feat: scaffold React + Vite + TypeScript + Tailwind project#799
Merged
feat: scaffold React + Vite + TypeScript + Tailwind project#799
Conversation
Replace the Vue 3 + PrimeVue web dashboard with a fresh React 19 + shadcn/ui project scaffold. This is Phase 1.1 of the v0.5.0 dashboard rebuild (#762) -- pure tooling setup with no components or pages. Stack: React 19.2, Vite 8, TypeScript 5.9 (strict), Tailwind CSS 4.2, shadcn/ui (Radix Nova), Zustand 5, React Router 7, @tanstack/react-query 5, Framer Motion 12, @xyflow/react 12, Recharts 2, cmdk 1, Axios. Testing: Vitest 4 + @testing-library/react + fast-check. Linting: ESLint 10 + @eslint-react/eslint-plugin 3 + eslint-plugin-security. All CI commands preserved: npm run lint, type-check, test, build. Docker build pipeline unchanged (npm ci + npm run build -> dist/). Closes #768 Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Fix stale "Vue web UI" labels in GitHub issue templates and CLAUDE.md project layout description. Pre-reviewed by 2 agents, 2 findings addressed. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
|
No actionable comments were generated in the recent review. 🎉 ℹ️ Recent review info⚙️ Run configurationConfiguration used: Repository UI Review profile: ASSERTIVE Plan: Pro Run ID: 📒 Files selected for processing (3)
📜 Recent review details⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (3)
🧰 Additional context used📓 Path-based instructions (2).github/workflows/**/*.yml📄 CodeRabbit inference engine (CLAUDE.md)
Files:
.github/workflows/dependency-review.yml📄 CodeRabbit inference engine (CLAUDE.md)
Files:
🧠 Learnings (38)📓 Common learnings📚 Learning: 2026-03-23T06:50:44.559ZApplied to files:
📚 Learning: 2026-03-15T21:32:02.880ZApplied to files:
📚 Learning: 2026-03-23T06:50:44.559ZApplied to files:
📚 Learning: 2026-03-23T06:50:44.559ZApplied to files:
📚 Learning: 2026-03-15T21:32:02.880ZApplied to files:
📚 Learning: 2026-03-15T21:32:02.880ZApplied to files:
📚 Learning: 2026-03-19T11:19:40.044ZApplied to files:
📚 Learning: 2026-03-15T21:32:02.880ZApplied to files:
📚 Learning: 2026-03-15T18:17:43.675ZApplied to files:
📚 Learning: 2026-03-23T06:50:44.559ZApplied to files:
📚 Learning: 2026-03-19T11:19:40.044ZApplied to files:
📚 Learning: 2026-03-23T06:50:44.559ZApplied to files:
📚 Learning: 2026-03-23T06:50:44.559ZApplied to files:
📚 Learning: 2026-03-16T19:52:03.656ZApplied to files:
📚 Learning: 2026-03-23T06:50:44.558ZApplied to files:
📚 Learning: 2026-03-14T15:43:05.601ZApplied to files:
📚 Learning: 2026-03-15T18:17:43.675ZApplied to files:
📚 Learning: 2026-03-23T06:50:44.559ZApplied to files:
📚 Learning: 2026-03-23T06:50:44.559ZApplied to files:
📚 Learning: 2026-03-23T06:50:44.558ZApplied to files:
📚 Learning: 2026-03-23T06:50:44.558ZApplied to files:
📚 Learning: 2026-03-23T06:50:44.559ZApplied to files:
📚 Learning: 2026-03-23T06:50:44.559ZApplied to files:
📚 Learning: 2026-03-23T06:50:44.558ZApplied to files:
📚 Learning: 2026-03-23T06:50:44.558ZApplied to files:
📚 Learning: 2026-03-15T21:20:09.993ZApplied to files:
📚 Learning: 2026-03-20T08:28:32.845ZApplied to files:
📚 Learning: 2026-03-23T06:50:44.558ZApplied to files:
📚 Learning: 2026-03-23T06:50:44.558ZApplied to files:
📚 Learning: 2026-03-23T06:50:44.558ZApplied to files:
📚 Learning: 2026-03-23T06:50:44.558ZApplied to files:
📚 Learning: 2026-03-23T06:50:44.559ZApplied to files:
📚 Learning: 2026-03-15T21:49:53.264ZApplied to files:
📚 Learning: 2026-03-23T06:50:44.559ZApplied to files:
📚 Learning: 2026-03-23T06:50:44.559ZApplied to files:
📚 Learning: 2026-03-15T18:17:43.675ZApplied to files:
📚 Learning: 2026-03-15T18:17:43.675ZApplied to files:
🪛 LanguageTool.claude/skills/pre-pr-review/SKILL.md[uncategorized] ~138-~138: The official name of this software platform is spelled with a capital “H”. (GITHUB) 🔇 Additional comments (9)
WalkthroughThe pull request converts the web dashboard from Vue 3 + PrimeVue to a React 19 + shadcn/ui scaffold. It replaces Vue-specific source files, components, and tests with React counterparts (new App.tsx, tests, shadcn config), updates build/type-check scripts, ESLint config, package.json dependencies/devDependencies, index.html mount/id and env typings, Docker/commentary, documentation, and CI/workflow comments. Numerous web API client, endpoints, types, components, and test files were removed; small React test/util files and shadcn settings were added. Suggested labels
|
|
Review the following changes in direct dependencies. Learn more about Socket for GitHub.
|
Contributor
Dependency ReviewThe following issues were found:
|
There was a problem hiding this comment.
Actionable comments posted: 2
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In `@web/eslint.config.js`:
- Around line 1-36: Enable the React Hooks linting by adding the
eslint-plugin-react-hooks plugin and its rules to the tseslint.config(...) call
in eslint.config.js: include 'react-hooks' in the plugins object and add
'react-hooks/rules-of-hooks': 'error' and 'react-hooks/exhaustive-deps': 'warn'
(or desired severities) to the rules set that currently contains
'react-refresh/only-export-components' and 'security/detect-object-injection';
also add eslint-plugin-react-hooks as a devDependency in web/package.json so the
plugin is installed.
In `@web/package.json`:
- Around line 43-45: The package.json entry for the TypeScript ambient types is
mismatched with the documented Node runtime: change the dependency "@types/node"
from "^25" to "^22" (update the string value in package.json) so compilation
targets Node 22 APIs; alternatively, if you intend to keep "@types/node": "^25",
add or update an "engines": { "node": ">=25" } field and adjust docs accordingly
— locate the "@types/node" dependency in package.json to make the change and
ensure package-lock/yarn.lock is regenerated by reinstalling.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Repository UI
Review profile: ASSERTIVE
Plan: Pro
Run ID: 80418609-54ec-4cc6-a2ba-ed8d93efb687
⛔ Files ignored due to path filters (1)
web/package-lock.jsonis excluded by!**/package-lock.json
📒 Files selected for processing (229)
.github/ISSUE_TEMPLATE/bug_report.yml.github/ISSUE_TEMPLATE/feature_request.ymlCLAUDE.mddocker/web/Dockerfiledocs/architecture/decisions.mddocs/architecture/tech-stack.mddocs/design/operations.mddocs/getting_started.mddocs/reference/research.mddocs/user_guide.mdweb/.env.exampleweb/components.jsonweb/env.d.tsweb/eslint.config.jsweb/index.htmlweb/package.jsonweb/security-headers.confweb/src/App.tsxweb/src/App.vueweb/src/__tests__/App.test.tsxweb/src/__tests__/__mocks__/primevue.tsweb/src/__tests__/api/client.property.test.tsweb/src/__tests__/api/client.test.tsweb/src/__tests__/api/settings.test.tsweb/src/__tests__/components/ActiveTasksSummary.test.tsweb/src/__tests__/components/AgentCard.test.tsweb/src/__tests__/components/AgentMetrics.test.tsweb/src/__tests__/components/AgentSpendingTable.test.tsweb/src/__tests__/components/ApprovalActions.test.tsweb/src/__tests__/components/ApprovalCard.test.tsweb/src/__tests__/components/ApprovalDetail.test.tsweb/src/__tests__/components/BudgetConfigDisplay.test.tsweb/src/__tests__/components/ChannelSelector.test.tsweb/src/__tests__/components/ConnectionLostBanner.test.tsweb/src/__tests__/components/ConnectionStatus.test.tsweb/src/__tests__/components/EmptyState.test.tsweb/src/__tests__/components/MessageItem.test.tsweb/src/__tests__/components/MessageList.test.tsweb/src/__tests__/components/MetricCard.test.tsweb/src/__tests__/components/OrgNode.test.tsweb/src/__tests__/components/PageHeader.test.tsweb/src/__tests__/components/RecentApprovals.test.tsweb/src/__tests__/components/SetupProvider.test.tsweb/src/__tests__/components/SpendingChart.test.tsweb/src/__tests__/components/SpendingSummary.test.tsweb/src/__tests__/components/StatusBadge.test.tsweb/src/__tests__/components/SystemStatus.test.tsweb/src/__tests__/components/TaskCard.test.tsweb/src/__tests__/components/TaskCreateDialog.test.tsweb/src/__tests__/components/TaskDetailPanel.test.tsweb/src/__tests__/components/TaskFilters.test.tsweb/src/__tests__/components/TaskListView.test.tsweb/src/__tests__/components/providers/ProviderCard.test.tsweb/src/__tests__/components/providers/ProviderFormDialog.test.tsweb/src/__tests__/components/providers/ProviderTestButton.test.tsweb/src/__tests__/components/settings/SettingField.test.tsweb/src/__tests__/components/settings/SettingGroupRenderer.test.tsweb/src/__tests__/components/settings/SettingRestartBadge.test.tsweb/src/__tests__/components/settings/SettingSourceBadge.test.tsweb/src/__tests__/composables/useAuth.test.tsweb/src/__tests__/composables/useLoginLockout.test.tsweb/src/__tests__/composables/useOptimisticUpdate.test.tsweb/src/__tests__/composables/usePolling.test.tsweb/src/__tests__/composables/useWebSocketSubscription.test.tsweb/src/__tests__/router/guards.test.tsweb/src/__tests__/stores/agents.test.tsweb/src/__tests__/stores/approvals.test.tsweb/src/__tests__/stores/auth.test.tsweb/src/__tests__/stores/budget.test.tsweb/src/__tests__/stores/meetings.test.tsweb/src/__tests__/stores/messages.test.tsweb/src/__tests__/stores/providers.test.tsweb/src/__tests__/stores/settings.property.test.tsweb/src/__tests__/stores/settings.test.tsweb/src/__tests__/stores/setup.test.tsweb/src/__tests__/stores/tasks.test.tsweb/src/__tests__/stores/websocket.test.tsweb/src/__tests__/utils/constants.property.test.tsweb/src/__tests__/utils/constants.test.tsweb/src/__tests__/utils/errors.property.test.tsweb/src/__tests__/utils/errors.test.tsweb/src/__tests__/utils/format.property.test.tsweb/src/__tests__/utils/format.test.tsweb/src/__tests__/utils/sanitizeForLog.property.test.tsweb/src/__tests__/utils/sanitizeForLog.test.tsweb/src/__tests__/views/AgentDetailPage.test.tsweb/src/__tests__/views/AgentProfilesPage.test.tsweb/src/__tests__/views/ApprovalQueuePage.test.tsweb/src/__tests__/views/ArtifactBrowserPage.test.tsweb/src/__tests__/views/BudgetPanelPage.test.tsweb/src/__tests__/views/DashboardPage.test.tsweb/src/__tests__/views/LoginPage.test.tsweb/src/__tests__/views/MeetingLogsPage.store-integration.test.tsweb/src/__tests__/views/MessageFeedPage.test.tsweb/src/__tests__/views/OrgChartPage.test.tsweb/src/__tests__/views/SettingsPage.dynamic.test.tsweb/src/__tests__/views/SettingsPage.test.tsweb/src/__tests__/views/SetupPage.test.tsweb/src/__tests__/views/TaskBoardPage.test.tsweb/src/api/client.tsweb/src/api/endpoints/agents.tsweb/src/api/endpoints/analytics.tsweb/src/api/endpoints/approvals.tsweb/src/api/endpoints/auth.tsweb/src/api/endpoints/budget.tsweb/src/api/endpoints/collaboration.tsweb/src/api/endpoints/company.tsweb/src/api/endpoints/health.tsweb/src/api/endpoints/meetings.tsweb/src/api/endpoints/messages.tsweb/src/api/endpoints/providers.tsweb/src/api/endpoints/settings.tsweb/src/api/endpoints/setup.tsweb/src/api/endpoints/tasks.tsweb/src/api/types.tsweb/src/components/agents/AgentCard.vueweb/src/components/agents/AgentMetrics.vueweb/src/components/approvals/ApprovalActions.vueweb/src/components/approvals/ApprovalCard.vueweb/src/components/approvals/ApprovalDetail.vueweb/src/components/budget/AgentSpendingTable.vueweb/src/components/budget/BudgetConfigDisplay.vueweb/src/components/budget/SpendingChart.vueweb/src/components/common/AdvancedBanner.vueweb/src/components/common/AdvancedWarningDialog.vueweb/src/components/common/ChipArrayInput.vueweb/src/components/common/CodeEditor.vueweb/src/components/common/ConnectionLostBanner.vueweb/src/components/common/EditModeToggle.vueweb/src/components/common/EmptyState.vueweb/src/components/common/ErrorBoundary.vueweb/src/components/common/FloatingSaveButton.vueweb/src/components/common/LoadingSkeleton.vueweb/src/components/common/NameLocaleSelector.vueweb/src/components/common/PageHeader.vueweb/src/components/common/StatusBadge.vueweb/src/components/company/CompanyAgentCard.vueweb/src/components/company/CompanyAgentFormDialog.vueweb/src/components/company/CompanyDepartmentCard.vueweb/src/components/company/CompanyDepartmentFormDialog.vueweb/src/components/company/CompanyGeneralForm.vueweb/src/components/dashboard/ActiveTasksSummary.vueweb/src/components/dashboard/MetricCard.vueweb/src/components/dashboard/RecentApprovals.vueweb/src/components/dashboard/SpendingSummary.vueweb/src/components/dashboard/SystemStatus.vueweb/src/components/layout/AppShell.vueweb/src/components/layout/ConnectionStatus.vueweb/src/components/layout/Sidebar.vueweb/src/components/layout/Topbar.vueweb/src/components/messages/ChannelSelector.vueweb/src/components/messages/MessageItem.vueweb/src/components/messages/MessageList.vueweb/src/components/org-chart/OrgNode.vueweb/src/components/providers/ProviderCard.vueweb/src/components/providers/ProviderFormDialog.vueweb/src/components/providers/ProviderTestButton.vueweb/src/components/settings/SettingField.vueweb/src/components/settings/SettingGroupRenderer.vueweb/src/components/settings/SettingRestartBadge.vueweb/src/components/settings/SettingSourceBadge.vueweb/src/components/settings/SettingsCodeView.vueweb/src/components/settings/SettingsNameLocales.vueweb/src/components/setup/SetupAdmin.vueweb/src/components/setup/SetupCompany.vueweb/src/components/setup/SetupComplete.vueweb/src/components/setup/SetupNameLocale.vueweb/src/components/setup/SetupProvider.vueweb/src/components/setup/SetupReviewOrg.vueweb/src/components/setup/SetupWelcome.vueweb/src/components/tasks/KanbanBoard.vueweb/src/components/tasks/KanbanColumn.vueweb/src/components/tasks/TaskCard.vueweb/src/components/tasks/TaskCreateDialog.vueweb/src/components/tasks/TaskDetailPanel.vueweb/src/components/tasks/TaskFilters.vueweb/src/components/tasks/TaskListView.vueweb/src/components/ui/button.tsxweb/src/composables/useAuth.tsweb/src/composables/useEditMode.tsweb/src/composables/useLoginLockout.tsweb/src/composables/useOptimisticUpdate.tsweb/src/composables/usePolling.tsweb/src/composables/useWebSocketSubscription.tsweb/src/lib/utils.tsweb/src/main.tsweb/src/main.tsxweb/src/primevue-preset.tsweb/src/router/guards.tsweb/src/router/index.tsweb/src/stores/agents.tsweb/src/stores/analytics.tsweb/src/stores/approvals.tsweb/src/stores/auth.tsweb/src/stores/budget.tsweb/src/stores/company.tsweb/src/stores/meetings.tsweb/src/stores/messages.tsweb/src/stores/providers.tsweb/src/stores/settings.tsweb/src/stores/setup.tsweb/src/stores/tasks.tsweb/src/stores/websocket.tsweb/src/styles/global.cssweb/src/styles/theme.tsweb/src/test-setup.tsweb/src/utils/constants.tsweb/src/utils/errors.tsweb/src/utils/format.tsweb/src/utils/logging.tsweb/src/views/AgentDetailPage.vueweb/src/views/AgentProfilesPage.vueweb/src/views/ApprovalQueuePage.vueweb/src/views/ArtifactBrowserPage.vueweb/src/views/BudgetPanelPage.vueweb/src/views/CompanyPage.vueweb/src/views/DashboardPage.vueweb/src/views/LoginPage.vueweb/src/views/MeetingLogsPage.vueweb/src/views/MessageFeedPage.vueweb/src/views/OrgChartPage.vueweb/src/views/ProvidersPage.vueweb/src/views/SettingsPage.vueweb/src/views/SetupPage.vueweb/src/views/TaskBoardPage.vueweb/tsconfig.app.jsonweb/tsconfig.jsonweb/vite.config.tsweb/vitest.config.ts
💤 Files with no reviewable changes (150)
- web/.env.example
- web/env.d.ts
- web/src/tests/components/PageHeader.test.ts
- web/src/App.vue
- web/src/tests/components/AgentCard.test.ts
- web/src/tests/components/AgentMetrics.test.ts
- web/src/tests/components/ApprovalCard.test.ts
- web/src/tests/components/ApprovalDetail.test.ts
- web/src/tests/components/BudgetConfigDisplay.test.ts
- web/src/tests/components/ChannelSelector.test.ts
- web/src/tests/components/EmptyState.test.ts
- web/src/tests/components/MessageItem.test.ts
- web/src/tests/components/OrgNode.test.ts
- web/src/tests/components/providers/ProviderCard.test.ts
- web/src/tests/components/providers/ProviderFormDialog.test.ts
- web/src/tests/components/providers/ProviderTestButton.test.ts
- web/src/tests/components/settings/SettingRestartBadge.test.ts
- web/src/tests/components/settings/SettingSourceBadge.test.ts
- web/src/tests/composables/useOptimisticUpdate.test.ts
- web/src/tests/utils/format.test.ts
- web/src/tests/utils/sanitizeForLog.test.ts
- web/src/tests/views/ArtifactBrowserPage.test.ts
- web/src/tests/views/MeetingLogsPage.store-integration.test.ts
- web/src/tests/views/SettingsPage.test.ts
- web/src/tests/views/TaskBoardPage.test.ts
- web/src/api/endpoints/analytics.ts
- web/src/components/approvals/ApprovalCard.vue
- web/src/components/budget/AgentSpendingTable.vue
- web/src/components/budget/BudgetConfigDisplay.vue
- web/src/api/endpoints/budget.ts
- web/src/tests/views/BudgetPanelPage.test.ts
- web/src/api/endpoints/health.ts
- web/src/components/common/AdvancedBanner.vue
- web/src/tests/utils/constants.property.test.ts
- web/src/components/common/ConnectionLostBanner.vue
- web/src/tests/views/LoginPage.test.ts
- web/src/components/settings/SettingRestartBadge.vue
- web/src/tests/utils/sanitizeForLog.property.test.ts
- web/src/components/layout/Sidebar.vue
- web/src/tests/views/MessageFeedPage.test.ts
- web/src/components/settings/SettingSourceBadge.vue
- web/src/components/common/FloatingSaveButton.vue
- web/src/tests/mocks/primevue.ts
- web/src/tests/api/client.property.test.ts
- web/src/tests/api/settings.test.ts
- web/src/tests/components/AgentSpendingTable.test.ts
- web/src/tests/components/ConnectionLostBanner.test.ts
- web/src/tests/components/MessageList.test.ts
- web/src/tests/components/SpendingSummary.test.ts
- web/src/tests/components/StatusBadge.test.ts
- web/src/tests/components/SystemStatus.test.ts
- web/src/tests/components/TaskCard.test.ts
- web/src/tests/components/TaskCreateDialog.test.ts
- web/src/tests/components/TaskFilters.test.ts
- web/src/tests/components/settings/SettingGroupRenderer.test.ts
- web/src/tests/composables/useAuth.test.ts
- web/src/tests/composables/useLoginLockout.test.ts
- web/src/tests/stores/agents.test.ts
- web/src/tests/stores/approvals.test.ts
- web/src/tests/stores/messages.test.ts
- web/src/tests/stores/providers.test.ts
- web/src/tests/stores/websocket.test.ts
- web/src/tests/utils/constants.test.ts
- web/src/tests/utils/errors.property.test.ts
- web/src/tests/utils/errors.test.ts
- web/src/tests/views/AgentDetailPage.test.ts
- web/src/tests/views/AgentProfilesPage.test.ts
- web/src/components/common/LoadingSkeleton.vue
- web/src/tests/stores/settings.test.ts
- web/src/tests/views/OrgChartPage.test.ts
- web/src/tests/views/SettingsPage.dynamic.test.ts
- web/src/api/endpoints/providers.ts
- web/src/tests/views/SetupPage.test.ts
- web/src/api/endpoints/messages.ts
- web/src/api/endpoints/settings.ts
- web/src/components/agents/AgentCard.vue
- web/src/components/company/CompanyAgentFormDialog.vue
- web/src/components/common/PageHeader.vue
- web/src/components/dashboard/SpendingSummary.vue
- web/src/components/dashboard/RecentApprovals.vue
- web/src/components/layout/ConnectionStatus.vue
- web/src/components/dashboard/ActiveTasksSummary.vue
- web/src/components/messages/MessageList.vue
- web/src/components/setup/SetupNameLocale.vue
- web/src/components/common/EditModeToggle.vue
- web/src/tests/components/settings/SettingField.test.ts
- web/src/api/endpoints/tasks.ts
- web/src/api/endpoints/company.ts
- web/src/components/approvals/ApprovalActions.vue
- web/src/components/common/EmptyState.vue
- web/src/tests/stores/settings.property.test.ts
- web/src/tests/components/ConnectionStatus.test.ts
- web/src/components/common/ChipArrayInput.vue
- web/src/tests/components/MetricCard.test.ts
- web/src/components/layout/AppShell.vue
- web/src/components/dashboard/MetricCard.vue
- web/src/api/endpoints/agents.ts
- web/src/components/dashboard/SystemStatus.vue
- web/src/components/org-chart/OrgNode.vue
- web/src/components/setup/SetupCompany.vue
- web/src/components/providers/ProviderFormDialog.vue
- web/src/components/providers/ProviderTestButton.vue
- web/src/components/layout/Topbar.vue
- web/src/tests/components/TaskListView.test.ts
- web/src/components/messages/ChannelSelector.vue
- web/src/components/settings/SettingsNameLocales.vue
- web/src/components/company/CompanyAgentCard.vue
- web/src/components/setup/SetupAdmin.vue
- web/src/components/common/StatusBadge.vue
- web/src/tests/components/RecentApprovals.test.ts
- web/src/components/company/CompanyGeneralForm.vue
- web/src/tests/views/ApprovalQueuePage.test.ts
- web/src/components/agents/AgentMetrics.vue
- web/src/components/common/AdvancedWarningDialog.vue
- web/src/components/budget/SpendingChart.vue
- web/src/tests/components/ApprovalActions.test.ts
- web/src/tests/stores/setup.test.ts
- web/src/tests/stores/tasks.test.ts
- web/src/api/endpoints/approvals.ts
- web/src/api/endpoints/auth.ts
- web/src/api/endpoints/collaboration.ts
- web/src/components/company/CompanyDepartmentCard.vue
- web/src/tests/router/guards.test.ts
- web/src/tests/components/SpendingChart.test.ts
- web/src/tests/components/ActiveTasksSummary.test.ts
- web/src/api/client.ts
- web/src/components/approvals/ApprovalDetail.vue
- web/src/components/providers/ProviderCard.vue
- web/src/components/common/ErrorBoundary.vue
- web/src/components/messages/MessageItem.vue
- web/src/tests/composables/useWebSocketSubscription.test.ts
- web/src/api/endpoints/setup.ts
- web/src/components/common/NameLocaleSelector.vue
- web/src/components/company/CompanyDepartmentFormDialog.vue
- web/src/api/endpoints/meetings.ts
- web/src/components/settings/SettingGroupRenderer.vue
- web/src/tests/components/SetupProvider.test.ts
- web/src/tests/stores/budget.test.ts
- web/src/tests/components/TaskDetailPanel.test.ts
- web/src/tests/api/client.test.ts
- web/src/tests/stores/meetings.test.ts
- web/src/components/settings/SettingsCodeView.vue
- web/src/tests/views/DashboardPage.test.ts
- web/src/tests/utils/format.property.test.ts
- web/src/components/setup/SetupComplete.vue
- web/src/components/common/CodeEditor.vue
- web/src/tests/composables/usePolling.test.ts
- web/src/tests/stores/auth.test.ts
- web/src/api/types.ts
- web/src/components/settings/SettingField.vue
📜 Review details
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (4)
- GitHub Check: Build Backend
- GitHub Check: Build Sandbox
- GitHub Check: Build Web
- GitHub Check: Analyze (python)
🧰 Additional context used
📓 Path-based instructions (6)
docker/**
📄 CodeRabbit inference engine (CLAUDE.md)
docker/**: All Docker images indocker/usecontext: .(single root.dockerignore) and build from repo root
Backend image: Chainguard distroless, non-root; web image: nginx-unprivileged, SPA + API proxy; sandbox image: Python + Node.js, non-root
Docker image tags: version frompyproject.toml, semver, SHA, plus dev tags (v0.4.7-dev.3,devrolling) for dev channel builds
Files:
docker/web/Dockerfile
docs/**
📄 CodeRabbit inference engine (CLAUDE.md)
Run
uv run zensical buildto build docs (output:_site/docs/);uv run zensical servefor local preview
Files:
docs/reference/research.mddocs/architecture/tech-stack.mddocs/getting_started.mddocs/user_guide.mddocs/design/operations.mddocs/architecture/decisions.md
docs/**/*.md
📄 CodeRabbit inference engine (CLAUDE.md)
Use Markdown for documentation in
docs/directory, built with Zensical (config:mkdocs.yml)
Files:
docs/reference/research.mddocs/architecture/tech-stack.mddocs/getting_started.mddocs/user_guide.mddocs/design/operations.mddocs/architecture/decisions.md
web/**
📄 CodeRabbit inference engine (CLAUDE.md)
web/**: Runnpm --prefix web run devto start dashboard dev server at http://localhost:5173 with devtools + console forwarding enabled
Runnpm --prefix web run buildfor production dashboard build with devtools disabled
Files:
web/index.htmlweb/security-headers.confweb/src/App.tsxweb/src/__tests__/App.test.tsxweb/eslint.config.jsweb/components.jsonweb/package.json
docs/design/**/*.md
📄 CodeRabbit inference engine (CLAUDE.md)
Design spec in
docs/design/(7 pages); use for all architecture, data models, and behavior decisions. Reference with format:docs/design/<page>
Files:
docs/design/operations.md
web/package.json
📄 CodeRabbit inference engine (CLAUDE.md)
Node.js 20+ required for web dashboard; dependencies in
web/package.json(Vue 3, vue-router, PrimeVue, Tailwind CSS, Pinia, VueFlow, ECharts, vue-echarts, Axios, vue-draggable-plus, CodeMirror 6 (vue-codemirror), js-yaml, Vitest,@vitest/coverage-v8, fast-check, ESLint, eslint-plugin-security, vue-tsc,@vitejs/devtools)
Files:
web/package.json
🧠 Learnings (55)
📓 Common learnings
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.558Z
Learning: Applies to web/src/**/*.vue : Use Vue 3 + PrimeVue + Tailwind CSS in the web dashboard; components organized by feature in `web/src/components/`
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T18:17:43.675Z
Learning: Applies to web/** : Web dashboard: Node.js 20+, dependencies in web/package.json (Vue 3, PrimeVue, Tailwind CSS, Pinia, VueFlow, ECharts, Axios, vue-draggable-plus, Vitest, fast-check, ESLint, vue-tsc).
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.559Z
Learning: Applies to web/package.json : Node.js 20+ required for web dashboard; dependencies in `web/package.json` (Vue 3, vue-router, PrimeVue, Tailwind CSS, Pinia, VueFlow, ECharts, vue-echarts, Axios, vue-draggable-plus, CodeMirror 6 (vue-codemirror), js-yaml, Vitest, vitest/coverage-v8, fast-check, ESLint, eslint-plugin-security, vue-tsc, vitejs/devtools)
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-14T15:43:05.601Z
Learning: Applies to web/package.json : Web dashboard Node.js 20+; dependencies in web/package.json (Vue 3, PrimeVue, Tailwind CSS, Pinia, VueFlow, ECharts, Axios, vue-draggable-plus, Vitest, ESLint, vue-tsc)
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T18:17:43.675Z
Learning: Applies to docker/{Dockerfile*,compose.yml} : Docker: Backend uses 3-stage build (builder → setup → distroless runtime), Chainguard Python, non-root (UID 65532), CIS-hardened. Web uses nginxinc/nginx-unprivileged, Vue 3 SPA with PrimeVue + Tailwind CSS, SPA routing, API/WebSocket proxy to backend.
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.558Z
Learning: Applies to web/src/**/*.{ts,js,vue} : Run `npm --prefix web run type-check` for vue-tsc type checking on dashboard code
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.558Z
Learning: Applies to web/src/__tests__/**/*.{test,spec}.{ts,js} : Use Vitest for unit testing Vue components and utilities; test files in `web/src/__tests__/` with coverage scoped to files changed vs origin/main
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-20T08:28:32.845Z
Learning: Applies to web/src/__tests__/**/*.{ts,js} : Dashboard testing: Vitest unit tests organized by feature under `web/src/__tests__/`. Use fast-check for property-based testing (`fc.assert` + `fc.property`).
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.558Z
Learning: Applies to web/src/**/*.{ts,js,vue} : Run `npm --prefix web run lint` for ESLint checks on dashboard code
📚 Learning: 2026-03-19T07:12:14.508Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-19T07:12:14.508Z
Learning: Applies to src/synthorg/**/*.py : Package structure: src/synthorg/ organized as: api/ (REST+WebSocket, Litestar), auth/ (auth subpackage), backup/ (scheduled/manual backups), budget/ (cost tracking, CFO), cli/ (superseded by Go CLI), communication/ (message bus, meetings), config/ (YAML loading), core/ (domain models, resilience config), engine/ (orchestration, task state, coordination, approval gates, stagnation detection, context budget, compaction), hr/ (hiring, performance, promotion), memory/ (pluggable backend, Mem0, retrieval, consolidation), persistence/ (operational data, SQLite, settings), observability/ (logging, correlation, sinks), providers/ (LLM abstraction, LiteLLM, auth types, presets, runtime CRUD), settings/ (runtime-editable, typed definitions, encryption, config bridge), security/ (SecOps, rule engine, output scanning, progressive trust, autonomy levels), templates/ (company templates, personalities), tools/ (registry, built-in tools, git, sandbox, code_runner, MCP...
Applied to files:
.github/ISSUE_TEMPLATE/bug_report.ymldocs/reference/research.mddocs/architecture/tech-stack.mddocs/user_guide.md.github/ISSUE_TEMPLATE/feature_request.ymlCLAUDE.md
📚 Learning: 2026-03-15T18:17:43.675Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T18:17:43.675Z
Learning: Applies to docker/{Dockerfile*,compose.yml} : Docker: Backend uses 3-stage build (builder → setup → distroless runtime), Chainguard Python, non-root (UID 65532), CIS-hardened. Web uses nginxinc/nginx-unprivileged, Vue 3 SPA with PrimeVue + Tailwind CSS, SPA routing, API/WebSocket proxy to backend.
Applied to files:
docker/web/Dockerfiledocs/reference/research.mddocs/architecture/tech-stack.mddocs/getting_started.mddocs/user_guide.mddocs/design/operations.mdCLAUDE.mdweb/package.json
📚 Learning: 2026-03-19T11:33:01.580Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-19T11:33:01.580Z
Learning: Applies to docker/Dockerfile.web : `nginxinc/nginx-unprivileged` base with non-root user (UID 101), Vue 3 SPA (PrimeVue + Tailwind CSS), SPA routing, API/WebSocket proxy to backend
Applied to files:
docker/web/Dockerfiledocs/user_guide.mddocs/design/operations.md
📚 Learning: 2026-03-19T07:12:14.508Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-19T07:12:14.508Z
Learning: Applies to docker/Dockerfile : Docker: 3-stage build (builder → setup → distroless runtime) for backend, Chainguard Python, non-root (UID 65532), CIS-hardened
Applied to files:
docker/web/Dockerfiledocs/user_guide.md
📚 Learning: 2026-03-15T18:17:43.675Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T18:17:43.675Z
Learning: Dependabot: auto-updates Docker image digests and versions daily.
Applied to files:
docker/web/Dockerfile
📚 Learning: 2026-03-23T06:50:44.559Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.559Z
Learning: Applies to docker/** : Backend image: Chainguard distroless, non-root; web image: nginx-unprivileged, SPA + API proxy; sandbox image: Python + Node.js, non-root
Applied to files:
docker/web/Dockerfiledocs/architecture/tech-stack.mddocs/user_guide.md
📚 Learning: 2026-03-15T21:32:02.880Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T21:32:02.880Z
Learning: Applies to .github/workflows/docker.yml : Docker workflow: builds backend + web + sandbox images, pushes to GHCR, signs with cosign. SLSA L3 provenance attestations via actions/attest-build-provenance. Scans: Trivy (CRITICAL = hard fail, HIGH = warn) + Grype (critical cutoff) + CIS Docker Benchmark v1.6.0 compliance (informational). CVE triage via .github/.trivyignore.yaml and .github/.grype.yaml. Images only pushed after scans pass. Triggers on push to main and version tags (v*).
Applied to files:
docker/web/Dockerfiledocs/user_guide.md
📚 Learning: 2026-03-19T07:12:14.508Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-19T07:12:14.508Z
Learning: Applies to docker/Dockerfile.sandbox : Docker sandbox: `synthorg-sandbox` — Python 3.14 + Node.js + git, non-root (UID 10001), agent code execution sandbox
Applied to files:
docker/web/Dockerfiledocs/user_guide.md
📚 Learning: 2026-03-15T18:17:43.675Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T18:17:43.675Z
Learning: Applies to web/** : Web dashboard: Node.js 20+, dependencies in web/package.json (Vue 3, PrimeVue, Tailwind CSS, Pinia, VueFlow, ECharts, Axios, vue-draggable-plus, Vitest, fast-check, ESLint, vue-tsc).
Applied to files:
docker/web/Dockerfiledocs/reference/research.mdweb/index.htmlweb/src/App.tsxdocs/architecture/tech-stack.mddocs/getting_started.mddocs/user_guide.mddocs/design/operations.mdCLAUDE.mdweb/eslint.config.jsweb/components.jsonweb/package.json
📚 Learning: 2026-03-23T06:50:44.559Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.559Z
Learning: Applies to web/** : Run `npm --prefix web run build` for production dashboard build with devtools disabled
Applied to files:
docker/web/Dockerfiledocs/getting_started.mdCLAUDE.md
📚 Learning: 2026-03-23T06:50:44.559Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.559Z
Learning: Applies to web/package.json : Node.js 20+ required for web dashboard; dependencies in `web/package.json` (Vue 3, vue-router, PrimeVue, Tailwind CSS, Pinia, VueFlow, ECharts, vue-echarts, Axios, vue-draggable-plus, CodeMirror 6 (vue-codemirror), js-yaml, Vitest, vitest/coverage-v8, fast-check, ESLint, eslint-plugin-security, vue-tsc, vitejs/devtools)
Applied to files:
docker/web/Dockerfiledocs/reference/research.mddocs/architecture/tech-stack.mddocs/getting_started.mddocs/user_guide.mddocs/design/operations.mdCLAUDE.mdweb/eslint.config.jsweb/components.jsonweb/package.json
📚 Learning: 2026-03-23T06:50:44.559Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.559Z
Learning: Applies to .github/workflows/docker.yml : Docker workflow (`docker.yml`): build + Trivy/Grype scan + push to GHCR + cosign sign + SLSA L3 provenance. CVE triage: `.github/.trivyignore.yaml`, `.github/.grype.yaml`
Applied to files:
docker/web/Dockerfile
📚 Learning: 2026-03-14T15:43:05.601Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-14T15:43:05.601Z
Learning: Applies to web/package.json : Web dashboard Node.js 20+; dependencies in web/package.json (Vue 3, PrimeVue, Tailwind CSS, Pinia, VueFlow, ECharts, Axios, vue-draggable-plus, Vitest, ESLint, vue-tsc)
Applied to files:
docs/reference/research.mddocs/architecture/tech-stack.mddocs/getting_started.mddocs/user_guide.mddocs/design/operations.mdCLAUDE.mdweb/eslint.config.jsweb/components.jsonweb/package.json
📚 Learning: 2026-03-23T06:50:44.558Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.558Z
Learning: Applies to web/src/**/*.vue : Use Vue 3 + PrimeVue + Tailwind CSS in the web dashboard; components organized by feature in `web/src/components/`
Applied to files:
docs/reference/research.mdweb/src/App.tsxdocs/architecture/tech-stack.mddocs/getting_started.mddocs/user_guide.md.github/ISSUE_TEMPLATE/feature_request.ymldocs/design/operations.mdCLAUDE.mdweb/eslint.config.jsweb/components.jsonweb/package.json
📚 Learning: 2026-03-17T06:30:14.180Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-17T06:30:14.180Z
Learning: Applies to src/synthorg/api/**/*.py : Use Litestar for REST + WebSocket API. Controllers, guards, channels, JWT + API key + WS ticket auth, RFC 9457 structured errors.
Applied to files:
docs/reference/research.md
📚 Learning: 2026-03-19T07:12:14.508Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-19T07:12:14.508Z
Learning: Applies to src/synthorg/api/**/*.py : API package (api/): Litestar REST + WebSocket with controllers, guards, channels, JWT + API key + WS ticket auth, approval gate integration, coordination endpoint, collaboration endpoint, settings endpoint, provider management endpoint (CRUD + test + presets), backup endpoint, RFC 9457 structured errors, AppState hot-reload slots, service auto-wiring (Phase 1 at construction, Phase 2 on startup), lifecycle helpers
Applied to files:
docs/reference/research.mddocs/user_guide.mdCLAUDE.md
📚 Learning: 2026-03-17T22:08:13.456Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-17T22:08:13.456Z
Learning: Engine: Agent orchestration, execution loops, parallel execution, task decomposition, routing, task assignment, centralized single-writer task state engine (TaskEngine), task lifecycle, recovery, shutdown, workspace isolation, coordination (multi-agent pipeline: TopologyDispatcher protocol, 4 dispatchers — SAS/centralized/decentralized/context-dependent, wave execution, workspace lifecycle integration, CoordinationSectionConfig company config bridge, build_coordinator factory), coordination error classification, prompt policy validation, checkpoint recovery (checkpoint/, per-turn persistence, heartbeat detection, CheckpointRecoveryStrategy), approval gate (escalation detection, context parking/resume, EscalationInfo/ResumePayload models), stagnation detection (stagnation/, StagnationDetector protocol, ToolRepetitionDetector, dual-signal analysis, corrective prompt injection), agent runtime state (AgentRuntimeState, lightweight per-agent execution status for dashboard queries and recove...
Applied to files:
docs/architecture/tech-stack.md
📚 Learning: 2026-03-17T22:08:13.456Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-17T22:08:13.456Z
Learning: Documentation source in `docs/` (Markdown, built with Zensical). Design spec in `docs/design/` (7 pages: index, agents, organization, communication, engine, memory, operations). Architecture in `docs/architecture/` (overview, tech-stack, decision log). Roadmap in `docs/roadmap/`. Security in `docs/security.md`. Licensing in `docs/licensing.md`. Reference in `docs/reference/`. REST API reference in `docs/rest-api.md`. Library reference in `docs/api/` (auto-generated from docstrings). Custom templates in `docs/overrides/`. Config in `mkdocs.yml`.
Applied to files:
docs/architecture/tech-stack.mddocs/getting_started.mddocs/architecture/decisions.mdCLAUDE.md
📚 Learning: 2026-03-19T07:12:14.508Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-19T07:12:14.508Z
Learning: Applies to src/synthorg/memory/**/*.py : Memory package (memory/): pluggable MemoryBackend protocol, backends/ (Mem0 adapter), retrieval pipeline (ranking, RRF fusion, injection, formatting, non-inferable filtering), shared org memory (org/), consolidation/archival (density-aware: DensityClassifier, AbstractiveSummarizer, ExtractivePreserver, DualModeConsolidationStrategy)
Applied to files:
docs/architecture/tech-stack.md
📚 Learning: 2026-03-23T06:50:44.558Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.558Z
Learning: Applies to web/src/**/*.{ts,js,vue} : Run `npm --prefix web run type-check` for vue-tsc type checking on dashboard code
Applied to files:
docs/getting_started.mdCLAUDE.mdweb/eslint.config.jsweb/package.json
📚 Learning: 2026-03-23T06:50:44.559Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.559Z
Learning: Applies to web/** : Run `npm --prefix web run dev` to start dashboard dev server at http://localhost:5173 with devtools + console forwarding enabled
Applied to files:
docs/getting_started.mdCLAUDE.md
📚 Learning: 2026-03-23T06:50:44.558Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.558Z
Learning: Applies to web/src/**/*.{ts,js,vue} : Run `npm --prefix web run lint` for ESLint checks on dashboard code
Applied to files:
docs/getting_started.mdCLAUDE.mdweb/eslint.config.jsweb/package.json
📚 Learning: 2026-03-15T21:20:09.993Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T21:20:09.993Z
Learning: Applies to web/src/components/** : Vue components organized by feature (agents/, approvals/, budget/, common/, dashboard/, layout/, messages/, org-chart/, tasks/).
Applied to files:
docs/getting_started.md.github/ISSUE_TEMPLATE/feature_request.ymlCLAUDE.mdweb/components.json
📚 Learning: 2026-03-20T08:28:32.845Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-20T08:28:32.845Z
Learning: Applies to web/src/__tests__/**/*.{ts,js} : Dashboard testing: Vitest unit tests organized by feature under `web/src/__tests__/`. Use fast-check for property-based testing (`fc.assert` + `fc.property`).
Applied to files:
docs/getting_started.mdweb/src/__tests__/App.test.tsxweb/eslint.config.js
📚 Learning: 2026-03-19T07:12:14.508Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-19T07:12:14.508Z
Learning: Applies to docs/design/*.md : Design spec pages: 7 pages in `docs/design/` — index, agents, organization, communication, engine, memory, operations
Applied to files:
docs/design/operations.mdCLAUDE.md
📚 Learning: 2026-03-23T06:50:44.558Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.558Z
Learning: Applies to web/src/__tests__/**/*.{test,spec}.{ts,js} : Use Vitest for unit testing Vue components and utilities; test files in `web/src/__tests__/` with coverage scoped to files changed vs origin/main
Applied to files:
web/src/__tests__/App.test.tsxCLAUDE.mdweb/eslint.config.jsweb/package.json
📚 Learning: 2026-03-23T06:50:44.559Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.559Z
Learning: Applies to web/src/__tests__/**/*.{test,spec}.{ts,js} : Run `npm --prefix web run test` for Vitest unit tests with coverage scoped to files changed vs origin/main
Applied to files:
web/src/__tests__/App.test.tsxCLAUDE.mdweb/eslint.config.jsweb/package.json
📚 Learning: 2026-03-23T06:50:44.558Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.558Z
Learning: Applies to web/src/__tests__/**/*.{test,spec}.{ts,js} : Use fast-check for property-based testing in Vue tests with `fc.assert` + `fc.property`
Applied to files:
web/src/__tests__/App.test.tsx
📚 Learning: 2026-03-23T06:50:44.559Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.559Z
Learning: Applies to docs/**/*.md : Use Markdown for documentation in `docs/` directory, built with Zensical (config: `mkdocs.yml`)
Applied to files:
docs/architecture/decisions.md
📚 Learning: 2026-03-23T06:50:44.559Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.559Z
Learning: Applies to .github/workflows/pages.yml : Pages workflow (`pages.yml`): version extraction from `pyproject.toml`, OpenAPI export, Astro + Zensical docs build (with version banner), GitHub Pages deploy on push to main
Applied to files:
docs/architecture/decisions.md
📚 Learning: 2026-03-23T06:50:44.559Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.559Z
Learning: Applies to docs/** : Run `uv run zensical build` to build docs (output: `_site/docs/`); `uv run zensical serve` for local preview
Applied to files:
docs/architecture/decisions.md
📚 Learning: 2026-03-14T15:43:05.601Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-14T15:43:05.601Z
Learning: Applies to docs/** : Docs source in docs/ (Markdown, built with Zensical); design spec in docs/design/ (7 pages: index, agents, organization, communication, engine, memory, operations)
Applied to files:
docs/architecture/decisions.mdCLAUDE.md
📚 Learning: 2026-03-19T07:13:44.964Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-19T07:13:44.964Z
Learning: Always read the relevant `docs/design/` page before implementing any feature or planning any issue — DESIGN_SPEC.md is a pointer file linking to 7 design pages (Agents, Organization, Communication, Engine, Memory, Operations)
Applied to files:
CLAUDE.md
📚 Learning: 2026-03-23T06:50:44.558Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.558Z
Learning: Applies to src/synthorg/**/*.py : NEVER use real vendor names (Anthropic, OpenAI, Claude, GPT, etc.) in project-owned code, docstrings, comments, tests, or config examples. Use generic names: `example-provider`, `example-large-001`, `example-medium-001`, `example-small-001`, `large`/`medium`/`small` as aliases. Vendor names may only appear in: (1) Operations design page (`docs/design/operations.md`), (2) `.claude/` skill/agent files, (3) third-party import paths/module names
Applied to files:
CLAUDE.md
📚 Learning: 2026-03-16T06:24:56.341Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-16T06:24:56.341Z
Learning: Applies to docs/design/**/*.md : Design specification pages in `docs/design/` must be consulted before implementing features (7 pages: index, agents, organization, communication, engine, memory, operations)
Applied to files:
CLAUDE.md
📚 Learning: 2026-03-16T06:24:56.341Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-16T06:24:56.341Z
Learning: Applies to src/synthorg/hr/**/*.py : HR engine must provide: hiring, firing, onboarding, offboarding, agent registry, performance tracking (task metrics, collaboration scoring, trend detection), promotion/demotion
Applied to files:
CLAUDE.md
📚 Learning: 2026-03-20T08:28:32.845Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-20T08:28:32.845Z
Learning: Applies to src/synthorg/templates/**/*.py : Templates: pre-built company templates, personality presets, and builder.
Applied to files:
CLAUDE.md
📚 Learning: 2026-03-23T06:50:44.558Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.558Z
Learning: Applies to web/src/stores/**/*.{ts,js} : Use Pinia stores for state management in the dashboard; store files located in `web/src/stores/`
Applied to files:
CLAUDE.md
📚 Learning: 2026-03-17T22:08:13.456Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-17T22:08:13.456Z
Learning: Applies to tests/**/*.py : Test markers: `pytest.mark.unit`, `pytest.mark.integration`, `pytest.mark.e2e`, `pytest.mark.slow`. Coverage: 80% minimum. Async: `asyncio_mode = 'auto'` — no manual `pytest.mark.asyncio` needed. Timeout: 30 seconds per test. Parallelism: `pytest-xdist` via `-n auto` — ALWAYS include `-n auto` when running pytest, never run tests sequentially.
Applied to files:
CLAUDE.md
📚 Learning: 2026-03-15T18:28:13.207Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T18:28:13.207Z
Learning: Parallelism: pytest-xdist via `-n auto` — ALWAYS include `-n auto` when running pytest, never run tests sequentially.
Applied to files:
CLAUDE.md
📚 Learning: 2026-03-16T07:22:28.134Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-16T07:22:28.134Z
Learning: Applies to tests/**/*.py : NEVER skip, dismiss, or ignore flaky tests — always fix them fully and fundamentally. For timing-sensitive tests, mock `time.monotonic()` and `asyncio.sleep()` to make them deterministic instead of widening timing margins
Applied to files:
CLAUDE.md
📚 Learning: 2026-03-23T06:50:44.558Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.558Z
Learning: Applies to tests/**/*.py : ALWAYS run pytest with `-n auto` for parallelism via pytest-xdist; never run tests sequentially
Applied to files:
CLAUDE.md
📚 Learning: 2026-03-23T06:50:44.558Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.558Z
Learning: Applies to tests/**/*.py : NEVER skip, dismiss, or ignore flaky tests -- always fix them fully and fundamentally
Applied to files:
CLAUDE.md
📚 Learning: 2026-03-15T18:28:13.207Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T18:28:13.207Z
Learning: Applies to {src,tests,web,cli,site}/**/*.{py,ts,tsx,go,astro} : Vendor-agnostic everywhere: NEVER use real vendor names (Anthropic, OpenAI, Claude, GPT, etc.) in project-owned code, docstrings, comments, tests, or config examples. Use generic names: example-provider, example-large-001, example-medium-001, example-small-001. Vendor names may only appear in: (1) Operations design page provider list (docs/design/operations.md), (2) .claude/ skill/agent files, (3) third-party import paths/module names.
Applied to files:
CLAUDE.md
📚 Learning: 2026-03-15T18:28:13.207Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T18:28:13.207Z
Learning: Applies to tests/**/*.py : Test markers: pytest.mark.unit, pytest.mark.integration, pytest.mark.e2e, pytest.mark.slow. Coverage: 80% minimum (enforced in CI).
Applied to files:
CLAUDE.md
📚 Learning: 2026-03-15T18:28:13.207Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T18:28:13.207Z
Learning: Property-based testing: Python uses Hypothesis (given + settings). Hypothesis profiles: ci (200 examples, default) and dev (1000 examples), controlled via HYPOTHESIS_PROFILE env var. Run dev profile: HYPOTHESIS_PROFILE=dev uv run python -m pytest tests/ -m unit -n auto -k properties.
Applied to files:
CLAUDE.md
📚 Learning: 2026-03-15T18:28:13.207Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T18:28:13.207Z
Learning: Applies to tests/**/*.py : Tests must use test-provider, test-small-001, etc. for vendor-agnostic test data.
Applied to files:
CLAUDE.md
📚 Learning: 2026-03-15T18:17:43.675Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T18:17:43.675Z
Learning: Applies to pyproject.toml : Dependencies: all versions use == in pyproject.toml. Groups: test (pytest + plugins, hypothesis), dev (includes test + ruff, mypy, pre-commit, commitizen, pip-audit). Required: mem0ai (Mem0 memory backend — the default and currently only backend). Install: uv sync installs everything (dev group is default).
Applied to files:
CLAUDE.md
📚 Learning: 2026-03-23T06:50:44.558Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.558Z
Learning: Applies to pyproject.toml : Required dependencies: `mem0ai` (default memory backend), `cryptography` (Fernet encryption for sensitive settings), `faker` (multi-locale agent name generation)
Applied to files:
CLAUDE.md
📚 Learning: 2026-03-19T11:19:40.044Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-19T11:19:40.044Z
Learning: Applies to go.mod : Maintain Go 1.26+ requirement. Dependencies: Cobra (CLI framework), charmbracelet/huh and charmbracelet/lipgloss (UI), sigstore-go (code signing), go-containerregistry (container image verification), go-tuf (TUF client for Sigstore).
Applied to files:
CLAUDE.md
📚 Learning: 2026-03-23T06:50:44.559Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.559Z
Learning: Use `uv sync` to install all dependencies (dev + test); `uv sync --group docs` to install docs toolchain
Applied to files:
CLAUDE.md
📚 Learning: 2026-03-23T06:50:44.559Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.559Z
Learning: Applies to cli/go.mod : Go 1.26+ required for CLI; dependencies in `cli/go.mod` (Cobra, charmbracelet/huh, charmbracelet/lipgloss, sigstore-go, go-containerregistry, go-tuf)
Applied to files:
CLAUDE.md
📚 Learning: 2026-03-23T06:50:44.558Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.558Z
Learning: Applies to pyproject.toml : Dependencies grouped in `pyproject.toml`: `test` (pytest + plugins, hypothesis), `dev` (includes test + ruff, mypy, pre-commit, commitizen, pip-audit)
Applied to files:
CLAUDE.md
📚 Learning: 2026-03-23T06:50:44.558Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.558Z
Learning: Applies to web/src/**/*.{ts,js,vue} : Line length of 88 characters for web/dashboard code (enforced by ESLint + Prettier if configured)
Applied to files:
web/eslint.config.js
🪛 markdownlint-cli2 (0.21.0)
docs/design/operations.md
[warning] 1133-1133: Code block style
Expected: fenced; Actual: indented
(MD046, code-block-style)
🔇 Additional comments (17)
web/components.json (1)
1-25: Configuration looks correct for the scaffold phase.
components.jsonis coherent and aligns with a React + shadcn/ui + Tailwind setup (schema, style, aliases, and CSS variables are consistent).web/security-headers.conf (1)
7-7: Comment update is accurate and non-disruptive.Good clarification of why
style-src 'unsafe-inline'remains necessary; no CSP behavior changed.docs/reference/research.md (1)
77-77: Stack reference update looks correct.The table now aligns with the React-based dashboard direction.
.github/ISSUE_TEMPLATE/bug_report.yml (1)
19-19: Issue template component label is correctly migrated.This keeps bug categorization aligned with the new dashboard technology.
docker/web/Dockerfile (1)
8-8: Stage description update is correct and safe.Good wording fix; Docker behavior remains unchanged.
.github/ISSUE_TEMPLATE/feature_request.yml (1)
19-19: Feature template label now matches the new frontend stack.Nice consistency update for request triage.
docs/architecture/decisions.md (1)
85-85: Decision log terminology is correctly updated.The entry now accurately reflects React dashboard embedding in the docs pipeline.
web/src/App.tsx (1)
1-11: Baseline React app scaffold is clean and correct.Component structure is simple, valid, and suitable for initial migration smoke coverage.
web/src/__tests__/App.test.tsx (1)
1-9: Smoke test coverage for the new root component is good.This provides a solid initial guard for the React scaffold render path.
docs/user_guide.md (1)
49-49: Container docs now match the rebuilt frontend.The table keeps the runtime behavior intact while correctly updating the Web UI stack label.
web/index.html (1)
11-12: Root mount and entrypoint are wired correctly.Switching the host element to
#rootand the module entry tomain.tsxmatches the React scaffold.docs/getting_started.md (1)
126-142: Getting-started docs are aligned with the new web scaffold.The layout note and frontend commands now point at the React/Vite/TypeScript setup instead of the removed Vue stack.
docs/design/operations.md (1)
1040-1040: Operations docs stay consistent with the API-first React client.The diagram and status note reflect the frontend swap without changing the surrounding behavior model.
Also applies to: 1133-1134
docs/architecture/tech-stack.md (1)
57-57: Tech-stack tables are updated consistently.Both the primary stack row and the design-decision summary now describe the same React/shadcn/Tailwind baseline.
Also applies to: 80-80
CLAUDE.md (2)
8-8: The assistant quick-reference is mostly in sync with the React rebuild.Layout, dashboard commands, source-tree notes, and dependency summary all reflect the new frontend direction.
Also applies to: 51-55, 122-127, 251-251
187-187:⚠️ Potential issue | 🟡 MinorCorrect the documented Hypothesis
ciprofile size.Line 187 now says the default
ciprofile runs 50 examples, but the repo guidance saysciis 200. That makes the quick reference inaccurate for anyone trying to mirror CI behavior.Based on learnings, Property-based testing: Python uses Hypothesis (
given+settings). Hypothesis profiles:ci(200 examples, default) anddev(1000 examples), controlled viaHYPOTHESIS_PROFILEenv var.⛔ Skipped due to learnings
Learnt from: CR Repo: Aureliolo/synthorg PR: 0 File: CLAUDE.md:0-0 Timestamp: 2026-03-15T18:42:17.990Z Learning: Applies to tests/**/*.py : Use Hypothesis for property-based testing with `given` + `settings` decorators; control profiles via `HYPOTHESIS_PROFILE` env var (`ci` for 200 examples, `dev` for 1000 examples)Learnt from: CR Repo: Aureliolo/synthorg PR: 0 File: CLAUDE.md:0-0 Timestamp: 2026-03-23T06:50:44.558Z Learning: Applies to tests/**/*.py : Use Hypothesis for Python property-based testing with `given` + `settings` decorators; use profiles: `ci` (50 examples, default) and `dev` (1000 examples) controlled via `HYPOTHESIS_PROFILE` env varLearnt from: CR Repo: Aureliolo/synthorg PR: 0 File: CLAUDE.md:0-0 Timestamp: 2026-03-15T18:28:13.207Z Learning: Property-based testing: Python uses Hypothesis (given + settings). Hypothesis profiles: ci (200 examples, default) and dev (1000 examples), controlled via HYPOTHESIS_PROFILE env var. Run dev profile: HYPOTHESIS_PROFILE=dev uv run python -m pytest tests/ -m unit -n auto -k properties.Learnt from: CR Repo: Aureliolo/synthorg PR: 0 File: CLAUDE.md:0-0 Timestamp: 2026-03-17T06:30:14.180Z Learning: Applies to tests/**/*.py : Use Hypothesis for property-based testing in Python with `given` + `settings`. Control via `HYPOTHESIS_PROFILE` env var (dev: 1000 examples, ci: 200 examples).Learnt from: CR Repo: Aureliolo/synthorg PR: 0 File: CLAUDE.md:0-0 Timestamp: 2026-03-23T06:50:44.558Z Learning: Applies to tests/**/*.py : Run Hypothesis dev profile with: `HYPOTHESIS_PROFILE=dev uv run python -m pytest tests/ -m unit -n auto -k properties`Learnt from: CR Repo: Aureliolo/synthorg PR: 0 File: CLAUDE.md:0-0 Timestamp: 2026-03-23T06:50:44.558Z Learning: Applies to web/src/__tests__/**/*.{test,spec}.{ts,js} : Use fast-check for property-based testing in Vue tests with `fc.assert` + `fc.property`Learnt from: CR Repo: Aureliolo/synthorg PR: 0 File: CLAUDE.md:0-0 Timestamp: 2026-03-20T08:28:32.845Z Learning: Applies to web/src/__tests__/**/*.{ts,js} : Dashboard testing: Vitest unit tests organized by feature under `web/src/__tests__/`. Use fast-check for property-based testing (`fc.assert` + `fc.property`).Learnt from: CR Repo: Aureliolo/synthorg PR: 0 File: CLAUDE.md:0-0 Timestamp: 2026-03-19T11:19:40.044Z Learning: Applies to cli/**/*.go : Use native Go testing with `testing.F` fuzz functions (`Fuzz*`) for fuzz testing.Learnt from: CR Repo: Aureliolo/synthorg PR: 0 File: CLAUDE.md:0-0 Timestamp: 2026-03-19T11:30:29.217Z Learning: Applies to cli/**/*.go : Use native `testing.F` fuzz functions (`Fuzz*`) for fuzz testing Go codeLearnt from: CR Repo: Aureliolo/synthorg PR: 0 File: CLAUDE.md:0-0 Timestamp: 2026-03-17T22:08:13.456Z Learning: Applies to tests/**/*.py : Test markers: `pytest.mark.unit`, `pytest.mark.integration`, `pytest.mark.e2e`, `pytest.mark.slow`. Coverage: 80% minimum. Async: `asyncio_mode = 'auto'` — no manual `pytest.mark.asyncio` needed. Timeout: 30 seconds per test. Parallelism: `pytest-xdist` via `-n auto` — ALWAYS include `-n auto` when running pytest, never run tests sequentially.web/package.json (1)
7-13: The expected dashboard script surface is preserved.
dev,build,lint,type-check, andtestall remain available after the stack swap, which keeps the npm/CI entrypoints stable.
Comment on lines
+1
to
+36
| import js from '@eslint/js' | ||
| import tseslint from 'typescript-eslint' | ||
| import eslintReact from '@eslint-react/eslint-plugin' | ||
| import reactRefresh from 'eslint-plugin-react-refresh' | ||
| import pluginSecurity from 'eslint-plugin-security' | ||
| import tsParser from '@typescript-eslint/parser' | ||
|
|
||
| export default [ | ||
| { | ||
| ignores: ['dist/**'], | ||
| }, | ||
| ...pluginVue.configs['flat/recommended'], | ||
| export default tseslint.config( | ||
| { ignores: ['dist/**'] }, | ||
| js.configs.recommended, | ||
| ...tseslint.configs.recommended, | ||
| eslintReact.configs['recommended-typescript'], | ||
| pluginSecurity.configs.recommended, | ||
| { | ||
| files: ['**/*.vue'], | ||
| languageOptions: { | ||
| parserOptions: { | ||
| parser: tsParser, | ||
| }, | ||
| }, | ||
| }, | ||
| { | ||
| files: ['**/*.ts'], | ||
| languageOptions: { | ||
| parser: tsParser, | ||
| plugins: { | ||
| 'react-refresh': reactRefresh, | ||
| }, | ||
| }, | ||
| { | ||
| rules: { | ||
| 'no-unassigned-vars': 'error', | ||
| 'react-refresh/only-export-components': [ | ||
| 'warn', | ||
| { allowConstantExport: true }, | ||
| ], | ||
| 'no-useless-assignment': 'error', | ||
| 'preserve-caught-error': 'error', | ||
| 'vue/no-v-html': 'error', | ||
| // Rule flags every obj[var] with no data-flow analysis (40+ warnings, | ||
| // ~87% false positives). Prototype pollution is guarded explicitly in | ||
| // providers.ts (Object.create(null) + __proto__/constructor/prototype | ||
| // filtering). Future dynamic property access with untrusted keys should | ||
| // be manually reviewed. | ||
| // Rule flags every obj[var] with no data-flow analysis -- too many false | ||
| // positives. Prototype pollution is guarded explicitly at system boundaries. | ||
| 'security/detect-object-injection': 'off', | ||
| }, | ||
| }, | ||
| { | ||
| files: ['src/App.vue', 'src/components/layout/Sidebar.vue', 'src/components/layout/Topbar.vue'], | ||
| rules: { | ||
| 'vue/multi-word-component-names': 'off', | ||
| }, | ||
| }, | ||
| { | ||
| files: ['src/__tests__/**'], | ||
| // shadcn/ui components co-export variant helpers alongside components -- | ||
| // this is the standard pattern and safe for HMR. | ||
| files: ['src/components/ui/**'], | ||
| rules: { | ||
| // Test stubs intentionally use untyped props and multiple components per file | ||
| 'vue/require-prop-types': 'off', | ||
| 'vue/one-component-per-file': 'off', | ||
| 'react-refresh/only-export-components': 'off', | ||
| }, | ||
| }, | ||
| ] | ||
| ) |
There was a problem hiding this comment.
🧩 Analysis chain
🏁 Script executed:
#!/bin/bash
# Verify whether the React hooks plugin is installed or configured anywhere in the web lint setup.
rg -n --glob 'web/package.json' --glob 'web/eslint.config.js' 'eslint-plugin-react-hooks|react-hooks' || trueRepository: Aureliolo/synthorg
Length of output: 44
🏁 Script executed:
# Check if web/package.json exists and examine dependencies
cat web/package.json | head -50Repository: Aureliolo/synthorg
Length of output: 1408
🏁 Script executed:
# Verify the eslint.config.js file matches the review
head -36 web/eslint.config.jsRepository: Aureliolo/synthorg
Length of output: 1206
🏁 Script executed:
# Search for any other eslint or react-hooks references in web directory
rg -i 'react-hooks|eslint.*config' web/ --type js --type json --type txt | head -20Repository: Aureliolo/synthorg
Length of output: 1200
Add the React hooks rules to the shared ESLint baseline.
Lines 14-25 wire React component/HMR checks, but the config never enables eslint-plugin-react-hooks, so rules-of-hooks and dependency-array regressions will lint cleanly once hooks appear. React 19 is in production dependencies, making this a correctness gap for the default scaffold.
🛠️ Proposed fix
+import reactHooks from 'eslint-plugin-react-hooks'
import reactRefresh from 'eslint-plugin-react-refresh'
import pluginSecurity from 'eslint-plugin-security'
export default tseslint.config(
@@
{
plugins: {
+ 'react-hooks': reactHooks,
'react-refresh': reactRefresh,
},
rules: {
+ ...reactHooks.configs.recommended.rules,
'react-refresh/only-export-components': [
'warn',
{ allowConstantExport: true },
],You'll also need the matching eslint-plugin-react-hooks devDependency in web/package.json.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@web/eslint.config.js` around lines 1 - 36, Enable the React Hooks linting by
adding the eslint-plugin-react-hooks plugin and its rules to the
tseslint.config(...) call in eslint.config.js: include 'react-hooks' in the
plugins object and add 'react-hooks/rules-of-hooks': 'error' and
'react-hooks/exhaustive-deps': 'warn' (or desired severities) to the rules set
that currently contains 'react-refresh/only-export-components' and
'security/detect-object-injection'; also add eslint-plugin-react-hooks as a
devDependency in web/package.json so the plugin is installed.
Contributor
|
Warning Gemini encountered an error creating the summary. You can try again by commenting |
- Remove non-existent hooks/ and stores/ dirs from CLAUDE.md package structure - Fix index.html body classes overriding shadcn theme system (Tailwind v4 specificity) - Add eslint-plugin-react-hooks TODO (blocked by ESLint 10 incompatibility) - Downgrade @types/node from ^25 to ^22 to match documented Node.js 22+ requirement - Fix connect-src CSP comment about ws/wss scheme matching - Document intentional HSTS preload omission - Type VITE_API_BASE_URL as string | undefined in env.d.ts - Add cn() utility tests (3 cases) - Update 3 skill files: Vue -> React references in file categories and frontend-reviewer prompts Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
There was a problem hiding this comment.
Actionable comments posted: 2
Caution
Some comments are outside the diff and can’t be posted inline due to platform limitations.
⚠️ Outside diff range comments (1)
.claude/skills/pre-pr-review/SKILL.md (1)
428-428:⚠️ Potential issue | 🟠 MajorStale Vue-specific XSS rule should be replaced for React
Line 428 still checks
v-html, which is Vue-only. In React, the equivalent high-risk sink isdangerouslySetInnerHTML; current wording will miss actual React XSS risks.Suggested fix
-1. XSS via `v-html` or unescaped user content rendering (CRITICAL) +1. XSS via `dangerouslySetInnerHTML` or unescaped user content rendering (CRITICAL)🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In @.claude/skills/pre-pr-review/SKILL.md at line 428, The rule text currently calls out "v-html" (Vue-only) as the high-risk sink; update the rule named "XSS via `v-html` or unescaped user content rendering (CRITICAL)" to reference React's equivalent "dangerouslySetInnerHTML" instead of `v-html`, adjust examples and detection guidance to mention React JSX/props usage and unescaped interpolation, and ensure any pattern matching or suggested fixes in the rule body reference dangerouslySetInnerHTML and React-specific mitigations (e.g., sanitization, avoiding direct HTML injection) so the rule correctly flags React XSS sinks.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In @.claude/skills/pre-pr-review/SKILL.md:
- Around line 83-84: The test file pattern for the web_test group only includes
".ts" which misses React component tests; update the web_test entry so it also
matches ".tsx" files under web/src/__tests__ (e.g., change the pattern that
currently lists `.ts` in `web/src/__tests__/` to include `.tsx` as well) so
component tests are picked up by web_test-gated checks and agents.
In `@web/eslint.config.js`:
- Around line 20-29: The ESLint config currently lacks enforcement for the
88-character line length; update the linter/formatter setup by adding a
line-length rule or Prettier setting: either add an ESLint rule 'max-len' with
code: 88 (e.g., inside the rules object where 'no-useless-assignment' and
'security/detect-object-injection' are defined) or add/adjust Prettier
configuration (printWidth: 88) and enable eslint-plugin-prettier/integration so
ESLint enforces it; ensure the chosen approach is applied consistently across
the web/dashboard project and referenced in CI/pre-commit linting.
---
Outside diff comments:
In @.claude/skills/pre-pr-review/SKILL.md:
- Line 428: The rule text currently calls out "v-html" (Vue-only) as the
high-risk sink; update the rule named "XSS via `v-html` or unescaped user
content rendering (CRITICAL)" to reference React's equivalent
"dangerouslySetInnerHTML" instead of `v-html`, adjust examples and detection
guidance to mention React JSX/props usage and unescaped interpolation, and
ensure any pattern matching or suggested fixes in the rule body reference
dangerouslySetInnerHTML and React-specific mitigations (e.g., sanitization,
avoiding direct HTML injection) so the rule correctly flags React XSS sinks.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Repository UI
Review profile: ASSERTIVE
Plan: Pro
Run ID: da308a42-d8a6-4249-bb76-705d3fb949e2
⛔ Files ignored due to path filters (1)
web/package-lock.jsonis excluded by!**/package-lock.json
📒 Files selected for processing (10)
.claude/skills/aurelio-review-pr/SKILL.md.claude/skills/codebase-audit/SKILL.md.claude/skills/pre-pr-review/SKILL.mdCLAUDE.mdweb/env.d.tsweb/eslint.config.jsweb/index.htmlweb/package.jsonweb/security-headers.confweb/src/__tests__/lib/utils.test.ts
📜 Review details
🧰 Additional context used
📓 Path-based instructions (4)
web/src/**/*.{ts,js,vue}
📄 CodeRabbit inference engine (CLAUDE.md)
web/src/**/*.{ts,js,vue}: Runnpm --prefix web run lintfor ESLint checks on dashboard code
Runnpm --prefix web run type-checkfor vue-tsc type checking on dashboard code
Use NEVER use real vendor names in web dashboard code, tests, or examples -- useexample-provider,test-provider, etc.
Line length of 88 characters for web/dashboard code (enforced by ESLint + Prettier if configured)
Files:
web/src/__tests__/lib/utils.test.ts
web/src/__tests__/**/*.{test,spec}.{ts,js}
📄 CodeRabbit inference engine (CLAUDE.md)
web/src/__tests__/**/*.{test,spec}.{ts,js}: Use Vitest for unit testing Vue components and utilities; test files inweb/src/__tests__/with coverage scoped to files changed vs origin/main
Use fast-check for property-based testing in Vue tests withfc.assert+fc.property
Runnpm --prefix web run testfor Vitest unit tests with coverage scoped to files changed vs origin/main
Files:
web/src/__tests__/lib/utils.test.ts
web/**
📄 CodeRabbit inference engine (CLAUDE.md)
web/**: Runnpm --prefix web run devto start dashboard dev server at http://localhost:5173 with devtools + console forwarding enabled
Runnpm --prefix web run buildfor production dashboard build with devtools disabled
Files:
web/src/__tests__/lib/utils.test.tsweb/index.htmlweb/env.d.tsweb/security-headers.confweb/package.jsonweb/eslint.config.js
web/package.json
📄 CodeRabbit inference engine (CLAUDE.md)
Node.js 20+ required for web dashboard; dependencies in
web/package.json(Vue 3, vue-router, PrimeVue, Tailwind CSS, Pinia, VueFlow, ECharts, vue-echarts, Axios, vue-draggable-plus, CodeMirror 6 (vue-codemirror), js-yaml, Vitest,@vitest/coverage-v8, fast-check, ESLint, eslint-plugin-security, vue-tsc,@vitejs/devtools)
Files:
web/package.json
🧠 Learnings (62)
📓 Common learnings
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.558Z
Learning: Applies to web/src/**/*.vue : Use Vue 3 + PrimeVue + Tailwind CSS in the web dashboard; components organized by feature in `web/src/components/`
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T18:17:43.675Z
Learning: Applies to web/** : Web dashboard: Node.js 20+, dependencies in web/package.json (Vue 3, PrimeVue, Tailwind CSS, Pinia, VueFlow, ECharts, Axios, vue-draggable-plus, Vitest, fast-check, ESLint, vue-tsc).
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.559Z
Learning: Applies to web/package.json : Node.js 20+ required for web dashboard; dependencies in `web/package.json` (Vue 3, vue-router, PrimeVue, Tailwind CSS, Pinia, VueFlow, ECharts, vue-echarts, Axios, vue-draggable-plus, CodeMirror 6 (vue-codemirror), js-yaml, Vitest, vitest/coverage-v8, fast-check, ESLint, eslint-plugin-security, vue-tsc, vitejs/devtools)
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-14T15:43:05.601Z
Learning: Applies to web/package.json : Web dashboard Node.js 20+; dependencies in web/package.json (Vue 3, PrimeVue, Tailwind CSS, Pinia, VueFlow, ECharts, Axios, vue-draggable-plus, Vitest, ESLint, vue-tsc)
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T18:17:43.675Z
Learning: Applies to docker/{Dockerfile*,compose.yml} : Docker: Backend uses 3-stage build (builder → setup → distroless runtime), Chainguard Python, non-root (UID 65532), CIS-hardened. Web uses nginxinc/nginx-unprivileged, Vue 3 SPA with PrimeVue + Tailwind CSS, SPA routing, API/WebSocket proxy to backend.
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.558Z
Learning: Applies to web/src/**/*.{ts,js,vue} : Run `npm --prefix web run type-check` for vue-tsc type checking on dashboard code
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-19T11:33:01.580Z
Learning: Applies to docker/Dockerfile.web : `nginxinc/nginx-unprivileged` base with non-root user (UID 101), Vue 3 SPA (PrimeVue + Tailwind CSS), SPA routing, API/WebSocket proxy to backend
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.558Z
Learning: Applies to web/src/__tests__/**/*.{test,spec}.{ts,js} : Use Vitest for unit testing Vue components and utilities; test files in `web/src/__tests__/` with coverage scoped to files changed vs origin/main
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.558Z
Learning: Applies to web/src/**/*.{ts,js,vue} : Run `npm --prefix web run lint` for ESLint checks on dashboard code
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-20T08:28:32.845Z
Learning: Applies to web/src/__tests__/**/*.{ts,js} : Dashboard testing: Vitest unit tests organized by feature under `web/src/__tests__/`. Use fast-check for property-based testing (`fc.assert` + `fc.property`).
📚 Learning: 2026-03-23T06:50:44.558Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.558Z
Learning: Applies to web/src/__tests__/**/*.{test,spec}.{ts,js} : Use Vitest for unit testing Vue components and utilities; test files in `web/src/__tests__/` with coverage scoped to files changed vs origin/main
Applied to files:
web/src/__tests__/lib/utils.test.tsweb/env.d.ts.claude/skills/aurelio-review-pr/SKILL.md.claude/skills/pre-pr-review/SKILL.mdCLAUDE.mdweb/package.jsonweb/eslint.config.js
📚 Learning: 2026-03-20T08:28:32.845Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-20T08:28:32.845Z
Learning: Applies to web/src/__tests__/**/*.{ts,js} : Dashboard testing: Vitest unit tests organized by feature under `web/src/__tests__/`. Use fast-check for property-based testing (`fc.assert` + `fc.property`).
Applied to files:
web/src/__tests__/lib/utils.test.ts.claude/skills/codebase-audit/SKILL.md.claude/skills/aurelio-review-pr/SKILL.md
📚 Learning: 2026-03-23T06:50:44.558Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.558Z
Learning: Applies to web/src/__tests__/**/*.{test,spec}.{ts,js} : Use fast-check for property-based testing in Vue tests with `fc.assert` + `fc.property`
Applied to files:
web/src/__tests__/lib/utils.test.ts
📚 Learning: 2026-03-23T06:50:44.559Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.559Z
Learning: Applies to web/src/__tests__/**/*.{test,spec}.{ts,js} : Run `npm --prefix web run test` for Vitest unit tests with coverage scoped to files changed vs origin/main
Applied to files:
web/src/__tests__/lib/utils.test.tsweb/env.d.ts.claude/skills/aurelio-review-pr/SKILL.md.claude/skills/pre-pr-review/SKILL.mdCLAUDE.mdweb/package.jsonweb/eslint.config.js
📚 Learning: 2026-03-15T18:17:43.675Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T18:17:43.675Z
Learning: Applies to web/** : Web dashboard: Node.js 20+, dependencies in web/package.json (Vue 3, PrimeVue, Tailwind CSS, Pinia, VueFlow, ECharts, Axios, vue-draggable-plus, Vitest, fast-check, ESLint, vue-tsc).
Applied to files:
web/index.html.claude/skills/codebase-audit/SKILL.md.claude/skills/aurelio-review-pr/SKILL.md.claude/skills/pre-pr-review/SKILL.mdCLAUDE.mdweb/package.jsonweb/eslint.config.js
📚 Learning: 2026-03-14T15:43:05.601Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-14T15:43:05.601Z
Learning: Applies to web/package.json : Web dashboard Node.js 20+; dependencies in web/package.json (Vue 3, PrimeVue, Tailwind CSS, Pinia, VueFlow, ECharts, Axios, vue-draggable-plus, Vitest, ESLint, vue-tsc)
Applied to files:
web/index.html.claude/skills/codebase-audit/SKILL.mdweb/env.d.ts.claude/skills/aurelio-review-pr/SKILL.md.claude/skills/pre-pr-review/SKILL.mdCLAUDE.mdweb/package.jsonweb/eslint.config.js
📚 Learning: 2026-03-15T21:20:09.993Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T21:20:09.993Z
Learning: Applies to web/src/components/** : Vue components organized by feature (agents/, approvals/, budget/, common/, dashboard/, layout/, messages/, org-chart/, tasks/).
Applied to files:
.claude/skills/codebase-audit/SKILL.md.claude/skills/aurelio-review-pr/SKILL.md.claude/skills/pre-pr-review/SKILL.mdCLAUDE.md
📚 Learning: 2026-03-23T06:50:44.558Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.558Z
Learning: Applies to web/src/**/*.vue : Use Vue 3 + PrimeVue + Tailwind CSS in the web dashboard; components organized by feature in `web/src/components/`
Applied to files:
.claude/skills/codebase-audit/SKILL.md.claude/skills/aurelio-review-pr/SKILL.md.claude/skills/pre-pr-review/SKILL.mdCLAUDE.mdweb/package.jsonweb/eslint.config.js
📚 Learning: 2026-03-23T06:50:44.559Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.559Z
Learning: Applies to web/package.json : Node.js 20+ required for web dashboard; dependencies in `web/package.json` (Vue 3, vue-router, PrimeVue, Tailwind CSS, Pinia, VueFlow, ECharts, vue-echarts, Axios, vue-draggable-plus, CodeMirror 6 (vue-codemirror), js-yaml, Vitest, vitest/coverage-v8, fast-check, ESLint, eslint-plugin-security, vue-tsc, vitejs/devtools)
Applied to files:
.claude/skills/codebase-audit/SKILL.mdweb/env.d.ts.claude/skills/aurelio-review-pr/SKILL.md.claude/skills/pre-pr-review/SKILL.mdCLAUDE.mdweb/package.jsonweb/eslint.config.js
📚 Learning: 2026-03-19T11:33:01.580Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-19T11:33:01.580Z
Learning: Applies to web/**/*.vue : Never use real vendor names (Anthropic, OpenAI, Claude, GPT, etc.) in dashboard code — use generic names: `example-provider`, `example-large-001`, etc.
Applied to files:
.claude/skills/codebase-audit/SKILL.md
📚 Learning: 2026-03-19T07:12:14.508Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-19T07:12:14.508Z
Learning: Applies to src/synthorg/**/*.py : Package structure: src/synthorg/ organized as: api/ (REST+WebSocket, Litestar), auth/ (auth subpackage), backup/ (scheduled/manual backups), budget/ (cost tracking, CFO), cli/ (superseded by Go CLI), communication/ (message bus, meetings), config/ (YAML loading), core/ (domain models, resilience config), engine/ (orchestration, task state, coordination, approval gates, stagnation detection, context budget, compaction), hr/ (hiring, performance, promotion), memory/ (pluggable backend, Mem0, retrieval, consolidation), persistence/ (operational data, SQLite, settings), observability/ (logging, correlation, sinks), providers/ (LLM abstraction, LiteLLM, auth types, presets, runtime CRUD), settings/ (runtime-editable, typed definitions, encryption, config bridge), security/ (SecOps, rule engine, output scanning, progressive trust, autonomy levels), templates/ (company templates, personalities), tools/ (registry, built-in tools, git, sandbox, code_runner, MCP...
Applied to files:
.claude/skills/codebase-audit/SKILL.mdCLAUDE.md
📚 Learning: 2026-03-23T06:50:44.558Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.558Z
Learning: Applies to web/src/**/*.{ts,js,vue} : Run `npm --prefix web run type-check` for vue-tsc type checking on dashboard code
Applied to files:
.claude/skills/codebase-audit/SKILL.mdweb/env.d.ts.claude/skills/aurelio-review-pr/SKILL.md.claude/skills/pre-pr-review/SKILL.mdCLAUDE.mdweb/package.jsonweb/eslint.config.js
📚 Learning: 2026-03-23T06:50:44.558Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.558Z
Learning: Applies to web/src/**/*.{ts,js,vue} : Run `npm --prefix web run lint` for ESLint checks on dashboard code
Applied to files:
.claude/skills/codebase-audit/SKILL.md.claude/skills/aurelio-review-pr/SKILL.md.claude/skills/pre-pr-review/SKILL.mdCLAUDE.mdweb/package.jsonweb/eslint.config.js
📚 Learning: 2026-03-19T11:19:40.044Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-19T11:19:40.044Z
Learning: CLI workflow (`.github/workflows/cli.yml`) runs Go lint (golangci-lint + go vet) + test (race, coverage) + build (cross-compile matrix) + vulnerability check (govulncheck) + fuzz testing. Cross-compiles for linux/darwin/windows × amd64/arm64. GoReleaser release on v* tags with cosign keyless signing and SLSA L3 attestations.
Applied to files:
.claude/skills/codebase-audit/SKILL.md
📚 Learning: 2026-03-16T19:52:03.656Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-16T19:52:03.656Z
Learning: Applies to cli/**/*.go : Lint CLI Go code with golangci-lint and go vet; test with go test -race; check vulnerabilities with govulncheck
Applied to files:
.claude/skills/codebase-audit/SKILL.md
📚 Learning: 2026-03-15T12:00:18.113Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T12:00:18.113Z
Learning: Commits: <type>: <description> — types: feat, fix, refactor, docs, test, chore, perf, ci. Enforced by commitizen (commit-msg hook). Signed commits: required on main via branch protection — all commits must be GPG/SSH signed.
Applied to files:
.claude/skills/codebase-audit/SKILL.md
📚 Learning: 2026-03-23T06:50:44.559Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.559Z
Learning: Pre-commit hooks configured for: trailing-whitespace, end-of-file-fixer, check-yaml, check-toml, check-json, check-merge-conflict, check-added-large-files, no-commit-to-branch (main), ruff check+format, gitleaks, hadolint, golangci-lint + go vet (conditional on `cli/**/*.go`), no-em-dashes, no-redundant-timeout
Applied to files:
.claude/skills/codebase-audit/SKILL.md.claude/skills/pre-pr-review/SKILL.mdweb/eslint.config.js
📚 Learning: 2026-03-15T18:17:43.675Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T18:17:43.675Z
Learning: Pre-push hooks: mypy type-check + pytest unit tests + golangci-lint + go vet + go test (CLI, conditional on cli/**/*.go) (fast gate before push, skipped in pre-commit.ci — dedicated CI jobs already run these).
Applied to files:
.claude/skills/codebase-audit/SKILL.md.claude/skills/pre-pr-review/SKILL.md
📚 Learning: 2026-03-23T06:50:44.559Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.559Z
Learning: Applies to .github/workflows/cli.yml : CLI workflow (`cli.yml`): Go lint/test/build (cross-compile) + govulncheck + fuzz. GoReleaser release on `v*` tags with cosign signing + SLSA provenance
Applied to files:
.claude/skills/codebase-audit/SKILL.md
📚 Learning: 2026-03-15T21:32:02.880Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T21:32:02.880Z
Learning: Applies to .github/workflows/cli.yml : CLI workflow: Go lint (golangci-lint + go vet) + test (-race -coverprofile) + build (cross-compile: linux/darwin/windows × amd64/arm64) + govulncheck + fuzz testing (main-only, 30s/target, continue-on-error, matrix over 4 packages). cli-pass gate includes fuzz as informational. GoReleaser release on v* tags. Cosign keyless signing of checksums.txt. SLSA L3 provenance attestations. Sigstore bundle (.sigstore.json) attached. Post-release appends checksums/verification/provenance to draft release notes.
Applied to files:
.claude/skills/codebase-audit/SKILL.md.claude/skills/pre-pr-review/SKILL.md
📚 Learning: 2026-03-23T06:50:44.559Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.559Z
Learning: Pre-push hooks: mypy type-check + pytest unit tests + golangci-lint + go vet + go test (conditional on `cli/**/*.go`) (fast gate before push, skipped in pre-commit.ci)
Applied to files:
.claude/skills/codebase-audit/SKILL.md.claude/skills/pre-pr-review/SKILL.md
📚 Learning: 2026-03-23T06:50:44.559Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.559Z
Learning: Commits must follow format: `<type>: <description>` with types: feat, fix, refactor, docs, test, chore, perf, ci; enforced by commitizen
Applied to files:
.claude/skills/codebase-audit/SKILL.md
📚 Learning: 2026-03-15T18:17:43.675Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T18:17:43.675Z
Learning: Pre-commit hooks: trailing-whitespace, end-of-file-fixer, check-yaml, check-toml, check-json, check-merge-conflict, check-added-large-files, no-commit-to-branch (main), ruff check+format, gitleaks, hadolint (Dockerfile linting).
Applied to files:
.claude/skills/codebase-audit/SKILL.md.claude/skills/pre-pr-review/SKILL.mdweb/eslint.config.js
📚 Learning: 2026-03-23T06:50:44.559Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.559Z
Learning: Applies to .github/workflows/dependency-review.yml : Dependency review (`dependency-review.yml`): license allow-list (permissive + weak-copyleft), per-package GPL exemptions for dev-only tool deps, PR comment summaries
Applied to files:
.claude/skills/aurelio-review-pr/SKILL.md.claude/skills/pre-pr-review/SKILL.md
📚 Learning: 2026-03-23T06:50:44.559Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.559Z
Learning: Applies to .github/dependabot.yml : Dependabot: daily updates (uv, github-actions, npm, pre-commit, docker, gomod), grouped minor/patch, no auto-merge. Use `/review-dep-pr` before merging
Applied to files:
.claude/skills/aurelio-review-pr/SKILL.md
📚 Learning: 2026-03-15T21:32:02.880Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T21:32:02.880Z
Learning: Applies to .github/workflows/*.yml : Dependabot: daily updates for uv + github-actions + npm + pre-commit + docker + gomod, grouped minor/patch, no auto-merge. Use `/review-dep-pr` to review Dependabot PRs before merging.
Applied to files:
.claude/skills/aurelio-review-pr/SKILL.md.claude/skills/pre-pr-review/SKILL.md
📚 Learning: 2026-03-23T06:50:44.559Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.559Z
Learning: Applies to src/**/*.py : Run `uv run mypy src/ tests/` for strict type-checking
Applied to files:
.claude/skills/aurelio-review-pr/SKILL.md.claude/skills/pre-pr-review/SKILL.md
📚 Learning: 2026-03-23T06:50:44.558Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.558Z
Learning: Applies to pyproject.toml : Dependencies grouped in `pyproject.toml`: `test` (pytest + plugins, hypothesis), `dev` (includes test + ruff, mypy, pre-commit, commitizen, pip-audit)
Applied to files:
.claude/skills/aurelio-review-pr/SKILL.mdCLAUDE.md
📚 Learning: 2026-03-23T06:50:44.559Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.559Z
Learning: Applies to src/**/*.py : Run `uv run ruff check src/ tests/` for linting; `uv run ruff check src/ tests/ --fix` for auto-fix; `uv run ruff format src/ tests/` for formatting
Applied to files:
.claude/skills/aurelio-review-pr/SKILL.md
📚 Learning: 2026-03-23T06:50:44.558Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.558Z
Learning: Applies to web/src/**/*.{ts,js,vue} : Line length of 88 characters for web/dashboard code (enforced by ESLint + Prettier if configured)
Applied to files:
.claude/skills/pre-pr-review/SKILL.mdweb/eslint.config.js
📚 Learning: 2026-03-23T06:50:44.559Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.559Z
Learning: Fix everything valid from review agents -- never skip: When review agents find valid issues (including pre-existing issues in surrounding code, suggestions, and findings adjacent to the PR's changes), fix them all. No deferring, no 'out of scope' skipping
Applied to files:
.claude/skills/pre-pr-review/SKILL.md
📚 Learning: 2026-03-15T21:49:53.264Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T21:49:53.264Z
Learning: Fix everything valid — never skip when review agents find valid issues (including pre-existing issues in surrounding code, suggestions, and findings adjacent to the PR's changes). No deferring, no 'out of scope' skipping.
Applied to files:
.claude/skills/pre-pr-review/SKILL.md
📚 Learning: 2026-03-23T06:50:44.559Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.559Z
Learning: Applies to .github/workflows/**/*.yml : CI jobs: lint (ruff) + type-check (mypy) + test (pytest + coverage) + python-audit (pip-audit) + dockerfile-lint (hadolint) + dashboard (lint/type-check/test with --detect-async-leaks/build/audit) run in parallel -> ci-pass gate
Applied to files:
.claude/skills/pre-pr-review/SKILL.md
📚 Learning: 2026-03-14T15:43:05.601Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-14T15:43:05.601Z
Learning: Applies to docs/** : Docs source in docs/ (Markdown, built with Zensical); design spec in docs/design/ (7 pages: index, agents, organization, communication, engine, memory, operations)
Applied to files:
CLAUDE.md
📚 Learning: 2026-03-19T07:13:44.964Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-19T07:13:44.964Z
Learning: Always read the relevant `docs/design/` page before implementing any feature or planning any issue — DESIGN_SPEC.md is a pointer file linking to 7 design pages (Agents, Organization, Communication, Engine, Memory, Operations)
Applied to files:
CLAUDE.md
📚 Learning: 2026-03-19T07:12:14.508Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-19T07:12:14.508Z
Learning: Applies to src/synthorg/api/**/*.py : API package (api/): Litestar REST + WebSocket with controllers, guards, channels, JWT + API key + WS ticket auth, approval gate integration, coordination endpoint, collaboration endpoint, settings endpoint, provider management endpoint (CRUD + test + presets), backup endpoint, RFC 9457 structured errors, AppState hot-reload slots, service auto-wiring (Phase 1 at construction, Phase 2 on startup), lifecycle helpers
Applied to files:
CLAUDE.md
📚 Learning: 2026-03-17T22:08:13.456Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-17T22:08:13.456Z
Learning: Documentation source in `docs/` (Markdown, built with Zensical). Design spec in `docs/design/` (7 pages: index, agents, organization, communication, engine, memory, operations). Architecture in `docs/architecture/` (overview, tech-stack, decision log). Roadmap in `docs/roadmap/`. Security in `docs/security.md`. Licensing in `docs/licensing.md`. Reference in `docs/reference/`. REST API reference in `docs/rest-api.md`. Library reference in `docs/api/` (auto-generated from docstrings). Custom templates in `docs/overrides/`. Config in `mkdocs.yml`.
Applied to files:
CLAUDE.md
📚 Learning: 2026-03-23T06:50:44.558Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.558Z
Learning: Applies to src/synthorg/**/*.py : NEVER use real vendor names (Anthropic, OpenAI, Claude, GPT, etc.) in project-owned code, docstrings, comments, tests, or config examples. Use generic names: `example-provider`, `example-large-001`, `example-medium-001`, `example-small-001`, `large`/`medium`/`small` as aliases. Vendor names may only appear in: (1) Operations design page (`docs/design/operations.md`), (2) `.claude/` skill/agent files, (3) third-party import paths/module names
Applied to files:
CLAUDE.md
📚 Learning: 2026-03-19T07:12:14.508Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-19T07:12:14.508Z
Learning: Applies to docs/design/*.md : Design spec pages: 7 pages in `docs/design/` — index, agents, organization, communication, engine, memory, operations
Applied to files:
CLAUDE.md
📚 Learning: 2026-03-16T06:24:56.341Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-16T06:24:56.341Z
Learning: Applies to docs/design/**/*.md : Design specification pages in `docs/design/` must be consulted before implementing features (7 pages: index, agents, organization, communication, engine, memory, operations)
Applied to files:
CLAUDE.md
📚 Learning: 2026-03-16T06:24:56.341Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-16T06:24:56.341Z
Learning: Applies to src/synthorg/hr/**/*.py : HR engine must provide: hiring, firing, onboarding, offboarding, agent registry, performance tracking (task metrics, collaboration scoring, trend detection), promotion/demotion
Applied to files:
CLAUDE.md
📚 Learning: 2026-03-20T08:28:32.845Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-20T08:28:32.845Z
Learning: Applies to src/synthorg/templates/**/*.py : Templates: pre-built company templates, personality presets, and builder.
Applied to files:
CLAUDE.md
📚 Learning: 2026-03-23T06:50:44.559Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.559Z
Learning: Applies to web/** : Run `npm --prefix web run dev` to start dashboard dev server at http://localhost:5173 with devtools + console forwarding enabled
Applied to files:
CLAUDE.md
📚 Learning: 2026-03-23T06:50:44.559Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.559Z
Learning: Applies to web/** : Run `npm --prefix web run build` for production dashboard build with devtools disabled
Applied to files:
CLAUDE.md
📚 Learning: 2026-03-15T18:17:43.675Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T18:17:43.675Z
Learning: Applies to docker/{Dockerfile*,compose.yml} : Docker: Backend uses 3-stage build (builder → setup → distroless runtime), Chainguard Python, non-root (UID 65532), CIS-hardened. Web uses nginxinc/nginx-unprivileged, Vue 3 SPA with PrimeVue + Tailwind CSS, SPA routing, API/WebSocket proxy to backend.
Applied to files:
CLAUDE.mdweb/package.json
📚 Learning: 2026-03-23T06:50:44.558Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.558Z
Learning: Applies to web/src/stores/**/*.{ts,js} : Use Pinia stores for state management in the dashboard; store files located in `web/src/stores/`
Applied to files:
CLAUDE.md
📚 Learning: 2026-03-17T22:08:13.456Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-17T22:08:13.456Z
Learning: Applies to tests/**/*.py : Test markers: `pytest.mark.unit`, `pytest.mark.integration`, `pytest.mark.e2e`, `pytest.mark.slow`. Coverage: 80% minimum. Async: `asyncio_mode = 'auto'` — no manual `pytest.mark.asyncio` needed. Timeout: 30 seconds per test. Parallelism: `pytest-xdist` via `-n auto` — ALWAYS include `-n auto` when running pytest, never run tests sequentially.
Applied to files:
CLAUDE.md
📚 Learning: 2026-03-15T18:28:13.207Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T18:28:13.207Z
Learning: Parallelism: pytest-xdist via `-n auto` — ALWAYS include `-n auto` when running pytest, never run tests sequentially.
Applied to files:
CLAUDE.md
📚 Learning: 2026-03-16T07:22:28.134Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-16T07:22:28.134Z
Learning: Applies to tests/**/*.py : NEVER skip, dismiss, or ignore flaky tests — always fix them fully and fundamentally. For timing-sensitive tests, mock `time.monotonic()` and `asyncio.sleep()` to make them deterministic instead of widening timing margins
Applied to files:
CLAUDE.md
📚 Learning: 2026-03-23T06:50:44.558Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.558Z
Learning: Applies to tests/**/*.py : ALWAYS run pytest with `-n auto` for parallelism via pytest-xdist; never run tests sequentially
Applied to files:
CLAUDE.md
📚 Learning: 2026-03-23T06:50:44.558Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.558Z
Learning: Applies to tests/**/*.py : NEVER skip, dismiss, or ignore flaky tests -- always fix them fully and fundamentally
Applied to files:
CLAUDE.md
📚 Learning: 2026-03-15T18:28:13.207Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T18:28:13.207Z
Learning: Applies to {src,tests,web,cli,site}/**/*.{py,ts,tsx,go,astro} : Vendor-agnostic everywhere: NEVER use real vendor names (Anthropic, OpenAI, Claude, GPT, etc.) in project-owned code, docstrings, comments, tests, or config examples. Use generic names: example-provider, example-large-001, example-medium-001, example-small-001. Vendor names may only appear in: (1) Operations design page provider list (docs/design/operations.md), (2) .claude/ skill/agent files, (3) third-party import paths/module names.
Applied to files:
CLAUDE.md
📚 Learning: 2026-03-15T18:28:13.207Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T18:28:13.207Z
Learning: Applies to tests/**/*.py : Test markers: pytest.mark.unit, pytest.mark.integration, pytest.mark.e2e, pytest.mark.slow. Coverage: 80% minimum (enforced in CI).
Applied to files:
CLAUDE.md
📚 Learning: 2026-03-15T18:28:13.207Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T18:28:13.207Z
Learning: Property-based testing: Python uses Hypothesis (given + settings). Hypothesis profiles: ci (200 examples, default) and dev (1000 examples), controlled via HYPOTHESIS_PROFILE env var. Run dev profile: HYPOTHESIS_PROFILE=dev uv run python -m pytest tests/ -m unit -n auto -k properties.
Applied to files:
CLAUDE.md
📚 Learning: 2026-03-15T18:28:13.207Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T18:28:13.207Z
Learning: Applies to tests/**/*.py : Tests must use test-provider, test-small-001, etc. for vendor-agnostic test data.
Applied to files:
CLAUDE.md
📚 Learning: 2026-03-15T18:17:43.675Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T18:17:43.675Z
Learning: Applies to pyproject.toml : Dependencies: all versions use == in pyproject.toml. Groups: test (pytest + plugins, hypothesis), dev (includes test + ruff, mypy, pre-commit, commitizen, pip-audit). Required: mem0ai (Mem0 memory backend — the default and currently only backend). Install: uv sync installs everything (dev group is default).
Applied to files:
CLAUDE.md
📚 Learning: 2026-03-23T06:50:44.558Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.558Z
Learning: Applies to pyproject.toml : Required dependencies: `mem0ai` (default memory backend), `cryptography` (Fernet encryption for sensitive settings), `faker` (multi-locale agent name generation)
Applied to files:
CLAUDE.md
📚 Learning: 2026-03-19T11:19:40.044Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-19T11:19:40.044Z
Learning: Applies to go.mod : Maintain Go 1.26+ requirement. Dependencies: Cobra (CLI framework), charmbracelet/huh and charmbracelet/lipgloss (UI), sigstore-go (code signing), go-containerregistry (container image verification), go-tuf (TUF client for Sigstore).
Applied to files:
CLAUDE.md
📚 Learning: 2026-03-23T06:50:44.559Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.559Z
Learning: Use `uv sync` to install all dependencies (dev + test); `uv sync --group docs` to install docs toolchain
Applied to files:
CLAUDE.md
📚 Learning: 2026-03-23T06:50:44.559Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.559Z
Learning: Applies to cli/go.mod : Go 1.26+ required for CLI; dependencies in `cli/go.mod` (Cobra, charmbracelet/huh, charmbracelet/lipgloss, sigstore-go, go-containerregistry, go-tuf)
Applied to files:
CLAUDE.md
📚 Learning: 2026-03-23T06:50:44.558Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.558Z
Learning: Applies to web/src/router/**/*.{ts,js} : Use Vue Router with auth guards for routing in `web/src/router/`
Applied to files:
web/eslint.config.js
🪛 LanguageTool
.claude/skills/pre-pr-review/SKILL.md
[uncategorized] ~138-~138: The official name of this software platform is spelled with a capital “H”.
Context: .../.cssfile changed; anydocker/or.github/workflows/` file changed; config change...
(GITHUB)
🔇 Additional comments (15)
web/security-headers.conf (2)
7-8: Comment updates are accurate and improve CSP operational clarity.These revised notes correctly document why
style-src 'unsafe-inline'is currently present and clarify ws/wss scheme expectations forconnect-src 'self'.
10-10: Good security-documentation note for HSTS preload omission.Keeping this rationale inline is helpful and prevents accidental irreversible preload enrollment.
web/eslint.config.js (2)
7-8: TODO appropriately documents the eslint-plugin-react-hooks blocker.The comment acknowledges the ESLint 10 incompatibility with
eslint-plugin-react-hooksv5. The@eslint-reactplugin provides partial hooks coverage viahooks-extrarules as a stopgap. Track the upstream plugin for ESLint 10 support.
31-38: LGTM! shadcn/ui component override is correct.Disabling
react-refresh/only-export-componentsforsrc/components/ui/**is the right pattern—shadcn components conventionally co-export variant helpers alongside components.web/package.json (4)
43-43:@types/nodeversion now aligned with Node.js 22+ requirement.This addresses the previous review finding about version mismatch.
8-8: LGTM! Build scripts correctly updated for React.Replacing
vue-tscwithtscis correct for the React + TypeScript stack. The-bflag enables project references mode which is appropriate for the tsconfig setup.Also applies to: 11-11
15-35: Dependencies correctly reflect React 19 + shadcn/ui scaffold.The dependency set aligns with PR objectives:
- React 19, Vite 8, TypeScript 5.9 (strict), Tailwind CSS 4.2 and shadcn/ui ecosystem
- Zustand 5, React Router 7,
@tanstack/react-query5, Framer Motion 12,@xyflow/react12, Recharts 2, cmdk 1, Axios
26-26: No issue with theradix-uipackage. The bare package name (not scoped) is the official Radix Primitives meta-package, and version^1.4.3is correct and current on NPM.> Likely an incorrect or invalid review comment.CLAUDE.md (1)
8-8: LGTM! Documentation correctly updated for React migration.The package structure, layout description, and dependency list accurately reflect the Vue → React 19 + shadcn/ui migration. The Node.js requirement bump to 22+ aligns with the
@types/node: ^22inweb/package.json.Also applies to: 122-126, 249-249
web/env.d.ts (1)
4-4: Type accurately reflects optional env var.Changing to
string | undefinedis correct—env vars may be unset. Ensure usage sites (e.g., Axios base URL config) handle the undefined case with a fallback or throw a clear error during startup.web/index.html (1)
10-12: LGTM! Standard React SPA entry setup.The
id="root"mount point and.tsxentry are React conventions. The inline loading placeholder provides good UX during initial bundle load.Note: Removing
bg-slate-950 text-slate-200from<body>means background/text colors must be applied via Tailwind in React components or global CSS to avoid a brief flash of default white background..claude/skills/codebase-audit/SKILL.md (1)
31-31: LGTM! Skill documentation correctly updated for React migration.Agent roster (
react-dashboard), scope mappings, and language groupings consistently reflect the Vue → React transition.Also applies to: 110-110, 314-314
.claude/skills/aurelio-review-pr/SKILL.md (1)
141-141: LGTM! Frontend reviewer prompt comprehensively updated for React stack.The prompt correctly covers React-specific concerns:
- Functional component patterns (Line 336-338)
- Zustand selector best practices (Lines 340-343)
- shadcn/ui + CSS variable token conventions (Lines 345-348)
- React hooks cleanup and side effects (Lines 355-358)
The
web_srccategory correctly includes.tsxfiles.Also applies to: 331-367
web/src/__tests__/lib/utils.test.ts (1)
1-16: 🧹 Nitpick | 🔵 TrivialGood baseline coverage for
cnutility.The tests verify core behavior: merging, conflict resolution, and conditional handling. Consider adding property-based tests with fast-check per project guidelines for more exhaustive coverage of edge cases (empty strings, duplicate classes, deeply nested conditionals).
♻️ Optional: Add property-based test
import fc from 'fast-check' it('always produces space-separated output without leading/trailing spaces', () => { fc.assert( fc.property(fc.array(fc.string(), { maxLength: 10 }), (classes) => { const result = cn(...classes) return !result.startsWith(' ') && !result.endsWith(' ') }) ) })As per coding guidelines: "Use fast-check for property-based testing (
fc.assert+fc.property)".⛔ Skipped due to learnings
Learnt from: CR Repo: Aureliolo/synthorg PR: 0 File: CLAUDE.md:0-0 Timestamp: 2026-03-23T06:50:44.558Z Learning: Applies to web/src/__tests__/**/*.{test,spec}.{ts,js} : Use fast-check for property-based testing in Vue tests with `fc.assert` + `fc.property`Learnt from: CR Repo: Aureliolo/synthorg PR: 0 File: CLAUDE.md:0-0 Timestamp: 2026-03-20T08:28:32.845Z Learning: Applies to web/src/__tests__/**/*.{ts,js} : Dashboard testing: Vitest unit tests organized by feature under `web/src/__tests__/`. Use fast-check for property-based testing (`fc.assert` + `fc.property`).Learnt from: CR Repo: Aureliolo/synthorg PR: 0 File: CLAUDE.md:0-0 Timestamp: 2026-03-23T06:50:44.558Z Learning: Applies to web/src/__tests__/**/*.{test,spec}.{ts,js} : Use Vitest for unit testing Vue components and utilities; test files in `web/src/__tests__/` with coverage scoped to files changed vs origin/mainLearnt from: CR Repo: Aureliolo/synthorg PR: 0 File: CLAUDE.md:0-0 Timestamp: 2026-03-23T06:50:44.559Z Learning: Applies to web/src/__tests__/**/*.{test,spec}.{ts,js} : Run `npm --prefix web run test` for Vitest unit tests with coverage scoped to files changed vs origin/main.claude/skills/pre-pr-review/SKILL.md (1)
439-465: React/Zustand/hooks migration guidance looks solidThis section is well-aligned with the new React 19 + shadcn/ui stack and adds useful guardrails (selectors, hook side effects, cleanup).
Comment on lines
20
to
29
| rules: { | ||
| 'no-unassigned-vars': 'error', | ||
| 'react-refresh/only-export-components': [ | ||
| 'warn', | ||
| { allowConstantExport: true }, | ||
| ], | ||
| 'no-useless-assignment': 'error', | ||
| 'preserve-caught-error': 'error', | ||
| 'vue/no-v-html': 'error', | ||
| // Rule flags every obj[var] with no data-flow analysis (40+ warnings, | ||
| // ~87% false positives). Prototype pollution is guarded explicitly in | ||
| // providers.ts (Object.create(null) + __proto__/constructor/prototype | ||
| // filtering). Future dynamic property access with untrusted keys should | ||
| // be manually reviewed. | ||
| // Rule flags every obj[var] with no data-flow analysis -- too many false | ||
| // positives. Prototype pollution is guarded explicitly at system boundaries. | ||
| 'security/detect-object-injection': 'off', | ||
| }, |
There was a problem hiding this comment.
🧹 Nitpick | 🔵 Trivial
Consider adding line length enforcement.
Per coding guidelines, web/dashboard code should enforce 88-character line length. This could be added via a Prettier config or an ESLint rule if the team wants linter enforcement.
As per coding guidelines: "Line length of 88 characters for web/dashboard code (enforced by ESLint + Prettier if configured)".
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@web/eslint.config.js` around lines 20 - 29, The ESLint config currently lacks
enforcement for the 88-character line length; update the linter/formatter setup
by adding a line-length rule or Prettier setting: either add an ESLint rule
'max-len' with code: 88 (e.g., inside the rules object where
'no-useless-assignment' and 'security/detect-object-injection' are defined) or
add/adjust Prettier configuration (printWidth: 88) and enable
eslint-plugin-prettier/integration so ESLint enforces it; ensure the chosen
approach is applied consistently across the web/dashboard project and referenced
in CI/pre-commit linting.
- Include .tsx in web_test file category (catches React component tests) - Replace v-html with dangerouslySetInnerHTML in security-reviewer prompts - Skip 88-char line length finding (Python convention, not applicable to React/TS) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
There was a problem hiding this comment.
Actionable comments posted: 1
♻️ Duplicate comments (1)
.claude/skills/aurelio-review-pr/SKILL.md (1)
335-338:⚠️ Potential issue | 🟠 MajorSame blocker-severity issue here: class components should not be CRITICAL.
Line 336 enforces a hard failure for class components. That is stricter than React’s actual support model and can cause unnecessary blocking findings in
/aurelio-review-pr.In current React docs, are class components still supported and acceptable in existing codebases?🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In @.claude/skills/aurelio-review-pr/SKILL.md around lines 335 - 338, The rule text under "React patterns (CRITICAL)" wrongly treats use of class components as a hard blocker; update the rule so class components are not marked CRITICAL—change the severity for "Class components instead of functional components" from CRITICAL to a lower level (e.g., MAJOR or WARNING) and remove any enforcement logic that causes hard failures in the /aurelio-review-pr checks; locate the "React patterns" block (the list item referencing "Class components instead of functional components (CRITICAL)") in SKILL.md and adjust the wording and any associated enforcement code that treats class components as a blocker so it reflects current React support for class components.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In @.claude/skills/pre-pr-review/SKILL.md:
- Around line 441-444: Update the severity for the class-component rule in the
React patterns section by changing the line that currently reads "Class
components instead of functional components (CRITICAL)" to indicate MAJOR
instead of CRITICAL; specifically modify the string "Class components instead of
functional components (CRITICAL)" to "Class components instead of functional
components (MAJOR)" so the rule reflects a preference rather than a blocker, and
ensure any nearby guidance in the same "React patterns" block is consistent with
the downgraded severity.
---
Duplicate comments:
In @.claude/skills/aurelio-review-pr/SKILL.md:
- Around line 335-338: The rule text under "React patterns (CRITICAL)" wrongly
treats use of class components as a hard blocker; update the rule so class
components are not marked CRITICAL—change the severity for "Class components
instead of functional components" from CRITICAL to a lower level (e.g., MAJOR or
WARNING) and remove any enforcement logic that causes hard failures in the
/aurelio-review-pr checks; locate the "React patterns" block (the list item
referencing "Class components instead of functional components (CRITICAL)") in
SKILL.md and adjust the wording and any associated enforcement code that treats
class components as a blocker so it reflects current React support for class
components.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Repository UI
Review profile: ASSERTIVE
Plan: Pro
Run ID: ea292158-d362-4c0b-94a2-e991ba8becb1
📒 Files selected for processing (2)
.claude/skills/aurelio-review-pr/SKILL.md.claude/skills/pre-pr-review/SKILL.md
📜 Review details
🧰 Additional context used
🧠 Learnings (28)
📓 Common learnings
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.558Z
Learning: Applies to web/src/**/*.vue : Use Vue 3 + PrimeVue + Tailwind CSS in the web dashboard; components organized by feature in `web/src/components/`
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T18:17:43.675Z
Learning: Applies to web/** : Web dashboard: Node.js 20+, dependencies in web/package.json (Vue 3, PrimeVue, Tailwind CSS, Pinia, VueFlow, ECharts, Axios, vue-draggable-plus, Vitest, fast-check, ESLint, vue-tsc).
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.559Z
Learning: Applies to web/package.json : Node.js 20+ required for web dashboard; dependencies in `web/package.json` (Vue 3, vue-router, PrimeVue, Tailwind CSS, Pinia, VueFlow, ECharts, vue-echarts, Axios, vue-draggable-plus, CodeMirror 6 (vue-codemirror), js-yaml, Vitest, vitest/coverage-v8, fast-check, ESLint, eslint-plugin-security, vue-tsc, vitejs/devtools)
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-14T15:43:05.601Z
Learning: Applies to web/package.json : Web dashboard Node.js 20+; dependencies in web/package.json (Vue 3, PrimeVue, Tailwind CSS, Pinia, VueFlow, ECharts, Axios, vue-draggable-plus, Vitest, ESLint, vue-tsc)
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T18:17:43.675Z
Learning: Applies to docker/{Dockerfile*,compose.yml} : Docker: Backend uses 3-stage build (builder → setup → distroless runtime), Chainguard Python, non-root (UID 65532), CIS-hardened. Web uses nginxinc/nginx-unprivileged, Vue 3 SPA with PrimeVue + Tailwind CSS, SPA routing, API/WebSocket proxy to backend.
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.558Z
Learning: Applies to web/src/**/*.{ts,js,vue} : Run `npm --prefix web run type-check` for vue-tsc type checking on dashboard code
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.558Z
Learning: Applies to web/src/__tests__/**/*.{test,spec}.{ts,js} : Use Vitest for unit testing Vue components and utilities; test files in `web/src/__tests__/` with coverage scoped to files changed vs origin/main
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-20T08:28:32.845Z
Learning: Applies to web/src/__tests__/**/*.{ts,js} : Dashboard testing: Vitest unit tests organized by feature under `web/src/__tests__/`. Use fast-check for property-based testing (`fc.assert` + `fc.property`).
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.558Z
Learning: Applies to web/src/**/*.{ts,js,vue} : Run `npm --prefix web run lint` for ESLint checks on dashboard code
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-19T11:33:01.580Z
Learning: Applies to docker/Dockerfile.web : `nginxinc/nginx-unprivileged` base with non-root user (UID 101), Vue 3 SPA (PrimeVue + Tailwind CSS), SPA routing, API/WebSocket proxy to backend
📚 Learning: 2026-03-23T06:50:44.559Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.559Z
Learning: Applies to .github/workflows/dependency-review.yml : Dependency review (`dependency-review.yml`): license allow-list (permissive + weak-copyleft), per-package GPL exemptions for dev-only tool deps, PR comment summaries
Applied to files:
.claude/skills/aurelio-review-pr/SKILL.md.claude/skills/pre-pr-review/SKILL.md
📚 Learning: 2026-03-23T06:50:44.558Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.558Z
Learning: Applies to web/src/**/*.vue : Use Vue 3 + PrimeVue + Tailwind CSS in the web dashboard; components organized by feature in `web/src/components/`
Applied to files:
.claude/skills/aurelio-review-pr/SKILL.md.claude/skills/pre-pr-review/SKILL.md
📚 Learning: 2026-03-23T06:50:44.559Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.559Z
Learning: Applies to web/src/__tests__/**/*.{test,spec}.{ts,js} : Run `npm --prefix web run test` for Vitest unit tests with coverage scoped to files changed vs origin/main
Applied to files:
.claude/skills/aurelio-review-pr/SKILL.md.claude/skills/pre-pr-review/SKILL.md
📚 Learning: 2026-03-23T06:50:44.558Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.558Z
Learning: Applies to web/src/__tests__/**/*.{test,spec}.{ts,js} : Use Vitest for unit testing Vue components and utilities; test files in `web/src/__tests__/` with coverage scoped to files changed vs origin/main
Applied to files:
.claude/skills/aurelio-review-pr/SKILL.md.claude/skills/pre-pr-review/SKILL.md
📚 Learning: 2026-03-23T06:50:44.558Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.558Z
Learning: Applies to pyproject.toml : Dependencies grouped in `pyproject.toml`: `test` (pytest + plugins, hypothesis), `dev` (includes test + ruff, mypy, pre-commit, commitizen, pip-audit)
Applied to files:
.claude/skills/aurelio-review-pr/SKILL.md
📚 Learning: 2026-03-23T06:50:44.559Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.559Z
Learning: Applies to src/**/*.py : Run `uv run mypy src/ tests/` for strict type-checking
Applied to files:
.claude/skills/aurelio-review-pr/SKILL.md
📚 Learning: 2026-03-23T06:50:44.559Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.559Z
Learning: Applies to src/**/*.py : Run `uv run ruff check src/ tests/` for linting; `uv run ruff check src/ tests/ --fix` for auto-fix; `uv run ruff format src/ tests/` for formatting
Applied to files:
.claude/skills/aurelio-review-pr/SKILL.md
📚 Learning: 2026-03-23T06:50:44.558Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.558Z
Learning: Applies to web/src/**/*.{ts,js,vue} : Run `npm --prefix web run lint` for ESLint checks on dashboard code
Applied to files:
.claude/skills/aurelio-review-pr/SKILL.md.claude/skills/pre-pr-review/SKILL.md
📚 Learning: 2026-03-23T06:50:44.558Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.558Z
Learning: Applies to web/src/**/*.{ts,js,vue} : Run `npm --prefix web run type-check` for vue-tsc type checking on dashboard code
Applied to files:
.claude/skills/aurelio-review-pr/SKILL.md.claude/skills/pre-pr-review/SKILL.md
📚 Learning: 2026-03-15T18:17:43.675Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T18:17:43.675Z
Learning: Applies to web/** : Web dashboard: Node.js 20+, dependencies in web/package.json (Vue 3, PrimeVue, Tailwind CSS, Pinia, VueFlow, ECharts, Axios, vue-draggable-plus, Vitest, fast-check, ESLint, vue-tsc).
Applied to files:
.claude/skills/aurelio-review-pr/SKILL.md.claude/skills/pre-pr-review/SKILL.md
📚 Learning: 2026-03-14T15:43:05.601Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-14T15:43:05.601Z
Learning: Applies to web/package.json : Web dashboard Node.js 20+; dependencies in web/package.json (Vue 3, PrimeVue, Tailwind CSS, Pinia, VueFlow, ECharts, Axios, vue-draggable-plus, Vitest, ESLint, vue-tsc)
Applied to files:
.claude/skills/aurelio-review-pr/SKILL.md.claude/skills/pre-pr-review/SKILL.md
📚 Learning: 2026-03-23T06:50:44.559Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.559Z
Learning: Applies to web/package.json : Node.js 20+ required for web dashboard; dependencies in `web/package.json` (Vue 3, vue-router, PrimeVue, Tailwind CSS, Pinia, VueFlow, ECharts, vue-echarts, Axios, vue-draggable-plus, CodeMirror 6 (vue-codemirror), js-yaml, Vitest, vitest/coverage-v8, fast-check, ESLint, eslint-plugin-security, vue-tsc, vitejs/devtools)
Applied to files:
.claude/skills/aurelio-review-pr/SKILL.md.claude/skills/pre-pr-review/SKILL.md
📚 Learning: 2026-03-15T21:20:09.993Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T21:20:09.993Z
Learning: Applies to web/src/components/** : Vue components organized by feature (agents/, approvals/, budget/, common/, dashboard/, layout/, messages/, org-chart/, tasks/).
Applied to files:
.claude/skills/aurelio-review-pr/SKILL.md.claude/skills/pre-pr-review/SKILL.md
📚 Learning: 2026-03-20T08:28:32.845Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-20T08:28:32.845Z
Learning: Applies to web/src/__tests__/**/*.{ts,js} : Dashboard testing: Vitest unit tests organized by feature under `web/src/__tests__/`. Use fast-check for property-based testing (`fc.assert` + `fc.property`).
Applied to files:
.claude/skills/pre-pr-review/SKILL.md
📚 Learning: 2026-03-23T06:50:44.558Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.558Z
Learning: Applies to web/src/__tests__/**/*.{test,spec}.{ts,js} : Use fast-check for property-based testing in Vue tests with `fc.assert` + `fc.property`
Applied to files:
.claude/skills/pre-pr-review/SKILL.md
📚 Learning: 2026-03-23T06:50:44.558Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.558Z
Learning: Applies to web/src/**/*.{ts,js,vue} : Line length of 88 characters for web/dashboard code (enforced by ESLint + Prettier if configured)
Applied to files:
.claude/skills/pre-pr-review/SKILL.md
📚 Learning: 2026-03-23T06:50:44.558Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.558Z
Learning: Applies to web/src/**/*.{ts,js,vue} : Use NEVER use real vendor names in web dashboard code, tests, or examples -- use `example-provider`, `test-provider`, etc.
Applied to files:
.claude/skills/pre-pr-review/SKILL.md
📚 Learning: 2026-03-23T06:50:44.558Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.558Z
Learning: Applies to web/src/composables/**/*.{ts,js} : Use composables for reusable logic (e.g., `useAuth`, `usePolling`, `useOptimisticUpdate`, `useWebSocketSubscription`) in `web/src/composables/`
Applied to files:
.claude/skills/pre-pr-review/SKILL.md
📚 Learning: 2026-03-23T06:50:44.559Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.559Z
Learning: Fix everything valid from review agents -- never skip: When review agents find valid issues (including pre-existing issues in surrounding code, suggestions, and findings adjacent to the PR's changes), fix them all. No deferring, no 'out of scope' skipping
Applied to files:
.claude/skills/pre-pr-review/SKILL.md
📚 Learning: 2026-03-15T21:49:53.264Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T21:49:53.264Z
Learning: Fix everything valid — never skip when review agents find valid issues (including pre-existing issues in surrounding code, suggestions, and findings adjacent to the PR's changes). No deferring, no 'out of scope' skipping.
Applied to files:
.claude/skills/pre-pr-review/SKILL.md
📚 Learning: 2026-03-15T21:32:02.880Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T21:32:02.880Z
Learning: Applies to .github/workflows/*.yml : Dependabot: daily updates for uv + github-actions + npm + pre-commit + docker + gomod, grouped minor/patch, no auto-merge. Use `/review-dep-pr` to review Dependabot PRs before merging.
Applied to files:
.claude/skills/pre-pr-review/SKILL.md
📚 Learning: 2026-03-23T06:50:44.559Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.559Z
Learning: Applies to .github/workflows/**/*.yml : CI jobs: lint (ruff) + type-check (mypy) + test (pytest + coverage) + python-audit (pip-audit) + dockerfile-lint (hadolint) + dashboard (lint/type-check/test with --detect-async-leaks/build/audit) run in parallel -> ci-pass gate
Applied to files:
.claude/skills/pre-pr-review/SKILL.md
📚 Learning: 2026-03-23T06:50:44.559Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.559Z
Learning: Pre-commit hooks configured for: trailing-whitespace, end-of-file-fixer, check-yaml, check-toml, check-json, check-merge-conflict, check-added-large-files, no-commit-to-branch (main), ruff check+format, gitleaks, hadolint, golangci-lint + go vet (conditional on `cli/**/*.go`), no-em-dashes, no-redundant-timeout
Applied to files:
.claude/skills/pre-pr-review/SKILL.md
📚 Learning: 2026-03-23T06:50:44.559Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T06:50:44.559Z
Learning: Pre-push hooks: mypy type-check + pytest unit tests + golangci-lint + go vet + go test (conditional on `cli/**/*.go`) (fast gate before push, skipped in pre-commit.ci)
Applied to files:
.claude/skills/pre-pr-review/SKILL.md
📚 Learning: 2026-03-15T18:17:43.675Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T18:17:43.675Z
Learning: Pre-push hooks: mypy type-check + pytest unit tests + golangci-lint + go vet + go test (CLI, conditional on cli/**/*.go) (fast gate before push, skipped in pre-commit.ci — dedicated CI jobs already run these).
Applied to files:
.claude/skills/pre-pr-review/SKILL.md
📚 Learning: 2026-03-15T18:17:43.675Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T18:17:43.675Z
Learning: Pre-commit hooks: trailing-whitespace, end-of-file-fixer, check-yaml, check-toml, check-json, check-merge-conflict, check-added-large-files, no-commit-to-branch (main), ruff check+format, gitleaks, hadolint (Dockerfile linting).
Applied to files:
.claude/skills/pre-pr-review/SKILL.md
📚 Learning: 2026-03-15T21:32:02.880Z
Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T21:32:02.880Z
Learning: Applies to .github/workflows/cli.yml : CLI workflow: Go lint (golangci-lint + go vet) + test (-race -coverprofile) + build (cross-compile: linux/darwin/windows × amd64/arm64) + govulncheck + fuzz testing (main-only, 30s/target, continue-on-error, matrix over 4 packages). cli-pass gate includes fuzz as informational. GoReleaser release on v* tags. Cosign keyless signing of checksums.txt. SLSA L3 provenance attestations. Sigstore bundle (.sigstore.json) attached. Post-release appends checksums/verification/provenance to draft release notes.
Applied to files:
.claude/skills/pre-pr-review/SKILL.md
🪛 LanguageTool
.claude/skills/pre-pr-review/SKILL.md
[uncategorized] ~138-~138: The official name of this software platform is spelled with a capital “H”.
Context: .../.cssfile changed; anydocker/or.github/workflows/` file changed; config change...
(GITHUB)
🔇 Additional comments (2)
.claude/skills/pre-pr-review/SKILL.md (1)
83-84: Good fix: React test files are now correctly classified.Including
.tsxunderweb_testcloses the prior coverage gap for component tests..claude/skills/aurelio-review-pr/SKILL.md (1)
141-142: LGTM on web file categorization.
web_src/web_testnow match TSX-based React codepaths and test files correctly.
- Add OFL-1.1 (SIL Open Font License) to global allow-list for Geist font - Add per-package exemption for json-schema-typed@8.0.2 (BSD-2-Clause AND JSON compound license -- transitive dep via shadcn/radix, dev-only type defs) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…iles Class components are supported in React 19 -- this is a style preference (functional components preferred), not a correctness blocker. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This was referenced Mar 24, 2026
Aureliolo
added a commit
that referenced
this pull request
Mar 24, 2026
Bumps recharts from 2.15.4 to 3.8.0 and @types/node from 22.19.15 to 25.5.0 in /web. **TypeScript 6.0 reverted** -- the original Dependabot PR included typescript 5.9.3->6.0.2, but typescript-eslint@8.x requires `<6.0.0` and no published version supports TS 6 yet ([typescript-eslint#12124](typescript-eslint/typescript-eslint#12124) pending). TypeScript stays at ^5.7 (resolved 5.9.3). ## recharts 2.15.4 -> 3.8.0 (MAJOR) No source code imports recharts yet (dashboard is a fresh scaffold from #799), so this is a free upgrade. When writing chart code, use v3 APIs directly -- skip deprecated patterns (Cell, activeShape/inactiveShape, CartesianAxis). Key v3 changes: - CategoricalChartState removed, new hooks API instead - CartesianGrid requires xAxisId/yAxisId matching axes - Generic types on `data`/`dataKey` props (v3.8.0) - Coordinate hooks, event throttling, niceTicks prop ## @types/node 22.19.15 -> 25.5.0 (MAJOR) Dev dependency providing Node.js type definitions. Only used for build tooling (vite.config.ts, vitest.config.ts). Low risk. ## Additional changes - Added `victory-vendor@37.3.6` to dependency-review license exemptions. GitHub's scanner falsely detects "ISC AND JSON AND MIT" but actual package.json declares "MIT AND ISC". Manual audit of all 13 vendored LICENSE files confirms no JSON license text. - Regenerated package-lock.json with typescript pinned to ^5.7 --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Aurelio <19254254+Aureliolo@users.noreply.github.com> Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Aureliolo
added a commit
that referenced
this pull request
Mar 30, 2026
🤖 I have created a release *beep* *boop* --- #MAJOR CHANGES; We got a somewhat working webui :) ## [0.5.0](v0.4.9...v0.5.0) (2026-03-30) ### Features * add analytics trends and budget forecast API endpoints ([#798](#798)) ([16b61f5](16b61f5)) * add department policies to default templates ([#852](#852)) ([7a41548](7a41548)) * add remaining activity event types (task_started, tool_used, delegation, cost_incurred) ([#832](#832)) ([4252fac](4252fac)) * agent performance, activity, and history API endpoints ([#811](#811)) ([9b75c1d](9b75c1d)) * Agent Profiles and Detail pages (biography, career, performance) ([#874](#874)) ([62d7880](62d7880)) * app shell, Storybook, and CI/CD pipeline ([#819](#819)) ([d4dde90](d4dde90)) * Approvals page with risk grouping, urgency indicators, batch actions ([#889](#889)) ([4e9673d](4e9673d)) * Budget Panel page (P&L dashboard, breakdown charts, forecast) ([#890](#890)) ([b63b0f1](b63b0f1)) * build infrastructure layer (API client, auth, WebSocket) ([#815](#815)) ([9f01d3e](9f01d3e)) * CLI global options infrastructure, UI modes, exit codes, env vars ([#891](#891)) ([fef4fc5](fef4fc5)) * CodeMirror editor and theme preferences toggle ([#905](#905), [#807](#807)) ([#909](#909)) ([41fbedc](41fbedc)) * Company page (department/agent management) ([#888](#888)) ([cfb88b0](cfb88b0)) * comprehensive hint coverage across all CLI commands ([#900](#900)) ([937974e](937974e)) * config system extensions, per-command flags for init/start/stop/status/logs ([#895](#895)) ([32f83fe](32f83fe)) * configurable currency system replacing hardcoded USD ([#854](#854)) ([b372551](b372551)) * Dashboard page (metric cards, activity feed, budget burn) ([#861](#861)) ([7d519d5](7d519d5)) * department health, provider status, and activity feed endpoints ([#818](#818)) ([6d5f196](6d5f196)) * design tokens and core UI components ([#833](#833)) ([ed887f2](ed887f2)) * extend approval, meeting, and budget API responses ([#834](#834)) ([31472bf](31472bf)) * frontend polish -- real-time UX, accessibility, responsive, performance ([#790](#790), [#792](#792), [#791](#791), [#793](#793)) ([#917](#917)) ([f04a537](f04a537)) * implement human roles and access control levels ([#856](#856)) ([d6d8a06](d6d8a06)) * implement semantic conflict detection in workspace merge ([#860](#860)) ([d97283b](d97283b)) * interaction components and animation patterns ([#853](#853)) ([82d4b01](82d4b01)) * Login page + first-run bootstrap + Company page ([#789](#789), [#888](#888)) ([#896](#896)) ([8758e8d](8758e8d)) * Meetings page with timeline viz, token bars, contribution formatting ([#788](#788)) ([#904](#904)) ([b207f46](b207f46)) * Messages page with threading, channel badges, sender indicators ([#787](#787)) ([#903](#903)) ([28293ad](28293ad)) * Org Chart force-directed view and drag-drop reassignment ([#872](#872), [#873](#873)) ([#912](#912)) ([a68a938](a68a938)) * Org Chart page (living nodes, status, CRUD, department health) ([#870](#870)) ([0acbdae](0acbdae)) * per-command flags for remaining commands, auto-behavior wiring, help/discoverability ([#897](#897)) ([3f7afa2](3f7afa2)) * Providers page with backend rework -- health, CRUD, subscription auth ([#893](#893)) ([9f8dd98](9f8dd98)) * scaffold React + Vite + TypeScript + Tailwind project ([#799](#799)) ([bd151aa](bd151aa)) * Settings page with search, dependency indicators, grouped rendering ([#784](#784)) ([#902](#902)) ([a7b9870](a7b9870)) * Setup Wizard rebuild with template comparison, cost estimator, theme customization ([#879](#879)) ([ae8b50b](ae8b50b)) * setup wizard UX -- template filters, card metadata, provider form reuse ([#910](#910)) ([7f04676](7f04676)) * setup wizard UX overhaul -- mode choice, step reorder, provider fixes ([#907](#907)) ([ee964c4](ee964c4)) * structured ModelRequirement in template agent configs ([#795](#795)) ([7433548](7433548)) * Task Board page (rich Kanban, filtering, dependency viz) ([#871](#871)) ([04a19b0](04a19b0)) ### Bug Fixes * align frontend types with backend and debounce WS refetches ([#916](#916)) ([134c11b](134c11b)) * auto-cleanup targets newly pulled images instead of old ones ([#884](#884)) ([50e6591](50e6591)) * correct wipe backup-skip flow and harden error handling ([#808](#808)) ([c05860f](c05860f)) * improve provider setup in wizard, subscription auth, dashboard bugs ([#914](#914)) ([87bf8e6](87bf8e6)) * improve update channel detection and add config get command ([#814](#814)) ([6b137f0](6b137f0)) * resolve all ESLint warnings, add zero-warnings enforcement ([#899](#899)) ([079b46a](079b46a)) * subscription auth uses api_key, base URL optional for cloud providers ([#915](#915)) ([f0098dd](f0098dd)) ### Refactoring * semantic analyzer cleanup -- shared filtering, concurrency, extraction ([#908](#908)) ([81372bf](81372bf)) ### Documentation * brand identity and UX design system from [#765](#765) exploration ([#804](#804)) ([389a9f4](389a9f4)) * page structure and information architecture for v0.5.0 dashboard ([#809](#809)) ([f8d6d4a](f8d6d4a)) * write UX design guidelines with WCAG-verified color system ([#816](#816)) ([4a4594e](4a4594e)) ### Tests * add unit tests for agent hooks and page components ([#875](#875)) ([#901](#901)) ([1d81546](1d81546)) ### CI/CD * bump actions/deploy-pages from 4.0.5 to 5.0.0 in the major group ([#831](#831)) ([01c19de](01c19de)) * bump astral-sh/setup-uv from 7.6.0 to 8.0.0 in /.github/actions/setup-python-uv in the all group ([#920](#920)) ([5f6ba54](5f6ba54)) * bump codecov/codecov-action from 5.5.3 to 6.0.0 in the major group ([#868](#868)) ([f22a181](f22a181)) * bump github/codeql-action from 4.34.1 to 4.35.0 in the all group ([#883](#883)) ([87a4890](87a4890)) * bump sigstore/cosign-installer from 4.1.0 to 4.1.1 in the minor-and-patch group ([#830](#830)) ([7a69050](7a69050)) * bump the all group with 3 updates ([#923](#923)) ([ff27c8e](ff27c8e)) * bump wrangler from 4.76.0 to 4.77.0 in /.github in the minor-and-patch group ([#822](#822)) ([07d43eb](07d43eb)) * bump wrangler from 4.77.0 to 4.78.0 in /.github in the all group ([#882](#882)) ([f84118d](f84118d)) ### Maintenance * add design system enforcement hook and component inventory ([#846](#846)) ([15abc43](15abc43)) * add dev-only auth bypass for frontend testing ([#885](#885)) ([6cdcd8a](6cdcd8a)) * add pre-push rebase check hook ([#855](#855)) ([b637a04](b637a04)) * backend hardening -- eviction/size-caps and model validation ([#911](#911)) ([81253d9](81253d9)) * bump axios from 1.13.6 to 1.14.0 in /web in the all group across 1 directory ([#922](#922)) ([b1b0232](b1b0232)) * bump brace-expansion from 5.0.4 to 5.0.5 in /web ([#862](#862)) ([ba4a565](ba4a565)) * bump eslint-plugin-react-refresh from 0.4.26 to 0.5.2 in /web ([#801](#801)) ([7574bb5](7574bb5)) * bump faker from 40.11.0 to 40.11.1 in the minor-and-patch group ([#803](#803)) ([14d322e](14d322e)) * bump https://github.com/astral-sh/ruff-pre-commit from v0.15.7 to 0.15.8 ([#864](#864)) ([f52901e](f52901e)) * bump nginxinc/nginx-unprivileged from `6582a34` to `f99cc61` in /docker/web in the all group ([#919](#919)) ([df85e4f](df85e4f)) * bump nginxinc/nginx-unprivileged from `ccbac1a` to `6582a34` in /docker/web ([#800](#800)) ([f4e9450](f4e9450)) * bump node from `44bcbf4` to `71be405` in /docker/sandbox ([#827](#827)) ([91bec67](91bec67)) * bump node from `5209bca` to `cf38e1f` in /docker/web ([#863](#863)) ([66d6043](66d6043)) * bump picomatch in /site ([#842](#842)) ([5f20bcc](5f20bcc)) * bump recharts 2->3 and @types/node 22->25 in /web ([#802](#802)) ([a908800](a908800)) * Bump requests from 2.32.5 to 2.33.0 ([#843](#843)) ([41daf69](41daf69)) * bump smol-toml from 1.6.0 to 1.6.1 in /site ([#826](#826)) ([3e5dbe4](3e5dbe4)) * bump the all group with 3 updates ([#921](#921)) ([7bace0b](7bace0b)) * bump the minor-and-patch group across 1 directory with 2 updates ([#829](#829)) ([93e611f](93e611f)) * bump the minor-and-patch group across 1 directory with 3 updates ([#841](#841)) ([7010c8e](7010c8e)) * bump the minor-and-patch group across 1 directory with 3 updates ([#869](#869)) ([548cee5](548cee5)) * bump the minor-and-patch group in /site with 2 updates ([#865](#865)) ([9558101](9558101)) * bump the minor-and-patch group with 2 updates ([#867](#867)) ([4830706](4830706)) * consolidate Dependabot groups to 1 PR per ecosystem ([06d2556](06d2556)) * consolidate Dependabot groups to 1 PR per ecosystem ([#881](#881)) ([06d2556](06d2556)) * improve worktree skill with full dep sync and status enhancements ([#906](#906)) ([772c625](772c625)) * remove Vue remnants and document framework decision ([#851](#851)) ([bf2adf6](bf2adf6)) * update web dependencies and fix brace-expansion CVE ([#880](#880)) ([a7a0ed6](a7a0ed6)) * upgrade to Storybook 10 and TypeScript 6 ([#845](#845)) ([52d95f2](52d95f2)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please). --------- Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
npm runcommands unchanged, Docker build pipeline unchangedTest plan
npm run lint-- passes (0 errors)npm run type-check-- passes (tsc -b, strict mode)npm run test-- 1 test passed (App smoke test)npm run build-- production build succeeds (dist/ output)npm audit --audit-level=high-- 0 vulnerabilitiesCloses #768
🤖 Generated with Claude Code