mosaic/stack
1
0
Fork 0
Code Issues 10 Pull Requests Actions Packages Projects Releases 2 Wiki Activity
Files
6e63508f97bf45aed9f7a2cb8f32846d25e2c988
stack/apps
History
Jason Woltje 6e63508f97 fix(#M5-QA): address security findings from code review 
Fixes 2 important-level security issues identified in M5 QA:

1. XSS Protection (SearchResults.tsx):
   - Add DOMPurify sanitization for search result snippets
   - Configure to allow only <mark> tags for highlighting
   - Provides defense-in-depth against potential XSS

2. Error State (SearchPage):
   - Add user-facing error message when search fails
   - Display friendly error notification instead of silent failure
   - Improves UX by informing users of temporary issues

Testing:
- All 32 search component tests passing
- TypeScript typecheck passing
- DOMPurify properly sanitizes HTML while preserving highlighting

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-02-02 16:50:38 -06:00
..
api
feat(#71): implement graph data API
2026-02-02 15:27:00 -06:00
coordinator
fix(#180): Update pnpm to 10.27.0 in Dockerfiles
2026-02-01 20:52:43 -06:00
orchestrator
feat(#71): implement graph data API
2026-02-02 15:27:00 -06:00
web
fix(#M5-QA): address security findings from code review
2026-02-02 16:50:38 -06:00