const state = { summary: null, runs: [], systems: [], advisories: {}, profiles: {}, selectedRunId: null, selectedArtifact: null, refreshHandle: null, refreshMs: 5000, autoRefresh: true, filters: { search: "", system: "", status: "", profile: "" }, panels: { timeline: true, reasoning: true, evidence: true, logs: true, sources: true, run_json: false, advisory_json: false, profile_json: false } }; const $ = (id) => document.getElementById(id); const icon = (name, className = "icon") => ``; const statusClass = (status) => ({ "verified-real": "status-pill status-verified-real", "verified-synthetic": "status-pill status-verified-synthetic", "blocked-artifact": "status-pill status-blocked-artifact", "blocked-destructive": "status-pill status-blocked-destructive", "triage-manual": "status-pill status-triage-manual", "suspected": "status-pill status-suspected", completed: "status-pill status-verified-real", failed: "status-pill status-blocked-artifact", skipped: "status-pill status-triage-manual" }[status] || "status-pill status-default"); function escapeHtml(value) { return String(value ?? "") .replaceAll("&", "&") .replaceAll("<", "<") .replaceAll(">", ">") .replaceAll('"', """); } function formatStatus(value) { return String(value || "unknown").replaceAll("-", " "); } function timeAgo(value) { if (!value) return "-"; const diff = Date.now() - new Date(value).getTime(); if (Number.isNaN(diff)) return value; const seconds = Math.floor(diff / 1000); if (seconds < 60) return `${seconds}s ago`; const minutes = Math.floor(seconds / 60); if (minutes < 60) return `${minutes}m ago`; const hours = Math.floor(minutes / 60); if (hours < 24) return `${hours}h ago`; const days = Math.floor(hours / 24); return `${days}d ago`; } async function fetchJson(url) { const response = await fetch(`${url}?t=${Date.now()}`, { cache: "no-store" }); if (!response.ok) { throw new Error(`${url} -> ${response.status}`); } return response.json(); } function distinct(values) { return [...new Set(values.filter(Boolean))].sort(); } function sumStatuses(predicate) { return Object.entries(state.summary?.statuses || {}) .filter(([key]) => predicate(key)) .reduce((sum, [, value]) => sum + Number(value || 0), 0); } function metricCards() { const successCount = Number(state.summary?.statuses?.["verified-real"] || 0) + Number(state.summary?.statuses?.["verified-synthetic"] || 0); const blockedCount = sumStatuses((key) => key.startsWith("blocked")); const inProgressCount = Math.max(Number(state.summary?.run_count || 0) - successCount - blockedCount, 0); return [ { label: "Total Runs", value: state.summary?.run_count || 0, note: `${state.summary?.advisory_count || 0} advisories indexed`, color: "var(--accent-purple)", iconName: "report" }, { label: "Success", value: successCount, note: "verified-real + verified-synthetic", color: "var(--accent-green)", iconName: "shield" }, { label: "Blocked", value: blockedCount, note: "artifact or destructive blockers", color: "var(--accent-red)", iconName: "failure" }, { label: "In Progress", value: inProgressCount, note: "manual review or incomplete verification", color: "var(--accent-blue)", iconName: "timeline" } ]; } function renderMetrics() { $("metricCards").innerHTML = metricCards() .map( (card) => `
${icon(card.iconName)}${escapeHtml(card.label)}
${escapeHtml(card.value)}
${escapeHtml(card.note)}
` ) .join(""); } function renderSyncState(kind, title, detail) { $("syncState").innerHTML = ` ${icon("sync", "icon icon-sync")}
${escapeHtml(title)} ${escapeHtml(detail)}
`; $("syncState").dataset.kind = kind; } function hydrateFilters() { const controls = [ ["systemFilter", "system", state.runs.map((item) => item.system_id), "All systems"], ["statusFilter", "status", state.runs.map((item) => item.verification_status), "All statuses"], ["profileFilter", "profile", state.runs.map((item) => item.repro_profile_id), "All profiles"] ]; for (const [id, key, values, label] of controls) { const control = $(id); const current = state.filters[key]; control.innerHTML = ``; control.innerHTML += distinct(values) .map((value) => ``) .join(""); control.value = current; } } function filteredRuns() { return state.runs.filter((item) => { if (state.filters.system && item.system_id !== state.filters.system) return false; if (state.filters.status && item.verification_status !== state.filters.status) return false; if (state.filters.profile && item.repro_profile_id !== state.filters.profile) return false; if (!state.filters.search) return true; const haystack = [ item.run_id, item.advisory_id, item.system_id, item.repro_profile_id, item.advisory_meta?.title || "", item.advisory_meta?.summary || "" ] .join(" ") .toLowerCase(); return haystack.includes(state.filters.search); }); } function renderSystems() { $("systemStats").innerHTML = state.systems.length ? state.systems .map((system) => { const total = Math.max(Number(system.total || 0), 1); const verified = Number(system.verified_real || 0) + Number(system.verified_synthetic || 0); const coverage = Math.round((verified / total) * 100); return `
${escapeHtml(system.display_name || system.system_id)} ${escapeHtml(system.browser_present || 0)}/${escapeHtml(system.browser_required || 0)} browser
${escapeHtml(system.system_id)} · latest ${escapeHtml(system.latest_update || "-")}
real ${escapeHtml(system.verified_real || 0)} synthetic ${escapeHtml(system.verified_synthetic || 0)} blocked ${escapeHtml(system.blocked || 0)}
`; }) .join("") : `
No system coverage data.
`; } function renderRecentFailures() { const failures = state.summary?.recent_failures || []; $("recentFailures").innerHTML = failures.length ? failures .map( (item) => `
${escapeHtml(item.run_id)} ${escapeHtml(formatStatus(item.status))}
${escapeHtml(item.title || item.advisory_id)}
${escapeHtml(item.blocked_reason || "-")}
` ) .join("") : `
No recent blockers.
`; } function renderRunQueue() { const runs = filteredRuns(); $("runCount").textContent = `${runs.length} shown`; $("runQueue").innerHTML = runs.length ? runs .map((item) => { const active = item.run_id === state.selectedRunId ? "is-active" : ""; const browserState = item.browser_evidence?.present ? "ready" : (item.browser_evidence?.required ? "required" : "optional"); const lead = item.reasoning_lines?.[0] || item.blocked_reason || item.advisory_meta?.summary || ""; return ` `; }) .join("") : `
No runs match the current filters.
`; document.querySelectorAll("[data-run-id]").forEach((button) => { button.addEventListener("click", () => { state.selectedRunId = button.dataset.runId; location.hash = `run=${state.selectedRunId}`; renderRunQueue(); renderDetail(); }); }); } function progressSegments(progress) { const order = [ ["completed", "Completed", "progress-completed"], ["blocked", "Blocked", "progress-blocked"], ["failed", "Failed", "progress-failed"], ["skipped", "Skipped", "progress-skipped"], ["planned", "Planned", "progress-planned"], ["other", "Other", "progress-other"] ]; const total = order.reduce((sum, [key]) => sum + Number(progress?.[key] || 0), 0); if (!total) { return { bar: `
`, legend: `no progress` }; } const bar = order .filter(([key]) => Number(progress?.[key] || 0) > 0) .map(([key, _label, className]) => { const pct = Math.max((Number(progress[key] || 0) / total) * 100, 4); return ``; }) .join(""); const legend = order .filter(([key]) => Number(progress?.[key] || 0) > 0) .map(([key, label, className]) => `${escapeHtml(label)} ${escapeHtml(progress[key] || 0)}`) .join(""); return { bar, legend }; } function timelineTone(status) { if (status === "completed" || status === "verified-real" || status === "verified-synthetic") return "timeline-success"; if (String(status || "").startsWith("blocked") || status === "failed") return "timeline-blocked"; if (status === "planned") return "timeline-pending"; return "timeline-neutral"; } function renderPanel(panelKey, title, meta, iconName, content) { const open = state.panels[panelKey] !== false; return `
${content}
`; } function defaultArtifact(run) { const preference = ["attack", "requests", "container", "browser", "baseline", "compose", "reports"]; for (const key of preference) { const group = (run.artifact_groups || []).find((item) => item.key === key && item.items?.length); if (!group) continue; const textItem = group.items.find((item) => item.kind === "text"); return textItem || group.items[0]; } return null; } async function openArtifact(href, label, kind) { state.selectedArtifact = { href, label, kind }; document.querySelectorAll(".artifact-button").forEach((button) => { button.classList.toggle("is-active", button.dataset.href === href); }); const labelNode = $("viewerLabel"); const metaNode = $("viewerMeta"); const openNode = $("viewerOpen"); const viewer = $("viewerFrame"); if (!labelNode || !metaNode || !openNode || !viewer) return; labelNode.textContent = label; metaNode.textContent = href; openNode.href = href; try { if (kind === "image") { viewer.innerHTML = `${escapeHtml(label)}`; return; } if (href.endsWith(".html")) { viewer.innerHTML = ``; return; } const response = await fetch(`${href}?t=${Date.now()}`, { cache: "no-store" }); if (!response.ok) throw new Error(`${href} -> ${response.status}`); const text = await response.text(); let formatted = text; if (href.endsWith(".json")) { try { formatted = JSON.stringify(JSON.parse(text), null, 2); } catch (_error) { } } viewer.innerHTML = `
${escapeHtml(formatted)}
`; } catch (error) { viewer.innerHTML = `
Artifact load failed: ${escapeHtml(error.message)}
`; } } function bindPanelToggles() { document.querySelectorAll("[data-panel-toggle]").forEach((button) => { button.addEventListener("click", () => { const key = button.dataset.panelToggle; state.panels[key] = !(state.panels[key] !== false); const panel = document.querySelector(`[data-panel="${key}"]`); if (panel) { panel.classList.toggle("is-collapsed", state.panels[key] === false); } }); }); } function renderDetail() { const run = state.runs.find((item) => item.run_id === state.selectedRunId); if (!run) { $("detailWorkspace").innerHTML = `
${icon("shield", "icon icon-xl")}

Select a run

Pick a run from the left queue to inspect timeline, evidence, logs and raw JSON.

`; return; } const advisory = run.advisory_meta || {}; const profile = run.profile_meta || {}; const screenshotItems = ((run.artifact_groups || []).find((group) => group.key === "browser")?.items || []).filter((item) => item.kind === "image"); const segments = progressSegments(run.progress || {}); const browserStatus = run.browser_evidence?.present ? "Ready" : (run.browser_evidence?.required ? "Required" : "Optional"); const artifactCount = (run.artifact_groups || []).reduce((sum, group) => sum + Number(group.count || 0), 0); const timelineContent = `
${segments.bar}
${segments.legend}
${(run.timeline || []) .map((item) => `
${escapeHtml(item.step || "-")} ${escapeHtml(item.at || "-")}
${escapeHtml(formatStatus(item.status || "unknown"))}
${escapeHtml(item.detail || "-")}
`) .join("") || `
No timeline items recorded.
`}
`; const reasoningCards = [ { label: "Summary", copy: advisory.summary || "No advisory summary available." }, { label: "Success Criteria", copy: (profile.success_criteria || []).join(" | ") || "No success criteria defined." }, { label: "Seed / Attack Notes", copy: (run.reasoning_lines || []).join("\n\n") || "No reasoning lines recorded." }, { label: "Allowed Targets", copy: (profile.allowed_target_types || []).join(", ") || "No target scope declared." } ]; const reasoningContent = ` ${run.blocked_reason ? `
Failure reason
${escapeHtml(run.blocked_reason)}
` : ""}
vuln family ${escapeHtml(profile.vuln_family || "unknown")} cleanup ${escapeHtml(profile.cleanup_policy || "-")} destructive risk ${escapeHtml(profile.destructive_risk || "-")} artifact ${escapeHtml(run.artifact_mode || "-")}
${reasoningCards .map( (card) => `
${escapeHtml(card.label)}
${escapeHtml(card.copy)}
` ) .join("")}
`; const evidenceContent = `
${(run.artifact_groups || []) .map( (group) => `

${escapeHtml(group.label)} · ${escapeHtml(group.count)}

${group.items .map( (item) => ` ` ) .join("")}
` ) .join("") || `
No artifact groups for this run.
`} ${ screenshotItems.length ? `
${screenshotItems .map( (item) => ` ` ) .join("")}
` : "" }
`; const logContent = `
${escapeHtml(state.selectedArtifact?.label || "Select an artifact")}
${escapeHtml(state.selectedArtifact?.href || "Artifact preview will appear here.")}
${icon("link")}Open artifact 
Select a report, log, screenshot, JSON or HTML artifact to preview it here.
`; const sourcesContent = `
${(advisory.aliases || []).map((alias) => `${escapeHtml(alias)}`).join("")} ${(advisory.secure_code_topics || []).map((topic) => `${escapeHtml(topic)}`).join("")}
${advisory.official_source_url ? `${escapeHtml(advisory.official_source_url)}` : `No official source linked.`} ${(advisory.secondary_source_urls || []).map((url) => `${escapeHtml(url)}`).join("")}
`; const rawRunContent = `
${escapeHtml(JSON.stringify(run, null, 2))}
`; const rawAdvisoryContent = `
${escapeHtml(JSON.stringify(advisory, null, 2))}
`; const rawProfileContent = `
${escapeHtml(JSON.stringify(profile, null, 2))}
`; $("detailWorkspace").innerHTML = `
${escapeHtml(formatStatus(run.verification_status))}
${escapeHtml(run.system_id)} ${escapeHtml(run.repro_profile_id)} ${escapeHtml(run.verification_mode || "-")} ${escapeHtml(run.target_env || "-")}

${escapeHtml(advisory.title || run.advisory_id)}

${escapeHtml(advisory.summary || "No advisory summary available.")}
${icon("report")}HTML report ${icon("markdown")}Markdown ${icon("json")}Run JSON
Timeline Steps ${escapeHtml(run.timeline?.length || 0)}
Artifacts ${escapeHtml(artifactCount)}
Browser Evidence ${escapeHtml(browserStatus)}
Finished ${escapeHtml(timeAgo(run.finished_at))}
${renderPanel("timeline", "Progress Timeline", `${escapeHtml(run.timeline?.length || 0)} steps`, "timeline", timelineContent)} ${renderPanel("reasoning", "Attack Plan & Reasoning", escapeHtml(profile.vuln_family || "unknown"), "reasoning", reasoningContent)} ${renderPanel("evidence", "Evidence Explorer", `${escapeHtml(run.artifact_groups?.length || 0)} groups`, "evidence", evidenceContent)} ${renderPanel("logs", "Live Log Viewer", state.selectedArtifact ? "active" : "idle", "logs", logContent)} ${renderPanel("sources", "Sources & Fix Topics", `${escapeHtml((advisory.secondary_source_urls || []).length + (advisory.official_source_url ? 1 : 0))} links`, "sources", sourcesContent)} ${renderPanel("run_json", "Run JSON", "raw", "json", rawRunContent)} ${renderPanel("advisory_json", "Advisory JSON", "raw", "json", rawAdvisoryContent)} ${renderPanel("profile_json", "Profile JSON", "raw", "json", rawProfileContent)} `; bindPanelToggles(); document.querySelectorAll("[data-artifact]").forEach((button) => { button.addEventListener("click", () => openArtifact(button.dataset.href, button.dataset.label, button.dataset.kind)); }); $("viewerRefresh")?.addEventListener("click", () => { if (state.selectedArtifact) { openArtifact(state.selectedArtifact.href, state.selectedArtifact.label, state.selectedArtifact.kind); } }); const artifactExists = (run.artifact_groups || []).some((group) => group.items.some((item) => item.href === state.selectedArtifact?.href)); const defaultItem = artifactExists ? state.selectedArtifact : defaultArtifact(run); if (defaultItem) { openArtifact(defaultItem.href, defaultItem.label, defaultItem.kind); } } function renderAll() { renderMetrics(); renderSystems(); renderRecentFailures(); renderRunQueue(); renderDetail(); } function attachGlobalEvents() { $("searchInput").addEventListener("input", (event) => { state.filters.search = String(event.target.value || "").trim().toLowerCase(); renderRunQueue(); }); [ ["systemFilter", "system"], ["statusFilter", "status"], ["profileFilter", "profile"] ].forEach(([id, key]) => { $(id).addEventListener("input", (event) => { state.filters[key] = String(event.target.value || ""); renderRunQueue(); }); }); $("refreshDashboard").addEventListener("click", () => loadData(false)); $("autoRefresh").addEventListener("change", (event) => { state.autoRefresh = Boolean(event.target.checked); startRefreshLoop(); }); } function startRefreshLoop() { if (state.refreshHandle) { clearInterval(state.refreshHandle); state.refreshHandle = null; } if (!state.autoRefresh) return; state.refreshHandle = setInterval(() => loadData(true), state.refreshMs); } async function loadData(preserveSelection = true) { const previous = state.selectedRunId; renderSyncState("loading", "Refreshing", new Date().toLocaleTimeString()); try { const [summary, runs, systems, advisories, profiles] = await Promise.all([ fetchJson("./summary.json"), fetchJson("./runs.json"), fetchJson("./systems.json"), fetchJson("./advisories.json"), fetchJson("./profiles.json") ]); state.summary = summary; state.runs = runs; state.systems = systems; state.advisories = advisories; state.profiles = profiles; hydrateFilters(); const hashRun = location.hash.startsWith("#run=") ? location.hash.replace("#run=", "") : null; const candidate = preserveSelection ? (hashRun || previous) : hashRun; if (candidate && runs.some((item) => item.run_id === candidate)) { state.selectedRunId = candidate; } else { state.selectedRunId = runs[0]?.run_id || null; } renderAll(); renderSyncState("live", "Live", summary.generated_at || new Date().toISOString()); } catch (error) { $("runQueue").innerHTML = `
Dashboard load failed: ${escapeHtml(error.message)}
`; $("detailWorkspace").innerHTML = `

Load failed

${escapeHtml(error.message)}

`; renderSyncState("error", "Load Failed", error.message); } } async function init() { attachGlobalEvents(); await loadData(false); startRefreshLoop(); window.addEventListener("hashchange", () => loadData(false)); } document.addEventListener("DOMContentLoaded", init);