marcel/familienarchiv
1
0
Fork 0
Code Issues 125 Pull Requests Actions Packages Projects Releases Wiki Activity
1,727 Commits 21 Branches 0 Tags
488d4384a18f4d452c0027bfb01c2545462b8971
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Marcel 488d4384a1 refactor(person-mention): brand renderer return types as SafeHtml 
Markus, Felix, and Nora independently flagged the {@html …} boundary as a
distributed-knowledge security risk: today renderBody and renderTranscriptionBody
return string, so the next refactor that does {@html block.text} (instead of
{@html renderBlockHtml(block)}) is one typo away from a stored-XSS regression.

Introduce a SafeHtml brand type (string with a phantom __brand) returned by
both renderers and by renderBlockHtml in TranscriptionReadView. Compile-time
enforcement of the escape invariant — costs zero runtime, makes the contract
auditable in one file.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-29 08:48:26 +02:00
.claude
chore: add Claude personas, skills, memory, and project docs
2026-04-14 23:21:15 +02:00
.devcontainer
fix: correct devcontainer workspace path mismatch
2026-03-15 13:44:06 +01:00
.gitea/workflows
test(ocr): add /train-sender auth tests and run sender registry tests in CI
2026-04-17 21:14:27 +02:00
.husky
chore(hooks): remove pre-push E2E hook
2026-03-22 22:15:00 +01:00
.vscode
fix: activate dev Spring profile in VS Code launch config
2026-03-15 14:17:07 +01:00
backend
migration(transcription): add unique constraint on (block_id, person_id) sidecar
2026-04-28 23:42:05 +02:00
docs
docs(adr): ADR-006 synchronous domain events inside the publisher's transaction
2026-04-28 21:42:03 +02:00
frontend
refactor(person-mention): brand renderer return types as SafeHtml
2026-04-29 08:48:26 +02:00
ocr-service
fix(ocr): guard Kraken block extraction against missing boundary/baseline
2026-04-23 09:33:03 +02:00
proofshot-artifacts
chore(screenshots): retake proofshots after bg-canvas fix
2026-03-29 19:12:14 +02:00
scripts
feat(ocr): add DTA-derived historical German wordlist and generation script
2026-04-17 16:48:26 +02:00
.env.example
fix(deploy): increase OCR healthcheck start_period, comment ocr_cache volume, add token hint
2026-04-14 21:17:53 +02:00
.gitignore
fix(rate-limit): only trust X-Forwarded-For from known reverse proxies
2026-04-19 01:20:11 +02:00
CLAUDE.md
docs(claude): update back link pattern to use BackButton component
2026-04-22 10:50:35 +02:00
CODESTYLE.md
docs(codestyle): add Svelte 5 specific rules with examples
2026-03-20 15:58:40 +01:00
COLLABORATING.md
docs(collab): add user journey and E2E scenario requirements
2026-03-22 19:44:18 +01:00
docker-compose.ci.yml
ci: set up CI pipeline with unit, backend, and E2E test jobs
2026-03-19 12:03:37 +01:00
docker-compose.yml
chore(ocr): lower OCR_MAX_CACHED_MODELS to 2 with memory budget comment
2026-04-17 20:20:53 +02:00
Description
No description provided
44 MiB
Languages
Python 73.1%
TypeScript 11.5%
Java 10.9%
Svelte 4.2%
Shell 0.1%