a70b0d580a
Original task: build "SkillGuard", a German web app to audit agent skills on two axes (IT-Sicherheit, Datenschutz) with static rule engine + Replit-independent AI analysis configured via an admin backend. This session: - Fixed frontend TS errors: lucide-react name collisions (Badge from ui, Activity from lucide), widened apiType to AiProviderApiType, added queryKey to useGetScan. - Verified all pages render in German (Dashboard, Prüfen, Bericht, Verlauf, Admin) and the full scan flow works end-to-end (malicious sample -> verdict block). Code-review-driven hardening: - POST /api/scans now returns the full ScanDetail (files + findings) to match the OpenAPI contract, instead of only the summary. - AI provider error bodies are redacted (token, Bearer, sk- patterns) before being returned/persisted, and provider fetches now have a 60s timeout. - ZIP parsing now enforces limits (max files, total + per-file size) to mitigate zip-bomb DoS. Updated replit.md (project overview, decisions, gotchas) and added a memory note on lucide-react icon name collisions.
32 lines
466 B
Text
32 lines
466 B
Text
modules = ["nodejs-24"]
|
|
|
|
[deployment]
|
|
router = "application"
|
|
deploymentTarget = "autoscale"
|
|
|
|
[deployment.postBuild]
|
|
args = ["pnpm", "store", "prune"]
|
|
env = { "CI" = "true" }
|
|
|
|
[workflows]
|
|
runButton = "Project"
|
|
|
|
[agent]
|
|
stack = "PNPM_WORKSPACE"
|
|
expertMode = true
|
|
|
|
[postMerge]
|
|
path = "scripts/post-merge.sh"
|
|
timeoutMs = 20000
|
|
|
|
[[ports]]
|
|
localPort = 8080
|
|
externalPort = 80
|
|
|
|
[[ports]]
|
|
localPort = 8081
|
|
externalPort = 8081
|
|
|
|
[[ports]]
|
|
localPort = 20892
|
|
externalPort = 3000
|