feat: add make lint-eslint-suppressions target and remove ESLint suppressions

[RudoiDmytro]

Summary

• Adds a standalone make lint-eslint-suppressions target that scans src tests scripts eslint.config.mjs for the four ESLint suppression directive variants, prints grep-style file:line:text, and exits non-zero while any exist.
• Removes every ESLint suppression in the default scan scope (3 in-scope matches → 0), replacing each with a real code/config fix instead of silencing the rule.
• Keeps the scan standalone during MVP — intentionally not wired into aggregate make lint or CI — and documents that placement plus future-wiring guidance.
• Adds Bats coverage for the scan's exit semantics and the aggregate-lint placement invariant, and publishes a zero baseline + enforcement decision under specs/eslint-suppressions/.

Changes

Makefile target

• New lint-eslint-suppressions target plus ESLINT_SUPPRESSION_PATTERN, ESLINT_SUPPRESSION_SCAN_PATHS (src tests scripts eslint.config.mjs), and ESLINT_SUPPRESSION_GREP_ARGS variables.
• Excludes .git, node_modules, dist, coverage, test-results, playwright-report, storybook-static, out, specs, docs; scan paths are overridable from the make invocation.
• Exit semantics: matches → exit 1 with remediation message; no matches → exit 0 with confirmation; missing-all-paths or grep error → non-zero (not masked as success).
• Header comment documents the standalone-during-MVP policy and how to wire it into aggregate lint if a future baseline decision changes that.

Suppression removals

• src/services/https-client/http-error-response-parser.ts: dropped // eslint-disable-next-line no-console by switching console.debug → console.warn (allowed by no-console); public contract, message, and payload unchanged.
• tests/unit/modules/user/features/auth/components/form-section.test.tsx: dropped /* eslint-disable testing-library/prefer-screen-queries */ by migrating all queries from the destructured render() result to the global screen.* API; all 10 assertions equivalent and green.

Config

• eslint.config.mjs: removed the eslint-comments/no-use allow list, tightening the rule to 'eslint-comments/no-use': 'error' so any future directive is flagged at lint time.

Tests

• tests/bats/eslint_suppressions.bats: covers Makefile policy placement, standalone/future-wiring docs, baseline artifact, default-scope success/report behavior, per-variant reporting, vendor/build/report exclusions, scan-path overrides, fixture-driven pass/fail exit codes, and non-match grep-error handling.
• Updated affected unit/integration tests to spy on console.warn for the parser.
• Registered the target in tests/bats/make-target-coverage.tsv.

Docs / specs

• specs/eslint-suppressions/implementation-artifacts/eslint-suppressions-baseline.md: before/after inventory (3 → 2 → 1 → 0), tooling/source/test cleanup notes, the zero baseline decision, and the finalized standalone enforcement decision.
• Added per-story planning and implementation artifacts under specs/eslint-suppressions/; added specs/README.md; minor CLAUDE.md cleanup.

Test Plan

Verified locally on this branch (all green):

• make lint — passes (lint-eslint lint-tsc lint-md lint-deps lint-metrics; only warn-level *ByTestId notices, no errors)
• make test — 112 + 5 suites, 1305 + 118 tests passed
• make test-integration — 29 suites / 365 tests passed
• make lint-eslint-suppressions — reports zero suppressions, exits 0

Related

Closes #96 (created for this work)

Implements the spec originally tracked in #53.

---

Summary by cubic

Adds a standalone make lint-eslint-suppressions target with a zero‑suppression baseline, and defers @apollo/client + DI off the auth critical path via a lightweight reactive var; mobile Lighthouse min score is now 0.85. The suppression check stays standalone (not in make lint or CI).

• New Features

  • lint-eslint-suppressions scans src tests scripts eslint.config.mjs for the four directive variants, prints file:line:text, exits non‑zero on matches or scan errors, supports path overrides, ignores vendor/build dirs, and uses portable find + grep (BusyBox‑friendly).
  • Dependency‑free ReactiveVar replaces makeVar so auth state and hooks no longer bundle @apollo/client; the DI graph loads on first auth action, with safe notification guards and same‑ref write skips. Tests cover exit semantics, deferred auth flows, and throwing‑listener paths.

• Refactors

  • Removed all in‑scope ESLint suppressions with real fixes: switched parser log to console.warn, migrated tests to screen.*, and set 'eslint-comments/no-use': 'error' (allow list removed). Updated @auth/* imports; ProtectedRoute now uses @auth/stores/use-auth-token. Neutralized the auth‑load failure message and hardened reactive‑var listener tests.

^{Written for commit a9e7de5. Summary will update on new commits.}

[coderabbitai]

Important

Review skipped

Auto incremental reviews are disabled on this repository.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: f8db008c-0ff6-4dbd-b11c-7e4612fc63a3

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

📝 Walkthrough

Walkthrough

Adds a standalone Makefile target to inventory ESLint suppressions with Bats validation, removes in-scope suppressions via source and test fixes, tightens ESLint rule config, introduces a dependency-free reactive-var + deferred auth actions, and reorganizes many spec artifacts and docs.

Changes

ESLint Suppression Inventory & Cleanup

Layer / File(s)	Summary
Makefile suppression target and variables Makefile	Adds lint-eslint-suppressions, ESLINT_SUPPRESSION_PATTERN, ESLINT_SUPPRESSION_SCAN_PATHS, ESLINT_SUPPRESSION_PRUNE_DIRS, and grep args; implements path existence, candidate collection, grep scan, and exit-code semantics.
ESLint rule tightening eslint.config.mjs	Drops the previous allow list for eslint-comments/no-use, switching to a bare 'error' configuration.
Bats test suite for suppression inventory tests/bats/eslint_suppressions.bats	Adds comprehensive Bats tests validating policy placement, baseline artifact contents, default-scan behavior, per-variant dedup reporting, directory exclusions, scan-path overrides, exit-code semantics, and grep-error propagation.
Suppression baseline artifact specs/eslint-suppressions/implementation-artifacts/eslint-suppressions-baseline.md	Publishes before/after inventory, recorded cleanup decisions (source/test/tooling), zero after-cleanup baseline, and MVP enforcement decision (standalone target).
Source suppression cleanup src/services/https-client/http-error-response-parser.ts	Switches parse-failure logging from console.debug to console.warn and removes related no-console suppression.
Test suppression cleanup / screen API migration tests/unit/modules/user/features/auth/components/form-section.test.tsx	Migrates test queries to screen.*, removes testing-library/prefer-screen-queries suppression and updates helper/usage accordingly.
Tests updated for console.warn tests/unit/... and tests/integration/...	Unit and integration tests updated to spy/assert on console.warn payloads for both Error and non-Error thrown cases.

Spec Artifacts Folder Reorganization

Layer / File(s)	Summary
Specs folder README specs/README.md	Documents feature-scoped specs/<feature>/planning-artifacts and specs/<feature>/implementation-artifacts layout, naming conventions, active-spec selection, and a status table.
ESLint planning & epics updates specs/eslint-suppressions/planning-artifacts/*	Repoint planning and epics artifacts to the new specs/eslint-suppressions/... implementation artifact paths (baseline, stories).
Per-feature spec path updates specs/rust-code-analysis/*, specs/start-ci-chromium/*, specs/makefile-playwright-targets/*	Update inputDocuments/File List references to new feature-scoped paths across several planning and implementation artifacts.
Lint metrics test path update tests/unit/scripts/lint-metrics.test.ts	Adjust storyPath to specs/rust-code-analysis/implementation-artifacts/.

Sequence Diagram(s)

(Skipped — changes are documentation, Makefile script behavior, and multiple orthogonal refactors; a sequence diagram would require inventing runtime interactions not present in summaries.)

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~45 minutes

Possibly related issues

• Implemented: make lint-eslint-suppressions target and zero ESLint suppression baseline #96 — Overlaps directly: implements make lint-eslint-suppressions, removes eslint-comments/no-use allow-list, updates http-error parser and form-section test, and adds baseline/specs/Bats tests.

Possibly related PRs

• VilnaCRM-Org/crm#72 — Related ESLint flat-config and eslint-comments/no-use adjustments.
• VilnaCRM-Org/crm#42 — Overlaps auth-layer refactors touching similar auth hooks/components.
• VilnaCRM-Org/crm#93 — Bats/Makefile test harness integration used by the new suppression tests.

Suggested reviewers

• cubic-dev-ai
• Kravalg

BLOCKER/MAJOR/MINOR notes:

• BLOCKER: Verify Makefile lint-eslint-suppressions exit-code behavior in CI (grep status handling) — small adjustments may be needed to ensure CI interprets exit codes as intended.
• MAJOR: Confirm eslint.config.mjs removal of allow is applied only after all source/tests are cleaned (specs record this, ensure CI order).
• MINOR: Tests updated to spy on console.warn — ensure no remaining silent console.debug expectations elsewhere.

[cubic-dev-ai]

3 issues found across 58 files

Confidence score: 4/5

• This PR looks safe to merge with minimal risk: the reported issues are documentation-quality problems (severity 3–4/10) rather than runtime, security, or data-handling defects.
• The most significant issue is a factual contradiction in specs/eslint-suppressions/implementation-artifacts/2-2-clean-up-tooling-suppressions-from-the-recorded-inventory.md, which could mislead future maintainers about whether the allowlist was deferred or removed.
• Two broken internal references in specs/eslint-suppressions/implementation-artifacts/3-2-publish-suppression-baseline-and-enforcement-decision.md (to .ralph/@fix_plan.md and .ralph/@AGENT.md) reduce artifact reliability but are unlikely to affect product behavior.
• Pay close attention to specs/eslint-suppressions/implementation-artifacts/2-2-clean-up-tooling-suppressions-from-the-recorded-inventory.md and specs/eslint-suppressions/implementation-artifacts/3-2-publish-suppression-baseline-and-enforcement-decision.md - resolve the contradiction and broken references to avoid future confusion.

Architecture diagram

sequenceDiagram
    participant Dev as Developer
    participant Make as Makefile
    participant Grep as grep
    participant ESLint as ESLint
    participant Parser as HttpErrorResponseParser
    participant Console as Console

    Note over Dev,Console: Suppression scan (new standalone target)

    Dev->>Make: make lint-eslint-suppressions
    Make->>Grep: grep -rnE pattern on src tests scripts eslint.config.mjs
    alt Matches found (grep exit 0)
        Grep-->>Make: file:line:matched text
        Make-->>Dev: print matches + remediation message
        Make-->>Dev: exit 1 (fail)
    else No matches (grep exit 1)
        Grep-->>Make: (no output)
        Make-->>Dev: "No ESLint suppression directives found"
        Make-->>Dev: exit 0 (pass)
    else Grep error (grep exit >=2)
        Grep-->>Make: error message on stderr
        Make-->>Dev: propagate error, exit >=2
    end

    Note over Dev,ESLint: ESLint enforcement (tightened config)

    Dev->>ESLint: make lint-eslint (or pre-commit)
    ESLint->>ESLint: Rule 'eslint-comments/no-use' → error (no allow list)
    alt ESLint disable comment present
        ESLint-->>Dev: lint error, blocks commit
    else No directive found
        ESLint-->>Dev: pass
    end

    Note over Parser,Console: Logging channel change in parser

    Parser->>Parser: parse() throws while cloning response body
    Parser->>Console: console.warn("Failed to parse HTTP error response", { message, stack })
    Note right of Console: Now allowed by no-console (allow: warn, error)
    Console-->>Parser: (logged, suppression removed)

Loading

<sub>Reply with feedback, questions, or to request a fix.

Re-trigger cubic</sub>

[RudoiDmytro]

@coderabbitai review

[coderabbitai]

✅ Action performed

Review finished.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

[coderabbitai]

✅ Action performed

Review finished.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

[coderabbitai]

✅ Action performed

Review finished.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

[coderabbitai]

Actionable comments posted: 4

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

tests/unit/services/https-client/http-error-response-parser.test.ts (1)

84-104: ⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Guard console spy restoration to prevent cross-test leakage.

warnSpy.mockRestore() is not protected; if an assertion fails before the final line, console.warn stays mocked and can cascade failures into later tests. Wrap these two tests in try/finally (or move to afterEach(jest.restoreAllMocks)).

Minimal patch

-  it('returns a readable parsed payload when cloning the response fails', async () => {
-    const parser = new HttpErrorResponseParser();
-    const warnSpy = jest.spyOn(console, 'warn').mockImplementation(() => {});
-
-    await expect(
-      parser.parse({
-        headers: { get: () => 'application/json' },
-        clone: () => {
-          throw new Error('clone failed');
-        },
-      } as unknown as Response)
-    ).resolves.toEqual({ message: 'clone failed', body: undefined });
-
-    expect(warnSpy).toHaveBeenCalledWith(
-      'Failed to parse HTTP error response',
-      expect.objectContaining({
-        message: 'clone failed',
-      })
-    );
-    warnSpy.mockRestore();
-  });
+  it('returns a readable parsed payload when cloning the response fails', async () => {
+    const parser = new HttpErrorResponseParser();
+    const warnSpy = jest.spyOn(console, 'warn').mockImplementation(() => {});
+    try {
+      await expect(
+        parser.parse({
+          headers: { get: () => 'application/json' },
+          clone: () => {
+            throw new Error('clone failed');
+          },
+        } as unknown as Response)
+      ).resolves.toEqual({ message: 'clone failed', body: undefined });
+
+      expect(warnSpy).toHaveBeenCalledWith(
+        'Failed to parse HTTP error response',
+        expect.objectContaining({
+          message: 'clone failed',
+        })
+      );
+    } finally {
+      warnSpy.mockRestore();
+    }
+  });

Also applies to: 106-125

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@tests/unit/services/https-client/http-error-response-parser.test.ts` around
lines 84 - 104, The console.warn spy in the HttpErrorResponseParser unit tests
(where warnSpy is created) isn't guaranteed to be restored if an assertion
fails; wrap the test body that creates warnSpy in a try/finally and call
warnSpy.mockRestore() in the finally block (for both tests that create warnSpy),
or alternatively add a global cleanup like afterEach(() =>
jest.restoreAllMocks()) in the test file; locate uses of HttpErrorResponseParser
and warnSpy in the failing tests and apply the try/finally restore or the
afterEach cleanup to prevent cross-test mock leakage.

🧹 Nitpick comments (1)

Makefile (1)

357-357: 💤 Low value

Minor: Unnecessary quotes on numeric exit code.

Line 357 quotes $$grep_status in the exit command. While harmless here, it's non-idiomatic for numeric exit codes.

✨ Style improvement

-		exit "$$grep_status"; \
+		exit $$grep_status; \

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@Makefile` at line 357, The exit command is using a quoted numeric variable
("$$grep_status") which is non-idiomatic; update the exit invocation that
references $$grep_status so it passes the variable unquoted (use exit
$$grep_status) to return the numeric status directly, ensuring no quotes
surround the $$grep_status variable.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@CLAUDE.md`:
- Around line 440-451: The CLAUDE.md addition introducing BMAD "Phases" and
commands (`/bmalph`, `/bmad-help`, `/bmalph-status`, `/create-brief`,
`/create-prd`, `/create-ux`, `/create-architecture`, `/create-epics-stories`,
`/sprint-planning`, `/bmalph-implement`) must be removed from this
ESLint-suppression PR and placed in a separate PR or commit scoped to BMAD docs;
revert the CLAUDE.md changes related to BMAD in this branch, then create a new
branch/PR that adds the BMAD docs only. In the new BMAD docs PR, confirm that
`_bmad/COMMANDS.md` exists and that each referenced command name matches the
actual BMAD-METHOD implementations/command registry before publishing the
cross-reference.

In `@Makefile`:
- Around line 335-338: The Makefile variable ESLINT_SUPPRESSION_GREP_ARGS uses
the GNU-only flag --binary-files=without-match which fails on BusyBox/Alpine;
update the variable definition to use the POSIX-compatible short flag -I instead
(i.e., replace --binary-files=without-match with -I) so grep invocation in
ESLINT_SUPPRESSION_GREP_ARGS works on both GNU grep and BusyBox grep without
changing the rest of the excludes.

In
`@specs/eslint-suppressions/implementation-artifacts/2-2-clean-up-tooling-suppressions-from-the-recorded-inventory.md`:
- Around line 44-53: Update the Story 2.2 notes to indicate that the
eslint-comments/no-use allow-list referenced in the baseline was later removed
from eslint.config.mjs and is therefore a historical interim decision; add a
clear “superseded by Story 2.5 / final cleanup” note and brief rationale so the
artifact no longer contradicts current config, and apply the same edit to the
other corresponding section covering the same artifact (the lines noted in the
review).

In
`@specs/eslint-suppressions/implementation-artifacts/3-2-publish-suppression-baseline-and-enforcement-decision.md`:
- Line 94: The Bats test count is inconsistent between Story 3.1 ("Full Bats
suite 25/25 green (24 prior + 1 new)") and this story ("10/10 green"); verify
the actual total and new/prior split by running the Bats suite or checking the
test manifest, then update the incorrect story text (the "25/25..." string in
Story 3.1 or the "10/10 green" string in the 3-2 publish suppression baseline
story) so both stories report the same accurate test counts and wording.

---

Outside diff comments:
In `@tests/unit/services/https-client/http-error-response-parser.test.ts`:
- Around line 84-104: The console.warn spy in the HttpErrorResponseParser unit
tests (where warnSpy is created) isn't guaranteed to be restored if an assertion
fails; wrap the test body that creates warnSpy in a try/finally and call
warnSpy.mockRestore() in the finally block (for both tests that create warnSpy),
or alternatively add a global cleanup like afterEach(() =>
jest.restoreAllMocks()) in the test file; locate uses of HttpErrorResponseParser
and warnSpy in the failing tests and apply the try/finally restore or the
afterEach cleanup to prevent cross-test mock leakage.

---

Nitpick comments:
In `@Makefile`:
- Line 357: The exit command is using a quoted numeric variable
("$$grep_status") which is non-idiomatic; update the exit invocation that
references $$grep_status so it passes the variable unquoted (use exit
$$grep_status) to return the numeric status directly, ensuring no quotes
surround the $$grep_status variable.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: be950d4b-2909-430d-80bd-e755cb46d9c7

📥 Commits

Reviewing files that changed from the base of the PR and between c0c5f23 and 4587014.

⛔ Files ignored due to path filters (1)

• tests/bats/make-target-coverage.tsv is excluded by !**/*.tsv

📒 Files selected for processing (57)

• CLAUDE.md
• Makefile
• eslint.config.mjs
• specs/README.md
• specs/eslint-suppressions/implementation-artifacts/.gitkeep
• specs/eslint-suppressions/implementation-artifacts/1-1-add-standalone-suppression-inventory-target.md
• specs/eslint-suppressions/implementation-artifacts/1-2-report-required-directive-variants-once-with-file-and-line-output.md
• specs/eslint-suppressions/implementation-artifacts/1-3-preserve-pass-fail-and-scan-error-exit-semantics.md
• specs/eslint-suppressions/implementation-artifacts/2-1-capture-current-suppression-inventory.md
• specs/eslint-suppressions/implementation-artifacts/2-2-clean-up-tooling-suppressions-from-the-recorded-inventory.md
• specs/eslint-suppressions/implementation-artifacts/2-3-clean-up-source-suppressions-from-the-recorded-inventory.md
• specs/eslint-suppressions/implementation-artifacts/2-4-clean-up-test-suppressions-from-the-recorded-inventory.md
• specs/eslint-suppressions/implementation-artifacts/2-5-record-after-cleanup-inventory-and-baseline-decision.md
• specs/eslint-suppressions/implementation-artifacts/3-1-document-standalone-workflow-placement.md
• specs/eslint-suppressions/implementation-artifacts/3-2-publish-suppression-baseline-and-enforcement-decision.md
• specs/eslint-suppressions/implementation-artifacts/eslint-suppressions-baseline.md
• specs/eslint-suppressions/planning-artifacts/architecture-eslint-suppressions-2026-04-14.md
• specs/eslint-suppressions/planning-artifacts/epics-eslint-suppressions-2026-04-14.md
• specs/eslint-suppressions/planning-artifacts/prd-eslint-suppressions-2026-04-14.md
• specs/makefile-playwright-targets/implementation-artifacts/.gitkeep
• specs/makefile-playwright-targets/planning-artifacts/architecture-makefile-playwright-targets-2026-04-16.md
• specs/makefile-playwright-targets/planning-artifacts/epics-makefile-playwright-targets-2026-04-16.md
• specs/makefile-playwright-targets/planning-artifacts/prd-makefile-playwright-targets-2026-04-16.md
• specs/rust-code-analysis/implementation-artifacts/1-1-commit-repository-policy-configuration.md
• specs/rust-code-analysis/implementation-artifacts/1-2-make-lint-metrics-target-full-enforcement-reporting.md
• specs/rust-code-analysis/implementation-artifacts/2-1-github-actions-workflow-automated-analysis.md
• specs/rust-code-analysis/implementation-artifacts/2-2-baseline-compliance-verification-required-check-registration.md
• specs/rust-code-analysis/implementation-artifacts/3-1-contributor-documentation-code-quality-gate.md
• specs/rust-code-analysis/planning-artifacts/architecture-rust-code-analysis-2026-03-11.md
• specs/rust-code-analysis/planning-artifacts/epics-rust-code-analysis-2026-03-11.md
• specs/rust-code-analysis/planning-artifacts/prd-rust-code-analysis-2026-03-11.md
• specs/start-ci-chromium/implementation-artifacts/1-1-move-mockoon-into-the-development-compose-topology.md
• specs/start-ci-chromium/implementation-artifacts/1-2-start-frontend-and-mockoon-together.md
• specs/start-ci-chromium/implementation-artifacts/1-3-add-mockoon-readiness-and-failure-output.md
• specs/start-ci-chromium/implementation-artifacts/1-4-preserve-production-test-startup-after-the-mockoon-move.md
• specs/start-ci-chromium/implementation-artifacts/2-1-add-ci-environment-setup-phase.md
• specs/start-ci-chromium/implementation-artifacts/2-2-add-parallel-lint-phase.md
• specs/start-ci-chromium/implementation-artifacts/2-3-add-environment-assuming-unit-test-phase.md
• specs/start-ci-chromium/implementation-artifacts/2-4-add-top-level-make-ci-orchestration.md
• specs/start-ci-chromium/implementation-artifacts/4-1-introduce-shared-lighthouse-setup-target.md
• specs/start-ci-chromium/implementation-artifacts/4-2-update-desktop-and-mobile-lighthouse-targets-to-use-shared-setup.md
• specs/start-ci-chromium/implementation-artifacts/4-3-remove-obsolete-lighthouse-build-command-wiring.md
• specs/start-ci-chromium/implementation-artifacts/5-1-document-complete-local-startup-behavior.md
• specs/start-ci-chromium/implementation-artifacts/5-2-document-make-ci-usage-and-gnu-make-prerequisite.md
• specs/start-ci-chromium/implementation-artifacts/5-3-make-changed-targets-discoverable-through-make-help.md
• specs/start-ci-chromium/implementation-artifacts/5-4-document-make-targets-as-contracts.md
• specs/start-ci-chromium/implementation-artifacts/5-5-document-the-make-start-ci-migration-path.md
• specs/start-ci-chromium/planning-artifacts/architecture-ci-chromium-2026-04-14.md
• specs/start-ci-chromium/planning-artifacts/epics-start-ci-chromium-2026-04-14.md
• specs/start-ci-chromium/planning-artifacts/prd-start-ci-chromium-2026-04-10.md
• src/services/https-client/http-error-response-parser.ts
• tests/bats/eslint_suppressions.bats
• tests/integration/services/http-error-response-parser.integration.test.ts
• tests/integration/services/https-client-response-processing.integration.test.ts
• tests/unit/modules/user/features/auth/components/form-section.test.tsx
• tests/unit/scripts/lint-metrics.test.ts
• tests/unit/services/https-client/http-error-response-parser.test.ts

[cubic-dev-ai]

0 issues found across 8 files (changes from recent commits).

_{Re-trigger cubic}

[cubic-dev-ai]

0 issues found across 2 files (changes from recent commits).

_{Re-trigger cubic}

[cubic-dev-ai]

0 issues found across 2 files (changes from recent commits).

_{Re-trigger cubic}

[qodo-code-review]

Qodo reviews are paused for this user.

Troubleshooting steps vary by plan Learn more →

On a Teams plan?
Reviews resume once this user has a paid seat and their Git account is linked in Qodo.
Link Git account →

Using GitHub Enterprise Server, GitLab Self-Managed, or Bitbucket Data Center?
These require an Enterprise plan - Contact us
Contact us →

[cubic-dev-ai]

1 issue found across 12 files (changes from recent commits).

<sub>Tip: Review your code locally with the cubic CLI to iterate faster.

Re-trigger cubic</sub>

[RudoiDmytro]

@coderabbitai review

[coderabbitai]

✅ Action performed

Review finished.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

[coderabbitai]

Actionable comments posted: 5

🧹 Nitpick comments (2)

src/modules/user/features/auth/stores/auth-var.ts (1)

5-5: ⚡ Quick win

Use @auth/ alias for cross-directory import within the auth feature.

The import from ../types/reactive-var crosses directories within the auth feature tree. Per coding guidelines, use the @auth/* alias for cross-directory imports to maintain consistency.

📦 Recommended fix

-import type { ReactiveVar } from '../types/reactive-var';
+import type { ReactiveVar } from '`@auth/types/reactive-var`';

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@src/modules/user/features/auth/stores/auth-var.ts` at line 5, Replace the
relative cross-directory import in auth-var.ts with the auth feature alias:
change the import of ReactiveVar from "../types/reactive-var" to use the `@auth`
path (e.g., import type { ReactiveVar } from '`@auth/types/reactive-var`') so the
module uses the standardized alias for cross-directory imports within the auth
feature.

Source: Coding guidelines

src/modules/user/features/auth/stores/reactive-var.ts (1)

1-1: ⚡ Quick win

Use @auth/ alias for cross-directory import within the auth feature.

The import from ../types/reactive-var crosses directories (stores/ → types/) within the auth feature tree. Per coding guidelines, use the @auth/* alias for these imports to maintain consistency and readability.

📦 Recommended fix

-import type { ReactiveVar, ReactiveVarListener } from '../types/reactive-var';
+import type { ReactiveVar, ReactiveVarListener } from '`@auth/types/reactive-var`';

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@src/modules/user/features/auth/stores/reactive-var.ts` at line 1, Replace the
cross-directory relative import in reactive-var.ts with the auth feature alias:
update the import of the types ReactiveVar and ReactiveVarListener (symbols:
ReactiveVar, ReactiveVarListener) to use the `@auth/` path (e.g.
`@auth/types/reactive-var`) so the file imports via the feature alias instead of
../types/reactive-var.

Source: Coding guidelines

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@Makefile`:
- Around line 355-359: The current Makefile snippet captures output of find into
the variable scan_files (using scan_files=$$(find $$scan_paths $$prune_expr
-type f -print)) but ignores find's exit status, allowing permission/read errors
to be masked as "No ESLint suppression directives found"; change the logic to
capture both output and find's exit code (e.g., run find and then check $? or
use a conditional assignment like if ! scan_files=$$(find ...); then propagate
the non-zero exit code with exit $$? ), and only treat an empty scan_files as a
successful "no results" case when find itself succeeded; reference the
variables/command: scan_files, scan_paths, prune_expr, and the find invocation
to locate where to add the exit-status check and propagate failures.

In `@src/modules/user/features/auth/stores/index.ts`:
- Line 1: Update the two relative imports in this auth feature barrel to use the
auth/* alias instead of relative paths: replace the import of AuthError (and the
other import on line 3) from '../types/auth-error' (and its sibling) with the
corresponding aliased paths like 'auth/types/auth-error' (and the other as
'auth/...') so cross-directory auth feature imports use the auth/* alias; keep
the imported symbol names (e.g., AuthError) unchanged.
- Around line 37-48: The catch in DeferredAuthActions.resolveSafely swallows
errors; update the catch to log the caught error (include message/stack) before
clearing DeferredAuthActions.instance and calling
onFailure(DeferredAuthActions.loadFailure). Use the project's logger if
available (or console.error as fallback), and include identifying context like
"DeferredAuthActions.load failed" and the error object so network/chunk/DI
failures are visible in monitoring.

In `@src/modules/user/features/auth/stores/reactive-var-state.ts`:
- Line 1: The import in reactive-var-state.ts uses a relative path; change the
import of the ReactiveVarListener type to use the auth/* alias (e.g. import
ReactiveVarListener from 'auth/types/reactive-var') so cross-directory imports
within the auth feature follow the coding guideline; update the import statement
that references ReactiveVarListener accordingly.
- Around line 26-27: Wrap each listener invocation in a try-catch so one failing
subscriber doesn't stop others: change the two notification loops (the calls to
notified.forEach((listener) => listener(value)) and
this.always.forEach((listener) => listener())) to call each listener inside a
try { listener(...) } catch (err) { console.error('ReactiveVar listener error',
{ listener, err, value }); } (or use the module's logger if available) so
exceptions are logged and subsequent listeners still run.

---

Nitpick comments:
In `@src/modules/user/features/auth/stores/auth-var.ts`:
- Line 5: Replace the relative cross-directory import in auth-var.ts with the
auth feature alias: change the import of ReactiveVar from
"../types/reactive-var" to use the `@auth` path (e.g., import type { ReactiveVar }
from '`@auth/types/reactive-var`') so the module uses the standardized alias for
cross-directory imports within the auth feature.

In `@src/modules/user/features/auth/stores/reactive-var.ts`:
- Line 1: Replace the cross-directory relative import in reactive-var.ts with
the auth feature alias: update the import of the types ReactiveVar and
ReactiveVarListener (symbols: ReactiveVar, ReactiveVarListener) to use the
`@auth/` path (e.g. `@auth/types/reactive-var`) so the file imports via the feature
alias instead of ../types/reactive-var.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: a9f140dd-e6c6-457e-874a-2ed65ca98822

📥 Commits

Reviewing files that changed from the base of the PR and between 4587014 and e6beaeb.

📒 Files selected for processing (20)

• .claude/skills/AI-AGENT-GUIDE.md
• .claude/skills/SKILL-DECISION-GUIDE.md
• Makefile
• lighthouse/lighthouserc.mobile.js
• specs/eslint-suppressions/implementation-artifacts/1-3-preserve-pass-fail-and-scan-error-exit-semantics.md
• specs/eslint-suppressions/implementation-artifacts/2-2-clean-up-tooling-suppressions-from-the-recorded-inventory.md
• specs/eslint-suppressions/implementation-artifacts/2-5-record-after-cleanup-inventory-and-baseline-decision.md
• specs/eslint-suppressions/implementation-artifacts/3-1-document-standalone-workflow-placement.md
• specs/eslint-suppressions/implementation-artifacts/3-2-publish-suppression-baseline-and-enforcement-decision.md
• src/modules/user/features/auth/components/protected-route/index.tsx
• src/modules/user/features/auth/stores/auth-var.ts
• src/modules/user/features/auth/stores/index.ts
• src/modules/user/features/auth/stores/reactive-var-state.ts
• src/modules/user/features/auth/stores/reactive-var.ts
• src/modules/user/features/auth/types/reactive-var.ts
• tests/integration/modules/user/features/auth/stores/deferred-auth-actions.integration.test.ts
• tests/integration/modules/user/features/auth/stores/reactive-var.integration.test.ts
• tests/unit/lighthouse/lighthouserc.mobile.test.ts
• tests/unit/modules/user/features/auth/stores/deferred-auth-actions.test.ts
• tests/unit/modules/user/features/auth/stores/reactive-var.test.ts

💤 Files with no reviewable changes (2)

• specs/eslint-suppressions/implementation-artifacts/2-5-record-after-cleanup-inventory-and-baseline-decision.md
• specs/eslint-suppressions/implementation-artifacts/1-3-preserve-pass-fail-and-scan-error-exit-semantics.md

✅ Files skipped from review due to trivial changes (5)

• src/modules/user/features/auth/components/protected-route/index.tsx
• tests/unit/lighthouse/lighthouserc.mobile.test.ts
• specs/eslint-suppressions/implementation-artifacts/3-1-document-standalone-workflow-placement.md
• specs/eslint-suppressions/implementation-artifacts/2-2-clean-up-tooling-suppressions-from-the-recorded-inventory.md
• specs/eslint-suppressions/implementation-artifacts/3-2-publish-suppression-baseline-and-enforcement-decision.md

[cubic-dev-ai]

1 issue found across 8 files (changes from recent commits).

<sub>Tip: Review your code locally with the cubic CLI to iterate faster.

Re-trigger cubic</sub>

[cubic-dev-ai]

0 issues found across 1 file (changes from recent commits).

<sub>Requires human review: Auto-approval blocked by 1 unresolved issue from previous reviews.

Re-trigger cubic</sub>

[cubic-dev-ai]

0 issues found across 1 file (changes from recent commits).

<sub>Requires human review: Auto-approval blocked by 1 unresolved issue from previous reviews.

Re-trigger cubic</sub>

[cubic-dev-ai]

0 issues found across 3 files (changes from recent commits).

_{Re-trigger cubic}

[qodo-code-review]

Qodo reviews are paused for this user.

Troubleshooting steps vary by plan Learn more →

On a Teams plan?
Reviews resume once this user has a paid seat and their Git account is linked in Qodo.
Link Git account →

Using GitHub Enterprise Server, GitLab Self-Managed, or Bitbucket Data Center?
These require an Enterprise plan - Contact us
Contact us →

[Kravalg]

We should add separated CI check for this new make command