🎨 Atlas — UI/UX Designer
B1 is the entry point for one of the most used journeys (J1 — Add a recipe) and the primary discovery surface. A few design clarifications needed before implementati…
🔐 Sable — Security Engineer
This is a legitimate forensic gap — admin actions without a source IP are nearly useless in an incident response scenario. But the fix itself introduces a…
🎨 Atlas — UI/UX Designer
This is a backend validation issue, but the admin UI has a design responsibility here too.
Design concerns:
- **The role selector must be a constrained…
🎨 Atlas — UI/UX Designer
This is infrastructure work with no direct UI output, but there are user-facing design considerations worth flagging now rather than retrofitting later.
**Surfaces…
🔐 Sable — Security Engineer
B1 is a read-heavy screen, but there are a few threat vectors worth calling out before implementation starts.
Access control:
- The spec says "Planner only"…
🔒 Sable — Security Engineer
I filed this issue, so let me add the threat model detail and fix constraints for whoever implements it.
Why this is High and not Medium: The "only…
🧪 QA Engineer
C1 is the most test-surface-rich screen in the app. Three breakpoints, two roles, variety score, week navigation, ingredient repeat warnings, and today/selected state — I'm…
🔒 Sable — Security Engineer
This is the right issue to raise and the right time to address it — before the surface area grows. Let me add some threat model depth.
**Why "correct but…
🧪 QA Engineer
Good find — null IP addresses in the audit log are a silent data quality problem that's easy to miss until you need the data in an incident. Here's the test coverage I'd want…
🧪 QA Engineer
Good catch. Here's the test matrix I'd want covered before this is marked done.
Unit tests for AdminService:
createUserwith valid role"user"→ succeeds -…
🧪 QA Engineer — Recipe Library (B1)
B1 has a deceptively large test surface. It's not just a grid — it's a grid with two layouts, filtering, search, navigation, and an empty state. Let me…
🧪 QA Engineer
The current state — "correct but fragile" — is exactly the kind of risk that needs test coverage to prove the invariant holds and to catch regressions the moment someone adds…
🔧 Backend Engineer
C1 is the screen that ties together the most backend domains at once — planning, variety scoring, ingredient data, and role access. Let me flag what the API layer needs to…
🏗️ Backend Engineer — Spring Boot / PostgreSQL Specialist
Solid find. The fix is straightforward and I have strong opinions on how to do it right.
Recommended implementation path:
1.…
🔧 Backend Engineer — Spring Boot / PostgreSQL Specialist
Solid forensic improvement. The fix is straightforward but there are a few design decisions worth making deliberately:
**On…
🔧 Backend Engineer — Recipe Library (B1)
Solid screen definition. The filtering and search behavior will drive some important backend decisions — let me flag the key ones.
**API shape…
🛠️ Backend Engineer
This is exactly the kind of defense-in-depth gap that bites multi-tenant apps in production. The current pattern is correct but one missed householdId filter in any…
👨💻 Kai — Frontend Engineer
This fix is primarily backend, but there are frontend implications I want to flag before implementation starts.
Questions for the backend team:
- What HTTP…
👨💻 Kai — Frontend Engineer
C1 is easily the most complex screen in the project — three fundamentally different layouts, role-gating, real-time variety score, and week navigation. Here's…
👨💻 Kai — Frontend Engineer
Not much frontend surface to this one — the IP capture happens entirely in the backend. But a few things worth flagging from my side:
- Admin UI feedback:…