Saravana Achu Mac
4fd6b68747
Record the broadcast-client warning cleanup hash and latest lint baseline. Refs: docs/AUDIT_PLATFORM.md section W and docs/AUDIT_WARNING_COMPLETION_CHECKLIST.md W6. Co-Authored-By: GPT-5 Codex <noreply@openai.com>
9.4 KiB
Platform — Systematic Audit (cross-workspace)
Date: 2026-05-04
Tooling-backed audit (with GITEA_NPM_TOKEN available): full pnpm install,
typecheck, test, and lint run successfully across all 69 workspace packages
(packages/, services/, dashboards/).
Legend: 🔴 critical · 🟠 high · 🟡 medium · 🟢 low · ⬜ open · 🟦 in PR · ✅ fixed (commit hash on the right).
0. Health snapshot
| Check | Result | Notes |
|---|---|---|
pnpm install -r |
✅ pass | No warnings when GITEA_NPM_TOKEN is exported after sourcing ~/.zshrc. |
pnpm typecheck |
✅ pass | All TS sources compile (tsc --noEmit). |
pnpm test |
✅ pass | ~2,200 tests across 18+ test suites; one cowork-service EPIPE flake cleared on focused rerun. |
pnpm lint |
✅ pass | Workspace lint exits 0 with 0 errors / 174 warning lines after 5fb4921. See section W. |
A. Lint pipeline blockers (fixed by this audit)
| # | Issue | Severity | Status | Fix |
|---|---|---|---|---|
| A1 | packages/design-tokens/scripts/validate-tokens.cjs — 45 no-undef errors for process / console. Root eslint config didn't declare a Node-script env, and inline /* eslint-env node */ is ignored by flat-config. |
🟠 | ✅ | this commit |
| A2 | packages/design-tokens/scripts/token-coverage.cjs — same root cause: 1 unused e in catch. |
🟢 | ✅ | this commit |
| A3 | packages/ui/eslint.config.js was a complete override (flat config doesn't merge with the root). It declared no parser, so 38 parsing errors fired on interface, import {…}, and other TS syntax in src/index.ts and src/components/*. |
🟠 | ✅ | this commit |
| A4 | packages/ui lint also re-included dist/**/*.d.ts because the root's ignores: ['dist/**'] isn't inherited by the package-local override. |
🟡 | ✅ | this commit |
| A5 | packages/ui/.storybook/preview.ts not covered by any TS-parser block. |
🟡 | ✅ | this commit |
| A6 | packages/feedback-client/src/index.ts — 2 no-undef for browser globals XMLHttpRequest / ProgressEvent (not in root globals list). |
🟢 | ✅ | this commit |
| A7 | packages/feedback-client/src/index.ts — preserve-caught-error violation in captureScreen() (re-throwing without cause). |
🟡 | ✅ | this commit |
| A8 | packages/feedback-client/src/index.ts — captureElement() declares unused params mimeType, quality. Renamed with _ prefix and documented why. |
🟢 | ✅ | this commit |
| A9 | packages/logger/src/__tests__/logger.test.ts — unused type import LoggerConfig. |
🟢 | ✅ | this commit |
| A10 | services/extraction-service/src/lib/circuit-breaker.test.ts — unused vitest import afterEach. |
🟢 | ✅ | this commit |
| A11 | services/extraction-service/src/modules/extract/sidecar-monitor.test.ts — unused type import HealthCheck. |
🟢 | ✅ | this commit |
| A12 | services/extraction-service/src/modules/extract/usage.test.ts — unused vitest import beforeEach. |
🟢 | ✅ | this commit |
| A13 | dashboards/tracker-web/src/__tests__/tracker-proxy.test.ts — unused local url (renamed to _url). |
🟢 | ✅ | this commit |
These all matter because pnpm -r exec eslint bails on the first package
failure, so the 45-error design-tokens issue was hiding everything below it.
Now the pipeline runs to completion and the current workspace has 0 lint
errors.
P. Pre-existing lint debt cleared
Current workspace-wide lint reports no errors:
0 errors
The stale handoff note expected 85 pre-existing errors, but a live rerun on 2026-05-04 found none. No P-sweep package commits were needed in this session.
W. Pre-existing lint warnings
Remaining lint output is warnings only, mostly no-console in CLI tools and
diagnostic scripts (create-app, keyvault, sidecar-monitor, gen-module,
migrate-referrals, roadmap/page.tsx) plus a few no-explicit-any warnings.
These are case-by-case judgment calls and not blocking.
Follow-up package sweep on 2026-05-04: 5fb4921 documented the two intentional
@bytelyst/broadcast-client deep-link diagnostics with narrow lint
justifications. Workspace lint remains at 0 errors and warning lines moved
from 176 → 174.
R. Repo-state observations (not fixed)
| # | Observation | Severity | Status |
|---|---|---|---|
| R1 | Working tree had 3 uncommitted edits when the audit started: docker-compose.ecosystem.yml (removes nomgap-web from Docker), products/nomgap/product.json (replaces flag set + adds containers), services/platform-service/src/modules/flags/seed.ts (+14 lines of flags). These look like an in-progress nomgap-on-Vercel migration. Not touched — out of audit scope and missing context. |
— | ⬜ |
| R2 | Local main was 17 commits behind origin/main at the start of the session. Backup branch backup/main-20260504-062733 was taken from origin/main (the source of truth) — local stale main was not backed up. |
🟢 | ✅ (backup exists) |
| R3 | .npmrc references ${GITEA_NPM_TOKEN}. On this machine ~/.zshrc defines the token but does not export it, so use source ~/.zshrc && export GITEA_NPM_TOKEN before pnpm; this silences the WARN. |
🟢 | ✅ documented |
| R4 | Earlier pnpm install -r reported peer warnings for @azure/core-client@^1.10.0. A live rerun with the token exported reported no peer warnings. |
🟢 | ✅ verified |
Ordering of fixes
- Section A (this commit) — structural unblocks so
pnpm lintruns end-to-end again. - Section P — no current lint errors; no package sweeps needed.
- Section W — case-by-case warning review (defer; warnings only).
- Section R — housekeeping verified/documented.