mirror of
https://github.com/shankar0123/certctl.git
synced 2026-06-07 12:21:31 +00:00
shankar0123
49096914d2
CodeQL alert #37 (severity: warning, rule: js/use-before-declaration) fired on commitaa1c12a: web/src/components/ErrorBoundary.tsx:56 Variable '__APP_VERSION__' is used before its declaration. Root cause: Phase 9 introduced a `__APP_VERSION__` build-time define for the FE-L1 ErrorBoundary telemetry payload, and TypeScript needs an ambient declaration to know about it. The declaration sat AT LINE 59 (after the BUILD_VERSION constant at line 55 that uses it). JavaScript permits use-before-declare for `var`-scoped and `declare const` symbols, but CodeQL flags it as a readability hazard — a developer reading top-to-bottom sees the use first and may mistake it for a global lookup. Fix: Move `declare const __APP_VERSION__: string;` ABOVE the BUILD_VERSION constant. Behavior is byte-identical (the `declare` produces no runtime emit; it's pure TypeScript type-only metadata). Added a header comment block explaining why the order matters so a future refactor doesn't accidentally reintroduce the same alert. Verification: • npx tsc --noEmit — exit 0 • npx vitest run src/components/ErrorBoundary.test.tsx — 5/5 pass • npm run build — ✓ built in 3.27s (define still wires __APP_VERSION__ → package.json version at build time) • All 48 CI guards pass • origin/master tip ground-truthed via GitHub API (aa1c12a) BEFORE commit per the operating rule • No behavioral change — same emitted JS bundle, same telemetry payload shape Falsifiable proof for the next CodeQL scan: alert #37 should auto-close on the next push to master (CodeQL re-scans on push to master per .github/workflows/codeql.yml).