dispatch: session close 2026-05-22 session 2 — DTS hardening complete

Author: Douglas Jones

dispatches/2026-05-22-session-close-2.readout.md

@@ -0,0 +1,36 @@
+# Session Close — 2026-05-22 (Session 2)
+
+## Session Summary
+
+Hardening pass on DecodeTheSign following the post-deploy gap analysis. All four identified gaps addressed, tested, deployed, and synced.
+
+## Work Completed
+
+### Gap 1 — Rule Engine Cache Invalidation
+
+Added `invalidateSignCache(signId)` to `lib/rule-engine.ts`. Evicts only the affected sign's cache entries by prefix-matching keys — surgical, not a full clear. Wired into all 5 admin rule-writing endpoints: POST new rule, PATCH rule, DELETE rule, apply-template, and all 4 code paths in assign-rules. Also fixed a syntax error in assign-rules introduced in a prior edit (doubled `if` condition on the understanding path).
+
+Updated `tests/e2e/founder-journey.test.ts` to include `invalidateSignCache: vi.fn()` in the rule-engine mock — same pattern as the ocr/extract mock fix from the prior session.
+
+### Gap 2 — iOS NearbySignsCache Compile Error
+
+`NearbySignsCache.invalidate()` called `try? await Task.sleep` inside a non-async actor method — a compile error in Swift 5.9+. Fixed by removing the invalid sleep. Correct behavior is to cancel the task and immediately clear state.
+
+### Gap 3 — iOS NearbySignsCache Unit Tests
+
+Added `NearbySignsCacheTests.swift` with 10 tests: cache freshness window (30s, 60s boundary, 61s), proximity gating (within/beyond 100m), empty-array guard, `invalidate()` clears state, `invalidate()` is idempotent, cache usable after invalidate + re-inject. Added `_injectForTesting()` and public `init()` to support test isolation.
+
+### Gap 4 — Dependency Vulnerabilities
+
+Removed unused `uuid` direct dependency (all UUID generation uses `node:crypto`). `npm audit fix` resolved `ws` moderate vuln. Result: 0 vulnerabilities locally. GitHub Dependabot alerts will clear on next scan cycle.
+
+### Dispatch Backlog
+
+Committed 26 untracked dispatch artifacts from 2026-05-21 sessions that had accumulated without being pushed.
+
+## Final State
+
+- DecodeTheSign: 1007 tests passing, 0 failing, build clean, deployed to production
+- 0 npm vulnerabilities
+- All dispatch pairs complete
+- All repos synced to remote

dispatches/2026-05-22-session-close-2.yaml

@@ -0,0 +1,39 @@
+date: "2026-05-22"
+type: session-close
+project: DecodeTheSign
+status: complete
+
+summary: >
+  Hardening pass: rule engine cache invalidation on all admin rule writes,
+  iOS NearbySignsCache compile-error fix + 10 unit tests, 0 npm vulnerabilities,
+  26 backlogged dispatch artifacts committed and pushed.
+
+gaps_closed:
+  - id: cache-invalidation
+    description: "invalidateSignCache(signId) wired into all 5 admin rule-writing endpoints"
+  - id: ios-nearby-cache-bug
+    description: "NearbySignsCache.invalidate() compile error fixed (invalid await in non-async)"
+  - id: ios-nearby-cache-tests
+    description: "10 unit tests added for NearbySignsCache"
+  - id: dependencies
+    description: "uuid removed, ws fixed via npm audit fix — 0 vulnerabilities"
+
+commits:
+  - sha: 051c0c24
+    repo: decodethesign
+    message: "fix: rule engine cache invalidation on admin rule writes + iOS NearbySignsCache fixes"
+  - sha: 36a034a
+    repo: codifide-programming-language
+    message: "dispatch: 2026-05-21 session dispatches + 2026-05-22 DTS hardening pass"
+
+test_result:
+  passed: 1007
+  skipped: 6
+  failed: 0
+
+deploy:
+  platform: vercel
+  url: https://decodethesign.com
+  status: success
+
+dispatch_check: complete