bytelyst/learning_ai_common_plat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
71334b8941
learning_ai_common_plat/docs/AUDIT_PLATFORM.md
Saravana Achu Mac c49fb7977d docs(audit): reconcile final handoff state 
What changed:
- Update handoff docs to point at the latest audit reliability commit.
- Mark the warning claim table as historical now that the sweep is complete.
- Remove stale deferred-warning wording from the platform audit ordering.

Verification:
- git diff --check
- pnpm lint
2026-05-04 17:39:48 -07:00

11 KiB
Raw Blame History

Platform — Systematic Audit (cross-workspace)

Date: 2026-05-04 Tooling-backed audit (with GITEA_NPM_TOKEN available): full pnpm install, typecheck, test, and lint run successfully across all 69 workspace packages (packages/, services/, dashboards/).

Legend: 🔴 critical · 🟠 high · 🟡 medium · 🟢 low · open · 🟦 in PR · fixed (commit hash on the right).

0. Health snapshot

Check Result Notes
pnpm install -r pass No warnings when GITEA_NPM_TOKEN is exported after sourcing ~/.zshrc.
pnpm typecheck pass All TS sources compile (tsc --noEmit).
pnpm test pass ~2,200 tests across 18+ test suites; prior cowork EPIPE cleared on focused rerun, and auth bcrypt timeout reliability was fixed in d3fbeba.
pnpm lint pass Workspace lint exits 0 with 0 errors / 0 warnings after 663dcde; final baseline rechecked through ecfdc90. See section W.

A. Lint pipeline blockers (fixed by this audit)

# Issue Severity Status Fix
A1 packages/design-tokens/scripts/validate-tokens.cjs — 45 no-undef errors for process / console. Root eslint config didn't declare a Node-script env, and inline /* eslint-env node */ is ignored by flat-config. 🟠 this commit
A2 packages/design-tokens/scripts/token-coverage.cjs — same root cause: 1 unused e in catch. 🟢 this commit
A3 packages/ui/eslint.config.js was a complete override (flat config doesn't merge with the root). It declared no parser, so 38 parsing errors fired on interface, import {…}, and other TS syntax in src/index.ts and src/components/*. 🟠 this commit
A4 packages/ui lint also re-included dist/**/*.d.ts because the root's ignores: ['dist/**'] isn't inherited by the package-local override. 🟡 this commit
A5 packages/ui/.storybook/preview.ts not covered by any TS-parser block. 🟡 this commit
A6 packages/feedback-client/src/index.ts — 2 no-undef for browser globals XMLHttpRequest / ProgressEvent (not in root globals list). 🟢 this commit
A7 packages/feedback-client/src/index.tspreserve-caught-error violation in captureScreen() (re-throwing without cause). 🟡 this commit
A8 packages/feedback-client/src/index.tscaptureElement() declares unused params mimeType, quality. Renamed with _ prefix and documented why. 🟢 this commit
A9 packages/logger/src/__tests__/logger.test.ts — unused type import LoggerConfig. 🟢 this commit
A10 services/extraction-service/src/lib/circuit-breaker.test.ts — unused vitest import afterEach. 🟢 this commit
A11 services/extraction-service/src/modules/extract/sidecar-monitor.test.ts — unused type import HealthCheck. 🟢 this commit
A12 services/extraction-service/src/modules/extract/usage.test.ts — unused vitest import beforeEach. 🟢 this commit
A13 dashboards/tracker-web/src/__tests__/tracker-proxy.test.ts — unused local url (renamed to _url). 🟢 this commit

These all matter because pnpm -r exec eslint bails on the first package failure, so the 45-error design-tokens issue was hiding everything below it. Now the pipeline runs to completion and the current workspace has 0 lint errors.

P. Pre-existing lint debt cleared

Current workspace-wide lint reports no errors:

0 errors

The stale handoff note expected 85 pre-existing errors, but a live rerun on 2026-05-04 found none. No P-sweep package commits were needed in this session.

W. Pre-existing lint warnings

Workspace lint now reports 0 errors / 0 warnings. Intentional CLI, generator, diagnostic-capture, and development-monitor console surfaces were documented with narrow lint policy; platform-service runtime console usage was replaced with structured stderr diagnostics.

Follow-up package sweeps on 2026-05-04:

  • db4257f cleared admin feedback page React warnings.
  • 021f053 typed predictive campaign event dispatch.
  • 04d2398 cleared tracker-web roadmap console warnings and removed the stale CommonJS ESLint config in favor of the existing eslint.config.mjs.
  • 5fb4921 documented the two intentional @bytelyst/broadcast-client deep-link diagnostics with narrow lint justifications.
  • 1089597 cleared the remaining admin-web React hook/image/unused-symbol warnings.
  • 5b0fbc2 documented intentional @bytelyst/config Key Vault startup diagnostics with narrow lint justifications.
  • e9a70ed documented intentional @lysnrai/monitoring health-check CLI output with a file-level lint justification.
  • 433c3a5 documented intentional @bytelyst/create-app generator output and design-token generation output with narrow file-level lint justifications.
  • 91e08bf documented intentional @bytelyst/diagnostics-client console capture with a narrow lint justification.
  • 9cd7089 documented development-only extraction sidecar health alerts with a narrow lint justification.
  • 2c9dc18 documented platform-service script/codegen output with file-level lint policy and replaced the remaining migration-script any with unknown narrowing. The migration script keeps a TODO because --help still imports service config eagerly and requires platform env vars.
  • 663dcde replaced platform-service runtime console diagnostics in push notifications, AI diagnostics, and diagnostics repository/auto-trigger code with structured stderr helpers.

Final warning-sweep verification reran platform-service build/test/lint and workspace lint; all pass. Workspace lint is now 0 errors with 0 warnings.

R. Repo-state observations (not fixed)

# Observation Severity Status
R1 Working tree had 3 uncommitted edits when the audit started: docker-compose.ecosystem.yml, products/nomgap/product.json, and services/platform-service/src/modules/flags/seed.ts. These were finalized separately in b440330 (chore(nomgap): finalize product deployment config). Current working tree is clean after ecfdc90; pnpm-lock.yaml is also clean and was not committed in warning-sweep work.
R2 Local main was 17 commits behind origin/main at the start of the session. Backup branch backup/main-20260504-062733 was taken from origin/main (the source of truth) — local stale main was not backed up. 🟢 (backup exists)
R3 .npmrc references ${GITEA_NPM_TOKEN}. On this machine ~/.zshrc defines the token but does not export it, so use source ~/.zshrc && export GITEA_NPM_TOKEN before pnpm; this silences the WARN. 🟢 documented
R4 Earlier pnpm install -r reported peer warnings for @azure/core-client@^1.10.0. A live rerun with the token exported reported no peer warnings. 🟢 verified

Ordering of fixes

  1. Section A (this commit) — structural unblocks so pnpm lint runs end-to-end again.
  2. Section P — no current lint errors; no package sweeps needed.
  3. Section W — warning review complete; workspace lint holds at 0 errors / 0 warnings.
  4. Section R — housekeeping verified/documented.
  5. Auth test reliability — bcrypt timeout fixed in d3fbeba and audit handoff recorded in ecfdc90.