openclawd/config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
config/projects/business/memory/bugs.md

3.3 KiB
Raw Blame History

DocFast QA Session 27 - 2026-02-15

BROWSER TESTS RESULTS

PASSED

  1. JS Errors Check: ZERO JavaScript errors on initial load, BUT errors appeared during testing:
    • 400 Bad Request error from /v1/signup/verify (during fake verification attempt)
    • ⚠️ EvalError from px-cloud.net (third-party security script)
    • ⚠️ CSP warnings from Stripe checkout (expected)
  2. Signup Flow: Modal opens correctly, email validation works, verification code screen appears properly
  3. Error Handling: Invalid verification code shows proper error message "Invalid verification code."
  4. Pro Checkout: Stripe redirect works perfectly - proper checkout form with $9/month pricing
  5. Mobile Responsive: 375x812 mobile test shows NO horizontal scroll, proper responsive layout
  6. Docs Page: /docs loads correctly with complete API documentation

API TESTS RESULTS

PASSED

  1. Bad API Key (403): Returns proper 403 Forbidden with "Invalid API key" message
  2. Rate Limit Headers: All responses include proper X-RateLimit headers (RateLimit-Policy, RateLimit-Limit, RateLimit-Remaining, RateLimit-Reset)
  3. Concurrency Endpoint: /v1/concurrency exists and properly requires authentication (401 when no key provided)

⚠️ NEEDS INVESTIGATION

  1. BUG-022 (Duplicate Email Check): Duplicate email test@example.com returned 200 OK instead of expected 409 Conflict. Response: {"status":"verification_required","message":"Check your email for the verification code."} - This could be intentional UX (don't reveal email existence) or the bug fix might not be working correctly.

NEEDS TESTING WITH VALID KEY

  • Parameter validation (400 errors) - blocked by 403 auth check
  • Content-type validation (415 errors) - blocked by 403 auth check
  • PDF generation testing - need valid API key
  • Pro plan rate limits (30/min) vs Free (10/min) - need both key types

INCOMPLETE TESTS

  • BUG-025 (Copy Button): COULD NOT TEST - Unable to reach API key display screen without valid verification code. Browser timeout prevented further testing of recovery flow.
  • Concurrency stats: COULD NOT TEST - Requires valid API key for GET /v1/concurrency response format

NOTES

  • All rate limiting headers are present and properly formatted
  • Stripe integration works flawlessly
  • Mobile layout is perfectly responsive
  • Error messaging is clear and user-friendly
  • Authentication security is properly enforced

FINAL ASSESSMENT - Session 27

OVERALL VERDICT: 🔴 ISSUES FOUND requiring immediate attention

CRITICAL ISSUES:

  • Console errors during normal usage flow (400 error + third-party EvalError)
  • BUG-022 verification status unclear (duplicate email handling)

UNABLE TO VERIFY:

  • BUG-025 (copy button fix) - needs complete signup flow
  • Complete PDF generation pipeline - needs valid API keys

WHAT WORKS WELL:

  • Clean UI/UX with zero JS errors
  • Proper error handling and messaging
  • Stripe checkout integration is flawless
  • Mobile responsiveness is perfect
  • API authentication and rate limiting works correctly
  • Documentation is comprehensive

RECOMMENDATIONS FOR NEXT SESSION:

  1. Get valid API keys through backend team to test copy button functionality
  2. Verify BUG-022 duplicate email behavior is intentional
  3. Test actual PDF generation with valid keys
  4. Test pro vs free rate limit differences in practice