sharang/compliance-scanner-agent

fix: CVE notifications during scan + help chat doc loading + Dockerfile #55

Merged

sharang merged 4 commits from fix/multiple-issues into main

2026-03-30 13:10:56 +00:00

Author	SHA1	Message	Date
Sharang Parnerkar	8abfec3303	fix: escape newlines in CopyButton JS string All checks were successful CI / Check (pull_request) Successful in 9m38s Details CI / Detect Changes (pull_request) Has been skipped Details CI / Deploy Agent (pull_request) Has been skipped Details CI / Deploy Dashboard (pull_request) Has been skipped Details CI / Deploy Docs (pull_request) Has been skipped Details CI / Deploy MCP (pull_request) Has been skipped Details Valid finding from PR review: copy button's JS string could break on values with newlines. Added \n and \r escaping. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-30 15:03:27 +02:00
Sharang Parnerkar	2534c03e3b	feat: add CopyButton component and copy-to-clipboard across dashboard Some checks failed CI / Detect Changes (pull_request) Has been cancelled Details CI / Deploy Agent (pull_request) Has been cancelled Details CI / Deploy Dashboard (pull_request) Has been cancelled Details CI / Deploy Docs (pull_request) Has been cancelled Details CI / Deploy MCP (pull_request) Has been cancelled Details CI / Check (pull_request) Has been cancelled Details New reusable CopyButton component with checkmark feedback after copy. Added copy buttons to: - SSH public key display (add repo modal) - Webhook URL field (edit repo modal) - Webhook secret field (edit repo modal) - Code snippets in finding detail (via enhanced CodeSnippet component) - Suggested fix code blocks - MCP server endpoint URLs Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-30 14:59:38 +02:00
Sharang Parnerkar	0e53072782	feat: add security response headers (HSTS, X-Frame-Options, nosniff, referrer) Some checks failed CI / Check (pull_request) Successful in 9m48s Details CI / Detect Changes (pull_request) Has been skipped Details CI / Deploy Agent (pull_request) Has been cancelled Details CI / Deploy Dashboard (pull_request) Has been cancelled Details CI / Deploy Docs (pull_request) Has been cancelled Details CI / Deploy MCP (pull_request) Has been cancelled Details Defense-in-depth headers added via tower-http SetResponseHeaderLayer: - Strict-Transport-Security: max-age=31536000; includeSubDomains - X-Frame-Options: DENY - X-Content-Type-Options: nosniff - Referrer-Policy: strict-origin-when-cross-origin Primary enforcement should still be at the Traefik/reverse proxy level. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-30 14:52:44 +02:00
Sharang Parnerkar	fabd397478	fix: create CVE notifications during scan, fix help chat doc loading All checks were successful CI / Check (pull_request) Successful in 10m4s Details CI / Detect Changes (pull_request) Has been skipped Details CI / Deploy Agent (pull_request) Has been skipped Details CI / Deploy Dashboard (pull_request) Has been skipped Details CI / Deploy Docs (pull_request) Has been skipped Details CI / Deploy MCP (pull_request) Has been skipped Details Bug fixes: 1. CVE notifications now created during scan pipeline (not just hourly) - Previously, notifications were only created by the scheduled monitor_cves job. Users with 4 CVE alerts saw 0 notifications. - Now the scan pipeline (Stage 3) creates notifications immediately when CVE alerts are discovered, with the same dedup logic. 2. Help chat doc context loading fixed for Docker/production - Added HELP_DOCS_PATH env var for explicit doc root configuration - Added fallback chain: env var → binary location → cwd → Docker paths - Dockerfile.agent now copies README.md and docs/ into /app and sets HELP_DOCS_PATH=/app so the help chat has doc context in production Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-30 14:14:55 +02:00