marcel/familienarchiv
1
0
Fork 0
Code Issues 119 Pull Requests 2 Actions Packages Projects Releases Wiki Activity
1,751 Commits 23 Branches 0 Tags
fa7b97acdce4929ee08bb177d42573632acef9cd
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Marcel fa7b97acdc test(PersonMentionEditor): assert no HTML injection via mention displayName 
Adds a CWE-79 regression test: a sidecar entry whose displayName contains
an <img onerror=alert(1)> payload must round-trip through deserialize and
the Tiptap renderHTML without producing a real <img> element in the editor
DOM. Locks down the "renderHTML's third tuple entry is a text node, never
parsed as HTML" invariant so a future "use innerHTML for performance"
refactor cannot silently regress.

Nora #5618 detection-gap concern.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-29 16:14:19 +02:00
.claude
chore: add Claude personas, skills, memory, and project docs
2026-04-14 23:21:15 +02:00
.devcontainer
fix: correct devcontainer workspace path mismatch
2026-03-15 13:44:06 +01:00
.gitea/workflows
test(ocr): add /train-sender auth tests and run sender registry tests in CI
2026-04-17 21:14:27 +02:00
.husky
chore(hooks): remove pre-push E2E hook
2026-03-22 22:15:00 +01:00
.vscode
fix: activate dev Spring profile in VS Code launch config
2026-03-15 14:17:07 +01:00
backend
refactor(backend): delete rename-propagation listener and its infrastructure
2026-04-29 14:58:18 +02:00
docs
docs(adr): ADR-006 synchronous domain events inside the publisher's transaction
2026-04-28 21:42:03 +02:00
frontend
test(PersonMentionEditor): assert no HTML injection via mention displayName
2026-04-29 16:14:19 +02:00
ocr-service
fix(ocr): guard Kraken block extraction against missing boundary/baseline
2026-04-23 09:33:03 +02:00
proofshot-artifacts
chore(screenshots): retake proofshots after bg-canvas fix
2026-03-29 19:12:14 +02:00
scripts
feat(ocr): add DTA-derived historical German wordlist and generation script
2026-04-17 16:48:26 +02:00
.env.example
fix(deploy): increase OCR healthcheck start_period, comment ocr_cache volume, add token hint
2026-04-14 21:17:53 +02:00
.gitignore
fix(rate-limit): only trust X-Forwarded-For from known reverse proxies
2026-04-19 01:20:11 +02:00
CLAUDE.md
docs(claude): update back link pattern to use BackButton component
2026-04-22 10:50:35 +02:00
CODESTYLE.md
docs(codestyle): add Svelte 5 specific rules with examples
2026-03-20 15:58:40 +01:00
COLLABORATING.md
docs(collab): add user journey and E2E scenario requirements
2026-03-22 19:44:18 +01:00
docker-compose.ci.yml
ci: set up CI pipeline with unit, backend, and E2E test jobs
2026-03-19 12:03:37 +01:00
docker-compose.yml
chore(ocr): lower OCR_MAX_CACHED_MODELS to 2 with memory budget comment
2026-04-17 20:20:53 +02:00
renovate.json
feat(frontend): add Tiptap renovate group, i18n keys, fix geb. literal, remove rename-conflict
2026-04-29 15:00:13 +02:00
Description
No description provided
44 MiB
Languages
Python 73.3%
TypeScript 11.4%
Java 10.8%
Svelte 4.2%
Shell 0.1%