GPT Review — D28 Generated Table Map Implementation Prompt rev1
GPT Review — D28 Generated Table Map Implementation Prompt rev1
Date: 2026-05-09
Reviewer: GPT-5.5 Thinking / Incomex Hội đồng AI
Reviewed:knowledge/dev/laws/dieu28-trien-khai/prompts/d28-generated-table-map-implementation-prompt.mdrev1
Verdict
REV2 REQUIRED — do not dispatch rev1.
Rev1 is directionally correct and follows the accepted Phase 1B scope: generated map, replace three hardcoded map consumers, add verification, and smoke. However several details need tightening before production execution.
Accepted parts
- Correct Phase 1B scope.
- Correct VPS path:
/opt/incomex/docker/nuxt-repo/web/. - Correct target files:
pages/knowledge/registries/[entityType]/index.vue;config/detail-sections.ts;server/api/discovery/relations.get.ts.
- Correct generated artifact concept:
web/generated/table-maps.generated.ts.
- Correct generator concept:
web/scripts/generate-table-maps.ts.
- Correct E4 strategy: convention + explicit overrides + skip list.
- Correct modes: generate,
--check,--print-hash,--include-draft. - Correct boundary: do not publish
tbl_event_outboxin Phase 1B.
Required rev2 patches
P1 — Fix route smoke taxonomy
Rev1 labels Step 6B as “13 registry routes” but the loop contains 18 entityTypes from the old tableIdMap, including non-registry/workflow/admin/index items:
catalog, table, module, workflow, workflow_step, wcr, dot_tool, page, collection, task, agent, checkpoint_type, checkpoint_set, entity_dependency, table_proposal, checkpoint_instance, changelog, system_issue
This is inconsistent with Agent classification:
13 REGISTRY_ENTITY_ROUTE
3 NON_REGISTRY_PAGE
3 WORKFLOW_TAB
1 ADMIN_PAGE
1 INDEX_PAGE
Patch smoke into separate groups:
-
Registry entity routes under
/knowledge/registries/{entityType}:- dot_tool
- page
- collection
- agent
- module
- checkpoint_type
- checkpoint_set
- entity_dependency
- checkpoint_instance
- changelog
- table
- system_issue
- event_outbox only if draft included or after publish — otherwise SKIP_DRAFT
-
Non-registry pages by exact
page_url:/knowledge/workflows/knowledge/modules/knowledge/current-tasks/admin/proposals/knowledge/registries
-
Workflow tab URLs by exact
page_urlpattern only if a sample workflow id is available; otherwise reportWORKFLOW_TAB_SMOKE_SKIPPED_NO_SAMPLE_ID.
Do not smoke non-registry/workflow/admin rows as /knowledge/registries/{entityType} unless that is intentionally supported by current app.
P2 — Clarify deploy boundary and smoke level
Rev1 says “Sau deploy” for route smoke but does not include a deployment step or hard boundary around deployment.
Patch:
- Phase 1B implementation pack may run build/typecheck locally on VPS repo.
- It must not deploy unless the prompt explicitly says deployment is allowed.
- If no deploy, live route smoke should be classified as one of:
PRE_DEPLOY_LOCAL_BUILD_ONLY;LIVE_SMOKE_SKIPPED_NO_DEPLOY;LIVE_SMOKE_ALREADY_REFLECTS_PREVIOUS_DEPLOY.
- If deployment is required to prove routes, split into a separate deploy/smoke pack or add explicit deploy authorization in a future rev.
For rev2, I recommend: no deploy in Phase 1B prompt. Run build/typecheck/check only. Route smoke on live should be deferred to Phase 1C or post-deploy prompt.
P3 — CI check must not be downgraded to optional “manual is enough”
Rev1 says if CI token is unavailable, skip CI step and “manual --check đủ.” That weakens the automation-first rule.
Patch:
- If CI/deploy token is unavailable, report
CI_CHECK_BLOCKED_TOKEN_REQUIRED. - Phase may still be
PARTIAL, not full PASS. - Manual
--checkcan be temporary evidence, but not final long-term compliance. - Create follow-up
D28_CI_TABLE_MAP_VERIFY_TOKEN_FIXif needed.
P4 — Token discovery must not use shell expansion that risks printing/handling secrets unsafely
Rev1 says:
export NUXT_DIRECTUS_SERVICE_TOKEN=$(<cách lấy token từ env/secret — agent xác định>)
Patch:
- Agent must only verify token presence with non-printing checks.
- If
.envis read, do not print token or upload.envcontent. - Use commands that report only
TOKEN_PRESENT=true|false. - If token is unavailable, STOP before generation and report
BUILD_TOKEN_UNAVAILABLE.
P5 — Generated file should avoid dynamic Object.fromEntries if pure static/hash is the goal
The artifact skeleton computes reverseCollectionMap at runtime with Object.fromEntries. This is probably safe, but the design emphasis was pure static deterministic output.
Patch one of two ways:
- Preferred: generator emits
reverseCollectionMapas a literal object too, and verifies it is exactly the reverse ofcollectionMap. - Acceptable: keep
Object.fromEntriesbut explicitly justify runtime computation and ensure hash calculation covers the resolved reverse map.
GPT recommends literal output to minimize runtime ambiguity.
P6 — .gitignore exception is likely wrong/incomplete
Rev1 says add:
!web/generated/
But because .gitignore is inside web/, the correct pattern may be:
!generated/
!generated/table-maps.generated.ts
Patch:
- Agent must inspect current
web/.gitignoreand only patch ifgenerated/would otherwise be ignored. - Use path relative to
web/.gitignore. - If not ignored, do not modify
.gitignore.
P7 — npx tsx dependency must be verified before relying on it
Rev1 assumes tsx. Patch preflight:
- inspect
package.jsonfortsxdependency/devDependency or runnable command; - if absent, choose one:
- use existing package runner if available;
- add
tsxdependency only if package modification is in scope and lockfile update is handled; - otherwise STOP
TSX_NOT_AVAILABLE.
Do not install packages ad hoc without updating lockfile/report.
P8 — Git commit should be optional/controlled
Rev1 instructs committing directly. In previous workflows, Agent sometimes reports changes but commit policy varies.
Patch:
- Preflight detect git status must be clean before changes; if dirty, STOP unless dirt belongs to this pack.
- After changes, either:
- commit if repository convention allows Agent commits; or
- leave patch staged/uncommitted with report.
- Report
git_commit_created=true|falseand hash if true.
P9 — Build command may require environment not available; report must distinguish build vs typecheck
Patch:
- Run
npm run buildonly if safe and dependencies installed. - If build requires secrets, classify
BUILD_BLOCKED_ENV_REQUIRED, not FAIL. - If package has
typecheck/lint, prefer non-deploy verification too. - Report exact command results.
P10 — Report fields must align with no-deploy/no-publish sequencing
Patch report fields:
live_route_smoke_status=SKIPPED_NO_DEPLOY|PASS|FAIL|PARTIAL
local_build_status=PASS|FAIL|BLOCKED_ENV|NOT_RUN_WITH_REASON
ci_check_status=PASS|FAIL|BLOCKED_TOKEN|NOT_MODIFIED
phase1b_status=PASS|PARTIAL|FAIL|BLOCKED
next_required_pack=P3D4C2U_RESUME_NOTIFICATION_PUBLISH|D28_CI_TABLE_MAP_VERIFY_TOKEN_FIX|D28_GENERATED_MAP_FIX|DEPLOY_AND_ROUTE_SMOKE|BLOCKED
P11 — Keep event_outbox handling Phase 1B-safe
Rev1 says optional event_outbox smoke with --include-draft, but also default excludes draft.
Patch:
- Phase 1B default generated artifact should exclude draft.
- If
--include-draftis used, it must be a temporary smoke artifact or preview-only; do not commit a production generated artifact that includes draft unless explicitly approved. - Do not publish
tbl_event_outboxin Phase 1B.
Directive to Opus
Patch the prompt to rev2 at:
knowledge/dev/laws/dieu28-trien-khai/prompts/d28-generated-table-map-implementation-prompt.md
Patch narrowly. Keep Phase 1B scope. Do not dispatch after patch; return for GPT/User review.
Hard boundaries unchanged
- No Directus mutation.
- No PG mutation.
- No publish
tbl_event_outbox. - No change permission
1483. - No change
table_registryrow21. - No add
entity_typecolumn. - No fix
tbl_modules_list.collectionin this pack. - No deep Nuxt redesign.
- No touch Families 2–8.
- No notification-specific UI.
- No manual hardcoded map edit without generator.
- No secret in code/log/report.
Summary
Rev1 is close, but needs production-safety fixes around route smoke grouping, deployment boundary, CI/token handling, .gitignore, tsx dependency, git commit policy, and draft handling. After these are patched, it should be close to dispatch.