diff --git a/docs/AUDIT_PLATFORM.md b/docs/AUDIT_PLATFORM.md index e057d7ad..70afdc3e 100644 --- a/docs/AUDIT_PLATFORM.md +++ b/docs/AUDIT_PLATFORM.md @@ -12,12 +12,12 @@ Legend: ๐Ÿ”ด critical ยท ๐ŸŸ  high ยท ๐ŸŸก medium ยท ๐ŸŸข low ยท ## 0. Health snapshot -| Check | Result | Notes | -| ----------------- | ------- | ----------------------------------------------------------------------------------------------- | -| `pnpm install -r` | โœ… pass | No warnings when `GITEA_NPM_TOKEN` is exported after sourcing `~/.zshrc`. | -| `pnpm typecheck` | โœ… pass | All TS sources compile (`tsc --noEmit`). | -| `pnpm test` | โœ… pass | ~2,200 tests across 18+ test suites; one cowork-service `EPIPE` flake cleared on focused rerun. | -| `pnpm lint` | โœ… pass | Workspace lint exits 0 with 0 errors / 0 warnings after `663dcde`. See section W. | +| Check | Result | Notes | +| ----------------- | ------- | ----------------------------------------------------------------------------------------------------------------------------------------------- | +| `pnpm install -r` | โœ… pass | No warnings when `GITEA_NPM_TOKEN` is exported after sourcing `~/.zshrc`. | +| `pnpm typecheck` | โœ… pass | All TS sources compile (`tsc --noEmit`). | +| `pnpm test` | โœ… pass | ~2,200 tests across 18+ test suites; prior cowork `EPIPE` cleared on focused rerun, and auth bcrypt timeout reliability was fixed in `d3fbeba`. | +| `pnpm lint` | โœ… pass | Workspace lint exits 0 with 0 errors / 0 warnings after `663dcde`. See section W. | ## A. Lint pipeline blockers (fixed by this audit) diff --git a/docs/AUDIT_WARNING_COMPLETION_CHECKLIST.md b/docs/AUDIT_WARNING_COMPLETION_CHECKLIST.md index 2212423f..d3145a38 100644 --- a/docs/AUDIT_WARNING_COMPLETION_CHECKLIST.md +++ b/docs/AUDIT_WARNING_COMPLETION_CHECKLIST.md @@ -43,6 +43,7 @@ Recent warning-cleanup commits: | `9cd7089` | `@lysnrai/extraction-service` | Documented sidecar dev alerts. | | `2c9dc18` | `@lysnrai/platform-service` | Documented script CLI output. | | `663dcde` | `@lysnrai/platform-service` | Replaced runtime console diagnostics. | +| `d3fbeba` | `@bytelyst/auth` | Fixed bcrypt test timeout reliability. | ## Agent Execution Protocol @@ -418,7 +419,7 @@ Goal: make script warnings intentional and policy-backed. - [x] Run script typecheck/build coverage via package build or `tsx` dry-run where safe. Done in `2c9dc18`; platform-service build, scripts lint, and workspace lint passed. A TODO was added because `migrate-referrals.ts - --help` still imports service config eagerly and requires platform env + --help` still imports service config eagerly and requires platform env vars. ### W6. Shared Package Console Warnings @@ -530,12 +531,19 @@ Goal: make the suite reliable enough for repeated audit gates. - [x] Document the platform-service `server.test.ts` timeout observed while typecheck/lint ran in parallel. Done in this checklist and handoff as load sensitivity; a full platform-service rerun after `663dcde` passed. +- [x] Fix the reproduced auth bcrypt timeout encountered during final full + `pnpm test`. Done in `d3fbeba`; added package-local Vitest timeout for + `@bytelyst/auth` while preserving production bcrypt salt rounds and auth + assertions. - [x] Reproduce each in isolation before changing tests. Done; no reproducible isolated failure remained during the final gate sequence. -- [x] If reproducible, fix the underlying test lifecycle or timeout source. Not - applicable; no stable reproduction remained. +- [x] If reproducible, fix the underlying test lifecycle or timeout source. + Done for the reproduced auth timeout in `d3fbeba`; the cause was + production 12-round `bcryptjs` hashing exceeding Vitest's 5s default on + this machine. - [x] Avoid simply increasing timeouts without understanding the cause. Done; - no timeout inflation was committed. + `d3fbeba` keeps the timeout package-local and records the bcrypt cost + rationale. - [x] Add notes to `docs/HANDOVER.md` if these remain known environment sensitivities. Done in this documentation update. @@ -612,3 +620,4 @@ Goal: keep future agents aligned with the true baseline. | 2026-05-04 | `9cd7089` | Documented extraction sidecar dev alerts. | Removed 3 no-console warnings; workspace lint `93` -> `90`. | | 2026-05-04 | `2c9dc18` | Documented platform-service script CLI output. | Removed 78 script warnings; workspace lint `90` -> `12`. | | 2026-05-04 | `663dcde` | Replaced platform runtime console diagnostics. | Removed 12 runtime warnings; workspace lint `12` -> `0`. | +| 2026-05-04 | `d3fbeba` | Added auth Vitest timeout for bcrypt tests. | No warning delta; fixes reproduced auth test timeout reliability. | diff --git a/docs/CODEX_RESUME_PROMPT.md b/docs/CODEX_RESUME_PROMPT.md index 29f0d993..e88dc376 100644 --- a/docs/CODEX_RESUME_PROMPT.md +++ b/docs/CODEX_RESUME_PROMPT.md @@ -70,6 +70,9 @@ pnpm lint > /tmp/lint.log 2>&1 # current baseline: exit 0, 0 errors / 0 wa The warning sweep is complete as of `663dcde`; keep future changes on the 0-error / 0-warning baseline. +`@bytelyst/auth` has a package-local Vitest timeout in `d3fbeba` because +production 12-round `bcryptjs` hashes can exceed Vitest's default 5s timeout on +this machine. ### Step 3 โ€” Working tree state at handover diff --git a/docs/HANDOVER.md b/docs/HANDOVER.md index 4b56c793..e9684ad8 100644 --- a/docs/HANDOVER.md +++ b/docs/HANDOVER.md @@ -19,13 +19,13 @@ A fresh rerun on 2026-05-04 shows **0 lint errors / 0 warnings**; the old ## What's working right now -| Check | Result | Notes | -| ---------------------- | ------------------ | --------------------------------------------------------------------- | -| `pnpm install -r` | โœ… pass | No warnings when `GITEA_NPM_TOKEN` is exported | -| `pnpm typecheck` | โœ… pass | All 69 packages compile | -| `pnpm test` | โœ… pass | ~2,200 tests; prior transient platform/cowork flakes cleared on rerun | -| `pnpm lint` (pipeline) | โœ… runs end-to-end | Was bailing fast; this audit unblocked it | -| `pnpm lint` | โœ… 0/0 | 0 errors / 0 warnings after `663dcde` | +| Check | Result | Notes | +| ---------------------- | ------------------ | ------------------------------------------------------------------------------------------------------------- | +| `pnpm install -r` | โœ… pass | No warnings when `GITEA_NPM_TOKEN` is exported | +| `pnpm typecheck` | โœ… pass | All 69 packages compile | +| `pnpm test` | โœ… pass | ~2,200 tests; prior transient platform/cowork flakes cleared on rerun, auth bcrypt timeout fixed in `d3fbeba` | +| `pnpm lint` (pipeline) | โœ… runs end-to-end | Was bailing fast; this audit unblocked it | +| `pnpm lint` | โœ… 0/0 | 0 errors / 0 warnings after `663dcde` | --- @@ -91,6 +91,8 @@ For the live warning checklist and parallel-agent workflow, use 2. Before changing migration scripts, address the TODO in `services/platform-service/scripts/migrate-referrals.ts` so `--help` can run without platform service env vars. +3. Keep `packages/auth/vitest.config.ts` package-local; it reflects the + production bcrypt cost without weakening auth assertions. ---