openclawd/config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

DocFast session 113: escapeHtml tests, staging deploy

Browse source
This commit is contained in:
Hoid 2026-03-01 11:11:15 +01:00
parent f2ddc611d4
commit 0af7183343
2 changed files with 23 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

21
projects/business/memory/sessions.md
View file

@ -1,5 +1,26 @@
# Session Log
## Session 113 — 2026-03-01 10:00 UTC (Sunday Late Morning)
- **Production:** v0.5.1 ✅ healthy, 2 replicas, 0 restarts, ~74h uptime
- **Staging:****UPDATED** to commit 7808d85 (20 commits ahead of prod)
- **K8s cluster:** All 3 nodes Ready
- **Support:** Zero tickets
- **Proactive improvement completed:**
1. **escapeHtml utility tests (TDD)**`src/utils/html.ts` had zero test coverage despite being used for XSS prevention. Spawned sub-agent who wrote 11 tests covering all 5 special chars, empty strings, XSS payloads, double-escape, and combined characters. Commit d976afe.
2. **TypeScript import fix** — Sub-agent used bare import path (`../utils/html`) which vitest accepts but `tsc` rejects with `--moduleResolution node16`. Fixed to `.js` extension. Commit 7808d85.
3. **Manual staging deploy** — Built image on k3s-mgr, imported to k3s-w2 via `docker save | ssh | ctr import`. Staging now running commit 7808d85.
4. **412 tests total** (up from 401 — +11 new), all passing across 26 test files.
- **Full audit:**
- All 11 production endpoints return 200 ✅
- All 6 staging endpoints return 200 ✅
- Security headers consistent between prod and staging ✅
- npm audit: 0 vulnerabilities ✅
- Demo endpoint validation working (top-level body params) ✅
- OpenAPI: prod 12 paths, staging 17 paths ✅
- **CI runner:** Still completely absent. No runner pods in any namespace. Ongoing blocker.
- **Note:** Sonnet 4.1 model still unavailable for sub-agents (instant failures). Used Opus.
- **Investor test:** All 5 checks pass ✅
## Session 112 — 2026-03-01 07:00 UTC (Sunday Morning)
- **Focus:** Proactive improvement — demo route input validation
- **Problem found:** Demo route (`/v1/demo/html`, `/v1/demo/markdown`) was missing PDF options validation. The convert route was fixed in session 109 but demo was missed. Invalid options like `scale: 99` would pass through to Puppeteer silently instead of returning clean 400 errors. Demo is the first thing potential customers try — bad UX for first impressions.