feat: embedded draw.io diagram editor for threat modelling#132
Open
Mavi9412 wants to merge 2 commits into
Open
feat: embedded draw.io diagram editor for threat modelling#132Mavi9412 wants to merge 2 commits into
Mavi9412 wants to merge 2 commits into
Conversation
Integrates the diagrams.net embed editor directly into the Threat Model tab so users can create and edit architecture diagrams without leaving STRIDE-GPT. The diagram XML is parsed to extract components, data flows, and trust boundaries, which are injected into the LLM prompt as structured context before generating a threat model. New files: - stride_gpt/core/drawio_parser.py — stdlib XML parser with self-test - apps/web/components/drawio_editor/ — Streamlit custom component wrapping the diagrams.net embed postMessage API (pure HTML/JS, no build step) Changed files: - apps/web/main.py — toggle button in col1, full-width editor widget below the input section, XML context injection at prompt-build time - README.md — feature entry in the feature list Backward-compatible: existing image upload flow is unchanged.
- Add isStreamlitMessage:true to all component postMessages so Streamlit registers componentReady and does not show the loading error banner - Auto-fill app description text area from parsed diagram XML on save, mirroring the existing PNG upload flow - Move editor to render full-width above the input columns so it opens immediately in view after clicking the button in col1 - Move Open Diagram Editor button into col1 alongside the image uploader
Author
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.

Summary
xml.etree.ElementTreeto extract components, data flows, and trust boundaries — this structured context is injected into the LLM prompt, producing richer threat models than image analysis aloneNew files
stride_gpt/core/drawio_parser.py__main__self-test. No new dependencies (stdlib only).apps/web/components/drawio_editor/__init__.pydeclare_componentwrapper returning{action, xml}apps/web/components/drawio_editor/frontend/index.htmlembed.diagrams.netvia the officialproto=jsonpostMessage API. No npm build step required.Changed files
apps/web/main.pyREADME.mdHow it works
Test plan
python stride_gpt/core/drawio_parser.py— all assertions pass