docs: resolve documentation audit findings for 2026-04-08 by j-shilling · Pull Request #27 · CMSgov/emmy-api

j-shilling · 2026-04-08T13:46:49Z

Summary

add a dated documentation audit report at docs/audit/2026-04-08_09:26:34.md
repair runtime, setup, guide, feature, research, and AGENTS.md drift around current routes, skip-auth behavior, and the versioned OpenAPI entrypoint
replace the stale Cognito feature page with a branch-accurate skip-auth identity page

runtime docs now reflect GET /health, GET /api-spec/v1/verify, POST /api/v0/education-enrollments, and POST /api/v0/veteran-disability-ratings
setup docs now reflect the actual config surface and committed docker-compose.yml services
contract-oriented guides now clearly distinguish checked-in OpenAPI expectations from current runtime auth behavior
AGENTS.md now points at api-spec/v0/openapi.yaml

the branch still has a contract-vs-runtime auth gap: the OpenAPI and consumer guides describe OAuth2 bearer-token usage, while the running Go service does not yet implement in-process bearer-token validation
this PR documents that gap explicitly but does not change runtime auth behavior or Terraform-related infrastructure

pnpm exec markdownlint-cli2 AGENTS.md README.md api-spec/README.md schema/README.md 'docs/**/*.md'

j-shilling added 5 commits April 2, 2026 16:43

chore: pin audited pnpm transitive deps

8bba5a7

ci: add pnpm audit workflow

f03afc7

Try setting up pnpm earlier

1da1c1c

Do not cache pnpm deps

e020905

docs: resolve documentation audit findings for 2026-04-08

45e0c89

j-shilling added codex codex-automation labels Apr 8, 2026 — with ChatGPT Codex Connector