lerko/nib-v1
1
1
Fork 0
Code Issues Pull Requests 2 Actions Packages Projects Releases Wiki Activity
Files
fix/code-review-findings
nib-v1/web/index.html
T
lerko 8663beeb96 fix: harden API, DB, and web layer from audit findings 
- Cap list API limit at 200 to prevent unbounded queries
- Sanitize markdown output with DOMPurify to prevent XSS
- Add v4 migration with indexes on deleted_at and modified_at
- Fix v2 migration swallowed ALTER TABLE errors
- Tighten ~/.nib directory permissions to 0o700
2026-05-20 20:41:53 -04:00

105 lines
4.5 KiB
HTML
Raw Permalink Blame History

<!DOCTYPE html>
<html lang="en" data-theme="dark">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>nib</title>
<link rel="icon" type="image/svg+xml" href="/favicon.svg">
<link rel="stylesheet" href="/fonts.css">
<link rel="stylesheet" href="/style.css">
</head>
<body>
<div id="app">
<header>
<div class="header-left">
<span class="logo">nib</span>
<nav>
<button data-view="stream" class="nav-btn active">stream</button>
<button data-view="cards" class="nav-btn">cards</button>
</nav>
</div>
<div class="header-search">
<input type="text" id="search-input" placeholder="? search #tag" spellcheck="false">
</div>
<button class="theme-toggle" id="theme-toggle" title="toggle theme"></button>
</header>
<main>
<aside id="tag-rail"></aside>
<div class="resize-handle" data-panel="rail"></div>
<section id="entity-panel">
<div id="month-nav"></div>
<div id="entity-list"></div>
<div id="capture-bar"></div>
</section>
<div class="resize-handle" data-panel="peek"></div>
<aside id="detail-pane">
<div class="detail-empty">select an entity</div>
</aside>
</main>
</div>
<div id="promote-modal" class="modal hidden">
<div class="modal-backdrop"></div>
<div class="modal-content">
<h3>promote to card</h3>
<div class="modal-sub" id="promote-sub"></div>
<div class="type-picker">
<div class="type-col">
<div class="type-col-lbl">read</div>
<button data-type="note" class="type-btn">
<span class="type-glyph glyph-note"></span>
<span class="type-name">note</span>
<span class="type-hint">markdown content</span>
</button>
<button data-type="link" class="type-btn">
<span class="type-glyph glyph-link"></span>
<span class="type-name">link</span>
<span class="type-hint">reference URL</span>
</button>
<button data-type="decision" class="type-btn">
<span class="type-glyph glyph-decision"></span>
<span class="type-name">decision</span>
<span class="type-hint">choice + rationale</span>
</button>
</div>
<div class="type-col">
<div class="type-col-lbl">grab</div>
<button data-type="snippet" class="type-btn">
<span class="type-glyph glyph-snippet"></span>
<span class="type-name">snippet</span>
<span class="type-hint">code, command, text</span>
</button>
</div>
<div class="type-col">
<div class="type-col-lbl">fill</div>
<button data-type="template" class="type-btn">
<span class="type-glyph glyph-template"></span>
<span class="type-name">template</span>
<span class="type-hint">fillable ${slot}s</span>
</button>
<button data-type="checklist" class="type-btn">
<span class="type-glyph glyph-checklist"></span>
<span class="type-name">checklist</span>
<span class="type-hint">step-by-step</span>
</button>
</div>
</div>
<button class="modal-close">esc to cancel</button>
</div>
</div>
<div id="absorb-modal" class="modal hidden">
<div class="modal-backdrop"></div>
<div class="modal-content">
<h3>absorb source into target</h3>
<div id="absorb-source-list" class="absorb-list"></div>
<button class="modal-close">esc to cancel</button>
</div>
</div>
<script src="https://cdn.jsdelivr.net/npm/dompurify@3/dist/purify.min.js"></script>
<script src="https://cdn.jsdelivr.net/npm/marked@15/marked.min.js"></script>
<script src="/app.js"></script>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink