Sharang Parnerkar
bc7cdd35e4
ci: replace coolify webhook with orca deploy
...
CI / Check (push) Has been cancelled
CI / Detect Changes (push) Has been cancelled
CI / Deploy Agent (push) Has been cancelled
CI / Deploy Dashboard (push) Has been cancelled
CI / Deploy Docs (push) Has been cancelled
CI / Deploy MCP (push) Has been cancelled
Each deploy job now builds the per-service image, pushes to the
private registry as :latest and :sha, then triggers an HMAC-signed
orca redeploy webhook. Coolify webhooks are no longer used.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-04-08 10:06:11 +02:00
Sharang Parnerkar
c062d834a1
fix: downgrade dotenv missing file from FAILED to info message
...
CI / Check (push) Has been skipped
CI / Detect Changes (push) Successful in 3s
CI / Deploy Agent (push) Successful in 2s
CI / Deploy Dashboard (push) Has been skipped
CI / Deploy Docs (push) Has been skipped
CI / Deploy MCP (push) Has been skipped
Nightly E2E Tests / E2E Tests (push) Failing after 2m16s
Non-fatal in Docker where env vars come from container config.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-03-30 15:33:24 +02:00
23cf37b6c3
fix: CVE notifications during scan + help chat doc loading + Dockerfile ( #55 )
CI / Check (push) Has been skipped
CI / Detect Changes (push) Successful in 3s
CI / Deploy Agent (push) Successful in 2s
CI / Deploy Dashboard (push) Successful in 2s
CI / Deploy Docs (push) Has been skipped
CI / Deploy MCP (push) Has been skipped
2026-03-30 13:10:56 +00:00
49d5cd4e0a
feat: hourly CVE alerting with notification bell and API ( #53 )
CI / Check (push) Has been skipped
CI / Detect Changes (push) Successful in 3s
CI / Deploy Agent (push) Successful in 2s
CI / Deploy Dashboard (push) Successful in 2s
CI / Deploy Docs (push) Has been skipped
CI / Deploy MCP (push) Successful in 2s
2026-03-30 10:39:39 +00:00
4388e98b5b
feat: add E2E test suite with nightly CI, fix dashboard Dockerfile ( #52 )
CI / Check (push) Has been skipped
CI / Detect Changes (push) Successful in 2s
CI / Deploy Agent (push) Successful in 2s
CI / Deploy Dashboard (push) Successful in 2s
CI / Deploy Docs (push) Has been skipped
CI / Deploy MCP (push) Has been skipped
2026-03-30 10:04:07 +00:00
a8bb05d7b1
feat: add floating help chat widget, remove settings page ( #51 )
CI / Check (push) Has been skipped
CI / Detect Changes (push) Successful in 3s
CI / Deploy Agent (push) Successful in 3s
CI / Deploy Dashboard (push) Successful in 2s
CI / Deploy Docs (push) Successful in 2s
CI / Deploy MCP (push) Has been skipped
2026-03-30 08:05:29 +00:00
bae24f9cf8
fix: cascade-delete DAST targets, pentests, and downstream data on repo delete ( #50 )
CI / Check (push) Has been skipped
CI / Detect Changes (push) Successful in 4s
CI / Deploy Agent (push) Successful in 9s
CI / Deploy Dashboard (push) Has been skipped
CI / Deploy Docs (push) Has been skipped
CI / Deploy MCP (push) Has been skipped
2026-03-30 07:11:23 +00:00
dd53132746
feat: refine all LLM system prompts for precision and reduced false positives ( #49 )
CI / Check (push) Has been skipped
CI / Deploy Agent (push) Has been cancelled
CI / Deploy Dashboard (push) Has been cancelled
CI / Deploy Docs (push) Has been cancelled
CI / Deploy MCP (push) Has been cancelled
CI / Detect Changes (push) Has been cancelled
2026-03-30 07:11:17 +00:00
ff088f9eb4
feat: deduplicate code review findings across LLM passes ( #48 )
CI / Check (push) Has been skipped
CI / Detect Changes (push) Successful in 7s
CI / Deploy Agent (push) Successful in 2s
CI / Deploy Dashboard (push) Has been skipped
CI / Deploy Docs (push) Has been skipped
CI / Deploy MCP (push) Has been skipped
2026-03-29 20:38:52 +00:00
745ad8a441
fix: check Gitea API response status and fallback for PR reviews ( #47 )
...
CI / Check (push) Has been skipped
CI / Detect Changes (push) Successful in 3s
CI / Deploy Agent (push) Successful in 2s
CI / Deploy Dashboard (push) Successful in 2s
CI / Deploy Docs (push) Has been skipped
CI / Deploy MCP (push) Successful in 2s
## Summary
- Add HTTP response status checking to all Gitea tracker methods that were silently swallowing errors
- Add fallback in create_pr_review: if inline comments fail, retry as plain PR comment
## Test plan
- [ ] Deploy and trigger a PR review, check logs for actual error details
- [ ] Verify fallback posts summary comment when inline comments fail
Co-authored-by: Sharang Parnerkar <parnerkarsharang@gmail.com >
Co-authored-by: Sharang Parnerkar <30073382+mighty840@users.noreply.github.com >
Reviewed-on: #47
2026-03-25 16:26:09 +00:00
a9d039dad3
fix: stop storing code review findings in dashboard ( #22 )
CI / Check (push) Has been skipped
CI / Detect Changes (push) Successful in 3s
CI / Deploy Agent (push) Successful in 2s
CI / Deploy Dashboard (push) Successful in 2s
CI / Deploy Docs (push) Has been skipped
CI / Deploy MCP (push) Has been skipped
2026-03-18 15:18:07 +00:00
Sharang Parnerkar
a509bdcb2e
fix: require TLS for IMAP auth, close port 143 (CERT-Bund compliance)
...
CI / Check (push) Has been skipped
CI / Detect Changes (push) Successful in 7s
CI / Deploy Agent (push) Successful in 2s
CI / Deploy Dashboard (push) Successful in 1s
CI / Deploy Docs (push) Has been skipped
CI / Deploy MCP (push) Successful in 2s
- Remove port 143 from mailserver (only expose 993/IMAPS)
- Enable SSL_TYPE=manual with Let's Encrypt certs
- Set DOVECOT_DISABLE_PLAINTEXT_AUTH=yes
- Add pentest_imap_tls config field (defaults to true)
Fixes CERT-Bund report: IMAP PLAIN/LOGIN without TLS on 46.225.100.82:143
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-03-18 09:29:34 +01:00
c461faa2fb
feat: pentest onboarding — streaming, browser automation, reports, user cleanup ( #16 )
...
CI / Check (push) Has been skipped
CI / Detect Changes (push) Successful in 7s
CI / Deploy Agent (push) Successful in 2s
CI / Deploy Dashboard (push) Successful in 2s
CI / Deploy Docs (push) Successful in 2s
CI / Deploy MCP (push) Successful in 2s
Complete pentest feature overhaul: SSE streaming, session-persistent browser tool (CDP), AES-256 credential encryption, auto-screenshots in reports, code-level remediation correlation, SAST triage chunking, context window optimization, test user cleanup (Keycloak/Auth0/Okta), wizard dropdowns, attack chain improvements, architecture docs with Mermaid diagrams.
Co-authored-by: Sharang Parnerkar <parnerkarsharang@gmail.com >
Reviewed-on: #16
2026-03-17 20:32:20 +00:00
Sharang Parnerkar
11e1c5f438
Merge branch 'fix/chrome-in-agent'
CI / Check (push) Has been skipped
CI / Detect Changes (push) Successful in 3s
CI / Deploy Agent (push) Has been skipped
CI / Deploy Dashboard (push) Has been skipped
CI / Deploy Docs (push) Has been skipped
CI / Deploy MCP (push) Has been skipped
2026-03-13 11:25:16 +01:00
Sharang Parnerkar
77f1c92c7b
ci: skip check stage on main push since PRs enforce it
...
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-03-13 11:20:39 +01:00
4eac1209d8
fix: remote Chrome PDF export & MCP endpoint sync ( #15 )
CI / Check (push) Successful in 11m16s
CI / Detect Changes (push) Successful in 3s
CI / Deploy Agent (push) Successful in 3s
CI / Deploy Dashboard (push) Successful in 2s
CI / Deploy Docs (push) Has been skipped
CI / Deploy MCP (push) Has been skipped
2026-03-13 10:12:20 +00:00
Sharang Parnerkar
584ef2c822
fix: remote Chrome PDF via CDP, sync MCP endpoint URL on boot
...
CI / Check (pull_request) Successful in 11m33s
CI / Detect Changes (pull_request) Has been skipped
CI / Deploy Agent (pull_request) Has been skipped
CI / Deploy Dashboard (pull_request) Has been skipped
CI / Deploy Docs (pull_request) Has been skipped
CI / Deploy MCP (pull_request) Has been skipped
- Add CHROME_WS_URL env var support for PDF report generation via
Chrome DevTools Protocol over WebSocket (falls back to local binary)
- Update seeded MCP server endpoint URLs on boot when MCP_ENDPOINT_URL
env var differs from stored value (previously only seeded once)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-03-13 10:57:28 +01:00
a529e9af0c
ci: consolidate CI into single job; fix sidebar footer ( #14 )
CI / Check (push) Successful in 11m4s
CI / Detect Changes (push) Successful in 2s
CI / Deploy Agent (push) Has been skipped
CI / Deploy Dashboard (push) Successful in 2s
CI / Deploy Docs (push) Has been skipped
CI / Deploy MCP (push) Has been skipped
2026-03-13 09:44:32 +00:00
3bb690e5bb
refactor: modularize codebase and add 404 unit tests ( #13 )
CI / Format (push) Successful in 4s
CI / Clippy (push) Successful in 4m19s
CI / Security Audit (push) Successful in 1m44s
CI / Detect Changes (push) Successful in 5s
CI / Tests (push) Successful in 5m15s
CI / Deploy Agent (push) Successful in 2s
CI / Deploy Dashboard (push) Successful in 2s
CI / Deploy Docs (push) Has been skipped
CI / Deploy MCP (push) Successful in 2s
2026-03-13 08:03:45 +00:00
acc5b86aa4
feat: AI-driven automated penetration testing ( #12 )
CI / Clippy (push) Failing after 1m51s
CI / Security Audit (push) Successful in 2m1s
CI / Tests (push) Has been skipped
CI / Detect Changes (push) Has been skipped
CI / Deploy Agent (push) Has been skipped
CI / Deploy Dashboard (push) Has been skipped
CI / Deploy Docs (push) Has been skipped
CI / Format (push) Failing after 42s
CI / Deploy MCP (push) Has been skipped
2026-03-12 14:42:54 +00:00
3ec1456b0d
docs: rewrite user-facing documentation with screenshots ( #11 )
CI / Clippy (push) Successful in 4m56s
CI / Security Audit (push) Successful in 1m48s
CI / Tests (push) Successful in 5m36s
CI / Deploy MCP (push) Has been skipped
CI / Format (push) Successful in 6s
CI / Detect Changes (push) Successful in 4s
CI / Deploy Agent (push) Successful in 2s
CI / Deploy Dashboard (push) Successful in 2s
CI / Deploy Docs (push) Successful in 3s
2026-03-11 15:26:00 +00:00
Sharang Parnerkar
689daa0f49
chore: upgrade Dockerfiles to Rust 1.94
...
CI / Security Audit (push) Successful in 1m48s
CI / Tests (push) Successful in 5m30s
CI / Detect Changes (push) Successful in 8s
CI / Deploy Agent (push) Successful in 2s
CI / Deploy Dashboard (push) Successful in 2s
CI / Deploy Docs (push) Has been skipped
CI / Deploy MCP (push) Failing after 3s
CI / Format (push) Successful in 4s
CI / Clippy (push) Successful in 4m42s
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-03-11 13:15:47 +01:00
491665559f
feat: per-repo issue tracker, Gitea support, PR review pipeline ( #10 )
CI / Security Audit (push) Has been cancelled
CI / Tests (push) Has been cancelled
CI / Detect Changes (push) Has been cancelled
CI / Deploy Agent (push) Has been cancelled
CI / Deploy Dashboard (push) Has been cancelled
CI / Deploy Docs (push) Has been cancelled
CI / Deploy MCP (push) Has been cancelled
CI / Clippy (push) Has been cancelled
CI / Format (push) Successful in 4s
2026-03-11 12:13:59 +00:00
Sharang Parnerkar
be4b43ed64
fix: SBOM export now triggers browser file download instead of showing JSON
...
CI / Format (push) Successful in 3s
CI / Clippy (push) Failing after 3m59s
CI / Security Audit (push) Successful in 1m47s
CI / Tests (push) Has been skipped
CI / Detect Changes (push) Has been skipped
CI / Deploy Agent (push) Has been skipped
CI / Deploy Dashboard (push) Has been skipped
CI / Deploy Docs (push) Has been skipped
CI / Deploy MCP (push) Has been skipped
Replace the inline <pre> JSON display with a proper browser download using
Blob + URL.createObjectURL. Clicking "Download" now saves a .json file
(CycloneDX or SPDX format) directly to the user's downloads folder.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-03-11 09:57:34 +01:00
Sharang Parnerkar
895c070239
fix: rewrite SigNoz dashboards using correct v4 widget schema
...
CI / Format (push) Successful in 3s
CI / Clippy (push) Successful in 4m30s
CI / Tests (push) Has been cancelled
CI / Detect Changes (push) Has been cancelled
CI / Deploy Agent (push) Has been cancelled
CI / Deploy Dashboard (push) Has been cancelled
CI / Deploy Docs (push) Has been cancelled
CI / Deploy MCP (push) Has been cancelled
CI / Security Audit (push) Has started running
Previous JSON used an incorrect format. Rewrote both dashboards using
the actual SigNoz v4 schema (widgets array, builder queryData, proper
layout entries, aggregateOperator/aggregateAttribute structure).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-03-11 09:49:45 +01:00
Sharang Parnerkar
f84f69d1ea
feat: add SigNoz dashboard JSON configs for agent and dashboard monitoring
...
CI / Clippy (push) Successful in 4m46s
CI / Tests (push) Successful in 5m32s
CI / Deploy Agent (push) Has been cancelled
CI / Deploy Dashboard (push) Has been cancelled
CI / Deploy Docs (push) Has been cancelled
CI / Deploy MCP (push) Has been cancelled
CI / Detect Changes (push) Has been cancelled
CI / Format (push) Successful in 41s
CI / Security Audit (push) Successful in 1m55s
Two dashboards with ClickHouse queries matching our tracing instrumentation:
- compliance-agent: API handler latency/errors, scan pipeline stage durations,
DAST/graph/chat API panels, and warn/error log tracking
- compliance-dashboard: server function performance, page load distribution,
agent connectivity health, and error log monitoring
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-03-11 09:29:48 +01:00
Sharang Parnerkar
99983c51e3
feat: enhance tracing with field attributes and warn logging across all handlers
...
CI / Tests (push) Successful in 5m17s
CI / Detect Changes (push) Successful in 3s
CI / Deploy Agent (push) Successful in 3s
CI / Deploy Dashboard (push) Has been skipped
CI / Deploy Docs (push) Has been skipped
CI / Deploy MCP (push) Has been skipped
CI / Format (push) Successful in 4s
CI / Clippy (push) Successful in 4m38s
CI / Security Audit (push) Successful in 1m50s
Add repo_id, finding_id, and filter fields to tracing::instrument attributes
for better trace correlation in SigNoz. Replace all silently swallowed errors
(Err(_) => Vec::new()) with tracing::warn! logging across mod.rs, dast.rs,
graph.rs handlers. Add stage-level spans with .instrument() to pipeline
orchestrator for visibility into scan phases.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-03-10 21:56:16 +01:00
Sharang Parnerkar
67d6a937ae
feat: add OpenTelemetry trace spans to all handlers and pipeline functions
...
CI / Clippy (push) Successful in 4m26s
CI / Security Audit (push) Successful in 1m46s
CI / Format (push) Successful in 4s
CI / Tests (push) Successful in 5m16s
CI / Detect Changes (push) Successful in 4s
CI / Deploy Agent (push) Successful in 3s
CI / Deploy Dashboard (push) Has been skipped
CI / Deploy Docs (push) Has been skipped
CI / Deploy MCP (push) Has been skipped
Add #[tracing::instrument(skip_all)] to 44 functions:
- 19 API handlers in mod.rs
- 3 chat handlers, 6 DAST handlers, 7 graph handlers
- 2 pipeline orchestrator functions
- 7 scanner functions (sbom, semgrep, gitleaks, cve, lint, patterns)
This generates trace spans for SigNoz visibility into request
latency, scan pipeline stages, and error tracking.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-03-10 17:08:13 +01:00
Sharang Parnerkar
f394cc15de
fix: SSH key display and mkdir in Dockerfile
...
CI / Format (push) Successful in 5s
CI / Clippy (push) Successful in 4m35s
CI / Security Audit (push) Successful in 1m54s
CI / Tests (push) Successful in 5m20s
CI / Detect Changes (push) Successful in 6s
CI / Deploy Agent (push) Successful in 4s
CI / Deploy Dashboard (push) Successful in 3s
CI / Deploy Docs (push) Has been skipped
CI / Deploy MCP (push) Has been skipped
- Fetch SSH public key every time auth section opens (was only fetching
once and caching failures)
- Add mkdir for SSH key directory in Dockerfile.agent
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-03-10 15:37:58 +01:00
4361e67703
fix: resolve cargo audit failures by updating tantivy, scraper, quinn-proto ( #9 )
CI / Format (push) Successful in 3s
CI / Clippy (push) Successful in 4m22s
CI / Security Audit (push) Successful in 1m45s
CI / Deploy Agent (push) Successful in 4s
CI / Deploy MCP (push) Failing after 2s
CI / Tests (push) Successful in 5m7s
CI / Detect Changes (push) Successful in 7s
CI / Deploy Dashboard (push) Successful in 3s
CI / Deploy Docs (push) Has been skipped
2026-03-10 14:05:24 +00:00
daff5812a6
fix: SBOM multi-ecosystem support with correct package managers and licenses ( #8 )
CI / Format (push) Successful in 3s
CI / Clippy (push) Successful in 4m28s
CI / Security Audit (push) Failing after 1m52s
CI / Tests (push) Has been skipped
CI / Detect Changes (push) Has been skipped
CI / Deploy Agent (push) Has been skipped
CI / Deploy Dashboard (push) Has been skipped
CI / Deploy Docs (push) Has been skipped
CI / Deploy MCP (push) Has been skipped
2026-03-10 12:37:29 +00:00
0065c7c4b2
feat: UI improvements with icons, back navigation, and overview cards ( #7 )
CI / Format (push) Successful in 3s
CI / Clippy (push) Successful in 3m59s
CI / Security Audit (push) Successful in 1m44s
CI / Tests (push) Successful in 5m2s
CI / Detect Changes (push) Successful in 3s
CI / Deploy Agent (push) Has been skipped
CI / Deploy Dashboard (push) Successful in 2s
CI / Deploy Docs (push) Has been skipped
CI / Deploy MCP (push) Has been skipped
2026-03-09 17:09:40 +00:00
46bf9de549
feat: findings refinement, new scanners, and deployment tooling ( #6 )
CI / Format (push) Successful in 3s
CI / Clippy (push) Successful in 4m3s
CI / Security Audit (push) Successful in 1m38s
CI / Tests (push) Successful in 4m44s
CI / Detect Changes (push) Successful in 2s
CI / Deploy Agent (push) Successful in 2s
CI / Deploy Dashboard (push) Successful in 2s
CI / Deploy Docs (push) Has been skipped
CI / Deploy MCP (push) Failing after 2s
2026-03-09 12:53:12 +00:00
32e5fc21e7
feat: add MCP server for exposing compliance data to LLMs ( #5 )
...
CI / Format (push) Successful in 3s
CI / Clippy (push) Successful in 4m4s
CI / Security Audit (push) Successful in 1m42s
CI / Tests (push) Successful in 4m38s
CI / Deploy Agent (push) Successful in 2s
CI / Deploy Dashboard (push) Successful in 1s
CI / Deploy MCP (push) Failing after 2s
CI / Detect Changes (push) Successful in 7s
CI / Deploy Docs (push) Successful in 2s
New `compliance-mcp` crate providing a Model Context Protocol server
with 7 tools: list/get/summarize findings, list SBOM packages, SBOM
vulnerability report, list DAST findings, and DAST scan summary.
Supports stdio (local dev) and Streamable HTTP (deployment via MCP_PORT).
Includes Dockerfile, CI clippy check, and Coolify deploy job.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
Co-authored-by: Sharang Parnerkar <parnerkarsharang@gmail.com >
Reviewed-on: #5
2026-03-09 08:21:04 +00:00
Sharang Parnerkar
d13cef94cb
Add Coolify deploy jobs with path-based change detection
...
CI / Format (push) Successful in 4s
CI / Clippy (push) Successful in 3m27s
CI / Security Audit (push) Successful in 1m42s
CI / Tests (push) Successful in 4m45s
CI / Detect Changes (push) Successful in 5s
CI / Deploy Agent (push) Has been skipped
CI / Deploy Dashboard (push) Has been skipped
CI / Deploy Docs (push) Has been skipped
Deploys agent, dashboard, and docs independently based on which
files changed. Only triggers on main after tests pass.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-03-08 19:22:56 +01:00
Sharang Parnerkar
3a01a28591
Redesign sidebar user section to fix overlap issue
...
CI / Format (push) Successful in 5s
CI / Clippy (push) Successful in 3m21s
CI / Security Audit (push) Successful in 1m41s
CI / Tests (push) Successful in 4m44s
Restructured layout: avatar, truncated username, and logout icon
in a single row. Collapsed state stacks vertically. Logout button
uses a subtle icon-only style with red hover. Proper text ellipsis
prevents name overflow.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-03-08 18:24:58 +01:00
Sharang Parnerkar
d490359591
Add polished login landing page with feature highlights
...
CI / Format (push) Successful in 2s
CI / Clippy (push) Successful in 3m25s
CI / Security Audit (push) Successful in 1m38s
CI / Tests (push) Successful in 4m41s
Dark-themed login page with shield logo, feature grid, gradient
sign-in button, subtle grid background, and glow effect.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-03-08 17:51:41 +01:00
Sharang Parnerkar
b95ce44fb9
Bind dashboard to 0.0.0.0 for container accessibility
...
CI / Format (push) Successful in 3s
CI / Clippy (push) Successful in 3m22s
CI / Security Audit (push) Successful in 1m40s
CI / Tests (push) Successful in 4m32s
Dioxus defaults to 127.0.0.1 which is unreachable from outside the
container. Hardcode 0.0.0.0 binding so reverse proxies can reach it.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-03-08 17:39:25 +01:00
Sharang Parnerkar
175d303dc4
Set IP=0.0.0.0 in dashboard Dockerfile for container networking
...
CI / Format (push) Successful in 4s
CI / Clippy (push) Successful in 3m28s
CI / Security Audit (push) Successful in 1m40s
CI / Tests (push) Successful in 4m34s
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-03-08 17:29:32 +01:00
Sharang Parnerkar
5a4af292fc
Fix OTLP HTTP exporter: use reqwest-rustls for HTTPS support
...
CI / Format (push) Successful in 3s
CI / Clippy (push) Successful in 3m11s
CI / Security Audit (push) Successful in 1m34s
CI / Tests (push) Successful in 4m29s
The reqwest-client feature doesn't include TLS support, causing
NoHttpClient error when connecting to HTTPS endpoints.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-03-08 17:07:41 +01:00
Sharang Parnerkar
04c8084943
Switch OTLP exporter from gRPC/tonic to HTTP/reqwest
...
CI / Format (push) Successful in 3s
CI / Clippy (push) Successful in 3m6s
CI / Security Audit (push) Successful in 1m31s
CI / Tests (push) Has been cancelled
gRPC requires special reverse proxy config for HTTP/2. HTTP works
behind standard HTTPS proxies like Traefik/Caddy on port 4318.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-03-08 17:01:02 +01:00
Sharang Parnerkar
d67a51db18
Add nginx config for VitePress SPA routing
...
CI / Format (push) Successful in 3s
CI / Clippy (push) Successful in 3m17s
CI / Security Audit (push) Successful in 1m37s
CI / Tests (push) Successful in 4m23s
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-03-08 15:09:42 +01:00
7e12d1433a
docs: added vite-press docs ( #4 )
...
CI / Format (push) Successful in 2s
CI / Clippy (push) Successful in 3m17s
CI / Security Audit (push) Successful in 1m36s
CI / Tests (push) Successful in 4m38s
Co-authored-by: Sharang Parnerkar <parnerkarsharang@gmail.com >
Reviewed-on: #4
2026-03-08 13:59:50 +00:00
65abc55915
feat: opentelemetry-tracing ( #3 )
...
CI / Format (push) Successful in 2s
CI / Clippy (push) Successful in 3m16s
CI / Security Audit (push) Successful in 1m39s
CI / Tests (push) Successful in 4m22s
Co-authored-by: Sharang Parnerkar <parnerkarsharang@gmail.com >
Reviewed-on: #3
2026-03-07 23:51:20 +00:00
0cb06d3d6d
feat: add Keycloak authentication for dashboard and API endpoints ( #2 )
...
CI / Format (push) Successful in 2s
CI / Security Audit (push) Has been cancelled
CI / Tests (push) Has been cancelled
CI / Clippy (push) Has been cancelled
Dashboard: OAuth2/OIDC login flow with PKCE, session-based auth middleware
protecting all server function endpoints, check-auth server function for
frontend auth state, login page gate in AppShell, user info in sidebar.
Agent API: JWT validation middleware using Keycloak JWKS endpoint,
conditionally enabled when KEYCLOAK_URL and KEYCLOAK_REALM are set.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
Co-authored-by: Sharang Parnerkar <parnerkarsharang@gmail.com >
Reviewed-on: #2
2026-03-07 23:50:56 +00:00
42cabf0582
feat: rag-embedding-ai-chat ( #1 )
...
CI / Format (push) Successful in 2s
CI / Clippy (push) Successful in 2m56s
CI / Security Audit (push) Successful in 1m25s
CI / Tests (push) Successful in 3m57s
Co-authored-by: Sharang Parnerkar <parnerkarsharang@gmail.com >
Reviewed-on: #1
2026-03-06 21:54:15 +00:00
Sharang Parnerkar
db454867f3
Add repository filter dropdown to findings page
...
CI / Format (push) Failing after 24s
CI / Clippy (push) Failing after 1m20s
CI / Security Audit (push) Successful in 1m34s
CI / Tests (push) Has been skipped
Adds a repo_filter signal and fetches the repository list to populate
a select dropdown before existing severity/type/status filters,
allowing users to filter findings by specific repository.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-03-04 21:53:33 +01:00
Sharang Parnerkar
5da0b5f4df
Fix Last Scanned display and add Graph button in repositories page
...
- Show updated_at as relative time (e.g. "5m ago", "3d ago") instead
of the last_scanned_commit hex SHA which was not a date
- Add Graph link button next to Scan button for quick navigation
to the repository's code knowledge graph
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-03-04 21:53:26 +01:00
Sharang Parnerkar
0a365515e9
Enhance graph explorer: widen inspector, redesign index, add search suggestions
...
- Widen code inspector panel from 450px to 550px for better readability
- Redesign graph index landing page with polished repo cards showing
name, git URL, branch, findings count, and relative update time
- Add search suggestions dropdown in graph explorer that appears on
typing >= 2 chars, showing node name, kind badge, and file path
- Add full graph explorer styles matching Obsidian Control dark theme
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-03-04 21:53:15 +01:00
Sharang Parnerkar
b18824db25
Add graph explorer components, API handlers, and dependency updates
...
Adds code inspector, file tree components, graph visualization JS,
graph API handlers, sidebar navigation updates, and misc improvements.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-03-04 21:52:49 +01:00
