bytelyst/learning_ai_common_plat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

docs(audit): record auth test reliability fix

Browse Source 
What changed:
- Recorded d3fbeba in the audit checklist, platform audit, handoff, and resume prompt.
- Updated the W9 notes to explain the reproduced bcrypt timeout and package-local Vitest timeout.

Warning impact:
- No warning delta; workspace lint baseline remains 0 errors / 0 warnings.

Verification:
- git diff --check
This commit is contained in:
Saravana Achu Mac 2026-05-04 16:59:53 -07:00
parent d3fbeba69d
commit ecfdc90049
4 changed files with 31 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
docs/AUDIT_PLATFORM.md
View File

@ -13,10 +13,10 @@ Legend: 🔴 critical · 🟠 high · 🟡 medium · 🟢 low ·
## 0. Health snapshot
| Check | Result | Notes |
| ----------------- | ------- | ----------------------------------------------------------------------------------------------- |
| ----------------- | ------- | ----------------------------------------------------------------------------------------------------------------------------------------------- |
| `pnpm install -r` | ✅ pass | No warnings when `GITEA_NPM_TOKEN` is exported after sourcing `~/.zshrc`. |
| `pnpm typecheck` | ✅ pass | All TS sources compile (`tsc --noEmit`). |
| `pnpm test` | ✅ pass | ~2,200 tests across 18+ test suites; one cowork-service `EPIPE` flake cleared on focused rerun. |
| `pnpm test` | ✅ pass | ~2,200 tests across 18+ test suites; prior cowork `EPIPE` cleared on focused rerun, and auth bcrypt timeout reliability was fixed in `d3fbeba`. |
| `pnpm lint` | ✅ pass | Workspace lint exits 0 with 0 errors / 0 warnings after `663dcde`. See section W. |
## A. Lint pipeline blockers (fixed by this audit)

15
docs/AUDIT_WARNING_COMPLETION_CHECKLIST.md
View File

@ -43,6 +43,7 @@ Recent warning-cleanup commits:
| `9cd7089` | `@lysnrai/extraction-service` | Documented sidecar dev alerts. |
| `2c9dc18` | `@lysnrai/platform-service` | Documented script CLI output. |
| `663dcde` | `@lysnrai/platform-service` | Replaced runtime console diagnostics. |
| `d3fbeba` | `@bytelyst/auth` | Fixed bcrypt test timeout reliability. |
## Agent Execution Protocol
@ -530,12 +531,19 @@ Goal: make the suite reliable enough for repeated audit gates.
- [x] Document the platform-service `server.test.ts` timeout observed while
typecheck/lint ran in parallel. Done in this checklist and handoff as
load sensitivity; a full platform-service rerun after `663dcde` passed.
- [x] Fix the reproduced auth bcrypt timeout encountered during final full
`pnpm test`. Done in `d3fbeba`; added package-local Vitest timeout for
`@bytelyst/auth` while preserving production bcrypt salt rounds and auth
assertions.
- [x] Reproduce each in isolation before changing tests. Done; no reproducible
isolated failure remained during the final gate sequence.
- [x] If reproducible, fix the underlying test lifecycle or timeout source. Not
applicable; no stable reproduction remained.
- [x] If reproducible, fix the underlying test lifecycle or timeout source.
Done for the reproduced auth timeout in `d3fbeba`; the cause was
production 12-round `bcryptjs` hashing exceeding Vitest's 5s default on
this machine.
- [x] Avoid simply increasing timeouts without understanding the cause. Done;
no timeout inflation was committed.
`d3fbeba` keeps the timeout package-local and records the bcrypt cost
rationale.
- [x] Add notes to `docs/HANDOVER.md` if these remain known environment
sensitivities. Done in this documentation update.
@ -612,3 +620,4 @@ Goal: keep future agents aligned with the true baseline.
| 2026-05-04 | `9cd7089` | Documented extraction sidecar dev alerts. | Removed 3 no-console warnings; workspace lint `93` -> `90`. |
| 2026-05-04 | `2c9dc18` | Documented platform-service script CLI output. | Removed 78 script warnings; workspace lint `90` -> `12`. |
| 2026-05-04 | `663dcde` | Replaced platform runtime console diagnostics. | Removed 12 runtime warnings; workspace lint `12` -> `0`. |
| 2026-05-04 | `d3fbeba` | Added auth Vitest timeout for bcrypt tests. | No warning delta; fixes reproduced auth test timeout reliability. |

3
docs/CODEX_RESUME_PROMPT.md
View File

@ -70,6 +70,9 @@ pnpm lint > /tmp/lint.log 2>&1 # current baseline: exit 0, 0 errors / 0 wa
The warning sweep is complete as of `663dcde`; keep future changes on the
0-error / 0-warning baseline.
`@bytelyst/auth` has a package-local Vitest timeout in `d3fbeba` because
production 12-round `bcryptjs` hashes can exceed Vitest's default 5s timeout on
this machine.
### Step 3 — Working tree state at handover

6
docs/HANDOVER.md
View File

@ -20,10 +20,10 @@ A fresh rerun on 2026-05-04 shows **0 lint errors / 0 warnings**; the old
## What's working right now
| Check | Result | Notes |
| ---------------------- | ------------------ | --------------------------------------------------------------------- |
| ---------------------- | ------------------ | ------------------------------------------------------------------------------------------------------------- |
| `pnpm install -r` | ✅ pass | No warnings when `GITEA_NPM_TOKEN` is exported |
| `pnpm typecheck` | ✅ pass | All 69 packages compile |
| `pnpm test` | ✅ pass | ~2,200 tests; prior transient platform/cowork flakes cleared on rerun |
| `pnpm test` | ✅ pass | ~2,200 tests; prior transient platform/cowork flakes cleared on rerun, auth bcrypt timeout fixed in `d3fbeba` |
| `pnpm lint` (pipeline) | ✅ runs end-to-end | Was bailing fast; this audit unblocked it |
| `pnpm lint` | ✅ 0/0 | 0 errors / 0 warnings after `663dcde` |
@ -91,6 +91,8 @@ For the live warning checklist and parallel-agent workflow, use
2. Before changing migration scripts, address the TODO in
`services/platform-service/scripts/migrate-referrals.ts` so `--help` can run
without platform service env vars.
3. Keep `packages/auth/vitest.config.ts` package-local; it reflects the
production bcrypt cost without weakening auth assertions.
---