Fix dashboard wasm build and feature-gate mongodb for wasm compatibility

- Feature-gate mongodb in compliance-core (optional, default on) so wasm
  builds don't pull in tokio/mio via mongodb
- Use bson v2 directly for ObjectId types (wasm-compatible)
- Restructure dashboard infrastructure/mod.rs: server function modules
  always compiled (for RPC stubs), server-only modules cfg-gated
- Remove reqwest from dashboard web feature (not needed, data flows
  through server functions)
- Add .gitignore

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

Cargo.lock

@@ -436,6 +436,7 @@ dependencies = [
 name = "compliance-core"
 version = "0.1.0"
 dependencies = [
+ "bson",
  "chrono",
  "hex",
  "mongodb",

Cargo.toml

@@ -7,7 +7,7 @@ unwrap_used = "deny"
 expect_used = "deny"
 
 [workspace.dependencies]
-compliance-core = { path = "compliance-core" }
+compliance-core = { path = "compliance-core", default-features = false }
 serde = { version = "1", features = ["derive"] }
 serde_json = "1"
 tokio = { version = "1", features = ["full"] }

compliance-agent/Cargo.toml

@@ -7,7 +7,7 @@ edition = "2021"
 workspace = true
 
 [dependencies]
-compliance-core = { workspace = true }
+compliance-core = { workspace = true, features = ["mongodb"] }
 serde = { workspace = true }
 serde_json = { workspace = true }
 tokio = { workspace = true }

compliance-core/Cargo.toml

@@ -6,6 +6,10 @@ edition = "2021"
 [lints]
 workspace = true
 
+[features]
+default = ["mongodb"]
+mongodb = ["dep:mongodb"]
+
 [dependencies]
 serde = { workspace = true }
 serde_json = { workspace = true }
@@ -15,4 +19,5 @@ sha2 = { workspace = true }
 hex = { workspace = true }
 uuid = { workspace = true }
 secrecy = { workspace = true }
-mongodb = { workspace = true }
+bson = "2"
+mongodb = { workspace = true, optional = true }

compliance-core/src/error.rs

@@ -3,8 +3,13 @@ use thiserror::Error;
 #[derive(Error, Debug)]
 pub enum CoreError {
     #[error("Database error: {0}")]
+    #[cfg(feature = "mongodb")]
     Database(#[from] mongodb::error::Error),
 
+    #[error("Database error: {0}")]
+    #[cfg(not(feature = "mongodb"))]
+    Database(String),
+
     #[error("Serialization error: {0}")]
     Serialization(#[from] serde_json::Error),
 

compliance-core/src/models/cve.rs

@@ -12,7 +12,7 @@ pub enum CveSource {
 #[derive(Debug, Clone, Serialize, Deserialize)]
 pub struct CveAlert {
     #[serde(rename = "_id", skip_serializing_if = "Option::is_none")]
-    pub id: Option<mongodb::bson::oid::ObjectId>,
+    pub id: Option<bson::oid::ObjectId>,
     pub cve_id: String,
     pub repo_id: String,
     pub affected_package: String,

compliance-core/src/models/finding.rs

@@ -50,7 +50,7 @@ impl std::fmt::Display for FindingStatus {
 #[derive(Debug, Clone, Serialize, Deserialize)]
 pub struct Finding {
     #[serde(rename = "_id", skip_serializing_if = "Option::is_none")]
-    pub id: Option<mongodb::bson::oid::ObjectId>,
+    pub id: Option<bson::oid::ObjectId>,
     pub repo_id: String,
     pub fingerprint: String,
     pub scanner: String,

compliance-core/src/models/issue.rs

@@ -42,7 +42,7 @@ impl std::fmt::Display for IssueStatus {
 #[derive(Debug, Clone, Serialize, Deserialize)]
 pub struct TrackerIssue {
     #[serde(rename = "_id", skip_serializing_if = "Option::is_none")]
-    pub id: Option<mongodb::bson::oid::ObjectId>,
+    pub id: Option<bson::oid::ObjectId>,
     pub finding_id: String,
     pub tracker_type: TrackerType,
     pub external_id: String,

compliance-core/src/models/repository.rs

@@ -14,7 +14,7 @@ pub enum ScanTrigger {
 #[derive(Debug, Clone, Serialize, Deserialize)]
 pub struct TrackedRepository {
     #[serde(rename = "_id", skip_serializing_if = "Option::is_none")]
-    pub id: Option<mongodb::bson::oid::ObjectId>,
+    pub id: Option<bson::oid::ObjectId>,
     pub name: String,
     pub git_url: String,
     pub default_branch: String,

compliance-core/src/models/sbom.rs

@@ -12,7 +12,7 @@ pub struct VulnRef {
 #[derive(Debug, Clone, Serialize, Deserialize)]
 pub struct SbomEntry {
     #[serde(rename = "_id", skip_serializing_if = "Option::is_none")]
-    pub id: Option<mongodb::bson::oid::ObjectId>,
+    pub id: Option<bson::oid::ObjectId>,
     pub repo_id: String,
     pub name: String,
     pub version: String,

compliance-core/src/models/scan.rs

@@ -49,7 +49,7 @@ pub enum ScanPhase {
 #[derive(Debug, Clone, Serialize, Deserialize)]
 pub struct ScanRun {
     #[serde(rename = "_id", skip_serializing_if = "Option::is_none")]
-    pub id: Option<mongodb::bson::oid::ObjectId>,
+    pub id: Option<bson::oid::ObjectId>,
     pub repo_id: String,
     pub trigger: ScanTrigger,
     pub commit_sha: Option<String>,

compliance-dashboard/Cargo.toml

@@ -12,11 +12,12 @@ path = "../bin/main.rs"
 workspace = true
 
 [features]
-web = ["dioxus/web", "dioxus/router", "dioxus/fullstack", "dep:reqwest", "dep:web-sys"]
+web = ["dioxus/web", "dioxus/router", "dioxus/fullstack", "dep:web-sys"]
 server = [
     "dioxus/server",
     "dioxus/router",
     "dioxus/fullstack",
+    "compliance-core/mongodb",
     "dep:axum",
     "dep:mongodb",
     "dep:reqwest",
@@ -29,7 +30,7 @@ server = [
 ]
 
 [dependencies]
-compliance-core = { workspace = true }
+compliance-core = { workspace = true, default-features = false }
 dioxus = "=0.7.3"
 dioxus-free-icons = { version = "0.10", features = ["bootstrap"] }
 serde = { workspace = true }

compliance-dashboard/src/infrastructure/mod.rs

@@ -1,13 +1,23 @@
-pub mod config;
-pub mod database;
-pub mod error;
+// Server function modules (compiled for both web and server;
+// the #[server] macro generates client stubs for the web target)
 pub mod findings;
 pub mod issues;
 pub mod repositories;
 pub mod sbom;
 pub mod scans;
-pub mod server;
-pub mod server_state;
 pub mod stats;
 
+// Server-only modules
+#[cfg(feature = "server")]
+pub mod config;
+#[cfg(feature = "server")]
+pub mod database;
+#[cfg(feature = "server")]
+pub mod error;
+#[cfg(feature = "server")]
+pub mod server;
+#[cfg(feature = "server")]
+pub mod server_state;
+
+#[cfg(feature = "server")]
 pub use server::server_start;

compliance-dashboard/src/lib.rs

@@ -1,8 +1,6 @@
 pub mod app;
 pub mod components;
+pub mod infrastructure;
 pub mod pages;
 
-#[cfg(feature = "server")]
-pub mod infrastructure;
-
 pub use app::App;