All Reports
Quorum SQL
Python
montrellcruse/quorum-sql
Pass Rate
27%
SQL query engine
L1100%
L235%
L30%
L40%
L50%
Strong Dev Environment
Quorum SQL reaches Level 2 with 75% Dev Environment pass rate. Currently building team readiness with 19/71 criteria passing (27%). Key areas for improvement include the opportunities listed below.
Strengths
01
Agentic Development
Git log shows co-authorship with 'Claude Opus 4.5' in commit #35 (deps(server): upgrade Fastify).
02
Build Cmd Doc
README.md documents 'npm run build' command in Quick Start and Scripts sections.
03
Deployment Frequency
6 releases in ~10 days (v1.0.0 to v1.4.1 between Jan 10-19). Multiple deploys per week.
Opportunities
01
Cyclomatic Complexity
Add complexity analysis to identify and refactor overly complex functions.
02
Feature Flag Infrastructure
Add feature flags to enable safer deployments and gradual rollouts.
03
Monorepo Tooling
Consider Turborepo or Nx for better caching, incremental builds, and dependency graph awareness.
All Criteria
Style & Validation0/13 (0%)
✗code_modularizationNo module boundary enforcement tools (eslint-plugin-boundaries, dependency-cruiser, or Nx boundaries).
✗cyclomatic_complexityNo complexity analysis tools configured (no ESLint complexity rule, SonarQube, or similar).
✗dead_code_detectionNo dead code detection tools (knip, ts-prune, unimported, vulture, or SonarQube).
✗duplicate_code_detectionNo duplicate code detection tools (jscpd, PMD CPD, or SonarQube) configured.
✗formatterNo Prettier configuration found (.prettierrc* or prettier.config.*) for either application.
✗large_file_detectionNo git hooks, CI file size checks, or Git LFS configuration found.
✗lint_configFrontend has eslint.config.js. Server (JavaScript) has no separate linter configuration.
✗n_plus_one_detectionBackend uses direct PostgreSQL queries without N+1 detection tooling. Frontend accesses via Supabase.
✗naming_consistencyNo naming convention rules in ESLint config or documented conventions in AGENTS.md/CONTRIBUTING.md.
✗pre_commit_hooksNo Husky (.husky/) or pre-commit (.pre-commit-config.yaml) hooks configured.
✗strict_typingFrontend has strict:true in tsconfig.json. Server uses JavaScript without strict typing.
✗tech_debt_trackingNo TODO/FIXME scanner in CI, no SonarQube technical debt tracking, or similar tooling.
✗type_checkFrontend has tsconfig.json with strict mode. Server uses JavaScript without TypeScript.
Build System8/17 (47%)
✓agentic_developmentGit log shows co-authorship with 'Claude Opus 4.5' in commit #35 (deps(server): upgrade Fastify).
—automated_pr_reviewSkipped: OSS evaluation mode without admin API access to verify bot review comments.
✓build_cmd_docREADME.md documents 'npm run build' command in Quick Start and Scripts sections.
✗build_performance_trackingNo build caching (turbo, nx, webpack cache) or build metrics tracking configured.
—dead_feature_flag_detectionSkipped: No feature flag infrastructure (prerequisite feature_flag_infrastructure failed).
✓deployment_frequency6 releases in ~10 days (v1.0.0 to v1.4.1 between Jan 10-19). Multiple deploys per week.
✓deps_pinnedpackage-lock.json (npm) and bun.lockb committed to repository for reproducible builds.
✓fast_ci_feedbackCI completes in ~1.3 minutes average (74-79 seconds from statusCheckRollup data), well under 10 minutes.
✗feature_flag_infrastructureNo feature flag system (LaunchDarkly, Statsig, Unleash, GrowthBook) configured.
✗heavy_dependency_detectionFrontend has vite.config.ts with manualChunks for bundle analysis. Server is backend-only (not bundled).
✗monorepo_toolingMonorepo structure (frontend + server) but no Turborepo, Nx, or Lerna configuration.
✗progressive_rolloutNo canary deployment or percentage-based rollout configuration found.
✓release_automationCI workflow exists (.github/workflows/ci.yml) with automated build/test. GitHub releases published.
✗release_notes_automationGitHub releases exist with notes, but no automation tool (semantic-release, changesets, release-please).
✗rollback_automationNo documented one-click rollback capability or automated rollback system.
✓single_command_setupREADME Quick Start section documents: 'npm install && npm run dev' for simple setup.
✗unused_dependencies_detectionNo unused dependency detection (depcheck, npm-check, knip, or similar) configured.
✓vcs_cli_toolsGitHub CLI (gh) is installed and authenticated (gh auth status successful).
✗version_drift_detectionNo version drift detection for monorepo (no syncpack, manypkg, or similar).
Testing0/7 (0%)
✗flaky_test_detectionPlaywright has retries:2 in CI but no proactive flaky test tracking (BuildPulse, quarantine mechanisms).
✗integration_tests_existFrontend has Playwright e2e tests (playwright.config.ts, e2e/). Server has smoke tests but not integration tests.
✗test_coverage_thresholdsNo coverage thresholds enforced (no jest coverageThreshold, pytest --cov-fail-under, or Codecov gates).
✗test_isolationPlaywright uses workers:1 (sequential, not parallel) to avoid database conflicts. No isolation enforcement.
✗test_naming_conventionsFrontend has Playwright testDir: './e2e' pattern. Server has no test framework configuration.
✗test_performance_trackingNo test timing output configured (no --verbose, --durations flags in test scripts or CI).
✗unit_tests_existOnly e2e/solo-user-flows.spec.ts exists. No unit test files (*.test.ts, __tests__/) found.
—unit_tests_runnableSkipped: OSS evaluation mode without configured dev environment to verify test runnability.
Documentation3/8 (38%)
✗agents_mdNo AGENTS.md file exists at repository root.
✗agents_md_validationCannot validate AGENTS.md (prerequisite agents_md failed - file does not exist).
✗api_schema_docsNo OpenAPI/Swagger or GraphQL schema files found. Backend REST API lacks schema documentation.
✗automated_doc_generationNo automated documentation generation tools (Swagger codegen, JSDoc, Sphinx, or similar).
✓documentation_freshnessCONTRIBUTING.md modified within last 180 days (found in git log --since='180 days ago').
✓readmeREADME.md exists with comprehensive setup, usage, architecture, and deployment instructions.
✓service_flow_documentedsupabase/ERD.md contains comprehensive Mermaid ER diagram and architecture documentation.
✗skillsNo skills configured (.factory/skills/, .skills/, .claude/skills/ not found).
Dev Environment3/4 (75%)
✓database_schemasupabase/schema.sql and ERD.md document complete database schema. Both apps use this shared database.
✗devcontainerNo .devcontainer/devcontainer.json configuration found.
—devcontainer_runnableSkipped: No devcontainer configured (prerequisite devcontainer failed).
✓env_template.env.example exists with comprehensive environment variable documentation.
✓local_services_setupdocker-compose.yml provides PostgreSQL 16, Adminer, and server services for local development.
Debugging & Observability0/10 (0%)
✗alerting_configuredNo alerting infrastructure (PagerDuty, OpsGenie, custom alerting rules) configured.
✗circuit_breakersNo circuit breaker libraries (opossum, resilience4j, polly) or retry patterns configured.
—code_quality_metricsSkipped: OSS evaluation mode without admin API access to verify code scanning/coverage integrations.
✗deployment_observabilityNo monitoring dashboard links or deployment observability configuration in documentation.
✗distributed_tracingNo trace ID or request ID propagation (no OpenTelemetry, X-Request-ID headers).
✗error_tracking_contextualizedErrorBoundary.tsx exists but no Sentry, Bugsnag, or Rollbar configuration found.
✗health_checksServer has /health, /health/live, /health/ready endpoints. Frontend is static React app (not applicable).
✗metrics_collectionNo metrics/telemetry instrumentation (Datadog, Prometheus, New Relic, CloudWatch).
✗profiling_instrumentationNo profiling infrastructure (APM, Pyroscope, clinic.js) configured.
✗runbooks_documentedNo runbooks directory or references to external runbooks (Notion, Confluence) in documentation.
✗structured_loggingServer has Fastify logger:true (built-in Pino). Frontend has no structured logging library.
Security3/7 (43%)
—automated_security_reviewSkipped: OSS evaluation mode without admin API access to verify code scanning alerts (SAST tools).
—branch_protectionSkipped: OSS evaluation mode. gh api rulesets returned [] - requires admin access to verify.
✗codeownersNo CODEOWNERS file in root or .github/ directory.
✗dast_scanningNo DAST tools (OWASP ZAP, Burp Suite, Nuclei) configured in CI/CD.
✓dependency_update_automationDependabot configured (.github/dependabot.yml) for npm dependencies and GitHub Actions updates.
✓gitignore_comprehensive.gitignore includes .env files, node_modules, build artifacts, IDE configs, and OS files.
✗log_scrubbingNo log sanitization/scrubbing mechanisms (redaction config, sanitize utilities) configured.
—pii_handlingSkipped: Application processes user data, but no PII detection tooling configured. Not critical for evaluation.
✗privacy_complianceNo privacy compliance infrastructure (consent management, GDPR/CCPA handling) found.
—secret_scanningSkipped: OSS evaluation mode without admin API access to verify secret scanning alerts.
✓secrets_management.env files properly gitignored, .env.example template exists, GitHub Actions uses secrets.*.
Task Discovery2/3 (67%)
—backlog_healthSkipped: No open issues to evaluate (gh issue list returned empty array).
✗issue_labeling_systemNo open issues found (gh issue list returned []). Cannot verify labeling system exists.
✓issue_templates.github/ISSUE_TEMPLATE/ contains bug_report.yml and feature_request.yml structured templates.
✓pr_templates.github/PULL_REQUEST_TEMPLATE.md exists with sections for summary, changes, checklist.
Product & Analytics0/2 (0%)
✗error_to_insight_pipelineNo error-to-issue automation (Sentry-GitHub integration, automated issue creation from errors).
✗product_analytics_instrumentationNo product analytics tools (Mixpanel, Amplitude, PostHog, Heap, GA4) instrumented.