You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
24 lines
1.0 KiB
Markdown
24 lines
1.0 KiB
Markdown
# Architect Assessment
|
|
|
|
## Updated Remediation Order
|
|
|
|
### Summary
|
|
- Fix API contract breaks first.
|
|
- Then close scraper/network security gaps.
|
|
- Then harden runtime architecture for scale/reliability.
|
|
|
|
### Key Changes
|
|
- Align `/syntheses` and admin rate-limit contracts end-to-end (backend + frontend + tests).
|
|
- Wire dedicated hardened HTTP clients and enforce SSRF checks per hop with streaming body limits.
|
|
- Move job/rate-limit state to shared backing (Redis/DB) if multi-instance is in scope.
|
|
- Add contract tests so frontend mocks cannot drift from backend payloads.
|
|
|
|
### Test Plan
|
|
- Backend integration tests for `/syntheses` list shape and `/admin/rate-limits/{provider_name}` update path.
|
|
- Security tests for scraper redirect/private-IP/rebinding cases and oversized responses.
|
|
- Frontend tests consuming real API fixtures (or generated schema fixtures), not hand-crafted mismatched types.
|
|
|
|
### Assumptions
|
|
- Backend is the API source of truth.
|
|
- You want production-safe defaults even for self-hosted single-tenant deployments.
|