No description

JavaScript 55.8%
Rust 28.6%
HTML 10.3%
CSS 5.2%
Shell 0.1%

Find a file

despiegk 0b92e8494e Some checks failed CI / build (push) Failing after 21s Details chore: migrate to hero_admin_lib shared assets Replace duplicated Bootstrap, Bootstrap Icons, Unpoly, highlight.js, marked, ansi_up, Chart.js and connection-status.js with shared versions from hero_admin_lib. Add /static/shared/{*path} route. Remove ~10-13 MB of duplicated static files per crate. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>		2026-05-10 16:19:59 +02:00
.claude	Fix linting and formating	2026-04-20 13:25:47 +02:00
.forgejo/workflows	ci: explicit refspecs in dev-or-main fetch (#141 )	2026-05-04 23:23:27 +00:00
.hero	chore: add hero_builder artifacts, pin serde/anyhow versions, add --info/--help to app	2026-05-10 14:45:24 +02:00
crates	chore: migrate to hero_admin_lib shared assets	2026-05-10 16:19:59 +02:00
schemas	Enhance whiteboard UI, dashboard, and service architecture	2026-03-17 21:09:25 +01:00
.gitignore	Initial project setup with specifications and technical instructions	2026-03-17 11:00:29 +01:00
Cargo.lock	chore: migrate to hero_admin_lib shared assets	2026-05-10 16:19:59 +02:00
Cargo.toml	chore: migrate to hero_admin_lib shared assets	2026-05-10 16:19:59 +02:00
Cargo.toml.hero_builder_backup	chore: add hero_builder artifacts, pin serde/anyhow versions, add --info/--help to app	2026-05-10 14:45:24 +02:00
INSTRUCTIONS_TECH.md	fix: logging compliance, socket naming, add PURPOSE.md	2026-05-07 13:38:31 +02:00
PURPOSE.md	fix: logging compliance, socket naming, add PURPOSE.md	2026-05-07 13:38:31 +02:00
README.md	fix: rename ui binary to admin, remove selfstart-only CLI and Makefile/sh scripts	2026-05-07 23:04:16 +02:00
SPECIFICATIONS.md	Rename project from hero_miro to hero_whiteboard	2026-03-17 21:27:19 +01:00

README.md

Hero Whiteboard

A collaborative visual whiteboard — brainstorm, diagram, plan, present, and document decisions on an infinite canvas with real-time and async collaboration.

Architecture

Hero Whiteboard follows the Hero three-crate model:

Crate	Purpose
`hero_whiteboard_server`	Business logic, SQLite storage, OpenRPC API (Unix socket)
`hero_whiteboard_sdk`	JSON-RPC client for the server over Unix socket
`hero_whiteboard_ui`	End-user whiteboard UI + admin dashboard (binary: `hero_whiteboard_admin`)
`hero_whiteboard_examples`	SDK usage examples and integration tests

Sockets

Service	Path
Server	`$HERO_SOCKET_DIR/hero_whiteboard/rpc.sock`
UI/Web	`$HERO_SOCKET_DIR/hero_whiteboard/web.sock`

Quick Start

service whiteboard start --update --reset   # Build, install and start
service whiteboard stop                     # Stop all components
service whiteboard status                   # Check service status

API

The server exposes a full JSON-RPC 2.0 API over the Unix socket. See the OpenRPC spec for all 45+ methods across these domains:

workspace.* — multi-tenant workspace management
board.* — board CRUD
object.* — whiteboard objects (sticky notes, shapes, text, etc.)
connector.* — arrows and connectors between objects
comment.* — threaded comments
share.* — share links and tokens
group.* — groups and permissions
user.* — user management
rpc.health, rpc.discover — health and OpenRPC discovery

Browser Compatibility

Hero Whiteboard is tested on modern Chromium-based browsers (Chrome, Edge, Brave) and Firefox.

Brave Browser

Brave's fingerprint protection adds noise to the HTML Canvas API (getImageData), which can interfere with Konva.js hit detection used by the whiteboard. Symptoms include:

Objects can't be moved (dragging does nothing)
Right-clicking an object shows the browser's default menu (with "Paste") instead of the whiteboard's copy/cut/delete menu
Behavior is random: some objects work, others don't; refreshing may change which ones

How to fix:

Open brave://settings/shields
Scroll to Fingerprinting and set it to "Allow all fingerprinting", or
Click the Shields icon (lion) in the address bar on the whiteboard page and turn Shields OFF for the site

If the issue persists:

Disable Hardware acceleration: brave://settings/system → toggle off "Use graphics acceleration when available"
Check brave://flags and disable any fingerprinting-related experimental features
Avoid using Private Windows (especially "Private Window with Tor"), which enforce protections that can't be fully disabled

This is a general limitation that affects canvas-based apps (Figma, Miro, etc.) on Brave, not specific to Hero Whiteboard.

Web Frame (Iframe) Limitations

The Web Frame tool embeds external websites using an HTML <iframe>. Many websites block iframe embedding via HTTP headers (X-Frame-Options: DENY/SAMEORIGIN or Content-Security-Policy: frame-ancestors). This is a security feature enforced by the browser and cannot be bypassed by any client-side code.

Sites that typically work

https://example.com
https://en.wikipedia.org
YouTube embeds (https://www.youtube.com/embed/<VIDEO_ID>)
CodePen/JSFiddle embeds
Most documentation sites (MDN, etc.)
Internal/intranet tools (unless they explicitly set blocking headers)

Sites that will NOT work

Google, Gmail, Google Docs, Google Maps (standard URLs)
Facebook, Twitter/X, Instagram, LinkedIn
Most major news sites (NYT, BBC, CNN)
Banks and financial services
Most GitHub pages

When a site blocks embedding, the web frame shows an "Open in new tab" button as a fallback so you can still access the content.

Tips

For YouTube, use the embed URL format: https://www.youtube.com/embed/VIDEO_ID
For Google Maps, use the embed URL from "Share → Embed a map"
Double-click a web frame to change its URL

Documentation

SPECIFICATIONS.md — Full functional specification
INSTRUCTIONS_TECH.md — Technical implementation instructions