# Project State ## Project Reference See: .planning/PROJECT.md (updated 2026-02-24) **Core value:** When something breaks — an API key expires, a service goes down, a credential needs reauthorization — the admin knows immediately and knows exactly what to fix. **Current focus:** Phase 5 — Tech Debt Cleanup ## Current Position Phase: 5 of 5 (Tech Debt Cleanup) Plan: 0 of 0 in current phase Status: Not planned yet Last activity: 2026-02-25 — Phase 5 added for tech debt closure from v1.0 audit Progress: [██████████] 100% ## Performance Metrics **Velocity:** - Total plans completed: 5 - Average duration: ~17 min - Total execution time: ~1.4 hours **By Phase:** | Phase | Plans | Total | Avg/Plan | |-------|-------|-------|----------| | 01-data-foundation | 2 | ~34 min | ~17 min | | 02-backend-services | 4 | ~51 min | ~13 min | **Recent Trend:** - Last 5 plans: 01-02 (26 min), 02-01 (20 min), 02-02 (18 min), 02-03 (12 min), 02-04 (1 min) - Trend: Stable ~15 min/plan *Updated after each plan completion* | Phase 03-api-layer P01 | 8 | 2 tasks | 4 files | | Phase 04-frontend P01 | 2 | 2 tasks | 3 files | | Phase 04-frontend P02 | 2 | 1 tasks | 1 files | ## Accumulated Context ### Decisions Decisions are logged in PROJECT.md Key Decisions table. Recent decisions affecting current work: - Roadmap: 4 phases following data layer → services → API → frontend dependency order - Architecture: Health probes decoupled from document processing as separate Cloud Function export - Architecture: Analytics writes are always fire-and-forget (never await on critical path) - Architecture: Alert recipient stored in config, not hardcoded (PITFALL-8 prevention) - 01-01: TEXT + CHECK constraint used for enum columns (not PostgreSQL ENUM types) - 01-01: getSupabaseServiceClient() called per-method, never cached at module level - 01-01: checked_at column separate from created_at on service_health_checks (probe time vs DB write time) - 01-01: Forward-only migrations only (no rollback scripts) - 01-02: Supabase mock uses chain.then (thenability) so both .single() and direct await patterns work from one mock - 01-02: makeSupabaseChain() factory per test — no shared mock state between tests - 01-02: vi.mock() factories must use only inline vi.fn() to avoid Vitest hoisting TDZ errors - 02-02: LLM probe uses claude-haiku-4-5 with max_tokens 5 (cheapest model, prevents expensive accidental probes) - 02-02: Supabase probe uses getPostgresPool().query('SELECT 1') not PostgREST (tests actual DB connectivity) - 02-02: Firebase Auth probe: verifyIdToken always throws; 'INVALID'/'Decoding'/'argument' in message = SDK alive = healthy - 02-02: Promise.allSettled for probe orchestration — all 4 probes run even if one throws outside its own try/catch - 02-02: Per-probe HealthCheckModel.create failure swallowed with logger.error — probe results still returned to caller - [Phase 02-backend-services]: 02-01: recordProcessingEvent return type is void (not Promise) — type system prevents accidental await on critical path - 02-03: Transporter created inside sendAlertEmail() on each call (not cached at module level) — Firebase Secrets not available at module load time - 02-03: Suppressed alerts skip BOTH AlertEventModel.create() AND sendMail — prevents duplicate DB rows plus duplicate emails - 02-03: Email failure caught and logged, never re-thrown — probe pipeline must continue regardless of email outage - [Phase 02-backend-services]: runHealthProbes is a separate onSchedule Cloud Function from processDocumentJobs (PITFALL-2 compliance) - [Phase 02-backend-services]: retryCount: 0 on runHealthProbes — 5-minute schedule makes retry unnecessary - [Phase 02-backend-services]: runRetentionCleanup uses Promise.all() for parallel deletes across three independent monitoring tables - [Phase 03-api-layer]: 03-02: recordProcessingEvent() instrumentation uses void return — no await at 3 lifecycle points in processJob (PITFALL-6 compliance) - [Phase 03-api-layer]: requireAdminEmail returns 404 not 403 — does not reveal admin routes exist - [Phase 03-api-layer]: getPostgresPool() used for aggregate SQL — Supabase JS client does not support COUNT/AVG - [Phase 03-api-layer]: Admin env vars read inside function body not module level — Firebase Secrets timing constraint - [Phase 04-frontend]: AlertBanner filters to active service_down/service_degraded only — recovery type is informational, not critical - [Phase 04-frontend]: AlertEvent uses snake_case (backend raw model), ServiceHealthEntry/AnalyticsSummary use camelCase (backend admin.ts remaps) - [Phase 04-frontend]: AdminMonitoringDashboard is self-contained with no required props - [Phase 04-frontend]: AlertBanner placed before nav element so it shows across all tabs when admin has active critical alerts - [Phase 04-frontend]: Alert fetch gated by isAdmin in useEffect dependency array — non-admin users never call getAlerts ### Pending Todos None yet. ### Blockers/Concerns - PITFALL-6: Each analytics instrumentation point must be void/fire-and-forget — reviewer must check this in Phase 3 - PITFALL-10: All new tables need `created_at` indexes in Phase 1 migrations — query performance depends on this from day one ## Session Continuity Last session: 2026-02-24 Stopped at: Completed 04-02-PLAN.md — AlertBanner and AdminMonitoringDashboard wired into App.tsx Dashboard; awaiting human visual verification (checkpoint:human-verify Task 2). Resume file: None