@openparachute/hub 0.5.13 → 0.5.14-rc.10

package/src/hub.ts

@@ -91,8 +91,15 @@ function renderSignedIn(displayName: string, csrfToken: string): string {
   // Inline POST form so sign-out works without JS. Submit button is
   // styled as a text link via `.auth-signout` so the visual weight
   // matches the surrounding "Signed in as <name>" text.
+  //
+  // The "Account" link is the single breadcrumb to `/account/` — the
+  // self-service home where any signed-in user (admin or invited
+  // member) can change their password, see their vault, and sign out.
+  // Without it, a friend who's been handed credentials has no way to
+  // discover the change-password surface after the first-login prompt.
   return `<div class="auth-indicator">
       <span class="muted">Signed in as <strong>${escapeHtml(displayName)}</strong></span>
+      <a href="/account/" class="auth-account">Account</a>
       <form method="POST" action="/logout" class="auth-signout-form">
         <input type="hidden" name="${CSRF_FIELD_NAME}" value="${escapeAttr(csrfToken)}" />
         <button type="submit" class="auth-signout">Sign out</button>
@@ -203,7 +210,7 @@ const HTML_TEMPLATE = `<!doctype html>
     margin: 0;
     display: inline;
   }
-  .auth-signout, .auth-signin {
+  .auth-signout, .auth-signin, .auth-account {
     background: none;
     border: none;
     padding: 0;
@@ -214,10 +221,10 @@ const HTML_TEMPLATE = `<!doctype html>
     text-decoration-thickness: 1px;
     text-underline-offset: 2px;
   }
-  .auth-signout:hover, .auth-signin:hover {
+  .auth-signout:hover, .auth-signin:hover, .auth-account:hover {
     color: var(--accent-hover);
   }
-  a.auth-signin {
+  a.auth-signin, a.auth-account {
     /* Anchor needs explicit reset since the a element has its own
        color/decoration. */
     border-bottom: none;
@@ -471,9 +478,9 @@ const HTML_TEMPLATE = `<!doctype html>
    * Render the "Get started" section (hub#342) above the Services grid.
    *
    * One hardcoded target, conditional on its prerequisite being installed:
-   *   - "Open Notes" → /app/notes/  (requires parachute-app installed;
-   *     App auto-bootstraps Notes-as-UI per parachute-app §17, so the
-   *     mere presence of App means /app/notes/ is live)
+   *   - "Open Notes" → /surface/notes/  (requires parachute-surface installed;
+   *     Surface auto-bootstraps Notes-as-UI per parachute-surface §17, so the
+   *     mere presence of Surface means /surface/notes/ is live)
    *
    * The earlier "Browse Vault" tile retired in workstream C (2026-05-25)
    * once vault declared uiUrl in its module.json (per patterns#96). With
@@ -500,12 +507,12 @@ const HTML_TEMPLATE = `<!doctype html>
   function renderGetStarted(services) {
     if (!getStartedGrid || !getStartedSection) return;
     const tiles = [];
-    const hasApp = services.some((s) => s && s.name === 'parachute-app');
-    if (hasApp) {
+    const hasSurface = services.some((s) => s && s.name === 'parachute-surface');
+    if (hasSurface) {
       tiles.push({
         title: 'Open Notes',
         desc: 'Browse + capture in the Notes app — reads from your vault.',
-        href: '/app/notes/',
+        href: '/surface/notes/',
       });
     }
     if (tiles.length === 0) {

package/src/notes-redirect.ts

@@ -2,9 +2,9 @@
  * Notes-as-app migration Phase 2 (parachute-app design doc §16).
  *
  * When parachute-app ships and Notes installs as `parachute-app add
- * @openparachute/notes-ui --name notes --path /app/notes`, operators with
+ * @openparachute/notes-ui --name notes --path /surface/notes`, operators with
  * existing `/notes/*` bookmarks need a transparent bridge. The hub serves a
- * 301 redirect from `/notes/*` → `/app/notes/*` so:
+ * 301 redirect from `/notes/*` → `/surface/notes/*` so:
  *
  *   - cached operator URLs (notes PWA install banners, browser history,
  *     in-vault links) keep working
@@ -44,14 +44,14 @@ export function isLegacyNotesPath(pathname: string): boolean {
  * string. The query is preserved verbatim; the fragment isn't visible
  * server-side (clients reassemble it after following the redirect).
  *
- * The transform is purely path-rewrite — `/notes` → `/app/notes`, `/notes/`
- * → `/app/notes/`, `/notes/foo/bar` → `/app/notes/foo/bar`.
+ * The transform is purely path-rewrite — `/notes` → `/surface/notes`, `/notes/`
+ * → `/surface/notes/`, `/notes/foo/bar` → `/surface/notes/foo/bar`.
  */
 export function buildNotesRedirectTarget(pathname: string, search: string): string {
   // Slice off the leading "/notes" — what remains is either "" (bare /notes),
   // "/" (trailing slash), or "/<rest>" (sub-path).
   const tail = pathname.slice("/notes".length);
-  return `/app/notes${tail}${search}`;
+  return `/surface/notes${tail}${search}`;
 }
 
 /**