core/php-agentic
8
0
Fork 0
Code Issues 36 Pull requests Projects Releases Packages Wiki Activity Actions

roadmap: php-agentic production readiness #40

New issue
Closed
opened 2026-02-20 03:02:47 +00:00 by Clotho · 1 comment
Clotho commented 2026-02-20 03:02:47 +00:00
Member
Copy link

Overview

Comprehensive checklist for making core-agentic production-ready.

This roadmap consolidates all discovery findings from issue #2.

P1 - Critical Security (Must Fix Before Production)

Security Hardening

  • #TBD - Add rate limiting on MCP tool execution
  • #TBD - Validate template variable injection
  • #TBD - Validate IP addresses before storage
  • #TBD - Review ContentService string replacement
  • #TBD - Fix Dashboard cache stampede vulnerability

P2 - High Priority (Fix in Next Sprint)

Test Coverage (Critical Gap)

Current coverage: ~65%, Target: >85%

  • #TBD - Add MCP tool tests (36 tools untested)
  • #TBD - Add Console command tests (3 commands)
  • #TBD - Add Middleware authentication tests
  • #TBD - Add Controller tests
  • #TBD - Add Job tests (2 jobs)
  • #TBD - Add Livewire component tests (11 components)
  • #TBD - Add Service trait tests (HasRetry, HasStreamParsing)
  • #TBD - Add AgentDetection service tests
  • #TBD - Add AgentToolRegistry service tests
  • #TBD - Add PromptVersion model tests

Database Infrastructure

  • #TBD - Add missing database indexes
  • #TBD - Verify prompt_versions table migration exists

Error Handling

  • #TBD - Add error handling to ClaudeService streaming
  • #TBD - Add batch failure recovery to ContentService

P3 - Medium Priority (Address During Regular Work)

Code Quality

  • #TBD - Add return types to Eloquent query scopes (18 scopes)
  • #TBD - Implement ProcessContentTask stub method
  • #TBD - Consolidate duplicate state models
  • #TBD - Unify API key model usage in admin UI
  • #TBD - Namespace cache keys to prevent collisions

Performance

  • #TBD - Optimize AgentPhase dependency checking (N+1)
  • #TBD - Cache permitted tools per API key

Developer Experience

  • #TBD - Improve workspace context error messages
  • #TBD - Validate API keys on AgenticManager init
  • #TBD - Improve template variable error messages

P4 - Low Priority (Nice to Have)

Documentation

  • #TBD - Add PHPDoc to AgentDetection patterns
  • #TBD - Document MCP tool dependency system

Features

  • #TBD - Add session cleanup for stale sessions
  • #TBD - Add plan archival with retention policy
  • #TBD - Add template version management

Consistency

  • #TBD - Audit UK/US spelling consistency
  • #TBD - Standardise error response format

Summary Statistics

Category Count
Total Issues Created 43
P1 Security Issues 5
P2 Test Coverage 10
P2 Database/Error 4
P3 Code Quality 8
P3 Performance 3
P3 Developer Experience 3
P4 Documentation 2
P4 Features 3
P4 Consistency 2

Test Coverage by Area

Area Current Target
Models 80% 90%
Services 60% 85%
Commands 0% 75%
Controllers 0% 75%
Middleware 0% 90%
Jobs 0% 80%
MCP Tools 0% 75%
Livewire 0% 60%

Production Readiness Criteria

Must Have (Blocking)

Critical security issues resolved (P1)
Test coverage >75% on security-critical paths
All database migrations tested
Error handling comprehensive

Should Have (Non-blocking but Important)

Test coverage >85% overall
Performance optimizations complete
Documentation complete
Developer experience issues resolved

Nice to Have

All P4 issues resolved
100% type coverage
Full Livewire test coverage

Timeline Estimate

  • P1 Security: 1 sprint (2 weeks)
  • P2 Testing + Database: 2-3 sprints (4-6 weeks)
  • P3 Quality + Performance: 2 sprints (4 weeks)
  • P4 Polish: Ongoing/backlog

Total to Production: ~8-12 weeks

Notes

This roadmap was generated by automated discovery (issue #2) on 2026-02-20.
All issue numbers (#TBD) should be updated after issues are created.

See TODO.md for detailed context on each item.

## Overview Comprehensive checklist for making `core-agentic` production-ready. This roadmap consolidates all discovery findings from issue #2. --- ## P1 - Critical Security (Must Fix Before Production) ### Security Hardening - [ ] #TBD - Add rate limiting on MCP tool execution - [ ] #TBD - Validate template variable injection - [ ] #TBD - Validate IP addresses before storage - [ ] #TBD - Review ContentService string replacement - [ ] #TBD - Fix Dashboard cache stampede vulnerability --- ## P2 - High Priority (Fix in Next Sprint) ### Test Coverage (Critical Gap) Current coverage: ~65%, Target: >85% - [ ] #TBD - Add MCP tool tests (36 tools untested) - [ ] #TBD - Add Console command tests (3 commands) - [ ] #TBD - Add Middleware authentication tests - [ ] #TBD - Add Controller tests - [ ] #TBD - Add Job tests (2 jobs) - [ ] #TBD - Add Livewire component tests (11 components) - [ ] #TBD - Add Service trait tests (HasRetry, HasStreamParsing) - [ ] #TBD - Add AgentDetection service tests - [ ] #TBD - Add AgentToolRegistry service tests - [ ] #TBD - Add PromptVersion model tests ### Database Infrastructure - [ ] #TBD - Add missing database indexes - [ ] #TBD - Verify prompt_versions table migration exists ### Error Handling - [ ] #TBD - Add error handling to ClaudeService streaming - [ ] #TBD - Add batch failure recovery to ContentService --- ## P3 - Medium Priority (Address During Regular Work) ### Code Quality - [ ] #TBD - Add return types to Eloquent query scopes (18 scopes) - [ ] #TBD - Implement ProcessContentTask stub method - [ ] #TBD - Consolidate duplicate state models - [ ] #TBD - Unify API key model usage in admin UI - [ ] #TBD - Namespace cache keys to prevent collisions ### Performance - [ ] #TBD - Optimize AgentPhase dependency checking (N+1) - [ ] #TBD - Cache permitted tools per API key ### Developer Experience - [ ] #TBD - Improve workspace context error messages - [ ] #TBD - Validate API keys on AgenticManager init - [ ] #TBD - Improve template variable error messages --- ## P4 - Low Priority (Nice to Have) ### Documentation - [ ] #TBD - Add PHPDoc to AgentDetection patterns - [ ] #TBD - Document MCP tool dependency system ### Features - [ ] #TBD - Add session cleanup for stale sessions - [ ] #TBD - Add plan archival with retention policy - [ ] #TBD - Add template version management ### Consistency - [ ] #TBD - Audit UK/US spelling consistency - [ ] #TBD - Standardise error response format --- ## Summary Statistics | Category | Count | |----------|-------| | Total Issues Created | 43 | | P1 Security Issues | 5 | | P2 Test Coverage | 10 | | P2 Database/Error | 4 | | P3 Code Quality | 8 | | P3 Performance | 3 | | P3 Developer Experience | 3 | | P4 Documentation | 2 | | P4 Features | 3 | | P4 Consistency | 2 | --- ## Test Coverage by Area | Area | Current | Target | |------|---------|--------| | Models | 80% | 90% | | Services | 60% | 85% | | Commands | 0% | 75% | | Controllers | 0% | 75% | | Middleware | 0% | 90% | | Jobs | 0% | 80% | | MCP Tools | 0% | 75% | | Livewire | 0% | 60% | --- ## Production Readiness Criteria ### Must Have (Blocking) ✅ Critical security issues resolved (P1) ⬜ Test coverage >75% on security-critical paths ⬜ All database migrations tested ⬜ Error handling comprehensive ### Should Have (Non-blocking but Important) ⬜ Test coverage >85% overall ⬜ Performance optimizations complete ⬜ Documentation complete ⬜ Developer experience issues resolved ### Nice to Have ⬜ All P4 issues resolved ⬜ 100% type coverage ⬜ Full Livewire test coverage --- ## Timeline Estimate - **P1 Security:** 1 sprint (2 weeks) - **P2 Testing + Database:** 2-3 sprints (4-6 weeks) - **P3 Quality + Performance:** 2 sprints (4 weeks) - **P4 Polish:** Ongoing/backlog **Total to Production:** ~8-12 weeks --- ## Notes This roadmap was generated by automated discovery (issue #2) on 2026-02-20. All issue numbers (#TBD) should be updated after issues are created. See TODO.md for detailed context on each item.
Clotho added the
review
discovery
 labels 2026-02-20 03:02:47 +00:00
Charon added
PHP
P3
 and removed
review
discovery
 labels 2026-02-20 12:16:57 +00:00
Charon commented 2026-02-20 12:17:50 +00:00
Member
Copy link

Closing roadmap tracker — individual issues are labelled and triaged. Track progress via P1/P2/P3 labels.

— Charon

Closing roadmap tracker — individual issues are labelled and triaged. Track progress via P1/P2/P3 labels. — Charon
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
feat/phase-0-assessment
dev
No results found.
Labels
Clear labels   
P1

Priority 1 - Critical

  
P2

Priority 2 - Important

  
P3

Priority 3 - Nice to have

  
PHP

PHP codebase

  
agent-ready

   
bug

Bug fix

  
clotho

Assigned to Clotho AI agent

  
discovery

Auto-discovered by agent

  
docs

Documentation

  
refactor

Code quality refactoring

  
review

Needs human review

  
security

Security hardening

  
testing

Test coverage

  
athena

Assign to Athena AI agent (M3 Ultra)

  
athena-gemini

Dispatch to Gemini CLI on M3 Ultra

  
audit

Code audit task

  
clotho

Assign to Clotho AI agent for processing

  
clotho-gemini

Dispatch to Gemini CLI on darbs (AU)

  
codex

Dispatch to Codex CLI on gateway for analysis

  
darbs-claude

Dispatch to Claude on darbs (AU)

  
security

Security review task

  
wiki

Documentation/wiki update

No labels
P1
P2
P3
PHP
agent-ready
bug
clotho
discovery
docs
refactor
review
security
testing
athena
athena-gemini
audit
clotho
clotho-gemini
codex
darbs-claude
security
wiki
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
2 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: core/php-agentic#40
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?