mirror of
https://github.com/whekin/household-bot.git
synced 2026-03-31 13:54:02 +00:00
Codex/whe 15 bootstrap workspace (#1)
* feat(WHE-15): bootstrap bun workspace with app and package scaffolds * chore(WHE-17): switch workspace typecheck to tsgo * chore(WHE-16): configure oxlint and oxfmt no-semicolon style * chore: address CodeRabbit review feedback * chore: apply coderabbit fixes and add review script * docs: add ADR decision metadata
This commit is contained in:
Stas
@@ -1,32 +1,39 @@
|
||||
# HOUSEBOT-005: Anonymous Feedback Flow
|
||||
|
||||
## Summary
|
||||
|
||||
Allow members to submit anonymous household feedback to the bot via DM, then repost sanitized messages to a configured topic.
|
||||
|
||||
## Goals
|
||||
|
||||
- Protect sender identity in group output.
|
||||
- Reduce conflict by neutralizing wording.
|
||||
- Prevent abuse with rate limits and blocklist controls.
|
||||
|
||||
## Non-goals
|
||||
|
||||
- Anonymous reactions.
|
||||
- Admin identity reveal path.
|
||||
|
||||
## Scope
|
||||
|
||||
- In: DM intake, sanitize/rewrite, posting, moderation guardrails.
|
||||
- Out: full moderation panel UI.
|
||||
|
||||
## Interfaces and Contracts
|
||||
|
||||
- Bot command in DM: `/anon <message>` (or conversational prompt flow).
|
||||
- Use-case: `PostAnonymousMessage`.
|
||||
- Result includes posted message id and moderation outcome.
|
||||
|
||||
## Domain Rules
|
||||
|
||||
- Sender identity is never included in reposted content.
|
||||
- Per-user cooldown and daily cap enforced.
|
||||
- Blocklisted phrases reject or request rewrite.
|
||||
|
||||
## Data Model Changes
|
||||
|
||||
- `anonymous_messages`:
|
||||
- `household_id`
|
||||
- `submitted_by_member_id` (internal only)
|
||||
@@ -37,21 +44,25 @@ Allow members to submit anonymous household feedback to the bot via DM, then rep
|
||||
- timestamps
|
||||
|
||||
## Security and Privacy
|
||||
|
||||
- Internal sender reference is never exposed via group features.
|
||||
- PII minimization and retention policy documented.
|
||||
- Abuse logging without public reveal.
|
||||
|
||||
## Observability
|
||||
|
||||
- Submission volume metrics.
|
||||
- Rejection/acceptance rate metrics.
|
||||
- Error logs for rewrite or post failures.
|
||||
|
||||
## Edge Cases and Failure Modes
|
||||
|
||||
- Message too short/too long.
|
||||
- Spam bursts.
|
||||
- Telegram post failure after rewrite.
|
||||
|
||||
## Test Plan
|
||||
|
||||
- Unit:
|
||||
- moderation and cooldown policy
|
||||
- anonymization invariants
|
||||
@@ -61,10 +72,12 @@ Allow members to submit anonymous household feedback to the bot via DM, then rep
|
||||
- anonymous submission lifecycle in test group
|
||||
|
||||
## Acceptance Criteria
|
||||
|
||||
- [ ] DM to group repost works end-to-end.
|
||||
- [ ] Sender is hidden in group output.
|
||||
- [ ] Rate limit and blocklist enforced.
|
||||
- [ ] Sanitization pipeline tested.
|
||||
|
||||
## Rollout Plan
|
||||
|
||||
- Start with strict moderation thresholds and tune based on false positives.
|
||||
|
||||
Reference in New Issue
Block a user