azaion/ui
1
0
Fork 0
mirror of https://github.com/azaion/ui.git synced 2026-06-21 21:01:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update autodev state and lessons documentation
ci/woodpecker/push/build-arm Pipeline failed
Details

Browse Source 
- Changed current step from 15 (Performance Test) to 9 (New Task) in _docs/_autodev_state.md, reflecting the transition to Cycle 3.
- Updated cycle count from 2 to 3 and modified sub-step details to indicate progress in gathering feature descriptions.
- Added new lessons to _docs/LESSONS.md, emphasizing best practices for API key management, dependency handling, and reporting inline fixes during security audits.
- Enhanced CI/CD pipeline documentation in _docs/02_document/deployment/ci_cd_pipeline.md to include new gates for vulnerability scans and SBOM emissions, along with dependency overrides for transitive dependencies.
- Expanded environment strategy documentation in _docs/02_document/deployment/environment_strategy.md to include the new Google Geocode API key management.

Co-authored-by: Cursor <cursoragent@cursor.com>
This commit is contained in:
Oleksandr Bezdieniezhnykh
2026-05-12 22:49:38 +03:00
parent f7dd6c98d8
commit 15838c5cc1
8 changed files with 451 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files
_docs/_autodev_state.md
+10 -15
View File
@@ -2,24 +2,19 @@
## Current Step
flow: existing-code
step: 15
name: Performance Test
status: not_started
step: 9
name: New Task
status: in_progress
sub_step:
phase: 0
name: awaiting-invocation
phase: 1
name: gather-feature-description
detail: ""
retry_count: 0
cycle: 2
cycle: 3
tracker: jira
## Notes
- Cycle 2 Step 14 CLOSED. Audit: `_docs/05_security/` (5 reports). Verdict:
FAIL (1 HIGH F-SAST-1, 1 HIGH F-DEP-1, 7 MED, 2 LOW). User chose A —
fixed both HIGH inline (AZ-501 Google key, AZ-502 Vite/PostCSS).
Implementation report: `_docs/03_implementation/batch_12_report.md`.
Static + fast: 229 PASS / 13 SKIP / 0 FAIL. Both tickets transitioned to
"In Progress" in Jira. PENDING USER: AZ-501 AC-6 (Google key revocation
at Google Cloud Console) + AZ-499 AC-7 (OWM key revocation, carried from
earlier). PENDING CROSS-WORKSPACE: AZ-498 deploy gate (Step 16).
Phase B follow-ups deferred: F-INF-1..F-INF-5 in security audit report.
- Cycle 3 entered via auto-loop from cycle 2 retrospective.
- Cycle 2 leftovers carried forward (`_docs/_process_leftovers/2026-05-12_az-498-deploy-and-key-revocations.md`):
- L-AZ-498-DEPLOY → scheduled for cycle 3 Step 16 (cross-workspace gate).
- L-AZ-499-OWM-REVOKE / L-AZ-501-GOOGLE-REVOKE → await user manual action at OWM / Google Cloud dashboards.