- Replace vis-network JS graph with pure RSX attack chain component
featuring KPI header, phase rail, expandable accordion with tool
category chips, risk scores, and findings pills
- Redesign pentest report as professional PDF-first document with
cover page, table of contents, severity bar chart, phased attack
chain timeline, and print-friendly light theme
- Fix orchestrator to populate findings_produced, risk_score, and
llm_reasoning on attack chain nodes
- Capture LLM reasoning text alongside tool calls in LlmResponse enum
- Add session-level KPI fallback for older pentest data
- Remove attack-chain-viz.js and prototype files
- Add encrypted ZIP report export endpoint with password protection
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add interactive attack chain DAG using vis-network with hierarchical
layout, status-colored nodes, risk-based sizing, and click handlers
- Add pentest session export API (GET /sessions/:id/export) supporting
both JSON and Markdown report formats
- Redesign attack chain tab with graph/list toggle views
- Add export buttons (MD/JSON) to session header with Blob download
- Show exploitable badge and endpoint on finding cards
- Add export_pentest_report server function for dashboard
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Widen code inspector panel from 450px to 550px for better readability
- Redesign graph index landing page with polished repo cards showing
name, git URL, branch, findings count, and relative update time
- Add search suggestions dropdown in graph explorer that appears on
typing >= 2 chars, showing node name, kind badge, and file path
- Add full graph explorer styles matching Obsidian Control dark theme
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Adds code inspector, file tree components, graph visualization JS,
graph API handlers, sidebar navigation updates, and misc improvements.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add DAST scanning and code knowledge graph features across the stack:
- compliance-dast and compliance-graph workspace crates
- Agent API handlers and routes for DAST targets/scans and graph builds
- Core models and traits for DAST and graph domains
- Dashboard pages for DAST targets/findings/overview and graph explorer/impact
- Toast notification system with auto-dismiss for async action feedback
- Button click animations and disabled states for better UX
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
