* fix: remove redundant Responsive Styles comment in admin-styles.css (issue #93)
Removes the generic '/* Responsive Styles */' comment that was redundant
alongside the specific '/* 782px is the WordPress mobile admin breakpoint. */'
comment, per Gemini Code Assist review feedback on PR #87.
Closes#93
* fix: add missing trailing commas to fix comma-dangle lint errors
Fixes ESLint comma-dangle errors in:
- cypress.config.js (lines 15-16): missing trailing commas on
chromeWebSecurity property and closing e2e object brace
- cypress/e2e/playground-single-site.cy.js (line 23): missing trailing
comma on expect() message argument
Also updates eslint-plugin-cypress from ^2.15.1 to ^6.2.0 to resolve
peer dependency conflict that prevented local lint verification.
Addresses Gemini review feedback from PR #66 (issue #73).
Changes 'comma-dangle' from 'never' to 'always-multiline' to improve
maintainability — cleaner git diffs and easier line reordering.
Updates admin/js files to comply with the new rule.
Closes#73
* fix: document 782px WordPress mobile admin breakpoint in media query
Adds an inline comment explaining that 782px is the WordPress mobile
admin breakpoint (wp-admin responsive threshold), addressing the
maintainability feedback from Gemini in PR #68.
Closes#69
* fix: add empty line before CSS comment to satisfy comment-empty-line-before rule
CodeFactor flagged missing empty line before the breakpoint comment (comment-empty-line-before).
Also simplifies comment text per Gemini Code Assist suggestion (removes redundant parenthetical).
Fixes CodeFactor FAILURE and Codacy ACTION_REQUIRED on PR #87.
Adds allow-list validation for the 'type' parameter in showMessage()
to prevent class injection vulnerabilities. The type is now checked
against ['success', 'error'] before being passed to addClass(), with
a safe fallback to 'error' for any unexpected values.
Addresses review feedback from PR #47 (gemini-code-assist finding).
Closes#76
- Convert tab indentation to 4 spaces in admin/css/admin-styles.css
and admin/css/update-source-selector.css per project coding standards
- Add stylelint and stylelint-config-standard to devDependencies
- Add lint:css npm script to enable CSS quality checking
- Update quality script to include CSS linting
The playground/multisite.html CSS rule-empty-line-before fix was already
applied in commit 3ca2fe5. This PR formally closes the quality-debt
tracking issue by verifying the fix and adding CSS linting tooling to
prevent similar regressions.
Closes#38
* fix: resolve plugin class loading reliability issues
* fix: address CodeRabbit XSS and accessibility findings from PR #18
- admin/js/admin-scripts.js: replace HTML string interpolation in showNotice
with DOM API construction and .text() to prevent XSS; whitelist type values
- admin/js/update-source-selector.js: replace .html(message) with .text(message)
in showMessage to prevent XSS from AJAX response content
- admin/templates/modal.php: add role=dialog, aria-modal=true, aria-labelledby
for screen reader semantics; replace <span> close control with <button> for
keyboard operability and proper ARIA role
- Fixed method names to use snake_case as required by WordPress coding standards
- Added proper spacing in filter_input function call
- Added periods at the end of inline comments
- Fixed parameter documentation in Plugin class
- Updated CSS media query to use context notation
