ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
f1eadadf78
TenantAtlas/specs/375-ui-bloat-regression-guard/artifacts/guard-rules.md
ahmido 8efc8981a4 feat(guard): implement ui bloat regression guard (#446) 
Added UiBloatRegressionGuardTest to enforce known UI bloat and customer/auditor safety regression patterns across configured runtime UI source paths as defined in Spec 375.

Registered the test in Pest.php and added to TestLaneManifest.

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #446
2026-06-13 09:03:36 +00:00

3.0 KiB
Raw Blame History

Guard Rules

Default strictness is warn. Ambiguous heuristics are manual-review-required. Only clear customer/auditor default-surface leakage is blocking in v1.

Rule ID Purpose Default Result Blocking In V1 Allowlist
UIBLOAT_ZERO_METRIC_CARD Detect zero-card spam that makes no-action pages noisy. warning no allowed with scoped reason
UIBLOAT_REPEATED_STATUS Detect repeated lifecycle/status/readiness wording. manual-review-required no allowed with scoped reason
UIBLOAT_CUSTOMER_RAW_ID Detect raw ID labels on likely customer/auditor defaults. blocking on customer/auditor; manual review elsewhere yes allowed only with explicit technical-details rationale
UIBLOAT_CUSTOMER_INTERNAL_TERM Detect internal/debug/provider terms on likely customer/auditor defaults. blocking on customer/auditor; manual review elsewhere yes allowed only with explicit technical-details rationale
UIBLOAT_MISSING_PRIMARY_QUESTION Detect pages without a clear question/next-action marker. manual-review-required no allowed with scoped reason
UIBLOAT_HEADER_ACTION_OVERLOAD Detect many header actions competing for attention. manual-review-required no allowed with workflow-hub rationale
UIBLOAT_EVIDENCE_DIAGNOSTICS_MIXED Detect copy that blurs proof/evidence and diagnostics. manual-review-required no allowed with support-surface rationale
UIBLOAT_TECH_METADATA_MAIN Detect technical metadata in main/default content. manual-review-required no allowed with diagnostic/system-surface rationale
UIBLOAT_DIAGNOSTIC_GUIDANCE_MISSING Detect diagnostic-heavy files without guidance markers. manual-review-required no allowed with external guidance rationale
UIBLOAT_DIAGNOSTIC_ENTRYPOINT_AMBIGUOUS Detect broad diagnostic labels for repair-only/support-only routes. manual-review-required no allowed with named-entrypoint rationale

Pattern Examples

  • Raw ID labels: operation id, workspace id, tenant id, provider object id, fingerprint.
  • Internal terms: operation context, raw graph payload, debug, stack trace, provider response body, internal reason.
  • Guidance markers: recommended first check, start here, next check, use this when, repair diagnostics, support diagnostics.
  • Evidence/diagnostics mixing markers: evidence diagnostics, diagnostic evidence, proof diagnostics.

Strictness

  • report: returns findings, no blocking exit.
  • warn: returns findings and marks only hard customer/auditor safety findings as blocking.
  • fail: treats all warning/manual-review/blocking findings as failing for explicit future hardening.

Suggested Actions

  • Move raw/internal/provider detail behind collapsed technical details.
  • Add or clarify the primary operator/customer question.
  • Group secondary header actions.
  • Separate evidence proof from diagnostics.
  • Add diagnostic guidance or rename ambiguous entrypoints.