Skip to content

Misc refactors #19

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
developStorm wants to merge 18 commits into
base: main
Choose a base branch
from
Open

Misc refactors #19

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
18 commits
Select commit Hold shift + click to select a range
3cdb1fd
refactor: split into static frontend and Cloudflare Worker API
claude Dec 27, 2025
7e570f9
feat: add Telegram and Matrix bot API compatibility
claude Dec 27, 2025
3cf52f2
feat: add loading animations using Tailwind
claude Dec 27, 2025
b962ef3
feat: add AI-based URL sanitization fallback
claude Dec 27, 2025
adc467e
feat: add browser rendering for parameter binary search
claude Dec 27, 2025
3ffff83
feat: add GitHub issue submission for rule contribution
claude Dec 27, 2025
ec142ec
fix: improve browser sanitization and GitHub issue privacy
claude Dec 27, 2025
d4a9b29
feat: use AI vision for page similarity comparison
claude Dec 27, 2025
d02a864
feat: rewrite frontend from Next.js to SvelteKit
claude Dec 27, 2025
d9d1ae1
test: add Playwright e2e tests with mocked API
claude Dec 27, 2025
3dec0b4
refactor: merge sanitize page into home for privacy
claude Dec 27, 2025
d2540a9
chore: add playwright artifacts to gitignore
claude Dec 27, 2025
f882172
ci: replace Docker with Cloudflare Pages deployment
claude Dec 27, 2025
f22138e
docs: add development workflow documentation
claude Dec 27, 2025
3cad2f3
ci: add worker deployment workflow and update docs
claude Dec 27, 2025
a3400e3
fix: correct typo in arePagesSimilar function name
claude Dec 27, 2025
ef72068
ci: add wrangler.json for Pages deployment
claude Dec 27, 2025
c645eec
fix: enable prerendering and add favicon for static build
claude Dec 27, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
38 changes: 38 additions & 0 deletions .github/workflows/deploy-worker.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,38 @@
name: Deploy Worker

on:
push:
branches: [main]
paths:
- "worker/**"

concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true

jobs:
deploy:
name: Deploy to Cloudflare Workers
runs-on: ubuntu-latest
defaults:
run:
working-directory: worker
steps:
- name: Checkout
uses: actions/checkout@v6

- name: Setup Node.js 24
uses: actions/setup-node@v6
with:
node-version: 24

- name: Install dependencies
run: npm ci

- name: Deploy Worker
uses: cloudflare/wrangler-action@v3
with:
apiToken: ${{ secrets.CLOUDFLARE_API_TOKEN }}
accountId: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
workingDirectory: worker
command: deploy
Comment on lines +15 to +38

Check warning

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {contents: read}

Copilot Autofix

AI 3 months ago

To fix the problem, explicitly define minimal GITHUB_TOKEN permissions for this workflow or job so it no longer relies on repository/organization defaults. Since the job only needs to check out the repository and then use a separate Cloudflare API token, it only needs read access to repository contents.

The best way to fix this without changing functionality is to add a permissions block at the root of the workflow (so it applies to all jobs) with contents: read. Concretely, in .github/workflows/deploy-worker.yml, insert:

permissions:
  contents: read

between the on: block and the concurrency: block (after current line 8). This will ensure the GITHUB_TOKEN is restricted to read-only access to repository contents while leaving the rest of the workflow unchanged.

Suggested changeset 1
.github/workflows/deploy-worker.yml

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/.github/workflows/deploy-worker.yml b/.github/workflows/deploy-worker.yml
--- a/.github/workflows/deploy-worker.yml
+++ b/.github/workflows/deploy-worker.yml
@@ -6,6 +6,9 @@
     paths:
       - "worker/**"
 
+permissions:
+  contents: read
+
 concurrency:
   group: ${{ github.workflow }}-${{ github.ref }}
   cancel-in-progress: true
EOF
@@ -6,6 +6,9 @@
paths:
- "worker/**"

permissions:
contents: read

concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
Copilot is powered by AI and may make mistakes. Always verify output.
39 changes: 39 additions & 0 deletions .github/workflows/deploy.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
name: Deploy

on:
push:
branches: [main]

concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true

jobs:
deploy:
name: Deploy to Cloudflare Pages
runs-on: ubuntu-latest
permissions:
contents: read
deployments: write
steps:
- name: Checkout
uses: actions/checkout@v6

- name: Setup Node.js 24
uses: actions/setup-node@v6
with:
node-version: 24
cache: npm

- name: Install dependencies
run: npm ci

- name: Build
run: npm run build

- name: Deploy to Cloudflare Pages
uses: cloudflare/wrangler-action@v3
with:
apiToken: ${{ secrets.CLOUDFLARE_API_TOKEN }}
accountId: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
command: pages deploy out --project-name=tail-wtf
143 changes: 0 additions & 143 deletions .github/workflows/docker-publish.yml
View file
Open in desktop

This file was deleted.

33 changes: 33 additions & 0 deletions .github/workflows/verify.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -51,3 +51,36 @@ jobs:

- name: Lint
run: npm run lint

test-e2e:
name: E2E Tests
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v6

- name: Setup Node.js 24
uses: actions/setup-node@v6
with:
node-version: 24
cache: npm

- name: Install dependencies
run: npm ci

- name: Install Playwright Browsers
run: npx playwright install --with-deps chromium

- name: Build
run: npm run build

- name: Run E2E tests
run: npm run test:e2e

- name: Upload Playwright Report
uses: actions/upload-artifact@v4
if: ${{ !cancelled() }}
with:
name: playwright-report
path: playwright-report/
retention-days: 30
7 changes: 5 additions & 2 deletions .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,10 +7,12 @@

# testing
/coverage
/playwright-report/
/test-results/

# next.js
# sveltekit
/.svelte-kit/
/.next/
/.swc/
/out/

# production
Expand All @@ -35,3 +37,4 @@ yarn-error.log*

# typescript
*.tsbuildinfo
worker/node_modules
5 changes: 4 additions & 1 deletion .prettierignore
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1 +1,4 @@
/.next/
/.svelte-kit/
/build/
/out/
/node_modules/
45 changes: 0 additions & 45 deletions Dockerfile
View file
Open in desktop

This file was deleted.

Loading