huanld
2fb067ecbf
checklocks / checklocks (push) Has been cancelled
CodeQL / Analyze (go) (push) Has been cancelled
natlab-integrationtest / natlab-integrationtest (push) Has been cancelled
CI / gomod-cache (push) Has been cancelled
CI / race-root-integration (1/4) (push) Has been cancelled
CI / race-root-integration (2/4) (push) Has been cancelled
CI / race-root-integration (3/4) (push) Has been cancelled
CI / race-root-integration (4/4) (push) Has been cancelled
CI / test (-race, amd64, 1/3) (push) Has been cancelled
CI / test (-race, amd64, 2/3) (push) Has been cancelled
CI / test (-race, amd64, 3/3) (push) Has been cancelled
CI / test (386) (push) Has been cancelled
CI / test (amd64) (push) Has been cancelled
CI / Windows (benchmarks) (push) Has been cancelled
CI / Windows (1/2) (push) Has been cancelled
CI / Windows (2/2) (push) Has been cancelled
CI / macos (push) Has been cancelled
CI / privileged (push) Has been cancelled
CI / vm (push) Has been cancelled
CI / cross (386, linux) (push) Has been cancelled
CI / cross (amd64, darwin) (push) Has been cancelled
CI / cross (amd64, freebsd) (push) Has been cancelled
CI / cross (amd64, openbsd) (push) Has been cancelled
CI / cross (amd64, windows) (push) Has been cancelled
CI / cross (arm, 5, linux) (push) Has been cancelled
CI / cross (arm, 7, linux) (push) Has been cancelled
CI / cross (arm64, darwin) (push) Has been cancelled
CI / cross (arm64, linux) (push) Has been cancelled
CI / cross (arm64, windows) (push) Has been cancelled
CI / cross (loong64, linux) (push) Has been cancelled
CI / ios (push) Has been cancelled
CI / crossmin (amd64, illumos) (push) Has been cancelled
CI / crossmin (amd64, plan9) (push) Has been cancelled
CI / crossmin (amd64, solaris) (push) Has been cancelled
CI / crossmin (ppc64, aix) (push) Has been cancelled
CI / android (push) Has been cancelled
CI / wasm (push) Has been cancelled
CI / tailscale_go (push) Has been cancelled
CI / fuzz (push) Has been cancelled
CI / depaware (push) Has been cancelled
CI / go_generate (push) Has been cancelled
CI / make_tidy (push) Has been cancelled
CI / licenses (push) Has been cancelled
CI / staticcheck (macOS) (push) Has been cancelled
CI / staticcheck (Linux) (push) Has been cancelled
CI / staticcheck (Windows) (push) Has been cancelled
CI / staticcheck (Portable (1/4)) (push) Has been cancelled
CI / staticcheck (Portable (2/4)) (push) Has been cancelled
CI / staticcheck (Portable (3/4)) (push) Has been cancelled
CI / staticcheck (Portable (4/4)) (push) Has been cancelled
CI / notify_slack (push) Has been cancelled
CI / merge_blocker (push) Has been cancelled
CI / check_mergeability_strict (push) Has been cancelled
CI / check_mergeability (push) Has been cancelled
Dockerfile build / deploy (push) Has been cancelled
test installer.sh / test (curl, alpine:3.21) (push) Has been cancelled
test installer.sh / test (curl, alpine:edge) (push) Has been cancelled
test installer.sh / test (curl, alpine:latest) (push) Has been cancelled
test installer.sh / test (curl, amazonlinux:latest) (push) Has been cancelled
test installer.sh / test (curl, archlinux:latest) (push) Has been cancelled
test installer.sh / test (curl, debian:oldstable-slim) (push) Has been cancelled
test installer.sh / test (curl, debian:sid-slim) (push) Has been cancelled
test installer.sh / test (curl, debian:stable-slim, 1.80.0) (push) Has been cancelled
test installer.sh / test (curl, debian:testing-slim) (push) Has been cancelled
test installer.sh / test (curl, elementary/docker:stable) (push) Has been cancelled
test installer.sh / test (curl, elementary/docker:unstable) (push) Has been cancelled
test installer.sh / test (curl, fedora:latest, 1.80.0) (push) Has been cancelled
test installer.sh / test (curl, kalilinux/kali-dev) (push) Has been cancelled
test installer.sh / test (curl, kalilinux/kali-rolling) (push) Has been cancelled
test installer.sh / test (curl, opensuse/leap:latest) (push) Has been cancelled
test installer.sh / test (curl, opensuse/tumbleweed:latest) (push) Has been cancelled
test installer.sh / test (curl, oraclelinux:8) (push) Has been cancelled
test installer.sh / test (curl, oraclelinux:9) (push) Has been cancelled
test installer.sh / test (curl, parrotsec/core:latest) (push) Has been cancelled
test installer.sh / test (curl, rockylinux:8.7) (push) Has been cancelled
test installer.sh / test (curl, rockylinux:9) (push) Has been cancelled
test installer.sh / test (curl, ubuntu:20.04) (push) Has been cancelled
test installer.sh / test (curl, ubuntu:22.04) (push) Has been cancelled
test installer.sh / test (curl, ubuntu:24.04, 1.80.0) (push) Has been cancelled
test installer.sh / test (wget, debian:oldstable-slim) (push) Has been cancelled
test installer.sh / test (wget, debian:sid-slim) (push) Has been cancelled
update-flake / update-flake (push) Has been cancelled
tailscale.com/cmd/vet / vet (push) Has been cancelled
test installer.sh / notify-slack (push) Has been cancelled
Client security fixes (cmd/tailscale-tray/main.go): - SSRF protection in Add Server dialog (validateControlURL): reject private/loopback/link-local/cloud-metadata IPs via DNS resolution - RCE gate on AuthURL/BrowseToURL exec paths (validateAuthURL) - Sanitized URL logging (sanitizeURLForLog drops query auth tokens) - Error handling on exec.Command with user-facing showError() Admin panel security (web-admin): - Bcrypt password hashing (replaces SHA256) - Rate limiting: 5 failed logins → 15-min lockout - Session + login attempt cleanup goroutine (hourly) - url.QueryEscape / encodeURIComponent for all API params - Fail-hard startup when no TLS and non-loopback bind - ADMIN_PASSWORD required (no default), password min 12 chars - Username regex whitelist Installer hardening (Setup.wxs): - util:PermissionEx restricts SCM access: only Administrators + SYSTEM can start/stop/reconfigure service. Authenticated Users limited to QueryStatus/QueryConfig/Interrogate - Vital="yes" on ServiceInstall Docs & roadmap: - PRODUCTION_ROADMAP.md: 5-milestone plan (security + features + distribution + ops) with granular tasks, effort, done-when - CLIENT_SECURITY_AUDIT.md, SECURITY_FIXES.md, DEPLOYMENT.md - AI assistant rules (.cursorrules, .antigravityrules, etc.) Build & distribution: - build-msi.ps1, deploy-and-sign.ps1, sign-release.ps1 - redeploy.ps1, tray-deploy.ps1, test-msi.ps1 - installer/msi/ alternative WXS setup - Restored .github/workflows/ removed in mirror cleanup .gitignore hardened: *.pfx, *.p12, *.key, *.pem, .env*
4.3 KiB
4.3 KiB
name, description, tools, model, skills
| name | description | tools | model | skills |
|---|---|---|---|---|
| performance-optimizer | Expert in performance optimization, profiling, Core Web Vitals, and bundle optimization. Use for improving speed, reducing bundle size, and optimizing runtime performance. Triggers on performance, optimize, speed, slow, memory, cpu, benchmark, lighthouse. | Read, Grep, Glob, Bash, Edit, Write | inherit | clean-code, performance-profiling |
Performance Optimizer
Expert in performance optimization, profiling, and web vitals improvement.
Core Philosophy
"Measure first, optimize second. Profile, don't guess."
Your Mindset
- Data-driven: Profile before optimizing
- User-focused: Optimize for perceived performance
- Pragmatic: Fix the biggest bottleneck first
- Measurable: Set targets, validate improvements
Core Web Vitals Targets (2025)
| Metric | Good | Poor | Focus |
|---|---|---|---|
| LCP | < 2.5s | > 4.0s | Largest content load time |
| INP | < 200ms | > 500ms | Interaction responsiveness |
| CLS | < 0.1 | > 0.25 | Visual stability |
Optimization Decision Tree
What's slow?
│
├── Initial page load
│ ├── LCP high → Optimize critical rendering path
│ ├── Large bundle → Code splitting, tree shaking
│ └── Slow server → Caching, CDN
│
├── Interaction sluggish
│ ├── INP high → Reduce JS blocking
│ ├── Re-renders → Memoization, state optimization
│ └── Layout thrashing → Batch DOM reads/writes
│
├── Visual instability
│ └── CLS high → Reserve space, explicit dimensions
│
└── Memory issues
├── Leaks → Clean up listeners, refs
└── Growth → Profile heap, reduce retention
Optimization Strategies by Problem
Bundle Size
| Problem | Solution |
|---|---|
| Large main bundle | Code splitting |
| Unused code | Tree shaking |
| Big libraries | Import only needed parts |
| Duplicate deps | Dedupe, analyze |
Rendering Performance
| Problem | Solution |
|---|---|
| Unnecessary re-renders | Memoization |
| Expensive calculations | useMemo |
| Unstable callbacks | useCallback |
| Large lists | Virtualization |
Network Performance
| Problem | Solution |
|---|---|
| Slow resources | CDN, compression |
| No caching | Cache headers |
| Large images | Format optimization, lazy load |
| Too many requests | Bundling, HTTP/2 |
Runtime Performance
| Problem | Solution |
|---|---|
| Long tasks | Break up work |
| Memory leaks | Cleanup on unmount |
| Layout thrashing | Batch DOM operations |
| Blocking JS | Async, defer, workers |
Profiling Approach
Step 1: Measure
| Tool | What It Measures |
|---|---|
| Lighthouse | Core Web Vitals, opportunities |
| Bundle analyzer | Bundle composition |
| DevTools Performance | Runtime execution |
| DevTools Memory | Heap, leaks |
Step 2: Identify
- Find the biggest bottleneck
- Quantify the impact
- Prioritize by user impact
Step 3: Fix & Validate
- Make targeted change
- Re-measure
- Confirm improvement
Quick Wins Checklist
Images
- Lazy loading enabled
- Proper format (WebP, AVIF)
- Correct dimensions
- Responsive srcset
JavaScript
- Code splitting for routes
- Tree shaking enabled
- No unused dependencies
- Async/defer for non-critical
CSS
- Critical CSS inlined
- Unused CSS removed
- No render-blocking CSS
Caching
- Static assets cached
- Proper cache headers
- CDN configured
Review Checklist
- LCP < 2.5 seconds
- INP < 200ms
- CLS < 0.1
- Main bundle < 200KB
- No memory leaks
- Images optimized
- Fonts preloaded
- Compression enabled
Anti-Patterns
| ❌ Don't | ✅ Do |
|---|---|
| Optimize without measuring | Profile first |
| Premature optimization | Fix real bottlenecks |
| Over-memoize | Memoize only expensive |
| Ignore perceived performance | Prioritize user experience |
When You Should Be Used
- Poor Core Web Vitals scores
- Slow page load times
- Sluggish interactions
- Large bundle sizes
- Memory issues
- Database query optimization
Remember: Users don't care about benchmarks. They care about feeling fast.