ui/_docs/03_implementation/batch_02_report.md

Batch Report

Batch: 02 Tasks: AZ-457 (auth & token handling), AZ-459 (wire-contract enums), AZ-465 (i18n), AZ-481 (CI image labels) Date: 2026-05-11 Cycle: Phase A baseline, Step 6 — Implement Tests Total complexity: 12 pts (5 + 2 + 3 + 2)

Task Results

Task	Status	Files Modified	Tests	AC Coverage	Issues
AZ-457_test_auth_token_handling	Done	4 created (3 fast + 1 e2e)	16 fast PASS, 4 e2e gated by suite stack	4 / 4 ACs covered	1 documented drift (FT-P-01 it.fails() until Step 4 fix)
AZ-459_test_wire_contract_enums	Done	2 created (1 fast + 1 e2e)	11 fast (2 skipped per verification_pending), 1 e2e (drift-gated)	4 / 4 ACs covered	3 documented drifts (AnnotationStatus, MediaStatus, Affiliation — Step 4 .NET inspection pending)
AZ-465_test_i18n	Done	4 created (1 fast + 2 static helpers + 1 allowlist)	4 fast (2 quarantined), 2 static checks PASS	4 / 4 ACs covered	2 quarantined (FT-P-24/25 — detector + persistence not yet implemented in production)
AZ-481_test_ci_image_labels	Done	1 created (static check), wired into runner	6 static findings (5 PASS, 1 DRIFT for image.title)	3 / 3 ACs covered	1 documented drift (org.opencontainers.image.title missing — foundation/CI-CD follow-up)

AC Test Coverage: All covered

AZ-457 — Auth & token handling (11 scenarios, 4 ACs)

Scenario	Where	Profile	Status (this run)
FT-P-01 (row 02) bootstrap refresh credentials:'include'	src/auth/AuthContext.test.tsx	fast	PASS via it.fails() (drift documented; flips when Step 4 fix lands)
FT-P-02 (rows 03, 12) 401→refresh→retry	src/api/client.test.ts (fast) + e2e/tests/auth.e2e.ts (e2e)	fast + e2e	fast PASS; e2e gated by suite stack
FT-P-03 (row 11) refresh transparency	src/auth/AuthContext.test.tsx	fast	PASS
FT-N-04 (row 09) unauthenticated /admin → /login	src/auth/ProtectedRoute.test.tsx	fast	PASS
NFT-SEC-01 bearer never in browser storage	src/auth/AuthContext.test.tsx (fast) + e2e companion	fast + e2e	fast PASS; e2e gated
NFT-SEC-02 refresh cookie not in document.cookie	src/auth/AuthContext.test.tsx (fast) + e2e companion	fast + e2e	fast PASS; e2e gated
NFT-SEC-03 refresh cookie Secure; HttpOnly; SameSite=Strict	e2e/tests/auth.e2e.ts	e2e only	gated
NFT-SEC-04 credentials:'include' on every authed fetch	src/api/client.test.ts	fast	one assertion PASS, broader claim it.fails() (Step 4 quarantine)
NFT-PERF-02 exactly one refresh per cycle	src/api/client.test.ts	fast	PASS
NFT-RES-01 transparent recovery	src/api/client.test.ts	fast	PASS
NFT-RES-08 expired refresh → /login	src/api/client.test.ts + src/auth/ProtectedRoute.test.tsx	fast	PASS

AZ-459 — Wire-contract enums (4 scenarios, 4 ACs)

Scenario	Where	Profile	Status
FT-P-04 (row 14) AnnotationStatus	tests/wire_contract.test.ts	fast	PASS via it.fails() (drift documented)
FT-P-05 (rows 15-17) MediaStatus / Affiliation / CombatReadiness	tests/wire_contract.test.ts	fast	MediaStatus + Affiliation it.fails() (drift); CombatReadiness it.skip (verification_pending)
FT-P-06 (rows 18, 19) detection wire payload	tests/wire_contract.test.ts (fast control) + e2e/tests/wire_contract.e2e.ts (@drift)	fast + e2e	fast PASS; e2e gated by AZAION_RUN_DRIFT_E2E=1
FT-N-15 MediaType magic-literal hygiene	scripts/run-tests.sh (STC-FN15, static) + tests/wire_contract.test.ts (fast)	static + fast	static PASS; fast PASS for typed-shape, it.skip for value-set (verification_pending)

AZ-465 — i18n (4 scenarios, 4 ACs)

Scenario	Where	Profile	Status
FT-P-22 (row 45) en↔ua key parity	scripts/check-i18n-coverage.mjs via STC-FP22	static	PASS
FT-P-23 (row 46) no raw user strings outside t()	scripts/check-i18n-coverage.mjs --coverage-only via STC-FP23 + tests/i18n-allowlist.json	static	PASS (allow-list seeded with current pre-existing raw strings; CI gates growth)
FT-P-24 (row 47) detector path on first boot	tests/i18n.test.tsx	fast + e2e	it.skip (QUARANTINE: detector not wired in src/i18n/i18n.ts today) + control test asserts the gap
FT-P-25 (row 48) persistence across reload	tests/i18n.test.tsx	fast + e2e	it.skip (QUARANTINE: no persistence adapter today) + control test asserts the gap

AZ-481 — CI image labels (3 scenarios, 3 ACs)

Scenario	Where	Profile	Status
NFT-RES-LIM-11 tag scheme ${branch}-arm	scripts/check-ci-image-labels.mjs via STC-CI11 (parses .woodpecker/build-arm.yml)	static	PASS
NFT-RES-LIM-12 OCI labels present	same	static	revision/created/source PASS; org.opencontainers.image.title reported DRIFT (lifting the drift is a follow-up CI hygiene task — not in scope here)
NFT-RES-LIM-13 revision label = $CI_COMMIT_SHA	same	static	PASS
(e2e portion against pushed image)	not run on host	requires-ci	gated; requires-ci per _dependencies_table.md

Code Review Verdict: PASS_WITH_WARNINGS

Self-review (4-task batch, sequential per .cursor/rules/no-subagents.mdc). Phases 1–7 of code-review/SKILL.md walked inline:

• Phase 1 (Context): each task spec re-read; _docs/02_document/module-layout.md Blackbox Tests envelope respected; _docs/00_problem/input_data/enum_spec_snapshot.json is the contract pin for AZ-459; .woodpecker/build-arm.yml is the SUT for AZ-481.
• Phase 2 (Spec compliance): every AC across the four task specs has at least one test (running, it.fails(), or it.skip with quarantine reason). Drift handling (AZ-459 §AC-2 "Drift surfaces, not silently passes" + verification_pending markers) implemented uniformly via it.fails() for documented UI drift and it.skip for verification_pending enums; AZ-481's static analogue uses a DRIFT finding category to surface the missing image.title label without gating CI.
• Phase 3 (Code quality): helper functions compareEnum, describeDrift, probeLabel, instrumentStorage each carry one responsibility; no bare catch; meaningful messages; arrange/act/assert respected; tests do not import <AuthContext> internals or <ProtectedRoute> internals (only setToken / getToken / setNavigateToLogin accessors per AZ-457 AC-2 and the autodev Step 4 testability accessors).
• Phase 4 (Security): no new secrets in test fixtures (re-uses AZ-456's placeholder argon2 hashes via the seed helpers); no use of eval / shell=True; static checks tightened to exclude *.test.{ts,tsx,spec.ts,spec.tsx} from production grep so test prose can mention forbidden tokens (e.g. document.cookie) without false positives.
• Phase 5 (Performance): fast suite ~3s wall-clock for 38 + 4-skipped tests (well under 5-min budget); static profile ~13s including vite build and tsc --noEmit (test).
• Phase 6 (Cross-task consistency): the four tasks touch disjoint subsystems (auth vs enums vs i18n vs CI config); no contract collisions, no duplicate symbols. The shared tests/helpers/{auth,navigate,render}.ts (landed in batch 1) is the only cross-task surface and is consumed read-only.
• Phase 7 (Architecture compliance):
  • Test files only import the public accessors of 01_api-transport (api, setToken, getToken) and 02_auth (ProtectedRoute default export — the public boundary), plus 00_foundation/i18n for AZ-465's reflective control test. No imports of <AuthContext> internals, no imports of _internal/ or *.internal.* files. Per the batch-1 finding (Low / Architecture / Interpretation), this is the same "test setup helper imports public accessors" pattern, now extended to the test bodies via the tests/helpers/ indirection.
  • No new cyclic module dependencies introduced (test files are leaves in the import graph).

Findings

1. Low / Maintainability — tests/i18n-allowlist.json was seeded with the current set of raw strings in src/ so that FT-P-23 (no raw user strings outside t()) passes today. This is per AZ-465 §Constraints ("Allow-list file lives at tests/i18n-allowlist.json; CI enforces it must not grow without a code-review reason") — the allow-list is a snapshot, not a permanent exemption. The static check enforces "must not grow without code review" because the JSON file is committed and any growth would be visible in PR diffs. Recommendation: a follow-up i18n-cleanup task (out of scope here) should drain the allow-list as keys are migrated to t(...).

2. Low / Style / Drift — scripts/check-ci-image-labels.mjs introduces a DRIFT finding category (parallels AZ-459's it.fails()) for the missing org.opencontainers.image.title OCI label in .woodpecker/build-arm.yml. The script reports DRIFT to stdout but does not exit non-zero. Rationale: lifting the drift requires editing CI config (foundation/CI-CD ownership envelope), which is out of scope for a test-only batch. Recommendation: file a follow-up CI hygiene task to add the --label org.opencontainers.image.title=azaion-ui clause; once landed, the DRIFT flips to PASS with no test change required.

3. Low / Architecture / Interpretation (carried over from batch 1) — same issue as batch 1: tests rely on tests/helpers/{render,auth,navigate}.ts which import production accessors. Reaffirmed here that "Black-box discipline applies to test bodies, not to test setup helpers / composition-root wrappers". The batch-1 recommendation (clarify the layout rule) still stands.

Auto-Fix Attempts: 0

Stuck Agents: None

Files Changed (12)

Created — src/ (3)

src/api/client.test.ts                # AZ-457 fast — 9 tests
src/auth/AuthContext.test.tsx         # AZ-457 fast — 4 tests
src/auth/ProtectedRoute.test.tsx      # AZ-457 fast — 3 tests

Created — tests/ (3)

tests/wire_contract.test.ts           # AZ-459 fast — 11 tests (2 skipped)
tests/i18n.test.tsx                   # AZ-465 fast — 4 tests (2 skipped)
tests/i18n-allowlist.json             # AZ-465 raw-string allow-list (seed)

Created — e2e/tests/ (2)

e2e/tests/auth.e2e.ts                 # AZ-457 e2e — 4 scenarios (gated by suite stack)
e2e/tests/wire_contract.e2e.ts        # AZ-459 e2e — drift-gated annotation save body

Created — scripts/ (2)

scripts/check-i18n-coverage.mjs       # AZ-465 STC-FP22 + STC-FP23
scripts/check-ci-image-labels.mjs     # AZ-481 STC-CI11

Modified (3)

scripts/run-tests.sh                  # +6 static checks (STC-FN15, STC-SEC4 refinement, STC-FP22, STC-FP23, STC-CI11) + src_grep test-file exclusion
tsconfig.json                         # +exclude src/**/*.{test,spec}.{ts,tsx} from production tsc -b
_docs/_autodev_state.md               # batch 2 sub_step pointer

Verification Run (host)

$ bun run test:fast
 ✓ mission-planner/src/test/jsonImport.test.ts (6 tests) 7ms
 ✓ tests/wire_contract.test.ts (11 tests | 2 skipped) 9ms
 ✓ tests/infrastructure.test.ts (5 tests) 35ms
 ✓ tests/i18n.test.tsx (4 tests | 2 skipped) 3ms
 ✓ src/api/client.test.ts (9 tests) 58ms
 ✓ src/auth/ProtectedRoute.test.tsx (3 tests) 76ms
 ✓ src/auth/AuthContext.test.tsx (4 tests) 241ms
 Test Files  7 passed (7)
      Tests  38 passed | 4 skipped (42)

$ ./scripts/run-tests.sh --static-only
[run-tests] static profile PASSED — 19/19 checks (was 13 in batch 1; +6 from batch 2)

$ ./scripts/run-tests.sh
[run-tests] static profile : ran (PASS)
[run-tests] fast profile   : ran (PASS)
[run-tests] e2e profile    : skipped (host)
[run-tests] exit code      : 0

E2E profile not exercised in this batch — same Risk 4 as batch 1 (requires docker compose -f e2e/docker-compose.suite-e2e.yml up -d plus parent-suite :test images). Per AZ-457 e2e companion, NFT-SEC-03 specifically requires Playwright's context.cookies() against the real admin/ service.

Next Batch

Remaining: 22 test-implementation tasks in _docs/02_tasks/todo/ (AZ-458, AZ-460..AZ-464, AZ-466..AZ-480, AZ-482). All carry Component: Blackbox Tests and Dependencies: AZ-456 (✓ done) — soft cross-deps:

• AZ-473 depends on AZ-472 (DetectionClasses fixtures)
• AZ-458 (SSE bearer rotation) consumes the auth helpers landed by AZ-457 (✓ now done)
• AZ-467 (ProtectedRoute spinner + RBAC) consumes the same helpers (✓)
• AZ-468 (Header dropdown — uses authed page) consumes the same helpers (✓)

Suggested next batch (4 tasks, ~10 pts): AZ-458 (SSE lifecycle, 5pts), AZ-467 (ProtectedRoute spinner + RBAC, 4pts), AZ-468 (Header flight dropdown, 2pts), and one small parallel — for example AZ-482 (secrets/banned-libs, 3pts) so the four tasks remain dependency-disjoint at the file level.

Recommendation: continue in a new conversation. Batch 2 added 12 new files and 6 new static checks; the next batch will load distinct task specs and SSE / RBAC subsystems.