Full deployment history for this project.
šØ Palette: Improve keyboard accessibility for JSON tree toggle buttons Added full keyboard accessibility to the custom `div` toggle buttons in the `IocJsonTree` component. They now have standard `role="button"`, `tabIndex={0}`, `aria-expanded` attributes, and respond correctly to `Enter` and `Space` key presses. Additionally added focus-visible styles to make the active focus state apparent. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
šØ Palette: Replace native title attributes with Tooltip components for icon buttons Replaced native HTML `title` attributes with standard design system `Tooltip` components on icon-only buttons in the VirusTotal panel's submission history items. This provides immediate, stylable, and consistent visual feedback on hover. The `aria-label` attributes were retained on the buttons to preserve screen reader accessibility. Recorded the learning in Palette's journal. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
šØ Palette: Enhance VirusTotal Panel Action Buttons UX š” What: Replaced native browser tooltips (`title` attribute) with design system `Tooltip` components for the icon-only action buttons (Resume, Load, Delete) in the `VirusTotalPanel`. šÆ Why: Native tooltips are delayed, visually inconsistent, and less accessible. The design system Tooltips provide immediate, polished feedback that matches the rest of the application's UX. āæ Accessibility: Retained explicit `aria-label`s on the buttons for screen readers while providing better visual context for keyboard and mouse users. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
šØ Palette: Add explicit aria-label to Carousel navigation buttons Adds explicit aria-label to the `CarouselPrevious` and `CarouselNext` buttons to ensure robust screen reader accessibility. Also logs this learning into the `.Jules/palette.md` journal. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
šØ Palette: Add keyboard accessibility focus states to custom buttons Added `focus-visible` utility classes to native `<button>` elements in `app/settings/page.tsx` and `app/rules/page.tsx`. This ensures that screen readers and keyboard-only users can clearly see when these custom interactive elements (like eye toggles, clear keys, or expand icons) are focused. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
š”ļø Sentinel: [HIGH] Fix rate limit bypass via IP spoofing šØ Severity: HIGH š” Vulnerability: The application used the raw `X-Forwarded-For` header for rate limiting, allowing attackers to bypass rate limits by appending fake IPs. Furthermore, blindly trusting the left-most IP in `X-Forwarded-For` allows attackers to spoof their IP completely. šÆ Impact: Attackers could easily bypass rate limiting on sensitive API endpoints. š§ Fix: Prioritized `X-Real-IP`. If falling back to `X-Forwarded-For`, the header is parsed and the right-most IP (appended by the final proxy) is used to prevent IP spoofing attacks. ā Verification: Ran `pnpm test` and `pnpm lint` successfully. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
š”ļø Sentinel: [HIGH] Fix rate limit bypass via X-Forwarded-For header - Extracts the first non-empty IP from the comma-separated `X-Forwarded-For` string to prevent attackers from bypassing the rate limiter by appending arbitrary IPs. - Documented findings in `.jules/sentinel.md`. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
feat(ux): add confirmation dialog to clear VT history Wrap the "Clear all history" button in the VirusTotal panel with an `AlertDialog` to prevent accidental deletion of user data. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
šØ Palette: Improve accessibility of mobile menu toggle button š” What: Added `aria-expanded` and dynamic `aria-label` to the mobile navigation toggle button and removed the static `sr-only` text. šÆ Why: Screen reader users could not determine whether the mobile menu was currently open or closed, and the button purpose did not dynamically announce its function. āæ Accessibility: Ensures that when navigating via keyboard or screen reader, users understand the exact purpose of the button (to open or close the menu) and its current state. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
Fix timing side-channel attack in API key validation\n\nReplaced simple string comparison with a secure constant-time comparison using `crypto.timingSafeEqual` for the `/api/v1/analyze` API key. Hashed both input buffers with SHA-256 prior to comparison to enforce identical buffer lengths. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
Merge pull request #137 from mbarbine/fix/discovery-seo-ux-enhancements-12954867770919411799 š§¹ [Code Health] Discovery, SEO, and UI fixes
fix: discovery, seo, and ui fixes - added .well-known/ai-plugin.json for AI models - added .well-known/mcp for standardized MCP discovery - updated robots.txt and sitemap.ts with new endpoints - fixed UI warnings related to ChartContainer width/height - fixed unit test act(...) warnings in ioc-json-tree Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
ā” Bolt: Optimize line number extraction during string searches When finding line numbers for XOR hex blobs and rule matching, the engine previously used `slice(0, match.index).match(/\n/g)` which allocated large string substrings and matching arrays in a loop, heavily impacting GC on large payloads. This changes the logic to a straightforward `charCodeAt(i) === 10` loop up to `match.index`, substantially reducing memory pressure and improving execution speed. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
ā” Bolt: Optimize Webhook Deliveries Moved `app/api/v1/webhooks/route.ts` from sequential fetching and sequential insertion in a loop (the N+1 anti-pattern) to batch-processing using Promise.all (chunked by 50 to avoid socket exhaustion) and a single bulk DB insert utilizing `jsonb_to_recordset` and a serialized JSON object as detailed in my learnings. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
test: Add tests for C2 and XOR extraction\n\n- Created lib/__tests__/c2-extractor.test.ts\n- Added tests for extractC2Indicators (frameworks, intervals, staging, callbacks)\n- Added tests for extractXorPayloads (bxor_powershell, frequency analysis, rolling XOR)\n- Fixed multiple RegEx infinite loop and catastrophic backtracking bugs in c2-extractor.ts Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
feat: Add aria-label to Copy buttons in API docs Adds accessible names to icon-only Copy buttons for screen readers. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
Add files via upload
Create README.md
Merge pull request #104 from mbarbine/add-decoders-test-coverage-14464208574439544428 š§Ŗ Add test coverage for analysis/decoders.ts
Merge pull request #78 from mbarbine/sentinel/fix-sql-script-filters-17897892736256695353 š”ļø Sentinel: [security improvement] Fix SQL query filtering logic
Merge branch 'main' into palette/keyboard-focus-accessibility-2091467963982533992
Merge pull request #64 from mbarbine/bolt-optimize-scorepscontent-9641218494313663826 ā” Bolt: Optimize string printability check in scorePSContent
Merge pull request #60 from mbarbine/sentinel/fix-insecure-prng-1552932243610167591 š”ļø Sentinel: [HIGH] Fix insecure PRNG in identifier generation
Merge pull request #51 from mbarbine/copilot/fix-documentation-inconsistencies Phase 0: Fix documentation inconsistencies and surface/API mismatches
Merge pull request #29 from mbarbine/fix-ssrf-json-integration-6460739835040264297 š Fix Server-Side Request Forgery in JSON integration
Merge pull request #29 from mbarbine/fix-ssrf-json-integration-6460739835040264297 š Fix Server-Side Request Forgery in JSON integration
Merge pull request #49 from mbarbine/copilot/fix-mcp-client-issues Fix MCP route: local engine, DB fallbacks, JSON-RPC 2.0 protocol, proper client
Merge pull request #45 from mbarbine/copilot/enhance-rules-saving-functionality Fix rules page: save/display broken without DB + 978-test coverage
Merge pull request #42 from mbarbine/sentinel-ssrf-prevention-16197666635179578226 š”ļø Sentinel: [CRITICAL] Fix SSRF vulnerability in script analysis API
Merge pull request #43 from mbarbine/bolt/optimize-calculate-entropy-14411978140349372245 ā” Bolt: optimize calculateEntropy using Uint32Array
Merge pull request #44 from mbarbine/copilot/fix-ui-errors-and-analysis Fix circular JSON crash, broken analysis (DB resilience), field mapping, and tab overflow ā radical UI overhaul
update
update
Merge pull request #40 from mbarbine/copilot/enhance-virus-total-capabilities Enhance C2/XOR key extraction, auto payload acquisition, and VirusTotal on-demand submission
update
update
Merge pull request #39 from mbarbine/copilot/fix-prerendering-error Fix prerender TDZ crash: `clearUrlInput` referenced before initialization in `app/page.tsx`
Merge pull request #27 from mbarbine/copilot/fix-build-logging-analytics [WIP] Fix build by improving logging and adding Vercel analytics support
Merge pull request #9 from mbarbine/v0/mbarbine-30af7951 Launch DESA platform for PowerShell script analysis
Merge pull request #9 from mbarbine/v0/mbarbine-30af7951 Launch DESA platform for PowerShell script analysis
Merge pull request #8 from mbarbine/copilot/fix-column-is-enabled-error Fix: column "is_enabled" does not exist in detection_rules queries
Initial plan
Merge pull request #1 from mbarbine/v0/mbarbine-8c3f7df2 Launch DESA platform for advanced PowerShell script analysis