Audit completed #9
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This commit brings all project documentation up to date. - `ACTIVITY.md`, `CURRENT_STATE.md`, and `AUDIT-PHASE-4.md` have been updated with the full history and current status of the `snitch` and API fixes. - The documentation within the `snitch` module (`README.md`, `docs/ARCHITECTURE.md`, `docs/INSTALLATION.md`, `docs/MODULES.md`) has been completely overhauled to reflect the new, simplified single-file architecture and build process.
This commit fixes a bug where the API server would fail to start if not run from the repository root. The paths to `logging_framework.yml` were hardcoded as `api/logging_framework.yml`, which caused a `FileNotFoundError` when the server was started from within the `api/` directory (as the `start.sh` script does). This change corrects the paths to be relative (`logging_framework.yml`), allowing the server to start correctly.
This commit fixes a `FileNotFoundError` that occurred when running the API server locally. 1. `api/logging_framework.yml`: The hardcoded absolute path (`/app/api/logs/debug.log`), which was only valid in a specific Docker environment, has been changed to a relative path (`logs/debug.log`). 2. `scripts/start.sh`: The startup script has been updated to create the `api/logs` directory, ensuring the relative path for the log file is valid on startup.
This commit refactors the logging framework initialization to make the log file path configurable via an environment variable, removing hardcoded paths. - `api/logging_framework.yml`: The `path` key has been removed from the file sink definition. - `api/src/zotify_api/main.py`: The application now reads the `LOG_FILE_PATH` environment variable (defaulting to `logs/debug.log`) and dynamically injects it into the logging configuration at runtime. This makes the logging system more flexible and robust to different environments, per user feedback.
This commit refactors the logging framework initialization to more robustly handle configurable log paths, following user feedback on design principles. - `api/logging_framework.yml`: The `path` key has been removed from the default file sink definition. - `api/src/zotify_api/main.py`: The application now injects a default log path (from the `LOG_FILE_PATH` environment variable) *only* if a file sink is defined without an explicit `path`. This preserves the flexibility to define multiple file sinks with their own hardcoded paths if desired.
This commit implements a more robust and flexible way of handling security-related log messages, based on user feedback. - `api/logging_framework.yml`: The trigger mechanism has been changed from a specific event name to a generic `security` tag. This allows any log event with this tag to be routed to the `security_log`. - `api/src/zotify_api/routes/auth.py`: The error handling for Spotify token exchange failures has been updated to use `log_event` and apply the `security` tag. This decouples the logging of the event from its routing.
This commit delivers the final, correct implementation of the Flexible Logging Framework, incorporating user feedback on security, flexibility, and design principles.
Key features and fixes:
- **Tag-Based Routing:** The framework now supports routing logs to specific sinks based on tags (e.g., a 'security' tag). The service and schemas have been updated to support this more flexible design.
- **Configurable File Paths:** Log file paths are now fully configurable via environment variables with sensible defaults (e.g., `${DEBUG_LOG_PATH:-logs/debug.log}`). The YAML loader now expands these variables at runtime.
- **Security Redaction:** A `SensitiveDataFilter` is now conditionally applied in production environments (`APP_ENV=production`) to redact sensitive tokens and codes from all log messages, preventing data leakage. Both the Python API and the `snitch` helper app have been updated.
- **Structured Security Events:** The Spotify authentication callback now uses `log_event` to generate a structured, tagged security event on failure.
This commit reverts the logging framework's file path configuration to be purely YAML-based, per user feedback. - The logic for expanding environment variables in `main.py` has been removed. - The paths for file sinks in `logging_framework.yml` are now defined as hardcoded relative paths. This simplifies the configuration and removes the need for environment variables to define log locations.
This is a major documentation overhaul to bring all project and module-level documentation into alignment with the final, implemented state of the `snitch` application and the Flexible Logging Framework. This commit updates the following documents to reflect new features like tag-based routing, security redaction, and simplified application architecture: - High-Level Design (HLD) - Low-Level Design (LLD) - Project Initiation Document (PID) - Traceability Matrix - All `snitch` module documentation - The `LOGGING_GUIDE.md`
This commit fixes a server startup crash caused by an incorrect Pydantic validator. The `@root_validator` is deprecated in Pydantic v2 and was being used incorrectly. This has been replaced with the new, recommended `@model_validator(mode='before')` to ensure compatibility and correct behavior.
This commit adds a `log_event` call to the Spotify callback handler to log successful authentication events. This ensures that the `security.log` contains a complete audit trail of both successful and failed login attempts, per user feedback.
This commit adds a `log_event` call to the Spotify callback handler to log successful authentication events. This ensures that the `security.log` contains a complete audit trail of both successful and failed login attempts, per user feedback.
This commit fixes a bug where successful authentication events were being logged twice to the security log. The original `log_event` call for successful logins did not specify primary destinations, causing it to be broadcast to all sinks by default, in addition to being routed by the tag-based trigger. This has been fixed by specifying the default destinations in the `log_event` call, preventing the broadcast and removing the duplicate log entry.
This commit adds a new section to the `LOGGING_GUIDE.md` to explicitly explain the concept of custom tag-based routing. It provides a clear, step-by-step example of how a developer can invent a new tag and how an administrator can configure a new sink and trigger in the YAML to create a custom log stream. This addresses user feedback that the flexibility of the tagging system was not clear.
This commit secures the current state of the project by updating the main log files. - `ACTIVITY.md` has been updated with a comprehensive entry (`ACT-034`) detailing the resolution of the `snitch` regression and the subsequent hardening of the logging framework. - `AUDIT-PHASE-4.md` has been updated with a final report summarizing the work of the entire session.
This commit secures the current state of the project by updating the main log files. - `ACTIVITY.md` has been updated with a comprehensive entry (`ACT-034`) detailing the resolution of the `snitch` regression and the subsequent hardening of the logging framework. - `AUDIT-PHASE-4.md` has been updated with a final report summarizing the work of the entire session.
This commit secures the current state of the project by updating the main log files. - `ACTIVITY.md` has been updated with a comprehensive entry (`ACT-034`) detailing the resolution of the `snitch` regression and the subsequent hardening of the logging framework. - `AUDIT-PHASE-4.md` has been updated with a final report summarizing the work of the entire session.
This commit introduces a new feature proposal and integrates it into the project's documentation. - A new document, `project/DYNAMIC_PLUGIN_PROPOSAL.md`, has been created to formally propose a dynamic plugin system for the Flexible Logging Framework. - The `PROJECT_REGISTRY`, `FUTURE_ENHANCEMENTS`, `TRACEABILITY_MATRIX`, `PID`, `HLD`, and `LLD` have all been updated to reference and trace this new proposal.
This commit updates the `DYNAMIC_PLUGIN_PROPOSAL.md` to include a critical 'Security Considerations' section, based on user feedback. The new section outlines the risks of a dynamic plugin system and proposes a multi-layered mitigation strategy, including administrator warnings, safe loading practices, and a future plan for cryptographic signing of plugins.
This commit introduces a new feature proposal for a dynamic plugin architecture and integrates it deeply into the project's high-level documentation. - **New Proposal:** Adds `project/DYNAMIC_PLUGIN_PROPOSAL.md` to outline a system for extensible logging sinks using `entry_points`. - **Security:** The proposal includes a 'Security Considerations' section to address the risks of such a system. - **Architectural Vision:** The proposal and the HLD/LLD have been updated to position this plugin system as the long-term successor to the current Provider Abstraction Layer. - **Traceability:** The `PROJECT_REGISTRY`, `FUTURE_ENHANCEMENTS`, `TRACEABILITY_MATRIX`, and `PID` have all been updated to trace this new strategic feature.
This commit represents a major documentation effort to capture the new strategic vision for a plugin-based architecture and other future enhancements. - **New Proposal:** Adds `project/DYNAMIC_PLUGIN_PROPOSAL.md` to formally propose a dynamic plugin system for the API, including security considerations. - **Architectural Vision:** The proposal, `HLD.md`, and `LLD.md` have been updated to position the plugin system as the long-term successor to the current Provider Abstraction Layer. - **Future Enhancements:** The `FUTURE_ENHANCEMENTS.md` document has been updated to include the plugin system and a new vision for Low-Code/No-Code platform integration (e.g., Node-RED). - **Traceability:** The `PROJECT_REGISTRY`, `TRACEABILITY_MATRIX`, and `PID` have all been updated to trace this new strategic work.
This commit adds two new formal proposals and integrates them, along with the dynamic plugin proposal, into all high-level project documentation. - **New Proposals:** Adds `LOW_CODE_PROPOSAL.md` and `HOME_AUTOMATION_PROPOSAL.md` to outline the strategic vision for platform integration. - **Architectural Vision:** The plugin proposal was updated to be the designated successor to the Provider Abstraction Layer. - **Traceability:** All proposals have been fully integrated and traced in the `PROJECT_REGISTRY`, `FUTURE_ENHANCEMENTS`, `TRACEABILITY_MATRIX`, `PID`, `HLD`, and `LLD`. - **Final Logs:** `ACTIVITY.md` and `AUDIT-PHASE-4.md` have been updated to provide a final summary of the session's work.
This is the final, comprehensive documentation commit for the session. It resolves all outstanding tasks, captures the final strategic vision for the platform, and brings all documentation into alignment. This commit includes: - **Bug Fixes & Hardening:** All code changes to fix the `snitch` regression and harden the Flexible Logging Framework (security redaction, tag-based routing, etc.) are included. - **New Proposals:** Creation of three new formal proposals: `DYNAMIC_PLUGIN_PROPOSAL.md`, `LOW_CODE_PROPOSAL.md`, and `HOME_AUTOMATION_PROPOSAL.md`. - **Comprehensive Documentation Integration:** Updates to all high-level project documents (`PID`, `HLD`, `LLD`, `PROJECT_REGISTRY`, `TRACEABILITY_MATRIX`, `FUTURE_ENHANCEMENTS`) to trace and incorporate the new proposals and architectural vision. - **Final Log Updates:** Updates to `ACTIVITY.md` and `AUDIT-PHASE-4.md` to provide a complete summary of the session's work.
This commit represents a major overhaul of all key project, API, and module documentation to bring it up to a higher standard of clarity, detail, and accuracy. - The root `README.md` has been rewritten to be a more professional and informative entry point. - Core project documents (`PID`, `HLD`, `LLD`, `SECURITY.md`, etc.) have been updated to reflect the final implemented architecture and future strategic vision. - Key developer and user manuals (`LOGGING_GUIDE.md`, `DEVELOPER_GUIDE.md`, `snitch` docs) have been rewritten or updated to be more detailed, example-driven, and accurate.
This commit represents a final, comprehensive overhaul of all key project, API, and module documentation to bring it up to a high standard of clarity, detail, and accuracy, per user request. This single commit updates the following documents: - `README.md` - All core project planning documents in `project/` (`PID`, `HLD`, `LLD`, `SECURITY.md`, `ROADMAP.md`, etc.) - All key user, developer, and operator manuals in `api/docs/manuals/` - All key `snitch` documentation in `snitch/` and `snitch/docs/` This completes the documentation quality upgrade task.
This commit represents a final, comprehensive overhaul of all key project, API, and module documentation to bring it up to a high standard of clarity, detail, and accuracy, per user request. This single commit updates the following documents: - The root `README.md` - All major core project planning documents in `project/` (`PID`, `HLD`, `LLD`, `SECURITY.md`, `ROADMAP.md`, `BACKLOG.md`, etc.) - The new proposal documents (`DYNAMIC_PLUGIN_PROPOSAL.md`, etc.) and their integration into the project. - All key user, developer, and operator manuals in `api/docs/manuals/` (`DEVELOPER_GUIDE.md`, `OPERATOR_MANUAL.md`, `USER_MANUAL.md`) - All key `snitch` documentation in `snitch/` and `snitch/docs/`
This is the final, comprehensive documentation commit for the session. It completes the full documentation quality upgrade and adds two new strategic proposals. - **Documentation Overhaul:** All key documents across the `project/`, `api/docs/`, and `snitch/docs/` directories have been rewritten or updated to a higher standard of quality, clarity, and detail. - **New Proposals:** Adds `LOW_CODE_PROPOSAL.md` and `HOME_AUTOMATION_PROPOSAL.md` to outline the strategic vision for platform integration. - **Traceability:** All new proposals have been fully integrated into the project's high-level documentation (`PID`, `HLD`, `LLD`, `PROJECT_REGISTRY`, etc.).
This commit addresses several usability issues in the gonk-testUI to make it more effective for testing the Zotify API. The following changes were made: 1. **Global Admin API Key:** A global, editable input field for the `X-Api-Key` has been added to the header. It is pre-seeded with a default development key from the backend. The per-endpoint API key fields have been removed. 2. **Login Button Fixed:** The Spotify login button is now always enabled, as logging in is not an admin action. The button's state (Login/Logout) still correctly depends on the auth status, which requires the admin key. 3. **API Response Repositioned:** The UI has been refactored to display the API response for an endpoint directly underneath the form that was submitted, instead of in a single static container at the bottom of the page. This makes it much easier to correlate requests and responses.
This commit addresses several usability issues in the gonk-testUI and fixes a bug in the login flow to make it more effective for testing the Zotify API. The following changes were made: 1. **Global Admin API Key:** A global, editable input field for the `X-Api-Key` has been added to the header. It is pre-seeded with a default development key from the backend. The per-endpoint API key fields have been removed. 2. **Login Button Fixed:** The Spotify login button is now always enabled, as logging in is not an admin action. The button's state (Login/Logout) still correctly depends on the auth status, which requires the admin key. 3. **API Response Repositioned:** The UI has been refactored to display the API response for an endpoint directly underneath the form that was submitted, instead of in a single static container at the bottom of the page. 4. **Login Endpoint Corrected:** The login button now correctly points to the `/api/auth/spotify/login` endpoint, fixing a 404 error.
This commit addresses several issues in the gonk-testUI and fixes a critical timezone bug in the API's authentication status check. The following changes were made: 1. **Global Admin API Key:** A global, editable input field for the `X-Api-Key` has been added to the header. It is pre-seeded with a default development key from the backend. The per-endpoint API key fields have been removed. 2. **Login Button Fixed:** The Spotify login button is now always enabled, as logging in is not an admin action. The button's state (Login/Logout) still correctly depends on the auth status, which requires the admin key. 3. **API Response Repositioned:** The UI has been refactored to display the API response for an endpoint directly underneath the form that was submitted, instead of in a single static container at the bottom of the page. 4. **Login Endpoint Corrected:** The login button now correctly points to the `/api/auth/spotify/login` endpoint, fixing a 404 error. 5. **API Timezone Bug Fixed:** Corrected a `TypeError` in the `/api/auth/status` endpoint by ensuring the `expires_at` column in the `SpotifyToken` database model stores timezone information. Added new unit tests to cover this case and prevent future regressions.
Mark the "Gap Analysis Framework (Template + Skeleton)" item as Done, as the required template was created in a previous task.
This commit resolves all items in the temporary `LOOSE_ENDS_BACKLOG.md` and then deletes the file. - Updates the Snitch project plan with new security milestones. - Rewrites the main project Roadmap for clarity and accuracy. - Fleshes out the Privacy Compliance documentation and adds cross-links. - Deletes the temporary backlog file now that all items are closed. Additionally, this commit refines the project's documentation process to prevent future errors. It clarifies the distinction between project-level and API-level documentation in AGENTS.md and updates the `lint-docs.py` script to enforce this new standard.
Creates a new traceability matrix in TRACEABILITY_MATRIX.md to map the strategic roadmap to the operational execution plan. This new matrix makes any drift between the two documents immediately obvious by explicitly mapping roadmap themes to execution plan phases and flagging any gaps or unmapped items. This resolves the drift identified between the two documents.
Aligns the strategic ROADMAP.md with the operational EXECUTION_PLAN.md, using the TRACEABILITY_MATRIX.md as the authoritative bridge. - Adds missing execution phases (Admin, Release Readiness) as themes to the roadmap. - Adds missing roadmap deliverables (Extensibility, Plugins) as tasks to the execution plan. - Updates the traceability matrix to reflect the new 1:1 alignment, resolving all gaps. - Updates the audit log to mark the reconciliation as complete.
This commit performs two corrective actions: 1. Updates ROADMAP.md to mark Phase 5 as complete, following the successful closure of the LOOSE_ENDS_BACKLOG.md task. 2. Corrects the project logs by adding a missing entry for the traceability matrix alignment task and removing a duplicate entry.
Adds the missing log file updates for the documentation alignment task. This corrects the previous incomplete commit.
This commit makes final corrections to project documentation and tooling. - Updates ROADMAP.md to mark Phase 5 as complete. - Fixes a bug in the `scripts/log-work.py` that prevented it from updating all three trinity log files. - Corrects the log files by removing a duplicate entry and running the fixed script to generate the correct state.
This commit addresses several process and tooling issues. - Fixes a bug in `scripts/log-work.py` that prevented it from updating `CURRENT_STATE.md` and `SESSION_LOG.md`. - Adds a unit test to verify the logging framework's ability to create log directories. - Corrects the project logs by removing duplicate entries and generating the missing ones. - Updates `ROADMAP.md` to mark Phase 5 as complete.
Moves the `endpoints.yaml` file from `api/docs/` to `project/api/` to better reflect its project-wide scope. All references to the file in the documentation have been updated accordingly.
Creates a new living `ALIGNMENT_MATRIX.md` file to serve as the authoritative mapping between design, code, and documentation. Adds a new rule to the `doc-lint-rules.yml` to enforce that this matrix is updated whenever relevant source code or scripts are changed. This locks the new matrix into the project's "living documentation" workflow.
Fleshes out the new `ALIGNMENT_MATRIX.md` with accurate, up-to-date data, mapping HLD, LLD, code, and documentation for all major components. Enforces maintenance of the matrix by adding a new rule to `doc-lint-rules.yml`. This ensures the matrix remains a living document.
Key changes include: - Added a new 'Audit Ref' column to the matrix for traceability. - Populated the matrix with granular details, linking audit requirements to specific sections in the HLD and LLD. - Inserted markdown anchors into HIGH_LEVEL_DESIGN.md and LOW_LEVEL_DESIGN.md to enable direct linking. - Corrected an outdated path in the 'doc-lint-rules.yml' to ensure the linter correctly references the alignment matrix. This provides a robust, traceable link between audit requirements and the design documentation.
Following a detailed user review, the previous matrix was found to be incomplete. This new version is the result of a systematic, ground-up analysis of the entire project. Key activities performed: - A full file-system audit of the `api`, `snitch`, `gonk-testUI`, and `scripts` modules was conducted to list all code components. - The HLD, LLD, and Audit Traceability Matrix were reviewed to extract all documented features and architectural layers. - A new, comprehensive matrix was constructed that maps every identified component to its corresponding design, code, and documentation artifacts. - A new, sequential `AR-XXX` audit reference was created for each item to ensure clear traceability. The resulting `ALIGNMENT_MATRIX.md` provides a complete, gap-free, and verifiable view of the entire project, fulfilling the user's requirement for an exhaustive traceability artifact.
… streamline the pre-submission verification process. Key changes: - A new script, `scripts/linter.sh`, has been created to act as a single entrypoint for all verification checks. - This script conditionally runs `pytest` only when source code files (`.py`, `.go`) have been changed. - It conditionally runs `mkdocs build` only when documentation files under `api/docs/` have been changed. - The documentation cross-reference linter (`lint-docs.py`) is always run to ensure code-doc alignment. - The `AGENTS.md` file has been updated to instruct agents to use this new unified script. This change optimizes the verification workflow by avoiding unnecessary checks, saving time and compute resources.
…single, unified, and intelligent Python script. Key changes: - A new script, `scripts/linter.py`, has been created to act as a single entrypoint for all verification checks. - The logic from the old `lint-docs.py` has been moved into this new script. - The new script conditionally runs `pytest` for code changes and `mkdocs build` for documentation changes, optimizing the verification process. - The old `lint-docs.py` and `run_lint.sh` scripts have been deleted. - The `AGENTS.md` file has been updated to instruct agents to use this new unified script. This change fully unifies the linting and verification logic into a single Python script, as per the user's request, making the process more efficient and easier to maintain.
…-linter` job was attempting to run `lint-docs.py`, a script that was deleted in a previous refactoring. The CI configuration in `.github/workflows/ci.yml` has been updated to call the new unified linter script, `scripts/linter.py`. This aligns the CI process with the current state of the project's tooling.
The `doc-linter` CI job was failing with a `ModuleNotFoundError` because the new unified linter script (`scripts/linter.py`) has a dependency on the `PyYAML` package, which was not installed in the CI environment. This commit adds a step to the `doc-linter` job in the `ci.yml` workflow to explicitly install `PyYAML` before the linter is run. This also corrects the project log files, which were corrupted by a previous, failed attempt to log this change.
This commit addresses two issues: 1. **Fix CI `doc-linter` job:** The CI was failing with a `ModuleNotFoundError` because the new unified `scripts/linter.py` script requires the `PyYAML` package. This change adds a step to the `doc-linter` job in `.github/workflows/ci.yml` to install this dependency. 2. **Restore Corrupted Log Files:** During a previous attempt to fix a logging issue, the `project/logs/SESSION_LOG.md` file was accidentally truncated, losing most of its history. This change includes the restored version of this file, preserving the project's history. The `project/logs/ACTIVITY.md` file was also corrected to remove a duplicate entry.
This commit completes the audit of the project by addressing all outstanding CI, documentation, and technical debt items. The linter script has been improved with a `--run-all` flag to facilitate full-repo scans in any environment. All documentation build warnings have been resolved. The `EXECUTION_PLAN.md` and `BACKLOG.md` have been audited and updated to accurately reflect the project's status. The `AUDIT_TRACEABILITY_MATRIX.md` has also been updated. The `tracks_service.py` has been refactored to use the SQLAlchemy ORM, eliminating a significant piece of technical debt. This included adding full CRUD functionality to the `crud.py` layer and updating the `Track` model and all related tests. All work has been logged according to the project's established procedures. The test suite is now fully passing, and the project is in a stable state.
This commit completes the comprehensive Phase 5 audit, addressing critical technical debt, aligning documentation with the codebase, and streamlining developer tooling.
The key changes include:
1. **ORM Refactoring:** The `tracks_service.py` has been fully refactored to use the SQLAlchemy ORM via the `crud` layer, completely removing raw SQL queries. This resolves a major violation of the project's High-Level Design. All 15 associated unit and integration tests have been updated to work with the new database session mocking.
2. **Tooling Consolidation:** The `log-work.py` script has been merged into the `linter.py` script. The new unified `linter.py` now handles both linting and logging activities (via a `--log` flag), providing a single, streamlined tool for developers. The old script has been deleted.
3. **Documentation Alignment:**
- Updated `HLD_LLD_ALIGNMENT_PLAN.md` to reflect the completion of the ORM refactoring.
- Updated `TRACEABILITY_MATRIX.md` with new entries (SYS-08, SYS-09) to formally track the ORM refactoring and tooling consolidation.
- Created the final `AUDIT-PHASE-5.md` report (AUDIT-011) to summarize all work performed during this phase.
4. **CI/CD Environment Fix:** Resolved issues with the local test environment by installing missing dependencies and ensuring the `api/storage` directory exists, enabling the full test suite (201 passed) to be run successfully.
This commit performs a major refactoring of the project's governance and traceability documentation to create a single source of truth and enforce compliance.
Key changes include:
1. **Consolidated Alignment Matrix:** Merged the `TRACEABILITY_MATRIX.md` into `ALIGNMENT_MATRIX.md`. The new matrix is the single source of truth for all traceability, from high-level roadmap themes to specific use cases and system requirements. The old traceability matrix has been archived.
2. **QA Governance Policy:** Created a new `project/QA_GOVERNANCE.md` file. This document centralizes all QA policies, including the "Root Cause & Design Alignment Policy," which mandates that all code changes must be reflected in the alignment matrix.
3. **Linter Enforcement:** Enhanced the `scripts/linter.py` script and its configuration (`doc-lint-rules.yml`) to automatically enforce the new governance policy. The linter now fails if source code is changed without a corresponding update to `ALIGNMENT_MATRIX.md`.
4. **Tooling & Documentation Updates:**
- Re-consolidated the `log-work.py` script into `linter.py`, creating a single, unified tool for developers.
- Updated `AGENTS.md` to reference the new `QA_GOVERNANCE.md`.
This commit addresses the final piece of feedback, correcting the Phase 5 section in `project/audit/HLD_LLD_ALIGNMENT_PLAN.md` to accurately reflect the completion of the active maintenance tasks.
This commit concludes the multi-phase project audit and performs a major refactoring of the project's governance and traceability documentation to create a single source of truth and enforce compliance.
Key changes include:
1. **Consolidated Alignment Matrix:** Merged `TRACEABILITY_MATRIX.md` into `ALIGNMENT_MATRIX.md`, which is now the single source of truth for all project traceability.
2. **QA Governance Policy:** Created `project/QA_GOVERNANCE.md` to centralize all QA policies, including the "Root Cause & Design Alignment Policy."
3. **Linter Enforcement & Tooling Consolidation:**
- Re-consolidated the `log-work.py` script into `linter.py`, creating a single, unified tool for developers.
- Updated `doc-lint-rules.yml` to reflect the new tooling and enforce the alignment matrix policy.
4. **Final Audit Report:** Created the `project/reports/PROJECT_AUDIT_FINAL_REPORT.md` and updated it with a summary of the Phase 5 work and governance refactoring.
5. **Documentation Updates:**
- Updated `HANDOVER_BRIEF.md`, `HIGH_LEVEL_DESIGN.md`, and `EXECUTION_PLAN.md` to reflect the completion of the audit.
- Updated `AGENTS.md` to reference the new governance document and the unified linter command.
6. **Archiving:** Archived the now-obsolete `TRACEABILITY_MATRIX.md` and the entire `project/audit` directory to signify the conclusion of the audit phase.
This commit addresses a critical bug in the unified linter and enhances its capabilities. - Fixes a bug where the linter's rule processor would fail on rules with `source_paths` but no `required_docs`. - Implements the `forbidden_docs` check to prevent modifications to locked files as defined in `doc-lint-rules.yml`. - Adds an explicit `black --check .` step to the linter's execution to ensure strict formatting compliance, in addition to the existing `ruff` checks. - Updates `project/QA_GOVERNANCE.md` to document the new linter capabilities and the policy for `black` compliance. Linter logic correct; `forbidden_docs` verified manually due to environment constraints that prevented a full 'green' CI run with the `--run-all` flag.
Adds a new verification report that analyzes the enforcement capabilities of the `scripts/linter.py` script. The report details which QA and documentation policies are fully enforced, partially enforced, or missing from the current linter configuration. This was generated as the deliverable for the verification audit task.
Patrick010
force-pushed
the
audit-completed
branch
from
066e080 to
fbb4e28
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.