Skip to content

React UI migration#1

Open
aziolk-beyond wants to merge 5 commits intomainfrom
react-ui-migration
Open

React UI migration#1
aziolk-beyond wants to merge 5 commits intomainfrom
react-ui-migration

Conversation

@aziolk-beyond
Copy link
Collaborator

@aziolk-beyond aziolk-beyond commented Jan 15, 2026

Overview

This PR migrates the Claude Defense Kit from static HTML generation to a modern React Single Page Application (SPA) with Material-UI v7 and Beyond Identity's Machina design system.
Screenshot 2026-01-15 at 9 18 50 AM

🎯 Key Changes

Architecture

  • Frontend: React 18 + TypeScript + Vite
  • Backend: Express server serving built React app + REST API
  • Design System: Material-UI v7 with custom Machina theme
  • Build System: Dual TypeScript compilation (client + server)

Project Structure

src/
├── client/ # React SPA (new)
│ ├── components/ # Reusable UI components
│ ├── pages/ # Page components
│ ├── hooks/ # Custom React hooks
│ ├── services/ # API client
│ └── theme/ # Machina theme integration
└── server/ # Backend (reorganized)
├── analyzers/ # Risk analysis logic
├── scanners/ # Security scanners
└── server.ts # Express server

🎨 Design & UI

Machina Design System Integration

  • Primary Color (Pine Green): #154545 - Used for technical elements, logos, and key UI text
  • Secondary Color (Soft Teal): #D6F2F4 - Used for cards and backgrounds
  • Typography: JetBrains Mono for technical/code elements, system fonts for body text
  • Components: Custom themed MUI components following Machina guidelines

New Features

  • ✅ Interactive security findings with live filtering (Risk Level, Type)
  • ✅ Preview modal for configuration changes before applying
  • ✅ One-click fix buttons with undo functionality
  • ✅ Smooth scroll navigation with sidebar
  • ✅ Real-time risk score calculation with visual indicators
  • ✅ Warning icon on Risk Score chip when ≥50 (HIGH/CRITICAL)
  • ✅ Clickable logo to scroll to top

Responsive Design

Fully responsive layouts with breakpoints:

  • Mobile (xs): Single column, stacked filters, hidden sidebar
  • Tablet (sm/md): 2-3 column grids, responsive filters
  • Desktop (lg+): Full 5-column grid, sidebar navigation, all features visible

UI Polish

  • Pine Green text/icons in "What We Scanned" cards
  • JetBrains Mono monospace font for technical titles
  • 4-tier risk badges (critical/high/medium/low)
  • Critical risks display with warning color (yellow)
  • Smooth animations and transitions
  • WCAG 2.0 AA compliant color contrast

🔧 Technical Implementation

Frontend Stack

  • React 18: Modern React with hooks
  • Material-UI v7: Latest MUI with improved theming
  • TypeScript: Full type safety
  • Vite: Fast dev server and optimized builds
  • React Router: Client-side routing

Backend Updates

  • Express server serves both static React build and API endpoints
  • Maintained all existing scan/analysis functionality
  • RESTful API: /api/scan, /api/fix, /api/undo
  • No changes to core security scanning logic

State Management

  • React hooks (useState, useEffect) for local state
  • Custom hooks: useScanData, useToast
  • API service layer for backend communication

📊 Risk Score Logic

Weighted scoring system (0-100):

  • MCP Servers: Critical (25), High (15), Medium (8), Low (3)
  • Sensitive Files: Critical (15), High (10), Medium (5), Low (2)
  • Capabilities: Shell (20), Database (12), Package Install (10), Network (8)
  • Categories: Critical (≥75), High (50-74), Medium (25-49), Low (<25)

🧪 Testing Considerations

  • Test responsive layouts on mobile/tablet/desktop
  • Verify fix/undo functionality with various security issues
  • Test filtering by risk level and issue type
  • Confirm sidebar navigation and scroll behavior
  • Validate API endpoints return correct data
  • Check accessibility with screen readers

🚀 Deployment Notes

Build Process

npm run build        # Builds both client and server
npm start           # Production server
npm run dev         # Development with hot-reload
Environment
Node.js 18+ required
Port 3847 for production server
Port 5173 for Vite dev server (dev only)

🔄 Migration Impact
Breaking Changes
❌ Removed static HTML report generation
❌ Removed old terminal-based reporters
✅ Replaced with interactive React SPA
Backward Compatibility
✅ CLI commands unchanged
✅ Scan logic unchanged
✅ Configuration format unchanged
✅ All security features maintained
📝 Additional Notes

Why This Migration?
Better UX: Interactive UI vs static HTML
Modern Stack: React/MUI vs vanilla JS
Design System: Consistent with Beyond Identity brand
Maintainability: Component-based architecture
Extensibility: Easy to add new features

🤝 Review Checklist
 Code follows TypeScript best practices
 All files use Machina design tokens (no hardcoded colors)
 Responsive design works on all breakpoints
 Accessibility standards met (WCAG 2.0 AA)
 No console errors or warnings
 Build succeeds without errors
 
Co-Authored-By: Claude Sonnet 4.5 

aziolk-beyond and others added 2 commits January 15, 2026 09:22
Major Changes:
- Migrated from static HTML generation to React SPA with Vite
- Implemented Material-UI v7 with Machina design system
- Added responsive design with mobile/tablet/desktop breakpoints
- Restructured project: src/server/ for backend, src/client/ for frontend

Frontend:
- Created React components: ReportPage, LandingPage, FindingCard, SidebarNav
- Implemented interactive features: preview modals, fix buttons, filters
- Added undo functionality with API integration
- Applied Machina color palette (Pine Green primary, Tailwind secondary)
- Used JetBrains Mono for technical text (card titles, audit report)
- Responsive grid layouts for "What We Scanned" cards (1-5 columns)

Backend:
- Moved server code to src/server/
- Express now serves built React app + API endpoints
- Maintained all existing scan/config functionality

Design System:
- Integrated machina-theme-v1.0.3 with custom palette and typography
- Applied WCAG AA compliant colors
- Used Bootstrap Icons for UI elements
- No hardcoded colors/sizes - all theme tokens

Build System:
- Vite for client bundling
- TypeScript compilation for server
- Dual tsconfig setup (client + server)
- npm scripts: dev, build, start

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
UI Enhancements:
- Updated "What We Scanned" cards to use Pine Green text/icons
- Applied JetBrains Mono monospace font to "Security Audit Report" title
- Removed "Security Report" heading from sidebar for cleaner navigation
- Added warning triangle icon to Risk Score chip when score ≥50
- Changed Risk Score chip colors to Pine Green text on teal background
- Made Beyond Identity logo clickable to scroll to top

Design System Updates:
- Consistent use of Machina primary.main (Pine Green) for technical elements
- Maintained secondary.main (soft teal) backgrounds
- All typography follows Machina design system tokens

Risk Badge Updates:
- Updated RiskBadge to support 4-tier risk levels (critical, high, medium, low)
- Critical risks now display with warning color (yellow) instead of error
- Type safety improved with RiskLevel type instead of SimpleRisk

Responsive Design:
- Fully responsive layout with mobile/tablet/desktop breakpoints
- Sidebar hidden on mobile (< md breakpoint)
- "What We Scanned" cards: 1 col (mobile) → 5 cols (desktop)
- Flexible header and filter sections for all screen sizes
- Responsive tables with horizontal scroll on mobile

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
aziolk-beyond and others added 3 commits January 15, 2026 15:07
Major Changes:
- Complete UI refactor with new section components architecture
- Achieve WCAG 2.0 AA color contrast compliance across all badges/chips
- Implement responsive card layout with proper breakpoints
- Add comprehensive configuration sections (Tools, Bash, Sandbox, Directory, Integrity, Profiles)

UI Component Architecture:
- Created modular section components for all configuration areas
- Added BashRestrictionsSection, DirectoryAccessSection, IntegritySection
- Added SandboxSettingsSection, SecurityProfilesSection, ToolRestrictionsSection
- Centralized security configuration constants in securityConfig.ts
- Added EnterpriseSection with hero image

Accessibility Improvements (WCAG 2.0 AA):
- Updated all badge/chip text colors from #444444 to #121212
- Fixed RiskBadge contrast ratios: CRITICAL (11.9:1), HIGH (8.67:1), MEDIUM (16.4:1), LOW (11.6:1)
- Fixed sidebar badge contrast (8.67:1 on red background)
- Fixed BLOCKED/ALLOWED status badges in Tool and Bash sections (8.67:1 red, 11.6:1 green)
- Fixed MCP Integrity status chips (all statuses now 8.67:1 - 16.4:1)
- Fixed installation status and unresolved issues chips

Responsive Design:
- Added proper breakpoints for "What We Scanned" cards grid
- Mobile (xs): 1 column, Small tablet (sm): 2 columns, Desktop (md+): 5 columns
- Added minWidth/maxWidth constraints to prevent card stretching
- Used CSS gap property for consistent row/column spacing

API & State Management:
- Removed duplicate API method definitions (allowDirectory, denyDirectory, applyProfile)
- Enhanced PreviewModal with better diff visualization and copy functionality
- Added proper loading states and error handling across all sections

UI Polish:
- Moved "Unresolved Issues" indicator to Security Findings section
- Added "Show All" button for blast radius table (expands beyond 10 items)
- Standardized all section cards with primary.50 background and primary.200 border
- Moved Security Profiles title/description inside card for consistency

Backend Updates:
- Added server routes for security configuration previews
- Enhanced config writer with proper validation

Assets:
- Added enterprise-hero.png for marketing section
- Added favicon.svg

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
- Updated theme.ts with table cell left-alignment fix
- Renamed machina-theme-v1.0.3 to machina-theme-v1.0.4
- Updated all import references to v1.0.4
- This includes the fix for table cell content alignment
Update path aliases in tsconfig.json and vite.config.ts to reference
machina-theme-v1.0.4 directory.

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant