Conversation
Made-with: Cursor
* feat: harden HTTP clients, dashboard server, and hook system - Add shared HTTP helper (src/utils/http-request.ts) with timeout and 64 KiB response body cap; refactor validate.ts and hooks.ts to use it - Fix dashboard route matching to parse URL pathname (query strings no longer break /events and /api/status) - Add SSE broadcast backpressure: drop destroyed or slow clients - Block SSRF on HTTP hooks by default (private/loopback/link-local IP ranges); override with Q_RING_ALLOW_PRIVATE_HOOKS=1 - Remove unnecessary CORS wildcard headers from localhost dashboard - Replace external Google Fonts and remote icon in dashboard HTML with system font stacks and inline SVG for full offline operation - Document SSRF protection in README Made-with: Cursor * fix: harden HTTP helper, dashboard server, and SSRF hook checks per review feedback (#5) * Initial plan * fix: address all 7 review comments on HTTP helper, dashboard, and hooks Co-authored-by: I4cTime <24039758+I4cTime@users.noreply.github.com> Agent-Logs-Url: https://github.com/I4cTime/quantum_ring/sessions/f98e4751-fde3-4773-832f-4daaafdb62be --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: I4cTime <24039758+I4cTime@users.noreply.github.com> --------- Co-authored-by: Copilot <198982749+Copilot@users.noreply.github.com> Co-authored-by: I4cTime <24039758+I4cTime@users.noreply.github.com>
- Add Tailwind CSS v4 with @theme tokens and PostCSS - Add Framer Motion (motion) FadeIn, StaggerGroup, animated stats - CopyableTerminal with copy buttons; remove RevealObserver - Mobile nav with focus trap, Docs/Changelog routes - Interactive Architecture tooltips and scroll targets - Getting Started (/docs) and Changelog (/changelog) pages - Skip link, main landmark, reduced-motion for WebGL Made-with: Cursor
Made-with: Cursor
Made-with: Cursor
This was referenced Mar 26, 2026
Merged
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
CHANGELOG.mdfor full notes.Checklist
package.jsonandserver.jsonCHANGELOG.mdupdatedv0.4.1andgh release create(publish via tag)Made with Cursor