jesse/cognix
1
0
Fork 0
Code Issues 7 Pull requests Projects Releases Packages Wiki Activity Actions

feat: harden dashboard for production use #80

Merged
jesse merged 5 commits from phase-8/dashboard-ui-pr7-hardening into main 2026-05-16 16:53:29 +02:00
Conversation 0 Commits 5 Files changed 37 +2448 -305
jesse commented 2026-05-14 04:18:12 +02:00
Owner
Copy link

Summary

  • Adds dashboard UI rate limiting and server-health cache coalescing without changing MCP auth behavior.
  • Tightens dashboard browser RPC, CORS header handling, and CSP-safe asset behavior.
  • Adds PR7 CI/docs/E2E accessibility coverage and release screenshots.

Verification

  • Pre-commit hook passed: secret detection, cargo fmt --check, cargo clippy.
## Summary - Adds dashboard UI rate limiting and server-health cache coalescing without changing MCP auth behavior. - Tightens dashboard browser RPC, CORS header handling, and CSP-safe asset behavior. - Adds PR7 CI/docs/E2E accessibility coverage and release screenshots. ## Verification - Pre-commit hook passed: secret detection, cargo fmt --check, cargo clippy.
test: fix dashboard UI router rate-limit tests
Some checks failed
CI / Detect Changes (pull_request) Successful in 12s
Details
CI / Format (pull_request) Has been skipped
Details
CI / Clippy (pull_request) Has been skipped
Details
CI / Integration Tests (pull_request) Has been skipped
Details
CI / Benchmarks (pull_request) Has been skipped
Details
CI / Security Scan (pull_request) Failing after 5s
Details
CI / Check (linux-aarch64 compile-validation) (pull_request) Failing after 5s
Details
CI / Check file lengths (pull_request) Failing after 5s
Details
CI / Build (release) (pull_request) Has been skipped
Details
CI / RSS gate (P-15) (pull_request) Has been skipped
Details
CI / D-02 Clean Build Gate (pull_request) Failing after 5s
Details
CI / PR Size Check (pull_request) Failing after 4s
Details
CI / Test (pull_request) Failing after 51s
Details
CI / Conventional Validation (pull_request) Successful in 2m18s
Details
CI / Clean Build Sample 1 (pull_request) Has been skipped
Details
CI / Clean Build Sample 2 (pull_request) Has been skipped
Details
CI / Clean Build Sample 3 (pull_request) Has been skipped
Details
CI / Clean Build Summary (pull_request) Has been skipped
Details
CI / Documentation (pull_request) Successful in 3m0s
Details
CI / Dashboard Browser (pull_request) Failing after 5m38s
Details
CI / Deny (pull_request) Successful in 7m1s
Details
CI / Dashboard UI Build (pull_request) Failing after 8m8s
Details
CI / Audit (CVEs) (pull_request) Successful in 8m23s
Details
CI / Coverage (80% gate) (pull_request) Successful in 10m29s
Details
CI / CI Report (pull_request) Successful in 4s
Details
003f23a1c8
test: install ConnectInfo on /ui requests for privacy + status smoke
Some checks failed
CI / Detect Changes (pull_request) Successful in 10s
Details
CI / Format (pull_request) Successful in 17s
Details
CI / Test (pull_request) Failing after 32s
Details
CI / Conventional Validation (pull_request) Successful in 49s
Details
CI / Integration Tests (pull_request) Has been skipped
Details
CI / D-02 Clean Build Gate (pull_request) Failing after 3s
Details
CI / Security Scan (pull_request) Successful in 18s
Details
CI / Benchmarks (pull_request) Has been skipped
Details
CI / Clean Build Sample 1 (pull_request) Has been skipped
Details
CI / Clean Build Sample 2 (pull_request) Has been skipped
Details
CI / Clean Build Sample 3 (pull_request) Has been skipped
Details
CI / Clean Build Summary (pull_request) Has been skipped
Details
CI / Check file lengths (pull_request) Failing after 29s
Details
CI / Dashboard Browser (pull_request) Failing after 1m4s
Details
CI / Documentation (pull_request) Successful in 2m9s
Details
CI / Clippy (pull_request) Successful in 2m38s
Details
CI / Check (linux-aarch64 compile-validation) (pull_request) Successful in 2m21s
Details
CI / Deny (pull_request) Successful in 5m29s
Details
CI / Audit (CVEs) (pull_request) Successful in 6m4s
Details
CI / Dashboard UI Build (pull_request) Successful in 7m41s
Details
CI / Coverage (80% gate) (pull_request) Successful in 8m28s
Details
CI / RSS gate (P-15) (pull_request) Successful in 6m14s
Details
CI / Build (release) (pull_request) Successful in 7m38s
Details
CI / PR Size Check (pull_request) Successful in 9s
Details
CI / CI Report (pull_request) Successful in 3s
Details
3fe8d556cb 
Group A's rate-limit fail-closed change now requires ConnectInfo<SocketAddr>
on every /ui request; without it the UI router returns HTTP 500. These two
pre-existing test files were not covered by the prior commits and broke as
collateral. Adds a loopback peer (127.0.0.1:49152) so the same-origin path
is exercised.
fix: resolve three CI failures on PR #80
Some checks failed
CI / Detect Changes (pull_request) Successful in 55s
Details
CI / Integration Tests (pull_request) Has been skipped
Details
CI / Benchmarks (pull_request) Has been skipped
Details
CI / Format (pull_request) Successful in 19s
Details
CI / Conventional Validation (pull_request) Successful in 1m50s
Details
CI / Clean Build Sample 1 (pull_request) Has been skipped
Details
CI / Clean Build Sample 3 (pull_request) Has been skipped
Details
CI / Clean Build Sample 2 (pull_request) Has been skipped
Details
CI / Clean Build Summary (pull_request) Has been skipped
Details
CI / Clippy (pull_request) Successful in 1m22s
Details
CI / RSS gate (P-15) (pull_request) Successful in 6m13s
Details
CI / Build (release) (pull_request) Successful in 8m8s
Details
CI / PR Size Check (pull_request) Successful in 19s
Details
CI / Test (pull_request) Successful in 7m21s
Details
CI / Dashboard UI Build (pull_request) Successful in 7m37s
Details
CI / Security Scan (pull_request) Successful in 16s
Details
CI / Check file lengths (pull_request) Successful in 24s
Details
CI / Dashboard Browser (pull_request) Failing after 1m18s
Details
CI / Documentation (pull_request) Successful in 1m35s
Details
CI / Check (linux-aarch64 compile-validation) (pull_request) Successful in 2m1s
Details
CI / Audit (CVEs) (pull_request) Successful in 4m9s
Details
CI / Deny (pull_request) Successful in 4m44s
Details
CI / D-02 Clean Build Gate (pull_request) Successful in 4m47s
Details
CI / Coverage (80% gate) (pull_request) Successful in 6m13s
Details
CI / CI Report (pull_request) Successful in 6s
Details
24ee23c0e8 
- app.js: showGraphView/showThoughtsView/showStatsView/showImproveView all
  called detailEl.querySelector('#graph') but #graph is a sibling of
  #session-detail, not a child — always returned null, so the graph panel
  never became visible. Add module-level graphSectionEl reference and use
  it everywhere (matching the existing pattern for statsSectionEl/improveSectionEl).

- e2e/dashboard.spec.ts: polling test asserted state.healthCalls === 1
  synchronously right after the first Playwright poll resolved. With 50 ms
  polling the second call can fire before the assertion, causing a non-
  deterministic failure in CI. Relax to toBeGreaterThanOrEqual(1).

- sse.rs: extract format_sse_event / format_sse_event_with_id to
  transport/sse/format.rs, reducing sse.rs from 813 to 775 lines and
  clearing the 800-line hard ceiling enforced by file-length-gate.sh.
fix: add explicit role=dialog to auth-dialog element
All checks were successful
CI / Detect Changes (pull_request) Successful in 10s
Details
CI / Integration Tests (pull_request) Has been skipped
Details
CI / Benchmarks (pull_request) Has been skipped
Details
CI / Format (pull_request) Successful in 23s
Details
CI / Security Scan (pull_request) Successful in 25s
Details
CI / Conventional Validation (pull_request) Successful in 44s
Details
CI / Check file lengths (pull_request) Successful in 29s
Details
CI / Clean Build Sample 1 (pull_request) Has been skipped
Details
CI / Clean Build Sample 2 (pull_request) Has been skipped
Details
CI / Clean Build Sample 3 (pull_request) Has been skipped
Details
CI / Clean Build Summary (pull_request) Has been skipped
Details
CI / Dashboard Browser (pull_request) Successful in 1m39s
Details
CI / Check (linux-aarch64 compile-validation) (pull_request) Successful in 1m37s
Details
CI / Documentation (pull_request) Successful in 3m6s
Details
CI / Clippy (pull_request) Successful in 3m47s
Details
CI / Deny (pull_request) Successful in 7m14s
Details
CI / Audit (CVEs) (pull_request) Successful in 9m21s
Details
CI / Test (pull_request) Successful in 10m33s
Details
CI / Dashboard UI Build (pull_request) Successful in 10m47s
Details
CI / Coverage (80% gate) (pull_request) Successful in 11m49s
Details
CI / RSS gate (P-15) (pull_request) Successful in 8m28s
Details
CI / Build (release) (pull_request) Successful in 10m0s
Details
CI / D-02 Clean Build Gate (pull_request) Successful in 13m55s
Details
CI / PR Size Check (pull_request) Successful in 11s
Details
CI / CI Report (pull_request) Successful in 4s
Details
7ec8883a2b 
Native <dialog> carries implicit ARIA role but Playwright toHaveAttribute
checks the DOM attribute directly, not the computed ARIA role. The PR7
accessibility smoke test at dashboard.spec.ts:250 therefore failed with
Received: "".

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
jesse merged commit 2768544051 into main 2026-05-16 16:53:29 +02:00
jesse deleted branch phase-8/dashboard-ui-pr7-hardening 2026-05-16 16:53:29 +02:00
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels
No items
No labels
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
jesse/cognix!80
No description provided.