bytelyst/learning_ai_common_plat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

docs(audit): record auth test reliability fix

Browse Source 
What changed:
- Recorded d3fbeba in the audit checklist, platform audit, handoff, and resume prompt.
- Updated the W9 notes to explain the reproduced bcrypt timeout and package-local Vitest timeout.

Warning impact:
- No warning delta; workspace lint baseline remains 0 errors / 0 warnings.

Verification:
- git diff --check
This commit is contained in:
Saravana Achu Mac 2026-05-04 16:59:53 -07:00
parent d3fbeba69d
commit ecfdc90049
4 changed files with 31 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
docs/AUDIT_PLATFORM.md
View File

@ -12,12 +12,12 @@ Legend: 🔴 critical · 🟠 high · 🟡 medium · 🟢 low ·
## 0. Health snapshot ## 0. Health snapshot
| Check | Result | Notes | | Check | Result | Notes |
| ----------------- | ------- | ----------------------------------------------------------------------------------------------- | | ----------------- | ------- | ----------------------------------------------------------------------------------------------------------------------------------------------- |
| `pnpm install -r` | ✅ pass | No warnings when `GITEA_NPM_TOKEN` is exported after sourcing `~/.zshrc`. | | `pnpm install -r` | ✅ pass | No warnings when `GITEA_NPM_TOKEN` is exported after sourcing `~/.zshrc`. |
| `pnpm typecheck` | ✅ pass | All TS sources compile (`tsc --noEmit`). | | `pnpm typecheck` | ✅ pass | All TS sources compile (`tsc --noEmit`). |
| `pnpm test` | ✅ pass | ~2,200 tests across 18+ test suites; one cowork-service `EPIPE` flake cleared on focused rerun. | | `pnpm test` | ✅ pass | ~2,200 tests across 18+ test suites; prior cowork `EPIPE` cleared on focused rerun, and auth bcrypt timeout reliability was fixed in `d3fbeba`. |
| `pnpm lint` | ✅ pass | Workspace lint exits 0 with 0 errors / 0 warnings after `663dcde`. See section W. | | `pnpm lint` | ✅ pass | Workspace lint exits 0 with 0 errors / 0 warnings after `663dcde`. See section W. |
## A. Lint pipeline blockers (fixed by this audit) ## A. Lint pipeline blockers (fixed by this audit)

17
docs/AUDIT_WARNING_COMPLETION_CHECKLIST.md
View File

@ -43,6 +43,7 @@ Recent warning-cleanup commits:
| `9cd7089` | `@lysnrai/extraction-service` | Documented sidecar dev alerts. | | `9cd7089` | `@lysnrai/extraction-service` | Documented sidecar dev alerts. |
| `2c9dc18` | `@lysnrai/platform-service` | Documented script CLI output. | | `2c9dc18` | `@lysnrai/platform-service` | Documented script CLI output. |
| `663dcde` | `@lysnrai/platform-service` | Replaced runtime console diagnostics. | | `663dcde` | `@lysnrai/platform-service` | Replaced runtime console diagnostics. |
| `d3fbeba` | `@bytelyst/auth` | Fixed bcrypt test timeout reliability. |
## Agent Execution Protocol ## Agent Execution Protocol
@ -418,7 +419,7 @@ Goal: make script warnings intentional and policy-backed.
- [x] Run script typecheck/build coverage via package build or `tsx` dry-run - [x] Run script typecheck/build coverage via package build or `tsx` dry-run
where safe. Done in `2c9dc18`; platform-service build, scripts lint, and where safe. Done in `2c9dc18`; platform-service build, scripts lint, and
workspace lint passed. A TODO was added because `migrate-referrals.ts workspace lint passed. A TODO was added because `migrate-referrals.ts
--help` still imports service config eagerly and requires platform env --help` still imports service config eagerly and requires platform env
vars. vars.
### W6. Shared Package Console Warnings ### W6. Shared Package Console Warnings
@ -530,12 +531,19 @@ Goal: make the suite reliable enough for repeated audit gates.
- [x] Document the platform-service `server.test.ts` timeout observed while - [x] Document the platform-service `server.test.ts` timeout observed while
typecheck/lint ran in parallel. Done in this checklist and handoff as typecheck/lint ran in parallel. Done in this checklist and handoff as
load sensitivity; a full platform-service rerun after `663dcde` passed. load sensitivity; a full platform-service rerun after `663dcde` passed.
- [x] Fix the reproduced auth bcrypt timeout encountered during final full
`pnpm test`. Done in `d3fbeba`; added package-local Vitest timeout for
`@bytelyst/auth` while preserving production bcrypt salt rounds and auth
assertions.
- [x] Reproduce each in isolation before changing tests. Done; no reproducible - [x] Reproduce each in isolation before changing tests. Done; no reproducible
isolated failure remained during the final gate sequence. isolated failure remained during the final gate sequence.
- [x] If reproducible, fix the underlying test lifecycle or timeout source. Not - [x] If reproducible, fix the underlying test lifecycle or timeout source.
applicable; no stable reproduction remained. Done for the reproduced auth timeout in `d3fbeba`; the cause was
production 12-round `bcryptjs` hashing exceeding Vitest's 5s default on
this machine.
- [x] Avoid simply increasing timeouts without understanding the cause. Done; - [x] Avoid simply increasing timeouts without understanding the cause. Done;
no timeout inflation was committed. `d3fbeba` keeps the timeout package-local and records the bcrypt cost
rationale.
- [x] Add notes to `docs/HANDOVER.md` if these remain known environment - [x] Add notes to `docs/HANDOVER.md` if these remain known environment
sensitivities. Done in this documentation update. sensitivities. Done in this documentation update.
@ -612,3 +620,4 @@ Goal: keep future agents aligned with the true baseline.
| 2026-05-04 | `9cd7089` | Documented extraction sidecar dev alerts. | Removed 3 no-console warnings; workspace lint `93` -> `90`. | | 2026-05-04 | `9cd7089` | Documented extraction sidecar dev alerts. | Removed 3 no-console warnings; workspace lint `93` -> `90`. |
| 2026-05-04 | `2c9dc18` | Documented platform-service script CLI output. | Removed 78 script warnings; workspace lint `90` -> `12`. | | 2026-05-04 | `2c9dc18` | Documented platform-service script CLI output. | Removed 78 script warnings; workspace lint `90` -> `12`. |
| 2026-05-04 | `663dcde` | Replaced platform runtime console diagnostics. | Removed 12 runtime warnings; workspace lint `12` -> `0`. | | 2026-05-04 | `663dcde` | Replaced platform runtime console diagnostics. | Removed 12 runtime warnings; workspace lint `12` -> `0`. |
| 2026-05-04 | `d3fbeba` | Added auth Vitest timeout for bcrypt tests. | No warning delta; fixes reproduced auth test timeout reliability. |

3
docs/CODEX_RESUME_PROMPT.md
View File

@ -70,6 +70,9 @@ pnpm lint > /tmp/lint.log 2>&1 # current baseline: exit 0, 0 errors / 0 wa
The warning sweep is complete as of `663dcde`; keep future changes on the The warning sweep is complete as of `663dcde`; keep future changes on the
0-error / 0-warning baseline. 0-error / 0-warning baseline.
`@bytelyst/auth` has a package-local Vitest timeout in `d3fbeba` because
production 12-round `bcryptjs` hashes can exceed Vitest's default 5s timeout on
this machine.
### Step 3 — Working tree state at handover ### Step 3 — Working tree state at handover

16
docs/HANDOVER.md
View File

@ -19,13 +19,13 @@ A fresh rerun on 2026-05-04 shows **0 lint errors / 0 warnings**; the old
## What's working right now ## What's working right now
| Check | Result | Notes | | Check | Result | Notes |
| ---------------------- | ------------------ | --------------------------------------------------------------------- | | ---------------------- | ------------------ | ------------------------------------------------------------------------------------------------------------- |
| `pnpm install -r` | ✅ pass | No warnings when `GITEA_NPM_TOKEN` is exported | | `pnpm install -r` | ✅ pass | No warnings when `GITEA_NPM_TOKEN` is exported |
| `pnpm typecheck` | ✅ pass | All 69 packages compile | | `pnpm typecheck` | ✅ pass | All 69 packages compile |
| `pnpm test` | ✅ pass | ~2,200 tests; prior transient platform/cowork flakes cleared on rerun | | `pnpm test` | ✅ pass | ~2,200 tests; prior transient platform/cowork flakes cleared on rerun, auth bcrypt timeout fixed in `d3fbeba` |
| `pnpm lint` (pipeline) | ✅ runs end-to-end | Was bailing fast; this audit unblocked it | | `pnpm lint` (pipeline) | ✅ runs end-to-end | Was bailing fast; this audit unblocked it |
| `pnpm lint` | ✅ 0/0 | 0 errors / 0 warnings after `663dcde` | | `pnpm lint` | ✅ 0/0 | 0 errors / 0 warnings after `663dcde` |
--- ---
@ -91,6 +91,8 @@ For the live warning checklist and parallel-agent workflow, use
2. Before changing migration scripts, address the TODO in 2. Before changing migration scripts, address the TODO in
`services/platform-service/scripts/migrate-referrals.ts` so `--help` can run `services/platform-service/scripts/migrate-referrals.ts` so `--help` can run
without platform service env vars. without platform service env vars.
3. Keep `packages/auth/vitest.config.ts` package-local; it reflects the
production bcrypt cost without weakening auth assertions.
--- ---