{"id":32846390,"url":"https://github.com/huzaifa-fullstack/scribo-notes-ai","last_synced_at":"2026-04-08T11:31:33.155Z","repository":{"id":323038735,"uuid":"1060105591","full_name":"huzaifa-fullstack/scribo-notes-ai","owner":"huzaifa-fullstack","description":"Scribo is an AI-powered note-taking app that helps you write smarter with rich-text editing, AI summarization, grammar and tone tools, secure cloud storage, and a sleek, responsive interface.","archived":false,"fork":false,"pushed_at":"2026-01-01T15:29:17.000Z","size":932,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-01-03T12:01:46.796Z","etag":null,"topics":["cloudinary","docker","express","framer-motion","jwt","mailgun","mern","mocha","mongodb","nodejs","oauth","radix-ui","react","sonarqube","tailwind-css","tiptap","typescript","vite","vitest","zustand"],"latest_commit_sha":null,"homepage":"https://scribo-frontend.vercel.app","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/huzaifa-fullstack.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-09-19T11:49:12.000Z","updated_at":"2026-01-01T15:29:21.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/huzaifa-fullstack/scribo-notes-ai","commit_stats":null,"previous_names":["huzaifa-fullstack/huzaifakarim-mern-10pshine"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/huzaifa-fullstack/scribo-notes-ai","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/huzaifa-fullstack%2Fscribo-notes-ai","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/huzaifa-fullstack%2Fscribo-notes-ai/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/huzaifa-fullstack%2Fscribo-notes-ai/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/huzaifa-fullstack%2Fscribo-notes-ai/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/huzaifa-fullstack","download_url":"https://codeload.github.com/huzaifa-fullstack/scribo-notes-ai/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/huzaifa-fullstack%2Fscribo-notes-ai/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31554006,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-08T10:21:54.569Z","status":"ssl_error","status_checked_at":"2026-04-08T10:21:38.171Z","response_time":54,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cloudinary","docker","express","framer-motion","jwt","mailgun","mern","mocha","mongodb","nodejs","oauth","radix-ui","react","sonarqube","tailwind-css","tiptap","typescript","vite","vitest","zustand"],"created_at":"2025-11-08T08:00:27.835Z","updated_at":"2026-04-08T11:31:33.146Z","avatar_url":"https://github.com/huzaifa-fullstack.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# ✍️ Scribo – AI-Powered Smart Notes Application\n\n![Scribo](https://img.shields.io/badge/Scribo-Smart%20Notes-blue?style=for-the-badge)\n![React](https://img.shields.io/badge/React-20232A?style=for-the-badge\u0026logo=react\u0026logoColor=61DAFB)\n![TypeScript](https://img.shields.io/badge/TypeScript-3178C6?style=for-the-badge\u0026logo=typescript\u0026logoColor=white)\n![Node.js](https://img.shields.io/badge/Node.js-339933?style=for-the-badge\u0026logo=nodedotjs\u0026logoColor=white)\n![Express](https://img.shields.io/badge/Express-000000?style=for-the-badge\u0026logo=express\u0026logoColor=white)\n![MongoDB](https://img.shields.io/badge/MongoDB-47A248?style=for-the-badge\u0026logo=mongodb\u0026logoColor=white)\n![Tailwind CSS](https://img.shields.io/badge/Tailwind_CSS-38B2AC?style=for-the-badge\u0026logo=tailwindcss\u0026logoColor=white)\n![Vite](https://img.shields.io/badge/Vite-646CFF?style=for-the-badge\u0026logo=vite\u0026logoColor=white)\n![TipTap](https://img.shields.io/badge/TipTap-000000?style=for-the-badge\u0026logo=tiptap\u0026logoColor=white)\n![Zustand](https://img.shields.io/badge/Zustand-2D2D2D?style=for-the-badge\u0026logo=zustand\u0026logoColor=white)\n![React Router](https://img.shields.io/badge/React_Router-CA4245?style=for-the-badge\u0026logo=react-router\u0026logoColor=white)\n![Radix UI](https://img.shields.io/badge/Radix%20UI-161618?style=for-the-badge\u0026logo=radix-ui\u0026logoColor=white)\n![Zod](https://img.shields.io/badge/Zod-3E67B1?style=for-the-badge\u0026logo=zod\u0026logoColor=white)\n![JWT](https://img.shields.io/badge/JWT-000000?style=for-the-badge\u0026logo=jsonwebtokens\u0026logoColor=white)\n![Passport](https://img.shields.io/badge/Passport-34E27A?style=for-the-badge\u0026logo=passport\u0026logoColor=white)\n![Cloudinary](https://img.shields.io/badge/Cloudinary-3448C5?style=for-the-badge\u0026logo=cloudinary\u0026logoColor=white)\n![Mailgun](https://img.shields.io/badge/Mailgun-F06B66?style=for-the-badge\u0026logo=mailgun\u0026logoColor=white)\n![Axios](https://img.shields.io/badge/Axios-5A29E4?style=for-the-badge\u0026logo=axios\u0026logoColor=white)\n![Framer Motion](https://img.shields.io/badge/Framer_Motion-0055FF?style=for-the-badge\u0026logo=framer\u0026logoColor=white)\n![React Hook Form](https://img.shields.io/badge/React%20Hook%20Form-EC5990?style=for-the-badge\u0026logo=reacthookform\u0026logoColor=white)\n![Lucide](https://img.shields.io/badge/Lucide-Icons-F56565?style=for-the-badge\u0026logo=lucide\u0026logoColor=white)\n![Date-fns](https://img.shields.io/badge/date--fns-770C56?style=for-the-badge\u0026logo=date-fns\u0026logoColor=white)\n![Sonner](https://img.shields.io/badge/Sonner-Toasts-000000?style=for-the-badge)\n![HTML5](https://img.shields.io/badge/HTML5-E34F26?style=for-the-badge\u0026logo=html5\u0026logoColor=white)\n![CSS3](https://img.shields.io/badge/CSS3-1572B6?style=for-the-badge\u0026logo=css3\u0026logoColor=white)\n![JavaScript](https://img.shields.io/badge/JavaScript-323330?style=for-the-badge\u0026logo=javascript\u0026logoColor=F7DF1E)\n![Mocha](https://img.shields.io/badge/Mocha-8D6748?style=for-the-badge\u0026logo=mocha\u0026logoColor=white)\n![Chai](https://img.shields.io/badge/Chai-A30701?style=for-the-badge\u0026logo=chai\u0026logoColor=white)\n![Vitest](https://img.shields.io/badge/Vitest-6E9F18?style=for-the-badge\u0026logo=vitest\u0026logoColor=white)\n![ESLint](https://img.shields.io/badge/ESLint-4B32C3?style=for-the-badge\u0026logo=eslint\u0026logoColor=white)\n![Helmet](https://img.shields.io/badge/Helmet-Security-000000?style=for-the-badge)\n![CORS](https://img.shields.io/badge/CORS-Enabled-success?style=for-the-badge)\n![SonarQube](https://img.shields.io/badge/SonarQube-4E9BCD?style=for-the-badge\u0026logo=sonarqube\u0026logoColor=white)\n![Sentry](https://img.shields.io/badge/Sentry-362D59?style=for-the-badge\u0026logo=sentry\u0026logoColor=white)\n![GitHub Actions](https://img.shields.io/badge/GitHub_Actions-2088FF?style=for-the-badge\u0026logo=githubactions\u0026logoColor=white)\n![CI/CD Pipeline](https://img.shields.io/badge/CI/CD-Automated-success?style=for-the-badge\u0026logo=githubactions\u0026logoColor=white)\n![Render](https://img.shields.io/badge/Render-46E3B7?style=for-the-badge\u0026logo=render\u0026logoColor=white)\n![Vercel](https://img.shields.io/badge/Vercel-000000?style=for-the-badge\u0026logo=vercel\u0026logoColor=white)\n![MIT License](https://img.shields.io/badge/License-MIT-green?style=for-the-badge)\n![Project Status](https://img.shields.io/badge/Status-Active-success?style=for-the-badge)\n\n🌐 **Live Demo:** Coming Soon!\n\n---\n\n## 📋 Overview\n\n**Scribo** is a modern, **AI-powered smart notes application** built with the MERN stack. It combines powerful **rich-text editing**, **intelligent AI assistance**, and **secure cloud storage** to deliver an exceptional note-taking experience for students, professionals, and anyone who values organized thinking.\n\nKey highlights include:\n\n- **Advanced Rich-Text Editor** powered by TipTap with full formatting capabilities\n- **AI-Powered Features** for content enhancement, summarization, and smart suggestions\n- **Secure Authentication** with JWT, Google OAuth, and email verification\n- **Cloud File Storage** with Cloudinary integration for images and attachments\n- **Smart Organization** with tags, colors, pinning, and archiving\n- **Export Capabilities** to PDF and Markdown formats\n- **Recycle Bin** with automatic cleanup for deleted notes recovery\n- **Dark Mode Support** with smooth theme transitions\n- **Responsive Design** optimized for all devices\n- **Comprehensive Testing** with 105 test cases and SonarQube integration\n\n---\n\n## 🏗️ Features\n\n### ✍️ **Rich-Text Editor**\n\n- **Full Formatting Support** - Bold, italic, underline, strikethrough\n- **Text Styling** - Headings, colors, highlights, alignment\n- **Lists \u0026 Structure** - Bullet points, numbered lists, blockquotes\n- **Media Embedding** - Images, links with preview\n- **Code Blocks** - Syntax highlighting for developers\n- **Undo/Redo** - Complete history management\n- **Keyboard Shortcuts** - Power user productivity\n\n### 🤖 **AI-Powered Features**\n\n- **Content Enhancement** - Improve writing quality and clarity\n- **Smart Summarization** - Extract key points automatically\n- **Tone Analysis** - Professional, casual, or academic suggestions\n- **Grammar \u0026 Style** - Intelligent writing assistance\n- **Auto-Completion** - Context-aware suggestions\n- **Content Organization** - AI-suggested tags and categories\n\n### 📊 **Smart Organization**\n\n- **Color Coding** - 9 vibrant colors for visual organization\n- **Tag System** - Categorize and filter notes efficiently\n- **Pin Important Notes** - Keep critical notes at the top\n- **Archive System** - Clean workspace without losing data\n- **Search Functionality** - Find notes instantly\n- **Recycle Bin** - 30-day recovery window with auto-cleanup\n\n### 🔐 **Authentication \u0026 Security**\n\n- **JWT-Based Authentication** - Secure token-based sessions\n- **Google OAuth Integration** - One-click social login\n- **Email Verification** - Secure account activation\n- **Password Reset** - Email-based secure recovery\n- **Rate Limiting** - Protection against brute force attacks\n- **Helmet.js Security** - HTTP headers protection\n- **CORS Configuration** - Controlled cross-origin requests\n- **Input Validation** - Comprehensive data sanitization\n\n### ☁️ **Cloud Integration**\n\n- **Cloudinary Storage** - Optimized image hosting\n- **Automatic Optimization** - Image compression and resizing\n- **CDN Delivery** - Fast global content delivery\n- **Secure Upload** - Authenticated file operations\n- **Profile Pictures** - Avatar management system\n\n### 📤 **Export \u0026 Sharing**\n\n- **PDF Export** - Professional document generation\n- **Markdown Export** - Developer-friendly format\n- **Bulk Export** - Multiple notes at once\n- **Email Sharing** - Send notes via email\n- **Print Support** - Optimized for printing\n\n### 📱 **Modern UX/UI**\n\n- **Responsive Design** - Mobile-first approach\n- **Dark/Light Themes** - Eye-friendly viewing options\n- **Smooth Animations** - Framer Motion powered\n- **Toast Notifications** - Non-intrusive user feedback\n- **Loading States** - Skeleton screens and spinners\n- **Accessibility** - WCAG 2.1 compliant\n- **Radix UI Components** - High-quality, accessible primitives\n\n---\n\n## 💻 Technologies Used\n\n### **Frontend Framework**\n\n- [**React 19.1.1**](https://reactjs.org/) — Modern UI library with concurrent features\n- [**TypeScript 5.8.3**](https://www.typescriptlang.org/) — Type-safe JavaScript development\n- [**Vite 7.1.7**](https://vitejs.dev/) — Lightning-fast build tool and dev server\n- [**React Router 7.9.3**](https://reactrouter.com/) — Declarative routing for React\n\n### **State Management \u0026 Forms**\n\n- [**Zustand 5.0.8**](https://zustand-demo.pmnd.rs/) — Lightweight state management\n- [**React Hook Form 7.63.0**](https://react-hook-form.com/) — Performant form validation\n- [**Zod 4.1.11**](https://zod.dev/) — TypeScript-first schema validation\n\n### **UI Components \u0026 Styling**\n\n- [**Tailwind CSS 4.1.13**](https://tailwindcss.com/) — Utility-first CSS framework\n- [**Radix UI**](https://www.radix-ui.com/) — Accessible component primitives\n  - Alert Dialog, Dialog, Dropdown Menu, Label, Radio Group, Slot, Switch, Tabs\n- [**Framer Motion 12.23.22**](https://www.framer.com/motion/) — Production-ready animations\n- [**Lucide React 0.544.0**](https://lucide.dev/) — Beautiful icon library\n- [**Class Variance Authority**](https://cva.style/) — Component variant management\n- [**clsx \u0026 tailwind-merge**](https://github.com/dcastil/tailwind-merge) — Intelligent class merging\n- [**next-themes 0.4.6**](https://github.com/pacocoursey/next-themes) — Theme management\n- [**Sonner 2.0.7**](https://sonner.emilkowal.ski/) — Toast notification system\n\n### **Rich-Text Editor**\n\n- [**TipTap 3.6.2**](https://tiptap.dev/) — Headless editor framework\n  - **Starter Kit** - Essential editing features\n  - **Extensions** - Color, Highlight, Image, Link, Placeholder, Text Style\n- [**@tiptap/react**](https://tiptap.dev/installation/react) — React integration\n\n### **Backend Framework**\n\n- [**Node.js 22.x**](https://nodejs.org/) — JavaScript runtime\n- [**Express 5.1.0**](https://expressjs.com/) — Fast, minimalist web framework\n- [**MongoDB 6.20.0**](https://www.mongodb.com/) — NoSQL database\n- [**Mongoose 8.18.1**](https://mongoosejs.com/) — MongoDB object modeling\n\n### **Authentication \u0026 Security**\n\n- [**JWT (jsonwebtoken 9.0.2)**](https://jwt.io/) — Token-based authentication\n- [**Passport 0.7.0**](http://www.passportjs.org/) — Authentication middleware\n- [**Passport Google OAuth 2.0**](http://www.passportjs.org/packages/passport-google-oauth20/) — Google sign-in\n- [**bcryptjs 3.0.2**](https://github.com/dcodeIO/bcrypt.js) — Password hashing\n- [**Helmet 8.1.0**](https://helmetjs.github.io/) — Security headers\n- [**CORS 2.8.5**](https://github.com/expressjs/cors) — Cross-origin resource sharing\n- [**Express Rate Limit 8.1.0**](https://github.com/express-rate-limit/express-rate-limit) — Rate limiting middleware\n\n### **File Handling \u0026 Storage**\n\n- [**Cloudinary 1.41.3**](https://cloudinary.com/) — Cloud image/video management\n- [**Multer 2.0.2**](https://github.com/expressjs/multer) — File upload middleware\n- [**Multer Cloudinary Storage**](https://github.com/affanshahid/multer-storage-cloudinary) — Cloudinary storage engine\n\n### **Email \u0026 Communication**\n\n- [**Mailgun.js 12.1.1**](https://github.com/mailgun/mailgun.js) — Email delivery service\n- [**Nodemailer 7.0.10**](https://nodemailer.com/) — Email sending module\n\n### **Utilities \u0026 Processing**\n\n- [**Axios 1.12.2 / 1.13.2**](https://axios-http.com/) — HTTP client\n- [**date-fns 4.1.0**](https://date-fns.org/) — Modern date utility\n- [**marked 16.4.0**](https://marked.js.org/) — Markdown parser\n- [**pdf-lib 1.17.1**](https://pdf-lib.js.org/) — PDF generation and manipulation\n- [**html-pdf 3.0.1**](https://github.com/marcbachmann/node-html-pdf) — HTML to PDF converter\n- [**form-data 4.0.4**](https://github.com/form-data/form-data) — Form data encoding\n\n### **Logging \u0026 Monitoring**\n\n- [**Pino 9.11.0**](https://getpino.io/) — High-performance logging\n- [**Pino HTTP 10.5.0**](https://github.com/pinojs/pino-http) — HTTP request logging\n- [**Pino Pretty 13.1.1**](https://github.com/pinojs/pino-pretty) — Log formatter\n\n### **Testing \u0026 Quality**\n\n- [**Vitest 3.2.4**](https://vitest.dev/) — Fast unit test framework (Frontend)\n- [**@vitest/ui**](https://vitest.dev/guide/ui.html) — Test UI interface\n- [**@vitest/coverage-v8**](https://vitest.dev/guide/coverage.html) — Code coverage\n- [**Testing Library**](https://testing-library.com/) — React testing utilities\n  - **@testing-library/react 16.3.0**\n  - **@testing-library/jest-dom 6.9.1**\n  - **@testing-library/user-event 14.6.1**\n- [**Mocha 11.7.4**](https://mochajs.org/) — Test framework (Backend)\n- [**Chai 4.5.0**](https://www.chaijs.com/) — Assertion library\n- [**Sinon 21.0.0**](https://sinonjs.org/) — Test spies, stubs, and mocks\n- [**Supertest 7.1.4**](https://github.com/ladjs/supertest) — HTTP assertion library\n- [**NYC 17.1.0**](https://istanbul.js.org/) — Code coverage tool\n- [**MSW 2.11.3**](https://mswjs.io/) — API mocking library\n- [**MongoDB Memory Server 10.2.1**](https://github.com/nodkz/mongodb-memory-server) — In-memory MongoDB\n\n### **Code Quality \u0026 Analysis**\n\n- [**SonarQube**](https://www.sonarqube.org/) — Code quality and security analysis\n- [**ESLint 9.36.0**](https://eslint.org/) — JavaScript linter\n- [**TypeScript ESLint 8.44.0**](https://typescript-eslint.io/) — TypeScript linting\n- [**sonarqube-scanner 4.2.5**](https://github.com/bellingard/sonar-scanner-npm) — SonarQube integration\n\n### **Development Tools**\n\n- [**Nodemon 3.1.10**](https://nodemon.io/) — Auto-restart development server\n- [**cross-env 10.1.0**](https://github.com/kentcdodds/cross-env) — Cross-platform env variables\n- [**dotenv 17.2.2**](https://github.com/motdotla/dotenv) — Environment variable management\n\n### **Web Technologies**\n\n- [**HTML5**](https://developer.mozilla.org/en-US/docs/Web/HTML) — Semantic markup\n- [**CSS3**](https://developer.mozilla.org/en-US/docs/Web/CSS) — Modern styling\n- [**JavaScript ES2020+**](https://developer.mozilla.org/en-US/docs/Web/JavaScript) — Modern JavaScript features\n\n### **DevOps \u0026 Deployment**\n\n- [**GitHub Actions**](https://github.com/features/actions) — Automated CI/CD pipeline\n- [**Render**](https://render.com/) — Backend hosting platform\n- [**Vercel**](https://vercel.com/) — Frontend hosting platform\n- [**Sentry**](https://sentry.io/) — Error tracking and monitoring\n- [**SonarCloud**](https://sonarcloud.io/) — Cloud-based code analysis\n- [**Docker Ready**](https://www.docker.com/) — Containerization support\n\n---\n\n## 🔄 CI/CD Pipeline\n\n### **🚀 Automated Workflow**\n\nOur CI/CD pipeline ensures **code quality**, **security**, and **reliable deployments**:\n\n#### **Quality Checks** ✅\n\n| Check        | Tool         | Description                       |\n| ------------ | ------------ | --------------------------------- |\n| Code Quality | SonarCloud   | Security scanning and code smells |\n| Linting      | ESLint       | Code style and best practices     |\n| Type Safety  | TypeScript   | Static type checking              |\n| Build        | Vite         | Production build verification     |\n| Testing      | Mocha/Vitest | 105+ automated tests              |\n| Coverage     | NYC/V8       | Code coverage reporting           |\n| Security     | npm audit    | Dependency vulnerability scan     |\n\n#### **Deployment Strategy** 🌐\n\n| Branch        | Action                   | Platform        |\n| ------------- | ------------------------ | --------------- |\n| `main`        | Production Deploy        | Render + Vercel |\n| `develop`     | Quality Checks Only      | -               |\n| Pull Requests | Preview + Quality Checks | Vercel Preview  |\n\n#### **Pipeline Triggers** 🔄\n\n```yaml\non:\n  push:\n    branches: [main, develop]\n  pull_request:\n    branches: [main, develop]\n```\n\n#### **Workflow Status** 📊\n\n```\n┌─────────────────────────────────────────────────────────┐\n│  ✅ Install Dependencies (Backend + Frontend)          │\n│  ✅ Run Linting \u0026 Type Checks                          │\n│  ✅ Execute Tests with Coverage                        │\n│  ✅ Build Production Bundle                            │\n│  ✅ SonarCloud Analysis                                │\n│  ✅ Security Audit                                     │\n│  🚀 Deploy Backend → Render                            │\n│  🚀 Deploy Frontend → Vercel                           │\n└─────────────────────────────────────────────────────────┘\n```\n\n### **📖 Production Deployment**\n\nThis project is configured for deployment on **Render** (backend) and **Vercel** (frontend).\n\n#### Quick Deploy Steps:\n\n1. **Backend on Render**: Connect GitHub repo → Set Root Directory: `backend` → Add environment variables → Deploy\n2. **Frontend on Vercel**: Connect GitHub repo → Set Root Directory: `frontend` → Add `VITE_API_URL` → Deploy\n\n---\n\n## 🚀 Getting Started\n\n### **Prerequisites**\n\n- Node.js 18+ installed\n- MongoDB 6+ installed and running\n- npm or yarn package manager\n- Cloudinary account (for file storage)\n- Mailgun account (for email services)\n- Google OAuth credentials (optional, for social login)\n\n### **Installation**\n\n1. **Clone the repository**\n\n```bash\ngit clone https://github.com/huzaifa-fullstack/scribo-notes-ai.git\ncd scribo-notes-ai\n```\n\n2. **Install Backend Dependencies**\n\n```bash\ncd backend\nnpm install\n```\n\n3. **Install Frontend Dependencies**\n\n```bash\ncd ../frontend\nnpm install\n```\n\n4. **Backend Environment Setup**\n\nCreate `.env` file in the `backend` directory:\n\n```env\n# Server Configuration\nPORT=5000\nNODE_ENV=development\n\n# Database\nMONGODB_URI=mongodb://localhost:27017/scribo-notes-db\n\n# JWT Authentication\nJWT_SECRET=your_super_secret_jwt_key_here\nJWT_EXPIRE=7d\n\n# Google OAuth\nGOOGLE_CLIENT_ID=your_google_client_id\nGOOGLE_CLIENT_SECRET=your_google_client_secret\nGOOGLE_CALLBACK_URL=http://localhost:5000/api/auth/google/callback\n\n# Cloudinary\nCLOUDINARY_CLOUD_NAME=your_cloudinary_cloud_name\nCLOUDINARY_API_KEY=your_cloudinary_api_key\nCLOUDINARY_API_SECRET=your_cloudinary_api_secret\n\n# Email Service (Mailgun)\nMAILGUN_API_KEY=your_mailgun_api_key\nMAILGUN_DOMAIN=your_mailgun_domain\nMAILGUN_FROM_EMAIL=noreply@yourdomain.com\nMAILGUN_FROM_NAME=Scribo Notes\n\n# Frontend URL (for CORS)\nFRONTEND_URL=http://localhost:5173\nCLIENT_URL=http://localhost:5173\n\n# AI Features (HuggingFace)\nHUGGINGFACE_API_KEY=hf_your_api_key_here\n\n# Error Tracking (Optional)\nSENTRY_DSN=your_sentry_dsn_here\n\n# Rate Limiting\nRATE_LIMIT_WINDOW_MS=900000\nRATE_LIMIT_MAX_REQUESTS=100\n```\n\n5. **Frontend Environment Setup**\n\nCreate `.env` file in the `frontend` directory:\n\n```env\nVITE_API_URL=http://localhost:5000/api\nVITE_SENTRY_DSN=your_sentry_dsn_here\n```\n\n6. **Database Setup**\n\nInitialize MongoDB database:\n\n```bash\ncd backend\nnpm run init-db\n```\n\n7. **Start Development Servers**\n\n**Backend:**\n\n```bash\ncd backend\nnpm run dev\n```\n\n**Frontend:**\n\n```bash\ncd frontend\nnpm run dev\n```\n\n8. **Open your browser**\n\n```\nFrontend: http://localhost:5173\nBackend API: http://localhost:5000\n```\n\n9. **Build for Production**\n\n**Backend:**\n\n```bash\ncd backend\nnpm start\n```\n\n**Frontend:**\n\n```bash\ncd frontend\nnpm run build\nnpm run preview\n```\n\n---\n\n## 🔒 Security \u0026 Privacy\n\n### **Authentication Security**\n\n- **JWT Tokens** with secure signing and expiration\n- **Password Hashing** with bcrypt (10 salt rounds)\n- **OAuth 2.0** integration for Google sign-in\n- **Email Verification** for account activation\n- **Session Management** with automatic token refresh\n\n### **API Security**\n\n- **Helmet.js** — Security headers protection\n- **CORS** — Controlled cross-origin requests\n- **Rate Limiting** — Brute force protection\n- **Input Validation** — Comprehensive sanitization\n- **SQL Injection Protection** — MongoDB parameterized queries\n- **XSS Protection** — Content sanitization\n\n### **Data Protection**\n\n- **Encrypted Communication** — HTTPS in production\n- **Secure File Upload** — Authenticated Cloudinary uploads\n- **GDPR Compliant** — User data privacy rights\n- **Automatic Cleanup** — Recycle bin 30-day deletion\n- **Secure Password Reset** — Time-limited tokens\n\n### **Error Handling**\n\n- **Graceful Error Recovery** — User-friendly messages\n- **Comprehensive Logging** — Pino structured logging\n- **No Sensitive Data Leakage** — Sanitized error responses\n- **Database Error Handling** — Mongoose validation\n\n---\n\n## 📊 Testing Strategy\n\n### **Frontend Testing (Vitest)**\n\n- **Unit Tests** — Component and utility testing\n- **Integration Tests** — Feature workflow testing\n- **Coverage:** 105 tests with ~60% code coverage\n\n**Test Categories:**\n\n- Authentication flows\n- Note CRUD operations\n- Rich-text editor functionality\n- Form validation\n- Store management\n- API integration\n\n### **Backend Testing (Mocha/Chai)**\n\n- **API Endpoint Tests** — Request/response validation\n- **Authentication Tests** — JWT and OAuth flows\n- **Database Tests** — CRUD operations with in-memory MongoDB\n- **Integration Tests** — End-to-end feature testing\n- **Coverage:** Comprehensive test suite with NYC\n\n**Test Categories:**\n\n- User authentication and authorization\n- Note management endpoints\n- File upload and processing\n- Email service integration\n- Error handling and validation\n- Middleware functionality\n\n### **Quality Assurance**\n\n- **SonarQube Analysis** — Code quality metrics\n- **ESLint** — Code style consistency\n- **TypeScript** — Type safety verification\n- **Code Reviews** — Manual quality checks\n\n---\n\n## 🔄 API Endpoints\n\n### **Authentication**\n\n```\nPOST   /api/auth/register         - User registration\nPOST   /api/auth/login            - User login\nPOST   /api/auth/verify-email     - Email verification\nPOST   /api/auth/forgot-password  - Request password reset\nPOST   /api/auth/reset-password   - Reset password\nGET    /api/auth/google           - Google OAuth login\nGET    /api/auth/google/callback  - Google OAuth callback\nGET    /api/auth/me               - Get current user\nPOST   /api/auth/logout           - User logout\n```\n\n### **Notes**\n\n```\nGET    /api/notes                 - Get all user notes\nGET    /api/notes/:id             - Get single note\nPOST   /api/notes                 - Create new note\nPUT    /api/notes/:id             - Update note\nDELETE /api/notes/:id             - Delete note (to recycle bin)\nPOST   /api/notes/:id/pin         - Toggle pin status\nPOST   /api/notes/:id/archive     - Toggle archive status\nPOST   /api/notes/:id/restore     - Restore from recycle bin\nDELETE /api/notes/:id/permanent   - Permanent delete\nGET    /api/notes/recycle-bin     - Get deleted notes\n```\n\n### **Export**\n\n```\nPOST   /api/export/pdf            - Export note to PDF\nPOST   /api/export/markdown       - Export note to Markdown\nPOST   /api/export/bulk           - Bulk export notes\n```\n\n### **Profile**\n\n```\nGET    /api/profile               - Get user profile\nPUT    /api/profile               - Update user profile\nPOST   /api/profile/avatar        - Upload profile picture\nDELETE /api/profile/avatar        - Remove profile picture\n```\n\n### **AI Features**\n\n```\nPOST   /api/ai/enhance            - Enhance content\nPOST   /api/ai/summarize          - Summarize content\nPOST   /api/ai/suggest-tags       - Get tag suggestions\nPOST   /api/ai/grammar-check      - Check grammar\n```\n\n---\n\n## 🤝 Contributing\n\nContributions are welcome! Please feel free to submit a Pull Request.\n\n### **Development Workflow**\n\n1. Fork the repository\n2. Create a feature branch (`git checkout -b feature/amazing-feature`)\n3. Commit your changes (`git commit -m 'Add amazing feature'`)\n4. Push to the branch (`git push origin feature/amazing-feature`)\n5. Open a Pull Request\n\n### **Code Standards**\n\n- **TypeScript** for frontend type safety\n- **ESLint** for code quality\n- **Prettier** for code formatting (if configured)\n- **Conventional Commits** for clear history\n- **Unit Tests** for new features\n- **Documentation** for complex logic\n\n### **Testing Requirements**\n\n- Write tests for new features\n- Maintain test coverage above 60%\n- Ensure all tests pass before PR\n- Add integration tests for workflows\n\n---\n\n## 📄 License\n\nThis project is licensed under the [MIT License](LICENSE) - see the [LICENSE](LICENSE) file for details.\n\n---\n\n## ✍️ Author\n\n**Muhammad Huzaifa Karim**  \n[GitHub Profile](https://github.com/huzaifakarim1)\n\n---\n\n## 🙏 Acknowledgments\n\n- **TipTap** for the excellent rich-text editor framework\n- **Radix UI** for accessible component primitives\n- **Cloudinary** for scalable cloud storage\n- **Mailgun** for reliable email delivery\n- **MongoDB** for flexible database solution\n- **Vercel** for deployment platform\n- **SonarQube** for code quality analysis\n\n---\n\n## 📬 Contact\n\nFor questions, feedback, or support:\n\n- **GitHub Issues** - Report bugs or request features\n- **Email** - karimhuzaifa590@gmail.com\n\n---\n\n## 🌟 Show Your Support\n\nIf you found this project helpful, please consider:\n\n- ⭐ Starring the repository\n- 🐛 Reporting bugs\n- 💡 Suggesting new features\n- 📢 Sharing with others\n- 🤝 Contributing to the codebase\n\n---\n\n© 2025 Muhammad Huzaifa Karim\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhuzaifa-fullstack%2Fscribo-notes-ai","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fhuzaifa-fullstack%2Fscribo-notes-ai","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhuzaifa-fullstack%2Fscribo-notes-ai/lists"}