forgejo_admin/pal-e-api
1
0
Fork 1
Code Issues 8 Pull requests Projects Releases Packages Wiki Activity Actions

Add browser frontend at /browse/ #6

Merged
forgejo_admin merged 2 commits from 5-browse-frontend into main 2026-02-24 15:54:50 +00:00
Conversation 1 Commits 2 Files changed 9 +308
forgejo_admin commented 2026-02-24 15:45:13 +00:00
Owner
Copy link

Summary

  • Jinja2 server-side rendered frontend at /browse/
  • 6 templates: projects, project notes, note detail (with links), tags, tag notes
  • System fonts, minimal CSS, no client-side JS
  • Added jinja2>=3.1 dependency

Closes #5

Test plan

  • /browse/ shows project list
  • /browse/projects/pal-e-platform shows notes in project
  • /browse/notes/platform-architecture renders HTML content with tags and linked notes
  • /browse/tags shows all tags
  • /browse/tags/sop shows notes tagged 'sop'
  • ruff check passes
  • Woodpecker builds successfully
## Summary - Jinja2 server-side rendered frontend at `/browse/` - 6 templates: projects, project notes, note detail (with links), tags, tag notes - System fonts, minimal CSS, no client-side JS - Added `jinja2>=3.1` dependency Closes #5 ## Test plan - [ ] `/browse/` shows project list - [ ] `/browse/projects/pal-e-platform` shows notes in project - [ ] `/browse/notes/platform-architecture` renders HTML content with tags and linked notes - [ ] `/browse/tags` shows all tags - [ ] `/browse/tags/sop` shows notes tagged 'sop' - [ ] `ruff check` passes - [ ] Woodpecker builds successfully
Add browser frontend at /browse/ (#5)
All checks were successful
ci/woodpecker/pr/woodpecker Pipeline was successful
Details
7a30893fe1 
Jinja2 server-side rendered frontend with 6 templates:
- /browse/ — project list
- /browse/projects/{slug} — notes in a project
- /browse/notes/{slug} — note with content, tags, and linked notes
- /browse/tags — all tags
- /browse/tags/{name} — notes filtered by tag

System fonts, minimal CSS, no client-side JS.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Address PR review: XSS comment and urlencode tag URLs
All checks were successful
ci/woodpecker/pr/woodpecker Pipeline was successful
Details
36967ac6d6 
- Add comment documenting intentional | safe usage and XSS risk
- Add | urlencode to tag name URLs in templates

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
forgejo_admin commented 2026-02-24 15:48:45 +00:00
Author
Owner
Copy link

Review fixes applied

  1. BLOCKING — XSS comment: Added Jinja2 comment above | safe in note.html documenting the intentional unsanitized HTML rendering, accepted risk (Tailscale-only, no auth, trusted MCP agents), and reference to issue #2.
  2. NIT — urlencode: Added | urlencode to tag name URLs in all 4 templates (note.html, project_notes.html, tag_notes.html, tags.html).
## Review fixes applied 1. **BLOCKING — XSS comment:** Added Jinja2 comment above `| safe` in `note.html` documenting the intentional unsanitized HTML rendering, accepted risk (Tailscale-only, no auth, trusted MCP agents), and reference to issue #2. 2. **NIT — urlencode:** Added `| urlencode` to tag name URLs in all 4 templates (`note.html`, `project_notes.html`, `tag_notes.html`, `tags.html`).
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels   
domain:backend

   
domain:devops

   
domain:frontend

   
status:approved

QA passed, awaiting merge approval

  
status:in-progress

Dev agent is actively working

  
status:needs-fix

QA found issues, back to dev

  
status:qa

PR submitted, awaiting QA review

  
type:bug

Bug fix

  
type:devops

Infrastructure/CI/config work

  
type:feature

New functionality

No labels
domain:backend
domain:devops
domain:frontend
status:approved
status:in-progress
status:needs-fix
status:qa
type:bug
type:devops
type:feature
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
forgejo_admin/pal-e-api!6
No description provided.