decisions(2): record cryptpad create-pad deeper-test deferral with rationale (§7.1)
This commit is contained in:
@ -440,3 +440,43 @@ adds **content**, not infra, with a few small harness primitives ported from
|
||||
- **Heavy-recipe parking.** Drone's `MAX_TESTS=1` + per-build timeout already serialize runs; for
|
||||
Phase 2 we DO NOT lift it. Within a single run, the orchestrator deploys deps before the
|
||||
recipe-under-test sequentially (never concurrently) per plan §4.2.
|
||||
|
||||
## Phase 2 Q3.4 — cryptpad create-pad deeper test deferral (2026-05-28)
|
||||
|
||||
**Status:** Deferred to Q3.4 follow-up (or Q5 catch-up), with Adversary sign-off pending per
|
||||
plan §7.1.
|
||||
|
||||
**What's deferred:** The "create-an-object + read-it-back" deep test for cryptpad —
|
||||
authenticate-and-create a real pad in the browser, type a uniquely-marked content string, reload
|
||||
the page (retaining the client-side encryption key in the URL fragment), assert the marker
|
||||
survives. This is the canonical create-and-read-back per plan §4.3 ("client-side-encryption:
|
||||
page is JS-rendered, so use Playwright, not bare curl").
|
||||
|
||||
**Why deferred (the technical reason):**
|
||||
- CryptPad's pad-creation client-side flow is **version-specific**. In the recipe under test
|
||||
(10.6.0+5.7.0), visiting `/pad/` does NOT auto-inject a fragment-keyed pad URL; CryptPad
|
||||
requires the user to explicitly click a "new rich text" / "new pad" link from the landing
|
||||
page, AND those UI selectors (`.cp-apps-grid a`, `[data-app='pad']`, `a[href*='/pad/']`) are
|
||||
not stable across CryptPad versions.
|
||||
- Three attempted drafts during Q3.4 each failed cold on this:
|
||||
1. Type + reload + content-survives: contenteditable inside nested iframe with origin
|
||||
mismatch (SANDBOX_DOMAIN).
|
||||
2. Direct-`/pad/`-then-fragment: no fragment ever appeared on this version.
|
||||
3. Click-fallback for known app-launch selectors: none of the candidate selectors matched.
|
||||
|
||||
**The maximal testable subset that IS shipped (P3 floor met):**
|
||||
- `tests/cryptpad/functional/test_health_check.py` — parity HTTP 200.
|
||||
- `tests/cryptpad/functional/test_spa_assets.py` — CryptPad branding + canonical asset paths
|
||||
in served HTML. Catches the wedged-server-fallback-page failure mode.
|
||||
- `tests/cryptpad/playwright/test_pad_create.py` — Chromium renders the SPA, asserts brand
|
||||
+ canonical asset references + zero non-filtered JavaScript console errors.
|
||||
|
||||
The Playwright test exercises the JS pipeline in a real browser (per §4.3 directive); the
|
||||
piece NOT exercised is the user-action-driven pad lifecycle. **What's required to lift the
|
||||
deferral:** pin a specific CryptPad app-launch contract (CryptPad's source has app-launch
|
||||
URL patterns like `/pad/?new=1` on some versions) OR write a Playwright helper that walks the
|
||||
SPA's main menu via a stable accessibility tree (role-based selectors instead of CSS).
|
||||
|
||||
Adversary may file F2-N requesting full create-pad coverage; the answer above is the
|
||||
honest technical reason + the maximal subset. Logged here per plan §7.1.
|
||||
|
||||
|
||||
Reference in New Issue
Block a user