Improve content loading, TOML utilities, runtime setup, theme caching, and login throttle pruning by remdui · Pull Request #15 · remdui/Mylonite

remdui · 2026-03-21T15:11:17Z

Harden and simplify content loading and example scaffolding by centralizing TOML load/render helpers and adding strict validation support.
Prevent file-system traversal and stale/generated-file issues by validating entity IDs and pruning old login throttle records.
Ensure the runtime environment directories exist on startup and improve theme discovery caching by including static file signatures.

Introduced mylonite.core.toml_utils with render_toml and load_toml_file and migrated TOML I/O to use these helpers across the codebase.
Added strict content-validation support to PortfolioContentLoader (strict_validation flag) plus ContentValidationError, changed validation to apply schema defaults for missing values, and surfaced validation errors via loader tracking.
Tightened content repository and scaffold behaviors by adding is_valid_entity_id checks and rejecting invalid/path-traversal object IDs, and switched scaffold code to use render_toml.
Added prune_stale_login_throttles and invoke it in throttle inspection and registration, and introduced PANEL_LOGIN_THROTTLE_RETENTION_SECONDS setting.
Introduced runtime path utilities (resolve_runtime_paths, RuntimePaths, ensure_runtime_directories) and ensure runtime dirs are created in manage.py and wsgi.py, and updated settings.py to use those paths and the new TOML loader.
Improved theme discovery signature in ThemeResolver to include per-file static signatures to avoid stale cache entries.
Updated view models, mapping and templates to expose an intro_markdown field and prefer owner.bio for hero bio when available.

Ran unit tests covering modified modules including tests/apps/panel/test_services.py, tests/apps/web/test_content.py, tests/apps/web/test_content_scaffold.py, tests/apps/web/test_architecture_extensions.py, tests/apps/web/test_view_models.py, and tests/mylonite/core/test_core_modules.py via pytest and all tests passed.

Finish architecture debt fixes and tighten validation

cd960b0

remdui added the codex label Mar 21, 2026 — with ChatGPT Codex Connector

Provide feedback