docs: full project investigation — report, TODO, AI instructions, docs-gate CI, 10 screenshots#5
Conversation
…and 10 screenshots Agent-Logs-Url: https://github.com/lupael/netAI/sessions/43c6ca86-f2eb-488e-94ab-a30174d820a9 Co-authored-by: lupael <43011721+lupael@users.noreply.github.com>
Agent-Logs-Url: https://github.com/lupael/netAI/sessions/43c6ca86-f2eb-488e-94ab-a30174d820a9 Co-authored-by: lupael <43011721+lupael@users.noreply.github.com>
There was a problem hiding this comment.
Pull request overview
This PR adds a comprehensive documentation suite for the netAI repository (investigation report, prioritized TODOs, AI contribution rules, and a screenshots index + assets) and introduces a new GitHub Actions workflow to enforce a documentation-first workflow on PRs into main.
Changes:
- Added new documentation artifacts under
docs/(investigation report, TODO list, AI instructions, screenshots index, screenshots assets). - Added
.github/workflows/docs-gate.ymlto enforce docs gating rules on PRs tomain. - Added
nohup.outto.gitignore.
Reviewed changes
Copilot reviewed 5 out of 16 changed files in this pull request and generated 5 comments.
Show a summary per file
| File | Description |
|---|---|
docs/TODO.md |
New prioritized backlog derived from the investigation findings. |
docs/investigation-report.md |
New long-form architecture/security/quality investigation report. |
docs/ai-instructions.md |
New AI/human contributor rules and documentation-first policy. |
docs/screenshots.md |
New index page linking to the committed UI screenshots. |
docs/screenshots/02-topology.png |
Adds a screenshot asset (one of the screenshot set). |
.github/workflows/docs-gate.yml |
New CI workflow to enforce docs-first and Markdown location rules. |
.gitignore |
Ignores nohup.out. |
Comments suppressed due to low confidence (1)
docs/ai-instructions.md:492
- The line “These instructions are enforced by the
docs-gate.ymlCI workflow” overstates enforcement: the workflow currently enforces markdown location + presence of docs changes + required docs files, but not most of the behavioral/security rules in this document. Consider rephrasing to “partially enforced” and listing what’s actually enforced.
---
*These instructions are enforced by the `docs-gate.yml` CI workflow. PRs that do not include a `docs/` change will be flagged.*
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| # ------------------------------------------------------------------------- | ||
| # Job 3: Verify all files referenced in docs/ actually exist | ||
| # ------------------------------------------------------------------------- | ||
| docs-links-valid: | ||
| name: Validate docs/ internal links | ||
| runs-on: ubuntu-latest | ||
| permissions: | ||
| contents: read | ||
|
|
||
| steps: | ||
| - uses: actions/checkout@v4 | ||
|
|
||
| - name: Check that docs/ index files exist | ||
| run: | | ||
| REQUIRED_FILES=( |
There was a problem hiding this comment.
Job 3 is named/link-commented as validating “docs/ internal links” / “files referenced in docs”, but the step only checks a fixed REQUIRED_FILES list exists. Either rename the job/step to reflect what it actually does, or implement real Markdown link validation (e.g., check [...](...) targets under docs/).
| HEAD_SHA="${{ github.event.pull_request.head.sha }}" | ||
|
|
||
| VIOLATIONS=$(git diff --name-only "$BASE_SHA" "$HEAD_SHA" \ | ||
| | grep '\.md$' \ |
There was a problem hiding this comment.
The Markdown filter only matches lowercase “.md”. A PR that adds/modifies “.MD” (or mixed-case) files outside docs/ would bypass this gate. Consider making the check case-insensitive (or normalizing filenames) to enforce the rule reliably.
| | grep '\.md$' \ | |
| | grep -i '\.md$' \ |
| | Backend routes | 57 across 14 modules | | ||
| | Frontend pages | 15 (all lazy-loaded) | | ||
| | Supported vendors | 8 (Cisco, MikroTik, Juniper, Nokia, Linux, BDcom, VSOL, DBC) | | ||
| | Test coverage | ⚠️ 0 unit tests (integration-only) | |
There was a problem hiding this comment.
“Test coverage |
| | Test coverage | ⚠️ 0 unit tests (integration-only) | | |
| | Test coverage | ⚠️ No automated tests | |
| │ │ │ ├── models.py # Pydantic v2 models | ||
| │ │ │ └── vendors.py # Vendor profiles & fingerprint | ||
| │ │ └── services/ # Business logic (6 services) | ||
| │ ├── requirements.txt # 11 direct Python dependencies |
There was a problem hiding this comment.
Project structure claims backend/requirements.txt has “11 direct Python dependencies”, but the file currently lists 10 pinned packages. Update the count to avoid drifting documentation.
| │ ├── requirements.txt # 11 direct Python dependencies | |
| │ ├── requirements.txt # 10 direct Python dependencies |
| | `frontend-build` | ~60s | `npm ci` + `npm run build` (Vite production build) | | ||
| | `docker-compose-validate` | ~10s | `docker compose config --quiet` | | ||
|
|
||
| **Gap**: No unit tests, no linting in CI, no docs validation. |
There was a problem hiding this comment.
This section says CI has “no docs validation”, but this PR adds .github/workflows/docs-gate.yml specifically for docs enforcement. Please update the gap list to reflect the new docs gate (or clarify that this finding refers to the pre-PR baseline).
| **Gap**: No unit tests, no linting in CI, no docs validation. | |
| **Gap**: No unit tests, no linting in CI; docs validation is covered by `.github/workflows/docs-gate.yml`. |
Summary
Full project investigation of the netAI repository, producing a complete documentation suite and CI enforcement for documentation-first workflow.
Changes
New Documentation (
docs/)docs/investigation-report.mddocs/TODO.mddocs/ai-instructions.mddocs/screenshots.mddocs/screenshots/New CI Workflow (
.github/workflows/docs-gate.yml)Three enforcement jobs that run on every PR targeting
main:docs/— Fails if any.mdfile is added or modified outsidedocs/(exceptREADME.md)docs/change — Fails if nodocs/file was modified in the PR, enforcing documentation-before-mergeMinor
nohup.outto.gitignoreScreenshots Captured
All 10 screenshots committed to
docs/screenshots/://topology/threats/devices/alerts/nlp/config/software/bgp/reportsKey Investigation Findings
Security (requires action)
python-jose,passlib) already inrequirements.txtpython-jose 3.4.0has known CVEs — upgrade required*origins — restrict in productionArchitecture
DEVICE_ID_MAPinConfig.tsxbreaks with new devicesQuality
All findings are detailed in
docs/investigation-report.mdanddocs/TODO.md.Documentation updated
docs/investigation-report.md— createddocs/TODO.md— createddocs/ai-instructions.md— createddocs/screenshots.md— createddocs/screenshots/— 10 screenshots committed