Improve security, accessibility, performance, and test coverage#4
Open
seonghobae wants to merge 23 commits into
Open
Improve security, accessibility, performance, and test coverage#4seonghobae wants to merge 23 commits into
seonghobae wants to merge 23 commits into
Conversation
…946791887813456
…n-10395253918421161359
…vement-17389468144540365696 🎨 Palette: [모바일 대응 및 접근성 개선] 생성되는 HTML의 UX 향상
…rity-fix-14813152935079340959
Merged after central .github required workflows completed and OpenCode approved the current head.
Merged after resolving conflicts, addressing Strix findings, passing Gradle tests, and receiving central OpenCode approval.
Merged after resolving conflicts with current accessibility structure, passing Gradle tests, and receiving central OpenCode approval.
Merged after updating against current master, passing Gradle tests, and receiving central OpenCode approval.
Merged after combining symlink traversal protections with current safe-write behavior, passing Gradle tests, and receiving central OpenCode approval.
Merged after resolving conflicts with current master, preserving prior symlink traversal protections and adding the maxLevel enqueue guard from PR #28. Verified with JDK 11 Gradle tests and required current-head OpenCode approval.
Merged after refreshing against current master and combining decorative-icon aria-hidden spans with the existing semantic landmark, aria-label, and symlink-safe generator changes. Verified with JDK 11 Gradle tests and required current-head OpenCode approval.
Merged after refreshing against current master and preserving the existing accessibility, performance, and symlink protections. Adds a CSP meta tag for generated HTML as defense-in-depth. Verified with JDK 11 Gradle tests and required current-head OpenCode approval.
Merged after resolving conflicts with current master and removing a brittle internal coverage test. Adds a helpful empty-directory message to generated listings. Verified with JDK 11 Gradle tests and required current-head OpenCode approval.
canonicalFile로 인해 심볼릭 링크 제한 검사가 무력화되는 문제를 absoluteFile.toPath().normalize().toFile()로 교체하여 정상화했습니다. Co-authored-by: seonghobae <8172694+seonghobae@users.noreply.github.com>
* ⚡ Bolt: escapeHtml 성능 최적화 (단일 루프 및 StringBuilder 사용) * ⚡ Bolt: escapeHtml 성능 최적화 (단일 루프 및 StringBuilder 사용) 기존의 연쇄적인 `.replace()` 호출은 각 치환 단계마다 새로운 중간 문자열을 메모리에 할당하여 쓰레기 수집(Garbage Collection) 및 CPU 부하를 발생시키는 주요 성능 병목이었습니다. 단일 루프 방식은 한 번의 순회만으로 치환을 수행하며, 문자열 수정이 필요할 때만 `StringBuilder`를 초기화하여 메모리 할당을 최소화합니다. --------- Co-authored-by: seonghobae <8172694+seonghobae@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Overview
This PR improves
html4treeso generated directory indexes are safer, more accessible, easier to validate, and more robust for real-world filenames.What changed
NOFOLLOW_LINKSchecks for the top directory and child directory traversal.index.htmlsymlink overwrite issues by writing to a temporary file and then replacing the generated index atomically.escapeHtml()from chainedreplace()calls to a single-pass, lazily allocatedStringBuilderimplementation to reduce intermediate string allocations.hrefpaths so spaces, slashes, and non-ASCII filenames are handled more reliably..html4ignorehandling by compiling valid regex patterns once, ignoring empty lines, and skipping invalid regexes without aborting the whole directory render.lang,charset,viewport,main,nav,aria-label, empty-directory feedback, and focus/hover styles.CodeGraph review
I used
colbymchenry/codegraphto index the current code and confirm the main impact paths:go()->process_dir()->process_ignore_file()process_dir()->escapeHtml()/urlEncodePath()/write_index_file()MainTest.ktandUtilTest.kt.Validation
JAVA_HOME=/usr/lib/jvm/java-11-openjdk-amd64 ./gradlew testResult:
BUILD SUCCESSFULRelated fork PRs
The ContextualWisdomLab fork first merged the currently valid, mergeable improvements that had already passed review and required checks: