Merge branch 'main' into issue-466-structured-search

Eliminates the socat bridge dependency by using OpenSSH's built-in
Unix socket forwarding (-L port:socket_path). The dagger user already
owns /run/dagger/engine.sock so no intermediate TCP listener is needed.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

.forgejo/workflows/website.yml

@@ -12,116 +12,10 @@ on:
   workflow_dispatch:
 
 jobs:
-  check-changes:
-    name: Detect Website Changes
-    runs-on: ubuntu-latest
-    timeout-minutes: 5
-    outputs:
-      has_changes: ${{ steps.diff.outputs.has_changes }}
-
-    steps:
-      - uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-
-      - name: Detect website changes since last deploy
-        id: diff
-        shell: bash
-        env:
-          FORGEJO_TOKEN: ${{ github.token }}
-        run: |
-          # On push or workflow_dispatch always deploy
-          if [ "$GITHUB_EVENT_NAME" != "schedule" ]; then
-            echo "has_changes=true" >> "$GITHUB_OUTPUT"
-            exit 0
-          fi
-
-          HEAD_SHA=$(git rev-parse HEAD)
-
-          # Find the most recent successful website.yml run where the deploy job
-          # actually ran (not merely skipped). Uses head_sha (not commit_sha which
-          # is always None in Forgejo's API).
-          LAST_DEPLOYED_SHA=$(python3 - << 'PYEOF'
-          import json, os, sys, urllib.request
-          token = os.environ.get("FORGEJO_TOKEN", "")
-          server = os.environ.get("GITHUB_SERVER_URL", "").rstrip("/")
-          repo = os.environ.get("GITHUB_REPOSITORY", "")
-          base_api = f"{server}/api/v1/repos/{repo}/actions"
-          url = f"{base_api}/runs?workflow_id=website.yml&status=success&limit=10"
-          req = urllib.request.Request(url, headers={"Authorization": f"token {token}"})
-          try:
-              with urllib.request.urlopen(req) as r:
-                  data = json.loads(r.read())
-              runs = [
-                  r for r in data.get("workflow_runs", [])
-                  if r.get("status") == "success"
-              ]
-              for run in runs:
-                  run_id = run.get("id")
-                  jobs_url = f"{base_api}/runs/{run_id}/jobs"
-                  jobs_req = urllib.request.Request(jobs_url, headers={"Authorization": f"token {token}"})
-                  try:
-                      with urllib.request.urlopen(jobs_req) as jr:
-                          jobs_data = json.loads(jr.read())
-                      for job in jobs_data.get("workflow_jobs", []):
-                          if "Build & Update Website" in job.get("name", "") and (
-                              job.get("conclusion") == "success" or
-                              job.get("status") == "success"
-                          ):
-                              print(run.get("head_sha") or "")
-                              sys.exit(0)
-                  except Exception:
-                      pass  # skip this run if jobs API fails
-              print("")
-          except Exception as e:
-              print(f"::error::LAST_DEPLOYED_SHA lookup failed ({type(e).__name__}: {e})")
-              print("")
-          PYEOF
-          )
-
-          if [ -z "$LAST_DEPLOYED_SHA" ]; then
-            echo "::warning::Could not determine last successfully deployed SHA — deploying as a precaution"
-            echo "has_changes=true" >> "$GITHUB_OUTPUT"
-            exit 0
-          fi
-
-          if [ "$HEAD_SHA" = "$LAST_DEPLOYED_SHA" ]; then
-            echo "::notice::Website deploy SKIPPED — HEAD $HEAD_SHA was already successfully deployed"
-            echo "has_changes=false" >> "$GITHUB_OUTPUT"
-            exit 0
-          fi
-
-          # Diff from last successfully deployed commit to catch all changes since
-          # that deploy, not just the most recent commit.
-          if git cat-file -e "$LAST_DEPLOYED_SHA" 2>/dev/null; then
-            echo "Diffing from last deployed SHA $LAST_DEPLOYED_SHA"
-            CHANGED=$(git diff --name-only "$LAST_DEPLOYED_SHA" HEAD 2>/dev/null \
-              || git show --name-only --format= HEAD)
-          else
-            echo "::warning::Last deployed SHA $LAST_DEPLOYED_SHA not in local history — deploying as a precaution"
-            echo "has_changes=true" >> "$GITHUB_OUTPUT"
-            exit 0
-          fi
-
-          echo "Changed files:"
-          echo "$CHANGED"
-
-          website_re='^(website/|scripts/website-verify\.sh|\.forgejo/workflows/website\.yml)'
-
-          if echo "$CHANGED" | grep -qE "$website_re"; then
-            echo "has_changes=true" >> "$GITHUB_OUTPUT"
-            echo "::notice::Website deploy TRIGGERED — website-relevant files changed since $LAST_DEPLOYED_SHA"
-          else
-            echo "has_changes=false" >> "$GITHUB_OUTPUT"
-            echo "::notice::Website deploy SKIPPED — diff $LAST_DEPLOYED_SHA..HEAD has no website-relevant changes"
-          fi
-
   deploy:
     name: Build & Update Website
     runs-on: ubuntu-latest
     timeout-minutes: 60
-    needs: [check-changes]
-    if: needs.check-changes.outputs.has_changes == 'true'
 
     steps:
       - name: Print runner wait time

AGENTS.md

@@ -13,27 +13,23 @@ Automation is handled by [agentloop](https://github.com/guettli/agentloop) runni
 | Label | Trigger | Outcome |
 |---|---|---|
 | `loop/plan` | Planning agent reads the issue and writes an implementation plan as a comment | Issue moves to `loop/plan-done` |
-| `loop/code` | Coding agent implements the change, creates a branch + PR | Issue routes to `loop/merge` |
-| `loop/merge` | Merge agent rebases, waits for CI, and merges the PR | Issue moves to `loop/merge-done` |
+| `loop/code` | Coding agent implements the change, creates a branch + PR | Issue moves to `loop/code-done` |
 
 **State machine:**
 
 ```
-loop/plan  →  loop/plan-in-process  →  loop/plan-done
-                                     ↘  NeedSupervisor  (on failure)
+loop/plan  →  loop/plan-in-progress  →  loop/plan-done
+                                      ↘  NeedSupervisor  (on failure)
 
-loop/code  →  loop/code-in-process  →  loop/merge (via route)
-                                     ↘  NeedSupervisor  (on failure)
-
-loop/merge →  loop/merge-in-process →  loop/merge-done
-                                     ↘  NeedSupervisor  (on failure)
+loop/code  →  loop/code-in-progress  →  loop/code-done
+                                      ↘  NeedSupervisor  (on failure)
 ```
 
 **Rules:**
 
 - Only issues authored by allowed users are picked up (guettli, guettlibot, guettlibot2, forgejo-actions).
 - An issue with `NeedSupervisor` needs human attention — investigate, fix, then re-label.
-- The merge agent merges the PR automatically once CI is green. A human still reviews the PR before it merges if branch protection requires a review.
+- The coding agent opens a PR but does NOT close the issue. A human reviews the PR and closes the issue after merging.
 - Planning agents only post a comment — they do NOT write code or open PRs.
 - `loop/*` labels are managed by agentloop — do not set them manually while an agent is active.
 
@@ -43,9 +39,9 @@ loop/merge →  loop/merge-in-process →  loop/merge-done
 1. Create issue
 2. Add label loop/plan   → agent writes plan as comment
 3. Review plan, request changes or approve
-4. Add label loop/code   → agent implements + opens PR + hands off to merge
-5. (Optional) Review PR before it merges
-6. Merge agent waits for CI and merges the PR automatically
+4. Add label loop/code   → agent implements + opens PR
+5. Review PR, merge
+6. Close issue
 ```
 
 ## Code conventions

ci/main.go

@@ -388,7 +388,7 @@ func (m *Ci) Stalwart() *dagger.Service {
 	return dag.Container().
 		From("stalwartlabs/stalwart:v0.14.1").
 		WithFile("/etc/stalwart/config.toml.orig", config).
-		WithExec([]string{"/bin/sh", "-c", "sed -e 's/hostname = \"localhost\"/hostname = \"stalwart\"/' /etc/stalwart/config.toml.orig > /etc/stalwart/config.toml"}).
+		WithExec([]string{"/bin/sh", "-c", "sed -e 's/hostname = \"localhost\"/hostname = \"stalwart\"/' -e 's/bind     = \\[\"0.0.0.0:\\([0-9]*\\)\"\\]/bind     = [\"0.0.0.0:\\1\", \"[::]:\\1\"]/g' /etc/stalwart/config.toml.orig > /etc/stalwart/config.toml"}).
 		WithDirectory("/tmp/stalwart", dataDir).
 		WithExposedPort(8080). // JMAP
 		WithExposedPort(1430). // IMAP
@@ -594,33 +594,25 @@ func (m *Ci) Check(ctx context.Context) (string, error) {
 		return "", err
 	}
 
-	// Run format, analyze, generated-code check, and coverage in parallel —
-	// they all share the same setup base and have no dependencies on each other.
-	var analyze, mocks, coverage string
-	var checkEg errgroup.Group
-	checkEg.Go(func() error {
-		setup := m.setup(m.checkSrc())
-		_, err := setup.WithExec([]string{"dart", "format", "--output=none", "--set-exit-if-changed", "lib", "test"}).Stdout(ctx)
-		return err
-	})
-	checkEg.Go(func() error {
-		setup := m.setup(m.checkSrc())
-		var err error
-		analyze, err = setup.WithExec([]string{"dart", "analyze", "--fatal-infos"}).Stdout(ctx)
-		return err
-	})
-	checkEg.Go(func() error {
-		var err error
-		mocks, err = m.CheckGenerated(ctx)
-		return err
-	})
-	checkEg.Go(func() error {
-		var err error
-		coverage, err = m.Coverage(ctx)
-		return err
-	})
-	if err := checkEg.Wait(); err != nil {
-		return "", err
+	checkSetup := m.setup(m.checkSrc())
+
+	if _, err := checkSetup.WithExec([]string{"dart", "format", "--output=none", "--set-exit-if-changed", "lib", "test"}).Stdout(ctx); err != nil {
+		return "Format check failed", err
+	}
+
+	analyze, err := checkSetup.WithExec([]string{"dart", "analyze", "--fatal-infos"}).Stdout(ctx)
+	if err != nil {
+		return analyze, err
+	}
+
+	mocks, err := m.CheckGenerated(ctx)
+	if err != nil {
+		return mocks, err
+	}
+
+	coverage, err := m.Coverage(ctx)
+	if err != nil {
+		return coverage, err
 	}
 
 	// Use errgroup.Group (not WithContext) so a failing test does not cancel its

lib/core/db_schema_version.dart

@@ -1 +1 @@
-const int dbSchemaVersion = 41;
+const int dbSchemaVersion = 40;

lib/core/sieve/sieve_interpreter.dart

@@ -1,7 +1,6 @@
 import 'package:sharedinbox/core/sieve/sieve_actions.dart';
 import 'package:sharedinbox/core/sieve/sieve_conditions.dart';
 import 'package:sharedinbox/core/sieve/sieve_rule.dart';
-import 'package:sharedinbox/core/utils/glob_match.dart';
 
 /// A lightweight email representation used by [SieveInterpreter].
 /// Header names are lower-cased.
@@ -103,11 +102,18 @@ class SieveInterpreter {
     return switch (matchType) {
       ':contains' => k.isEmpty || v.contains(k),
       ':is' => v == k,
-      ':matches' => globMatch(v, k),
+      ':matches' => _globMatch(v, k),
       _ => false,
     };
   }
 
+  bool _globMatch(String value, String pattern) {
+    final regexStr = RegExp.escape(
+      pattern,
+    ).replaceAll(r'\*', '.*').replaceAll(r'\?', '.');
+    return RegExp('^$regexStr\$').hasMatch(value);
+  }
+
   void _applyActions(List<SieveAction> actions, SieveExecutionContext ctx) {
     for (final action in actions) {
       switch (action) {

lib/core/utils/glob_match.dart

@@ -1,9 +0,0 @@
-/// Returns true if [value] matches the glob [pattern].
-///
-/// Supports `*` (any number of characters) and `?` (exactly one character).
-/// The comparison is case-insensitive, which is appropriate for email addresses.
-bool globMatch(String value, String pattern) {
-  final regexStr =
-      RegExp.escape(pattern).replaceAll(r'\*', '.*').replaceAll(r'\?', '.');
-  return RegExp('^$regexStr\$', caseSensitive: false).hasMatch(value);
-}

lib/data/db/database.dart

@@ -679,116 +679,6 @@ class AppDatabase extends _$AppDatabase {
           if (from < 40) {
             await m.createTable(installedVersions);
           }
-          if (from < 41) {
-            // Fix IMAP email IDs to include mailboxPath, preventing UID
-            // collisions across mailboxes (IMAP UIDs are mailbox-scoped).
-            // New format: "accountId:mailboxPath:uid" (was "accountId:uid").
-            //
-            // defer_foreign_keys defers the email_bodies→emails FK check
-            // to COMMIT so the two tables can be updated sequentially inside
-            // the migration transaction without a transient FK violation.
-            await customStatement('PRAGMA defer_foreign_keys = ON');
-
-            // 1. Remap email_bodies.email_id before emails.id changes.
-            await customStatement('''
-              UPDATE email_bodies
-              SET email_id = (
-                SELECT e.account_id || ':' || e.mailbox_path || ':' || CAST(e.uid AS TEXT)
-                FROM emails e
-                JOIN accounts a ON a.id = e.account_id
-                WHERE e.id = email_bodies.email_id
-                  AND a.account_type = 'imap'
-              )
-              WHERE EXISTS (
-                SELECT 1 FROM emails e
-                JOIN accounts a ON a.id = e.account_id
-                WHERE e.id = email_bodies.email_id
-                  AND a.account_type = 'imap'
-              )
-            ''');
-
-            // 2. Update emails.thread_id where it was set to the email's own
-            //    id (fallback for messages with no Message-ID header).
-            await customStatement('''
-              UPDATE emails
-              SET thread_id = account_id || ':' || mailbox_path || ':' || CAST(uid AS TEXT)
-              WHERE account_id IN (SELECT id FROM accounts WHERE account_type = 'imap')
-                AND thread_id = id
-            ''');
-
-            // 3. Update the primary key on emails.
-            await customStatement('''
-              UPDATE emails
-              SET id = account_id || ':' || mailbox_path || ':' || CAST(uid AS TEXT)
-              WHERE account_id IN (
-                SELECT id FROM accounts WHERE account_type = 'imap'
-              )
-            ''');
-
-            // 5. Rebuild threads for IMAP accounts from the updated email rows.
-            //    The threads table stores denormalised data (latest_email_id,
-            //    email_ids_json) that references email IDs, so it is simpler to
-            //    delete and reconstruct than to patch the JSON in SQL.
-            await customStatement('''
-              DELETE FROM threads
-              WHERE account_id IN (SELECT id FROM accounts WHERE account_type = 'imap')
-            ''');
-
-            final imapAccounts = await (select(accounts)
-                  ..where((t) => t.accountType.equals('imap')))
-                .get();
-            for (final acct in imapAccounts) {
-              final emailRows = await (select(emails)
-                    ..where((t) => t.accountId.equals(acct.id)))
-                  .get();
-
-              final groups = <String, List<Email>>{};
-              for (final row in emailRows) {
-                final key = '${row.mailboxPath}:${row.threadId ?? row.id}';
-                groups.putIfAbsent(key, () => []).add(row);
-              }
-
-              for (final threadEmails in groups.values) {
-                threadEmails.sort((a, b) {
-                  final da = a.sentAt ?? a.receivedAt;
-                  final db = b.sentAt ?? b.receivedAt;
-                  return da.compareTo(db);
-                });
-                final latest = threadEmails.last;
-
-                final seen = <String>{};
-                final participants = <Map<String, dynamic>>[];
-                for (final e in threadEmails) {
-                  final from = jsonDecode(e.fromJson) as List<dynamic>;
-                  for (final a in from.cast<Map<String, dynamic>>()) {
-                    final email = a['email'] as String;
-                    if (seen.add(email)) {
-                      participants.add({'name': a['name'], 'email': email});
-                    }
-                  }
-                }
-
-                await into(threads).insert(
-                  ThreadsCompanion.insert(
-                    id: latest.threadId ?? latest.id,
-                    accountId: latest.accountId,
-                    mailboxPath: latest.mailboxPath,
-                    subject: Value(latest.subject),
-                    latestDate: latest.sentAt ?? latest.receivedAt,
-                    messageCount: Value(threadEmails.length),
-                    hasUnread: Value(threadEmails.any((e) => !e.isSeen)),
-                    isFlagged: Value(threadEmails.any((e) => e.isFlagged)),
-                    participantsJson: Value(jsonEncode(participants)),
-                    preview: Value(latest.preview),
-                    latestEmailId: latest.id,
-                    emailIdsJson: Value(
-                      jsonEncode(threadEmails.map((e) => e.id).toList()),
-                    ),
-                  ),
-                );
-              }
-            }
-          }
         },
       );
 

lib/data/repositories/email_repository_impl.dart

@@ -561,7 +561,7 @@ class EmailRepositoryImpl implements EmailRepository {
     for (final msg in result.messages) {
       final uid = msg.uid;
       if (uid == null) continue;
-      final emailId = '${account.id}:$mailboxPath:$uid';
+      final emailId = '${account.id}:$uid';
       await (_db.update(_db.emails)..where((t) => t.id.equals(emailId))).write(
         EmailsCompanion(
           isSeen: Value(msg.flags?.contains(r'\Seen') ?? false),
@@ -616,7 +616,7 @@ class EmailRepositoryImpl implements EmailRepository {
           continue;
         }
         bytes += msg.size ?? 0;
-        final emailId = '${account.id}:$mailboxPath:$uid';
+        final emailId = '${account.id}:$uid';
         final msgId = envelope.messageId?.trim();
         final inReplyTo = envelope.inReplyTo?.trim();
         final refs = msg.getHeaderValue('References')?.trim();

lib/ui/screens/email_detail_screen.dart

@@ -16,7 +16,6 @@ import 'package:sharedinbox/core/models/note.dart';
 import 'package:sharedinbox/core/models/undo_action.dart';
 import 'package:sharedinbox/core/models/user_preferences.dart';
 import 'package:sharedinbox/core/utils/format_utils.dart';
-import 'package:sharedinbox/core/utils/glob_match.dart';
 import 'package:sharedinbox/core/utils/html_utils.dart';
 import 'package:sharedinbox/di.dart';
 import 'package:sharedinbox/ui/screens/email_action_helpers.dart';
@@ -209,8 +208,8 @@ class _EmailDetailScreenState extends ConsumerState<EmailDetailScreen> {
     final senderEmail = header?.from.isNotEmpty == true
         ? header!.from.first.email.toLowerCase()
         : null;
-    final isTrusted = senderEmail != null &&
-        trustedSenders.any((p) => globMatch(senderEmail, p));
+    final isTrusted =
+        senderEmail != null && trustedSenders.contains(senderEmail);
     final effectiveLoadImages = _loadRemoteImages || isTrusted;
 
     return ListView(

lib/ui/screens/email_list_screen.dart

@@ -278,14 +278,7 @@ class _EmailListScreenState extends ConsumerState<EmailListScreen> {
                 ),
             ],
             onChanged: _onSearchChanged,
-            onSubmitted: (value) {
-              // Only run the search if results haven't settled yet via
-              // onChanged — prevents a second IMAP round-trip from reordering
-              // the already-visible results when the user presses Enter.
-              if (_searchResults == null && !_searchLoading) {
-                unawaited(_runSearch(value));
-              }
-            },
+            onSubmitted: _runSearch,
             textInputAction: TextInputAction.search,
           ),
         ),

lib/ui/screens/thread_detail_screen.dart

@@ -8,7 +8,6 @@ import 'package:intl/intl.dart';
 import 'package:sharedinbox/core/models/email.dart';
 import 'package:sharedinbox/core/models/undo_action.dart';
 import 'package:sharedinbox/core/models/user_preferences.dart';
-import 'package:sharedinbox/core/utils/glob_match.dart';
 import 'package:sharedinbox/core/utils/html_utils.dart';
 import 'package:sharedinbox/di.dart';
 import 'package:sharedinbox/ui/widgets/secure_email_webview.dart';
@@ -119,8 +118,8 @@ class _EmailMessageCardState extends ConsumerState<_EmailMessageCard> {
     final senderEmail = widget.email.from.isNotEmpty
         ? widget.email.from.first.email.toLowerCase()
         : null;
-    final isTrusted = senderEmail != null &&
-        trustedSenders.any((p) => globMatch(senderEmail, p));
+    final isTrusted =
+        senderEmail != null && trustedSenders.contains(senderEmail);
 
     return Card(
       margin: const EdgeInsets.symmetric(vertical: 4),

lib/ui/screens/trusted_image_senders_screen.dart

@@ -16,11 +16,6 @@ class TrustedImageSendersScreen extends ConsumerWidget {
 
     return Scaffold(
       appBar: AppBar(title: const Text('Allowed addresses for images')),
-      floatingActionButton: FloatingActionButton(
-        tooltip: 'Add address',
-        onPressed: () => _showAddDialog(context, ref),
-        child: const Icon(Icons.add),
-      ),
       body: trustedSendersAsync.when(
         loading: () => const Center(child: CircularProgressIndicator()),
         error: (_, __) =>
@@ -31,8 +26,7 @@ class TrustedImageSendersScreen extends ConsumerWidget {
               padding: EdgeInsets.all(16),
               child: Text(
                 'No addresses added yet. '
-                'Tap + to add an address or pattern (e.g. *@example.com), '
-                'or tap "Load remote images" in an email to add the sender automatically.',
+                'Tap "Load remote images" in an email to add the sender.',
               ),
             );
           }
@@ -66,61 +60,4 @@ class TrustedImageSendersScreen extends ConsumerWidget {
       ),
     );
   }
-
-  Future<void> _showAddDialog(BuildContext context, WidgetRef ref) async {
-    final controller = TextEditingController();
-
-    await showDialog<void>(
-      context: context,
-      builder: (ctx) {
-        return StatefulBuilder(
-          builder: (ctx, setState) {
-            return AlertDialog(
-              title: const Text('Add allowed address'),
-              content: TextField(
-                controller: controller,
-                autofocus: true,
-                keyboardType: TextInputType.emailAddress,
-                decoration: const InputDecoration(
-                  labelText: 'Email address or pattern',
-                  hintText: '*@example.com',
-                  helperText: '* matches any characters, e.g. *@example.com',
-                ),
-                onChanged: (_) => setState(() {}),
-                onSubmitted: (value) {
-                  if (value.trim().isNotEmpty) {
-                    _addSender(ref, value);
-                    Navigator.of(ctx).pop();
-                  }
-                },
-              ),
-              actions: [
-                TextButton(
-                  onPressed: () => Navigator.of(ctx).pop(),
-                  child: const Text('Cancel'),
-                ),
-                TextButton(
-                  onPressed: controller.text.trim().isEmpty
-                      ? null
-                      : () {
-                          _addSender(ref, controller.text);
-                          Navigator.of(ctx).pop();
-                        },
-                  child: const Text('Add'),
-                ),
-              ],
-            );
-          },
-        );
-      },
-    );
-  }
-
-  void _addSender(WidgetRef ref, String value) {
-    unawaited(
-      ref
-          .read(userPreferencesRepositoryProvider)
-          .addTrustedImageSender(value.trim()),
-    );
-  }
 }

test/unit/email_repository_impl_test.dart

@@ -262,50 +262,6 @@ void main() {
       expect(emails.map((e) => e.uid).toList(), [3, 2, 1]);
     });
 
-    test('same UID in different mailboxes yields independent emails', () async {
-      // Regression test for the UID collision bug: IMAP UIDs are mailbox-scoped,
-      // so UID 50 in INBOX and UID 50 in Archive must get distinct local IDs.
-      final r = _makeRepos();
-      await r.accounts.addAccount(_account, 'pw');
-
-      // New ID format: accountId:mailboxPath:uid
-      await r.db.into(r.db.emails).insert(
-            EmailsCompanion.insert(
-              id: 'acc-1:INBOX:50',
-              accountId: 'acc-1',
-              mailboxPath: 'INBOX',
-              uid: 50,
-              receivedAt: DateTime(2024),
-            ),
-          );
-      await r.db.into(r.db.emails).insert(
-            EmailsCompanion.insert(
-              id: 'acc-1:Archive:50',
-              accountId: 'acc-1',
-              mailboxPath: 'Archive',
-              uid: 50,
-              receivedAt: DateTime(2024, 1, 2),
-            ),
-          );
-
-      final inboxEmail = await r.emails.getEmail('acc-1:INBOX:50');
-      expect(inboxEmail, isNotNull);
-      expect(inboxEmail!.mailboxPath, 'INBOX');
-
-      final archiveEmail = await r.emails.getEmail('acc-1:Archive:50');
-      expect(archiveEmail, isNotNull);
-      expect(archiveEmail!.mailboxPath, 'Archive');
-
-      final inboxEmails = await r.emails.observeEmails('acc-1', 'INBOX').first;
-      expect(inboxEmails, hasLength(1));
-      expect(inboxEmails.first.id, 'acc-1:INBOX:50');
-
-      final archiveEmails =
-          await r.emails.observeEmails('acc-1', 'Archive').first;
-      expect(archiveEmails, hasLength(1));
-      expect(archiveEmails.first.id, 'acc-1:Archive:50');
-    });
-
     test('syncEmails propagates IMAP error', () async {
       final r = _makeRepos();
       await r.accounts.addAccount(_account, 'pw');

test/unit/glob_match_test.dart

@@ -1,50 +0,0 @@
-import 'package:flutter_test/flutter_test.dart';
-import 'package:sharedinbox/core/utils/glob_match.dart';
-
-void main() {
-  group('globMatch', () {
-    test('exact match (no wildcards)', () {
-      expect(globMatch('alice@example.com', 'alice@example.com'), isTrue);
-      expect(globMatch('alice@example.com', 'bob@example.com'), isFalse);
-    });
-
-    test('* matches any domain wildcard', () {
-      expect(globMatch('alice@example.com', '*@example.com'), isTrue);
-      expect(globMatch('bob@example.com', '*@example.com'), isTrue);
-      expect(globMatch('alice@other.com', '*@example.com'), isFalse);
-    });
-
-    test('* matches zero or more characters', () {
-      expect(
-        globMatch('newsletter@news.example.com', '*@*.example.com'),
-        isTrue,
-      );
-      expect(globMatch('alice@example.com', 'alice*'), isTrue);
-      expect(globMatch('alice@example.com', '*example*'), isTrue);
-    });
-
-    test('? matches exactly one character', () {
-      expect(globMatch('alice@example.com', 'alice@exampl?.com'), isTrue);
-      expect(globMatch('alice@example.com', 'alice@exampl??.com'), isFalse);
-    });
-
-    test('case-insensitive comparison', () {
-      expect(globMatch('Alice@Example.COM', '*@example.com'), isTrue);
-      expect(globMatch('alice@example.com', '*@EXAMPLE.COM'), isTrue);
-    });
-
-    test('no wildcards — mismatch is false', () {
-      expect(globMatch('alice@example.com', 'alice@other.com'), isFalse);
-    });
-
-    test('bare * matches everything', () {
-      expect(globMatch('alice@example.com', '*'), isTrue);
-      expect(globMatch('', '*'), isTrue);
-    });
-
-    test('empty pattern only matches empty string', () {
-      expect(globMatch('', ''), isTrue);
-      expect(globMatch('alice@example.com', ''), isFalse);
-    });
-  });
-}

test/unit/migration_test.dart

@@ -14,7 +14,7 @@ void main() {
   group('Migration', () {
     test('schemaVersion matches expected value', () async {
       final db = AppDatabase(NativeDatabase.memory());
-      expect(db.schemaVersion, 41);
+      expect(db.schemaVersion, 40);
       await db.close();
     });
 
@@ -435,184 +435,7 @@ void main() {
       },
     );
 
-    test('v40→v41: IMAP email IDs gain mailboxPath segment', () async {
-      final dbFile = File('test_migration_v40.db');
-      if (dbFile.existsSync()) dbFile.deleteSync();
-
-      final rawDb = sqlite.sqlite3.open(dbFile.path);
-      rawDb.execute('''
-        CREATE TABLE accounts (
-          id TEXT NOT NULL PRIMARY KEY,
-          display_name TEXT NOT NULL,
-          email TEXT NOT NULL,
-          imap_host TEXT NOT NULL DEFAULT '',
-          imap_port INTEGER NOT NULL DEFAULT 993,
-          imap_ssl INTEGER NOT NULL DEFAULT 1,
-          smtp_host TEXT NOT NULL DEFAULT '',
-          smtp_port INTEGER NOT NULL DEFAULT 465,
-          smtp_ssl INTEGER NOT NULL DEFAULT 1,
-          account_type TEXT NOT NULL DEFAULT 'imap',
-          jmap_url TEXT NULL,
-          username TEXT NOT NULL DEFAULT '',
-          verbose INTEGER NOT NULL DEFAULT 0,
-          manage_sieve_host TEXT NOT NULL DEFAULT '',
-          manage_sieve_port INTEGER NOT NULL DEFAULT 4190,
-          manage_sieve_ssl INTEGER NOT NULL DEFAULT 1,
-          manage_sieve_available INTEGER NULL
-        )
-      ''');
-      rawDb.execute('''
-        CREATE TABLE emails (
-          id TEXT NOT NULL PRIMARY KEY,
-          account_id TEXT NOT NULL REFERENCES accounts (id) ON DELETE CASCADE,
-          mailbox_path TEXT NOT NULL,
-          uid INTEGER NOT NULL,
-          subject TEXT NULL,
-          sent_at INTEGER NULL,
-          received_at INTEGER NOT NULL,
-          from_json TEXT NOT NULL DEFAULT '[]',
-          to_addresses TEXT NOT NULL DEFAULT '[]',
-          cc_json TEXT NOT NULL DEFAULT '[]',
-          preview TEXT NULL,
-          is_seen INTEGER NOT NULL DEFAULT 0,
-          is_flagged INTEGER NOT NULL DEFAULT 0,
-          has_attachment INTEGER NOT NULL DEFAULT 0,
-          thread_id TEXT NULL,
-          message_id TEXT NULL,
-          in_reply_to TEXT NULL,
-          "references" TEXT NULL,
-          snoozed_until INTEGER NULL,
-          snoozed_from_mailbox_path TEXT NULL,
-          list_unsubscribe_header TEXT NULL
-        )
-      ''');
-      rawDb.execute('''
-        CREATE TABLE email_bodies (
-          email_id TEXT NOT NULL PRIMARY KEY REFERENCES emails (id) ON DELETE CASCADE,
-          text_body TEXT NULL,
-          html_body TEXT NULL,
-          attachments_json TEXT NOT NULL DEFAULT '[]',
-          cached_at INTEGER NULL,
-          headers_json TEXT NULL,
-          mime_tree_json TEXT NULL
-        )
-      ''');
-      rawDb.execute('''
-        CREATE TABLE threads (
-          account_id TEXT NOT NULL REFERENCES accounts (id) ON DELETE CASCADE,
-          mailbox_path TEXT NOT NULL,
-          id TEXT NOT NULL,
-          subject TEXT NULL,
-          latest_date INTEGER NOT NULL,
-          message_count INTEGER NOT NULL DEFAULT 1,
-          has_unread INTEGER NOT NULL DEFAULT 0,
-          is_flagged INTEGER NOT NULL DEFAULT 0,
-          participants_json TEXT NOT NULL DEFAULT '[]',
-          preview TEXT NULL,
-          latest_email_id TEXT NOT NULL,
-          email_ids_json TEXT NOT NULL DEFAULT '[]',
-          PRIMARY KEY (account_id, mailbox_path, id)
-        )
-      ''');
-      rawDb.execute('''
-        CREATE TABLE pending_changes (
-          id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
-          account_id TEXT NOT NULL REFERENCES accounts (id) ON DELETE CASCADE,
-          resource_type TEXT NOT NULL,
-          resource_id TEXT NOT NULL,
-          change_type TEXT NOT NULL,
-          payload TEXT NOT NULL,
-          created_at INTEGER NOT NULL,
-          attempts INTEGER NOT NULL DEFAULT 0,
-          last_error TEXT NULL
-        )
-      ''');
-
-      // Insert an IMAP account.
-      rawDb.execute(
-        "INSERT INTO accounts (id, display_name, email) VALUES ('acc-1', 'Alice', 'alice@example.com')",
-      );
-
-      // Two emails with the same UID but in different mailboxes — old format.
-      final now = DateTime.now().millisecondsSinceEpoch ~/ 1000;
-      rawDb.execute(
-        'INSERT INTO emails (id, account_id, mailbox_path, uid, received_at, thread_id) '
-        "VALUES ('acc-1:50', 'acc-1', 'INBOX', 50, $now, 'acc-1:50')",
-      );
-      rawDb.execute(
-        'INSERT INTO emails (id, account_id, mailbox_path, uid, received_at) '
-        "VALUES ('acc-1:50-arch', 'acc-1', 'Archive', 50, $now)",
-      );
-      // A third email with a Message-ID-based thread_id (should not be changed).
-      rawDb.execute(
-        'INSERT INTO emails (id, account_id, mailbox_path, uid, received_at, thread_id) '
-        "VALUES ('acc-1:99', 'acc-1', 'INBOX', 99, $now, '<original@example.com>')",
-      );
-
-      // Email body for the first email.
-      rawDb.execute(
-        "INSERT INTO email_bodies (email_id, text_body) VALUES ('acc-1:50', 'body text')",
-      );
-
-      // Thread for the first email (old-format IDs).
-      rawDb.execute(
-        'INSERT INTO threads (account_id, mailbox_path, id, latest_date, latest_email_id, email_ids_json) '
-        "VALUES ('acc-1', 'INBOX', 'acc-1:50', $now, 'acc-1:50', '[\"acc-1:50\"]')",
-      );
-
-      // A pending change referencing the first email's old ID.
-      rawDb.execute(
-        'INSERT INTO pending_changes (account_id, resource_type, resource_id, change_type, payload, created_at) '
-        "VALUES ('acc-1', 'Email', 'acc-1:50', 'flag_seen', '{\"seen\":true}', $now)",
-      );
-
-      rawDb.execute('PRAGMA user_version = 40');
-      rawDb.close();
-
-      // Open with Drift to trigger the migration.
-      final db = AppDatabase(NativeDatabase(dbFile));
-      await db.select(db.accounts).get();
-
-      // emails.id should now use the accountId:mailboxPath:uid format.
-      final emailRows = await db.select(db.emails).get();
-      final emailIds = emailRows.map((r) => r.id).toSet();
-      expect(emailIds, contains('acc-1:INBOX:50'));
-      expect(emailIds, contains('acc-1:Archive:50'));
-      expect(emailIds, contains('acc-1:INBOX:99'));
-      // Old-format IDs must be gone.
-      expect(emailIds, isNot(contains('acc-1:50')));
-      expect(emailIds, isNot(contains('acc-1:99')));
-
-      // email_bodies.email_id must be updated.
-      final bodyRows = await db.select(db.emailBodies).get();
-      expect(bodyRows, hasLength(1));
-      expect(bodyRows.first.emailId, 'acc-1:INBOX:50');
-
-      // thread_id where it was the email's own ID should be updated.
-      final inboxEmail = emailRows.firstWhere((r) => r.id == 'acc-1:INBOX:50');
-      expect(inboxEmail.threadId, 'acc-1:INBOX:50');
-
-      // thread_id based on a real Message-ID must be left unchanged.
-      final inboxEmail99 =
-          emailRows.firstWhere((r) => r.id == 'acc-1:INBOX:99');
-      expect(inboxEmail99.threadId, '<original@example.com>');
-
-      // threads must be rebuilt with new-format IDs.
-      final threadRows = await db.select(db.threads).get();
-      final thread = threadRows.firstWhere((t) => t.mailboxPath == 'INBOX');
-      expect(thread.latestEmailId, 'acc-1:INBOX:50');
-      expect(thread.emailIdsJson, contains('acc-1:INBOX:50'));
-
-      // pending_changes.resource_id is not updated by the migration
-      // (IMAP operations use payload uid/mailboxPath, so this is safe).
-      final changeRows = await db.select(db.pendingChanges).get();
-      expect(changeRows, hasLength(1));
-
-      await db.close();
-      if (dbFile.existsSync()) dbFile.deleteSync();
-    });
-
-    test('fresh install creates all tables at schemaVersion 41', () async {
+    test('fresh install creates all tables at schemaVersion 40', () async {
       final db = AppDatabase(NativeDatabase.memory());
       await db.select(db.accounts).get();
 

test/widget/email_list_screen_test.dart

@@ -798,67 +798,6 @@ void main() {
       },
     );
 
-    testWidgets(
-      'pressing Enter after search settles does not reorder results',
-      (tester) async {
-        // Reproduces: user types a query → onChanged fires → results settle.
-        // Then user presses Enter → onSubmitted fires a second search → the
-        // second IMAP response may return results in a different order, so the
-        // tile the user is about to tap is no longer the email they expect.
-        final email1 = testEmail(id: 'acc-1:1', subject: 'Alpha Foo');
-        final email2 = testEmail(id: 'acc-1:2', subject: 'Beta Foo');
-        var callCount = 0;
-        await tester.pumpWidget(
-          buildApp(
-            initialLocation: '/accounts/acc-1/mailboxes/INBOX/emails',
-            overrides: [
-              accountRepositoryProvider.overrideWithValue(
-                FakeAccountRepository([kTestAccount]),
-              ),
-              mailboxRepositoryProvider.overrideWithValue(
-                FakeMailboxRepository(),
-              ),
-              emailRepositoryProvider.overrideWithValue(
-                FakeEmailRepository(
-                  onSearch: (_) async {
-                    callCount++;
-                    // First call: [Alpha, Beta]. Second call: reversed.
-                    return callCount == 1 ? [email1, email2] : [email2, email1];
-                  },
-                  emailBody: const EmailBody(emailId: '', attachments: []),
-                ),
-              ),
-            ],
-          ),
-        );
-        await tester.pumpAndSettle();
-
-        // Typing triggers onChanged → first search → results settle.
-        await tester.enterText(find.byType(TextField), 'foo');
-        await tester.pumpAndSettle();
-
-        expect(find.text('Alpha Foo'), findsOneWidget);
-        expect(find.text('Beta Foo'), findsOneWidget);
-        // Alpha must appear above Beta (it is first in the list).
-        expect(
-          tester.getTopLeft(find.text('Alpha Foo')).dy,
-          lessThan(tester.getTopLeft(find.text('Beta Foo')).dy),
-        );
-
-        // Pressing Enter triggers onSubmitted — must NOT re-run the search.
-        await tester.testTextInput.receiveAction(TextInputAction.search);
-        await tester.pumpAndSettle();
-
-        // Order must be unchanged: pressing Enter must not reorder results.
-        expect(find.text('Alpha Foo'), findsOneWidget);
-        expect(find.text('Beta Foo'), findsOneWidget);
-        expect(
-          tester.getTopLeft(find.text('Alpha Foo')).dy,
-          lessThan(tester.getTopLeft(find.text('Beta Foo')).dy),
-        );
-      },
-    );
-
     testWidgets('shows preview snippet when email has preview', (tester) async {
       final email = Email(
         id: 'acc-1:99',

test/widget/helpers.dart

@@ -44,7 +44,6 @@ import 'package:sharedinbox/ui/screens/email_list_screen.dart';
 import 'package:sharedinbox/ui/screens/mailbox_list_screen.dart';
 import 'package:sharedinbox/ui/screens/search_screen.dart';
 import 'package:sharedinbox/ui/screens/thread_detail_screen.dart';
-import 'package:sharedinbox/ui/screens/trusted_image_senders_screen.dart';
 import 'package:sharedinbox/ui/screens/user_preferences_screen.dart';
 
 // ---------------------------------------------------------------------------
@@ -485,12 +484,6 @@ Widget buildApp({
             path: 'preferences',
             builder: (ctx, state) => const UserPreferencesScreen(),
           ),
-          GoRoute(
-            path: 'trusted-senders',
-            builder: (ctx, state) => TrustedImageSendersScreen(
-              highlightedSender: state.extra as String?,
-            ),
-          ),
           GoRoute(
             path: ':accountId/edit',
             builder: (ctx, state) => EditAccountScreen(
@@ -703,9 +696,6 @@ class FakeUserPreferencesRepository implements UserPreferencesRepository {
   AfterMailViewAction afterMailViewAction;
   final List<String> _trustedImageSenders;
 
-  List<String> get trustedImageSendersForTest =>
-      List.unmodifiable(_trustedImageSenders);
-
   @override
   Stream<UserPreferences> observePreferences() => Stream.value(
         UserPreferences(

test/widget/trusted_image_senders_screen_test.dart

@@ -1,163 +0,0 @@
-import 'package:flutter/material.dart';
-import 'package:flutter_test/flutter_test.dart';
-
-import 'helpers.dart';
-
-void main() {
-  group('TrustedImageSendersScreen', () {
-    testWidgets('shows empty state with glob hint when no senders', (
-      tester,
-    ) async {
-      await tester.pumpWidget(
-        buildApp(
-          initialLocation: '/accounts/trusted-senders',
-          overrides: baseOverrides(),
-        ),
-      );
-      await tester.pumpAndSettle();
-
-      expect(find.textContaining('*@example.com'), findsOneWidget);
-      expect(find.byIcon(Icons.add), findsOneWidget);
-    });
-
-    testWidgets('lists existing senders', (tester) async {
-      final repo = FakeUserPreferencesRepository(
-        trustedImageSenders: ['alice@example.com', '*@work.com'],
-      );
-      await tester.pumpWidget(
-        buildApp(
-          initialLocation: '/accounts/trusted-senders',
-          overrides: baseOverrides(),
-          userPreferences: repo,
-        ),
-      );
-      await tester.pumpAndSettle();
-
-      expect(find.text('alice@example.com'), findsOneWidget);
-      expect(find.text('*@work.com'), findsOneWidget);
-    });
-
-    testWidgets('add dialog shows glob hint text', (tester) async {
-      await tester.pumpWidget(
-        buildApp(
-          initialLocation: '/accounts/trusted-senders',
-          overrides: baseOverrides(),
-        ),
-      );
-      await tester.pumpAndSettle();
-
-      await tester.tap(find.byIcon(Icons.add));
-      await tester.pumpAndSettle();
-
-      expect(find.text('Add allowed address'), findsOneWidget);
-      expect(find.textContaining('*@example.com'), findsWidgets);
-      expect(find.textContaining('* matches any characters'), findsOneWidget);
-    });
-
-    testWidgets('Add button is disabled when input is empty', (tester) async {
-      await tester.pumpWidget(
-        buildApp(
-          initialLocation: '/accounts/trusted-senders',
-          overrides: baseOverrides(),
-        ),
-      );
-      await tester.pumpAndSettle();
-
-      await tester.tap(find.byIcon(Icons.add));
-      await tester.pumpAndSettle();
-
-      final addButton = find.widgetWithText(TextButton, 'Add');
-      final button = tester.widget<TextButton>(addButton);
-      expect(button.onPressed, isNull);
-    });
-
-    testWidgets('typing in dialog enables Add button and adds sender', (
-      tester,
-    ) async {
-      final repo = FakeUserPreferencesRepository();
-      await tester.pumpWidget(
-        buildApp(
-          initialLocation: '/accounts/trusted-senders',
-          overrides: baseOverrides(),
-          userPreferences: repo,
-        ),
-      );
-      await tester.pumpAndSettle();
-
-      await tester.tap(find.byIcon(Icons.add));
-      await tester.pumpAndSettle();
-
-      await tester.enterText(find.byType(TextField), '*@example.com');
-      await tester.pumpAndSettle();
-
-      final addButton = find.widgetWithText(TextButton, 'Add');
-      final button = tester.widget<TextButton>(addButton);
-      expect(button.onPressed, isNotNull);
-
-      await tester.tap(addButton);
-      await tester.pumpAndSettle();
-
-      expect(repo.trustedImageSendersForTest, contains('*@example.com'));
-    });
-
-    testWidgets('cancel closes dialog without adding', (tester) async {
-      final repo = FakeUserPreferencesRepository();
-      await tester.pumpWidget(
-        buildApp(
-          initialLocation: '/accounts/trusted-senders',
-          overrides: baseOverrides(),
-          userPreferences: repo,
-        ),
-      );
-      await tester.pumpAndSettle();
-
-      await tester.tap(find.byIcon(Icons.add));
-      await tester.pumpAndSettle();
-
-      await tester.enterText(find.byType(TextField), 'someone@test.com');
-      await tester.pumpAndSettle();
-
-      await tester.tap(find.widgetWithText(TextButton, 'Cancel'));
-      await tester.pumpAndSettle();
-
-      expect(find.byType(AlertDialog), findsNothing);
-      expect(repo.trustedImageSendersForTest, isEmpty);
-    });
-
-    testWidgets('delete button removes a sender', (tester) async {
-      final repo = FakeUserPreferencesRepository(
-        trustedImageSenders: ['alice@example.com'],
-      );
-      await tester.pumpWidget(
-        buildApp(
-          initialLocation: '/accounts/trusted-senders',
-          overrides: baseOverrides(),
-          userPreferences: repo,
-        ),
-      );
-      await tester.pumpAndSettle();
-
-      await tester.tap(find.byIcon(Icons.delete_outline));
-      await tester.pumpAndSettle();
-
-      expect(repo.trustedImageSendersForTest, isEmpty);
-    });
-
-    testWidgets('lists existing glob patterns', (tester) async {
-      final repo = FakeUserPreferencesRepository(
-        trustedImageSenders: ['*@example.com', 'alice@other.com'],
-      );
-      await tester.pumpWidget(
-        buildApp(
-          initialLocation: '/accounts/trusted-senders',
-          overrides: baseOverrides(),
-          userPreferences: repo,
-        ),
-      );
-      await tester.pumpAndSettle();
-
-      expect(find.text('*@example.com'), findsOneWidget);
-      expect(find.text('alice@other.com'), findsOneWidget);
-    });
-  });
-}