temp#27
Closed
codewithaman07 wants to merge 21 commits into
Closed
Conversation
- Split app/lib/database.ts into: - app/lib/db/mood.ts (Mood entries) - app/lib/db/chat.ts (Chat sessions & messages) - app/lib/db/quotes.ts (Saved quotes) - app/lib/db/user.ts (User stats) - app/lib/db/peer.ts (Peer support) - Updated imports in app/context/ChatContext.tsx, app/affirmations/page.tsx, app/mood/page.tsx, and app/community/page.tsx - Deleted app/lib/database.ts - Verified with npm run build Co-authored-by: codewithaman07 <135147451+codewithaman07@users.noreply.github.com>
…rnalPrompt components - Implemented `sanitizeHtml` utility using `dompurify` - Applied sanitization to `dangerouslySetInnerHTML` in `Chat.tsx` and `JournalPrompt.tsx` - Added unit test for SSR behavior of `sanitizeHtml` - Added `dompurify` and `@types/dompurify` dependencies Co-authored-by: codewithaman07 <135147451+codewithaman07@users.noreply.github.com>
- Added `app/lib/logger.ts` with `logError` and `sanitizeValue` functions.
- `sanitizeValue` redacts API keys, JWTs, and sensitive object keys (e.g., password, secret, token).
- Replaced `console.error` with `logError` in:
- `app/api/chat/route.ts`
- `app/api/quote/route.ts`
- `app/services/ragService.ts`
- Added unit tests in `app/lib/logger.test.ts`.
This fixes the vulnerability where sensitive information could be logged to the console on error.
Co-authored-by: codewithaman07 <135147451+codewithaman07@users.noreply.github.com>
- Remove redundant .toLowerCase() call in keyword matching loop - Change WellnessTool import to type-only import - Add unit tests for emotion detection service Co-authored-by: codewithaman07 <135147451+codewithaman07@users.noreply.github.com>
- Added `if (isFlipping) return;` guard clause to `drawNextCard`. - Updated `useCallback` dependency array to include `isFlipping`. - Verified 10x reduction in database calls under rapid clicking using a benchmark script. Co-authored-by: codewithaman07 <135147451+codewithaman07@users.noreply.github.com>
- Replaced `dompurify` + weak regex fallback with `isomorphic-dompurify`. - Ensures robust sanitization on both server (SSR) and client, preventing HTML injection. - Updated unit test to reflect correct script stripping behavior. Co-authored-by: codewithaman07 <135147451+codewithaman07@users.noreply.github.com>
Co-authored-by: codewithaman07 <135147451+codewithaman07@users.noreply.github.com>
…ring-4996535367487419185 fix(crisis-detection): Prevent false positives with word boundary matching
- Extracted `PostCard` component to `app/components/PostCard.tsx` - Moved shared utilities (`AVATARS`, `COLORS`, `getAnonymousIdentity`, `timeAgo`, `CATEGORIES`) to `app/lib/community.ts` - Updated `app/community/page.tsx` to use the new component and utilities - Improved code maintainability and separation of concerns Co-authored-by: codewithaman07 <135147451+codewithaman07@users.noreply.github.com>
…main-17851207981027042725 🧹 Refactor: Split database.ts by Domain
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
…4362204752560888417 🔒 Fix Stored XSS in Chat and JournalPrompt via sanitization
…ze-16823562910971665413 🔒 Secure Logger Implementation to Prevent Sensitive Data Exposure
…imization-5176116191051262745 ⚡ Improve emotion detection performance by ~33%
…t-card-5319975932359331419 ⚡ Throttle Affirmations Draw Button
…ffect-10973287183591162512 Refactor: Extract SparkleEffect component
…t-17244515886689537428 🧹 Extract PostCard Component from Community Page
Contributor
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.