# Initial Scan Report ## Command Executed in Sail with the test-owned scanner: ```bash cd apps/platform && ./vendor/bin/sail php -r 'require "vendor/autoload.php"; $result = Tests\Support\UiBloat\UiBloatScanner::scanConfiguredPaths("/var/www/repo", Tests\Support\UiBloat\UiBloatScanner::STRICTNESS_WARN); ...' ``` ## Summary | Metric | Result | |---|---:| | Files scanned | 417 | | Blocking failures | 0 | | Warnings | 24 | | Manual-review findings | 346 | | Allowlisted findings | 0 | | False positives classified in v1 | 0 | V1 produced no unallowlisted hard customer/auditor safety failures. Existing findings are review signals and known-debt candidates only; no broad UI refactor is in scope. ## Findings By Rule | Rule | Count | V1 Treatment | |---|---:|---| | `UIBLOAT_CUSTOMER_INTERNAL_TERM` | 28 | manual review unless customer-default hard leak | | `UIBLOAT_CUSTOMER_RAW_ID` | 120 | manual review unless customer-default hard leak | | `UIBLOAT_DIAGNOSTIC_GUIDANCE_MISSING` | 15 | manual review | | `UIBLOAT_EVIDENCE_DIAGNOSTICS_MIXED` | 1 | manual review | | `UIBLOAT_HEADER_ACTION_OVERLOAD` | 12 | manual review | | `UIBLOAT_MISSING_PRIMARY_QUESTION` | 99 | manual review | | `UIBLOAT_REPEATED_STATUS` | 60 | manual review | | `UIBLOAT_TECH_METADATA_MAIN` | 11 | manual review | | `UIBLOAT_ZERO_METRIC_CARD` | 24 | warning | ## Findings By Surface Classification | Surface Classification | Count | |---|---:| | customer-auditor | 34 | | diagnostic-support | 49 | | operator | 246 | | unknown | 41 | ## Highest-Volume Files | File | Count | Treatment | |---|---:|---| | `apps/platform/app/Support/SupportDiagnostics/SupportDiagnosticBundleBuilder.php` | 16 | diagnostic-support manual review | | `apps/platform/app/Support/Ui/DerivedState/RequestScopedDerivedStateStore.php` | 14 | unknown/operator manual review | | `apps/platform/app/Filament/Support/VerificationReportViewer.php` | 12 | operator/manual review | | `apps/platform/app/Filament/Resources/FindingResource.php` | 10 | operator/manual review | | `apps/platform/app/Filament/Resources/OperationRunResource.php` | 10 | operator/manual review | | `apps/platform/app/Filament/Resources/RestoreRunResource.php` | 10 | operator/manual review | | `apps/platform/app/Support/Ui/GovernanceArtifactTruth/ArtifactTruthPresenter.php` | 10 | support/UI helper manual review | | `apps/platform/app/Filament/Pages/Workspaces/ManagedEnvironmentOnboardingWizard.php` | 9 | operator/manual review | | `apps/platform/app/Filament/Support/VerificationReportChangeIndicator.php` | 8 | operator/manual review | | `apps/platform/app/Filament/Resources/ReviewPackResource.php` | 6 | customer/auditor technical-detail manual review | ## Blocking Failures None. ## Warnings The 24 warning findings are `UIBLOAT_ZERO_METRIC_CARD` matches. They are review signals only in v1. ## Manual-Review Findings Manual-review findings are intentionally retained as review evidence. They cover raw IDs in technical/collapsed contexts, repeated status language, header action count, missing primary question markers, technical metadata, and diagnostic guidance ambiguity. ## Allowlisted Findings None. Spec 375 v1 does not commit an allowlist file. ## Known Existing Debt - Broad source-level status/readiness repetition remains visible in several operator resources. - Diagnostic/support source files contain technical terms that are expected but should remain guidance-first in rendered surfaces. - Some customer/auditor resources still contain raw IDs or fingerprints in hidden/collapsed technical areas; these remain manual-review findings rather than hard failures. ## Recommended Follow-Ups - Re-run this guard after the next UI surface change and compare counts. - Consider a future allowlist file only if manual-review findings become noisy. - Defer CI hard-fail expansion until allowlist cleanup. - Keep browser-scorecard integration separate from this v1 guard.