ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
f806c6773b
TenantAtlas/specs/375-ui-bloat-regression-guard/artifacts/scanner-design.md
ahmido 8efc8981a4 feat(guard): implement ui bloat regression guard (#446) 
Added UiBloatRegressionGuardTest to enforce known UI bloat and customer/auditor safety regression patterns across configured runtime UI source paths as defined in Spec 375.

Registered the test in Pest.php and added to TestLaneManifest.

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #446
2026-06-13 09:03:36 +00:00

2.7 KiB
Raw Blame History

Scanner Design

Entrypoint

  • Selected entrypoint: apps/platform/tests/Feature/Guards/UiBloatRegressionGuardTest.php
  • Helper: apps/platform/tests/Support/UiBloat/UiBloatScanner.php
  • Command: cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/Guards/UiBloatRegressionGuardTest.php

File Discovery

The scanner reads configured source paths only:

  • apps/platform/app/Filament
  • apps/platform/resources/views/filament
  • apps/platform/app/Support/EnvironmentDashboard
  • apps/platform/app/Support/Navigation
  • apps/platform/app/Support/OpsUx
  • apps/platform/app/Support/SupportDiagnostics
  • apps/platform/app/Support/Ui
  • apps/platform/app/Support/Workspaces

Absent optional paths are recorded, not scanned:

  • apps/platform/resources/views/components
  • apps/platform/app/View

The scanner does not scan apps/platform/app/Support wholesale.

Extensions

  • Runtime source extensions: .php, .blade.php
  • Fixture strings: accepted directly by tests to prove rule behavior.

Exclusions

The scanner excludes vendor, node modules, storage, build artifacts, generated reports, screenshots, specs, tests except explicit fixtures, translations, database dumps, and hidden cache paths.

Surface Classification

  • customer-auditor: path/content contains customer review, review pack, stored report, environment review, evidence snapshot, auditor, customer, review output, or review handoff markers.
  • diagnostic-support: path/content contains diagnostics, support diagnostics, repair diagnostics, required permissions, provider readiness, or support-only markers.
  • operator: Filament/admin/support UI source without customer/auditor or diagnostic-support markers.
  • unknown: files outside configured UI source conventions.

Finding Shape

Each finding contains:

  • rule ID
  • file
  • matched pattern
  • surface classification
  • result
  • severity
  • reason
  • suggested action
  • allowlist status

Allowlist

V1 uses an in-test empty allowlist for current repo scanning and fixture tests. No committed allowlist file is introduced in v1. The policy for a future file is documented in allowlist-policy.md.

Exit Behavior

The Pest guard asserts that the current repo scan in warn mode has no unallowlisted blocking findings. Warning and manual-review findings are captured in initial-scan-report.md and do not fail v1 unless fail strictness is intentionally selected in tests.

Limitations

  • Text heuristics do not prove rendered DOM visibility.
  • Collapsed technical-details detection is conservative and may still mark a raw/internal customer match as manual review.
  • Header action overload is source-shape based and intentionally manual-review only.
  • No browser, screenshot, or accessibility proof is included.