feat(ui): add Attack Paths product tour (driver.js PoC)#11383
Open
pfe-nazaries wants to merge 9 commits into
Open
feat(ui): add Attack Paths product tour (driver.js PoC)#11383pfe-nazaries wants to merge 9 commits into
pfe-nazaries wants to merge 9 commits into
Conversation
github-actions
Bot
added
github_actions
Contributor
|
✅ All necessary |
Contributor
|
✅ Conflict Markers Resolved All conflict markers have been successfully resolved in this pull request. |
Contributor
🔒 Container Security ScanImage: 📊 Vulnerability Summary
2 package(s) affected
|
- Add driver.js abstraction under ui/lib/tours with localStorage persistence - Ship full Attack Paths tour and empty-state mini-tour for users with no scans - Add prowler-tour skill and CI alignment script to prevent selector drift Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
- Drop tour meta-commentary about auto-selecting scan/query - Use "provider" to match app terminology - Replace technical "renders the result" with plain "see the graph" - Friendlier outro: "You're all set" instead of "clear browser storage" Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
- Drop WHAT-describing JSDoc; keep comments explaining non-obvious WHY - Remove time-rotting markers (PoC/v1 notes, design-doc refs, path coupling) - Tighten inline rationale on AWS-scan and demo-query selection
- Remove openspec references and v1/PoC rotting markers - Restrict allowed-tools to read-only (Read, Glob, Grep) - Move report template to references/output-format.md - Convert remaining second-person prose to imperative form
- Generize TourStep/TourDefinition/handlers over a literal target union - Add defineTour helper that preserves step targets through const inference - Validate stepHandlers keys and waitForStep args at useDriverTour call sites - Align prowler-tour skill template and architecture reference Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Replace the multi-sentence description with a single concise line and add the PR link.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
- Add DOM → tour orphan check to the alignment script - Warns (does not fail) on data-tour-id attributes no tour references
pfe-nazaries
force-pushed
the
feature/driver-js-poc
branch
from
1b23c11 to
1ef1509
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Context
PoC introducing a product-tour pattern to Prowler using
driver.js, applied to the Attack Paths workflow.Description
ui/lib/tours/: swappable abstraction (tour definition, React hook, persistence adapter, theming).attack-paths.tour.ts+attack-paths-empty.tour.ts: the two tours wired on/attack-paths.ui/styles/tours.css: themed popover bound to existing design tokens. One new--text-button-primarytoken inglobals.cssso the Next button text has accessible contrast against--bg-button-primary.skills/prowler-tour/: drift-detection skill that keeps tours aligned with the covered UI.ui/scripts/check-tour-alignment.mjs: syntactic CI gate that fails on orphandata-tour-idselectors.Steps to review
pnpm run dev, log in, open/attack-pathsin a fresh session — full tour auto-opens and drives the underlying UI between anchored steps./attack-pathswith zero scans available — the empty-state mini-tour opens instead, pointing at Scan Jobs.pnpm run tour:checkexits 0; remove adata-tour-idattribute to confirm the script fails on drift.Screenshots of the six tour steps available locally (
tour-step{1..6}*.png) — will attach in a follow-up comment.Checklist
Community Checklist
UI (if applicable)
License
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.