web(apidocs): render cref text in summaries#50
web(apidocs): render cref text in summaries#50PrzemyslawKlys merged 138 commits intov2-speedgonzalesfrom
Conversation
* Introduced `OfficeIMO.Markdown` version `0.5.0` as a transitive dependency. * Added `Scriban` version `5.11.0` as a transitive dependency. * Updated `powerforge.web` project to include new dependencies.
* Removed multiple empty `<code-changes>` sections from the changes log. * Improved readability and maintainability of the change history.
* No code changes were made in this commit. * This serves as a placeholder for future updates.
- Introduced a new theme `base-scriban` with a complete set of layouts and partials. - Added critical CSS for dark mode support and improved styling for various components. - Created multiple layout templates including `base.html`, `blog.html`, `docs.html`, `home.html`, `page.html`, `post.html`, `project.html`, `projects.html`, and `showcase.html`. - Implemented a responsive header and footer with navigation links. - Established a theme configuration in `theme.json` to manage color tokens, font styles, and layout settings. - Included a placeholder critical CSS file for the base theme.
- Introduced `powerforge.web.sitespec.schema.json` for site specifications. - Added `powerforge.web.projectspec.schema.json` for project specifications. - Created `powerforge.web.frontmatter.schema.json` for front matter validation. - Updated `JSON_SCHEMA.md` to include new schemas for web components.
…p Generator - Introduced `WebAssetOptimizer` for optimizing HTML, CSS, and JS assets. - Added `WebLlmsGenerator` to generate LLMS files based on project settings. - Implemented `WebSitemapGenerator` for creating sitemaps from site structure. - Updated `packages.lock.json` to include new dependencies for HTML optimization and sitemap generation.
* Introduced a new `template` command to facilitate script generation. * Validates the presence of the `--script` option and provides usage instructions if missing. * Implements error handling and JSON output for command execution results. * Adds helper functions for building and running PowerShell scripts.
* Introduced `WebPublishResult`, `WebDotNetBuildResult`, and `WebDotNetPublishResult` to encapsulate results from publishing and building processes. * Added `WebStaticOverlayResult` to represent the outcome of static overlay operations. * Created `WebPublishSpec`, `WebPublishBuildSpec`, `WebPublishOverlaySpec`, `WebPublishDotNetSpec`, and `WebPublishOptimizeSpec` to define specifications for publishing processes. feat(services): ✨ Implement Blazor publish fixer and .NET runner * Added `WebBlazorPublishFixer` to handle common issues during Blazor publishing, including updating base href and boot integrity. * Introduced `WebDotNetRunner` for executing `dotnet build` and `dotnet publish` commands programmatically. feat(services): ✨ Enhance sitemap and static overlay generation * Updated `WebSitemapGenerator` to support custom entries and improved merging of API sitemaps. * Implemented `WebStaticOverlay` for copying files with include/exclude patterns. fix(services): 🐛 Improve file matching and collection processing * Enhanced file enumeration and counting in `WebSiteBuilder` and `WebSitePlanner` to respect include/exclude patterns. * Refactored methods to improve clarity and maintainability. chore(project): 🔧 Update project file to include embedded resources * Added embedded resources for API documentation assets in the project file.
* Deleted unused markdown, JSON, CSS, and HTML files related to the CodeGlyphX sample. * Cleans up the repository by removing obsolete assets and templates.
* Implemented the `publish` command to handle web publishing tasks. * Added validation for required configuration parameters. * Integrated `WebDotNetRunner` for executing the publish process. * Included support for overlays and asset optimization. * Updated usage documentation to reflect new command.
* Deleted the `base-scriban` theme including all associated layouts, partials, and styles. * Removed the `base` theme and its related files. * Cleared out critical CSS files that were placeholders. * This cleanup helps streamline the project by removing obsolete code and assets.
* Added `App.razor` for main component rendering. * Created `Program.cs` to set up the WebAssembly host. * Included `index.html` for the app's entry point. * Added `app.css` for basic styling. * Updated `README.md` with usage instructions and purpose.
- Introduced a new theme `base-scriban` with a complete set of layouts and partials. - Added critical CSS for dark mode support and improved styling for various components. - Created multiple layout templates including `base.html`, `blog.html`, `docs.html`, `home.html`, `page.html`, `post.html`, `project.html`, `projects.html`, and `showcase.html`. - Implemented a footer and header partials for consistent navigation and branding. - Defined theme tokens in `theme.json` for easy customization of colors, fonts, and layout properties. - Established a base theme structure with a simple layout for future enhancements.
* Corrected schema paths from `schemas/` to `Schemas/` for consistency. * Added new `powerforge.web.pipelinespec.schema.json` and `powerforge.web.publishspec.schema.json` files. * Enhanced existing schemas with new properties for better configuration options. * Updated documentation references to reflect schema changes.
- Introduced `PowerForge.Web.CodeGlyphX.Build.md` to outline the build mapping for CodeGlyphX. - Created `PowerForge.Web.ContentSpec.md` detailing the recommended content model and folder structure. - Added `PowerForge.Web.QuickStart.md` as a guide for setting up a site with PowerForge.Web. - Updated `PowerForge.Web.RFC.md` with navigation, page metadata, and shortcode details. - Established `PowerForge.Web.Theme.md` to define the theme system and its structure.
* Changed the definition of `PathSeparators` to explicitly use '/' and '\\' for better cross-platform compatibility.
* Implemented `FrontMatterParserTests` to validate parsing of metadata with dot notation and lists. * Created `ThemeLoaderTests` to ensure correct merging of tokens and resolution of base layouts. * Enhanced test coverage for the PowerForge.Web module.
…and improved theme structure * Added support for Scriban theme engine with default theme set to `nova`. * Introduced new content structure with separate directories for `pages` and `docs`. * Enhanced theme manifest to include theme tokens for better customization. * Updated layout templates to support dynamic CSS variables for theming. * Improved asset management with a dedicated `data` directory and updated site specifications. * Added accessibility features and link rules for better usability.
* Bump versions for several packages to ensure compatibility and stability. * Updated `Microsoft.AspNetCore.App.Internal.Assets` to `10.0.2`. * Updated `Microsoft.DotNet.HotReload.WebAssembly.Browser` to `10.0.102`. * Updated `Microsoft.NET.ILLink.Tasks` to `10.0.2`. * Updated `Microsoft.NET.Sdk.WebAssembly.Pack` to `10.0.2`.
…hance existing schemas - Introduced `powerforge.web.themespec.schema.json` for theme specifications. - Updated `powerforge.web.sitespec.schema.json` to include new properties: `StaticAssets`, `Head`, `Social`, and `StructuredData`. - Enhanced `powerforge.web.frontmatter.schema.json` by adding `meta` property.
- Introduced a new theme named `nova` with various partials including `header`, `hero`, `features`, `formats`, and more. - Implemented theme tokens for consistent styling across components. - Enhanced navigation structure in `site.json` to support the new theme. - Added documentation layout with a hero section for improved user experience. - Created shortcodes for reusable components like `cards`, `metrics`, and `showcase`. - Updated styles in `site.css` and added new styles in `docs.css` for better presentation.
- Introduced a new section for generating API docs into `Artifacts/` - Added command for pipeline execution with API docs - Specified expected inputs and outputs for the API docs generation - Clarified that the `Samples/PowerForge.Web.CodeGlyphX.Sample/static/` folder should contain only hand-authored assets
* Removed duplicate entry for `Artifacts` to ensure proper file ignoring. * This change helps maintain a clean repository by preventing unnecessary files from being tracked.
- Introduced `WebLlmsResult`, `WebSitemapResult`, `WebApiDocsResult`, `WebPipelineResult`, `WebPublishResult`, `WebPipelineStepResult`, `WebOptimizeResult`, `WebDotNetBuildResult`, `WebDotNetPublishResult`, `WebStaticOverlayResult`, and `WebScaffoldResult` to encapsulate results from respective operations. - Enhanced `WebPublishSpec` with additional configuration options for build, overlay, publish, and optimization steps. - Updated `WebSitePlan`, `WebCollectionPlan`, and `WebProjectPlan` to include more detailed properties for site structure and content management. - Added verification and optimization result classes to improve feedback on operations. - Improved documentation with XML comments for better clarity and maintainability.
…navigation and site name * Added dynamic footer sections for product, resources, and company links. * Updated header to display the site name dynamically. * Refactored HTML to utilize `head_html` for icon and preconnect links in layout files. * Improved overall structure for better maintainability and readability.
- Introduced `PowerForge.Web.Pipeline.md` to document JSON formats for pipeline specs. - Added `PowerForge.Web.Workflow.md` to explain the end-to-end process of building a deployable site. - Updated `PowerForge.Web.QuickStart.md` with references to new documentation. - Enhanced `PowerForge.Web.ContentSpec.md` and `PowerForge.Web.Theme.md` with best practices for theme and content management. - Updated JSON schema in `powerforge.web.sitespec.schema.json` to include new properties for head links and meta tags.
- Added support for multiple outputs (HTML/JSON) in `PowerForge.Web.ContentSpec.md`. - Introduced folder-driven routes and section index pages in `PowerForge.Web.ContentSpec.md`. - Updated sitemap generation to include optional `sitemap.html` in `PowerForge.Web.Pipeline.md`. - Added quick content creation using archetypes in `PowerForge.Web.QuickStart.md`. - Documented list pages and taxonomies in `PowerForge.Web.Theme.md`. - Clarified source vs output files and updated pipeline steps in `PowerForge.Web.Workflow.md`.
* Removed `<NoWarn>$(NoWarn);CS1591</NoWarn>` from `PowerForge.Cli.csproj` to ensure proper documentation warnings are displayed.
* Introduced a new `/auth/login` endpoint to handle user login requests. * Implemented JWT token generation for secure session management. * Updated API documentation to include the new authentication flow.
* No code changes were made in this commit. * This serves as a placeholder for tracking purposes.
Pull Request ReviewThank you for this contribution! I've reviewed PR #50 which addresses XML SummaryThis PR fixes the rendering of ✅ Positive FindingsCode Quality & Architecture
Test Coverage
Security
|
* Refactored multiple code sections to improve readability. * Removed redundant code blocks to streamline functionality. * Enhanced comments for clarity on complex logic.
… InvokeProjectBuildCommand * Added new parameters to `InvokeDotNetRepositoryReleaseCommand` for certificate signing and version mapping options. * Introduced `InvokeProjectBuildCommand` to execute a repository-wide .NET build/release pipeline from a JSON configuration. * Improved logging and interactive output using Spectre.Console for better user experience. * Updated `NewConfigurationBuildCommand` and `NewConfigurationModuleSkipCommand` to include new parameters for resolving missing modules and handling outdated dependencies.
* Introduced `project.build.schema.json` for defining project build settings. * Added properties for build options, including `Build`, `PublishNuget`, and `GitHub` configurations. * Enhanced `ModuleSkipConfiguration` with `FailOnMissingCommands` option.
- Introduced a new document detailing the JSON configuration for `Invoke-ProjectBuild`. - Covers schema location, build pipeline overview, example configuration, and various settings for project discovery, versioning, staging, NuGet publishing, and GitHub releases.
* Enhanced `Invoke-DotNetRepositoryRelease` with new parameters: `-CertificateThumbprint`, `-CertificateStore`, `-ExpectedVersionMapAsInclude`, `-ExpectedVersionMapUseWildcards`, and `-PublishFailFast`. * Introduced `Invoke-ProjectBuild` documentation for executing a .NET build/release pipeline. * Added new parameters to `New-ConfigurationBuild` and `New-ConfigurationModuleSkip` for improved functionality. * Updated `Readme.md` to include references to new cmdlets and their descriptions.
* Refactored `Find`, `Publish`, and `Save` methods to improve error handling and logging. * Updated parsing logic in `ParseFindOutput` and `ParseSaveOutput` to include additional information. * Added support for GUID in `PSResourceInfo` to enhance module identification. * Ensured consistent handling of optional parameters and improved input validation.
* Enhanced the documentation for `ResolveMissingModulesOnline` to clarify its behavior when not explicitly set. * Added examples for `New-ConfigurationModule` to illustrate usage scenarios for required and external module dependencies.
Use NuGet packages for HtmlTinkerX and OfficeIMO.Markdown
API docs: add default language classes for code examples
Pull Request ReviewOverviewThis PR implements a fix for XML see cref rendering in API documentation, preventing fragments like into a or from a from appearing in generated summaries. The implementation uses a token-based approach that defers link resolution until HTML generation. Code Quality: ExcellentStrengths:
PowerShell Cmdlet Changes:
Test Coverage: GoodPositive:
Recommendations:
Security: No ConcernsReviewed Areas:
No security issues identified. Performance: Good
Potential Issues: Minor
RecommendationsTesting:
Verdict: Approve with Minor SuggestionsThis is a solid implementation that solves the stated problem effectively. The code is clean, well-tested, and follows security best practices. The minor suggestions above are optional improvements rather than blockers. Summary:
Great work on this fix! |
PR Review: web(apidocs): render cref text in summariesSummaryThis is a massive PR with 53,900 additions and 14,147 deletions across 86 commits. The primary focus is fixing XML Code Quality: ✅ GoodStrengths:
Specific highlights:
Security: ✅ StrongExcellent security practices:
Test Coverage: ✅ GoodTest quality:
Performance Considerations: ✅ GoodPositive aspects:
Potential concerns:
Architecture & Design:
|
API docs: dedent examples + scrollbar
Pull Request Review - PR #50OverviewTitle: web(apidocs): render cref text in summaries Executive SummaryThis PR is described as fixing XML cref rendering but includes significantly more than a focused bug fix. It contains a major feature release with API docs improvements, asset optimization, web audit system, changelog generation, new templates, and extensive documentation regeneration. Primary Recommendation: Consider splitting into multiple focused PRs for easier review and safer merging. Positive Findings1. Core Cref Rendering Fix - Well-designed three-phase token-based approach that cleanly separates concerns 2. Security Implementation - Excellent path traversal protection in WebAssetOptimizer.cs 3. Code Quality - Consistent error handling, null safety patterns, well-structured configuration models Critical Concerns1. PR Scope Creep - This PR mixes multiple major features that should be independently reviewable:
Impact: Makes review extremely difficult, increases bug risk, complicates rollback. 2. Auto-Generated Documentation - Module/Docs contains 30+ regenerated files with identical line changes. These should be in .gitignore or a separate PR. 3. Test Coverage - Limited visibility into test coverage for the core cref bug fix. Need regression tests for the specific "into a ." issue. Medium Priority Concerns4. User-Supplied Regex Patterns - Asset optimizer accepts user regex patterns. While mitigated with timeout, needs validation to prevent ReDoS. 5. Silent Minification Failures - Errors are caught but processing continues. May hide configuration issues. 6. Breaking Changes - 3,798 additions to WebApiDocsGenerator.cs may affect existing configurations. Needs migration guide. Risk AssessmentOverall: MEDIUM-HIGH
Approval ConditionsRecommend requesting changes:
Assessment: Code quality and security are solid. The cref fix appears sound. However, PR scope makes safe review difficult, and test coverage visibility is concerning. Review by Claude Code Agent - 2026-02-05 |
Update lock files after NuGet deps change
PR Review: web(apidocs): render cref text in summariesSummaryThis PR successfully fixes XML ✅ Positive Findings1. Core Bug Fix - Well Implemented
2. Excellent Security Practices
3. Good Error Handling
🔴 Critical Issue - Must Fix Before MergeXSS Vulnerability in InlineCriticalCssLocation: Problem: Critical CSS content is inserted directly into var asyncCss = $"<!-- critical-css -->\n<style>{criticalCss}</style>\n...";Attack vector: If an attacker can control the CSS file content (via
Recommended fix: // Add validation before line 457
if (criticalCss.Contains("</style>", StringComparison.OrdinalIgnoreCase))
{
throw new InvalidOperationException("Critical CSS contains forbidden content");
}Or better yet, use a proper CSS validator/sanitizer to ensure only valid CSS is included.
|
…ishModule into web/apidocs-cref
Code Review - PR #50: web(apidocs): render cref text in summariesSummaryThis PR successfully fixes XML rendering in API documentation, eliminating "into a ." / "from a ." fragments. The implementation is well-designed with proper security controls and test coverage. Overall Assessment: Approve with minor suggestions Key Changes Analyzed1. Core Fix: WebApiDocsGenerator Cref RenderingStatus: Excellent The three-phase approach is well-executed:
Security: Multiple layers of HTML encoding prevent XSS 2. New: InvokeProjectBuildCommand.cs (815 lines)Status: Good with minor concerns Strengths:
Concerns: Lines 522-551 contain silent exception handling that hides file access errors. Recommendation: Add logging for secret resolution failures to help users debug configuration issues. 3. PowerForge.Web.Cli/Program.cs (810 additions)Status: Good - Clean CLI structure with consistent patterns 4. Test Coverage: WebApiDocsGeneratorCrefTests.csStatus: Good, could be enhanced Current test validates the fix works. Suggestions for additional tests:
Security AssessmentStrengths:
Minor Concerns:
RecommendationsHigh Priority:
Medium Priority:
Low Priority:
ConclusionThis is a well-implemented PR that:
The minor concerns identified are not blocking issues. Recommendation: Approve Great work on the comprehensive fix! The two-phase token approach for cref rendering is elegant and the security controls are thorough. |
Pull Request Review - PR #50SummaryThis PR introduces comprehensive enhancements to the PowerForge.Web API documentation generation system, particularly focusing on fixing XML ✅ Strengths1. Core Fix - cref Rendering ✨The primary fix addresses a real pain point in API documentation:
2. Security Hardening 🔒Excellent security practices throughout:
3. Performance Considerations ⚡
4. Code Quality 🎯
5. Test Coverage ✅The PR adds test coverage for the critical cref functionality:
6. Documentation Pipeline Features 📚Beyond the core fix, this PR adds substantial value:
🔍 Areas for Consideration1. PR Size
2. Test Coverage GapsWhile the cref fix has tests, consider adding:
3. Commit Message ConventionCommits use conventional commit format (e.g.,
4. Error HandlingThe code has good error handling, but consider: // Line 166-168 - Assembly inspection catches all exceptions
catch (Exception ex)
{
warnings.Add($"Assembly inspection failed: {Path.GetFileName(options.AssemblyPath)} ({ex.GetType().Name}: {ex.Message})");
5. Regex Pattern ValidationThe CrefTokenRegex pattern:
6. Documentation
7. Performance at Scale
🎯 Specific Code Review NotesWebApiDocsGenerator.cs:2176-2186 (RenderCref)private static string RenderCref(XElement el)
{
var cref = el.Attribute("cref")?.Value;
if (!string.IsNullOrWhiteSpace(cref))
{
var cleaned = cref;
var colonIdx = cleaned.IndexOf(':');
if (colonIdx >= 0 && colonIdx + 1 < cleaned.Length)
cleaned = cleaned.Substring(colonIdx + 1);
return $"[[cref:{cleaned}]]";
}✅ Correctly strips the WebApiDocsGenerator.cs:3270-3279 (RenderLinkedText)private static string RenderLinkedText(string text, string baseUrl, IReadOnlyDictionary<string, string> slugMap)
{
if (string.IsNullOrWhiteSpace(text)) return string.Empty;
var encoded = System.Web.HttpUtility.HtmlEncode(text);
return CrefTokenRegex.Replace(encoded, match =>
{
var name = match.Groups["name"].Value;
return LinkifyType(name, baseUrl, slugMap);
});
}✅ Encodes HTML before regex replacement (prevents XSS) WebApiDocsGeneratorCrefTests.cs:47-48Assert.DoesNotContain("from a .", html, StringComparison.OrdinalIgnoreCase);
Assert.Contains("BitMatrix", html, StringComparison.Ordinal);✅ Explicit test that the bug is fixed 🚀 RecommendationsHigh Priority
Medium Priority
Low Priority
📊 Risk Assessment
✅ Final VerdictLGTM with minor suggestions 👍 This PR successfully fixes the cref rendering issue and adds substantial value to the API documentation generation system. The code quality is high, security practices are solid, and the critical path has test coverage. Before Merging:
The suggestions above are mostly for future improvements and don't block this PR. Great work on fixing a frustrating documentation bug! 🎉 Review generated by Claude Code |
Fixes XML rendering so API summaries no longer emit "into a ." / "from a ." fragments. Keeps existing apidocs behavior intact.