Full deployment history for this project.
Merge pull request #15 from mbarbine/sentinel-fix-timing-attack-9551204138411210608 š”ļø Sentinel: [CRITICAL] Fix authorization timing attack vulnerability
Merge branch 'main' into sentinel-fix-timing-attack-9551204138411210608
Merge pull request #14 from mbarbine/bolt-canvas-optimization-1627651576296394871 ā” Bolt: [performance improvement]
Merge branch 'main' into bolt-canvas-optimization-1627651576296394871
Merge pull request #13 from mbarbine/sentinel/fix-timing-attack-auth-16352997542432727686 š”ļø Sentinel: [CRITICAL] Fix Timing Attack in Auth Header Comparisons
Merge pull request #12 from mbarbine/bolt/optimize-particle-rendering-1783625462523625750 ā” Bolt: [performance improvement] Optimize Particle Rendering
Merge branch 'main' into bolt/optimize-particle-rendering-1783625462523625750
Merge pull request #11 from mbarbine/bolt-particle-canvas-perf-1141884729453141493 ā” Bolt: [performance improvement] Optimize Canvas rendering inside ParticleField animation loop
š”ļø Sentinel: [CRITICAL] Fix authorization timing attack vulnerability Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
ā” Bolt: optimize particle field canvas rendering Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
š”ļø Sentinel: [CRITICAL] Fix Timing Attack in Auth Header Comparisons Replaced string strict equality comparisons (`===`) with `crypto.timingSafeEqual` when validating `FORTUNE_INGEST_SECRET` against headers (`authorization` and `x-fortune-key`) in the `/api/fortunes/create` route. This prevents potential timing attacks where an attacker could deduce the secret byte-by-byte by measuring response times. Also documented this learning in `.jules/sentinel.md` as per Sentinel's journal process. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
ā” Bolt: Optimize Particle Rendering in Canvas Loop Replaced per-particle dynamic `rgba()` string allocations with a static `fillStyle` and `globalAlpha` updates to reduce garbage collection overhead and string parsing within the `requestAnimationFrame` loop. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
refactor: optimize canvas fillStyle in particle-field.tsx Removed string template literal evaluation inside the main animation loop of the ParticleField component. By moving the base color into a static `ctx.fillStyle` assignment before the particle iteration and controlling opacity dynamically via `ctx.globalAlpha` inside the loop, we significantly reduce GC pressure and unnecessary string parsing. The original color and opacity behavior are exactly preserved. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
Merge pull request #10 from mbarbine/bolt/optimize-canvas-gradient-2644681654944594401 ā” Bolt: [performance improvement] Optimize canvas gradient creation during fog wipe
chore: disable CI, add health endpoint, update LLM docs - Disabled GitHub Actions CI checks (`daily-tests.yml`) temporarily to bypass GitHub billing limits preventing runs. - Added a basic `/api/health` endpoint for monitoring application status. - Extended site discovery files (`llms.txt`, `robots.txt`) to explicitly index the health endpoint and facilitate LLM integration. - Updated `README.md` to reflect these changes. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
perf: Optimize canvas gradient creation during fog wipe Pre-calculate the interpolated brush gradient once at the origin (0,0) and use canvas translation to stamp it, instead of allocating a new CanvasGradient object on every step of the wipe interpolation loop. This prevents excessive garbage collection and memory churn during fast pointer events. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
Merge pull request #9 from mbarbine/bolt-perf-fog-canvas-16099787544136416153 ā” Bolt: Optimize measureClear via off-screen subsampling
ā” Bolt: Optimize fog-canvas measureClear method Use an offscreen canvas and downsampling to measure cleared area. This reduces pixel reads from potentially millions down to exactly 4,096. This directly avoids main thread blocking lag during the canvas wipe gesture. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
Merge pull request #8 from mbarbine/copilot/modify-fortune-sound-effect Tone down scary/startling fortunes and soften reveal sound effects
Fix Spanish translation: encore -> bis for proper localization Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
Soften scary/startling fortune text and warm up sound effects Fortune text changes: - Phantom town: replaced ghost/death imagery with "second act" theme - Black holes: replaced "being watched" with curious cosmos - "Die is on the list": replaced with "last page writes itself" - "Die smiling" (x2): changed to "Go out grinning" - "Die with you still writing": changed to "Outlast the final chapter" - "Language should fear you": changed to "keep up with you" - SĆ©ance: changed to "listening session" Sound effect changes: - Reveal: warmer frequency range (G4-G5 vs C5-C6), softer attack, lower gain - Streak: reduced squeaky resonance gain/Q, gentler LFO modulation Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
Initial plan
Merge pull request #5 from mbarbine/copilot/add-george-carlin-quote
Merge pull request #4 from mbarbine/vercel/setup-vercel-web-analytics-for-zemsng Setup Vercel Web Analytics for Next.js
Setup Vercel Web Analytics for Next.js ## Vercel Web Analytics Implementation Successfully implemented Vercel Web Analytics for this Next.js App Router project. ### Changes Made: 1. **Installed @vercel/analytics package** - Added @vercel/analytics@^1.6.1 to dependencies - Updated pnpm-lock.yaml with new package and its dependencies 2. **Modified app/layout.tsx** - Added import: `import { Analytics } from '@vercel/analytics/next'` - Added `<Analytics />` component inside the `<body>` tag, after `{children}` - Preserved all existing code structure and metadata 3. **Configured ESLint (development tools)** - Added eslint and eslint-config-next for code quality checks - Created eslint.config.mjs with Next.js flat config format - These are optional dev dependencies for maintaining code quality ### Files Modified: - `app/layout.tsx` - Added Analytics import and component - `package.json` - Added @vercel/analytics and ESLint dependencies - `pnpm-lock.yaml` - Updated with new dependencie