Skip to content

cleanup opportunities

Douwe de Vries edited this page Jul 1, 2026 · 1 revision

Cleanup opportunities

This section summarizes cleanup findings already present in repository review documents and source measurements. It does not invent new feature work.

Active contributors: Douwe de Vries

Current finding map

Area Finding Source
Complexity hotspots Several source files are large enough to slow review and increase reason-to-change risk Complexity hotspots, docs/code-quality-assessment-2026-07-01.md
Product policy duplication Auto-selection policy is duplicated between the CLI and Tauri paths, though the current copies match docs/code-quality-assessment-2026-07-01.md
Frontend workflow repetition CSV, paste, and quick workflows repeat column-selection and Local AI blocking patterns docs/code-quality-assessment-2026-07-01.md
Selectable-column abstraction frontend/src/utils/columns.ts currently has an isSelectableColumn abstraction that always returns true docs/code-quality-assessment-2026-07-01.md
Test fixture duplication Broad DTO fixtures such as ColumnMetadata and PrivacyReport are copied across frontend tests docs/code-quality-assessment-2026-07-01.md
Broad DTO surface crates/csv-anonymizer-core/src/types.rs and frontend/src/types.ts centralize many public contracts docs/code-quality-assessment-2026-07-01.md, Data models
Release and CI shell complexity Release workflow signing, staging, upload, and prebuilt frontend checks are powerful but hard to maintain inline docs/code-quality-assessment-2026-07-01.md, Deployment
Shallow contract validation scripts/check-contracts.mjs catches names and fields, but not full optionality, nested typing, or runtime serialization semantics docs/code-quality-assessment-2026-07-01.md
Dependency freshness cargo audit reports zero vulnerabilities, but informational warnings and future major/API upgrades remain Dependency freshness, docs/dependency-audit-followups.md

Not open findings

docs/codebase-review-2026-06-29.md records several earlier issues as implemented. Do not treat those as active cleanup work unless new evidence shows a regression.

Resolved examples include Local AI download cancellation hardening, direct paste and quick settings-load gating, signed checksum sidecars for Linux direct downloads, session-only seed handling, output suffix validation, CSV Local AI button blocking, and CLI help for deterministic seeds.

How to use these pages

Clone this wiki locally