From af973fb30b5384089bb568adf3cb7ae1985993a3 Mon Sep 17 00:00:00 2001 From: Copilot <198982749+Copilot@users.noreply.github.com> Date: Fri, 6 Mar 2026 11:12:31 +0530 Subject: [PATCH 1/3] =?UTF-8?q?fix(mobile):=20scope=20desktop=20scroll=20C?= =?UTF-8?q?SS=20to=20pointer:fine=20+=20guard=20reactive-glow=20scroll=20l?= =?UTF-8?q?istener=20=E2=80=94=20v1.1.3=20(#106)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Initial plan * fix: mobile scroll lag + bump to v1.1.3 - scope scroll-behavior/overscroll-behavior-y to @media (pointer: fine) - add touch device guard to reactive-glow.js scroll listener - bump version to 1.1.3 across package.json, README.md, SECURITY.md - update react-icons 5.5.0 → 5.6.0 - update GitHub Actions: harden-runner v2.15.1, setup-node v6.3.0, trivy-action v0.34.2, setup-buildx-action v4.0.0, login-action v4.0.0, build-push-action v7.0.0, sbom-action v0.23.0, upload-artifact v7.0.0, attest-build-provenance v4.1.0 Co-authored-by: devakesu <61821107+devakesu@users.noreply.github.com> * Update .github/workflows/deploy.yml Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> Signed-off-by: Devanarayanan * Update app/globals.css Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> Signed-off-by: Devanarayanan --------- Signed-off-by: Devanarayanan Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: devakesu <61821107+devakesu@users.noreply.github.com> Co-authored-by: Devanarayanan Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --- .github/workflows/deploy.yml | 28 ++++++------- README.md | 4 +- SECURITY.md | 2 +- app/globals.css | 14 +++++-- package-lock.json | 78 ++++++++++++++++++++++++++++++++---- package.json | 4 +- public/js/reactive-glow.js | 57 ++++++++++++++------------ 7 files changed, 132 insertions(+), 55 deletions(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 5727a8a..72f8ea4 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -24,7 +24,7 @@ jobs: actions: read # Allow cache restore without high-privilege write access steps: - name: Harden Runner - uses: step-security/harden-runner@a90bcbc6539c36a85cdfeb73f7e2f433735f215b # v2.15.0 + uses: step-security/harden-runner@58077d3c7e43986b6b15fba718e8ea69e387dfcc # v2.15.1 with: egress-policy: audit @@ -32,9 +32,9 @@ jobs: uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Set up Node.js - uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0 + uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0 with: - node-version: '20' + node-version: '20.19.0' - name: Install dependencies run: npm ci @@ -56,7 +56,7 @@ jobs: contents: read steps: - name: Harden Runner - uses: step-security/harden-runner@a90bcbc6539c36a85cdfeb73f7e2f433735f215b # v2.15.0 + uses: step-security/harden-runner@58077d3c7e43986b6b15fba718e8ea69e387dfcc # v2.15.1 with: egress-policy: audit @@ -64,7 +64,7 @@ jobs: uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Set up Node.js - uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0 + uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0 with: node-version: '20' @@ -107,7 +107,7 @@ jobs: steps: # 🛡️ HARDEN RUNNER: Monitor network traffic - name: Harden Runner - uses: step-security/harden-runner@a90bcbc6539c36a85cdfeb73f7e2f433735f215b # v2.15.0 + uses: step-security/harden-runner@58077d3c7e43986b6b15fba718e8ea69e387dfcc # v2.15.1 with: egress-policy: audit @@ -116,7 +116,7 @@ jobs: # 🔍 TRIVY: Scan for known vulnerabilities in dependencies - name: Run Trivy Vulnerability Scanner - uses: aquasecurity/trivy-action@e368e328979b113139d6f9068e03accaed98a518 # v0.34.1 + uses: aquasecurity/trivy-action@97e0b3872f55f89b95b2f65b3dbab56962816478 # v0.34.2 with: scan-type: 'fs' ignore-unfixed: true @@ -148,7 +148,7 @@ jobs: image: ${{ steps.image.outputs.image }} steps: - name: Harden Runner - uses: step-security/harden-runner@a90bcbc6539c36a85cdfeb73f7e2f433735f215b # v2.15.0 + uses: step-security/harden-runner@58077d3c7e43986b6b15fba718e8ea69e387dfcc # v2.15.1 with: egress-policy: audit @@ -156,10 +156,10 @@ jobs: uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0 + uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0 - name: Log in to GitHub Container Registry - uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3.7.0 + uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0 with: registry: ghcr.io username: ${{ github.actor }} @@ -173,7 +173,7 @@ jobs: echo "started_on=$TIMESTAMP" >> $GITHUB_OUTPUT - name: Build and push Docker image - uses: docker/build-push-action@10e90e3645eae34f1e60eeb005ba3a3d33f178e8 # v6.19.2 + uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294 # v7.0.0 id: build with: context: . @@ -220,14 +220,14 @@ jobs: # 📦 GENERATE SBOM - name: Generate SBOM - uses: anchore/sbom-action@28d71544de8eaf1b958d335707167c5f783590ad # v0.22.2 + uses: anchore/sbom-action@17ae1740179002c89186b61233e0f892c3118b11 # v0.23.0 with: image: ${{ steps.image.outputs.image }} format: cyclonedx-json output-file: sbom.json - name: Upload SBOM - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 with: name: sbom path: sbom.json @@ -286,7 +286,7 @@ jobs: # 🏆 GITHUB ATTESTATION - name: Generate GitHub Attestation - uses: actions/attest-build-provenance@977bb373ede98d70efdf65b84cb5f73e068dcc2a # v3 + uses: actions/attest-build-provenance@a2bbfa25375fe432b6a289bc6b6cd05ecd0c4c32 # v4.1.0 with: subject-name: ghcr.io/${{ github.repository }} subject-digest: ${{ steps.build.outputs.digest }} diff --git a/README.md b/README.md index 072cc81..d507804 100644 --- a/README.md +++ b/README.md @@ -2,7 +2,7 @@ **Where code meets conscience.** A brutalist × cyberpunk portfolio built with Next.js 16. -[![Version](https://img.shields.io/badge/version-1.1.2-cyan?logo=github)](package.json) +[![Version](https://img.shields.io/badge/version-1.1.3-cyan?logo=github)](package.json) [![Security: SLSA Level 3](https://img.shields.io/badge/SLSA-Level%203-brightgreen)](https://github.com/devakesu/devakesu-web/attestations) [![Security Scan: Trivy](https://img.shields.io/badge/Security-Trivy%20Scanned-blue)](.github/workflows/deploy.yml) [![Attestations](https://img.shields.io/badge/Attestations-Enabled-success)](https://github.com/devakesu/devakesu-web/attestations) @@ -414,4 +414,4 @@ _Love is the only way to rescue humanity from all evils._ --- **Last Updated**: March 02, 2026 -**Version**: 1.1.2 +**Version**: 1.1.3 diff --git a/SECURITY.md b/SECURITY.md index 5740dcd..2022565 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -149,4 +149,4 @@ We appreciate security researchers who responsibly disclose vulnerabilities. --- **Last Updated**: March 02, 2026 -**Version**: 1.1.2 +**Version**: 1.1.3 diff --git a/app/globals.css b/app/globals.css index 3343988..94382b2 100644 --- a/app/globals.css +++ b/app/globals.css @@ -1,17 +1,23 @@ @import 'tailwindcss'; html { - scroll-behavior: smooth; scroll-padding-top: 0px; - /* Improve mouse wheel scrolling smoothness */ - overscroll-behavior-y: contain; - scroll-snap-type: none; /* Mobile optimization */ -webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; text-rendering: optimizeLegibility; } +/* Desktop-only scroll behavior — avoids killing iOS momentum / rubber-band scrolling */ +@media (pointer: fine) { + html { + scroll-behavior: smooth; + /* Improve mouse wheel scrolling smoothness */ + overscroll-behavior-y: contain; + scroll-snap-type: none; + } +} + body { /* Enable smooth momentum scrolling on all platforms */ -webkit-overflow-scrolling: touch; diff --git a/package-lock.json b/package-lock.json index 830d30c..19193d7 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,17 +1,17 @@ { "name": "devakesu-web", - "version": "1.1.2", + "version": "1.1.3", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "devakesu-web", - "version": "1.1.2", + "version": "1.1.3", "dependencies": { "next": "16.1.6", "react": "19.2.4", "react-dom": "19.2.4", - "react-icons": "5.5.0" + "react-icons": "5.6.0" }, "devDependencies": { "@tailwindcss/postcss": "4.2.1", @@ -27,7 +27,7 @@ "typescript-eslint": "8.56.1" }, "engines": { - "node": ">=20.9.0" + "node": ">=20.19.0" } }, "node_modules/@alloc/quick-lru": { @@ -1518,6 +1518,70 @@ "node": ">=14.0.0" } }, + "node_modules/@tailwindcss/oxide-wasm32-wasi/node_modules/@emnapi/core": { + "version": "1.8.1", + "dev": true, + "inBundle": true, + "license": "MIT", + "optional": true, + "dependencies": { + "@emnapi/wasi-threads": "1.1.0", + "tslib": "^2.4.0" + } + }, + "node_modules/@tailwindcss/oxide-wasm32-wasi/node_modules/@emnapi/runtime": { + "version": "1.8.1", + "dev": true, + "inBundle": true, + "license": "MIT", + "optional": true, + "dependencies": { + "tslib": "^2.4.0" + } + }, + "node_modules/@tailwindcss/oxide-wasm32-wasi/node_modules/@emnapi/wasi-threads": { + "version": "1.1.0", + "dev": true, + "inBundle": true, + "license": "MIT", + "optional": true, + "dependencies": { + "tslib": "^2.4.0" + } + }, + "node_modules/@tailwindcss/oxide-wasm32-wasi/node_modules/@napi-rs/wasm-runtime": { + "version": "1.1.1", + "dev": true, + "inBundle": true, + "license": "MIT", + "optional": true, + "dependencies": { + "@emnapi/core": "^1.7.1", + "@emnapi/runtime": "^1.7.1", + "@tybys/wasm-util": "^0.10.1" + }, + "funding": { + "type": "github", + "url": "https://github.com/sponsors/Brooooooklyn" + } + }, + "node_modules/@tailwindcss/oxide-wasm32-wasi/node_modules/@tybys/wasm-util": { + "version": "0.10.1", + "dev": true, + "inBundle": true, + "license": "MIT", + "optional": true, + "dependencies": { + "tslib": "^2.4.0" + } + }, + "node_modules/@tailwindcss/oxide-wasm32-wasi/node_modules/tslib": { + "version": "2.8.1", + "dev": true, + "inBundle": true, + "license": "0BSD", + "optional": true + }, "node_modules/@tailwindcss/oxide-win32-arm64-msvc": { "version": "4.2.1", "resolved": "https://registry.npmjs.org/@tailwindcss/oxide-win32-arm64-msvc/-/oxide-win32-arm64-msvc-4.2.1.tgz", @@ -5558,9 +5622,9 @@ } }, "node_modules/react-icons": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/react-icons/-/react-icons-5.5.0.tgz", - "integrity": "sha512-MEFcXdkP3dLo8uumGI5xN3lDFNsRtrjbOEKDLD7yv76v4wpnEq2Lt2qeHaQOr34I/wPN3s3+N08WkQ+CW37Xiw==", + "version": "5.6.0", + "resolved": "https://registry.npmjs.org/react-icons/-/react-icons-5.6.0.tgz", + "integrity": "sha512-RH93p5ki6LfOiIt0UtDyNg/cee+HLVR6cHHtW3wALfo+eOHTp8RnU2kRkI6E+H19zMIs03DyxUG/GfZMOGvmiA==", "license": "MIT", "peerDependencies": { "react": "*" diff --git a/package.json b/package.json index a2e6313..f707308 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "devakesu-web", - "version": "1.1.2", + "version": "1.1.3", "private": true, "engines": { "node": ">=20.19.0" @@ -18,7 +18,7 @@ "next": "16.1.6", "react": "19.2.4", "react-dom": "19.2.4", - "react-icons": "5.5.0" + "react-icons": "5.6.0" }, "devDependencies": { "@tailwindcss/postcss": "4.2.1", diff --git a/public/js/reactive-glow.js b/public/js/reactive-glow.js index 6fa4218..6265f20 100644 --- a/public/js/reactive-glow.js +++ b/public/js/reactive-glow.js @@ -47,35 +47,42 @@ { passive: true } ); - // Scroll velocity → pulse strength (throttled with rAF) - window.addEventListener( - 'scroll', - () => { - if (!scrollTicking) { - window.requestAnimationFrame(() => { - const delta = Math.abs(window.scrollY - lastScrollY); - scrollSpeed = Math.min(delta / 100, 2.5); - lastScrollY = window.scrollY; + // Skip scroll pulse effect on touch devices (causes jank during mobile scroll) + const isTouchDevice = + typeof window.matchMedia === 'function' && + window.matchMedia('(pointer: coarse)').matches; - // Update current scale and apply with cursor position to avoid jumps - currentScale = 1 + scrollSpeed * 0.3; - glow.style.transform = `translate3d(${lastCursorX}px, ${lastCursorY}px, 0) translate(-50%, -50%) scale(${currentScale})`; - glow.style.opacity = Math.min(0.4 + scrollSpeed * 0.25, 1); + // Scroll velocity → pulse strength (throttled with rAF) + if (!isTouchDevice) { + window.addEventListener( + 'scroll', + () => { + if (!scrollTicking) { + window.requestAnimationFrame(() => { + const delta = Math.abs(window.scrollY - lastScrollY); + scrollSpeed = Math.min(delta / 100, 2.5); + lastScrollY = window.scrollY; - clearTimeout(cooldownId); - cooldownId = setTimeout(() => { - currentScale = 1; + // Update current scale and apply with cursor position to avoid jumps + currentScale = 1 + scrollSpeed * 0.3; glow.style.transform = `translate3d(${lastCursorX}px, ${lastCursorY}px, 0) translate(-50%, -50%) scale(${currentScale})`; - glow.style.opacity = 0.4; - }, 200); + glow.style.opacity = Math.min(0.4 + scrollSpeed * 0.25, 1); - scrollTicking = false; - }); - scrollTicking = true; - } - }, - { passive: true } - ); + clearTimeout(cooldownId); + cooldownId = setTimeout(() => { + currentScale = 1; + glow.style.transform = `translate3d(${lastCursorX}px, ${lastCursorY}px, 0) translate(-50%, -50%) scale(${currentScale})`; + glow.style.opacity = 0.4; + }, 200); + + scrollTicking = false; + }); + scrollTicking = true; + } + }, + { passive: true } + ); + } // Click Burst + Haptic Feedback document.addEventListener( From f0b679e32e359722270ff3b4ba0af0fc4c8b014c Mon Sep 17 00:00:00 2001 From: Copilot <198982749+Copilot@users.noreply.github.com> Date: Fri, 6 Mar 2026 11:23:04 +0530 Subject: [PATCH 2/3] fix: tighten hybrid-device touch guards and pin Node version in CI (#108) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Initial plan * fix: apply review feedback — any-pointer guard, hybrid CSS fix, pin Node 20.19.0 Co-authored-by: devakesu <61821107+devakesu@users.noreply.github.com> --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: devakesu <61821107+devakesu@users.noreply.github.com> --- .github/workflows/deploy.yml | 2 +- app/globals.css | 4 ++-- public/js/reactive-glow.js | 9 +++++++-- 3 files changed, 10 insertions(+), 5 deletions(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 72f8ea4..04f85ec 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -66,7 +66,7 @@ jobs: - name: Set up Node.js uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0 with: - node-version: '20' + node-version: '20.19.0' - name: Install dependencies run: npm ci diff --git a/app/globals.css b/app/globals.css index 94382b2..b43b852 100644 --- a/app/globals.css +++ b/app/globals.css @@ -8,8 +8,8 @@ html { text-rendering: optimizeLegibility; } -/* Desktop-only scroll behavior — avoids killing iOS momentum / rubber-band scrolling */ -@media (pointer: fine) { +/* Desktop-only scroll behavior — avoids killing iOS momentum / rubber-band scrolling on touch/hybrid devices */ +@media (pointer: fine) and (not (any-pointer: coarse)) { html { scroll-behavior: smooth; /* Improve mouse wheel scrolling smoothness */ diff --git a/public/js/reactive-glow.js b/public/js/reactive-glow.js index 6265f20..b0e2000 100644 --- a/public/js/reactive-glow.js +++ b/public/js/reactive-glow.js @@ -48,9 +48,14 @@ ); // Skip scroll pulse effect on touch devices (causes jank during mobile scroll) - const isTouchDevice = + const hasAnyCoarsePointer = typeof window.matchMedia === 'function' && - window.matchMedia('(pointer: coarse)').matches; + window.matchMedia('(any-pointer: coarse)').matches; + const hasTouchPoints = + typeof navigator !== 'undefined' && + typeof navigator.maxTouchPoints === 'number' && + navigator.maxTouchPoints > 0; + const isTouchDevice = hasAnyCoarsePointer || hasTouchPoints; // Scroll velocity → pulse strength (throttled with rAF) if (!isTouchDevice) { From b7ccc44daeb1593496c6b186fc1a415da9772e2a Mon Sep 17 00:00:00 2001 From: Copilot <198982749+Copilot@users.noreply.github.com> Date: Fri, 6 Mar 2026 11:31:04 +0530 Subject: [PATCH 3/3] fix(css): replace MQ4 negation with MQ3-compatible scroll behavior guards (#109) * Initial plan * fix(css): replace MQ Level-4 negation with MQ3-compatible two-block approach for scroll behavior Co-authored-by: devakesu <61821107+devakesu@users.noreply.github.com> --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: devakesu <61821107+devakesu@users.noreply.github.com> --- app/globals.css | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/app/globals.css b/app/globals.css index b43b852..2d84674 100644 --- a/app/globals.css +++ b/app/globals.css @@ -8,8 +8,8 @@ html { text-rendering: optimizeLegibility; } -/* Desktop-only scroll behavior — avoids killing iOS momentum / rubber-band scrolling on touch/hybrid devices */ -@media (pointer: fine) and (not (any-pointer: coarse)) { +/* Apply smooth scroll on fine-pointer devices (mouse/trackpad) */ +@media (pointer: fine) { html { scroll-behavior: smooth; /* Improve mouse wheel scrolling smoothness */ @@ -18,6 +18,14 @@ html { } } +/* Reset on any touch/coarse-pointer device (touch screens, hybrids) to preserve iOS momentum / rubber-band scrolling */ +@media (any-pointer: coarse) { + html { + scroll-behavior: auto; + overscroll-behavior-y: auto; + } +} + body { /* Enable smooth momentum scrolling on all platforms */ -webkit-overflow-scrolling: touch;