bytelyst/learning_ai_common_plat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
4052e9a2af
learning_ai_common_plat/docs/AUDIT_PLATFORM.md

96 lines
9.9 KiB
Markdown
Raw Blame History

# Platform — Systematic Audit (cross-workspace)
Date: 2026-05-04
Tooling-backed audit (with `GITEA_NPM_TOKEN` available): full `pnpm install`,
typecheck, test, and lint run successfully across all 69 workspace packages
(`packages/`, `services/`, `dashboards/`).
Legend: 🔴 critical · 🟠 high · 🟡 medium · 🟢 low ·
⬜ open · 🟦 in PR · ✅ fixed (commit hash on the right).
---
## 0. Health snapshot
| Check | Result | Notes |
| ----------------- | ------- | ----------------------------------------------------------------------------------------------- |
| `pnpm install -r` | ✅ pass | No warnings when `GITEA_NPM_TOKEN` is exported after sourcing `~/.zshrc`. |
| `pnpm typecheck` | ✅ pass | All TS sources compile (`tsc --noEmit`). |
| `pnpm test` | ✅ pass | ~2,200 tests across 18+ test suites; one cowork-service `EPIPE` flake cleared on focused rerun. |
| `pnpm lint` | ✅ pass | Workspace lint exits 0 with 0 errors / 157 warnings after `1089597`. See section W. |
## A. Lint pipeline blockers (fixed by this audit)
| # | Issue | Severity | Status | Fix |
| --- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | :------: | :----: | ----------- |
| A1 | `packages/design-tokens/scripts/validate-tokens.cjs` — 45 `no-undef` errors for `process` / `console`. Root eslint config didn't declare a Node-script env, and inline `/* eslint-env node */` is ignored by flat-config. | 🟠 | ✅ | this commit |
| A2 | `packages/design-tokens/scripts/token-coverage.cjs` — same root cause: 1 unused `e` in catch. | 🟢 | ✅ | this commit |
| A3 | `packages/ui/eslint.config.js` was a _complete override_ (flat config doesn't merge with the root). It declared no parser, so 38 parsing errors fired on `interface`, `import {…}`, and other TS syntax in `src/index.ts` and `src/components/*`. | 🟠 | ✅ | this commit |
| A4 | `packages/ui` lint also re-included `dist/**/*.d.ts` because the root's `ignores: ['dist/**']` isn't inherited by the package-local override. | 🟡 | ✅ | this commit |
| A5 | `packages/ui/.storybook/preview.ts` not covered by any TS-parser block. | 🟡 | ✅ | this commit |
| A6 | `packages/feedback-client/src/index.ts` — 2 `no-undef` for browser globals `XMLHttpRequest` / `ProgressEvent` (not in root globals list). | 🟢 | ✅ | this commit |
| A7 | `packages/feedback-client/src/index.ts``preserve-caught-error` violation in `captureScreen()` (re-throwing without `cause`). | 🟡 | ✅ | this commit |
| A8 | `packages/feedback-client/src/index.ts``captureElement()` declares unused params `mimeType`, `quality`. Renamed with `_` prefix and documented why. | 🟢 | ✅ | this commit |
| A9 | `packages/logger/src/__tests__/logger.test.ts` — unused type import `LoggerConfig`. | 🟢 | ✅ | this commit |
| A10 | `services/extraction-service/src/lib/circuit-breaker.test.ts` — unused vitest import `afterEach`. | 🟢 | ✅ | this commit |
| A11 | `services/extraction-service/src/modules/extract/sidecar-monitor.test.ts` — unused type import `HealthCheck`. | 🟢 | ✅ | this commit |
| A12 | `services/extraction-service/src/modules/extract/usage.test.ts` — unused vitest import `beforeEach`. | 🟢 | ✅ | this commit |
| A13 | `dashboards/tracker-web/src/__tests__/tracker-proxy.test.ts` — unused local `url` (renamed to `_url`). | 🟢 | ✅ | this commit |
These all matter because `pnpm -r exec eslint` bails on the first package
failure, so the 45-error design-tokens issue was hiding everything below it.
Now the pipeline runs to completion and the current workspace has **0 lint
errors**.
## P. Pre-existing lint debt cleared
Current workspace-wide lint reports no errors:
```
0 errors
```
The stale handoff note expected 85 pre-existing errors, but a live rerun on
2026-05-04 found none. No P-sweep package commits were needed in this session.
## W. Pre-existing lint warnings
Remaining lint output is warnings only. The largest groups are still
`no-console` in CLI tools, code generators, and diagnostic/runtime review areas
(`create-app`, `keyvault`, `sidecar-monitor`, platform `gen-module`,
`migrate-referrals`, push notifications, and diagnostics modules). These are
case-by-case judgment calls and not blocking.
Follow-up package sweeps on 2026-05-04:
- `db4257f` cleared admin feedback page React warnings.
- `021f053` typed predictive campaign event dispatch.
- `04d2398` cleared tracker-web roadmap console warnings and removed the stale
CommonJS ESLint config in favor of the existing `eslint.config.mjs`.
- `5fb4921` documented the two intentional `@bytelyst/broadcast-client`
deep-link diagnostics with narrow lint justifications.
- `1089597` cleared the remaining admin-web React hook/image/unused-symbol
warnings.
Post-admin sweep verification reran admin-web lint/typecheck/test/build and
workspace lint; all pass. Workspace lint remains at **0 errors** with **157
warnings**.
## R. Repo-state observations (not fixed)
| # | Observation | Severity | Status |
| --- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | :------: | :----------------: |
| R1 | Working tree had 3 uncommitted edits when the audit started: `docker-compose.ecosystem.yml` (removes `nomgap-web` from Docker), `products/nomgap/product.json` (replaces flag set + adds containers), `services/platform-service/src/modules/flags/seed.ts` (+14 lines of flags). These look like an in-progress nomgap-on-Vercel migration. **Not touched** — out of audit scope and missing context. | — | ⬜ |
| R2 | Local `main` was 17 commits behind `origin/main` at the start of the session. Backup branch `backup/main-20260504-062733` was taken from `origin/main` (the source of truth) — local stale main was _not_ backed up. | 🟢 | ✅ (backup exists) |
| R3 | `.npmrc` references `${GITEA_NPM_TOKEN}`. On this machine `~/.zshrc` defines the token but does not export it, so use `source ~/.zshrc && export GITEA_NPM_TOKEN` before `pnpm`; this silences the WARN. | 🟢 | ✅ documented |
| R4 | Earlier `pnpm install -r` reported peer warnings for `@azure/core-client@^1.10.0`. A live rerun with the token exported reported no peer warnings. | 🟢 | ✅ verified |
---
## Ordering of fixes
1. **Section A** (this commit) — structural unblocks so `pnpm lint` runs end-to-end again.
2. **Section P** — no current lint errors; no package sweeps needed.
3. **Section W** — case-by-case warning review (defer; warnings only).
4. **Section R** — housekeeping verified/documented.
Reference in New Issue View Git Blame Copy Permalink