From 960ab6729a5a9ff3a09908da84eb05544b7188d8 Mon Sep 17 00:00:00 2001 From: Claude Date: Fri, 17 Jul 2026 09:06:58 +0000 Subject: [PATCH] docs: record completed PWA setup review in branch review ledger Close out the interrupted PWA setup review at main e5caaa46: the PWA surface is unchanged since the reviewed codex/pwa-privacy-safe-20260717 merge, the privacy contract is sound, and no P0-P2 findings remain. Two P3 items (no committed retirement worker; offline.html revalidation depends on a manual CACHE_VERSION bump) and minor P4 observations are recorded together with the checks run. Co-Authored-By: Claude Fable 5 Claude-Session: https://claude.ai/code/session_01EXsJcLrbZUXwnBeG91cVo9 --- docs/branch-review-ledger.md | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/branch-review-ledger.md b/docs/branch-review-ledger.md index 9fb17c89c..406c1a593 100644 --- a/docs/branch-review-ledger.md +++ b/docs/branch-review-ledger.md @@ -568,3 +568,4 @@ Use this ledger to prevent repeated branch and PR reviews when the reviewed HEAD | 2026-07-17 | codex/pwa-privacy-safe-20260717 | 35fa8c929d44a9bd84b3f7f2b795354d3b6dae02 | privacy-safe PWA shell and merge-readiness review | No remaining high-confidence product defect in the changed scope. The pre-push browser gate found and fixed one P2 test defect: cleanup referenced `PWA_CACHE_PREFIX` without passing it into the browser context, and the cold installability flow now has a focused 120-second budget. The worker caches only the generic offline page and allow-listed public shell assets; navigations, APIs, auth, queries, documents, uploads, signed URLs, range requests, and cross-origin traffic remain network-only. | Current-main integration; focused Vitest 81/81; full uncached ESLint; TypeScript; scoped Prettier and diff checks; production Webpack build generated 1,043 pages and the client-bundle secret scan passed; full Vitest produced 2,506 passes plus six contention timeouts, with all affected files passing 24/24 serially; focused Chromium PWA 2/2. No Supabase/OpenAI/live-provider checks run. | | 2026-07-17 | codex/historical-branch-cleanup-20260717 | e36ac0c6628264c7ed6c494a597a62d0214b68f6 | branch-cleanup and historical-content recovery | Completed the pending historical cleanup: deleted 55 exact-SHA remote refs and 20 redundant local refs, removed nine clean merged worktrees, preserved every dirty, active, open-PR, or patch-unique worktree, and recovered the still-useful governance incident runbook from `codex/domain-1-governance-remediation`. Historical code changes were either tied to merged PRs or reviewed as superseded by current implementations; open PRs #699, #700, #702, and #704 remain protected. | Fresh `git fetch --prune`; GitHub PR inventory and exact commit-to-merged-PR associations; exact remote SHA rechecks before deletion; cherry-pick-aware logs; two-dot tree and branch-only-file review; Codex task-to-worktree cross-check; focused documentation validation recorded in the cleanup PR. No OpenAI, Supabase, production-data, or live clinical workflow was run. | | 2026-07-17 | PR #704 / codex/scroll-geometry-stability-20260717 | 35e74ddbd61bacc5b34f06efbd58091f092665fd | nested scroll-source review follow-up | Confirmed the outside-diff CodeRabbit finding: the standalone shell shared one intent history across main and descendant scroll containers, so a switch from a deep main offset to a near-zero nested offset could falsely reveal chrome. Scroll metrics now identify their source, source changes rebase direction and travel while preserving visibility, and unit/UI regressions cover the switch. No unresolved actionable review finding remains. | Focused Vitest 9/9; TypeScript; scoped ESLint; Prettier; `git diff --check`. Exact-head hosted CI and UI remain required after push. No Supabase/OpenAI/live-provider checks run. | +| 2026-07-17 | main (origin/main) | e5caaa46cad5fb9a937f1dc43312723799b98abb | PWA setup review (service worker, offline fallback, lifecycle, manifest, headers/CSP, proxy bypass, test + CI wiring) | Completed the interrupted PWA setup review at current `main`. The PWA surface (`public/sw.js`, `public/offline.html`, `src/components/pwa-lifecycle.tsx`, `src/app/manifest.ts`, `docs/pwa.md`, all four PWA test files) is byte-identical to the already-reviewed `codex/pwa-privacy-safe-20260717` merge (35fa8c9); the only post-review deltas (#705) touch `next.config.ts` dist-dir guards, `playwright.config.ts`, and `vitest.config.mts` without changing PWA behavior. Privacy contract confirmed sound: network-only navigations with offline fallback, cache-first restricted to hashed `/_next/static` with MIME/destination validation, credentials omitted, cross-origin/query/auth/no-store/Set-Cookie requests blocked, bounded versioned caches, no auto-skipWaiting. No P0-P2 findings. P3: `docs/pwa.md` rule 6 requires an explicit retirement/kill-switch worker but none is committed. P3: `offline.html` is precached at install and never revalidated, so editing it without bumping `CACHE_VERSION` in `sw.js` strands installed clients; suggest a Vitest guard binding the `offline.html` content hash to `CACHE_VERSION`. Minor (documented): `?pwa-dev=1` registration persists until manual unregister. P4: optional manifest polish (`launch_handler`, `display_override`); `next.config.ts`/`src/lib/security-headers.ts` diffs do not set `ui_changed`, so served-header e2e assertions rely on the static guard in `tests/pwa-manifest.test.ts` (deliberate per the scope self-test). Housekeeping: the stale local `codex/pwa-optimization` checkout with uncommitted precursor files exists only on the owner machine and was left untouched. | Focused Vitest via `npm run test -- tests/pwa-service-worker.test.ts tests/pwa-manifest.test.ts tests/pwa-lifecycle.dom.test.tsx`: 45 passed (38 node + 7 jsdom) after `npm install` restored the lockfile-pinned `jsdom` missing from this container. Config inspection: `playwright.config.ts` testMatch and production pattern include `ui-pwa.spec.ts`; `ci.yml` `ui-critical` runs `npm run test:e2e:pr` (chromium, grep-invert quarantine/mockup) gated by `ui_changed`, whose patterns cover `public/`, `src/app`, `src/components`, and `tests/ui-*.spec.ts`; Vitest projects include `tests/**/*.test.ts` plus `tests/**/*.dom.test.tsx`, so the PWA unit tests run inside `npm run test` and `verify:cheap`. `git diff f7c4e293e..e5caaa4` over the PWA paths showed no changes. `tests/ui-pwa.spec.ts` confirmed to assert the CacheStorage inventory privacy contract with API/Supabase/OpenAI routes blocked. Not run: local Playwright PWA e2e (browser gate separate; covered in the CI PR gate) and provider-backed checks (confirmation-required). |