Skip to content

Add Advanced Details Disclosures For Incident Technical Metadata #67

Description

@TheSilkky

Add Advanced Details Disclosures For Incident Technical Metadata

Priority

High

Type

Frontend design / security hardening

Labels

backlog, frontend, design, accessibility, security, testing

Branch Scope

Created from docs/end-user-product-design at d2c32a3.

Background

The incident detail route currently presents technical sections such as streams, chunks, contact keys, shared access, and key-delivery metadata as primary page content. The end-user design document recommends progressive disclosure so normal users first see incident status, evidence state, upload state, and next actions.

Technical metadata still matters for reviewers and local testers, but it should not dominate the default view.

Proposed Scope

  • Identify incident detail sections that should move behind advanced details disclosures.
  • Keep security-relevant warnings and access-state information visible without burying critical risk.
  • Use accessible disclosure controls with keyboard support and clear labels.
  • Add or reuse layout primitives only if they fit the existing component patterns.
  • Update route tests so they cover the default user view and expanded advanced state.

Acceptance Criteria

  • The default incident detail view prioritizes end-user status, evidence summary, sharing state, and next actions.
  • Raw-ish technical sections are available through clearly labeled advanced details.
  • Advanced details controls are keyboard accessible and screen-reader understandable.
  • Expanding and collapsing advanced details does not shift layout unexpectedly or hide critical warnings.
  • Tests cover both default and expanded states.

Out Of Scope

  • Removing technical information that security reviewers still need.
  • Displaying raw secrets, raw keys, viewer tokens, request bodies, uploaded bytes, stored paths, or object keys.
  • Backend changes.
  • Browser decryption or key unwrapping.

Suggested Validation

  • npm run typecheck
  • npm run lint
  • npm run test
  • npm run build
  • npm run test:e2e
  • Keyboard navigation check for disclosure controls
  • git diff --check

Metadata

Metadata

Assignees

No one assigned

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions