Skip to content

Commit a5bb65e

Browse files
authored
Merge pull request #105 from raifdmueller/main
feat: Risk Radar improvements - ESLint, Prettier, CodeQL, npm audit, docs update
2 parents bd89ec9 + 1fbfe36 commit a5bb65e

32 files changed

Lines changed: 3387 additions & 841 deletions

.github/workflows/codeql.yml

Lines changed: 42 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,42 @@
1+
name: CodeQL Security Analysis
2+
3+
on:
4+
push:
5+
branches: [main]
6+
pull_request:
7+
branches: [main]
8+
schedule:
9+
# Run weekly on Mondays at 08:00 UTC
10+
- cron: '0 8 * * 1'
11+
12+
jobs:
13+
analyze:
14+
name: Analyze (${{ matrix.language }})
15+
runs-on: ubuntu-latest
16+
permissions:
17+
actions: read
18+
contents: read
19+
security-events: write
20+
21+
strategy:
22+
fail-fast: false
23+
matrix:
24+
language: [javascript-typescript]
25+
26+
steps:
27+
- name: Checkout repository
28+
uses: actions/checkout@v4
29+
30+
- name: Initialize CodeQL
31+
uses: github/codeql-action/init@v3
32+
with:
33+
languages: ${{ matrix.language }}
34+
queries: security-extended
35+
36+
- name: Autobuild
37+
uses: github/codeql-action/autobuild@v3
38+
39+
- name: Perform CodeQL Analysis
40+
uses: github/codeql-action/analyze@v3
41+
with:
42+
category: '/language:${{ matrix.language }}'

.github/workflows/test.yml

Lines changed: 48 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,32 @@ on:
88
workflow_dispatch:
99

1010
jobs:
11+
lint:
12+
name: Lint & Format Check
13+
runs-on: ubuntu-latest
14+
steps:
15+
- name: Checkout repository
16+
uses: actions/checkout@v4
17+
18+
- name: Setup Node.js
19+
uses: actions/setup-node@v4
20+
with:
21+
node-version: '20'
22+
cache: 'npm'
23+
cache-dependency-path: website/package-lock.json
24+
25+
- name: Install dependencies
26+
working-directory: ./website
27+
run: npm ci
28+
29+
- name: Run ESLint
30+
working-directory: ./website
31+
run: npm run lint
32+
33+
- name: Check Prettier formatting
34+
working-directory: ./website
35+
run: npm run format:check
36+
1137
e2e-tests:
1238
name: E2E Tests
1339
runs-on: ubuntu-latest
@@ -83,3 +109,25 @@ jobs:
83109
name: lighthouse-report
84110
path: website/.lighthouseci/
85111
retention-days: 7
112+
113+
dependency-check:
114+
name: Dependency Security Audit
115+
runs-on: ubuntu-latest
116+
steps:
117+
- name: Checkout repository
118+
uses: actions/checkout@v4
119+
120+
- name: Setup Node.js
121+
uses: actions/setup-node@v4
122+
with:
123+
node-version: '20'
124+
cache: 'npm'
125+
cache-dependency-path: website/package-lock.json
126+
127+
- name: Install dependencies
128+
working-directory: ./website
129+
run: npm ci
130+
131+
- name: Run security audit
132+
working-directory: ./website
133+
run: npm audit --audit-level=high

PROJECT_STATUS.md

Lines changed: 86 additions & 85 deletions
Original file line numberDiff line numberDiff line change
@@ -1,132 +1,133 @@
1-
# Project Status: Semantic Anchors Website Redesign
1+
# Project Status: Semantic Anchors Website
22

3-
**Last Updated:** 2025-02-13
4-
**Current Phase:** Planning Complete ✅ → Ready for Phase 1
3+
**Last Updated:** 2026-02-20
4+
**Current Phase:** All Phases Complete - Website Live
55

6-
## 📊 Quick Stats
6+
## Quick Stats
77

8-
- **19 GitHub Issues** created and ready
9-
- **3 Epics** for organized work (Phase 1, 2, 3)
8+
- **Website Live**: https://llm-coding.github.io/Semantic-Anchors/
9+
- **28 E2E Tests** all passing
10+
- **5 ADRs** with Pugh matrices (ADR-001 to ADR-005)
11+
- **8 open Risk Radar issues** (#81-88) being actively worked on
1012
- **2,693 lines** of specifications
1113
- **2,804 lines** of arc42 architecture
12-
- **4 ADRs** with Pugh matrices
1314

14-
## 📋 Documentation Status
15+
## Documentation Status
1516

1617
| Document | Status | Location |
1718
|----------|--------|----------|
18-
| PRD | Complete | `docs/PRD.md` |
19-
| Use Cases | Complete | `docs/specs/01_use_cases.adoc` |
20-
| API Specification | Complete | `docs/specs/02_api_specification.adoc` |
21-
| Acceptance Criteria | Complete | `docs/specs/03_acceptance_criteria.adoc` |
22-
| ADRs | Complete | `docs/specs/adrs/` |
23-
| arc42 Architecture | Complete | `docs/arc42/` |
24-
| CLAUDE.md | Complete | `CLAUDE.md` |
19+
| PRD | Complete | `docs/PRD.md` |
20+
| Use Cases | Complete | `docs/specs/01_use_cases.adoc` |
21+
| API Specification | Complete | `docs/specs/02_api_specification.adoc` |
22+
| Acceptance Criteria | Complete | `docs/specs/03_acceptance_criteria.adoc` |
23+
| ADRs | Complete | `docs/specs/adrs/` |
24+
| arc42 Architecture | Complete | `docs/arc42/` |
25+
| CLAUDE.md | Complete | `CLAUDE.md` |
2526

26-
## 🎯 Implementation Roadmap
27+
## Implementation Status
2728

28-
### Phase 0: Planning (COMPLETE)
29+
### Phase 0: Planning (COMPLETE)
2930
- [x] Create PRD
3031
- [x] Write specifications
3132
- [x] Create arc42 architecture
32-
- [x] Write ADRs
33+
- [x] Write ADRs (ADR-001 to ADR-005)
3334
- [x] Create GitHub Issues
3435

35-
### 🔄 Phase 1: Foundation (Ready to Start)
36-
**Timeline:** Week 1-2
36+
### Phase 1: Foundation (COMPLETE)
3737
**Epic:** [#35](https://github.com/LLM-Coding/Semantic-Anchors/issues/35)
3838

39-
**Issues:**
40-
- [ ] [#36](https://github.com/LLM-Coding/Semantic-Anchors/issues/36) MECE analysis
41-
- [ ] [#37](https://github.com/LLM-Coding/Semantic-Anchors/issues/37) Role mapping
42-
- [ ] [#38](https://github.com/LLM-Coding/Semantic-Anchors/issues/38) Split README
43-
- [ ] [#39](https://github.com/LLM-Coding/Semantic-Anchors/issues/39) Metadata script
44-
- [ ] [#40](https://github.com/LLM-Coding/Semantic-Anchors/issues/40) Generate includes
39+
- [x] [#36](https://github.com/LLM-Coding/Semantic-Anchors/issues/36) MECE analysis
40+
- [x] [#37](https://github.com/LLM-Coding/Semantic-Anchors/issues/37) Role mapping
41+
- [x] [#38](https://github.com/LLM-Coding/Semantic-Anchors/issues/38) Split README into individual anchor files
42+
- [x] [#39](https://github.com/LLM-Coding/Semantic-Anchors/issues/39) Metadata extraction script
43+
- [x] [#40](https://github.com/LLM-Coding/Semantic-Anchors/issues/40) Generate category/role include files
4544

46-
### ⏳ Phase 2: Website Development (Blocked)
47-
**Timeline:** Week 3-5
45+
### Phase 2: Website Development (COMPLETE)
4846
**Epic:** [#41](https://github.com/LLM-Coding/Semantic-Anchors/issues/41)
49-
**Dependencies:** Phase 1 must complete
50-
51-
**Issues:**
52-
- [ ] [#42](https://github.com/LLM-Coding/Semantic-Anchors/issues/42) Vite setup
53-
- [ ] [#43](https://github.com/LLM-Coding/Semantic-Anchors/issues/43) Treemap
54-
- [ ] [#44](https://github.com/LLM-Coding/Semantic-Anchors/issues/44) Role filter
55-
- [ ] [#45](https://github.com/LLM-Coding/Semantic-Anchors/issues/45) Search
56-
- [ ] [#46](https://github.com/LLM-Coding/Semantic-Anchors/issues/46) AsciiDoc rendering
57-
- [ ] [#47](https://github.com/LLM-Coding/Semantic-Anchors/issues/47) i18n
58-
- [ ] [#48](https://github.com/LLM-Coding/Semantic-Anchors/issues/48) Theming
59-
60-
### ⏳ Phase 3: Automation & Deployment (Blocked)
61-
**Timeline:** Week 6-7
62-
**Epic:** [#49](https://github.com/LLM-Coding/Semantic-Anchors/issues/49)
63-
**Dependencies:** Phase 2 must complete
64-
65-
**Issues:**
66-
- [ ] [#50](https://github.com/LLM-Coding/Semantic-Anchors/issues/50) GitHub Actions
67-
- [ ] [#51](https://github.com/LLM-Coding/Semantic-Anchors/issues/51) Issue templates
68-
- [ ] [#52](https://github.com/LLM-Coding/Semantic-Anchors/issues/52) CONTRIBUTING.md
69-
- [ ] [#53](https://github.com/LLM-Coding/Semantic-Anchors/issues/53) Update README
7047

71-
### 🔮 Phase 4: Enhancement (Future)
72-
**Timeline:** Week 8+
48+
- [x] [#42](https://github.com/LLM-Coding/Semantic-Anchors/issues/42) Vite setup
49+
- [x] [#43](https://github.com/LLM-Coding/Semantic-Anchors/issues/43) Card grid visualization (superseded treemap per ADR-005)
50+
- [x] [#44](https://github.com/LLM-Coding/Semantic-Anchors/issues/44) Role filter
51+
- [x] [#45](https://github.com/LLM-Coding/Semantic-Anchors/issues/45) Search functionality
52+
- [x] [#46](https://github.com/LLM-Coding/Semantic-Anchors/issues/46) AsciiDoc rendering
53+
- [x] [#47](https://github.com/LLM-Coding/Semantic-Anchors/issues/47) i18n (EN/DE)
54+
- [x] [#48](https://github.com/LLM-Coding/Semantic-Anchors/issues/48) Dark/Light theming
7355

74-
- GitHub Copilot validation workflow
75-
- Advanced search features
76-
- Privacy-first analytics
77-
- Service Worker for offline support
56+
### Phase 3: Automation & Deployment (COMPLETE)
57+
**Epic:** [#49](https://github.com/LLM-Coding/Semantic-Anchors/issues/49)
7858

79-
## 🏗️ Tech Stack Decisions
59+
- [x] [#50](https://github.com/LLM-Coding/Semantic-Anchors/issues/50) GitHub Actions deployment
60+
- [x] [#51](https://github.com/LLM-Coding/Semantic-Anchors/issues/51) Issue templates
61+
- [x] [#52](https://github.com/LLM-Coding/Semantic-Anchors/issues/52) CONTRIBUTING.md
62+
- [x] [#53](https://github.com/LLM-Coding/Semantic-Anchors/issues/53) Updated README
63+
- [x] E2E tests with Playwright (28 tests, all passing)
64+
- [x] Lighthouse CI integration
65+
66+
### Phase 4: Enhancement (In Progress)
67+
**Risk Radar issues** tracked in https://github.com/LLM-Coding/Semantic-Anchors/labels/risk-radar
68+
69+
- [ ] [#81](https://github.com/LLM-Coding/Semantic-Anchors/issues/81) ESLint / Prettier configuration
70+
- [ ] [#82](https://github.com/LLM-Coding/Semantic-Anchors/issues/82) Pre-commit hooks (husky)
71+
- [ ] [#83](https://github.com/LLM-Coding/Semantic-Anchors/issues/83) npm audit in CI
72+
- [ ] [#84](https://github.com/LLM-Coding/Semantic-Anchors/issues/84) SAST (Semgrep / CodeQL)
73+
- [ ] [#85](https://github.com/LLM-Coding/Semantic-Anchors/issues/85) Property-based tests
74+
- [ ] [#86](https://github.com/LLM-Coding/Semantic-Anchors/issues/86) AI code review (CodeRabbit / Copilot Review)
75+
- [ ] [#87](https://github.com/LLM-Coding/Semantic-Anchors/issues/87) SonarQube quality gate
76+
- [ ] [#88](https://github.com/LLM-Coding/Semantic-Anchors/issues/88) Sampling review (~20%)
77+
- [ ] GitHub Copilot validation workflow
78+
- [ ] Advanced search features
79+
- [ ] Privacy-first analytics
80+
81+
## Tech Stack Decisions
8082

8183
All decisions are documented with Pugh matrices:
8284

8385
| Decision | Winner | Score | ADR |
8486
|----------|--------|-------|-----|
8587
| Static Site Generator | Vite | +88 | [ADR-001](docs/specs/adrs/adr-001-static-site-generator.adoc) |
8688
| Metadata Storage | AsciiDoc Attributes | +51 | [ADR-002](docs/specs/adrs/adr-002-metadata-storage.adoc) |
87-
| Treemap Library | Apache ECharts | +77 | [ADR-003](docs/specs/adrs/adr-003-treemap-library.adoc) |
89+
| Visualization Library (superseded) | Apache ECharts for Treemap | +77 | [ADR-003](docs/specs/adrs/adr-003-treemap-library.adoc) |
8890
| File Structure | One File per Anchor | +105 | [ADR-004](docs/specs/adrs/adr-004-one-file-per-anchor.adoc) |
91+
| Visualization (current) | Card Grid | +137 | [ADR-005](docs/specs/adrs/adr-005-card-grid-visualization.adoc) |
8992

90-
## 📈 Success Criteria
93+
**Note:** ADR-003 (Apache ECharts for Treemap) was superseded by ADR-005 (Card Grid) due to fundamental usability issues with the treemap (text truncation, poor contrast, viewport cut-off).
9194

92-
### Phase 1 Success
93-
- ✅ MECE-compliant categories
94-
- ✅ All 60+ anchors in separate files
95-
- ✅ Metadata extracted and validated
96-
- ✅ Includes working
95+
## Success Criteria
9796

98-
### Phase 2 Success (MVP)
99-
- ✅ Website runs locally
100-
- ✅ All core features working
101-
- ✅ Responsive design
102-
- ✅ Dark/Light mode
103-
- ✅ EN/DE language switching
97+
### Phase 1 Success (Achieved)
98+
- [x] MECE-compliant categories
99+
- [x] All 60+ anchors in separate files
100+
- [x] Metadata extracted and validated
101+
- [x] Includes working
104102

105-
### Phase 3 Success (Launch)
106-
- ✅ Auto-deployment working
107-
- ✅ Issue templates functional
108-
- ✅ CONTRIBUTING.md clear
109-
- ✅ Website live on GitHub Pages
103+
### Phase 2 Success / MVP (Achieved)
104+
- [x] Website runs locally and on GitHub Pages
105+
- [x] All core features working
106+
- [x] Responsive design
107+
- [x] Dark/Light mode
108+
- [x] EN/DE language switching
109+
- [x] Card grid visualization (replaced original treemap plan)
110+
111+
### Phase 3 Success / Launch (Achieved)
112+
- [x] Auto-deployment working
113+
- [x] Issue templates functional
114+
- [x] CONTRIBUTING.md clear
115+
- [x] Website live: https://llm-coding.github.io/Semantic-Anchors/
116+
- [x] 28 E2E tests passing
110117

111118
### Overall Success Metrics
112119
- Lighthouse Performance > 90
113120
- WCAG 2.1 AA compliance
114121
- Load time < 2s on 3G
115-
- 50% increase in contributions (3 months post-launch)
116-
117-
## 🎯 Next Steps
118-
119-
1. **Review Issue #54** (Project Overview) - Pin it!
120-
2. **Start Phase 1** with Issue #36 (MECE analysis)
121-
3. **Sequential execution**: Complete Phase 1 before starting Phase 2
122-
4. **Regular check-ins**: Update this file as phases complete
122+
- 50% increase in contributions target (3 months post-launch)
123123

124-
## 📞 Contact
124+
## Contact
125125

126126
**Maintainer:** @rdmueller
127-
**Architecture:** Claude Sonnet 4.5 (AI-assisted design)
127+
**Architecture:** Claude Sonnet (AI-assisted design)
128128
**Repository:** https://github.com/LLM-Coding/Semantic-Anchors
129+
**Live Website:** https://llm-coding.github.io/Semantic-Anchors/
129130

130131
---
131132

132-
💡 **Tip:** See [Issue #54](https://github.com/LLM-Coding/Semantic-Anchors/issues/54) for the complete project overview.
133+
See [Issue #54](https://github.com/LLM-Coding/Semantic-Anchors/issues/54) for the complete project overview.

0 commit comments

Comments
 (0)