dohertj2/CBDDC
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
3a352944c3b41c26319563519f6557139cd6522b
CBDDC/fixplan.md

4.8 KiB
Raw Blame History

CBDDC Fix Plan

Goal

Address all remaining issues identified in the architecture/quality audit after EntityFramework removal and persistence merge.

Current State

  • All GitHub workflows/pipelines have been removed from this repository.
  • Build and tests pass locally on CBDDC.slnx.
  • Remaining issues are architecture, warning debt, style drift, dependency deprecations, security hardening, and missing automated fitness gates.

Issue Inventory

  1. Core framework coupling (CA-02)
    • Core references Microsoft.Extensions.* and contains DI composition extension classes.
  2. Static analysis and warning debt (BP-05)
    • Nullable warnings in persistence (CS8618, CS8604).
    • NU1510 warning in network (System.Threading.Channels).
  3. Formatting drift (BP-06)
    • dotnet format --verify-no-changes fails with widespread whitespace issues (mostly test files).
  4. Dependency deprecations (BP-07)
    • Deprecated Microsoft.AspNetCore.Http.Abstractions 2.2.0.
    • Legacy xunit 2.9.3 in test projects.
  5. Security baseline gaps (BP-08)
    • Insecure default auth token in default node config.
    • JwtOAuth2Validator is explicitly demo/basic and does not perform signature/JWKS verification.
  6. No architecture fitness enforcement (BP-09)
    • No architecture rule tests.
    • No active pipeline to enforce build/test/format/package/security checks.

Execution Plan

Phase 1: Stabilize and Clean Baseline

  1. Fix nullable/event warnings in persistence:
    • Make ChangesApplied nullable or initialize safely.
    • Guard null snapshot values before constructing OplogEntry.
  2. Resolve NU1510:
    • Remove System.Threading.Channels if unused; otherwise document explicit need.
  3. Apply formatting once repo-wide:
    • Run dotnet format CBDDC.slnx.
    • Commit mechanical formatting separately.

Exit criteria

  • dotnet build CBDDC.slnx has zero warnings (or only documented, explicitly accepted warnings).
  • dotnet format CBDDC.slnx --verify-no-changes passes.

Phase 2: Dependency and Package Modernization

  1. Replace deprecated AspNet package:
    • Remove Microsoft.AspNetCore.Http.Abstractions 2.2.0.
    • Use current ASP.NET shared framework-compatible references.
  2. Upgrade tests from xUnit 2 to xUnit 3 (or pin with explicit temporary rationale).
  3. Re-run package audits:
    • dotnet package list --project CBDDC.slnx --deprecated
    • dotnet package list --project CBDDC.slnx --include-transitive --vulnerable --format json

Exit criteria

  • No unapproved deprecated packages.
  • No known vulnerabilities.

Phase 3: Security Hardening

  1. Remove insecure token default behavior:
    • Require explicit token provisioning for production paths.
    • Keep development fallback only behind clear dev-only opt-in.
  2. Replace JwtOAuth2Validator with production-grade validator:
    • Signature validation (JWKS retrieval/rotation).
    • Issuer/audience/lifetime validation.
    • Clock skew handling and structured failure reasons.
  3. Add unit and integration tests for auth failure/success paths.

Exit criteria

  • Auth path rejects unsigned/invalid JWTs.
  • No default cluster token in production defaults.

Phase 4: Architecture Boundary Cleanup

  1. Move DI composition out of Core into outer adapters/host packages.
  2. Keep Core limited to domain/application contracts and logic.
  3. Validate no framework namespace leakage into Core.

Exit criteria

  • Core no longer references DI/logging framework packages except where explicitly approved.
  • Architecture tests enforce the boundary.

Phase 5: Fitness Functions and Automation Reintroduction

  1. Add architecture tests:
    • Rule: Core must not depend on Network, Persistence, AspNet, or host frameworks.
    • Rule: layer graph must remain acyclic.
  2. Reintroduce a new minimal CI workflow (after review/approval):
    • dotnet restore, dotnet build, dotnet test
    • dotnet format --verify-no-changes
    • package vulnerable/deprecated checks
  3. Add fail-fast quality gates on pull requests.

Exit criteria

  • Every architecture/quality rule is automatically enforced on PRs.

Verification Commands

Run from /Users/dohertj2/Desktop/CBDDC:

dotnet restore CBDDC.slnx
dotnet build CBDDC.slnx
dotnet test CBDDC.slnx
dotnet format CBDDC.slnx --verify-no-changes
dotnet package list --project CBDDC.slnx --include-transitive --vulnerable --format json
dotnet package list --project CBDDC.slnx --deprecated

Suggested Order of Delivery

  1. Phase 1 (stability/style baseline)
  2. Phase 2 (dependencies)
  3. Phase 3 (security)
  4. Phase 4 (architecture cleanup)
  5. Phase 5 (fitness automation)

Notes for Review

  • I split mechanical formatting from behavioral/security changes to keep diffs reviewable.
  • Reintroducing CI is intentionally deferred to Phase 5 so it enforces the cleaned baseline, not current debt.
Reference in New Issue View Git Blame Copy Permalink