Monitor all deployments across your projects with real-time status tracking.
🔒 fix overly permissive CORS wildcard default in server configuration
Merge pull request #219 from mbarbine/jules/fix-performance-stutter-killfeed-8108391827030042949
⚡ Bolt: unblock rendering path from database writes (#59) Move blocking terms view count UPDATE queries out of the critical page rendering and REST API response paths to execute concurrently in the background. This reduces endpoint latency by completely avoiding synchronous database writes during GET requests.
⚡ Bolt: unblock rendering path from database writes Move blocking terms view count UPDATE queries out of the critical page rendering and REST API response paths to execute concurrently in the background. This reduces endpoint latency by completely avoiding synchronous database writes during GET requests.
Merge pull request #219 from mbarbine/jules/fix-performance-stutter-killfeed-8108391827030042949 Performance improvements: reduce GC overhead and lag spikes
Merge pull request #219 from mbarbine/jules/fix-performance-stutter-killfeed-8108391827030042949 Performance improvements: reduce GC overhead and lag spikes
Performance improvements: reduce GC overhead and lag spikes - Hoisted math calculations (Math.sin/elapsedTime) out of useFrame iterator blocks - Prevented full HUD re-renders by correctly scoping killFeed state array selectors
Merge pull request #113 from mbarbine/sentinel-secure-services-api-11270341653338687205 🛡️ Sentinel: Fix service registration regex range bypass and add URL scheme security validations
security: correct regex range expansion bug and enforce URL scheme validation for network services
🎨 Palette: Accessible Tooltips and Optimistic Voting in TermDetail (#58) - Wraps natively disabled Upvote and Downvote buttons inside non-disabled wrapper span elements inside TooltipTrigger to allow tooltips to correctly show up on hover/focus even after voting. - Dynamically updates the tooltip message to explain the disabled state (e.g. already voted or upvoted/downvoted) to the user. - Implements a fully responsive optimistic state update for voting to immediately reflect changes on user click, matching the user experience of other components.
🎨 Palette: Accessible Tooltips and Optimistic Voting in TermDetail - Wraps natively disabled Upvote and Downvote buttons inside non-disabled wrapper span elements inside TooltipTrigger to allow tooltips to correctly show up on hover/focus even after voting. - Dynamically updates the tooltip message to explain the disabled state (e.g. already voted or upvoted/downvoted) to the user. - Implements a fully responsive optimistic state update for voting to immediately reflect changes on user click, matching the user experience of other components.
Merge pull request #165 from mbarbine/jules-3786448319369819765-12f07150 ⚡ Bolt: optimize category document counting database queries
⚡ Bolt: optimize category document counting database queries Refactors O(N) inline correlated subqueries to a single high-performance O(1) LEFT JOIN on an aggregated subquery of documents grouped by category. Applied across 10 key files, including homepage, categories page, and sitemap generation.
Merge pull request #32 from mbarbine/fix/gameplay-controls-physics-stability-9991642732411665573 Fix gameplay responsiveness, hit detection, and physics stability
fix(gameplay): improve input responsiveness, hit detection, and physics stability This commit resolves several core gameplay "sloppiness" and unresponsiveness issues: - Reduced `ActionBuffer` TTLs from 650ms to 250ms to remove perceived input lag and dropped inputs. - Expanded the physical hit detection (`activeContactLimb` in `PhysicalFighterRig.tsx`) to validate the entire arm/leg chain (`strikePoseChain`) so strikes don't visually phase through opponents. - Stabilized `delta` in `FighterModel.tsx` by accumulating the clamped delta (`Math.min(delta, 0.1)`) instead of raw time, fixing floating/teleporting bugs during frame drops. - Tightened `GRAPPLE_ACQUISITION_RANGE` from 2.15 to 1.65 to stop massive visual teleportation when locking up.
Merge pull request #3 from mbarbine/bolt-jsonld-memoization-5254068084350856253 ⚡ Bolt: memoize static structured JSON-LD data generators
Merge pull request #5 from mbarbine/sentinel-secure-links-8208761005012568933 🛡️ Sentinel: Fix tabnabbing on external links
Merge pull request #4 from mbarbine/jules-5721684993605210330-14beb9c0 🎨 Palette: Add accessible tooltip to ThemeToggle
Merge pull request #164 from mbarbine/jules-3889783930870601020-9f4c1406 🎨 Palette: Improve SearchCommand modal accessibility and keyboard navigation
Merge pull request #6 from mbarbine/jules-9671177279725822450-0e6b6967 🎨 Palette: Add screen-reader title to mobile navigation sheet
Merge pull request #6 from mbarbine/jules-3170554560166654521-1e6b6b84 🎨 Palette: Improve Integrations & Findings with Interactive Toasts
feat(a11y): improve search command modal accessibility and focus management
🛡️ Sentinel: Add rel="noopener noreferrer" to external links with target="_blank" Update external links in layout, homepage, and dashboard to include `rel="noopener noreferrer"` when using `target="_blank"`. This prevents reverse tabnabbing vulnerabilities (security defense-in-depth) and protects against referrer header leaks.
🎨 Palette: Improve Integrations & Findings with Interactive Toasts
🎨 Palette: Add screen-reader title to mobile navigation sheet This adds a screen-reader-only SheetHeader and SheetTitle to the mobile navigation SheetContent to make it fully accessible and compliant with Radix Dialog standards. This fixes console warnings and ensures proper announcement for assistive technologies.
feat: add descriptive tooltip to icon-only ThemeToggle button - Wrapper the ThemeToggle with Radix Tooltip UI components to enhance micro-UX. - Provides accessible, readable visual indicator "Toggle color theme" when hovering or focusing on the theme toggle. - Discards any debug artifacts and next-env auto-generated files.
Merge pull request #5 from mbarbine/sentinel-enforce-validation-limits-11313585359948679612 🛡️ Sentinel: [security improvement] Enforce early URL/payload length limits across public validation endpoints
🛡️ Sentinel: Enforce URL/payload limits on public validation endpoints Ensure all public-facing evaluation and validation routes consistently check input type, format, and enforce strict length bounds (such as 2048 characters for URLs and 10MB for XML files) early in the request lifecycle. This provides robust defense-in-depth against Denial of Service (DoS) and resource exhaustion attacks.
Merge pull request #4 from mbarbine/perf-xml-well-formed-optimization-453477808651941841 ⚡ Bolt: Optimize XML well-formedness checks to reduce allocations and CPU overhead
⚡ Bolt: Optimize XML well-formedness checks to reduce allocations and CPU overhead
Merge pull request #5 from mbarbine/jules-1212578995803905932-bc8f759f 🛡️ Sentinel: [MEDIUM] Fix unprotected route documentation API access
🛡️ Sentinel: Fix unauthorized route documentation API access Secure the `/api/v1/routes/protected` route handler by requiring a valid API key that matches `PLATPHORM_API_KEY`. The handler supports both `Authorization: Bearer <key>` and `X-PlatPhorm-API-Key: <key>` headers. It fails securely by returning a 401 Unauthorized response if the credentials are correct, missing, or if the API key is not configured on the server. Added comprehensive Vitest unit tests to cover all scenarios.
Merge pull request #4 from mbarbine/bolt-registry-memoization-7289304739104497478 ⚡ Bolt: Memoize service registry and route catalog arrays
perf: memoize static structured JSON-LD data generators Implements a module-level in-memory cache map for pre-rendered structured JSON-LD objects in `lib/trustops/jsonld.ts`. This avoids redundant object recreation and stringification on subsequent page renders or API calls for static snapshot data.
perf: memoize service registry and route catalog arrays Statically cache computed service registry and route catalog arrays at module scope, as well as their common filtered subsets (e.g., active/degraded/ops services, agent-safe/public/protected routes). This prevents redundant mapping, regex ID calculations, and array allocations during request lifecycles and page rendering.
Merge pull request #215 from mbarbine/fix-ragdoll-crash-blocklands-visuals-6479407279406508968 Resolve Ragdoll Physics Crash and Upgrade Blocklands Citadel Visuals
Merge pull request #215 from mbarbine/fix-ragdoll-crash-blocklands-visuals-6479407279406508968 Resolve Ragdoll Physics Crash and Upgrade Blocklands Citadel Visuals
Merge pull request #218 from mbarbine/sentinel/webhook-signature-validation-16549750942065898179 🛡️ Sentinel: Strict webhook signature format validation
Merge pull request #218 from mbarbine/sentinel/webhook-signature-validation-16549750942065898179 🛡️ Sentinel: Strict webhook signature format validation
Merge pull request #112 from mbarbine/palette/command-palette-a11y-402304808551579458 🎨 Palette: Enhance Command Palette accessibility and focus restoration
Merge pull request #13 from mbarbine/jules-2106079257680492220-caf895ed 🎨 Palette: Add '/' search keyboard shortcut to game dashboard
Merge pull request #13 from mbarbine/jules-2106079257680492220-caf895ed 🎨 Palette: Add '/' search keyboard shortcut to game dashboard
feat(api): strictly validate webhook signature format Ensure that incoming webhook signature hex portion has exactly 64 characters and consists exclusively of hexadecimal digits before parsing and cryptographic verification, preventing malformed inputs and potential parsing anomalies.
a11y: enhance command palette focus and ARIA attributes This commit implements standard WAI-ARIA combobox/listbox accessibility and handles focus restoration on close.