romfast/atm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
ebc986abd34f4e61b9adbf67512b7be867eb251b
atm/TODOS.md
Marius Mutu 9c44eb6e31 feat: mută secretele Discord/Telegram din TOML în .env 
TOML-urile din configs/ rămân 100% calibrare — safe to commit. Secretele
(ATM_DISCORD_URL, ATM_TG_TOKEN, ATM_TG_CHAT) trăiesc în .env la rădăcină
(ignored), cu loader stdlib (shell wins peste file). Validare fail-fast
pentru env lipsă, placeholder REPLACE_ME, chat_id non-numeric.

Include .env.example + secţiune README §Secrets. Tests: 19 noi (env loader +
missing-env + placeholder + chat_id + regression post-migrate snapshot).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-21 09:37:24 +03:00

79 lines
4.6 KiB
Markdown
Raw Blame History

# TODOS
Post-Faza 1 backlog. Priority tags: **P1** (next sprint), **P2** (after baseline proven), **P3** (nice-to-have).
---
## P2-ack-loop — Discord reaction feedback
**Deferred from Faza 1.** Operator reacts to alert with emoji (👍 = good call, 👎 = false positive, ⏭️ = phase-skip). Bot reads reactions via Discord Bot API (not webhook), appends to `labels_live.json`. Feeds precision tuning without manual labeling.
- Requires upgrading Discord integration from webhook to bot (token + gateway).
- Ack loop runs as separate async task; not in hot detection path.
- Start after 5+ sessions of stable Faza 1 baseline.
## P2-screenshot-dump
Standalone helper `atm dump --duration 4h --dir samples/` that just captures frames every N seconds to a directory without running detection. Used during early sessions to accumulate labeled corpus.
- Small module `src/atm/dumper.py` invoked via main.py.
- Separate from `run` so operator can capture raw data even before calibration is dialed in.
## P2-windows-scheduler-docs
Expand README with concrete Windows Task Scheduler XML export + import steps, example triggers for 16:30→18:30 and 21:00→23:00, and DST-change checklist reminder.
## P2-alert-mute-flags
Per-kind mute toggles for notifications in case arm/prime turn out too noisy in live sessions:
- `cfg.notify.arm: bool = true`
- `cfg.notify.prime: bool = true`
- `cfg.notify.late_start: bool = true`
Default all true. Gate each `notifier.send()` in `_handle_tick()` on the flag. Start after 3+ live sessions confirm the signal/noise ratio.
Blocked on: Faza 1 baseline evidence.
## P3-faza2-exec
Auto-execution on TradeLocker. Blocked on TOS audit (see `docs/phase2-prop-firm-audit.md`). Not started until GO decision + 20+ Faza 1 sessions.
## P3-multi-symbol
Monitor DIA and GLD concurrently (two separate charts). Current scope: one at a time, operator switches. Multi-symbol needs per-symbol config, separate state machines, and separate notification threads.
## P3-web-dashboard
Read-only web view of today's audit JSONL + recent triggers. Useful for review after a session but not essential. Would share `audit.py` log format.
---
## P2-yaxis-recalib-detect — Y-axis recalibration detection
Price overlay (from Telegram commands feature) uses `y_axis` linear interpolation to show current price on screenshots. When the user rescales the chart y-axis (common after overnight price gaps), the calibration becomes stale and prices shown are incorrect. Canary check detects layout drift but NOT y-axis range changes.
- Possible approaches: OCR on y-axis labels (fragile), track price range consistency across sessions, or simple "calibration age" warning after N hours.
- Start after price overlay is live and the false-price frequency is known.
- Depends on: Telegram commands + price overlay feature being shipped.
## Quality debt
- [x] **Integration test for run_live loop**: lifecycle async test added in `tests/test_main.py` (IDLE→ARMED→PRIMED auto-poll→FIRE auto-stop).
- [x] **Detection-loop hang on canary pause** (2026-04-17 incident): `_drain_cmd_queue` now runs unconditionally; helpers extracted to module scope for testability (commit `c5024ce`).
- [x] **Silent canary drift-pause**: single-shot Telegram alert on `not_paused → paused` (commit `9cf49ca`).
- [x] **Phase-skip backstop**: `fire_on_phase_skip` (default on) emits alert when ARMED→light_* direct (commit `8b53b8d`).
- [x] **Operating hours window**: NYSE-timezone-aware gate with `/pause` `/resume` `/resume force` control (commits `54f5575`, `2386577`).
- [x] **Offline calibration gate**: `atm validate-calibration` replays labeled frames through detector (commit `8bae507`).
- [ ] **Coverage report**: run `pytest --cov=atm --cov-report=term-missing`, aim for ≥ 85% per module.
- [ ] **Typing strictness**: run `pyright src/` with strict mode, fix reported issues.
- [ ] **Perf baseline**: profile one detection cycle on a representative frame; ensure < 100ms so 5s loop has ample headroom.
- [ ] **Exchange calendar holidays**: operating_hours doesn't know about NYSE closures (MLK, Thanksgiving, Good Friday). User `/pause`s manually for now.
## P3-secret-scan-hook
Pre-commit hook (`gitleaks` sau `detect-secrets`) care scanează diff-urile pentru pattern-uri de secrete înainte de commit. Centură de siguranţă acum `configs/*.toml` se comit risc crescut de leak prin copy-paste viitor (ex: cineva pune un token de test direct în TOML pentru un quick hack şi uită).
- Start după ce avem 2+ contributors sau după primul incident "aproape am comis un secret".
- Tool de ales: `gitleaks` (binary, fără Python dep) > `detect-secrets` (Python, config mai complex).
Reference in New Issue View Git Blame Copy Permalink