hao/websafe-kb
1
0
派生 0
代码 工单 合并请求 1 工作流 软件包 项目 发布 百科 活动
文件
9796fa6d4c13c7e3c6ebe1b9e8983c36df8058fe
websafe-kb/scripts/lab/render.py

1706 行
58 KiB
Python
原始文件 Blame 文件历史

from __future__ import annotations
import html
import os
from pathlib import Path
from typing import Any, Dict, List
from lab.config import ADVISORIES_DIR, CASE_RUNS_DIR, DASHBOARD_DIR, RUNS_DIR
from lab.repro import load_profiles
from lab.utils import ensure_dir, isoformat, load_json_dir, now_utc, unique, write_json, write_text
def mermaid_from_steps(run: Dict[str, Any]) -> str:
lines = [
"flowchart LR",
'A["Select Advisory"] --> B["Resolve Repro Profile"]',
'B --> C["Provision Compose Environment"]',
'C --> D["Baseline Snapshot"]',
'D --> E["Controlled Attack Steps"]',
'E --> F["Browser Replay"]',
'F --> G["Collect Logs and Evidence"]',
'G --> H["Update Registry and Reports"]',
]
if run.get("blocked_reason"):
lines.append(f'H --> I["Blocked: {run["blocked_reason"][:60]}"]')
return "\n".join(lines)
def _relative_ref(run_dir: Path, ref: str) -> str:
try:
return str(Path(ref).resolve().relative_to(run_dir.resolve()))
except ValueError:
return ref
def _dashboard_ref(run: Dict[str, Any], ref: str) -> str:
try:
bundle_dir = Path(run["report_refs"]["bundle_dir"]).resolve()
relative = Path(ref).resolve().relative_to(bundle_dir)
return f"./runs/{run['run_id']}/{relative.as_posix()}"
except Exception:
return ref
def _artifact_kind(href: str) -> str:
suffix = Path(href).suffix.lower()
if suffix in {".png", ".jpg", ".jpeg", ".gif", ".webp", ".svg"}:
return "image"
if suffix in {".json", ".log", ".txt", ".yaml", ".yml", ".md", ".mmd", ".html"}:
return "text"
return "link"
def _artifact_item(run: Dict[str, Any], href: str, label: str | None = None) -> Dict[str, Any]:
return {
"href": href,
"label": label or Path(href).name,
"kind": _artifact_kind(href),
}
def _artifact_group(run: Dict[str, Any], key: str, label: str, refs: List[str], use_dashboard_refs: bool = False) -> Dict[str, Any]:
items: List[Dict[str, Any]] = []
for ref in refs:
href = ref if use_dashboard_refs else _dashboard_ref(run, ref)
items.append(_artifact_item(run, href))
return {
"key": key,
"label": label,
"count": len(items),
"items": items,
}
def _progress_counts(run: Dict[str, Any]) -> Dict[str, int]:
counts = {"completed": 0, "skipped": 0, "failed": 0, "blocked": 0, "planned": 0, "other": 0}
for item in run.get("timeline", []):
status = item.get("status", "other")
if status.startswith("blocked"):
counts["blocked"] += 1
elif status in counts:
counts[status] += 1
else:
counts["other"] += 1
return counts
def _advisory_meta(advisory: Dict[str, Any]) -> Dict[str, Any]:
if not advisory:
return {}
return {
"canonical_id": advisory.get("canonical_id"),
"title": advisory.get("title"),
"summary": advisory.get("summary"),
"display_name": advisory.get("display_name"),
"system_id": advisory.get("system_id"),
"category": advisory.get("category"),
"severity": advisory.get("severity"),
"cvss_score": advisory.get("cvss_score"),
"exploit_status": advisory.get("exploit_status"),
"published_at": advisory.get("published_at"),
"updated_at": advisory.get("updated_at"),
"official_source_url": advisory.get("official_source_url"),
"secondary_source_urls": advisory.get("secondary_source_urls", []),
"aliases": advisory.get("aliases", []),
"secure_code_topics": advisory.get("secure_code_topics", []),
"verification_status": advisory.get("verification_status"),
"verification_mode": advisory.get("verification_mode"),
"artifact_mode": advisory.get("artifact_mode"),
"blocked_reason": advisory.get("blocked_reason"),
"browser_evidence": advisory.get("browser_evidence", {}),
}
def _profile_meta(profile: Dict[str, Any]) -> Dict[str, Any]:
if not profile:
return {}
return {
"profile_id": profile.get("profile_id"),
"vuln_family": profile.get("vuln_family"),
"provisioning_mode": profile.get("provisioning_mode"),
"destructive_risk": profile.get("destructive_risk"),
"cleanup_policy": profile.get("cleanup_policy"),
"artifact_source": profile.get("artifact_source", {}),
"success_criteria": profile.get("success_criteria", []),
"seed_actions": profile.get("seed_actions", []),
"attack_actions": profile.get("attack_actions", []),
"browser_assertions": profile.get("browser_assertions", {}),
"allowed_target_types": profile.get("allowed_target_types", []),
"required_services": profile.get("required_services", []),
}
def _reasoning_lines(advisory: Dict[str, Any], profile: Dict[str, Any]) -> List[str]:
notes: List[str] = []
if advisory.get("summary"):
notes.append(advisory["summary"])
for key in ("seed_actions", "attack_actions"):
for item in profile.get(key, []):
message = item.get("message")
if message:
notes.append(message)
for item in profile.get("success_criteria", []):
if item:
notes.append(item)
if advisory.get("blocked_reason"):
notes.append(f"Current blocker: {advisory['blocked_reason']}")
return unique(notes)
def render_run(run: Dict[str, Any]) -> Dict[str, str]:
run_dir = CASE_RUNS_DIR / run["run_id"]
ensure_dir(run_dir / "assets")
timeline_path = run_dir / "timeline.mmd"
write_text(timeline_path, mermaid_from_steps(run))
screenshot_refs = [ref for ref in run.get("browser_refs", []) if ref.endswith((".png", ".jpg", ".jpeg"))]
relative_screenshots = [_relative_ref(run_dir, ref) for ref in screenshot_refs]
md_lines = [
f"# Run {run['run_id']}",
"",
"> `LAB ONLY` | `AUTHORIZED TARGETS ONLY` | 自动生成 run bundle",
"",
f"- Advisory: `{run['advisory_id']}`",
f"- 系统: `{run['system_id']}`",
f"- Repro Profile: `{run['repro_profile_id']}`",
f"- 实证状态: `{run['verification_status']}`",
f"- 实证方式: `{run['verification_mode']}`",
f"- Artifact 模式: `{run['artifact_mode']}`",
f"- 启动时间: `{run['started_at']}`",
f"- 完成时间: `{run['finished_at']}`",
f"- 阻塞原因: `{run.get('blocked_reason') or '-'}`",
f"- Compose 服务: `{', '.join(run.get('compose_services', [])) or '-'}`",
"",
"## 运行时间线",
"",
f"- Mermaid: [{timeline_path.name}]({timeline_path})",
"",
"| 时间 | 步骤 | 状态 | 说明 |",
"|------|------|------|------|",
]
if run.get("timeline"):
for item in run["timeline"]:
md_lines.append(
f"| `{item.get('at', '')}` | `{item.get('step', '')}` | `{item.get('status', '')}` | {item.get('detail', '') or '-'} |"
)
else:
md_lines.append("| `-` | `-` | `-` | 无时间线 |")
md_lines.extend(
[
"",
"## Compose 拓扑",
"",
f"- Compose 文件: `{', '.join(run.get('compose_refs', [])) or '-'}`",
f"- 服务列表: `{', '.join(run.get('compose_services', [])) or '-'}`",
"",
"## 攻击步骤",
"",
"| 工具/步骤 | 状态 | 结果 |",
"|-----------|------|------|",
]
)
if run.get("attack_steps"):
for step in run["attack_steps"]:
outcome = step.get("result_path") or step.get("detail") or "-"
md_lines.append(f"| `{step.get('tool') or step.get('kind')}` | `{step.get('status', '-')}` | `{outcome}` |")
else:
md_lines.append("| `-` | `skipped` | `no attack steps` |")
md_lines.extend(
[
"",
"## 证据摘要",
"",
f"- Baseline: `{len(run.get('baseline_refs', []))}`",
f"- 攻击步骤: `{len(run.get('attack_steps', []))}`",
f"- 浏览器证据: `{len(run.get('browser_refs', []))}`",
f"- 容器日志: `{len(run.get('container_log_refs', []))}`",
f"- 请求日志: `{len(run.get('request_log_refs', []))}`",
"",
]
)
if relative_screenshots:
md_lines.extend(["## 浏览器截图", ""])
for ref in relative_screenshots:
md_lines.append(f"![{Path(ref).stem}]({ref})")
md_lines.append("")
if run.get("browser_refs"):
md_lines.extend(["## 浏览器证据", ""])
for ref in run["browser_refs"]:
md_lines.append(f"- `{_relative_ref(run_dir, ref)}`")
md_lines.append("")
if run.get("container_log_refs"):
md_lines.extend(["## 容器日志", ""])
for ref in run["container_log_refs"]:
md_lines.append(f"- `{_relative_ref(run_dir, ref)}`")
md_lines.append("")
if run.get("request_log_refs"):
md_lines.extend(["## 请求与基线日志", ""])
for ref in run["request_log_refs"]:
md_lines.append(f"- `{_relative_ref(run_dir, ref)}`")
md_lines.append("")
md_lines.extend(
[
"## 最小化验证说明",
"",
"- 仅限自有资产、本地靶场或已授权实验目标。",
"- 默认执行 minimal-proof;不会把破坏性或不可回滚动作作为默认路径。",
"- 若浏览器证据缺失,前端类案例不会被标为 `verified-*`。",
"",
]
)
report_md = run_dir / "report.md"
write_text(report_md, "\n".join(md_lines))
html_body = [
"<!doctype html>",
"<html><head><meta charset='utf-8'><title>websafe run report</title>",
"<style>body{font-family:ui-sans-serif,system-ui,sans-serif;margin:2rem;line-height:1.55;background:#f8fafc;color:#0f172a;} code,pre{background:#e2e8f0;padding:.2rem .4rem;border-radius:.3rem;} pre{white-space:pre-wrap;} .grid{display:grid;grid-template-columns:repeat(2,minmax(0,1fr));gap:1rem;} .card{border:1px solid #cbd5e1;padding:1rem;border-radius:.75rem;background:#fff;} table{width:100%;border-collapse:collapse;background:#fff;border:1px solid #cbd5e1;border-radius:.75rem;overflow:hidden;} th,td{padding:.75rem;border-bottom:1px solid #e2e8f0;text-align:left;vertical-align:top;} img{max-width:100%;border:1px solid #cbd5e1;border-radius:.5rem;} .gallery{display:grid;grid-template-columns:repeat(auto-fit,minmax(320px,1fr));gap:1rem;}</style>",
"</head><body>",
f"<h1>Run {html.escape(run['run_id'])}</h1>",
"<div class='grid'>",
f"<div class='card'><strong>Advisory</strong><br><code>{html.escape(run['advisory_id'])}</code></div>",
f"<div class='card'><strong>Status</strong><br><code>{html.escape(run['verification_status'])}</code></div>",
f"<div class='card'><strong>Profile</strong><br><code>{html.escape(run['repro_profile_id'])}</code></div>",
f"<div class='card'><strong>Artifact Mode</strong><br><code>{html.escape(run['artifact_mode'])}</code></div>",
"</div>",
"<h2>Mermaid Timeline</h2>",
f"<pre>{html.escape(mermaid_from_steps(run))}</pre>",
"<h2>Timeline</h2>",
"<table><thead><tr><th>Time</th><th>Step</th><th>Status</th><th>Detail</th></tr></thead><tbody>",
]
if run.get("timeline"):
for item in run["timeline"]:
html_body.append(
"<tr>"
f"<td><code>{html.escape(item.get('at', ''))}</code></td>"
f"<td><code>{html.escape(item.get('step', ''))}</code></td>"
f"<td><code>{html.escape(item.get('status', ''))}</code></td>"
f"<td>{html.escape(item.get('detail', '') or '-')}</td>"
"</tr>"
)
html_body.extend(["</tbody></table>", "<h2>Attack Steps</h2>", "<table><thead><tr><th>Tool</th><th>Status</th><th>Output</th></tr></thead><tbody>"])
if run.get("attack_steps"):
for step in run["attack_steps"]:
html_body.append(
"<tr>"
f"<td><code>{html.escape(step.get('tool') or step.get('kind') or '-')}</code></td>"
f"<td><code>{html.escape(step.get('status', '-'))}</code></td>"
f"<td><code>{html.escape(step.get('result_path') or '-')}</code></td>"
"</tr>"
)
else:
html_body.append("<tr><td><code>-</code></td><td><code>skipped</code></td><td><code>no attack steps</code></td></tr>")
html_body.extend(["</tbody></table>"])
if relative_screenshots:
html_body.extend(["<h2>Browser Screenshots</h2>", "<div class='gallery'>"])
for ref in relative_screenshots:
html_body.append(
f"<figure><img src='{html.escape(ref)}' alt='{html.escape(Path(ref).stem)}'><figcaption><code>{html.escape(ref)}</code></figcaption></figure>"
)
html_body.append("</div>")
html_body.extend(["<h2>Evidence</h2><ul>"])
for ref in run.get("compose_refs", []) + run.get("browser_refs", []) + run.get("container_log_refs", []) + run.get("request_log_refs", []):
html_body.append(f"<li><code>{html.escape(_relative_ref(run_dir, ref))}</code></li>")
html_body.extend(["</ul>", "</body></html>"])
report_html = run_dir / "report.html"
write_text(report_html, "\n".join(html_body))
return {"bundle_dir": str(run_dir), "report_md": str(report_md), "report_html": str(report_html), "timeline": str(timeline_path)}
def render_dashboard() -> Dict[str, str]:
ensure_dir(DASHBOARD_DIR)
advisory_records = load_json_dir(ADVISORIES_DIR)
runs = load_json_dir(RUNS_DIR)
advisory_map = {item["canonical_id"]: item for item in advisory_records if item.get("canonical_id")}
profile_map = load_profiles()
runs_dir = DASHBOARD_DIR / "runs"
assets_dir = DASHBOARD_DIR / "assets"
ensure_dir(runs_dir)
ensure_dir(assets_dir)
for item in runs:
bundle_dir = Path(item.get("report_refs", {}).get("bundle_dir", ""))
if not bundle_dir.exists():
continue
symlink_path = runs_dir / item["run_id"]
relative_target = os.path.relpath(bundle_dir, symlink_path.parent)
try:
if symlink_path.is_symlink() or symlink_path.exists():
if symlink_path.is_symlink() and os.readlink(symlink_path) == relative_target:
pass
else:
symlink_path.unlink()
os.symlink(relative_target, symlink_path, target_is_directory=True)
else:
os.symlink(relative_target, symlink_path, target_is_directory=True)
except OSError:
continue
systems: Dict[str, Dict[str, Any]] = {}
for advisory in advisory_records:
system = systems.setdefault(
advisory["system_id"],
{
"system_id": advisory["system_id"],
"display_name": advisory.get("display_name", advisory["system_id"]),
"total": 0,
"verified_real": 0,
"verified_synthetic": 0,
"blocked": 0,
"manual": 0,
"browser_required": 0,
"browser_present": 0,
"latest_update": "",
},
)
system["total"] += 1
status = advisory.get("verification_status", "triage-manual")
if status == "verified-real":
system["verified_real"] += 1
elif status == "verified-synthetic":
system["verified_synthetic"] += 1
elif status.startswith("blocked-"):
system["blocked"] += 1
else:
system["manual"] += 1
browser = advisory.get("browser_evidence", {})
if browser.get("required"):
system["browser_required"] += 1
if browser.get("present"):
system["browser_present"] += 1
latest = advisory.get("updated_at") or advisory.get("published_at") or ""
if latest > system["latest_update"]:
system["latest_update"] = latest
recent_runs = sorted(runs, key=lambda item: item.get("finished_at") or "", reverse=True)[:100]
decorated_runs: List[Dict[str, Any]] = []
for item in recent_runs:
cloned = dict(item)
advisory = advisory_map.get(item["advisory_id"], {})
profile = profile_map.get(item["repro_profile_id"], {})
cloned["dashboard_refs"] = {
"report_html": f"./runs/{item['run_id']}/report.html",
"report_md": f"./runs/{item['run_id']}/report.md",
"timeline": f"./runs/{item['run_id']}/timeline.mmd",
"bundle": f"./runs/{item['run_id']}/run.json",
}
cloned["browser_links"] = [_dashboard_ref(item, ref) for ref in item.get("browser_refs", [])]
cloned["container_links"] = [_dashboard_ref(item, ref) for ref in item.get("container_log_refs", [])]
cloned["request_links"] = [_dashboard_ref(item, ref) for ref in item.get("request_log_refs", [])]
cloned["advisory_meta"] = _advisory_meta(advisory)
cloned["profile_meta"] = _profile_meta(profile)
cloned["reasoning_lines"] = _reasoning_lines(advisory, profile)
cloned["progress"] = _progress_counts(item)
cloned["artifact_groups"] = [
_artifact_group(
item,
"reports",
"Reports",
[
cloned["dashboard_refs"]["report_html"],
cloned["dashboard_refs"]["report_md"],
cloned["dashboard_refs"]["timeline"],
cloned["dashboard_refs"]["bundle"],
],
use_dashboard_refs=True,
),
_artifact_group(item, "compose", "Compose", item.get("compose_refs", [])),
_artifact_group(item, "browser", "Browser Evidence", item.get("browser_refs", [])),
_artifact_group(item, "container", "Container Logs", item.get("container_log_refs", [])),
_artifact_group(item, "requests", "Request Logs", item.get("request_log_refs", [])),
]
cloned["artifact_groups"] = [group for group in cloned["artifact_groups"] if group["count"]]
decorated_runs.append(cloned)
summary = {
"generated_at": isoformat(now_utc()),
"advisory_count": len(advisory_records),
"run_count": len(runs),
"statuses": {},
"recent_failures": [],
}
for item in runs:
status = item.get("verification_status", "triage-manual")
summary["statuses"][status] = summary["statuses"].get(status, 0) + 1
summary["systems"] = sorted(systems.values(), key=lambda item: (-item["total"], item["system_id"]))
summary["recent_failures"] = [
{
"run_id": item["run_id"],
"advisory_id": item["advisory_id"],
"status": item.get("verification_status"),
"title": item.get("advisory_meta", {}).get("title"),
"blocked_reason": item.get("blocked_reason"),
}
for item in decorated_runs
if item.get("verification_status") in {"triage-manual", "blocked-artifact", "blocked-destructive"}
][:20]
write_json(DASHBOARD_DIR / "summary.json", summary)
write_json(DASHBOARD_DIR / "runs.json", decorated_runs)
write_json(DASHBOARD_DIR / "systems.json", summary["systems"])
write_json(DASHBOARD_DIR / "advisories.json", {key: _advisory_meta(value) for key, value in advisory_map.items()})
write_json(DASHBOARD_DIR / "profiles.json", {key: _profile_meta(value) for key, value in profile_map.items()})
styles_css = """
:root {
--bg: #07111f;
--panel: rgba(9, 18, 32, 0.86);
--panel-2: rgba(10, 24, 44, 0.92);
--panel-soft: rgba(18, 32, 56, 0.74);
--border: rgba(137, 171, 214, 0.22);
--text: #f7fafc;
--muted: #9fb3ca;
--accent: #5eead4;
--accent-2: #ffb86b;
--accent-3: #90cdf4;
--danger: #ff7b7b;
--warning: #ffd166;
--success: #6ee7a5;
--shadow: 0 24px 80px rgba(1, 7, 20, 0.45);
--radius: 20px;
}
* { box-sizing: border-box; }
html, body { margin: 0; min-height: 100%; }
body {
font-family: "IBM Plex Sans", "Avenir Next", "Segoe UI", sans-serif;
background:
radial-gradient(circle at top left, rgba(94, 234, 212, 0.15), transparent 28%),
radial-gradient(circle at top right, rgba(255, 184, 107, 0.18), transparent 22%),
linear-gradient(145deg, #050c16 0%, #08111f 44%, #0d1c31 100%);
color: var(--text);
overflow-x: hidden;
}
body::before {
content: "";
position: fixed;
inset: 0;
pointer-events: none;
background-image:
linear-gradient(rgba(255,255,255,0.03) 1px, transparent 1px),
linear-gradient(90deg, rgba(255,255,255,0.03) 1px, transparent 1px);
background-size: 32px 32px;
mask-image: radial-gradient(circle at center, black 36%, transparent 78%);
opacity: 0.28;
}
a { color: var(--accent); text-decoration: none; }
a:hover { text-decoration: underline; }
button, input, select {
font: inherit;
}
.dashboard-shell {
position: relative;
max-width: 1640px;
margin: 0 auto;
padding: 32px 24px 40px;
}
.hero {
position: sticky;
top: 0;
z-index: 20;
backdrop-filter: blur(18px);
background: linear-gradient(180deg, rgba(7, 17, 31, 0.94), rgba(7, 17, 31, 0.75));
border: 1px solid var(--border);
border-radius: 28px;
padding: 24px 24px 20px;
box-shadow: var(--shadow);
}
.hero-grid {
display: grid;
grid-template-columns: 1.6fr 1fr;
gap: 20px;
align-items: start;
}
.eyebrow {
display: inline-flex;
align-items: center;
gap: 8px;
color: var(--muted);
font-size: 0.88rem;
letter-spacing: 0.12em;
text-transform: uppercase;
}
.eyebrow::before {
content: "";
width: 10px;
height: 10px;
border-radius: 999px;
background: radial-gradient(circle, var(--accent), rgba(94, 234, 212, 0.15));
box-shadow: 0 0 24px rgba(94, 234, 212, 0.8);
animation: pulse 2.8s ease-in-out infinite;
}
.hero h1 {
margin: 12px 0 10px;
font-family: "IBM Plex Serif", "Iowan Old Style", Georgia, serif;
font-size: clamp(2rem, 4vw, 3.5rem);
line-height: 1.02;
}
.hero p {
margin: 0;
color: var(--muted);
max-width: 74ch;
}
.hero-actions {
display: flex;
flex-wrap: wrap;
gap: 12px;
margin-top: 18px;
}
.chip, .ghost-chip {
display: inline-flex;
align-items: center;
justify-content: center;
gap: 8px;
border-radius: 999px;
border: 1px solid var(--border);
padding: 10px 14px;
background: rgba(255,255,255,0.06);
color: var(--text);
}
.ghost-chip {
background: rgba(255,255,255,0.04);
}
.hero-meta {
display: grid;
grid-template-columns: repeat(2, minmax(0, 1fr));
gap: 14px;
}
.meta-card, .glass-panel {
background: var(--panel);
border: 1px solid var(--border);
border-radius: var(--radius);
box-shadow: var(--shadow);
}
.meta-card {
padding: 18px;
min-height: 116px;
}
.meta-card strong {
display: block;
color: var(--muted);
font-size: 0.84rem;
letter-spacing: 0.08em;
text-transform: uppercase;
}
.meta-card span {
display: block;
margin-top: 10px;
font-size: 2rem;
font-weight: 700;
}
.workspace {
display: grid;
grid-template-columns: 420px minmax(0, 1fr);
gap: 20px;
margin-top: 22px;
}
.sidebar {
display: flex;
flex-direction: column;
gap: 18px;
}
.panel-header {
display: flex;
align-items: center;
justify-content: space-between;
gap: 12px;
margin-bottom: 16px;
}
.panel-header h2, .panel-header h3 {
margin: 0;
font-size: 1rem;
letter-spacing: 0.04em;
text-transform: uppercase;
color: var(--muted);
}
.glass-panel {
padding: 18px;
background:
linear-gradient(180deg, rgba(255,255,255,0.04), transparent 35%),
var(--panel);
}
.filters {
display: grid;
gap: 12px;
}
.filters label {
display: grid;
gap: 6px;
color: var(--muted);
font-size: 0.9rem;
}
.filters input, .filters select {
width: 100%;
background: rgba(255,255,255,0.05);
color: var(--text);
border: 1px solid rgba(159, 179, 202, 0.18);
border-radius: 14px;
padding: 12px 14px;
}
.run-list {
display: grid;
gap: 12px;
max-height: calc(100vh - 460px);
overflow: auto;
padding-right: 4px;
}
.run-card {
width: 100%;
text-align: left;
padding: 16px;
border-radius: 18px;
border: 1px solid rgba(159, 179, 202, 0.14);
background: linear-gradient(180deg, rgba(255,255,255,0.05), rgba(255,255,255,0.03));
color: var(--text);
cursor: pointer;
transition: transform 180ms ease, border-color 180ms ease, background 180ms ease;
}
.run-card:hover, .run-card.is-active {
transform: translateY(-1px);
border-color: rgba(94, 234, 212, 0.42);
background: linear-gradient(180deg, rgba(94, 234, 212, 0.14), rgba(255,255,255,0.05));
}
.run-card-top, .flex-row {
display: flex;
align-items: center;
justify-content: space-between;
gap: 12px;
}
.run-card h4 {
margin: 10px 0 8px;
font-size: 1rem;
line-height: 1.35;
}
.mini-muted {
color: var(--muted);
font-size: 0.86rem;
}
.status-pill {
display: inline-flex;
align-items: center;
gap: 7px;
border-radius: 999px;
padding: 6px 10px;
font-size: 0.82rem;
font-weight: 700;
text-transform: uppercase;
letter-spacing: 0.06em;
border: 1px solid transparent;
}
.status-pill::before {
content: "";
width: 8px;
height: 8px;
border-radius: 999px;
background: currentColor;
box-shadow: 0 0 16px currentColor;
}
.status-blocked-artifact, .status-blocked-destructive {
color: var(--danger);
background: rgba(255, 123, 123, 0.14);
border-color: rgba(255, 123, 123, 0.24);
}
.status-triage-manual, .status-suspected {
color: var(--warning);
background: rgba(255, 209, 102, 0.14);
border-color: rgba(255, 209, 102, 0.24);
}
.status-verified-real {
color: var(--success);
background: rgba(110, 231, 165, 0.14);
border-color: rgba(110, 231, 165, 0.24);
}
.status-verified-synthetic {
color: var(--accent-3);
background: rgba(144, 205, 244, 0.14);
border-color: rgba(144, 205, 244, 0.24);
}
.status-default {
color: var(--accent);
background: rgba(94, 234, 212, 0.14);
border-color: rgba(94, 234, 212, 0.24);
}
.detail-view {
display: grid;
gap: 18px;
}
.detail-hero {
padding: 22px;
overflow: hidden;
position: relative;
}
.detail-hero::after {
content: "";
position: absolute;
inset: auto -20% -55% 25%;
height: 220px;
background: radial-gradient(circle, rgba(94, 234, 212, 0.2), transparent 55%);
pointer-events: none;
}
.detail-headline {
margin: 8px 0 12px;
font-family: "IBM Plex Serif", "Iowan Old Style", Georgia, serif;
font-size: clamp(1.6rem, 3vw, 2.8rem);
line-height: 1.08;
}
.tag-row, .link-row, .artifact-row {
display: flex;
flex-wrap: wrap;
gap: 10px;
}
.tag {
display: inline-flex;
align-items: center;
padding: 7px 10px;
border-radius: 999px;
background: rgba(255,255,255,0.06);
border: 1px solid rgba(159, 179, 202, 0.18);
color: var(--text);
font-size: 0.86rem;
}
.stat-grid {
display: grid;
grid-template-columns: repeat(4, minmax(0, 1fr));
gap: 12px;
margin-top: 18px;
}
.stat-card {
padding: 14px;
border-radius: 16px;
background: rgba(255,255,255,0.04);
border: 1px solid rgba(159, 179, 202, 0.16);
}
.stat-card strong {
display: block;
color: var(--muted);
font-size: 0.78rem;
text-transform: uppercase;
letter-spacing: 0.08em;
}
.stat-card span {
display: block;
margin-top: 10px;
font-size: 1.15rem;
font-weight: 700;
}
.detail-grid {
display: grid;
grid-template-columns: minmax(0, 1fr) 360px;
gap: 18px;
}
.stack {
display: grid;
gap: 18px;
}
.accordion {
overflow: hidden;
}
.accordion > summary {
list-style: none;
cursor: pointer;
padding: 18px 20px;
display: flex;
align-items: center;
justify-content: space-between;
gap: 12px;
}
.accordion > summary::-webkit-details-marker { display: none; }
.accordion > summary span {
font-size: 1rem;
text-transform: uppercase;
letter-spacing: 0.08em;
color: var(--muted);
}
.accordion .accordion-content {
padding: 0 20px 20px;
border-top: 1px solid rgba(159, 179, 202, 0.12);
}
.timeline-list {
display: grid;
gap: 12px;
}
.timeline-item {
display: grid;
grid-template-columns: 120px 180px minmax(0, 1fr);
gap: 12px;
padding: 12px 0;
border-bottom: 1px solid rgba(159, 179, 202, 0.12);
}
.timeline-item:last-child {
border-bottom: 0;
}
.timeline-step {
font-weight: 700;
}
.artifact-group {
margin-bottom: 14px;
}
.artifact-group h4 {
margin: 0 0 10px;
color: var(--muted);
font-size: 0.88rem;
text-transform: uppercase;
letter-spacing: 0.08em;
}
.artifact-button {
display: inline-flex;
align-items: center;
gap: 8px;
margin: 0 10px 10px 0;
padding: 10px 12px;
border-radius: 14px;
border: 1px solid rgba(159, 179, 202, 0.16);
background: rgba(255,255,255,0.05);
color: var(--text);
cursor: pointer;
}
.artifact-button:hover, .artifact-button.is-active {
border-color: rgba(94, 234, 212, 0.4);
background: rgba(94, 234, 212, 0.12);
}
.log-viewer {
min-height: 420px;
display: grid;
gap: 14px;
}
.viewer-toolbar {
display: flex;
flex-wrap: wrap;
justify-content: space-between;
gap: 10px;
align-items: center;
}
.viewer-frame {
background: rgba(2, 8, 22, 0.88);
border: 1px solid rgba(159, 179, 202, 0.18);
border-radius: 16px;
min-height: 300px;
overflow: hidden;
}
.viewer-frame pre {
margin: 0;
padding: 18px;
max-height: 560px;
overflow: auto;
font-family: "IBM Plex Mono", "SFMono-Regular", "Menlo", monospace;
font-size: 0.88rem;
line-height: 1.6;
color: #d6e5f5;
white-space: pre-wrap;
}
.viewer-frame img {
display: block;
width: 100%;
height: auto;
}
.gallery {
display: grid;
grid-template-columns: repeat(auto-fit, minmax(220px, 1fr));
gap: 14px;
}
.gallery button {
all: unset;
cursor: pointer;
border-radius: 18px;
overflow: hidden;
border: 1px solid rgba(159, 179, 202, 0.18);
background: rgba(255,255,255,0.04);
}
.gallery img {
display: block;
width: 100%;
aspect-ratio: 4 / 3;
object-fit: cover;
}
.gallery figcaption {
padding: 10px 12px 14px;
color: var(--muted);
font-size: 0.84rem;
}
.failure-callout {
padding: 16px 18px;
border-radius: 18px;
border: 1px solid rgba(255, 123, 123, 0.2);
background: rgba(255, 123, 123, 0.09);
}
.json-block {
background: rgba(2, 8, 22, 0.72);
border-radius: 16px;
border: 1px solid rgba(159, 179, 202, 0.14);
padding: 16px;
overflow: auto;
font-family: "IBM Plex Mono", "SFMono-Regular", monospace;
font-size: 0.84rem;
line-height: 1.55;
color: #c9d8e8;
}
.empty-state {
padding: 40px 24px;
text-align: center;
color: var(--muted);
}
.failure-feed {
display: grid;
gap: 10px;
}
.failure-item {
padding: 12px 14px;
border-radius: 16px;
background: rgba(255,255,255,0.04);
border: 1px solid rgba(159, 179, 202, 0.16);
}
.system-grid {
display: grid;
gap: 10px;
}
.system-card {
padding: 14px 16px;
border-radius: 16px;
background: rgba(255,255,255,0.04);
border: 1px solid rgba(159, 179, 202, 0.14);
}
.meter {
position: relative;
height: 10px;
border-radius: 999px;
background: rgba(255,255,255,0.08);
overflow: hidden;
margin-top: 10px;
}
.meter > span {
position: absolute;
inset: 0 auto 0 0;
width: var(--fill, 0%);
background: linear-gradient(90deg, var(--accent), var(--accent-2));
border-radius: inherit;
}
.sync-indicator {
display: inline-flex;
align-items: center;
gap: 8px;
}
.sync-indicator strong {
color: var(--text);
}
.dot {
width: 10px;
height: 10px;
border-radius: 999px;
background: var(--accent);
box-shadow: 0 0 18px rgba(94, 234, 212, 0.8);
}
@keyframes pulse {
0%, 100% { transform: scale(1); opacity: 0.88; }
50% { transform: scale(1.35); opacity: 1; }
}
@media (max-width: 1280px) {
.workspace, .detail-grid, .hero-grid {
grid-template-columns: 1fr;
}
.stat-grid {
grid-template-columns: repeat(2, minmax(0, 1fr));
}
}
@media (max-width: 760px) {
.dashboard-shell {
padding: 18px 14px 32px;
}
.hero {
position: static;
}
.stat-grid, .hero-meta {
grid-template-columns: 1fr;
}
.timeline-item {
grid-template-columns: 1fr;
}
}
"""
write_text(assets_dir / "styles.css", styles_css)
app_js = """
const state = {
summary: null,
runs: [],
systems: [],
advisories: {},
profiles: {},
selectedRunId: null,
selectedArtifact: null,
filters: { search: "", system: "", status: "", family: "" },
autoRefresh: true,
refreshMs: 5000,
refreshHandle: null,
};
const $ = (id) => document.getElementById(id);
const statusClass = (status) => `status-pill ${({
"blocked-artifact": "status-blocked-artifact",
"blocked-destructive": "status-blocked-destructive",
"triage-manual": "status-triage-manual",
"verified-real": "status-verified-real",
"verified-synthetic": "status-verified-synthetic",
"suspected": "status-suspected",
"completed": "status-verified-real",
"failed": "status-blocked-artifact",
"skipped": "status-triage-manual"
})[status] || "status-default"}`;
function escapeHtml(value) {
return String(value ?? "")
.replaceAll("&", "&amp;")
.replaceAll("<", "&lt;")
.replaceAll(">", "&gt;")
.replaceAll('"', "&quot;");
}
function timeAgo(value) {
if (!value) return "-";
const diff = Date.now() - new Date(value).getTime();
if (Number.isNaN(diff)) return value;
const seconds = Math.floor(diff / 1000);
if (seconds < 60) return `${seconds}s ago`;
const minutes = Math.floor(seconds / 60);
if (minutes < 60) return `${minutes}m ago`;
const hours = Math.floor(minutes / 60);
if (hours < 24) return `${hours}h ago`;
const days = Math.floor(hours / 24);
return `${days}d ago`;
}
async function fetchJson(url) {
const response = await fetch(`${url}?t=${Date.now()}`, { cache: "no-store" });
if (!response.ok) {
throw new Error(`${url} -> ${response.status}`);
}
return response.json();
}
async function loadData(preserveSelection = true) {
$("syncState").innerHTML = `<span class="dot"></span><strong>Refreshing</strong><span>${new Date().toLocaleTimeString()}</span>`;
const previousRun = state.selectedRunId;
try {
const [summary, runs, systems, advisories, profiles] = await Promise.all([
fetchJson("./summary.json"),
fetchJson("./runs.json"),
fetchJson("./systems.json"),
fetchJson("./advisories.json"),
fetchJson("./profiles.json"),
]);
state.summary = summary;
state.runs = runs;
state.systems = systems;
state.advisories = advisories;
state.profiles = profiles;
hydrateFilterOptions();
const hashRun = location.hash.startsWith("#run=") ? location.hash.replace("#run=", "") : null;
const selectedCandidate = preserveSelection ? (hashRun || previousRun) : hashRun;
if (selectedCandidate && runs.some((item) => item.run_id === selectedCandidate)) {
state.selectedRunId = selectedCandidate;
} else {
state.selectedRunId = runs[0]?.run_id || null;
}
renderDashboard();
$("syncState").innerHTML = `<span class="dot"></span><strong>Live</strong><span>${summary.generated_at || new Date().toISOString()}</span>`;
} catch (error) {
$("syncState").innerHTML = `<span class="dot"></span><strong>Load Failed</strong><span>${escapeHtml(error.message)}</span>`;
$("runList").innerHTML = `<div class="empty-state">Dashboard load failed: ${escapeHtml(error.message)}</div>`;
$("detailRoot").innerHTML = `<div class="glass-panel empty-state">Unable to load dashboard data. Check generated JSON and local static server state.</div>`;
}
}
function filteredRuns() {
return state.runs.filter((item) => {
if (state.filters.system && item.system_id !== state.filters.system) return false;
if (state.filters.status && item.verification_status !== state.filters.status) return false;
if (state.filters.family && item.repro_profile_id !== state.filters.family) return false;
if (!state.filters.search) return true;
const advisoryTitle = item.advisory_meta?.title || "";
const haystack = [item.run_id, item.advisory_id, item.system_id, item.repro_profile_id, advisoryTitle]
.join(" ")
.toLowerCase();
return haystack.includes(state.filters.search);
});
}
function renderMetrics() {
const metrics = [
{ label: "Advisories", value: state.summary?.advisory_count ?? 0 },
{ label: "Run Bundles", value: state.summary?.run_count ?? 0 },
...Object.entries(state.summary?.statuses || {}).map(([label, value]) => ({ label, value })),
];
$("metrics").innerHTML = metrics
.map((item) => `<article class="meta-card"><strong>${escapeHtml(item.label)}</strong><span>${escapeHtml(item.value)}</span></article>`)
.join("");
}
function renderSystemCoverage() {
$("systemCoverage").innerHTML = state.systems
.map((system) => {
const total = Math.max(system.total || 0, 1);
const verified = (system.verified_real || 0) + (system.verified_synthetic || 0);
const fill = Math.round((verified / total) * 100);
return `
<div class="system-card">
<div class="run-card-top">
<strong>${escapeHtml(system.display_name || system.system_id)}</strong>
<span class="tag">${escapeHtml(system.browser_present || 0)}/${escapeHtml(system.browser_required || 0)} browser</span>
</div>
<div class="mini-muted">${escapeHtml(system.system_id)} · latest ${escapeHtml(system.latest_update || "-")}</div>
<div class="tag-row" style="margin-top:10px;">
<span class="tag">real ${escapeHtml(system.verified_real || 0)}</span>
<span class="tag">synthetic ${escapeHtml(system.verified_synthetic || 0)}</span>
<span class="tag">blocked ${escapeHtml(system.blocked || 0)}</span>
<span class="tag">manual ${escapeHtml(system.manual || 0)}</span>
</div>
<div class="meter"><span style="--fill:${fill}%"></span></div>
</div>
`;
})
.join("");
}
function renderFailures() {
const failures = state.summary?.recent_failures || [];
$("failureFeed").innerHTML = failures.length
? failures
.map((item) => `
<div class="failure-item">
<div class="run-card-top">
<strong>${escapeHtml(item.run_id)}</strong>
<span class="${statusClass(item.status)}">${escapeHtml(item.status)}</span>
</div>
<div class="mini-muted" style="margin-top:8px;">${escapeHtml(item.title || item.advisory_id)}</div>
<div class="mini-muted" style="margin-top:8px;">${escapeHtml(item.blocked_reason || "-")}</div>
</div>
`)
.join("")
: `<div class="empty-state">No recent blockers.</div>`;
}
function renderRunList() {
const filtered = filteredRuns();
$("runCount").textContent = `${filtered.length} shown`;
$("runList").innerHTML = filtered.length
? filtered
.map((item) => {
const active = item.run_id === state.selectedRunId ? "is-active" : "";
const title = item.advisory_meta?.title || item.advisory_id;
const reasoning = item.reasoning_lines?.[0] || item.blocked_reason || "";
return `
<button class="run-card ${active}" data-run-id="${escapeHtml(item.run_id)}">
<div class="run-card-top">
<code>${escapeHtml(item.run_id)}</code>
<span class="${statusClass(item.verification_status)}">${escapeHtml(item.verification_status)}</span>
</div>
<h4>${escapeHtml(title)}</h4>
<div class="mini-muted">${escapeHtml(item.system_id)} · ${escapeHtml(item.repro_profile_id)} · ${escapeHtml(timeAgo(item.finished_at))}</div>
<div class="tag-row" style="margin-top:10px;">
<span class="tag">timeline ${escapeHtml(item.timeline?.length || 0)}</span>
<span class="tag">artifacts ${escapeHtml((item.artifact_groups || []).reduce((sum, group) => sum + group.count, 0))}</span>
<span class="tag">browser ${item.browser_evidence?.present ? "ready" : "missing"}</span>
</div>
<div class="mini-muted" style="margin-top:10px;">${escapeHtml(reasoning)}</div>
</button>
`;
})
.join("")
: `<div class="empty-state">No runs match the current filters.</div>`;
document.querySelectorAll("[data-run-id]").forEach((button) => {
button.addEventListener("click", () => {
state.selectedRunId = button.dataset.runId;
location.hash = `run=${state.selectedRunId}`;
renderRunList();
renderDetail();
});
});
}
function renderDashboard() {
renderMetrics();
renderSystemCoverage();
renderFailures();
renderRunList();
renderDetail();
}
function setFilterListeners() {
[["searchInput", "search"], ["systemFilter", "system"], ["statusFilter", "status"], ["familyFilter", "family"]].forEach(([id, key]) => {
$(id).addEventListener("input", (event) => {
state.filters[key] = String(event.target.value || "").trim().toLowerCase();
if (key !== "search") {
state.filters[key] = String(event.target.value || "");
}
renderRunList();
});
});
}
function hydrateFilterOptions() {
const distinct = (items) => [...new Set(items.filter(Boolean))].sort();
const patchOptions = (id, values) => {
const control = $(id);
const current = control.value;
control.innerHTML = control.dataset.base;
control.innerHTML += distinct(values).map((value) => `<option value="${escapeHtml(value)}">${escapeHtml(value)}</option>`).join("");
control.value = current;
};
patchOptions("systemFilter", state.runs.map((item) => item.system_id));
patchOptions("statusFilter", state.runs.map((item) => item.verification_status));
patchOptions("familyFilter", state.runs.map((item) => item.repro_profile_id));
}
function defaultArtifact(run) {
const preference = ["requests", "container", "browser", "compose", "reports"];
for (const key of preference) {
const group = (run.artifact_groups || []).find((item) => item.key === key && item.items?.length);
if (!group) continue;
const preferredText = group.items.find((item) => item.kind === "text");
return preferredText || group.items[0];
}
return null;
}
async function openArtifact(href, label, kind) {
state.selectedArtifact = { href, label, kind };
document.querySelectorAll(".artifact-button").forEach((button) => {
button.classList.toggle("is-active", button.dataset.href === href);
});
$("artifactLabel").textContent = label;
$("artifactOpen").href = href;
$("artifactMeta").textContent = href;
try {
if (kind === "image") {
$("artifactViewer").innerHTML = `<img src="${escapeHtml(href)}?t=${Date.now()}" alt="${escapeHtml(label)}">`;
return;
}
if (href.endsWith(".html")) {
$("artifactViewer").innerHTML = `<iframe src="${escapeHtml(href)}?t=${Date.now()}" style="width:100%;height:560px;border:0;background:white;"></iframe>`;
return;
}
const response = await fetch(`${href}?t=${Date.now()}`, { cache: "no-store" });
if (!response.ok) throw new Error(`${href} -> ${response.status}`);
const text = await response.text();
let formatted = text;
if (href.endsWith(".json")) {
try {
formatted = JSON.stringify(JSON.parse(text), null, 2);
} catch (_error) {
}
}
$("artifactViewer").innerHTML = `<pre>${escapeHtml(formatted)}</pre>`;
} catch (error) {
$("artifactViewer").innerHTML = `<pre>Artifact load failed: ${escapeHtml(error.message)}</pre>`;
}
}
function renderDetail() {
const run = state.runs.find((item) => item.run_id === state.selectedRunId);
if (!run) {
$("detailRoot").innerHTML = `<div class="glass-panel empty-state">Select a run to inspect full timeline, logs, sources, and reasoning.</div>`;
return;
}
const advisory = run.advisory_meta || {};
const profile = run.profile_meta || {};
const screenshotItems = (run.artifact_groups || [])
.find((group) => group.key === "browser")
?.items.filter((item) => item.kind === "image") || [];
$("detailRoot").innerHTML = `
<section class="glass-panel detail-hero">
<div class="eyebrow">Local Verification Workspace</div>
<div class="flex-row" style="margin-top:14px;">
<span class="${statusClass(run.verification_status)}">${escapeHtml(run.verification_status)}</span>
<div class="tag-row">
<span class="tag">${escapeHtml(run.system_id)}</span>
<span class="tag">${escapeHtml(run.repro_profile_id)}</span>
<span class="tag">${escapeHtml(run.artifact_mode)}</span>
<span class="tag">${escapeHtml(run.verification_mode)}</span>
</div>
</div>
<h2 class="detail-headline">${escapeHtml(advisory.title || run.advisory_id)}</h2>
<p class="mini-muted">${escapeHtml(advisory.summary || "No summary available.")}</p>
<div class="link-row" style="margin-top:18px;">
<a class="chip" href="${escapeHtml(run.dashboard_refs.report_html)}" target="_blank" rel="noreferrer">Open HTML report</a>
<a class="ghost-chip" href="${escapeHtml(run.dashboard_refs.report_md)}" target="_blank" rel="noreferrer">Open Markdown</a>
<a class="ghost-chip" href="${escapeHtml(run.dashboard_refs.bundle)}" target="_blank" rel="noreferrer">Open run JSON</a>
</div>
<div class="stat-grid">
<article class="stat-card"><strong>Timeline Steps</strong><span>${escapeHtml(run.timeline?.length || 0)}</span></article>
<article class="stat-card"><strong>Artifacts</strong><span>${escapeHtml((run.artifact_groups || []).reduce((sum, group) => sum + group.count, 0))}</span></article>
<article class="stat-card"><strong>Browser</strong><span>${run.browser_evidence?.present ? "Ready" : "Missing"}</span></article>
<article class="stat-card"><strong>Finished</strong><span>${escapeHtml(timeAgo(run.finished_at))}</span></article>
</div>
</section>
<div class="detail-grid">
<div class="stack">
<details class="glass-panel accordion" open>
<summary><span>Progress Timeline</span><span class="tag">${escapeHtml(run.timeline?.length || 0)} steps</span></summary>
<div class="accordion-content">
<div class="tag-row" style="margin-bottom:14px;">
<span class="tag">completed ${escapeHtml(run.progress?.completed || 0)}</span>
<span class="tag">blocked ${escapeHtml(run.progress?.blocked || 0)}</span>
<span class="tag">skipped ${escapeHtml(run.progress?.skipped || 0)}</span>
<span class="tag">failed ${escapeHtml(run.progress?.failed || 0)}</span>
</div>
<div class="timeline-list">
${(run.timeline || []).map((item) => `
<article class="timeline-item">
<div class="mini-muted">${escapeHtml(item.at || "-")}</div>
<div class="timeline-step">${escapeHtml(item.step || "-")}</div>
<div>
<div class="${statusClass(item.status || "default")}">${escapeHtml(item.status || "unknown")}</div>
<div class="mini-muted" style="margin-top:8px;">${escapeHtml(item.detail || "-")}</div>
</div>
</article>
`).join("") || `<div class="empty-state">No timeline items available.</div>`}
</div>
</div>
</details>
<details class="glass-panel accordion" open>
<summary><span>Attack Plan & Reasoning</span><span class="tag">${escapeHtml(profile.vuln_family || "unknown")}</span></summary>
<div class="accordion-content">
${run.blocked_reason ? `<div class="failure-callout"><strong>Failure reason</strong><div class="mini-muted" style="margin-top:8px;">${escapeHtml(run.blocked_reason)}</div></div>` : ""}
<div class="tag-row" style="margin:16px 0;">
<span class="tag">destructive risk ${escapeHtml(profile.destructive_risk || "-")}</span>
<span class="tag">cleanup ${escapeHtml(profile.cleanup_policy || "-")}</span>
<span class="tag">targets ${(profile.allowed_target_types || []).join(", ") || "-"}</span>
</div>
<div class="stack" style="gap:12px;">
${(run.reasoning_lines || []).map((line) => `<div class="system-card">${escapeHtml(line)}</div>`).join("")}
</div>
<div class="tag-row" style="margin-top:16px;">
${(profile.success_criteria || []).map((line) => `<span class="tag">${escapeHtml(line)}</span>`).join("")}
</div>
</div>
</details>
<details class="glass-panel accordion" open>
<summary><span>Evidence Explorer</span><span class="tag">${escapeHtml((run.artifact_groups || []).length)} groups</span></summary>
<div class="accordion-content">
${(run.artifact_groups || []).map((group) => `
<section class="artifact-group">
<h4>${escapeHtml(group.label)} · ${escapeHtml(group.count)}</h4>
<div class="artifact-row">
${group.items.map((item) => `
<button class="artifact-button" data-href="${escapeHtml(item.href)}" data-kind="${escapeHtml(item.kind)}" data-label="${escapeHtml(item.label)}">
<span>${escapeHtml(item.label)}</span>
<span class="mini-muted">${escapeHtml(item.kind)}</span>
</button>
`).join("")}
</div>
</section>
`).join("") || `<div class="empty-state">No artifacts linked for this run.</div>`}
${screenshotItems.length ? `
<div class="gallery" style="margin-top:12px;">
${screenshotItems.map((item) => `
<button class="gallery-item artifact-button" data-href="${escapeHtml(item.href)}" data-kind="${escapeHtml(item.kind)}" data-label="${escapeHtml(item.label)}">
<figure style="margin:0;">
<img src="${escapeHtml(item.href)}" alt="${escapeHtml(item.label)}">
<figcaption>${escapeHtml(item.label)}</figcaption>
</figure>
</button>
`).join("")}
</div>
` : ""}
</div>
</details>
<details class="glass-panel accordion" open>
<summary><span>Live Log Viewer</span><span class="tag">${state.selectedArtifact ? "active" : "idle"}</span></summary>
<div class="accordion-content">
<div class="log-viewer">
<div class="viewer-toolbar">
<div>
<strong id="artifactLabel">${escapeHtml(state.selectedArtifact?.label || "Select an artifact")}</strong>
<div class="mini-muted" id="artifactMeta">${escapeHtml(state.selectedArtifact?.href || "Artifacts and logs can be previewed here.")}</div>
</div>
<div class="tag-row">
<a id="artifactOpen" class="chip" href="${escapeHtml(state.selectedArtifact?.href || run.dashboard_refs.report_html)}" target="_blank" rel="noreferrer">Open artifact</a>
<button id="refreshArtifact" class="ghost-chip" type="button">Refresh preview</button>
</div>
</div>
<div class="viewer-frame" id="artifactViewer"><pre>Select a report, log, JSON, screenshot, or timeline file to preview it here.</pre></div>
</div>
</div>
</details>
</div>
<div class="stack">
<details class="glass-panel accordion" open>
<summary><span>Sources & Fix Topics</span><span class="tag">${escapeHtml((advisory.secondary_source_urls || []).length + (advisory.official_source_url ? 1 : 0))} links</span></summary>
<div class="accordion-content">
<div class="tag-row">
${(advisory.aliases || []).map((alias) => `<span class="tag">${escapeHtml(alias)}</span>`).join("")}
</div>
<div class="stack" style="gap:10px; margin-top:14px;">
${advisory.official_source_url ? `<a href="${escapeHtml(advisory.official_source_url)}" target="_blank" rel="noreferrer">${escapeHtml(advisory.official_source_url)}</a>` : `<div class="mini-muted">No official source linked.</div>`}
${(advisory.secondary_source_urls || []).map((ref) => `<a href="${escapeHtml(ref)}" target="_blank" rel="noreferrer">${escapeHtml(ref)}</a>`).join("")}
</div>
<div class="tag-row" style="margin-top:16px;">
${(advisory.secure_code_topics || []).map((topic) => `<span class="tag">${escapeHtml(topic)}</span>`).join("")}
</div>
</div>
</details>
<details class="glass-panel accordion">
<summary><span>Run JSON</span><span class="tag">raw</span></summary>
<div class="accordion-content"><pre class="json-block">${escapeHtml(JSON.stringify(run, null, 2))}</pre></div>
</details>
<details class="glass-panel accordion">
<summary><span>Advisory JSON</span><span class="tag">raw</span></summary>
<div class="accordion-content"><pre class="json-block">${escapeHtml(JSON.stringify(advisory, null, 2))}</pre></div>
</details>
<details class="glass-panel accordion">
<summary><span>Profile JSON</span><span class="tag">raw</span></summary>
<div class="accordion-content"><pre class="json-block">${escapeHtml(JSON.stringify(profile, null, 2))}</pre></div>
</details>
</div>
</div>
`;
document.querySelectorAll(".artifact-button").forEach((button) => {
button.addEventListener("click", () => openArtifact(button.dataset.href, button.dataset.label, button.dataset.kind));
});
$("refreshArtifact")?.addEventListener("click", () => {
if (state.selectedArtifact) {
openArtifact(state.selectedArtifact.href, state.selectedArtifact.label, state.selectedArtifact.kind);
}
});
if (!state.selectedArtifact || !(run.artifact_groups || []).some((group) => group.items.some((item) => item.href === state.selectedArtifact.href))) {
const artifact = defaultArtifact(run);
if (artifact) {
openArtifact(artifact.href, artifact.label, artifact.kind);
}
} else {
openArtifact(state.selectedArtifact.href, state.selectedArtifact.label, state.selectedArtifact.kind);
}
}
function attachGlobalActions() {
$("searchInput").addEventListener("input", (event) => {
state.filters.search = String(event.target.value || "").trim().toLowerCase();
renderRunList();
});
[["systemFilter", "system"], ["statusFilter", "status"], ["familyFilter", "family"]].forEach(([id, key]) => {
$(id).addEventListener("input", (event) => {
state.filters[key] = String(event.target.value || "");
renderRunList();
});
});
$("refreshDashboard").addEventListener("click", () => loadData(false));
$("autoRefresh").addEventListener("change", (event) => {
state.autoRefresh = Boolean(event.target.checked);
startRefreshLoop();
});
}
function startRefreshLoop() {
if (state.refreshHandle) {
clearInterval(state.refreshHandle);
state.refreshHandle = null;
}
if (!state.autoRefresh) return;
state.refreshHandle = setInterval(() => loadData(true), state.refreshMs);
}
async function init() {
["systemFilter", "statusFilter", "familyFilter"].forEach((id) => {
$(id).dataset.base = $(id).innerHTML;
});
attachGlobalActions();
await loadData(false);
startRefreshLoop();
window.addEventListener("hashchange", () => loadData(false));
}
document.addEventListener("DOMContentLoaded", init);
"""
write_text(assets_dir / "app.js", app_js)
html_page = """
<!doctype html>
<html lang="zh-CN">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>websafe authorized lab dashboard</title>
<link rel="stylesheet" href="./assets/styles.css">
</head>
<body>
<div class="dashboard-shell">
<header class="hero">
<div class="hero-grid">
<div>
<div class="eyebrow">Authorized Lab Dashboard</div>
<h1>本地攻防实证工作台</h1>
<p>面向授权实验场景的本地静态前端。聚合 advisory、run bundle、日志、浏览器证据、失败原因、利用思路与源头信息,并支持可折叠细节与自动刷新。</p>
<div class="hero-actions">
<button id="refreshDashboard" class="chip" type="button">Refresh Dashboard</button>
<label class="ghost-chip"><input id="autoRefresh" type="checkbox" checked> Auto Refresh</label>
<a class="ghost-chip" href="./summary.json" target="_blank" rel="noreferrer">Open Summary JSON</a>
</div>
</div>
<div>
<div class="panel-header">
<h2>Sync State</h2>
<div id="syncState" class="sync-indicator"><span class="dot"></span><strong>Booting</strong><span>Loading generated JSON</span></div>
</div>
<div id="metrics" class="hero-meta"></div>
</div>
</div>
</header>
<div class="workspace">
<aside class="sidebar">
<section class="glass-panel">
<div class="panel-header">
<h2>Filters</h2>
<span id="runCount" class="tag">0 shown</span>
</div>
<div class="filters">
<label>Search
<input id="searchInput" placeholder="Search run id, advisory, title">
</label>
<label>System
<select id="systemFilter"><option value="">All systems</option></select>
</label>
<label>Status
<select id="statusFilter"><option value="">All statuses</option></select>
</label>
<label>Profile
<select id="familyFilter"><option value="">All profiles</option></select>
</label>
</div>
</section>
<section class="glass-panel">
<div class="panel-header"><h2>Systems</h2></div>
<div id="systemCoverage" class="system-grid"></div>
</section>
<section class="glass-panel">
<div class="panel-header"><h2>Recent Failures</h2></div>
<div id="failureFeed" class="failure-feed"></div>
</section>
<section class="glass-panel">
<div class="panel-header"><h2>Run Queue View</h2></div>
<div id="runList" class="run-list"></div>
</section>
</aside>
<main id="detailRoot" class="detail-view">
<div class="glass-panel empty-state">Select a run to inspect full details.</div>
</main>
</div>
</div>
<script src="./assets/app.js"></script>
</body>
</html>
"""
write_text(DASHBOARD_DIR / "index.html", html_page)
return {
"dashboard_dir": str(DASHBOARD_DIR),
"index_html": str(DASHBOARD_DIR / "index.html"),
}
在新工单中引用 查看 Git Blame 复制永久链接