Prepare IP Linux public release and Vercel deployment#1
Merged
Conversation
…ement DOMPurify CSP
Remove the Open Tasks Bar feature and related UI/setting, and make dock sizing independent of it. Changes include: remove OpenTasksBar import and usage in App.tsx; remove the "Show Open Tasks Bar" toggle and update Dock & Footer helper text in Settings.tsx; stop reserving extra bottom space for tasks in Desktop (fixed bottom), and use a fixed bottomReserve (104) in window creation; change default dock preference showTasks to false; bump persisted dock preferences key from iplinux_dock_preferences_v1 to iplinux_dock_preferences_v2 for load/save.
…dynamic shadows, wobbly windows, edge sheen, snap-assist hooks (round 6)
…t commit, app handoff hook (round 7)
There was a problem hiding this comment.
Pull request overview
This PR prepares the IP Linux React/Vite web desktop for a public release and static deployment on Vercel by adding deployment/configuration artifacts (headers, CSP, CI, docs, manifest/robots/sitemap) and by hardening/expanding the client-side desktop UX (workspaces, app installation state, terminal tabs, snap assist, widgets, global search, storage improvements, and safer HTML/math handling).
Changes:
- Adds Vercel + public-release metadata (CSP/security headers, robots/sitemap/manifest/icon, root docs) and a GitHub Actions build/audit workflow.
- Extends OS state/UI capabilities (workspaces, clipboard tray, snap assist overlay, reactive wallpapers + effects, audio bus/visualizer, global search, app store install/remove).
- Replaces risky patterns (e.g.,
eval) and tightens HTML rendering via DOMPurify in multiple apps.
Reviewed changes
Copilot reviewed 59 out of 62 changed files in this pull request and generated 9 comments.
Show a summary per file
| File | Description |
|---|---|
vercel.json |
Vercel build/output config, SPA rewrite, and response security headers (incl. CSP). |
SECURITY.md |
Public security guidance for a client-only bundle and storage model. |
README.md |
Root project README oriented to public release + deploy workflow. |
app/src/types/index.ts |
Expands OS/app/theme/workspace/clipboard/preferences types and action union. |
app/src/lib/wallpapers.ts |
Centralizes static/animated wallpaper definitions and lookup helpers. |
app/src/lib/storage.ts |
Adds IndexedDB-first persistence helpers with localStorage fallback. |
app/src/lib/safeMath.ts |
Adds a small safe math expression evaluator (replaces eval). |
app/src/lib/desktopLayoutEngine.ts |
Adds desktop grid metrics + placement/arrangement utilities. |
app/src/lib/audioBus.ts |
Adds a global analyser bus for audio visualizers. |
app/src/lib/appHandoff.ts |
Adds useAppHandoff hook for per-app UI state persistence. |
app/src/hooks/useFileSystem.ts |
Switches filesystem persistence to IndexedDB-backed storage helpers. |
app/src/components/WorkspaceSwitcher.tsx |
Adds a top-bar workspace switcher with keyboard shortcuts. |
app/src/components/WindowManager.tsx |
Filters visible windows by active workspace. |
app/src/components/WindowFrame.tsx |
Adds snap detection/commit, improves sizing bounds, and switches icons to SystemIcon. |
app/src/components/Widgets.tsx |
Adds desktop clock/weather widgets. |
app/src/components/ui/sidebar.tsx |
Avoids hydration mismatch by deferring random skeleton width to an effect. |
app/src/components/SystemIcon.tsx |
Introduces a centralized icon/visual system for apps and UI glyphs. |
app/src/components/SnapAssistOverlay.tsx |
Adds snap preview overlay driven by custom events from window dragging. |
app/src/components/ScreenEffects.tsx |
Adds global screen filters + grain/CRT overlays. |
app/src/components/ReactiveWallpaper.tsx |
Adds a canvas-driven reactive/animated wallpaper engine. |
app/src/components/NotImplemented.tsx |
Switches dynamic Lucide icon lookup to SystemIcon. |
app/src/components/NotificationSystem.tsx |
Uses SystemIcon for toast app icons; adds appId to props. |
app/src/components/NotificationCenter.tsx |
Uses SystemIcon for notification icons. |
app/src/components/GlobalSearch.tsx |
Adds command-palette style global search for apps/files. |
app/src/components/Dock.tsx |
Adds dock preferences (size/magnification/transparency), disabled-app filtering, and focus/restore action. |
app/src/components/ContextMenu.tsx |
Updates context menu rendering/icons and expands desktop actions. |
app/src/components/ClipboardManager.tsx |
Adds a universal clipboard tray UI backed by OS clipboard state. |
app/src/components/AudioVisualizer.tsx |
Adds a global top-panel audio visualizer that subscribes to audioBus. |
app/src/components/AppLauncher.tsx |
Filters disabled apps, improves accessibility labels, and adapts layout to tablet mode. |
app/src/components/AppIcon.tsx |
Rebuilds app tiles using SystemIcon visuals (gradient tiles + glow). |
app/src/apps/TerminalSession.tsx |
Extracts terminal session logic into its own component. |
app/src/apps/Terminal.tsx |
Adds multi-tab terminal wrapper + selectable color profiles. |
app/src/apps/Spreadsheet.tsx |
Replaces eval formula evaluation with evaluateMathExpression. |
app/src/apps/Settings.tsx |
Adds animated/static wallpaper selection and dock/footer preference controls. |
app/src/apps/registry.ts |
Updates registry (adds App Store entry, tweaks apps, desktop featured items, default dock apps). |
app/src/apps/RegexTester.tsx |
Sanitizes highlighted HTML via DOMPurify. |
app/src/apps/PasswordManager.tsx |
Converts password storage to memory-only “demo” behavior + improves button semantics. |
app/src/apps/Notes.tsx |
Sanitizes contentEditable HTML via DOMPurify. |
app/src/apps/MusicPlayer.tsx |
Publishes analyser to audioBus, adds error handling, improves visualizer fallback. |
app/src/apps/MatrixRain.tsx |
Improves visuals, DPR handling, and controls/accessibility for matrix rain. |
app/src/apps/MarkdownPreview.tsx |
Avoids Tailwind scanner issues in table regex; sanitizes generated HTML via DOMPurify. |
app/src/apps/CodeEditor.tsx |
Sanitizes highlighted HTML via DOMPurify. |
app/src/apps/Browser.tsx |
Adds YouTube-lite routing/fallbacks, iframe error handling, and blocked-host UX. |
app/src/apps/AppStore.tsx |
Adds an in-app store for install/uninstall (disabled apps) and launching. |
app/src/apps/AppRouter.tsx |
Converts router to lazy-loaded app modules with a loading fallback UI. |
app/src/App.tsx |
Integrates new layers/features (wallpaper engine, widgets, search, effects, clipboard, snap overlay, accessibility tweaks). |
app/README.md |
Replaces template README with project-specific build/dev notes. |
app/public/sitemap.xml |
Adds sitemap for public deployment. |
app/public/robots.txt |
Adds robots directives + sitemap link. |
app/public/manifest.webmanifest |
Adds PWA manifest metadata. |
app/public/icon.svg |
Adds app icon SVG with accessibility metadata. |
app/package.json |
Renames package and adds deps (dompurify, idb-keyval, @react-icons/all-files, types). |
app/package-lock.json |
Updates lockfile for new deps/name. |
app/index.html |
Adds CSP meta, SEO/social metadata, manifest/icon links, and viewport tweaks. |
app/eslint.config.js |
Disables react-refresh/only-export-components rule. |
app/.gitignore |
Adds Vercel + env/secrets + build cache ignores. |
app/.env.example |
Adds public-release env guidance (no secrets). |
.gitignore |
Adds repo-wide ignores for secrets, Vercel, artifacts, build outputs. |
.github/workflows/ci.yml |
Adds CI job to npm ci, npm audit, and npm run build in app/. |
Files not reviewed (1)
- app/package-lock.json: Language not supported
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Comment on lines
+20
to
+25
| const top = 32; | ||
| const bottom = 92; | ||
| const vw = window.innerWidth; | ||
| const vh = window.innerHeight; | ||
| let style: React.CSSProperties = { left: 0, top, width: vw, height: vh - top - bottom }; | ||
| switch (zone) { |
Comment on lines
+98
to
+103
| <button | ||
| onClick={(e) => { e.stopPropagation(); dispatch({ type: 'REMOVE_CLIPBOARD', id: entry.id }); }} | ||
| className="text-[10px] text-[var(--text-secondary)] hover:text-red-400" | ||
| aria-label="Remove" | ||
| ><SystemIcon name="X" size={10} /></button> | ||
| </button> |
Comment on lines
+164
to
+169
| case 'CHANGE_BG': | ||
| case 'SHOW_SETTINGS': | ||
| case 'NEW_DOCUMENT': | ||
| case 'OPEN_TERMINAL': | ||
| dispatch({ type: 'OPEN_WINDOW', appId: 'settings' }); | ||
| break; |
Comment on lines
+151
to
+175
| const ICON_ALIASES: Record<string, IconType> = { | ||
| Accessibility: FaUniversalAccess, | ||
| Activity: FaMicrochip, | ||
| Battery: FaBatteryFull, | ||
| Bell: FaBell, | ||
| Binary: FaCode, | ||
| Bluetooth: FaBluetoothB, | ||
| Bomb: FaBomb, | ||
| Brain: FaBrain, | ||
| Braces: FaCode, | ||
| Calculator: FaCalculator, | ||
| Calendar: FaCalendarAlt, | ||
| CheckSquare: FaCheckSquare, | ||
| Circle: FaCircle, | ||
| Cloud: FaCloud, | ||
| CloudSun: FaCloudSun, | ||
| Code: FaCode, | ||
| Code2: FaCode, | ||
| Columns2: FaColumns, | ||
| Copy: FaCopy, | ||
| Cpu: FaMicrochip, | ||
| Crop: FaCropAlt, | ||
| Crown: FaChessKnight, | ||
| Edit: FaEdit, | ||
| Eye: FaEyeDropper, |
Comment on lines
+15
to
+18
| { | ||
| "key": "Content-Security-Policy", | ||
| "value": "default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss:; frame-src 'self' https://www.youtube.com https://www.youtube-nocookie.com https://lite.duckduckgo.com https://*.wikipedia.org https://example.com;" | ||
| }, |
| <head> | ||
| <meta charset="UTF-8" /> | ||
| <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no, viewport-fit=cover" /> | ||
| <meta http-equiv="Content-Security-Policy" content="default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss:; frame-src 'self' https://www.youtube.com https://www.youtube-nocookie.com https://lite.duckduckgo.com https://*.wikipedia.org https://example.com;"> |
Comment on lines
+35
to
+38
| * The shipped `index.html` declares a Content-Security-Policy meta tag with | ||
| `default-src 'self'`. (Note: Vite still requires `'unsafe-inline'` and | ||
| `'unsafe-eval'` for HMR in dev builds; these can be tightened in | ||
| production via the deploy host's CSP header.) |
Comment on lines
+1
to
+3
| import { useState, useEffect } from 'react'; | ||
| import { CloudRain, Sun, Cloud, Thermometer, Wind, Droplets } from 'lucide-react'; | ||
|
|
Comment on lines
+16
to
+18
| "key": "Content-Security-Policy", | ||
| "value": "default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss:; frame-src 'self' https://www.youtube.com https://www.youtube-nocookie.com https://lite.duckduckgo.com https://*.wikipedia.org https://example.com;" | ||
| }, |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Validation
Notes