Closes the 12 MAJ raised by the release/0.5.0 audit pipeline (cf.
docs/audit/reports/release-0.5.0/summary.md → summary-reaudit.md).
Volet 1 — Reasoning architecture (audits 01/02/06/07 strengthening)
* Domain ports: LLMProvider, ReasoningRunner, ReasoningParseError
* Domain DTOs: LLMProviderType, ReasoningResult, ReasoningIteration
* infra/llm/ollama_provider.py — OllamaProvider with health_check
* infra/docling_agent_reasoning.py — runner adapter, encapsulates the
private _rag_loop call (tracked at docling-project/docling-agent#26),
commits OLLAMA_HOST once at boot (eliminates the per-request env race),
translates upstream IndexError into ReasoningParseError
* api/reasoning.py — zero coupling to docling-agent / mellea / docling-core,
consumes app.state.reasoning_runner via the port
* main.py — DI wires OllamaProvider + DoclingAgentReasoningRunner at boot
when REASONING_ENABLED=true and deps are importable
* Rename RAG_* env vars → REASONING_*, endpoint /rag → /reasoning,
type RAGResult → ReasoningResult, frontend feature flag wiring,
i18n strings, tests, docs (BREAKING — pre-1.0 surface, no external
consumers in production)
* 17 new tests: adapter unit tests with sys.modules stubs, OllamaProvider
httpx tests, R3 concurrent-host isolation, R6 multi-iteration trace
serialization, R13 Protocol conformance via isinstance
* E2E Karate scenario: nav-reasoning hidden when REASONING_ENABLED=false
* README — Live Reasoning section (env vars, archi, link to issue #26)
Bloc B — Security (audit 08, dev-only context)
* docker-compose.yml — DEV DEFAULTS header, OpenSearch DISABLE_SECURITY_PLUGIN
flagged as dev-only with link to OpenSearch security docs
* main.py — boot warning if NEO4J_URI is set with the default 'changeme'
password, so prod operators can't silently inherit it
Bloc C — DRY frontend (audit 05)
* shared/storage/keys.ts — STORAGE_KEYS centralised (theme, locale)
* features/settings/store.ts — dead apiUrl ref + orphan i18n keys removed
* api/schemas.py — DOCUMENT_STATUS_UPLOADED constant
Bloc D — Quality (audits 02/06/07/09/10/12)
* domain/ports.py — DocumentConverter.supports_page_batching property
(LSP fix, replaces isinstance(ServeConverter) check)
* domain/ports.py — VectorStore.ping() (encapsulation, replaces
_vector_store._client.info() reach-around)
* api/analyses.py + api/ingestion.py — path params {job_id} → {analysis_id}
aligned with the user-facing terminology (URLs unchanged)
* api/documents.py — Path.read_bytes() + generate_preview() wrapped in
asyncio.to_thread, unblocks the FastAPI event loop on /preview
* infra/docling_tree.py — PEP 604 union for isinstance (Ruff UP038)
* src/__tests__/integration/ — cross-feature integration test relocated
out of features/history/ so feature folders stay self-contained
* Tightened terminal `assert X is not None` checks (isinstance(.., datetime),
exact value comparisons)
Validation
* 446 backend pytest, 202 frontend vitest — all green
* ruff + ruff format + ESLint + Prettier + vue-tsc clean
* Re-audit verdict: 0 CRIT / 0 MAJ, score ~94/100, GO
Closes #200
2.7 KiB
2.7 KiB
Rapport d'audit : Hexagonal Architecture (ports & adapters)
Release : 0.5.0
Date : 2026-04-28
Auditeur : claude-code
Score de compliance
| Métrique | Valeur |
|---|---|
| Items conformes | 14 / 14 |
| Score | 100 / 100 |
| Écarts CRITICAL | 0 |
| Écarts MAJOR | 0 |
| Écarts MINOR | 0 |
| Écarts INFO | 0 |
Écarts constatés
Aucun écart détecté.
Points positifs
- Domain purity : La couche
domain/est totalement isolée. Aucune dépendance à FastAPI, aiosqlite, Pydantic ou infrastructure. Les modèles utilisent uniquement des dataclasses. - Ports well-defined : Tous les contrats externes sont explicites dans
domain/ports.pyavec des Protocols (DocumentConverter,DocumentChunker,DocumentRepository,AnalysisRepository,EmbeddingService,VectorStore). - Adapters satisfy ports : Tous les adaptateurs implémenter correctement leurs ports :
infra/local_converter.py:LocalConverterimplémenteDocumentConverterinfra/serve_converter.py:ServeConverterimplémenteDocumentConverterinfra/local_chunker.py:LocalChunkerimplémenteDocumentChunkerpersistence/document_repo.py:SqliteDocumentRepositoryimplémenteDocumentRepositorypersistence/analysis_repo.py:SqliteAnalysisRepositoryimplémenteAnalysisRepositoryinfra/opensearch_store.py:OpenSearchStoreimplémenteVectorStoreinfra/embedding_client.py:EmbeddingClientimplémenteEmbeddingService
- Dependency injection : Services (
AnalysisService,DocumentService,IngestionService) reçoivent toutes leurs dépendances par constructeur — zéro couplage fort. - Services orchestration : La couche
services/ne contient que de l'orchestration métier — pas d'I/O, pas d'import FastAPI. Imports : uniquementdomain/et repos injectés. - Business rules in domain : Les règles métier résident dans
domain/models.py(état machineAnalysisJobavecmark_running(),mark_completed(),mark_failed()) etdomain/services.py(fusion de résultats, classification des erreurs). - API layer decoupling : Routes HTTP (
api/documents.py,api/analyses.py) importent services, pas persistence/infra directement. Transformation camelCase centralisée dansapi/schemas.py. - Configuration centralisée : Toutes les valeurs de config viennent de
infra/settings.py, construites viaSettings.from_env()— zéro hardcoded en dur. - Clean main.py : Entry point
main.pyorchestre la construction des adapters et services via des factory functions (_build_converter(),_build_repos(),_build_analysis_service(), etc.) — injection contrôlée.