marcel/familienarchiv
1
0
Fork 0
Code Issues 119 Pull Requests 2 Actions Packages Projects Releases Wiki Activity
1,708 Commits 23 Branches 0 Tags
362a84dde94d0829e2b1f8a59a688d37e2c14689
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Marcel 362a84dde9 fix(escapeHtml): cover apostrophe to harden single-quoted attribute use 
Sina #5505 action item: escapeHtml escaped the four common entities but
not the apostrophe. Today every consumer uses double-quoted attributes,
but a future renderer change to single quotes would silently open a
stored-XSS hole. Cheaper to fix now, with a regression test.

Also pin the idempotence-by-composition property: a second call
re-escapes the & introduced by the first.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-29 01:09:13 +02:00
.claude
chore: add Claude personas, skills, memory, and project docs
2026-04-14 23:21:15 +02:00
.devcontainer
fix: correct devcontainer workspace path mismatch
2026-03-15 13:44:06 +01:00
.gitea/workflows
test(ocr): add /train-sender auth tests and run sender registry tests in CI
2026-04-17 21:14:27 +02:00
.husky
chore(hooks): remove pre-push E2E hook
2026-03-22 22:15:00 +01:00
.vscode
fix: activate dev Spring profile in VS Code launch config
2026-03-15 14:17:07 +01:00
backend
migration(transcription): add unique constraint on (block_id, person_id) sidecar
2026-04-28 23:42:05 +02:00
docs
docs(adr): ADR-006 synchronous domain events inside the publisher's transaction
2026-04-28 21:42:03 +02:00
frontend
fix(escapeHtml): cover apostrophe to harden single-quoted attribute use
2026-04-29 01:09:13 +02:00
ocr-service
fix(ocr): guard Kraken block extraction against missing boundary/baseline
2026-04-23 09:33:03 +02:00
proofshot-artifacts
chore(screenshots): retake proofshots after bg-canvas fix
2026-03-29 19:12:14 +02:00
scripts
feat(ocr): add DTA-derived historical German wordlist and generation script
2026-04-17 16:48:26 +02:00
.env.example
fix(deploy): increase OCR healthcheck start_period, comment ocr_cache volume, add token hint
2026-04-14 21:17:53 +02:00
.gitignore
fix(rate-limit): only trust X-Forwarded-For from known reverse proxies
2026-04-19 01:20:11 +02:00
CLAUDE.md
docs(claude): update back link pattern to use BackButton component
2026-04-22 10:50:35 +02:00
CODESTYLE.md
docs(codestyle): add Svelte 5 specific rules with examples
2026-03-20 15:58:40 +01:00
COLLABORATING.md
docs(collab): add user journey and E2E scenario requirements
2026-03-22 19:44:18 +01:00
docker-compose.ci.yml
ci: set up CI pipeline with unit, backend, and E2E test jobs
2026-03-19 12:03:37 +01:00
docker-compose.yml
chore(ocr): lower OCR_MAX_CACHED_MODELS to 2 with memory budget comment
2026-04-17 20:20:53 +02:00
Description
No description provided
44 MiB
Languages
Python 73.3%
TypeScript 11.4%
Java 10.8%
Svelte 4.2%
Shell 0.1%