From: Carl Worth Date: Thu, 5 Mar 2026 14:34:34 +0000 (-0800) Subject: nogit-sync commit X-Git-Url: https://git.cworth.org/git?a=commitdiff_plain;h=15366acabae4976461e90018ae05aab9b06e9434;p=lmno-todo nogit-sync commit --- diff --git a/TODO b/TODO index c336664..a66a01a 100644 --- a/TODO +++ b/TODO @@ -1,3 +1,66 @@ +Code review punch list (2026-03) +================================= +Grouped by topic, roughly ordered so that simpler/higher-impact items +come first within each group. + +Quick fixes +----------- +[ ] Fix typo in empathy.js: "this.ansering_idle_timer" → "this.answering_idle_timer" + +[ ] Fix session config in lmno.js: set resave:false and + saveUninitialized:false to silence deprecation warnings and avoid + creating unnecessary session cookies for every visitor. + +[ ] Replace body-parser with express.json() / express.urlencoded() + (built into Express since 4.16, body-parser is redundant). + +Input validation and security +----------------------------- +[ ] Add input validation at route boundaries: type checks, length + limits, and HTML-entity encoding for user-provided strings + (character names, prompt text, answers) before broadcasting. + +[ ] Run "npm audit" and update pinned dependency versions + (express 4.17.1, nunjucks 3.2.1, etc. are from ~2019-2020). + +Robustness +---------- +[ ] Add basic state persistence (e.g., write game state to a JSON file + on each move, reload on server startup) so games survive a server + restart. + +[ ] Add a process manager (pm2 or systemd unit) to auto-restart the + server on crashes. + +Testing +------- +[ ] Add unit tests for core game logic — especially Empathy scoring, + Scribe glyph detection, and Empires capture chains. Node's built-in + test runner or Jest would both work. + +Frontend modernization (larger effort) +--------------------------------------- +[ ] Upgrade from React 16 class components to modern React with hooks + and functional components. Replace the window.game global pattern + with a useEventSource hook and context provider. + +[ ] Replace Babel 6 + Makefile build with Vite (or similar modern + bundler) for ES module imports, HMR in development, and proper + tree-shaking/minification. + +Server architecture (larger effort) +------------------------------------ +[ ] Consider a formal state-machine pattern for Empathy's phase + management (prompts → answering → judging → scoring) instead of + scattered if-checks across methods. + +[ ] Replace the meta getter/setter trick in game.js with plain static + class fields or a game registry for clarity. + +================================= +Original TODO list follows below +================================= + Ordered list (repeating some of the below) -----------------------------------------