Skip to content

cleanup opportunities complexity hotspots

Douwe de Vries edited this page Jul 1, 2026 · 1 revision

Complexity hotspots

This page records actual size and churn hotspots from the current repository context and docs/code-quality-assessment-2026-07-01.md. Large files are not automatically defects, but they are review-risk indicators.

Active contributors: Douwe de Vries

Longest source files

Path Lines Why it is a hotspot
crates/csv-anonymizer-core/src/types.rs 957 Central DTO surface for data types, detection traces, column metadata, preview data, job outputs, privacy reports, release readiness, and utility metrics
frontend/src/styles/controls.css 906 Dense styling for shared controls, settings, and workflow UI states
frontend/src/styles/data.css 841 Dense styling for data views, tables, previews, reports, and workflow-specific presentation
scripts/build_apt_repository.py 662 APT repository generation, package inspection, metadata validation, signing outputs, and setup package assembly
scripts/validate_linux_package_metadata.py 647 .deb and .rpm extraction, desktop/AppStream parsing, icon validation, tool probes, and JSON reports
crates/csv-anonymizer-core/src/service.rs 606 Main service orchestration for analysis, preview, preflight, anonymization, reports, and Smart replacement preparation

Churn hotspots

Release and package metadata frequently change together:

  • package.json
  • frontend/package.json
  • frontend/package-lock.json
  • Cargo.toml
  • src-tauri/tauri.conf.json
  • src-tauri/tauri.linux.conf.json
  • CHANGELOG.md
  • build/linux/io.github.ddv1982.csv-data-anonymizer.metainfo.xml
  • .github/workflows/release.yml
  • scripts/check-release-metadata.mjs
  • scripts/package-tauri-linux.mjs
  • scripts/build_apt_repository.py
  • scripts/validate_linux_package_metadata.py

This churn is intentional during releases, but it should not be mixed into unrelated feature PRs. scripts/check-release-metadata.mjs exists because version, icon, desktop identity, changelog, metainfo, and forbidden Local AI artifact checks must move together.

Actual cleanup candidates from review

docs/code-quality-assessment-2026-07-01.md identifies these non-emergency candidates:

  1. Move duplicated auto-selection policy into crates/csv-anonymizer-core so CLI and Tauri use the same source.
  2. Extract only narrow shared seams for frontend column-selection and Local AI blocker display, without creating a generic workflow framework.
  3. Decide whether frontend/src/utils/columns.ts should keep isSelectableColumn; if the product has no unselectable columns, remove the speculative branch, otherwise document and test the real condition.
  4. Add small frontend test-data builders for broad DTOs such as ColumnMetadata, PrivacyReport, and preflight data.
  5. Keep crates/csv-anonymizer-core/src/types.rs explicit until DTO churn justifies splitting by domain, for example privacy reports, release readiness, or workflow params.
  6. Move long workflow shell contracts into scripts when local validation would become clearer.
  7. Keep scripts/check-contracts.mjs, but add targeted serialization tests for high-risk DTO changes.

Optional line-count lint findings

docs/dependency-audit-followups.md records two remaining functions that exceed the optional clippy::too_many_lines threshold:

  • crates/csv-anonymizer-core/src/direct_input/quick.rs: generated_quick_value
  • crates/csv-anonymizer-core/src/service.rs: preflight_anonymization

Those should be refactored separately from detector behavior so review stays focused.

Related pages: Cleanup opportunities, Dependency freshness, and Testing.

Clone this wiki locally