Full deployment history for this project.
Merge pull request #137 from mbarbine/fix/discovery-seo-ux-enhancements-12954867770919411799 ๐งน [Code Health] Discovery, SEO, and UI fixes
๐ก๏ธ Sentinel: [HIGH] Fix rate limit bypass via spoofed X-Forwarded-For Description: ๐จ Severity: HIGH ๐ก Vulnerability: The rate limiting logic was vulnerable to IP spoofing by blindly trusting the left-most IP in the `X-Forwarded-For` header. Attackers could inject fake IPs to bypass rate limits. ๐ฏ Impact: Attackers could easily bypass API rate limiting protections and perform DoS attacks or brute-force operations without being blocked. ๐ง Fix: Updated `app/api/v1/analyze/route.ts` to properly split the `X-Forwarded-For` header and extract the right-most IP (which is the one appended by the immediate, trusted reverse proxy). Also added a journal entry documenting the risk. โ Verification: Ran `pnpm test` and `pnpm lint` successfully. Signed-off-by: Jules <jules@github.com>
perf(c2-extractor): replace Array.from(matchAll) with .exec() loop to avoid array allocation overhead Replaced `Array.from(matchAll(...))` with a fast `.exec()` loop in `parsePSByteArray` inside `lib/analysis/c2-extractor.ts`. This skips the massive intermediate array allocation previously required to evaluate matches before looping over them. Memory overhead during C2 configuration extraction is greatly reduced, especially on larger scripts with many matching blocks. Also updated Bolt journal with micro-optimization learnings. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
๐จ Palette: Improve keyboard accessibility for JSON tree toggle buttons Added full keyboard accessibility to the custom `div` toggle buttons in the `IocJsonTree` component. They now have standard `role="button"`, `tabIndex={0}`, `aria-expanded` attributes, and respond correctly to `Enter` and `Space` key presses. Additionally added focus-visible styles to make the active focus state apparent. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
๐จ Palette: Replace native title attributes with Tooltip components for icon buttons Replaced native HTML `title` attributes with standard design system `Tooltip` components on icon-only buttons in the VirusTotal panel's submission history items. This provides immediate, stylable, and consistent visual feedback on hover. The `aria-label` attributes were retained on the buttons to preserve screen reader accessibility. Recorded the learning in Palette's journal. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
๐จ Palette: Enhance VirusTotal Panel Action Buttons UX ๐ก What: Replaced native browser tooltips (`title` attribute) with design system `Tooltip` components for the icon-only action buttons (Resume, Load, Delete) in the `VirusTotalPanel`. ๐ฏ Why: Native tooltips are delayed, visually inconsistent, and less accessible. The design system Tooltips provide immediate, polished feedback that matches the rest of the application's UX. โฟ Accessibility: Retained explicit `aria-label`s on the buttons for screen readers while providing better visual context for keyboard and mouse users. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
๐จ Palette: Add explicit aria-label to Carousel navigation buttons Adds explicit aria-label to the `CarouselPrevious` and `CarouselNext` buttons to ensure robust screen reader accessibility. Also logs this learning into the `.Jules/palette.md` journal. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
๐จ Palette: Add keyboard accessibility focus states to custom buttons Added `focus-visible` utility classes to native `<button>` elements in `app/settings/page.tsx` and `app/rules/page.tsx`. This ensures that screen readers and keyboard-only users can clearly see when these custom interactive elements (like eye toggles, clear keys, or expand icons) are focused. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
๐ก๏ธ Sentinel: [HIGH] Fix rate limit bypass via IP spoofing ๐จ Severity: HIGH ๐ก Vulnerability: The application used the raw `X-Forwarded-For` header for rate limiting, allowing attackers to bypass rate limits by appending fake IPs. Furthermore, blindly trusting the left-most IP in `X-Forwarded-For` allows attackers to spoof their IP completely. ๐ฏ Impact: Attackers could easily bypass rate limiting on sensitive API endpoints. ๐ง Fix: Prioritized `X-Real-IP`. If falling back to `X-Forwarded-For`, the header is parsed and the right-most IP (appended by the final proxy) is used to prevent IP spoofing attacks. โ Verification: Ran `pnpm test` and `pnpm lint` successfully. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
๐ก๏ธ Sentinel: [HIGH] Fix rate limit bypass via X-Forwarded-For header - Extracts the first non-empty IP from the comma-separated `X-Forwarded-For` string to prevent attackers from bypassing the rate limiter by appending arbitrary IPs. - Documented findings in `.jules/sentinel.md`. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
feat(ux): add confirmation dialog to clear VT history Wrap the "Clear all history" button in the VirusTotal panel with an `AlertDialog` to prevent accidental deletion of user data. Co-authored-by: mbarbine <3211492+mbarbine@users.noreply.github.com>
Merge pull request #137 from mbarbine/fix/discovery-seo-ux-enhancements-12954867770919411799 ๐งน [Code Health] Discovery, SEO, and UI fixes
Add files via upload
Create README.md
Merge pull request #104 from mbarbine/add-decoders-test-coverage-14464208574439544428 ๐งช Add test coverage for analysis/decoders.ts
Merge pull request #78 from mbarbine/sentinel/fix-sql-script-filters-17897892736256695353 ๐ก๏ธ Sentinel: [security improvement] Fix SQL query filtering logic
Merge branch 'main' into palette/keyboard-focus-accessibility-2091467963982533992
Merge pull request #64 from mbarbine/bolt-optimize-scorepscontent-9641218494313663826 โก Bolt: Optimize string printability check in scorePSContent
Merge pull request #60 from mbarbine/sentinel/fix-insecure-prng-1552932243610167591 ๐ก๏ธ Sentinel: [HIGH] Fix insecure PRNG in identifier generation
Merge pull request #51 from mbarbine/copilot/fix-documentation-inconsistencies Phase 0: Fix documentation inconsistencies and surface/API mismatches
Merge pull request #29 from mbarbine/fix-ssrf-json-integration-6460739835040264297 ๐ Fix Server-Side Request Forgery in JSON integration
Merge pull request #29 from mbarbine/fix-ssrf-json-integration-6460739835040264297 ๐ Fix Server-Side Request Forgery in JSON integration
Merge pull request #49 from mbarbine/copilot/fix-mcp-client-issues Fix MCP route: local engine, DB fallbacks, JSON-RPC 2.0 protocol, proper client
Merge pull request #45 from mbarbine/copilot/enhance-rules-saving-functionality Fix rules page: save/display broken without DB + 978-test coverage
Merge pull request #42 from mbarbine/sentinel-ssrf-prevention-16197666635179578226 ๐ก๏ธ Sentinel: [CRITICAL] Fix SSRF vulnerability in script analysis API
Merge pull request #43 from mbarbine/bolt/optimize-calculate-entropy-14411978140349372245 โก Bolt: optimize calculateEntropy using Uint32Array
Merge pull request #44 from mbarbine/copilot/fix-ui-errors-and-analysis Fix circular JSON crash, broken analysis (DB resilience), field mapping, and tab overflow โ radical UI overhaul
update
update
Merge pull request #40 from mbarbine/copilot/enhance-virus-total-capabilities Enhance C2/XOR key extraction, auto payload acquisition, and VirusTotal on-demand submission