Real scan · dotnet/eShop

eShop — Silex domain report

Generated by Silex v0.11.37 on 2026-07-15 03:19:00 UTC — reproducible: pip install silex-archaeology → configure silex-mcp-server in your MCP client (Claude Code / Claude Desktop) → create_workspace(git clone dotnet/eShop @9b4f943) → scan → enrich communities via code_pack + business_logic.submit (your agent's LLM, file:line provenance required) → generate_domain_report(language='en').

Source: github.com/dotnet/eShop @ 9b4f943 (MIT) — every anchor below links to this exact commit, so links never rot.

26Entities
4State machines
7Enums
182 (148 shown)Business rules
97Agent-proposed

Project map — eshop-concepts-0.11.35

Generated by Silex · 2026-07-15 03:19 UTC

Summary

Item Total
Entities 26
State machines 4
Enums 7
Business rules 182
Workflows 0
Extractors OK 24/25
Extractors with warnings 1

Entities (26)

Entity Fields Relations PK
Address 10 0 Id
ApplicationUser 12 0 -
BasketCheckoutInfo 12 0 -
BasketItem 7 0 Id
Campaign 6 0 Id
CampaignItem 7 0 Id
CatalogContextSeed 6 0 Id
CatalogItem 12 3 Id
CatalogSourceEntry 6 0 Id
ComplexObject 2 2 -
CreateOrderCommand 12 0 -
GrantViewModel 9 0 -
IntegrationEventLogEntry 6 2 -
LoggedOutViewModel 6 0 -
Order 18 2 -
OrderCheckout 12 1 -
OrderItem 8 2 -
OrderItemDTO 6 0 -
PaymentInfo 7 1 Id
ScopeViewModel 6 0 -
UserInfo 3 0 -
ValueObjectA 4 1 -
ValueObjectB 3 0 -
ValueObjectTest 4 0 -
VerifyCodeViewModel 5 0 -
WebhookSubscription 5 1 Id

State machines (4)

EventStateEnumStatus States: NotPublished (initial), 0, InProgress, 1, Published, 2, PublishedFailed, 3 Transitions: NotPublished → [NotPublished_to_0] 0 | 0 → [0_to_InProgress] InProgress | InProgress → [InProgress_to_1] 1 | 1 → [1_to_Published] Published | Published → [Published_to_2] 2 | 2 → [2_to_PublishedFailed] PublishedFailed | PublishedFailed → [PublishedFailed_to_3] 3

IntegrationEventLogEntryStatus States: get (initial), set Transitions: get → [get_to_set] set

OrderStatus States: Submitted (initial), 1, AwaitingValidation, 2, StockConfirmed, 3, Paid, 4, Shipped, 5, Cancelled, 6 Transitions: Submitted → [Submitted_to_1] 1 | 1 → [1_to_AwaitingValidation] AwaitingValidation | AwaitingValidation → [AwaitingValidation_to_2] 2 | 2 → [2_to_StockConfirmed] StockConfirmed | StockConfirmed → [StockConfirmed_to_3] 3 | 3 → [3_to_Paid] Paid | Paid → [Paid_to_4] 4 | 4 → [4_to_Shipped] Shipped | Shipped → [Shipped_to_5] 5 | 5 → [5_to_Cancelled] Cancelled | Cancelled → [Cancelled_to_6] 6

PermissionStatus States: Denied (initial), Disabled, Granted, Restricted, Unknown Transitions: Denied → [Denied_to_Disabled] Disabled | Disabled → [Disabled_to_Granted] Granted | Granted → [Granted_to_Restricted] Restricted | Restricted → [Restricted_to_Unknown] Unknown

Business rules (182)

🔧 Heuristic: 85 | 🕒 Agent proposal (pending review): 97

34 unnamed heuristic guards not shown in this view (empty statement — collapsed here, count read from the report metadata).

ApplicationUser (1)

# Source Rule Entity Type Trigger Confidence Detail
1 🔧 heuristic Required on ApplicationUser ApplicationUser validation on_save ⚠️ 60% view

BasketCheckoutInfo (2)

# Source Rule Entity Type Trigger Confidence Detail
1 🔧 heuristic Required on BasketCheckoutInfo BasketCheckoutInfo validation on_save ⚠️ 60% view
2 🕒 agent proposal (pending review) Checkout requires a complete shipping address BasketCheckoutInfo validation n/a * n/a * view

BasketItem (6)

# Source Rule Entity Type Trigger Confidence Detail
1 🕒 agent proposal (pending review) Setting quantity to zero or less removes the item BasketItem business_rule n/a * n/a * view
2 🕒 agent proposal (pending review) Adding an existing product increments quantity instead of duplicating the line BasketItem business_rule n/a * n/a * view
3 🕒 agent proposal (pending review) Client basket totals: line total and badge count derived from quantity BasketItem business_rule n/a * n/a * view
4 🕒 agent proposal (pending review) Checkout navigation only when the basket has items BasketItem business_rule n/a * n/a * view
5 🕒 agent proposal (pending review) Basket item quantity must be at least 1 BasketItem validation n/a * n/a * view
6 🕒 agent proposal (pending review) Basket persists only product id and quantity; details are re-hydrated from the catalog BasketItem business_rule n/a * n/a * view

BasketState (5)

# Source Rule Entity Type Trigger Confidence Detail
1 🔧 heuristic InvalidOperationException in BasketState BasketState validation on_save ⚠️ 50% view
2 🔧 heuristic InvalidOperationException in BasketState BasketState validation on_save ⚠️ 50% view
3 🔧 heuristic BasketState: checkoutInfo.RequestId auto-fill when default/null BasketState auto_fill on_save 70% view

Buyer (6)

# Source Rule Entity Type Trigger Confidence Detail
1 🔧 heuristic Required on Buyer Buyer validation on_save ⚠️ 60% view
2 🕒 agent proposal (pending review) Default card type when unspecified Buyer policy n/a * n/a * view
3 🕒 agent proposal (pending review) Buyer requires identity and name Buyer validation n/a * n/a * view
4 🕒 agent proposal (pending review) Payment method verify-or-add (dedup) Buyer policy n/a * n/a * view
5 🕒 agent proposal (pending review) Buyer verified-or-created at order start Buyer policy n/a * n/a * view
6 🕒 agent proposal (pending review) One buyer per user identity Buyer invariant n/a * n/a * view

CatalogApi (6)

# Source Rule Entity Type Trigger Confidence Detail

CatalogItem (20)

# Source Rule Entity Type Trigger Confidence Detail
1 🔧 heuristic CatalogItem: guard (quantityDesired <= 0) CatalogItem validation before_create 70% view
2 🔧 heuristic Required on CatalogItem CatalogItem validation on_save ⚠️ 60% view
3 🕒 agent proposal (pending review) Price change triggers ProductPriceChangedIntegrationEvent CatalogItem business_rule n/a * n/a * view
4 🕒 agent proposal (pending review) AddStock clears the OnReorder flag CatalogItem state_transition n/a * n/a * view
5 🕒 agent proposal (pending review) Catalog listing filters by name prefix, type and brand, ordered by name CatalogItem business_rule n/a * n/a * view
6 🕒 agent proposal (pending review) RemoveStock rejects sold-out items CatalogItem validation n/a * n/a * view
7 🕒 agent proposal (pending review) V1 update requires the item id in the request body CatalogItem validation n/a * n/a * view
8 🕒 agent proposal (pending review) Item embedding is computed from Name + Description, truncated to 384 dimensions CatalogItem business_rule n/a * n/a * view
9 🕒 agent proposal (pending review) RemoveStock requires positive quantity CatalogItem validation n/a * n/a * view
10 🕒 agent proposal (pending review) Chatbot catalog search uses semantic relevance with top 8 results CatalogItem business_rule n/a * n/a * view
11 🕒 agent proposal (pending review) Client catalog filter requires both brand and type CatalogItem business_rule n/a * n/a * view
12 🕒 agent proposal (pending review) GetItemById requires a positive id and 404s on missing item CatalogItem validation n/a * n/a * view
13 🕒 agent proposal (pending review) Stock can never go negative CatalogItem business_rule n/a * n/a * view
14 🕒 agent proposal (pending review) RestockThreshold is the reorder trigger level CatalogItem domain_concept n/a * n/a * view
15 🕒 agent proposal (pending review) Chatbot add-to-cart requires an authenticated user CatalogItem business_rule n/a * n/a * view
16 🕒 agent proposal (pending review) Semantic search falls back to name search when AI is unavailable CatalogItem business_rule n/a * n/a * view
17 🕒 agent proposal (pending review) Semantic search ranks by cosine distance over embedded items only CatalogItem business_rule n/a * n/a * view
18 🕒 agent proposal (pending review) Create and update always recompute the item embedding CatalogItem business_rule n/a * n/a * view
19 🕒 agent proposal (pending review) AddStock caps at MaxStockThreshold CatalogItem business_rule n/a * n/a * view

CatalogView (1)

# Source Rule Entity Type Trigger Confidence Detail

CatalogViewModel (1)

# Source Rule Entity Type Trigger Confidence Detail

ChangePasswordViewModel (3)

# Source Rule Entity Type Trigger Confidence Detail
1 🔧 heuristic Required on ChangePasswordViewModel ChangePasswordViewModel validation on_save ⚠️ 60% view
2 🔧 heuristic StringLength on ChangePasswordViewModel ChangePasswordViewModel validation on_save ⚠️ 60% view
3 🔧 heuristic Compare on ChangePasswordViewModel ChangePasswordViewModel validation on_save ⚠️ 60% view

CheckoutViewModel (2)

# Source Rule Entity Type Trigger Confidence Detail

Consent (7)

# Source Rule Entity Type Trigger Confidence Detail
1 🕒 agent proposal (pending review) Denying consent returns access_denied and raises audit event Consent business_rule n/a * n/a * view
2 🕒 agent proposal (pending review) Granting consent requires at least one scope selected Consent validation n/a * n/a * view
3 🕒 agent proposal (pending review) Consent outcome communicated to IdentityServer before redirect Consent business_rule n/a * n/a * view
4 🕒 agent proposal (pending review) Required scopes are always pre-checked on consent screen Consent business_rule n/a * n/a * view
5 🕒 agent proposal (pending review) Consent requires a valid pending authorization context Consent validation n/a * n/a * view
6 🕒 agent proposal (pending review) Consent decision must be explicit yes or no Consent validation n/a * n/a * view
7 🕒 agent proposal (pending review) OfflineAccess scope stripped when offline access disabled Consent business_rule n/a * n/a * view

ConsentController (1)

# Source Rule Entity Type Trigger Confidence Detail

CustomerBasket (11)

# Source Rule Entity Type Trigger Confidence Detail
1 🕒 agent proposal (pending review) UpdateBasket requires an authenticated caller CustomerBasket authorization n/a * n/a * view
2 🕒 agent proposal (pending review) DeleteBasket requires an authenticated caller CustomerBasket authorization n/a * n/a * view
3 🕒 agent proposal (pending review) Basket is deleted when the order starts CustomerBasket business_rule n/a * n/a * view
4 🕒 agent proposal (pending review) One basket per customer, stored in Redis under /basket/{userId} CustomerBasket business_rule n/a * n/a * view
5 🕒 agent proposal (pending review) Client basket operations are no-ops without an auth token CustomerBasket authorization n/a * n/a * view
6 🕒 agent proposal (pending review) Checkout requires buyer id and user name, then creates the order and deletes the basket CustomerBasket business_rule n/a * n/a * view
7 🕒 agent proposal (pending review) Basket update is a full overwrite followed by read-back CustomerBasket business_rule n/a * n/a * view
8 🕒 agent proposal (pending review) Basket items are only shown to authenticated users CustomerBasket authorization n/a * n/a * view
9 🕒 agent proposal (pending review) Checkout is idempotent via a request id CustomerBasket business_rule n/a * n/a * view
10 🕒 agent proposal (pending review) Updating a basket that does not persist yields NotFound CustomerBasket business_rule n/a * n/a * view
11 🕒 agent proposal (pending review) GetBasket is anonymous-tolerant: no identity yields an empty basket CustomerBasket authorization n/a * n/a * view

Device (2)

# Source Rule Entity Type Trigger Confidence Detail

DeviceController (1)

# Source Rule Entity Type Trigger Confidence Detail

ExternalController (1)

# Source Rule Entity Type Trigger Confidence Detail

FadeInAnimation (1)

# Source Rule Entity Type Trigger Confidence Detail
1 🔧 heuristic NullReferenceException in FadeInAnimation FadeInAnimation validation on_save ⚠️ 50% view

FadeOutAnimation (1)

# Source Rule Entity Type Trigger Confidence Detail
1 🔧 heuristic NullReferenceException in FadeOutAnimation FadeOutAnimation validation on_save ⚠️ 50% view

FadeToAnimation (1)

# Source Rule Entity Type Trigger Confidence Detail
1 🔧 heuristic NullReferenceException in FadeToAnimation FadeToAnimation validation on_save ⚠️ 50% view

FixUriService (5)

# Source Rule Entity Type Trigger Confidence Detail

IdentityService (1)

# Source Rule Entity Type Trigger Confidence Detail

IntegrationEventLogEntry (2)

# Source Rule Entity Type Trigger Confidence Detail
1 🔧 heuristic Required on IntegrationEventLogEntry IntegrationEventLogEntry validation on_save ⚠️ 60% view
2 🔧 heuristic IntegrationEventLogEntry: State → EventStateEnum.NotPublished IntegrationEventLogEntry state_transition on_change 75% view

LocationService (1)

# Source Rule Entity Type Trigger Confidence Detail

LoginInputModel (1)

# Source Rule Entity Type Trigger Confidence Detail
1 🔧 heuristic Required on LoginInputModel LoginInputModel validation on_save ⚠️ 60% view

LoginViewModel (1)

# Source Rule Entity Type Trigger Confidence Detail
1 🔧 heuristic Required on LoginViewModel LoginViewModel validation on_save ⚠️ 60% view

OpenApiOptionsExtensions (1)

# Source Rule Entity Type Trigger Confidence Detail

Order (46)

# Source Rule Entity Type Trigger Confidence Detail
1 🔧 heuristic OrderingContext: guard (_currentTransaction != null) Order validation before_create 70% view
2 🔧 heuristic OrderingContext: guard (transaction == null) Order validation before_create 70% view
3 🔧 heuristic Required on Order Order validation on_save ⚠️ 60% view
4 🕒 agent proposal (pending review) Paid and Shipped statuses trigger customer webhooks Order policy n/a * n/a * view
5 🕒 agent proposal (pending review) Stock rejection cancels the order Order state_transition n/a * n/a * view
6 🕒 agent proposal (pending review) Payment outcome decided by gateway simulation Order policy n/a * n/a * view
7 🕒 agent proposal (pending review) Grace period confirmed triggers AwaitingValidation transition Order state_transition n/a * n/a * view
8 🕒 agent proposal (pending review) Stock deducted only after payment, non-blocking Order policy n/a * n/a * view
9 🕒 agent proposal (pending review) Periodic grace period polling Order process_schedule n/a * n/a * view
10 🕒 agent proposal (pending review) Duplicate product lines are merged, keeping the higher discount Order policy n/a * n/a * view
11 🕒 agent proposal (pending review) Paid or shipped orders cannot be cancelled Order state_transition n/a * n/a * view
12 🕒 agent proposal (pending review) Cancel, ship and create require a non-empty request ID Order policy n/a * n/a * view
13 🕒 agent proposal (pending review) Users only see their own orders Order policy n/a * n/a * view
14 🕒 agent proposal (pending review) Set AwaitingValidation status only for existing orders Order state_transition n/a * n/a * view
15 🕒 agent proposal (pending review) Stock rejection auto-cancels order awaiting validation Order policy n/a * n/a * view
16 🕒 agent proposal (pending review) Stock confirmed advances order to StockConfirmed Order state_transition n/a * n/a * view
17 🕒 agent proposal (pending review) Real-time order status notification per buyer Order policy n/a * n/a * view
18 🕒 agent proposal (pending review) Grace period eligibility criteria Order temporal_condition n/a * n/a * view
19 🕒 agent proposal (pending review) Ship command fails for non-existent order Order validation n/a * n/a * view
20 🕒 agent proposal (pending review) Order creation publishes OrderStarted integration event to clear the basket Order policy n/a * n/a * view
21 🕒 agent proposal (pending review) Order total is the sum of units times unit price Order calculation n/a * n/a * view
22 🕒 agent proposal (pending review) Basket items without product name are excluded from checkout order Order validation n/a * n/a * view
23 🕒 agent proposal (pending review) New order starts as Submitted and raises OrderStarted event Order invariant n/a * n/a * view
24 🕒 agent proposal (pending review) Credit card number is masked before order creation and never logged Order policy n/a * n/a * view
25 🕒 agent proposal (pending review) Stock validation: any missing item rejects the whole order Order policy n/a * n/a * view
26 🕒 agent proposal (pending review) Order linked to buyer and payment only after verification Order policy n/a * n/a * view
27 🕒 agent proposal (pending review) Cancel attempt on already-progressed order is reported as failure Order policy n/a * n/a * view
28 🕒 agent proposal (pending review) Grace period confirmation event per order Order event_publication n/a * n/a * view
29 🕒 agent proposal (pending review) Only out-of-stock items reported on rejection Order policy n/a * n/a * view
30 🕒 agent proposal (pending review) Payment success advances order to Paid Order state_transition n/a * n/a * view
31 🕒 agent proposal (pending review) Client cancel action only offered while order is Submitted Order policy n/a * n/a * view
32 🕒 agent proposal (pending review) StockConfirmed only reachable from AwaitingValidation Order state_transition n/a * n/a * view
33 🕒 agent proposal (pending review) AwaitingValidation only reachable from Submitted Order state_transition n/a * n/a * view
34 🕒 agent proposal (pending review) Paid only reachable from StockConfirmed Order state_transition n/a * n/a * view
35 🕒 agent proposal (pending review) Payment failure triggers order cancellation Order policy n/a * n/a * view
36 🕒 agent proposal (pending review) Cancel command fails for non-existent order Order validation n/a * n/a * view
37 🕒 agent proposal (pending review) Every status change broadcast with buyer identity Order policy n/a * n/a * view
38 🕒 agent proposal (pending review) Only paid orders can be shipped Order state_transition n/a * n/a * view
39 🕒 agent proposal (pending review) Outbox: integration events saved with transaction, published after Order policy n/a * n/a * view
41 🔧 heuristic Order: OrderStatus → OrderStatus.Submitted Order state_transition on_change 75% view
42 🔧 heuristic Order: OrderStatus → OrderStatus.AwaitingValidation Order state_transition on_change 75% view
43 🔧 heuristic Order: OrderStatus → OrderStatus.StockConfirmed Order state_transition on_change 75% view
44 🔧 heuristic Order: OrderStatus → OrderStatus.Paid Order state_transition on_change 75% view
45 🔧 heuristic Order: OrderStatus → OrderStatus.Shipped Order state_transition on_change 75% view
46 🔧 heuristic Order: OrderStatus → OrderStatus.Cancelled Order state_transition on_change 75% view

OrderCheckout (1)

# Source Rule Entity Type Trigger Confidence Detail
1 🔧 heuristic Required on OrderCheckout OrderCheckout validation on_save ⚠️ 60% view

OrderDraft (1)

# Source Rule Entity Type Trigger Confidence Detail
1 🕒 agent proposal (pending review) Order draft is built from basket items, one order item per basket item OrderDraft business_rule n/a * n/a * view

OrderItem (11)

# Source Rule Entity Type Trigger Confidence Detail
1 🔧 heuristic OrderItem: guard (units <= 0) OrderItem validation before_create 70% view
2 🔧 heuristic OrderItem: guard (discount < 0) OrderItem validation before_create 70% view
3 🔧 heuristic Required on OrderItem OrderItem validation on_save ⚠️ 60% view
4 🔧 heuristic OrderingDomainException in OrderItem OrderItem validation on_save ⚠️ 50% view
5 🔧 heuristic OrderingDomainException in OrderItem OrderItem validation on_save ⚠️ 50% view
6 🔧 heuristic OrderingDomainException in OrderItem OrderItem validation before_create ⚠️ 50% view
7 🔧 heuristic OrderingDomainException in OrderItem OrderItem validation before_create ⚠️ 50% view
8 🕒 agent proposal (pending review) New discount must be non-negative OrderItem validation n/a * n/a * view
9 🕒 agent proposal (pending review) Added units must be non-negative OrderItem validation n/a * n/a * view
10 🕒 agent proposal (pending review) Discount cannot exceed order item total OrderItem validation n/a * n/a * view
11 🕒 agent proposal (pending review) Order item units must be positive OrderItem validation n/a * n/a * view

OrderStatus (1)

# Source Rule Entity Type Trigger Confidence Detail
1 🕒 agent proposal (pending review) Order lifecycle states OrderStatus state_machine n/a * n/a * view

PaymentMethod (4)

# Source Rule Entity Type Trigger Confidence Detail
1 🔧 heuristic Required on PaymentMethod PaymentMethod validation on_save ⚠️ 60% view
2 🕒 agent proposal (pending review) Payment method identity = card type + number + expiration PaymentMethod invariant n/a * n/a * view
3 🕒 agent proposal (pending review) Expired card rejected PaymentMethod validation n/a * n/a * view
4 🕒 agent proposal (pending review) Payment method mandatory card data PaymentMethod validation n/a * n/a * view

ProductPriceChangedIntegrationEvent (2)

# Source Rule Entity Type Trigger Confidence Detail
1 🕒 agent proposal (pending review) Event and catalog change persist in one local transaction (outbox) ProductPriceChangedIntegrationEvent business_rule n/a * n/a * view
2 🕒 agent proposal (pending review) Event publish lifecycle: InProgress -> Published, Failed on error ProductPriceChangedIntegrationEvent state_transition n/a * n/a * view

ProfileService (2)

# Source Rule Entity Type Trigger Confidence Detail
1 🔧 heuristic ArgumentException in ProfileService ProfileService validation on_save ⚠️ 50% view

ProfileViewModel (1)

# Source Rule Entity Type Trigger Confidence Detail

RabbitMQEventBus (1)

# Source Rule Entity Type Trigger Confidence Detail
1 🔧 heuristic InvalidOperationException in RabbitMQEventBus RabbitMQEventBus validation on_save ⚠️ 50% view

RegisterViewModel (3)

# Source Rule Entity Type Trigger Confidence Detail
1 🔧 heuristic Required on RegisterViewModel RegisterViewModel validation on_save ⚠️ 60% view
2 🔧 heuristic StringLength on RegisterViewModel RegisterViewModel validation on_save ⚠️ 60% view
3 🔧 heuristic Compare on RegisterViewModel RegisterViewModel validation on_save ⚠️ 60% view

RequestProvider (2)

# Source Rule Entity Type Trigger Confidence Detail

ResetPasswordViewModel (3)

# Source Rule Entity Type Trigger Confidence Detail
1 🔧 heuristic Required on ResetPasswordViewModel ResetPasswordViewModel validation on_save ⚠️ 60% view
2 🔧 heuristic StringLength on ResetPasswordViewModel ResetPasswordViewModel validation on_save ⚠️ 60% view
3 🔧 heuristic Compare on ResetPasswordViewModel ResetPasswordViewModel validation on_save ⚠️ 60% view

SecuritySchemeDefinitionsTransformer (1)

# Source Rule Entity Type Trigger Confidence Detail

SetPasswordViewModel (3)

# Source Rule Entity Type Trigger Confidence Detail
1 🔧 heuristic Required on SetPasswordViewModel SetPasswordViewModel validation on_save ⚠️ 60% view
2 🔧 heuristic StringLength on SetPasswordViewModel SetPasswordViewModel validation on_save ⚠️ 60% view
3 🔧 heuristic Compare on SetPasswordViewModel SetPasswordViewModel validation on_save ⚠️ 60% view

TestServerCallContext (1)

# Source Rule Entity Type Trigger Confidence Detail
1 🔧 heuristic InvalidOperationException in TestServerCallContext TestServerCallContext validation on_save ⚠️ 50% view

VerifyCodeViewModel (1)

# Source Rule Entity Type Trigger Confidence Detail
1 🔧 heuristic Required on VerifyCodeViewModel VerifyCodeViewModel validation on_save ⚠️ 60% view

VerifyPhoneNumberViewModel (1)

# Source Rule Entity Type Trigger Confidence Detail
1 🔧 heuristic Required on VerifyPhoneNumberViewModel VerifyPhoneNumberViewModel validation on_save ⚠️ 60% view

VisualElementExtensions (2)

# Source Rule Entity Type Trigger Confidence Detail

WebhookSubscription (4)

# Source Rule Entity Type Trigger Confidence Detail
1 🔧 heuristic Required on WebhookSubscription WebhookSubscription validation on_save ⚠️ 60% view
2 🕒 agent proposal (pending review) Grant URL must share origin with hook URL WebhookSubscription validation n/a * n/a * view
3 🕒 agent proposal (pending review) Unreachable grant URL cannot be granted WebhookSubscription error_handling n/a * n/a * view
4 🕒 agent proposal (pending review) Grant URL verified via OPTIONS challenge with token echo WebhookSubscription validation n/a * n/a * view

* n/a — agent rules (proposed or promoted) don't carry trigger/confidence: the submit never computes those fields, not even after human review.

Rule details

ApplicationUser (1)

#1 — Required on ApplicationUser

[Required]
BasketCheckoutInfo (2)

#1 — Required on BasketCheckoutInfo

[Required]

#2 — Checkout requires a complete shipping address

[Required] public string? Street ... [Required] public string? City ... [Required] public string? State ... [Required] public string? Country ... [Required] public string? ZipCode
BasketItem (6)

#1 — Setting quantity to zero or less removes the item

if (quantity > 0) { row.Quantity = quantity; } else { existingItems.Remove(row); }

#2 — Adding an existing product increments quantity instead of duplicating the line

if (existing.ProductId == item.Id) { items[i] = existing with { Quantity = existing.Quantity + 1 }; found = true; } ... if (!found) { items.Add(new BasketQuantity(item.Id, 1)); }

#3 — Client basket totals: line total and badge count derived from quantity

public int BadgeCount => _basketItems?.Sum(basketItem => basketItem.Quantity) ?? 0; public decimal Total => _basketItems?.Sum(basketItem => basketItem.Quantity * basketItem.UnitPrice) ?? 0m;

#4 — Checkout navigation only when the basket has items

if (_basketItems?.Any() ?? false) { _appEnvironmentService.BasketService.LocalBasketItems = _basketItems; await NavigationService.NavigateToAsync("Checkout"); }

#5 — Basket item quantity must be at least 1

if (Quantity < 1) { results.Add(new ValidationResult("Invalid number of units", new[] { "Quantity" })); }

#6 — Basket persists only product id and quantity; details are re-hydrated from the catalog

var catalogItems = (await catalogService.GetCatalogItems(productIds)).ToDictionary(...); ... ProductName = catalogItem.Name, UnitPrice = catalogItem.Price, Quantity = item.Quantity
BasketState (5)

#1 — InvalidOperationException in BasketState

throw new InvalidOperationException("User does not have a buyer ID"

#2 — InvalidOperationException in BasketState

throw new InvalidOperationException("User does not have a user name"

#3 — BasketState: checkoutInfo.RequestId auto-fill when default/null

if (checkoutInfo.RequestId == default)
        {
            checkoutInfo.RequestId = Guid.NewGuid();

#1 — Required on Buyer

[Required]

#2 — Default card type when unspecified

var cardTypeId = domainEvent.CardTypeId != 0 ? domainEvent.CardTypeId : 1;

#3 — Buyer requires identity and name

IdentityGuid = !string.IsNullOrWhiteSpace(identity) ? identity : throw new ArgumentNullException(nameof(identity));

#4 — Payment method verify-or-add (dedup)

var existingPayment = _paymentMethods.SingleOrDefault(p => p.IsEqualTo(cardTypeId, cardNumber, expiration));

#5 — Buyer verified-or-created at order start

var buyer = await _buyerRepository.FindAsync(domainEvent.UserId); var buyerExisted = buyer is not null; if (!buyerExisted) { buyer = new Buyer(domainEvent.UserId, domainEvent.UserName); }

#6 — One buyer per user identity

.Where(b => b.IdentityGuid == identity).SingleOrDefaultAsync();
CatalogApi (6)

#1 — CatalogItem: guard (quantityDesired <= 0)

if (quantityDesired <= 0)
        {
            throw

#2 — Required on CatalogItem

[Required]

#3 — Price change triggers ProductPriceChangedIntegrationEvent

if (priceEntry.IsModified) { var priceChangedEvent = new ProductPriceChangedIntegrationEvent(catalogItem.Id, productToUpdate.Price, priceEntry.OriginalValue); await services.EventService.SaveEventAndCatalogContextChangesAsync(priceChangedEvent); await services.EventService.PublishThroughEventBusAsync(priceChangedEvent); } else { await services.Context.SaveChangesAsync(); }

#4 — AddStock clears the OnReorder flag

this.OnReorder = false;

#5 — Catalog listing filters by name prefix, type and brand, ordered by name

root = root.Where(c => c.Name.StartsWith(name)); ... root.Where(c => c.CatalogTypeId == type) ... OrderBy(c => c.Name).Skip(pageSize * pageIndex).Take(pageSize)

#6 — RemoveStock rejects sold-out items

if (AvailableStock == 0) { throw new CatalogDomainException($"Empty stock, product item {Name} is sold out"); }

#7 — V1 update requires the item id in the request body

if (productToUpdate?.Id == null) { return TypedResults.BadRequest<ProblemDetails>(new (){ Detail = "Item id must be provided in the request body." }); }

#8 — Item embedding is computed from Name + Description, truncated to 384 dimensions

private const int EmbeddingDimensions = 384; ... public bool IsEnabled => _embeddingGenerator is not null; ... embedding = embedding[0..EmbeddingDimensions]; ... CatalogItemToString(CatalogItem item) => $"{item.Name} {item.Description}";

#9 — RemoveStock requires positive quantity

if (quantityDesired <= 0) { throw new CatalogDomainException($"Item units desired should be greater than zero"); }

#10 — Chatbot catalog search uses semantic relevance with top 8 results

var results = await _catalogService.GetCatalogItemsWithSemanticRelevance(0, 8, productDescription!); ... results.Data[i] = results.Data[i] with { PictureUrl = _productImages.GetProductImageUrl(results.Data[i].Id) };

#11 — Client catalog filter requires both brand and type

if (SelectedBrand is not null && SelectedType is not null) { var filteredProducts = await _appEnvironmentService.CatalogService.FilterAsync(SelectedBrand.Id, SelectedType.Id); ... } (CanFilter at line 57: public bool CanFilter => SelectedBrand is not null && SelectedType is not null;)

#12 — GetItemById requires a positive id and 404s on missing item

if (id <= 0) { return TypedResults.BadRequest<ProblemDetails>(new (){ Detail = "Id is not valid" }); } ... if (item == null) { return TypedResults.NotFound(); }

#13 — Stock can never go negative

int removed = Math.Min(quantityDesired, this.AvailableStock); this.AvailableStock -= removed; return removed;

#14 — RestockThreshold is the reorder trigger level

// Available stock at which we should reorder / public int RestockThreshold ... // Maximum number of units that can be in-stock at any time (due to physicial/logistical constraints in warehouses) / public int MaxStockThreshold

#15 — Chatbot add-to-cart requires an authenticated user

catch (Grpc.Core.RpcException e) when (e.StatusCode == Grpc.Core.StatusCode.Unauthenticated) { return "Unable to add an item to the cart. You must be logged in."; }

#16 — Semantic search falls back to name search when AI is unavailable

if (!services.CatalogAI.IsEnabled) { return await GetItemsByName(paginationRequest, services, text); } var vector = await services.CatalogAI.GetEmbeddingAsync(text); if (vector is null) { return await GetItemsByName(paginationRequest, services, text); }

#17 — Semantic search ranks by cosine distance over embedded items only

.Where(c => c.Embedding != null) .OrderBy(c => c.Embedding!.CosineDistance(vector)) .Skip(pageSize * pageIndex) .Take(pageSize)

#18 — Create and update always recompute the item embedding

item.Embedding = await services.CatalogAI.GetEmbeddingAsync(item); (same call in UpdateItem at line 343: catalogItem.Embedding = await services.CatalogAI.GetEmbeddingAsync(catalogItem);)

#19 — AddStock caps at MaxStockThreshold

if ((this.AvailableStock + quantity) > this.MaxStockThreshold) { this.AvailableStock += (this.MaxStockThreshold - this.AvailableStock); }

#1 — Required on ChangePasswordViewModel

[Required]

#2 — StringLength on ChangePasswordViewModel

[StringLength(100, ErrorMessage = "The {0} must be at least {2} and at max {1} characters long.", MinimumLength = 6)]

#3 — Compare on ChangePasswordViewModel

[Compare("NewPassword", ErrorMessage = "The new password and confirmation password do not match.")]
CheckoutViewModel (2)

#1 — Denying consent returns access_denied and raises audit event

if (model?.Button == "no") { grantedConsent = new ConsentResponse { Error = AuthorizationError.AccessDenied }; await _events.RaiseAsync(new ConsentDeniedEvent(...)); }

#2 — Granting consent requires at least one scope selected

if (model.ScopesConsented != null && model.ScopesConsented.Any()) { ... } else { result.ValidationError = ConsentOptions.MustChooseOneErrorMessage; }

#3 — Consent outcome communicated to IdentityServer before redirect

if (grantedConsent != null) { await _interaction.GrantConsentAsync(request, grantedConsent); result.RedirectUri = model.ReturnUrl; result.Client = request.Client; } else { result.ViewModel = await BuildViewModelAsync(model.ReturnUrl, model); }

#4 — Required scopes are always pre-checked on consent screen

return new ScopeViewModel { ... Required = apiScope.Required, Checked = check || apiScope.Required };

#5 — Consent requires a valid pending authorization context

// validate return url is still valid — var request = await _interaction.GetAuthorizationContextAsync(model.ReturnUrl); if (request == null) return result;

#6 — Consent decision must be explicit yes or no

else { result.ValidationError = ConsentOptions.InvalidSelectionErrorMessage; } — reached when model?.Button is neither "no" nor "yes"

#7 — OfflineAccess scope stripped when offline access disabled

var scopes = model.ScopesConsented; if (ConsentOptions.EnableOfflineAccess == false) { scopes = scopes.Where(x => x != IdentityServerConstants.StandardScopes.OfflineAccess); }
ConsentController (1)

#1 — UpdateBasket requires an authenticated caller

var userId = context.GetUserIdentity(); if (string.IsNullOrEmpty(userId)) { ThrowNotAuthenticated(); } ... MapToCustomerBasket(userId, request)

#2 — DeleteBasket requires an authenticated caller

var userId = context.GetUserIdentity(); if (string.IsNullOrEmpty(userId)) { ThrowNotAuthenticated(); } await repository.DeleteBasketAsync(userId);

#3 — Basket is deleted when the order starts

public async Task Handle(OrderStartedIntegrationEvent @event) { ... await repository.DeleteBasketAsync(@event.UserId); }

#4 — One basket per customer, stored in Redis under /basket/{userId}

private static RedisKey BasketKeyPrefix = "/basket/"u8.ToArray(); ... if (data is null || data.Length == 0) { return null; }

#5 — Client basket operations are no-ops without an auth token

var authToken = await _identityService.GetAuthTokenAsync()...; if (string.IsNullOrEmpty(authToken)) { return basket; } ... headers.Add("authorization", $"Bearer {token}") (line 132-137)

#6 — Checkout requires buyer id and user name, then creates the order and deletes the basket

var buyerId = await authenticationStateProvider.GetBuyerIdAsync() ?? throw new InvalidOperationException("User does not have a buyer ID"); ... await orderingService.CreateOrder(request, checkoutInfo.RequestId); await DeleteBasketAsync();

#7 — Basket update is a full overwrite followed by read-back

var created = await _database.StringSetAsync(GetBasketKey(basket.BuyerId), json); if (!created) { ... return null; } return await GetBasketAsync(basket.BuyerId);

#8 — Basket items are only shown to authenticated users

(await GetUserAsync()).Identity?.IsAuthenticated == true ? await FetchBasketItemsAsync() : []

#9 — Checkout is idempotent via a request id

if (checkoutInfo.RequestId == default) { checkoutInfo.RequestId = Guid.NewGuid(); } — sent as x-requestid in OrderingService.CreateOrder (src/WebApp/Services/OrderingService.cs:12-18)

#10 — Updating a basket that does not persist yields NotFound

if (response is null) { ThrowBasketDoesNotExist(userId); } ... StatusCode.NotFound, $"Basket with buyer id {userId} does not exist"

#11 — GetBasket is anonymous-tolerant: no identity yields an empty basket

[AllowAnonymous] ... var userId = context.GetUserIdentity(); if (string.IsNullOrEmpty(userId)) { return new(); }
Device (2)

#1 — NullReferenceException in FadeInAnimation

throw new NullReferenceException("Null Target property."
FadeOutAnimation (1)

#1 — NullReferenceException in FadeOutAnimation

throw new NullReferenceException("Null Target property."
FadeToAnimation (1)

#1 — NullReferenceException in FadeToAnimation

throw new NullReferenceException("Null Target property."
FixUriService (5)

#1 — Required on IntegrationEventLogEntry

[Required]

#2 — IntegrationEventLogEntry: State → EventStateEnum.NotPublished

State = EventStateEnum.NotPublished;
LocationService (1)

#1 — Required on LoginInputModel

[Required]
LoginViewModel (1)

#1 — Required on LoginViewModel

[Required]
OpenApiOptionsExtensions (1)

#1 — OrderingContext: guard (_currentTransaction != null)

if (_currentTransaction != null) return

#2 — OrderingContext: guard (transaction == null)

if (transaction == null) throw

#3 — Required on Order

[Required]

#4 — Paid and Shipped statuses trigger customer webhooks

var subscriptions = await retriever.GetSubscriptionsOfType(WebhookType.OrderShipped); ... await sender.SendAll(subscriptions, whook);

#5 — Stock rejection cancels the order

orderToUpdate.SetCancelledStatusWhenStockIsRejected(command.OrderStockItems);

#6 — Payment outcome decided by gateway simulation

if (options.CurrentValue.PaymentSucceeded) { orderPaymentIntegrationEvent = new OrderPaymentSucceededIntegrationEvent(@event.OrderId); } else { orderPaymentIntegrationEvent = new OrderPaymentFailedIntegrationEvent(@event.OrderId); }

#7 — Grace period confirmed triggers AwaitingValidation transition

var command = new SetAwaitingValidationOrderStatusCommand(@event.OrderId); await mediator.Send(command); // doc: grace period completed and order will not initially be cancelled; order process continues for validation

#8 — Stock deducted only after payment, non-blocking

//we're not blocking stock/inventory ... catalogItem?.RemoveStock(orderStockItem.Units);

#9 — Periodic grace period polling

var delayTime = TimeSpan.FromSeconds(_options.CheckUpdateTime); while (!stoppingToken.IsCancellationRequested) { await CheckConfirmedGracePeriodOrders(); await Task.Delay(delayTime, stoppingToken); }

#10 — Duplicate product lines are merged, keeping the higher discount

if (discount > existingOrderForProduct.Discount) { existingOrderForProduct.SetNewDiscount(discount); } existingOrderForProduct.AddUnits(units);

#11 — Paid or shipped orders cannot be cancelled

if (OrderStatus == OrderStatus.Paid || OrderStatus == OrderStatus.Shipped) { StatusChangeException(OrderStatus.Cancelled); }

#12 — Cancel, ship and create require a non-empty request ID

if (requestId == Guid.Empty) { return TypedResults.BadRequest("Empty GUID is not valid for request ID"); } (same guard in ShipOrderAsync lines 51-78 and CreateOrderAsync lines 118-168)

#13 — Users only see their own orders

.Where(o => o.Buyer.IdentityGuid == userId) — userId supplied by OrdersApi.GetOrdersByUserAsync via services.IdentityService.GetUserIdentity() (OrdersApi.cs lines 93-98)

#14 — Set AwaitingValidation status only for existing orders

var orderToUpdate = await _orderRepository.GetAsync(command.OrderNumber); if (orderToUpdate == null) { return false; } orderToUpdate.SetAwaitingValidationStatus(); return await _orderRepository.UnitOfWork.SaveEntitiesAsync(cancellationToken);

#15 — Stock rejection auto-cancels order awaiting validation

if (OrderStatus == OrderStatus.AwaitingValidation) { OrderStatus = OrderStatus.Cancelled; ... Description = $"The product items don't have stock: ({itemsStockRejectedDescription})."; }

#16 — Stock confirmed advances order to StockConfirmed

orderToUpdate.SetStockConfirmedStatus(); return await _orderRepository.UnitOfWork.SaveEntitiesAsync(cancellationToken);

#17 — Real-time order status notification per buyer

return _subscriptionsByBuyerId.TryGetValue(buyerId, out var subscriptions) ? Task.WhenAll(subscriptions.Select(s => s.NotifyAsync())) : Task.CompletedTask;

#18 — Grace period eligibility criteria

SQL: SELECT "Id" FROM ordering.orders WHERE CURRENT_TIMESTAMP - "OrderDate" >= @GracePeriodTime AND "OrderStatus" = 'Submitted'; parameter bound to TimeSpan.FromMinutes(_options.GracePeriodTime)

#19 — Ship command fails for non-existent order

var orderToUpdate = await _orderRepository.GetAsync(command.OrderNumber); if (orderToUpdate == null) { return false; } orderToUpdate.SetShippedStatus();

#20 — Order creation publishes OrderStarted integration event to clear the basket

var orderStartedIntegrationEvent = new OrderStartedIntegrationEvent(message.UserId); ... foreach (var item in message.OrderItems) { order.AddOrderItem(...); }

#21 — Order total is the sum of units times unit price

public decimal GetTotal() => _orderItems.Sum(o => o.Units * o.UnitPrice);

#22 — Basket items without product name are excluded from checkout order

if (!string.IsNullOrEmpty(basketItem.ProductName)) { orderItems.Add(new OrderItem { ... }); }

#23 — New order starts as Submitted and raises OrderStarted event

OrderStatus = OrderStatus.Submitted; OrderDate = DateTime.UtcNow; ... AddOrderStartedDomainEvent(...)

#24 — Credit card number is masked before order creation and never logged

var maskedCCNumber = request.CardNumber.Substring(request.CardNumber.Length - 4).PadLeft(request.CardNumber.Length, 'X'); //don't log the request as it has CC number

#25 — Stock validation: any missing item rejects the whole order

var hasStock = catalogItem.AvailableStock >= orderStockItem.Units; ... confirmedOrderStockItems.Any(c => !c.HasStock) ? new OrderStockRejectedIntegrationEvent(...) : new OrderStockConfirmedIntegrationEvent(...)

#26 — Order linked to buyer and payment only after verification

// When the Buyer and Buyer's payment method have been created or verified that they existed, then we can update the original Order with the BuyerId and PaymentId (foreign keys) ... orderToUpdate.SetPaymentMethodVerified(domainEvent.Buyer.Id, domainEvent.Payment.Id);

#27 — Cancel attempt on already-progressed order is reported as failure

catch (HttpRequestExceptionEx ex) when (ex.HttpCode == HttpStatusCode.BadRequest) { return false; }

#28 — Grace period confirmation event per order

foreach (var orderId in orderIds) { var confirmGracePeriodEvent = new GracePeriodConfirmedIntegrationEvent(orderId); await eventBus.PublishAsync(confirmGracePeriodEvent); }

#29 — Only out-of-stock items reported on rejection

var orderStockRejectedItems = @event.OrderStockItems.FindAll(c => !c.HasStock).Select(c => c.ProductId).ToList();

#30 — Payment success advances order to Paid

orderToUpdate.SetPaidStatus(); return await _orderRepository.UnitOfWork.SaveEntitiesAsync(cancellationToken);

#31 — Client cancel action only offered while order is Submitted

IsSubmittedOrder = Order.OrderStatus.Equals("Submitted", StringComparison.OrdinalIgnoreCase);

#32 — StockConfirmed only reachable from AwaitingValidation

if (OrderStatus == OrderStatus.AwaitingValidation) { ... OrderStatus = OrderStatus.StockConfirmed; }

#33 — AwaitingValidation only reachable from Submitted

if (OrderStatus == OrderStatus.Submitted) { ... OrderStatus = OrderStatus.AwaitingValidation; }

#34 — Paid only reachable from StockConfirmed

if (OrderStatus == OrderStatus.StockConfirmed) { ... OrderStatus = OrderStatus.Paid; }

#35 — Payment failure triggers order cancellation

var command = new CancelOrderCommand(@event.OrderId); ... await mediator.Send(command);

#36 — Cancel command fails for non-existent order

var orderToUpdate = await _orderRepository.GetAsync(command.OrderNumber); if (orderToUpdate == null) { return false; } orderToUpdate.SetCancelledStatus();

#37 — Every status change broadcast with buyer identity

var buyer = await _buyerRepository.FindByIdAsync(order.BuyerId.Value); var integrationEvent = new OrderStatusChangedToCancelledIntegrationEvent(order.Id, order.OrderStatus, buyer.Name, buyer.IdentityGuid);

#38 — Only paid orders can be shipped

if (OrderStatus != OrderStatus.Paid) { StatusChangeException(OrderStatus.Shipped); }

#39 — Outbox: integration events saved with transaction, published after

await _eventLogService.MarkEventAsInProgressAsync(logEvt.EventId); await _eventBus.PublishAsync(logEvt.IntegrationEvent); await _eventLogService.MarkEventAsPublishedAsync(logEvt.EventId); ... MarkEventAsFailedAsync

#41 — Order: OrderStatus → OrderStatus.Submitted

OrderStatus = OrderStatus.Submitted;

#42 — Order: OrderStatus → OrderStatus.AwaitingValidation

OrderStatus = OrderStatus.AwaitingValidation;

#43 — Order: OrderStatus → OrderStatus.StockConfirmed

OrderStatus = OrderStatus.StockConfirmed;

#44 — Order: OrderStatus → OrderStatus.Paid

OrderStatus = OrderStatus.Paid;

#45 — Order: OrderStatus → OrderStatus.Shipped

OrderStatus = OrderStatus.Shipped;

#46 — Order: OrderStatus → OrderStatus.Cancelled

OrderStatus = OrderStatus.Cancelled;
OrderCheckout (1)

#1 — Required on OrderCheckout

[Required]
OrderDraft (1)

#1 — Order draft is built from basket items, one order item per basket item

var order = Order.NewDraft(); var orderItems = message.Items.Select(i => i.ToOrderItemDTO()); foreach (var item in orderItems) { order.AddOrderItem(...); } return Task.FromResult(OrderDraftDTO.FromOrder(order));
OrderItem (11)

#1 — OrderItem: guard (units <= 0)

if (units <= 0)
        {
            throw

#2 — OrderItem: guard (discount < 0)

if (discount < 0)
        {
            throw

#3 — Required on OrderItem

[Required]

#4 — OrderingDomainException in OrderItem

throw new OrderingDomainException("Invalid number of units"

#5 — OrderingDomainException in OrderItem

throw new OrderingDomainException("The total of order item is lower than applied discount"

#6 — OrderingDomainException in OrderItem

throw new OrderingDomainException("Discount is not valid"

#7 — OrderingDomainException in OrderItem

throw new OrderingDomainException("Invalid units"

#8 — New discount must be non-negative

if (discount < 0) { throw new OrderingDomainException("Discount is not valid"); }

#9 — Added units must be non-negative

if (units < 0) { throw new OrderingDomainException("Invalid units"); }

#10 — Discount cannot exceed order item total

if ((unitPrice * units) < discount) { throw new OrderingDomainException("The total of order item is lower than applied discount"); }

#11 — Order item units must be positive

if (units <= 0) { throw new OrderingDomainException("Invalid number of units"); }
OrderStatus (1)

#1 — Order lifecycle states

public enum OrderStatus { Submitted = 1, AwaitingValidation = 2, StockConfirmed = 3, Paid = 4, Shipped = 5, Cancelled = 6 }
PaymentMethod (4)

#1 — Required on PaymentMethod

[Required]

#2 — Payment method identity = card type + number + expiration

return _cardTypeId == cardTypeId && _cardNumber == cardNumber && _expiration == expiration;

#3 — Expired card rejected

if (expiration < DateTime.UtcNow) { throw new OrderingDomainException(nameof(expiration)); }

#4 — Payment method mandatory card data

_cardNumber = !string.IsNullOrWhiteSpace(cardNumber) ? cardNumber : throw new OrderingDomainException(nameof(cardNumber));
ProductPriceChangedIntegrationEvent (2)

#1 — Event and catalog change persist in one local transaction (outbox)

await ResilientTransaction.New(catalogContext).ExecuteAsync(async () => { await catalogContext.SaveChangesAsync(); await integrationEventLogService.SaveEventAsync(evt, catalogContext.Database.CurrentTransaction); });

#2 — Event publish lifecycle: InProgress -> Published, Failed on error

await integrationEventLogService.MarkEventAsInProgressAsync(evt.Id); await eventBus.PublishAsync(evt); await integrationEventLogService.MarkEventAsPublishedAsync(evt.Id); ... catch { await integrationEventLogService.MarkEventAsFailedAsync(evt.Id); }
ProfileService (2)

#1 — ArgumentException in ProfileService

throw new ArgumentException("Invalid subject identifier"

#1 — InvalidOperationException in RabbitMQEventBus

throw new InvalidOperationException("RabbitMQ connection is not open"
RegisterViewModel (3)

#1 — Required on RegisterViewModel

[Required]

#2 — StringLength on RegisterViewModel

[StringLength(100, ErrorMessage = "The {0} must be at least {2} and at max {1} characters long.", MinimumLength = 6)]

#3 — Compare on RegisterViewModel

[Compare("Password", ErrorMessage = "The password and confirmation password do not match.")]
RequestProvider (2)

#1 — Required on ResetPasswordViewModel

[Required]

#2 — StringLength on ResetPasswordViewModel

[StringLength(100, ErrorMessage = "The {0} must be at least {2} and at max {1} characters long.", MinimumLength = 6)]

#3 — Compare on ResetPasswordViewModel

[Compare("Password", ErrorMessage = "The password and confirmation password do not match.")]
SecuritySchemeDefinitionsTransformer (1)

#1 — Required on SetPasswordViewModel

[Required]

#2 — StringLength on SetPasswordViewModel

[StringLength(100, ErrorMessage = "The {0} must be at least {2} and at max {1} characters long.", MinimumLength = 6)]

#3 — Compare on SetPasswordViewModel

[Compare("NewPassword", ErrorMessage = "The new password and confirmation password do not match.")]
TestServerCallContext (1)

#1 — InvalidOperationException in TestServerCallContext

throw new InvalidOperationException("Response headers have already been written."
VerifyCodeViewModel (1)

#1 — Required on VerifyCodeViewModel

[Required]
VerifyPhoneNumberViewModel (1)

#1 — Required on VerifyPhoneNumberViewModel

[Required]
VisualElementExtensions (2)

#1 — Required on WebhookSubscription

[Required]

#2 — Grant URL must share origin with hook URL

if (!CheckSameOrigin(urlHook, url)) { logger.LogWarning(...do not belong to same origin); return false; } — CheckSameOrigin compares Scheme, Port and Host (lines 38-46)

#3 — Unreachable grant URL cannot be granted

catch (Exception ex) { logger.LogWarning("Exception {TypeName} when sending OPTIONS request. Url can't be granted.", ex.GetType().Name); return false; }

#4 — Grant URL verified via OPTIONS challenge with token echo

var msg = new HttpRequestMessage(HttpMethod.Options, url); msg.Headers.Add("X-eshop-whtoken", token); ... return response.IsSuccessStatusCode && tokenReceived == tokenExpected; (tokenExpected = string.IsNullOrWhiteSpace(token) ? null : token)

Analysis depth

85 heuristic rules · 97 agent proposals (pending review) · 0 promoted

In Silex Pro, enrichment runs on its own — in batch and continuously, without depending on your agent.

Enums (7)

Name Values Total
EasingType BounceIn, BounceOut, CubicIn, CubicInOut, CubicOut, Linear, ... (+5) 11
EventStateEnum NotPublished, InProgress, Published, PublishedFailed 4
FadeDirection Up, Down 2
GeolocationError PositionUnavailable, Unauthorized 2
OpenAITarget OpenAI, AzureOpenAI, AzureOpenAIExisting, AzureOpenAIExistingWithKey 4
Permission Unknown, Location, LocationAlways, LocationWhenInUse 4
WebhookType CatalogItemPriceChange, OrderShipped, OrderPaid 3

Gaps found (77)

🔴 Critical: 56 | 🟡 Warnings: 21

# Severity Type Entity/Rule Description
1 🔴 error rule_orphan_entity CustomerBasket 11 rules reference 'CustomerBasket' — examples: RULE_CLIENT_e61e5356f937, RULE_CLIENT_162e1a2f8a77, RULE_CLIENT_ccb30fba9219 (+8 more)
2 🔴 error rule_orphan_entity Consent 7 rules reference 'Consent' — examples: RULE_CLIENT_c0c6647cf1d4, RULE_CLIENT_0e8d6a71d853, RULE_CLIENT_1731691a9161 (+4 more)
3 🔴 error rule_orphan_entity Buyer 6 rules reference 'Buyer' — examples: RULE_0062, RULE_CLIENT_320831bbea45, RULE_CLIENT_6c71c5a06acd (+3 more)
4 🔴 error rule_orphan_entity PaymentMethod 4 rules reference 'PaymentMethod' — examples: RULE_0063, RULE_CLIENT_e68681c8768c, RULE_CLIENT_2d1258db6699 (+1 more)
5 🔴 error rule_orphan_entity BasketState 3 rules reference 'BasketState' — examples: RULE_0077, RULE_0078, auto_fill_000123
6 🔴 error rule_orphan_entity ChangePasswordViewModel 3 rules reference 'ChangePasswordViewModel' — examples: RULE_0048, RULE_0050, RULE_0051
7 🔴 error rule_orphan_entity RegisterViewModel 3 rules reference 'RegisterViewModel' — examples: RULE_0027, RULE_0029, RULE_0030
8 🔴 error rule_orphan_entity ResetPasswordViewModel 3 rules reference 'ResetPasswordViewModel' — examples: RULE_0031, RULE_0033, RULE_0034
9 🔴 error rule_orphan_entity SetPasswordViewModel 3 rules reference 'SetPasswordViewModel' — examples: RULE_0052, RULE_0053, RULE_0054
10 🔴 error rule_orphan_entity ProductPriceChangedIntegrationEvent 2 rules reference 'ProductPriceChangedIntegrationEvent' — examples: RULE_CLIENT_7720ba968692, RULE_CLIENT_dd6b6e9c3a81
11 🔴 error rule_orphan_entity FadeInAnimation 1 rules reference 'FadeInAnimation' — examples: RULE_0008
12 🔴 error rule_orphan_entity FadeOutAnimation 1 rules reference 'FadeOutAnimation' — examples: RULE_0010
13 🔴 error rule_orphan_entity FadeToAnimation 1 rules reference 'FadeToAnimation' — examples: RULE_0012
14 🔴 error rule_orphan_entity LoginInputModel 1 rules reference 'LoginInputModel' — examples: RULE_0057
15 🔴 error rule_orphan_entity LoginViewModel 1 rules reference 'LoginViewModel' — examples: RULE_0025
16 🔴 error rule_orphan_entity OrderDraft 1 rules reference 'OrderDraft' — examples: RULE_CLIENT_46247ee484a3
17 🔴 error rule_orphan_entity OrderStatus 1 rules reference 'OrderStatus' — examples: RULE_CLIENT_86a14b523547
18 🔴 error rule_orphan_entity ProfileService 1 rules reference 'ProfileService' — examples: RULE_0059
19 🔴 error rule_orphan_entity RabbitMQEventBus 1 rules reference 'RabbitMQEventBus' — examples: RULE_0023
20 🔴 error rule_orphan_entity TestServerCallContext 1 rules reference 'TestServerCallContext' — examples: RULE_0083
21 🔴 error rule_orphan_entity VerifyPhoneNumberViewModel 1 rules reference 'VerifyPhoneNumberViewModel' — examples: RULE_0055
22 🟡 warning entity_without_rules CatalogContextSeed Entidade 'CatalogContextSeed' sem regras de negócio no business_logic
23 🟡 warning entity_without_rules CatalogSourceEntry Entidade 'CatalogSourceEntry' sem regras de negócio no business_logic
24 🟡 warning entity_without_rules Campaign Entidade 'Campaign' sem regras de negócio no business_logic
25 🟡 warning entity_without_rules CampaignItem Entidade 'CampaignItem' sem regras de negócio no business_logic
26 🟡 warning entity_without_rules Address Entidade 'Address' sem regras de negócio no business_logic
27 🟡 warning entity_without_rules PaymentInfo Entidade 'PaymentInfo' sem regras de negócio no business_logic
28 🟡 warning entity_without_rules UserInfo Entidade 'UserInfo' sem regras de negócio no business_logic
29 🟡 warning entity_without_rules ScopeViewModel Entidade 'ScopeViewModel' sem regras de negócio no business_logic
30 🟡 warning entity_without_rules LoggedOutViewModel Entidade 'LoggedOutViewModel' sem regras de negócio no business_logic
31 🟡 warning entity_without_rules GrantViewModel Entidade 'GrantViewModel' sem regras de negócio no business_logic
32 🟡 warning entity_without_rules CreateOrderCommand Entidade 'CreateOrderCommand' sem regras de negócio no business_logic
33 🟡 warning entity_without_rules OrderItemDTO Entidade 'OrderItemDTO' sem regras de negócio no business_logic
34 🟡 warning entity_without_rules ValueObjectTest Entidade 'ValueObjectTest' sem regras de negócio no business_logic
35 🟡 warning entity_without_rules ValueObjectA Entidade 'ValueObjectA' sem regras de negócio no business_logic
36 🟡 warning entity_without_rules ValueObjectB Entidade 'ValueObjectB' sem regras de negócio no business_logic
37 🟡 warning entity_without_rules ComplexObject Entidade 'ComplexObject' sem regras de negócio no business_logic
38 🟡 warning fsm_without_workflow EventStateEnumStatus StateMachine 'EventStateEnumStatus' sem workflow associado no business_logic
39 🟡 warning fsm_without_workflow IntegrationEventLogEntryStatus StateMachine 'IntegrationEventLogEntryStatus' sem workflow associado no business_logic
40 🟡 warning fsm_without_workflow PermissionStatus StateMachine 'PermissionStatus' sem workflow associado no business_logic
41 🟡 warning fsm_without_workflow OrderStatus StateMachine 'OrderStatus' sem workflow associado no business_logic
42 🟡 warning fsm_without_bindings - StateMachines detectadas mas nenhum behavior_binding na UI

Next steps

→ Validate the extracted rules with a domain expert → Fix the critical gaps before migrating → Review the warnings — some may be acceptable for an MVP


Report generated by Silex Arqueologia · Documentation · Support