Skip to content

Releases: georgekobaidze/noterunway

NoteRunway v1.0.0 — Initial Release

18 Apr 15:34
@georgekobaidze georgekobaidze
v1.0.0
6f04876
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
NoteRunway v1.0.0 — Initial Release Latest
Latest

Overview

AI-Powered Notion Workspace Management. Clean, organize, and command your Notion workspace with AI. Powered by the Notion MCP.

Features

7 Workspace Management Tools

Workspace Health Dashboard

Real-time metrics: total pages, top-level pages, recently edited, empty pages, and link density.

Duplicate Detection: AI-powered semantic duplicate detection with similarity scores, grouped results, and recommended "keep" picks

Garbage Collector: rule-based detection of orphaned, empty, and stale pages with configurable thresholds and dry-run
mode

Dead Link Detector: finds broken @mentions pointing to deleted or archived pages

**Sensitive Data Finder: ** two-phase scanner: 13 regex patterns (API keys, PEM, JWT, credit cards, etc.) + optional AI deep scan for natural-language secrets

Dependency Graph: interactive force-directed visualization of workspace structure using React Flow (parent-child +
@mention edges, orphan highlighting)

Semantic Ask: agentic chat interface: natural language queries, multi-step tool calling (up to 10 steps), and structured action proposals with human-in-the-loop approval

AI & Providers

4 AI providers, 13 models: OpenAI (GPT-5.4, GPT-5 Mini, GPT-4.1, GPT-4.1 Mini), Anthropic (Claude Opus 4.6, Sonnet 4.6, Haiku 4.5), xAI (Grok 4, Grok 4.1 Fast, Grok 3, Grok 3 Mini), Google (Gemini 2.5 Pro, Gemini 2.5 Flash)

BYOK (Bring Your Own Key): keys stored in browser localStorage only, sent per-request via x-ai-key header, never persisted server-side

Notion MCP Integration

  • Hybrid architecture: NotionClient (direct SDK) for bulk reads, MCPClient (MCP stdio) for all writes
  • Destructive tool safety gate: patch, post-page, delete-a-block, move-page all require explicit user approval
  • Lazy MCP connections: subprocess spawned only when first tool call is needed

Archive System

  • Every destructive action creates an audit trail under NoteRunway Archive/
  • Audit stubs preserve original content with callout headers, reasons, and timestamps
  • Recursive child archiving with full hierarchy preservation
  • Soft-archive to Notion Trash (recoverable for 30 days)

Security

  • OAuth2.0 with CSRF state validation; token in httpOnly + Secure cookie (30-day expiry)
  • HTTP security headers: X-Content-Type-Options, X-Frame-Options, Referrer-Policy, Permissions-Policy
  • Zod validation on all POST endpoints
  • Sensitive data redaction: findings never expose full values in UI or API responses

UI / UX

  • Futuristic-themed dark mode interface
  • Animated landing page with particle canvas and interactive terminal demo
  • Responsive navbar with hamburger menu (<820px) and compact logo (<452px)
  • Real-time streaming via SSE for AI responses and tool steps
  • CyberLoader animated spinner for scan operations

Tech Stack

Layer Technology
Framework Next.js 16 (App Router)
Language TypeScript 5
Styling Tailwind CSS 4 + shadcn/ui
AI SDK Vercel AI SDK 6
MCP @notionhq/notion-mcp-server 2.2
Graph React Flow 11
Validation Zod 4
Icons Lucide React

Deployment

  • Deployed on Railway (required for MCP stdio transport, incompatible with serverless)
  • 5 environment variables: NOTION_OAUTH_CLIENT_ID, NOTION_OAUTH_CLIENT_SECRET, NOTION_OAUTH_REDIRECT_URI, APP_URL, NODE_ENV
  • Node.js >= 20.9.0

Acknowledgements

Initially built for the DEV × Notion MCP Challenge 2025 (https://dev.to/challenges/notion-2026-03-04).

Assets 2
Loading