moreminimore-vibe

kunthawat/moreminimore-vibe

Fork 0

Commit Graph

Author	SHA1	Message	Date
Will Chen	369149b202	Security review: fix multiple issues (#1699 ) See #1692 <!-- CURSOR_SUMMARY --> > [!NOTE] > Adds multi-select with a "Fix X Issues" bulk action to Security Review (severity-sorted, with animated header button), clears selections on refresh, and improves streaming error logs; includes e2e coverage. > > - Security Review UI (`src/components/preview_panel/SecurityPanel.tsx`): > - Multi-select & Bulk Fix: > - Add per-row checkboxes and a "Select all" checkbox in `FindingsTable`; sort by severity; ARIA labels. > - Track `selectedFindings`; clear on new data; header shows animated "Fix X Issues" button (`Wrench` icon) that creates one chat with a combined prompt for selected issues. > - Fix Single Issue: Preserve existing per-row "Fix Issue" flow with loading states. > - Tests: > - Add e2e test `security review - multi-select and fix issues` and snapshots for selection table and combined prompt. > - IPC (`src/ipc/ipc_client.ts`): > - Enhance error logging (`console.error`) in `streamMessage` paths; simplify `cancelChatStream` (remove stale cleanup). > > <sup>Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit 08b9f92814e2a676d0a8de1badf7dc79cd82a14a. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).</sup> <!-- /CURSOR_SUMMARY --> <!-- This is an auto-generated description by cubic. --> --- ## Summary by cubic Add multi-select to the Security Review so you can select issues and fix them in one go. Improves error handling in chat streaming and adds an e2e test for the new flow. - New Features - Checkboxes per finding and a “Select all” checkbox, with severity-sorted rows. - Header shows an animated “Fix X Issues” button when items are selected; creates one chat with a combined prompt; clears selection after. - New e2e test: multi-select and bulk fix. - Bug Fixes - Clear selections when new review results load. - Better error logging in IpcClient for streaming failures; simplify cancelChatStream to avoid false errors. <sup>Written for commit 08b9f92814e2a676d0a8de1badf7dc79cd82a14a. Summary will update automatically on new commits.</sup> <!-- End of auto-generated description by cubic. -->	2025-11-03 19:58:26 -08:00
Will Chen	c50527b4c0	Security Panel MVP (#1660 ) TODOs: - [x] Add documentation - [x] e2e tests: run security review, update knowledge, and fix issue - [x] more stringent risk rating <!-- CURSOR_SUMMARY --> --- > [!NOTE] > Introduces a new Security mode with a Security Review panel that runs reviews, edits rules, parses findings via IPC, and supports fixing issues, with tests and prompt/runtime support. > > - UI/Preview Panel: > - Add `security` preview mode to `previewModeAtom` and ActionHeader (Shield button). > - New `SecurityPanel` showing findings table (sorted by severity), run review, fix issue flow, and edit `SECURITY_RULES.md` dialog. > - Wire into `PreviewPanel` content switch. > - Hooks: > - `useSecurityReview(appId)`: fetch latest review via IPC. > - `useStreamChat`: add `onSettled` callback to invoke refreshes after streams. > - IPC/Main: > - `security_handlers`: `get-latest-security-review` parses `<dyad-security-finding>` from latest assistant message. > - Register handler in `ipc_host`; expose channel in `preload`. > - `ipc_client`: add `getLatestSecurityReview(appId)`. > - `chat_stream_handlers`: detect `/security-review`, use dedicated system prompt, optionally append `SECURITY_RULES.md`, suppress Supabase-not-available note in this mode. > - Prompts: > - Add `SECURITY_REVIEW_SYSTEM_PROMPT` with structured finding output. > - Supabase: > - Enhance schema query to include `rls_enabled`, split policy `using_clause`/`with_check_clause`. > - E2E Tests: > - New `security_review.spec.ts` plus snapshots and fixture findings; update test helper for `security` mode and findings table snapshot. > - Fake LLM server streams security findings for `/security-review` and increases batch size. > > <sup>Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit 5022d01e22a2dd929a968eeba0da592e0aeece01. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).</sup> <!-- /CURSOR_SUMMARY -->	2025-10-29 17:32:52 -07:00

Author

SHA1

Message

Date

Will Chen

369149b202

Security review: fix multiple issues (#1699 )

See #1692

<!-- CURSOR_SUMMARY -->
> [!NOTE]
> Adds multi-select with a "Fix X Issues" bulk action to Security Review
(severity-sorted, with animated header button), clears selections on
refresh, and improves streaming error logs; includes e2e coverage.
> 
> - **Security Review UI
(`src/components/preview_panel/SecurityPanel.tsx`)**:
>   - **Multi-select & Bulk Fix**:
> - Add per-row checkboxes and a "Select all" checkbox in
`FindingsTable`; sort by severity; ARIA labels.
> - Track `selectedFindings`; clear on new data; header shows animated
"Fix X Issues" button (`Wrench` icon) that creates one chat with a
combined prompt for selected issues.
> - **Fix Single Issue**: Preserve existing per-row "Fix Issue" flow
with loading states.
> - **Tests**:
> - Add e2e test `security review - multi-select and fix issues` and
snapshots for selection table and combined prompt.
> - **IPC (`src/ipc/ipc_client.ts`)**:
> - Enhance error logging (`console.error`) in `streamMessage` paths;
simplify `cancelChatStream` (remove stale cleanup).
> 
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
08b9f92814e2a676d0a8de1badf7dc79cd82a14a. This will update automatically
on new commits. Configure
[here](https://cursor.com/dashboard?tab=bugbot).</sup>
<!-- /CURSOR_SUMMARY -->



<!-- This is an auto-generated description by cubic. -->
---
## Summary by cubic
Add multi-select to the Security Review so you can select issues and fix
them in one go. Improves error handling in chat streaming and adds an
e2e test for the new flow.

- New Features
- Checkboxes per finding and a “Select all” checkbox, with
severity-sorted rows.
- Header shows an animated “Fix X Issues” button when items are
selected; creates one chat with a combined prompt; clears selection
after.
  - New e2e test: multi-select and bulk fix.

- Bug Fixes
  - Clear selections when new review results load.
- Better error logging in IpcClient for streaming failures; simplify
cancelChatStream to avoid false errors.

<sup>Written for commit 08b9f92814e2a676d0a8de1badf7dc79cd82a14a.
Summary will update automatically on new commits.</sup>

<!-- End of auto-generated description by cubic. -->

2025-11-03 19:58:26 -08:00

Will Chen

c50527b4c0

Security Panel MVP (#1660 )

TODOs:

- [x] Add documentation
- [x] e2e tests: run security review, update knowledge, and fix issue
- [x] more stringent risk rating


<!-- CURSOR_SUMMARY -->
---

> [!NOTE]
> Introduces a new Security mode with a Security Review panel that runs
reviews, edits rules, parses findings via IPC, and supports fixing
issues, with tests and prompt/runtime support.
> 
> - **UI/Preview Panel**:
> - Add `security` preview mode to `previewModeAtom` and ActionHeader
(Shield button).
> - New `SecurityPanel` showing findings table (sorted by severity), run
review, fix issue flow, and edit `SECURITY_RULES.md` dialog.
>   - Wire into `PreviewPanel` content switch.
> - **Hooks**:
>   - `useSecurityReview(appId)`: fetch latest review via IPC.
> - `useStreamChat`: add `onSettled` callback to invoke refreshes after
streams.
> - **IPC/Main**:
> - `security_handlers`: `get-latest-security-review` parses
`<dyad-security-finding>` from latest assistant message.
>   - Register handler in `ipc_host`; expose channel in `preload`.
>   - `ipc_client`: add `getLatestSecurityReview(appId)`.
> - `chat_stream_handlers`: detect `/security-review`, use dedicated
system prompt, optionally append `SECURITY_RULES.md`, suppress
Supabase-not-available note in this mode.
> - **Prompts**:
> - Add `SECURITY_REVIEW_SYSTEM_PROMPT` with structured finding output.
> - **Supabase**:
> - Enhance schema query to include `rls_enabled`, split policy
`using_clause`/`with_check_clause`.
> - **E2E Tests**:
> - New `security_review.spec.ts` plus snapshots and fixture findings;
update test helper for `security` mode and findings table snapshot.
> - Fake LLM server streams security findings for `/security-review` and
increases batch size.
> 
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
5022d01e22a2dd929a968eeba0da592e0aeece01. This will update automatically
on new commits. Configure
[here](https://cursor.com/dashboard?tab=bugbot).</sup>
<!-- /CURSOR_SUMMARY -->

2025-10-29 17:32:52 -07:00

2 Commits