grant/premier-gunner
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
master
premier-gunner/ROADMAP.md
T
Keysat ea14f5b158 Move deferred evaluation backlog into ROADMAP
2026-06-15 13:32:16 -05:00

2.5 KiB
Raw Permalink Blame History

ROADMAP

Longer-term backlog and deferred decisions. Near-term status lives in AGENTS.md → Current state; package-specific follow-ups live in s9pk/TODO.md.

Phase 3 — AI coach (deferred, not started)

  • Integrate the DGX Spark LLM box (Qwen3.6 35B, OpenAI-compatible endpoint) as a training coach.
  • Login-time training suggestions based on recent activity and goals.
  • Per-category drill ideas on demand.
  • Config via env-var names (endpoint URL, model); no keys in the repo.

Evaluation backlog

A full independent evaluation lives in EVALUATION.md (committed; re-runnable via /full-eval). Deferred items, by priority:

  • P2 — dependency: upgrade @fastify/static 8.3.0 → ≥9.1.3 (known path-traversal advisories; no concrete exploit path here) and re-test static serving.
  • P2 — input validation: reject unknown metric kind (not count|duration|score|decimal); validate calendar-date semantics (the \d{4}-\d{2}-\d{2} regex accepts 2026-13-99); return 400 instead of a raw SQLITE_CONSTRAINT_FOREIGNKEY 500 on a bad metric_id.
  • P2 — tests: no automated suite yet; cover record-recompute direction, streak math, and migration idempotency against a temp DB.
  • P3: CSRF token beyond SameSite=Lax; cross-category metric guard on entry write; logout without a session; consistent 404s on delete; validate category color.

Registry-submission blockers (private repo URLs, empty assets/, no CI) are intentionally not being worked — publishing to the community registry is not a goal.

Product backlog

  • "Log another": allow multiple sessions of the same category in one day (the category pill currently edits the existing entry instead of creating a second).
  • Speed units: option for km/h in addition to mph.
  • Per-metric direction: expose a "higher is better / lower is better" toggle in the Settings metric editor (today it is set only via seed/migration; needed for new lower-is-better metrics like time or strokes).

Platform / packaging

  • Password UX under StartOS: make the in-app Settings password change agree with the "Set Login Password" action — hide the in-app field on StartOS, or write changes through to store.json.
  • Packaging hygiene: the vendored s9pk/app/ is gitignored, so the package gitHash does not reflect app-source changes; revisit before publishing to a registry.
  • Other arches: build aarch64/riscv64 only if a target host needs them (currently x86_64-only).

Ops

  • origin is configured on self-hosted Gitea (SSH, in .git/config); push after committing.
Reference in New Issue View Git Blame Copy Permalink