No not rude at all :)
All this is a good feedback. If the lack of documentation confused you then I am sure there are many others who will get confused for the same thing. It is definitely something I should improve upon so everyone can understand the project and use it if they want to.
Cross platform for various reasons. There are two parts to Journiv
Backend: This is what you run on your local machine (ideally a small server/nas) which can run docker. You can run it on any machine.
Frontend: As of now this is a web app which you can run any where. The frontend of Journiv is in flutter which is cross platform and allow native desktop and mobile apps. Mobile apps will be launched soon.
Journiv is source-available but not “Free Software” under the FSF/OSI definition. I chose the PolyForm Noncommercial 1.0.0 license intentionally to keep the code open for personal and educational use which allow hosting for non-commercial while preventing "commercial" redistribution or hosting for commercial gain without permission.
My motivation behind Journiv is to give a solution to self hosted people like me and other a journal first experience on par with any major cloud offering so that they don't have to mold their usage to a notes app and be unsatisfied and frustrated like me. This license enables everyone in the self hosted community to use Journiv.
I did consider permissive and copyleft licenses (Apache, GPL, BSD, etc.), but sustainability is a major concern for this project. I have already spent hundreds of hours on this over last couple of months and there is so much more to build (take a look at the issues page of github repo). I want to keep development open and transparent while ensuring that commercial entities can’t simply repackage and profit from it.
Please read the documentation linked in the ReadMe and you can try out all the security features.
There are docs for auth model, the code around it, the limitation of in-mem tokens, the clear documentation around token handling, the code to support CORS, trusted host middleware, CSP, HSTS, rate limiting. You can read the env.template and configure and try it out. I doubt there are self hosted (vibe coded, ai-assisted or even non vibe coded) existing apps which have these security feature in v0.1 or even later.
Like mentioned in comment and ReadMe the project is written with AI assistance not vibe coded or AI driven development. If you will read the code, look at design and db model you will find the answers you are seeking. Having said that I am always looking to make the project better so if you find anything which can be improved please open a PR.
Thank you. Yes, as a software engineer, not using AI for tasks where it can significantly accelerate development would be unrealistic. Much of the boilerplate code such as database ORM models, serialization/deserialization logic, and documentation was written with AI assistance, as mentioned in the project’s README. No developer writes such consistent and complete API docs :D. The architecture, UI/UX and harder aspects (see below) are done by me.
It took me 2 months of late nights (hundreds of hours so far) and spending every minute outside of job and family on this and without AI would have taken much more. What you see now is the result of many iteration, refining the UI/UX, redesigning the database, and reworking the overall architecture, flighting with CORS configs make video player work on web in flutter etc etc... much of which isn’t visible from the outside.
No not rude at all :) All this is a good feedback. If the lack of documentation confused you then I am sure there are many others who will get confused for the same thing. It is definitely something I should improve upon so everyone can understand the project and use it if they want to.
Cross platform for various reasons. There are two parts to Journiv
Can I ask if you have ran/used docker before?