Add rehype-sanitize after rehypeRaw in all ReactMarkdown usages:
- PluginReadme.tsx (plugin README rendering)
- DebugDialog.tsx (debug chat message rendering)
- NewVersionDialog.tsx (release notes rendering)
This prevents injection of raw HTML (e.g. <iframe srcdoc>) that
could steal session tokens and API credentials from localStorage.
Fixes GHSA-w8gq-g4pc-xh3h
* Initial plan
* Add monitoring tab to pipeline dialog with i18n support
Co-authored-by: RockChinQ <45992437+RockChinQ@users.noreply.github.com>
* Fix prettier formatting for monitoring tab component
Co-authored-by: RockChinQ <45992437+RockChinQ@users.noreply.github.com>
* Fix code review issues: use functional state updates and add comment for delay
Co-authored-by: RockChinQ <45992437+RockChinQ@users.noreply.github.com>
* Update dependencies and enhance monitoring tab functionality
- Updated various package versions in pnpm-lock.yaml for improved compatibility and performance.
- Refactored PipelineDetailDialog to streamline WebSocket connection status display.
- Enhanced PipelineMonitoringTab to support navigation to detailed logs and improved UI elements.
- Added i18n support for 'Detailed Logs' in English, Japanese, Simplified Chinese, and Traditional Chinese locales.
* Fix lint errors: remove unused Button import and format en-US.ts
Co-authored-by: RockChinQ <45992437+RockChinQ@users.noreply.github.com>
---------
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: RockChinQ <45992437+RockChinQ@users.noreply.github.com>
Co-authored-by: RockChinQ <rockchinq@gmail.com>
* feat: add WebChat adapter for pipeline debugging
- Create WebChatAdapter for handling debug messages in pipeline testing
- Add HTTP API endpoints for debug message sending and retrieval
- Implement frontend debug dialog with session switching (private/group chat)
- Add Chinese i18n translations for debug interface
- Auto-create default WebChat bot during database initialization
- Support fixed session IDs: webchatperson and webchatgroup for testing
Co-Authored-By: Junyan Qin <Chin>, 秦骏言 in Chinese, you can call me my english name Rock Chin. <rockchinq@gmail.com>
* perf: ui for webchat
* feat: complete webchat backend
* feat: core chat apis
* perf: button style in pipeline card
* perf: log btn in bot card
* perf: webchat entities definition
* fix: bugs
* perf: web chat
* perf: dialog styles
* perf: styles
* perf: styles
* fix: group invalid in webchat
* perf: simulate real im message
* perf: group timeout toast
* feat(webchat): add supports for mentioning bot in group
* perf(webchat): at component styles
* perf: at badge display in message
* fix: linter errors
* fix: webchat was listed on adapter list
---------
Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
Co-authored-by: Junyan Qin <Chin>, 秦骏言 in Chinese, you can call me my english name Rock Chin. <rockchinq@gmail.com>
