expo) builds: CI produces minified Expo production bundles for iOS + Android as a merge gate.
Android APK (Capacitor, legacy): The WebView opens the legacy dashboard directly (legacy/index.html) so you get a single document-smoother scrolling and lower overhead than nesting the app inside a React iframe. Capacitor is legacy during the transition to React Native (Expo); CI no longer rebuilds Capacitor artifacts, but existing legacy builds remain available in releases/history.
Repository: github.com/Metaheurist/Rianell
CI builds (React Native CLI + server + web)
| Channel | Build |
|---|---|
 Android APK (React Native CLI) |
216 |
| iOS (Xcode project zip, RN CLI) |
216 |
 Server EXE (x64) |
221 |
| Server EXE (x86) |
221 |
| Web / PWA (GitHub Pages deploy) |
221 |
Legacy builds (Capacitor — no longer produced by CI; metadata only)
| Channel | Build |
|---|---|
| Android APK (Capacitor) |
96 |
| iOS (Xcode project zip, Capacitor) |
96 |
Latest: App build/RNCLI-Android/app-debug-beta.apk · App build/iOS/Health-Tracker-ios-alpha-build-216.zip · App build/Server/rianell-server-x64.exe · App build/Server/rianell-server-x64.exe · App build/Server/rianell-server-x86.exe · legacy Capacitor Android App build/Android/app-debug-beta-96.apk · legacy Capacitor iOS App build/Legacy/Capacitor-iOS/Health-Tracker-ios-alpha-build-96.zip · Workflow #221 · a728c40
Long-form sections live under docs/ so the main README stays short. Open them from the repo’s file tree or use the links below.
| 🔒 | Security - full threat model and controls |
| 🌐 | Infrastructure & edge security - DNS, Cloudflare, GitHub Pages (no secrets; safe for contributors) |
| 🏠 | App overview & features - UI, behaviour, screenshots |
| ⚙️ | Installation & usage - server, GitHub Pages, React/Android |
| 🧪 | Testing & configuration |
| ⏱️ | Performance benchmarks - reports and tooling under benchmarks/; run npm run benchmark |
| 🧠 | AI architecture |
| 🗂️ | Project reference - tree, deps, dev, GDPR, troubleshooting, security notes |
| 🎨 | Styling - CSS layout, tokens, settings carousel, tile pickers, cache bust |
| 📱 | Platform parity - web/android/iOS feature contract and CI parity gates |
| 👤 | About & support |
| 📜 | Changelog - version history and release notes |
| 🚀 | Next phase development plan - upcoming build: RN parity, theming, accessibility, AI acceleration |
Support contact: jan.andersson@rianell.com
Master rasters live under apps/pwa-webapp/Icons/ (Icon-*.png, logo-source.png) without a beta badge.
A separate beta set is generated into apps/pwa-webapp/Icons/beta/ with the same filenames and a theme-green BETA badge placed in the top-right corner (matching the floating + beta chip style). The web app currently points index.html, manifest.json, and notifications.js at this beta set. Regenerate after editing masters:
npm run icons:generate -- --source "C:/path/to/new-icon-source.png"
npm run icons:betascripts/prepare-android-assets.mjs prefers apps/pwa-webapp/Icons/beta/logo-source.png (then non-beta masters) when building apps/capacitor-app/assets/logo.png for Capacitor Android icons.
The authoritative guide is docs/SECURITY.md (web app, Android, Python server, encryption, Supabase RLS, CSP). For local secrets, see security/ and security/.env.example.
Use Supabase's current naming in security/.env:
SUPABASE_PUBLISHABLE_KEY(client-safe key used by web app/cloud sync)SUPABASE_SECRET_KEY(server-only secret; use theservice_rolekey)
Legacy names still work as fallbacks:
SUPABASE_ANON_KEY→ publishableSUPABASE_SERVICE_KEY→ secret/service role
For the PyQt6 server dashboard Wipe Database flow, rows are deleted in-app; sequence auto-reset needs DB SQL access and may fall back to manual SQL if not available.
Commit/deploy checklist and supplementary pointers (RLS, CI audits, “do not commit secrets”) are in docs/project-reference.md under Security notes.