jordan/stemedb
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
476d8e19e4
stemedb/.agentive-remediation/latent-systemic-debt/history.md
jordan b3e8a9a058 feat: Multi-application expansion with chaos testing and community UI 
Major additions:
- Community Next.js app (port 18187) for browsing claims with API docs
- stemedb-chaos crate: Fault injection, chaos testing, CRDT properties
- Latent ingestion system: Reddit/FDA ingesters with ADK-Go agents
- Disputed claims handling: Manual review workflows and validation
- Aphoria security scanner: New extractors (SQL injection, command
  injection, weak crypto, TLS version), policy-based ignores, UAT reports
- Docker infrastructure: Dockerfile, docker-compose.yml for full stack
- VulnBank demo: Intentionally vulnerable multi-language test corpus

SDK & API enhancements:
- Source registry handlers for tracking data provenance
- Metrics endpoint
- Skeptic filtering improvements

Code quality:
- Split 14 large files (>500 lines) into focused modules
- All files now under 500-line limit per project guidelines

Documentation:
- Chaos testing guide, circuit breakers, observability docs
- Phase 7 UAT documentation updates
- Martin Kleppmann technical writer agent

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-02-04 01:24:14 -07:00

73 lines
2.4 KiB
Markdown
Raw Blame History

# latent-systemic-debt
## AUDIT (2026-02-04)
### Issues Found
| Category | Count | Priority | Action |
|----------|-------|----------|--------|
| print() statements | 142 | LOW | **Intentional** - CLI tools need user output |
| Hardcoded localhost | 2 | HIGH | Fix - breaks in production |
| Broad exceptions | 8 | MEDIUM | Acceptable for CLI error handling |
### Detailed Findings
**HIGH - Hardcoded URLs (must fix):**
1. `dashboard/app/page.tsx:13` - `http://localhost:3000/data.json` - NO env fallback
2. `ingest-reddit/macros/reddit-app-setup/main.py:25` - `http://localhost:8080` - OAuth redirect
**MEDIUM - Broad exceptions (acceptable):**
- 8 instances of `except Exception as e:` - all log the error, acceptable for CLI tools
**LOW - print() statements (intentional):**
- 142 instances across CLI tools
- Decision: These are user-facing CLI scripts, not libraries
- print() is the correct pattern for CLI output
- No remediation needed
## FIX
### 2026-02-04 - Hardcoded URLs
- [x] `dashboard/app/page.tsx:13` - Added `LATENT_API_URL` env var with localhost fallback
- [x] `ingest-reddit/macros/reddit-app-setup/main.py:25` - Added `REDDIT_REDIRECT_URI` env var
### Verification
```bash
$ grep -n "http://localhost" latent/**/*.py latent/**/*.tsx | grep -v "getenv\|process.env"
# Returns 0 results - PASS
```
## ENFORCE
### 2026-02-04 - CLAUDE.md Rules
Added `## Latent Signal (latent/)` section to CLAUDE.md:
- Documented that `print()` is allowed for CLI tools
- Documented that `except Exception` is acceptable for CLI error handling
- **Required:** Environment variables for URLs (no hardcoded localhost)
- **Required:** New ingestors use `StemeDBClient` pattern
## COMPLETE
### Summary
| Issue | Before | After | Action |
|-------|--------|-------|--------|
| Hardcoded localhost URLs | 2 | 0 | **FIXED** - Added env fallbacks |
| print() statements | 142 | 142 | **INTENTIONAL** - CLI tools |
| Broad exceptions | 8 | 8 | **ACCEPTABLE** - CLI error handling |
### Enforcement Added
- CLAUDE.md `## Latent Signal (latent/)` section with:
- Explicit rules for what's allowed (print, broad exceptions)
- Required patterns (env vars for URLs, StemeDBClient for new ingestors)
### Files Changed
1. `latent/dashboard/app/page.tsx` - Added `LATENT_API_URL` env var
2. `latent/ingest-reddit/macros/reddit-app-setup/main.py` - Added `REDDIT_REDIRECT_URI` env var
3. `CLAUDE.md` - Added latent/ section with enforcement rules
Reference in New Issue View Git Blame Copy Permalink