Joseph Doherty
77cb0ad0e2
The largest themed batch — small mechanical fixes across 11 modules.
API / message hygiene:
- Comm-020: SiteAddressCacheLoaded now carries IReadOnlyDictionary /
IReadOnlyList — Akka messages must be immutable.
- Commons-016: BundleSession.MaxUnlockAttempts named constant replaces
magic 3.
- Commons-018: IOperationTrackingStore + IPartitionMaintenance moved from
Interfaces/ root to Interfaces/Services/ (namespace preserved — 9
consumers exceeded the in-prompt move threshold).
- Commons-023: TrackingStatusSnapshot.SourceNode now consistent with the
trailing-optional-with-default pattern used elsewhere.
- SR-022: AuditingDbCommand.DbConnection.set no longer uses reflection —
exposes AuditingDbConnection.Inner via internal API surface.
Dead code / config cleanup:
- ClusterInfra-011: decorative SectionName constant deleted.
- ClusterInfra-014: dead AddClusterInfrastructureActors method + its
"throws-when-called" test deleted.
- Host-021: Microsoft Logging:LogLevel block deleted from appsettings.json
(dead under Serilog).
Fail-loud over fail-silent:
- DM-021: ResolveSiteIdentifierAsync throws on missing site (was silently
substituting a DB id).
- DM-022: dropped transient Pending write — record now lands directly in
InProgress (no UI flicker, one fewer DB write).
- Host-020: LoggerConfigurationFactory emits a Console.Error warning when
both Serilog:MinimumLevel and ScadaLink:Logging:MinimumLevel are set
(ScadaLink remains truth per Host-011).
- SnF-022: NotifyCachedCallObserverAsync logs Warning on unparseable
TrackedOperationId (was silently dropping).
- SnF-023: empty siteId default replaced with $unknown-site sentinel
+ constructor normalisation.
Correctness:
- SCA-001: SupervisorStrategy XML rewritten to match actual
DefaultDecider/Restart semantics (was claiming Resume).
- SCA-003: OnUpsertAsync now restamps IngestedAtUtc on every upsert.
- SR-021: HandleDeployArtifacts now dispatches an internal
ApplyArtifactDataConnectionsToDcl message after the SQLite write so
system-wide artifact-deploy data-connection changes go live
immediately (was requiring a site restart).
- SnF-020: RetryParkedMessageAsync captures the parked row BEFORE the
local write so a concurrent delete can't skip standby replication.
Sentinels / naming collisions:
- HM-021: CentralSiteId changed from "central" to "$central"
(uncollideable — leading $ is forbidden in real SiteIdentifiers).
Doc / surface cleanups:
- SEL-018: FailedWriteCount promoted to ISiteEventLogger; XML softened
to "Available for future Health Monitoring integration".
- SnF-019: VERIFY outcome — documented parking-after-DefaultMaxRetries
in Component-StoreAndForward.md + DefaultMaxRetries XML (uniform
cap; maxRetries:0 is the unbounded escape hatch).
- SnF-021: Component-StoreAndForward.md no longer claims the tracking
table lives in SnF — it's in SiteRuntime, the interface is in Commons.
- CLI-020: bundle export response parse guarded with try/catch on
JsonException / KeyNotFoundException / FormatException — emits a
clean INVALID_RESPONSE exit instead of a stack trace.
Config:
- ClusterInfra-013: intent comment added to "catastrophic config" test.
- Host-016: appsettings.Site.json second CentralContactPoints entry
removed (was pointing at the SITE's own port); doc-key explains how
to extend.
- Host-018: NodeName added to both shipped per-role configs (was
causing SourceNode to be null on audit rows).
UI:
- CentralUI-029: replaced JS.InvokeAsync<int>("eval", …) with an ES
module import (new wwwroot/js/browser-time.js).
- CentralUI-032: AuditResultsGrid gains a Previous button backed by a
cursor stack.
10+ new regression tests across the affected projects. Build clean;
all suites green. README regenerated: 6 open (was 33).
Session-to-date: 130 of 136 originally-open Theme findings closed.
5.5 KiB
5.5 KiB
Code Reviews
Comprehensive, per-module code reviews of the ScadaLink codebase. Each module (one
buildable project under src/) has its own folder containing a findings.md. This
README is the aggregated index — the single place to see all outstanding work.
Generated by
regen-readme.pyfrom the per-modulefindings.mdfiles. Do not edit by hand — edit the findings files and re-run the script.
How it works
- Reviews are performed one module at a time against a fixed checklist.
- Every finding is recorded in the module's
findings.mdwith a severity and status. - Findings are never deleted — they are closed by changing their status, keeping a full audit trail.
- This README aggregates every pending finding (
Open/In Progress) across all modules.
See REVIEW-PROCESS.md for the full procedure: the review checklist, severity definitions, finding format, and how to mark items resolved.
Layout
code-reviews/
├── README.md # this file — process overview + pending findings
├── REVIEW-PROCESS.md # how to perform a review and track findings
├── regen-readme.py # regenerates this README from the findings files
├── _template/findings.md # copy-this template for a module review
└── <Module>/findings.md # one folder per src/ project
Baseline review — 2026-05-16
All 19 modules were reviewed at commit 9c60592 (241 findings: 6 Critical, 46 High,
100 Medium, 89 Low). The tables below track what remains open as findings are
resolved and re-triaged; findings discovered after the baseline are appended to their
module file and counted in Total.
| Severity | Open findings |
|---|---|
| Critical | 0 |
| High | 0 |
| Medium | 5 |
| Low | 1 |
| Total | 6 |
Module Status
| Module | Last reviewed | Commit | Open (C/H/M/L) | Open | Total |
|---|---|---|---|---|---|
| AuditLog | 2026-05-28 | 1eb6e97 |
0/0/1/0 | 1 | 11 |
| CLI | 2026-05-28 | 1eb6e97 |
0/0/0/0 | 0 | 23 |
| CentralUI | 2026-05-28 | 1eb6e97 |
0/0/0/0 | 0 | 33 |
| ClusterInfrastructure | 2026-05-28 | 1eb6e97 |
0/0/0/0 | 0 | 14 |
| Commons | 2026-05-28 | 1eb6e97 |
0/0/0/0 | 0 | 23 |
| Communication | 2026-05-28 | 1eb6e97 |
0/0/0/0 | 0 | 22 |
| ConfigurationDatabase | 2026-05-28 | 1eb6e97 |
0/0/0/0 | 0 | 24 |
| DataConnectionLayer | 2026-05-28 | 1eb6e97 |
0/0/0/0 | 0 | 22 |
| DeploymentManager | 2026-05-28 | 1eb6e97 |
0/0/0/0 | 0 | 24 |
| ExternalSystemGateway | 2026-05-28 | 1eb6e97 |
0/0/1/0 | 1 | 23 |
| HealthMonitoring | 2026-05-28 | 1eb6e97 |
0/0/0/0 | 0 | 23 |
| Host | 2026-05-28 | 1eb6e97 |
0/0/0/0 | 0 | 22 |
| InboundAPI | 2026-05-28 | 1eb6e97 |
0/0/0/0 | 0 | 25 |
| ManagementService | 2026-05-28 | 1eb6e97 |
0/0/0/0 | 0 | 23 |
| NotificationOutbox | 2026-05-28 | 1eb6e97 |
0/0/0/0 | 0 | 10 |
| NotificationService | 2026-05-28 | 1eb6e97 |
0/0/0/0 | 0 | 25 |
| Security | 2026-05-28 | 1eb6e97 |
0/0/0/0 | 0 | 21 |
| SiteCallAudit | 2026-05-28 | 1eb6e97 |
0/0/0/0 | 0 | 6 |
| SiteEventLogging | 2026-05-28 | 1eb6e97 |
0/0/0/0 | 0 | 23 |
| SiteRuntime | 2026-05-28 | 1eb6e97 |
0/0/0/0 | 0 | 26 |
| StoreAndForward | 2026-05-28 | 1eb6e97 |
0/0/0/0 | 0 | 24 |
| TemplateEngine | 2026-05-28 | 1eb6e97 |
0/0/3/0 | 3 | 22 |
| Transport | 2026-05-28 | 1eb6e97 |
0/0/0/1 | 1 | 12 |
Pending Findings
Every Open / In Progress finding across all modules, highest severity first.
Resolved findings drop off this list but remain recorded in their module's
findings.md (see REVIEW-PROCESS.md §4–§5). Full detail —
description, location, recommendation — lives in the module's findings.md.
Critical (0)
None open.
High (0)
None open.
Medium (5)
| ID | Module | Title |
|---|---|---|
| AuditLog-001 | AuditLog | Combined-telemetry transport is plumbed end-to-end but never invoked in production |
| ExternalSystemGateway-020 | ExternalSystemGateway | JsonElementToParameterValue silently downcasts non-Int64 JSON numbers to double, losing precision for decimal SQL parameters on retry |
| TemplateEngine-018 | TemplateEngine | DiffService reports no entries for added/removed/changed connections |
| TemplateEngine-019 | TemplateEngine | TemplateResolver.BuildInheritanceChain still uses the 0-as-no-parent sentinel that was removed from CycleDetector |
| TemplateEngine-020 | TemplateEngine | Create* audit entries are written with EntityId = "0" before SaveChangesAsync populates the real key |
Low (1)
| ID | Module | Title |
|---|---|---|
| Transport-012 | Transport | "Bundle Import" filter promised in design doc not surfaced in Configuration Audit Log Viewer UI |