- Replace vis-network JS graph with pure RSX attack chain component
featuring KPI header, phase rail, expandable accordion with tool
category chips, risk scores, and findings pills
- Redesign pentest report as professional PDF-first document with
cover page, table of contents, severity bar chart, phased attack
chain timeline, and print-friendly light theme
- Fix orchestrator to populate findings_produced, risk_score, and
llm_reasoning on attack chain nodes
- Capture LLM reasoning text alongside tool calls in LlmResponse enum
- Add session-level KPI fallback for older pentest data
- Remove attack-chain-viz.js and prototype files
- Add encrypted ZIP report export endpoint with password protection
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Dashboard: OAuth2/OIDC login flow with PKCE, session-based auth middleware
protecting all server function endpoints, check-auth server function for
frontend auth state, login page gate in AppShell, user info in sidebar.
Agent API: JWT validation middleware using Keycloak JWKS endpoint,
conditionally enabled when KEYCLOAK_URL and KEYCLOAK_REALM are set.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Co-authored-by: Sharang Parnerkar <parnerkarsharang@gmail.com>
Reviewed-on: #2
Add DAST scanning and code knowledge graph features across the stack:
- compliance-dast and compliance-graph workspace crates
- Agent API handlers and routes for DAST targets/scans and graph builds
- Core models and traits for DAST and graph domains
- Dashboard pages for DAST targets/findings/overview and graph explorer/impact
- Toast notification system with auto-dismiss for async action feedback
- Button click animations and disabled states for better UX
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Feature-gate mongodb in compliance-core (optional, default on) so wasm
builds don't pull in tokio/mio via mongodb
- Use bson v2 directly for ObjectId types (wasm-compatible)
- Restructure dashboard infrastructure/mod.rs: server function modules
always compiled (for RPC stubs), server-only modules cfg-gated
- Remove reqwest from dashboard web feature (not needed, data flows
through server functions)
- Add .gitignore
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
