Severity Model
P0: security/data loss/production outage riskP1: major reliability or delivery blockerP2: important correctness/maintainability riskP3: low-risk debt/noise
Active Problems
KD-001: AI schema drift risk (P2, Active)
- Symptoms: automation chooses invalid status/action values.
- Impact: failed automated workflows or incorrect route calls.
- Root cause:
/api/ai/*schema in/server/routes/ai-schema.tsis manually maintained. - Detection:
- Fix:
- align
ai-schema.tswith runtime schema/validators - add/expand integration coverage for touched route contracts
- update docs pages in
backend/*
- align
KD-002: High any density in backend (P2, Active)
- Symptoms: typecheck passes while runtime bugs still slip through.
- Impact: unsafe autonomous edits and weaker refactor confidence.
- Root cause: permissive typing in critical route/data-transform paths.
- Detection:
- Fix:
- prioritize
server/routes/deals.ts,server/routes/teams.ts,server/routes/tasks.ts - replace
anywith explicit types/zod-validated shapes - verify with
pnpm check+ targeted tests
- prioritize
KD-003: Test warning noise (P3, Active)
- Symptoms: CI logs include noisy React/Node warnings despite passing tests.
- Impact: reduced signal quality for agent-driven triage.
- Root cause: legacy test patterns and warning-producing dependencies.
- Detection:
- Fix:
- eliminate
act(...)warnings in failing test patterns - reduce non-actionable Node warning output
- track warning count trend in review notes
- eliminate
KD-004: Legacy docs ambiguity (P2, Active)
- Symptoms: contributors follow historical docs and execute stale workflows.
- Impact: inconsistent implementation and onboarding mistakes.
- Root cause: valuable historical docs still mixed with active docs.
- Detection:
- Fix:
- keep active truth in
/docs+/mintlify-docs - progressively move historical docs to explicit legacy buckets
- maintain dated audit pages for each docs cycle
- keep active truth in
Monitoring Problems
KD-005: Mintlify source configuration drift (P1, Monitoring)
- Symptoms:
docs.drdj.meshows old starter content after repo updates. - Impact: published docs diverge from current codebase.
- Root cause: Mintlify project source/path misconfiguration.
- Detection:
- Fix:
- repo =
djasha/docs, branch =main - monorepo = off, docs path = root (
.or empty) - redeploy and verify title/navigation
- repo =
KD-006: Extension origin/CORS misconfig risk (P1, Monitoring)
- Symptoms: extension requests fail with auth/CORS issues.
- Impact: extension workflows break in dev or production.
- Root cause: mismatch between extension origin and backend allowlist.
- Detection:
- Fix:
- set correct extension origins in environment
- verify API calls include bearer token
- smoke test both extensions after auth changes
KD-009: NPM audit endpoint transient 500s (P2, Monitoring)
- Symptoms: CI security-audit step fails with
ERR_PNPM_AUDIT_BAD_RESPONSEdespite no code change. - Impact: false-negative CI failures and blocked merges.
- Root cause: transient npm audit API outages.
- Detection:
- Fix:
- run retry-aware audit script (
scripts/security-audit-high.sh) - keep high-severity audit policy enabled when endpoint is reachable
- monitor recurrence in weekly governance report
- run retry-aware audit script (
Recently Resolved
KD-007: Dependency vulnerability chain (P0, Resolved 2026-02-18)
- Resolution: dependency overrides/tooling hardening + vulnerable chain removal.
- Validation:
KD-008: Broken onboarding references (P1, Resolved in docs refresh)
- Resolution: README and onboarding docs were rewritten to current structure.
- Validation:
Required Issue Entry Format (for new problems)
- ID:
KD-### - Severity and status
- symptoms
- impact
- root cause
- detection command(s)
- fix checklist
- verification command(s)