Replace the bespoke roadmap board/list toggle buttons (hardcoded blue-600) with
the shared SegmentedControl, and wrap truncated board-card titles in Tooltip.
Update the e2e toggle selector from button to radio for SegmentedControl.
Generated with [Devin](https://cli.devin.ai/docs)
Co-Authored-By: Devin <158243242+devin-ai-integration[bot]@users.noreply.github.com>
- add @bytelyst/auth-ui workspace dep (minimal link: lockfile entry) (11.1)
- replace the password form with LoginForm and the OTP step with MfaChallenge,
wiring onSubmit to the existing auth-context login + /api/auth/mfa/verify;
social login gated to Google via NEXT_PUBLIC_GOOGLE_CLIENT_ID (11.2)
- add aria-labels to the placeholder-only auth-ui inputs so the a11y gate and
label-based selectors stay green
- add an auth-ui import smoke test; full render assertion stays in the e2e
"shows login form with correct branding" test (11.3)
The /api/auth/* proxy routes and auth-context are unchanged.
Generated with [Devin](https://cli.devin.ai/docs)
Co-Authored-By: Devin <158243242+devin-ai-integration[bot]@users.noreply.github.com>
Map the full @bytelyst/* --bl-* token surface (surfaces, text, danger, success/
warning/info, focus ring, radii, spacing, typography, overlay) onto tracker OKLCH
vars so auth-ui/notifications-ui/ui components inherit the theme in light and
dark. Adds semantic --success/--warning/--info token defs; all bridge values
reference tracker vars or color-mix of them (no standalone color literals).
Generated with [Devin](https://cli.devin.ai/docs)
Co-Authored-By: Devin <158243242+devin-ai-integration[bot]@users.noreply.github.com>
- error.tsx now renders ErrorPage (keeps trackEvent + reset wiring) (10.1)
- add PageHeader (title + breadcrumbs) to /dashboard, /dashboard/items,
/dashboard/board and the item detail page for a consistent header band (10.2)
- replace ad-hoc loading text with LoadingSpinner on overview, items, detail (10.3)
Generated with [Devin](https://cli.devin.ai/docs)
Co-Authored-By: Devin <158243242+devin-ai-integration[bot]@users.noreply.github.com>
Forbid direct @bytelyst/ui imports outside the Primitives adapter via
no-restricted-imports, with the adapter file exempted. No pre-existing
violations; a probe confirms the rule fires.
Generated with [Devin](https://cli.devin.ai/docs)
Co-Authored-By: Devin <158243242+devin-ai-integration[bot]@users.noreply.github.com>
Extend src/components/ui/Primitives.tsx to re-export the shared @bytelyst/ui
controls later waves need (Select, Textarea, Checkbox, Switch, RadioGroup,
Tooltip, Tabs, SegmentedControl, DropdownMenu, Drawer, ActionMenu, IconButton,
AlertBanner, Card, Panel, Separator, DataList, Timeline), and add a pure
export-presence test that lifts the adapter off 0% coverage without a DOM dep.
Generated with [Devin](https://cli.devin.ai/docs)
Co-Authored-By: Devin <158243242+devin-ai-integration[bot]@users.noreply.github.com>
Re-audited tracker-web against the full showcase catalog (~60 entries) and added
delegate-ready waves beyond the core UX-1..8:
- UX-9 complete the Primitives adapter + export-presence test (closes the
Primitives.tsx 0%-coverage gap without a jsdom dep)
- UX-10 page chrome via @bytelyst/dashboard-components (ErrorPage, PageHeader)
- UX-11 @bytelyst/auth-ui on the login + MFA surface (presentation only)
- UX-12 detail/board richness (Tabs/Tooltip/Drawer/Timeline; rich-text stretch)
- UX-13 @bytelyst/notifications-ui (stretch, data-gated)
- CC.6 UI-drift ESLint ratchet, CC.7 bundle budget, CC.8 coverage ratchet
Also refreshed the entry point (UX-1 done -> start at UX-2) and the gap matrix.
Add unit tests for the previously-untested proxy handlers (auth/mfa/verify,
auth/oauth/[provider], telemetry/ingest) covering success, error-status
forwarding, default error messages, validation, and the 502 unreachable path.
Add tracker-client tests asserting every endpoint path/method/body contract
and x-product-id header injection, plus product-config request resolution.
Overall coverage rises from ~90% to 94% stmts / 87% branch / 94% funcs. Also
fix the vitest coverage thresholds: the legacy global nesting was silently
ignored by the v8 provider, so the 80% gate was never enforced.
Generated with [Devin](https://cli.devin.ai/docs)
Co-Authored-By: Devin <158243242+devin-ai-integration[bot]@users.noreply.github.com>
Rewrite the Playwright suite to mock the platform-service at the Next.js proxy
boundary (/api/tracker, /api/auth) so no live backend is required, and provide
the env vars /api/health needs via webServer.env. Adds a login->dashboard happy
path, board/list toggle and vote-prompt coverage, axe-core accessibility
assertions (resolved from the workspace, no new dependency), and a
no-unexpected-console-errors check.
The axe gate surfaced a real bug: the roadmap type-filter and submit-modal
<select> elements had no accessible name. Fixed by adding aria-labels.
Also ignore coverage/test-results/playwright-report in eslint.
Generated with [Devin](https://cli.devin.ai/docs)
Co-Authored-By: Devin <158243242+devin-ai-integration[bot]@users.noreply.github.com>
Run Prettier over README and roadmap docs to satisfy format:check, and add
.prettierignore plus .gitignore entries for playwright-report/test-results so
generated e2e artifacts no longer break the format gate.
Generated with [Devin](https://cli.devin.ai/docs)
Co-Authored-By: Devin <158243242+devin-ai-integration[bot]@users.noreply.github.com>
Update UX_INTEGRATION_BYTELYST.md to mark all UX-1 tasks as completed
with commit SHA reference and update progress section.
Generated with [Devin](https://cli.devin.ai/docs)
Co-Authored-By: Devin <158243242+devin-ai-integration[bot]@users.noreply.github.com>
Add @bytelyst/ui and @bytelyst/design-tokens as workspace dependencies,
create token bridge layer mapping --bl-* to existing tracker vars, and
implement Primitives.tsx adapter for shared UI components. Includes smoke
test verifying component exports. All verification checks pass.
Generated with [Devin](https://cli.devin.ai/docs)
Co-Authored-By: Devin <158243242+devin-ai-integration[bot]@users.noreply.github.com>
- Replace bare text loading state with skeleton cards matching board/list layout
- Use Tailwind animate-pulse for smooth loading animation
- Skeleton dimensions approximate real cards to avoid layout shift
- Fixes B-015: loading state is a bare text flash
Generated with [Devin](https://cli.devin.ai/docs)
Co-Authored-By: Devin <158243242+devin-ai-integration[bot]@users.noreply.github.com>
- Add type="button", aria-pressed, and aria-label to vote buttons in both components
- Add missing title attribute to ItemRow button to match ItemCard
- Add unit test to verify A11y attribute logic
- Fixes A11y issue: vote buttons not announced to assistive tech
Generated with [Devin](https://cli.devin.ai/docs)
Co-Authored-By: Devin <158243242+devin-ai-integration[bot]@users.noreply.github.com>
- Call fetchData() after successful submit in handleSubmit to update stats bar and columns
- Add unit tests to verify fetchData is called on success and not on failure
- Fixes B-016: public roadmap stats don't refresh after submit
Generated with [Devin](https://cli.devin.ai/docs)
Co-Authored-By: Devin <158243242+devin-ai-integration[bot]@users.noreply.github.com>
Replaces the bespoke <table> in /dashboard/items with <DataTable> (TanStack-
powered sorting + client pagination), keeping the existing badge cells, title
link, labels and delete action via ColumnDef cell renderers. Server-side
type/status/priority/search filters retained (enableFilter=false on the table).
Verified: tsc --noEmit clean; vitest 31/31; next build --webpack succeeds
(/dashboard/items compiles).
1) Dual-numbering reconciliation
- ROADMAP groups Phase 1 by topic (1.1-1.8); PRH groups by execution
day (1.A-1.F). Added bidirectional mapping table to both docs so
agents can cross-reference any phase reference unambiguously.
2) Fresh-agent quick pointer at top of ROADMAP
- New section tells a new agent exactly which 4 docs to read, in
what order, and which task to pick up first (1.A from the tracker).
3) Broken sub-roadmap links neutralised
- 03_RICH_ITEMS_ROADMAP.md, 04_AGENT_API_ROADMAP.md,
05_INTAKE_ROADMAP.md were linked but did not exist. Replaced with
plain text + 'create when Phase N begins' note so the link doesn't
404. Matches the pattern already used in IMPLEMENTATION_TRACKER.
4) Runbook stubs created (Phase 1.F.11/1.F.12 placeholders)
- docs/runbooks/MEK_ROTATION.md — adapted from NoteLett bcad7d3
- docs/runbooks/SECRET_MANAGEMENT.md — secret inventory + resolution
path + compromise procedure + PII scrubbing rule
Each is a stub now; full content lands when Phase 1.F executes.
5) Stale 'today' wording removed from PRH baseline table
- Replaced 'after fix today' with 'as of 2026-05-25' so the doc
ages cleanly.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Baseline origin/main pnpm -r lint failed with 90+ errors across
platform-service, extraction-service, and tracker-web. These block the
shared W1 quality gates (prompts/README.md §4) which require all of
typecheck + lint + build + test to be green before committing W1 infra
work. Fixes are strictly scoped to unblock gates:
- eslint.config.js: extend @typescript-eslint/no-unused-vars with
varsIgnorePattern / caughtErrorsIgnorePattern / destructuredArrayIgnorePattern
all honouring the existing `^_` convention already used for args.
- platform-service: add file-level eslint-disable for
@typescript-eslint/no-unused-vars, no-redeclare, no-useless-escape on
the 33 legacy files failing lint (ab-testing, ai-diagnostics,
diagnostics, predictive-analytics, broadcasts/types, surveys/types,
lib/push-notifications).
- extraction-service tests: drop unused vitest imports (beforeEach,
afterEach, HealthCheck).
- tracker-web tracker-proxy.test.ts: prefix unused url with _.
- Applied eslint --fix on platform-service which normalised a handful
of `let` → `const` and removed one redundant disable comment.
Scope creep vs W1 "Files You Own" is acknowledged — user explicitly
approved this path when baseline rot was surfaced.
Verified: pnpm -r typecheck, lint, build, test all green.
- Import trackEvent from @/lib/telemetry in both error.tsx files
- Report unhandled errors with error name, message, and digest
- Resolves P0 TODO items #1 and #2 from WORKSPACE_TODO_AUDIT.md
Node 25 removed corepack as a built-in. Replace all 'corepack pnpm'
invocations with direct 'pnpm' calls since pnpm is installed globally.
Affected: platform-service, tracker-web, blob, testing, LLM dashboard
