Copilot/reinstate mit license#2
Closed
Harry-jain wants to merge 7 commits into
Closed
Conversation
Updated README to reflect project overview and folder contents for IBM Bob session documentation.
Some random update
Agent-Logs-Url: https://github.com/Harry-jain/CipherDev/sessions/32f93844-ebf1-413b-b383-5c09316b544a Co-authored-by: Harry-jain <109072049+Harry-jain@users.noreply.github.com>
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
There was a problem hiding this comment.
Pull request overview
This PR updates project documentation around the deployed URL, IBM Bob “session” evidence, and licensing messaging.
Changes:
- Update README quick-start “open in browser” URL and modify the footer/license text.
- Add a new
Bob_usage_report.mddescribing IBM Bob’s role/architecture. - Rework
bob_sessions/README.mdinto a screenshot-based report and delete the separate screenshot guide.
Reviewed changes
Copilot reviewed 4 out of 10 changed files in this pull request and generated 4 comments.
| File | Description |
|---|---|
| README.md | Updates quick-start browser URL, footer tagline, and adds “MIT License” text. |
| Bob_usage_report.md | Adds an architectural/compliance-style narrative about IBM Bob usage. |
| bob_sessions/SCREENSHOT_GUIDE.md | Removes the detailed screenshot-taking instructions. |
| bob_sessions/README.md | Replaces instructions/checklist with an embedded screenshot report and narrative. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Comment on lines
+64
to
65
| Open [https://devcipher.vercel.app/](https://devcipher.vercel.app/) in your browser. | ||
|
|
Comment on lines
+313
to
+314
|
|
||
| MIT License |
Comment on lines
+32
to
+51
| Bob's runtime layer wraps the browser's native network APIs with a proxy interceptor mounted at application boot, before any other module initialises. This is implemented in features/audit/networkProxy.ts: | ||
|
|
||
| Code | ||
| window.fetch → BobFetchProxy | ||
| window.XMLHttpRequest → BobXHRProxy | ||
| navigator.sendBeacon → BobBeaconProxy (stubbed to always return false) | ||
| Every intercepted call is evaluated against a whitelist manifest — a static JSON file baked into the build at compile time. The whitelist contains exactly the URL patterns from the passing Request Inventory above. | ||
|
|
||
| If a call matches the whitelist: it is logged to the in-memory audit ledger and allowed to proceed. | ||
|
|
||
| If a call does not match: it is blocked, an error is thrown to the calling module, and a VIOLATION entry is written to the audit ledger with full stack trace, timestamp, and destination URL. | ||
|
|
||
| The audit ledger is stored only in sessionStorage. It never persists. It never leaves the device. It is flushed when the tab closes. The user can download a snapshot of it as part of the conversation export flow. | ||
|
|
||
| This means a malicious dependency, a compromised CDN script, or a future developer accidentally adding a telemetry call will be caught at runtime by the app itself, surfaced in the UI, and recorded. | ||
|
|
||
| Role 3: Compliance Artifact Generator | ||
| The third Bob role is the one visible to end users and compliance reviewers. Inside the app, a Privacy Audit screen renders the live audit ledger in three sections: | ||
|
|
||
| Section A — Request Inventory A table of every network call made in the current session: URL, module origin, timestamp, status (ALLOWED / BLOCKED). Sorted by most recent. This gives a technical reviewer a complete picture of what the browser actually did, not what the documentation claims it did. |
Comment on lines
+67
to
+77
| Under Bob's Feature-Sliced directive, all audit logic lives exclusively in: | ||
|
|
||
| Code | ||
| src/features/audit/ | ||
| networkProxy.ts ← Runtime interceptor, mounts at app boot | ||
| auditLedger.ts ← In-memory ledger with sessionStorage persistence | ||
| staticAnalysis.ts ← Build-time bundle scanner output (baked in as JSON) | ||
| AuditReport.tsx ← Presentation component, zero business logic | ||
| index.ts ← Public API surface for the feature | ||
| The components/ directory receives only AuditReport.tsx props. It knows nothing about ledger internals. The app/ directory calls initBobProxy() once at startup and nothing else. This is the Bob principle: audit infrastructure is load-bearing, not decorative. | ||
|
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
rejected
Summary by cubic
Reinstates the MIT License notice and updates the README to point to the live Vercel app. Adds IBM Bob privacy-audit documentation and session evidence to demonstrate local-only behavior.
Bob_usage_report.mddetailing Bob’s static/runtime audit and the in-app compliance report; included sixbob_sessions/*.pngscreenshots and simplifiedbob_sessions/README.md(removedbob_sessions/SCREENSHOT_GUIDE.md).README.mdhomepage tohttps://devcipher.vercel.app/and restored the MIT License notice.Written for commit a8cde78. Summary will update on new commits.