bytelyst/learning_ai_common_plat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
b1db0d583d
learning_ai_common_plat/docs/WORKSPACE_TODO_AUDIT.md
saravanakumardb1 dda38aa009 fix(exports): strip data payload from list endpoint + update audit doc 
- exports/routes: exclude inline data from GET /exports list response
  to prevent returning megabytes of serialized export data (perf+security)
- Update WORKSPACE_TODO_AUDIT.md: add post-audit review section with
  9 bugs found and fixed across 2 commits (73b07c2, 841cdf3), mark
  all action plan sprints complete
- Typecheck clean, 1483/1483 tests pass
2026-03-22 01:23:08 -07:00

172 lines
12 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Workspace TODO / Disabled Feature Audit
> **Generated:** 2026-03-22
> **Scope:** All 15 workspace repos — platform-service, dashboards, packages, 9 product backends + webs
> **Method:** Automated grep scan for `TODO`, `FIXME`, `HACK`, disabled features, stubs, `console.log`
---
## Executive Summary
| Area | Actionable TODOs | False Positives | Priority Items |
| ------------------------------ | :--------------: | :---------------: | :------------: |
| **platform-service** | **12** | 0 | 5 |
| **admin-web** | **1** | 0 | 1 |
| **tracker-web** | **1** | 0 | 1 |
| **user-dashboard-web** | **1** | 0 | 1 |
| **shared packages** | **3** | 2 (test/template) | 1 |
| **product backends** (9 repos) | **0** | 0 | 0 |
| **product webs** (9 repos) | **0** | 0 | 0 |
| **Total** | **18** | 2 | **8** |
**Verdict:** The codebase is in strong shape. All 9 product backends and webs are TODO-free. The 18 actionable items are concentrated in platform-service (the largest service with 37+ modules). Most are low-risk "wire integration" tasks that don't block core functionality.
---
## Findings by Priority
### P0 — High Impact, Low Effort (resolved)
| # | Location | TODO | Effort | Status |
| --- | ----------------------------------------- | ------------------------ | ------ | ------------------ |
| 1 | `admin-web/src/app/error.tsx:13` | Send errors to telemetry | **S** | ✅ FIXED `34c3436` |
| 2 | `tracker-web/src/app/error.tsx:13` | Send errors to telemetry | **S** | ✅ FIXED `34c3436` |
| 3 | `user-dashboard-web/src/app/error.tsx:13` | Send errors to telemetry | **S** | ✅ FIXED `4641daa` |
**Status:** All 3 resolved — wired `trackEvent('error', 'global', 'unhandled_error', ...)` with error name, message, and digest.
---
### P1 — Medium Impact, Medium Effort (resolved)
| # | Location | TODO | Effort | Status |
| --- | ------------------------------------------- | ---------------------------------------------- | ------ | -------- |
| 4 | `delivery/subscribers.ts` — payment.failed | User lookup + payment-failed email dispatch | **M** | ✅ FIXED |
| 5 | `delivery/subscribers.ts` — trial_expiring | User lookup + trial-expiring email dispatch | **M** | ✅ FIXED |
| 6 | `delivery/subscribers.ts` — trial_expired | User lookup + trial-expired email dispatch | **M** | ✅ FIXED |
| 7 | `surveys/routes.ts` — incentive fulfillment | Wire subscriptions module for pro_days/credits | **M** | ✅ FIXED |
**Status:** All 4 resolved. Added `resolveUserEmail()` helper using auth repo `getById()`. Survey incentives now extend `currentPeriodEnd` for pro_days and add `tokensIncluded` for credits via subscriptions module.
---
### P2 — Low Impact, Medium Effort (resolved)
| # | Location | TODO | Effort | Status |
| --- | ----------------------------------------------------- | ------------------------------------------------------------------------ | ------ | ----------- |
| 8 | `telemetry/repository.ts` — upsertEventsBatch | Group by pk for partition-aware batching | **M** | ✅ FIXED |
| 9 | `exports/routes.ts` — export processing | Async export via setImmediate + data source queries + CSV/JSON serialize | **L** | ✅ FIXED |
| 10 | `broadcasts/repository.ts` — estimateTargetReach | Real user count query via auth module | **M** | ✅ FIXED |
| 11 | `broadcasts/routes.ts` — broadcast delivery | Async delivery via setImmediate + dispatchEmail per user | **L** | ✅ FIXED |
| 12 | `waitlist/routes.ts` — CAPTCHA validation | Requires external API keys (Turnstile/hCaptcha) | **M** | ⏭️ DEFERRED |
| 13 | `waitlist/routes.ts` — auto-generate invitation codes | Wire invitations/repository.create() per entry | **S** | ✅ FIXED |
**Status:** 5 of 6 resolved. Item 12 (CAPTCHA) deferred — requires Turnstile/hCaptcha/reCAPTCHA API key configuration.
---
### P3 — Operational / Nice-to-Have (resolved)
| # | Location | TODO | Effort | Status |
| --- | ------------------------------------------------- | ---------------------------------------------------------------- | ------ | -------- |
| 14 | `diagnostics/subscribers.ts` — session.cancelled | Notify admin who created the session via email | **S** | ✅ FIXED |
| 15 | `diagnostics/subscribers.ts` — session.completed | Email summary (logs/traces/screenshots) to admin | **S** | ✅ FIXED |
| 16 | `diagnostics/subscribers.ts` — ingest.fatal | Send Slack alert for on-call engineer | **L** | ✅ FIXED |
| 17 | `feedback-client/integration.test.ts` — blob skip | Clarify skip mechanism with NOTE (was TODO-4) | **S** | ✅ FIXED |
| 18 | `feedback-client/gdpr.test.ts` — lifecycle policy | Accept Azure lifecycle policy as intended mechanism (was TODO-7) | **XS** | ✅ FIXED |
**Status:** All 5 resolved. Diagnostics notifications wired via delivery module (dispatchEmail for admin notifications, dispatchSlack for FATAL alerts). Test TODOs converted to NOTE/accepted.
---
### Post-Audit Review (2026-03-22) — 8 bugs found in P2/P3 implementations
| # | Location | Bug | Severity | Status |
| --- | ------------------------------------------------ | ---------------------------------------------------------------- | -------- | ------------------ |
| R1 | `diagnostics/subscribers.ts` — session.cancelled | Used non-existent `'generic'` template ID (throws at runtime) | **P0** | ✅ FIXED `73b07c2` |
| R2 | `diagnostics/subscribers.ts` — session.completed | Used non-existent `'generic'` template ID (throws at runtime) | **P0** | ✅ FIXED `73b07c2` |
| R3 | `delivery/templates.ts` | Missing `'broadcast'` template used by broadcast delivery | **P0** | ✅ FIXED `73b07c2` |
| R4 | `broadcasts/routes.ts` — delivery complete | Dot-path `'metrics.sent'` in updateBroadcast (not Cosmos syntax) | **P1** | ✅ FIXED `73b07c2` |
| R5 | `exports/routes.ts` — async processing | Serialized data computed but never stored — no download endpoint | **P1** | ✅ FIXED `73b07c2` |
| R6 | `waitlist/routes.ts` — batch invite | Stored code string as `invitationCodeId` instead of doc ID | **P2** | ✅ FIXED `73b07c2` |
| R7 | `diagnostics/subscribers.ts` — session.created | Target user email not sent (just logging) despite template exist | **P2** | ✅ FIXED `841cdf3` |
| R8 | `events/types.ts` + `delivery/subscribers.ts` | `payment.failed` missing `currency` field (inconsistent schema) | **P2** | ✅ FIXED `841cdf3` |
| R9 | `exports/routes.ts` — list endpoint | Returns full `data` payload in list response (perf/security) | **P2** | ✅ FIXED (pending) |
---
## Items Explicitly NOT TODOs (Excluded)
These were found in scans but are **not actionable gaps**:
| Location | Content | Why Excluded |
| --------------------------------------------------- | ---------------------------------------------------------- | --------------------------------------------------------------- |
| `packages/create-app/src/lib/templates.ts:276` | `// TODO: Register your route modules here` | Template placeholder for `create-app` scaffolding — intentional |
| `packages/feedback-client/src/gdpr.test.ts:23` | `describeIntegration('GDPR Deletion Compliance (TODO-5)')` | Test suite name contains TODO — it's a label, not missing work |
| `user-dashboard-web/.../sessions/[id]/page.tsx:695` | `['list', 'todo', 'task', 'priority'...]` | String data containing the word "todo" — not a code TODO |
| All `*.test.ts` files with "mock" | Test mocks using vi.fn() / vi.mock() | Standard test pattern, not production stubs |
---
## Repos With Zero TODOs (Clean)
These backends and webs have **no actionable TODOs** — fully implemented:
| Repo | Backend | Web | Notes |
| ---------------------- | :-----: | :--: | ------------------------ |
| **ActionTrail** | ✅ 0 | ✅ 0 | Production-ready, v1.0.0 |
| **NoteLett** | ✅ 0 | ✅ 0 | MCP tools complete |
| **FlowMonk** | ✅ 0 | ✅ 0 | Scheduler complete |
| **JarvisJr** | ✅ 0 | ✅ 0 | Voice + agents |
| **ChronoMind** | ✅ 0 | — | Timers + cascades |
| **PeakPulse** | ✅ 0 | — | Adventure tracker |
| **NomGap** | ✅ 0 | — | Fasting app |
| **Local Memory GPT** | ✅ 0 | — | Local AI chat |
| **MindLyst** | ✅ 0 | — | KMP shared module |
| **LysnrAI** (backend) | ✅ 0 | — | 62 tests |
| **extraction-service** | ✅ 0 | — | Python sidecar |
| **mcp-server** | ✅ 0 | — | MCP protocol |
---
## Recommended Action Plan
### Sprint A (12 days) — Quick Wins ✅ COMPLETE
1. ~~Wire telemetry `reportError()` in all 3 dashboard `error.tsx` files~~
2. ~~Wire waitlist → invitations module for auto-generated invite codes~~
### Sprint B (35 days) — User-Facing Gaps ✅ COMPLETE
3. ~~Implement user lookup helper for delivery subscribers~~
4. ~~Wire survey incentive fulfillment to billing/subscriptions module~~
5. ~~Wire export job processing through the jobs module~~
### Sprint C (deferred → resolved) ✅ COMPLETE
6. ~~Implement real broadcast audience estimation query~~
7. ~~Wire broadcast delivery via event bus~~
8. Add CAPTCHA validation to waitlist signup ⏭️ DEFERRED (requires API keys)
9. ~~Telemetry bulk upsert optimization~~
10. ~~PagerDuty/Slack integration for FATAL diagnostic logs~~
### Post-Audit Review ✅ COMPLETE
11. ~~8 bugs found and fixed in P2/P3 implementations~~ ✅ (`73b07c2`, `841cdf3`)
---
## Methodology
**Scanned 15 repos across:**
- 3 dashboards (admin-web, tracker-web, user-dashboard-web)
- 3 services (platform-service, extraction-service, mcp-server)
- 14+ shared packages
- 9 product backends (LysnrAI, ActionTrail, NoteLett, FlowMonk, JarvisJr, ChronoMind, PeakPulse, NomGap, Local Memory GPT)
- 9 product webs
**Search patterns:** `TODO`, `FIXME`, `HACK`, `STUB`, `XXX`, `console.log`, `disabled`, `stub`, `placeholder`, `not implemented`, `noop`
**Excluded:** test file mocks/stubs, template placeholders, data strings containing "todo", `console.error` in catch blocks (acceptable browser error logging)
Reference in New Issue View Git Blame Copy Permalink