Share card now displays the AI bubble's marked-rendered HTML (after
basic tag allowlist sanitization) instead of escaped plaintext.
Markdown bold, lists, code, headers all show.
Share click in chat now opens a preview modal. Publishing to the
gallery only happens when the user explicitly clicks Publish in the
modal - removes the click-and-immediately-public surprise.
The native elc silently drops bare reassignment inside an if body
(`name = expr` compiles to an orphan expr statement with no store).
Both soul_url and neuron_origin defaulted to empty, breaking every
http_post call to the in-container soul-demo. Switch to let-shadowed
if-expressions until the compiler is fixed.
See: products/web/src/main.el `/api/soul-health` route output.
Build pipeline
- build-stage.sh replaces the old in-Dockerfile bootstrap.py path. Host
pre-compiles src/*.el into dist/main.c via the canonical native elc at
foundation/el/dist/platform/elc and applies the stub-decl sed before
docker buildx runs.
- Dockerfile.stage drops bootstrap.py + python3 from the builder stage
and just runs cc on the host-supplied dist/main.c.
- Pre-rendered HTML shells under /srv/landing/ are now chowned to the
landing user so the El page-builder's fs_write at startup can rewrite
them — without that, post-COPY edits never reach the served HTML and
the served page stays as the stale build-time fallback.
Chat restore
- session.verified + session.verifiedAt persist through localStorage so
a return visit within 24h skips the Turnstile gate and lands directly
in the restored conversation.
- restoreOrGreet() is the single source of truth for what shows up in
the message pane after the gate clears: replays prior messages with
skipSave, else drops the canned hello once and remembers it.
- applyVerifiedDom() hides the gate / reveals the chat row, called both
from the verified-on-load path (DOMContentLoaded if loading, else
immediate) and from the Turnstile callback.
- neuronDemoReset clears verified + verifiedAt so the gate returns next
open.
Extracted JS assets (src/assets/js/*.js + manifest.json) and the
extract-js.py helper land here too — they match what the new build-stage
flow produces and removes the inline <script> blobs from the served HTML.
Webhook handler now reacts to payment_intent.succeeded and
setup_intent.succeeded (in addition to the legacy
checkout.session.completed) and auto-provisions a Supabase account
for every successful purchase via /auth/v1/invite. The buyer gets a
magic-link email; landing on /account?welcome=1 with that link signs
them in and the plan card renders.
Stripe Customer is updated with metadata.supabase_user_id so the
cross-reference is durable. New stub: supabase_admin_invite() in
web_stubs.c (POST {project_url}/auth/v1/invite with service-key
bearer auth + apikey header).
Chat widget:
* MAX 5 → 10 questions per session
* countdown is now bold white at all times; the red threshold
at <=5 was loud and made the chat feel rationed
* greeted-once flag in localStorage so reopening the panel
doesn't replay the canned hello (only first open greets)
* questions_remaining + is_last_question travel to the soul on
each turn so it can close in voice on the final turn instead
of leaving the visitor at a hard cap
Soul side of the last-turn handshake is still a TODO - the wrapper
plumbs the fields through but soul-demo.el has to be updated to
read and act on them.
build-local.sh is no longer needed - bootstrap.py resolves imports
natively now. Dockerfile.stage already runs bootstrap.py on
dist/main-combined.el; the next image rev will switch to running
it directly on src/main.el.
Also: COPY src/llms.txt + the four prerendered HTML shells (about /
terms / enterprise-terms / index) into /srv/landing. The El handler
does fs_read(src_dir + "/llms.txt") which returned empty because the
file didn't exist in the container.
Page section order is now: hero → pillars → how-it-works → inference →
efficiency → comparison → enterprise → mission → local-first → safety →
environmental → marketplace → viral → pricing → footer. Pricing is the
last content block so visitors scroll the whole story before being asked
to commit. Nav (desktop + mobile + dropdown) reordered to mirror the
page: How it works → Enterprise → Mission ▾ → Marketplace → Pricing →
About / Gallery / Account.
Stripe attach bug: /api/link-customer was hitting
POST /v1/payment_intents/{id} for every Intent regardless of type, so
SetupIntents (seti_*) returned 404 from Stripe. Branched on the id
prefix - SetupIntents go to /v1/setup_intents/{id} and skip the
receipt_email param (PaymentIntent-only field). Caught from a live
422 in the dashboard the moment Will tested timing=later.
The Professional plan's "Hold until product launches" radio was wired
into the markup but ignored by both /api/payment-intent and the JS
submit handler. Buyers who picked it would still get charged
immediately because the server always created a PaymentIntent and
the client always called stripe.confirmPayment.
Fix:
* /api/payment-intent reads body.timing. When plan=professional and
timing=later, it creates a SetupIntent (usage=off_session) instead
of a PaymentIntent and returns {setup_mode:true, client_secret:...}.
Founding stays unconditional (lifetime, charge now).
* checkout JS now reads the radio (currentTiming()), passes timing
to the server, and re-fetches a new client_secret on radio change
so the buyer's choice is honored even if they toggle after first
mount.
* window._neuronMode tracks 'payment' vs 'setup'. The submit handler
branches: stripe.confirmSetup for save-card, stripe.confirmPayment
for charge-now. The submit button label updates to "Save my card -
no charge today" when in setup mode so the buyer sees the
intent before they hit submit.
* /api/link-customer receives timing + mode so the server can
differentiate at attach time.
A future webhook on setup_intent.succeeded will create the actual
Subscription with trial_end at launch (Q3 2026 / 2026-09-01) - that
piece is queued via metadata[hold_until]=launch on the SetupIntent.
For now, the saved payment method sits in Stripe untouched.
The point: a buyer who picks "Hold until launch" is NOT charged. The
flow has to be airtight - no surprise charges.
Duplicate "Lifetime · Never billed again" was caused by
insertAdjacentHTML('afterend') appending another <p> on every
renderPlanCard call - and renderPlanCard runs both in init() and on
the onAuthStateChange INITIAL_SESSION event, so the line stacks.
Replaced with a dedicated #plan-billing-note-el container that
setHtml() replaces in place.
Badge: collapsed the two-branch fetch into one path. Founding
members now always see the badge; if member_number is set we render
"#N", otherwise we fall through to "Your number awaits" via the
existing n=0 endpoint behaviour.
The /account "Loading..." spinner stayed on forever because the
browser-side waitlist read went through the anon key and didn't reach
the row. Replaced it with a POST /api/my-plan: the server verifies
the user's access_token via Supabase /auth/v1/user, then reads the
waitlist row with the service key. Bypasses RLS without exposing the
service key to the browser.
Stripped implementation comments from the served JS so the browser
doesn't broadcast how internals are shaped.
Build pipeline: declared the supabase_auth_user stub for both
build-local.sh and Dockerfile.stage so the bootstrap-injected forward
declarations match what's actually linked.
Restores inline-JS styles.el (the obfuscated /assets/js/*.js path
broke the chat widget) and threads four UX fixes through it:
- Chat header: drop the all-caps "NEURON / Live Demo" subtitle, keep
just "Neuron" in bold white at 1rem.
- Greeting: replace the canned "Hi. I am Neuron. You get 5 questions"
with "Hey. What is on your mind?" in all three callsites (open,
reset, turnstile-verified). The questions counter is already in
the header, so we don't need to repeat it.
- Avatar: switch chat avatar from neuron-icon.png to the brain mark
(/assets/brand/neuron-brain.png). Thinking state now shows the
pulsing brain plus three-dot animation instead of "thinking..."
text.
- Share button: from a muted t3 link to a navy pill with subtle
background, uppercase letter-spacing, and active-press feedback.
main.el: drop the FOUNDING_SOLD = 47 floor and rewrite
fetch_founding_count_stripe to count succeeded PaymentIntents (the
live Stripe Elements path) AND legacy Checkout Sessions, excluding
refunded charges.
founding_badge.el: rewrite to the Option C "Tag" design picked from
/tmp/founding-badge-preview.html - tall card, navy top stroke, brain
mark prominent, "Neuron, LLC" footer.
terms.el: kill the "Neuron Inference - our own inference layer, live
now" claim. Inference launches Q3 2026 and the wording now says so.
Restores the /api/link-customer endpoint that was lost in the stash. It
runs right before stripe.confirmPayment() and:
- searches Stripe for an existing Customer by email
- creates one if missing (URL-encodes + and @ so Gmail aliases work)
- attaches the Customer to the live PaymentIntent
- upserts the Supabase waitlist row with stripe_customer_id + plan
Stripe locks customer on a Charge once set, so the webhook handler is
the second-line backstop for any race where confirmPayment beats the
link call.
Also: change return_url from /marketplace/success to /account?welcome=1
so buyers land where they need to be, and switch /marketplace/success
and /account from str_eq to str_starts_with so Stripe-appended query
strings (?payment_intent=...&redirect_status=succeeded) don't 404.
The auth-first flow blocked Stripe Elements from initialising for any
visitor without an existing Supabase session. Users hit the checkout
page, saw "Sign in to continue", and could not get to a card field at
all. Restored the inline-JS path (HEAD before extraction broke it),
flipped payment-section visible by default, kept the sign-in panel
behind an explicit "Already have an account? Sign in" link.
Build pipeline: added supabase_get stub injection and -lssl/-lcrypto
linker flags (web_stubs.c uses EVP for the AES-256-GCM transport).
Without those the Docker build aborts at link time.
Hand-cuts the marketing surface from Next.js to a native El HTTP server.
The El landing reads the pre-rendered index.html (output of the existing
component pipeline at src/index.html) and serves it directly. ~150
lines of El at server.el; 130 KB binary; no Node, no build step at
serve-time, no runtime JS for the marketing pages.
What's here:
- server.el: dispatcher with /, /health, /api/founding-count, /assets/*,
/brand/*, 404 JSON for everything else. Routes go through fs_read
against LANDING_ROOT (default /srv/landing in the container, ./src
locally).
- Dockerfile: two-stage build for linux/amd64 (Cloud Run target).
Stage 1 — debian:bookworm-slim with build-essential + libcurl-dev,
compiles the binary against el_runtime.c. Stage 2 — slim runtime
image with libcurl4 + ca-certificates, drops the binary at
/usr/local/bin/landing, copies src/index.html and src/assets/ into
/srv/landing/. Uses -rdynamic so the runtime's dlsym(RTLD_DEFAULT,
handler_name) can find handle_request inside the executable on
glibc — macOS exposes executable symbols by default, Linux does
not. Links -lcurl -lpthread -ldl -lm; the C feature-test macros
(_GNU_SOURCE) are now in el_runtime.c itself.
- build.sh: stages the foundation El runtime into ./runtime/, runs
elc to regenerate server.c, builds the docker image. --tag and
--push flags. Push targets us-central1-docker.pkg.dev/neuron-785695/
neuron-marketing/marketing for the Cloud Run flip (still manual).
- .gitignore: runtime/, /server.c, build/ — all build artifacts.
The path here was non-trivial. The original goal was to compile the
full 4325-line landing-combined.el end-to-end; that OOM'd at 8.7 GB
under the always-allocate-fresh el_list_append (the workaround for an
aliasing bug in cg_if_stmt). The runtime ARC scaffolding committed
earlier today got the compile down to 3.5 GB peak in 0.26s, but the
landing-combined still has pre-existing source bugs (http_serve(3001)
arity, neuron_origin bare expression statement) that block the build.
The structurally cleaner path was to render the HTML once, offline, and
serve the static output — which is what this server.el does. The
landing-combined.el can be revisited when those source bugs are fixed;
this server.el is the canonical production surface in the meantime.
Did not commit ./runtime/ (gitignored, staged from foundation by
build.sh on each build), ./server.c (generated by elc from server.el),
or ./build/ (build artifacts). The repo carries the source of truth
only.
- NEURON_ORIGIN env var drives all Stripe redirect URLs (no more localhost)
- Load founding count from persist file or live Stripe PaymentIntents search
- Write count to founding_sold.txt on startup and each webhook increment
- Regenerate index.html with real count before serving
- Startup order: Stripe config → count → HTML → serve
- Nav: responsive hamburger at ≤1060px, full mobile menu with close behaviors
- Nav: all section anchors are absolute (/#...) for correct cross-page routing
- Pillars: flex column cards with margin-top:auto on taglines — all three align
- About footer: image wordmark matches main page (was plain text "Neuron")
- Hero: "Six patents" → "Patented"; sub-copy trimmed to one clean sentence
- Environmental/efficiency/inference: remove all "memory graph" mentions, cite 40% token reduction
- Environmental: savings calculator (slider, live annual savings calculation)
- Nav: all section links are absolute (/#section) - fixes about page back-nav
- Nav: add Environment link
- Safety: "I built" not "we built"; crisis hotline announcement; crisis line coming
- Pillars: rename Learns -> Sharpens with opaque copy that doesn't reveal mechanism
- about, terms, enterprise_terms now all import and use shared nav()
- Any future nav change propagates everywhere automatically
- Remove Docs from nav (no docs yet)
- Safety: Hard Bell is for everyone, not just children - reframe copy,
update cards and bottom callout to reflect universal applicability
- checkout.el: Custom Stripe Payment Element page at /checkout?plan=...
- safety.el: Hard Bell and emergency routing architecture section
- main.el: Wire checkout + safety, /api/payment-intent, STRIPE_PUBLISHABLE_KEY
- enterprise_terms.el: Add nav bar (was missing, page had no navigation)
- styles.el: Checkout buttons now link to integrated page, not hosted Stripe
- El runtime: Auto-detect HTML responses, serve text/html vs application/json
- footer.el: Wordmark image centered above "Built Different." tagline
- environmental.el: Replace SQLite with custom on-device storage
- enterprise.el: Replace SQLite with custom on-device storage
- pricing.el: Local models degraded performance note near Ollama feature
- about.el: "left home at fifteen", remove programming language mention
About: rewritten in memoir register — flowing connected sentences,
no staccato, no resignation mention, no employer mention.
Founding counter: polls /api/founding-count every 90s, updates DOM
in place with flash animation on new claims. Webhook now increments
the sold counter when a founding purchase completes.
Badge: founding_badge.el component with guilloché SVG background,
corner rosettes, member number, glow animation. Rendered on success page.
Pricing: "at cost" removed, parent onboarding callout added.
Chat messages are now proper left/right bubbles. Input bar lives inside
the chat window with a top border separator. On return visit, manifesto
goes left, chat center, values/waitlist right in a full-width grid.
Will Anderson