cw2007/POSA_Copyrighter
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
POSA_Copyrighter/web/operator-gui/assets/match-web.svg
유창욱 3f7b3a9cf2 chore: initial commit of copyrighter (rights_filter) 
Image rights / copyright detection system: SQLite store, HTTP app,
search integrations (Naver, Google Custom Search, Google Cloud Vision
web detection), image analysis (fingerprints, face/person detection,
evidence enrichment, risk scoring), an admin/review layer, governance
and retention policies, batch jobs, and a browser-based operator GUI.

This baseline incorporates a full code-review remediation pass
(46 fixes; 358 tests passing). Highlights:

CRITICAL
- Prevent evidence cascade-delete during the schema-constraint
  migration by disabling FK enforcement around the table rebuild.

Security
- Sandbox served media (neutralize stored XSS from uploaded/collected
  SVGs) via CSP + nosniff on the untrusted media routes.
- Strip embedded EXIF/GPS from external image derivatives before they
  are sent to third-party APIs.
- Return a clean 404 (not an uncaught StopIteration) for PATCH on an
  unknown provider.

Correctness
- LLM-summary failures no longer add +30 to the risk score.
- Decode only explicit JS escapes so Korean image URLs are not mangled.
- Consume search quota only after a successful request.
- Naver/Google adapters map responses inside the failure boundary, so a
  malformed response degrades to evidence instead of crashing enrichment.
- Domain-aware provider attribution; face-box IoU de-duplication; count
  searches (not result items); per-box crop isolation; clamp evidence
  confidence and Google CSE num; real submittedEpoch; and more.

Robustness
- Offline LLM connect fast-fails (short connect timeout) so seed/reload
  requests are not stalled; full read timeout preserved for generation.
- Malformed numeric env vars fall back to defaults instead of crashing
  startup.

Performance
- Per-submission evidence reads (no full-table scan per rescore),
  audit-log LIMIT, lazy active-store lookup, hoisted timestamps.

Tests
- ~24 regression tests added pinning the above fixes.

Runtime data (data/, outputs/, *.sqlite3, *.log), secrets (.env), and
node_modules are gitignored.
2026-06-09 09:50:31 +09:00

14 lines
977 B
XML
Raw Blame History

<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 640 480" role="img" aria-labelledby="title desc">
<title id="title">Matched web result</title>
<desc id="desc">A generic web result thumbnail for evidence comparison.</desc>
<rect width="640" height="480" fill="#f1eee5"/>
<rect x="60" y="62" width="520" height="356" rx="8" fill="#ffffff" stroke="#29363a" stroke-width="6"/>
<rect x="92" y="94" width="168" height="132" fill="#dfe8e4" stroke="#6f7d7a" stroke-width="4"/>
<circle cx="176" cy="144" r="42" fill="#d39a72"/>
<path d="M127 210c14-44 45-68 87-68s73 25 87 68z" fill="#315f72"/>
<path d="M292 106h188M292 144h238M292 182h160" stroke="#465458" stroke-width="12" stroke-linecap="round"/>
<rect x="92" y="260" width="416" height="18" fill="#c7bca7"/>
<rect x="92" y="300" width="356" height="18" fill="#c7bca7"/>
<rect x="92" y="340" width="198" height="18" fill="#c7bca7"/>
<rect x="470" y="332" width="52" height="26" fill="#c44b3f"/>
</svg>
Reference in a new issue View git blame Copy permalink