docs-v2

Commit Graph

Author	SHA1	Message	Date
Copilot	0a0bebc42c	Fix PR preview and Copilot visual review skipping docs home page when layouts/index.html changes (#6922 ) * Initial plan * fix: include docs home page in PR preview and Copilot visual review when layouts/index.html changes Co-authored-by: jstirnaman <212227+jstirnaman@users.noreply.github.com> * fix: improve detect-preview-pages to avoid false needs-author-input when home page auto-detected Co-authored-by: jstirnaman <212227+jstirnaman@users.noreply.github.com> --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: jstirnaman <212227+jstirnaman@users.noreply.github.com> Co-authored-by: Jason Stirnaman <jstirnaman@influxdata.com>	2026-03-13 08:47:38 -05:00
Jason Stirnaman	e203482b62	feat(ci): add PR preview system for GitHub Pages (#6636 ) * docs(ci): add PR preview system design Document the design for GitHub Pages PR previews including: - Selective deployment of changed pages only - Reuse of existing content-utils.js change detection - URL parsing from PR descriptions for layout/asset changes - Automatic cleanup on PR close - Storage budget management * docs(ci): add PR preview implementation plan Detailed task-by-task implementation plan including: - 8 tasks with complete code and exact file paths - Reuses existing content-utils.js for change detection - Scripts for URL parsing, change detection, file staging - Main workflow and cleanup workflow - Setup documentation and testing steps * feat(ci): add PR URL parser for preview page detection * fix(ci): harden PR URL parser against malicious input - Add path validation to reject path traversal attacks (..) - Add validation to reject HTML/script injection attempts - Add validation to reject URL-encoded characters - Update regex to capture markdown link paths: [text](/path/) - Add comprehensive test suite with 27 security and functionality tests Security improvements: - Reject paths containing '..' to prevent directory traversal - Reject paths with suspicious characters: <, >, \|, {, }, `, etc. - Reject URL-encoded characters to prevent encoding attacks - Validate all paths against known product prefixes Functionality improvements: - Support markdown link syntax: [text](/influxdb3/core/) - Support reference-style markdown links - Maintain existing support for production URLs, localhost URLs, and relative paths * feat(ci): add change detection script for PR previews * fix(ci): remove unused import from detect-preview-pages.js * feat(ci): add preview file staging script for selective deployment * fix(ci): add input validation to preview file staging script - Add path traversal validation to urlToHtmlPath() to reject paths containing '..' - Add array validation at start of preparePreviewFiles() with clear error message - Fix copiedCount to only increment when safeCopy() actually succeeds - Add return value to copyPage() to track success/failure Addresses security vulnerabilities and improves accuracy of preview stats. * feat(ci): add preview comment manager for sticky PR comments * fix(ci): sanitize user input in preview comments to prevent XSS * feat(ci): add PR preview workflow for GitHub Pages deployment * fix(ci): correct environment variables and checkout in PR preview workflow * feat(ci): add weekly stale preview cleanup workflow * docs(ci): add PR preview setup guide * Delete docs/plans/2025-12-16-pr-preview-design.md * Delete docs/plans/2025-12-16-pr-preview-implementation.md * fix(ci): add input validation for PR preview security - Add single quote to rejected characters in URL path validation to prevent JavaScript injection in workflow string interpolation - Add BASE_REF validation regex to prevent command injection, allowing slashes for feature branches (e.g., feature/new-auth) - Add PR_NUM numeric validation in cleanup workflow - Add tests for single quote handling and BASE_REF validation	2025-12-18 13:44:14 -06:00

Author

SHA1

Message

Date

Copilot

0a0bebc42c

Fix PR preview and Copilot visual review skipping docs home page when layouts/index.html changes (#6922 )

* Initial plan

* fix: include docs home page in PR preview and Copilot visual review when layouts/index.html changes

Co-authored-by: jstirnaman <212227+jstirnaman@users.noreply.github.com>

* fix: improve detect-preview-pages to avoid false needs-author-input when home page auto-detected

Co-authored-by: jstirnaman <212227+jstirnaman@users.noreply.github.com>

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: jstirnaman <212227+jstirnaman@users.noreply.github.com>
Co-authored-by: Jason Stirnaman <jstirnaman@influxdata.com>

2026-03-13 08:47:38 -05:00

Jason Stirnaman

e203482b62

feat(ci): add PR preview system for GitHub Pages (#6636 )

* docs(ci): add PR preview system design

Document the design for GitHub Pages PR previews including:
- Selective deployment of changed pages only
- Reuse of existing content-utils.js change detection
- URL parsing from PR descriptions for layout/asset changes
- Automatic cleanup on PR close
- Storage budget management

* docs(ci): add PR preview implementation plan

Detailed task-by-task implementation plan including:
- 8 tasks with complete code and exact file paths
- Reuses existing content-utils.js for change detection
- Scripts for URL parsing, change detection, file staging
- Main workflow and cleanup workflow
- Setup documentation and testing steps

* feat(ci): add PR URL parser for preview page detection

* fix(ci): harden PR URL parser against malicious input

- Add path validation to reject path traversal attacks (..)
- Add validation to reject HTML/script injection attempts
- Add validation to reject URL-encoded characters
- Update regex to capture markdown link paths: [text](/path/)
- Add comprehensive test suite with 27 security and functionality tests

Security improvements:
- Reject paths containing '..' to prevent directory traversal
- Reject paths with suspicious characters: <, >, |, {, }, `, etc.
- Reject URL-encoded characters to prevent encoding attacks
- Validate all paths against known product prefixes

Functionality improvements:
- Support markdown link syntax: [text](/influxdb3/core/)
- Support reference-style markdown links
- Maintain existing support for production URLs, localhost URLs, and relative paths

* feat(ci): add change detection script for PR previews

* fix(ci): remove unused import from detect-preview-pages.js

* feat(ci): add preview file staging script for selective deployment

* fix(ci): add input validation to preview file staging script

- Add path traversal validation to urlToHtmlPath() to reject paths containing '..'
- Add array validation at start of preparePreviewFiles() with clear error message
- Fix copiedCount to only increment when safeCopy() actually succeeds
- Add return value to copyPage() to track success/failure

Addresses security vulnerabilities and improves accuracy of preview stats.

* feat(ci): add preview comment manager for sticky PR comments

* fix(ci): sanitize user input in preview comments to prevent XSS

* feat(ci): add PR preview workflow for GitHub Pages deployment

* fix(ci): correct environment variables and checkout in PR preview workflow

* feat(ci): add weekly stale preview cleanup workflow

* docs(ci): add PR preview setup guide

* Delete docs/plans/2025-12-16-pr-preview-design.md

* Delete docs/plans/2025-12-16-pr-preview-implementation.md

* fix(ci): add input validation for PR preview security

- Add single quote to rejected characters in URL path validation
  to prevent JavaScript injection in workflow string interpolation
- Add BASE_REF validation regex to prevent command injection,
  allowing slashes for feature branches (e.g., feature/new-auth)
- Add PR_NUM numeric validation in cleanup workflow
- Add tests for single quote handling and BASE_REF validation

2025-12-18 13:44:14 -06:00

2 Commits (c99c2e87ed8d0ea7c9ae4040716ecdfc6bafdcf7)