chat/tests at a45a33534f0100f31dac9612691fe4bedcc17946 - chat - Gitea: Git with a cup of tea

dohertj2/chat

Files

T

History

Joseph Doherty a45a33534f fix: drawer delete-impact modal HTML escapes user-controllable fields (T110.2)

The delete-impact modal is built via raw f-string concatenation from the
ImpactReport — item.kind / item.description / report.notes ultimately
embed user-controllable content (turn prose, scene timestamps). A turn
with prose like "<script>alert(1)</script>" would reach the rendered
HTML verbatim. Currently safe (the fields embedded today are bounded
strings) but defense-in-depth — wrap with html.escape() so future
description changes can't smuggle markup through.

Test: tests/test_drawer_phase4.py::test_delete_impact_modal_escapes_user_controllable_strings.

2026-04-27 05:12:28 -04:00

..

__init__.py

feat: project skeleton with health endpoint

2026-04-26 11:23:38 -04:00

test_addressee.py

fix: AddresseeDecision.confidence as Literal[high|medium|low] (T77)

2026-04-26 21:40:47 -04:00

test_backup.py

feat: nightly DB backups with 14-day retention

2026-04-26 14:18:57 -04:00

test_bot_authoring.py

feat: bot authoring form with bot_authored event

2026-04-26 12:17:06 -04:00

test_branches_state.py

chore: branches polish — global-leak docs + unknown-name warning (T103)

2026-04-27 04:34:32 -04:00

test_branching.py

feat: branching service (branch_from_event + switch + metadata) (T94)

2026-04-27 02:35:58 -04:00

test_chat_list.py

feat: error banners and first-run navigation flow

2026-04-26 14:33:28 -04:00

test_chat_shell.py

feat: chat shell page rendering

2026-04-26 12:39:15 -04:00

test_classify.py

fix: classifier robustness — schema in prompt, retries, kickoff fallback

2026-04-26 15:03:13 -04:00

test_config.py

feat: config loader with toml + env override

2026-04-26 11:28:40 -04:00

test_cross_chat_search.py

feat: cross-chat search service (T93)

2026-04-27 02:31:31 -04:00

test_delete_impact.py

feat: delete-impact computation service (preview without mutation) (T95)

2026-04-27 02:36:30 -04:00

test_drawer_edits_extended.py

feat: drawer witness flag inline-edit (T72.3)

2026-04-26 17:28:25 -04:00

test_drawer_edits.py

feat: drawer edits with manual_edit event capture

2026-04-26 13:40:40 -04:00

test_drawer_events_threads_skip.py

fix: typed ChatNotFoundError replaces string-prefix sniff in skip routes (T81)

2026-04-26 21:55:53 -04:00

test_drawer_guest.py

feat: first-meeting gate on drawer Add-guest form (T72.2)

2026-04-26 17:26:31 -04:00

test_drawer_phase4.py

fix: drawer delete-impact modal HTML escapes user-controllable fields (T110.2)

2026-04-27 05:12:28 -04:00

test_drawer_render.py

feat: read-only drawer with scene, activity, edges, memories

2026-04-26 13:35:47 -04:00

test_edges.py

feat: directed edges with per-turn delta projector

2026-04-26 11:51:15 -04:00

test_embedding_worker.py

feat: embedding worker drains queue and emits embedding_indexed events (T97.1)

2026-04-27 02:51:36 -04:00

test_embeddings_state.py

feat: embeddings table + projector handlers (pure-Python cosine, T88)

2026-04-27 02:22:32 -04:00

test_embeddings.py

chore: embeddings.py warns on fallback for non-default models (T107)

2026-04-27 04:47:17 -04:00

test_entities.py

feat: bot and you entity schemas with projector handlers

2026-04-26 11:46:19 -04:00

test_error_ux.py

feat: error banners and first-run navigation flow

2026-04-26 14:33:28 -04:00

test_event_lifecycle.py

feat: event-lifecycle detection service (T52)

2026-04-26 20:09:13 -04:00

test_event_promotion.py

feat: event-completion promotion service (T56)

2026-04-26 20:15:51 -04:00

test_eventlog.py

feat: append-only event log with projector skeleton

2026-04-26 11:42:49 -04:00

test_events_state.py

feat: events table + lifecycle handlers (T49)

2026-04-26 20:04:36 -04:00

test_first_run.py

feat: error banners and first-run navigation flow

2026-04-26 14:33:28 -04:00

test_group_node.py

feat: group_node schema + projector handlers

2026-04-26 15:46:16 -04:00

test_guest_events.py

feat: guest_added / guest_removed event handlers

2026-04-26 15:46:09 -04:00

test_health.py

feat: project skeleton with health endpoint

2026-04-26 11:23:38 -04:00

test_interjection.py

feat: interjection classifier service

2026-04-26 15:51:29 -04:00

test_kickoff_confirm.py

feat: kickoff parse-and-confirm flow with chat creation

2026-04-26 12:28:05 -04:00

test_kickoff.py

fix: classifier robustness — schema in prompt, retries, kickoff fallback

2026-04-26 15:03:13 -04:00

test_llm_mock.py

feat: LLMClient protocol with Featherless and mock implementations

2026-04-26 11:35:57 -04:00

test_meanwhile_state.py

feat: meanwhile scene schema + state (T63)

2026-04-26 20:52:45 -04:00

test_meanwhile_turn_flow.py

test: meanwhile cancel route + JSON-build audit (T85)

2026-04-26 22:33:52 -04:00

test_memory_search.py

feat: combined FTS + vector retrieval ranking via RRF (T96)

2026-04-27 02:42:38 -04:00

test_memory_write.py

feat: 0014 schema — embeddings FK CASCADE (deferred or applied) + memories.event_id column (T109)

2026-04-27 05:00:57 -04:00

test_memory.py

feat: chats, chat_state, containers, scenes, activity tables

2026-04-26 12:03:26 -04:00

test_migrate.py

feat: sqlite migration runner with meta version table

2026-04-26 11:32:32 -04:00

test_multi_state_update.py

feat: multi-entity state-update coordinator

2026-04-26 15:51:58 -04:00

test_open_db_threading.py

refactor: open_db with check_same_thread parameter (T68)

2026-04-26 17:05:29 -04:00

test_per_pov_summary.py

test: T58 coverage gaps (truncation, update/close paths) (T80.5)

2026-04-26 21:50:55 -04:00

test_phase3_integration.py

fix: post_turn consumes pending meanwhile digests (T82.1)

2026-04-26 22:02:25 -04:00

test_phase4_integration.py

test: phase 4 cross-feature integration coverage (T101)

2026-04-27 04:08:25 -04:00

test_prompt.py

fix: _witness_role_for defensive None handling (T79)

2026-04-26 21:41:15 -04:00

test_regenerate.py

chore: clarify regenerate lifecycle warning wording (T90.2)

2026-04-27 02:23:55 -04:00

test_relationship_seed.py

feat: relationship-seed service for first-co-appearance prompt

2026-04-26 15:47:12 -04:00

test_render.py

feat: frontend turn_html_replace SSE handler for regenerate live-swap (T86)

2026-04-26 22:41:35 -04:00

test_reset.py

fix: bot_reset purges orphaned 'you' activity rows (T69)

2026-04-26 17:06:21 -04:00

test_rewind.py

feat: rewind with impact preview, pre-rewind snapshot, undo toast

2026-04-26 13:58:20 -04:00

test_scene_close.py

fix: classifier robustness — schema in prompt, retries, kickoff fallback

2026-04-26 15:03:13 -04:00

test_search_ux.py

perf: search.py N+1 batching + k constant extraction (T106)

2026-04-27 04:34:18 -04:00

test_settings.py

feat: settings page with you-entity authoring

2026-04-26 12:22:00 -04:00

test_significance.py

fix: classifier robustness — schema in prompt, retries, kickoff fallback

2026-04-26 15:03:13 -04:00

test_skip_narration.py

fix: plumb narrate_skip timeout_s through to client.generate (T76)

2026-04-26 21:40:29 -04:00

test_snapshot_ux.py

chore: snapshots.py polish — hoisted imports + strict kind + mtime doc (T105)

2026-04-27 04:47:14 -04:00

test_snapshot.py

feat: periodic snapshots with retention and cold-load fast-path

2026-04-26 14:15:17 -04:00

test_sse.py

feat: per-chat SSE channel and pub/sub

2026-04-26 12:49:41 -04:00

test_state_update.py

fix: classifier robustness — schema in prompt, retries, kickoff fallback

2026-04-26 15:03:13 -04:00

test_streaming_ux.py

feat: frontend turn_html_replace SSE handler for regenerate live-swap (T86)

2026-04-26 22:41:35 -04:00

test_synthesized_memories.py

feat: synthesized-memories service for jump skips (T54)

2026-04-26 20:10:05 -04:00

test_thread_detection.py

feat: thread-detection service (T55)

2026-04-26 20:10:36 -04:00

test_threads_state.py

feat: threads table + projector handlers (T51)

2026-04-26 20:05:09 -04:00

test_time_skip_handlers.py

feat: time_skip event handlers (T50)

2026-04-26 20:04:46 -04:00

test_turn_common.py

perf: read_recent_dialogue pushes chat-id filter into SQL (T90.1)

2026-04-27 02:23:15 -04:00

test_turn_flow.py

chore: scene-close-on-cancel — strengthen regression test + document rationale (T108)

2026-04-27 04:47:26 -04:00

test_turn_parse.py

fix: classifier robustness — schema in prompt, retries, kickoff fallback

2026-04-26 15:03:13 -04:00

test_vector_search.py

feat: pure-Python cosine vector search service (T92)

2026-04-27 02:31:06 -04:00

test_witness_filter_multi.py

test: witness filter coverage for multi-entity scenarios

2026-04-26 16:25:03 -04:00

test_world.py

feat: 0014 schema — embeddings FK CASCADE (deferred or applied) + memories.event_id column (T109)

2026-04-27 05:00:57 -04:00