8c8d065cc2
feat(arch): Add Guard Rails capability-based permission system design
...
ci/woodpecker/push/woodpecker Pipeline was successful
Guard Rails complement Quality Rails by controlling what agents can do:
- Capability-based permissions (resource:action pattern)
- Read/organize/draft allowed by default
- Execute/admin require explicit grants
- Human-in-the-loop approval for sensitive actions
Examples: email (read/draft ✅ , send ❌ ), git (commit ✅ , force push ❌ )
Also:
- Add .admin-credentials and .env.bak.* to .gitignore
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com >
2026-02-01 00:25:53 -06:00
Jason Woltje
0ffad02e0a
feat: Install quality-rails for mechanical code quality enforcement
...
Quality Rails provides mechanical enforcement of code quality through
pre-commit hooks and CI/CD pipelines, preventing ~70% of common issues.
What's added:
- Pre-commit hooks via husky (formatting enforcement enabled)
- Enhanced ESLint rules (no-explicit-any, security plugin, etc.)
- lint-staged configuration (currently formatting-only mode)
- Woodpecker CI pipeline template (.woodpecker.yml)
- eslint-plugin-security for vulnerability detection
- Documentation (docs/quality-rails-status.md)
Current status:
- Strict enforcement DISABLED until existing violations are fixed
- Found 1,226 violations (1,121 errors, 105 warnings)
- Priority: Fix explicit 'any' types first
- Pre-commit currently only enforces Prettier formatting
Next steps:
1. Fix existing lint violations
2. Enable strict pre-commit enforcement
3. Configure CI/CD pipeline
Based on quality-rails from ~/src/quality-rails (monorepo template)
See docs/quality-rails-status.md for detailed roadmap.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com >
2026-01-30 13:14:03 -06:00
Jason Woltje
355cf2124b
fix( #1 ): Address code review findings
...
- Convert ApiResponse to discriminated union for type-safe error handling
- Add HealthStatus type with HealthState literal union
- Make BaseEntity fields readonly for immutability
- Add GlobalExceptionFilter with structured logging
- Add port validation with clear error messages in main.ts
- Improve parseDate to log warnings for invalid dates
- Add comprehensive Button tests (variants, onClick, disabled)
- Add slugify edge case tests (empty, special chars, numbers)
- Create ESLint configs for all packages
- Remove compiled JS files from src directories
- Convert .prettierrc.js to .prettierrc.json
Refs #1
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com >
2026-01-28 15:07:04 -06:00
Jason Woltje
f277afde36
chore( #1 ): Add .pnpm-approve-builds to .gitignore
...
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com >
2026-01-28 13:32:08 -06:00
Jason Woltje
92e20b1686
feat( #1 ): Set up monorepo scaffold with pnpm workspaces + TurboRepo
...
Implements the foundational project structure including:
- pnpm workspaces configuration
- TurboRepo for build orchestration
- NestJS 11.1.12 API (apps/api)
- Next.js 16.1.6 web app (apps/web)
- Shared packages (config, shared, ui)
- TypeScript strict mode configuration
- ESLint + Prettier setup
- Vitest for unit testing (19 passing tests)
Fixes #1
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com >
2026-01-28 13:31:33 -06:00
