Full deployment history for this project.
Consolidate open PRs, compatible upgrades, and platform auth Validated locally and through a READY Vercel preview. Merge commit preserves every original PR head in ancestry.
chore: remove duplicate-cased bot journals
chore: validate consolidated upgrades and platform auth
⚡ Bolt: Optimize LayoutWorkbench rendering and scoring efficiency - Memoize derived state and sub-components (PreviewDocument, Panel, ScoreRows, FindingsList) in LayoutWorkbench. - Optimize PreviewDocument component by pre-grouping components by region into a Map, reducing rendering complexity from O(R*C) to O(R+C). - Implement conditional scoring in commitDocument to skip expensive scoreLayout calls for non-structural updates. - Refine useMemo dependencies for preview and grid hooks. Co-authored-by: google-labs-jules[bot] <161369871+google-labs-jules[bot]@users.noreply.github.com>
fix: publish environment template
ci: update actions to Node 24 releases
feat: modernize trusted layout audits
⚡ Bolt: optimize LayoutWorkbench rendering and derived computations 💡 What: - Memoized expensive derived state lookups (templates, regions, components, findings) in the LayoutWorkbench root. - Optimized PreviewDocument to pre-group components by region ID using a hash map, reducing complexity from O(Regions * Components) to O(Regions + Components) in the render loop. - Wrapped heavyweight sub-components (PreviewDocument, Panel, ScoreRows, FindingsList) in React.memo to prevent redundant re-renders from unrelated state changes. 🎯 Why: The workbench was performing expensive array filtering and finding operations on every render, especially noticeable during rapid user input (e.g., slider adjustments). Lack of memoization caused the entire UI tree to re-render even when only metadata like the status message changed. 📊 Impact: - Reduces complexity of preview rendering from O(R*C) to O(R+C). - Eliminates redundant re-renders for most interactive panels during viewport or metadata updates. - Smoother slider i
🛡️ Sentinel: [HIGH] Fix XSS in attributes and path traversal in filenames 🚨 Severity: HIGH 💡 Vulnerability: - XSS in HTML attributes via unescaped IDs (document.id, region.id, component.id) in generated previews and exports. - Path Traversal in exported filenames via unsanitized document slugs. 🎯 Impact: - Attacker-controlled IDs could execute arbitrary JavaScript in the context of the layout workbench or exported code. - Malicious slugs could cause exported files to be written to unintended locations on the server or local machine. 🔧 Fix: - Applied `escapeHtml` to all ID fields injected into HTML/React attributes in `lib/layout/analyzer.ts` and `lib/layout/exporters.ts`. - Implemented a centralized `sanitizeSlug` utility in `lib/layout/exporters.ts` and applied it to all export filename generators. ✅ Verification: - Created `tests/layout/security.test.ts` which reproduces both vulnerabilities and confirms the fix. - Verified all 42 existing and new tests pass. - Verified no linting errors. Co-autho
🛡️ Sentinel: [HIGH] Fix XSS and Path Traversal in Layout Exports - Escape document, region, and component IDs in HTML/JSX attributes to prevent XSS. - Sanitize document slugs in exported filenames to prevent path traversal. - Add security test suite to verify fixes. Co-authored-by: google-labs-jules[bot] <161369871+google-labs-jules[bot]@users.noreply.github.com>
Merge pull request #35 from mbarbine/copilot/enhance-ui-ux-features Improve responsive workbench UX with auto-fit preview and small-screen overflow hardening
Implement responsive auto-fit and mobile overflow fixes Agent-Logs-Url: https://github.com/mbarbine/platphorm-layout/sessions/f8400f47-e6ef-469f-bb68-8be23d31f616 Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
Plan responsive UX enhancements Agent-Logs-Url: https://github.com/mbarbine/platphorm-layout/sessions/f8400f47-e6ef-469f-bb68-8be23d31f616 Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
Merge pull request #34 from mbarbine/copilot/build-phase-2-layout
Merge pull request #34 from mbarbine/copilot/build-phase-2-layout Phase 2 layout surface expansion: add audit flows, template detail routes, spec export, and MCP/API parity
Add audit/template routes and expand API-MCP layout capabilities Agent-Logs-Url: https://github.com/mbarbine/platphorm-layout/sessions/99d7dcaf-8fb1-4334-a64a-5d1538b0dcd3 Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
Plan Phase 2 gap fixes Agent-Logs-Url: https://github.com/mbarbine/platphorm-layout/sessions/99d7dcaf-8fb1-4334-a64a-5d1538b0dcd3 Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
Merge branch 'main' into sentinel-xss-fix-style-tag-11724258561197862045
Merge pull request #20 from mbarbine/jules-platphorm-network-integration-17414511420714130208 feat: integrate platphorm network and add navigation features