azaion/ui
1
0
Fork 0
mirror of https://github.com/azaion/ui.git synced 2026-06-21 14:41:10 +00:00
Code Issues Packages Projects Releases Wiki Activity
101 Commits 9 Branches 0 Tags
f754afff46013139ff6d2ed7bb4d717671df4d9f
Commit Graph

4 Commits

Author SHA1 Message Date
Oleksandr Bezdieniezhnykh ef56d9c207 [AZ-512] chore: reactivate for cycle 4 (Option B path) 
User authorized Option B from the original AZ-512 Cross-Workspace
Verification gate: implement UI form with MSW-stubbed tests in
parallel with AZ-513 shipping on admin/. Task spec moved from
backlog/ → todo/. STATUS line updated. Leftover record re-opened
until AZ-513 deploys live.

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-05-13 04:21:32 +03:00
Oleksandr Bezdieniezhnykh 09449bda2c [AZ-510][AZ-511][AZ-512][AZ-513] Cycle 3 Steps 12-15 + admin prereq
ci/woodpecker/push/build-arm Pipeline failed
Details 
Wrap up cycle 3 across the autodev existing-code Phase B steps that
follow Implement (Steps 12-15), plus the cross-workspace prerequisite
ticket filed for AZ-512.

Step 12 - Test-Spec Sync:
- Un-quarantine FT-P-01 in traceability-matrix (closed by AZ-510)
- Add AZ-510 chained /users/me failure-path test reference under AC-23
- Note AZ-512 deferral status under O9 (P12 Phase B target)

Step 13 - Update Docs (task mode):
- Refresh src__auth__AuthContext module doc with AZ-510 wire shape
  (POST refresh + chained /users/me + bootstrapInflight guard)
- Add usersMe() to src__api__endpoints module doc + consumer note
- Rename src__features__annotations__classColors module doc to
  src__class-colors__classColors (matches AZ-511 git mv); refresh header
- Refresh src__components__DetectionClasses + src__features__annotations
  module group doc for the new class-colors barrel import path
- Update components/11_class-colors Module Inventory to point at the
  renamed module doc filename
- Rewrite system-flows.md Flow F2 (Bearer auto-refresh) with the AZ-510
  POST + chained /users/me sequence; close Finding B3 references
- Generate ripple_log_cycle3 documenting all changed source files,
  their reverse-dependency search results, and the docs touched

Step 14 - Security Audit (cycle-3 delta):
- Resume mode against cycle-2 baseline; cycle-2 artifacts untouched
- Re-run bun audit on both roots: clean (cycle-2 inline fix held)
- Re-rate OWASP A06: FAIL -> PASS; A07: PASS_WITH_KNOWN -> PASS (B3
  closed by AZ-510)
- New finding F-SAST-CY3-1 (LOW): __resetBootstrapInflightForTests
  exposed via src/auth public barrel; defer to hygiene cycle
- Verdict: FAIL -> PASS_WITH_WARNINGS; one HIGH (F-SAST-1
  mission-planner git-history key, unchanged) remains
- Add amendment banner to cycle-2 security_report.md

Step 15 - Performance Test:
- Static profile NFT-PERF-01 PASS (290 575 B gzipped vs 2 MB budget;
  ~14% of budget; no regression from AZ-510 surface additions)
- E2E profile SKIP (Playwright perf project still pending AZ-457..AZ-482);
  legitimate skip per test-run skill, gap acknowledged in report
- AZ-510 200ms p95 chain NFR verified at spec level only - no CI gate
  yet (covered by future AZ-457..AZ-482 work)

Cross-workspace prerequisite (AZ-513 just filed):
- Updated _docs/_process_leftovers/2026-05-13_az-512-admin-classes-prereq.md
  to reflect AZ-513 filing on admin/ workspace (parent epic AZ-509,
  Blocks link to AZ-512). Companion task spec added in admin/ repo
  (separate commit there, owned by admin/ workspace).

State file: advanced to Step 16 (Deploy) per autodev existing-code flow.

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-05-13 03:58:21 +03:00
Oleksandr Bezdieniezhnykh 6c7e29722f [AZ-512] Defer to backlog at cross-workspace BLOCKING gate 
AZ-512 (Admin edit detection class) hit its spec-defined Cross-Workspace
Verification gate during cycle 3 batch 15. The admin/ service
(Azaion.AdminApi/Program.cs) exposes /login, /users*, /resources* only — no
/classes routes exist, so neither the PATCH this task needs nor the
POST/DELETE that AdminPage.tsx already calls today are wired end-to-end.

Per the spec's Choose A/B/C (user skipped, defaulted to A): file a
prerequisite ticket on admin/ and pause AZ-512 in backlog/. AZ-510 + AZ-511
already shipped this cycle; cycle 3 closes with 6 of 9 points delivered.

- Move AZ-512 spec from todo/ to backlog/ with a STATUS banner.
- Add Jira comment on AZ-512 documenting the blocker + replay path.
- Write leftover record _docs/_process_leftovers/2026-05-13_az-512-...
  capturing the full prerequisite payload (suggested ticket summary,
  description, ACs, story points) and the side observation that the
  existing add+delete affordances on the Detection Classes table are
  also broken end-to-end against admin/ (pre-existing bug, NOT
  introduced by cycle 3).
- Write batch 15 deferral report.
- Write Product Implementation Completeness Gate report (PASS for
  AZ-510 + AZ-511; AZ-512 deferred is outside the gate's scope).
- Write final cycle 3 implementation report with handoff to Step 11.
- Advance state: step 10 -> step 11 (Run Tests).

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-05-13 03:16:39 +03:00
Oleksandr Bezdieniezhnykh 15838c5cc1 Update autodev state and lessons documentation
ci/woodpecker/push/build-arm Pipeline failed
Details 
- Changed current step from 15 (Performance Test) to 9 (New Task) in _docs/_autodev_state.md, reflecting the transition to Cycle 3.
- Updated cycle count from 2 to 3 and modified sub-step details to indicate progress in gathering feature descriptions.
- Added new lessons to _docs/LESSONS.md, emphasizing best practices for API key management, dependency handling, and reporting inline fixes during security audits.
- Enhanced CI/CD pipeline documentation in _docs/02_document/deployment/ci_cd_pipeline.md to include new gates for vulnerability scans and SBOM emissions, along with dependency overrides for transitive dependencies.
- Expanded environment strategy documentation in _docs/02_document/deployment/environment_strategy.md to include the new Google Geocode API key management.

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-05-12 22:49:38 +03:00