Summary
During 1.0.0-RC3 release-readiness validation, make test-js-coverage reported JavaScript test coverage below the bar we'd want for a 1.0 General Availability release. Accepted as a tradeoff for RC3. This issue tracks the follow-up work so the GA release doesn't ship with the same gap.
Baseline (1.0.0-RC3, 2026-04-14)
- 45 test files, 2096 tests passing, 3 skipped
Overall coverage:
| Metric |
% |
| Statements |
74.71 |
| Branches |
62.33 |
| Functions |
74.84 |
| Lines |
75.13 |
Modules below 75% statements (priority list)
| Module |
Stmts |
Branch |
Funcs |
Lines |
admin_ui/admin.js |
0 |
100 |
100 |
0 |
admin_ui/app.js |
19.17 |
11.55 |
42.85 |
18.8 |
admin_ui/events.js |
44.21 |
24.29 |
41.37 |
46.76 |
admin_ui/llmChat.js |
52.79 |
40.97 |
43.63 |
52.85 |
admin_ui/search.js |
67.21 |
52.76 |
76.36 |
67.52 |
admin_ui/security.js |
68.46 |
62.09 |
76.19 |
68.21 |
admin_ui/constants.js |
68.42 |
0 |
0 |
68.42 |
admin_ui/gateways.js |
68.72 |
54.66 |
61.36 |
68.81 |
admin_ui/teams.js |
69.72 |
68.94 |
75.75 |
70.14 |
admin_ui/tools.js |
70.45 |
58.19 |
55.38 |
70.81 |
admin_ui/initialization.js |
71.59 |
59.71 |
72.11 |
71.48 |
admin_ui/llmModels.js |
72.85 |
50.47 |
83.67 |
73.55 |
admin_ui/prompts.js |
73.63 |
63.10 |
60 |
74.28 |
admin_ui/resources.js |
74.36 |
62.61 |
45.45 |
75.22 |
admin_ui/formSubmitHandlers.js |
74.23 |
51.06 |
67.74 |
75.16 |
admin_ui/bootstrap.js |
77.77 |
50 |
0 |
77.77 |
Strong modules (95%+ for reference)
navigation.js (100%), fieldHandlers.js (100%), monitoring.js (100%), initialImport.js / selectiveImport.js (100%), auth.js (97.76%), tokens.js (98.82%), pagination.js (98.64%), caCertificate.js (98.67%), appState.js (95.55%), users.js (95.23%), utils.js (94.47%), components/overflow-menu.js (96.92%).
Highest-risk gaps (security-sensitive)
Security-adjacent modules with coverage below 75% are the priority — any bug in these paths is a production risk:
security.js (68.46% stmts / 62.09% branch) — auth/permission helperssearch.js (67.21% stmts) — unified search with RBAC filteringteams.js (69.72% stmts) — team membership, invitationsgateways.js (68.72% stmts) — OAuth, federationtools.js (70.45% stmts / 55.38% funcs) — tool invocation UI
admin.js at 0% / lines 15-521 uncovered looks anomalous — likely a bootstrap wrapper that's excluded from direct test, but worth confirming this isn't a gap in instrumentation rather than genuine missing tests.
- Confirm the
admin.js 0% result is real (uncovered) vs. an instrumentation artifact.
- Propose a coverage target for 1.0.0 GA (e.g., 85% statements / 75% branches overall, 90%+ on security-sensitive modules).
- File sub-issues for each module or feature area that needs new tests.
- Coordinate with the E2E test effort in #2519 so we don't duplicate work.
Acceptance criteria
Context
- Test harness is Vitest + @vitest/coverage-istanbul (already wired in as devDependencies).
- Related: #3137 (admin.js modularization — enables targeted unit tests), #2519 (Admin UI Playwright E2E — separate effort from this unit-coverage work).
Summary
During 1.0.0-RC3 release-readiness validation,
make test-js-coveragereported JavaScript test coverage below the bar we'd want for a 1.0 General Availability release. Accepted as a tradeoff for RC3. This issue tracks the follow-up work so the GA release doesn't ship with the same gap.Baseline (1.0.0-RC3, 2026-04-14)
Overall coverage:
Modules below 75% statements (priority list)
admin_ui/admin.jsadmin_ui/app.jsadmin_ui/events.jsadmin_ui/llmChat.jsadmin_ui/search.jsadmin_ui/security.jsadmin_ui/constants.jsadmin_ui/gateways.jsadmin_ui/teams.jsadmin_ui/tools.jsadmin_ui/initialization.jsadmin_ui/llmModels.jsadmin_ui/prompts.jsadmin_ui/resources.jsadmin_ui/formSubmitHandlers.jsadmin_ui/bootstrap.jsStrong modules (95%+ for reference)
navigation.js(100%),fieldHandlers.js(100%),monitoring.js(100%),initialImport.js/selectiveImport.js(100%),auth.js(97.76%),tokens.js(98.82%),pagination.js(98.64%),caCertificate.js(98.67%),appState.js(95.55%),users.js(95.23%),utils.js(94.47%),components/overflow-menu.js(96.92%).Highest-risk gaps (security-sensitive)
Security-adjacent modules with coverage below 75% are the priority — any bug in these paths is a production risk:
security.js(68.46% stmts / 62.09% branch) — auth/permission helperssearch.js(67.21% stmts) — unified search with RBAC filteringteams.js(69.72% stmts) — team membership, invitationsgateways.js(68.72% stmts) — OAuth, federationtools.js(70.45% stmts / 55.38% funcs) — tool invocation UIadmin.jsat 0% / lines 15-521 uncovered looks anomalous — likely a bootstrap wrapper that's excluded from direct test, but worth confirming this isn't a gap in instrumentation rather than genuine missing tests.Asks for @gcgoncalves
admin.js0% result is real (uncovered) vs. an instrumentation artifact.Acceptance criteria
admin.js0% result investigated and resolved (either tests added or instrumentation fixed)Context