bytelyst/learning_ai_common_plat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
3d55daf9b0
learning_ai_common_plat/docs/AUDIT_PLATFORM.md
Saravana Achu Mac c49fb7977d docs(audit): reconcile final handoff state 
What changed:
- Update handoff docs to point at the latest audit reliability commit.
- Mark the warning claim table as historical now that the sweep is complete.
- Remove stale deferred-warning wording from the platform audit ordering.

Verification:
- git diff --check
- pnpm lint
2026-05-04 17:39:48 -07:00

113 lines
11 KiB
Markdown
Raw Blame History

# Platform — Systematic Audit (cross-workspace)
Date: 2026-05-04
Tooling-backed audit (with `GITEA_NPM_TOKEN` available): full `pnpm install`,
typecheck, test, and lint run successfully across all 69 workspace packages
(`packages/`, `services/`, `dashboards/`).
Legend: 🔴 critical · 🟠 high · 🟡 medium · 🟢 low ·
⬜ open · 🟦 in PR · ✅ fixed (commit hash on the right).
---
## 0. Health snapshot
| Check | Result | Notes |
| ----------------- | ------- | ----------------------------------------------------------------------------------------------------------------------------------------------- |
| `pnpm install -r` | ✅ pass | No warnings when `GITEA_NPM_TOKEN` is exported after sourcing `~/.zshrc`. |
| `pnpm typecheck` | ✅ pass | All TS sources compile (`tsc --noEmit`). |
| `pnpm test` | ✅ pass | ~2,200 tests across 18+ test suites; prior cowork `EPIPE` cleared on focused rerun, and auth bcrypt timeout reliability was fixed in `d3fbeba`. |
| `pnpm lint` | ✅ pass | Workspace lint exits 0 with 0 errors / 0 warnings after `663dcde`; final baseline rechecked through `ecfdc90`. See section W. |
## A. Lint pipeline blockers (fixed by this audit)
| # | Issue | Severity | Status | Fix |
| --- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | :------: | :----: | ----------- |
| A1 | `packages/design-tokens/scripts/validate-tokens.cjs` — 45 `no-undef` errors for `process` / `console`. Root eslint config didn't declare a Node-script env, and inline `/* eslint-env node */` is ignored by flat-config. | 🟠 | ✅ | this commit |
| A2 | `packages/design-tokens/scripts/token-coverage.cjs` — same root cause: 1 unused `e` in catch. | 🟢 | ✅ | this commit |
| A3 | `packages/ui/eslint.config.js` was a _complete override_ (flat config doesn't merge with the root). It declared no parser, so 38 parsing errors fired on `interface`, `import {…}`, and other TS syntax in `src/index.ts` and `src/components/*`. | 🟠 | ✅ | this commit |
| A4 | `packages/ui` lint also re-included `dist/**/*.d.ts` because the root's `ignores: ['dist/**']` isn't inherited by the package-local override. | 🟡 | ✅ | this commit |
| A5 | `packages/ui/.storybook/preview.ts` not covered by any TS-parser block. | 🟡 | ✅ | this commit |
| A6 | `packages/feedback-client/src/index.ts` — 2 `no-undef` for browser globals `XMLHttpRequest` / `ProgressEvent` (not in root globals list). | 🟢 | ✅ | this commit |
| A7 | `packages/feedback-client/src/index.ts``preserve-caught-error` violation in `captureScreen()` (re-throwing without `cause`). | 🟡 | ✅ | this commit |
| A8 | `packages/feedback-client/src/index.ts``captureElement()` declares unused params `mimeType`, `quality`. Renamed with `_` prefix and documented why. | 🟢 | ✅ | this commit |
| A9 | `packages/logger/src/__tests__/logger.test.ts` — unused type import `LoggerConfig`. | 🟢 | ✅ | this commit |
| A10 | `services/extraction-service/src/lib/circuit-breaker.test.ts` — unused vitest import `afterEach`. | 🟢 | ✅ | this commit |
| A11 | `services/extraction-service/src/modules/extract/sidecar-monitor.test.ts` — unused type import `HealthCheck`. | 🟢 | ✅ | this commit |
| A12 | `services/extraction-service/src/modules/extract/usage.test.ts` — unused vitest import `beforeEach`. | 🟢 | ✅ | this commit |
| A13 | `dashboards/tracker-web/src/__tests__/tracker-proxy.test.ts` — unused local `url` (renamed to `_url`). | 🟢 | ✅ | this commit |
These all matter because `pnpm -r exec eslint` bails on the first package
failure, so the 45-error design-tokens issue was hiding everything below it.
Now the pipeline runs to completion and the current workspace has **0 lint
errors**.
## P. Pre-existing lint debt cleared
Current workspace-wide lint reports no errors:
```
0 errors
```
The stale handoff note expected 85 pre-existing errors, but a live rerun on
2026-05-04 found none. No P-sweep package commits were needed in this session.
## W. Pre-existing lint warnings
Workspace lint now reports **0 errors / 0 warnings**. Intentional CLI,
generator, diagnostic-capture, and development-monitor console surfaces were
documented with narrow lint policy; platform-service runtime console usage was
replaced with structured stderr diagnostics.
Follow-up package sweeps on 2026-05-04:
- `db4257f` cleared admin feedback page React warnings.
- `021f053` typed predictive campaign event dispatch.
- `04d2398` cleared tracker-web roadmap console warnings and removed the stale
CommonJS ESLint config in favor of the existing `eslint.config.mjs`.
- `5fb4921` documented the two intentional `@bytelyst/broadcast-client`
deep-link diagnostics with narrow lint justifications.
- `1089597` cleared the remaining admin-web React hook/image/unused-symbol
warnings.
- `5b0fbc2` documented intentional `@bytelyst/config` Key Vault startup
diagnostics with narrow lint justifications.
- `e9a70ed` documented intentional `@lysnrai/monitoring` health-check CLI
output with a file-level lint justification.
- `433c3a5` documented intentional `@bytelyst/create-app` generator output and
design-token generation output with narrow file-level lint justifications.
- `91e08bf` documented intentional `@bytelyst/diagnostics-client` console
capture with a narrow lint justification.
- `9cd7089` documented development-only extraction sidecar health alerts with a
narrow lint justification.
- `2c9dc18` documented platform-service script/codegen output with file-level
lint policy and replaced the remaining migration-script `any` with `unknown`
narrowing. The migration script keeps a TODO because `--help` still imports
service config eagerly and requires platform env vars.
- `663dcde` replaced platform-service runtime console diagnostics in push
notifications, AI diagnostics, and diagnostics repository/auto-trigger code
with structured stderr helpers.
Final warning-sweep verification reran platform-service build/test/lint and
workspace lint; all pass. Workspace lint is now **0 errors** with **0
warnings**.
## R. Repo-state observations (not fixed)
| # | Observation | Severity | Status |
| --- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | :------: | :----------------: |
| R1 | Working tree had 3 uncommitted edits when the audit started: `docker-compose.ecosystem.yml`, `products/nomgap/product.json`, and `services/platform-service/src/modules/flags/seed.ts`. These were finalized separately in `b440330` (`chore(nomgap): finalize product deployment config`). Current working tree is clean after `ecfdc90`; `pnpm-lock.yaml` is also clean and was not committed in warning-sweep work. | — | ✅ |
| R2 | Local `main` was 17 commits behind `origin/main` at the start of the session. Backup branch `backup/main-20260504-062733` was taken from `origin/main` (the source of truth) — local stale main was _not_ backed up. | 🟢 | ✅ (backup exists) |
| R3 | `.npmrc` references `${GITEA_NPM_TOKEN}`. On this machine `~/.zshrc` defines the token but does not export it, so use `source ~/.zshrc && export GITEA_NPM_TOKEN` before `pnpm`; this silences the WARN. | 🟢 | ✅ documented |
| R4 | Earlier `pnpm install -r` reported peer warnings for `@azure/core-client@^1.10.0`. A live rerun with the token exported reported no peer warnings. | 🟢 | ✅ verified |
---
## Ordering of fixes
1. **Section A** (this commit) — structural unblocks so `pnpm lint` runs end-to-end again.
2. **Section P** — no current lint errors; no package sweeps needed.
3. **Section W** — warning review complete; workspace lint holds at 0 errors / 0 warnings.
4. **Section R** — housekeeping verified/documented.
5. **Auth test reliability** — bcrypt timeout fixed in `d3fbeba` and audit handoff recorded in `ecfdc90`.
Reference in New Issue View Git Blame Copy Permalink