From 3838b70da2526f2000021d55798de3496387a88f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?R=7BAI=7Df=20D=2E=20M=C3=BCller?= Date: Fri, 13 Feb 2026 20:00:48 +0100 Subject: [PATCH 1/2] fix: Convert AsciiDoc cross-reference links to router navigation AsciiDoc cross-references (<>) were generating simple hash links (#anchor-id) which don't work with our hash-based routing (#/anchor/anchor-id). Now intercept clicks on these internal links and convert them to proper router navigation. This fixes the user-reported issue: "die links innerhalb von ankern funktionieren nicht" (links within anchors don't work). Co-Authored-By: Claude Sonnet 4.5 --- website/src/components/anchor-modal.js | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/website/src/components/anchor-modal.js b/website/src/components/anchor-modal.js index 922a638..4d0e621 100644 --- a/website/src/components/anchor-modal.js +++ b/website/src/components/anchor-modal.js @@ -139,6 +139,20 @@ export async function loadAnchorContent(anchorId) { details.setAttribute('open', '') }) + // Convert internal AsciiDoc cross-reference links to router navigation + contentEl.querySelectorAll('a[href^="#"]').forEach(link => { + const href = link.getAttribute('href') + // Only process simple hash links (cross-references), not hash routes + if (href && href.startsWith('#') && !href.startsWith('#/')) { + const anchorId = href.substring(1) // Remove the '#' + link.addEventListener('click', (e) => { + e.preventDefault() + // Navigate to the linked anchor + window.location.hash = `#/anchor/${anchorId}` + }) + } + }) + } catch (error) { console.error('Error loading anchor content:', error) titleEl.textContent = 'Error' From 6458e24a12ec7f5f876adcc153d7403fa42d90f4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?R=7BAI=7Df=20D=2E=20M=C3=BCller?= Date: Fri, 13 Feb 2026 20:28:59 +0100 Subject: [PATCH 2/2] docs: Link Risk Radar mitigation issues in CLAUDE.md - Add header with links to Risk Radar issues and documentation - Add Issue column to mitigation tables for both modules - Reference GitHub issues #81-#88 for tracking implementation Related to Risk Radar Assessment --- CLAUDE.md | 72 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 72 insertions(+) diff --git a/CLAUDE.md b/CLAUDE.md index dea0621..0f992b0 100644 --- a/CLAUDE.md +++ b/CLAUDE.md @@ -394,3 +394,75 @@ All implementation work is tracked in GitHub Issues. See `PROJECT_STATUS.md` for - Architecture: `docs/arc42/arc42.adoc` - Project Status: `PROJECT_STATUS.md` - GitHub Issues: https://github.com/LLM-Coding/Semantic-Anchors/issues + +## Risk Radar Assessment + +_Generated by `/risk-assess` on 2026-02-13_ + +**Mitigation Tracking:** [Risk Radar Issues](https://github.com/LLM-Coding/Semantic-Anchors/labels/risk-radar) +**Documentation:** [Vibe Coding Risk Radar](https://llm-coding.github.io/vibe-coding-risk-radar/) + +### Module: scripts +| Dimension | Score | Level | Evidence | +|-----------|-------|-------|----------| +| Code Type | 1 | Build Scripts / Tests | extract-metadata.js, split-readme.js, update-anchor-categories.js, translate-anchors.py | +| Language | 2 | Dynamically typed | 3 .js files, 1 .py file | +| Deployment | 1 | Internal tool | CI/CD automation, build-time scripts | +| Data Sensitivity | 0 | Public data | Processes public AsciiDoc documentation | +| Blast Radius | 0 | Cosmetic / Tech debt | Build failures, incorrect metadata generation | + +**Tier: 2** — determined by Language = 2 + +### Mitigations: scripts (Tier 2) + +#### Tier 1 — Automated Gates +| Measure | Status | Details | Issue | +|---------|--------|---------|-------| +| Linter & Formatter | ❌ Ausstehend | No ESLint or Prettier config detected | [#81](https://github.com/LLM-Coding/Semantic-Anchors/issues/81) | +| Type Checking | ❌ N/A | JavaScript without TypeScript | — | +| Pre-Commit Hooks | ❌ Ausstehend | No husky or pre-commit framework | [#82](https://github.com/LLM-Coding/Semantic-Anchors/issues/82) | +| Dependency Check | ❌ Ausstehend | No npm audit in CI workflows | [#83](https://github.com/LLM-Coding/Semantic-Anchors/issues/83) | +| CI Build & Unit Tests | ✅ Vorhanden | GitHub Actions (.github/workflows/test.yml) | — | + +#### Tier 2 — Extended Assurance +| Measure | Status | Details | Issue | +|---------|--------|---------|-------| +| SAST | ❌ Ausstehend | No Semgrep or CodeQL detected | [#84](https://github.com/LLM-Coding/Semantic-Anchors/issues/84) | +| AI Code Review | ❌ Ausstehend | No CodeRabbit or Copilot Review | [#86](https://github.com/LLM-Coding/Semantic-Anchors/issues/86) | +| Property-Based Tests | ❌ Ausstehend | No fast-check or hypothesis | [#85](https://github.com/LLM-Coding/Semantic-Anchors/issues/85) | +| SonarQube Quality Gate | ❌ Ausstehend | No SonarQube config | [#87](https://github.com/LLM-Coding/Semantic-Anchors/issues/87) | +| Sampling Review (~20%) | ⚠️ Teilweise | PR review process (assumed) | [#88](https://github.com/LLM-Coding/Semantic-Anchors/issues/88) | + +--- + +### Module: website +| Dimension | Score | Level | Evidence | +|-----------|-------|-------|----------| +| Code Type | 0 | UI / CSS / Docs | Frontend components with DOM manipulation (header.js, card-grid.js, anchor-modal.js) | +| Language | 2 | Dynamically typed | 17 .js files (JavaScript) | +| Deployment | 2 | Public-facing app | GitHub Pages deployment, public documentation website | +| Data Sensitivity | 0 | Public data | Public semantic anchor documentation | +| Blast Radius | 0 | Cosmetic / Tech debt | UI glitches, broken features | + +**Tier: 2** — determined by Language = 2, Deployment = 2 + +### Mitigations: website (Tier 2) + +#### Tier 1 — Automated Gates +| Measure | Status | Details | Issue | +|---------|--------|---------|-------| +| Linter & Formatter | ❌ Ausstehend | No ESLint or Prettier config detected | [#81](https://github.com/LLM-Coding/Semantic-Anchors/issues/81) | +| Type Checking | ❌ N/A | JavaScript without TypeScript | — | +| Pre-Commit Hooks | ❌ Ausstehend | No husky or pre-commit framework | [#82](https://github.com/LLM-Coding/Semantic-Anchors/issues/82) | +| Dependency Check | ❌ Ausstehend | No npm audit in CI workflows | [#83](https://github.com/LLM-Coding/Semantic-Anchors/issues/83) | +| CI Build & Unit Tests | ✅ Vorhanden | GitHub Actions with Playwright E2E tests and Lighthouse CI (.github/workflows/test.yml) | — | + +#### Tier 2 — Extended Assurance +| Measure | Status | Details | Issue | +|---------|--------|---------|-------| +| SAST | ❌ Ausstehend | No Semgrep or CodeQL detected | [#84](https://github.com/LLM-Coding/Semantic-Anchors/issues/84) | +| AI Code Review | ❌ Ausstehend | No CodeRabbit or Copilot Review | [#86](https://github.com/LLM-Coding/Semantic-Anchors/issues/86) | +| Property-Based Tests | ❌ Ausstehend | No fast-check or hypothesis | [#85](https://github.com/LLM-Coding/Semantic-Anchors/issues/85) | +| SonarQube Quality Gate | ❌ Ausstehend | No SonarQube config | [#87](https://github.com/LLM-Coding/Semantic-Anchors/issues/87) | +| Sampling Review (~20%) | ⚠️ Teilweise | PR review process (assumed) | [#88](https://github.com/LLM-Coding/Semantic-Anchors/issues/88) | +