Skip to content

fix: gap analysis fixes - TLS misclassification, --redact, spec update#4

Merged
muras3 merged 1 commit into
mainfrom
claude/gap-analysis-fixes
Feb 27, 2026
Merged

fix: gap analysis fixes - TLS misclassification, --redact, spec update#4
muras3 merged 1 commit into
mainfrom
claude/gap-analysis-fixes

Conversation

@muras3

@muras3 muras3 commented Feb 27, 2026

Copy link
Copy Markdown
Owner

Summary

  • TLS_CERT_NOT_YET_VALID: 誤分類バグ修正。expired と not-yet-valid を分離(原因・対処が異なる)
  • --redact フラグ: デフォルトONのセンシティブ情報マスクフラグ追加(マスク処理本体は次タスク)
  • 設計ドキュメント更新: Claude-Codex合議に基づきproduct-design.mdをv0.1正本として更新

Detail

TLS_CERT_NOT_YET_VALID (バグ修正)

  • classifyTLSError() が "not yet valid" を TLS_CERT_EXPIRED に誤分類していた
  • isCertNotYetValid() 追加、insecureモードではwarn返却
  • テスト5件追加(fake + 実TLSサーバー)

--redact (新機能)

  • --no-redact で無効化可能(BoolVar, default false → Redact=!noRedact)
  • Config.Redact, ProbeContext.Redact 追加
  • テスト8件追加(単体6 + E2E 2)

設計ドキュメント (product-design.md)

  • observations: トップレベルフラット → レイヤー内ネスト(実装準拠)
  • timing: 共通duration_ms + HTTP ttfb/total任意追加
  • codes: フォールバック(*_ERROR)、TLS_CERT_NOT_YET_VALID、HTTP_500追加
  • 正規化規則5項目を新設
  • CLIスコープ: --redact=MVP, --count=v0.2, --verbose/dns://=Phase 1

Test plan

  • TLS全18テストパス
  • CLI全テストパス
  • E2Eテスト全パス
  • go test ./... ALL PASS

Memo (振り返り用)

  • 乖離分析: 3並列調査エージェント → Codex構造化議論 → 7項目全合意
  • 核心的発見: 設計が実装学習に追いついていなかっただけで「失敗」ではない
  • 方針: 第三の道(実装知見を正として設計更新 + 診断価値の高い差分のみ実装修正)
  • Codex総括: 「v0.1契約を正本化し、v0.2拡張点を別管理すべき」

🤖 Generated with Claude Code

…ign spec

## Changes

### Bug Fix: TLS_CERT_NOT_YET_VALID
- Separated TLS_CERT_NOT_YET_VALID from TLS_CERT_EXPIRED (was misclassified)
- Added isCertNotYetValid() to distinguish "is before" vs "is after" messages
- Added NotBefore check in success path for insecure mode (returns warn)
- 5 new TLS tests covering all expired/not-yet-valid/insecure combinations

### Feature: --redact flag
- Added --redact (default ON) and --no-redact CLI flags
- Added Redact field to Config and ProbeContext
- 6 new unit tests + 2 E2E tests for flag parsing
- Actual masking logic is a follow-up task

### Design Spec Update (product-design.md)
- JSON schema aligned to implementation (layer-nested observations, duration_ms)
- Codes table: added fallback codes (*_ERROR), TLS_CERT_NOT_YET_VALID, HTTP_500
- Added error code normalization rules
- CLI scope clarified: --redact=MVP, --count=v0.2, --verbose/dns://=Phase 1
- Timing policy documented: common duration_ms + HTTP ttfb/total optional

### Docs
- Added Agent Teams usage guide (docs/agent-teams-guide.md)

## Codex Review
- Test cases reviewed by Codex before implementation (TDD)
- Gap analysis conducted with structured Codex discussion
- All decisions are Claude-Codex consensus

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@muras3
muras3 merged commit 9a36d5d into main Feb 27, 2026
1 check failed
@muras3
muras3 deleted the claude/gap-analysis-fixes branch March 3, 2026 02:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant