AI-Cognitive-Leap/agnes-the-ai-analyst
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
agnes-the-ai-analyst/app/web/templates
History
minasarustamyan 63ae676b27
perf(marketplace): cache cover photos + restore Curated filter spacing (#294) 
* perf(marketplace): browser-cache cover photos + restore Curated tab filter spacing

Cover photos on /marketplace grid now serve with `Cache-Control: public,
max-age=2592000, immutable` plus URL fingerprinting (`?v=<commit-sha8>`
for curated, `?v=<version_no>` for flea) so browser refresh stops hitting
the server entirely for unchanged assets. Per-plugin RBAC dropped from
the three image endpoints (curated_asset, curated_mirrored, get_entity_photo)
in favor of login-only auth — eliminates _system_db_lock contention on
parallel image requests. Per-request magic-bytes revalidation also dropped
from curated_asset (it was re-reading the file just to discard the bytes,
then FileResponse read it again).

Spacing bug: sort-dropdown commit (6be1cee) wrapped .mp-filter-row in a
new flex container with inline margin-bottom:4px, masking the original
12px CSS rule. Curated tab (where .mp-type-row is hidden) ended up with
4px between filters and the card grid. Wrapper margin restored to 12px.

See CHANGELOG entry under [Unreleased] — the RBAC relaxation is called
out under ### Security with explicit threat-model rationale for AI/human
reviewers.

* test(marketplace): update renamed-html-as-png test for dropped magic-bytes check

Magic-bytes body validation was dropped from `curated_asset` in the previous
commit — the request path now relies on extension allowlist + pinned
Content-Type + nosniff + strict CSP to neuter mismatched payloads at the
browser layer. Update the test to assert the new defense-in-depth posture
(200 served, but Content-Type=image/png + nosniff + CSP=default-src 'none')
rather than the gone 415.

---------

Co-authored-by: Minas Arustamyan <arustamyan.minas@gmail.com>
2026-05-14 10:09:32 +02:00
..
admin feat(home): state-aware /home + /setup-advanced + schema v26 (#228) 2026-05-08 18:28:47 +02:00
_app_header.html feat(brand): wire instance.logo_svg into header brand slot (release 0.54.6) (#289) 2026-05-13 17:25:46 +00:00
_claude_setup_cta.jinja fix(cta): clipboard fallback + fold Atlassian MCP into connectors (#249) 2026-05-11 21:54:51 +02:00
_claude_setup_instructions.jinja feat(web): rename /install → /setup; nav label 'Setup local agent' 2026-05-03 16:12:13 +02:00
_content_findings.html feat(store-guardrails): per-component description quality + plain-language UX (#276) 2026-05-12 21:48:27 +02:00
_content_howto_fix.html feat(store-guardrails): per-component description quality + plain-language UX (#276) 2026-05-12 21:48:27 +02:00
_flea_versions.html feat(store): hard-reject inline guardrail failures, trace security only (#290) 2026-05-13 19:59:12 +00:00
_marketplace_video_embed.html Curated marketplace enrichment via agnes-metadata.json + curator metadata (#234) 2026-05-09 17:01:37 +02:00
_message.html feat(auth): password reset & invite flows for web + admin (#34) (#37) 2026-04-22 17:43:57 +02:00
_page_chrome.html feat(home): state-aware /home + /setup-advanced + schema v26 (#228) 2026-05-08 18:28:47 +02:00
_posthog.html feat(observability): optional PostHog integration (#231) 2026-05-08 17:57:10 +04:00
_quarantine_banner.html feat(store-guardrails): per-component description quality + plain-language UX (#276) 2026-05-12 21:48:27 +02:00
_theme.html feat: complete system — web UI, all API endpoints, governance, admin, CLI commands 2026-03-27 16:52:22 +01:00
_version_badge.html feat(ui): version badge as shared partial, injected into every full-page template 2026-04-21 20:51:55 +02:00
activity_center.html Activity Center: audit log + telemetry + sessions + agnes_* tables (#278) 2026-05-12 22:41:19 +02:00
admin_access.html System plugins (schema v39) + marketplace UX polish + drop legacy pages (#241) 2026-05-10 19:15:41 +00:00
admin_group_detail.html feat(admin): users/groups UI polish + SSO lock + v18 migration (#142) 2026-04-30 15:16:04 +02:00
admin_groups.html feat(admin): users/groups UI polish + SSO lock + v18 migration (#142) 2026-04-30 15:16:04 +02:00
admin_marketplaces.html Marketplace UX overhaul: rich plugin/skill/agent detail + filename rename (#251) 2026-05-12 08:38:39 +00:00
admin_scheduler_runs.html Flea-market upload guardrails + soft delete + JOIN-based admin queue (#233) 2026-05-09 17:32:53 +04:00
admin_server_config.html feat(initial-workspace): per-instance agnes init override (#292) 2026-05-13 20:35:01 +00:00
admin_session_detail.html Activity Center: audit log + telemetry + sessions + agnes_* tables (#278) 2026-05-12 22:41:19 +02:00
admin_sessions.html Activity Center: audit log + telemetry + sessions + agnes_* tables (#278) 2026-05-12 22:41:19 +02:00
admin_store_submission_detail.html Flea-market edit feature with version history (schema v37) (#239) 2026-05-10 00:14:33 +04:00
admin_store_submissions.html fix(store-guardrails): post-#290 review follow-up — purge tuple, filter chip, stale docs, lazy bundle_meta, logger.exception (#295) 2026-05-14 08:02:44 +02:00
admin_tables.html Activity Center: audit log + telemetry + sessions + agnes_* tables (#278) 2026-05-12 22:41:19 +02:00
admin_tokens.html User management + PAT + CLI distribution + HTML auth redirect (#9 #10 #11 #12) (#28) 2026-04-22 14:24:28 +02:00
admin_usage.html Activity Center: audit log + telemetry + sessions + agnes_* tables (#278) 2026-05-12 22:41:19 +02:00
admin_user_detail.html Activity Center: audit log + telemetry + sessions + agnes_* tables (#278) 2026-05-12 22:41:19 +02:00
admin_users.html feat(admin): users/groups UI polish + SSO lock + v18 migration (#142) 2026-04-30 15:16:04 +02:00
admin_welcome.html Activity Center: audit log + telemetry + sessions + agnes_* tables (#278) 2026-05-12 22:41:19 +02:00
admin_workspace_prompt.html Activity Center: audit log + telemetry + sessions + agnes_* tables (#278) 2026-05-12 22:41:19 +02:00
base.html feat(home): state-aware /home + /setup-advanced + schema v26 (#228) 2026-05-08 18:28:47 +02:00
base_login.html feat(ui): version badge as shared partial, injected into every full-page template 2026-04-21 20:51:55 +02:00
catalog.html Activity Center: audit log + telemetry + sessions + agnes_* tables (#278) 2026-05-12 22:41:19 +02:00
corporate_memory.html Activity Center: audit log + telemetry + sessions + agnes_* tables (#278) 2026-05-12 22:41:19 +02:00
corporate_memory_admin.html fix(memory-admin): pass RBAC user_groups (not YAML config) to /corporate-memory/admin (#253) 2026-05-12 13:16:01 +00:00
dashboard.html Activity Center: audit log + telemetry + sessions + agnes_* tables (#278) 2026-05-12 22:41:19 +02:00
desktop_link.html feat: complete system — web UI, all API endpoints, governance, admin, CLI commands 2026-03-27 16:52:22 +01:00
error.html feat(observability): request_id end-to-end + dev debug toolbar + centralized logging (#136) 2026-04-29 22:54:21 +02:00
home_not_onboarded.html feat(home): Getting Started moves first, collapsible, in-page anchor (#296) 2026-05-14 07:02:23 +00:00
home_onboarded.html feat(setup): configurable instance brand + connector setup overhaul (#268) 2026-05-12 17:10:08 +02:00
install.html feat(setup): configurable instance brand + connector setup overhaul (#268) 2026-05-12 17:10:08 +02:00
login.html feat(setup): configurable instance brand + connector setup overhaul (#268) 2026-05-12 17:10:08 +02:00
login_email.html feat(auth): password reset & invite flows for web + admin (#34) (#37) 2026-04-22 17:43:57 +02:00
login_magic_link.html feat: complete system — web UI, all API endpoints, governance, admin, CLI commands 2026-03-27 16:52:22 +01:00
login_magic_link_sent.html feat: complete system — web UI, all API endpoints, governance, admin, CLI commands 2026-03-27 16:52:22 +01:00
marketplace.html perf(marketplace): cache cover photos + restore Curated filter spacing (#294) 2026-05-14 10:09:32 +02:00
marketplace_format_guide.html Curated marketplace enrichment via agnes-metadata.json + curator metadata (#234) 2026-05-09 17:01:37 +02:00
marketplace_guide.html Add /marketplace browse page + Model B opt-in stack composition (#230) 2026-05-08 14:22:19 +02:00
marketplace_item_detail.html Marketplace UX overhaul: rich plugin/skill/agent detail + filename rename (#251) 2026-05-12 08:38:39 +00:00
marketplace_plugin_detail.html Marketplace UX overhaul: rich plugin/skill/agent detail + filename rename (#251) 2026-05-12 08:38:39 +00:00
me_debug.html feat(setup): configurable instance brand + connector setup overhaul (#268) 2026-05-12 17:10:08 +02:00
my_tokens.html User management + PAT + CLI distribution + HTML auth redirect (#9 #10 #11 #12) (#28) 2026-04-22 14:24:28 +02:00
news.html feat(home): state-aware /home + /setup-advanced + schema v26 (#228) 2026-05-08 18:28:47 +02:00
password_reset.html feat(auth): password reset & invite flows for web + admin (#34) (#37) 2026-04-22 17:43:57 +02:00
password_setup.html feat(auth): password reset & invite flows for web + admin (#34) (#37) 2026-04-22 17:43:57 +02:00
profile.html feat(admin): users/groups UI polish + SSO lock + v18 migration (#142) 2026-04-30 15:16:04 +02:00
profile_sessions.html Extract session-pipeline framework + UsageProcessor skeleton (#232) 2026-05-08 19:47:46 +02:00
setup.html feat(setup): configurable instance brand + connector setup overhaul (#268) 2026-05-12 17:10:08 +02:00
setup_advanced.html feat(home): Getting Started + Overview + Usage modes sections (release 0.54.7) (#291) 2026-05-13 21:44:11 +02:00
store_edit.html feat(store): hard-reject inline guardrail failures, trace security only (#290) 2026-05-13 19:59:12 +00:00
store_examples.html feat(store-guardrails): admin-configurable content thresholds (#281) 2026-05-13 09:20:55 +00:00
store_upload.html feat(store): hard-reject inline guardrail failures, trace security only (#290) 2026-05-13 19:59:12 +00:00