Security (PR #268)
- SSRF guard on registry fetch (is_trusted_url)
- XSS: allowlist-based href sanitization in safe_html filter
- Restore endpoint rate-limiting (5 attempts/hour)
- Path traversal guard in module downloader
UI Quality Pass (PRs #269-275)
- Journal: design tokens, :active/:focus-visible states, mobile responsive
- Data Export: glass modal, Lucide icons, gradient button
- Connection Monitor: 40 inline styles extracted to CSS
- BQM Graphs: tokenized colors/radii, mobile calendar, light-theme fix
- Correlation: 9 themeable chart colors, keyboard legend, download color fix
- Event Log: 13 hardcoded colors tokenized, aria-pressed, touch targets
- Global: keyboard nav on sidebar, focus-visible on all forms, ResizeObserver debounce
- Light theme: missing muted tokens added (info, warn, crit, good, tolerated)
Stats
- 42 commits, 8 PRs merged
- 1887 tests passing, 0 regressions