The previous implementation only escaped single quotes, which could allow
backslashes in file paths to break out of the JavaScript string context.
Now we escape backslashes first (\ -> \\), then single quotes (' -> \'),
preventing potential security issues.
Fixes CodeQL alert #26 for incomplete string escaping.
Co-authored-by: aaronpowell <434140+aaronpowell@users.noreply.github.com>
- Add pr-preview.yml workflow using rossjrw/pr-preview-action
- Update astro.config.mjs to support dynamic base path via ASTRO_BASE env
- Previews deploy to /pr-preview/pr-<number>/ on gh-pages branch
- Auto-cleanup when PR is closed
- Remove SearchableRecipe interface that conflicted with SearchableItem
- Use proper type casting for search results
- Fix FuzzySearch generic type usage
- Add Monaspace Argon NF font for dev icons
- Update cookbook.yml with unicode codepoints for language icons:
- TypeScript: \uE628
- Python: \uE73C
- C#/.NET: \uF81A
- Go: \uE626
- Style .lang-tab and .lang-indicator with Nerd Font family
Integrates the cookbook/ folder into the website's Samples page:
Data Structure:
- Add cookbook/cookbook.yml manifest defining cookbooks and recipes
- Add .schemas/cookbook.schema.json for validation
- Add COOKBOOK_DIR constant to eng/constants.mjs
Build Integration:
- Add generateSamplesData() to generate samples.json from cookbook.yml
- Include recipe variants with file paths for each language
- Add samples count to manifest.json
Website UI:
- Create samples.ts with FuzzySearch, language/tag filtering
- Replace placeholder samples.astro with functional recipe browser
- Recipe cards with language indicators and action buttons
- Language tabs for switching between implementations
- View Recipe/View Example buttons open modal
- GitHub link for each recipe
Features:
- Search recipes by name/description
- Filter by programming language (Node.js, Python, .NET, Go)
- Filter by tags (multi-select with Choices.js)
- 5 recipes across 4 languages = 20 recipe variants
- Improved error messages within the `find_library_file` function to include directory names
- Organized comments within the `sanitize_filename` function
- Improved error messages within the `split_library` function to include directory names
- Change primary buttons from gradient to solid Copilot Purple (#8534F3)
- Add position:relative and z-index:10 to .filters-bar to fix
Choices.js dropdown appearing behind resource list items
- Remove separate hero-stats section
- Add card-count element to each resource card
- Update JS to populate counts from manifest
- Add card-with-count CSS for layout with count badge
- Reduces vertical space on home page
