fix: Mermaid diagram rendering in HTML export#35
Merged
Conversation
…t fix Plan docs: - rowan-salsa-completion: 4-phase LSP-ready migration (22 work items) - formal-verification-completion: 37 proofs, Kani CI ready - coverage-gap-analysis: STPA gaps (23 new artifacts needed) - oslc-analysis: deprioritize OSLC, focus on ReqIF + needs.json FEAT-020 promoted to approved — Playwright verified AADL rendering. Fixed initAadlDiagrams DOMContentLoaded trigger. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…ndings Fresh STPA + STPA-Sec analysis identifying: - H-13: XSS via unescaped artifact content in dashboard/export - H-14: WASM adapter supply chain (untrusted code) - H-15: Commit traceability false positives - H-16: Dashboard stale data after reload failure - H-17: git clone code execution via rivet.yaml - 5 new system constraints (SC-15..19) - 15 new UCAs + 14 loss scenarios - OSLC lifecycle gap check results - Critical: no CSP header, no WASM signature verification Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…urity hardening docs New STPA analysis for v0.2.0 security hardening: - H-13..H-17: XSS, WASM supply chain, commit false positives, stale dashboard, git hooks - SC-15..SC-19: HTML escaping, WASM validation, ID store check, reload reporting, hook disable - 15 UCAs (UCA-D-3..D-4, UCA-C-18..C-25, UCA-L-6..L-7) - 13 loss scenarios (LS-C-5..C-15, LS-D-3, LS-L-3) - 13 controller constraints - Architecture section 8.8: Security Hardening - Verification section 12: STPA-Sec Test Requirements - 5 REQ→SC links for security constraints - 395 artifacts, PASS, 0 warnings Implements: SC-15, SC-16, SC-17, SC-18, SC-19 Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…M validation + code quality Security (S1-S4): - CSP header on all dashboard responses - Markdown raw HTML filtering (strips <script>, <iframe>, etc.) - git clone --config core.hooksPath=/dev/null on all sync operations - WASM adapter output validation (empty ID/type rejection, HTML stripping) Code quality (Q3 partial): - ProjectContext consolidation in main.rs 408 tests, 0 failures. Implements: SC-15, SC-16, SC-17, SC-18, SC-19 Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Mermaid diagrams in exported documents were rendered as raw text because no Mermaid JS was included. Now loads mermaid@11 from CDN with dark theme and strict security. Skipped in --offline mode. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Codecov Report❌ Patch coverage is
📢 Thoughts on this report? Let us know! |
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
There was a problem hiding this comment.
⚠️ Performance Alert ⚠️
Possible performance regression was detected for benchmark 'Rivet Criterion Benchmarks'.
Benchmark result of this commit is worse than the previous benchmark result exceeding threshold 1.20.
| Benchmark suite | Current: 728c3f8 | Previous: 7a06ac5 | Ratio |
|---|---|---|---|
store_insert/10000 |
58009158 ns/iter (± 1622537) |
46482752 ns/iter (± 870075) |
1.25 |
link_graph_build/10000 |
34073853 ns/iter (± 2046326) |
26668420 ns/iter (± 3482798) |
1.28 |
This comment was automatically generated by workflow using github-action-benchmark.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Loads mermaid@11 from CDN in export pages. Dark theme, strict security. Skipped in --offline mode.