nogoo9 / no-crd / 26634458474
70%

DEFAULT BRANCH: main
Ran
Jobs 1
Files 37
Run time 1min
Badge
Embed ▾
README BADGES
x

If you need to use a raster PNG badge, change the '.svg' to '.png' in the link

Markdown

Textile

RDoc

HTML

Rst
coverage: 70.072%. Remained the same
26634458474

push

github

web-flow 
fix(ui): remove localhost fallback and fix logout basePath (v0.5.3) (#16)

* fix(ui): remove hardcoded localhost:3000 fallback and fix logout basePath

- Remove localhost:3000 MCP endpoint from HTTP fallback — only use the
  same-origin relative path derived from BASE_URL, which works in both
  local dev and production deployments.
- Fix /logout fetch call to include basePath prefix so it works behind
  a subpath reverse proxy.

* chore: bump version to 0.5.3

* docs: add ADR-011 for UI BASE_URL contract and cookie path consistency

- ADR-011 documents why UI fetch calls must use basePath, why the
  localhost:3000 fallback was removed, and why cookie paths use raw
  paths without basePrefix (both set and clear are consistent).
- Inline comments added to proxy.ts, mcp.ts, and app.ts referencing
  the ADR for future maintainers.

* docs: add Session & Cookie Management guide and update sidebar

- New docs/session-cookies.md covering nocr_sess and nocr_token cookie
  lifecycle, token extraction priority chain, session key resolution
  cascade, logout flow, and security considerations.
- Cross-reference added to auth-hardening.md pointing to the new page.
- VitePress sidebar updated: session-cookies link + ADRs 007-011.

* fix(ui): replace window.location.reload() with login overlay on 401

The 401 handlers in initHttpFallback() and callServerToolFallback()
were calling window.location.reload() to force re-authentication.
This races with initOidc() triggerRedirect() — the page reloads
before the OIDC redirect can execute, creating an infinite refresh
loop where the login prompt flashes but never navigates to the IdP.

Fix: show the login overlay and return/throw instead of reloading.
The OIDC flow (initOidc) handles the actual redirect independently.

* docs: add 401 reload loop fix to CHANGELOG, whats-new, and session-cookies gotchas

---------

Co-authored-by: Antigravity Agent <agent@antigravity>

5226 of 7458 relevant lines covered (70.07%)

19.31 hits per line

Jobs
ID Job ID Ran Files Coverage
1 26634458474.1 37
70.07
 GitHub Action Run
Source Files on build 26634458474