fix(ui): secret field json diff visibility issue

[IgorHorta]

Context

Previously, when reviewing secret changes in the approval workflow, users could only see that a secret value had changed, but couldn't easily identify exactly what changed within the value. This made it difficult to review changes, especially for long strings or multiline values.

This PR implements an enhanced diff visualization for secret approvals that provides:

• Line-by-line comparison for multiline secret values with visual indicators (+ for additions, - for deletions)
• Word-level highlighting within modified lines to pinpoint exactly which words/characters changed
• Single-line diff support with inline word highlighting (no +/- indicators for cleaner display)
• Auto-scroll to first change to help users quickly find what changed
• Enhanced visual design with darker tinted backgrounds (#120808 for old, #081208 for new) for better contrast
• Proper text wrapping for long strings to prevent overflow

The implementation uses a word-boundary-aware diff algorithm similar to GitHub's diff view, making it much easier to review and approve secret changes.

Related to: SECRETS-65

Screenshots

Screenshare.-.2026-01-26.4_15_51.PM.mp4

Steps to verify the change

Test Case 1: Single-Line Secret Diff

1. Navigate to a secret approval request
2. Find a secret where the value is a single line (no newlines) and has been changed
3. Expected:
   • The changed words/characters are highlighted inline (red for old, green for new)
   • No +/- indicators or line containers
   • Text wraps if the value is very long

Test Case 2: Multiline Secret Diff

1. Navigate to a secret approval request
2. Find a secret where the value contains newlines and has been changed
3. Expected:
   • Changed lines show - (red) for deletions and + (green) for additions
   • Modified lines show both old and new versions with word-level highlighting
   • Full lines are highlighted with the appropriate background color
   • Container automatically scrolls to the first change

Test Case 3: Long String Wrapping

1. Create or find a secret with a very long value (e.g., a long URL or connection string)
2. Request an approval with a change to this secret
3. Expected:
   • The text wraps within the container instead of overflowing
   • Horizontal scrolling is only needed if absolutely necessary
   • Word-level highlighting still works correctly across wrapped lines

Test Case 4: Auto-Scroll Behavior

1. Navigate to a secret approval request with changes
2. If the first change is not visible in the viewport
3. Expected:
   • The container automatically scrolls to show the first change
   • Only the inner diff container scrolls, not the entire page
   • Scrolling is smooth and centers the first change in the viewport

Test Case 5: Visual Design

1. Navigate to a secret approval request
2. Observe the diff containers
3. Expected:
   • Previous version container has a darker red-tinted background (#120808)
   • New version container has a darker green-tinted background (#081208)
   • Colors provide good contrast against the card backgrounds
   • Highlighting is clearly visible

Test Case 6: Edge Cases

1. Test with secrets that have:
   • Only whitespace changes
   • Special characters and unicode
   • Very long single words (no spaces)
   • Empty to non-empty or vice versa
2. Expected: All cases handle gracefully without breaking the UI

Type

• Fix
• Feature
• Improvement
• Breaking
• Docs
• Chore

Checklist

• Title follows the conventional commit format: type(scope): short description (scope is optional, e.g., fix: prevent crash on sync or fix(api): handle null response).
• Tested locally
• Updated docs (if needed)
• Read the contributing guide

[maidul98]

✅ Snyk checks have passed. No issues have been found so far.

Status	Scanner	Critical	High	Medium	Low	Total (0)
✅	Open Source Security	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

[greptile-apps]

Greptile Overview

Greptile Summary

This PR adds enhanced diff visualization for secret approval requests using the diff library. The implementation provides line-by-line and word-level highlighting to show exactly what changed in secret values, making it easier to review changes.

Key changes:

• Added diff package (v8.0.3) for computing line and word diffs
• Implemented renderSingleLineDiffForApproval and renderMultilineDiffForApproval functions to visualize changes
• Added auto-scroll functionality to center the first change in view
• Applied color-coded backgrounds (#120808 for old, #081208 for new) with inline highlighting

Issue found:

• Performance concern: No input size limits before running diff algorithms, which could cause browser freezing with very large secret values (e.g., multi-MB strings)

Confidence Score: 4/5

• This PR is generally safe to merge with one performance concern that should be addressed
• The implementation is solid and uses a well-established library (diff) for computing changes. The code properly handles edge cases (empty values, single-line vs multiline). However, there's a performance/DoS concern: no size limits before running O(n*m) diff algorithms on potentially very large secret values. This could freeze the browser if a user submits extremely large secrets.
• SecretApprovalRequestChangeItem.tsx needs size validation before diff operations

Important Files Changed

Filename	Overview
frontend/src/pages/secret-manager/SecretApprovalsPage/components/SecretApprovalRequest/components/SecretApprovalRequestChangeItem.tsx	implemented word/line-level diff visualization with auto-scroll, uses diff library for change detection

[greptile-apps]

_{1 file reviewed, 1 comment}

_{Edit Code Review Agent Settings | Greptile}

[victorvhs017]

If I add a secret with whitespace at the start and the end of a secret value, it shows the change here:

But it doesn't show here

And if I save and merge, it's not there.

It would be good to standardize the behavior:

• trim and not commit anything
• do not trim and add the whitespace to the value

[victorvhs017]

When we have multiple words changed, it highlights one by one; in this case, it should be the whole block.

[victorvhs017]

When we have multiple words changed, it highlights one by one; in this case, it should be the whole block.

This is another example

What I did here is that I removed something at the end and added something at the end of the text

[IgorHorta]

If I add a secret with whitespace at the start and the end of a secret value, it shows the change here:

But it doesn't show here And if I save and merge, it's not there.

It would be good to standardize the behavior:

• trim and not commit anything
• do not trim and add the whitespace to the value

fixed!

[victorvhs017]

Here, I added a new secret and there's a space splitting the first line from the rest of the value

[victorvhs017]

Here I'm removing the first empty line, and this is the change I'm getting:

[victorvhs017]

@greptileai re-review and update your summary

[greptile-apps]

_{2 files reviewed, 2 comments}

_{Edit Code Review Agent Settings | Greptile}

[victorvhs017]

LGTM