Addresses CWE-209: Generation of Error Message Containing Sensitive Information.
Instead of returning the raw exception string to the user, the application now logs the error to stderr and returns a generic "Internal Server Error" message. This prevents potential leakage of internal paths, configuration details, or other sensitive information.
Extracts the dashboard HTML string into a global constant and compiles it
using Jinja2 only once (lazily) instead of re-parsing the string on every
request. This improves response latency for the dashboard.
- Extracted `DASHBOARD_HTML` constant
- Implemented `DASHBOARD_TEMPLATE` lazy compilation
- Replaced `render_template_string` with `DASHBOARD_TEMPLATE.render()`
- Verified with `scripts/test_web_dashboard.py`
Replaced `os.path.exists()` + `os.path.getmtime()` with a single `os.stat()` call in `scripts/web_dashboard.py` to reduce syscalls by 50% for cache checks. Also pre-calculated static file paths at module level to avoid redundant `abspath` and `join` calls on every request.
Impact:
- Reduces filesystem operations per request.
- Improves code cleanliness by centralizing path constants.
- Verified with existing tests and manual curl check.
💡 What: Separated the /health endpoint from the main dashboard rendering logic. It now returns a lightweight JSON response.
🎯 Why: The previous implementation rendered the full Markdown dashboard for every health check, consuming unnecessary CPU and I/O resources during frequent polling.
📊 Impact: Reduces health check processing time from file reading + markdown parsing (~milliseconds) to a simple JSON return (~microseconds).
🔬 Measurement: Verified with new test script scripts/test_web_dashboard.py and updated render.yaml/app.yaml to use the new endpoint.
- Implemented a Flask-based web dashboard in `scripts/web_dashboard.py` to serve project status and documentation.
- Integrated the web dashboard into `config/startup_config.json` as a managed component.
- Updated `requirements.txt` with `flask` and `markdown` dependencies.
- Added `/health` endpoint for cloud platform health checks.
- Verified system integrity with existing validation and testing scripts.
