# Changelog

All notable changes to inBOXER will be documented in this file.

The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).

## [2026-04.1] - 2026-04-23

### Added
- Initial repository structure per `PROJECT_PLAN.md`
- Go module initialization with core dependencies (go-imap, gorm, sqlite, slog, gorilla)
- Git repository setup with remote configuration using `.env` credentials
- Basic documentation files (README, CHANGELOG, LICENSE, AGENTS.md)
- Directory hierarchy for modular packages:
  - `src/cmd/` - Main orchestrator
  - `src/internal/auth/` - OTP authentication package
  - `src/internal/imap/` - IMAP client (placeholder)
  - `src/internal/ai/` - DeepSeek AI integration (placeholder)
  - `src/internal/db/` - SQLite database with GORM models and encryption
  - `src/internal/worker/` - Background worker (placeholder)
  - `src/web/` - Web interface (templates + static)
  - `src/pkg/` - Shared utilities (config loader)
  - `bin/` - Compiled binary and configuration
- Modular authentication package:
  - OTP generation & hashing (bcrypt)
  - SMTP sender with `.env` credentials
  - Session cookie management (gorilla/sessions)
  - Database-backed OTP store
- Mobile-first frontend:
  - Responsive CSS with modern design system
  - Go HTML templates (login, verify, dashboard, settings)
  - Authentication flow (email + OTP)
- Database schema:
  - User model with OTP storage
  - Mailbox settings with encrypted passwords
  - Processed email tracking
- Configuration system:
  - YAML configuration file (`bin/config.yaml`)
  - Environment variable loading (`.env`)
  - Secret management for session encryption
- Web server with routing:
  - Gorilla mux router with middleware
  - Authentication middleware for protected routes
  - Static file serving
- Makefile with build, run, test targets
- Unit tests for authentication package

### Changed
- N/A (initial release)

### Fixed
- N/A (initial release)