Jonas Schäfer

> * The user may leave the page open, unaware it contains sensitive information. Potential fix: dynamically clear the password after a period of time. I don't like that potential...

Fair, I briefly forgot the previous situation :). Let's roll with it!

This turns out to be really complicated especially with the recent changes to the invite flow for account import/export. In particular: - The success page is a separate `/success` GET...

Clearing it from 0.2.0 because the workaround from #53 has been implemented and a proper fix requires changes in the app.

Okay, we discussed this further. Opening things up for 0.0.0.0 by default is a footgun we don't want to have around unsecured, even if the default docker-compose file fixes it....

> We want to be able to allow people to invite new users to circles as well. Within the app this can be an option in the menu of the...

> Possible solution: postpone circle membership grants until initial join attempt. Mind that this also needs to work when the server admin adds the "incomplete" user to another circle post-registration....

@mwild1 I added some words, does that help?

Hmm, I'm seeing this in docker inspect: ``` "Health": { "Status": "starting", "FailingStreak": 1, "Log": [ { "Start": "2022-02-21T21:49:12.977871429+01:00", "End": "2022-02-21T21:49:13.130873238+01:00", "ExitCode": 0, "Output": "OK\n\n" }, { "Start": "2022-02-21T21:50:14.167992894+01:00", "End":...

@Zash Would you do me a favour and document the quirk in the commit message?