chihlasm/resolutionflow
1
0
Fork 0
Code Issues 23 Pull Requests 1 Actions Packages Projects Releases Wiki Activity

docs: mark security headers, coverage gates, and web vitals complete

Browse Source 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
chihlasm
2026-03-18 02:42:09 +00:00
parent 9b3b82882e
commit 6141ab5a33
2 changed files with 91 additions and 39 deletions
Download Patch File Download Diff File Expand all files Collapse all files

109
03-DEVELOPMENT-ROADMAP.md
View File

@@ -1,6 +1,6 @@
# Development Roadmap
> **Last Updated:** March 1, 2026
> **Last Updated:** March 18, 2026
> **Product:** ResolutionFlow (repo: patherly)
> **Target Market:** MSP companies — IT service providers managing infrastructure and support for multiple clients
@@ -27,17 +27,44 @@
- Mobile-responsive design
- Security hardening (Phases A-D) — rate limiting, audit logs, soft delete, SQL escaping
### Phase 2.5: Step Library & Procedural Flows (Partially Complete)
- **Step Library backend** — CRUD, search, ratings, reviews, visibility filtering, verified-use badge
- **Procedural flows** — `procedural` tree type, step-by-step execution engine, intake forms, section headers, resume support, type-aware routing
### Phase 2.5: Step Library & Procedural Flows
- **Step Library** — CRUD, search, ratings, reviews, visibility filtering, verified-use badge (backend complete, frontend browse/search/rate pending)
- **Procedural flows** — `procedural` tree type, step-by-step execution engine, intake forms, section headers, resume support, type-aware routing, auto-start on page load
- **Maintenance flows** — `maintenance` tree type, batch session launch, saved target lists, APScheduler cron scheduling, maintenance detail page
- **Session sharing** — ShareSessionModal, SharedSessionPage, MySharesPage, share links with copy/manage
- **Export improvements** (Phases A-C) — step cutoff, summary block, detail levels, editable preview, sensitive data redaction
- **Rebrand** — Patherly → ResolutionFlow branding, dark-first purple gradient design system
- **Rebrand** — Patherly → ResolutionFlow branding, Slate & Ice glassmorphism design system
- **Flexible intake** — deferred variable resolution, prepared sessions for reuse
### Recently Completed (Feb-Mar 2026)
- **AI Flow Assist** — Conversational AI chat builder for generating troubleshooting and procedural flows. Multi-phase interview (scope → structure → details), progressive tree generation with live preview, save to flow library. Backend: Anthropic Claude API with streaming, AI tree validation, scaffold/refine pipeline. Frontend: ChatPanel, StaticTreePreview, ChatToolbar, Zustand store.
- **Cross-Reference / Loop-Back Support** — Ghost references allowing any node to link to any other node in the tree (loop-backs, re-verification patterns). Backend validation relaxed for cross-refs. Frontend: cross-reference edge rendering (dashed purple arrows), node picker dropdowns in action/decision forms, circular reference detection changed to warnings.
### Phase 3: Intelligence & Polish (Mar 2026)
- **AI Flow Assist** — Conversational AI chat builder for generating troubleshooting and procedural flows. Multi-phase interview, progressive tree generation with live preview, save to flow library
- **Cross-Reference / Loop-Back Support** — Ghost references, dashed purple arrows, node picker dropdowns, circular reference detection as warnings
- **Editor-Embedded Flow Assist** — 320px AI side panel in editor, ghost node suggestions, delta responses, model tier routing
- **Procedural Flow Assist** — AI suggestions for procedural flow editing with `[STEPS_UPDATE]` markers
- **AI Chat Conclusion** — Outcome tracking, AI-generated ticket summaries, resume flow
- **AI Copilot** — In-session copilot panel with RAG, standalone assistant chat
- **KB Accelerator** — Upload .md files and convert to troubleshooting/procedural flows with AI, tree builder with validation gate
- **Script Generator** — Backend engine with parameter detection, template editor with conditional/looping, PowerShell and Bash generation
- **Command Palette** — Quick flow navigation and actions (Ctrl+K)
- **Session-to-Flow Converter** — AI-powered conversion of finished sessions into reusable flows
- **Sidebar Redesign** — Activity feed, grouped navigation, improved flow discovery
- **Flow Export/Import** — JSON export, import with validation, cross-team flow transfer
- **Survey System** — Public survey page, admin invite tracking, response viewer with CSV export, email invitations, read/unread/archive/delete management
- **Email Verification** — Tokens, banner, admin toggle (platform setting)
- **Account Management** — Profile settings, delete/leave/transfer team, chat retention settings
- **Slate & Ice Aesthetic Redesign** — Glassmorphism with ice-cyan accents, Bricolage Grotesque + IBM Plex Sans + JetBrains Mono typography, orchestrated page-load animations
- **Tailwind CSS v3 → v4 Migration** — CSS custom properties, glass utilities, React Flow CSS integration
- **Landing Page + Beta Signup** — Marketing-ready landing page with CSS polish
- **PostHog Product Analytics** — 60+ events instrumented, PostHogProvider, identifyUser/resetAnalytics wired to auth, Dockerfile build args for Railway
- **Playwright E2E Tests** — 17 spec files, full CI job, auth storage state, both webServers managed in config
- **ConnectWise PSA Integration (Core)** — Provider pattern (`BasePsaProvider` / `ConnectWiseProvider`), connection CRUD, ticket context retrieval, session-to-ticket linking, member mapping, credential encryption, in-memory TTL cache
### Phase 3.5: Polish & Professional (Mar 2026 — PR #114)
- **Empty States** — Illustrative empty states across 8 pages, upgraded EmptyState component with illustration + learn-more support
- **Onboarding Checklist** — Backend status/dismiss endpoints, dashboard checklist widget with structured steps
- **Professional PDF Export** — WeasyPrint branded template, supporting data in all export formats
- **Team Branding** — CRUD endpoints + UI settings for export customization
- **Supporting Data Capture** — CRUD endpoints + UI for attaching evidence/context to sessions
---
@@ -45,14 +72,21 @@
| Task | Status | Notes |
|------|--------|-------|
| Step Library Frontend UI | In Progress | Backend complete, frontend browse/search/rate UI pending |
| Procedural Flows Lifecycle | In Progress | Resume done, run chooser/reuse pending |
| ConnectWise PSA Integration (Advanced) | In Progress | Core done — ticket linking, note posting, member mapping. Remaining: callback webhooks, deeper ticket context in sessions |
| PR #114 Merge | In Progress | Empty states, onboarding, PDF exports, branding, supporting data — ready for review |
---
## Phase 3: Intelligence & Polish
## What's Next
**Goal:** Make ResolutionFlow smarter — surface insights from usage data and make the day-to-day experience faster.
### Near-Term Priorities (from Stack Priorities Plan)
| Feature | Status | Description |
|---------|--------|-------------|
| Coverage gates in CI | ✅ Complete | Backend enforced at 80%, frontend coverage reporting enabled |
| Security headers | ✅ Complete | HSTS, CSP (report-only), X-Frame-Options, X-Content-Type-Options, Referrer-Policy, Permissions-Policy |
| Web Vitals / performance budgets | ✅ Complete | LCP, INP, CLS, FCP, TTFB reported to PostHog via web-vitals |
| Search and recall improvements | ⬜ Not started | Search sessions by flow, tag, client, ticket context |
### 3A: Quick Wins & UX (Priority: Medium)
@@ -69,12 +103,6 @@
| Tree Effectiveness Dashboard | #61 | Usage stats, common paths, avg completion time, success rates per flow |
| Recurring Issue Detection | #60 | Identify repeat problems across sessions — surface patterns to team leads |
### 3C: Content Management (Priority: Medium)
| Feature | GitHub Issue | Description |
|---------|-------------|-------------|
| Tree Templates + Import/Export | #66 | Starter templates, JSON/YAML export, community sharing foundation |
### 3D: Remaining Infrastructure
- File attachments for sessions (S3-compatible storage, drag-and-drop, screenshot paste)
- Tree forking UI (backend schema exists — migration 022)
@@ -86,13 +114,12 @@
**Goal:** Connect ResolutionFlow to the MSP tools teams already use.
### 4A: PSA Integration (Priority: HIGH)
### 4A: PSA Integration (Priority: HIGH — Core Complete)
| Feature | GitHub Issue | Description |
|---------|-------------|-------------|
| ConnectWise / Autotask Integration | #63 | Create tickets from sessions, sync ticket numbers, update notes, pull client context |
This is the highest-priority strategic feature. It turns ResolutionFlow from a standalone tool into part of the MSP workflow.
| ConnectWise PSA — Advanced | #63 | ~~Core integration~~ ✅ — Remaining: callback webhooks, real-time ticket events, deeper session context |
| Autotask PSA | — | Second PSA provider using same `BasePsaProvider` pattern |
### 4B: Intelligence Layer (Priority: Strategic)
@@ -102,7 +129,7 @@ This is the highest-priority strategic feature. It turns ResolutionFlow from a s
| Intelligence Loop / Analytics Engine | #65 | Cross-session pattern analysis, auto-suggest flow improvements, team benchmarking |
### 4C: Automation
- PowerShell script execution framework with security sandbox
- PowerShell script execution framework with security sandbox (script generator foundation complete)
- Script library management
- Automation toggle at action nodes
@@ -128,9 +155,10 @@ This is the highest-priority strategic feature. It turns ResolutionFlow from a s
| Feature | GitHub Issue | Description |
|---------|-------------|-------------|
| AI Copilot — In-Session Intelligence | #69 | Real-time AI suggestions during troubleshooting based on context and history |
| Multi-Tree Sessions | #68 | Navigate across multiple flows in a single session, AI-suggested flow transitions |
> **Note:** AI Copilot (#69) completed in Phase 3. Session-to-Flow converter and KB Accelerator also delivered.
### 5C: Platform Growth
- Public API with key management and webhooks
- Community tree marketplace
@@ -145,23 +173,26 @@ This is the highest-priority strategic feature. It turns ResolutionFlow from a s
- Vertical-specific flow libraries (healthcare IT, financial services, education)
- Advanced compliance (SOC 2, ISO 27001)
- Voice-guided troubleshooting
- Evidence-rich sessions (screenshots, attachments, command output capture)
- Buyer-facing trust surfaces (changelog, status page, security page)
- Queue / worker architecture for AI, indexing, webhook fan-out
---
## Open GitHub Issues Summary
| # | Title | Priority | Phase |
|---|-------|----------|-------|
| #63 | PSA Integration (ConnectWise / Autotask) | HIGH | 4A |
| #70 | Quick Actions Dashboard | Medium | 3A |
| #66 | Tree Templates + Import/Export | Medium | 3C |
| #62 | Quick-Start from Clipboard | Medium | 3A |
| #61 | Tree Effectiveness Dashboard | Medium | 3B |
| #60 | Recurring Issue Detection | Medium | 3B |
| #58 | Step Feedback Flag | UX | 3A |
| #64 | Client Intelligence Sidebar | Strategic | 4B |
| #65 | Intelligence Loop / Analytics Engine | Strategic | 4B |
| #71 | Team Activity Feed + Collaboration | Low | 5A |
| #69 | AI Copilot — In-Session Intelligence | Low | 5B |
| #68 | Multi-Tree Sessions | Low | 5B |
| #67 | Push Steps to Active Sessions | Low | 5A |
| # | Title | Priority | Phase | Status |
|---|-------|----------|-------|--------|
| #63 | PSA Integration (ConnectWise / Autotask) | HIGH | 4A | Core complete, advanced in progress |
| #70 | Quick Actions Dashboard | Medium | 3A | Not started |
| #66 | Tree Templates + Import/Export | Medium | 3C | ✅ Export/Import done |
| #62 | Quick-Start from Clipboard | Medium | 3A | Not started |
| #61 | Tree Effectiveness Dashboard | Medium | 3B | Not started |
| #60 | Recurring Issue Detection | Medium | 3B | Not started |
| #58 | Step Feedback Flag | UX | 3A | Not started |
| #64 | Client Intelligence Sidebar | Strategic | 4B | Not started |
| #65 | Intelligence Loop / Analytics Engine | Strategic | 4B | Not started |
| #71 | Team Activity Feed + Collaboration | Low | 5A | Not started |
| #69 | AI Copilot — In-Session Intelligence | Low | 5B | ✅ Complete |
| #68 | Multi-Tree Sessions | Low | 5B | Not started |
| #67 | Push Steps to Active Sessions | Low | 5A | Not started |

21
docs/plans/2026-03-16-stack-priorities-and-playwright-plan.md
View File

@@ -1,9 +1,30 @@
# Stack Priorities And Playwright Plan
> **Date:** 2026-03-16
> **Updated:** 2026-03-17
> **Product:** ResolutionFlow
> **Purpose:** Turn the recent stack-gap review into a practical, sequenced execution plan
## Completion Status
| Item | Status | Notes |
|------|--------|-------|
| Product analytics (PostHog) | ✅ Complete | All 9 events tracked, identifyUser/resetAnalytics wired to auth, PostHogProvider in main.tsx |
| Playwright e2e | ✅ Complete | 17 spec files, full CI job, auth storage state, both webServers managed in config |
| Better empty states | ✅ Complete | Illustrative empty states rolled out across 8 pages, upgraded EmptyState component with illustration + learn-more support, 2 new guide entries |
| Onboarding checklist | ✅ Complete | Backend status/dismiss endpoints, dashboard checklist widget with structured steps |
| Professional exports | ✅ Complete | PDF export via WeasyPrint with branded template, supporting data in all export formats, team branding CRUD + UI settings, supporting data capture CRUD + UI |
| Coverage gates in CI | ✅ Complete | Backend enforced at 80%, frontend coverage reporting enabled (no gate yet) |
| Security headers | ✅ Complete | HSTS, X-Frame-Options, X-Content-Type-Options, Referrer-Policy, Permissions-Policy, CSP report-only |
| Web Vitals / performance budgets | ✅ Complete | LCP, INP, CLS, FCP, TTFB reported to PostHog via web-vitals library |
| Search and recall improvements | ⬜ Not started | |
| Evidence-rich sessions | ⬜ Not started | |
| Smart PSA / client context | ⬜ Not started | |
| Queue / worker architecture | ⬜ Not started | |
| Buyer-facing trust surfaces | ⬜ Not started | |
---
---
## Summary