LJ-399 Add ability to read and post internal comments to a privacy request

[lucanovera]

Description Of Changes

Add ability to read and post internal comments to a privacy request

Code Changes

• Added fetching of comments
• Modified Activity Timeline component to show both comments & event logs, sorted by date
• Added CommentInput component for posting new comments
• Added new comments slice
• Bonus change: Updated the clipboard icon to Carbon
• Bonux fix: Fix formatDate displaying in 12hs format without saying if it's am or pm. Added am/pm to the formated text.

Steps to Confirm

You may use the lastest fidesplus if running locally, or use the vercel preview link.

1. Login to admin ui, go to Request Manager and click on any request.
2. Scroll down to the "Activity" tab to view the combined timeline of system events and comments.
3. Click the "Add comment" button below the timeline.
4. Enter text in the comment field and click "Save" to add an internal comment.
5. Verify the comment appears in the Activity timeline, sorted chronologically with system events.
6. Note that comments show author attribution correctly - username for root users, or first and last name for users with complete profiles.
7. Click "Add comment" again, type some text, then click "Cancel" to verify cancellation works.
8. Add another comment to see it appear at the appropriate position in the timeline.
9. Refresh the page and confirm all previously added comments are still visible.
10. Verify that system events and comments maintain proper chronological ordering in the timeline.

Pre-Merge Checklist

• Issue requirements met
• All CI pipelines succeeded
• CHANGELOG.md updated
  • Add a db-migration This indicates that a change includes a database migration label to the entry if your change includes a DB migration
  • Add a high-risk This issue suggests changes that have a high-probability of breaking existing code label to the entry if your change includes a high-risk change (i.e. potential for performance impact or unexpected regression) that should be flagged
  • Updates unreleased work already in Changelog, no new entry necessary
• Followup issues:
  • Followup issues created
  • No followup issues
• Database migrations:
  • Ensure that your downrev is up to date with the latest revision on main
  • Ensure that your downgrade() migration is correct and works
    • If a downgrade migration is not possible for this change, please call this out in the PR description!
  • No migrations
• Documentation:
  • Documentation complete, PR opened in fidesdocs
  • Documentation issue created in fidesdocs
  • If there are any new client scopes created as part of the pull request, remember to update public-facing documentation that references our scope registry
  • No documentation updates required

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

2 Skipped Deployments

Name	Status	Preview	Comments	Updated (UTC)
fides-plus-nightly	⬜️ Ignored (Inspect)	Visit Preview		May 29, 2025 0:44am
fides-privacy-center	⬜️ Ignored (Inspect)			May 29, 2025 0:44am

[gilluminate]

Working well in testing. Tried to do some basic XSS injection attacks and none got through. Added a couple of suggestions for improvement.

[cypress]

fides    Run #12945

Run Properties:   Passed #12945  •  e3ad6030a4: LJ-399 Add ability to read and post internal comments to a privacy request (#616...

Project	fides
Branch Review	main
Run status	Passed #12945
Run duration	00m 52s
Commit	e3ad6030a4: LJ-399 Add ability to read and post internal comments to a privacy request (#616...
Committer	Lucano Vera
View all properties for this run ↗︎

---

Test results
Failures	0
Flaky	0
Pending	0
Skipped	0
Passing	5
View all changes introduced in this branch ↗︎