jordan/stemedb
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
116bad1de3
stemedb/.agentive-remediation/latent-systemic-debt/history.md
jordan b3e8a9a058 feat: Multi-application expansion with chaos testing and community UI 
Major additions:
- Community Next.js app (port 18187) for browsing claims with API docs
- stemedb-chaos crate: Fault injection, chaos testing, CRDT properties
- Latent ingestion system: Reddit/FDA ingesters with ADK-Go agents
- Disputed claims handling: Manual review workflows and validation
- Aphoria security scanner: New extractors (SQL injection, command
  injection, weak crypto, TLS version), policy-based ignores, UAT reports
- Docker infrastructure: Dockerfile, docker-compose.yml for full stack
- VulnBank demo: Intentionally vulnerable multi-language test corpus

SDK & API enhancements:
- Source registry handlers for tracking data provenance
- Metrics endpoint
- Skeptic filtering improvements

Code quality:
- Split 14 large files (>500 lines) into focused modules
- All files now under 500-line limit per project guidelines

Documentation:
- Chaos testing guide, circuit breakers, observability docs
- Phase 7 UAT documentation updates
- Martin Kleppmann technical writer agent

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-02-04 01:24:14 -07:00

2.4 KiB
Raw Blame History

latent-systemic-debt

AUDIT (2026-02-04)

Issues Found

Category Count Priority Action
print() statements 142 LOW Intentional - CLI tools need user output
Hardcoded localhost 2 HIGH Fix - breaks in production
Broad exceptions 8 MEDIUM Acceptable for CLI error handling

Detailed Findings

HIGH - Hardcoded URLs (must fix):

  1. dashboard/app/page.tsx:13 - http://localhost:3000/data.json - NO env fallback
  2. ingest-reddit/macros/reddit-app-setup/main.py:25 - http://localhost:8080 - OAuth redirect

MEDIUM - Broad exceptions (acceptable):

  • 8 instances of except Exception as e: - all log the error, acceptable for CLI tools

LOW - print() statements (intentional):

  • 142 instances across CLI tools
  • Decision: These are user-facing CLI scripts, not libraries
  • print() is the correct pattern for CLI output
  • No remediation needed

FIX

2026-02-04 - Hardcoded URLs

  • dashboard/app/page.tsx:13 - Added LATENT_API_URL env var with localhost fallback
  • ingest-reddit/macros/reddit-app-setup/main.py:25 - Added REDDIT_REDIRECT_URI env var

Verification

$ grep -n "http://localhost" latent/**/*.py latent/**/*.tsx | grep -v "getenv\|process.env"
# Returns 0 results - PASS

ENFORCE

2026-02-04 - CLAUDE.md Rules

Added ## Latent Signal (latent/) section to CLAUDE.md:

  • Documented that print() is allowed for CLI tools
  • Documented that except Exception is acceptable for CLI error handling
  • Required: Environment variables for URLs (no hardcoded localhost)
  • Required: New ingestors use StemeDBClient pattern

COMPLETE

Summary

Issue Before After Action
Hardcoded localhost URLs 2 0 FIXED - Added env fallbacks
print() statements 142 142 INTENTIONAL - CLI tools
Broad exceptions 8 8 ACCEPTABLE - CLI error handling

Enforcement Added

  • CLAUDE.md ## Latent Signal (latent/) section with:
    • Explicit rules for what's allowed (print, broad exceptions)
    • Required patterns (env vars for URLs, StemeDBClient for new ingestors)

Files Changed

  1. latent/dashboard/app/page.tsx - Added LATENT_API_URL env var
  2. latent/ingest-reddit/macros/reddit-app-setup/main.py - Added REDDIT_REDIRECT_URI env var
  3. CLAUDE.md - Added latent/ section with enforcement rules