From 9d3c0774ec7459f71bf819b2e47371995e630c7f Mon Sep 17 00:00:00 2001 From: Saravana Achu Mac Date: Tue, 5 May 2026 09:42:42 -0700 Subject: [PATCH] docs(roadmap): record config validation tests --- docs/PRODUCTION_READINESS_HANDOFF_ROADMAP.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/PRODUCTION_READINESS_HANDOFF_ROADMAP.md b/docs/PRODUCTION_READINESS_HANDOFF_ROADMAP.md index 1316a15..13939c7 100644 --- a/docs/PRODUCTION_READINESS_HANDOFF_ROADMAP.md +++ b/docs/PRODUCTION_READINESS_HANDOFF_ROADMAP.md @@ -139,7 +139,7 @@ Acceptance criteria: Goal: production starts fail closed and do not silently run with development-only security. - [x] **P3.1** Change backend config validation so production cannot use default `JWT_SECRET`, memory DB, disabled encryption by accident, or missing Cosmos credentials. Keep test/dev ergonomics intact. Commit: `e7d381f`; Verified: `GITEA_NPM_TOKEN=dummy pnpm --filter @notelett/backend run typecheck`; `node --import tsx --input-type=module -e "import { parseConfig } from './src/lib/config.ts'; ..."` accepted a safe production env and rejected unsafe defaults; `git diff --check`. Added exported `parseConfig()`, safe string boolean parsing, development JWT defaulting only for non-production ergonomics, production rejection for default/short JWT secrets, memory DB, missing Cosmos endpoint/key/database, disabled field encryption, and production memory key provider. -- [ ] **P3.2** Add tests for production config validation: missing secret, default secret, memory DB in production, missing Cosmos env, encryption provider requirements. Commit: +- [x] **P3.2** Add tests for production config validation: missing secret, default secret, memory DB in production, missing Cosmos env, encryption provider requirements. Commit: `8007fac`; Verified: `GITEA_NPM_TOKEN=dummy pnpm --filter @notelett/backend exec vitest run src/lib/config.test.ts`; `GITEA_NPM_TOKEN=dummy pnpm --filter @notelett/backend run typecheck`; `git diff --check`. Added 11 focused config tests covering dev ergonomics, safe production config, missing/default/short production JWTs, memory DB rejection, missing Cosmos env, disabled encryption, production memory provider rejection, env key requirements, and AKV URL requirements. - [ ] **P3.3** Review all unauthenticated backend endpoints. Keep `/health`, `/api/bootstrap`, and public share reads intentional; protect diagnostics or make them explicitly dev/admin-gated. Commit: - [ ] **P3.4** Add or verify rate limiting and abuse controls for public share, auth-facing, prompt, intake, and LLM-backed endpoints using shared platform patterns where available. Commit: - [ ] **P3.5** Verify agent write paths enforce role, product scope, workspace membership, idempotency, dry-run, and audit trail behavior. Add missing tests. Commit: