oabrivard
/
ai_synth
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '748606c287'
${ noResults }
ai_synth/docs/architect_assessment.md

1.0 KiB
Raw Blame History

Architect Assessment

Updated Remediation Order

Summary

  • Fix API contract breaks first.
  • Then close scraper/network security gaps.
  • Then harden runtime architecture for scale/reliability.

Key Changes

  • Align /syntheses and admin rate-limit contracts end-to-end (backend + frontend + tests).
  • Wire dedicated hardened HTTP clients and enforce SSRF checks per hop with streaming body limits.
  • Move job/rate-limit state to shared backing (Redis/DB) if multi-instance is in scope.
  • Add contract tests so frontend mocks cannot drift from backend payloads.

Test Plan

  • Backend integration tests for /syntheses list shape and /admin/rate-limits/{provider_name} update path.
  • Security tests for scraper redirect/private-IP/rebinding cases and oversized responses.
  • Frontend tests consuming real API fixtures (or generated schema fixtures), not hand-crafted mismatched types.

Assumptions

  • Backend is the API source of truth.
  • You want production-safe defaults even for self-hosted single-tenant deployments.