Enhance demo runner testing summary#18
Closed
DevOpsMadDog wants to merge 5 commits into
Closed
Conversation
DevOpsMadDog
added a commit
that referenced
this pull request
Apr 26, 2026
…oday's closures - docs/SPRINT_2_DEMO_BACKLOG_2026-04-22.md: DEMO-001..DEMO-005 P0 items with owners, acceptance criteria, 44h total effort, sprint goal, definition of done, risks + mitigations. - .omc/TASKS_STATE_2026-04-22.md: closed threads #1 (graphify visual, commit 7386db5) and #7 (TrueCourse side-by-side, commit 0639bb3); added new threads #9 (promote NEW-G070/G071 to gap-matrix + PRDs) and #10 (backend-code graphify ingest); flagged threads #17/#18 as in-flight (enterprise-architect reconcile + ux-architect UI dispatch). - Historical task rows 1-12 preserved immutable. - READ FIRST honest-state section preserved. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
DevOpsMadDog
added a commit
that referenced
this pull request
May 1, 2026
…se 3 cluster S27-Targets
Folds 3 outbound integration-target dashboards into a single tabbed hero
at /connect/targets per docs/UX_CONSOLIDATION_PLAN_2026-04-26.md §2.27.
tab | source page | endpoint
prowler | ProwlerDashboard | /api/v1/prowler/{findings,compliance,scan}
servicenow | ServiceNowDashboard | /api/v1/servicenow/{connections,incidents,cmdb,mappings}
siem | SIEMOutputDashboard | /api/v1/siem-output/{targets,events,stats}
- New: suite-ui/aldeci-ui-new/src/pages/IntegrationTargetsHub.tsx
- App.tsx: lazy-import hub; canonical /connect/targets route; old
/prowler, /servicenow, /siem-output routes now <Navigate replace> with
?tab= preserving deep links.
- Source pages annotated with FOLDED comment for git history; lazy-imported
by the hub so all behavior, API calls, and state preserved (no logic change).
- Plan doc updated with DONE marker (SHA backfilled in follow-up commit).
Persona target: DevOps Engineer (#18), SRE (#19), GRC Analyst (#12), SOC T2 (#6).
Zero functionality loss. Real-API only — no mocks introduced.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
DevOpsMadDog
added a commit
that referenced
this pull request
May 1, 2026
…r S10 Secrets
Folds the S10 Code Intelligence — Secrets sub-cluster into a single tabbed hero
at /discover/secrets-hub per docs/UX_CONSOLIDATION_PLAN_2026-04-26.md §2.10.
Pages folded (3 → 1):
- SecretsDetection -> tab=detection (canonical default)
- SecretScannerDashboard -> tab=scanner (was orphan-imported, fold restores reachability)
- SecretsRotation -> tab=rotation
Redirects (preserve persona muscle memory + bookmarks):
- /discover/secrets -> /discover/secrets-hub?tab=detection
- /secret-scanner -> /discover/secrets-hub?tab=scanner
- /secrets-rotation -> /discover/secrets-hub?tab=rotation
Real APIs verified (Playwright, headless Chromium, all 6 URLs):
- /api/v1/secrets-management/{secrets,expiring,stats}
- /api/v1/secret-scanner/{scan-jobs,findings,stats}
- /api/v1/secrets
Zero mock signatures, zero page errors. Screenshot:
docs/ui-snapshots/ux-consolidation-secrets-hub-2026-05-02.png
Source pages preserved with FOLDED top-of-file marker (lazy-imported by
SecretsHub) so git blame stays intact and behavior is identical.
Persona target: AppSec Engineer (#10), DevOps (#18), SecOps T1/T2 (#5/#6).
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
DevOpsMadDog
added a commit
that referenced
this pull request
May 1, 2026
… S28 Air-Gap operational triad
Folds 3 air-gap operational pages into a single tabbed Hub at /connect/mcp/air-gap
per docs/UX_CONSOLIDATION_PLAN_2026-04-26.md §2.28 (S28 MCP Gateway — Air-Gap
operational sub-cluster).
Sources (preserved + lazy re-imported, FOLDED markers added):
- AirGapBundleConsole → tab "feed-status" GET /api/v1/air-gap/feed-status
- OfflineFeedRegistry → tab "feeds" GET /api/v1/air-gap/feeds
- OfflineUpdateStatus → tab "update-status" GET /api/v1/air-gap/update-status
Routes:
- canonical : /connect/mcp/air-gap
- redirects : /air-gap/feed-status → /connect/mcp/air-gap?tab=feed-status
/air-gap/feeds → /connect/mcp/air-gap?tab=feeds
/air-gap/update-status → /connect/mcp/air-gap?tab=update-status
Persona target: DevOps Engineer (#18), SRE (#19), Automation Engineer (#25) —
disconnected/regulated deployments. Surfaces CTEM+ air-gap moat in one screen
instead of three orphaned dashboards.
Verification (Playwright headless Chromium, 6 URLs):
- All 6 URLs resolve to canonical w/ correct tab
- Real /api/v1/air-gap/{feed-status,feeds,update-status} fires per active tab
- 0 mock signatures (Acme/John Doe/lorem ipsum/MOCK_)
- 0 console errors
- Screenshot: docs/ui-snapshots/ux-consolidation-air-gap-2026-05-02.png
Plan-doc paragraph added to §2.28 with SHA=PENDING (backfill in follow-up).
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
DevOpsMadDog
added a commit
that referenced
this pull request
May 1, 2026
… 3 cluster S27 Webhook+Ingestion Health Folds 3 standalone webhook + connector-pipeline pages into a single tabbed hero per docs/UX_CONSOLIDATION_PLAN_2026-04-26.md §2.27 (S27 Integrations Hub — Webhook & Integration Health sub-cluster). tab | source page | endpoint -----------|--------------------------------|---------------------------------------------- catalogue | WebhookEventCatalogExplorer | GET /api/v1/webhooks/event-catalogue retry | WebhookRetryConsole | GET /api/v1/webhooks/retry-queue dry-run | UniversalIngestionTester | POST /api/v1/connectors/mapping/dry-run Canonical route: /connect/webhook-ingestion Persona target: DevOps Engineer (#18), Automation Eng (#25), SRE (#19), Backend Eng (#16) Old routes redirected (replaces stale /admin?tab=webhooks redirects + the standalone /connectors/mapping/dry-run route): - /webhooks/event-catalogue → /connect/webhook-ingestion?tab=catalogue - /webhooks/retry-queue → /connect/webhook-ingestion?tab=retry - /connectors/mapping/dry-run → /connect/webhook-ingestion?tab=dry-run Source pages preserved with `// FOLDED` headers (git-history intact, lazy-imported into hub so all real /api/v1/* calls + 501-graceful handling continue working). Verified per CLAUDE.md NO MOCKS rule: - Vite dev server returns 200 for /connect/webhook-ingestion (port 5173) - Hub module compiles cleanly (no TS errors against tsconfig.app.json) - All 3 folded pages already use real apiFetch against /api/v1/* endpoints Multica: #3657 Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
DevOpsMadDog
added a commit
that referenced
this pull request
May 2, 2026
…triage 248911b 18 FIX-IMPORT cases from suite-core/core triage (`docs/suite_core_silenced_imports_2026-05-03.md`). Each broken import was silently swallowed by a try/except wrapper, masking either a renamed/removed symbol or a never-implemented helper. Disposition was determined per-callsite — when both the import name AND the consumer-side method names had drifted, the safest correction is REMOVE (replace the unreachable try-arm with the same fallback the broad-except already produced) rather than RENAME (which would surface latent crashes through the new broad-except). Pattern matches Wave-A in 60a8ea9 and the top-9 commit 55adab9. Per-callsite dispositions (18 total): # 1 compliance_engine.py:958 get_latest_summary REMOVED — no canonical helper # 2 task_queue.py:269 MicroPentestEngine REMOVED — only Config/Result/Status # 3 task_queue.py:439 MicroPentestEngine REMOVED — same # 4 pipeline_orchestrator.py:655 compute_exploit_probability REMOVED — canonical compute_forecast has incompatible signature # 5 feed_correlator.py:293 abuseipdb get_by_cve REMOVED — never implemented # 6 feed_correlator.py:306 otx get_by_cve REMOVED — never implemented # 7 autofix_engine.py:1283 get_velocity_tracker/ REMOVED — only MaterialChangeDetector get_detector class exists; use class directly # 8 report_generator.py:337 ComplianceEngine REMOVED — renamed to ComplianceAutomationEngine, no .get_controls method # 9 unified_dashboard.py:163 ComplianceEngine REMOVED — same; no .get_summary #10 report_scheduler.py:526 ComplianceEngine REMOVED — same; no .get_compliance_status #11 unified_dashboard.py:262 AttackSurfaceAnalyzer REMOVED — renamed to AttackSurfaceMapper, returns Pydantic model not Dict #12 air_gap_bundle_engine.py:76 EmitEvent PRE-DONE in 55adab9 (verified) #13 brain_pipeline.py:881 blast_radius PRE-DONE in 55adab9 (verified) #14 graphql_schema.py:565 get_incident_manager REMOVED — only IncidentResponseManager #15 graphql_schema.py:593 get_compliance_automation RENAMED — use ComplianceAutomation class #16 graphql_schema.py:909 get_compliance_automation RENAMED — same #17 graphql_schema.py:874 get_incident_manager, REMOVED — neither symbol exists IncidentCreate #18 report_scheduler.py:499 CVEEnrichmentEngine REMOVED — renamed to CVEEnrichmentService, no .get_recent_cves method #19 aws_security_hub.py:422 SecurityHubNormalizer REMOVED — no AWS SH normalizer in scanner_parsers (33 vendor classes, none for SH) Files touched (per-file diff stats): - suite-core/core/autofix_engine.py (+10/-16) - suite-core/core/aws_security_hub.py (+ 8/-28) - suite-core/core/compliance_engine.py (+10/- 9) - suite-core/core/feed_correlator.py (+19/-24) - suite-core/core/graphql_schema.py (+38/-40) - suite-core/core/pipeline_orchestrator.py (+ 8/-15) - suite-core/core/report_generator.py (+ 9/- 7) - suite-core/core/report_scheduler.py (+15/-23) - suite-core/core/task_queue.py (+22/-20) - suite-core/core/unified_dashboard.py (+34/-32) Net delta: -21 LOC. Verified: - All 12 touched modules import clean (`importlib.import_module`). - py_compile clean on all 10 files. - 351/351 regression PASS on the 7 brief-specified suites (test_phase4/5/6/7/9 + test_pipeline_api + test_trustgraph) — identical to pre-edit baseline. Cumulative suite-core silenced-import cleanup: 27/47 (top-9 in 55adab9 + this batch of 18). Remaining: 20 INSTALL/RETIRE-DEP decisions (per-feature judgment — quantum_crypto, llm_guard, chromadb, celery, pomegranate/mchmm/ river, sentry_sdk, GCP/PKCS11/peft/llama_cpp). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
DevOpsMadDog
added a commit
that referenced
this pull request
May 2, 2026
…ring, no stubs
Closes 4 type-a deferred empty endpoints from `docs/empty_endpoints_triage_2026-04-26.md`
by wiring **existing** cloud-credential-backed connectors (no new stubs; followed
the canonical fallback pattern from cloud-posture/findings + cwp/workloads):
| # | Endpoint | Connector / fallback source |
|---|---------------------------------------|---------------------------------------|
| 14| /api/v1/session-recording/sessions | CyberArkConnector (PAM) |
| 20| /api/v1/sspm/apps | AppOmniConnector (SSPM) |
| 18| /api/v1/cloud-cost/snapshots | NEW AWSCostExplorerConnector (FinOps) |
| 3| /api/v1/asset-criticality/assets | SecurityFindingsEngine projection |
Pattern (5-state envelope, NEVER mocks):
- org_registered → real org rows from engine SQLite
- {connector_source} → projected from connector live data
- needs_credentials → structured hint listing required env vars
- needs_data → connector reachable but empty / filters miss
- connector_error → connector returned status != ok
For #18, built a brand-new `AWSCostExplorerConnector` (env-gated boto3 import;
gracefully no-ops without AWS creds OR boto3) — no behavioural dep on boto3 at
import time.
For #3, asset-criticality projects distinct asset_id from any
SecurityFindingsEngine row (CSPM/SSPM/PAM/EDR rows already include asset_id) →
derives criticality_score from severity weights (critical=25, high=15,
medium=7, low=2) → maps to tier (80+ critical / 60+ high / 40+ medium / <40
low).
Tests: 33 new (all passing) — 8 PSR/PAM, 8 SSPM/AppOmni, 8 cloud-cost/AWS, 9
asset-criticality. Each suite covers: org_registered precedence, projection
accuracy, filter application, connector_error envelope, needs_credentials
envelope, full HTTP path through TestClient + an error path (404).
Beast Mode: 753/753 baseline hold, +33 new = 786 passing. Zero regressions.
Type-a tally: 4 closed → tally now 8 closed / 2 deferred (was 6 deferred:
#3, #14, #18, #20 closed; #25 mobile-app-security and #27 ai-soc/detections
already wired in prior sessions).
Files changed:
suite-core/connectors/aws_cost_explorer_connector.py (NEW, +260)
suite-core/core/privileged_session_recording_engine.py (+ fallback)
suite-core/core/saas_security_posture_engine.py (+ fallback)
suite-core/core/cloud_cost_security_engine.py (+ fallback)
suite-core/core/asset_criticality_engine.py (+ fallback)
suite-api/apps/api/privileged_session_recording_router.py (wire fallback)
suite-api/apps/api/saas_security_posture_router.py (wire fallback)
suite-api/apps/api/cloud_cost_security_router.py (wire fallback)
suite-api/apps/api/asset_criticality_router.py (wire fallback)
tests/test_session_recording_pam_real_data.py (NEW, 8 tests)
tests/test_sspm_appomni_real_data.py (NEW, 8 tests)
tests/test_cloud_cost_aws_real_data.py (NEW, 8 tests)
tests/test_asset_criticality_findings_real_data.py (NEW, 9 tests)
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
DevOpsMadDog
added a commit
that referenced
this pull request
May 5, 2026
Suite 1 Beast Mode 13 files: 753/753 passed in 8.57s Suite 2 Perf -m perf: 194 passed, 2 skipped, 0 failed (44782 deselected) in 27.74s Suite 3 OWASP lockdown (test_no_unsafe_asyncio_run.py): 1/1 passed in 6.06s Commits validated since sweep #18: 48e6424 (CI ui-build-verification job), e3b2660 (HANDOFF v10). Both docs/CI-only — zero production Python changes. 0 regressions. 4 pre-existing broken collectors unchanged. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Testing
https://chatgpt.com/codex/tasks/task_e_68def504b34483298567af4be8dc6264