jramos/cve-dashboard
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
11d9fec3ec057abc395f06a7b059caed74cb5482
cve-dashboard/frontend/src/App.js

188 lines
9.0 KiB
JavaScript
Raw Normal View History

Refactor home page: extract components, add toast system, debounce search Major restructuring of the monolithic App.js (2484 lines) into focused, testable components: Architecture: - App.js is now a 189-line routing shell (header, nav, page switching) - HomePage.js orchestrates all home page state and layout - Each visual section is its own component with clear props API Extracted components: - StatsBar: clickable stat cards that filter by severity - QuickCVELookup: CVE existence check with inline results - CVEFilters: search + vendor/severity dropdowns - CVECard: expandable CVE with vendor entries, docs, tickets - OpenTicketsPanel: right sidebar open JIRA tickets - IvantiWorkflowPanel: right sidebar Ivanti workflow status + archive Extracted modals: - AddCVEModal: self-contained add form with NVD auto-fill - EditCVEModal: self-contained edit form with NVD update - JiraTicketModal: unified add/edit JIRA ticket modal - ArcherTicketModal: unified add/edit Archer ticket modal Performance optimizations: - Debounced search (300ms) via useDebounce hook — eliminates redundant API calls on every keystroke - Memoized groupedCVEs, openTicketCount, criticalCount via useMemo - Proper state updates (no direct mutation of cveDocuments) - useCallback on fetch functions to stabilize effect dependencies UX improvements: - Toast notification system replaces all alert() calls - Stat cards are now clickable to filter CVE list by severity - onKeyDown replaces deprecated onKeyPress - aria-labels added to interactive elements Infrastructure: - ToastContext with auto-dismiss, typed toasts (success/error/warning/info) - useDebounce custom hook for reuse across the app - Toast slide-in animation in App.css
2026-06-23 11:46:39 -06:00
import React, { useState } from 'react';
import { Plus, RefreshCw, Menu, Loader } from 'lucide-react';
added required code changes, components, and packages for login feature
2026-01-28 14:36:33 -07:00
import { useAuth } from './contexts/AuthContext';
import LoginForm from './components/LoginForm';
import UserMenu from './components/UserMenu';
import UserManagement from './components/UserManagement';
Audit logging feature files
2026-01-29 15:10:29 -07:00
import AuditLog from './components/AuditLog';
Added NVD lookup features and optional NVD API key in .env file
2026-02-02 10:50:38 -07:00
import NvdSyncModal from './components/NvdSyncModal';
Add hamburger nav menu with 4-page navigation structure - NavDrawer component: slide-in left drawer with backdrop, matches dark theme - Nav items: Home, Reporting, Knowledge Base, Exports with color-coded icons - Active page highlighted with colored background + indicator dot - Placeholder pages for Reporting (amber), Knowledge Base (green), Exports (purple) - Stats bar and three-column layout conditionally render on Home page only - currentPage state drives all page switching Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-11 11:47:03 -06:00
import NavDrawer from './components/NavDrawer';
fix: move AdminScopeToggle from NavDrawer to main header bar Places the scope toggle next to the UserMenu avatar in the top-right header area so it's always visible without opening the nav drawer.
2026-05-05 11:21:59 -06:00
import AdminScopeToggle from './components/AdminScopeToggle';
feat(triage): Ivanti findings trend chart + rename Reporting to Vulnerability Triage Add time-based open/closed tracking for Ivanti findings (Tier 2 from the reporting recommendations doc) and rename the Reporting page to Vulnerability Triage to better reflect its purpose. Backend — ivantiFindings.js: - Create ivanti_counts_history table (appended on every sync, never overwritten — Option B from design discussion) - INSERT snapshot after each successful syncClosedCount() call - GET /api/ivanti/findings/counts/history endpoint — returns last snapshot per calendar day using ROW_NUMBER window function, so multiple daily syncs collapse to the end-of-day value Frontend: - New IvantiCountsChart component: collapsible dual-line chart (open vs closed) with dark tooltip, delta label showing change since previous day, and graceful no-data states - Chart placed between the donut metrics panel and the findings table on the Vulnerability Triage page - Renamed page: 'reporting' → 'triage' (page ID, nav label, component export, all cross-file references) - ComplianceDetailPanel "View in Reporting" link updated to "View in Triage" and navigates to the correct page ID Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-02 10:12:04 -06:00
import VulnerabilityTriagePage from './components/pages/ReportingPage';
Add hamburger nav menu with 4-page navigation structure - NavDrawer component: slide-in left drawer with backdrop, matches dark theme - Nav items: Home, Reporting, Knowledge Base, Exports with color-coded icons - Active page highlighted with colored background + indicator dot - Placeholder pages for Reporting (amber), Knowledge Base (green), Exports (purple) - Stats bar and three-column layout conditionally render on Home page only - currentPage state drives all page switching Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-11 11:47:03 -06:00
import KnowledgeBasePage from './components/pages/KnowledgeBasePage';
import ExportsPage from './components/pages/ExportsPage';
feat(compliance): add AEO compliance frontend - CompliancePage: team tabs (STEAM/ACCESS-ENG), metric health cards with click-to-filter, device table with Active/Resolved tabs, hostname search, seen-count badges, notes indicator, empty/loading/error states - ComplianceUploadModal: phased flow (idle→upload→preview→commit→done), drag-and-drop xlsx drop zone, diff summary before commit - ComplianceDetailPanel: slide-out panel with failing metrics, surfaced extra fields (CVEs, SLA, OS, Splunk), upload history, notes timeline, per-metric note add with Ctrl+Enter submit - NavDrawer: add Compliance nav item (teal, ShieldCheck icon) - App.js: import and render CompliancePage on compliance route - Fix SQL join bug in compliance route (lu ON upload_id = lu.id) - Fix groupByHostname to use max last_seen across all metric rows
2026-03-31 15:14:51 -06:00
import CompliancePage from './components/pages/CompliancePage';
Add CCP Metrics page with multi-vertical VCL upload and cross-org reporting New feature: multi-file per-vertical compliance xlsx upload with scoped resolution logic, executive-level aggregated reporting, and drill-down by vertical and metric. Supports daily upload cadence and batch commit. Backend: - Migration: add vertical column to compliance_items/uploads, create vcl_multi_vertical_summary table - New route module: routes/vclMultiVertical.js with preview, commit, stats, trend, metric drill-down, device list, and burndown endpoints - New helpers: parseVerticalFilename(), computeVerticalBurndown() - Vertical-scoped resolution: uploading one vertical never resolves items from other verticals Frontend: - CCPMetricsPage with stats bar, trend chart, donut, vertical table - Drill-down: vertical -> metrics by category -> device list - Per-vertical burndown forecast chart - MultiVerticalUploadModal: multi-file drag-drop, batch preview, commit - Nav entry: CCP Metrics (Building2 icon) Docs: - Design brief for stakeholder meeting (docs/vcl-multi-vertical-design-brief.md)
2026-05-14 09:49:59 -06:00
import CCPMetricsPage from './components/pages/CCPMetricsPage';
Add CARD API integration spec, Atlas metrics updates, NavDrawer and server.js cleanup, reference docs
2026-04-28 16:38:18 +00:00
import JiraPage from './components/pages/JiraPage';
Add themed admin page with user management, audit log, and system info panels; add compliance note delete functionality
2026-04-20 21:39:43 +00:00
import AdminPage from './components/pages/AdminPage';
Add Archer Template Library for risk acceptance form reuse Adds a template management system to the Ivanti Queue's Archer Risk Acceptance workflow. Templates store static form content (Environment Overview, Segmentation, Mitigating Controls, etc.) organized by Vendor > Platform > Model hierarchy. Features: - Full CRUD API at /api/archer-templates with search, filter, clone, and hierarchy navigation endpoints - Template Manager page (nav: Template Mgr) with grouped list view, create/edit/clone/delete modals, role-based access - TemplateSelector component integrated into Ivanti Todo Queue for Archer workflow items with per-section copy-to-clipboard buttons and Copy All functionality - Database migration with case-insensitive uniqueness enforcement - Audit logging for all template mutations New files: - backend/migrations/add_archer_templates_table.js - backend/routes/archerTemplates.js - frontend/src/components/pages/ArcherTemplatePage.js - frontend/src/components/TemplateSelector.js - frontend/src/components/TemplateFormModal.js - frontend/src/components/DeleteConfirmModal.js
2026-06-02 16:08:25 -06:00
import ArcherTemplatePage from './components/pages/ArcherTemplatePage';
Refactor home page: extract components, add toast system, debounce search Major restructuring of the monolithic App.js (2484 lines) into focused, testable components: Architecture: - App.js is now a 189-line routing shell (header, nav, page switching) - HomePage.js orchestrates all home page state and layout - Each visual section is its own component with clear props API Extracted components: - StatsBar: clickable stat cards that filter by severity - QuickCVELookup: CVE existence check with inline results - CVEFilters: search + vendor/severity dropdowns - CVECard: expandable CVE with vendor entries, docs, tickets - OpenTicketsPanel: right sidebar open JIRA tickets - IvantiWorkflowPanel: right sidebar Ivanti workflow status + archive Extracted modals: - AddCVEModal: self-contained add form with NVD auto-fill - EditCVEModal: self-contained edit form with NVD update - JiraTicketModal: unified add/edit JIRA ticket modal - ArcherTicketModal: unified add/edit Archer ticket modal Performance optimizations: - Debounced search (300ms) via useDebounce hook — eliminates redundant API calls on every keystroke - Memoized groupedCVEs, openTicketCount, criticalCount via useMemo - Proper state updates (no direct mutation of cveDocuments) - useCallback on fetch functions to stabilize effect dependencies UX improvements: - Toast notification system replaces all alert() calls - Stat cards are now clickable to filter CVE list by severity - onKeyDown replaces deprecated onKeyPress - aria-labels added to interactive elements Infrastructure: - ToastContext with auto-dismiss, typed toasts (success/error/warning/info) - useDebounce custom hook for reuse across the app - Toast slide-in animation in App.css
2026-06-23 11:46:39 -06:00
import HomePage from './components/pages/HomePage';
Add CI/CD pipeline, feedback modal, Atlas qualys_id fallback, and health endpoint - Rewrite .gitlab-ci.yml with proper stages, blocking tests, staging environment on dev box, and SSH-based production deploy to 71.85.90.6 - Add POST /api/health endpoint for pipeline verification - Add POST /atlas/hosts/:hostId/refresh-cache for Atlas cache staleness - AtlasSlideOutPanel: auto-resolve qualys_id from Atlas vulnerabilities, prefer qualys_id over active_host_findings_id, retry on failure - Add FeedbackModal component with bug report button in header and feature request in UserMenu, creates GitLab issues via /api/feedback - Fix all frontend test failures (ESM transforms, TextDecoder polyfill, fast-check resolution, App.test.js boilerplate replacement) - Fix root package.json test script to run jest - Add deploy/ directory with staging systemd service and setup script
2026-05-08 12:47:39 -06:00
import FeedbackModal from './components/FeedbackModal';
Replace Webex bot with in-app notification system Org blocks external Webex bots, so replaced the DM approach with an in-app notification bell. GitLab webhook still fires on issue close, but now writes to a notifications table instead of calling Webex API. - New: notifications table + migration - New: GET/PATCH/POST /api/notifications endpoints - New: NotificationBell component (bell icon + badge + dropdown) - Removed: backend/helpers/webexBot.js (org-blocked) - Removed: WEBEX_BOT_TOKEN from .env
2026-05-18 17:15:05 -06:00
import NotificationBell from './components/NotificationBell';
Add page visibility by group with centralized matrix Introduce a Page Visibility Matrix that controls which pages each user group can access, enforced in both frontend and backend: Frontend: - Create frontend/src/config/pageVisibility.js with PAGE_VISIBILITY matrix and canAccessPage() / getAccessiblePages() helpers - NavDrawer: replace inline requiredGroups with canAccessPage() filter - App.js: replace per-page isInGroup()/isAdmin() checks with generic route guard in setCurrentPage; remove VALID_PAGES constant - localStorage validation: verify persisted page is accessible on load Backend (page-level access enforcement): - jiraTickets.js: add router-level requireGroup('Admin','Standard_User') - archerTemplates.js: add router-level requireGroup('Admin','Standard_User') - VCL multi-vertical already had requireGroup('Admin','Leadership') Visibility matrix: - Home, Knowledge Base: all groups - Triage, Compliance, Exports: Admin, Standard_User, Leadership - CCP Metrics: Admin, Leadership - Jira, Archer Templates: Admin, Standard_User - Admin Panel: Admin only - Read_Only sees only Home and Knowledge Base
2026-06-24 11:41:50 -06:00
import { canAccessPage } from './config/pageVisibility';
drastic changes
2026-02-10 10:12:56 -07:00
import './App.css';
fix: Add frontend files (not as submodule)
2026-01-27 04:08:35 +00:00
export default function App() {
Add page visibility by group with centralized matrix Introduce a Page Visibility Matrix that controls which pages each user group can access, enforced in both frontend and backend: Frontend: - Create frontend/src/config/pageVisibility.js with PAGE_VISIBILITY matrix and canAccessPage() / getAccessiblePages() helpers - NavDrawer: replace inline requiredGroups with canAccessPage() filter - App.js: replace per-page isInGroup()/isAdmin() checks with generic route guard in setCurrentPage; remove VALID_PAGES constant - localStorage validation: verify persisted page is accessible on load Backend (page-level access enforcement): - jiraTickets.js: add router-level requireGroup('Admin','Standard_User') - archerTemplates.js: add router-level requireGroup('Admin','Standard_User') - VCL multi-vertical already had requireGroup('Admin','Leadership') Visibility matrix: - Home, Knowledge Base: all groups - Triage, Compliance, Exports: Admin, Standard_User, Leadership - CCP Metrics: Admin, Leadership - Jira, Archer Templates: Admin, Standard_User - Admin Panel: Admin only - Read_Only sees only Home and Knowledge Base
2026-06-24 11:41:50 -06:00
const { isAuthenticated, loading: authLoading, canWrite, user } = useAuth();
Refactor home page: extract components, add toast system, debounce search Major restructuring of the monolithic App.js (2484 lines) into focused, testable components: Architecture: - App.js is now a 189-line routing shell (header, nav, page switching) - HomePage.js orchestrates all home page state and layout - Each visual section is its own component with clear props API Extracted components: - StatsBar: clickable stat cards that filter by severity - QuickCVELookup: CVE existence check with inline results - CVEFilters: search + vendor/severity dropdowns - CVECard: expandable CVE with vendor entries, docs, tickets - OpenTicketsPanel: right sidebar open JIRA tickets - IvantiWorkflowPanel: right sidebar Ivanti workflow status + archive Extracted modals: - AddCVEModal: self-contained add form with NVD auto-fill - EditCVEModal: self-contained edit form with NVD update - JiraTicketModal: unified add/edit JIRA ticket modal - ArcherTicketModal: unified add/edit Archer ticket modal Performance optimizations: - Debounced search (300ms) via useDebounce hook — eliminates redundant API calls on every keystroke - Memoized groupedCVEs, openTicketCount, criticalCount via useMemo - Proper state updates (no direct mutation of cveDocuments) - useCallback on fetch functions to stabilize effect dependencies UX improvements: - Toast notification system replaces all alert() calls - Stat cards are now clickable to filter CVE list by severity - onKeyDown replaces deprecated onKeyPress - aria-labels added to interactive elements Infrastructure: - ToastContext with auto-dismiss, typed toasts (success/error/warning/info) - useDebounce custom hook for reuse across the app - Toast slide-in animation in App.css
2026-06-23 11:46:39 -06:00
feat: add return classification for archive chart, CARD API integration, compliance charts, systemd services
2026-05-01 17:15:41 +00:00
const [currentPage, setCurrentPageRaw] = useState(() => {
try {
const saved = localStorage.getItem('cve-dashboard-page');
Add page visibility by group with centralized matrix Introduce a Page Visibility Matrix that controls which pages each user group can access, enforced in both frontend and backend: Frontend: - Create frontend/src/config/pageVisibility.js with PAGE_VISIBILITY matrix and canAccessPage() / getAccessiblePages() helpers - NavDrawer: replace inline requiredGroups with canAccessPage() filter - App.js: replace per-page isInGroup()/isAdmin() checks with generic route guard in setCurrentPage; remove VALID_PAGES constant - localStorage validation: verify persisted page is accessible on load Backend (page-level access enforcement): - jiraTickets.js: add router-level requireGroup('Admin','Standard_User') - archerTemplates.js: add router-level requireGroup('Admin','Standard_User') - VCL multi-vertical already had requireGroup('Admin','Leadership') Visibility matrix: - Home, Knowledge Base: all groups - Triage, Compliance, Exports: Admin, Standard_User, Leadership - CCP Metrics: Admin, Leadership - Jira, Archer Templates: Admin, Standard_User - Admin Panel: Admin only - Read_Only sees only Home and Knowledge Base
2026-06-24 11:41:50 -06:00
return saved && canAccessPage(saved, user?.group) ? saved : 'home';
feat: add return classification for archive chart, CARD API integration, compliance charts, systemd services
2026-05-01 17:15:41 +00:00
} catch { return 'home'; }
});
const setCurrentPage = (page) => {
Add page visibility by group with centralized matrix Introduce a Page Visibility Matrix that controls which pages each user group can access, enforced in both frontend and backend: Frontend: - Create frontend/src/config/pageVisibility.js with PAGE_VISIBILITY matrix and canAccessPage() / getAccessiblePages() helpers - NavDrawer: replace inline requiredGroups with canAccessPage() filter - App.js: replace per-page isInGroup()/isAdmin() checks with generic route guard in setCurrentPage; remove VALID_PAGES constant - localStorage validation: verify persisted page is accessible on load Backend (page-level access enforcement): - jiraTickets.js: add router-level requireGroup('Admin','Standard_User') - archerTemplates.js: add router-level requireGroup('Admin','Standard_User') - VCL multi-vertical already had requireGroup('Admin','Leadership') Visibility matrix: - Home, Knowledge Base: all groups - Triage, Compliance, Exports: Admin, Standard_User, Leadership - CCP Metrics: Admin, Leadership - Jira, Archer Templates: Admin, Standard_User - Admin Panel: Admin only - Read_Only sees only Home and Knowledge Base
2026-06-24 11:41:50 -06:00
if (!canAccessPage(page, user?.group)) { setCurrentPageRaw('home'); return; }
feat: add return classification for archive chart, CARD API integration, compliance charts, systemd services
2026-05-01 17:15:41 +00:00
setCurrentPageRaw(page);
try { localStorage.setItem('cve-dashboard-page', page); } catch {}
};
Refactor home page: extract components, add toast system, debounce search Major restructuring of the monolithic App.js (2484 lines) into focused, testable components: Architecture: - App.js is now a 189-line routing shell (header, nav, page switching) - HomePage.js orchestrates all home page state and layout - Each visual section is its own component with clear props API Extracted components: - StatsBar: clickable stat cards that filter by severity - QuickCVELookup: CVE existence check with inline results - CVEFilters: search + vendor/severity dropdowns - CVECard: expandable CVE with vendor entries, docs, tickets - OpenTicketsPanel: right sidebar open JIRA tickets - IvantiWorkflowPanel: right sidebar Ivanti workflow status + archive Extracted modals: - AddCVEModal: self-contained add form with NVD auto-fill - EditCVEModal: self-contained edit form with NVD update - JiraTicketModal: unified add/edit JIRA ticket modal - ArcherTicketModal: unified add/edit Archer ticket modal Performance optimizations: - Debounced search (300ms) via useDebounce hook — eliminates redundant API calls on every keystroke - Memoized groupedCVEs, openTicketCount, criticalCount via useMemo - Proper state updates (no direct mutation of cveDocuments) - useCallback on fetch functions to stabilize effect dependencies UX improvements: - Toast notification system replaces all alert() calls - Stat cards are now clickable to filter CVE list by severity - onKeyDown replaces deprecated onKeyPress - aria-labels added to interactive elements Infrastructure: - ToastContext with auto-dismiss, typed toasts (success/error/warning/info) - useDebounce custom hook for reuse across the app - Toast slide-in animation in App.css
2026-06-23 11:46:39 -06:00
Add hamburger nav menu with 4-page navigation structure - NavDrawer component: slide-in left drawer with backdrop, matches dark theme - Nav items: Home, Reporting, Knowledge Base, Exports with color-coded icons - Active page highlighted with colored background + indicator dot - Placeholder pages for Reporting (amber), Knowledge Base (green), Exports (purple) - Stats bar and three-column layout conditionally render on Home page only - currentPage state drives all page switching Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-11 11:47:03 -06:00
const [navOpen, setNavOpen] = useState(false);
feat(calendar): click due-date day to navigate to filtered Reporting view - CalendarWidget accepts onDateClick prop; due-date cells are clickable with pointer cursor, red hover highlight, and updated tooltip - App.js wires onDateClick: sets calendarFilter state and navigates to the Reporting page - NavDrawer navigation to Reporting clears calendarFilter so it only applies on calendar-initiated navigation - ReportingPage accepts filterDate prop; initializes columnFilters with { dueDate: Set([filterDate]) } so the view lands pre-filtered - Existing Clear Filters button lets the user dismiss the filter normally Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-11 14:09:08 -06:00
const [calendarFilter, setCalendarFilter] = useState(null);
feat(reporting): Action Coverage chart + Archer Exception linking Replace FP# Workflow chart with a 3-segment Action Coverage donut: - FP Request — finding has an Ivanti FP# workflow - Archer Exception — note matches EXC-\d+ pattern - Pending — no action taken yet Clicking a segment filters the findings table to that category with a colored badge in the action bar (click again or × to clear). Home page: each Archer ticket now has a filter icon button that navigates directly to the Reporting page pre-filtered to findings whose notes reference that EXC number. The EXC badge appears in the table action bar with a one-click clear. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-13 13:06:54 -06:00
const [reportingExcFilter, setReportingExcFilter] = useState(null);
fix: Add frontend files (not as submodule)
2026-01-27 04:08:35 +00:00
const [showAddCVE, setShowAddCVE] = useState(false);
added required code changes, components, and packages for login feature
2026-01-28 14:36:33 -07:00
const [showUserManagement, setShowUserManagement] = useState(false);
Audit logging feature files
2026-01-29 15:10:29 -07:00
const [showAuditLog, setShowAuditLog] = useState(false);
Add CI/CD pipeline, feedback modal, Atlas qualys_id fallback, and health endpoint - Rewrite .gitlab-ci.yml with proper stages, blocking tests, staging environment on dev box, and SSH-based production deploy to 71.85.90.6 - Add POST /api/health endpoint for pipeline verification - Add POST /atlas/hosts/:hostId/refresh-cache for Atlas cache staleness - AtlasSlideOutPanel: auto-resolve qualys_id from Atlas vulnerabilities, prefer qualys_id over active_host_findings_id, retry on failure - Add FeedbackModal component with bug report button in header and feature request in UserMenu, creates GitLab issues via /api/feedback - Fix all frontend test failures (ESM transforms, TextDecoder polyfill, fast-check resolution, App.test.js boilerplate replacement) - Fix root package.json test script to run jest - Add deploy/ directory with staging systemd service and setup script
2026-05-08 12:47:39 -06:00
const [showFeedback, setShowFeedback] = useState(false);
const [feedbackType, setFeedbackType] = useState('bug');
Added NVD lookup features and optional NVD API key in .env file
2026-02-02 10:50:38 -07:00
const [showNvdSync, setShowNvdSync] = useState(false);
Added tweaks to allow edits/deletes of cve and vendors or to fix typos
2026-02-02 11:33:44 -07:00
Refactor home page: extract components, add toast system, debounce search Major restructuring of the monolithic App.js (2484 lines) into focused, testable components: Architecture: - App.js is now a 189-line routing shell (header, nav, page switching) - HomePage.js orchestrates all home page state and layout - Each visual section is its own component with clear props API Extracted components: - StatsBar: clickable stat cards that filter by severity - QuickCVELookup: CVE existence check with inline results - CVEFilters: search + vendor/severity dropdowns - CVECard: expandable CVE with vendor entries, docs, tickets - OpenTicketsPanel: right sidebar open JIRA tickets - IvantiWorkflowPanel: right sidebar Ivanti workflow status + archive Extracted modals: - AddCVEModal: self-contained add form with NVD auto-fill - EditCVEModal: self-contained edit form with NVD update - JiraTicketModal: unified add/edit JIRA ticket modal - ArcherTicketModal: unified add/edit Archer ticket modal Performance optimizations: - Debounced search (300ms) via useDebounce hook — eliminates redundant API calls on every keystroke - Memoized groupedCVEs, openTicketCount, criticalCount via useMemo - Proper state updates (no direct mutation of cveDocuments) - useCallback on fetch functions to stabilize effect dependencies UX improvements: - Toast notification system replaces all alert() calls - Stat cards are now clickable to filter CVE list by severity - onKeyDown replaces deprecated onKeyPress - aria-labels added to interactive elements Infrastructure: - ToastContext with auto-dismiss, typed toasts (success/error/warning/info) - useDebounce custom hook for reuse across the app - Toast slide-in animation in App.css
2026-06-23 11:46:39 -06:00
// Navigation handler that accepts optional context (filters)
const handleNavigate = (page, context) => {
if (page === 'triage') {
setCalendarFilter(context?.calendarFilter || null);
setReportingExcFilter(context?.reportingExcFilter || null);
Added tweaks to allow edits/deletes of cve and vendors or to fix typos
2026-02-02 11:33:44 -07:00
}
Refactor home page: extract components, add toast system, debounce search Major restructuring of the monolithic App.js (2484 lines) into focused, testable components: Architecture: - App.js is now a 189-line routing shell (header, nav, page switching) - HomePage.js orchestrates all home page state and layout - Each visual section is its own component with clear props API Extracted components: - StatsBar: clickable stat cards that filter by severity - QuickCVELookup: CVE existence check with inline results - CVEFilters: search + vendor/severity dropdowns - CVECard: expandable CVE with vendor entries, docs, tickets - OpenTicketsPanel: right sidebar open JIRA tickets - IvantiWorkflowPanel: right sidebar Ivanti workflow status + archive Extracted modals: - AddCVEModal: self-contained add form with NVD auto-fill - EditCVEModal: self-contained edit form with NVD update - JiraTicketModal: unified add/edit JIRA ticket modal - ArcherTicketModal: unified add/edit Archer ticket modal Performance optimizations: - Debounced search (300ms) via useDebounce hook — eliminates redundant API calls on every keystroke - Memoized groupedCVEs, openTicketCount, criticalCount via useMemo - Proper state updates (no direct mutation of cveDocuments) - useCallback on fetch functions to stabilize effect dependencies UX improvements: - Toast notification system replaces all alert() calls - Stat cards are now clickable to filter CVE list by severity - onKeyDown replaces deprecated onKeyPress - aria-labels added to interactive elements Infrastructure: - ToastContext with auto-dismiss, typed toasts (success/error/warning/info) - useDebounce custom hook for reuse across the app - Toast slide-in animation in App.css
2026-06-23 11:46:39 -06:00
setCurrentPage(page);
Added tweaks to allow edits/deletes of cve and vendors or to fix typos
2026-02-02 11:33:44 -07:00
};
added required code changes, components, and packages for login feature
2026-01-28 14:36:33 -07:00
// Show loading while checking auth
if (authLoading) {
return (
<div className="min-h-screen bg-gray-100 flex items-center justify-center">
<div className="text-center">
<Loader className="w-12 h-12 text-[#0476D9] mx-auto animate-spin" />
<p className="text-gray-600 mt-4">Loading...</p>
</div>
</div>
);
}
// Show login if not authenticated
if (!isAuthenticated) {
return <LoginForm />;
}
fix: Add frontend files (not as submodule)
2026-01-27 04:08:35 +00:00
return (
Transform CVE Dashboard to tactical intelligence platform aesthetic Implemented a sophisticated cyber-intelligence visual design with: DESIGN DIRECTION: - "Tactical Intelligence Command Center" aesthetic - Typography: JetBrains Mono for data/code + Outfit for UI labels - Color Palette: Deep navy (#0A0E27) base with electric cyan (#00D9FF) accents - Visual Language: Grid patterns, glowing borders, scanning animations - Motion: Smooth fade-ins, pulse effects, hover transformations FRONTEND CHANGES: - Redesigned App.css with comprehensive intelligence dashboard theme - Custom CSS classes: intel-card, intel-button, intel-input, status-badge - Added scanning line animations and pulse glow effects - Implemented grid background pattern and scrollbar styling COMPONENT UPDATES: - App.js: Transformed all UI sections to intel theme - Header with stats dashboard - Search/filter cards - CVE list with expandable cards - Document management - Quick check interface - JIRA ticket tracking - LoginForm.js: Redesigned authentication portal - All modals: Add/Edit CVE, Add/Edit JIRA tickets UI FEATURES: - Monospace fonts for technical data - Glowing accent borders on interactive elements - Status badges with animated pulse indicators - Data rows with hover states - Responsive grid layouts - Modal overlays with backdrop blur TECHNICAL: - Tailwind CSS extended with custom intel theme - Google Fonts: JetBrains Mono & Outfit - Maintained all existing functionality - Build tested successfully - No breaking changes to business logic Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-02-10 09:34:22 -07:00
<div className="min-h-screen bg-intel-darkest grid-bg p-6 relative overflow-hidden fade-in">
Add hamburger nav menu with 4-page navigation structure - NavDrawer component: slide-in left drawer with backdrop, matches dark theme - Nav items: Home, Reporting, Knowledge Base, Exports with color-coded icons - Active page highlighted with colored background + indicator dot - Placeholder pages for Reporting (amber), Knowledge Base (green), Exports (purple) - Stats bar and three-column layout conditionally render on Home page only - currentPage state drives all page switching Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-11 11:47:03 -06:00
<NavDrawer
isOpen={navOpen}
onClose={() => setNavOpen(false)}
currentPage={currentPage}
feat(calendar): click due-date day to navigate to filtered Reporting view - CalendarWidget accepts onDateClick prop; due-date cells are clickable with pointer cursor, red hover highlight, and updated tooltip - App.js wires onDateClick: sets calendarFilter state and navigates to the Reporting page - NavDrawer navigation to Reporting clears calendarFilter so it only applies on calendar-initiated navigation - ReportingPage accepts filterDate prop; initializes columnFilters with { dueDate: Set([filterDate]) } so the view lands pre-filtered - Existing Clear Filters button lets the user dismiss the filter normally Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-11 14:09:08 -06:00
onNavigate={(page) => {
feat(triage): Ivanti findings trend chart + rename Reporting to Vulnerability Triage Add time-based open/closed tracking for Ivanti findings (Tier 2 from the reporting recommendations doc) and rename the Reporting page to Vulnerability Triage to better reflect its purpose. Backend — ivantiFindings.js: - Create ivanti_counts_history table (appended on every sync, never overwritten — Option B from design discussion) - INSERT snapshot after each successful syncClosedCount() call - GET /api/ivanti/findings/counts/history endpoint — returns last snapshot per calendar day using ROW_NUMBER window function, so multiple daily syncs collapse to the end-of-day value Frontend: - New IvantiCountsChart component: collapsible dual-line chart (open vs closed) with dark tooltip, delta label showing change since previous day, and graceful no-data states - Chart placed between the donut metrics panel and the findings table on the Vulnerability Triage page - Renamed page: 'reporting' → 'triage' (page ID, nav label, component export, all cross-file references) - ComplianceDetailPanel "View in Reporting" link updated to "View in Triage" and navigates to the correct page ID Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-02 10:12:04 -06:00
if (page === 'triage') { setCalendarFilter(null); setReportingExcFilter(null); }
feat(calendar): click due-date day to navigate to filtered Reporting view - CalendarWidget accepts onDateClick prop; due-date cells are clickable with pointer cursor, red hover highlight, and updated tooltip - App.js wires onDateClick: sets calendarFilter state and navigates to the Reporting page - NavDrawer navigation to Reporting clears calendarFilter so it only applies on calendar-initiated navigation - ReportingPage accepts filterDate prop; initializes columnFilters with { dueDate: Set([filterDate]) } so the view lands pre-filtered - Existing Clear Filters button lets the user dismiss the filter normally Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-11 14:09:08 -06:00
setCurrentPage(page);
}}
Add hamburger nav menu with 4-page navigation structure - NavDrawer component: slide-in left drawer with backdrop, matches dark theme - Nav items: Home, Reporting, Knowledge Base, Exports with color-coded icons - Active page highlighted with colored background + indicator dot - Placeholder pages for Reporting (amber), Knowledge Base (green), Exports (purple) - Stats bar and three-column layout conditionally render on Home page only - currentPage state drives all page switching Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-11 11:47:03 -06:00
/>
Transform CVE Dashboard to tactical intelligence platform aesthetic Implemented a sophisticated cyber-intelligence visual design with: DESIGN DIRECTION: - "Tactical Intelligence Command Center" aesthetic - Typography: JetBrains Mono for data/code + Outfit for UI labels - Color Palette: Deep navy (#0A0E27) base with electric cyan (#00D9FF) accents - Visual Language: Grid patterns, glowing borders, scanning animations - Motion: Smooth fade-ins, pulse effects, hover transformations FRONTEND CHANGES: - Redesigned App.css with comprehensive intelligence dashboard theme - Custom CSS classes: intel-card, intel-button, intel-input, status-badge - Added scanning line animations and pulse glow effects - Implemented grid background pattern and scrollbar styling COMPONENT UPDATES: - App.js: Transformed all UI sections to intel theme - Header with stats dashboard - Search/filter cards - CVE list with expandable cards - Document management - Quick check interface - JIRA ticket tracking - LoginForm.js: Redesigned authentication portal - All modals: Add/Edit CVE, Add/Edit JIRA tickets UI FEATURES: - Monospace fonts for technical data - Glowing accent borders on interactive elements - Status badges with animated pulse indicators - Data rows with hover states - Responsive grid layouts - Modal overlays with backdrop blur TECHNICAL: - Tailwind CSS extended with custom intel theme - Google Fonts: JetBrains Mono & Outfit - Maintained all existing functionality - Build tested successfully - No breaking changes to business logic Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-02-10 09:34:22 -07:00
{/* Scanning line effect */}
<div className="scan-line"></div>
feat(triage): Ivanti findings trend chart + rename Reporting to Vulnerability Triage Add time-based open/closed tracking for Ivanti findings (Tier 2 from the reporting recommendations doc) and rename the Reporting page to Vulnerability Triage to better reflect its purpose. Backend — ivantiFindings.js: - Create ivanti_counts_history table (appended on every sync, never overwritten — Option B from design discussion) - INSERT snapshot after each successful syncClosedCount() call - GET /api/ivanti/findings/counts/history endpoint — returns last snapshot per calendar day using ROW_NUMBER window function, so multiple daily syncs collapse to the end-of-day value Frontend: - New IvantiCountsChart component: collapsible dual-line chart (open vs closed) with dark tooltip, delta label showing change since previous day, and graceful no-data states - Chart placed between the donut metrics panel and the findings table on the Vulnerability Triage page - Renamed page: 'reporting' → 'triage' (page ID, nav label, component export, all cross-file references) - ComplianceDetailPanel "View in Reporting" link updated to "View in Triage" and navigates to the correct page ID Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-02 10:12:04 -06:00
<div className={`${currentPage === 'triage' ? 'w-full' : 'max-w-7xl mx-auto'} relative z-10`}>
added stop start files and testing multivendor support
2026-01-27 23:00:12 +00:00
{/* Header */}
Transform CVE Dashboard to tactical intelligence platform aesthetic Implemented a sophisticated cyber-intelligence visual design with: DESIGN DIRECTION: - "Tactical Intelligence Command Center" aesthetic - Typography: JetBrains Mono for data/code + Outfit for UI labels - Color Palette: Deep navy (#0A0E27) base with electric cyan (#00D9FF) accents - Visual Language: Grid patterns, glowing borders, scanning animations - Motion: Smooth fade-ins, pulse effects, hover transformations FRONTEND CHANGES: - Redesigned App.css with comprehensive intelligence dashboard theme - Custom CSS classes: intel-card, intel-button, intel-input, status-badge - Added scanning line animations and pulse glow effects - Implemented grid background pattern and scrollbar styling COMPONENT UPDATES: - App.js: Transformed all UI sections to intel theme - Header with stats dashboard - Search/filter cards - CVE list with expandable cards - Document management - Quick check interface - JIRA ticket tracking - LoginForm.js: Redesigned authentication portal - All modals: Add/Edit CVE, Add/Edit JIRA tickets UI FEATURES: - Monospace fonts for technical data - Glowing accent borders on interactive elements - Status badges with animated pulse indicators - Data rows with hover states - Responsive grid layouts - Modal overlays with backdrop blur TECHNICAL: - Tailwind CSS extended with custom intel theme - Google Fonts: JetBrains Mono & Outfit - Maintained all existing functionality - Build tested successfully - No breaking changes to business logic Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-02-10 09:34:22 -07:00
<div className="mb-8">
<div className="flex justify-between items-start mb-6">
Add hamburger nav menu with 4-page navigation structure - NavDrawer component: slide-in left drawer with backdrop, matches dark theme - Nav items: Home, Reporting, Knowledge Base, Exports with color-coded icons - Active page highlighted with colored background + indicator dot - Placeholder pages for Reporting (amber), Knowledge Base (green), Exports (purple) - Stats bar and three-column layout conditionally render on Home page only - currentPage state drives all page switching Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-11 11:47:03 -06:00
<div className="flex items-center gap-4 flex-1">
<button
onClick={() => setNavOpen(true)}
style={{ background: 'none', border: '1px solid rgba(14, 165, 233, 0.25)', borderRadius: '0.375rem', padding: '0.5rem', cursor: 'pointer', color: '#64748B', flexShrink: 0 }}
onMouseEnter={e => { e.currentTarget.style.color = '#0EA5E9'; e.currentTarget.style.borderColor = 'rgba(14, 165, 233, 0.6)'; }}
onMouseLeave={e => { e.currentTarget.style.color = '#64748B'; e.currentTarget.style.borderColor = 'rgba(14, 165, 233, 0.25)'; }}
title="Navigation"
>
<Menu className="w-5 h-5" />
</button>
<div>
Rebrand STEAM → AEGIS, fix BU drift checker previous_bu bug - Replace all STEAM branding with AEGIS (Advanced Engineering Group Intelligence System) across login, header, nav drawer, manifest, and browser title - Add shield logo to login page, main header, and nav drawer - Fix BU drift checker recording incorrect previous_bu values by building a previousBuMap snapshot BEFORE the upsert/delete cycle instead of querying the DB after rows are already gone - Clean 526 bogus BU history entries generated by the broken logic - Add docs and scripts from prior session
2026-06-17 14:40:38 -06:00
<div className="flex items-center gap-3">
<img src="/shieldlogo.jpeg" alt="AEGIS" style={{ width: '44px', height: '44px', borderRadius: '6px' }} />
<div>
<h1 className="text-4xl font-bold text-intel-accent mb-1 font-mono tracking-tight">
AEGIS
</h1>
<p className="text-gray-400 text-sm font-sans">Advanced Engineering Group Intelligence System</p>
</div>
</div>
Add hamburger nav menu with 4-page navigation structure - NavDrawer component: slide-in left drawer with backdrop, matches dark theme - Nav items: Home, Reporting, Knowledge Base, Exports with color-coded icons - Active page highlighted with colored background + indicator dot - Placeholder pages for Reporting (amber), Knowledge Base (green), Exports (purple) - Stats bar and three-column layout conditionally render on Home page only - currentPage state drives all page switching Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-11 11:47:03 -06:00
</div>
Transform CVE Dashboard to tactical intelligence platform aesthetic Implemented a sophisticated cyber-intelligence visual design with: DESIGN DIRECTION: - "Tactical Intelligence Command Center" aesthetic - Typography: JetBrains Mono for data/code + Outfit for UI labels - Color Palette: Deep navy (#0A0E27) base with electric cyan (#00D9FF) accents - Visual Language: Grid patterns, glowing borders, scanning animations - Motion: Smooth fade-ins, pulse effects, hover transformations FRONTEND CHANGES: - Redesigned App.css with comprehensive intelligence dashboard theme - Custom CSS classes: intel-card, intel-button, intel-input, status-badge - Added scanning line animations and pulse glow effects - Implemented grid background pattern and scrollbar styling COMPONENT UPDATES: - App.js: Transformed all UI sections to intel theme - Header with stats dashboard - Search/filter cards - CVE list with expandable cards - Document management - Quick check interface - JIRA ticket tracking - LoginForm.js: Redesigned authentication portal - All modals: Add/Edit CVE, Add/Edit JIRA tickets UI FEATURES: - Monospace fonts for technical data - Glowing accent borders on interactive elements - Status badges with animated pulse indicators - Data rows with hover states - Responsive grid layouts - Modal overlays with backdrop blur TECHNICAL: - Tailwind CSS extended with custom intel theme - Google Fonts: JetBrains Mono & Outfit - Maintained all existing functionality - Build tested successfully - No breaking changes to business logic Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-02-10 09:34:22 -07:00
</div>
<div className="flex items-center gap-3">
{canWrite() && (
<button
onClick={() => setShowNvdSync(true)}
className="intel-button intel-button-success relative z-10 flex items-center gap-2"
>
<RefreshCw className="w-4 h-4" />
NVD Sync
</button>
)}
Refactor home page: extract components, add toast system, debounce search Major restructuring of the monolithic App.js (2484 lines) into focused, testable components: Architecture: - App.js is now a 189-line routing shell (header, nav, page switching) - HomePage.js orchestrates all home page state and layout - Each visual section is its own component with clear props API Extracted components: - StatsBar: clickable stat cards that filter by severity - QuickCVELookup: CVE existence check with inline results - CVEFilters: search + vendor/severity dropdowns - CVECard: expandable CVE with vendor entries, docs, tickets - OpenTicketsPanel: right sidebar open JIRA tickets - IvantiWorkflowPanel: right sidebar Ivanti workflow status + archive Extracted modals: - AddCVEModal: self-contained add form with NVD auto-fill - EditCVEModal: self-contained edit form with NVD update - JiraTicketModal: unified add/edit JIRA ticket modal - ArcherTicketModal: unified add/edit Archer ticket modal Performance optimizations: - Debounced search (300ms) via useDebounce hook — eliminates redundant API calls on every keystroke - Memoized groupedCVEs, openTicketCount, criticalCount via useMemo - Proper state updates (no direct mutation of cveDocuments) - useCallback on fetch functions to stabilize effect dependencies UX improvements: - Toast notification system replaces all alert() calls - Stat cards are now clickable to filter CVE list by severity - onKeyDown replaces deprecated onKeyPress - aria-labels added to interactive elements Infrastructure: - ToastContext with auto-dismiss, typed toasts (success/error/warning/info) - useDebounce custom hook for reuse across the app - Toast slide-in animation in App.css
2026-06-23 11:46:39 -06:00
{canWrite() && currentPage === 'home' && (
Transform CVE Dashboard to tactical intelligence platform aesthetic Implemented a sophisticated cyber-intelligence visual design with: DESIGN DIRECTION: - "Tactical Intelligence Command Center" aesthetic - Typography: JetBrains Mono for data/code + Outfit for UI labels - Color Palette: Deep navy (#0A0E27) base with electric cyan (#00D9FF) accents - Visual Language: Grid patterns, glowing borders, scanning animations - Motion: Smooth fade-ins, pulse effects, hover transformations FRONTEND CHANGES: - Redesigned App.css with comprehensive intelligence dashboard theme - Custom CSS classes: intel-card, intel-button, intel-input, status-badge - Added scanning line animations and pulse glow effects - Implemented grid background pattern and scrollbar styling COMPONENT UPDATES: - App.js: Transformed all UI sections to intel theme - Header with stats dashboard - Search/filter cards - CVE list with expandable cards - Document management - Quick check interface - JIRA ticket tracking - LoginForm.js: Redesigned authentication portal - All modals: Add/Edit CVE, Add/Edit JIRA tickets UI FEATURES: - Monospace fonts for technical data - Glowing accent borders on interactive elements - Status badges with animated pulse indicators - Data rows with hover states - Responsive grid layouts - Modal overlays with backdrop blur TECHNICAL: - Tailwind CSS extended with custom intel theme - Google Fonts: JetBrains Mono & Outfit - Maintained all existing functionality - Build tested successfully - No breaking changes to business logic Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-02-10 09:34:22 -07:00
<button
onClick={() => setShowAddCVE(true)}
className="intel-button intel-button-primary relative z-10 flex items-center gap-2"
>
<Plus className="w-4 h-4" />
Add Entry
</button>
)}
fix: move AdminScopeToggle from NavDrawer to main header bar Places the scope toggle next to the UserMenu avatar in the top-right header area so it's always visible without opening the nav drawer.
2026-05-05 11:21:59 -06:00
<AdminScopeToggle />
Add CI/CD pipeline, feedback modal, Atlas qualys_id fallback, and health endpoint - Rewrite .gitlab-ci.yml with proper stages, blocking tests, staging environment on dev box, and SSH-based production deploy to 71.85.90.6 - Add POST /api/health endpoint for pipeline verification - Add POST /atlas/hosts/:hostId/refresh-cache for Atlas cache staleness - AtlasSlideOutPanel: auto-resolve qualys_id from Atlas vulnerabilities, prefer qualys_id over active_host_findings_id, retry on failure - Add FeedbackModal component with bug report button in header and feature request in UserMenu, creates GitLab issues via /api/feedback - Fix all frontend test failures (ESM transforms, TextDecoder polyfill, fast-check resolution, App.test.js boilerplate replacement) - Fix root package.json test script to run jest - Add deploy/ directory with staging systemd service and setup script
2026-05-08 12:47:39 -06:00
<button
onClick={() => { setFeedbackType('bug'); setShowFeedback(true); }}
title="Report a Bug"
style={{
display: 'inline-flex', alignItems: 'center', gap: '0.35rem',
padding: '0.4rem 0.7rem',
background: 'rgba(239,68,68,0.08)',
border: '1px solid rgba(239,68,68,0.25)',
borderRadius: '0.375rem',
color: '#94A3B8',
fontSize: '0.72rem',
fontFamily: "'JetBrains Mono', monospace",
cursor: 'pointer',
transition: 'all 0.15s',
}}
onMouseEnter={e => { e.currentTarget.style.color = '#F87171'; e.currentTarget.style.borderColor = 'rgba(239,68,68,0.5)'; }}
onMouseLeave={e => { e.currentTarget.style.color = '#94A3B8'; e.currentTarget.style.borderColor = 'rgba(239,68,68,0.25)'; }}
>
<svg width="14" height="14" viewBox="0 0 24 24" fill="none" stroke="currentColor" strokeWidth="2" strokeLinecap="round" strokeLinejoin="round"><path d="m8 2 1.88 1.88"/><path d="M14.12 3.88 16 2"/><path d="M9 7.13v-1a3.003 3.003 0 1 1 6 0v1"/><path d="M12 20c-3.3 0-6-2.7-6-6v-3a4 4 0 0 1 4-4h4a4 4 0 0 1 4 4v3c0 3.3-2.7 6-6 6"/><path d="M12 20v-9"/><path d="M6.53 9C4.6 8.8 3 7.1 3 5"/><path d="M6 13H2"/><path d="M3 21c0-2.1 1.7-3.9 3.8-4"/><path d="M20.97 5c0 2.1-1.6 3.8-3.5 4"/><path d="M22 13h-4"/><path d="M17.2 17c2.1.1 3.8 1.9 3.8 4"/></svg>
Bug
</button>
Replace Webex bot with in-app notification system Org blocks external Webex bots, so replaced the DM approach with an in-app notification bell. GitLab webhook still fires on issue close, but now writes to a notifications table instead of calling Webex API. - New: notifications table + migration - New: GET/PATCH/POST /api/notifications endpoints - New: NotificationBell component (bell icon + badge + dropdown) - Removed: backend/helpers/webexBot.js (org-blocked) - Removed: WEBEX_BOT_TOKEN from .env
2026-05-18 17:15:05 -06:00
<NotificationBell />
Add CI/CD pipeline, feedback modal, Atlas qualys_id fallback, and health endpoint - Rewrite .gitlab-ci.yml with proper stages, blocking tests, staging environment on dev box, and SSH-based production deploy to 71.85.90.6 - Add POST /api/health endpoint for pipeline verification - Add POST /atlas/hosts/:hostId/refresh-cache for Atlas cache staleness - AtlasSlideOutPanel: auto-resolve qualys_id from Atlas vulnerabilities, prefer qualys_id over active_host_findings_id, retry on failure - Add FeedbackModal component with bug report button in header and feature request in UserMenu, creates GitLab issues via /api/feedback - Fix all frontend test failures (ESM transforms, TextDecoder polyfill, fast-check resolution, App.test.js boilerplate replacement) - Fix root package.json test script to run jest - Add deploy/ directory with staging systemd service and setup script
2026-05-08 12:47:39 -06:00
<UserMenu onManageUsers={() => setShowUserManagement(true)} onAuditLog={() => setShowAuditLog(true)} onFeatureRequest={() => { setFeedbackType('feature'); setShowFeedback(true); }} />
Transform CVE Dashboard to tactical intelligence platform aesthetic Implemented a sophisticated cyber-intelligence visual design with: DESIGN DIRECTION: - "Tactical Intelligence Command Center" aesthetic - Typography: JetBrains Mono for data/code + Outfit for UI labels - Color Palette: Deep navy (#0A0E27) base with electric cyan (#00D9FF) accents - Visual Language: Grid patterns, glowing borders, scanning animations - Motion: Smooth fade-ins, pulse effects, hover transformations FRONTEND CHANGES: - Redesigned App.css with comprehensive intelligence dashboard theme - Custom CSS classes: intel-card, intel-button, intel-input, status-badge - Added scanning line animations and pulse glow effects - Implemented grid background pattern and scrollbar styling COMPONENT UPDATES: - App.js: Transformed all UI sections to intel theme - Header with stats dashboard - Search/filter cards - CVE list with expandable cards - Document management - Quick check interface - JIRA ticket tracking - LoginForm.js: Redesigned authentication portal - All modals: Add/Edit CVE, Add/Edit JIRA tickets UI FEATURES: - Monospace fonts for technical data - Glowing accent borders on interactive elements - Status badges with animated pulse indicators - Data rows with hover states - Responsive grid layouts - Modal overlays with backdrop blur TECHNICAL: - Tailwind CSS extended with custom intel theme - Google Fonts: JetBrains Mono & Outfit - Maintained all existing functionality - Build tested successfully - No breaking changes to business logic Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-02-10 09:34:22 -07:00
</div>
fix: Add frontend files (not as submodule)
2026-01-27 04:08:35 +00:00
</div>
</div>
Add page visibility by group with centralized matrix Introduce a Page Visibility Matrix that controls which pages each user group can access, enforced in both frontend and backend: Frontend: - Create frontend/src/config/pageVisibility.js with PAGE_VISIBILITY matrix and canAccessPage() / getAccessiblePages() helpers - NavDrawer: replace inline requiredGroups with canAccessPage() filter - App.js: replace per-page isInGroup()/isAdmin() checks with generic route guard in setCurrentPage; remove VALID_PAGES constant - localStorage validation: verify persisted page is accessible on load Backend (page-level access enforcement): - jiraTickets.js: add router-level requireGroup('Admin','Standard_User') - archerTemplates.js: add router-level requireGroup('Admin','Standard_User') - VCL multi-vertical already had requireGroup('Admin','Leadership') Visibility matrix: - Home, Knowledge Base: all groups - Triage, Compliance, Exports: Admin, Standard_User, Leadership - CCP Metrics: Admin, Leadership - Jira, Archer Templates: Admin, Standard_User - Admin Panel: Admin only - Read_Only sees only Home and Knowledge Base
2026-06-24 11:41:50 -06:00
{/* Page content — generic route guard via canAccessPage */}
Refactor home page: extract components, add toast system, debounce search Major restructuring of the monolithic App.js (2484 lines) into focused, testable components: Architecture: - App.js is now a 189-line routing shell (header, nav, page switching) - HomePage.js orchestrates all home page state and layout - Each visual section is its own component with clear props API Extracted components: - StatsBar: clickable stat cards that filter by severity - QuickCVELookup: CVE existence check with inline results - CVEFilters: search + vendor/severity dropdowns - CVECard: expandable CVE with vendor entries, docs, tickets - OpenTicketsPanel: right sidebar open JIRA tickets - IvantiWorkflowPanel: right sidebar Ivanti workflow status + archive Extracted modals: - AddCVEModal: self-contained add form with NVD auto-fill - EditCVEModal: self-contained edit form with NVD update - JiraTicketModal: unified add/edit JIRA ticket modal - ArcherTicketModal: unified add/edit Archer ticket modal Performance optimizations: - Debounced search (300ms) via useDebounce hook — eliminates redundant API calls on every keystroke - Memoized groupedCVEs, openTicketCount, criticalCount via useMemo - Proper state updates (no direct mutation of cveDocuments) - useCallback on fetch functions to stabilize effect dependencies UX improvements: - Toast notification system replaces all alert() calls - Stat cards are now clickable to filter CVE list by severity - onKeyDown replaces deprecated onKeyPress - aria-labels added to interactive elements Infrastructure: - ToastContext with auto-dismiss, typed toasts (success/error/warning/info) - useDebounce custom hook for reuse across the app - Toast slide-in animation in App.css
2026-06-23 11:46:39 -06:00
{currentPage === 'home' && <HomePage onNavigate={handleNavigate} showAddCVE={showAddCVE} setShowAddCVE={setShowAddCVE} />}
{currentPage === 'triage' && <VulnerabilityTriagePage filterDate={calendarFilter} filterEXC={reportingExcFilter} />}
{currentPage === 'compliance' && <CompliancePage onNavigate={setCurrentPage} />}
Add page visibility by group with centralized matrix Introduce a Page Visibility Matrix that controls which pages each user group can access, enforced in both frontend and backend: Frontend: - Create frontend/src/config/pageVisibility.js with PAGE_VISIBILITY matrix and canAccessPage() / getAccessiblePages() helpers - NavDrawer: replace inline requiredGroups with canAccessPage() filter - App.js: replace per-page isInGroup()/isAdmin() checks with generic route guard in setCurrentPage; remove VALID_PAGES constant - localStorage validation: verify persisted page is accessible on load Backend (page-level access enforcement): - jiraTickets.js: add router-level requireGroup('Admin','Standard_User') - archerTemplates.js: add router-level requireGroup('Admin','Standard_User') - VCL multi-vertical already had requireGroup('Admin','Leadership') Visibility matrix: - Home, Knowledge Base: all groups - Triage, Compliance, Exports: Admin, Standard_User, Leadership - CCP Metrics: Admin, Leadership - Jira, Archer Templates: Admin, Standard_User - Admin Panel: Admin only - Read_Only sees only Home and Knowledge Base
2026-06-24 11:41:50 -06:00
{currentPage === 'ccp-metrics' && <CCPMetricsPage />}
Refactor home page: extract components, add toast system, debounce search Major restructuring of the monolithic App.js (2484 lines) into focused, testable components: Architecture: - App.js is now a 189-line routing shell (header, nav, page switching) - HomePage.js orchestrates all home page state and layout - Each visual section is its own component with clear props API Extracted components: - StatsBar: clickable stat cards that filter by severity - QuickCVELookup: CVE existence check with inline results - CVEFilters: search + vendor/severity dropdowns - CVECard: expandable CVE with vendor entries, docs, tickets - OpenTicketsPanel: right sidebar open JIRA tickets - IvantiWorkflowPanel: right sidebar Ivanti workflow status + archive Extracted modals: - AddCVEModal: self-contained add form with NVD auto-fill - EditCVEModal: self-contained edit form with NVD update - JiraTicketModal: unified add/edit JIRA ticket modal - ArcherTicketModal: unified add/edit Archer ticket modal Performance optimizations: - Debounced search (300ms) via useDebounce hook — eliminates redundant API calls on every keystroke - Memoized groupedCVEs, openTicketCount, criticalCount via useMemo - Proper state updates (no direct mutation of cveDocuments) - useCallback on fetch functions to stabilize effect dependencies UX improvements: - Toast notification system replaces all alert() calls - Stat cards are now clickable to filter CVE list by severity - onKeyDown replaces deprecated onKeyPress - aria-labels added to interactive elements Infrastructure: - ToastContext with auto-dismiss, typed toasts (success/error/warning/info) - useDebounce custom hook for reuse across the app - Toast slide-in animation in App.css
2026-06-23 11:46:39 -06:00
{currentPage === 'knowledge-base' && <KnowledgeBasePage />}
{currentPage === 'exports' && <ExportsPage />}
{currentPage === 'jira' && <JiraPage />}
Add Archer Template Library for risk acceptance form reuse Adds a template management system to the Ivanti Queue's Archer Risk Acceptance workflow. Templates store static form content (Environment Overview, Segmentation, Mitigating Controls, etc.) organized by Vendor > Platform > Model hierarchy. Features: - Full CRUD API at /api/archer-templates with search, filter, clone, and hierarchy navigation endpoints - Template Manager page (nav: Template Mgr) with grouped list view, create/edit/clone/delete modals, role-based access - TemplateSelector component integrated into Ivanti Todo Queue for Archer workflow items with per-section copy-to-clipboard buttons and Copy All functionality - Database migration with case-insensitive uniqueness enforcement - Audit logging for all template mutations New files: - backend/migrations/add_archer_templates_table.js - backend/routes/archerTemplates.js - frontend/src/components/pages/ArcherTemplatePage.js - frontend/src/components/TemplateSelector.js - frontend/src/components/TemplateFormModal.js - frontend/src/components/DeleteConfirmModal.js
2026-06-02 16:08:25 -06:00
{currentPage === 'archer-templates' && <ArcherTemplatePage />}
Add page visibility by group with centralized matrix Introduce a Page Visibility Matrix that controls which pages each user group can access, enforced in both frontend and backend: Frontend: - Create frontend/src/config/pageVisibility.js with PAGE_VISIBILITY matrix and canAccessPage() / getAccessiblePages() helpers - NavDrawer: replace inline requiredGroups with canAccessPage() filter - App.js: replace per-page isInGroup()/isAdmin() checks with generic route guard in setCurrentPage; remove VALID_PAGES constant - localStorage validation: verify persisted page is accessible on load Backend (page-level access enforcement): - jiraTickets.js: add router-level requireGroup('Admin','Standard_User') - archerTemplates.js: add router-level requireGroup('Admin','Standard_User') - VCL multi-vertical already had requireGroup('Admin','Leadership') Visibility matrix: - Home, Knowledge Base: all groups - Triage, Compliance, Exports: Admin, Standard_User, Leadership - CCP Metrics: Admin, Leadership - Jira, Archer Templates: Admin, Standard_User - Admin Panel: Admin only - Read_Only sees only Home and Knowledge Base
2026-06-24 11:41:50 -06:00
{currentPage === 'admin' && <AdminPage />}
Add hamburger nav menu with 4-page navigation structure - NavDrawer component: slide-in left drawer with backdrop, matches dark theme - Nav items: Home, Reporting, Knowledge Base, Exports with color-coded icons - Active page highlighted with colored background + indicator dot - Placeholder pages for Reporting (amber), Knowledge Base (green), Exports (purple) - Stats bar and three-column layout conditionally render on Home page only - currentPage state drives all page switching Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-11 11:47:03 -06:00
Refactor home page: extract components, add toast system, debounce search Major restructuring of the monolithic App.js (2484 lines) into focused, testable components: Architecture: - App.js is now a 189-line routing shell (header, nav, page switching) - HomePage.js orchestrates all home page state and layout - Each visual section is its own component with clear props API Extracted components: - StatsBar: clickable stat cards that filter by severity - QuickCVELookup: CVE existence check with inline results - CVEFilters: search + vendor/severity dropdowns - CVECard: expandable CVE with vendor entries, docs, tickets - OpenTicketsPanel: right sidebar open JIRA tickets - IvantiWorkflowPanel: right sidebar Ivanti workflow status + archive Extracted modals: - AddCVEModal: self-contained add form with NVD auto-fill - EditCVEModal: self-contained edit form with NVD update - JiraTicketModal: unified add/edit JIRA ticket modal - ArcherTicketModal: unified add/edit Archer ticket modal Performance optimizations: - Debounced search (300ms) via useDebounce hook — eliminates redundant API calls on every keystroke - Memoized groupedCVEs, openTicketCount, criticalCount via useMemo - Proper state updates (no direct mutation of cveDocuments) - useCallback on fetch functions to stabilize effect dependencies UX improvements: - Toast notification system replaces all alert() calls - Stat cards are now clickable to filter CVE list by severity - onKeyDown replaces deprecated onKeyPress - aria-labels added to interactive elements Infrastructure: - ToastContext with auto-dismiss, typed toasts (success/error/warning/info) - useDebounce custom hook for reuse across the app - Toast slide-in animation in App.css
2026-06-23 11:46:39 -06:00
{/* Global Modals */}
{showUserManagement && <UserManagement onClose={() => setShowUserManagement(false)} />}
{showAuditLog && <AuditLog onClose={() => setShowAuditLog(false)} />}
{showNvdSync && <NvdSyncModal onClose={() => setShowNvdSync(false)} onSyncComplete={() => {}} />}
Add CI/CD pipeline, feedback modal, Atlas qualys_id fallback, and health endpoint - Rewrite .gitlab-ci.yml with proper stages, blocking tests, staging environment on dev box, and SSH-based production deploy to 71.85.90.6 - Add POST /api/health endpoint for pipeline verification - Add POST /atlas/hosts/:hostId/refresh-cache for Atlas cache staleness - AtlasSlideOutPanel: auto-resolve qualys_id from Atlas vulnerabilities, prefer qualys_id over active_host_findings_id, retry on failure - Add FeedbackModal component with bug report button in header and feature request in UserMenu, creates GitLab issues via /api/feedback - Fix all frontend test failures (ESM transforms, TextDecoder polyfill, fast-check resolution, App.test.js boilerplate replacement) - Fix root package.json test script to run jest - Add deploy/ directory with staging systemd service and setup script
2026-05-08 12:47:39 -06:00
<FeedbackModal
isOpen={showFeedback}
onClose={() => setShowFeedback(false)}
defaultType={feedbackType}
currentPage={currentPage}
/>
fix: Add frontend files (not as submodule)
2026-01-27 04:08:35 +00:00
</div>
</div>
);
}
Reference in New Issue Copy Permalink