Joseph Doherty
11950b0a8e
Final themed batch. 5 well-localised correctness fixes. Serialisation precision: - ESG-020: DatabaseGateway.JsonElementToParameterValue probes TryGetInt64 → TryGetDecimal → GetDouble, so a script's high-precision decimal SQL parameter survives the cached-write retry round-trip without silent precision loss. 3 new regression tests. Template engine correctness: - TE-018: DiffService gains ComputeConnectionsDiff over FlattenedConfiguration.Connections, mirroring the existing entity-diff shape and pairing with the Theme 1 TE-017 hash-coverage fix. A ConfigurationDiff record extension in Commons is flagged as a follow-up. - TE-019: TemplateResolver.BuildInheritanceChain now walks via the int? ParentTemplateId directly — only null means "no parent". A real Id of 0 (the prior special-cased sentinel) now walks the chain like any other node, matching the TemplateEngine-013 CycleDetector fix. Regression of TE-013 closed. - TE-020: All 5 Create* paths in TemplateService + SharedScriptService re-ordered to save-first → log-with-real-Id → save-audit (matching the InstanceService pattern). Create* audit rows no longer carry a literal "0" EntityId. Doc deferral: - Transport-012: Component-Transport.md §Audit Trail now spells out that the BundleImportId repository filter IS wired (in CentralUiRepository), but the Audit-Log-Viewer UI dropdown + summary-row hyperlink are a deferred CentralUI follow-up. CLI workaround documented (audit query --bundle-import-id). 11+ new regression tests (3 ESG, 4 DiffService, 3 TemplateResolver, 4 TemplateService, 1 SharedScriptService). Build clean; ESG 72/72, TemplateEngine 324/324. README regenerated: 1 pending of 481 total. Session-to-date: 135 of 136 originally-open Theme findings closed across 10 themes in 10 commits.
4.6 KiB
Code Reviews
Comprehensive, per-module code reviews of the ScadaLink codebase. Each module (one
buildable project under src/) has its own folder containing a findings.md. This
README is the aggregated index — the single place to see all outstanding work.
Generated by
regen-readme.pyfrom the per-modulefindings.mdfiles. Do not edit by hand — edit the findings files and re-run the script.
How it works
- Reviews are performed one module at a time against a fixed checklist.
- Every finding is recorded in the module's
findings.mdwith a severity and status. - Findings are never deleted — they are closed by changing their status, keeping a full audit trail.
- This README aggregates every pending finding (
Open/In Progress) across all modules.
See REVIEW-PROCESS.md for the full procedure: the review checklist, severity definitions, finding format, and how to mark items resolved.
Layout
code-reviews/
├── README.md # this file — process overview + pending findings
├── REVIEW-PROCESS.md # how to perform a review and track findings
├── regen-readme.py # regenerates this README from the findings files
├── _template/findings.md # copy-this template for a module review
└── <Module>/findings.md # one folder per src/ project
Baseline review — 2026-05-16
All 19 modules were reviewed at commit 9c60592 (241 findings: 6 Critical, 46 High,
100 Medium, 89 Low). The tables below track what remains open as findings are
resolved and re-triaged; findings discovered after the baseline are appended to their
module file and counted in Total.
| Severity | Open findings |
|---|---|
| Critical | 0 |
| High | 0 |
| Medium | 1 |
| Low | 0 |
| Total | 1 |
Module Status
| Module | Last reviewed | Commit | Open (C/H/M/L) | Open | Total |
|---|---|---|---|---|---|
| AuditLog | 2026-05-28 | 1eb6e97 |
0/0/1/0 | 1 | 11 |
| CLI | 2026-05-28 | 1eb6e97 |
0/0/0/0 | 0 | 23 |
| CentralUI | 2026-05-28 | 1eb6e97 |
0/0/0/0 | 0 | 33 |
| ClusterInfrastructure | 2026-05-28 | 1eb6e97 |
0/0/0/0 | 0 | 14 |
| Commons | 2026-05-28 | 1eb6e97 |
0/0/0/0 | 0 | 23 |
| Communication | 2026-05-28 | 1eb6e97 |
0/0/0/0 | 0 | 22 |
| ConfigurationDatabase | 2026-05-28 | 1eb6e97 |
0/0/0/0 | 0 | 24 |
| DataConnectionLayer | 2026-05-28 | 1eb6e97 |
0/0/0/0 | 0 | 22 |
| DeploymentManager | 2026-05-28 | 1eb6e97 |
0/0/0/0 | 0 | 24 |
| ExternalSystemGateway | 2026-05-28 | 1eb6e97 |
0/0/0/0 | 0 | 23 |
| HealthMonitoring | 2026-05-28 | 1eb6e97 |
0/0/0/0 | 0 | 23 |
| Host | 2026-05-28 | 1eb6e97 |
0/0/0/0 | 0 | 22 |
| InboundAPI | 2026-05-28 | 1eb6e97 |
0/0/0/0 | 0 | 25 |
| ManagementService | 2026-05-28 | 1eb6e97 |
0/0/0/0 | 0 | 23 |
| NotificationOutbox | 2026-05-28 | 1eb6e97 |
0/0/0/0 | 0 | 10 |
| NotificationService | 2026-05-28 | 1eb6e97 |
0/0/0/0 | 0 | 25 |
| Security | 2026-05-28 | 1eb6e97 |
0/0/0/0 | 0 | 21 |
| SiteCallAudit | 2026-05-28 | 1eb6e97 |
0/0/0/0 | 0 | 6 |
| SiteEventLogging | 2026-05-28 | 1eb6e97 |
0/0/0/0 | 0 | 23 |
| SiteRuntime | 2026-05-28 | 1eb6e97 |
0/0/0/0 | 0 | 26 |
| StoreAndForward | 2026-05-28 | 1eb6e97 |
0/0/0/0 | 0 | 24 |
| TemplateEngine | 2026-05-28 | 1eb6e97 |
0/0/0/0 | 0 | 22 |
| Transport | 2026-05-28 | 1eb6e97 |
0/0/0/0 | 0 | 12 |
Pending Findings
Every Open / In Progress finding across all modules, highest severity first.
Resolved findings drop off this list but remain recorded in their module's
findings.md (see REVIEW-PROCESS.md §4–§5). Full detail —
description, location, recommendation — lives in the module's findings.md.
Critical (0)
None open.
High (0)
None open.
Medium (1)
| ID | Module | Title |
|---|---|---|
| AuditLog-001 | AuditLog | Combined-telemetry transport is plumbed end-to-end but never invoked in production |
Low (0)
None open.