mirror of
https://codeberg.org/PostERG/xamxam.git
synced 2026-06-25 08:09:18 +02:00
chore: move #rep-polish to Completed, investigate #tighten-csp blockers
This commit is contained in:
Pontoporeia
5
TODO.md
5
TODO.md
@@ -8,9 +8,12 @@
|
|||||||
|
|
||||||
## Pending
|
## Pending
|
||||||
- [ ] #rep-student-touch Replace hover student popover with tap-to-open drawer for mobile `(repertoire.php, repertoire.css, repertoire-student-popover.js)`
|
- [ ] #rep-student-touch Replace hover student popover with tap-to-open drawer for mobile `(repertoire.php, repertoire.css, repertoire-student-popover.js)`
|
||||||
- [x] #rep-polish Polish: scroll-position memory on HTMX swap, animation tuning `(repertoire.css)` ✓
|
|
||||||
|
## Deferred / Blocked
|
||||||
|
- [ ] #tighten-csp Tighten CSP to remove 'unsafe-inline' + 'unsafe-eval' from script-src — blocked on HTMX's use of new Function() for 'unsafe-eval'; 'unsafe-inline' needs OverType init + flash-warning inline scripts moved to external files, plus maintenance.php + validate-access.php inline styles extracted
|
||||||
|
|
||||||
## Completed
|
## Completed
|
||||||
|
- [x] #rep-polish Polish: scroll-position memory on HTMX swap, animation tuning `(repertoire.css)` ✓
|
||||||
- [x] #icon-color-verify Verify icon colors render correctly across all pages (header, admin tables, forms, dialogs, cleanup modal) ✓
|
- [x] #icon-color-verify Verify icon colors render correctly across all pages (header, admin tables, forms, dialogs, cleanup modal) ✓
|
||||||
- [x] #sec-open-redirect Fix open redirect in tag.php + language.php (protocol-relative URL bypass via str_starts_with) ✓
|
- [x] #sec-open-redirect Fix open redirect in tag.php + language.php (protocol-relative URL bypass via str_starts_with) ✓
|
||||||
- [x] #build-pipeline Setup biome + rolldown + lightningcss build pipeline ✓
|
- [x] #build-pipeline Setup biome + rolldown + lightningcss build pipeline ✓
|
||||||
|
|||||||
Reference in New Issue
Block a user