Skip to content

feat: P0+P1 security, filter/sort/pagination, traceability, test markers#52

Merged
avrabe merged 1 commit intomainfrom
feat/p0-p1-security-filters-traceability
Mar 20, 2026
Merged

feat: P0+P1 security, filter/sort/pagination, traceability, test markers#52
avrabe merged 1 commit intomainfrom
feat/p0-p1-security-filters-traceability

Conversation

@avrabe
Copy link
Copy Markdown
Contributor

@avrabe avrabe commented Mar 20, 2026

Summary

  • SSC-6: 10 MB YAML document-size limit enforced in generic + STPA adapters
  • SSC-3: Dashboard binds to localhost by default, warns on 0.0.0.0
  • Artifacts: server-side ?types=, ?q=, ?sort=, ?dir=, ?per_page=, ?page= with filter bar
  • STPA: filter bar with type checkboxes and text search
  • V-model: 3 structural gaps closed (REQ-003, REQ-009, REQ-022)
  • Test markers: 324 // rivet: verifies markers across 22 source files

Test plan

  • All Rust tests pass
  • rivet validate PASS 0 warnings
  • CI + Playwright

🤖 Generated with Claude Code

@claude
feat: P0+P1 security hardening, filter/sort/pagination, traceability …
c5c28da 
…gaps, test markers

Three workstreams implemented in parallel:

1. Security hardening (SSC-3 + SSC-6):
   - YAML document-size limit (10 MB) in generic and STPA adapters
   - Dashboard default bind to 127.0.0.1 (warns on 0.0.0.0)
   - 2 new unit tests for size limit enforcement

2. Dashboard filter/sort/pagination:
   - /artifacts: ?types=, ?q=, ?sort=, ?dir=, ?per_page=, ?page=
   - Filter bar with search input, type dropdown, per-page selector
   - Sortable column headers with direction arrows
   - Windowed pagination with prev/next/ellipsis
   - /stpa: filter bar with type checkboxes and text search
   - All href values match hx-get (no href="#")

3. V-model traceability:
   - FEAT-016 now satisfies REQ-003 (ASPICE V-model)
   - FEAT-014 now satisfies REQ-009 (test results evidence)
   - DD-039 created for REQ-022 (asset embedding rationale)
   - 324 `// rivet: verifies REQ-XXX` markers added across 22 source files

Validate: PASS 0 warnings. All tests pass.

Implements: FEAT-065
Satisfies: REQ-012

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@avrabe avrabe merged commit c1886da into main Mar 20, 2026
@avrabe avrabe deleted the feat/p0-p1-security-filters-traceability branch March 20, 2026 04:59
@codecov
Copy link
Copy Markdown

codecov Bot commented Mar 20, 2026

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

github-actions[bot]
github-actions Bot reviewed Mar 20, 2026
View reviewed changes
Copy link
Copy Markdown

@github-actions github-actions Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Performance Alert ⚠️

Possible performance regression was detected for benchmark 'Rivet Criterion Benchmarks'.
Benchmark result of this commit is worse than the previous benchmark result exceeding threshold 1.20.

Benchmark suite Current: c5c28da Previous: c1886da Ratio
link_graph_build/10000 42409249 ns/iter (± 17628456) 28349124 ns/iter (± 2377978) 1.50
validate/10000 11589341 ns/iter (± 3016998) 5107676 ns/iter (± 473444) 2.27

This comment was automatically generated by workflow using github-action-benchmark.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@github-actions github-actions[bot] github-actions[bot] left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@avrabe