docs: Add mdBook plugins for enhanced documentation

ammario · claude · ammario · commit 435ece013f4a · 2025-09-22T20:10:15.000-05:00
- Add mdbook-mermaid for diagram support - Add mdbook-linkcheck for broken link detection - Configure linkcheck to validate internal links only - Update GitHub Actions to install both plugins - Add example Mermaid diagram showing httpjail flow These plugins improve documentation quality by: - Enabling visual architecture diagrams with Mermaid - Automatically detecting broken internal links during builds - Ensuring documentation integrity in CI/CD 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml
@@ -27,6 +27,19 @@ jobs:
         uses: peaceiris/actions-mdbook@v2
         with:
           mdbook-version: 'latest'
+      
+      - name: Install mdbook-mermaid
+        run: |
+          curl -sSL https://github.com/badboy/mdbook-mermaid/releases/latest/download/mdbook-mermaid-v0.16.0-x86_64-unknown-linux-gnu.tar.gz | tar -xz
+          sudo mv mdbook-mermaid /usr/local/bin/
+          mdbook-mermaid install .
+      
+      - name: Install mdbook-linkcheck
+        run: |
+          curl -sSL https://github.com/Michael-F-Bryan/mdbook-linkcheck/releases/latest/download/mdbook-linkcheck.x86_64-unknown-linux-gnu.zip -o linkcheck.zip
+          unzip -q linkcheck.zip
+          chmod +x mdbook-linkcheck
+          sudo mv mdbook-linkcheck /usr/local/bin/
           
       - name: Build documentation
         run: mdbook build
diff --git a/book.toml b/book.toml
@@ -13,6 +13,9 @@ build-dir = "book"
 
 [preprocessor.links]
 
+[preprocessor.mermaid]
+command = "mdbook-mermaid"
+
 [output.html]
 default-theme = "rust"
 preferred-dark-theme = "navy"
@@ -24,7 +27,7 @@ cname = ""
 mathjax-support = false
 copy-fonts = true
 additional-css = []
-additional-js = []
+additional-js = ["mermaid.min.js", "mermaid-init.js"]
 no-section-label = false
 fold.enable = true
 fold.level = 0
@@ -45,3 +48,13 @@ expand = true
 heading-split-level = 3
 
 [output.html.redirect]
+
+[output.linkcheck]
+# Optional: Only check internal links (faster builds)
+follow-web-links = false
+# Optional: Allow links outside book root
+traverse-parent-directories = false
+# Optional: Exclude patterns (regex)
+exclude = [ "^https://crates\\.io", "^https://docs\\.rs" ]
+# Optional: HTTP request configuration
+warning-policy = "warn"
diff --git a/docs/guide/rule-engines.md b/docs/guide/rule-engines.md
@@ -5,47 +5,56 @@ httpjail provides three different rule engines for evaluating HTTP requests. Eac
 ## Available Engines
 
 ### JavaScript (V8)
+
 Fast, secure JavaScript evaluation using the V8 engine. Best for most use cases.
 
 **Pros:**
+
 - ⚡ Fastest performance (compiled and cached)
 - 🔒 Sandboxed execution environment
 - 📝 Familiar JavaScript syntax
 - 🎯 Direct access to request properties
 
 **Cons:**
+
 - Limited to JavaScript expressions
 - No external tool integration
 - No stateful operations between requests
 
 **Use when:** You need high-performance filtering with simple to moderate logic.
 
 ### Shell Scripts
+
 Execute shell scripts for each request with full system access.
 
 **Pros:**
+
 - 🔧 Full system access and tool integration
 - 📊 Can maintain state between requests
 - 🔗 Integrate with existing scripts and tools
 - 💾 Can query databases or external services
 
 **Cons:**
+
 - Slow (process spawn per request)
 - Security considerations with shell execution
 - Platform-specific behavior
 
 **Use when:** You need to integrate with existing tools or require complex system interactions.
 
 ### Line Processor
+
 Stream-based processing with line-by-line evaluation.
 
 **Pros:**
+
 - 🚀 Long-running process (no spawn overhead)
 - 📈 Can maintain state across requests
 - 🐍 Language agnostic (Python, Ruby, etc.)
 - 🔄 Bi-directional communication
 
 **Cons:**
+
 - More complex to implement
 - Requires handling the protocol correctly
 - Process management considerations
@@ -54,31 +63,37 @@ Stream-based processing with line-by-line evaluation.
 
 ## Performance Comparison
 
-| Engine | Startup Time | Per-Request Overhead | Memory Usage | Stateful |
-|--------|-------------|---------------------|--------------|----------|
-| JavaScript | Fast | ~0.1ms | Low | No |
-| Shell Script | None | ~10-50ms | Variable | No* |
-| Line Processor | Slow | ~0.5ms | Variable | Yes |
+| Engine         | Startup Time | Per-Request Overhead | Memory Usage | Stateful |
+| -------------- | ------------ | -------------------- | ------------ | -------- |
+| JavaScript     | Fast         | ~0.1ms               | Low          | No       |
+| Shell Script   | None         | ~10-50ms             | Variable     | No\*     |
+| Line Processor | Slow         | ~0.5ms               | Variable     | Yes      |
 
-*Shell scripts can use files for state but each invocation is independent
+\*Shell scripts can use files for state but each invocation is independent
 
 ## Choosing a Rule Engine
 
 ### For Production Use
+
 **JavaScript** is recommended for production environments due to:
+
 - Excellent performance
 - Predictable resource usage
 - Security isolation
 - Simple deployment
 
 ### For Development/Testing
+
 **Shell scripts** work well for:
+
 - Rapid prototyping
 - Integration testing
 - Debugging complex scenarios
 
 ### For Complex Filtering
+
 **Line Processor** excels at:
+
 - Machine learning models
 - Statistical analysis
 - Complex stateful logic
@@ -87,20 +102,24 @@ Stream-based processing with line-by-line evaluation.
 ## Examples
 
 ### Simple Host Filtering
+
 All three engines can handle basic filtering:
 
 **JavaScript:**
+
 ```bash
 httpjail --js "r.host === 'github.com'" -- command
 ```
 
 **Shell Script:**
+
 ```bash
 #!/bin/bash
 [[ "$HTTPJAIL_HOST" == "github.com" ]] && exit 0 || exit 1
 ```
 
 **Line Processor:**
+
 ```python
 #!/usr/bin/env python3
 import sys, json
@@ -110,23 +129,27 @@ for line in sys.stdin:
 ```
 
 ### Complex Logic
+
 For complex scenarios, consider the implementation complexity:
 
 **JavaScript** - Limited to expression evaluation:
+
 ```javascript
 // Complex but still performant
-const allowed = ['api.example.com', 'cdn.example.com'];
-allowed.includes(r.host) && r.method === 'GET' && r.path.startsWith('/v1/')
+const allowed = ["api.example.com", "cdn.example.com"];
+allowed.includes(r.host) && r.method === "GET" && r.path.startsWith("/v1/");
 ```
 
 **Shell Script** - Can use any tool but slow:
+
 ```bash
 #!/bin/bash
 # Check against database, but spawns process per request
 psql -c "SELECT allowed FROM rules WHERE host='$HTTPJAIL_HOST'" | grep -q true
 ```
 
 **Line Processor** - Best for complex stateful logic:
+
 ```python
 #!/usr/bin/env python3
 # Maintains state, handles thousands of requests efficiently
@@ -138,11 +161,11 @@ rate_limits = defaultdict(lambda: {"count": 0, "reset": time.time() + 60})
 for line in sys.stdin:
     req = json.loads(line)
     host_limit = rate_limits[req["host"]]
-    
+
     if time.time() > host_limit["reset"]:
         host_limit["count"] = 0
         host_limit["reset"] = time.time() + 60
-    
+
     if host_limit["count"] < 100:  # 100 requests per minute
         host_limit["count"] += 1
         print("allow")
@@ -151,20 +174,6 @@ for line in sys.stdin:
     sys.stdout.flush()
 ```
 
-## Migration Path
-
-Starting with JavaScript and need more features? Here's the typical migration path:
-
-1. **Start with JavaScript** for simple rules
-2. **Move to Shell Scripts** when you need external tools
-3. **Upgrade to Line Processor** for high-volume or stateful filtering
-
-## Security Considerations
-
-- **JavaScript**: Fully sandboxed, safe for untrusted rules
-- **Shell Scripts**: Run with httpjail's privileges, validate all inputs
-- **Line Processor**: Depends on implementation language, consider using containers
-
 ## Next Steps
 
 - [JavaScript Rules](./javascript-rules.md) - Learn the JavaScript API
diff --git a/docs/introduction.md b/docs/introduction.md
@@ -46,6 +46,18 @@ httpjail creates an isolated network environment for your process:
 3. **Rule Evaluation**: Each request is evaluated against your configured rules
 4. **Action**: Requests are either allowed through or blocked based on the evaluation
 
+```mermaid
+graph LR
+    A[Application] -->|HTTP/HTTPS Request| B[httpjail Proxy]
+    B --> C{Rule Engine}
+    C -->|Allow| D[Forward to Target]
+    C -->|Deny| E[Return 403]
+    D --> F[Target Server]
+    F -->|Response| B
+    B -->|Response| A
+    E -->|Error| A
+```
+
 ## Getting Started
 
 The simplest way to use httpjail is with JavaScript rules:
diff --git a/mermaid-init.js b/mermaid-init.js
@@ -0,0 +1,39 @@
+// This Source Code Form is subject to the terms of the Mozilla Public
+// License, v. 2.0. If a copy of the MPL was not distributed with this
+// file, You can obtain one at https://mozilla.org/MPL/2.0/.
+
+(() => {
+    const darkThemes = ['ayu', 'navy', 'coal'];
+    const lightThemes = ['light', 'rust'];
+
+    const classList = document.getElementsByTagName('html')[0].classList;
+
+    let lastThemeWasLight = true;
+    for (const cssClass of classList) {
+        if (darkThemes.includes(cssClass)) {
+            lastThemeWasLight = false;
+            break;
+        }
+    }
+
+    const theme = lastThemeWasLight ? 'default' : 'dark';
+    mermaid.initialize({ startOnLoad: true, theme });
+
+    // Simplest way to make mermaid re-render the diagrams in the new theme is via refreshing the page
+
+    for (const darkTheme of darkThemes) {
+        document.getElementById(darkTheme).addEventListener('click', () => {
+            if (lastThemeWasLight) {
+                window.location.reload();
+            }
+        });
+    }
+
+    for (const lightTheme of lightThemes) {
+        document.getElementById(lightTheme).addEventListener('click', () => {
+            if (!lastThemeWasLight) {
+                window.location.reload();
+            }
+        });
+    }
+})();
diff --git a/mermaid.min.js b/mermaid.min.js
