Skip to content

Improve configurable hero title split position with live preview in admin panel#6

Closed
IkiaeM wants to merge 2 commits into
florianjs:mainfrom
IkiaeM:fix
Closed

Improve configurable hero title split position with live preview in admin panel#6
IkiaeM wants to merge 2 commits into
florianjs:mainfrom
IkiaeM:fix

Conversation

@IkiaeM

@IkiaeM IkiaeM commented Jan 5, 2026

Copy link
Copy Markdown
Contributor
  • Add heroTitleSplitPosition setting with range slider control in admin homepage content editor
  • Add live preview showing how title will be split between primary and muted text
  • Update homepage to use configured split position instead of automatic midpoint calculation
  • Add HERO_TITLE_SPLIT_POSITION setting key with getter/setter functions
  • Include heroTitleSplitPosition in settings API endpoints and validation schema

home-title-slider
The title is no longer forced to be upper case, so my preview is obsolete. This allows everyone to choose the style they want.

IkiaeM added 2 commits January 5, 2026 17:26
… panel

- Add heroTitleSplitPosition setting with range slider control in admin homepage content editor
- Add live preview showing how title will be split between primary and muted text
- Update homepage to use configured split position instead of automatic midpoint calculation
- Add HERO_TITLE_SPLIT_POSITION setting key with getter/setter functions
- Include heroTitleSplitPosition in settings API endpoints and validation schema
- Remove uppercase class from hero title in homepage component
- Remove uppercase class from title preview in admin homepage content editor
@florianjs

Copy link
Copy Markdown
Owner

hey, the branding has been updated since v0.3.0

@florianjs florianjs closed this Jan 7, 2026
@IkiaeM IkiaeM deleted the fix branch January 7, 2026 12:49
Dim145 added a commit to Dim145/opentracker that referenced this pull request May 10, 2026
Six open Dependabot alerts, all transitive — five in
doc/package-lock.json (florianjs#1florianjs#5) and one in pnpm-lock.yaml (florianjs#6). Patched
in two manifests:

doc/ (vitepress / vite-based docs site):
- Bump direct deps to latest minor: @tailwindcss/vite + tailwindcss
  4.0 → 4.3.0, vitepress 1.5 → 1.6.4, vue 3.5 → 3.5.34.
- Pin npm `overrides`:
    "esbuild": "^0.25.0"   # CVE: dev-server CORS leak  (florianjs#1, florianjs#6)
    "vite":    "^7.3.3"    # CVE: optimized-deps path traversal  (florianjs#4)
  Vite 8 was tested but removes `transformWithEsbuild` which
  VitePress 1.x still imports — sticking on 7.3.x until the
  upstream migration to oxc lands.
- The bump also pulls patched versions of preact (florianjs#2, JSON VNode
  injection), rollup (florianjs#3, arbitrary file write), and postcss (florianjs#5,
  XSS via stringify) transitively — all four cleared by the rebuild.

Workspace root (pnpm):
- Add `esbuild: "^0.25.0"` to `pnpm.overrides`. The vulnerable
  esbuild@0.18.20 was pinned by `@esbuild-kit/core-utils`, the
  legacy ESM loader pulled in by drizzle-kit; the override
  collapses every chain (drizzle-kit, vite, nitropack, tsx,
  vitest) onto esbuild@0.25.12 and drops 0.18.x from the lockfile
  entirely (florianjs#6).

Verified:
- `cd doc && npm audit` → "found 0 vulnerabilities"
- `cd doc && npm run build` → builds in ~3s, all routes render
- `docker build -f doc/Dockerfile doc` → image rebuilds clean
- API rebuild + boot → drizzle-kit schema push still works
  (it was the heaviest user of @esbuild-kit/* on the workspace)

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

2 participants