Skip to content

Enhance user management and UI design across multiple phases#2

Open
ahnaf-tahmid-chowdhury wants to merge 286 commits into
mainfrom
new
Open

Enhance user management and UI design across multiple phases#2
ahnaf-tahmid-chowdhury wants to merge 286 commits into
mainfrom
new

Conversation

@ahnaf-tahmid-chowdhury

Copy link
Copy Markdown
Collaborator

No description provided.

With Traefik ForwardAuth authenticating every request, Grafana login
tokens
are unnecessary and cause continuous 401 loops from /auth-tokens/rotate,
preventing lazy-load chunks from resolving.
Add a 30-second heartbeat that pings a new `/servers/:id/activity`
endpoint when the server detail page or the user server gateway page
is open and the browser tab is visible.  This prevents the idle
shutdown timer from expiring while a user is actively monitoring
their server in the UI.

Also update the default idle shutdown timeout from 30 minutes to 15
and include a test confirming that requesting an access token already
refreshes the last_activity timestamp.
- Add GitHub Actions workflow for markdown lint and link checks
- Add markdownlint-cli2 configuration
- Move research docs into structured docs/ hierarchy (architecture,
  operations, security, development, reference)
- Remove stale .research/ files
- Consolidate README with simplified quick start and architecture
  diagram
- Update AGENTS.md for docs ownership and structure
- Add nukelabctl lint markdown target and update selftest
Migrate .github/workflows/ci.yml and security.yml runner Python to 3.13
and Node to 24. Switch backend base image from python:3.12-slim to
3.13-slim, frontend builder from node:22-alpine to 24-alpine, and
environments/base from ubuntu:24.04 to debian:13 with Node 24.
Reflect updated base images in PENETRATION-TEST-FINDINGS.md and require
Node >=24.0.0 in frontend/package.json.
Switch from storing raw HTML coverage reports as CI artifacts to using
CodeCoverageSummary for a Markdown comment with badges and indicators.
Drop the artifact upload step entirely since the summary now serves as
the primary coverage output.
@github-advanced-security

Copy link
Copy Markdown

You are seeing this message because GitHub Code Scanning has recently been set up for this repository, or this pull request contains the workflow file for the Code Scanning tool.

What Enabling Code Scanning Means:

  • The 'Security' tab will display more code scanning analysis results (e.g., for the default branch).
  • Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results.
  • You will be able to see the analysis results for the pull request's branch on this overview once the scans have completed and the checks have passed.

For more information about GitHub Code Scanning, check out the documentation.

- Add path filters so security workflow only runs on relevant changes.
- Add cp .env.example .env.development and chmod +x ./nukelabctl to all steps.
- Make Trivy image scans non-blocking while still generating SARIF.
- Merge backend/frontend Trivy SARIF into a single run for upload-sarif@v4.
- Bump codeql-action/upload-sarif to v4.
Bump opentelemetry packages to latest (v1.32.1 / v0.53b1), relax
setuptools
constraint to >=80.0.0, and strip wheel/jaraco.context from the
production
image to reduce the attack surface. Allow Trivy to report findings
without
failing the CI workflow.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants