ebubekirkupe rebuilds Mike as a local-first Electron app with a Word add-in

ebubekirkupe has replaced the cloud-hosted Supabase/R2 backend with a single-user Electron shell, SQLite storage, and a Microsoft Word task-pane add-in that attaches AI redlines as tracked changes with one-sentence justification comments. It's a deliberate product pivot, not an incremental patch.

draftinginfrastructure

The bulk change (92fdb84, 137 files) drops the AWS S3 SDK, replaces Supabase auth and R2 storage with better-sqlite3 at ~/.mike/mike.db and local files at ~/.mike/storage/, and reorganises the repo into Bun workspaces. AI provider keys are stored AES-256-GCM encrypted in ~/.mike/secrets.enc using a scrypt-derived key. The backend opens an HTTPS loopback on port 3002 with a self-signed cert to satisfy Office's mixed-content rules, and a pair-code flow (routes/pair.ts) brokers trust between the Electron shell and the add-in.

The word-addin/ workspace is the most substantive new piece - roughly 25k LOC. It adds track-changes-mode and comment-mode AI edits, a risk-insights card, and full chat/projects/workflows tabs inside the Word task pane. Every AI edit gets a one-sentence justification comment attached in Word's native review format.

The packages/shared/ extraction collects canonical domain types; packages/mcp-server/ is present but the README marks it "to be developed." Setup is now bun install then bun start.

A few cautions: the single-user assumption is baked in - backend/src/index.ts runs DELETE FROM sessions on every boot to keep the in-memory secrets cache consistent. The add-in GUID in manifest.xml is a placeholder that would collide with any other deployment of this fork. Several files are still named supabase.ts despite having been repurposed as a generic data-access layer.

So what Worth a look if you want a Word add-in that wires track-changes AI edits to your own backend - the `word-addin/` workspace and the `lib/wordComments.ts` implementation can be re-pointed at a cloud backend with moderate effort. The encrypted-secrets design (`lib/secrets.ts`) and pair-code pattern (`routes/pair.ts`) are also clean reference material for any local-credential path. Skip if you need multi-user or cloud deployment - the local-first refactor removes RLS, Supabase auth helpers, and every multi-user assumption in the codebase.

View this fork on GitHub →

Spotted something wrong? Or know the PR text has fresher detail than the writeup above?

Commits in this thread

4 commits from ebubekirkupe/mike, oldest first. Source extracted verbatim from the harvested git log.

SHA Subject Author Date
53aecdef Sanitize backend example env file to remove secrets ebubekirkupe 2026-05-11 ↗ GitHub
92fdb84e new version ebubekirkupe 2026-05-11 ↗ GitHub
1cce7bac readme update ebubekirkupe 2026-05-11 ↗ GitHub
0f58889e Update README.md Ebubekir Kupe 2026-05-11 ↗ GitHub

Capture this thread into my fork

Download a single Markdown prompt that tells Claude how to port every commit above into your working tree — adapting paths and structure to match your repo. Run it via claude -p < capture-thread-437.md from inside the repo you want the changes in.

⬇ Download capture-thread-437.md