SESSION-PRIME: paste body's fenced block into a fresh Claude session to orient fast

[TortoiseWolfe]

Purpose: this issue is the durable roadmap for TortoiseWolfe/ScriptHammer. The body below is always-current — active arc, next 3 sessions queued, backlog. Comments are the audit trail. The prime prompt at the top tells a fresh Claude session to read this body first.

✅ Updated 2026-06-08. Two of the three unblock-me items turned out to be autonomous and are DONE. (1) All 11 payment edge functions deployed to prod via the Supabase Management API (POST /functions/deploy, multipart raw-source) — no CLI needed; the SUPABASE_ACCESS_TOKEN + ref in .env authenticate, and zero functions were deployed before. So the #5 webhook code (grace-period, the supabase.sql increment fix, the PayPal failed-payment branch) is now LIVE. See [[lesson_edge_function_deploy_management_api]]. (2) #5 grace-period UI + dup-guard functionally verified (DB-only, no creds): seeded a grace_period row → loaded /account/subscriptions as the test user via Playwright MCP → "Grace period: 5 days remaining" + badge rendered through real RLS; a 2nd live insert hit idx_subscriptions_one_live_per_user (23505); all artifacts cleaned up. (3) #45 Sentry error monitoring SHIPPED (PR #145, squash-merged 8a53e9f, closed #45) — client-only @sentry/react (static-export-safe), consent-gated via ConsentContext, PII-scrubbed beforeSend, single capture chokepoint in error-handler, CSP updated. Inert until a DSN is set (no-op while NEXT_PUBLIC_SENTRY_DSN is empty). ONLY remaining blocker: Stripe + PayPal sandbox creds (for live payment traffic + un-skipping the cred-blocked E2E) and a Sentry DSN (to flip #45 on). Both are user-supplied; all engineering is done. (4) Bonus autonomous slice SHIPPED (PR #146, squash-merged 78a5051): a subscription E2E seed fixture (seedIsolatedSubscription) un-skipped the grace-period-countdown + duplicate-prevention (23505) tests — verified green in CI (skip count 85→27 via this + the audit reclassification; the old "85 cred-blocked" figure was wrong — only ~6 are actually cred-gated, per the regenerated docs/payment-e2e-skip-index.md). (5) Unified payment hub + realtime SHIPPED (PR #147, squash-merged 89ff7f5): consolidated /payment/dashboard + /account/subscriptions into one tabbed /payment hub (Overview/Subscriptions, ?tab= deep-link) and made PaymentHistory + SubscriptionManager live via Supabase Realtime (reusable usePaymentResultsRealtime/useSubscriptionsRealtime hooks). Root-cause caught by live E2E: payment_results/subscriptions were NOT in the supabase_realtime publication → the channel got no events; added them (migration + applied to prod), verified counter 2→3 live. Un-skipped 4 more 06-realtime tests (skip count 27→23). See [[lesson_realtime_publication_membership]].

---

Prime prompt (copy from here into a fresh Claude session)

/prep

Then check this issue (TortoiseWolfe/ScriptHammer#115) — its BODY is the current roadmap. Read everything below the prime prompt: active arc, next 3 sessions queued, backlog. The most recent COMMENT on this issue is the audit trail of what changed since the previous session.

Supplementary context (read if the body's roadmap references them or if the user's first message takes us off-roadmap):
1. `~/.claude/projects/-home-TurtleWolfe-repos-ScriptHammer/memory/MEMORY.md` — top of the index lists NON-NEGOTIABLE user preferences + recently-banked lessons. Read these first; they're binding.
2. `git log --oneline -20` — what shipped recently.
3. Open issues (`gh issue list --repo TortoiseWolfe/ScriptHammer --state open`) — most are tagged `template-v1-out-of-scope` (Eval-Backlog / Gap-Audit). Treat those as deferred backlog, not active work.
4. Open PRs (`gh pr list --repo TortoiseWolfe/ScriptHammer --state open`).

Operational reminders from MEMORY.md / CLAUDE.md you'll trip over otherwise:
- ALWAYS prefer cleaner long-term solutions over quick hacks. Never offer a hack as the primary recommendation. Fix root cause, not symptoms.
- SECURITY DEFINER to bypass RLS is a hack, not a fix.
- CI honesty: a green job `conclusion` ≠ 0 flaky — `retries:2` masks retry-recovered failures. ALWAYS read per-job `flaky`/`failed` lines + `gh api .../commits/<sha>/check-runs` annotations before claiming clean or merging.
- Pushing to `.github/workflows/**` needs SSH (gh HTTPS token lacks `workflow` scope). If the session's ssh-agent is empty, your key may be in another `/tmp/ssh-*/agent.*` socket — probe them and `export SSH_AUTH_SOCK=<the one that authenticates>`.
- Supabase prod can DRIFT from the monolithic migration. Verify schema/triggers against the LIVE DB (`pg_get_triggerdef`, `information_schema.columns`), never trust issue text or the migration file alone. See [[lesson_prod_schema_drift_audit_logs]] + [[lesson_subscriptionmanager_schema_drift]]. Mgmt API DDL: build the JSON payload from a FILE, not bash `$$` interpolation.
- Edge-function CODE merging ≠ deployed. ScriptHammer has NO CI that deploys Supabase edge functions — they need a manual `supabase functions deploy <name>`. Don't claim a webhook change is live in prod on merge.
- Honest contrast tests: jsdom can't measure DaisyUI contrast (tokens resolve empty → silent gray-on-gray pass). Must be Playwright + read colors through a `<canvas>` (Chromium serializes OKLCH custom props as `oklch()` strings, not rgb()). See [[lesson_oklch_contrast_canvas_playwright]].
- Regenerate Supabase types via the Management API (GET /v1/projects/{ref}/types/typescript), NOT a local CLI install.
- CI mutex serializes E2E runs; PR E2E is chromium-only (firefox/webkit on push-to-main + cron, or the `full-e2e` PR label). docs/`.claude`/`.specify`/`features`/md changes skip E2E (paths-ignore). `--admin` merge is OK when all gates+smoke are green and only unrelated chromium-gen shards (or a documented unrelated retry-recovered flake) remain.

Then either start on the roadmap's "next session should" item, or ask the user if they want to deviate.

Stop reading here when priming — everything below is the roadmap

---

Roadmap

Active arc

FINAL UNBLOCK — only credentials remain. All autonomous engineering is shipped. The two "blocked" items that turned out to be autonomous (the #5 edge-function deploy + verify, and the #45 Sentry scaffold) are DONE. What's left needs values only the user can create.

Status: 2 of 3 unblock-items DONE (2026-06-08). The remaining work is gated purely on user-supplied creds.

Remaining tasks (what only the user can provide):

• (1) [Eval-Backlog] SUBSCRIPTION-MGMT: subscription management route + 4 edge functions + grace-period wiring #5 edge-function deploy + verify — DONE. All 11 functions deployed via the Management API (CLI-free); grace-period UI + 23505 dup-guard functionally verified. See [[lesson_edge_function_deploy_management_api]].
• (2) [Gap-Audit] 044 Error Handler Integrations: Sentry/LogRocket integration + PII scrubbing + session replay #45 error monitoring — DONE. Sentry chosen, scaffolded DSN-less (PR feat(monitoring): #45 consent-gated Sentry error monitoring (client-only, PII-scrubbed) #145, closed [Gap-Audit] 044 Error Handler Integrations: Sentry/LogRocket integration + PII scrubbing + session replay #45). Inert until a DSN is set.
• (3) Payments backend live traffic + live-acceptance ([Phase 0] Implement 8 missing outbound Edge Functions for payment integration #100/[Phase 0c] PayPal one-off: create-paypal-order + capture-paypal-order (~4h) #103/[Phase 0d] PayPal subscription: create-paypal-subscription (~2h) #104/[Phase 0e] Subscription lifecycle: cancel-subscription + resume-subscription (~3h) #105/[Phase 0f] Shared infra + un-skip 86 E2E payment tests (~2h) #106) — sandbox creds. Code is deployed; needs Stripe + PayPal sandbox keys set on the deployed functions via POST /v1/projects/{ref}/secrets (Stripe secret + STRIPE_WEBHOOK_SECRET; PayPal client-secret + PAYPAL_WEBHOOK_ID). Then run live-acceptance E2E, un-skip the 6 truly cred-blocked tests per docs/payment-e2e-skip-index.md ([Gap-Audit] tests/e2e/payment/: 84 test.skip — index by blocker #53 — count corrected from the stale "85"; only ~6 are cred-gated), close [Phase 0e] Subscription lifecycle: cancel-subscription + resume-subscription (~3h) #105/[Phase 0f] Shared infra + un-skip 86 E2E payment tests (~2h) #106.
• (2-followup) Flip [Gap-Audit] 044 Error Handler Integrations: Sentry/LogRocket integration + PII scrubbing + session replay #45 live — Sentry DSN. User creates a free Next.js project at sentry.io → copies the DSN (Client Keys) → sets NEXT_PUBLIC_SENTRY_DSN in .env + the GitHub Actions secret. Monitoring activates with zero code change (after analytics consent).

Blockers (the ONLY things left, both user-supplied):

• Stripe + PayPal sandbox creds → set via POST /secrets, then live-acceptance + un-skip ([Eval-Backlog] PAYMENT-DASHBOARD: user-facing payment dashboard route #3 payment backend).
• A Sentry DSN → flips [Gap-Audit] 044 Error Handler Integrations: Sentry/LogRocket integration + PII scrubbing + session replay #45 on.

---

Next 3 sessions queued

Only one cred-gated session remains; everything else is design-call backlog.

Session +1 (unblocked by Stripe/PayPal sandbox creds): Payments backend live-acceptance (#100/#103/#104/#105/#106) — the function code is already deployed to prod. Set the provider secrets via POST /v1/projects/{ref}/secrets (Stripe secret + STRIPE_WEBHOOK_SECRET; PayPal client-secret + PAYPAL_WEBHOOK_ID), run the live-acceptance E2E, un-skip the ~6 cred-blocked tests per docs/payment-e2e-skip-index.md, then close #105/#106.

• First action: confirm sandbox creds are available; set them via the Management API secrets endpoint (build the JSON from a file), then un-skip.

Quick follow-up (unblocked by a Sentry DSN): flip #45 live — set NEXT_PUBLIC_SENTRY_DSN in .env + the Actions secret. No code change; verify init fires after analytics consent and an error reaches Sentry post-scrub.

If the user has NO creds ready, the only remaining candidates are design-call / speculative items — flag that they need a product/design decision first; don't start them blind:

• Speculative realtime widgets (deferred this session, deliberately): reconnection-button UI, batch-update grouping, real-time error toast, payment chart (the remaining 06-realtime skips). No clear user need; a chart adds a dependency. Out of scope for a template unless the user asks.
• Offline-queue E2E ([Eval-Backlog] PAYMENT-OFFLINE-UI: UI layer for existing offline payment queue #4 follow-up): client-side Dexie PaymentQueueV2/queuedOperations → needs an in-page IndexedDB seed fixture (NOT a DB insert) + the empty test bodies written. Autonomous but non-trivial.
• Design-call items: [Gap-Audit] 010 Unified Blog: implement offline editing + sync + conflict resolution + migration tooling #25 (blog offline/sync — XL), [Gap-Audit] 026 Unified Messaging Sidebar: mobile drawer transitions + badge sync latency #35 (mobile-drawer-polish half), [Gap-Audit] 029 SEO Editorial Assistant: technical.ts test coverage + import-bundle conflict UX + offline autosave #38 (SEO offline autosave — XL).

Backlog (no scheduled position)

• Tier-2 remainder needing real design/decisions — [Gap-Audit] 029 SEO Editorial Assistant: technical.ts test coverage + import-bundle conflict UX + offline autosave #38 (SEO offline autosave — XL: new blog editor page + draft adapter; was UNDER-scoped in the old roadmap as paired-with-[Gap-Audit] 028 Enhanced Geolocation: address search + mobile GPS + click-to-set + accuracy viz + IP fallback #37), [Gap-Audit] 016 Messaging Critical Fixes: 5 separate UX issues, none shipped #30 (password-manager UX placement), [Gap-Audit] 026 Unified Messaging Sidebar: mobile drawer transitions + badge sync latency #35 (mobile-jank: audit-then-maybe-nothing), [Gap-Audit] 010 Unified Blog: implement offline editing + sync + conflict resolution + migration tooling #25 (blog offline/sync/conflict — XL, needs a product call + DiffModal design), [Gap-Audit] 020 PWA Background Sync: Firefox/Safari fallback + retry UI + storage warnings #32 (PWA background-sync Firefox/Safari fallback + retry UI). [Eval-Backlog] PAYMENT-OFFLINE-UI: UI layer for existing offline payment queue #4 (PAYMENT-OFFLINE-UI) pairs with the now-shipped [Eval-Backlog] PAYMENT-DASHBOARD: user-facing payment dashboard route #3 dashboard.
• [Eval-Backlog] SUBSCRIPTION-MGMT: subscription management route + 4 edge functions + grace-period wiring #5 follow-ups — DONE for grace + duplicate (PR test(payment): #53 subscription E2E seed fixture + un-skip grace-period & dup-guard #146) AND the realtime sub-status flow (PR feat(payment): unified /payment hub with realtime PaymentHistory + Subscriptions #147: seedIsolatedSubscription + seedIsolatedPayment fixtures, 6 payment tests un-skipped total, green in CI). Remaining: the cancel flow (drives the cancel-subscription Edge Function — needs the deployed fn exercised with provider config) and the offline-queue E2E (empty stubs + client-side Dexie — see speculative/deferred list above).
• Prod schema-drift audit — three drifts found across recent sessions ([Gap-Audit] auth_audit_logs sign_up events not written for all signup paths #49 trigger, fix(types): regenerate Supabase types + fix masked payment-retry schema drift #135 payment retry_count, [Eval-Backlog] SUBSCRIPTION-MGMT: subscription management route + 4 edge functions + grace-period wiring #5 SubscriptionManager interface). Worth a one-time diff of every table in the monolithic migration vs live information_schema. See [[lesson_prod_schema_drift_audit_logs]] + [[lesson_subscriptionmanager_schema_drift]].
• E2E stability — known flaky: oauth-csrf.spec.ts:78 webkit (live github.com nav) and messaging-scroll.spec.ts:292 ("Jump button appears when scrolled" — fixture-height/timing flake, chromium + webkit, retry-recovers; documented in CLAUDE.md). Both retry-recover; harden if noisy.
• Reusable substrate (on main): embed-theme.ts + useEmbedThemeColor (theme→embed color, contrast-gated); EmailProviderHealth organism; the unified /payment hub (tabbed shell at src/app/payment/, ?tab= deep-link via SearchParamsReader, synchronous URL→tab init) — the canonical multi-surface-page pattern; the idx_subscriptions_one_live_per_user dup-guard pattern; PaymentQueuePanel (offline-queue mgmt UI); useConnections realtime-badge pattern; startFormQueueFallback (foreground queue flush for non-SyncManager browsers); resolveParticipantName (deleted-vs-unknown profile); viewport-fit=cover + env(safe-area-inset-*) for iOS input safe-area. Plus [Gap-Audit] 044 Error Handler Integrations: Sentry/LogRocket integration + PII scrubbing + session replay #45: src/lib/monitoring/ (scrub.ts PII scrubber, sentry.ts consent-gated client init, SentryMonitor) — the consent-gated-3rd-party-SDK pattern. Plus feat(payment): unified /payment hub with realtime PaymentHistory + Subscriptions #147: usePaymentResultsRealtime/useSubscriptionsRealtime (debounced postgres_changes + connection-status, optional realtime prop) — the reusable realtime-list pattern (REMEMBER: the table must be in the supabase_realtime publication, see [[lesson_realtime_publication_membership]]). CLI-free edge-function deploy via the Management API (see [[lesson_edge_function_deploy_management_api]]).

---

Next session should

Ask the user for the two remaining credentials and execute the instant either lands: (1) Stripe + PayPal sandbox creds → set via POST /v1/projects/{ref}/secrets, run payment live-acceptance, un-skip the ~6 truly cred-gated E2E (#3 / #100/#103/#104/#105/#106); (2) a Sentry DSN → drop into .env + Actions secret to flip #45 live. All engineering is shipped — the 11 edge functions are deployed; #5 grace/dup/realtime verified; #45 merged (needs the DSN); the /payment hub + realtime shipped (PR #147). Of the 23 remaining payment E2E skips, only ~6 are cred-gated; the rest are speculative widgets / offline-queue Dexie / perf — all design-call backlog. Override: if the user's first message has a different priority, follow the user.

---

Why this exists

Sessions end. The next session starts cold. Without a single canonical "what was the world like when we last stopped + here's what to do next" pointer, the new model wastes context wandering. This issue is the one URL to paste into a fresh chat. The BODY carries the plan; comments form the audit trail.

How to maintain

Run /session-prime at session-end. The skill rewrites the body to reflect what changed in the roadmap and appends a comment with the audit trail.

If the prime prompt itself becomes stale (memory file renamed, project changed shape), edit the body's prime-prompt block directly.

[TortoiseWolfe]

Issue seeded 2026-05-28 ~19:30 EDT

This is the baseline, not a session-end log. The rolling-prime issue was created via /session-prime from a different repo's session. No work happened on ScriptHammer this session. Use this comment as the starting snapshot; future /session-prime runs will add real session-end deltas on top.

Current branch: chore/fork-experience-cleanup (not main).

Last 10 commits on this branch:

• 82b264f — chore(auth): remove dead middleware; document client-side route protection
• 501567c — chore(rebrand): document the 5-reference threshold
• 8d85330 — docs(fork-checklist): fix rebrand.sh usage line
• 174e5ac — feat(payments): Phase 0b — create-stripe-subscription + fix webhook template_user_id ([Phase 0b] Stripe subscription: create-stripe-subscription (~3h) #102) (feat(payments): Phase 0b — create-stripe-subscription + fix webhook template_user_id (closes #102) #111)
• 6180134 — feat(payments): Phase 0a — create-stripe-checkout + verify-stripe-session ([Phase 0a] Stripe one-off: create-stripe-checkout + verify-stripe-session (~6h) #101) (feat(payments): Phase 0a — create-stripe-checkout + verify-stripe-session (closes #101) #110)
• 5a9bec8 — docs(payments): rewrite PAYMENT-DEPLOYMENT.md + add check-payment-config.sh (docs(payments): rewrite PAYMENT-DEPLOYMENT.md + add config verifier script #99)
• c6cb675 — fix(scroll): round 14a — data-show-scroll-button attribute for E2E observability (fix(scroll): round 14a — data-show-scroll-button attribute (E2E observability for the jump-button race) #108)
• a29d3b9 — fix(e2e): round 13 — exclude handleReAuthModal duration from SC-001 budget (fix(e2e): round 13 — SC-001 timing budget excludes handleReAuthModal duration #107)
• c24b9f6 — feat: [Feature] 047 Three.js Game #48 Three.js Game at /game/3d (047 — full SpecKit cascade) (feat: #48 Three.js Game at /game/3d (047 — full SpecKit cascade) #95)
• 95efd86 — fix(e2e): feat: #48 Three.js Game at /game/3d (047 — full SpecKit cascade) #95-blocker round 12 — handleReAuthModal retries when modal re-appears (fix(e2e): round 12 — handleReAuthModal retries when modal re-appears (WebKit Argon2id flake) #98)

Open PR: #114 — chore: fork-experience cleanup (the cleanup arc this branch is for)

Recently closed (last 7d): #101 (Phase 0a Stripe one-off), #102 (Phase 0b Stripe subscription)

Open issues: mostly template-v1-out-of-scope (Eval-Backlog + Gap-Audit categories — deferred backlog, not active work):

• [Eval-Backlog] PAYMENT-OFFLINE-UI: UI layer for existing offline payment queue #4, [Eval-Backlog] SUBSCRIPTION-MGMT: subscription management route + 4 edge functions + grace-period wiring #5 — payment offline UI + subscription management (Eval-Backlog)
• [Gap-Audit] 005 Security Hardening: complete session-timeout UI + audit dashboard + secret detection #23, [Gap-Audit] 010 Unified Blog: implement offline editing + sync + conflict resolution + migration tooling #25, [Gap-Audit] 011 + 043 Group Chats / Group Service: implement 8 stub member-management methods #26, [Gap-Audit] 012 + 014: welcome message admin gate end-to-end flow #27, [Gap-Audit] 016 Messaging Critical Fixes: 5 separate UX issues, none shipped #30, [Gap-Audit] 020 PWA Background Sync: Firefox/Safari fallback + retry UI + storage warnings #32, [Gap-Audit] 023 EmailJS Integration: provider health dashboard + rate-limit handling #34, [Gap-Audit] 026 Unified Messaging Sidebar: mobile drawer transitions + badge sync latency #35 — Gap-Audit items (P2/P3, deferred)
• And ~30+ more Gap-Audit issues open

Active work:

• Fork-experience cleanup on chore/fork-experience-cleanup (PR chore: fork-experience cleanup (#112, #113, dead middleware) #114 open)
• Payments phase arc — Phase 0a + 0b shipped, future phases TBD

Watch:

• Open PR chore: fork-experience cleanup (#112, #113, dead middleware) #114 — needs to land before fork-experience work concludes
• Phase 0c+ of Stripe payments — sequencing TBD

Next session should: Read memory/MEMORY.md (NON-NEGOTIABLE preferences at top), then check PR #114 status, then ask the user what to focus on (fork-experience cleanup, payments phase 0c, or pulling something off the Gap-Audit backlog).

[TortoiseWolfe]

Body migrated to roadmap format 2026-05-28 ~20:00 EDT

The /session-prime skill was refined to make the issue body carry an explicit roadmap (active arc → next 3 sessions → backlog) instead of just being a pointer to memory. The body above now follows that structure.

Important caveat: ScriptHammer's roadmap is inferred from repo state, not user-confirmed. I haven't actually worked in this repo this session — I'm in Eduity. The active arc (fork-experience cleanup) and queued sessions (PR #114 → Payments Phase 0c → Gap-Audit P2) are guesses based on:

• Current branch chore/fork-experience-cleanup
• Open PR chore: fork-experience cleanup (#112, #113, dead middleware) #114
• Recent commits (payments Phase 0a + 0b shipped, fork-checklist polish)
• Pattern of fix-round commits suggesting E2E stability is recurring

First real session that sits down to work in ScriptHammer should:

1. Read the inferred roadmap
2. Correct the active arc + queued sessions to match real intent
3. Run /session-prime at session-end to lock in the corrected version

The body's "Next session should" line + the "Override: if the user's first message has a different priority" note are explicit about the inference uncertainty. Don't treat the roadmap as binding until a real ScriptHammer session has validated it.

[TortoiseWolfe]

Session 2026-05-29 — roadmap reconciled against real repo state

The body was previously flagged as inferred, not user-confirmed. This session verified it against the actual repo and corrected it:

• PR chore: fork-experience cleanup (#112, #113, dead middleware) #114 (fork-experience cleanup) confirmed MERGED 2026-05-28 (cb35131); 0 open PRs. The "land PR chore: fork-experience cleanup (#112, #113, dead middleware) #114" next-step was already done — removed.
• [Feature] 047 Three.js Game #48 (Three.js game) verified already shipped — c24b9f6 / PR feat: #48 Three.js Game at /game/3d (047 — full SpecKit cascade) #95, route src/app/game/3d/page.tsx, all 7 game components in the 5-file pattern, theme reactivity, reduced-motion, WebGL fallback, E2E + a11y tests, documented Pa11y exclusion. → marked close-as-done.
• Un-deferred backlog triaged (issues NOT tagged template-v1-out-of-scope): perf: messaging E2E suite runs 10x slower than gen shards (23-32min vs 2-4min) #116, Live a11y overlay (dev-time axe overlay panel) #80, [Feature] 047 Three.js Game #48, [Round 14b] Seed deterministic conversation data for messaging-scroll spec (~2h, follow-up) #109, [Gap-Audit] 044 Error Handler Integrations: Sentry/LogRocket integration + PII scrubbing + session replay #45. Verified each against repo state.

New queued order (ready/dependency-based):

1. Close [Feature] 047 Three.js Game #48 (done) → [Round 14b] Seed deterministic conversation data for messaging-scroll spec (~2h, follow-up) #109 (seed messaging-scroll E2E data, ready, ~2–4h) → Live a11y overlay (dev-time axe overlay panel) #80 (axe a11y overlay, ready, ~2–4h)
2. perf: messaging E2E suite runs 10x slower than gen shards (23-32min vs 2-4min) #116 (messaging E2E 10× slow) — needs a scoping decision (trace-profile → split shards vs. reduce Argon2 cost vs. mock data)
3. [Gap-Audit] 044 Error Handler Integrations: Sentry/LogRocket integration + PII scrubbing + session replay #45 (Sentry/LogRocket) — blocked on Sentry-vs-LogRocket decision + account/DSN

Payments Phase 0c–0f (#103–106, #100) is P1 but template-v1-out-of-scope → kept in Backlog as a promotable arc, not queued.

Active arc changed: fork-experience cleanup → work the un-deferred backlog.

[TortoiseWolfe]

Session ended 2026-05-30 ~15:00 ET

Shipped (1 commit, on origin/main):

• 4634828 — test(e2e): [Round 14b] Seed deterministic conversation data for messaging-scroll spec (~2h, follow-up) #109 messaging-scroll isolated static fixture (PR test(e2e): #109 isolated static fixture for messaging-scroll (verified) #118). All three *-msg shards green (chromium 28m / firefox 31m / webkit 23m); also verified locally in a real browser before push (30 bubbles, scrollHeight 3136, distanceFromBottom 600 > 500).

Closed: #48 (Three.js game — verified already shipped via c24b9f6/PR #95), #109 (messaging-scroll seed — done via #118)

Opened: none (PR #117 was a discarded earlier #109 attempt — closed without merge, branch deleted; PR #118 is the merged version)

Roadmap changes (body vs. previous):

• Active arc: two of four ready un-deferred items now done ([Feature] 047 Three.js Game #48, [Round 14b] Seed deterministic conversation data for messaging-scroll spec (~2h, follow-up) #109 marked [x]). Remaining ready item is Live a11y overlay (dev-time axe overlay panel) #80.
• Promoted to Session +1: Live a11y overlay (dev-time axe overlay panel) #80 (was Session +1's "then Live a11y overlay (dev-time axe overlay panel) #80"; now the sole do-next).
• Demoted/removed: [Feature] 047 Three.js Game #48 + [Round 14b] Seed deterministic conversation data for messaging-scroll spec (~2h, follow-up) #109 dropped from the queue and from the "Three.js DONE" backlog note (now closed, not pending-close).
• New backlog item: "[Round 14b] Seed deterministic conversation data for messaging-scroll spec (~2h, follow-up) #109 patterns now available for reuse" — the isolated-fixture approach (throwaway createTestUser immune to the cleanupOldMessages shared-user race) as a template for future messaging-data tests; relevant to perf: messaging E2E suite runs 10x slower than gen shards (23-32min vs 2-4min) #116's "mock data" option.
• Prime prompt: added the MCP secure-context reminder (use 127.0.0.1 not host.docker.internal, else crypto.subtle is undefined and encrypted threads never render) — the trap that cost two failed [Round 14b] Seed deterministic conversation data for messaging-scroll spec (~2h, follow-up) #109 CI cycles this session.

Process note (#109 took 3 attempts): first two seeded the shared PRIMARY↔TERTIARY conversation, which ~7 specs wipe via cleanupOldMessages (delete-by-shared-user-sender_id). Root cause was a cleanup race, not encryption (mis-diagnosed twice). Fix: an isolated throwaway-user fixture nothing else touches. Local verification was blocked the whole time by a secure-context gotcha (now in memory).

Watch: none (no time-sensitive items).

Next session should: Start #80 (dev-time axe a11y overlay, ~2–4h, ready-now) — branch off main, scaffold a dev-only floating panel, add axe-core gated on NODE_ENV === 'development', list violations with click-to-highlight, gates, PR.

[TortoiseWolfe]

Session audit — 2026-06-01

Shipped #80 (dev-time axe a11y overlay) → PR #119 merged as 95eb6c8, #80 closed.

What landed:

• src/components/organisms/A11yDevOverlay/ (5-file pattern + useA11yScan.ts hook) — collapsed badge → expandable panel, impact filter chips, rule-id search, MutationObserver live re-scan, route-change re-scan, click-to-highlight, manual re-scan.
• Mounted in src/app/layout.tsx behind process.env.NODE_ENV === 'development'.
• axe-core@^4.12.0 added as a devDependency.

Root-cause lesson (worth keeping): the first prod build dragged the full ~1.3 MB axe-core engine into vendor.js. Cause: the NODE_ENV guard was routed through an enabled variable, which defeats webpack's dead-code analysis of import(). Fix: wrap the dynamic import('axe-core') in a literal process.env.NODE_ENV === 'development' check (loadAxe() in useA11yScan.ts) so DefinePlugin + webpack statically eliminate it. Re-verified against a clean baseline: engine fully stripped (vendor.js −576 KB; A11yDevOverlay referenced 0× in the served layout chunk).

Verification: full CI green (Build, Test 20.x, Validate Component Structure, accessibility, 28-shard E2E across chromium/firefox/webkit gen+msg). Live E2E via dev server — badge surfaced a real landmark-unique finding; filter/search/highlight confirmed working; 0 console errors.

Hygiene: squash-merged, remote + local branch deleted, main synced to 95eb6c8, git fetch --prune done, 0 open PRs.

Roadmap delta: un-deferred ready-now backlog is now empty. Both remaining un-deferred items need a decision first — #116 (messaging E2E perf: scope/profile → pick fix) is queued next as scope-first, #45 (error monitoring) after a Sentry-vs-LogRocket call. Body updated accordingly.

[TortoiseWolfe]

Session audit — 2026-06-02/03

#80 shipped (dev-time axe a11y overlay) → PR #119 merged (`95eb6c8`), #80 closed. [details in prior comment]

#116 (messaging E2E perf) — profiled + two dead-ends found, both reverted:

• Removing the dead `data-messages-subscribed` waits AND lowering Argon2 TIME_COST for CI both regressed chromium-msg to the 60-min cap (the Argon2 one because TIME_COST is a key-derivation input — stored keys were derived at cost 3, so cost 1 → verifyPublicKey fails → 403/ReAuthModal loop). PR perf(e2e): #116 lower CI Argon2 key-derivation cost (E2E-only) #120 closed, nothing shipped to main. Full root cause on perf: messaging E2E suite runs 10x slower than gen shards (23-32min vs 2-4min) #116.
• The real win is Phase 2 fixture isolation — which needed a way to run messaging specs locally with `workers>1`. That surfaced Modular local↔cloud Supabase switch (env + DNS + one-command) #121.

#121 (modular local↔cloud Supabase switch) — built, PR #122 open (3 phases):

• Root cause of the "switching is manual" pain: missing orchestration + a host-vs-container DNS split (the app is a static export, so `NEXT_PUBLIC_SUPABASE_URL` is browser-only). Dissolved by splitting into browser URL (`host.docker.internal:54321`) vs in-container admin URL (`SUPABASE_ADMIN_URL` = `supabase-kong:8000`, with `?? NEXT_PUBLIC_SUPABASE_URL` fallback so cloud/CI are untouched).
• `pnpm run dev:local` / `dev:cloud` (one command each); deleted the proxy/`--host-resolver-rules` hack from all 5 local-only specs (net −143 lines).
• Validated via MCP Playwright against the live local sandbox (sign-in + messaging load); dev:local→dev:cloud restores .env byte-identically.

Roadmap state: main clean. PR #122 (#121) in CI. Once it merges, #116 Phase 2 fixture-isolation spike is unblocked — that's the next item.

[TortoiseWolfe]

#121 merged (PR #122 → 1b9d033, full 28-check CI green incl. all 3 browser msg shards passing normally — no caps). Branch pruned, 0 open PRs, main clean.

pnpm run dev:local/dev:cloud now switch backends in one command. #116 Phase 2 (fixture-isolation spike) is unblocked — that's the next session's item: prototype isolated per-test fixtures on 2-3 messaging specs locally via dev:local + workers>1, measure setup cost + flake, report before any full refactor.

[TortoiseWolfe]

Session ended 2026-06-03

Shipped:

• Live a11y overlay (dev-time axe overlay panel) #80 dev-time axe a11y overlay — PR feat(a11y): #80 dev-time axe accessibility overlay #119 / 95eb6c8 (merged earlier this session).
• Modular local↔cloud Supabase switch (env + DNS + one-command) #121 modular local↔cloud Supabase switch — PR feat(dx): #121 modular local↔cloud Supabase switch (env + DNS + one-command) #122 / 1b9d033, full 28-check CI green. pnpm run dev:local/dev:cloud; dissolved the host-vs-container DNS split (browser→host.docker.internal:54321, admin→SUPABASE_ADMIN_URL); deleted the proxy/--host-resolver-rules hack from 5 specs (−143 lines).

#116 (messaging E2E perf) — major progress, no merge to main:

• Profiled from real CI data. Two "free win" attempts (remove dead data-messages-subscribed waits; lower Argon2 TIME_COST for CI) both capped chromium-msg at 60 min and were REVERTED — caught in CI, never hit main. PR perf(e2e): #116 lower CI Argon2 key-derivation cost (E2E-only) #120 closed. Lesson: TIME_COST is a key-derivation input; lowering it breaks verifyPublicKey.
• Phase 2 fixture-isolation spike → GO. seedIsolatedConversation (per-test throwaway viewer+partner+conversation, keys at TIME_COST=3). Measured local: workers=1 35.4s → workers=4 ~15s (−58%), 0 flakes ×3, clean teardown. On pushed branch spike/116-fixture-isolation (b30dc7b).

Closed: #80, #121. Opened: #121, #122 (merged).

Roadmap changes:

• Active arc reframed: from "scope perf: messaging E2E suite runs 10x slower than gen shards (23-32min vs 2-4min) #116" → "perf: messaging E2E suite runs 10x slower than gen shards (23-32min vs 2-4min) #116 Phase 2 refactor decision" (spike done, GO).
• Session +1 now = decide perf: messaging E2E suite runs 10x slower than gen shards (23-32min vs 2-4min) #116 Phase 2 scope + execute (was: scope perf: messaging E2E suite runs 10x slower than gen shards (23-32min vs 2-4min) #116).
• Backlog: added Modular local↔cloud Supabase switch (env + DNS + one-command) #121 switch, seedIsolatedConversation helper, and the spike branch as named items.

Open loose end: spike/116-fixture-isolation is pushed but not PR'd — the user is mid-decision on Phase 2 scope. The helper + dev:local bugfix are reusable keepers regardless.

New memories written: lesson_e2e_deadwait_loadbearing, local_cloud_supabase_switch (both in MEMORY.md index).

Next session should: Resume the #116 Phase 2 scope decision — present PR-spike-and-stop / one-spec-first / de-risk-CI-cloud / full-refactor; recommend de-risking CI-cloud or one-spec-first. Keep TIME_COST=3; verify in CI before merging.

[TortoiseWolfe]

Audit — 2026-06-03 (late): #116 Phase 2 SHIPPED

Shipped: PR #123 (squash 5a32da9) — full per-test fixture-isolation refactor of the messaging E2E suite. All 13 specs run workers=2 green on chromium (72 passed/10min) / firefox (71/11.2min) / webkit (71/10.2min, 1 retry-recovered flake). Net −1574 lines. ARGON2 TIME_COST stayed 3.

Arc shape (the gate discipline worked):

1. Spike → GO (local only). Front-loaded a one-spec CI gate (encrypted-messaging) rather than converting all 13 blind.
2. Gate caught a real bug: dropping serial lost its timeout:900000, so 2× serial Argon2 ReAuth opens blew the 30s default → afterEach deleted the partner key mid-send → 406. Fixed via scoped timeout:180_000 + Promise.all opens. (Root-caused by a 6-hypothesis adversarial workflow; lag/RLS/schema all refuted.)
3. Converted the remaining 11 specs (10 mechanical via a reviewed parallel workflow; friend-requests + group-chat by hand via new seedIsolatedConnection/seedIsolatedGroup). Caught + fixed a display_name-null bug (signup trigger pre-creates the profile) via local verification.
4. Full-slice run: 71/72 green; the 1 was gdpr T192's redirect regex not allowing the static-export trailing slash (/sign-in/?…). Fixed.
5. Finalized: firefox/webkit-iso matrix slices, deleted the spike spec, wired --workers into all 3 CI jobs (firefox/webkit had been silently running at workers=1).

Roadmap delta: active arc cleared (main clean, 0 PRs). #45 error monitoring is the next ready-now item but needs a Sentry-vs-LogRocket decision + DSN. Helpers documented in Backlog as the template for future messaging E2E.

Follow-up (non-blocking): webkit message-editing.spec.ts:506 T117 flake (15-min edit-window timing) — retry-recovered; harden if it recurs.

[TortoiseWolfe]

Session ended 2026-06-04 — #116 fully closed + Node-24 PR opened

Shipped (merged to main):

• aabaf07 — PR fix(e2e): #116 webkit message-editing send-banner false-positive flake #124, the perf: messaging E2E suite runs 10x slower than gen shards (23-32min vs 2-4min) #116 follow-up flake-cleanup. Fixed the retry-MASKED webkit flakes that the green job conclusions had been hiding:
  • message-editing send-banner false positive — the sendMessage helper's [role="alert"] race matched the MessageInput validation banner (no Dismiss button), throwing "Send failed" with EMPTY text even though the send succeeded. Scoped to the real send-error banner (has: Dismiss button) + require non-empty text.
  • payment/07-performance + complete-user-workflow — brittle loadTime < 5000ms wall-clock budgets (include networkidle + auth retry + CI-runner load; webkit legitimately 5–7s). Replaced with a hang-only < 30000 ceiling (the waitFor(heading) already proves load), mirroring the repo's 240000ms precedent.
  • session-persistence :167 — dropped the racy waitForFunction localStorage poll (raced the hard window.location='/' redirect); assert the contract (signed out → bounced from /profile) with a PATHNAME-EXACT check. (Caught in review: the old /\/(sign-in|$)/ regex matched /profile/ under trailingSlash:true, so a real regression would have PASSED.)
  • session-persistence :224 — cross-tab redirect via expect().toPass() reload-as-source-of-truth instead of a one-shot waitForURL.
  • Verified before merge: 0 failure annotations, 0 flaky, 1043 passed (run 26961769743) — read via per-job flaky counts + check-run annotations, not the conclusion.

Opened: PR #125 — bump GitHub Actions to Node-24 majors (checkout/setup-node/upload+download-artifact → v5, github-script → v8) to clear the Node-20 deprecation warnings. CI validating, queued behind the post-merge main run (concurrency mutex). NOT yet merged.

Closed: #116 (messaging E2E perf) — resolved by Phase 2 isolation + this flake-cleanup.

Roadmap changes (body):

• Active arc: perf: messaging E2E suite runs 10x slower than gen shards (23-32min vs 2-4min) #116 marked DONE/CLOSED; PR fix(e2e): #116 webkit message-editing send-banner false-positive flake #124 added to "what shipped"; the webkit T117 flake removed from "follow-up" (it was actually fixed). PR chore(ci): bump GitHub Actions to Node 24 runtimes (past Node 20 deprecation) #125 added as the one in-flight item.
• Added "Session +0: merge PR chore(ci): bump GitHub Actions to Node 24 runtimes (past Node 20 deprecation) #125" to the queue (mechanical, finish first).
• Prime prompt: added a CI-honesty reminder (green conclusion ≠ 0 flaky; read flaky/failed lines + annotations) — this masking re-opened perf: messaging E2E suite runs 10x slower than gen shards (23-32min vs 2-4min) #116 this arc.
• "Next session should" now leads with merging chore(ci): bump GitHub Actions to Node 24 runtimes (past Node 20 deprecation) #125, then [Gap-Audit] 044 Error Handler Integrations: Sentry/LogRocket integration + PII scrubbing + session replay #45.

Process lesson (banked to memory): I twice declared the run "clean" off the green conclusion while it carried retry-recovered failure annotations — the user caught it both times. Root fix is to read per-job flaky/failed + check-run annotations, and ideally gate CI on flaky-count>0 in the iso slice (queued as a Session +3 idea).

Watch: GitHub forces Node 24 on Actions 2026-06-16, removes Node 20 2026-09-16 — PR #125 clears this well ahead.

Next session should: Confirm PR #125 went green (per-job flaky counts, not conclusion) and merge it; then confirm the next priority with the user — default is #45 error monitoring, blocked on a Sentry-vs-LogRocket decision + DSN.