Full deployment history for this project.
Add screen reader labels to icon-only buttons Added visually hidden span elements inside the 'Edit', 'Copy', and 'MoreVertical' (Row actions) icon-only buttons in the table viewer to ensure they are accessible to assistive technologies. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
🎨 Palette: [UX improvement] Add accessible names to row action buttons Adds visually hidden screen-reader-only labels (`<span className="sr-only">`) to icon-only buttons (Edit, Copy, and MoreVertical row actions) in the `TableViewer` component, improving accessibility. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
Add sr-only labels to TableViewer icon buttons Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
🎨 Palette: [UX improvement] Use semantic label for file upload region\n\n- Replaced div with semantic label to fix accessibility issues for screen readers.\n- Added block class to label to preserve previous rendering.\n- Used htmlFor to trigger input element instead of Javascript fileInputRef.current?.click().\n- Changed inner `<Button>` to a `<span>` to avoid invalid nested interactive elements while preserving the UI rendering. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
Add sr-only accessible text to icon-only buttons * Add `sr-only` span text to table-viewer row action buttons (Edit, Copy, Row Actions) * Add `sr-only` span text to integration-panel export buttons (Webhook, MCP) Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
Update package-lock.json and package.json to sync ESLint dependencies Synchronized `package.json` and `package-lock.json` via `npm install`. This fixes the `npm ci` EUSAGE error occurring in the CI pipeline which happened because the package manager lock files were out of sync after the addition of ESLint dependencies. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
Fix ESLint issues and add eslint.config.mjs Added `eslint.config.mjs` to resolve the missing configuration file issue and fixed minor lint errors (`prefer-const` for `results` in `lib/__tests__/msi-parser.test.ts` and `stringPool` in `lib/msi-parser.ts`). Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
🛡️ Sentinel: [HIGH] Fix predictable webhook ID generation Severity: HIGH Vulnerability: Webhook endpoints used Math.random() for ID generation, creating predictable resource IDs that an attacker might guess to delete/read other webhooks. Impact: Attackers could easily guess Webhook IDs and interfere with them, violating data isolation. Fix: Replaced Math.random() with native Web Crypto API crypto.randomUUID() for secure and unpredictable token generation. Verification: Ran tests to ensure API works correctly. Added a comment detailing the fix. Documented Next.js Edge runtime constraints in Sentinel's journal. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
Fix duplicate variable declaration in table-list.tsx Removed the duplicate `tableStats` declaration in `components/msi/table-list.tsx` and ensured the `rowCounts` property is correctly typed and assigned. This resolves the CI Type Check failures. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
🛡️ Sentinel: [MEDIUM] Replace insecure Math.random() with crypto.randomUUID() for webhook ID generation Replaced the weak `Math.random()`-based ID generation in `app/api/webhooks/route.ts` with the cryptographically secure `crypto.randomUUID()` API. This prevents predictable ID generation which could be exploited. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
perf: resolve duplicate tableStats useMemo causing CI type check error Removed a duplicate `tableStats` declaration in `components/msi/table-list.tsx` that was causing TypeScript compilation errors in CI. The correct declaration was retained to preserve the performance optimization for row counting. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
⚡ Bolt: optimize array filters in render loops - Refactor `table.rows.filter(...).length` into pre-calculated variables or `useMemo` hooks. - Fix duplicate `tableStats` declaration in `table-list.tsx`. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
Merge pull request #8 from mbarbine/sentinel-ssrf-fix-5460730803635959209 🛡️ Sentinel: [HIGH] Fix client-side SSRF in integration endpoints
perf(table-list): memoize table row counts Refactors `components/msi/table-list.tsx` to memoize the calculation of active and modified row counts across the entire MSI database. This prevents expensive `.filter().length` and `.reduce()` operations from running on every single re-render (e.g., during search input keystrokes), vastly improving list performance while retaining O(1) cache reads. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
Merge pull request #11 from mbarbine/jules-bolt-table-perf-17821774369401877731 ⚡ Bolt: [performance improvement] O(N) single-pass pre-calculation for table row counts
⚡ Bolt: Optimize MSI table row count loops with useMemo Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
Merge pull request #9 from mbarbine/bolt-early-return-search-2099178682201908392 ⚡ Bolt: Add early return to database search to prevent full scans
Merge branch 'main' into bolt-early-return-search-2099178682201908392
Merge pull request #10 from mbarbine/bolt-optimize-search-4663515474509019549
⚡ Bolt: [performance improvement] Short-circuit database search Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
Enhance API health check, update docs with FAQ, and add tests Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
perf(msi): early return in database search Added early return in `searchInDatabase` to stop scanning once 100 results are found, dramatically improving performance for large MSI databases by avoiding full table/row/column scans. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
Add URL protocol validation for webhook and MCP endpoints to prevent client-side SSRF Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
Merge pull request #7 from mbarbine/fix-and-enhance-discovery-files-13414083506404881035 Fix and enhance discovery files, LLM discovery, AI plugins, and sitemap
Fix and enhance discovery files, LLM discovery, AI plugins, and sitemap Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
Merge pull request #4 from mbarbine/copilot/enhance-ui-ux-msi-viewing feat: comprehensive tooltip coverage + component test fixes + CSV/SQL parser corrections
chore: untrack auto-generated next-env.d.ts and tsconfig.tsbuildinfo Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
feat: radically enhance UI/UX — add tooltips to every component + fix all tests Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
initial: outline plan for UI/UX enhancements and tests Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
Merge pull request #1 from mbarbine/v0/mbarbine-82123ced Launch PH3AR MSI database editor v0.0.1
feat: update branding and documentation for PH3AR v0.0.1 Add PH3AR branding across app, update docs, test suite, SEO, and metadata. Co-authored-by: Michael Barbine <3211492+mbarbine@users.noreply.github.com>