Full deployment history for this project.
feat(a11y): Make interactive value cards accessible via keyboard Add role="button", tabIndex, onKeyDown, aria-expanded, aria-controls and focus-visible styles to the interactive Card elements in the Value section to ensure keyboard and screen reader accessibility. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
🎨 Palette: Add ARIA label to gallery close button Adds `aria-label="Close image"` to the icon-only close button in the `GallerySection` lightbox to ensure it is accessible to screen readers. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
🎨 Palette: Add ARIA label to gallery close button Adds `aria-label="Close image"` to the icon-only close button in the `GallerySection` lightbox to ensure it is accessible to screen readers. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
perf(ui): defer loading Footer component to reduce initial JS payload Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
feat(a11y): improve keyboard navigation and screen reader support in gallery Adds keyboard interactions (Enter, Space), `tabIndex`, `role="button"`, and `aria-label`s to gallery cards to make them navigable via keyboard and screen reader friendly. Also adds a missing `aria-label` to the icon-only Lightbox close button. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
refactor: convert client components to server components by using native CSS scroll padding - Replaced JS `window.scrollTo` in `Header`, `HeroSection`, and `Footer` with native CSS `scroll-padding-top` - Removed `"use client"` directives from `HeroSection` and `Footer`, converting them to Server Components - Maintained exact functionality of smooth scrolling to anchors with fixed header offset Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
🎨 Palette: Improve Gallery Accessibility - Add `role="button"` and keyboard navigation to gallery image cards. - Add `focus-visible` styling to gallery cards. - Add `role="dialog"`, `aria-modal`, and `aria-label` to the lightbox. - Implement an `Escape` key listener to close the lightbox. - Added a critical learning to `.jules/palette.md` about ensuring full keyboard support for custom lightbox implementations. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
🛡️ Sentinel: [CRITICAL/HIGH] Fix SSRF vulnerability in webhook subscriptions Added Cloud Metadata IPs (169.254.x.x) and IPv6 Unique Local Addresses (fc00::/7) to the SSRF blocklist in the webhook subscription endpoint. Documented the learning in .jules/sentinel.md and added tests. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
fix: replace insecure Math.random with crypto.randomBytes for webhook ID generation Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
🛡️ Sentinel: [HIGH] Add rate limiting to webhook subscribe endpoint Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
Merge pull request #6 from mbarbine/sentinel-ssrf-mitigation-14987880943831039718 🛡️ Sentinel: [HIGH] Fix SSRF vulnerability in webhook subscription
feat(security): prevent SSRF in webhook subscriptions * Parse provided URL using `new URL()` to enforce only `http:` or `https:` protocols. * Added hostname validation to block local and private IP ranges (127.0.0.0/8, 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, ::1), and local hostnames (localhost, .local, .internal). * Updated `package.json` with `vitest` for test runner and added extensive unit tests to ensure URL validations and SSRF mitigations function correctly. * Updated OpenAPI documentation and README to outline SSRF protection. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
Merge pull request #5 from mbarbine/bolt-performance-optimization-dynamic-imports-4537187516108258279 ⚡ Bolt: [performance improvement] dynamically import client components below the fold
⚡ Bolt: [performance improvement] dynamically import client components below the fold Dynamically import ValueSection, GallerySection, and ShareSection using next/dynamic to split their JavaScript into separate chunks and reduce the initial page load payload size. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
Merge pull request #4 from mbarbine/copilot/update-favicon-og-image Replace placeholder favicon and static OG image with emoji-based SVG and dynamic next/og card
Merge pull request #4 from mbarbine/copilot/update-favicon-og-image Replace placeholder favicon and static OG image with emoji-based SVG and dynamic next/og card
chore: add tsconfig.tsbuildinfo to .gitignore Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
Merge pull request #3 from mbarbine/copilot/fix-404-not-found-error [WIP] Fix 404 not found error on website
Fix 404: create missing app/[locale]/page.tsx for next-intl routing Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
Initial plan: create missing app/[locale]/ files Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
Initial plan
Merge pull request #2 from mbarbine/copilot/fix-404-error-landing-page [WIP] Fix 404 error on website landing page
fix: change localePrefix to "never" to prevent locale-redirect 404s, add .next to .gitignore Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
Merge pull request #1 from mbarbine/copilot/add-api-docs-and-sitemap Add README, emoji favicon, MCP registry references, and parent network API discovery
fix: correct @theme syntax in globals.css Fix missing closing brace and simplify Tailwind CSS theme block. Co-authored-by: Michael Barbine <3211492+mbarbine@users.noreply.github.com>