From 58bf0348d767393ef82b7de8eadea178067c79d6 Mon Sep 17 00:00:00 2001 From: BOHA Date: Sat, 6 Jun 2026 02:00:04 +0200 Subject: [PATCH] docs(audit): start overnight codebase consistency audit report (C1, C2) Co-Authored-By: Claude Opus 4.8 (1M context) --- docs/codebase-audit-2026-06-06.md | 51 +++++++++++++++++++++++++++++++ 1 file changed, 51 insertions(+) create mode 100644 docs/codebase-audit-2026-06-06.md diff --git a/docs/codebase-audit-2026-06-06.md b/docs/codebase-audit-2026-06-06.md new file mode 100644 index 0000000..ae94b9f --- /dev/null +++ b/docs/codebase-audit-2026-06-06.md @@ -0,0 +1,51 @@ +# Codebase Consistency & Best-Practices Audit — 2026-06-06 (overnight) + +**Branch:** `chore/codebase-consistency-audit` (off `master` @ v1.9.0). Nothing here is pushed or deployed; for user review in the morning. + +**Mandate (from user):** scan the whole codebase, find inconsistencies, unify manners/conventions, apply best practices (use context7 for library docs). Edit CLAUDE.md to codify rules. Work only in the project dir. Use many agents. + +**Operating rules I'm following (self-imposed for safe autonomous work):** + +- Isolated branch only. Never touch `master`, never push, never deploy, never touch prod/DB. +- Keep `tsc` (server+client) at 0 and `vitest` green after every change set. +- Prefer documenting risky/large refactors over auto-applying them. Auto-apply only safe, verified, mechanical unifications. +- Don't `git add -A`; stage explicit paths. + +--- + +## 🔴 CRITICAL FINDINGS (need user action) + +### C1 — v1.9.0 production regression: plan edit-modal delete button missing + +- **Cause:** `FormModal`'s `footerLeft` / `hideCloseButton` props + modal animations lived only in the user's _uncommitted_ working tree. Committed `PlanCellModal.tsx:225` (and the modal system) depend on `footerLeft`. Releases build from committed code (WIP stashed), so v1.9.0 shipped a `FormModal` without the footer-left slot → the **delete button in the plan entry/override edit modal does not render in production**. Also caused a committed-code `tsc` error (TS2322). +- **Impact:** plan entry/override deletion via the edit modal is broken in prod v1.9.0. Category management is NOT affected (it uses `hideFooter` + in-body delete). Minor cosmetic: modal entry animation, `hideCloseButton`. +- **Fix:** committed the modal enhancements (`86e4cbf` on this branch). **Needs a patch release (v1.9.1) to fix prod.** +- **Status:** fixed on branch; prod patch pending user. + +### C2 — test suite was red on master/v1.9.0 (2 failing auth tests) + +- **Cause:** the JWT log-noise fix (`88c9b7c`) stopped logging expected invalid/expired tokens, but `auth.service.test.ts` still asserted it logged. The wrong auth test file (`auth.test.ts`) was run when that change landed, so 2 failing tests shipped on master. +- **Fix:** updated the tests to assert null + no-log for `JsonWebTokenError` cases (`55a2c50`). Suite back to **134/134**. +- **Status:** fixed on branch. (No runtime impact; CI/test hygiene + would also be cleared by the v1.9.1 patch.) + +--- + +## Findings log + +(Discovery sweep results appended below as agents report. Severity: critical/high/medium/low. Fix class: safe-auto / needs-judgment / manual.) + +## Changes applied on this branch + +- `86e4cbf` fix(modals): commit FormModal footerLeft/hideCloseButton enhancements committed code depends on. +- `55a2c50` test(auth): fix 2 failing verifyAccessToken tests (assert no-log for expected token errors). + +## Progress tracker + +- [x] Branch + clean baseline (tsc server 0 / client 0; vitest 134). +- [x] C1 modal regression found + fixed. +- [x] C2 red test suite found + fixed (134/134). +- [ ] Discovery sweep (parallel audit across ~16 dimensions) — running. +- [ ] Synthesis + prioritization. +- [ ] Safe unifications applied (verified). +- [ ] CLAUDE.md updated with codified conventions. +- [ ] Final verification + summary.