Skip to content

docs(DOC-003): record the July 2026 review waves in the audit register [stacked on #106]#107

Merged
DoRmAmMu1997 merged 3 commits into
chore/qual-007-mypy-testsfrom
docs/doc-003-audit-register-july
Jul 13, 2026
Merged

docs(DOC-003): record the July 2026 review waves in the audit register [stacked on #106]#107
DoRmAmMu1997 merged 3 commits into
chore/qual-007-mypy-testsfrom
docs/doc-003-audit-register-july

Conversation

@DoRmAmMu1997

Copy link
Copy Markdown
Owner

⚠️ Stacked PR — merge order matters

Base: chore/qual-007-mypy-tests (#106), which stacks on #105. Merge #105#106 → this in that order; GitHub retargets each PR as its base branch merges and is deleted. Stacked at the user's request so each diff shows only its own ticket.

Ticket scope (DOC-003 — the wave's closing record)

Goal: keep docs/architecture/audit-2026-06.md what AGENTS.md says it is — the single durable record future audits read before re-flagging anything. Without this section, the next reviewer would re-derive the July history from 20 PRs.

In scope — one appended "July 2026" section containing:

Out of scope (deliberate)

  • No rewriting of the June content — the register is append-only history; even its June-era wording about "deferred" items stays, with the July table providing the closure.
  • No new ADRs — decisions of record made this wave live in their own documents (REFACTOR-003 amendment, IPO-006 wrappers) and are linked from the PR trail.

This is ticket 10 of 10 — the second improvement wave is complete: TEST-007 #98, REF-003 #99, AI-006 #100, IPO-006 #101, TEST-006 #102, PERF-002 #103, DEPLOY-004 #104, QUAL-006 #105, QUAL-007 #106, DOC-003 #107.

Gates (docs-only diff, still run)

Gate Result
Full suite --cov-fail-under=87 1,386 passed, 1 skipped; coverage 88.13%
ruff / mypy (209 files) clean

Review

/code-review: Approve — every PR number, ticket mapping, and factual claim in the section was written from this wave's own verified reconciliation (not memory); the register's append-only convention and voice are preserved. /security-review: no findings (markdown-only; no secrets, no commands, no URLs beyond the repo's own PR links).

🤖 Generated with Claude Code

Appends the "July 2026" section to docs/architecture/audit-2026-06.md so
future audits read one durable history instead of re-deriving it:

- both waves indexed: #88-#97 (other session) and #98-#107 (this wave,
  one ticket per PR);
- findings verified FALSE this round (cpr_yearly float convention,
  cpr_yearly test coverage, technical-agent injection posture = locked
  TEST-003 decision);
- wave 1's considered-and-REJECTED list recorded so those ideas are not
  re-proposed (session-state registry, indicators decorator, sectors
  iterrows, DNS-rebinding on the fixed listing URLs, run_scan split);
- the June deferral table updated item by item: Agent SDK dedup landed in
  two steps with the per-agent remainder locked by ADR; pandas-stubs
  estimate corrected (June "hundreds" -> actual 22); the parquet sidecar
  idea superseded by footer statistics with the June measure-first
  objection honored and the advisory-index review hardening noted.

Stacked on QUAL-007 (#106) -> QUAL-006 (#105); merge those first.

Gates: 1,386 passed, coverage 88.13%; ruff clean; mypy clean (209 files).

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>

@DoRmAmMu1997 DoRmAmMu1997 left a comment

Copy link
Copy Markdown
Owner Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Self-review (posted as COMMENT — the bot runs as the PR author and cannot APPROVE). Verdict: Approve.

  1. Accuracy over recall — every PR number and ticket mapping came from this wave's own reconciliation and the PRs I raised, not from memory. Where wave-1 PR-to-ticket mapping was not individually verified (#90#92), the section says so by grouping them rather than asserting a specific mapping.
  2. Append-only convention respected — the June content is untouched, including its now-outdated "deferred" wording; the July table provides the closure without rewriting history, matching how the TEST-003 and REFACTOR-002 follow-ups were appended before.
  3. The correction entries are the highest-value lines — pandas-stubs "hundreds → 22" and the sidecar → footer-statistics supersession both exist to stop a future reviewer from repeating June's estimate or re-proposing the rejected format. The PERF-002 entry also records the post-review hardening (footer bounds as advisory index) so the register describes the PR as it will merge, not as first pushed.
  4. Rejected-ideas list is faithful — the five wave-1 rejections carry one-line rationales in register voice so they can be re-opened only with new evidence, per the register's "read this before re-flagging" contract.
  5. Docs-only diff — one file, +77 lines; full suite, ruff, and mypy (209 files) still run and clean; no verbatim-asserted doc strings live in this file (those are in operations.md).
  6. Stack position — base is #106; the banner spells out the #105#106#107 merge order and GitHub's auto-retargeting.

The second improvement wave is complete with this PR: 10 tickets, 10 PRs (#98#107).

@DoRmAmMu1997

Copy link
Copy Markdown
Owner Author

Codex review plan before fixes:

No application behavior or product scope will change.

@DoRmAmMu1997 DoRmAmMu1997 left a comment

Copy link
Copy Markdown
Owner Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Codex review found one inline documentation-accuracy issue; the architecture-index issue is recorded in the top-level plan because that file is not in this PR diff.

Comment thread docs/architecture/audit-2026-06.md Outdated
DoRmAmMu1997 and others added 2 commits July 13, 2026 08:38
Reconcile the July audit register with the reviewed final PR heads, record the
enforced QUAL-007 debt policy, and update the architecture index to describe
the durable June-July register through PR #107.

Co-authored-by: Hemant <hemantdhamija@gmail.com>
Co-authored-by: Codex <codex@openai.com>
@DoRmAmMu1997

Copy link
Copy Markdown
Owner Author

Codex review follow-up complete for DOC-003.

What I fixed:

Verification on the final composed #105 -> #106 -> #107 tree:

  • 1517 passed, 1 skipped; coverage 89.31% (floor 87%)
  • mypy: Success: no issues found in 221 source files
  • compileall, Ruff, Bandit, pinned pip-audit, pre-commit validation/hooks, and git diff --check: passed
  • Docker is not installed on this workstation; the hosted Docker image check is the authoritative container result

The diff-scoped docs security review found no reportable issues.

@DoRmAmMu1997
DoRmAmMu1997 merged commit 077c03e into chore/qual-007-mypy-tests Jul 13, 2026
3 checks passed
@DoRmAmMu1997
DoRmAmMu1997 deleted the docs/doc-003-audit-register-july branch July 13, 2026 04:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant