fix(web): harden feed reader fallback and rss rendering

[gildesmarais]

Summary

• harden feed responder and RSS rendering behavior for reader compatibility and fallback safety
• add/adjust RSS XSL and shared public UI assets used by feed presentation
• add regression coverage for responder and RSS XSL behavior
• refresh docs where behavior/auth boundaries changed

This pull request introduces several improvements to the feed rendering experience, both visually and functionally, along with some internal refactoring and documentation updates. The most significant changes are a major redesign of the RSS feed XSL template to enhance the UI, the addition of a script to improve feed reader link handling, and a refactor in the feed responder logic. There are also updates to documentation for clarity and accuracy.

Feed UI and UX improvements:

• Major redesign of the public/rss.xsl template to provide a more modern, accessible, and informative feed presentation. This includes a new hero section with icons, improved layout, additional metadata (such as updated/published stamps), and visual signals for item quality (summary, image, tags, byline). The CSS has been extensively updated to support these changes. [1] [2] [3] [4] [5] [6] [7] [8] [9] [10]
• Improved item summary rendering and tag/author/image detection in the feed template, with new logic for stripping tags and decoding HTML entities for better display of content. [1] [2]

Feed reader integration:

• Added public/feed-reader-link.js, which dynamically sets the "Open in feed reader" link to use the feed: protocol for the current page if not already set, improving compatibility with feed readers. The script is now included in the XSL template. [1] [2] [3]

Backend code refactoring:

• Refactored the feed responder logic in app/web/feeds/responder.rb by extracting request resolution into a new resolve_request method and improving result emission with emit_response_result, making the code more modular and readable. [1] [2]

Documentation and developer experience:

• Updated docs/README.md to clarify make targets, add new OpenAPI verification/linting commands, and switch frontend instructions from npm to pnpm for consistency.
• Improved docs/architecture.md to clarify feed routing, authentication, and source resolution logic, with more precise descriptions of static and token-backed feeds.

Dependency cleanup:

• Removed the unused ssrf_filter gem from the Gemfile.

[Copilot]

Pull request overview

This PR hardens the web feed rendering path and improves RSS/XSL presentation for better reader compatibility, adding shared UI assets and regression coverage around the responder and XSL output.

Changes:

• Adds/updates RSS XSL rendering (hero, “open in reader” affordance, and item quality indicators) and shared UI primitives.
• Refactors feed responder logging/normalization and tightens responder specs via shared expectations.
• Updates docs and ignore rules, including pnpm-related developer workflow notes.

Reviewed changes

Copilot reviewed 10 out of 11 changed files in this pull request and generated 3 comments.

Show a summary per file

File	Description
spec/public/rss_xsl_spec.rb	New regression coverage for XSL-rendered HTML output (assets, hero, stamping, text cleaning).
spec/html2rss/web/feeds/responder_spec.rb	Extracts shared expectations for static source resolution + cache headers.
spec/html2rss/web/app_spec.rb	Makes static-feed caching test less cache-collision prone via randomized path.
public/shared-ui.css	Expands shared primitives (hero/buttons/tokens) used by both app UI and XSL surfaces.
public/rss.xsl	Enhances feed HTML presentation, adds feed-reader link behavior, and improves text cleaning.
public/feed-reader-link.js	Adds client-side wiring for “Open in feed reader” fallback behavior.
Gemfile	Removes ssrf_filter dependency declaration.
docs/README.md	Updates contributor commands (notably make ready) and documents pnpm scripts.
docs/architecture.md	Refreshes routing/auth boundary documentation for static vs token feed paths.
app/web/feeds/responder.rb	Refactors request resolution + result emission flow for clearer separation.
.gitignore	Adds pnpm store and minor cleanup.