Hibryda
|
1cd4558740
|
fix(electrobun): address all 22 Codex review #2 findings
CRITICAL:
- DocsTab XSS: DOMPurify sanitization on all {@html} output
- File RPC path traversal: guardPath() validates against project CWDs
HIGH:
- SSH injection: spawn /usr/bin/ssh via PTY args, no shell string
- Search XSS: strip HTML, highlight matches client-side with <mark>
- Terminal listener leak: cleanup functions stored + called in onDestroy
- FileBrowser race: request token, discard stale responses
- SearchOverlay race: same request token pattern
- App startup ordering: groups.list chains into active_group restore
- PtyClient timeout: 5-second auth timeout on connect()
- Rule 55: 6 {#if} patterns converted to style:display toggle
MEDIUM:
- Agent persistence: only persist NEW messages (lastPersistedIndex)
- Search errors: typed error response, "Invalid query" UI
- Health store wired: agent events call recordActivity/setProjectStatus
- index.ts SRP: split into 8 domain handler modules (298 lines)
- App.svelte: extracted workspace-store.svelte.ts
- rpc.ts: typed AppRpcHandle, removed `any`
LOW:
- CommandPalette listener wired in App.svelte
- Dead code removed (removeGroup, onDragStart, plugin loaded)
|
2026-03-22 02:30:09 +01:00 |
|
Hibryda
|
4826b9dffa
|
feat(electrobun): auto-updater + E2E tests + splash screen — ALL GAPS CLOSED
Auto-updater:
- updater.ts: GitHub Releases API check, semver comparison, timestamp tracking
- AdvancedSettings wired to real updater.check/getVersion RPC
E2E testing (45 tests):
- wdio.conf.js: WebDriverIO config for Electrobun (port 9761)
- fixtures.ts: isolated temp dirs, demo data, git repo init
- 4 spec files: smoke (13), settings (13), terminal (10), agent (9)
Splash screen:
- SplashScreen.svelte: animated gradient AGOR logo, version, loading dots
- App.svelte: shows splash until all init promises resolve, 300ms fade-out
|
2026-03-22 01:49:30 +01:00 |
|
Hibryda
|
252fca70df
|
feat(electrobun): file management — CodeMirror editor, PDF viewer, CSV table, real file I/O
- CodeEditor: CodeMirror 6 with Catppuccin theme, 15+ languages, Ctrl+S save,
dirty tracking, save-on-blur
- PdfViewer: pdfjs-dist canvas rendering, zoom 0.5-3x, HiDPI, lazy page load
- CsvTable: RFC 4180 parser, delimiter auto-detect, sortable columns, sticky header
- FileBrowser: real filesystem via files.list/read/write RPC, lazy dir loading,
file type routing (code→editor, pdf→viewer, csv→table, images→display)
- 10MB size gate, binary detection, base64 encoding for non-text files
|
2026-03-22 01:36:02 +01:00 |
|
Hibryda
|
f97ea95373
|
feat(electrobun): add xterm.js terminal with image addon (Sixel/iTerm2)
- Terminal.svelte component with @xterm/xterm + Canvas + Fit + Image addons
- Catppuccin Mocha terminal theme matching main app
- Sixel, iTerm2 inline image protocol support via xterm-addon-image
- ResizeObserver for responsive terminal sizing
- Demo cargo test output in terminal section below agent messages
|
2026-03-20 01:40:24 +01:00 |
|
Hibryda
|
cfc135ffaf
|
feat: Electrobun Svelte+WGPU prototype (Dawn GPU confirmed on Linux)
- Svelte 5 frontend with Catppuccin Mocha theme, 2 project cards
- Electrobun v1.16.0 with bundleWGPU: true (Dawn on Linux x64)
- WebKitGTK webview + WGPU surface coexistence confirmed
- CPU: 6.5% idle (CSS animation + WebKitGTK overhead)
- Port 9760 for dev server (project convention)
|
2026-03-20 01:25:41 +01:00 |
|
Hibryda
|
1f20fc460e
|
feat: add Electrobun WGPU prototype (Dawn GPU on Linux confirmed)
|
2026-03-20 01:18:19 +01:00 |
|