learning_ai_invt_trdg/docs/CODEX_RESUME_PROMPT.md

# Codex Resume Prompt — Trading Web Redesign + Cross-Workspace Audit

Paste the contents of this file into a fresh Codex / Claude / Gemini agent
session running on the **same machine** that did the original work
(`Sar-M2-bl`, user `saravana`). The agent will pick up where the previous
session left off and drive toward 100% completion of the audit backlog plus
opportunistic improvements.

The short "copy-paste" version of this prompt lives at the bottom of this
file. The long version is the full agent brief — the short one tells the
agent to read the long one.

---

## ── BEGIN AGENT BRIEF ──

You are resuming an in-progress audit + redesign across two sibling repos on
this machine. Two prior sessions already shipped the foundational work and
the audit. Your job is to drive the open audit items to ✅ done with
high-quality, no-regression commits. Do not start over. Do not skip the
verification gates.

### Step 0 — Required reads (do this BEFORE writing any code)

Read these four files in order. They are the source of truth — anything
contradicting them is wrong:

1. `/Users/saravana/BytelystAI/trading/learning_ai_invt_trdg/docs/HANDOVER.md`
2. `/Users/saravana/BytelystAI/trading/learning_ai_invt_trdg/docs/AUDIT_REDESIGN.md`
3. `/Users/saravana/BytelystAI/learning_ai/learning_ai_common_plat/docs/HANDOVER.md`
4. `/Users/saravana/BytelystAI/learning_ai/learning_ai_common_plat/docs/AUDIT_PLATFORM.md`

After reading, summarise in your own words: which items are ✅ done, which
are 🟦 in progress, which are ⬜ open, and which one you are about to
attempt. If your summary disagrees with the audit doc tables, re-read.

### Step 1 — Environment

This machine has the private-registry token in `~/.zshrc`. Every shell you
spawn must `source ~/.zshrc` before running `pnpm`. Without it `pnpm`
prints `WARN: Failed to replace env in config: ${GITEA_NPM_TOKEN}` and the
install will fail on private `@bytelyst/*` packages.

```bash
source ~/.zshrc           # gets GITEA_NPM_TOKEN onto your shell
echo "$GITEA_NPM_TOKEN" | wc -c     # should print 41 (40 chars + newline)
```

### Step 2 — Verification gates (run BEFORE and AFTER every change)

You MUST run the appropriate gate before claiming any item is ✅ done. If
a gate fails after your change, you broke something — fix it before
committing. Do NOT --no-verify. Do NOT skip hooks.

**Trading repo gates** (`cd /Users/saravana/BytelystAI/trading/learning_ai_invt_trdg`):

```bash
npm --prefix web run typecheck            # → exit 0
npm --prefix web run build                # → ✓ built
npm --prefix web test                     # → 151+ pass / ≤4 known fails
npx tsc --noEmit -p backend/tsconfig.json # → exit 0
```

**Platform repo gates** (`cd /Users/saravana/BytelystAI/learning_ai/learning_ai_common_plat`):

```bash
source ~/.zshrc
pnpm typecheck                            # → exit 0
pnpm test                                 # → ~2,200 pass
pnpm lint > /tmp/lint.log 2>&1            # at the start: 85 pre-existing
                                          # errors. After your fix: count
                                          # MUST go down, not up.
```

The 4 known trading test failures are documented as audit items F7+F8.
They are NOT regressions. If you see >4 failures, you regressed.

### Step 3 — Priority queue (work top-down)

These are ordered for highest-value-per-hour. Pick one, finish it, commit,
push, tick the audit doc, then move to the next. Do not parallelise
unrelated buckets.

| #  | Repo     | Item   | What to do                                                                                          | Effort |
| -- | -------- | ------ | --------------------------------------------------------------------------------------------------- | ------ |
| 1  | trading  | E2     | Regen root `pnpm-lock.yaml` so CI sees `react-router-dom`, `@monaco-editor/react`, `@dnd-kit/*`     | 5 min  |
| 2  | trading  | F7+F8  | Fix the 4 pre-existing test failures (`useTabFeatureFlags` cache + `EntryForm` alert)               | 1-2 hr |
| 3  | trading  | B1     | Build RSI/MACD/Bollinger overlay toggles in `web/src/views/HomeView.tsx`'s `StockChart`             | 2-3 hr |
| 4  | trading  | B2+B3  | Wire ★ Watchlist + 🔔 buttons in `TickerHeader`; pull company name from `fetchResearchProfile`        | 1-2 hr |
| 5  | trading  | C2     | Add in-memory FMP cache (30-min TTL, key by full URL) — free tier is 250 req/day                    | 1-2 hr |
| 6  | trading  | F6     | Tests for the 7 new backend endpoints (chart/bars, news, indices, research×3, screener)             | 2-3 hr |
| 7  | trading  | C1     | Sandbox or refuse `strategyConfig.type === 'code'` in `/api/backtest/run`. Currently no handler.    | 4-6 hr |
| 8  | trading  | B6     | Make `CodeStrategyEditor` "Save" actually persist via `createTradeProfile` (not just localStorage)  | 1 hr   |
| 9  | trading  | D1     | Skeleton loaders for News, ResearchCards, Screener (replace plain "Loading…" text)                  | 1-2 hr |
| 10 | trading  | D5     | Responsive layout: collapse sidebar + hide right panel under 1024 px                                | 3-4 hr |
| 11 | platform | P-sweep| Per-package `pnpm --filter <pkg> lint:fix` for the 85 surfaced errors. ONE COMMIT PER PACKAGE.      | 2-4 hr |
| 12 | trading  | G1-G4  | Mobile parity: news/research/screener tabs in Expo app. Code editor stays web-only.                 | days   |

For each item the full description + acceptance criteria is in the
corresponding audit doc row. Do not invent your own scope.

### Step 4 — Commit conventions

The previous sessions used these conventions. Match them exactly so the
audit history stays grep-able.

- One audit item (or one bucket of related items) per commit.
- Subject line: `<type>(<id>): short description` — e.g.
  `fix(B1): wire RSI/MACD/Bollinger overlay toggles`,
  `test(F6): add coverage for /api/chart/bars`,
  `chore(P-sweep): pnpm --filter @bytelyst/auth lint:fix`.
- Body explains the WHY in present-tense prose, not a bullet list of files.
  Reference audit IDs at the bottom: `Refs: docs/AUDIT_REDESIGN.md item B1.`
- End with `Co-Authored-By: <model> <noreply@anthropic.com>` (use your
  actual model name).
- After committing, **edit the audit doc table row**: change `⬜` → `✅`
  and put the short commit hash in the "Fix commit" column.

### Step 5 — Things to NEVER do

1. **Do not commit `pnpm-lock.yaml` regenerated as a side effect.** If
   your work changes deps, mention it in the commit body and let the
   reviewer decide. The platform repo currently has a +2.9k/-8.5k lockfile
   diff sitting in the working tree from the prior session — leave it
   alone unless you specifically own it.
2. **Do not touch the nomgap WIP files** in the platform repo
   (`docker-compose.ecosystem.yml`, `products/nomgap/product.json`,
   `services/platform-service/src/modules/flags/seed.ts`). They belong to
   another contributor's in-progress migration.
3. **Do not refactor unrelated code** because you "noticed it while
   nearby". Open a new audit row instead and let the human prioritise.
4. **Do not skip verification gates.** "TypeScript passes locally" is not
   verification — running the gate command and seeing exit 0 is.
5. **Do not bulk-fix the 85 platform lint errors in one commit.** Each
   package needs eyeball review (the autofixer can remove unused exports
   that are public API). One package = one commit.
6. **Do not push --force to main.** Backups exist
   (`backup/main-20260504-061739` in trading,
   `backup/main-20260504-062733` in platform) but rewriting public main
   history is still the wrong move.

### Step 6 — When you finish a chunk

After each commit + push:

1. Run the verification gates again (yes, again — the push hooks may have
   reformatted files).
2. Update the audit doc row.
3. Briefly tell the human: which item ID, which commit hash, what gate
   output you saw. Three sentences max.

If you complete an entire bucket (all rows ✅), open a new section in the
audit doc called "Bucket X — closed" with a one-paragraph retrospective
(what was harder than expected, what surfaced as follow-up work).

### Step 7 — When to stop and ask

Stop and ask the human, do not guess, when:

- An audit item's acceptance criteria is ambiguous and the existing code
  has no precedent.
- A fix would change a public API surface (exported function signature,
  endpoint contract, schema field).
- A gate fails and the failure is in code you didn't write and have no
  context for.
- You have closed everything in your priority slice and want to know what
  to pick up next.

Otherwise: keep going. The point of this brief is so you don't have to
ping the human every 10 minutes.

## ── END AGENT BRIEF ──

---

## Short copy-paste prompt for Codex

Paste this single block into Codex / Claude / Gemini:

```
Resume the trading-redesign + platform-audit work on this machine. Read
/Users/saravana/BytelystAI/trading/learning_ai_invt_trdg/docs/CODEX_RESUME_PROMPT.md
in full first — it contains your full brief, the priority queue, the
verification gates, and the commit conventions. Then start at the top of
the priority queue (item E2, regen the root pnpm-lock.yaml) and work
down, one commit per audit item, ticking the audit doc as you go.
Source ~/.zshrc in every shell so GITEA_NPM_TOKEN is available. Do not
skip verification gates. Do not touch the nomgap WIP files. When done
with a chunk, push and tell me the commit hash + gate output in three
sentences.
```