feat(roadmap): YAML-driven roadmap + Tailwind UI w/ filters & details modal

- Convert roadmap to YAML: - Add data structure: id, priority, title, goal, tags, milestone - Add `details` field (supports list or block string); populated initial content - Quote scalars and use explicit nulls to avoid YAML parse edge cases - Update `updated` date to 2025-08-22 - Flask blueprint + loader: - New /roadmap view with section switching (roadmap | backlog | open_questions) - Filters: q (search), tag (multi, AND), min_priority, milestone - Dataclasses: RoadmapData/RoadmapItem; include `details` - `_normalize_details()` to accept string or list, normalize to list[str] - Configurable path via `ROADMAP_FILE` (env or defaults) - Remove cache layer for simplicity - UI (Tailwind): - `templates/roadmap.html` with responsive cards, tag chips, and filter form - Details modal (larger max width, scrollable body) showing ID/goal/priority/tags/milestone - Safe JSON payload to modal via `|tojson|forceescape` - JS: - DOM-ready, event-delegated handler for `data-item` buttons - Populate modal fields and render multi-paragraph details - Fixes & polish: - Resolved YAML `ScannerError` by quoting strings with `:` and `#` - Ensured `details` is passed through route to template and included in button payload - Minor styling tweaks for consistency with Tailwind setup Usage: - Set `ROADMAP_FILE` if not using default path - Visit /roadmap and filter via q/tag/min_priority/milestone
2025-08-22 15:05:09 -05:00
parent 9cc2f8183c
commit cd30cde946
7 changed files with 723 additions and 38 deletions
--- a/docs/changelog.md
+++ b/docs/changelog.md
@@ -0,0 +1,54 @@
+# Changelog
+
+All notable changes to this project will be documented in this file.  
+This project follows [Semantic Versioning](https://semver.org/).
+
+---
+
+## [Unreleased]
+
+### ✨ Features
+- _Nothing yet — add upcoming features here._
+
+### 🛠️ Refactors
+- _Nothing yet — add upcoming refactors here._
+
+### 🐛 Fixes
+- _Nothing yet — add upcoming fixes here._
+
+---
+
+
+## [v0.2] – 2025-08-22
+
+### ✨ Features
+- **UI Modernization**  
+  Migrated the entire front-end to **Tailwind CSS (compiled)** with **Flowbite JS** components for better responsiveness, consistency, and developer productivity.  
+  Introduced a **new navbar and layout system**, improving navigation and making future expansion easier.  
+  Added **Docker-based CSS build** to keep builds reproducible and lightweight.
+
+- **Reusable CSS Components**  
+  Added custom utility classes (`badge`, `badge-ok`, `badge-warn`, `badge-danger`, `chip`, `card`, etc.) to replace long Tailwind strings.  
+  This reduces repetition and ensures a consistent look across the app.
+
+### 🛠️ Refactors
+- **Template Includes**  
+  Extracted shared UI sections (headers, footers, layout chunks) into separate **Jinja includes**, improving maintainability and readability of templates.  
+
+### 🐛 Fixes
+- **Table Rendering**  
+  Locked table column widths and fixed snippet scaling issues to prevent column misalignment and content reflow.  
+  This ensures analysis results (like script and form findings) remain readable and properly aligned.
+
+- **Rules Engine State**  
+  Fixed a bug where the **rules engine** was not being pulled correctly from the application state after the previous refactor.  
+  This restores proper detection of suspicious scripts/forms and ensures rule definitions (with `name` and `description`) are honored.
+
+---
+
+## [v0.1] – Initial Work
+
+- Implemented initial **Flask-based web UI** for URL submission and analysis.
+- Added **domain & IP enrichment** (WHOIS, GeoIP, ASN/ISP lookups).
+- Built first version of the **Suspicious Rules Engine** for script and form detection.
+- Basic Docker setup for sandboxed deployment.
--- a/docs/roadmap.md
+++ b/docs/roadmap.md
@@ -1,34 +0,0 @@
-# SneakyScope — Roadmap (Updated 8-21-25)
-
-## Priority 1 – Core Analysis / Stability
-* if cloudflare, we notate and badge it, along with a blurp that explains how cloudflare is both used for good and evil.
-* need a generalized "total score" for the site. something that is a quick 0/10 (guessing on the number), so new analyst don't have to think on the details.
-* make a "dectorators" file to unify imports
-
-## Priority 2 – UI / UX
-* Rules Lab (WYSIWYG tester): paste a rule, validate/compile, run against sample text; lightweight nav entry.
-* Build reusable util classes in tailwind and replace the long class strings. Classes to build: badge, badge-ok, badge-warn, badge-danger, chip, card.
-
-## Priority 3 – API Layer
-
-* API endpoints: `/screenshot`, `/source`, `/analyse`.
-* **OpenAPI**: add `POST /api/analyze_script` (request/response schemas, examples) to `openapi/openapi.yaml`; serve at `/api/openapi.yaml`.
-* Docs UI: Swagger UI or Redoc at `/docs`.
-* (Nice-to-have) API JSON error consistency: handlers for 400/403/404/405/500 that always return JSON.
-
-## Priority 4 – Artifact Management & Ops
-
-* Retention/cleanup policy for old artifacts (age/size thresholds).
-* Make periodic maintenance scripts for storage; cleanup options set in `settings.yaml`.
-* Results caching UX: add “Re-run analysis” vs. “Load from cache” controls in the results UI.
-
-## Priority 5 – Extras / Integrations
-
-* Domain reputation (local feeds): build and refresh a consolidated domain/URL reputation store from URLHaus database dump and OpenPhish community dataset (scheduled pulls with dedup/normalize).
-* Threat intel connectors (settings-driven): add `settings.yaml` entries for VirusTotal and ThreatFox API keys (plus future providers); when present, enrich lookups and merge results into the unified reputation checks during analysis.
-
-## Backlog / Far-Off Plans
-
-* Server profile scan: run a lightweight nmap service/banner scan on common web/alt ports (80, 443, 8000, 8080, 8443, etc.) and SSH; combine with server headers to infer stack (e.g., IIS vs. Linux/\*nix).
-
-* IP Lookups 0 if we are successful on domain replutation / ip reputation